set version to 0.9.40 for upcoming release

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
Merge pull request #583 from heavygale/patch-1
2018-11-10 11:34:50 +01:00 · 2018-10-27 17:14:28 +02:00 · 2018-10-27 14:57:27 +02:00 · 2018-10-20 14:02:17 +02:00 · 2018-10-20 13:29:25 +02:00 · 2018-10-17 11:55:36 +02:00
154 changed files with 19499 additions and 9374 deletions
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -0,0 +1,58 @@
+# Contributing
+
+Before you start working on a PR, contact us via IRC in #froxlor on Freenode or
+the forum at https://forum.froxlor.org to get a clue whether someone else isn't
+already working on it or if we don't want to invest the effort in favour of
+working on Froxlor 2.0.
+Of course, bug fixes are always welcome.
+However, at this stage of the 0.9.x branch, we are not looking for new
+features or refactoring, especially not the kind which requires changes to a
+lot of files.
+Currently, we are working on a complete re-write, which, at this point in
+time, is not yet public to keep delays due to discussions about internal
+details to a minimum.
+
+
+
+
+## Checklist
+
+General rules for PRs are:
+* Please save us all some trouble and unnecessary round-trips by _testing_ your
+changes.
+
+* Re-write your commit history to provide a CLEAN history!
+
+	* i.e. do not provide PRs which contain a commit that changes something,
+	the next changes it back, a third one changes it again, only a little
+	differently...
+
+
+Thanks!
+
+
+
+
+### Webserver changes
+If you make changes to the functionality of webserver configuration, please
+make sure your implementation covers both apache **and** nginx.
+
+
+
+
+### l10n
+
+If you add new language strings, please make sure you add the english fallback
+strings in
+
+* `lng/english.lng.php`
+* `install/lng/english.lng.php` (if applicable)
+
+
+
+
+### New settings
+If you add new settings, please make sure you add the default values to
+
+* `install/froxlor.sql`
+* handle the update (see `install/updates/froxlor/0.9/update_0.9.inc.php`)
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -0,0 +1,64 @@
+# Bug report vs. support request
+If you're unsure of whether your problem is a bug or a configuration error
+* contact us via IRC in #froxlor on freenode
+* or post a thread in our forum at https://forum.froxlor.org
+
+As a rule of thumb: before reporting an issue
+* see if it hasn't been [reported](https://github.com/Froxlor/froxlor/issues) (and possibly already been [fixed](https://github.com/Froxlor/froxlor/issues?utf8=✓&q=is:issue%20is:closed)) first
+* try with the git master
+
+
+
+
+
+# Summary
+
+Please provide a concise summary of the problem you're experiencing...
+
+
+
+
+# System information
+* Froxlor version: $version/$gitSHA1
+* Web server: apache2/nginx/lighttpd
+* DNS server: Bind/PowerDNS (standalone)/PowerDNS (Bind-backend)
+* POP/IMAP server: Courier/Dovecot
+* SMTP server: postfix/exim
+* FTP server: proftpd/pureftpd
+* OS/Version: ...
+
+
+
+
+# Steps to reproduce
+
+1.
+2.
+3.
+
+
+
+
+# Expected behavior
+
+1.
+2.
+3.
+
+
+
+
+# Actual behavior
+
+1.
+2.
+3.
+
+
+
+
+# Log files/log entries
+syslog:
+<pre>
+example
+</pre>
--- a/README.md
+++ b/README.md
@@ -11,13 +11,13 @@ Developed by experienced server administrators, this panel simplifies the effort
 3. Point your browser to http://[ip-of-webserver]/froxlor
 4. Follow the installer
 5. Login as administrator
-6. Adjust "Server > Settings" according to your needs
-7. Choose your distribution under "Server > Configuration"
+6. Adjust "System > Settings" according to your needs
+7. Choose your distribution under "System > Configuration"
 8. Follow the steps for your services
 9. Have fun!

 ### Detailed installation
-http://redmine.froxlor.org/projects/froxlor/wiki/Installationtarball
+https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-from-tarball

 ## Help

@@ -30,12 +30,12 @@ irc://chat.freenode.net/froxlor

 ### Forum

-The community is located on http://forum.froxlor.org
+The community is located on https://forum.froxlor.org/

 ### Wiki

 More documentation may be found in the froxlor - wiki:
-http://redmine.froxlor.org/projects/froxlor/wiki
+https://github.com/Froxlor/Froxlor/wiki

 ## License

@@ -44,31 +44,21 @@ May be found in COPYING
 ## Downloads

 ### Tarball
-http://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](http://files.froxlor.org/releases/froxlor-latest.tar.gz.md5) [SHA1](http://files.froxlor.org/releases/froxlor-latest.tar.gz.sha1)
+https://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](https://files.froxlor.org/releases/froxlor-latest.tar.gz.md5) [SHA1](https://files.froxlor.org/releases/froxlor-latest.tar.gz.sha1)

 ### Debian repository

-[HowTo](http://redmine.froxlor.org/projects/froxlor/wiki/Installationdebian)
+[HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-debian)

 /etc/apt/sources.list.d/froxlor.list
-> deb http://debian.froxlor.org {wheezy|jessie} main
+> deb http://debian.froxlor.org {wheezy|jessie|stretch} main

 ### Gentoo repository

-[HowTo](http://redmine.froxlor.org/projects/froxlor/wiki/Installationgentoo)
+[HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-gentoo)

-http://files.froxlor.org/gentoo/repositories.xml
+https://files.froxlor.org/gentoo/repositories.xml

-## Let's Encrypt support
-
-This version of Froxlor contains a test implementation of support for [Let's Encrypt](https://letsencrypt.org). This is (as Let's Encrypt is in itself)
-still a beta version and may break your system. The way it currently works is by creating a (sub-)domain with the default system - certificate,
-after which the Let's Encrypt cronjob orders the certificate for this (sub-)domain and inserts the certificates in the database. With the next run
-of the default cronjob, the certificates will be updated on the disk and the webserver reloaded.
-
-This has 2 known side-effects at the moment:
-* The basic ip/port combinations don't work with the Froxlor - integration of Let's Encrypt, since it needs a certificate for the very first creation
-* After creating a domain, it will have the default certificate for a short time (by default 5 minutes until the cronjob runs the next time)
-
-It may be possible to fix these issues, but they are not a priority at the moment
+## Contributing

+[see here](.github/CONTRIBUTING.md)
--- a/actions/admin/settings/100.panel.php
+++ b/actions/admin/settings/100.panel.php
@@ -71,7 +71,7 @@ return array(
 					'settinggroup' => 'panel',
 					'varname' => 'no_robots',
 					'type' => 'bool',
-					'default' => false,
+					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
 				'panel_paging' => array(
--- a/actions/admin/settings/120.system.php
+++ b/actions/admin/settings/120.system.php
@@ -94,6 +94,14 @@ return array(
 					'plausibility_check_method' => 'checkMysqlAccessHost',
 					'save_method' => 'storeSettingMysqlAccessHost',
 					),
+				'system_nssextrausers' => array(
+					'label' => $lng['serversettings']['nssextrausers'],
+					'settinggroup' => 'system',
+					'varname' => 'nssextrausers',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField'
+					),
 				'system_index_file_extension' => array(
 					'label' => $lng['serversettings']['index_file_extension'],
 					'settinggroup' => 'system',
--- a/actions/admin/settings/122.froxlorvhost.php
+++ b/actions/admin/settings/122.froxlorvhost.php
@@ -49,7 +49,36 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
-					'visible' => Settings::Get('system.leenabled')
+					'visible' => Settings::Get('system.use_ssl')
+				),
+				'system_hsts_maxage' => array(
+					'label' => $lng['admin']['domain_hsts_maxage'],
+					'settinggroup' => 'system',
+					'varname' => 'hsts_maxage',
+					'type' => 'int',
+					'int_min' => 0,
+					'int_max' => 94608000, // 3-years
+					'default' => 0,
+					'save_method' => 'storeSettingField',
+					'visible' => Settings::Get('system.use_ssl')
+				),
+				'system_hsts_incsub' => array(
+					'label' => $lng['admin']['domain_hsts_incsub'],
+					'settinggroup' => 'system',
+					'varname' => 'hsts_incsub',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'visible' => Settings::Get('system.use_ssl')
+				),
+				'system_hsts_preload' => array(
+					'label' => $lng['admin']['domain_hsts_preload'],
+					'settinggroup' => 'system',
+					'varname' => 'hsts_preload',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'visible' => Settings::Get('system.use_ssl')
 				),
 				/**
 				 * FCGID
--- a/actions/admin/settings/130.webserver.php
+++ b/actions/admin/settings/130.webserver.php
@@ -60,6 +60,19 @@ return array(
 						'apache2'
 					)
 				),
+				'system_http2_support' => array(
+					'label' => $lng['serversettings']['http2_support'],
+					'settinggroup' => 'system',
+					'varname' => 'http2_support',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2',
+						'nginx'
+					),
+					'visible' => Settings::Get('system.use_ssl')
+				),
 				'system_httpuser' => array(
 					'label' => $lng['admin']['webserver_user'],
 					'settinggroup' => 'system',
@@ -112,6 +125,58 @@ return array(
 					'default' => '/var/customers/logs/',
 					'save_method' => 'storeSettingField'
 				),
+				'system_logfiles_script' => array(
+					'label' => $lng['serversettings']['logfiles_script'],
+					'settinggroup' => 'system',
+					'varname' => 'logfiles_script',
+					'type' => 'string',
+					'string_type' => '',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2'
+					)
+				),
+				'system_logfiles_piped' => array(
+					'label' => $lng['serversettings']['logfiles_piped'],
+					'settinggroup' => 'system',
+					'varname' => 'logfiles_piped',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2'
+					)
+				),
+				'system_logfiles_format' => array(
+					'label' => $lng['serversettings']['logfiles_format'],
+					'settinggroup' => 'system',
+					'varname' => 'logfiles_format',
+					'type' => 'string',
+					'default' => '',
+					'string_emptyallowed' => true,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2',
+						'nginx'
+					)
+				),
+				'system_logfiles_type' => array(
+					'label' => $lng['serversettings']['logfiles_type'],
+					'settinggroup' => 'system',
+					'varname' => 'logfiles_type',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options' => array(
+						'1' => 'combined',
+						'2' => 'vhost_combined'
+					),
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2'
+					)
+				),
 				'system_customersslpath' => array(
 					'label' => $lng['serversettings']['customerssl_directory'],
 					'settinggroup' => 'system',
@@ -179,17 +244,6 @@ return array(
 						'nginx'
 					)
 				),
-				'system_nginx_http2_support' => array(
-					'label' => $lng['serversettings']['nginx_http2_support'],
-					'settinggroup' => 'system',
-					'varname' => 'nginx_http2_support',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'websrv_avail' => array(
-						'nginx'
-					)
-				),
 				'system_nginx_php_backend' => array(
 					'label' => $lng['serversettings']['nginx_php_backend'],
 					'settinggroup' => 'system',
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -30,6 +30,21 @@ return array(
 					'save_method' => 'storeSettingField',
 					'overview_option' => true
 				),
+				'system_ssl_protocols' => array(
+					'label' => $lng['serversettings']['ssl']['ssl_protocols'],
+					'settinggroup' => 'system',
+					'varname' => 'ssl_protocols',
+					'type' => 'option',
+					'default' => 'TLSv1,TLSv1.2',
+					'option_mode' => 'multiple',
+					'option_options' => array(
+						'TLSv1' => 'TLSv1',
+						'TLSv1.1' => 'TLSv1.1',
+						'TLSv1.2' => 'TLSv1.2',
+						'TLSv1.3' => 'TLSv1.3'
+					),
+					'save_method' => 'storeSettingField'
+				),
 				'system_ssl_cipher_list' => array(
 					'label' => $lng['serversettings']['ssl']['ssl_cipher_list'],
 					'settinggroup' => 'system',
@@ -79,6 +94,17 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField'
 				),
+				'system_apache24_ocsp_cache_path' => array(
+					'label' => $lng['serversettings']['ssl']['apache24_ocsp_cache_path'],
+					'settinggroup' => 'system',
+					'varname' => 'apache24_ocsp_cache_path',
+					'type' => 'string',
+					'string_type' => 'string',
+					'string_emptyallowed' => false,
+					'default' => 'shmcb:/var/run/apache2/ocsp-stapling.cache(131072)',
+					'visible' => Settings::Get('system.webserver') == "apache2" && Settings::Get('system.apache24') == 1,
+					'save_method' => 'storeSettingField'
+				),
 				'system_leenabled' => array(
 					'label' => $lng['serversettings']['leenabled'],
 					'settinggroup' => 'system',
@@ -95,7 +121,20 @@ return array(
 					'type' => 'string',
 					'string_type' => 'file',
 					'default' => '/etc/apache2/conf-enabled/acme.conf',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
+				),
+				'system_leapiversion' => array(
+					'label' => $lng['serversettings']['leapiversion'],
+					'settinggroup' => 'system',
+					'varname' => 'leapiversion',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options' => array(
+						'1' => 'ACME v1',
+						'2' => 'ACME v2'
+					),
+					'save_method' => 'storeSettingField'
 				),
 				'system_letsencryptca' => array(
 					'label' => $lng['serversettings']['letsencryptca'],
@@ -105,8 +144,8 @@ return array(
 					'default' => 'testing',
 					'option_mode' => 'one',
 					'option_options' => array(
-						'testing' => 'https://acme-staging.api.letsencrypt.org (Test)',
-						'production' => 'https://acme-v01.api.letsencrypt.org (Live)'
+						'testing' => 'https://acme-staging' . (Settings::Get('system.leapiversion') == '2' ? '-v02' : '') . '.api.letsencrypt.org (Test)',
+						'production' => 'https://acme-v0' . Settings::Get('system.leapiversion') . '.api.letsencrypt.org (Live)'
 					),
 					'save_method' => 'storeSettingField'
 				),
@@ -154,32 +193,14 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField'
 				),
-				'system_hsts_maxage' => array(
-					'label' => $lng['admin']['domain_hsts_maxage'],
+				'system_disable_le_selfcheck' => array(
+					'label' => $lng['serversettings']['disable_le_selfcheck'],
 					'settinggroup' => 'system',
-					'varname' => 'hsts_maxage',
-					'type' => 'int',
-					'int_min' => 0,
-					'int_max' => 94608000, // 3-years
-					'default' => 0,
-					'save_method' => 'storeSettingField'
-				),
-				'system_hsts_incsub' => array(
-					'label' => $lng['admin']['domain_hsts_incsub'],
-					'settinggroup' => 'system',
-					'varname' => 'hsts_incsub',
+					'varname' => 'disable_le_selfcheck',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField'
-				),
-				'system_hsts_preload' => array(
-					'label' => $lng['admin']['domain_hsts_preload'],
-					'settinggroup' => 'system',
-					'varname' => 'hsts_preload',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField'
-				),
+				)
 			)
 		)
 	)
--- a/actions/admin/settings/135.fcgid.php
+++ b/actions/admin/settings/135.fcgid.php
@@ -104,7 +104,7 @@ return array(
 					'type' => 'int',
 					'default' => 30,
 					'save_method' => 'storeSettingField'
-					),
+					)
 				)
 			)
 		)
--- a/actions/admin/settings/136.phpfpm.php
+++ b/actions/admin/settings/136.phpfpm.php
@@ -40,15 +40,6 @@ return array(
 					'option_options_method' => 'getPhpConfigs',
 					'save_method' => 'storeSettingField'
 					),
-				'system_phpfpm_configdir' => array(
-					'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'configdir',
-					'type' => 'string',
-					'string_type' => 'confdir',
-					'default' => '/etc/php-fpm.d/',
-					'save_method' => 'storeSettingField'
-					),
 				'system_phpfpm_aliasconfigdir' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['aliasconfigdir'],
 					'settinggroup' => 'phpfpm',
@@ -73,9 +64,22 @@ return array(
 					'varname' => 'peardir',
 					'type' => 'string',
 					'string_type' => 'dir',
+					'string_delimiter' => ':',
+					'string_emptyallowed' => true,
 					'default' => '/usr/share/php/:/usr/share/php5/',
 					'save_method' => 'storeSettingField'
 					),
+				'system_phpfpm_envpath' => array(
+					'label' => $lng['serversettings']['phpfpm_settings']['envpath'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'envpath',
+					'type' => 'string',
+					'string_type' => 'dir',
+					'string_delimiter' => ':',
+					'string_emptyallowed' => true,
+					'default' => '/usr/local/bin:/usr/bin:/bin',
+					'save_method' => 'storeSettingField'
+				),
 				'system_phpfpm_fastcgi_ipcdir' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['ipcdir'],
 					'settinggroup' => 'phpfpm',
@@ -85,72 +89,6 @@ return array(
 					'default' => '/var/lib/apache2/fastcgi/',
 					'save_method' => 'storeSettingField'
 					),
-				'system_phpfpm_reload' => array(
-					'label' => $lng['serversettings']['phpfpm_settings']['reload'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'reload',
-					'type' => 'string',
-					'default' => '/etc/init.d/php-fpm restart',
-					'save_method' => 'storeSettingField'
-					),
-				'system_phpfpm_pm' => array(
-					'label' => $lng['serversettings']['phpfpm_settings']['pm'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'pm',
-					'type' => 'option',
-					'default' => 'static',
-					'option_mode' => 'one',
-					'option_options' => array('static' => 'static', 'dynamic' => 'dynamic', 'ondemand' => 'ondemand'),
-					'save_method' => 'storeSettingField'
-					),
-				'system_phpfpm_max_children' => array(
-					'label' => $lng['serversettings']['phpfpm_settings']['max_children'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'max_children',
-					'type' => 'int',
-					'default' => 1,
-					'save_method' => 'storeSettingField'
-					),
-				'system_phpfpm_start_servers' => array(
-					'label' => $lng['serversettings']['phpfpm_settings']['start_servers'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'start_servers',
-					'type' => 'int',
-					'default' => 20,
-					'save_method' => 'storeSettingField'
-					),
-				'system_phpfpm_min_spare_servers' => array(
-					'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'min_spare_servers',
-					'type' => 'int',
-					'default' => 5,
-					'save_method' => 'storeSettingField'
-					),
-				'system_phpfpm_max_spare_servers' => array(
-					'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'max_spare_servers',
-					'type' => 'int',
-					'default' => 35,
-					'save_method' => 'storeSettingField'
-					),
-				'system_phpfpm_max_requests' => array(
-					'label' => $lng['serversettings']['phpfpm_settings']['max_requests'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'max_requests',
-					'type' => 'int',
-					'default' => 0,
-					'save_method' => 'storeSettingField'
-					),
-				'system_phpfpm_idle_timeout' => array(
-					'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout'],
-					'settinggroup' => 'phpfpm',
-					'varname' => 'idle_timeout',
-					'type' => 'int',
-					'default' => 30,
-					'save_method' => 'storeSettingField'
-					),
 				'system_phpfpm_use_mod_proxy' => array(
 					'label' => $lng['phpfpm']['use_mod_proxy'],
 					'settinggroup' => 'phpfpm',
@@ -160,6 +98,38 @@ return array(
 					'visible' => Settings::Get('system.apache24'),
 					'save_method' => 'storeSettingField'
 					),
+				'system_phpfpm_ini_flags' => array(
+					'label' => $lng['phpfpm']['ini_flags'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'ini_flags',
+					'type' => 'text',
+					'default' => '',
+					'save_method' => 'storeSettingField'
+				),
+				'system_phpfpm_ini_values' => array(
+					'label' => $lng['phpfpm']['ini_values'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'ini_values',
+					'type' => 'text',
+					'default' => '',
+					'save_method' => 'storeSettingField'
+				),
+				'system_phpfpm_ini_admin_flags' => array(
+					'label' => $lng['phpfpm']['ini_admin_flags'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'ini_admin_flags',
+					'type' => 'text',
+					'default' => '',
+					'save_method' => 'storeSettingField'
+				),
+				'system_phpfpm_ini_admin_values' => array(
+					'label' => $lng['phpfpm']['ini_admin_values'],
+					'settinggroup' => 'phpfpm',
+					'varname' => 'ini_admin_values',
+					'type' => 'text',
+					'default' => '',
+					'save_method' => 'storeSettingField'
+				)
 				),
 			),
 		),
--- a/actions/admin/settings/210.security.php
+++ b/actions/admin/settings/210.security.php
@@ -35,7 +35,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'mailpwcleartext',
 					'type' => 'bool',
-					'default' => true,
+					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
 				'system_passwordcryptfunc' => array(
--- a/admin_admins.php
+++ b/admin_admins.php
@@ -170,6 +170,11 @@ if ($page == 'admins'
 				");
 				Database::pexecute($del_stmt, array('adminid' => $id));

+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_PANEL_DISKSPACE_ADMINS . "` WHERE `adminid` = :adminid
+				");
+				Database::pexecute($del_stmt, array('adminid' => $id));
+
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
 					`adminid` = :userid WHERE `adminid` = :adminid
@@ -440,7 +445,7 @@ if ($page == 'admins'
 		} else {

 			$language_options = '';
-			while (list($language_file, $language_name) = each($languages)) {
+			foreach ($languages as $language_file => $language_name) {
 				$language_options.= makeoption($language_name, $language_file, $userinfo['language'], true);
 			}

@@ -840,13 +845,13 @@ if ($page == 'admins'
 				}

 				$language_options = '';
-				while (list($language_file, $language_name) = each($languages)) {
+				foreach ($languages as $language_file => $language_name) {
 					$language_options.= makeoption($language_name, $language_file, $result['def_language'], true);
 				}

 				$ipaddress = makeoption($lng['admin']['allips'], "-1", $result['ip']);
 				$ipsandports_stmt = Database::query("
-					SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` GROUP BY `ip` ORDER BY `ip`, `port` ASC
+					SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` GROUP BY `id`, `ip` ORDER BY `ip`, `port` ASC
 				");

 				while ($row = $ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) {
--- a/admin_autoupdate.php
+++ b/admin_autoupdate.php
@@ -17,7 +17,6 @@
 * @since      0.9.35
 *
 */
-
 define('AREA', 'admin');
 require './lib/init.php';

@@ -26,177 +25,188 @@ define('UPDATE_URI', "https://version.froxlor.org/Froxlor/legacy/" . $version);
 define('RELEASE_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip");
 define('CHECKSUM_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip.sha256");

-// check for allow_url_fopen
-if (ini_get('allow_url_fopen') === false) {
-	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 1));
-}
-
 // check for archive-stuff
 if (! extension_loaded('zip')) {
-	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 2));
+	redirectTo($filename, array(
+		's' => $s,
+		'page' => 'error',
+		'errno' => 2
+	));
 }

 // display initial version check
 if ($page == 'overview') {
-
+	
 	// log our actions
 	$log->logAction(ADM_ACTION, LOG_NOTICE, "checking auto-update");
-
+	
 	// check for new version
-	$latestversion = @file(UPDATE_URI);
-
-	if (isset($latestversion[0])) {
-		$latestversion = explode('|', $latestversion[0]);
-
-		if (is_array($latestversion)
-				&& count($latestversion) >= 1
-		) {
-			$_version = $latestversion[0];
-			$_message = isset($latestversion[1]) ? $latestversion[1] : '';
-			$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
-
-			// add the branding so debian guys are not gettings confused
-			// about their version-number
-			$version_label = $_version.$branding;
-			$version_link = $_link;
-			$message_addinfo = $_message;
-
-			// not numeric -> error-message
-			if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
-				// check for customized version to not output
-				// "There is a newer version of froxlor" besides the error-message
-				redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 3));
-			} elseif (version_compare2($version, $_version) == -1) {
-				// there is a newer version - yay
-				$isnewerversion = 1;
-			} else {
-				// nothing new
-				$isnewerversion = 0;
-			}
-
-			// anzeige über version-status mit ggfls. formular
-			// zum update schritt #1 -> download
-			if ($isnewerversion == 1) {
-				$text = 'There is a newer version available. Update to version <b>'.$_version.'</b> now?<br/>(Your current version is: '.$version.')';
-				$hiddenparams = '<input type="hidden" name="newversion" value="'.$_version.'" />';
-				$yesfile = $filename.'?s='.$s.'&amp;page=getdownload';
-				eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
-				exit;
-			}
-			elseif ($isnewerversion == 0) {
-				// all good
-				standard_success ('noupdatesavail');
-			} else {
-				standard_error ('customized_version');
-			}
+	$latestversion = HttpClient::urlGet(UPDATE_URI);
+	
+	$latestversion = explode('|', $latestversion);
+	
+	if (is_array($latestversion) && count($latestversion) >= 1) {
+		$_version = $latestversion[0];
+		$_message = isset($latestversion[1]) ? $latestversion[1] : '';
+		$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
+		
+		// add the branding so debian guys are not gettings confused
+		// about their version-number
+		$version_label = $_version . $branding;
+		$version_link = $_link;
+		$message_addinfo = $_message;
+		
+		// not numeric -> error-message
+		if (! preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
+			// check for customized version to not output
+			// "There is a newer version of froxlor" besides the error-message
+			redirectTo($filename, array(
+				's' => $s,
+				'page' => 'error',
+				'errno' => 3
+			));
+		} elseif (version_compare2($version, $_version) == - 1) {
+			// there is a newer version - yay
+			$isnewerversion = 1;
+		} else {
+			// nothing new
+			$isnewerversion = 0;
+		}
+		
+		// anzeige über version-status mit ggfls. formular
+		// zum update schritt #1 -> download
+		if ($isnewerversion == 1) {
+			$text = 'There is a newer version available. Update to version <b>' . $_version . '</b> now?<br/>(Your current version is: ' . $version . ')';
+			$hiddenparams = '<input type="hidden" name="newversion" value="' . $_version . '" />';
+			$yesfile = $filename . '?s=' . $s . '&amp;page=getdownload';
+			eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
+			exit();
+		} elseif ($isnewerversion == 0) {
+			// all good
+			standard_success('noupdatesavail');
+		} else {
+			standard_error('customized_version');
 		}
 	}
-	// error (something weird came from version.froxlor.org)
-	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 5));
-}
-// download the new archive
+}// download the new archive
 elseif ($page == 'getdownload') {
-
+	
 	// retrieve the new version from the form
 	$newversion = isset($_POST['newversion']) ? $_POST['newversion'] : null;
-
+	
 	// valid?
 	if ($newversion !== null) {
-
+		
 		// define files to get
 		$toLoad = str_replace('{version}', $newversion, RELEASE_URI);
 		$toCheck = str_replace('{version}', $newversion, CHECKSUM_URI);
-
-		// get archive data
-		$newArchive = @file_get_contents($toLoad);
-
+		
 		// check for local destination folder
-		if (!is_dir(FROXLOR_INSTALL_DIR.'/updates/')) {
-			mkdir(FROXLOR_INSTALL_DIR.'/updates/');
+		if (! is_dir(FROXLOR_INSTALL_DIR . '/updates/')) {
+			mkdir(FROXLOR_INSTALL_DIR . '/updates/');
 		}
-
+		
 		// name archive
-		$localArchive = FROXLOR_INSTALL_DIR.'/updates/'.basename($toLoad);
-
-		$log->logAction(ADM_ACTION, LOG_NOTICE, "Downloading ".$toLoad." to ".$localArchive);
-
+		$localArchive = FROXLOR_INSTALL_DIR . '/updates/' . basename($toLoad);
+		
+		$log->logAction(ADM_ACTION, LOG_NOTICE, "Downloading " . $toLoad . " to " . $localArchive);
+		
 		// remove old archive
 		if (file_exists($localArchive)) {
 			@unlink($localArchive);
 		}
-
-		// store archive
-		$fh = fopen($localArchive, 'w');
-		if (!fwrite($fh, $newArchive)) {
-			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 4));
+		
+		// get archive data
+		try {
+			HttpClient::fileGet($toLoad, $localArchive);
+		} catch (Exception $e) {
+			redirectTo($filename, array(
+				's' => $s,
+				'page' => 'error',
+				'errno' => 4
+			));
 		}
-
-		// close file-handle
-		fclose($fh);
-
+		
 		// validate the integrity of the downloaded file
-		$_shouldsum = @file_get_contents($toCheck);
-		if (!empty($_shouldsum)) {
+		$_shouldsum = HttpClient::urlGet($toCheck);
+		if (! empty($_shouldsum)) {
 			$_t = explode(" ", $_shouldsum);
 			$shouldsum = $_t[0];
 		} else {
 			$shouldsum = null;
 		}
 		$filesum = hash_file('sha256', $localArchive);
-
+		
 		if ($filesum != $shouldsum) {
-			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 9));
+			redirectTo($filename, array(
+				's' => $s,
+				'page' => 'error',
+				'errno' => 9
+			));
 		}
-
+		
 		// to the next step
-		redirectTo($filename, array('s' => $s, 'page' => 'extract', 'archive' => basename($localArchive)));
+		redirectTo($filename, array(
+			's' => $s,
+			'page' => 'extract',
+			'archive' => basename($localArchive)
+		));
 	}
-	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 6));
-}
-// extract and install new version
+	redirectTo($filename, array(
+		's' => $s,
+		'page' => 'error',
+		'errno' => 6
+	));
+}// extract and install new version
 elseif ($page == 'extract') {
-
+	
 	$toExtract = isset($_GET['archive']) ? $_GET['archive'] : null;
-	$localArchive = FROXLOR_INSTALL_DIR.'/updates/'.$toExtract;
-
-	if (isset($_POST['send'])
-			&& $_POST['send'] == 'send'
-	) {
+	$localArchive = FROXLOR_INSTALL_DIR . '/updates/' . $toExtract;
+	
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		// decompress from zip
-		$zip = new ZipArchive;
+		$zip = new ZipArchive();
 		$res = $zip->open($localArchive);
 		if ($res === true) {
-			$log->logAction(ADM_ACTION, LOG_NOTICE, "Extracting ".$localArchive." to ".FROXLOR_INSTALL_DIR);
+			$log->logAction(ADM_ACTION, LOG_NOTICE, "Extracting " . $localArchive . " to " . FROXLOR_INSTALL_DIR);
 			$zip->extractTo(FROXLOR_INSTALL_DIR);
 			$zip->close();
 			// success - remove unused archive
 			@unlink($localArchive);
 		} else {
 			// error
-			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 8));
+			redirectTo($filename, array(
+				's' => $s,
+				'page' => 'error',
+				'errno' => 8
+			));
 		}
-
+		
 		// redirect to update-page?
-		redirectTo('admin_updates.php', array('s' => $s));
+		redirectTo('admin_updates.php', array(
+			's' => $s
+		));
 	}
-
-	if (!file_exists($localArchive)) {
-		redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 7));
+	
+	if (! file_exists($localArchive)) {
+		redirectTo($filename, array(
+			's' => $s,
+			'page' => 'error',
+			'errno' => 7
+		));
 	}
-
-	$text = 'Extract downloaded archive "'.$toExtract.'"?';
+	
+	$text = 'Extract downloaded archive "' . $toExtract . '"?';
 	$hiddenparams = '';
-	$yesfile = $filename.'?s='.$s.'&amp;page=extract&amp;archive='.$toExtract;
+	$yesfile = $filename . '?s=' . $s . '&amp;page=extract&amp;archive=' . $toExtract;
 	eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
 }
-
 // display error
 elseif ($page == 'error') {
-
+	
 	// retrieve error-number via url-parameter
-	$errno = isset($_GET['errno']) ? (int)$_GET['errno'] : 0;
-
-	// 1 = no allow_url_fopen
+	$errno = isset($_GET['errno']) ? (int) $_GET['errno'] : 0;
+	
 	// 2 = no Zlib
 	// 3 = custom version detected
 	// 4 = could not store archive to local hdd
@@ -205,5 +215,5 @@ elseif ($page == 'error') {
 	// 7 = local archive does not exist
 	// 8 = could not extract archive
 	// 9 = checksum mismatch
-	standard_error ('autoupdate_'.$errno);
+	standard_error('autoupdate_' . $errno);
 }
--- a/admin_configfiles.php
+++ b/admin_configfiles.php
@@ -30,15 +30,30 @@ if ($userinfo['change_serversettings'] == '1') {
 		$customer_tmpdir = Settings::Get('phpfpm.tmpdir');
 	}

+	// try to convert namserver hosts to ip's
+	$ns_ips = "";
+	if (Settings::Get('system.nameservers') != '') {
+		$nameservers = explode(',', Settings::Get('system.nameservers'));
+		foreach ($nameservers as $nameserver) {
+			$nameserver = trim($nameserver);
+			$nameserver_ips = gethostbynamel($nameserver);
+			if (is_array($nameserver_ips) && count($nameserver_ips) > 0) {
+				$ns_ips .= implode(",", $nameserver_ips);
+			}
+		}
+	}
+
 	$replace_arr = Array(
 		'<SQL_UNPRIVILEGED_USER>' => $sql['user'],
-		'<SQL_UNPRIVILEGED_PASSWORD>' => 'MYSQL_PASSWORD',
+		'<SQL_UNPRIVILEGED_PASSWORD>' => 'FROXLOR_MYSQL_PASSWORD',
 		'<SQL_DB>' => $sql['db'],
 		'<SQL_HOST>' => $sql['host'],
 		'<SQL_SOCKET>' => isset($sql['socket']) ? $sql['socket'] : null,
 		'<SERVERNAME>' => Settings::Get('system.hostname'),
 		'<SERVERIP>' => Settings::Get('system.ipaddress'),
 		'<NAMESERVERS>' => Settings::Get('system.nameservers'),
+		'<NAMESERVERS_IP>' => $ns_ips,
+		'<AXFRSERVERS>' => Settings::Get('system.axfrservers'),
 		'<VIRTUAL_MAILBOX_BASE>' => Settings::Get('system.vmail_homedir'),
 		'<VIRTUAL_UID_MAPS>' => Settings::Get('system.vmail_uid'),
 		'<VIRTUAL_GID_MAPS>' => Settings::Get('system.vmail_gid'),
@@ -67,6 +82,12 @@ if ($userinfo['change_serversettings'] == '1') {
 	$config_dir = makeCorrectDir(FROXLOR_INSTALL_DIR . '/lib/configfiles/');

 	if ($distribution != "") {
+
+		if (!file_exists($config_dir . '/' . $distribution . ".xml")) {
+			trigger_error("Unknown distribution, are you playing around with the URL?");
+			exit;
+		}
+
 		// create configparser object
 		$configfiles = new ConfigParser($config_dir . '/' . $distribution . ".xml");

@@ -78,6 +99,11 @@ if ($userinfo['change_serversettings'] == '1') {

 		if ($service != "") {

+			if (!isset($services[$service])) {
+				trigger_error("Unknown service, are you playing around with the URL?");
+				exit;
+			}
+
 			$daemons = $services[$service]->getDaemons();

 			if ($daemon == "") {
@@ -121,6 +147,11 @@ if ($userinfo['change_serversettings'] == '1') {

 	if ($distribution != "" && $service != "" && $daemon != "") {

+		if (!isset($daemons[$daemon])) {
+			trigger_error("Unknown daemon, are you playing around with the URL?");
+			exit;
+		}
+
 		$confarr = $daemons[$daemon]->getConfig();

 		$configpage = '';
--- a/admin_customers.php
+++ b/admin_customers.php
@@ -307,6 +307,8 @@ if ($page == 'customers'
 				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
+				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DISKSPACE . "` WHERE `customerid` = :id");
+				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid` = :id");
@@ -532,6 +534,14 @@ if ($page == 'customers'
 					$phpenabled = intval($_POST['phpenabled']);
 				}

+				$allowed_phpconfigs = array();
+				if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) {
+					foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) {
+						$allowed_phpconfig = intval($allowed_phpconfig);
+						$allowed_phpconfigs[] = $allowed_phpconfig;
+					}
+				}
+
 				$perlenabled = 0;
 				if (isset($_POST['perlenabled'])) {
 					$perlenabled = intval($_POST['perlenabled']);
@@ -693,6 +703,7 @@ if ($page == 'customers'
 						'tickets' => $tickets,
 						'mysqls' => $mysqls,
 						'phpenabled' => $phpenabled,
+						'allowed_phpconfigs' => empty($allowed_phpconfigs) ? "" : json_encode($allowed_phpconfigs),
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
 						'perlenabled' => $perlenabled,
@@ -733,6 +744,7 @@ if ($page == 'customers'
 						`mysqls` = :mysqls,
 						`standardsubdomain` = '0',
 						`phpenabled` = :phpenabled,
+						`allowed_phpconfigs` = :allowed_phpconfigs,
 						`imap` = :imap,
 						`pop3` = :pop3,
 						`perlenabled` = :perlenabled,
@@ -910,7 +922,8 @@ if ($page == 'customers'
 							'customerid' => $customerid,
 							'adminid' => $userinfo['adminid'],
 							'docroot' => $documentroot,
-							'adddate' => date('Y-m-d')
+							'adddate' => time(),
+							'phpenabled' => $phpenabled
 						);
 						$ins_stmt = Database::prepare("
 							INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
@@ -928,6 +941,7 @@ if ($page == 'customers'
 							`dkim_id` = '0',
 							`dkim_privkey` = '',
 							`dkim_pubkey` = '',
+							`phpenabled` = :phpenabled,
 							`add_date` = :adddate"
 						);
 						Database::pexecute($ins_stmt, $ins_data);
@@ -1022,7 +1036,7 @@ if ($page == 'customers'
 			} else {
 				$language_options = '';

-				while (list($language_file, $language_name) = each($languages)) {
+				foreach ($languages as $language_file => $language_name) {
 					$language_options.= makeoption($language_name, $language_file, Settings::Get('panel.standardlanguage'), true);
 				}

@@ -1041,6 +1055,40 @@ if ($page == 'customers'
 				$gender_options .= makeoption($lng['gender']['male'], 1, null, true, true);
 				$gender_options .= makeoption($lng['gender']['female'], 2, null, true, true);

+				$phpconfigs = array();
+				$configs = Database::query("
+					SELECT c.*, fc.description as interpreter
+					FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
+					LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
+				");
+				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
+					if ((int) Settings::Get('phpfpm.enabled') == 1) {
+						$phpconfigs[] = array(
+							'label' => $row['description'] . " [".$row['interpreter']."]<br />",
+							'value' => $row['id']
+						);
+					} else {
+						$phpconfigs[] = array(
+							'label' => $row['description']."<br />",
+							'value' => $row['id']
+						);
+					}
+				}
+
+				// hosting plans
+				$hosting_plans = "";
+				$plans = Database::query("
+					SELECT *
+					FROM `" . TABLE_PANEL_PLANS . "`
+					ORDER BY name ASC
+				");
+				if (Database::num_rows() > 0){
+					$hosting_plans .= makeoption("---", 0, 0, true, true);
+				}
+				while ($row = $plans->fetch(PDO::FETCH_ASSOC)) {
+					$hosting_plans .= makeoption($row['name'], $row['id'], 0, true, true);
+				}
+
 				$customer_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/customer/formfield.customer_add.php';
 				$customer_add_form = htmlform::genHTMLForm($customer_add_data);

@@ -1203,6 +1251,14 @@ if ($page == 'customers'
 					$phpenabled = intval($_POST['phpenabled']);
 				}

+				$allowed_phpconfigs = array();
+				if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) {
+					foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) {
+						$allowed_phpconfig = intval($allowed_phpconfig);
+						$allowed_phpconfigs[] = $allowed_phpconfig;
+					}
+				}
+
 				$perlenabled = 0;
 				if (isset($_POST['perlenabled'])) {
 					$perlenabled = intval($_POST['perlenabled']);
@@ -1281,7 +1337,7 @@ if ($page == 'customers'
 								'customerid' => $result['customerid'],
 								'adminid' => $userinfo['adminid'],
 								'docroot' => $result['documentroot'],
-								'adddate' => date('Y-m-d')
+								'adddate' => time()
 						);
 						$ins_stmt = Database::prepare("
 							INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
@@ -1455,6 +1511,7 @@ if ($page == 'customers'
 						'mysqls' => $mysqls,
 						'deactivated' => $deactivated,
 						'phpenabled' => $phpenabled,
+						'allowed_phpconfigs' => empty($allowed_phpconfigs) ? "" : json_encode($allowed_phpconfigs),
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
 						'perlenabled' => $perlenabled,
@@ -1488,6 +1545,7 @@ if ($page == 'customers'
 						`mysqls` = :mysqls,
 						`deactivated` = :deactivated,
 						`phpenabled` = :phpenabled,
+						`allowed_phpconfigs` = :allowed_phpconfigs,
 						`email_quota` = :email_quota,
 						`imap` = :imap,
 						`pop3` = :pop3,
@@ -1628,7 +1686,7 @@ if ($page == 'customers'
 			} else {
 				$language_options = '';

-				while (list($language_file, $language_name) = each($languages)) {
+				foreach ($languages as $language_file => $language_name) {
 					$language_options.= makeoption($language_name, $language_file, $result['def_language'], true);
 				}

@@ -1693,6 +1751,40 @@ if ($page == 'customers'
 				$gender_options .= makeoption($lng['gender']['male'], 1, ($result['gender'] == '1' ? true : false), true, true);
 				$gender_options .= makeoption($lng['gender']['female'], 2, ($result['gender'] == '2' ? true : false), true, true);

+				$phpconfigs = array();
+				$configs = Database::query("
+					SELECT c.*, fc.description as interpreter
+					FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
+					LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
+				");
+				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
+					if ((int) Settings::Get('phpfpm.enabled') == 1) {
+						$phpconfigs[] = array(
+							'label' => $row['description'] . " [".$row['interpreter']."]<br />",
+							'value' => $row['id']
+						);
+					} else {
+						$phpconfigs[] = array(
+							'label' => $row['description']."<br />",
+							'value' => $row['id']
+						);
+					}
+				}
+
+				// hosting plans
+				$hosting_plans = "";
+				$plans = Database::query("
+					SELECT *
+					FROM `" . TABLE_PANEL_PLANS . "`
+					ORDER BY name ASC
+				");
+				if (Database::num_rows() > 0){
+					$hosting_plans .= makeoption("---", 0, 0, true, true);
+				}
+				while ($row = $plans->fetch(PDO::FETCH_ASSOC)) {
+					$hosting_plans .= makeoption($row['name'], $row['id'], 0, true, true);
+				}
+
 				$customer_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/customer/formfield.customer_edit.php';
 				$customer_edit_form = htmlform::genHTMLForm($customer_edit_data);

--- a/admin_domains.php
+++ b/admin_domains.php
@@ -55,7 +55,7 @@ if ($page == 'domains' || $page == 'overview') {
 			$syshostname = "AND `d`.`id` <> " . Settings::Get('system.hostname_id');
 		}
 		$result_stmt = Database::prepare("
-			SELECT `d`.*, `c`.`loginname`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`
+			SELECT `d`.*, `c`.`loginname`, `c`.`deactivated`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`
 			FROM `" . TABLE_PANEL_DOMAINS . "` `d`
 			LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
 			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id`
@@ -210,6 +210,8 @@ if ($page == 'domains' || $page == 'overview') {
 					'id' => $id
 				));

+				$deleted_domains = $del_stmt->rowCount();
+
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
 					`subdomains_used` = `subdomains_used` - :domaincount
@@ -304,7 +306,7 @@ if ($page == 'domains' || $page == 'overview') {
 					standard_error('admin_domain_emailsystemhostname');
 				}

-				if (strpos($_POST['domain'], '--') !== false) {
+				if (substr($_POST['domain'], 0, 4) == 'xn--') {
 					standard_error('domain_nopunycode');
 				}

@@ -427,6 +429,7 @@ if ($page == 'domains' || $page == 'overview') {
 					}

 					$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
+					$notryfiles = isset($_POST['notryfiles']) && (int)$_POST['notryfiles'] == 1 ? 1 : 0;
 					validate($_POST['documentroot'], 'documentroot');

 					// If path is empty and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
@@ -449,10 +452,12 @@ if ($page == 'domains' || $page == 'overview') {
 					$zonefile = '';
 					$dkim = '1';
 					$specialsettings = '';
+					$notryfiles = '0';
 				}

 				if ($userinfo['caneditphpsettings'] == '1' || $userinfo['change_serversettings'] == '1') {

+					$phpenabled  = isset($_POST['phpenabled']) ? intval($_POST['phpenabled']) : 0;
 					$openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0;

 					if ((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) {
@@ -493,7 +498,9 @@ if ($page == 'domains' || $page == 'overview') {
 					}
 				} else {

+					$phpenabled = '1';
 					$openbasedir = '1';
+
 					if ((int) Settings::Get('phpfpm.enabled') == 1) {
 						$phpsettingid = Settings::Get('phpfpm.defaultini');
 					} else {
@@ -521,7 +528,7 @@ if ($page == 'domains' || $page == 'overview') {

 				$ipandports = array();
 				if (isset($_POST['ipandport']) && ! is_array($_POST['ipandport'])) {
-					$_POST['ipandport'] = unserialize($_POST['ipandport']);
+					$_POST['ipandport'] = json_decode($_POST['ipandport'], true);
 				}

 				if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) {
@@ -557,7 +564,7 @@ if ($page == 'domains' || $page == 'overview') {

 					$ssl_ipandports = array();
 					if (isset($_POST['ssl_ipandport']) && ! is_array($_POST['ssl_ipandport'])) {
-						$_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']);
+						$_POST['ssl_ipandport'] = json_decode($_POST['ssl_ipandport'], true);
 					}

 					// Verify SSL-Ports
@@ -585,15 +592,21 @@ if ($page == 'domains' || $page == 'overview') {
 							}
 						}

+						$http2 = isset($_POST['http2']) && (int)$_POST['http2'] == 1 ? 1 : 0;
+
 						// HSTS
 						$hsts_maxage = isset($_POST['hsts_maxage']) ? (int)$_POST['hsts_maxage'] : 0;
 						$hsts_sub = isset($_POST['hsts_sub']) && (int)$_POST['hsts_sub'] == 1 ? 1 : 0;
 						$hsts_preload = isset($_POST['hsts_preload']) && (int)$_POST['hsts_preload'] == 1 ? 1 : 0;

+						// OCSP stapling
+						$ocsp_stapling = isset($_POST['ocsp_stapling']) && (int)$_POST['ocsp_stapling'] == 1 ? 1 : 0;
+
 					} else {
 						$ssl_redirect = 0;
 						$letsencrypt = 0;
-						// we need this for the serialize
+						$http2 = 0;
+						// we need this for the json-encode
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = - 1;

@@ -601,11 +614,15 @@ if ($page == 'domains' || $page == 'overview') {
 						$hsts_maxage = 0;
 						$hsts_sub = 0;
 						$hsts_preload = 0;
+
+						// OCSP stapling
+						$ocsp_stapling = 0;
 					}
 				} else {
 					$ssl_redirect = 0;
 					$letsencrypt = 0;
-					// we need this for the serialize
+					$http2 = 0;
+					// we need this for the json-encode
 					// if ssl is disabled or no ssl-ip/port exists
 					$ssl_ipandports[] = - 1;

@@ -613,12 +630,20 @@ if ($page == 'domains' || $page == 'overview') {
 					$hsts_maxage = 0;
 					$hsts_sub = 0;
 					$hsts_preload = 0;
+
+					// OCSP stapling
+					$ocsp_stapling = 0;
 				}

-				// We can't enable let's encrypt for wildcard - domains
-				if ($serveraliasoption == '0' && $letsencrypt == '1') {
+				// We can't enable let's encrypt for wildcard - domains if using acme-v1
+				if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
 					standard_error('nowildcardwithletsencrypt');
 				}
+				// if using acme-v2 we cannot issue wildcard-certificates
+				// because they currently only support the dns-01 challenge
+				if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
+					standard_error('nowildcardwithletsencryptv2');
+				}

 				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
 				if ($ssl_redirect > 0 && $letsencrypt == 1) {
@@ -667,7 +692,7 @@ if ($page == 'domains' || $page == 'overview') {
 					}

 					if (count($ssl_ipandports) == 0) {
-						// we need this for the serialize
+						// we need this for the json-encode
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = - 1;
 					}
@@ -689,6 +714,10 @@ if ($page == 'domains' || $page == 'overview') {
 					standard_error('noipportgiven');
 				}

+				if ($phpenabled != '1') {
+					$phpenabled = '0';
+				}
+
 				if ($openbasedir != '1') {
 					$openbasedir = '0';
 				}
@@ -765,21 +794,25 @@ if ($page == 'domains' || $page == 'overview') {
 						'dkim' => $dkim,
 						'speciallogfile' => $speciallogfile,
 						'selectserveralias' => $serveraliasoption,
-						'ipandport' => serialize($ipandports),
+						'ipandport' => json_encode($ipandports),
 						'ssl_redirect' => $ssl_redirect,
-						'ssl_ipandport' => serialize($ssl_ipandports),
+						'ssl_ipandport' => json_encode($ssl_ipandports),
+						'phpenabled' => $phpenabled,
 						'openbasedir' => $openbasedir,
 						'phpsettingid' => $phpsettingid,
 						'mod_fcgid_starter' => $mod_fcgid_starter,
 						'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 						'specialsettings' => $specialsettings,
+						'notryfiles' => $notryfiles,
 						'registration_date' => $registration_date,
 						'termination_date' => $termination_date,
 						'issubof' => $issubof,
 						'letsencrypt' => $letsencrypt,
+						'http2' => $http2,
 						'hsts_maxage' => $hsts_maxage,
 						'hsts_sub' => $hsts_sub,
-						'hsts_preload' => $hsts_preload
+						'hsts_preload' => $hsts_preload,
+						'ocsp_stapling' => $ocsp_stapling
 					);

 					$security_questions = array(
@@ -816,9 +849,11 @@ if ($page == 'domains' || $page == 'overview') {
 						'email_only' => $email_only,
 						'subcanemaildomain' => $subcanemaildomain,
 						'caneditdomain' => $caneditdomain,
+						'phpenabled' => $phpenabled,
 						'openbasedir' => $openbasedir,
 						'speciallogfile' => $speciallogfile,
 						'specialsettings' => $specialsettings,
+						'notryfiles' => $notryfiles,
 						'ssl_redirect' => $ssl_redirect,
 						'add_date' => time(),
 						'registration_date' => $registration_date,
@@ -828,9 +863,11 @@ if ($page == 'domains' || $page == 'overview') {
 						'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 						'ismainbutsubto' => $issubof,
 						'letsencrypt' => $letsencrypt,
+						'http2' => $http2,
 						'hsts' => $hsts_maxage,
 						'hsts_sub' => $hsts_sub,
-						'hsts_preload' => $hsts_preload
+						'hsts_preload' => $hsts_preload,
+						'ocsp_stapling' => $ocsp_stapling
 					);

 					$ins_stmt = Database::prepare("
@@ -852,9 +889,11 @@ if ($page == 'domains' || $page == 'overview') {
 						`email_only` = :email_only,
 						`subcanemaildomain` = :subcanemaildomain,
 						`caneditdomain` = :caneditdomain,
+						`phpenabled` = :phpenabled,
 						`openbasedir` = :openbasedir,
 						`speciallogfile` = :speciallogfile,
 						`specialsettings` = :specialsettings,
+						`notryfiles` = :notryfiles,
 						`ssl_redirect` = :ssl_redirect,
 						`add_date` = :add_date,
 						`registration_date` = :registration_date,
@@ -864,9 +903,11 @@ if ($page == 'domains' || $page == 'overview') {
 						`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests,
 						`ismainbutsubto` = :ismainbutsubto,
 						`letsencrypt` = :letsencrypt,
+						`http2` = :http2,
 						`hsts` = :hsts,
 						`hsts_sub` = :hsts_sub,
-						`hsts_preload` = :hsts_preload
+						`hsts_preload` = :hsts_preload,
+						`ocsp_stapling` = :ocsp_stapling
 					");
 					Database::pexecute($ins_stmt, $ins_data);
 					$domainid = Database::lastInsertId();
@@ -1046,11 +1087,15 @@ if ($page == 'domains' || $page == 'overview') {
 				}

 				$phpconfigs = '';
-				$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
+				$configs = Database::query("
+					SELECT c.*, fc.description as interpreter
+					FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
+					LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
+				");

 				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
 					if ((int) Settings::Get('phpfpm.enabled') == 1) {
-						$phpconfigs .= makeoption($row['description'], $row['id'], Settings::Get('phpfpm.defaultini'), true, true);
+						$phpconfigs .= makeoption($row['description'] . " [".$row['interpreter']."]", $row['id'], Settings::Get('phpfpm.defaultini'), true, true);
 					} else {
 						$phpconfigs .= makeoption($row['description'], $row['id'], Settings::Get('system.mod_fcgid_defaultini'), true, true);
 					}
@@ -1079,7 +1124,6 @@ if ($page == 'domains' || $page == 'overview') {
 			}
 		}
 	} elseif ($action == 'edit' && $id != 0) {
-
 		$result_stmt = Database::prepare("
 			SELECT `d`.*, `c`.`customerid`
 			FROM `" . TABLE_PANEL_DOMAINS . "` `d`
@@ -1298,6 +1342,7 @@ if ($page == 'domains' || $page == 'overview') {

 					$specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/');
 					$ssfs = (isset($_POST['specialsettingsforsubdomains']) && intval($_POST['specialsettingsforsubdomains']) == 1) ? 1 : 0;
+					$notryfiles = isset($_POST['notryfiles']) && (int)$_POST['notryfiles'] == 1 ? 1 : 0;
 					$documentroot = validate($_POST['documentroot'], 'documentroot');

 					if ($documentroot == '') {
@@ -1319,6 +1364,7 @@ if ($page == 'domains' || $page == 'overview') {
 					$dkim = $result['dkim'];
 					$specialsettings = $result['specialsettings'];
 					$ssfs = (empty($specialsettings) ? 0 : 1);
+					$notryfiles = $result['notryfiles'];
 					$documentroot = $result['documentroot'];
 				}

@@ -1326,7 +1372,9 @@ if ($page == 'domains' || $page == 'overview') {

 				if ($userinfo['caneditphpsettings'] == '1' || $userinfo['change_serversettings'] == '1') {

+					$phpenabled  = isset($_POST['phpenabled']) ? intval($_POST['phpenabled']) : 0;
 					$openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0;
+					$phpfs = (isset($_POST['phpsettingsforsubdomains']) && intval($_POST['phpsettingsforsubdomains']) == 1) ? 1 : 0;

 					if ((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) {
 						$phpsettingid = (int) $_POST['phpsettingid'];
@@ -1356,19 +1404,22 @@ if ($page == 'domains' || $page == 'overview') {
 						}
 					} else {
 						$phpsettingid = $result['phpsettingid'];
+						$phpfs = 1;
 						$mod_fcgid_starter = $result['mod_fcgid_starter'];
 						$mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests'];
 					}
 				} else {
+					$phpenabled = $result['phpenabled'];
 					$openbasedir = $result['openbasedir'];
 					$phpsettingid = $result['phpsettingid'];
+					$phpfs = 1;
 					$mod_fcgid_starter = $result['mod_fcgid_starter'];
 					$mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests'];
 				}

 				$ipandports = array();
 				if (isset($_POST['ipandport']) && ! is_array($_POST['ipandport'])) {
-					$_POST['ipandport'] = unserialize($_POST['ipandport']);
+					$_POST['ipandport'] = json_decode($_POST['ipandport'], true);
 				}
 				if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) {

@@ -1402,14 +1453,19 @@ if ($page == 'domains' || $page == 'overview') {
 						$letsencrypt = (int) $_POST['letsencrypt'];
 					}

+					$http2 = isset($_POST['http2']) && (int)$_POST['http2'] == 1 ? 1 : 0;
+
 					// HSTS
 					$hsts_maxage = isset($_POST['hsts_maxage']) ? (int)$_POST['hsts_maxage'] : 0;
 					$hsts_sub = isset($_POST['hsts_sub']) && (int)$_POST['hsts_sub'] == 1 ? 1 : 0;
 					$hsts_preload = isset($_POST['hsts_preload']) && (int)$_POST['hsts_preload'] == 1 ? 1 : 0;

+					// OCSP stapling
+					$ocsp_stapling = isset($_POST['ocsp_stapling']) && (int)$_POST['ocsp_stapling'] == 1 ? 1 : 0;
+
 					$ssl_ipandports = array();
 					if (isset($_POST['ssl_ipandport']) && ! is_array($_POST['ssl_ipandport'])) {
-						$_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']);
+						$_POST['ssl_ipandport'] = json_decode($_POST['ssl_ipandport'], true);
 					}
 					if (isset($_POST['ssl_ipandport']) && is_array($_POST['ssl_ipandport'])) {

@@ -1436,7 +1492,8 @@ if ($page == 'domains' || $page == 'overview') {
 					} else {
 						$ssl_redirect = 0;
 						$letsencrypt = 0;
-						// we need this for the serialize
+						$http2 = 0;
+						// we need this for the json-encode
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = - 1;

@@ -1444,11 +1501,15 @@ if ($page == 'domains' || $page == 'overview') {
 						$hsts_maxage = 0;
 						$hsts_sub = 0;
 						$hsts_preload = 0;
+
+						// OCSP stapling
+						$ocsp_stapling = 0;
 					}
 				} else {
 					$ssl_redirect = 0;
 					$letsencrypt = 0;
-					// we need this for the serialize
+					$http2 = 0;
+					// we need this for the json-encode
 					// if ssl is disabled or no ssl-ip/port exists
 					$ssl_ipandports[] = - 1;

@@ -1456,12 +1517,20 @@ if ($page == 'domains' || $page == 'overview') {
 					$hsts_maxage = 0;
 					$hsts_sub = 0;
 					$hsts_preload = 0;
+
+					// OCSP stapling
+					$ocsp_stapling = 0;
 				}

-				// We can't enable let's encrypt for wildcard domains
-				if ($serveraliasoption == '0' && $letsencrypt == '1') {
+				// We can't enable let's encrypt for wildcard domains when using acme-v1
+				if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
 					standard_error('nowildcardwithletsencrypt');
 				}
+				// if using acme-v2 we cannot issue wildcard-certificates
+				// because they currently only support the dns-01 challenge
+				if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
+					standard_error('nowildcardwithletsencryptv2');
+				}

 				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
 				if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) {
@@ -1472,6 +1541,10 @@ if ($page == 'domains' || $page == 'overview') {
 					$documentroot = makeCorrectDir($documentroot);
 				}

+				if ($phpenabled != '1') {
+					$phpenabled = '0';
+				}
+
 				if ($openbasedir != '1') {
 					$openbasedir = '0';
 				}
@@ -1529,7 +1602,7 @@ if ($page == 'domains' || $page == 'overview') {
 					}

 					if (count($ssl_ipandports) == 0) {
-						// we need this for the serialize
+						// we need this for the json-encode
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = - 1;
 					}
@@ -1580,23 +1653,28 @@ if ($page == 'domains' || $page == 'overview') {
 					'dkim' => $dkim,
 					'selectserveralias' => $serveraliasoption,
 					'ssl_redirect' => $ssl_redirect,
+					'phpenabled' => $phpenabled,
 					'openbasedir' => $openbasedir,
 					'phpsettingid' => $phpsettingid,
+					'phpsettingsforsubdomains' => $phpfs,
 					'mod_fcgid_starter' => $mod_fcgid_starter,
 					'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 					'specialsettings' => $specialsettings,
 					'specialsettingsforsubdomains' => $ssfs,
+					'notryfiles' => $notryfiles,
 					'registration_date' => $registration_date,
 					'termination_date' => $termination_date,
 					'issubof' => $issubof,
 					'speciallogfile' => $speciallogfile,
 					'speciallogverified' => $speciallogverified,
-					'ipandport' => serialize($ipandports),
-					'ssl_ipandport' => serialize($ssl_ipandports),
+					'ipandport' => json_encode($ipandports),
+					'ssl_ipandport' => json_encode($ssl_ipandports),
 					'letsencrypt' => $letsencrypt,
+					'http2' => $http2,
 					'hsts_maxage' => $hsts_maxage,
 					'hsts_sub' => $hsts_sub,
-					'hsts_preload' => $hsts_preload
+					'hsts_preload' => $hsts_preload,
+					'ocsp_stapling' => $ocsp_stapling
 				);

 				$security_questions = array(
@@ -1615,7 +1693,29 @@ if ($page == 'domains' || $page == 'overview') {
 				$wwwserveralias = ($serveraliasoption == '1') ? '1' : '0';
 				$iswildcarddomain = ($serveraliasoption == '0') ? '1' : '0';

-				if ($documentroot != $result['documentroot'] || $ssl_redirect != $result['ssl_redirect'] || $wwwserveralias != $result['wwwserveralias'] || $iswildcarddomain != $result['iswildcarddomain'] || $openbasedir != $result['openbasedir'] || $phpsettingid != $result['phpsettingid'] || $mod_fcgid_starter != $result['mod_fcgid_starter'] || $mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests'] || $specialsettings != $result['specialsettings'] || $aliasdomain != $result['aliasdomain'] || $issubof != $result['ismainbutsubto'] || $email_only != $result['email_only'] || ($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1') || $letsencrypt != $result['letsencrypt'] || $hsts_maxage != $result['hsts'] || $hsts_sub != $result['hsts_sub'] || $hsts_preload != $result['hsts_preload']) {
+				if (
+					$documentroot != $result['documentroot'] ||
+					$ssl_redirect != $result['ssl_redirect'] ||
+					$wwwserveralias != $result['wwwserveralias'] ||
+					$iswildcarddomain != $result['iswildcarddomain'] ||
+					$phpenabled != $result['phpenabled'] ||
+					$openbasedir != $result['openbasedir'] ||
+					$phpsettingid != $result['phpsettingid'] ||
+					$mod_fcgid_starter != $result['mod_fcgid_starter'] ||
+					$mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests'] ||
+					$specialsettings != $result['specialsettings'] ||
+					$notryfiles != $result['notryfiles'] ||
+					$aliasdomain != $result['aliasdomain'] ||
+					$issubof != $result['ismainbutsubto'] ||
+					$email_only != $result['email_only'] ||
+					($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1') ||
+					$letsencrypt != $result['letsencrypt'] ||
+					$http2 != $result['http2'] ||
+					$hsts_maxage != $result['hsts'] ||
+					$hsts_sub != $result['hsts_sub'] ||
+					$hsts_preload != $result['hsts_preload'] ||
+					$ocsp_stapling != $result['ocsp_stapling']
+				) {
 					inserttask('1');
 				}

@@ -1756,19 +1856,23 @@ if ($page == 'domains' || $page == 'overview') {
 				$update_data['zonefile'] = $zonefile;
 				$update_data['wwwserveralias'] = $wwwserveralias;
 				$update_data['iswildcarddomain'] = $iswildcarddomain;
+				$update_data['phpenabled'] = $phpenabled;
 				$update_data['openbasedir'] = $openbasedir;
 				$update_data['speciallogfile'] = $speciallogfile;
 				$update_data['phpsettingid'] = $phpsettingid;
 				$update_data['mod_fcgid_starter'] = $mod_fcgid_starter;
 				$update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests;
 				$update_data['specialsettings'] = $specialsettings;
+				$update_data['notryfiles'] = $notryfiles;
 				$update_data['registration_date'] = $registration_date;
 				$update_data['termination_date'] = $termination_date;
 				$update_data['ismainbutsubto'] = $issubof;
 				$update_data['letsencrypt'] = $letsencrypt;
+				$update_data['http2'] = $http2;
 				$update_data['hsts'] = $hsts_maxage;
 				$update_data['hsts_sub'] = $hsts_sub;
 				$update_data['hsts_preload'] = $hsts_preload;
+				$update_data['ocsp_stapling'] = $ocsp_stapling;
 				$update_data['id'] = $id;

 				$update_stmt = Database::prepare("
@@ -1787,31 +1891,43 @@ if ($page == 'domains' || $page == 'overview') {
 					`zonefile` = :zonefile,
 					`wwwserveralias` = :wwwserveralias,
 					`iswildcarddomain` = :iswildcarddomain,
+					`phpenabled` = :phpenabled,
 					`openbasedir` = :openbasedir,
 					`speciallogfile` = :speciallogfile,
 					`phpsettingid` = :phpsettingid,
 					`mod_fcgid_starter` = :mod_fcgid_starter,
 					`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests,
 					`specialsettings` = :specialsettings,
+					`notryfiles` = :notryfiles,
 					`registration_date` = :registration_date,
 					`termination_date` = :termination_date,
 					`ismainbutsubto` = :ismainbutsubto,
 					`letsencrypt` = :letsencrypt,
+					`http2` = :http2,
 					`hsts` = :hsts,
 					`hsts_sub` = :hsts_sub,
-					`hsts_preload` = :hsts_preload
+					`hsts_preload` = :hsts_preload,
+					`ocsp_stapling` = :ocsp_stapling
 					WHERE `id` = :id
 				");
 				Database::pexecute($update_stmt, $update_data);

 				$_update_data['customerid'] = $customerid;
 				$_update_data['adminid'] = $adminid;
+				$_update_data['phpenabled'] = $phpenabled;
 				$_update_data['openbasedir'] = $openbasedir;
-				$_update_data['phpsettingid'] = $phpsettingid;
 				$_update_data['mod_fcgid_starter'] = $mod_fcgid_starter;
 				$_update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests;
 				$_update_data['parentdomainid'] = $id;

+				// if php config is to be set for all subdomains, check here
+				$update_phpconfig = '';
+				$phpfs = isset($_POST['phpsettingsforsubdomains']) ? 1 : 0;
+				if ($phpfs == 1) {
+					$_update_data['phpsettingid'] = $phpsettingid;
+					$update_phpconfig = ", `phpsettingid` = :phpsettingid";
+				}
+
 				// if we have no more ssl-ip's for this domain,
 				// all its subdomains must have "ssl-redirect = 0"
 				// and disable let's encrypt
@@ -1824,11 +1940,11 @@ if ($page == 'domains' || $page == 'overview') {
 					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
 					`customerid` = :customerid,
 					`adminid` = :adminid,
+					`phpenabled` = :phpenabled,
 					`openbasedir` = :openbasedir,
-					`phpsettingid` = :phpsettingid,
 					`mod_fcgid_starter` = :mod_fcgid_starter,
 					`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests
-					" . $upd_specialsettings . $updatechildren . $update_sslredirect . "
+					" . $update_phpconfig . $upd_specialsettings . $updatechildren . $update_sslredirect . "
 					WHERE `parentdomainid` = :parentdomainid
 				");
 				Database::pexecute($_update_stmt, $_update_data);
@@ -1911,7 +2027,15 @@ if ($page == 'domains' || $page == 'overview') {
 				} else
 					if ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) {
 						// or when wwwserveralias or letsencrypt was changed
+
 						triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log);
+
+						if ($aliasdomain === 0) {
+							// in case the wwwserveralias is set on a main domain, $aliasdomain is 0
+							// --> the call just above to triggerLetsEncryptCSRForAliasDestinationDomain
+							//     is a noop...let's repeat it with the domain id of the main domain
+							triggerLetsEncryptCSRForAliasDestinationDomain($id, $log);
+						}
 					}

 				$log->logAction(ADM_ACTION, LOG_INFO, "edited domain #" . $id);
@@ -2098,10 +2222,25 @@ if ($page == 'domains' || $page == 'overview') {
 				$result['add_date'] = date('Y-m-d', $result['add_date']);

 				$phpconfigs = '';
-				$phpconfigs_result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
+				$phpconfigs_result_stmt = Database::query("
+					SELECT c.*, fc.description as interpreter
+					FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
+					LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
+				");
+				$c_allowed_configs = getCustomerDetail($result['customerid'], 'allowed_phpconfigs');
+				if (!empty($c_allowed_configs)) {
+					$c_allowed_configs = json_decode($c_allowed_configs, true);
+				} else {
+					$c_allowed_configs = array();
+				}

 				while ($phpconfigs_row = $phpconfigs_result_stmt->fetch(PDO::FETCH_ASSOC)) {
-					$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true);
+					$disabled = !empty($c_allowed_configs) && !in_array($phpconfigs_row['id'], $c_allowed_configs);
+					if ((int) Settings::Get('phpfpm.enabled') == 1) {
+						$phpconfigs .= makeoption($phpconfigs_row['description'] . " [".$phpconfigs_row['interpreter']."]", $phpconfigs_row['id'], $result['phpsettingid'], true, true, null, $disabled);
+					} else {
+						$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true, null, $disabled);
+					}
 				}

 				$result = htmlentities_array($result);
@@ -2117,6 +2256,13 @@ if ($page == 'domains' || $page == 'overview') {
 				eval("echo \"" . getTemplate("domains/domains_edit") . "\";");
 			}
 		}
+	} elseif ($action == 'jqGetCustomerPHPConfigs') {
+
+		$customerid = intval($_POST['customerid']);
+		$allowed_phpconfigs = getCustomerDetail($customerid, 'allowed_phpconfigs');
+		echo !empty($allowed_phpconfigs) ? $allowed_phpconfigs : json_encode(array());
+		exit;
+
 	} elseif ($action == 'import') {

 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
@@ -2141,6 +2287,8 @@ if ($page == 'domains' || $page == 'overview') {

 			// update customer/admin counters
 			updateCounters(false);
+			inserttask('1');
+			inserttask('4');

 			$result_str = $result['imported'] . ' / ' . $result['all'];
 			standard_success('domain_import_successfully', $result_str, array(
--- a/admin_index.php
+++ b/admin_index.php
@@ -85,45 +85,42 @@ if ($page == 'overview') {
 	if ((isset($_GET['lookfornewversion']) && $_GET['lookfornewversion'] == 'yes')
 		|| (isset($lookfornewversion) && $lookfornewversion == 'yes')
 	) {
-		$update_check_uri = 'http://version.froxlor.org/Froxlor/legacy/' . $version;
+		if (function_exists('curl_version')) {
+			$update_check_uri = 'http://version.froxlor.org/Froxlor/legacy/' . $version;
+			$latestversion = HttpClient::urlGet($update_check_uri);
+			$latestversion = explode('|', $latestversion);

-		if (ini_get('allow_url_fopen')) {
-			$latestversion = @file($update_check_uri);
+			if (is_array($latestversion)
+				&& count($latestversion) >= 1
+			) {
+				$_version = $latestversion[0];
+				$_message = isset($latestversion[1]) ? $latestversion[1] : '';
+				$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');

-			if (isset($latestversion[0])) {
-				$latestversion = explode('|', $latestversion[0]);
+				// add the branding so debian guys are not gettings confused
+				// about their version-number
+				$lookfornewversion_lable = $_version.$branding;
+				$lookfornewversion_link = $_link;
+				$lookfornewversion_addinfo = $_message;

-				if (is_array($latestversion)
-					&& count($latestversion) >= 1
-				) {
-					$_version = $latestversion[0];
-					$_message = isset($latestversion[1]) ? $latestversion[1] : '';
-					$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
-
-					// add the branding so debian guys are not gettings confused
-					// about their version-number
-					$lookfornewversion_lable = $_version.$branding;
-					$lookfornewversion_link = $_link;
-					$lookfornewversion_addinfo = $_message;
-
-					// not numeric -> error-message
-					if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
-						// check for customized version to not output
-						// "There is a newer version of froxlor" besides the error-message
-						$isnewerversion = 2;
-					} elseif (version_compare2($version, $_version) == -1) {
-						$isnewerversion = 1;
-					} else {
-						$isnewerversion = 0;
-					}
+				// not numeric -> error-message
+				if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
+					// check for customized version to not output
+					// "There is a newer version of froxlor" besides the error-message
+					$isnewerversion = 2;
+				} elseif (version_compare2($version, $_version) == -1) {
+					$isnewerversion = 1;
 				} else {
-					redirectTo($update_check_uri.'/pretty', NULL, false);
+					$isnewerversion = 0;
 				}
 			} else {
 				redirectTo($update_check_uri.'/pretty', NULL, false);
 			}
 		} else {
-			redirectTo($update_check_uri.'/pretty', NULL, false);
+			$lookfornewversion_lable = "Version-check not available due to missing php-curl extension";
+			$lookfornewversion_link = htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
+			$lookfornewversion_addinfo = '';
+			$isnewerversion = 0;
 		}
 	} else {
 		$lookfornewversion_lable = $lng['admin']['lookfornewversion']['clickhere'];
@@ -280,7 +277,7 @@ if ($page == 'overview') {
 			$default_lang = $userinfo['def_language'];
 		}

-		while (list($language_file, $language_name) = each($languages)) {
+		foreach ($languages as $language_file => $language_name) {
 			$language_options.= makeoption($language_name, $language_file, $default_lang, true);
 		}

--- a/admin_logger.php
+++ b/admin_logger.php
@@ -30,11 +30,11 @@ if ($page == 'log'
 			'user' => $lng['logger']['user'],
 			'text' => $lng['logger']['action']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc');
-		$result_stmt = Database::query('
-			SELECT * FROM `' . TABLE_PANEL_LOG . '` ' . $paging->getSqlWhere(false) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit()
-		);
-		$logs_count = Database::num_rows();
+		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc', 30);
+		$query = 'SELECT * FROM `' . TABLE_PANEL_LOG . '` ' . $paging->getSqlWhere(false) . ' ' . $paging->getSqlOrderBy();
+		$result_stmt = Database::query($query . ' ' . $paging->getSqlLimit());
+		$result_cnt_stmt = Database::query($query);
+		$logs_count = $result_cnt_stmt->rowCount();
 		$paging->setEntries($logs_count);
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -67,7 +67,7 @@ if ($page == 'log'
 		foreach ($clog as $action => $logrows) {
 			$_action = 0;
 			foreach ($logrows as $row) {
-				if ($paging->checkDisplay($i)) {
+				// if ($paging->checkDisplay($i)) {
 					$row = htmlentities_array($row);
 					$row['date'] = date("d.m.y H:i:s", $row['date']);

@@ -105,7 +105,7 @@ if ($page == 'log'
 					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
 					$count++;
 					$_action = $action;
-				}
+				// }
 				$i++;
 			}
 			$i++;
--- a/admin_phpsettings.php
+++ b/admin_phpsettings.php
@@ -16,7 +16,6 @@
 * @package    Panel
 *
 */
-
 define('AREA', 'admin');
 require './lib/init.php';

@@ -27,104 +26,134 @@ if (isset($_POST['id'])) {
 }

 if ($page == 'overview') {
-
+	
 	if ($action == '') {
-
+		
 		$tablecontent = '';
 		$count = 0;
-		$result = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
-
+		$result = Database::query("
+			SELECT c.*, fd.description as fpmdesc
+			FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
+			LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fd ON fd.id = c.fpmsettingid
+			ORDER BY c.description ASC
+		");
+		
 		while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
-
+			
 			$domainresult = false;
-			$query_params = array('id' => $row['id']);
-
-			$query = "SELECT * FROM `".TABLE_PANEL_DOMAINS."`
+			$query_params = array(
+				'id' => $row['id']
+			);
+			
+			$query = "SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `phpsettingid` = :id
 					AND `parentdomainid` = '0'";
-
-			if ((int)$userinfo['domains_see_all'] == 0) {
+			
+			if ((int) $userinfo['domains_see_all'] == 0) {
 				$query .= " AND `adminid` = :adminid";
 				$query_params['adminid'] = $userinfo['adminid'];
 			}
-
-			if ((int)Settings::Get('panel.phpconfigs_hidestdsubdomain') == 1) {
+			
+			if ((int) Settings::Get('panel.phpconfigs_hidestdsubdomain') == 1) {
 				$ssdids_res = Database::query("
-					SELECT DISTINCT `standardsubdomain` FROM `".TABLE_PANEL_CUSTOMERS."`
-					WHERE `standardsubdomain` > 0 ORDER BY `standardsubdomain` ASC;"
-				);
+					SELECT DISTINCT `standardsubdomain` FROM `" . TABLE_PANEL_CUSTOMERS . "`
+					WHERE `standardsubdomain` > 0 ORDER BY `standardsubdomain` ASC;");
 				$ssdids = array();
 				while ($ssd = $ssdids_res->fetch(PDO::FETCH_ASSOC)) {
 					$ssdids[] = $ssd['standardsubdomain'];
 				}
 				if (count($ssdids) > 0) {
-					$query .= " AND `id` NOT IN (".implode(', ', $ssdids).")";
+					$query .= " AND `id` NOT IN (" . implode(', ', $ssdids) . ")";
 				}
 			}
-
+			
 			$domainresult_stmt = Database::prepare($query);
 			Database::pexecute($domainresult_stmt, $query_params);
-
+			
 			$domains = '';
 			if (Database::num_rows() > 0) {
 				while ($row2 = $domainresult_stmt->fetch(PDO::FETCH_ASSOC)) {
-					$domains.= $row2['domain'] . '<br/>';
+					$domains .= $row2['domain'] . '<br/>';
 				}
 			}
-
+			
 			// check whether we use that config as froxor-vhost config
-			if (Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $row['id']
-				|| Settings::Get('phpfpm.vhost_defaultini') == $row['id']
-			) {
+			if (Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $row['id'] || Settings::Get('phpfpm.vhost_defaultini') == $row['id']) {
 				$domains .= Settings::Get('system.hostname');
 			}
-
+			
 			if ($domains == '') {
 				$domains = $lng['admin']['phpsettings']['notused'];
 			}
-
+			
 			// check whether this is our default config
-			if ((Settings::Get('system.mod_fcgid') == '1'
-				&& Settings::Get('system.mod_fcgid_defaultini') == $row['id'])
-				|| (Settings::Get('phpfpm.enabled') == '1'
-				&& Settings::Get('phpfpm.defaultini') == $row['id'])
-			) {
-				$row['description'] = '<b>'.$row['description'].'</b>';
+			if ((Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini') == $row['id']) || (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.defaultini') == $row['id'])) {
+				$row['description'] = '<b>' . $row['description'] . '</b>';
 			}
-
+			
 			$count ++;
 			eval("\$tablecontent.=\"" . getTemplate("phpconfig/overview_overview") . "\";");
 		}
-
+		
 		$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting overview has been viewed by '" . $userinfo['loginname'] . "'");
 		eval("echo \"" . getTemplate("phpconfig/overview") . "\";");
 	}
-
+	
 	if ($action == 'add') {
-
-		if ((int)$userinfo['change_serversettings'] == 1) {
-
-			if (isset($_POST['send'])
-				&& $_POST['send'] == 'send'
-			) {
+		
+		if ((int) $userinfo['change_serversettings'] == 1) {
+			
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$description = validate($_POST['description'], 'description');
 				$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');
-
+				
 				if (Settings::Get('system.mod_fcgid') == 1) {
 					$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
 					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
-					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
-					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array(
+						'-1',
+						''
+					));
+					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array(
+						'-1',
+						''
+					));
 					$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
 					// disable fpm stuff
+					$fpm_config_id = 1;
 					$fpm_enableslowlog = 0;
 					$fpm_reqtermtimeout = 0;
 					$fpm_reqslowtimeout = 0;
-				}
-				elseif (Settings::Get('phpfpm.enabled') == 1) {
-					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
+					$fpm_pass_authorizationheader = 0;
+					$override_fpmconfig = 0;
+					$stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
+					$def_fpmconfig = Database::pexecute_first($stmt, array(
+						'id' => $fpm_config_id
+					));
+					$pm = $def_fpmconfig['pm'];
+					$max_children = $def_fpmconfig['max_children'];
+					$start_servers = $def_fpmconfig['start_servers'];
+					$min_spare_servers = $def_fpmconfig['min_spare_servers'];
+					$max_spare_servers = $def_fpmconfig['max_spare_servers'];
+					$max_requests = $def_fpmconfig['max_requests'];
+					$idle_timeout = $def_fpmconfig['idle_timeout'];
+					$limit_extensions = $def_fpmconfig['limit_extensions'];
+
+				} elseif (Settings::Get('phpfpm.enabled') == 1) {
+					$fpm_config_id = intval($_POST['fpmconfig']);
+					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int) $_POST['phpfpm_enable_slowlog'] : 0;
 					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
+					$fpm_pass_authorizationheader = isset($_POST['phpfpm_pass_authorizationheader']) ? (int) $_POST['phpfpm_pass_authorizationheader'] : 0;
+					$override_fpmconfig = isset($_POST['override_fpmconfig']) ? (int) $_POST['override_fpmconfig'] : 0;
+					$pm = $_POST['pm'];
+					$max_children = isset($_POST['max_children']) ? (int) $_POST['max_children'] : 0;
+					$start_servers = isset($_POST['start_servers']) ? (int) $_POST['start_servers'] : 0;
+					$min_spare_servers = isset($_POST['min_spare_servers']) ? (int) $_POST['min_spare_servers'] : 0;
+					$max_spare_servers = isset($_POST['max_spare_servers']) ? (int) $_POST['max_spare_servers'] : 0;
+					$max_requests = isset($_POST['max_requests']) ? (int) $_POST['max_requests'] : 0;
+					$idle_timeout = isset($_POST['idle_timeout']) ? (int) $_POST['idle_timeout'] : 0;
+					$limit_extensions = validate($_POST['limit_extensions'], 'limit_extensions', '/^(\.[a-z]([a-z0-9]+)\ ?)+$/');
 					// disable fcgid stuff
 					$binary = '/usr/bin/php-cgi';
 					$file_extensions = 'php';
@@ -132,13 +161,11 @@ if ($page == 'overview') {
 					$mod_fcgid_maxrequests = 0;
 					$mod_fcgid_umask = "022";
 				}
-
-				if (strlen($description) == 0
-					|| strlen($description) > 50
-				) {
+				
+				if (strlen($description) == 0 || strlen($description) > 50) {
 					standard_error('descriptioninvalid');
 				}
-
+				
 				$ins_stmt = Database::prepare("
 					INSERT INTO `" . TABLE_PANEL_PHPCONFIGS . "` SET
 						`description` = :desc,
@@ -150,8 +177,18 @@ if ($page == 'overview') {
 						`fpm_slowlog` = :fpmslow,
 						`fpm_reqterm` = :fpmreqterm,
 						`fpm_reqslow` = :fpmreqslow,
-						`phpsettings` = :phpsettings"
-				);
+						`phpsettings` = :phpsettings,
+						`fpmsettingid` = :fpmsettingid,
+						`pass_authorizationheader` = :fpmpassauth,
+						`override_fpmconfig` = :ofc,
+						`pm` = :pm,
+						`max_children` = :max_children,
+						`start_servers` = :start_servers,
+						`min_spare_servers` = :min_spare_servers,
+						`max_spare_servers` = :max_spare_servers,
+						`max_requests` = :max_requests,
+						`idle_timeout` = :idle_timeout,
+						`limit_extensions` = :limit_extensions");
 				$ins_data = array(
 					'desc' => $description,
 					'binary' => $binary,
@@ -162,123 +199,169 @@ if ($page == 'overview') {
 					'fpmslow' => $fpm_enableslowlog,
 					'fpmreqterm' => $fpm_reqtermtimeout,
 					'fpmreqslow' => $fpm_reqslowtimeout,
-					'phpsettings' => $phpsettings
+					'phpsettings' => $phpsettings,
+					'fpmsettingid' => $fpm_config_id,
+					'fpmpassauth' => $fpm_pass_authorizationheader,
+					'ofc' => $override_fpmconfig,
+					'pm' => $pm,
+					'max_children' => $max_children,
+					'start_servers' => $start_servers,
+					'min_spare_servers' => $min_spare_servers,
+					'max_spare_servers' => $max_spare_servers,
+					'max_requests' => $max_requests,
+					'idle_timeout' => $idle_timeout,
+					'limit_extensions' => $limit_extensions
 				);
 				Database::pexecute($ins_stmt, $ins_data);
-
+				
 				inserttask('1');
 				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $description . "' has been created by '" . $userinfo['loginname'] . "'");
-				redirectTo($filename, array('page' => $page, 's' => $s));
-
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
 			} else {
-
+				
 				$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = 1");
 				$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-
-				$phpconfig_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php';
+				
+				$fpmconfigs = '';
+				$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC");
+				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
+					$fpmconfigs .= makeoption($row['description'], $row['id'], 1, true, true);
+				}
+				
+				$pm_select = makeoption('static', 'static', 'static', true, true);
+				$pm_select.= makeoption('dynamic', 'dynamic', 'static', true, true);
+				$pm_select.= makeoption('ondemand', 'ondemand', 'static', true, true);
+				
+				$phpconfig_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php';
 				$phpconfig_add_form = htmlform::genHTMLForm($phpconfig_add_data);
-
+				
 				$title = $phpconfig_add_data['phpconfig_add']['title'];
 				$image = $phpconfig_add_data['phpconfig_add']['image'];
-
+				
 				eval("echo \"" . getTemplate("phpconfig/overview_add") . "\";");
 			}
-
 		} else {
 			standard_error('nopermissionsorinvalidid');
 		}
 	}
-
+	
 	if ($action == 'delete') {
-
+		
 		$result_stmt = Database::prepare("
-			SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
-		);
-		$result = Database::pexecute_first($result_stmt, array('id' => $id));
-
-		if ((Settings::Get('system.mod_fcgid') == '1'
-			&& Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $id)
-			|| (Settings::Get('phpfpm.enabled') == '1'
-			&& Settings::Get('phpfpm.vhost_defaultini') == $id)
-		) {
+			SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
+		$result = Database::pexecute_first($result_stmt, array(
+			'id' => $id
+		));
+		
+		if ((Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $id) || (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.vhost_defaultini') == $id)) {
 			standard_error('cannotdeletehostnamephpconfig');
 		}
-
-		if ((Settings::Get('system.mod_fcgid') == '1'
-			&& Settings::Get('system.mod_fcgid_defaultini') == $id)
-			|| (Settings::Get('phpfpm.enabled') == '1'
-			&& Settings::Get('phpfpm.defaultini') == $id)
-		) {
+		
+		if ((Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini') == $id) || (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.defaultini') == $id)) {
 			standard_error('cannotdeletedefaultphpconfig');
 		}
-
-		if ($result['id'] != 0
-			&& $result['id'] == $id
-			&& (int)$userinfo['change_serversettings'] == 1
-			&& $id != 1 // cannot delete the default php.config
-		) {
-
-			if (isset($_POST['send'])
-				&& $_POST['send'] == 'send'
-			) {
+		
+		if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1 && $id != 1) // cannot delete the default php.config
+		{
+			
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				// set php-config to default for all domains using the
 				// config that is to be deleted
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
-					`phpsettingid` = '1' WHERE `phpsettingid` = :id"
-				);
-				Database::pexecute($upd_stmt, array('id' => $id));
-
+					`phpsettingid` = '1' WHERE `phpsettingid` = :id");
+				Database::pexecute($upd_stmt, array(
+					'id' => $id
+				));
+				
 				$del_stmt = Database::prepare("
-					DELETE FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
-				);
-				Database::pexecute($del_stmt, array('id' => $id));
-
+					DELETE FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
+				Database::pexecute($del_stmt, array(
+					'id' => $id
+				));
+				
 				inserttask('1');
-				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with id #" . (int)$id . " has been deleted by '" . $userinfo['loginname'] . "'");
-				redirectTo($filename, array('page' => $page, 's' => $s));
-
+				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with id #" . (int) $id . " has been deleted by '" . $userinfo['loginname'] . "'");
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
 			} else {
-				ask_yesno('phpsetting_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['description']);
+				ask_yesno('phpsetting_reallydelete', $filename, array(
+					'id' => $id,
+					'page' => $page,
+					'action' => $action
+				), $result['description']);
 			}
 		} else {
 			standard_error('nopermissionsorinvalidid');
 		}
 	}
-
+	
 	if ($action == 'edit') {
-
+		
 		$result_stmt = Database::prepare("
-			SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
-		);
-		$result = Database::pexecute_first($result_stmt, array('id' => $id));
-
-		if ($result['id'] != 0
-			&& $result['id'] == $id
-			&& (int)$userinfo['change_serversettings'] == 1
-		) {
-
-			if (isset($_POST['send'])
-				&& $_POST['send'] == 'send'
-			) {
+			SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
+		$result = Database::pexecute_first($result_stmt, array(
+			'id' => $id
+		));
+		
+		if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1) {
+			
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$description = validate($_POST['description'], 'description');
 				$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');
-
+				
 				if (Settings::Get('system.mod_fcgid') == 1) {
 					$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
 					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
-					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
-					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array(
+						'-1',
+						''
+					));
+					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array(
+						'-1',
+						''
+					));
 					$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
 					// disable fpm stuff
+					$fpm_config_id = 1;
 					$fpm_enableslowlog = 0;
 					$fpm_reqtermtimeout = 0;
 					$fpm_reqslowtimeout = 0;
-				}
-				elseif (Settings::Get('phpfpm.enabled') == 1) {
-					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
+					$fpm_pass_authorizationheader = 0;
+					$override_fpmconfig = 0;
+					$stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
+					$def_fpmconfig = Database::pexecute_first($stmt, array(
+						'id' => $fpm_config_id
+					));
+					$pm = $def_fpmconfig['pm'];
+					$max_children = $def_fpmconfig['max_children'];
+					$start_servers = $def_fpmconfig['start_servers'];
+					$min_spare_servers = $def_fpmconfig['min_spare_servers'];
+					$max_spare_servers = $def_fpmconfig['max_spare_servers'];
+					$max_requests = $def_fpmconfig['max_requests'];
+					$idle_timeout = $def_fpmconfig['idle_timeout'];
+					$limit_extensions = $def_fpmconfig['limit_extensions'];
+
+				} elseif (Settings::Get('phpfpm.enabled') == 1) {
+					$fpm_config_id = intval($_POST['fpmconfig']);
+					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int) $_POST['phpfpm_enable_slowlog'] : 0;
 					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
+					$fpm_pass_authorizationheader = isset($_POST['phpfpm_pass_authorizationheader']) ? (int) $_POST['phpfpm_pass_authorizationheader'] : 0;
+					$override_fpmconfig = isset($_POST['override_fpmconfig']) ? (int) $_POST['override_fpmconfig'] : $result['override_fpmconfig'];
+					$pm = $_POST['pm'];
+					$max_children = isset($_POST['max_children']) ? (int) $_POST['max_children'] : $result['max_children'];
+					$start_servers = isset($_POST['start_servers']) ? (int) $_POST['start_servers'] : $result['start_servers'];
+					$min_spare_servers = isset($_POST['min_spare_servers']) ? (int) $_POST['min_spare_servers'] : $result['min_spare_servers'];
+					$max_spare_servers = isset($_POST['max_spare_servers']) ? (int) $_POST['max_spare_servers'] : $result['max_spare_servers'];
+					$max_requests = isset($_POST['max_requests']) ? (int) $_POST['max_requests'] : $result['max_requests'];
+					$idle_timeout = isset($_POST['idle_timeout']) ? (int) $_POST['idle_timeout'] : $result['idle_timeout'];
+					$limit_extensions = validate($_POST['limit_extensions'], 'limit_extensions', '/^(\.[a-z]([a-z0-9]+)\ ?)+$/');
 					// disable fcgid stuff
 					$binary = '/usr/bin/php-cgi';
 					$file_extensions = 'php';
@@ -286,13 +369,11 @@ if ($page == 'overview') {
 					$mod_fcgid_maxrequests = 0;
 					$mod_fcgid_umask = "022";
 				}
-
-				if (strlen($description) == 0
-					|| strlen($description) > 50
-				) {
+				
+				if (strlen($description) == 0 || strlen($description) > 50) {
 					standard_error('descriptioninvalid');
 				}
-
+				
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET
 						`description` = :desc,
@@ -304,39 +385,314 @@ if ($page == 'overview') {
 						`fpm_slowlog` = :fpmslow,
 						`fpm_reqterm` = :fpmreqterm,
 						`fpm_reqslow` = :fpmreqslow,
-						`phpsettings` = :phpsettings
-					WHERE `id` = :id"
-				);
+						`phpsettings` = :phpsettings,
+						`fpmsettingid` = :fpmsettingid,
+						`pass_authorizationheader` = :fpmpassauth,
+						`override_fpmconfig` = :ofc,
+						`pm` = :pm,
+						`max_children` = :max_children,
+						`start_servers` = :start_servers,
+						`min_spare_servers` = :min_spare_servers,
+						`max_spare_servers` = :max_spare_servers,
+						`max_requests` = :max_requests,
+						`idle_timeout` = :idle_timeout,
+						`limit_extensions` = :limit_extensions
+					WHERE `id` = :id");
 				$upd_data = array(
-						'desc' => $description,
-						'binary' => $binary,
-						'fext' => $file_extensions,
-						'starter' => $mod_fcgid_starter,
-						'mreq' => $mod_fcgid_maxrequests,
-						'umask' => $mod_fcgid_umask,
-						'fpmslow' => $fpm_enableslowlog,
-						'fpmreqterm' => $fpm_reqtermtimeout,
-						'fpmreqslow' => $fpm_reqslowtimeout,
-						'phpsettings' => $phpsettings,
-						'id' => $id
+					'desc' => $description,
+					'binary' => $binary,
+					'fext' => $file_extensions,
+					'starter' => $mod_fcgid_starter,
+					'mreq' => $mod_fcgid_maxrequests,
+					'umask' => $mod_fcgid_umask,
+					'fpmslow' => $fpm_enableslowlog,
+					'fpmreqterm' => $fpm_reqtermtimeout,
+					'fpmreqslow' => $fpm_reqslowtimeout,
+					'phpsettings' => $phpsettings,
+					'fpmsettingid' => $fpm_config_id,
+					'fpmpassauth' => $fpm_pass_authorizationheader,
+					'ofc' => $override_fpmconfig,
+					'pm' => $pm,
+					'max_children' => $max_children,
+					'start_servers' => $start_servers,
+					'min_spare_servers' => $min_spare_servers,
+					'max_spare_servers' => $max_spare_servers,
+					'max_requests' => $max_requests,
+					'idle_timeout' => $idle_timeout,
+					'limit_extensions' => $limit_extensions,
+					'id' => $id
 				);
 				Database::pexecute($upd_stmt, $upd_data);
-
+				
 				inserttask('1');
 				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $description . "' has been changed by '" . $userinfo['loginname'] . "'");
-				redirectTo($filename, array('page' => $page, 's' => $s));
-
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
 			} else {

-				$phpconfig_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php';
+				$fpmconfigs = '';
+				$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC");
+				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
+					$fpmconfigs .= makeoption($row['description'], $row['id'], $result['fpmsettingid'], true, true);
+				}
+				
+				$pm_select = makeoption('static', 'static', $result['pm'], true, true);
+				$pm_select.= makeoption('dynamic', 'dynamic', $result['pm'], true, true);
+				$pm_select.= makeoption('ondemand', 'ondemand', $result['pm'], true, true);
+
+				$phpconfig_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php';
 				$phpconfig_edit_form = htmlform::genHTMLForm($phpconfig_edit_data);

 				$title = $phpconfig_edit_data['phpconfig_edit']['title'];
 				$image = $phpconfig_edit_data['phpconfig_edit']['image'];
-
+				
 				eval("echo \"" . getTemplate("phpconfig/overview_edit") . "\";");
 			}
+		} else {
+			standard_error('nopermissionsorinvalidid');
+		}
+	}
+} elseif ($page == 'fpmdaemons') {
+	
+	if ($action == '') {
+		
+		$tablecontent = '';
+		$count = 0;
+		$result = Database::query("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC");
+		
+		while ($row = $result->fetch(PDO::FETCH_ASSOC)) {

+			$query_params = array(
+				'id' => $row['id']
+			);
+			
+			$query = "SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `fpmsettingid` = :id";
+			
+			$configresult_stmt = Database::prepare($query);
+			Database::pexecute($configresult_stmt, $query_params);
+			
+			$configs = '';
+			if (Database::num_rows() > 0) {
+				while ($row2 = $configresult_stmt->fetch(PDO::FETCH_ASSOC)) {
+					$configs .= $row2['description'] . '<br/>';
+				}
+			}
+			
+			if ($configs == '') {
+				$configs = $lng['admin']['phpsettings']['notused'];
+			}
+			
+			$count ++;
+			eval("\$tablecontent.=\"" . getTemplate("phpconfig/fpmdaemons_overview") . "\";");
+		}
+		
+		$log->logAction(ADM_ACTION, LOG_INFO, "fpm daemons setting overview has been viewed by '" . $userinfo['loginname'] . "'");
+		eval("echo \"" . getTemplate("phpconfig/fpmdaemons") . "\";");
+	}
+	
+	if ($action == 'add') {
+		
+		if ((int) $userinfo['change_serversettings'] == 1) {
+			
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				$description = validate($_POST['description'], 'description');
+				$reload_cmd = validate($_POST['reload_cmd'], 'reload_cmd');
+				$config_dir = validate($_POST['config_dir'], 'config_dir');
+				$pm = $_POST['pm'];
+				$max_children = isset($_POST['max_children']) ? (int) $_POST['max_children'] : 0;
+				$start_servers = isset($_POST['start_servers']) ? (int) $_POST['start_servers'] : 0;
+				$min_spare_servers = isset($_POST['min_spare_servers']) ? (int) $_POST['min_spare_servers'] : 0;
+				$max_spare_servers = isset($_POST['max_spare_servers']) ? (int) $_POST['max_spare_servers'] : 0;
+				$max_requests = isset($_POST['max_requests']) ? (int) $_POST['max_requests'] : 0;
+				$idle_timeout = isset($_POST['idle_timeout']) ? (int) $_POST['idle_timeout'] : 0;
+				$limit_extensions = validate($_POST['limit_extensions'], 'limit_extensions', '/^(\.[a-z]([a-z0-9]+)\ ?)+$/');
+				
+				if (strlen($description) == 0 || strlen($description) > 50) {
+					standard_error('descriptioninvalid');
+				}
+				
+				$ins_stmt = Database::prepare("
+					INSERT INTO `" . TABLE_PANEL_FPMDAEMONS . "` SET
+					`description` = :desc,
+					`reload_cmd` = :reload_cmd,
+					`config_dir` = :config_dir,
+					`pm` = :pm,
+					`max_children` = :max_children,
+					`start_servers` = :start_servers,
+					`min_spare_servers` = :min_spare_servers,
+					`max_spare_servers` = :max_spare_servers,
+					`max_requests` = :max_requests,
+					`idle_timeout` = :idle_timeout,
+					`limit_extensions` = :limit_extensions
+				");
+				$ins_data = array(
+					'desc' => $description,
+					'reload_cmd' => $reload_cmd,
+					'config_dir' => makeCorrectDir($config_dir),
+					'pm' => $pm,
+					'max_children' => $max_children,
+					'start_servers' => $start_servers,
+					'min_spare_servers' => $min_spare_servers,
+					'max_spare_servers' => $max_spare_servers,
+					'max_requests' => $max_requests,
+					'idle_timeout' => $idle_timeout,
+					'limit_extensions' => $limit_extensions
+				);
+				Database::pexecute($ins_stmt, $ins_data);
+				
+				inserttask('1');
+				$log->logAction(ADM_ACTION, LOG_INFO, "fpm-daemon setting with description '" . $description . "' has been created by '" . $userinfo['loginname'] . "'");
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
+			} else {
+				
+				$pm_select = makeoption('static', 'static', 'static', true, true);
+				$pm_select.= makeoption('dynamic', 'dynamic', 'static', true, true);
+				$pm_select.= makeoption('ondemand', 'ondemand', 'static', true, true);
+
+				$fpmconfig_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php';
+				$fpmconfig_add_form = htmlform::genHTMLForm($fpmconfig_add_data);
+				
+				$title = $fpmconfig_add_data['fpmconfig_add']['title'];
+				$image = $fpmconfig_add_data['fpmconfig_add']['image'];
+				
+				eval("echo \"" . getTemplate("phpconfig/fpmconfig_add") . "\";");
+			}
+		} else {
+			standard_error('nopermissionsorinvalidid');
+		}
+	}
+	
+	if ($action == 'delete') {
+		
+		$result_stmt = Database::prepare("
+			SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
+		$result = Database::pexecute_first($result_stmt, array(
+			'id' => $id
+		));
+
+		if ($id == 1) {
+			standard_error('cannotdeletedefaultphpconfig');
+		}
+
+		if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1 && $id != 1) // cannot delete the default php.config
+		{
+			
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				// set default fpm daemon config for all php-config that use this config that is to be deleted
+				$upd_stmt = Database::prepare("
+					UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET
+					`fpmsettingid` = '1' WHERE `fpmsettingid` = :id");
+				Database::pexecute($upd_stmt, array(
+					'id' => $id
+				));
+				
+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
+				Database::pexecute($del_stmt, array(
+					'id' => $id
+				));
+				
+				inserttask('1');
+				$log->logAction(ADM_ACTION, LOG_INFO, "fpm-daemon setting with id #" . (int) $id . " has been deleted by '" . $userinfo['loginname'] . "'");
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
+			} else {
+				ask_yesno('fpmsetting_reallydelete', $filename, array(
+					'id' => $id,
+					'page' => $page,
+					'action' => $action
+				), $result['description']);
+			}
+		} else {
+			standard_error('nopermissionsorinvalidid');
+		}
+	}
+	
+	if ($action == 'edit') {
+		
+		$result_stmt = Database::prepare("
+			SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
+		$result = Database::pexecute_first($result_stmt, array(
+			'id' => $id
+		));
+		
+		if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1) {
+			
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				$description = validate($_POST['description'], 'description');
+				$reload_cmd = validate($_POST['reload_cmd'], 'reload_cmd');
+				$config_dir = validate($_POST['config_dir'], 'config_dir');
+				$pm = $_POST['pm'];
+				$max_children = isset($_POST['max_children']) ? (int) $_POST['max_children'] : $result['max_children'];
+				$start_servers = isset($_POST['start_servers']) ? (int) $_POST['start_servers'] : $result['start_servers'];
+				$min_spare_servers = isset($_POST['min_spare_servers']) ? (int) $_POST['min_spare_servers'] : $result['min_spare_servers'];
+				$max_spare_servers = isset($_POST['max_spare_servers']) ? (int) $_POST['max_spare_servers'] : $result['max_spare_servers'];
+				$max_requests = isset($_POST['max_requests']) ? (int) $_POST['max_requests'] : $result['max_requests'];
+				$idle_timeout = isset($_POST['idle_timeout']) ? (int) $_POST['idle_timeout'] : $result['idle_timeout'];
+				$limit_extensions = validate($_POST['limit_extensions'], 'limit_extensions', '/^(\.[a-z]([a-z0-9]+)\ ?)+$/');
+				
+				if (strlen($description) == 0 || strlen($description) > 50) {
+					standard_error('descriptioninvalid');
+				}
+				
+				$upd_stmt = Database::prepare("
+					UPDATE `" . TABLE_PANEL_FPMDAEMONS . "` SET
+					`description` = :desc,
+					`reload_cmd` = :reload_cmd,
+					`config_dir` = :config_dir,
+					`pm` = :pm,
+					`max_children` = :max_children,
+					`start_servers` = :start_servers,
+					`min_spare_servers` = :min_spare_servers,
+					`max_spare_servers` = :max_spare_servers,
+					`max_requests` = :max_requests,
+					`idle_timeout` = :idle_timeout,
+					`limit_extensions` = :limit_extensions
+					WHERE `id` = :id
+				");
+				$upd_data = array(
+					'desc' => $description,
+					'reload_cmd' => $reload_cmd,
+					'config_dir' => makeCorrectDir($config_dir),
+					'pm' => $pm,
+					'max_children' => $max_children,
+					'start_servers' => $start_servers,
+					'min_spare_servers' => $min_spare_servers,
+					'max_spare_servers' => $max_spare_servers,
+					'max_requests' => $max_requests,
+					'idle_timeout' => $idle_timeout,
+					'limit_extensions' => $limit_extensions,
+					'id' => $id
+				);
+				Database::pexecute($upd_stmt, $upd_data);
+				
+				inserttask('1');
+				$log->logAction(ADM_ACTION, LOG_INFO, "fpm-daemon setting with description '" . $description . "' has been changed by '" . $userinfo['loginname'] . "'");
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
+			} else {
+				
+				$pm_select = makeoption('static', 'static', $result['pm'], true, true);
+				$pm_select.= makeoption('dynamic', 'dynamic', $result['pm'], true, true);
+				$pm_select.= makeoption('ondemand', 'ondemand', $result['pm'], true, true);
+
+				$fpmconfig_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php';
+				$fpmconfig_edit_form = htmlform::genHTMLForm($fpmconfig_edit_data);
+				
+				$title = $fpmconfig_edit_data['fpmconfig_edit']['title'];
+				$image = $fpmconfig_edit_data['fpmconfig_edit']['image'];
+				
+				eval("echo \"" . getTemplate("phpconfig/fpmconfig_edit") . "\";");
+			}
 		} else {
 			standard_error('nopermissionsorinvalidid');
 		}
--- a/admin_plans.php
+++ b/admin_plans.php
@@ -0,0 +1,522 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Panel
+ *
+ */
+define('AREA', 'admin');
+require './lib/init.php';
+
+if (isset($_POST['id'])) {
+	$id = intval($_POST['id']);
+} elseif (isset($_GET['id'])) {
+	$id = intval($_GET['id']);
+}
+
+if ($page == '' || $page == 'overview') {
+	
+	if ($action == '') {
+		
+		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_plans");
+		$fields = array(
+			'p.name' => $lng['admin']['plans']['name'],
+			'p.description' => $lng['admin']['plans']['description'],
+			'adminname' => $lng['admin']['admin'],
+			'p.ts' => $lng['admin']['plans']['last_update']
+		);
+		$paging = new paging($userinfo, TABLE_PANEL_PLANS, $fields);
+		$plans = '';
+		$result_stmt = Database::prepare("
+			SELECT p.*, a.loginname as adminname
+			FROM `" . TABLE_PANEL_PLANS . "` p, `" . TABLE_PANEL_ADMINS . "` a
+			WHERE " . ($userinfo['customers_see_all'] ? '' : " `p`.`adminid` = :adminid AND ") . "
+			`p`.`adminid` = `a`.`adminid` " . $paging->getSqlWhere(false) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
+		Database::pexecute($result_stmt, array(
+			'adminid' => $userinfo['adminid']
+		));
+		$paging->setEntries(Database::num_rows());
+		$sortcode = $paging->getHtmlSortCode($lng);
+		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
+		$searchcode = $paging->getHtmlSearchCode($lng);
+		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
+		$i = 0;
+		$count = 0;
+		
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			
+			if ($paging->checkDisplay($i)) {
+				$row = htmlentities_array($row);
+				$row['ts_format'] = date("d.m.Y H:i", $row['ts']);
+				eval("\$plans.=\"" . getTemplate("plans/plans_plan") . "\";");
+				$count ++;
+			}
+			$i ++;
+		}
+		
+		eval("echo \"" . getTemplate("plans/plans") . "\";");
+	} elseif ($action == 'delete' && $id != 0) {
+		
+		$result_stmt = Database::prepare("
+			SELECT * FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id");
+		$result = Database::pexecute_first($result_stmt, array(
+			'id' => $id
+		));
+		
+		if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['adminid'] == $result['adminid']) {
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				
+				$del_stmt = Database::prepare("
+					DELETE FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id");
+				Database::pexecute($del_stmt, array(
+					'id' => $id
+				));
+				
+				$log->logAction(ADM_ACTION, LOG_INFO, "Plan '" . $result['name'] . "' has been deleted by '" . $userinfo['loginname'] . "'");
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
+			} else {
+				ask_yesno('plan_reallydelete', $filename, array(
+					'id' => $id,
+					'page' => $page,
+					'action' => $action
+				), $result['name']);
+			}
+		} else {
+			standard_error('nopermissionsorinvalidid');
+		}
+	} elseif ($action == 'add') {
+		
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
+			$name = validate($_POST['name'], 'name');
+			$description = validate(str_replace("\r\n", "\n", $_POST['description']), 'description', '/^[^\0]*$/');
+			
+			$value_arr = array();
+			
+			$value_arr['diskspace'] = intval_ressource($_POST['diskspace']);
+			if (isset($_POST['diskspace_ul'])) {
+				$value_arr['diskspace'] = - 1;
+			}
+			
+			$value_arr['traffic'] = doubleval_ressource($_POST['traffic']);
+			if (isset($_POST['traffic_ul'])) {
+				$value_arr['traffic'] = - 1;
+			}
+			
+			$value_arr['subdomains'] = intval_ressource($_POST['subdomains']);
+			if (isset($_POST['subdomains_ul'])) {
+				$value_arr['subdomains'] = - 1;
+			}
+			
+			$value_arr['emails'] = intval_ressource($_POST['emails']);
+			if (isset($_POST['emails_ul'])) {
+				$value_arr['emails'] = - 1;
+			}
+			
+			$value_arr['email_accounts'] = intval_ressource($_POST['email_accounts']);
+			if (isset($_POST['email_accounts_ul'])) {
+				$value_arr['email_accounts'] = - 1;
+			}
+			
+			$value_arr['email_forwarders'] = intval_ressource($_POST['email_forwarders']);
+			if (isset($_POST['email_forwarders_ul'])) {
+				$value_arr['email_forwarders'] = - 1;
+			}
+			
+			if (Settings::Get('system.mail_quota_enabled') == '1') {
+				$value_arr['email_quota'] = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array(
+					'0',
+					''
+				));
+				if (isset($_POST['email_quota_ul'])) {
+					$value_arr['email_quota'] = - 1;
+				}
+			} else {
+				$value_arr['email_quota'] = - 1;
+			}
+			
+			$value_arr['email_imap'] = 0;
+			if (isset($_POST['email_imap'])) {
+				$value_arr['email_imap'] = intval_ressource($_POST['email_imap']);
+			}
+			
+			$value_arr['email_pop3'] = 0;
+			if (isset($_POST['email_pop3'])) {
+				$value_arr['email_pop3'] = intval_ressource($_POST['email_pop3']);
+			}
+			
+			$value_arr['ftps'] = intval_ressource($_POST['ftps']);
+			if (isset($_POST['ftps_ul'])) {
+				$value_arr['ftps'] = - 1;
+			}
+			
+			$value_arr['tickets'] = (Settings::Get('ticket.enabled') == 1 ? intval_ressource($_POST['tickets']) : 0);
+			if (isset($_POST['tickets_ul']) && Settings::Get('ticket.enabled') == '1') {
+				$value_arr['tickets'] = - 1;
+			}
+			
+			$value_arr['mysqls'] = intval_ressource($_POST['mysqls']);
+			if (isset($_POST['mysqls_ul'])) {
+				$value_arr['mysqls'] = - 1;
+			}
+			
+			$value_arr['phpenabled'] = 0;
+			if (isset($_POST['phpenabled'])) {
+				$value_arr['phpenabled'] = intval($_POST['phpenabled']);
+			}
+			
+			$value_arr['allowed_phpconfigs'] = array();
+			if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) {
+				foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) {
+					$allowed_phpconfig = intval($allowed_phpconfig);
+					$value_arr['allowed_phpconfigs'][] = $allowed_phpconfig;
+				}
+			}
+			
+			$value_arr['perlenabled'] = 0;
+			if (isset($_POST['perlenabled'])) {
+				$value_arr['perlenabled'] = intval($_POST['perlenabled']);
+			}
+			
+			$value_arr['dnsenabled'] = 0;
+			if (isset($_POST['dnsenabled'])) {
+				$value_arr['dnsenabled'] = intval($_POST['dnsenabled']);
+			}
+			
+			$ins_stmt = Database::prepare("
+				INSERT INTO `" . TABLE_PANEL_PLANS . "`
+				SET `adminid` = :adminid, `name` = :name, `description` = :desc, `value` = :valuearr, `ts` = UNIX_TIMESTAMP();
+			");
+			$ins_data = array(
+				'adminid' => $userinfo['adminid'],
+				'name' => $name,
+				'desc' => $description,
+				'valuearr' => json_encode($value_arr)
+			);
+			Database::pexecute($ins_stmt, $ins_data);
+			
+			$log->logAction(ADM_ACTION, LOG_WARNING, "added plan '" . $name . "'");
+			redirectTo($filename, array(
+				'page' => $page,
+				's' => $s
+			));
+		} else {
+			
+			$diskspace_ul = makecheckbox('diskspace_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$traffic_ul = makecheckbox('traffic_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$subdomains_ul = makecheckbox('subdomains_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$emails_ul = makecheckbox('emails_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$email_accounts_ul = makecheckbox('email_accounts_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$email_forwarders_ul = makecheckbox('email_forwarders_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$email_quota_ul = makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			
+			$phpconfigs = array();
+			$configs = Database::query("
+					SELECT c.*, fc.description as interpreter
+					FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
+					LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
+				");
+			while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
+				if ((int) Settings::Get('phpfpm.enabled') == 1) {
+					$phpconfigs[] = array(
+						'label' => $row['description'] . " [" . $row['interpreter'] . "]<br />",
+						'value' => $row['id']
+					);
+				} else {
+					$phpconfigs[] = array(
+						'label' => $row['description'] . "<br />",
+						'value' => $row['id']
+					);
+				}
+			}
+			
+			// dummy to avoid unknown variables
+			$language_options = null;
+			$gender_options = null;
+			$hosting_plans = null;
+
+			$plans_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/plans/formfield.plans_add.php';
+			$cust_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/customer/formfield.customer_add.php';
+			// unset unneeded stuff
+			unset($cust_add_data['customer_add']['sections']['section_a']);
+			unset($cust_add_data['customer_add']['sections']['section_b']);
+			unset($cust_add_data['customer_add']['sections']['section_cpre']);
+			// merge
+			$plans_add_data['plans_add']['sections'] = array_merge($plans_add_data['plans_add']['sections'], $cust_add_data['customer_add']['sections']);
+			$plans_add_form = htmlform::genHTMLForm($plans_add_data);
+			
+			$title = $plans_add_data['plans_add']['title'];
+			$image = $plans_add_data['plans_add']['image'];
+			
+			eval("echo \"" . getTemplate("plans/plans_add") . "\";");
+		}
+	} elseif ($action == 'edit' && $id != 0) {
+		$result_stmt = Database::prepare("
+			SELECT * FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id");
+		$result = Database::pexecute_first($result_stmt, array(
+			'id' => $id
+		));
+		
+		if ($result['name'] != '') {
+			
+			$result['value'] = json_decode($result['value'], true);
+			$result = htmlentities_array($result);
+			
+			foreach ($result['value'] as $index => $value) {
+				$result[$index] = $value;
+			}
+			$result['allowed_phpconfigs'] = json_encode($result['allowed_phpconfigs']);
+			
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+				
+				$name = validate($_POST['name'], 'name');
+				$description = validate(str_replace("\r\n", "\n", $_POST['description']), 'description', '/^[^\0]*$/');
+				
+				$value_arr = array();
+				
+				$value_arr['diskspace'] = intval_ressource($_POST['diskspace']);
+				if (isset($_POST['diskspace_ul'])) {
+					$value_arr['diskspace'] = - 1;
+				}
+				
+				$value_arr['traffic'] = doubleval_ressource($_POST['traffic']);
+				if (isset($_POST['traffic_ul'])) {
+					$value_arr['traffic'] = - 1;
+				}
+				
+				$value_arr['subdomains'] = intval_ressource($_POST['subdomains']);
+				if (isset($_POST['subdomains_ul'])) {
+					$value_arr['subdomains'] = - 1;
+				}
+				
+				$value_arr['emails'] = intval_ressource($_POST['emails']);
+				if (isset($_POST['emails_ul'])) {
+					$value_arr['emails'] = - 1;
+				}
+				
+				$value_arr['email_accounts'] = intval_ressource($_POST['email_accounts']);
+				if (isset($_POST['email_accounts_ul'])) {
+					$value_arr['email_accounts'] = - 1;
+				}
+				
+				$value_arr['email_forwarders'] = intval_ressource($_POST['email_forwarders']);
+				if (isset($_POST['email_forwarders_ul'])) {
+					$value_arr['email_forwarders'] = - 1;
+				}
+				
+				if (Settings::Get('system.mail_quota_enabled') == '1') {
+					$value_arr['email_quota'] = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array(
+						'0',
+						''
+					));
+					if (isset($_POST['email_quota_ul'])) {
+						$value_arr['email_quota'] = - 1;
+					}
+				} else {
+					$value_arr['email_quota'] = - 1;
+				}
+				
+				$value_arr['email_imap'] = 0;
+				if (isset($_POST['email_imap'])) {
+					$value_arr['email_imap'] = intval_ressource($_POST['email_imap']);
+				}
+				
+				$value_arr['email_pop3'] = 0;
+				if (isset($_POST['email_pop3'])) {
+					$value_arr['email_pop3'] = intval_ressource($_POST['email_pop3']);
+				}
+				
+				$value_arr['ftps'] = intval_ressource($_POST['ftps']);
+				if (isset($_POST['ftps_ul'])) {
+					$value_arr['ftps'] = - 1;
+				}
+				
+				$value_arr['tickets'] = (Settings::Get('ticket.enabled') == 1 ? intval_ressource($_POST['tickets']) : 0);
+				if (isset($_POST['tickets_ul']) && Settings::Get('ticket.enabled') == '1') {
+					$value_arr['tickets'] = - 1;
+				}
+				
+				$value_arr['mysqls'] = intval_ressource($_POST['mysqls']);
+				if (isset($_POST['mysqls_ul'])) {
+					$value_arr['mysqls'] = - 1;
+				}
+				
+				$value_arr['phpenabled'] = 0;
+				if (isset($_POST['phpenabled'])) {
+					$value_arr['phpenabled'] = intval($_POST['phpenabled']);
+				}
+				
+				$value_arr['allowed_phpconfigs'] = array();
+				if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) {
+					foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) {
+						$allowed_phpconfig = intval($allowed_phpconfig);
+						$value_arr['allowed_phpconfigs'][] = $allowed_phpconfig;
+					}
+				}
+				
+				$value_arr['perlenabled'] = 0;
+				if (isset($_POST['perlenabled'])) {
+					$value_arr['perlenabled'] = intval($_POST['perlenabled']);
+				}
+				
+				$value_arr['dnsenabled'] = 0;
+				if (isset($_POST['dnsenabled'])) {
+					$value_arr['dnsenabled'] = intval($_POST['dnsenabled']);
+				}
+				
+				$ins_stmt = Database::prepare("
+					UPDATE `" . TABLE_PANEL_PLANS . "`
+					SET `name` = :name, `description` = :desc, `value` = :valuearr, `ts` = UNIX_TIMESTAMP()
+					WHERE `id` = :id
+				");
+				$ins_data = array(
+					'name' => $name,
+					'desc' => $description,
+					'valuearr' => json_encode($value_arr),
+					'id' => $id
+				);
+				Database::pexecute($ins_stmt, $ins_data);
+				
+				$log->logAction(ADM_ACTION, LOG_WARNING, "updated plan '" . $name . "'");
+				redirectTo($filename, array(
+					'page' => $page,
+					's' => $s
+				));
+			} else {
+
+				$diskspace_ul = makecheckbox('diskspace_ul', $lng['customer']['unlimited'], '-1', false, $result['diskspace'], true, true);
+				if ($result['diskspace'] == '-1') {
+					$result['diskspace'] = '';
+				}
+
+				$traffic_ul = makecheckbox('traffic_ul', $lng['customer']['unlimited'], '-1', false, $result['traffic'], true, true);
+				if ($result['traffic'] == '-1') {
+					$result['traffic'] = '';
+				}
+
+				$subdomains_ul = makecheckbox('subdomains_ul', $lng['customer']['unlimited'], '-1', false, $result['subdomains'], true, true);
+				if ($result['subdomains'] == '-1') {
+					$result['subdomains'] = '';
+				}
+				
+				$emails_ul = makecheckbox('emails_ul', $lng['customer']['unlimited'], '-1', false, $result['emails'], true, true);
+				if ($result['emails'] == '-1') {
+					$result['emails'] = '';
+				}
+				
+				$email_accounts_ul = makecheckbox('email_accounts_ul', $lng['customer']['unlimited'], '-1', false, $result['email_accounts'], true, true);
+				if ($result['email_accounts'] == '-1') {
+					$result['email_accounts'] = '';
+				}
+				
+				$email_forwarders_ul = makecheckbox('email_forwarders_ul', $lng['customer']['unlimited'], '-1', false, $result['email_forwarders'], true, true);
+				if ($result['email_forwarders'] == '-1') {
+					$result['email_forwarders'] = '';
+				}
+				
+				$email_quota_ul = makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, $result['email_quota'], true, true);
+				if ($result['email_quota'] == '-1') {
+					$result['email_quota'] = '';
+				}
+				
+				$ftps_ul = makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, $result['ftps'], true, true);
+				if ($result['ftps'] == '-1') {
+					$result['ftps'] = '';
+				}
+				
+				$tickets_ul = makecheckbox('tickets_ul', $lng['customer']['unlimited'], '-1', false, $result['tickets'], true, true);
+				if ($result['tickets'] == '-1') {
+					$result['tickets'] = '';
+				}
+				
+				$mysqls_ul = makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, $result['mysqls'], true, true);
+				if ($result['mysqls'] == '-1') {
+					$result['mysqls'] = '';
+				}
+				
+				$phpconfigs = array();
+				$configs = Database::query("
+					SELECT c.*, fc.description as interpreter
+					FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
+					LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
+				");
+				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
+					if ((int) Settings::Get('phpfpm.enabled') == 1) {
+						$phpconfigs[] = array(
+							'label' => $row['description'] . " [" . $row['interpreter'] . "]<br />",
+							'value' => $row['id']
+						);
+					} else {
+						$phpconfigs[] = array(
+							'label' => $row['description'] . "<br />",
+							'value' => $row['id']
+						);
+					}
+				}
+
+				$result['imap'] = $result['email_imap'];
+				$result['pop3'] = $result['email_pop3'];
+
+				// dummy to avoid unknown variables
+				$result['loginname'] = null;
+				$result['documentroot'] = null;
+				$result['standardsubdomain'] = null;
+				$result['deactivated'] = null;
+				$language_options = null;
+				$result['firstname'] = null;
+				$gender_options = null;
+				$result['company'] = null;
+				$result['street'] = null;
+				$result['zipcode'] = null;
+				$result['city'] = null;
+				$result['phone'] = null;
+				$result['fax'] = null;
+				$result['email'] = null;
+				$result['customernumber'] = null;
+				$result['custom_notes'] = null;
+				$result['custom_notes_show'] = null;
+				$hosting_plans = null;
+				$admin_select_cnt = null;
+				$admin_select = null;
+
+				$plans_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/plans/formfield.plans_edit.php';
+				$cust_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/customer/formfield.customer_edit.php';
+				// unset unneeded stuff
+				unset($cust_edit_data['customer_edit']['sections']['section_a']);
+				unset($cust_edit_data['customer_edit']['sections']['section_b']);
+				unset($cust_edit_data['customer_edit']['sections']['section_cpre']);
+				// merge
+				$plans_edit_data['plans_edit']['sections'] = array_merge($plans_edit_data['plans_edit']['sections'], $cust_edit_data['customer_edit']['sections']);
+				$plans_edit_form = htmlform::genHTMLForm($plans_edit_data);
+				
+				$title = $plans_edit_data['plans_edit']['title'];
+				$image = $plans_edit_data['plans_edit']['image'];
+				
+				eval("echo \"" . getTemplate("plans/plans_edit") . "\";");
+			}
+		}
+	} elseif ($action == 'jqGetPlanValues') {
+		$planid = isset($_POST['planid']) ? (int)$_POST['planid'] : 0;
+		$result_stmt = Database::prepare("
+			SELECT * FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id");
+		$result = Database::pexecute_first($result_stmt, array(
+			'id' => $planid
+		));
+		echo $result['value'];
+		exit;
+	}
+}
--- a/admin_settings.php
+++ b/admin_settings.php
@@ -290,3 +290,113 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 	}
 	eval("echo \"" . getTemplate("settings/integritycheck") . "\";");
 }
+elseif ($page == 'importexport' && $userinfo['change_serversettings'] == '1')
+{
+	// check for json-stuff
+	if (! extension_loaded('json')) {
+		standard_error('jsonextensionnotfound');
+	}
+
+	if (isset($_GET['action']) && $_GET['action'] == "export") {
+		// export
+		try {
+			$json_export = SImExporter::export();
+		} catch(Exception $e) {
+			dynamic_error($e->getMessage());
+		}
+		header('Content-disposition: attachment; filename=Froxlor_settings-'.$version.'-'.$dbversion.'_'.date('d.m.Y').'.json');
+		header('Content-type: application/json');
+		echo $json_export;
+		exit;
+	} elseif (isset($_GET['action']) && $_GET['action'] == "import") {
+		// import
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
+			// get uploaded file
+			if (isset($_FILES["import_file"]["tmp_name"])) {
+				$imp_content = file_get_contents($_FILES["import_file"]["tmp_name"]);
+				try {
+					SImExporter::import($imp_content);
+				} catch(Exception $e) {
+					dynamic_error($e->getMessage());
+				}
+				inserttask('1');
+				inserttask('10');
+				// Using nameserver, insert a task which rebuilds the server config
+				inserttask('4');
+				// cron.d file
+				inserttask('99');
+				standard_success('settingsimported', '', array('filename' => 'admin_settings.php'));
+			}
+			dynamic_error("Upload failed");
+		}
+	} else {
+		eval("echo \"" . getTemplate("settings/importexport/index") . "\";");
+	}
+}
+elseif ($page == 'testmail')
+{
+		if (isset($_POST['send']) && $_POST['send'] == 'send')
+		{
+			$test_addr = isset($_POST['test_addr']) ? $_POST['test_addr'] : null;
+
+			/**
+			 * Initialize the mailingsystem
+			 */
+			$testmail = new PHPMailer(true);
+			$testmail->CharSet = "UTF-8";
+
+			if (Settings::Get('system.mail_use_smtp')) {
+				$testmail->isSMTP();
+				$testmail->Host = Settings::Get('system.mail_smtp_host');
+				$testmail->SMTPAuth = Settings::Get('system.mail_smtp_auth') == '1' ? true : false;
+				$testmail->Username = Settings::Get('system.mail_smtp_user');
+				$testmail->Password = Settings::Get('system.mail_smtp_passwd');
+				if (Settings::Get('system.mail_smtp_usetls')) {
+					$testmail->SMTPSecure = 'tls';
+				} else {
+					$testmail->SMTPAutoTLS = false;
+				}
+				$testmail->Port = Settings::Get('system.mail_smtp_port');
+			}
+
+			$_mailerror = false;
+			if (PHPMailer::ValidateAddress(Settings::Get('panel.adminmail')) !== false) {
+				// set return-to address and custom sender-name, see #76
+				$testmail->SetFrom(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
+				if (Settings::Get('panel.adminmail_return') != '') {
+					$testmail->AddReplyTo(Settings::Get('panel.adminmail_return'), Settings::Get('panel.adminmail_defname'));
+				}
+
+				try {
+					$testmail->Subject = "Froxlor Test-Mail";
+					$mail_body = "Yay, this worked :)";
+					$testmail->AltBody = $mail_body;
+					$testmail->MsgHTML(str_replace("\n", "<br />", $mail_body));
+					$testmail->AddAddress($test_addr);
+					$testmail->Send();
+				} catch(phpmailerException $e) {
+					$mailerr_msg = $e->errorMessage();
+					$_mailerror = true;
+				} catch (Exception $e) {
+					$mailerr_msg = $e->getMessage();
+					$_mailerror = true;
+				}
+
+				if (!$_mailerror) {
+					// success
+					$mail->ClearAddresses();
+					standard_success('testmailsent', '', array('filename' => 'admin_settings.php', 'page' => 'testmail'));
+				}
+			} else {
+				// invalid sender e-mail
+				$mailerr_msg = "Invalid sender e-mail address: ".Settings::Get('panel.adminmail');
+				$_mailerror = true;
+			}
+		}
+
+		$mail_smtp_user = Settings::Get('system.mail_smtp_user');
+		$mail_smtp_host = Settings::Get('system.mail_smtp_host');
+		$mail_smtp_port = Settings::Get('system.mail_smtp_port');
+
+		eval("echo \"" . getTemplate("settings/testmail") . "\";");
+}
--- a/admin_templates.php
+++ b/admin_templates.php
@@ -99,7 +99,7 @@ if ($action == '') {
 	}

 	$add = false;
-	while (list($language_file, $language_name) = each($languages)) {
+	foreach ($languages as $language_file => $language_name) {

 		$templates_done = array();
 		$result_stmt = Database::prepare("
@@ -328,7 +328,7 @@ if ($action == '') {
 		$language_options = '';
 		$template_options = '';

-		while (list($language_file, $language_name) = each($languages)) {
+		foreach ($languages as $language_file => $language_name) {
 			$templates = array();
 			$result_stmt = Database::prepare("
 				SELECT `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
--- a/customer_domains.php
+++ b/customer_domains.php
@@ -260,7 +260,7 @@ if ($page == 'overview') {
 		if ($userinfo['subdomains_used'] < $userinfo['subdomains'] || $userinfo['subdomains'] == '-1') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {

-				if (strpos($_POST['subdomain'], '--') !== false) {
+				if (substr($_POST['subdomain'], 0, 4) == 'xn--') {
 					standard_error('domain_nopunycode');
 				}

@@ -327,6 +327,9 @@ if ($page == 'overview') {
 				}

 				if (!preg_match('/^https?\:\/\//', $path) || !validateUrl($path)) {
+					if (strstr($path, ":") !== FALSE) {
+						standard_error('pathmaynotcontaincolon');
+					}
 					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
 					// set default path to subdomain or domain name
 					if ((($path == '') || ($path == '/')) && Settings::Get('system.documentroot_use_default_value') == 1) {
@@ -334,9 +337,6 @@ if ($page == 'overview') {
 					} else {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 					}
-					if (strstr($path, ":") !== FALSE) {
-						standard_error('pathmaynotcontaincolon');
-					}
 				} else {
 					$_doredirect = true;
 				}
@@ -405,6 +405,10 @@ if ($page == 'overview') {
 						// assign default config
 						$phpsid_result['phpsettingid'] = 1;
 					}
+					// check whether the customer has chosen its own php-config
+					if (isset($_POST['phpsettingid']) && intval($_POST['phpsettingid']) != $phpsid_result['phpsettingid']) {
+						$phpsid_result['phpsettingid'] = intval($_POST['phpsettingid']);
+					}

 					$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
 						`customerid` = :customerid,
@@ -415,6 +419,7 @@ if ($page == 'overview') {
 						`wwwserveralias` = :wwwserveralias,
 						`isemaildomain` = :isemaildomain,
 						`iswildcarddomain` = :iswildcarddomain,
+						`phpenabled` = :phpenabled,
 						`openbasedir` = :openbasedir,
 						`openbasedir_path` = :openbasedir_path,
 						`speciallogfile` = :speciallogfile,
@@ -437,6 +442,7 @@ if ($page == 'overview') {
 						"isemaildomain" => $domain_check['subcanemaildomain'] == '3' ? '1' : '0',
 						"openbasedir" => $domain_check['openbasedir'],
 						"openbasedir_path" => $openbasedir_path,
+						"phpenabled" => $domain_check['phpenabled'],
 						"speciallogfile" => $domain_check['speciallogfile'],
 						"specialsettings" => $domain_check['specialsettings'],
 						"ssl_redirect" => $ssl_redirect,
@@ -517,7 +523,12 @@ if ($page == 'overview') {

 				// check if we at least have one ssl-ip/port, #1179
 				$ssl_ipsandports = '';
-				$ssl_ip_stmt = Database::prepare("SELECT COUNT(*) as countSSL FROM `panel_ipsandports` WHERE `ssl`='1'");
+				$ssl_ip_stmt = Database::prepare("
+					SELECT COUNT(*) as countSSL
+					FROM `".TABLE_PANEL_IPSANDPORTS."` pip
+					LEFT JOIN `".TABLE_DOMAINTOIP."` dti ON dti.id_ipandports = pip.id
+					WHERE pip.`ssl`='1'
+				");
 				Database::pexecute($ssl_ip_stmt);
 				$resultX = $ssl_ip_stmt->fetch(PDO::FETCH_ASSOC);
 				if (isset($resultX['countSSL']) && (int)$resultX['countSSL'] > 0) {
@@ -527,6 +538,27 @@ if ($page == 'overview') {
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, NULL, true) . makeoption($lng['domain']['homedir'], 1, NULL, true);
 				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);

+				$phpconfigs = '';
+				$has_phpconfigs = false;
+				if (isset($userinfo['allowed_phpconfigs']) && !empty($userinfo['allowed_phpconfigs']))
+				{
+					$has_phpconfigs = true;
+					$allowed_cfg = json_decode($userinfo['allowed_phpconfigs'], JSON_OBJECT_AS_ARRAY);
+					$phpconfigs_result_stmt = Database::query("
+						SELECT c.*, fc.description as interpreter
+						FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
+						LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
+						WHERE c.id IN (".implode(", ", $allowed_cfg).")
+					");
+					while ($phpconfigs_row = $phpconfigs_result_stmt->fetch(PDO::FETCH_ASSOC)) {
+						if ((int) Settings::Get('phpfpm.enabled') == 1) {
+							$phpconfigs .= makeoption($phpconfigs_row['description'] . " [".$phpconfigs_row['interpreter']."]", $phpconfigs_row['id'], Settings::Get('phpfpm.defaultini'), true, true);
+						} else {
+							$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], Settings::Get('system.mod_fcgid_defaultini'), true, true);
+						}
+					}
+				}
+
 				$subdomain_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/domains/formfield.domains_add.php';
 				$subdomain_add_form = htmlform::genHTMLForm($subdomain_add_data);

@@ -564,6 +596,9 @@ if ($page == 'overview') {
 				}

 				if (!preg_match('/^https?\:\/\//', $path) || !validateUrl($path)) {
+					if (strstr($path, ":") !== FALSE) {
+						standard_error('pathmaynotcontaincolon');
+					}
 					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
 					// set default path to subdomain or domain name
 					if ((($path == '') || ($path == '/')) && Settings::Get('system.documentroot_use_default_value') == 1) {
@@ -571,9 +606,6 @@ if ($page == 'overview') {
 					} else {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 					}
-					if (strstr($path, ":") !== FALSE) {
-						standard_error('pathmaynotcontaincolon');
-					}
 				} else {
 					$_doredirect = true;
 				}
@@ -617,6 +649,13 @@ if ($page == 'overview') {
 					$openbasedir_path = '0';
 				}

+				// check whether the customer has chosen its own php-config
+				if (isset($_POST['phpsettingid'])) {
+					$phpsettingid = intval($_POST['phpsettingid']);
+				} else {
+					$phpsettingid = $result['phpsettingid'];
+				}
+
 				if (isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') {
 					// a ssl-redirect only works if there actually is a
 					// ssl ip/port assigned to the domain
@@ -642,10 +681,15 @@ if ($page == 'overview') {
 					$letsencrypt = '0';
 				}

-				// We can't enable let's encrypt for wildcard - domains
-				if ($iswildcarddomain == '1' && $letsencrypt == '1') {
+				// We can't enable let's encrypt for wildcard - domains when using acme-v1
+				if ($iswildcarddomain == '1' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
 					standard_error('nowildcardwithletsencrypt');
 				}
+				// if using acme-v2 we cannot issue wildcard-certificates
+				// because they currently only support the dns-01 challenge
+				if ($iswildcarddomain == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
+					standard_error('nowildcardwithletsencryptv2');
+				}

 				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
 				if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) {
@@ -685,6 +729,7 @@ if ($page == 'overview') {
 						|| $hsts_maxage != $result['hsts']
 						|| $hsts_sub != $result['hsts_sub']
 						|| $hsts_preload != $result['hsts_preload']
+						|| $phpsettingid != $result['phpsettingid']
 					) {
 						$log->logAction(USR_ACTION, LOG_INFO, "edited domain '" . $idna_convert->decode($result['domain']) . "'");

@@ -699,7 +744,8 @@ if ($page == 'overview') {
 							`letsencrypt`= :letsencrypt,
 							`hsts` = :hsts,
 							`hsts_sub` = :hsts_sub,
-							`hsts_preload` = :hsts_preload
+							`hsts_preload` = :hsts_preload,
+							`phpsettingid` = :phpsettingid
 							WHERE `customerid`= :customerid
 							AND `id`= :id"
 						);
@@ -715,6 +761,7 @@ if ($page == 'overview') {
 							"hsts" => $hsts_maxage,
 							"hsts_sub" => $hsts_sub,
 							"hsts_preload" => $hsts_preload,
+							"phpsettingid" => $phpsettingid,
 							"customerid" => $userinfo['customerid'],
 							"id" => $id
 						);
@@ -726,7 +773,15 @@ if ($page == 'overview') {
 							triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log);
 						} elseif ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) {
 							// or when wwwserveralias or letsencrypt was changed
+
 							triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log);
+
+							if ($aliasdomain === 0) {
+								// in case the wwwserveralias is set on a main domain, $aliasdomain is 0
+								// --> the call just above to triggerLetsEncryptCSRForAliasDestinationDomain
+								//     is a noop...let's repeat it with the domain id of the main domain
+								triggerLetsEncryptCSRForAliasDestinationDomain($id, $log);
+							}
 						}

 						// check whether LE has been disabled, so we remove the certificate
@@ -797,8 +852,13 @@ if ($page == 'overview') {

 				// check if we at least have one ssl-ip/port, #1179
 				$ssl_ipsandports = '';
-				$ssl_ip_stmt = Database::prepare("SELECT COUNT(*) as countSSL FROM `panel_ipsandports` WHERE `ssl`='1'");
-				Database::pexecute($ssl_ip_stmt);
+				$ssl_ip_stmt = Database::prepare("
+					SELECT COUNT(*) as countSSL
+					FROM `".TABLE_PANEL_IPSANDPORTS."` pip
+					LEFT JOIN `".TABLE_DOMAINTOIP."` dti ON dti.id_ipandports = pip.id
+					WHERE `dti`.`id_domain` = :id_domain AND pip.`ssl`='1'
+				");
+				Database::pexecute($ssl_ip_stmt, array("id_domain" => $result['id']));
 				$resultX = $ssl_ip_stmt->fetch(PDO::FETCH_ASSOC);
 				if (isset($resultX['countSSL']) && (int)$resultX['countSSL'] > 0) {
 					$ssl_ipsandports = 'notempty';
@@ -834,6 +894,27 @@ if ($page == 'overview') {
 					$result_ipandport['ip'] .= $rowip['ip'] . "<br />";
 				}

+				$phpconfigs = '';
+				$has_phpconfigs = false;
+				if (isset($userinfo['allowed_phpconfigs']) && !empty($userinfo['allowed_phpconfigs']))
+				{
+					$has_phpconfigs = true;
+					$allowed_cfg = json_decode($userinfo['allowed_phpconfigs'], JSON_OBJECT_AS_ARRAY);
+					$phpconfigs_result_stmt = Database::query("
+						SELECT c.*, fc.description as interpreter
+						FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
+						LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
+						WHERE c.id IN (".implode(", ", $allowed_cfg).")
+					");
+					while ($phpconfigs_row = $phpconfigs_result_stmt->fetch(PDO::FETCH_ASSOC)) {
+						if ((int) Settings::Get('phpfpm.enabled') == 1) {
+							$phpconfigs .= makeoption($phpconfigs_row['description'] . " [".$phpconfigs_row['interpreter']."]", $phpconfigs_row['id'], $result['phpsettingid'], true, true);
+						} else {
+							$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true);
+						}
+					}
+				}
+
 				$domainip = $result_ipandport['ip'];
 				$result = htmlentities_array($result);

--- a/customer_email.php
+++ b/customer_email.php
@@ -96,7 +96,8 @@ if ($page == 'overview') {
 					$row['destination'] = explode(' ', $row['destination']);
 					uasort($row['destination'], 'strcasecmp');

-					while (list($dest_id, $destination) = each($row['destination'])) {
+					$dest_list = $row['destination'];
+					foreach ($dest_list as $dest_id => $destination) {
 						$row['destination'][$dest_id] = $idna_convert->decode($row['destination'][$dest_id]);

 						if ($row['destination'][$dest_id] == $row['email_full']) {
@@ -164,7 +165,7 @@ if ($page == 'overview') {
 						Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $result['popaccountid']));
 						$update_users_query_addon .= " , `email_accounts_used` = `email_accounts_used` - 1 ";
 						$number_forwarders-= 1;
-						$log->logAction(USR_ACTION, LOG_NOTICE, "deleted forwarder for email address '" . $result['email'] . "'");
+						$log->logAction(USR_ACTION, LOG_INFO, "deleted forwarder for email address '" . $result['email'] . "'");
 					}
 				} else {
 					$number_forwarders = 0;
@@ -323,7 +324,7 @@ if ($page == 'overview') {
 			$forwarders = '';
 			$forwarders_count = 0;

-			while (list($dest_id, $destination) = each($result['destination'])) {
+			foreach ($result['destination'] as $dest_id => $destination) {
 				$destination = $idna_convert->decode($destination);

 				if ($destination != $result['email_full'] && $destination != '') {
@@ -652,7 +653,7 @@ if ($page == 'overview') {

 				$password = validatePassword($password);

-				$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
+				$log->logAction(USR_ACTION, LOG_INFO, "changed email password for '" . $result['email_full'] . "'");
 				$cryptPassword = makeCryptPassword($password);
 				$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "`
 					SET " . (Settings::Get('system.mailpwcleartext') == '1' ? "`password` = :password, " : '') . "
@@ -699,7 +700,7 @@ if ($page == 'overview') {
 				if ($userinfo['email_quota'] != '-1' && ($quota == 0 || ($quota + $userinfo['email_quota_used'] - $result['quota']) > $userinfo['email_quota'])) {
 					standard_error('allocatetoomuchquota', $quota);
 				} else {
-					$log->logAction(USR_ACTION, LOG_NOTICE, "updated quota for email address '" . $result['email'] . "' to " . $quota . " MB");
+					$log->logAction(USR_ACTION, LOG_INFO, "updated quota for email address '" . $result['email'] . "' to " . $quota . " MB");
 					$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "`
 						SET `quota` = :quota
 						WHERE `id` = :id
@@ -834,7 +835,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($stmt, array("cid" => $userinfo['customerid']));

-						$log->logAction(USR_ACTION, LOG_NOTICE, "added email forwarder for '" . $result['email_full'] . "'");
+						$log->logAction(USR_ACTION, LOG_INFO, "added email forwarder for '" . $result['email_full'] . "'");
 						redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 					}
 				} else {
@@ -895,7 +896,7 @@ if ($page == 'overview') {
 					);
 					Database::pexecute($stmt, array("cid" => $userinfo['customerid']));

-					$log->logAction(USR_ACTION, LOG_NOTICE, "deleted email forwarder for '" . $result['email_full'] . "'");
+					$log->logAction(USR_ACTION, LOG_INFO, "deleted email forwarder for '" . $result['email_full'] . "'");
 					redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 				} else {
 					ask_yesno('email_reallydelete_forwarder', $filename, array('id' => $id, 'forwarderid' => $forwarderid, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']) . ' -> ' . $idna_convert->decode($forwarder));
--- a/customer_extras.php
+++ b/customer_extras.php
@@ -563,7 +563,7 @@ if ($page == 'overview') {
 			$existing_backupJob = null;
 			while ($entry = $sel_stmt->fetch())
 			{
-				$data = unserialize($entry['data']);
+				$data = json_decode($entry['data'], true);
 				if ($data['customerid'] == $userinfo['customerid']) {
 					$existing_backupJob = $entry;
 					break;
@@ -579,6 +579,11 @@ if ($page == 'overview') {
 				$path = makeCorrectDir(validate($_POST['path'], 'path'));
 				$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);

+				// path cannot be the customers docroot
+				if ($path == makeCorrectDir($userinfo['documentroot'])) {
+					standar_error('backupfoldercannotbedocroot');
+				}
+
 				$backup_dbs = isset($_POST['backup_dbs']) ? intval($_POST['backup_dbs']) : 0;
 				$backup_mail = isset($_POST['backup_mail']) ? intval($_POST['backup_mail']) : 0;
 				$backup_web = isset($_POST['backup_web']) ? intval($_POST['backup_web']) : 0;
@@ -613,7 +618,7 @@ if ($page == 'overview') {

 				if (!empty($existing_backupJob)) {
 					$action = "abort";
-					$row = unserialize($entry['data']);
+					$row = json_decode($entry['data'], true);
 					$row['path'] = makeCorrectDir(str_replace($userinfo['documentroot'], "/", $row['destdir']));
 					$row['backup_web'] = ($row['backup_web'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no'];
 					$row['backup_mail'] = ($row['backup_mail'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no'];
--- a/customer_ftp.php
+++ b/customer_ftp.php
@@ -134,6 +134,12 @@ if ($page == 'overview') {
 				// refs #293
 				if (isset($_POST['delete_userfiles']) && (int)$_POST['delete_userfiles'] == 1) {
 					inserttask('8', $userinfo['loginname'], $result['homedir']);
+				} else {
+					if (Settings::Get('system.nssextrausers') == 1)
+					{
+						// this is used so that the libnss-extrausers cron is fired
+						inserttask(5);
+					}
 				}

 				$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
@@ -431,6 +437,7 @@ if ($page == 'overview') {
 				}

 				$log->logAction(USR_ACTION, LOG_INFO, "edited ftp-account '" . $result['username'] . "'");
+				inserttask(5);
 				$description = validate($_POST['ftp_description'], 'description');
 				$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
 					SET `description` = :desc, `shell` = :shell
--- a/customer_index.php
+++ b/customer_index.php
@@ -204,7 +204,7 @@ if ($page == 'overview') {
 		}

 		$language_options = '';
-		while (list($language_file, $language_name) = each($languages)) {
+		foreach ($languages as $language_file => $language_name) {
 			$language_options .= makeoption($language_name, $language_file, $default_lang, true);
 		}

--- a/customer_logger.php
+++ b/customer_logger.php
@@ -16,17 +16,15 @@
 * @package    Panel
 *
 */
-
 define('AREA', 'customer');
 require './lib/init.php';

 // redirect if this customer page is hidden via settings
-if (Settings::IsInList('panel.customer_hide_options','extras.logger')) {
+if (Settings::IsInList('panel.customer_hide_options', 'extras.logger')) {
 	redirectTo('customer_index.php');
 }

-if ($page == 'log'
-) {
+if ($page == 'log') {
 	if ($action == '') {
 		$fields = array(
 			'date' => $lng['logger']['date'],
@@ -34,37 +32,39 @@ if ($page == 'log'
 			'user' => $lng['logger']['user'],
 			'text' => $lng['logger']['action']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc');
-		$result_stmt = Database::prepare('
-			SELECT * FROM `' . TABLE_PANEL_LOG . '` WHERE `user` = :loginname ' . $paging->getSqlWhere(true) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit()
-		);
-		Database::pexecute($result_stmt, array("loginname" => $userinfo['loginname']));
-		$logs_count = Database::num_rows();
+		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc', 30);
+		$query = 'SELECT * FROM `' . TABLE_PANEL_LOG . '` WHERE `user` = :loginname ' . $paging->getSqlWhere(true) . ' ' . $paging->getSqlOrderBy();
+		$result_stmt = Database::prepare($query . ' ' . $paging->getSqlLimit());
+		Database::pexecute($result_stmt, array(
+			"loginname" => $userinfo['loginname']
+		));
+		$result_cnt_stmt = Database::prepare($query);
+		Database::pexecute($result_cnt_stmt, array(
+			"loginname" => $userinfo['loginname']
+		));
+		$res_cnt = $result_cnt_stmt->fetch(PDO::FETCH_ASSOC);
+		$logs_count = $result_cnt_stmt->rowCount();
 		$paging->setEntries($logs_count);
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
 		$searchcode = $paging->getHtmlSearchCode($lng);
 		$pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s);
 		$clog = array();
-
+		
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-
-			if (!isset($clog[$row['action']])
-				|| !is_array($clog[$row['action']])
-			) {
+			
+			if (! isset($clog[$row['action']]) || ! is_array($clog[$row['action']])) {
 				$clog[$row['action']] = array();
 			}
 			$clog[$row['action']][$row['logid']] = $row;
 		}
-
-		if ($paging->sortfield == 'date'
-			&& $paging->sortorder == 'desc'
-		) {
+		
+		if ($paging->sortfield == 'date' && $paging->sortorder == 'desc') {
 			krsort($clog);
 		} else {
 			ksort($clog);
 		}
-
+		
 		$i = 0;
 		$count = 0;
 		$log_count = 0;
@@ -72,51 +72,50 @@ if ($page == 'log'
 		foreach ($clog as $action => $logrows) {
 			$_action = 0;
 			foreach ($logrows as $row) {
-				if ($paging->checkDisplay($i)) {
-					$row = htmlentities_array($row);
-					$row['date'] = date("d.m.y H:i:s", $row['date']);
-
-					if ($_action != $action) {
-						switch ($action) {
-							case USR_ACTION:
-								$_action = $lng['admin']['customer'];
-								break;
-							case RES_ACTION:
-								$_action = $lng['logger']['reseller'];
-								break;
-							case ADM_ACTION:
-								$_action = $lng['logger']['admin'];
-								break;
-							case CRON_ACTION:
-								$_action = $lng['logger']['cron'];
-								break;
-							case LOGIN_ACTION:
-								$_action = $lng['logger']['login'];
-								break;
-							case LOG_ERROR:
-								$_action = $lng['logger']['intern'];
-								break;
-							default:
-								$_action = $lng['logger']['unknown'];
-								break;
-						}
-
-						$row['action'] = $_action;
-						eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";");
+				// if ($paging->checkDisplay($i)) {
+				$row = htmlentities_array($row);
+				$row['date'] = date("d.m.y H:i:s", $row['date']);
+				
+				if ($_action != $action) {
+					switch ($action) {
+						case USR_ACTION:
+							$_action = $lng['admin']['customer'];
+							break;
+						case RES_ACTION:
+							$_action = $lng['logger']['reseller'];
+							break;
+						case ADM_ACTION:
+							$_action = $lng['logger']['admin'];
+							break;
+						case CRON_ACTION:
+							$_action = $lng['logger']['cron'];
+							break;
+						case LOGIN_ACTION:
+							$_action = $lng['logger']['login'];
+							break;
+						case LOG_ERROR:
+							$_action = $lng['logger']['intern'];
+							break;
+						default:
+							$_action = $lng['logger']['unknown'];
+							break;
 					}
-
-					$log_count++;
-					$row['type'] = getLogLevelDesc($row['type']);
-					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
-					$count++;
-					$_action = $action;
+					
+					$row['action'] = $_action;
+					eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";");
 				}
-				$i++;
+				
+				$log_count ++;
+				$row['type'] = getLogLevelDesc($row['type']);
+				eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
+				$count ++;
+				$_action = $action;
+				// }
+				$i ++;
 			}
-			$i++;
+			$i ++;
 		}
-
+		
 		eval("echo \"" . getTemplate('logger/logger') . "\";");
-
 	}
 }
--- a/customer_tickets.php
+++ b/customer_tickets.php
@@ -20,10 +20,6 @@
 define('AREA', 'customer');
 require './lib/init.php';

-// redirect if this customer page is hidden via settings
-if (Settings::IsInList('panel.customer_hide_options','domains')) {
-	redirectTo('customer_index.php');
-}

 if (isset($_POST['id'])) {

@@ -242,7 +238,11 @@ if ($page == 'overview') {
 		}
 	} elseif ($action == 'answer' && $id != 0) {
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
-			$replyticket = ticket::getInstanceOf($userinfo, -1);
+			try {
+				$replyticket = ticket::getInstanceOf($userinfo, -1);
+			} catch(Exception $e) {
+				standard_error($e->getMessage());
+			}
 			$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 			$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 			$replyticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
@@ -250,6 +250,11 @@ if ($page == 'overview') {
 			if ($replyticket->Get('message') == null) {
 				standard_error(array('stringisempty', 'mymessage'));
 			} else {
+				try {
+					$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+				} catch(Exception $e) {
+					standard_error($e->getMessage());
+				}
 				$now = time();
 				$replyticket->Set('customer', (int)$userinfo['customerid'], true, true);
 				$replyticket->Set('lastchange', $now, true, true);
@@ -260,8 +265,6 @@ if ($page == 'overview') {
 				$replyticket->Insert();

 				// Update priority if changed
-				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
-
 				if ($replyticket->Get('priority') != $mainticket->Get('priority')) {
 					$mainticket->Set('priority', $replyticket->Get('priority'), true);
 				}
@@ -276,7 +279,11 @@ if ($page == 'overview') {
 			}
 		} else {
 			$ticket_replies = '';
-			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			try {
+				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			} catch(Exception $e) {
+				standard_error($e->getMessage());
+			}
 			$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
 			$status = ticket::getStatusText($lng, $mainticket->Get('status'));

@@ -355,7 +362,11 @@ if ($page == 'overview') {
 	} elseif ($action == 'close' && $id != 0) {
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			$now = time();
-			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			try {
+				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			} catch(Exception $e) {
+				standard_error($e->getMessage());
+			}
 			$mainticket->Set('lastchange', $now, true, true);
 			$mainticket->Set('lastreplier', '0', true, true);
 			$mainticket->Set('status', '3', true, true);
@@ -363,7 +374,11 @@ if ($page == 'overview') {
 			$log->logAction(USR_ACTION, LOG_NOTICE, "closed support-ticket '" . $mainticket->Get('subject') . "'");
 			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			try {
+				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			} catch(Exception $e) {
+				standard_error($e->getMessage());
+			}
 			ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 	} elseif ($action == 'reopen' && $id != 0) {
@@ -381,7 +396,11 @@ if ($page == 'overview') {
 		}

 		$now = time();
-		$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+		try {
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+		} catch(Exception $e) {
+			standard_error($e->getMessage());
+		}
 		$mainticket->Set('lastchange', $now, true, true);
 		$mainticket->Set('lastreplier', '0', true, true);
 		$mainticket->Set('status', '0', true, true);
--- a/dns_editor.php
+++ b/dns_editor.php
@@ -56,13 +56,29 @@ if ($action == 'add_record' && ! empty($_POST)) {
 		if (strpos($record, '--') !== false) {
 			$errors[] = $lng['error']['domain_nopunycode'];
 		} else {
+			// check for wildcard-record
+			$add_wildcard_again = false;
+			if (substr($record, 0, 2) == '*.') {
+				$record = substr($record, 2);
+				$add_wildcard_again = true;
+			}
+			// convert entry
 			$record = $idna_convert->encode($record);
+
+			if ($add_wildcard_again) {
+				$record = '*.'.$record;
+			}
+
+			/*
+			 * see https://redmine.froxlor.org/issues/1697
+			 *
 			if ($type != 'SRV' && $type != 'TXT') {
 				$check_dom = $record . '.example.com';
 				if (! validateDomain($check_dom)) {
 					$errors[] = sprintf($lng['error']['subdomainiswrong'], $idna_convert->decode($record));
 				}
 			}
+			*/
 			if (strlen($record) > 63) {
 				$errors[] = $lng['error']['dns_record_toolong'];
 			}
@@ -112,6 +128,9 @@ if ($action == 'add_record' && ! empty($_POST)) {
 		if (substr($content, - 1) == '.') {
 			// remove it for checks
 			$content = substr($content, 0, - 1);
+		} else {
+			// add domain name
+			$content .= '.' . $domain;
 		}
 		if (! validateDomain($content)) {
 			$errors[] = $lng['error']['dns_cname_invaliddom'];
@@ -171,8 +190,8 @@ if ($action == 'add_record' && ! empty($_POST)) {
 				}
 			}
 		}
-		// append trailing dot (again)
-		if ($target != '.') {
+		// append trailing dot if there's none
+		if (substr($content, - 1) != '.') {
 			$content .= '.';
 		}
 	}
@@ -189,7 +208,7 @@ if ($action == 'add_record' && ! empty($_POST)) {

 	// check for duplicate
 	foreach ($dom_entries as $existing_entry) {
-		// compare serialized string of array
+		// compare json-encoded string of array
 		$check_entry = $existing_entry;
 		// new entry has no ID yet
 		unset($check_entry['id']);
@@ -199,9 +218,9 @@ if ($action == 'add_record' && ! empty($_POST)) {
 		$check_entry['prio'] = (int) $check_entry['prio'];
 		$check_entry['ttl'] = (int) $check_entry['ttl'];
 		$check_entry['domain_id'] = (int) $check_entry['domain_id'];
-		// serialize both
-		$check_entry = serialize($check_entry);
-		$new = serialize($new_entry);
+		// encode both
+		$check_entry = json_encode($check_entry);
+		$new = json_encode($new_entry);
 		// compare
 		if ($check_entry === $new) {
 			$errors[] = $lng['error']['dns_duplicate_entry'];
--- a/index.php
+++ b/index.php
@@ -250,7 +250,7 @@ if ($action == 'login') {
 		$language_options = '';
 		$language_options .= makeoption($lng['login']['profile_lng'], 'profile', 'profile', true, true);

-		while (list($language_file, $language_name) = each($languages)) {
+		foreach ($languages as $language_file => $language_name) {
 			$language_options .= makeoption($language_name, $language_file, 'profile', true);
 		}

--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -66,7 +66,7 @@ CREATE TABLE `mail_virtual` (
  `id` int(11) NOT NULL auto_increment,
  `email` varchar(255) NOT NULL default '',
  `email_full` varchar(255) NOT NULL default '',
-  `destination` text NOT NULL default '',
+  `destination` text,
  `domainid` int(11) NOT NULL default '0',
  `customerid` int(11) NOT NULL default '0',
  `popaccountid` int(11) NOT NULL default '0',
@@ -195,8 +195,11 @@ CREATE TABLE `panel_customers` (
  `theme` varchar(255) NOT NULL default 'Sparkle',
  `custom_notes` text,
  `custom_notes_show` tinyint(1) NOT NULL default '0',
-  `lepublickey` mediumtext DEFAULT NULL,
-  `leprivatekey` mediumtext DEFAULT NULL,
+  `lepublickey` mediumtext default NULL,
+  `leprivatekey` mediumtext default NULL,
+  `leregistered` tinyint(1) NOT NULL default '0',
+  `leaccount` varchar(255) default '',
+  `allowed_phpconfigs` varchar(500) NOT NULL default '',
   PRIMARY KEY  (`customerid`),
   UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -237,6 +240,7 @@ CREATE TABLE `panel_domains` (
  `dkim_pubkey` text,
  `wwwserveralias` tinyint(1) NOT NULL default '1',
  `parentdomainid` int(11) NOT NULL default '0',
+  `phpenabled` tinyint(1) NOT NULL default '0',
  `openbasedir` tinyint(1) NOT NULL default '0',
  `openbasedir_path` tinyint(1) NOT NULL default '0',
  `speciallogfile` tinyint(1) NOT NULL default '0',
@@ -255,6 +259,9 @@ CREATE TABLE `panel_domains` (
  `hsts` varchar(10) NOT NULL default '0',
  `hsts_sub` tinyint(1) NOT NULL default '0',
  `hsts_preload` tinyint(1) NOT NULL default '0',
+  `ocsp_stapling` tinyint(1) DEFAULT '0',
+  `http2` tinyint(1) DEFAULT '0',
+  `notryfiles` tinyint(1) DEFAULT '0',
  PRIMARY KEY  (`id`),
  KEY `customerid` (`customerid`),
  KEY `parentdomain` (`parentdomainid`),
@@ -274,13 +281,14 @@ CREATE TABLE `panel_ipsandports` (
  `vhostcontainer_servername_statement` tinyint(1) NOT NULL default '0',
  `specialsettings` text,
  `ssl` tinyint(4) NOT NULL default '0',
-  `ssl_cert_file` varchar(255) NOT NULL,
-  `ssl_key_file` varchar(255) NOT NULL,
-  `ssl_ca_file` varchar(255) NOT NULL,
+  `ssl_cert_file` varchar(255) NOT NULL default '',
+  `ssl_key_file` varchar(255) NOT NULL default '',
+  `ssl_ca_file` varchar(255) NOT NULL default '',
  `default_vhostconf_domain` text,
-  `ssl_cert_chainfile` varchar(255) NOT NULL,
+  `ssl_cert_chainfile` varchar(255) NOT NULL default '',
  `docroot` varchar(255) NOT NULL default '',
-  PRIMARY KEY  (`id`)
+  PRIMARY KEY  (`id`),
+  UNIQUE KEY `ip_port` (`ip`,`port`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;


@@ -398,25 +406,113 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('login', 'maxloginattempts', '3'),
 	('login', 'deactivatetime', '900'),
 	('phpfpm', 'enabled', '0'),
-	('phpfpm', 'configdir', '/etc/php-fpm.d/'),
-	('phpfpm', 'reload', '/etc/init.d/php-fpm restart'),
-	('phpfpm', 'pm', 'static'),
-	('phpfpm', 'max_children', '1'),
-	('phpfpm', 'start_servers', '20'),
-	('phpfpm', 'min_spare_servers', '5'),
-	('phpfpm', 'max_spare_servers', '35'),
-	('phpfpm', 'max_requests', '0'),
 	('phpfpm', 'tmpdir', '/var/customers/tmp/'),
 	('phpfpm', 'peardir', '/usr/share/php/:/usr/share/php5/'),
+	('phpfpm', 'envpath', '/usr/local/bin:/usr/bin:/bin'),
 	('phpfpm', 'enabled_ownvhost', '0'),
 	('phpfpm', 'vhost_httpuser', 'froxlorlocal'),
 	('phpfpm', 'vhost_httpgroup', 'froxlorlocal'),
-	('phpfpm', 'idle_timeout', '30'),
 	('phpfpm', 'aliasconfigdir', '/var/www/php-fpm/'),
 	('phpfpm', 'defaultini', '1'),
 	('phpfpm', 'vhost_defaultini', '2'),
 	('phpfpm', 'fastcgi_ipcdir', '/var/lib/apache2/fastcgi/'),
 	('phpfpm', 'use_mod_proxy', '0'),
+	('phpfpm', 'ini_flags', 'asp_tags
+display_errors
+display_startup_errors
+html_errors
+log_errors
+magic_quotes_gpc
+magic_quotes_runtime
+magic_quotes_sybase
+mail.add_x_header
+session.cookie_secure
+session.use_cookies
+short_open_tag
+track_errors
+xmlrpc_errors
+suhosin.simulation
+suhosin.session.encrypt
+suhosin.session.cryptua
+suhosin.session.cryptdocroot
+suhosin.cookie.encrypt
+suhosin.cookie.cryptua
+suhosin.cookie.cryptdocroot
+suhosin.executor.disable_eval
+mbstring.func_overload'),
+	('phpfpm', 'ini_values', 'auto_append_file
+auto_prepend_file
+date.timezone
+default_charset
+error_reporting
+include_path
+log_errors_max_len
+mail.log
+max_execution_time
+session.cookie_domain
+session.cookie_lifetime
+session.cookie_path
+session.name
+session.serialize_handler
+upload_max_filesize
+xmlrpc_error_number
+session.auto_start
+always_populate_raw_post_data
+suhosin.session.cryptkey
+suhosin.session.cryptraddr
+suhosin.session.checkraddr
+suhosin.cookie.cryptkey
+suhosin.cookie.plainlist
+suhosin.cookie.cryptraddr
+suhosin.cookie.checkraddr
+suhosin.executor.func.blacklist
+suhosin.executor.eval.whitelist'),
+	('phpfpm', 'ini_admin_flags', 'allow_call_time_pass_reference
+allow_url_fopen
+allow_url_include
+auto_detect_line_endings
+cgi.fix_pathinfo
+cgi.force_redirect
+enable_dl
+expose_php
+file_uploads
+ignore_repeated_errors
+ignore_repeated_source
+log_errors
+register_argc_argv
+report_memleaks
+opcache.enable
+opcache.consistency_checks
+opcache.dups_fix
+opcache.load_comments
+opcache.revalidate_path
+opcache.save_comments
+opcache.use_cwd
+opcache.validate_timestamps
+opcache.fast_shutdown'),
+	('phpfpm', 'ini_admin_values', 'cgi.redirect_status_env
+date.timezone
+disable_classes
+disable_functions
+error_log
+gpc_order
+max_input_time
+max_input_vars
+memory_limit
+open_basedir
+output_buffering
+post_max_size
+precision
+sendmail_path
+session.gc_divisor
+session.gc_probability
+variables_order
+opcache.log_verbosity_level
+opcache.restrict_api
+opcache.revalidate_freq
+opcache.max_accelerated_files
+opcache.memory_consumption
+opcache.interned_strings_buffer'),
 	('nginx', 'fastcgiparams', '/etc/nginx/fastcgi_params'),
 	('system', 'lastaccountnumber', '0'),
 	('system', 'lastguid', '9999'),
@@ -438,7 +534,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'defaultip', '1'),
 	('system', 'phpappendopenbasedir', '/tmp/'),
 	('system', 'deactivateddocroot', ''),
-	('system', 'mailpwcleartext', '1'),
+	('system', 'mailpwcleartext', '0'),
 	('system', 'last_tasks_run', '000000'),
 	('system', 'nameservers', ''),
 	('system', 'mxservers', ''),
@@ -496,10 +592,11 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'ssl_cert_chainfile', ''),
 	('system', 'ssl_cipher_list', 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128'),
 	('system', 'nginx_php_backend', '127.0.0.1:8888'),
-        ('system', 'nginx_http2_support', '0'),
+	('system', 'http2_support', '0'),
 	('system', 'perl_server', 'unix:/var/run/nginx/cgiwrap-dispatch.sock'),
 	('system', 'phpreload_command', ''),
-	('system', 'apache24', '0'),
+	('system', 'apache24', '1'),
+	('system', 'apache24_ocsp_cache_path', 'shmcb:/var/run/apache2/ocsp-stapling.cache(131072)'),
 	('system', 'documentroot_use_default_value', '0'),
 	('system', 'passwordcryptfunc', '3'),
 	('system', 'axfrservers', ''),
@@ -527,6 +624,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'letsencryptkeysize', '4096'),
 	('system', 'letsencryptreuseold', 0),
 	('system', 'leenabled', '0'),
+	('system', 'leapiversion', '1'),
 	('system', 'backupenabled', '0'),
 	('system', 'dnsenabled', '0'),
 	('system', 'dns_server', 'bind'),
@@ -544,8 +642,17 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'mail_smtp_user', ''),
 	('system', 'mail_smtp_passwd', ''),
 	('system', 'hsts_maxage', '0'),
-	('system', 'hsts_sub', '0'),
+	('system', 'hsts_incsub', '0'),
 	('system', 'hsts_preload', '0'),
+	('system', 'leregistered', '0'),
+  ('system', 'leaccount', ''),
+	('system', 'nssextrausers', '0'),
+	('system', 'disable_le_selfcheck', '0'),
+	('system', 'ssl_protocols', 'TLSv1,TLSv1.2'),
+	('system', 'logfiles_format', ''),
+	('system', 'logfiles_type', '1'),
+	('system', 'logfiles_piped', '0'),
+	('system', 'logfiles_script', ''),
 	('panel', 'decimal_places', '4'),
 	('panel', 'adminmail', 'admin@SERVERNAME'),
 	('panel', 'phpmyadmin_url', ''),
@@ -577,8 +684,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'password_special_char_required', '0'),
 	('panel', 'password_special_char', '!?<>§$%+#=@'),
 	('panel', 'customer_hide_options', ''),
-	('panel', 'version', '0.9.38.1'),
-	('panel', 'db_version', '201611180');
+	('panel', 'version', '0.9.40'),
+	('panel', 'db_version', '201809280');


 DROP TABLE IF EXISTS `panel_tasks`;
@@ -744,6 +851,33 @@ CREATE TABLE IF NOT EXISTS `panel_syslog` (
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;


+
+DROP TABLE IF EXISTS `panel_fpmdaemons`;
+CREATE TABLE `panel_fpmdaemons` (
+  `id` int(11) unsigned NOT NULL auto_increment,
+  `description` varchar(50) NOT NULL,
+  `reload_cmd` varchar(255) NOT NULL,
+  `config_dir` varchar(255) NOT NULL,
+  `pm` varchar(15) NOT NULL DEFAULT 'static',
+  `max_children` int(4) NOT NULL DEFAULT '1',
+  `start_servers` int(4) NOT NULL DEFAULT '20',
+  `min_spare_servers` int(4) NOT NULL DEFAULT '5',
+  `max_spare_servers` int(4) NOT NULL DEFAULT '35',
+  `max_requests` int(4) NOT NULL DEFAULT '0',
+  `idle_timeout` int(4) NOT NULL DEFAULT '30',
+  `limit_extensions` varchar(255) NOT NULL default '.php',
+  PRIMARY KEY  (`id`),
+  UNIQUE KEY `reload` (`reload_cmd`),
+  UNIQUE KEY `config` (`config_dir`)
+) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
+
+
+
+INSERT INTO `panel_fpmdaemons` (`id`, `description`, `reload_cmd`, `config_dir`) VALUES
+(1, 'System default', 'service php7.0-fpm restart', '/etc/php/7.0/fpm/pool.d/');
+
+
+
 DROP TABLE IF EXISTS `panel_phpconfigs`;
 CREATE TABLE `panel_phpconfigs` (
  `id` int(11) unsigned NOT NULL auto_increment,
@@ -757,14 +891,26 @@ CREATE TABLE `panel_phpconfigs` (
  `fpm_reqterm` varchar(15) NOT NULL default '60s',
  `fpm_reqslow` varchar(15) NOT NULL default '5s',
  `phpsettings` text NOT NULL,
-  PRIMARY KEY  (`id`)
+  `fpmsettingid` int(11) NOT NULL DEFAULT '1',
+  `pass_authorizationheader` tinyint(1) NOT NULL default '0',
+  `override_fpmconfig` tinyint(1) NOT NULL DEFAULT '0',
+  `pm` varchar(15) NOT NULL DEFAULT 'static',
+  `max_children` int(4) NOT NULL DEFAULT '1',
+  `start_servers` int(4) NOT NULL DEFAULT '20',
+  `min_spare_servers` int(4) NOT NULL DEFAULT '5',
+  `max_spare_servers` int(4) NOT NULL DEFAULT '35',
+  `max_requests` int(4) NOT NULL DEFAULT '0',
+  `idle_timeout` int(4) NOT NULL DEFAULT '30',
+  `limit_extensions` varchar(255) NOT NULL default '.php',
+  PRIMARY KEY  (`id`),
+  KEY `fpmsettingid` (`fpmsettingid`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;



 INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `phpsettings`) VALUES
 (1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = "{DOCUMENT_ROOT}"\r\n'),
-(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = ""\r\n');
+(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = ""\r\n');


 DROP TABLE IF EXISTS `cronjobs_run`;
@@ -859,11 +1005,12 @@ DROP TABLE IF EXISTS `domain_ssl_settings`;
 CREATE TABLE IF NOT EXISTS `domain_ssl_settings` (
  `id` int(5) NOT NULL auto_increment,
  `domainid` int(11) NOT NULL,
-  `ssl_cert_file` mediumtext NOT NULL,
-  `ssl_key_file` mediumtext NOT NULL,
+  `ssl_cert_file` mediumtext,
+  `ssl_key_file` mediumtext,
  `ssl_ca_file` mediumtext,
  `ssl_cert_chainfile` mediumtext,
  `ssl_csr_file` mediumtext,
+  `ssl_fullchain_file` mediumtext,
  `expirationdate` datetime DEFAULT NULL,
  PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -889,3 +1036,16 @@ CREATE TABLE `domain_dns_entries` (
  PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

+
+DROP TABLE IF EXISTS `panel_plans`;
+CREATE TABLE `panel_plans` (
+  `id` int(11) NOT NULL auto_increment,
+  `adminid` int(11) NOT NULL default '0',
+  `name` varchar(255) NOT NULL default '',
+  `description` text NOT NULL,
+  `value` longtext NOT NULL,
+  `ts` int(15) NOT NULL default '0',
+  PRIMARY KEY  (id),
+  KEY adminid (adminid)
+) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
+
--- a/install/lib/class.FroxlorInstall.php
+++ b/install/lib/class.FroxlorInstall.php
@@ -28,7 +28,7 @@
 * @author Froxlor team <team@froxlor.org> (2010-)
 * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package Install
- *
+ *         
 */
 class FroxlorInstall
 {
@@ -74,10 +74,17 @@ class FroxlorInstall
 	/**
 	 * currently used language
 	 *
-	 * @var unknown
+	 * @var string
 	 */
 	private $_activelng = 'english';

+	/**
+	 * check whether to abort due to errors
+	 *
+	 * @var bool
+	 */
+	private $_abort = false;
+
 	/**
 	 * Class constructor
 	 */
@@ -154,7 +161,7 @@ class FroxlorInstall
 		$this->_guessServerName();
 		$this->_guessServerIP();
 		$this->_guessWebserver();
-
+		
 		$this->_getPostField('mysql_host', '127.0.0.1');
 		$this->_getPostField('mysql_database', 'froxlor');
 		$this->_getPostField('mysql_unpriv_user', 'froxlor');
@@ -169,18 +176,22 @@ class FroxlorInstall
 		$this->_getPostField('httpuser', $posixusername['name']);
 		$posixgroup = posix_getgrgid(posix_getgid());
 		$this->_getPostField('httpgroup', $posixgroup['name']);
-
+		
 		if ($this->_data['mysql_host'] == 'localhost' || $this->_data['mysql_host'] == '127.0.0.1') {
 			$this->_data['mysql_access_host'] = $this->_data['mysql_host'];
 		} else {
 			$this->_data['mysql_access_host'] = $this->_data['serverip'];
 		}
-
+		
 		// check system-hostname to be a FQDN
-		if ($this->_validate_ip($this->_data['servername'], true) !== false) {
+		if ($this->_validate_ip($this->_data['servername']) !== false) {
 			$this->_data['servername'] = '';
 		}
-
+		
+		if (empty($this->_data['serverip']) || $this->_validate_ip($this->_data['serverip']) == false) {
+			return false;
+		}
+		
 		if (isset($_POST['installstep']) && $_POST['installstep'] == '1' && $this->_data['admin_pass1'] == $this->_data['admin_pass2'] && $this->_data['admin_pass1'] != '' && $this->_data['admin_pass2'] != '' && $this->_data['mysql_unpriv_pass'] != '' && $this->_data['mysql_root_pass'] != '' && $this->_data['servername'] != '' && $this->_data['serverip'] != '' && $this->_data['httpuser'] != '' && $this->_data['httpgroup'] != '' && $this->_data['mysql_unpriv_user'] != $this->_data['mysql_root_user']) {
 			return true;
 		}
@@ -195,12 +206,12 @@ class FroxlorInstall
 	private function _doInstall()
 	{
 		$content = "<table class=\"noborder\">";
-
+		
 		// check for mysql-root-connection
 		$content .= $this->_status_message('begin', $this->_lng['install']['testing_mysql']);
-
+		
 		$options = array(
-			'PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8'
+			'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"'
 		);
 		$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";";
 		$fatal_fail = false;
@@ -223,9 +234,9 @@ class FroxlorInstall
 				$fatal_fail = true;
 			}
 		}
-
+		
 		if (! $fatal_fail) {
-
+			
 			// ok, if we are here, the database connection is up and running
 			$content .= $this->_status_message('green', "OK");
 			// check for existing db and create backup if so
@@ -234,36 +245,37 @@ class FroxlorInstall
 			$content .= $this->_createDatabaseAndUser($db_root);
 			// importing data to new database
 			$content .= $this->_importDatabaseData();
-			// create DB object for new database
-			$options = array(
-				'PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8'
-			);
-			$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
-			$another_fail = false;
-			try {
-				$db = new PDO($dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options);
-			} catch (PDOException $e) {
-				// dafuq? this should have happened in _importDatabaseData()
-				$content .= $this->_status_message('red', $e->getMessage());
-				$another_fail = true;
-			}
-			;
+			if (! $this->_abort) {
+				// create DB object for new database
+				$options = array(
+					'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"'
+				);
+				$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
+				$another_fail = false;
+				try {
+					$db = new PDO($dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options);
+				} catch (PDOException $e) {
+					// dafuq? this should have happened in _importDatabaseData()
+					$content .= $this->_status_message('red', $e->getMessage());
+					$another_fail = true;
+				}

-			if (! $another_fail) {
-				// change settings accordingly
-				$content .= $this->_doSettings($db);
-				// create entries
-				$content .= $this->_doDataEntries($db);
-				$db = null;
-				// create config-file
-				$content .= $this->_createUserdataConf();
+				if (! $another_fail) {
+					// change settings accordingly
+					$content .= $this->_doSettings($db);
+					// create entries
+					$content .= $this->_doDataEntries($db);
+					$db = null;
+					// create config-file
+					$content .= $this->_createUserdataConf();
+				}
 			}
 		}
-
+		
 		$content .= "</table>";
-
+		
 		// check if we have unrecoverable errors
-		if ($fatal_fail || $another_fail) {
+		if ($fatal_fail || $another_fail || $this->_abort) {
 			// D'oh
 			$navigation = '';
 			$msgcolor = 'red';
@@ -278,9 +290,9 @@ class FroxlorInstall
 			$link = '../index.php';
 			$linktext = $this->_lng['click_here_to_login'];
 		}
-
+		
 		eval("\$navigation .= \"" . $this->_getTemplate("pagebottom") . "\";");
-
+		
 		return array(
 			'pagecontent' => $content,
 			'pagenavigation' => $navigation
@@ -293,7 +305,7 @@ class FroxlorInstall
 	private function _createUserdataConf()
 	{
 		$content = "";
-
+		
 		$content .= $this->_status_message('begin', $this->_lng['install']['creating_configfile']);
 		$userdata = "<?php\n";
 		$userdata .= "// automatically generated userdata.inc.php for Froxlor\n";
@@ -308,13 +320,14 @@ class FroxlorInstall
 		$userdata .= "// enable debugging to browser in case of SQL errors\n";
 		$userdata .= "\$sql['debug'] = false;\n";
 		$userdata .= "?>";
-
+		
 		// test if we can store the userdata.inc.php in ../lib
-		if ($fp = @fopen(dirname(dirname(dirname(__FILE__))) . '/lib/userdata.inc.php', 'w')) {
+		$userdata_file = dirname(dirname(dirname(__FILE__))) . '/lib/userdata.inc.php';
+		if ($fp = @fopen($userdata_file, 'w')) {
 			$result = @fputs($fp, $userdata, strlen($userdata));
 			@fclose($fp);
 			$content .= $this->_status_message('green', 'OK');
-			chmod('../lib/userdata.inc.php', 0440);
+			chmod($userdata_file, 0440);
 		} elseif ($fp = @fopen('/tmp/userdata.inc.php', 'w')) {
 			$result = @fputs($fp, $userdata, strlen($userdata));
 			@fclose($fp);
@@ -325,7 +338,7 @@ class FroxlorInstall
 			$escpduserdata = nl2br(htmlspecialchars($userdata));
 			eval("\$content .= \"" . $this->_getTemplate("textarea") . "\";");
 		}
-
+		
 		return $content;
 	}

@@ -339,9 +352,9 @@ class FroxlorInstall
 	private function _doDataEntries(&$db)
 	{
 		$content = "";
-
+		
 		$content .= $this->_status_message('begin', $this->_lng['install']['creating_entries']);
-
+		
 		// and lets insert the default ip and port
 		$stmt = $db->prepare("
 				INSERT INTO `" . TABLE_PANEL_IPSANDPORTS . "` SET
@@ -355,7 +368,7 @@ class FroxlorInstall
 			'serverip' => $this->_data['serverip']
 		));
 		$defaultip = $db->lastInsertId();
-
+		
 		// insert the defaultip
 		$upd_stmt = $db->prepare("
 				UPDATE `" . TABLE_PANEL_SETTINGS . "` SET
@@ -365,9 +378,9 @@ class FroxlorInstall
 		$upd_stmt->execute(array(
 			'defaultip' => $defaultip
 		));
-
+		
 		$content .= $this->_status_message('green', 'OK');
-
+		
 		// last but not least create the main admin
 		$content .= $this->_status_message('begin', $this->_lng['install']['adding_admin_user']);
 		$ins_data = array(
@@ -402,11 +415,11 @@ class FroxlorInstall
 				`subdomains` = -1,
 				`traffic` = -1048576
 				");
-
+		
 		$ins_stmt->execute($ins_data);
-
+		
 		$content .= $this->_status_message('green', 'OK');
-
+		
 		return $content;
 	}

@@ -437,14 +450,14 @@ class FroxlorInstall
 	private function _doSettings(&$db)
 	{
 		$content = "";
-
+		
 		$content .= $this->_status_message('begin', $this->_lng['install']['changing_data']);
 		$upd_stmt = $db->prepare("
 				UPDATE `" . TABLE_PANEL_SETTINGS . "` SET
 				`value` = :value
 				WHERE `settinggroup` = :group AND `varname` = :varname
 				");
-
+		
 		$this->_updateSetting($upd_stmt, 'admin@' . $this->_data['servername'], 'panel', 'adminmail');
 		$this->_updateSetting($upd_stmt, $this->_data['serverip'], 'system', 'ipaddress');
 		$this->_updateSetting($upd_stmt, $this->_data['servername'], 'system', 'hostname');
@@ -453,7 +466,7 @@ class FroxlorInstall
 		$this->_updateSetting($upd_stmt, $this->_data['webserver'], 'system', 'webserver');
 		$this->_updateSetting($upd_stmt, $this->_data['httpuser'], 'system', 'httpuser');
 		$this->_updateSetting($upd_stmt, $this->_data['httpgroup'], 'system', 'httpgroup');
-
+		
 		// necessary changes for webservers != apache2
 		if ($this->_data['webserver'] == "apache24") {
 			$this->_updateSetting($upd_stmt, 'apache2', 'system', 'webserver');
@@ -473,25 +486,25 @@ class FroxlorInstall
 			$this->_updateSetting($upd_stmt, '/etc/nginx/nginx.pem', 'system', 'ssl_cert_file');
 			$this->_updateSetting($upd_stmt, '/var/run/', 'phpfpm', 'fastcgi_ipcdir');
 		}
-
+		
 		$this->_updateSetting($upd_stmt, $this->_data['activate_newsfeed'], 'admin', 'show_news_feed');
 		$this->_updateSetting($upd_stmt, dirname(dirname(dirname(__FILE__))), 'system', 'letsencryptchallengepath');
-
+		
 		// insert the lastcronrun to be the installation date
 		$this->_updateSetting($upd_stmt, time(), 'system', 'lastcronrun');
-
+		
 		// set specific times for some crons (traffic only at night, etc.)
 		$ts = mktime(0, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
 		$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET `lastrun` = '" . $ts . "' WHERE `cronfile` ='cron_traffic.php';");
 		$ts = mktime(1, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
 		$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET `lastrun` = '" . $ts . "' WHERE `cronfile` ='cron_used_tickets_reset.php';");
 		$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET `lastrun` = '" . $ts . "' WHERE `cronfile` ='cron_ticketarchive.php';");
-
+		
 		// insert task 99 to generate a correct cron.d-file automatically
 		$db->query("INSERT INTO `" . TABLE_PANEL_TASKS . "` SET `type` = '99';");
-
+		
 		$content .= $this->_status_message('green', 'OK');
-
+		
 		return $content;
 	}

@@ -507,22 +520,28 @@ class FroxlorInstall
 		$content = "";
 		$content .= $this->_status_message('begin', $this->_lng['install']['testing_new_db']);
 		$options = array(
-			'PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8'
+			'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"'
 		);
 		$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
 		$fatal_fail = false;
 		try {
 			$db = new PDO($dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options);
+			$attributes = array(
+				'ATTR_ERRMODE' => 'ERRMODE_EXCEPTION'
+			);
+			// set attributes
+			foreach ($attributes as $k => $v) {
+				$db->setAttribute(constant("PDO::" . $k), constant("PDO::" . $v));
+			}
 		} catch (PDOException $e) {
 			$content .= $this->_status_message('red', $e->getMessage());
 			$fatal_fail = true;
 		}
-		;
-
+		
 		if (! $fatal_fail) {
-
+			
 			$content .= $this->_status_message('green', 'OK');
-
+			
 			$content .= $this->_status_message('begin', $this->_lng['install']['importing_data']);
 			$db_schema = dirname(dirname(__FILE__)) . '/froxlor.sql';
 			$sql_query = @file_get_contents($db_schema);
@@ -530,14 +549,23 @@ class FroxlorInstall
 			$sql_query = $this->_split_sql_file($sql_query, ';');
 			for ($i = 0; $i < sizeof($sql_query); $i ++) {
 				if (trim($sql_query[$i]) != '') {
-					$result = $db->query($sql_query[$i]);
+					try {
+						$result = $db->query($sql_query[$i]);
+					} catch (\PDOException $e) {
+						$content .= $this->_status_message('red', $e->getMessage());
+						$fatal_fail = true;
+						$this->_abort = true;
+						break;
+					}
 				}
 			}
+			
+			if (! $fatal_fail) {
+				$content .= $this->_status_message('green', 'OK');
+			}
 			$db = null;
-
-			$content .= $this->_status_message('green', 'OK');
 		}
-
+		
 		return $content;
 	}

@@ -551,56 +579,56 @@ class FroxlorInstall
 	private function _createDatabaseAndUser(&$db_root)
 	{
 		$content = "";
-
+		
 		// so first we have to delete the database and
 		// the user given for the unpriv-user if they exit
 		$content .= $this->_status_message('begin', $this->_lng['install']['prepare_db']);
-
+		
 		$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`user` WHERE `User` = :user AND `Host` = :accesshost");
 		$del_stmt->execute(array(
 			'user' => $this->_data['mysql_unpriv_user'],
 			'accesshost' => $this->_data['mysql_access_host']
 		));
-
+		
 		$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`db` WHERE `User` = :user AND `Host` = :accesshost");
 		$del_stmt->execute(array(
 			'user' => $this->_data['mysql_unpriv_user'],
 			'accesshost' => $this->_data['mysql_access_host']
 		));
-
+		
 		$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`tables_priv` WHERE `User` = :user AND `Host` =:accesshost");
 		$del_stmt->execute(array(
 			'user' => $this->_data['mysql_unpriv_user'],
 			'accesshost' => $this->_data['mysql_access_host']
 		));
-
+		
 		$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`columns_priv` WHERE `User` = :user AND `Host` = :accesshost");
 		$del_stmt->execute(array(
 			'user' => $this->_data['mysql_unpriv_user'],
 			'accesshost' => $this->_data['mysql_access_host']
 		));
-
+		
 		$del_stmt = $db_root->prepare("DROP DATABASE IF EXISTS `" . str_replace('`', '', $this->_data['mysql_database']) . "`;");
 		$del_stmt->execute();
-
+		
 		$db_root->query("FLUSH PRIVILEGES;");
 		$content .= $this->_status_message('green', 'OK');
-
+		
 		// we have to create a new user and database for the froxlor unprivileged mysql access
 		$content .= $this->_status_message('begin', $this->_lng['install']['create_mysqluser_and_db']);
 		$ins_stmt = $db_root->prepare("CREATE DATABASE `" . str_replace('`', '', $this->_data['mysql_database']) . "` CHARACTER SET=utf8 COLLATE=utf8_general_ci");
 		$ins_stmt->execute();
-
+		
 		$mysql_access_host_array = array_map('trim', explode(',', $this->_data['mysql_access_host']));
-
+		
 		if (in_array('127.0.0.1', $mysql_access_host_array) && ! in_array('localhost', $mysql_access_host_array)) {
 			$mysql_access_host_array[] = 'localhost';
 		}
-
+		
 		if (! in_array('127.0.0.1', $mysql_access_host_array) && in_array('localhost', $mysql_access_host_array)) {
 			$mysql_access_host_array[] = '127.0.0.1';
 		}
-
+		
 		$mysql_access_host_array[] = $this->_data['serverip'];
 		foreach ($mysql_access_host_array as $mysql_access_host) {
 			$_db = str_replace('`', '', $this->_data['mysql_database']);
@@ -619,11 +647,11 @@ class FroxlorInstall
 				"password" => $this->_data['mysql_unpriv_pass']
 			));
 		}
-
+		
 		$db_root->query("FLUSH PRIVILEGES;");
 		$this->_data['mysql_access_host'] = implode(',', $mysql_access_host_array);
 		$content .= $this->_status_message('green', 'OK');
-
+		
 		return $content;
 	}

@@ -637,7 +665,7 @@ class FroxlorInstall
 	private function _backupExistingDatabase(&$db_root)
 	{
 		$content = "";
-
+		
 		// check for existing of former database
 		$tables_exist = false;
 		$sql = "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = :database";
@@ -646,19 +674,19 @@ class FroxlorInstall
 			'database' => $this->_data['mysql_database']
 		));
 		$rows = $db_root->query("SELECT FOUND_ROWS()")->fetchColumn();
-
+		
 		// check result
 		if ($result_stmt !== false && $rows > 0) {
 			$tables_exist = true;
 		}
-
+		
 		if ($tables_exist) {
 			// tell whats going on
 			$content .= $this->_status_message('begin', $this->_lng['install']['backup_old_db']);
-
+			
 			// create temporary backup-filename
 			$filename = "/tmp/froxlor_backup_" . date('YmdHi') . ".sql";
-
+			
 			// look for mysqldump
 			$do_backup = false;
 			if (file_exists("/usr/bin/mysqldump")) {
@@ -668,7 +696,7 @@ class FroxlorInstall
 				$do_backup = true;
 				$mysql_dump = '/usr/local/bin/mysqldump';
 			}
-
+			
 			if ($do_backup) {
 				$command = $mysql_dump . " " . $this->_data['mysql_database'] . " -u " . $this->_data['mysql_root_user'] . " --password='" . $this->_data['mysql_root_pass'] . "' --result-file=" . $filename;
 				$output = exec($command);
@@ -681,7 +709,7 @@ class FroxlorInstall
 				$content .= $this->_status_message('red', $this->_lng['install']['backup_binary_missing']);
 			}
 		}
-
+		
 		return $content;
 	}

@@ -698,12 +726,12 @@ class FroxlorInstall
 		}
 		// language selection
 		$language_options = '';
-		while (list ($language_file, $language_name) = each($this->_languages)) {
+		foreach ($this->_languages as $language_name => $language_file) {
 			$language_options .= makeoption($language_name, $language_file, $this->_activelng, true, true);
 		}
 		// get language-form-template
 		eval("\$content .= \"" . $this->_getTemplate("lngform") . "\";");
-
+		
 		// form-data
 		$formdata = "";
 		/**
@@ -743,7 +771,7 @@ class FroxlorInstall
 			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('mysql_root_pass', true, $style, 'password');
-
+		
 		/**
 		 * admin data
 		 */
@@ -767,7 +795,7 @@ class FroxlorInstall
 		$formdata .= $this->_getSectionItemString('admin_pass2', true, $style, 'password');
 		// activate newsfeed?
 		$formdata .= $this->_getSectionItemYesNo('activate_newsfeed', true);
-
+		
 		/**
 		 * Server data
 		 */
@@ -781,7 +809,7 @@ class FroxlorInstall
 		}
 		$formdata .= $this->_getSectionItemString('servername', true, $style);
 		// serverip
-		if (! empty($_POST['installstep']) && $this->_data['serverip'] == '') {
+		if (! empty($_POST['installstep']) && ($this->_data['serverip'] == '' || $this->_validate_ip($this->_data['serverip']) == false)) {
 			$style = 'color:red;';
 		} else {
 			$style = '';
@@ -814,11 +842,11 @@ class FroxlorInstall
 			$style = '';
 		}
 		$formdata .= $this->_getSectionItemString('httpgroup', true, $style);
-
+		
 		// get data-form-template
 		$language = htmlspecialchars($this->_activelng);
 		eval("\$content .= \"" . $this->_getTemplate("dataform2") . "\";");
-
+		
 		$navigation = '';
 		return array(
 			'pagecontent' => $content,
@@ -835,7 +863,7 @@ class FroxlorInstall
 	 *        	optional css
 	 * @param string $type
 	 *        	optional type of input-box (default: text)
-	 *
+	 *        	
 	 * @return string
 	 */
 	private function _getSectionItemString($fieldname = null, $required = false, $style = "", $type = 'text')
@@ -895,26 +923,26 @@ class FroxlorInstall
 	 */
 	private function _requirementCheck()
 	{
-
+		
 		// indicator whether we need to abort or not
 		$_die = false;
-
+		
 		$content = "<table class=\"noborder\">";
-
+		
 		// check for correct php version
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpversion']);
-
+		
 		if (version_compare("5.3.0", PHP_VERSION, ">=")) {
 			$content .= $this->_status_message('red', $this->_lng['requirements']['notfound'] . ' (' . PHP_VERSION . ')');
 			$_die = true;
 		} else {
 			if (version_compare("5.6.0", PHP_VERSION, ">=")) {
-				$content .= $this->_status_message('orange', $this->_lng['requirements']['newerphpprefered'] . ' (' .PHP_VERSION . ')');
+				$content .= $this->_status_message('orange', $this->_lng['requirements']['newerphpprefered'] . ' (' . PHP_VERSION . ')');
 			} else {
 				$content .= $this->_status_message('green', PHP_VERSION);
 			}
 		}
-
+		
 		// Check if magic_quotes_runtime is active | get_magic_quotes_runtime() is always FALSE since 5.4
 		if (version_compare(PHP_VERSION, "5.4.0", "<")) {
 			$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmagic_quotes_runtime']);
@@ -926,10 +954,10 @@ class FroxlorInstall
 				$content .= $this->_status_message('green', 'off');
 			}
 		}
-
+		
 		// check for php_pdo and pdo_mysql
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['phppdo']);
-
+		
 		if (! extension_loaded('pdo') || in_array("mysql", PDO::getAvailableDrivers()) == false) {
 			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
 			$_die = true;
@@ -937,73 +965,38 @@ class FroxlorInstall
 			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
 		}

+		// check for session-extension
+		$this->_requirementCheckFor($content, $_die, 'session', false, 'phpsession');
+
+		// check for ctype-extension
+		$this->_requirementCheckFor($content, $_die, 'ctype', false, 'phpctype');
+
+		// check for SimpleXML-extension
+		$this->_requirementCheckFor($content, $_die, 'simplexml', false, 'phpsimplexml');
+
 		// check for xml-extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpxml']);
-
-		if (! extension_loaded('xml')) {
-			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
-			$_die = true;
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
-
+		$this->_requirementCheckFor($content, $_die, 'xml', false, 'phpxml');
+		
 		// check for filter-extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpfilter']);
-
-		if (! extension_loaded('filter')) {
-			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
-			$_die = true;
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
-
+		$this->_requirementCheckFor($content, $_die, 'filter', false, 'phpfilter');
+		
 		// check for posix-extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpposix']);
-
-		if (! extension_loaded('posix')) {
-			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
-			$_die = true;
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
-
-		// check for bstring-extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmbstring']);
-
-		if (! extension_loaded('mbstring')) {
-			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
-			$_die = true;
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
+		$this->_requirementCheckFor($content, $_die, 'posix', false, 'phpposix');

+		// check for mbstring-extension
+		$this->_requirementCheckFor($content, $_die, 'mbstring', false, 'phpmbstring');
+		
 		// check for curl extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpcurl']);
+		$this->_requirementCheckFor($content, $_die, 'curl', false, 'phpcurl');

-		if (! extension_loaded('curl')) {
-			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
-			$_die = true;
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
+		// check for json extension
+		$this->_requirementCheckFor($content, $_die, 'json', false, 'phpjson');

 		// check for bcmath extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpbcmath']);
-
-		if (! extension_loaded('bcmath')) {
-			$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['bcmathdescription']);
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
-
+		$this->_requirementCheckFor($content, $_die, 'bcmath', true, 'phpbcmath', 'bcmathdescription');
+		
 		// check for zip extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpzip']);
-
-		if (! extension_loaded('zip')) {
-			$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['zipdescription']);
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
+		$this->_requirementCheckFor($content, $_die, 'zip', true, 'phpzip', 'zipdescription');

 		// check for open_basedir
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['openbasedir']);
@@ -1013,8 +1006,18 @@ class FroxlorInstall
 		} else {
 			$content .= $this->_status_message('green', 'off');
 		}
-		$content .= "</table>";
+		
+		// check for mysqldump binary in order to backup existing database
+		$content .= $this->_status_message('begin', $this->_lng['requirements']['mysqldump']);

+		if (file_exists("/usr/bin/mysqldump") || file_exists("/usr/local/bin/mysqldump")) {
+			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
+		} else {
+			$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['mysqldumpmissing']);
+		}
+		
+		$content .= "</table>";
+		
 		// check if we have unrecoverable errors
 		$navigation = '';
 		if ($_die) {
@@ -1029,12 +1032,28 @@ class FroxlorInstall
 			$linktext = $this->_lng['click_here_to_continue'];
 		}
 		eval("\$navigation .= \"" . $this->_getTemplate("pagebottom") . "\";");
-
+		
 		return array(
 			'pagecontent' => $content,
 			'pagenavigation' => $navigation
 		);
 	}
+	
+	private function _requirementCheckFor(&$content, &$_die, $ext = '', $optional = false, $lng_txt = "", $lng_desc = "")
+	{
+		$content .= $this->_status_message('begin', $this->_lng['requirements'][$lng_txt]);
+		
+		if (! extension_loaded($ext)) {
+			if (!$optional) {
+				$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
+				$_die = true;
+			} else {
+				$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements'][$lng_desc]);
+			}
+		} else {
+			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
+		}
+	}

 	/**
 	 * send no-caching headers and set the default timezone
@@ -1046,7 +1065,7 @@ class FroxlorInstall
 		header("Pragma: no-cache");
 		header('Last-Modified: ' . gmdate('D, d M Y H:i:s \G\M\T', time()));
 		header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time()));
-
+		
 		// ensure that default timezone is set
 		if (function_exists("date_default_timezone_set") && function_exists("date_default_timezone_get")) {
 			@date_default_timezone_set(@date_default_timezone_get());
@@ -1064,7 +1083,7 @@ class FroxlorInstall
 			// includes the usersettings (MySQL-Username/Passwort)
 			// to test if Froxlor is already installed
 			require $this->_basepath . '/lib/userdata.inc.php';
-
+			
 			if (isset($sql) && is_array($sql)) {
 				// use sparkle theme for the notice
 				$installed_hint = file_get_contents($this->_basepath . '/templates/Sparkle/misc/alreadyinstalledhint.tpl');
@@ -1081,7 +1100,7 @@ class FroxlorInstall
 	{
 		// set default
 		$standardlanguage = 'english';
-
+		
 		// check either _GET or _POST
 		if (isset($_GET['language']) && isset($this->_languages[$_GET['language']])) {
 			$this->_activelng = $_GET['language'];
@@ -1102,13 +1121,25 @@ class FroxlorInstall
 					break;
 			}
 		}
-
-		$lngfile = $this->_basepath . '/install/lng/' . $this->_activelng . '.lng.php';
+		
+		// require english base language as fallback
+		$lngfile = $this->_basepath . '/install/lng/' . $standardlanguage . '.lng.php';
 		if (file_exists($lngfile)) {
 			// includes file /lng/$language.lng.php if it exists
 			require $lngfile;
 			$this->_lng = $lng;
 		}
+		
+		// require chosen language if not english
+		if ($this->_activelng != $standardlanguage)
+		{
+			$lngfile = $this->_basepath . '/install/lng/' . $this->_activelng . '.lng.php';
+			if (file_exists($lngfile)) {
+				// includes file /lng/$language.lng.php if it exists
+				require $lngfile;
+				$this->_lng = $lng;
+			}
+		}
 	}

 	/**
@@ -1116,7 +1147,7 @@ class FroxlorInstall
 	 *
 	 * @param string $template
 	 *        	name of the template including subdirectory
-	 *
+	 *        	
 	 * @return string
 	 */
 	private function _getTemplate($template = null)
@@ -1133,7 +1164,7 @@ class FroxlorInstall
 		} else {
 			$templatefile = 'TEMPLATE NOT FOUND: ' . $filename;
 		}
-
+		
 		return $templatefile;
 	}

@@ -1164,14 +1195,13 @@ class FroxlorInstall
 			$this->_data['servername'] = $_POST['servername'];
 			return;
 			// from $_SERVER
-		} else
-			if (! empty($_SERVER['SERVER_NAME'])) {
-				// no ips
-				if ($this->_validate_ip($_SERVER['SERVER_NAME']) == false) {
-					$this->_data['servername'] = $_SERVER['SERVER_NAME'];
-					return;
-				}
+		} else if (! empty($_SERVER['SERVER_NAME'])) {
+			// no ips
+			if ($this->_validate_ip($_SERVER['SERVER_NAME']) == false) {
+				$this->_data['servername'] = $_SERVER['SERVER_NAME'];
+				return;
 			}
+		}
 		// empty
 		$this->_data['servername'] = '';
 	}
@@ -1204,7 +1234,7 @@ class FroxlorInstall
 			$this->_data['webserver'] = $_POST['webserver'];
 		} else {
 			if (strtoupper(@php_sapi_name()) == "APACHE2HANDLER" || stristr($_SERVER['SERVER_SOFTWARE'], "apache/2")) {
-				$this->_data['webserver'] = 'apache2';
+				$this->_data['webserver'] = 'apache24';
 			} elseif (substr(strtoupper(@php_sapi_name()), 0, 8) == "LIGHTTPD" || stristr($_SERVER['SERVER_SOFTWARE'], "lighttpd")) {
 				$this->_data['webserver'] = 'lighttpd';
 			} elseif (substr(strtoupper(@php_sapi_name()), 0, 8) == "NGINX" || stristr($_SERVER['SERVER_SOFTWARE'], "nginx")) {
@@ -1290,17 +1320,17 @@ class FroxlorInstall
 	 */
 	private function _split_sql_file($sql, $delimiter)
 	{
-
+		
 		// Split up our string into "possible" SQL statements.
 		$tokens = explode($delimiter, $sql);
-
+		
 		// try to save mem.
 		$sql = "";
 		$output = array();
-
+		
 		// we don't actually care about the matches preg gives us.
 		$matches = array();
-
+		
 		// this is faster than calling count($tokens) every time through the loop.
 		$token_count = count($tokens);
 		for ($i = 0; $i < $token_count; $i ++) {
@@ -1308,12 +1338,12 @@ class FroxlorInstall
 			if (($i != ($token_count - 1)) || (strlen($tokens[$i] > 0))) {
 				// This is the total number of single quotes in the token.
 				$total_quotes = preg_match_all("/'/", $tokens[$i], $matches);
-
+				
 				// Counts single quotes that are preceded by an odd number of backslashes,
 				// which means they're escaped quotes.
 				$escaped_quotes = preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/", $tokens[$i], $matches);
 				$unescaped_quotes = $total_quotes - $escaped_quotes;
-
+				
 				// If the number of unescaped quotes is even, then the delimiter
 				// did NOT occur inside a string literal.
 				if (($unescaped_quotes % 2) == 0) {
@@ -1336,7 +1366,7 @@ class FroxlorInstall
 						// which means they're escaped quotes.
 						$escaped_quotes = preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/", $tokens[$j], $matches);
 						$unescaped_quotes = $total_quotes - $escaped_quotes;
-
+						
 						if (($unescaped_quotes % 2) == 1) {
 							// odd number of unescaped quotes. In combination with the previous incomplete
 							// statement(s), we now have a complete statement. (2 odds always make an even)
--- a/install/lng/english.lng.php
+++ b/install/lng/english.lng.php
@@ -28,6 +28,9 @@ $lng['requirements']['newerphpprefered'] = 'Good, but php-5.6 is prefered.';
 $lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...';
 $lng['requirements']['phpmagic_quotes_runtime_description'] = 'PHP setting "magic_quotes_runtime" must be set to "Off". We have disabled it temporary for now please fix the coresponding php.ini.';
 $lng['requirements']['phppdo'] = 'PHP PDO extension and PDO-MySQL driver...';
+$lng['requirements']['phpsession'] = 'PHP session-extension...';
+$lng['requirements']['phpctype'] = 'PHP ctype-extension...';
+$lng['requirements']['phpsimplexml'] = 'PHP SimpleXML-extension...';
 $lng['requirements']['phpxml'] = 'PHP XML-extension...';
 $lng['requirements']['phpfilter'] = 'PHP filter-extension...';
 $lng['requirements']['phpposix'] = 'PHP posix-extension...';
@@ -35,10 +38,13 @@ $lng['requirements']['phpbcmath'] = 'PHP bcmath-extension...';
 $lng['requirements']['phpcurl'] = 'PHP curl-extension...';
 $lng['requirements']['phpmbstring'] = 'PHP mbstring-extension...';
 $lng['requirements']['phpzip'] = 'PHP zip-extension...';
+$lng['requirements']['phpjson'] = 'PHP json-extension...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!';
 $lng['requirements']['zipdescription'] = 'The auto-update feature requires the zip extension.';
 $lng['requirements']['openbasedir'] = 'open_basedir...';
 $lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini';
+$lng['requirements']['mysqldump'] = 'MySQL dump tool';
+$lng['requirements']['mysqldumpmissing'] = 'Automatic backup of possible existing database is not possible. Please install mysql-client tools';
 $lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.';
 $lng['requirements']['froxlor_succ_checks'] = 'All requirements are satisfied';

@@ -63,7 +69,7 @@ $lng['install']['serversettings'] = 'Server settings';
 $lng['install']['servername'] = 'Server name (FQDN, no ip-address)';
 $lng['install']['serverip'] = 'Server IP';
 $lng['install']['webserver'] = 'Webserver';
-$lng['install']['apache2'] = 'Apache 2';
+$lng['install']['apache2'] = 'Apache 2.2';
 $lng['install']['apache24'] = 'Apache 2.4';
 $lng['install']['lighttpd'] = 'LigHTTPd';
 $lng['install']['nginx'] = 'NGINX';
@@ -83,8 +89,8 @@ $lng['install']['changing_data'] = 'Adjusting settings...';
 $lng['install']['creating_entries'] = 'Inserting new values...';
 $lng['install']['adding_admin_user'] = 'Creating admin-account...';
 $lng['install']['creating_configfile'] = 'Creating configfile...';
-$lng['install']['creating_configfile_temp'] = 'File was saved in /tmp/userdata.inc.php, please move to lib/.';
-$lng['install']['creating_configfile_failed'] = 'Could not create lib/userdata.inc.php, please create it manually with the following content:';
+$lng['install']['creating_configfile_temp'] = 'File was saved in /tmp/userdata.inc.php, please move to '.dirname(dirname(__DIR__)).'/lib/.';
+$lng['install']['creating_configfile_failed'] = 'Could not create '.dirname(dirname(__DIR__)).'/lib/userdata.inc.php, please create it manually with the following content:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor was installed successfully.';

 $lng['click_here_to_refresh'] = 'Click here to check again';
--- a/install/lng/french.lng.php
+++ b/install/lng/french.lng.php
@@ -79,8 +79,8 @@ $lng['install']['changing_data'] = 'Ajustement des paramètres...';
 $lng['install']['creating_entries'] = 'Insertion des nouvelles valeurs...';
 $lng['install']['adding_admin_user'] = 'Création du compte administrateur...';
 $lng['install']['creating_configfile'] = 'Création du fichier de configuration...';
-$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans lib/.';
-$lng['install']['creating_configfile_failed'] = 'Impossible de créer lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
+$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans '.dirname(dirname(__DIR__)).'/lib/.';
+$lng['install']['creating_configfile_failed'] = 'Impossible de créer '.dirname(dirname(__DIR__)).'/lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor a été installé avec succès.';

 $lng['click_here_to_refresh'] = 'Cliquez ici pour vérifier à nouveau';
--- a/install/lng/german.lng.php
+++ b/install/lng/german.lng.php
@@ -28,6 +28,9 @@ $lng['requirements']['newerphpprefered'] = 'Passt, aber php-5.6 wird bevorzugt.'
 $lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime';
 $lng['requirements']['phpmagic_quotes_runtime_description'] = 'Die PHP Einstellung "magic_quotes_runtime" muss deaktiviert sein ("Off"). Die Einstellung wurde temporär deaktiviert, bitte ändern Sie diese in der entsprechenden php.ini.';
 $lng['requirements']['phppdo'] = 'PHP PDO Erweiterung und PDO-MySQL Treiber...';
+$lng['requirements']['phpsession'] = 'PHP session-Erweiterung...';
+$lng['requirements']['phpctype'] = 'PHP ctype-Erweiterung...';
+$lng['requirements']['phpsimplexml'] = 'PHP SimpleXML-Erweiterung...';
 $lng['requirements']['phpxml'] = 'PHP XML-Erweiterung...';
 $lng['requirements']['phpfilter'] = 'PHP filter-Erweiterung...';
 $lng['requirements']['phpposix'] = 'PHP posix-Erweiterung...';
@@ -35,10 +38,13 @@ $lng['requirements']['phpbcmath'] = 'PHP bcmath-Erweiterung...';
 $lng['requirements']['phpcurl'] = 'PHP curl-Erweiterung...';
 $lng['requirements']['phpmbstring'] = 'PHP mbstring-Erweiterung...';
 $lng['requirements']['phpzip'] = 'PHP zip-Erweiterung...';
+$lng['requirements']['phpjson'] = 'PHP json-Erweiterung...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollständig zur Verfügung!';
 $lng['requirements']['zipdescription'] = 'Die Auto-Update Funktion benötigt die zip Erweiterung.';
 $lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...';
 $lng['requirements']['openbasedirenabled'] = 'Froxlor wird mit aktiviertem open_basedir nicht vollständig funktionieren. Bitte deaktivieren Sie open_basedir für Froxlor in der entsprechenden php.ini';
+$lng['requirements']['mysqldump'] = 'MySQL dump Tool';
+$lng['requirements']['mysqldumpmissing'] = 'Ein automatisches Backup einer möglicherweise schon existierenden Datenbank nicht möglich. Bitte mysql-client installieren';
 $lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Beheben Sie die angezeigten Probleme und versuchen Sie es erneut.';
 $lng['requirements']['froxlor_succ_checks'] = 'Alle Vorraussetzungen sind erfüllt';

@@ -83,8 +89,8 @@ $lng['install']['changing_data'] = 'Einstellungen anpassen...';
 $lng['install']['creating_entries'] = 'Trage neue Werte ein...';
 $lng['install']['adding_admin_user'] = 'Erstelle Admin-Benutzer...';
 $lng['install']['creating_configfile'] = 'Erstelle Konfigurationsdatei...';
-$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach lib/ verschieben.';
-$lng['install']['creating_configfile_failed'] = 'Konnte lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
+$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach '.dirname(dirname(__DIR__)).'/lib/ verschieben.';
+$lng['install']['creating_configfile_failed'] = 'Konnte '.dirname(dirname(__DIR__)).'/lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor wurde erfolgreich installiert.';

 $lng['click_here_to_refresh'] = 'Hier klicken, um erneut zu prüfen';
--- a/install/scripts/config-services.php
+++ b/install/scripts/config-services.php
@@ -0,0 +1,489 @@
+#!/usr/bin/php
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2018 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright (c) the authors
+ * @author Froxlor team <team@froxlor.org> (2018-)
+ * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package Cron
+ *         
+ */
+
+// Check if we're in the CLI
+if (@php_sapi_name() !== 'cli') {
+	die('This script will only work in the shell.');
+}
+
+require dirname(dirname(__DIR__)) . '/lib/classes/output/class.CmdLineHandler.php';
+
+class ConfigServicesCmd extends CmdLineHandler
+{
+
+	/**
+	 * list of valid switches
+	 *
+	 * @var array
+	 */
+	public static $switches = array(
+		'h'
+	);
+
+	/**
+	 * list of valid parameters
+	 *
+	 * @var array
+	 */
+	public static $params = array(
+		'create',
+		'apply',
+		'import-settings',
+		'daemon',
+		'list-daemons',
+		'froxlor-dir',
+		'help'
+	);
+
+	public static $action_class = 'Action';
+
+	public static function printHelp()
+	{
+		self::println("");
+		self::println("Help / command line parameters:");
+		self::println("");
+		// commands
+		self::println("--create\t\tlets you create a services list configuration for the 'apply' command");
+		self::println("");
+		self::println("--apply\t\t\tconfigure your services by given configuration file. To create one run the --create command");
+		self::println("\t\t\tExample: --apply=/path/to/my-config.json or --apply=http://domain.tld/my-config.json");
+		self::println("");
+		self::println("--list-daemons\t\tOutput the services that are going to be configured using a given config file. No services will be configured.");
+		self::println("\t\t\tExample: --apply=/path/to/my-config.json --list-daemons");
+		self::println("");
+		self::println("--daemon\t\tWhen running --apply you can specify a daemon. This will be the only service that gets configured");
+		self::println("\t\t\tExample: --apply=/path/to/my-config.json --daemon=apache24");
+		self::println("");
+		self::println("--import-settings\tImport settings from another froxlor installation. This should be done prior to running --apply or alternatively in the same command together.");
+		self::println("\t\t\tExample: --import-settings=/path/to/Froxlor_settings-[version]-[dbversion]-[date].json or --import-settings=http://domain.tld/Froxlor_settings-[version]-[dbversion]-[date].json");
+		self::println("");
+		self::println("--froxlor-dir\t\tpath to froxlor installation");
+		self::println("\t\t\tExample: --froxlor-dir=/var/www/froxlor/");
+		self::println("");
+		self::println("--help\t\t\tshow help screen (this)");
+		self::println("");
+		// switches
+		// self::println("-d\t\t\tenable debug output");
+		self::println("-h\t\t\tsame as --help");
+		self::println("");
+		
+		die(); // end of execution
+	}
+}
+
+class Action
+{
+
+	private $_args = null;
+
+	private $_name = null;
+
+	private $_db = null;
+
+	public function __construct($args)
+	{
+		$this->_args = $args;
+		$this->_validate();
+	}
+
+	public function getActionName()
+	{
+		return $this->_name;
+	}
+
+	/**
+	 * validates the parsed command line parameters
+	 *
+	 * @throws Exception
+	 */
+	private function _validate()
+	{
+		$this->_checkConfigParam(true);
+		$this->_parseConfig();
+		
+		require FROXLOR_INSTALL_DIR . '/lib/tables.inc.php';
+		require FROXLOR_INSTALL_DIR . '/lib/functions.php';
+		require FROXLOR_INSTALL_DIR . '/lib/classes/settings/class.Settings.php';
+		require FROXLOR_INSTALL_DIR . '/lib/classes/settings/class.SImExporter.php';
+		require FROXLOR_INSTALL_DIR . '/lib/classes/config/class.ConfigParser.php';
+		require FROXLOR_INSTALL_DIR . '/lib/classes/config/class.ConfigService.php';
+		require FROXLOR_INSTALL_DIR . '/lib/classes/config/class.ConfigDaemon.php';
+		
+		if (array_key_exists("import-settings", $this->_args)) {
+			$this->_importSettings();
+		}
+		
+		if (array_key_exists("create", $this->_args)) {
+			$this->_createConfig();
+		} elseif (array_key_exists("apply", $this->_args)) {
+			$this->_applyConfig();
+		} elseif (array_key_exists("list-daemons", $this->_args) || array_key_exists("daemon", $this->_args)) {
+			CmdLineHandler::printwarn("--list-daemons and --daemon only work together with --apply");
+		}
+	}
+
+	private function _importSettings()
+	{
+		if (strtoupper(substr($this->_args["import-settings"], 0, 4)) == 'HTTP') {
+			echo "Settings file seems to be an URL, trying to download" . PHP_EOL;
+			$target = "/tmp/froxlor-import-settings-" . time() . ".json";
+			if (@file_exists($target)) {
+				@unlink($target);
+			}
+			$this->downloadFile($this->_args["import-settings"], $target);
+			$this->_args["import-settings"] = $target;
+		}
+		if (! is_file($this->_args["import-settings"])) {
+			throw new Exception("Given settings file is not a file");
+		} elseif (! file_exists($this->_args["import-settings"])) {
+			throw new Exception("Given settings file cannot be found ('" . $this->_args["import-settings"] . "')");
+		} elseif (! is_readable($this->_args["import-settings"])) {
+			throw new Exception("Given settings file cannot be read ('" . $this->_args["import-settings"] . "')");
+		}
+		$imp_content = file_get_contents($this->_args["import-settings"]);
+		SImExporter::import($imp_content);
+		CmdLineHandler::printsucc("Successfully imported settings from '" . $this->_args["import-settings"] . "'");
+	}
+
+	private function _createConfig()
+	{
+		$_daemons_config = array(
+			'distro' => ""
+		);
+		
+		$config_dir = FROXLOR_INSTALL_DIR . '/lib/configfiles/';
+		// show list of available distro's
+		$distros = glob($config_dir . '*.xml');
+		// tmp array
+		$distributions_select_data = array();
+		// read in all the distros
+		foreach ($distros as $_distribution) {
+			// get configparser object
+			$dist = new ConfigParser($_distribution);
+			// get distro-info
+			$dist_display = $this->getCompleteDistroName($dist);
+			// store in tmp array
+			$distributions_select_data[$dist_display] = str_replace(".xml", "", strtolower(basename($_distribution)));
+		}
+		
+		// sort by distribution name
+		ksort($distributions_select_data);
+		
+		// list all distributions
+		$mask = "|%-50.50s |%-50.50s |\n";
+		printf($mask, str_repeat("-", 50), str_repeat("-", 50));
+		printf($mask, 'dist', 'name');
+		printf($mask, str_repeat("-", 50), str_repeat("-", 50));
+		foreach ($distributions_select_data as $name => $filename) {
+			printf($mask, $filename, $name);
+		}
+		printf($mask, str_repeat("-", 50), str_repeat("-", 50));
+		echo PHP_EOL;
+		
+		while (! in_array($_daemons_config['distro'], $distributions_select_data)) {
+			$_daemons_config['distro'] = CmdLineHandler::getInput("choose distribution", "stretch");
+		}
+		
+		// go through all services and let user check whether to include it or not
+		$configfiles = new ConfigParser($config_dir . '/' . $_daemons_config['distro'] . ".xml");
+		$services = $configfiles->getServices();
+		
+		foreach ($services as $si => $service) {
+			echo PHP_EOL . "--- " . strtoupper($si) . " ---" . PHP_EOL . PHP_EOL;
+			$_daemons_config[$si] = "";
+			
+			$daemons = $service->getDaemons();
+			$mask = "|%-50.50s |%-50.50s |\n";
+			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
+			printf($mask, 'value', 'name');
+			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
+			$default_daemon = "";
+			foreach ($daemons as $di => $dd) {
+				$title = $dd->title;
+				if ($dd->default) {
+					$default_daemon = $di;
+					$title = $title . " (default)";
+				}
+				printf($mask, $di, $title);
+			}
+			printf($mask, "x", "No " . $si);
+			$daemons['x'] = 'x';
+			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
+			echo PHP_EOL;
+			if ($si == 'system') {
+				$_daemons_config[$si] = array();
+				// for the system/other services we need a multiple choice possibility
+				CmdLineHandler::println("Select every service you need. Enter empty value when done");
+				$sysservice = "";
+				do {
+					$sysservice = CmdLineHandler::getInput("choose service");
+					if (! empty($sysservice)) {
+						$_daemons_config[$si][] = $sysservice;
+					}
+				} while (! empty($sysservice));
+			} else {
+				// for all others -> only one value
+				while (! array_key_exists($_daemons_config[$si], $daemons)) {
+					$_daemons_config[$si] = CmdLineHandler::getInput("choose service", $default_daemon);
+				}
+			}
+		}
+		
+		echo PHP_EOL . PHP_EOL;
+		$daemons_config = json_encode($_daemons_config);
+		$output = CmdLineHandler::getInput("choose output-filename", "/tmp/froxlor-config-" . date('Ymd') . ".json");
+		file_put_contents($output, $daemons_config);
+		CmdLineHandler::printsucc("Successfully generated service-configfile '" . $output . "'");
+	}
+
+	private function getCompleteDistroName($cparser)
+	{
+		// get distro-info
+		$dist_display = $cparser->distributionName;
+		if ($cparser->distributionCodename != '') {
+			$dist_display .= " " . $cparser->distributionCodename;
+		}
+		if ($cparser->distributionVersion != '') {
+			$dist_display .= " (" . $cparser->distributionVersion . ")";
+		}
+		if ($cparser->deprecated) {
+			$dist_display .= " [deprecated]";
+		}
+		return $dist_display;
+	}
+
+	private function _applyConfig()
+	{
+		if (strtoupper(substr($this->_args["apply"], 0, 4)) == 'HTTP') {
+			echo "Config file seems to be an URL, trying to download" . PHP_EOL;
+			$target = "/tmp/froxlor-config-" . time() . ".json";
+			if (@file_exists($target)) {
+				@unlink($target);
+			}
+			$this->downloadFile($this->_args["apply"], $target);
+			$this->_args["apply"] = $target;
+		}
+		if (! is_file($this->_args["apply"])) {
+			throw new Exception("Given config file is not a file");
+		} elseif (! file_exists($this->_args["apply"])) {
+			throw new Exception("Given config file cannot be found ('" . $this->_args["apply"] . "')");
+		} elseif (! is_readable($this->_args["apply"])) {
+			throw new Exception("Given config file cannot be read ('" . $this->_args["apply"] . "')");
+		}
+		
+		$config = file_get_contents($this->_args["apply"]);
+		$decoded_config = json_decode($config, true);
+		
+		if (array_key_exists("list-daemons", $this->_args)) {
+			$mask = "|%-50.50s |%-50.50s |\n";
+			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
+			printf($mask, 'service', 'daemon');
+			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
+			foreach ($decoded_config as $service => $daemon) {
+				if (is_array($daemon) && count($daemon) > 0) {
+					foreach ($daemon as $sysdaemon) {
+						printf($mask, $service, $sysdaemon);
+					}
+				} else {
+					if ($daemon == 'x') {
+						$daemon = '--- skipped ---';
+					}
+					printf($mask, $service, $daemon);
+				}
+			}
+			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
+			echo PHP_EOL;
+			exit();
+		}
+		
+		$only_daemon = null;
+		if (array_key_exists("daemon", $this->_args)) {
+			$only_daemon = $this->_args['daemon'];
+		}
+		
+		if (! empty($decoded_config)) {
+			$config_dir = FROXLOR_INSTALL_DIR . '/lib/configfiles/';
+			$configfiles = new ConfigParser($config_dir . '/' . $decoded_config['distro'] . ".xml");
+			$services = $configfiles->getServices();
+			$replace_arr = $this->_getReplacerArray();
+			
+			foreach ($services as $si => $service) {
+				echo PHP_EOL . "--- Configuring: " . strtoupper($si) . " ---" . PHP_EOL . PHP_EOL;
+				if (! isset($decoded_config[$si]) || $decoded_config[$si] == 'x') {
+					CmdLineHandler::printwarn("Skipping " . strtoupper($si) . " configuration as desired");
+					continue;
+				}
+				$daemons = $service->getDaemons();
+				foreach ($daemons as $di => $dd) {
+					// check for desired service
+					if (($si != 'system' && $decoded_config[$si] != $di) || (is_array($decoded_config[$si]) && ! in_array($di, $decoded_config[$si]))) {
+						continue;
+					}
+					CmdLineHandler::println("Configuring '" . $di . "'");
+					
+					if (! empty($only_daemon) && $only_daemon != $di) {
+						CmdLineHandler::printwarn("Skipping " . $di . " configuration as desired");
+						continue;
+					}
+					// run all cmds
+					$confarr = $dd->getConfig();
+					foreach ($confarr as $idx => $action) {
+						switch ($action['type']) {
+							case "install":
+								CmdLineHandler::println("Installing required packages");
+								passthru(strtr($action['content'], $replace_arr), $result);
+								if (strlen($result) > 1) {
+									echo $result;
+								}
+								break;
+							case "command":
+								exec(strtr($action['content'], $replace_arr));
+								break;
+							case "file":
+								if (array_key_exists('content', $action)) {
+									CmdLineHandler::printwarn("Creating file '" . $action['name'] . "'");
+									file_put_contents($action['name'], trim(strtr($action['content'], $replace_arr)));
+								} elseif (array_key_exists('subcommands', $action)) {
+									foreach ($action['subcommands'] as $fileaction) {
+										if (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "pre") {
+											exec(strtr($fileaction['content'], $replace_arr));
+										} elseif (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "post") {
+											exec(strtr($fileaction['content'], $replace_arr));
+										} elseif ($fileaction['type'] == 'file') {
+											CmdLineHandler::printwarn("Creating file '" . $fileaction['name'] . "'");
+											file_put_contents($fileaction['name'], trim(strtr($fileaction['content'], $replace_arr)));
+										}
+									}
+								}
+								break;
+						}
+					}
+				}
+			}
+			// run cronjob at the end to ensure configs are all up to date
+			exec('php ' . FROXLOR_INSTALL_DIR . '/scripts/froxlor_master_cronjob.php --force');
+			// and done
+			CmdLineHandler::printsucc("All services have been configured");
+		} else {
+			CmdLineHandler::printerr("Unable to decode given JSON file");
+		}
+	}
+
+	private function _getReplacerArray()
+	{
+		$customer_tmpdir = '/tmp/';
+		if (Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_tmpdir') != '') {
+			$customer_tmpdir = Settings::Get('system.mod_fcgid_tmpdir');
+		} elseif (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.tmpdir') != '') {
+			$customer_tmpdir = Settings::Get('phpfpm.tmpdir');
+		}
+		
+		// try to convert namserver hosts to ip's
+		$ns_ips = "";
+		if (Settings::Get('system.nameservers') != '') {
+			$nameservers = explode(',', Settings::Get('system.nameservers'));
+			foreach ($nameservers as $nameserver) {
+				$nameserver = trim($nameserver);
+				$nameserver_ips = gethostbynamel($nameserver);
+				if (is_array($nameserver_ips) && count($nameserver_ips) > 0) {
+					$ns_ips .= implode(",", $nameserver_ips);
+				}
+			}
+		}
+		
+		Database::needSqlData();
+		$sql = Database::getSqlData();
+		
+		$replace_arr = array(
+			'<SQL_UNPRIVILEGED_USER>' => $sql['user'],
+			'<SQL_UNPRIVILEGED_PASSWORD>' => $sql['passwd'],
+			'<SQL_DB>' => $sql['db'],
+			'<SQL_HOST>' => $sql['host'],
+			'<SQL_SOCKET>' => isset($sql['socket']) ? $sql['socket'] : null,
+			'<SERVERNAME>' => Settings::Get('system.hostname'),
+			'<SERVERIP>' => Settings::Get('system.ipaddress'),
+			'<NAMESERVERS>' => Settings::Get('system.nameservers'),
+			'<NAMESERVERS_IP>' => $ns_ips,
+			'<AXFRSERVERS>' => Settings::Get('system.axfrservers'),
+			'<VIRTUAL_MAILBOX_BASE>' => Settings::Get('system.vmail_homedir'),
+			'<VIRTUAL_UID_MAPS>' => Settings::Get('system.vmail_uid'),
+			'<VIRTUAL_GID_MAPS>' => Settings::Get('system.vmail_gid'),
+			'<SSLPROTOCOLS>' => (Settings::Get('system.use_ssl') == '1') ? 'imaps pop3s' : '',
+			'<CUSTOMER_TMP>' => makeCorrectDir($customer_tmpdir),
+			'<BASE_PATH>' => makeCorrectDir(FROXLOR_INSTALL_DIR),
+			'<BIND_CONFIG_PATH>' => makeCorrectDir(Settings::Get('system.bindconf_directory')),
+			'<WEBSERVER_RELOAD_CMD>' => Settings::Get('system.apachereload_command'),
+			'<CUSTOMER_LOGS>' => makeCorrectDir(Settings::Get('system.logfiles_directory')),
+			'<FPM_IPCDIR>' => makeCorrectDir(Settings::Get('phpfpm.fastcgi_ipcdir')),
+			'<WEBSERVER_GROUP>' => Settings::Get('system.httpgroup')
+		);
+		return $replace_arr;
+	}
+
+	private function _parseConfig()
+	{
+		define('FROXLOR_INSTALL_DIR', $this->_args['froxlor-dir']);
+		if (! file_exists(FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php')) {
+			throw new Exception("Could not find froxlor's Database class. Is froxlor really installed to '" . FROXLOR_INSTALL_DIR . "'?");
+		}
+		if (! file_exists(FROXLOR_INSTALL_DIR . '/lib/userdata.inc.php')) {
+			throw new Exception("Could not find froxlor's userdata.inc.php file. You should use this script only with a fully installed and setup froxlor system.");
+		}
+		require FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php';
+	}
+
+	private function _checkConfigParam($needed = false)
+	{
+		if ($needed) {
+			if (! isset($this->_args["froxlor-dir"])) {
+				throw new Exception("No configuration given (missing --froxlor-dir parameter?)");
+			} elseif (! is_dir($this->_args["froxlor-dir"])) {
+				throw new Exception("Given --froxlor-dir parameter is not a directory");
+			} elseif (! file_exists($this->_args["froxlor-dir"])) {
+				throw new Exception("Given froxlor directory cannot be found ('" . $this->_args["froxlor-dir"] . "')");
+			} elseif (! is_readable($this->_args["froxlor-dir"])) {
+				throw new Exception("Given froxlor direcotry cannot be read ('" . $this->_args["froxlor-dir"] . "')");
+			}
+		}
+	}
+
+	private function downloadFile($src, $dest)
+	{
+		set_time_limit(0);
+		// This is the file where we save the information
+		$fp = fopen($dest, 'w+');
+		// Here is the file we are downloading, replace spaces with %20
+		$ch = curl_init(str_replace(" ", "%20", $src));
+		curl_setopt($ch, CURLOPT_TIMEOUT, 50);
+		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+		// write curl response to file
+		curl_setopt($ch, CURLOPT_FILE, $fp);
+		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+		// get curl response
+		curl_exec($ch);
+		curl_close($ch);
+		fclose($fp);
+	}
+}
+
+// give control to command line handler
+try {
+	ConfigServicesCmd::processParameters($argc, $argv);
+} catch (Exception $e) {
+	ConfigServicesCmd::printerr($e->getMessage());
+}
--- a/install/scripts/switch-server-ip.php
+++ b/install/scripts/switch-server-ip.php
@@ -13,46 +13,33 @@
 * @author Froxlor team <team@froxlor.org> (2016-)
 * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package Cron
- *
+ *         
 */

 // Check if we're in the CLI
-if(@php_sapi_name() !== 'cli') {
+if (@php_sapi_name() !== 'cli') {
 	die('This script will only work in the shell.');
 }

-// give control to command line handler
-try {
-	CmdLineHandler::processParameters($argc, $argv);
-} catch (Exception $e) {
-	CmdLineHandler::printerr($e->getMessage());
-}
+require dirname(dirname(__DIR__)) . '/lib/classes/output/class.CmdLineHandler.php';

-class CmdLineHandler
+class SwitchServerIp extends CmdLineHandler
 {

 	/**
-	 * internal variable for passed arguments
+	 * list of valid switches
 	 *
 	 * @var array
 	 */
-	private static $args = null;
-
-	/**
-	 * Action object read from commandline/config
-	 *
-	 * @var Action
-	 */
-	private $_action = null;
-
-	/**
-	 * list of valid parameters/switches
-	 */
 	public static $switches = array(
-		/* 'd', // debug / output information for everything */
 		'h'
 	);
- // same as --help
+
+	/**
+	 * list of valid parameters
+	 *
+	 * @var array
+	 */
 	public static $params = array(
 		'switch',
 		'list',
@@ -60,131 +47,7 @@ class CmdLineHandler
 		'help'
 	);

-	/**
-	 * Returns a CmdLineHandler object with given
-	 * arguments from command line
-	 *
-	 * @param int $argc
-	 * @param array $argv
-	 *
-	 * @return CmdLineHandler
-	 */
-	public static function processParameters($argc, $argv)
-	{
-		return new CmdLineHandler($argc, $argv);
-	}
-
-	/**
-	 * returns the Action object generated in
-	 * the class constructor
-	 *
-	 * @return Action
-	 */
-	public function getAction()
-	{
-		return $this->_action;
-	}
-
-	/**
-	 * class constructor, validates the command line parameters
-	 * and sets the Action-object if valid
-	 *
-	 * @param int $argc
-	 * @param string[] $argv
-	 *
-	 * @return null
-	 * @throws Exception
-	 */
-	private function __construct($argc, $argv)
-	{
-		self::$args = $this->_parseArgs($argv);
-		$this->_action = $this->_createAction();
-	}
-
-	/**
-	 * Parses the arguments given via the command line;
-	 * three types are supported:
-	 * 1.
-	 * --parm1 or --parm2=value
-	 * 2. -xyz (multiple switches in one) or -a=value
-	 * 3. parm1 parm2
-	 *
-	 * The 1. will be mapped as
-	 * ["parm1"] => true, ["parm2"] => "value"
-	 * The 2. as
-	 * ["x"] => true, ["y"] => true, ["z"] => true, ["a"] => "value"
-	 * And the 3. as
-	 * [0] => "parm1", [1] => "parm2"
-	 *
-	 * @param array $argv
-	 *
-	 * @return array
-	 */
-	private function _parseArgs($argv)
-	{
-		array_shift($argv);
-		$o = array();
-		foreach ($argv as $a) {
-			if (substr($a, 0, 2) == '--') {
-				$eq = strpos($a, '=');
-				if ($eq !== false) {
-					$o[substr($a, 2, $eq - 2)] = substr($a, $eq + 1);
-				} else {
-					$k = substr($a, 2);
-					if (! isset($o[$k])) {
-						$o[$k] = true;
-					}
-				}
-			} else
-				if (substr($a, 0, 1) == '-') {
-					if (substr($a, 2, 1) == '=') {
-						$o[substr($a, 1, 1)] = substr($a, 3);
-					} else {
-						foreach (str_split(substr($a, 1)) as $k) {
-							if (! isset($o[$k])) {
-								$o[$k] = true;
-							}
-						}
-					}
-				} else {
-					$o[] = $a;
-				}
-		}
-		return $o;
-	}
-
-	/**
-	 * Creates an Action-Object for the Action-Handler
-	 *
-	 * @return Action
-	 * @throws Exception
-	 */
-	private function _createAction()
-	{
-
-		// Test for help-switch
-		if (empty(self::$args) || array_key_exists("help", self::$args) || array_key_exists("h", self::$args)) {
-			self::printHelp();
-			// end of execution
-		}
-		// check if no unknown parameters are present
-		foreach (self::$args as $arg => $value) {
-
-			if (is_numeric($arg)) {
-				throw new Exception("Unknown parameter '" . $value . "' in argument list");
-			} elseif (! in_array($arg, self::$params) && ! in_array($arg, self::$switches)) {
-				throw new Exception("Unknown parameter '" . $arg . "' in argument list");
-			}
-		}
-
-		// set debugger switch
-		if (isset(self::$args["d"]) && self::$args["d"] == true) {
-			// Debugger::getInstance()->setEnabled(true);
-			// Debugger::getInstance()->debug("debug output enabled");
-		}
-
-		return new Action(self::$args);
-	}
+	public static $action_class = 'Action';

 	public static function printHelp()
 	{
@@ -207,34 +70,9 @@ class CmdLineHandler
 		// self::println("-d\t\t\tenable debug output");
 		self::println("-h\t\t\tsame as --help");
 		self::println("");
-
+		
 		die(); // end of execution
 	}
-
-	public static function println($msg = "")
-	{
-		print $msg . PHP_EOL;
-	}
-
-	private static function _printcolor($msg = "", $color = "0")
-	{
-		print "\033[" . $color . "m" . $msg . "\033[0m" . PHP_EOL;
-	}
-
-	public static function printerr($msg = "")
-	{
-		self::_printcolor($msg, "31");
-	}
-
-	public static function printsucc($msg = "")
-	{
-		self::_printcolor($msg, "32");
-	}
-
-	public static function printwarn($msg = "")
-	{
-		self::_printcolor($msg, "33");
-	}
 }

 class Action
@@ -268,11 +106,11 @@ class Action
 		if (array_key_exists("list", $this->_args) || array_key_exists("switch", $this->_args)) {
 			$need_config = true;
 		}
-
+		
 		$this->_checkConfigParam($need_config);
-
+		
 		$this->_parseConfig();
-
+		
 		if (array_key_exists("list", $this->_args)) {
 			$this->_listIPs();
 		}
@@ -300,11 +138,11 @@ class Action
 	private function _switchIPs()
 	{
 		$ip_list = $this->_args['switch'];
-
+		
 		if (empty($ip_list) || is_bool($ip_list)) {
 			throw new Exception("No paramters given for --switch action.");
 		}
-
+		
 		$ips_to_switch = array();
 		$ip_list = explode(" ", $ip_list);
 		foreach ($ip_list as $ips_combo) {
@@ -324,34 +162,42 @@ class Action
 			}
 			$ips_to_switch[] = $ip_pair;
 		}
-
+		
 		if (count($ips_to_switch) > 0) {
+			$check_stmt = Database::prepare("SELECT `id` FROM panel_ipsandports WHERE `ip` = :newip");
 			$upd_stmt = Database::prepare("UPDATE panel_ipsandports SET `ip` = :newip WHERE `ip` = :oldip");
-
+			
 			// system.ipaddress
 			$check_sysip_stmt = Database::prepare("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'system' and `varname` = 'ipaddress'");
 			$check_sysip = Database::pexecute_first($check_sysip_stmt);
-
+			
 			// system.mysql_access_host
 			$check_mysqlip_stmt = Database::prepare("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'system' and `varname` = 'mysql_access_host'");
 			$check_mysqlip = Database::pexecute_first($check_mysqlip_stmt);
-
+			
 			// system.axfrservers
 			$check_axfrip_stmt = Database::prepare("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'system' and `varname` = 'axfrservers'");
 			$check_axfrip = Database::pexecute_first($check_axfrip_stmt);
-
+			
 			foreach ($ips_to_switch as $ip_pair) {
 				echo "Switching IP \033[1m" . $ip_pair[0] . "\033[0m to IP \033[1m" . $ip_pair[1] . "\033[0m" . PHP_EOL;
+
+				$ip_check = Database::pexecute_first($check_stmt, array('newip' => $ip_pair[1]));
+				if ($ip_check) {
+					CmdLineHandler::printwarn("Note: " . $ip_pair[0] . " not updated to " . $ip_pair[1] . " - IP already exists in froxlor's database");
+					continue;
+				}
+
 				Database::pexecute($upd_stmt, array(
 					'newip' => $ip_pair[1],
 					'oldip' => $ip_pair[0]
 				));
 				$rows_updated = $upd_stmt->rowCount();
-
+				
 				if ($rows_updated == 0) {
 					CmdLineHandler::printwarn("Note: " . $ip_pair[0] . " not updated to " . $ip_pair[1] . " (possibly no entry found in froxlor database. Use --list to see what IP addresses are added in froxlor");
 				}
-
+				
 				// check whether the system.ipaddress needs updating
 				if ($check_sysip['value'] == $ip_pair[0]) {
 					$upd2_stmt = Database::prepare("UPDATE `panel_settings` SET `value` = :newip WHERE `settinggroup` = 'system' and `varname` = 'ipaddress'");
@@ -360,7 +206,7 @@ class Action
 					));
 					CmdLineHandler::printsucc("Updated system-ipaddress from '" . $ip_pair[0] . "' to '" . $ip_pair[1] . "'");
 				}
-
+				
 				// check whether the system.mysql_access_host needs updating
 				if (strstr($check_mysqlip['value'], $ip_pair[0]) !== false) {
 					$new_mysqlip = str_replace($ip_pair[0], $ip_pair[1], $check_mysqlip['value']);
@@ -370,7 +216,7 @@ class Action
 					));
 					CmdLineHandler::printsucc("Updated mysql_access_host from '" . $check_mysqlip['value'] . "' to '" . $new_mysqlip . "'");
 				}
-
+				
 				// check whether the system.axfrservers needs updating
 				if (strstr($check_axfrip['value'], $ip_pair[0]) !== false) {
 					$new_axfrip = str_replace($ip_pair[0], $ip_pair[1], $check_axfrip['value']);
@@ -382,7 +228,7 @@ class Action
 				}
 			}
 		}
-
+		
 		echo PHP_EOL;
 		CmdLineHandler::printwarn("*** ATTENTION *** Remember to replace IP addresses in configuration files if used anywhere.");
 		CmdLineHandler::printsucc("IP addresses updated");
@@ -391,12 +237,15 @@ class Action
 	private function _parseConfig()
 	{
 		define('FROXLOR_INSTALL_DIR', $this->_args['froxlor-dir']);
-		if (!file_exists(FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php')) {
-			throw new Exception("Could not find froxlor's Database class. Is froxlor really installed to '".FROXLOR_INSTALL_DIR."'?");
+		if (! file_exists(FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php')) {
+			throw new Exception("Could not find froxlor's Database class. Is froxlor really installed to '" . FROXLOR_INSTALL_DIR . "'?");
 		}
-		if (!file_exists(FROXLOR_INSTALL_DIR . '/lib/userdata.inc.php')) {
+		if (! file_exists(FROXLOR_INSTALL_DIR . '/lib/userdata.inc.php')) {
 			throw new Exception("Could not find froxlor's userdata.inc.php file. You should use this script only with a fully installed and setup froxlor system.");
 		}
+		require FROXLOR_INSTALL_DIR . '/lib/functions/filedir/function.makeSecurePath.php';
+		require FROXLOR_INSTALL_DIR . '/lib/functions/filedir/function.makeCorrectDir.php';
+		require FROXLOR_INSTALL_DIR . '/lib/functions/filedir/function.makeCorrectFile.php';
 		require FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php';
 	}

@@ -415,3 +264,10 @@ class Action
 		}
 	}
 }
+
+// give control to command line handler
+try {
+	SwitchServerIp::processParameters($argc, $argv);
+} catch (Exception $e) {
+	SwitchServerIp::printerr($e->getMessage());
+}
--- a/install/templates/dataitemchk.tpl
+++ b/install/templates/dataitemchk.tpl
@@ -1,4 +1,4 @@
 <p>
 	<label for="{$fieldname}" class="install-block {$style}">{$this->_lng['install']['webserver']} {$fieldlabel}:</label>
-	<input type="radio" name="webserver" id="{$fieldname}" value="{$fieldname}" {$checked} /><span>{$fieldlabel}<span>
+	<input type="radio" name="webserver" id="{$fieldname}" value="{$fieldname}" {$checked} /><span>{$fieldlabel}</span>
 </p>
--- a/install/updates/froxlor/0.9/update_0.9.inc.php
+++ b/install/updates/froxlor/0.9/update_0.9.inc.php
@@ -14,9 +14,11 @@
 * @package    Install
 *
 */
-if (! defined('AREA') || (defined('AREA') && AREA != 'admin') || ! isset($userinfo['loginname']) || (isset($userinfo['loginname']) && $userinfo['loginname'] == '')) {
-	header('Location: ../../../../index.php');
-	exit();
+if (!defined('_CRON_UPDATE')) {
+	if (! defined('AREA') || (defined('AREA') && AREA != 'admin') || ! isset($userinfo['loginname']) || (isset($userinfo['loginname']) && $userinfo['loginname'] == '')) {
+		header('Location: ../../../../index.php');
+		exit();
+	}
 }

 if (isFroxlorVersion('0.9-r0')) {
@@ -3534,3 +3536,533 @@ if (isFroxlorVersion('0.9.38')) {
 	showUpdateStep("Updating from 0.9.38 to 0.9.38.1", false);
 	updateToVersion('0.9.38.1');
 }
+
+if (isFroxlorVersion('0.9.38.1')) {
+
+	showUpdateStep("Updating from 0.9.38.1 to 0.9.38.2", false);
+	updateToVersion('0.9.38.2');
+}
+
+if (isFroxlorVersion('0.9.38.2')) {
+
+	showUpdateStep("Updating from 0.9.38.2 to 0.9.38.3", false);
+	updateToVersion('0.9.38.3');
+}
+
+if (isFroxlorVersion('0.9.38.3')) {
+
+	showUpdateStep("Updating from 0.9.38.3 to 0.9.38.4", false);
+	updateToVersion('0.9.38.4');
+}
+
+if (isDatabaseVersion('201611180')) {
+
+	showUpdateStep("Updating database table definition for panel_domains");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `phpenabled` tinyint(1) NOT NULL default '1' AFTER `parentdomainid`;");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding field for let's-encrypt registration status");
+	Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` add `leregistered` TINYINT(1) NOT NULL DEFAULT 0;");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding system setting for let's-encrypt registration status");
+	Settings::AddNew('system.leregistered', '0');
+	lastStepStatus(0);
+
+  showUpdateStep("Adding unique key to ipsandports table");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_IPSANDPORTS . "` ADD UNIQUE KEY `ip_port` (`ip`,`port`)");
+	lastStepStatus(0);
+
+	updateToDbVersion('201612110');
+}
+
+if (isFroxlorVersion('0.9.38.4')) {
+
+	showUpdateStep("Updating from 0.9.38.4 to 0.9.38.5", false);
+	updateToVersion('0.9.38.5');
+}
+
+if (isFroxlorVersion('0.9.38.5')) {
+
+	showUpdateStep("Updating from 0.9.38.5 to 0.9.38.6", false);
+	updateToVersion('0.9.38.6');
+}
+
+if (isFroxlorVersion('0.9.38.6')) {
+
+	showUpdateStep("Updating from 0.9.38.6 to 0.9.38.7", false);
+	updateToVersion('0.9.38.7');
+}
+
+if (isDatabaseVersion('201612110')) {
+
+	showUpdateStep("Adding field for OCSP stapling");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS .
+		"` ADD `ocsp_stapling` TINYINT(1) NOT NULL DEFAULT '0';");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding default setting for Apache 2.4 OCSP cache path");
+	Settings::AddNew('system.apache24_ocsp_cache_path', 'shmcb:/var/run/apache2/ocsp-stapling.cache(131072)');
+	lastStepStatus(0);
+
+	updateToDbVersion('201704100');
+}
+
+if (isDatabaseVersion('201704100')) {
+
+	showUpdateStep("Adding new setting for libnss-extrausers");
+	$system_nssextrausers= isset($_POST['system_nssextrausers']) ? (int) $_POST['system_nssextrausers'] : 0;
+	Settings::AddNew('system.nssextrausers', $system_nssextrausers);
+	lastStepStatus(0);
+
+	updateToDbVersion('201705050');
+}
+
+if (isDatabaseVersion('201705050')) {
+
+	showUpdateStep("Updating HTTP2 setting");
+	if (Settings::Get('system.nginx_http2_support') != null) {
+		Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `varname` = 'http2_support' WHERE `varname` = 'nginx_http2_support';");
+	} else {
+		Settings::AddNew('system.http2_support', 0);
+	}
+	lastStepStatus(0);
+	showUpdateStep("Adding domain field for HTTP2 stapling");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `http2` TINYINT(1) NOT NULL DEFAULT '0';");
+	lastStepStatus(0);
+
+	updateToDbVersion('201708240');
+}
+
+if (isDatabaseVersion('201708240')) {
+	
+	showUpdateStep("Adding new 'disable LE self-check' setting");
+	$system_disable_le_selfcheck = isset($_POST['system_disable_le_selfcheck']) ? (int) $_POST['system_disable_le_selfcheck'] : 0;
+	Settings::AddNew('system.disable_le_selfcheck', $system_disable_le_selfcheck);
+	lastStepStatus(0);
+
+	updateToDbVersion('201712310');
+
+	showUpdateStep("Updating from 0.9.38.7 to 0.9.38.8", false);
+	updateToVersion('0.9.38.8');
+}
+
+if (isDatabaseVersion('201712310')) {
+
+	showUpdateStep("Adding field for fpm-daemon configs");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `fpmsettingid` int(11) NOT NULL DEFAULT '1';");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding new fpm-daemons table");
+	Database::query("DROP TABLE IF EXISTS `panel_fpmdaemons`;");
+	$sql = "CREATE TABLE `panel_fpmdaemons` (
+	  `id` int(11) unsigned NOT NULL auto_increment,
+	  `description` varchar(50) NOT NULL,
+	  `reload_cmd` varchar(255) NOT NULL,
+	  `config_dir` varchar(255) NOT NULL,
+	  `pm` varchar(15) NOT NULL DEFAULT 'static',
+	  `max_children` int(4) NOT NULL DEFAULT '1',
+	  `start_servers` int(4) NOT NULL DEFAULT '20',
+	  `min_spare_servers` int(4) NOT NULL DEFAULT '5',
+	  `max_spare_servers` int(4) NOT NULL DEFAULT '35',
+	  `max_requests` int(4) NOT NULL DEFAULT '0',
+	  `idle_timeout` int(4) NOT NULL DEFAULT '30',
+	  PRIMARY KEY  (`id`),
+	  UNIQUE KEY `reload` (`reload_cmd`),
+	  UNIQUE KEY `config` (`config_dir`)
+	) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;";
+	Database::query($sql);
+	lastStepStatus(0);
+
+	showUpdateStep("Converting php-fpm settings to new layout");
+	$ins_stmt = Database::prepare("
+		INSERT INTO `panel_fpmdaemons` SET
+		`id` = 1,
+		`description` = 'System default',
+		`reload_cmd` = :reloadcmd,
+		`config_dir` = :confdir,
+		`pm` = :pm,
+		`max_children` = :maxc,
+		`start_servers` = :starts,
+		`min_spare_servers` = :minss,
+		`max_spare_servers` = :maxss,
+		`max_requests` = :maxr,
+		`idle_timeout` = :it
+	");
+	Database::pexecute($ins_stmt, array(
+		'reloadcmd' => Settings::Get('phpfpm.reload'),
+		'confdir' => Settings::Get('phpfpm.configdir'),
+		'pm' => Settings::Get('phpfpm.pm'),
+		'maxc' => Settings::Get('phpfpm.max_children'),
+		'starts' => Settings::Get('phpfpm.start_servers'),
+		'minss' => Settings::Get('phpfpm.min_spare_servers'),
+		'maxss' => Settings::Get('phpfpm.max_spare_servers'),
+		'maxr' => Settings::Get('phpfpm.max_requests'),
+		'it' => Settings::Get('phpfpm.idle_timeout')
+	));
+	lastStepStatus(0);
+
+	showUpdateStep("Deleting unneeded settings");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'reload'");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'configdir'");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'pm'");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'max_children'");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'start_servers'");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'min_spare_servers'");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'max_spare_servers'");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'max_requests'");
+	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'idle_timeout'");
+	lastStepStatus(0);
+
+	updateToDbVersion('201801070');
+}
+
+if (isDatabaseVersion('201801070')) {
+
+	showUpdateStep("Adding field allowed_phpconfigs for customers");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` ADD `allowed_phpconfigs` varchar(500) NOT NULL default '';");
+	lastStepStatus(0);
+
+	updateToDbVersion('201801080');
+}
+
+if (isDatabaseVersion('201801080')) {
+
+	showUpdateStep("Adding new setting for Let's Encrypt ACME version");
+	Settings::AddNew('system.leapiversion', '1');
+	lastStepStatus(0);
+
+	updateToDbVersion('201801090');
+}
+
+if (isDatabaseVersion('201801090')) {
+
+	showUpdateStep("Adding field pass_authorizationheader for php-configs");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `pass_authorizationheader` tinyint(1) NOT NULL default '0';");
+	lastStepStatus(0);
+
+	updateToDbVersion('201801091');
+}
+
+if (isDatabaseVersion('201801091')) {
+
+	showUpdateStep("Adding new setting for SSL protocols");
+	Settings::AddNew('system.ssl_protocols', 'TLSv1,TLSv1.2');
+	lastStepStatus(0);
+
+	updateToDbVersion('201801100');
+}
+
+if (isDatabaseVersion('201801100')) {
+
+	showUpdateStep("Adding field for security.limit_extensions fpm-setting");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_FPMDAEMONS . "` ADD `limit_extensions` varchar(255) NOT NULL default '.php';");
+	lastStepStatus(0);
+
+	updateToDbVersion('201801101');
+}
+
+if (isDatabaseVersion('201801101')) {
+
+	showUpdateStep("Adding dynamic php-fpm php.ini settings");
+	Settings::AddNew('phpfpm.ini_flags', 'asp_tags
+display_errors
+display_startup_errors
+html_errors
+log_errors
+magic_quotes_gpc
+magic_quotes_runtime
+magic_quotes_sybase
+mail.add_x_header
+session.cookie_secure
+session.use_cookies
+short_open_tag
+track_errors
+xmlrpc_errors
+suhosin.simulation
+suhosin.session.encrypt
+suhosin.session.cryptua
+suhosin.session.cryptdocroot
+suhosin.cookie.encrypt
+suhosin.cookie.cryptua
+suhosin.cookie.cryptdocroot
+suhosin.executor.disable_eval
+mbstring.func_overload');
+	Settings::AddNew('phpfpm.ini_values', 'auto_append_file
+auto_prepend_file
+date.timezone
+default_charset
+error_reporting
+include_path
+log_errors_max_len
+mail.log
+max_execution_time
+session.cookie_domain
+session.cookie_lifetime
+session.cookie_path
+session.name
+session.serialize_handler
+upload_max_filesize
+xmlrpc_error_number
+session.auto_start
+always_populate_raw_post_data
+suhosin.session.cryptkey
+suhosin.session.cryptraddr
+suhosin.session.checkraddr
+suhosin.cookie.cryptkey
+suhosin.cookie.plainlist
+suhosin.cookie.cryptraddr
+suhosin.cookie.checkraddr
+suhosin.executor.func.blacklist
+suhosin.executor.eval.whitelist');
+	Settings::AddNew('phpfpm.ini_admin_flags', 'allow_call_time_pass_reference
+allow_url_fopen
+allow_url_include
+auto_detect_line_endings
+cgi.fix_pathinfo
+cgi.force_redirect
+enable_dl
+expose_php
+file_uploads
+ignore_repeated_errors
+ignore_repeated_source
+log_errors
+register_argc_argv
+report_memleaks
+opcache.enable
+opcache.consistency_checks
+opcache.dups_fix
+opcache.load_comments
+opcache.revalidate_path
+opcache.save_comments
+opcache.use_cwd
+opcache.validate_timestamps
+opcache.fast_shutdown');
+	Settings::AddNew('phpfpm.ini_admin_values', 'cgi.redirect_status_env
+date.timezone
+disable_classes
+disable_functions
+error_log
+gpc_order
+max_input_time
+max_input_vars
+memory_limit
+open_basedir
+output_buffering
+post_max_size
+precision
+sendmail_path
+session.gc_divisor
+session.gc_probability
+variables_order
+opcache.log_verbosity_level
+opcache.restrict_api
+opcache.revalidate_freq
+opcache.max_accelerated_files
+opcache.memory_consumption
+opcache.interned_strings_buffer');
+	lastStepStatus(0);
+
+	updateToDbVersion('201801110');
+}
+
+if (isDatabaseVersion('201801110')) {
+
+	showUpdateStep("Adding php-fpm php PATH setting for envrironment");
+	Settings::AddNew("phpfpm.envpath",  '/usr/local/bin:/usr/bin:/bin');
+	lastStepStatus(0);
+
+	updateToDbVersion('201801260');
+}
+
+if (isFroxlorVersion('0.9.38.8')) {
+
+	showUpdateStep("Updating from 0.9.38.8 to 0.9.39 final", false);
+	updateToVersion('0.9.39');
+}
+
+if (isFroxlorVersion('0.9.39')) {
+
+	showUpdateStep("Updating from 0.9.39 to 0.9.39.1", false);
+	updateToVersion('0.9.39.1');
+}
+
+if (isFroxlorVersion('0.9.39.1')) {
+
+	showUpdateStep("Updating from 0.9.39.1 to 0.9.39.2", false);
+	updateToVersion('0.9.39.2');
+}
+
+if (isDatabaseVersion('201801260')) {
+
+	showUpdateStep("Adding new plans table");
+	Database::query("DROP TABLE IF EXISTS `panel_plans`;");
+	$sql = "CREATE TABLE `panel_plans` (
+	  `id` int(11) NOT NULL auto_increment,
+	  `adminid` int(11) NOT NULL default '0',
+	  `name` varchar(255) NOT NULL default '',
+	  `description` text NOT NULL,
+	  `value` longtext NOT NULL,
+	  `ts` int(15) NOT NULL default '0',
+	  PRIMARY KEY  (id),
+	  KEY adminid (adminid)
+	) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;";
+	Database::query($sql);
+	lastStepStatus(0);
+
+	updateToDbVersion('201802120');
+}
+
+if (isDatabaseVersion('201802120')) {
+
+	showUpdateStep("Adding domain field for try_files flag");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `notryfiles` tinyint(1) DEFAULT '0';");
+	lastStepStatus(0);
+
+	updateToDbVersion('201802130');
+}
+
+if (isFroxlorVersion('0.9.39.2')) {
+
+	showUpdateStep("Updating from 0.9.39.2 to 0.9.39.3", false);
+	updateToVersion('0.9.39.3');
+}
+
+if (isFroxlorVersion('0.9.39.3')) {
+
+	showUpdateStep("Updating from 0.9.39.3 to 0.9.39.4", false);
+	updateToVersion('0.9.39.4');
+}
+
+if (isFroxlorVersion('0.9.39.4')) {
+
+	showUpdateStep("Updating from 0.9.39.4 to 0.9.39.5", false);
+	updateToVersion('0.9.39.5');
+}
+
+if (isDatabaseVersion('201802130')) {
+
+	showUpdateStep("Adding fullchain field to ssl certificates");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` ADD `ssl_fullchain_file` mediumtext AFTER `ssl_csr_file`;");
+	lastStepStatus(0);
+
+	updateToDbVersion('201802250');
+}
+
+if (isDatabaseVersion('201802250')) {
+
+	showUpdateStep("Adding webserver logfile settings");
+	Settings::AddNew("system.logfiles_format",  '');
+	Settings::AddNew("system.logfiles_type",  '1');
+	Settings::AddNew("system.logfiles_piped",  '0');
+	lastStepStatus(0);
+
+	updateToDbVersion('201805240');
+}
+
+if (isDatabaseVersion('201805240')) {
+
+	showUpdateStep("Adding webserver logfile-script settings");
+	Settings::AddNew("system.logfiles_script",  '');
+	lastStepStatus(0);
+
+	updateToDbVersion('201805241');
+}
+
+if (isDatabaseVersion('201805241')) {
+
+	$do_update = true;
+	showUpdateStep("Checking for required PHP json-extension");
+	if (! extension_loaded('json')) {
+		$do_update = false;
+		lastStepStatus(2, 'not installed');
+	} else {
+		lastStepStatus(0);
+
+		showUpdateStep("Checking for current cronjobs that need converting");
+		$result_tasks_stmt = Database::query("
+			SELECT * FROM `" . TABLE_PANEL_TASKS . "` ORDER BY `id` ASC
+		");
+		$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_TASKS . "` SET `data` = :data WHERE `id` = :taskid");
+		while ($row = $result_tasks_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if (! empty($row['data'])) {
+				$data = unserialize($row['data']);
+				Database::pexecute($upd_stmt, array(
+					'data' => json_encode($data),
+					'taskid' => $row['id']
+				));
+			}
+		}
+		lastStepStatus(0);
+
+		updateToDbVersion('201805290');
+	}
+}
+
+if (isDatabaseVersion('201805290')) {
+
+	showUpdateStep("Adding leaccount field to panel customers");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` ADD COLUMN `leaccount` varchar(255) default '' AFTER `leregistered`;");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding system setting for let's-encrypt account");
+	Settings::AddNew('system.leaccount', "");
+	lastStepStatus(0);
+
+	updateToDbVersion('201809180');
+}
+
+if (isDatabaseVersion('201809180')) {
+	
+	showUpdateStep("Adding new fields for php configs");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `override_fpmconfig` tinyint(1) NOT NULL DEFAULT '0';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `pm` varchar(15) NOT NULL DEFAULT 'static';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `max_children` int(4) NOT NULL DEFAULT '1';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `start_servers` int(4) NOT NULL DEFAULT '20';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `min_spare_servers` int(4) NOT NULL DEFAULT '5';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `max_spare_servers` int(4) NOT NULL DEFAULT '35';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `max_requests` int(4) NOT NULL DEFAULT '0';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `idle_timeout` int(4) NOT NULL DEFAULT '30';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `limit_extensions` varchar(255) NOT NULL default '.php';");
+	lastStepStatus(0);
+	
+	showUpdateStep("Synchronize fpm-daemon process manager settings with php-configs");
+	// get all fpm-daemons
+	$sel_stmt = Database::prepare("SELECT * FROM `panel_fpmdaemons`;");
+	Database::pexecute($sel_stmt);
+	$fpm_daemons = $sel_stmt->fetchAll(PDO::FETCH_ASSOC);
+	$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET
+		`pm` = :pm,
+		`max_children` = :maxc,
+		`start_servers` = :starts,
+		`min_spare_servers` = :minss,
+		`max_spare_servers` = :maxss,
+		`max_requests` = :maxr,
+		`idle_timeout` = :it,
+		`limit_extensions` = :le
+		WHERE `fpmsettingid` = :fpmid
+	");
+	// update all php-configs with the pm data from the fpm-daemon
+	foreach ($fpm_daemons as $fpm_daemon) {
+		Database::pexecute($upd_stmt, array(
+			'pm' => $fpm_daemon['pm'],
+			'maxc' => $fpm_daemon['max_children'],
+			'starts' => $fpm_daemon['start_servers'],
+			'minss' => $fpm_daemon['min_spare_servers'],
+			'maxss' => $fpm_daemon['max_spare_servers'],
+			'maxr' => $fpm_daemon['max_requests'],
+			'it' => $fpm_daemon['idle_timeout'],
+			'le' => $fpm_daemon['limit_extensions'],
+			'fpmid' => $fpm_daemon['id']
+		));
+	}
+	lastStepStatus(0);
+	
+	updateToDbVersion('201809280');
+}
+
+if (isFroxlorVersion('0.9.39.5')) {
+
+	showUpdateStep("Updating from 0.9.39.5 to 0.9.40", false);
+	updateToVersion('0.9.40');
+}
--- a/install/updates/preconfig/0.9/preconfig_0.9.inc.php
+++ b/install/updates/preconfig/0.9/preconfig_0.9.inc.php
@@ -709,4 +709,22 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
 		$question .= '<input type="password" class="text" name="smtp_passwd" value="" /><br />';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
+
+	if (versionInUpdate($current_db_version, '201705050')) {
+		$has_preconfig = true;
+		$description = 'DEBIAN/UBUNTU ONLY: Enable usage of libnss-extrausers as alternative to libnss-mysql (NOTE: if enabled, go through the configuration steps right after the update!!!)<br /><br />';
+		$question = '<strong>Enable usage of libnss-extrausers?</strong><br />';
+		$question .= makeyesno('system_nssextrausers', '1', '0', '0') . '<br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
+	if (versionInUpdate($current_db_version, '201712310')) {
+		if (Settings::Get('system.leenabled') == 1) {
+			$has_preconfig = true;
+			$description = 'Chose whether you want to disable the Let\'s Encrypt selfcheck as it causes false positives for some configurations.<br /><br />';
+			$question = '<strong>Disable Let\'s Encrypt self-check?</strong><br />';
+			$question .= makeyesno('system_disable_le_selfcheck', '1', '0', '0') . '<br />';
+			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+		}
+	}
 }
--- a/install/updatesql.php
+++ b/install/updatesql.php
@@ -17,13 +17,15 @@
 *
 */

-if (!defined('AREA')
-	|| (defined('AREA') && AREA != 'admin')
-	|| !isset($userinfo['loginname'])
-	|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
-) {
-	header('Location: ../index.php');
-	exit;
+if (!defined('_CRON_UPDATE')) {
+	if (!defined('AREA')
+		|| (defined('AREA') && AREA != 'admin')
+		|| !isset($userinfo['loginname'])
+		|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
+	) {
+		header('Location: ../index.php');
+		exit;
+	}
 }

 $updatelog = FroxlorLogger::getInstanceOf(array('loginname' => 'updater'));
--- a/lib/ajax.php
+++ b/lib/ajax.php
@@ -18,7 +18,7 @@

 // Load the user settings
 define('FROXLOR_INSTALL_DIR', dirname(dirname(__FILE__)));
-if (!file_exists('./userdata.inc.php')) {
+if (! file_exists('./userdata.inc.php')) {
 	die();
 }
 require './userdata.inc.php';
@@ -27,10 +27,11 @@ require './classes/database/class.Database.php';
 require './classes/settings/class.Settings.php';
 require './functions/validate/function.validate_ip.php';
 require './functions/validate/function.validateDomain.php';
+require './classes/cURL/class.HttpClient.php';

-if(isset($_POST['action'])) {
+if (isset($_POST['action'])) {
 	$action = $_POST['action'];
-} elseif(isset($_GET['action'])) {
+} elseif (isset($_GET['action'])) {
 	$action = $_GET['action'];
 } else {
 	$action = "";
@@ -42,51 +43,31 @@ if ($action == "newsfeed") {
 	} else {
 		$feed = "https://inside.froxlor.org/news/";
 	}
-
+	
 	if (function_exists("simplexml_load_file") == false) {
-		die();
+		outputItem("Newsfeed not available due to missing php-simplexml extension", "Please install the php-simplexml extension in order to view our newsfeed.");
+		exit();
 	}
-
+	
 	if (function_exists('curl_version')) {
-		$ch = curl_init();
-		curl_setopt($ch, CURLOPT_URL, $feed);
-		curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/'.$version);
-		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
-		$output = curl_exec($ch);
-		curl_close($ch);
+		$output = HttpClient::urlGet($feed);
 		$news = simplexml_load_string(trim($output));
 	} else {
-		if (ini_get('allow_url_fopen')) {
-			ini_set('user_agent', 'Froxlor/'.$version);
-			$news = simplexml_load_file($feed, null, LIBXML_NOCDATA);
-		} else {
-			$news = false;
-		}
+		outputItem("Newsfeed not available due to missing php-curl extension", "Please install the php-curl extension in order to view our newsfeed.");
+		exit();
 	}
-
+	
 	if ($news !== false) {
-		for ($i = 0; $i < 3; $i++) {
+		for ($i = 0; $i < 3; $i ++) {
 			$item = $news->channel->item[$i];
-
-			$title = (string)$item->title;
-			$link = (string)$item->link;
+			
+			$title = (string) $item->title;
+			$link = (string) $item->link;
 			$date = date("Y-m-d G:i", strtotime($item->pubDate));
 			$content = preg_replace("/[\r\n]+/", " ", strip_tags($item->description));
 			$content = substr($content, 0, 150) . "...";
-
-			echo "<li class=\"clearfix\">
-                <div class=\"newsfeed-body clearfix\">
-                    <div class=\"header\">
-                        <strong class=\"primary-font\"><a href=\"{$link}\" target=\"_blank\">{$title}</a></strong>
-                        <small class=\"pull-right text-muted\">
-                            <i class=\"fa fa-clock-o fa-fw\"></i> {$date}
-                        </small>
-                    </div>
-                    <p>
-                        {$content}
-                    </p>
-                </div>
-            </li>";
+			
+			outputItem($title, $content, $link, $date);
 		}
 	} else {
 		echo "";
@@ -94,3 +75,30 @@ if ($action == "newsfeed") {
 } else {
 	echo "No action set.";
 }
+
+function outputItem($title, $content, $link = null, $date = null)
+{
+	echo "<li class=\"clearfix\">
+			<div class=\"newsfeed-body clearfix\">
+				<div class=\"header\">
+					<strong class=\"primary-font\">";
+			if (! empty($link)) {
+				echo "<a href=\"{$link}\" target=\"_blank\">";
+			}
+			echo $title;
+			if (! empty($link)) {
+				echo "</a>";
+			}
+			echo "</strong>";
+			if (! empty($date)) {
+				echo "<small class=\"pull-right text-muted\">
+                            <i class=\"fa fa-clock-o fa-fw\"></i> {$date}
+                        </small>";
+			}
+			echo "</div>
+                    <p>
+                        {$content}
+                    </p>
+                </div>
+            </li>";
+}
--- a/lib/classes/bulk/class.DomainBulkAction.php
+++ b/lib/classes/bulk/class.DomainBulkAction.php
@@ -93,6 +93,13 @@ class DomainBulkAction
 /* 16 */    'use_ssl',
 /* 17 */	'registration_date',
 /* 18 */	'ips',
+/* 19 */	'letsencrypt',
+/* 20 */	'hsts',
+/* 21 */	'hsts_sub',
+/* 22 */	'hsts_preload',
+/* 23 */	'ocsp_stapling',
+/* 24 */	'phpenabled',
+/* 25 */	'http2',
 	    /* automatically added */
 		'adminid',
        'customerid',
@@ -180,13 +187,14 @@ class DomainBulkAction
        }
        
        // preapre insert statement as it is used a few times
+        // leave out aliasdomain for now, cause empty = NULL value which cannot be
+        // added this easily using prepared statements
        $this->_ins_stmt = Database::prepare("
 			INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
 				`domain` = :domain,
 				`adminid` = :adminid,
 				`customerid` = :customerid,
 				`documentroot` = :documentroot,
-                `aliasdomain` = :aliasdomain,
 				`isbinddomain` = :isbinddomain,
 				`isemaildomain` = :isemaildomain,
 				`email_only` = :email_only,
@@ -200,7 +208,14 @@ class DomainBulkAction
 				`specialsettings` = :specialsettings,
 				`ssl_redirect` = :ssl_redirect,
 				`registration_date` = :registration_date,
-				`add_date` = :add_date
+				`add_date` = :add_date,
+				`letsencrypt` = :letsencrypt,
+				`hsts` = :hsts,
+				`hsts_sub` = :hsts_sub,
+				`hsts_preload` = :hsts_preload,
+				`ocsp_stapling` = :ocsp_stapling,
+				`phpenabled` = :phpenabled,
+				`http2` = :http2
 		");
        
        // prepare insert statement for ip/port <> domain
@@ -293,6 +308,7 @@ class DomainBulkAction
        }
        
        // check for alias-domain
+        $hasAlias = false;
        if (! empty($domain_data['aliasdomain'])) {
            // format
            $domain_data['aliasdomain'] = $idna_convert->encode(preg_replace(array(
@@ -311,6 +327,7 @@ class DomainBulkAction
                // - we'd better skip
                return false;
            }
+            $hasAlias = $domain_data['aliasdomain'];
        }
        
        // check for use_ssl and ssl_redirect
@@ -335,6 +352,38 @@ class DomainBulkAction
            $domain_data['ssl_redirect'] = 0;
        }
        
+        // only check for letsencrypt, hsts and oscp-stapling if ssl is enabled
+        if ($domain_data['use_ssl'] == 1) {
+			//lets encrypt
+			if ($domain_data['letsencrypt'] != 1 || $domain_data['iswildcarddomain'] == 1) {
+				$domain_data['letsencrypt'] = 0;
+			}
+		} else {
+			$domain_data['letsencrypt'] = 0;
+		}
+
+		// hsts
+		if ($domain_data['hsts'] != 1) {
+			$domain_data['hsts'] = 0;
+		}
+		if ($domain_data['hsts_sub'] != 1) {
+			$domain_data['hsts_sub'] = 0;
+		}
+		if ($domain_data['hsts_preload'] != 1) {
+			$domain_data['hsts_preload'] = 0;
+		}
+		if ($domain_data['ocsp_stapling'] != 1) {
+			$domain_data['ocsp_stapling'] = 0;
+		}
+
+		if ($domain_data['phpenabled'] != 1) {
+			$domain_data['phpenabled'] = 0;
+		}
+
+		if ($domain_data['http2'] != 1) {
+			$domain_data['http2'] = 0;
+		}
+
        // add to known domains
        $this->_knownDomains[] = $domain_data['domain'];
        
@@ -416,13 +465,21 @@ class DomainBulkAction
        $use_ssl = (bool)$domain_data['use_ssl'];
        // don't need that for the domain-insert-statement
        unset($domain_data['use_ssl']);
-        
+        // don't need alias
+        unset($domain_data['aliasdomain']);
+
        // finally ADD the domain to panel_domains
        Database::pexecute($this->_ins_stmt, $domain_data);
        
        // get the newly inserted domain-id
        $domain_id = Database::lastInsertId();
        
+        // add alias if any
+        if ($hasAlias != false) {
+			$alias_stmt = Database::prepare("UPDATE `".TABLE_PANEL_DOMAINS."` SET `aliasdomain` = :aliasdomain WHERE `id` = :did");
+			Database::pexecute($alias_stmt, array('aliasdomain' => $hasAlias, 'did' => $domain_id));
+        }
+
        // insert domain <-> ip/port reference
        if (empty($iplist)) {
            $iplist = Settings::Get('system.ipaddress');
--- a/lib/classes/cURL/class.HttpClient.php
+++ b/lib/classes/cURL/class.HttpClient.php
@@ -0,0 +1,62 @@
+<?php
+
+class HttpClient
+{
+
+	/**
+	 * Executes simple GET request
+	 *
+	 * @param string $url
+	 *
+	 * @return array
+	 */
+	public static function urlGet($url, $follow_location = true)
+	{
+		include FROXLOR_INSTALL_DIR . '/lib/version.inc.php';
+		$ch = curl_init();
+		curl_setopt($ch, CURLOPT_URL, $url);
+		curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/' . $version);
+		if ($follow_location) {
+			curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+		}
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+		$output = curl_exec($ch);
+		if ($output === false) {
+			$e = curl_error($ch);
+			curl_close($ch);
+			throw new \Exception("Curl error: " . $e);
+		}
+		curl_close($ch);
+		return $output;
+	}
+	
+	/**
+	 * Downloads and stores a file from an url
+	 *
+	 * @param string $url
+	 * @param string $target
+	 *
+	 * @return array
+	 */
+	public static function fileGet($url, $target)
+	{
+		include FROXLOR_INSTALL_DIR . '/lib/version.inc.php';
+		$fh = fopen($target, 'w');
+		$ch = curl_init();
+		curl_setopt($ch, CURLOPT_URL, $url);
+		curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/' . $version);
+		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+		curl_setopt($ch, CURLOPT_TIMEOUT, 50);
+		//give curl the file pointer so that it can write to it
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+		curl_setopt($ch, CURLOPT_FILE, $fh);
+		$output = curl_exec($ch);
+		if ($output === false) {
+			$e = curl_error($ch);
+			curl_close($ch);
+			throw new \Exception("Curl error: " . $e);
+		}
+		curl_close($ch);
+		return $output;
+	}
+}
--- a/lib/classes/database/class.Database.php
+++ b/lib/classes/database/class.Database.php
@@ -28,6 +28,11 @@
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Classes
+ *
+ * @method static \PDOStatement prepare($statement, array $driver_options = null) Prepares a statement for execution and returns a statement object
+ * @method static \PDOStatement query ($statement) Executes an SQL statement, returning a result set as a PDOStatement object
+ * @method static string lastInsertId ($name = null) Returns the ID of the last inserted row or sequence value
+ * @method static string quote ($string, $parameter_type = null) Quotes a string for use in a query.
 */
 class Database {

@@ -262,7 +267,7 @@ class Database {
 		// build up connection string
 		$driver = 'mysql';
 		$dsn = $driver.":";
-		$options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'set names utf8');
+		$options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"');
 		$attributes = array('ATTR_ERRMODE' => 'ERRMODE_EXCEPTION');

 		$dbconf["dsn"] = array(
--- a/lib/classes/database/manager/class.DbManagerMySQL.php
+++ b/lib/classes/database/manager/class.DbManagerMySQL.php
@@ -134,7 +134,7 @@ class DbManagerMySQL {
 	 * @param string $host (unused in mysql)
 	 */
 	public function disableUser($username = null, $host = null) {
-		$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$row_database['databasename']."`");
+		$stmt = Database::prepare('REVOKE ALL PRIVILEGES, GRANT OPTION FROM `' . $username . '`@`' . $host . '`');
 		Database::pexecute($stmt, array(), false);
 	}

--- a/lib/classes/dns/class.DnsEntry.php
+++ b/lib/classes/dns/class.DnsEntry.php
@@ -41,7 +41,31 @@ class DnsEntry

 	public function __toString()
 	{
-		$result = $this->record . "\t" . $this->ttl . "\t" . $this->class . "\t" . $this->type . "\t" . (($this->priority >= 0 && ($this->type == 'MX' || $this->type == 'SRV')) ? $this->priority . "\t" : "") . $this->content . PHP_EOL;
+		$_content = $this->content;
+		// check content length for txt records for bind9 (multiline)
+		if (Settings::Get('system.dns_server') != 'pdns' && $this->type == 'TXT' && strlen($_content) >= 255) {
+			// split string
+			$_contentlines = str_split($_content, 254);
+			// first line
+			$_l = array_shift($_contentlines);
+			// check for starting quote
+			if (substr($_l, 0, 1) == '"') {
+				$_l = substr($_l, 1);
+			}
+			$_content = '("' . $_l . '"' . PHP_EOL;
+			$_l = array_pop($_contentlines);
+			// check for ending quote
+			if (substr($_l, - 1) == '"') {
+				$_l = substr($_l, 0, - 1);
+			}
+			foreach ($_contentlines as $_cl) {
+				// lines in between
+				$_content .= "\t\t\t\t" . '"' . $_cl . '"' . PHP_EOL;
+			}
+			// last line
+			$_content .= "\t\t\t\t" . '"' . $_l . '")';
+		}
+		$result = $this->record . "\t" . $this->ttl . "\t" . $this->class . "\t" . $this->type . "\t" . (($this->priority >= 0 && ($this->type == 'MX' || $this->type == 'SRV')) ? $this->priority . "\t" : "") . $_content . PHP_EOL;
 		return $result;
 	}
 }
--- a/lib/classes/integrity/class.IntegrityCheck.php
+++ b/lib/classes/integrity/class.IntegrityCheck.php
@@ -85,11 +85,10 @@ class IntegrityCheck {
 				// fix database
 				Database::query('ALTER DATABASE `' . Database::getDbName() . '` CHARACTER SET utf8 COLLATE utf8_general_ci');
 				// fix all tables
-				$handle = Database::query('SHOW TABLES');
-				while ($row = $handle->fetch(PDO::FETCH_ASSOC)) {
-					foreach ($row as $table) {
-						Database::query('ALTER TABLE `' . $table . '` CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;');
-					}
+				$handle = Database::query('SHOW FULL TABLES WHERE Table_type != "VIEW"');
+				while ($row = $handle->fetch(PDO::FETCH_BOTH)) {
+					$table = $row[0];
+					Database::query('ALTER TABLE `' . $table . '` CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;');
 				}
 				$this->_log->logAction(ADM_ACTION, LOG_WARNING, "database charset was different from UTF-8, integrity-check fixed that");
 			} else {
--- a/lib/classes/output/class.CmdLineHandler.php
+++ b/lib/classes/output/class.CmdLineHandler.php
@@ -0,0 +1,196 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2018 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright (c) the authors
+ * @author Froxlor team <team@froxlor.org> (2018-)
+ * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package Cron
+ *
+ */
+abstract class CmdLineHandler
+{
+
+	/**
+	 * internal variable for passed arguments
+	 *
+	 * @var array
+	 */
+	private static $args = null;
+
+	/**
+	 * Action object read from commandline/config
+	 *
+	 * @var Action
+	 */
+	private $_action = null;
+
+	/**
+	 * Returns a CmdLineHandler object with given
+	 * arguments from command line
+	 *
+	 * @param int $argc
+	 * @param array $argv
+	 *
+	 * @return CmdLineHandler
+	 */
+	public static function processParameters($argc, $argv)
+	{
+		$me = get_called_class();
+		return new $me($argc, $argv);
+	}
+
+	/**
+	 * returns the Action object generated in
+	 * the class constructor
+	 *
+	 * @return Action
+	 */
+	public function getAction()
+	{
+		return $this->_action;
+	}
+
+	/**
+	 * class constructor, validates the command line parameters
+	 * and sets the Action-object if valid
+	 *
+	 * @param int $argc
+	 * @param string[] $argv
+	 *
+	 * @return null
+	 * @throws Exception
+	 */
+	private function __construct($argc, $argv)
+	{
+		self::$args = $this->_parseArgs($argv);
+		$this->_action = $this->_createAction();
+	}
+
+	/**
+	 * Parses the arguments given via the command line;
+	 * three types are supported:
+	 * 1.
+	 * --parm1 or --parm2=value
+	 * 2. -xyz (multiple switches in one) or -a=value
+	 * 3. parm1 parm2
+	 *
+	 * The 1. will be mapped as
+	 * ["parm1"] => true, ["parm2"] => "value"
+	 * The 2. as
+	 * ["x"] => true, ["y"] => true, ["z"] => true, ["a"] => "value"
+	 * And the 3. as
+	 * [0] => "parm1", [1] => "parm2"
+	 *
+	 * @param array $argv
+	 *
+	 * @return array
+	 */
+	private function _parseArgs($argv)
+	{
+		array_shift($argv);
+		$o = array();
+		foreach ($argv as $a) {
+			if (substr($a, 0, 2) == '--') {
+				$eq = strpos($a, '=');
+				if ($eq !== false) {
+					$o[substr($a, 2, $eq - 2)] = substr($a, $eq + 1);
+				} else {
+					$k = substr($a, 2);
+					if (! isset($o[$k])) {
+						$o[$k] = true;
+					}
+				}
+			} else if (substr($a, 0, 1) == '-') {
+				if (substr($a, 2, 1) == '=') {
+					$o[substr($a, 1, 1)] = substr($a, 3);
+				} else {
+					foreach (str_split(substr($a, 1)) as $k) {
+						if (! isset($o[$k])) {
+							$o[$k] = true;
+						}
+					}
+				}
+			} else {
+				$o[] = $a;
+			}
+		}
+		return $o;
+	}
+
+	/**
+	 * Creates an Action-Object for the Action-Handler
+	 *
+	 * @return Action
+	 * @throws Exception
+	 */
+	private function _createAction()
+	{
+		
+		// Test for help-switch
+		if (empty(self::$args) || array_key_exists("help", self::$args) || array_key_exists("h", self::$args)) {
+			static::printHelp();
+			// end of execution
+		}
+		// check if no unknown parameters are present
+		foreach (self::$args as $arg => $value) {
+			
+			if (is_numeric($arg)) {
+				throw new Exception("Unknown parameter '" . $value . "' in argument list");
+			} elseif (! in_array($arg, static::$params) && ! in_array($arg, static::$switches)) {
+				throw new Exception("Unknown parameter '" . $arg . "' in argument list");
+			}
+		}
+		
+		// set debugger switch
+		if (isset(self::$args["d"]) && self::$args["d"] == true) {
+			// Debugger::getInstance()->setEnabled(true);
+			// Debugger::getInstance()->debug("debug output enabled");
+		}
+		
+		return new static::$action_class(self::$args);
+	}
+
+	public static function getInput($prompt = "#", $default = "")
+	{
+		if (! empty($default)) {
+			$prompt .= " [" . $default . "]";
+		}
+		$result = readline($prompt . ":");
+		if (empty($result) && ! empty($default)) {
+			$result = $default;
+		}
+		return mb_strtolower($result);
+	}
+
+	public static function println($msg = "")
+	{
+		print $msg . PHP_EOL;
+	}
+
+	private static function _printcolor($msg = "", $color = "0")
+	{
+		print "\033[" . $color . "m" . $msg . "\033[0m" . PHP_EOL;
+	}
+
+	public static function printerr($msg = "")
+	{
+		self::_printcolor($msg, "31");
+	}
+
+	public static function printsucc($msg = "")
+	{
+		self::_printcolor($msg, "32");
+	}
+
+	public static function printwarn($msg = "")
+	{
+		self::_printcolor($msg, "33");
+	}
+}
--- a/lib/classes/output/class.paging.php
+++ b/lib/classes/output/class.paging.php
@@ -88,6 +88,8 @@ class paging {
 	 * @var bool
 	 */
 	private $natSorting = false;
+	
+	private $_limit = 0;

 	/**
 	 * Class constructor. Loads settings from request or from userdata and saves them to session.
@@ -101,7 +103,7 @@ class paging {
 	 * @param string $default_order default sorting order 'asc' or 'desc'
 	 *
 	 */
-	public function __construct($userinfo, $table, $fields, $entriesperpage = 0, $natSorting = false, $default_field = 0, $default_order = 'asc') {
+	public function __construct($userinfo, $table, $fields, $entriesperpage = 0, $natSorting = false, $default_field = 0, $default_order = 'asc', $limit = 0) {

 		// entries per page and natsorting-flag are not
 		// passed as parameter anymore, because these are
@@ -112,7 +114,7 @@ class paging {
 		$this->userinfo = $userinfo;

 		if (!is_array($this->userinfo['lastpaging'])) {
-			$this->userinfo['lastpaging'] = unserialize($this->userinfo['lastpaging']);
+			$this->userinfo['lastpaging'] = json_decode($this->userinfo['lastpaging'], true);
 		}

 		$this->table = $table;
@@ -222,7 +224,7 @@ class paging {
 			AND `adminsession` = :adminsession
 		");
 		$upd_data = array(
-			'lastpaging' => serialize($this->userinfo['lastpaging']),
+			'lastpaging' => json_encode($this->userinfo['lastpaging']),
 			'hash' => $userinfo['hash'],
 			'userid' => $userinfo['userid'],
 			'ipaddr' => $userinfo['ipaddress'],
@@ -230,6 +232,8 @@ class paging {
 			'adminsession' => $userinfo['adminsession']
 		);
 		Database::pexecute($upd_stmt, $upd_data);
+		
+		$this->_limit = $limit;
 	}

 	/**
@@ -378,6 +382,11 @@ class paging {
 	 * @return string always empty
 	 */
 	public function getSqlLimit() {
+
+		if ($this->_limit > 0) {
+			$_offset = ($this->pageno - 1) * $this->_limit;
+			return ' LIMIT '.$_offset.','.$this->_limit;
+		}
 		/**
 		 * currently not in use
 		 */
--- a/lib/classes/phpinterface/class.phpinterface.php
+++ b/lib/classes/phpinterface/class.phpinterface.php
@@ -91,6 +91,12 @@ class phpinterface {
 					SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
 			);
 			$this->_php_configs_cache[$php_config_id] = Database::pexecute_first($stmt, array('id' => $php_config_id));
+			if ((int)Settings::Get('phpfpm.enabled') == 1) {
+				$stmt = Database::prepare("
+					SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id"
+				);
+				$this->_php_configs_cache[$php_config_id]['fpm_settings'] = Database::pexecute_first($stmt, array('id' => $this->_php_configs_cache[$php_config_id]['fpmsettingid']));
+			}
 		}

 		return $this->_php_configs_cache[$php_config_id];
--- a/lib/classes/phpinterface/class.phpinterface_fpm.php
+++ b/lib/classes/phpinterface/class.phpinterface_fpm.php
@@ -18,19 +18,28 @@
 * @since      0.9.16
 *
 */
-
-class phpinterface_fpm {
+class phpinterface_fpm
+{

 	/**
 	 * Domain-Data array
+	 *
 	 * @var array
-	*/
+	 */
 	private $_domain = array();

 	/**
-	 * Admin-Date cache array
+	 * fpm config
+	 *
 	 * @var array
-	*/
+	 */
+	private $_fpm_cfg = array();
+
+	/**
+	 * Admin-Date cache array
+	 *
+	 * @var array
+	 */
 	private $_admin_cache = array();

 	/**
@@ -38,119 +47,38 @@ class phpinterface_fpm {
 	 * Mostly taken from http://php.net/manual/en/ini.list.php
 	 *
 	 * @var array
-	*/
-	private $_ini = array(
-			'php_value' => array(
-				'auto_append_file',
-				'auto_prepend_file',
-				'date.timezone',
-				'default_charset',
-				'error_reporting',
-				'include_path',
-				'log_errors_max_len',
-				'mail.log',
-				'max_execution_time',
-				'session.cookie_domain',
-				'session.cookie_lifetime',
-				'session.cookie_path',
-				'session.name',
-				'session.serialize_handler',
-				'upload_max_filesize',
-				'xmlrpc_error_number',
-				'session.auto_start',
-				'always_populate_raw_post_data',
-				'suhosin.session.cryptkey',
-				'suhosin.session.cryptraddr',
-				'suhosin.session.checkraddr',
-				'suhosin.cookie.cryptkey',
-				'suhosin.cookie.plainlist',
-				'suhosin.cookie.cryptraddr',
-				'suhosin.cookie.checkraddr',
-				'suhosin.executor.func.blacklist',
-				'suhosin.executor.eval.whitelist'
-			),
-			'php_flag' => array(
-				'asp_tags',
-				'display_errors',
-				'display_startup_errors',
-				'html_errors',
-				'log_errors',
-				'magic_quotes_gpc',
-				'magic_quotes_runtime',
-				'magic_quotes_sybase',
-				'mail.add_x_header',
-				'session.cookie_secure',
-				'session.use_cookies',
-				'short_open_tag',
-				'track_errors',
-				'xmlrpc_errors',
-				'suhosin.simulation',
-				'suhosin.session.encrypt',
-				'suhosin.session.cryptua',
-				'suhosin.session.cryptdocroot',
-				'suhosin.cookie.encrypt',
-				'suhosin.cookie.cryptua',
-				'suhosin.cookie.cryptdocroot',
-				'suhosin.executor.disable_eval',
-				'mbstring.func_overload'
-			),
-			'php_admin_value' => array(
-				'cgi.redirect_status_env',
-				'date.timezone',
-				'disable_classes',
-				'disable_functions',
-				'error_log',
-				'gpc_order',
-				'max_input_time',
-				'max_input_vars',
-				'memory_limit',
-				'open_basedir',
-				'output_buffering',
-				'post_max_size',
-				'precision',
-				'sendmail_path',
-				'session.gc_divisor',
-				'session.gc_probability',
-				'variables_order',
-				'opcache.log_verbosity_level',
-				'opcache.restrict_api',
-				'opcache.revalidate_freq',
-				'opcache.max_accelerated_files',
-				'opcache.memory_consumption',
-				'opcache.interned_strings_buffer'
-			),
-			'php_admin_flag' => array(
-				'allow_call_time_pass_reference',
-				'allow_url_fopen',
-				'allow_url_include',
-				'auto_detect_line_endings',
-				'cgi.fix_pathinfo',
-				'cgi.force_redirect',
-				'enable_dl',
-				'expose_php',
-				'file_uploads',
-				'ignore_repeated_errors',
-				'ignore_repeated_source',
-				'log_errors',
-				'register_argc_argv',
-				'report_memleaks',
-				'opcache.enable',
-				'opcache.consistency_checks',
-				'opcache.dups_fix',
-				'opcache.load_comments',
-				'opcache.revalidate_path',
-				'opcache.save_comments',
-				'opcache.use_cwd',
-				'opcache.validate_timestamps',
-				'opcache.fast_shutdown'
-			)
-	);
+	 */
+	private $_ini = array();

 	/**
 	 * main constructor
-	*/
-	public function __construct($domain) {
+	 */
+	public function __construct($domain)
+	{
+		if (!isset($domain['fpm_config_id']) || empty($domain['fpm_config_id'])) {
+			$domain['fpm_config_id'] = 1;
+		}
 		$this->_domain = $domain;
+		$this->_readFpmConfig($domain['fpm_config_id']);
+		$this->_buildIniMapping();
+	}
+
+	private function _buildIniMapping()
+	{
+		$this->_ini = array(
+			'php_flag' => explode("\n", Settings::Get('phpfpm.ini_flags')),
+			'php_value' => explode("\n", Settings::Get('phpfpm.ini_values')),
+			'php_admin_flag' => explode("\n", Settings::Get('phpfpm.ini_admin_flags')),
+			'php_admin_value' => explode("\n", Settings::Get('phpfpm.ini_admin_values'))
+		);
+	}
+
+	private function _readFpmConfig($fpm_config_id)
+	{
+		$stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
+		$this->_fpm_cfg = Database::pexecute_first($stmt, array(
+			'id' => $fpm_config_id
+		));
 	}

 	/**
@@ -158,47 +86,60 @@ class phpinterface_fpm {
 	 *
 	 * @param array $phpconfig
 	 */
-	public function createConfig($phpconfig) {
-
+	public function createConfig($phpconfig)
+	{
 		$fh = @fopen($this->getConfigFile(), 'w');
-
+		
 		if ($fh) {
-			$fpm_pm = Settings::Get('phpfpm.pm');
-			$fpm_children = (int)Settings::Get('phpfpm.max_children');
-			$fpm_start_servers = (int)Settings::Get('phpfpm.start_servers');
-			$fpm_min_spare_servers = (int)Settings::Get('phpfpm.min_spare_servers');
-			$fpm_max_spare_servers = (int)Settings::Get('phpfpm.max_spare_servers');
-			$fpm_requests = (int)Settings::Get('phpfpm.max_requests');
-			$fpm_process_idle_timeout = (int)Settings::Get('phpfpm.idle_timeout');
-
+			
+			if ($phpconfig['override_fpmconfig'] == 1) {
+				$this->_fpm_cfg['pm'] = $phpconfig['pm'];
+				$this->_fpm_cfg['max_children'] = $phpconfig['max_children'];
+				$this->_fpm_cfg['start_servers'] = $phpconfig['start_servers'];
+				$this->_fpm_cfg['min_spare_servers'] = $phpconfig['min_spare_servers'];
+				$this->_fpm_cfg['max_spare_servers'] = $phpconfig['max_spare_servers'];
+				$this->_fpm_cfg['max_requests'] = $phpconfig['max_requests'];
+				$this->_fpm_cfg['idle_timeout'] = $phpconfig['idle_timeout'];
+				$this->_fpm_cfg['limit_extensions'] = $phpconfig['limit_extensions'];
+			}
+			
+			$fpm_pm = $this->_fpm_cfg['pm'];
+			$fpm_children = (int) $this->_fpm_cfg['max_children'];
+			$fpm_start_servers = (int) $this->_fpm_cfg['start_servers'];
+			$fpm_min_spare_servers = (int) $this->_fpm_cfg['min_spare_servers'];
+			$fpm_max_spare_servers = (int) $this->_fpm_cfg['max_spare_servers'];
+			$fpm_requests = (int) $this->_fpm_cfg['max_requests'];
+			$fpm_process_idle_timeout = (int) $this->_fpm_cfg['idle_timeout'];
+			$fpm_limit_extensions = $this->_fpm_cfg['limit_extensions'];
+			
 			if ($fpm_children == 0) {
 				$fpm_children = 1;
 			}
-
-			$fpm_config = ';PHP-FPM configuration for "'.$this->_domain['domain'].'" created on ' . date("Y.m.d H:i:s") . "\n";
-			$fpm_config.= '['.$this->_domain['domain'].']'."\n";
-			$fpm_config.= 'listen = '.$this->getSocketFile()."\n";
+			
+			$fpm_config = ';PHP-FPM configuration for "' . $this->_domain['domain'] . '" created on ' . date("Y.m.d H:i:s") . "\n";
+			$fpm_config .= '[' . $this->_domain['domain'] . ']' . "\n";
+			$fpm_config .= 'listen = ' . $this->getSocketFile() . "\n";
 			if ($this->_domain['loginname'] == 'froxlor.panel') {
-				$fpm_config.= 'listen.owner = '.$this->_domain['guid']."\n";
-				$fpm_config.= 'listen.group = '.$this->_domain['guid']."\n";
+				$fpm_config .= 'listen.owner = ' . $this->_domain['guid'] . "\n";
+				$fpm_config .= 'listen.group = ' . $this->_domain['guid'] . "\n";
 			} else {
-				$fpm_config.= 'listen.owner = '.$this->_domain['loginname']."\n";
-				$fpm_config.= 'listen.group = '.$this->_domain['loginname']."\n";
+				$fpm_config .= 'listen.owner = ' . $this->_domain['loginname'] . "\n";
+				$fpm_config .= 'listen.group = ' . $this->_domain['loginname'] . "\n";
 			}
 			// see #1418 why this is 0660
-			$fpm_config.= 'listen.mode = 0660'."\n";
-
+			$fpm_config .= 'listen.mode = 0660' . "\n";
+			
 			if ($this->_domain['loginname'] == 'froxlor.panel') {
-				$fpm_config.= 'user = '.$this->_domain['guid']."\n";
-				$fpm_config.= 'group = '.$this->_domain['guid']."\n";
+				$fpm_config .= 'user = ' . $this->_domain['guid'] . "\n";
+				$fpm_config .= 'group = ' . $this->_domain['guid'] . "\n";
 			} else {
-				$fpm_config.= 'user = '.$this->_domain['loginname']."\n";
-				$fpm_config.= 'group = '.$this->_domain['loginname']."\n";
+				$fpm_config .= 'user = ' . $this->_domain['loginname'] . "\n";
+				$fpm_config .= 'group = ' . $this->_domain['loginname'] . "\n";
 			}
-
-			$fpm_config.= 'pm = '.$fpm_pm."\n";
-			$fpm_config.= 'pm.max_children = '.$fpm_children."\n";
-
+			
+			$fpm_config .= 'pm = ' . $fpm_pm . "\n";
+			$fpm_config .= 'pm.max_children = ' . $fpm_children . "\n";
+			
 			if ($fpm_pm == 'dynamic') {
 				// honor max_children
 				if ($fpm_children < $fpm_min_spare_servers) {
@@ -214,35 +155,40 @@ class phpinterface_fpm {
 				if ($fpm_start_servers > $fpm_max_spare_servers) {
 					$fpm_start_servers = $fpm_max_spare_servers;
 				}
-				$fpm_config.= 'pm.start_servers = '.$fpm_start_servers."\n";
-				$fpm_config.= 'pm.min_spare_servers = '.$fpm_min_spare_servers."\n";
-				$fpm_config.= 'pm.max_spare_servers = '.$fpm_max_spare_servers."\n";
+				$fpm_config .= 'pm.start_servers = ' . $fpm_start_servers . "\n";
+				$fpm_config .= 'pm.min_spare_servers = ' . $fpm_min_spare_servers . "\n";
+				$fpm_config .= 'pm.max_spare_servers = ' . $fpm_max_spare_servers . "\n";
 			} elseif ($fpm_pm == 'ondemand') {
-				$fpm_config.= 'pm.process_idle_timeout = '.$fpm_process_idle_timeout."\n";
+				$fpm_config .= 'pm.process_idle_timeout = ' . $fpm_process_idle_timeout . "\n";
 			}
-
-			$fpm_config.= 'pm.max_requests = '.$fpm_requests."\n";
-
+			
+			$fpm_config .= 'pm.max_requests = ' . $fpm_requests . "\n";
+			
 			// possible slowlog configs
 			if ($phpconfig['fpm_slowlog'] == '1') {
-				$fpm_config.= 'request_terminate_timeout = ' . $phpconfig['fpm_reqterm'] . "\n";
-				$fpm_config.= 'request_slowlog_timeout = ' . $phpconfig['fpm_reqslow'] . "\n";
+				$fpm_config .= 'request_terminate_timeout = ' . $phpconfig['fpm_reqterm'] . "\n";
+				$fpm_config .= 'request_slowlog_timeout = ' . $phpconfig['fpm_reqslow'] . "\n";
 				$slowlog = makeCorrectFile(Settings::Get('system.logfiles_directory') . '/' . $this->_domain['loginname'] . '-php-slow.log');
-				$fpm_config.= 'slowlog = ' . $slowlog . "\n";
-				$fpm_config.= 'catch_workers_output = yes' . "\n";
+				$fpm_config .= 'slowlog = ' . $slowlog . "\n";
+				$fpm_config .= 'catch_workers_output = yes' . "\n";
 			}
-
-			$fpm_config.= ';chroot = '.makeCorrectDir($this->_domain['documentroot'])."\n";
-
+			
+			$fpm_config .= ';chroot = ' . makeCorrectDir($this->_domain['documentroot']) . "\n";
+			$fpm_config .= 'security.limit_extensions = '.$fpm_limit_extensions . "\n";
+			
 			$tmpdir = makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/');
-			if (!is_dir($tmpdir)) {
+			if (! is_dir($tmpdir)) {
 				$this->getTempDir();
 			}
-
-			$fpm_config.= 'env[TMP] = '.$tmpdir."\n";
-			$fpm_config.= 'env[TMPDIR] = '.$tmpdir."\n";
-			$fpm_config.= 'env[TEMP] = '.$tmpdir."\n";
-
+			
+			$env_path = Settings::Get('phpfpm.envpath');
+			if (!empty($env_path)) {
+				$fpm_config .= 'env[PATH] = ' . $env_path . "\n";
+			}
+			$fpm_config .= 'env[TMP] = ' . $tmpdir . "\n";
+			$fpm_config .= 'env[TMPDIR] = ' . $tmpdir . "\n";
+			$fpm_config .= 'env[TEMP] = ' . $tmpdir . "\n";
+			
 			$openbasedir = '';
 			if ($this->_domain['loginname'] != 'froxlor.panel') {
 				if ($this->_domain['openbasedir'] == '1') {
@@ -251,47 +197,45 @@ class phpinterface_fpm {
 					foreach ($_custom_openbasedir as $cobd) {
 						$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
 					}
-
+					
 					$_custom_openbasedir = explode(':', Settings::Get('system.phpappendopenbasedir'));
 					foreach ($_custom_openbasedir as $cobd) {
 						$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
 					}
-
-					if ($this->_domain['openbasedir_path'] == '0'
-							&& strstr($this->_domain['documentroot'], ":") === false
-					) {
+					
+					if ($this->_domain['openbasedir_path'] == '0' && strstr($this->_domain['documentroot'], ":") === false) {
 						$openbasedir = appendOpenBasedirPath($this->_domain['documentroot'], true);
 					} else {
 						$openbasedir = appendOpenBasedirPath($this->_domain['customerroot'], true);
 					}
-
+					
 					$openbasedir .= appendOpenBasedirPath($this->getTempDir());
 					$openbasedir .= $_phpappendopenbasedir;
 				}
 			}
-			$fpm_config.= 'php_admin_value[session.save_path] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
-			$fpm_config.= 'php_admin_value[upload_tmp_dir] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
-
+			$fpm_config .= 'php_admin_value[session.save_path] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
+			$fpm_config .= 'php_admin_value[upload_tmp_dir] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
+			
 			$admin = $this->_getAdminData($this->_domain['adminid']);
 			$php_ini_variables = array(
-					'SAFE_MODE' => 'Off', // keep this for compatibility, just in case
-					'PEAR_DIR' => Settings::Get('phpfpm.peardir'),
-					'TMP_DIR' => $this->getTempDir(),
-					'CUSTOMER_EMAIL' => $this->_domain['email'],
-					'ADMIN_EMAIL' => $admin['email'],
-					'DOMAIN' => $this->_domain['domain'],
-					'CUSTOMER' => $this->_domain['loginname'],
-					'ADMIN' => $admin['loginname'],
-					'OPEN_BASEDIR' => $openbasedir,
-					'OPEN_BASEDIR_C' => '',
-					'OPEN_BASEDIR_GLOBAL' => Settings::Get('system.phpappendopenbasedir'),
-					'DOCUMENT_ROOT' => makeCorrectDir($this->_domain['documentroot'])
+				'SAFE_MODE' => 'Off', // keep this for compatibility, just in case
+				'PEAR_DIR' => Settings::Get('phpfpm.peardir'),
+				'TMP_DIR' => $this->getTempDir(),
+				'CUSTOMER_EMAIL' => $this->_domain['email'],
+				'ADMIN_EMAIL' => $admin['email'],
+				'DOMAIN' => $this->_domain['domain'],
+				'CUSTOMER' => $this->_domain['loginname'],
+				'ADMIN' => $admin['loginname'],
+				'OPEN_BASEDIR' => $openbasedir,
+				'OPEN_BASEDIR_C' => '',
+				'OPEN_BASEDIR_GLOBAL' => Settings::Get('system.phpappendopenbasedir'),
+				'DOCUMENT_ROOT' => makeCorrectDir($this->_domain['documentroot'])
 			);
-
+			
 			$phpini = replace_variables($phpconfig['phpsettings'], $php_ini_variables);
 			$phpini_array = explode("\n", $phpini);
-
-			$fpm_config.= "\n\n";
+			
+			$fpm_config .= "\n\n";
 			foreach ($phpini_array as $inisection) {
 				$is = explode("=", $inisection);
 				foreach ($this->_ini as $sec => $possibles) {
@@ -300,17 +244,17 @@ class phpinterface_fpm {
 						if (trim($is[0]) == 'open_basedir' && $openbasedir == '') {
 							continue;
 						}
-						$fpm_config.= $sec.'['.trim($is[0]).'] = ' . trim($is[1]) . "\n";
+						$fpm_config .= $sec . '[' . trim($is[0]) . '] = ' . trim($is[1]) . "\n";
 					}
 				}
 			}
-
+			
 			// now check if 'sendmail_path' has not beed set in the custom-php.ini
 			// if not we use our fallback-default as usual
 			if (strpos($fpm_config, 'php_admin_value[sendmail_path]') === false) {
-				$fpm_config.= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f '.$this->_domain['email']."\n";
+				$fpm_config .= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f ' . $this->_domain['email'] . "\n";
 			}
-
+			
 			fwrite($fh, $fpm_config, strlen($fpm_config));
 			fclose($fh);
 		}
@@ -322,108 +266,138 @@ class phpinterface_fpm {
 	 *
 	 * @param string $phpconfig
 	 */
-	public function createIniFile($phpconfig) {
+	public function createIniFile($phpconfig)
+	{
 		return;
 	}

 	/**
 	 * fpm-config file
 	 *
-	 * @param boolean $createifnotexists create the directory if it does not exist
-	 *
+	 * @param boolean $createifnotexists
+	 *        	create the directory if it does not exist
+	 *        	
 	 * @return string the full path to the file
 	 */
-	public function getConfigFile($createifnotexists = true) {
-
-		$configdir = makeCorrectDir(Settings::Get('phpfpm.configdir'));
-		$config = makeCorrectFile($configdir.'/'.$this->_domain['domain'].'.conf');
-
-		if (!is_dir($configdir) && $createifnotexists) {
+	public function getConfigFile($createifnotexists = true)
+	{
+		$configdir = $this->_fpm_cfg['config_dir'];
+		$config = makeCorrectFile($configdir . '/' . $this->_domain['domain'] . '.conf');
+		
+		if (! is_dir($configdir) && $createifnotexists) {
 			safe_exec('mkdir -p ' . escapeshellarg($configdir));
 		}
-
+		
 		return $config;
 	}

 	/**
 	 * return path of fpm-socket file
 	 *
-	 * @param boolean $createifnotexists create the directory if it does not exist
-	 *
+	 * @param boolean $createifnotexists
+	 *        	create the directory if it does not exist
+	 *        	
 	 * @return string the full path to the socket
 	 */
-	public function getSocketFile($createifnotexists = true) {
-
+	public function getSocketFile($createifnotexists = true)
+	{
 		$socketdir = makeCorrectDir(Settings::Get('phpfpm.fastcgi_ipcdir'));
-		$socket = strtolower(makeCorrectFile($socketdir.'/'.$this->_domain['loginname'].'-'.$this->_domain['domain'].'-php-fpm.socket'));
-
-		if (!is_dir($socketdir) && $createifnotexists) {
-			safe_exec('mkdir -p '.escapeshellarg($socketdir));
-			safe_exec('chown -R '.Settings::Get('system.httpuser').':'.Settings::Get('system.httpgroup').' '.escapeshellarg($socketdir));
+		// add fpm-config-id to filename so it's unique for the fpm-daemon and doesn't interfere with running configs when reuilding
+		$socket = strtolower(makeCorrectFile($socketdir . '/' . $this->_domain['fpm_config_id'] . '-' . $this->_domain['loginname'] . '-' . $this->_domain['domain'] . '-php-fpm.socket'));
+		
+		if (! is_dir($socketdir) && $createifnotexists) {
+			safe_exec('mkdir -p ' . escapeshellarg($socketdir));
+			safe_exec('chown -R ' . Settings::Get('system.httpuser') . ':' . Settings::Get('system.httpgroup') . ' ' . escapeshellarg($socketdir));
 		}
-
+		
 		return $socket;
 	}

 	/**
 	 * fpm-temp directory
 	 *
-	 * @param boolean $createifnotexists create the directory if it does not exist
-	 *
+	 * @param boolean $createifnotexists
+	 *        	create the directory if it does not exist
+	 *        	
 	 * @return string the directory
 	 */
-	public function getTempDir($createifnotexists = true) {
-
+	public function getTempDir($createifnotexists = true)
+	{
 		$tmpdir = makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/');
-
-		if (!is_dir($tmpdir) && $createifnotexists) {
+		
+		if (! is_dir($tmpdir) && $createifnotexists) {
 			safe_exec('mkdir -p ' . escapeshellarg($tmpdir));
 			safe_exec('chown -R ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($tmpdir));
 			safe_exec('chmod 0750 ' . escapeshellarg($tmpdir));
 		}
-
+		
 		return $tmpdir;
 	}

 	/**
 	 * fastcgi-fakedirectory directory
 	 *
-	 * @param boolean $createifnotexists create the directory if it does not exist
-	 *
+	 * @param boolean $createifnotexists
+	 *        	create the directory if it does not exist
+	 *        	
 	 * @return string the directory
 	 */
-	public function getAliasConfigDir($createifnotexists = true) {
-
+	public function getAliasConfigDir($createifnotexists = true)
+	{
+		
 		// ensure default...
 		if (Settings::Get('phpfpm.aliasconfigdir') == null) {
 			Settings::Set('phpfpm.aliasconfigdir', '/var/www/php-fpm');
 		}
-
+		
 		$configdir = makeCorrectDir(Settings::Get('phpfpm.aliasconfigdir') . '/' . $this->_domain['loginname'] . '/' . $this->_domain['domain'] . '/');
-		if (!is_dir($configdir) && $createifnotexists) {
+		if (! is_dir($configdir) && $createifnotexists) {
 			safe_exec('mkdir -p ' . escapeshellarg($configdir));
 			safe_exec('chown ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($configdir));
 		}
-
+		
 		return $configdir;
 	}

+	/**
+	 * create a dummy fpm pool config with minimal configuration
+	 * (this is used whenever a config directory is empty but needs at least one pool to startup/restart)
+	 *
+	 * @param string $configdir
+	 */
+	public static function createDummyPool($configdir)
+	{
+		if (! is_dir($configdir)) {
+			safe_exec('mkdir -p ' . escapeshellarg($configdir));
+		}
+		$config = makeCorrectFile($configdir . '/dummy.conf');
+		$dummy = "[dummy]
+user = ".Settings::Get('system.httpuser')."
+listen = /run/" . md5($configdir) . "-fpm.sock
+pm = static
+pm.max_children = 1
+";
+		file_put_contents($config, $dummy);
+	}
+
 	/**
 	 * return the admin-data of a specific admin
 	 *
-	 * @param int $adminid id of the admin-user
-	 *
+	 * @param int $adminid
+	 *        	id of the admin-user
+	 *        	
 	 * @return array
 	 */
-	private function _getAdminData($adminid) {
-
+	private function _getAdminData($adminid)
+	{
 		$adminid = intval($adminid);
-
-		if (!isset($this->_admin_cache[$adminid])) {
+		
+		if (! isset($this->_admin_cache[$adminid])) {
 			$stmt = Database::prepare("
-					SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :id"
-			);
-			$this->_admin_cache[$adminid] = Database::pexecute_first($stmt, array('id' => $adminid));
+					SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :id");
+			$this->_admin_cache[$adminid] = Database::pexecute_first($stmt, array(
+				'id' => $adminid
+			));
 		}
 		return $this->_admin_cache[$adminid];
 	}
--- a/lib/classes/phpmailer/PHPMailerAutoload.php
+++ b/lib/classes/phpmailer/PHPMailerAutoload.php
@@ -1,49 +1,49 @@
 <?php
 /**
 * PHPMailer SPL autoloader.
- * PHP Version 5
- * @package PHPMailer
- * @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
- * @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
- * @author Jim Jagielski (jimjag) <jimjag@gmail.com>
- * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
- * @author Brent R. Matzelle (original founder)
- * @copyright 2012 - 2014 Marcus Bointon
- * @copyright 2010 - 2012 Jim Jagielski
- * @copyright 2004 - 2009 Andy Prevost
- * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
- * @note This program is distributed in the hope that it will be useful - WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.
- */
+* PHP Version 5
+* @package PHPMailer
+* @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
+* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
+* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
+* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
+* @author Brent R. Matzelle (original founder)
+* @copyright 2012 - 2014 Marcus Bointon
+* @copyright 2010 - 2012 Jim Jagielski
+* @copyright 2004 - 2009 Andy Prevost
+* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
+* @note This program is distributed in the hope that it will be useful - WITHOUT
+* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+* FITNESS FOR A PARTICULAR PURPOSE.
+*/

 /**
 * PHPMailer SPL autoloader.
- * @param string $classname The name of the class to load
- */
+* @param string $classname The name of the class to load
+*/
 function PHPMailerAutoload($classname)
 {
-    //Can't use __DIR__ as it's only in PHP 5.3+
-    $filename = dirname(__FILE__).DIRECTORY_SEPARATOR.'class.'.strtolower($classname).'.php';
-    if (is_readable($filename)) {
-        require $filename;
-    }
+	//Can't use __DIR__ as it's only in PHP 5.3+
+	$filename = dirname(__FILE__).DIRECTORY_SEPARATOR.'class.'.strtolower($classname).'.php';
+	if (is_readable($filename)) {
+		require $filename;
+	}
 }

 if (version_compare(PHP_VERSION, '5.1.2', '>=')) {
-    //SPL autoloading was introduced in PHP 5.1.2
-    if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
-        spl_autoload_register('PHPMailerAutoload', true, true);
-    } else {
-        spl_autoload_register('PHPMailerAutoload');
-    }
+	//SPL autoloading was introduced in PHP 5.1.2
+	if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
+		spl_autoload_register('PHPMailerAutoload', true, true);
+	} else {
+		spl_autoload_register('PHPMailerAutoload');
+	}
 } else {
-    /**
-     * Fall back to traditional autoload for old PHP versions
-     * @param string $classname The name of the class to load
-     */
-    function __autoload($classname)
-    {
-        PHPMailerAutoload($classname);
-    }
+	/**
+	 * Fall back to traditional autoload for old PHP versions
+	 * @param string $classname The name of the class to load
+	 */
+	function __autoload($classname)
+	{
+		PHPMailerAutoload($classname);
+	}
 }
--- a/lib/classes/phpmailer/class.PHPMailer.php
+++ b/lib/classes/phpmailer/class.PHPMailer.php
--- a/lib/classes/phpmailer/class.SMTP.php
+++ b/lib/classes/phpmailer/class.SMTP.php
--- a/lib/classes/settings/class.SImExporter.php
+++ b/lib/classes/settings/class.SImExporter.php
@@ -0,0 +1,128 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2018 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <d00p@froxlor.org>
+ * @author     Froxlor team <team@froxlor.org> (2018-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Classes
+ *
+ * @since      0.9.39
+ *
+ */
+
+/**
+ * Class SImExporter
+ *
+ * Import/Export settings to JSON
+ *
+ * @copyright (c) the authors
+ * @author Michael Kaufmann <d00p@froxlor.org>
+ * @author Froxlor team <team@froxlor.org> (2018-)
+ * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package Classes
+ */
+class SImExporter
+{
+
+	/**
+	 * settings which are not being exported
+	 *
+	 * @var array
+	 */
+	private static $_no_export = [
+		'panel.adminmail',
+		'admin.show_news_feed',
+		'system.lastaccountnumber',
+		'system.lastguid',
+		'system.ipaddress',
+		'system.last_traffic_run',
+		'system.hostname',
+		'system.mysql_access_host',
+		'system.lastcronrun',
+		'system.defaultip',
+		'system.last_tasks_run',
+		'system.last_archive_run',
+		'system.leprivatekey',
+		'system.lepublickey'
+	];
+
+	public static function export()
+	{
+		$result_stmt = Database::query("
+			SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` ORDER BY `settingid` ASC
+		");
+		$_data = array();
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			$index = $row['settinggroup'] . "." . $row['varname'];
+			if (! in_array($index, self::$_no_export)) {
+				$_data[$index] = $row['value'];
+			}
+		}
+		// add checksum for validation
+		$_data['_sha'] = sha1(var_export($_data, true));
+		$_export = json_encode($_data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
+		if (! $_export) {
+			throw new Exception("Error exporting settings: " . json_last_error_msg());
+		}
+		return $_export;
+	}
+
+	public static function import($json_str = null)
+	{
+		// decode data
+		$_data = json_decode($json_str, true);
+		if ($_data) {
+			// get validity check data
+			$_sha = isset($_data['_sha']) ? $_data['_sha'] : false;
+			$_version = isset($_data['panel.version']) ? $_data['panel.version'] : false;
+			$_dbversion = isset($_data['panel.db_version']) ? $_data['panel.db_version'] : false;
+			// check if we have everything we need
+			if (! $_sha || ! $_version || ! $_dbversion) {
+				throw new Exception("Invalid froxlor settings data. Unable to import.");
+			}
+			// validate import file
+			unset($_data['_sha']);
+			// compare
+			if ($_sha != sha1(var_export($_data, true))) {
+				throw new Exception("SHA check of import data failed. Unable to import.");
+			}
+			// do not import version info - but we need that to possibily update settings
+			// when there were changes in the variable-name or similar
+			unset($_data['panel.version']);
+			unset($_data['panel.db_version']);
+			// validate we got ssl enabled ips when ssl is enabled
+			// otherwise deactivate it
+			if ($_data['system.use_ssl'] == 1) {
+				$result_ssl_ipsandports_stmt = Database::prepare("
+					SELECT COUNT(*) as count_ssl_ip FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='1'
+				");
+				$result = Database::pexecute_first($result_ssl_ipsandports_stmt);
+				if ($result['count_ssl_ip'] <= 0) {
+					// no ssl-ip -> deactivate
+					$_data['system.use_ssl'] = 0;
+					// deactivate other ssl-related settings
+					$_data['system.leenabled'] = 0;
+					$_data['system.le_froxlor_enabled'] = 0;
+					$_data['system.le_froxlor_redirect'] = 0;
+				}
+			}
+			// store new data
+			foreach ($_data as $index => $value) {
+				Settings::Set($index, $value);
+			}
+			// save to DB
+			Settings::Flush();
+			// all good
+			return true;
+		}
+		throw new Exception("Invalid JSON data: " . json_last_error_msg());
+	}
+}
--- a/lib/classes/settings/class.Settings.php
+++ b/lib/classes/settings/class.Settings.php
@@ -86,6 +86,7 @@ class Settings {
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			self::$_data[$row['settinggroup']][$row['varname']] = $row['value'];
 		}
+		return true;
 	}

 	/**
@@ -161,10 +162,16 @@ class Settings {
 			if ($instant_save) {
 				$this->_storeSetting($sstr[0], $sstr[1], $value);
 			} else {
-				if (!is_array(self::$_data[$sstr[0]])) {
+				// set temporary data for usage
+				if (!isset(self::$_data[$sstr[0]]) || !is_array(self::$_data[$sstr[0]])) {
 					self::$_data[$sstr[0]] = array();
 				}
 				self::$_data[$sstr[0]][$sstr[1]] = $value;
+				// set update-data when invoking Flush()
+				if (!isset(self::$_updatedata[$sstr[0]]) || !is_array(self::$_updatedata[$sstr[0]])) {
+					self::$_updatedata[$sstr[0]] = array();
+				}
+				self::$_updatedata[$sstr[0]][$sstr[1]] = $value;
 			}
 			return true;
 		}
@@ -223,8 +230,9 @@ class Settings {
 			// now empty the array
 			self::$_updatedata = array();
 			// re-read in all settings
-			$this->_readSettings();
+			return $this->_readSettings();
 		}
+		return false;
 	}

 	/**
--- a/lib/classes/ssl/class.lescript.php
+++ b/lib/classes/ssl/class.lescript.php
@@ -30,7 +30,6 @@ class lescript
 {

 	// https://letsencrypt.org/repository/
-	public $license;

 	private $logger;

@@ -38,6 +37,12 @@ class lescript

 	private $accountKey;

+	private $customerid;
+
+	private $isFroxlorVhost;
+
+	private $isLeProduction;
+
 	private $version;

 	public function __construct($logger, $version = '1')
@@ -57,44 +62,59 @@ class lescript
 	{
 		// Let's see if we have the private accountkey
 		$this->accountKey = $certrow['leprivatekey'];
-		if (! $this->accountKey || $this->accountKey == 'unset' || Settings::Get('system.letsencryptca') != 'production') {
+		$this->customerId = (!$isFroxlorVhost ? $certrow['customerid'] : null);
+		$this->isFroxlorVhost = $isFroxlorVhost;
+		$this->isLeProduction = (Settings::Get('system.letsencryptca') == 'production');
+
+		$leregistered=$certrow['leregistered'];
+
+		if (! $this->accountKey || $this->accountKey == 'unset' || !$this->isLeProduction) {

 			// generate and save new private key for account
 			// ---------------------------------------------

-			$this->log('Starting new account registration');
+			$this->log('Creating new account key');
 			$keys = $this->generateKey();
 			// Only store the accountkey in production, in staging always generate a new key
-			if (Settings::Get('system.letsencryptca') == 'production') {
+			if ($this->isLeProduction) {
 				if ($isFroxlorVhost) {
 					Settings::Set('system.lepublickey', $keys['public']);
 					Settings::Set('system.leprivatekey', $keys['private']);
+					Settings::Set('system.leregistered', 0); // key is not registered
 				} else {
-					$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private " . "WHERE `customerid` = :customerid;");
+					$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered WHERE `customerid` = :customerid;");
 					Database::pexecute($upd_stmt, array(
 						'public' => $keys['public'],
 						'private' => $keys['private'],
-						'customerid' => $certrow['customerid']
+						'registered' => 0,
+						'customerid' => $this->customerId
 					));
 				}
 			}
+			$leregistered=0;
 			$this->accountKey = $keys['private'];
+		} else {
+			$this->log('Using existing account key');
+		}

+		if ($leregistered==0) { // Account not registered
+
+			$this->log('Starting new account registration');
 			$response = $this->postNewReg();
-			if ($this->client->getLastCode() != 201) {
+			if ($this->client->getLastCode() == 409) {
+				$this->log('The key was already registered. Using existing account.');
+			} else if ($this->client->getLastCode() == 201) {
+				$this->log('New account registered.');
+			} else {
 				throw new \RuntimeException("Account not initialized, probably due to rate limiting. Whole response: " . json_encode($response));
 			}
-			$this->license = $this->client->getAgreementURL();
+			$accountUrl=$this->client->getLastLocation();

-			// Terms of Servce are optional according to ACME specs; if no ToS are presented, no need to update registration
-			if (!empty($this->license)) {
-				$this->postRegAgreement(parse_url($this->client->getLastLocation(), PHP_URL_PATH));
-			}
-			$this->log('New account certificate registered');
-		} else {
-
-			$this->log('Account already registered. Continuing.');
+			$leregistered = 1;
+			$this->setLeRegisteredState($leregistered); // Account registered
+			$this->log('Lets encrypt Terms of Service accepted');
 		}
+
 	}

 	/**
@@ -136,11 +156,17 @@ class lescript
 				)
 			));

+			if ($this->client->getLastCode() == 403) {
+				$this->log("Got status 403 - setting LE status to unregistered.");
+				$this->setLeRegisteredState(0);
+				throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run.  Whole response: " . json_encode($response));
+			}
+
 			// if response is not an array but a string, it's most likely a server-error, e.g.
 			// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
 			// <p>Reference&#32;&#35;179&#46;d8be1402&#46;1458059103&#46;3613c4db</BODY></HTML>
 			if (! is_array($response)) {
-				throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . $response);
+				throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
 			}

 			if (! array_key_exists('challenges', $response)) {
@@ -188,17 +214,18 @@ class lescript
 			$this->log("Token for $domain saved at $tokenPath and should be available at $uri");

 			// simple self check
-			$selfcheckContextOptions = array('http' => array('header' => "User Agent: Froxlor/".$this->version));
-			$selfcheckContext = stream_context_create($selfcheckContextOptions);
-			if ($payload !== trim(@file_get_contents($uri, false, $selfcheckContext))) {
-				$errmsg = json_encode(error_get_last());
-				if ($errmsg != "null") {
-					$errmsg = "; PHP error: " . $errmsg;
-				} else {
-					$errmsg = "";
+			if (Settings::Get('system.disable_le_selfcheck') == '0')
+			{
+				$selfcheckpayload = HttpClient::urlGet($uri, false);
+				if ($payload !== trim($selfcheckpayload)) {
+					$errmsg = json_encode(error_get_last());
+					if ($errmsg != "null") {
+						$errmsg = "; PHP error: " . $errmsg;
+					} else {
+						$errmsg = "";
+					}
+					$this->logger->logAction(CRON_ACTION, LOG_WARNING, "[Lets Encrypt self-check] Please check $uri - token seems to be not available. This is just a simple self-check, it might be wrong but consider using this information when Let's Encrypt fails to issue a certificate" . $errmsg);
 				}
-				@unlink($tokenPath);
-				$this->logger->logAction(CRON_ACTION, LOG_ERR, "letsencrypt Please check $uri - token not available" . $errmsg);
 			}

 			$this->log("Sending request to challenge");
@@ -309,6 +336,21 @@ class lescript
 		);
 	}

+	private function setLeRegisteredState($state)
+	{
+		if ($this->isLeProduction) {
+			if ($this->isFroxlorVhost) {
+				Settings::Set('system.leregistered', $state);
+			} else {
+				$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered WHERE `customerid` = :customerid;");
+				Database::pexecute($upd_stmt, array(
+					'registered' => $state,
+					'customerid' => $this->customerId
+				));
+			}
+		}
+	}
+
 	private function parsePemFromBody($body)
 	{
 		$pem = chunk_split(base64_encode($body), 64, "\n");
@@ -317,21 +359,16 @@ class lescript

 	private function postNewReg()
 	{
+		$this->log('Getting last terms of service URL');
+		$directory = $this->client->get('/directory');
+		if (!isset($directory['meta']) || !isset($directory['meta']['terms-of-service'])) {
+			throw new \RuntimeException("No terms of service link available!");
+		}
 		$this->log('Sending registration to letsencrypt server');

 		return $this->signedRequest('/acme/new-reg', array(
 			'resource' => 'new-reg',
-			'agreement' => $this->license
-		));
-	}
-
-	private function postRegAgreement($uri)
-	{
-		$this->log('Accepting agreement at URL: ' . $this->license);
-
-		return $this->signedRequest($uri, array(
-			'resource' => 'reg',
-			'agreement' => $this->license
+			'agreement' => $directory['meta']['terms-of-service']
 		));
 	}

@@ -536,13 +573,6 @@ class Client
 		preg_match_all('~Link: <(.+)>;rel="up"~', $this->lastHeader, $matches);
 		return $matches[1];
 	}
-
-	public function getAgreementURL()
-	{
-		preg_match_all('~Link: <(.+)>;rel="terms-of-service"~', $this->lastHeader, $matches);
-		return $matches[1][0];
-	}
-
 }

 class Base64UrlSafeEncoder
--- a/lib/classes/ssl/class.lescript_v2.php
+++ b/lib/classes/ssl/class.lescript_v2.php
@@ -0,0 +1,609 @@
+<?php
+
+// Copyright (c) 2015, Stanislav Humplik <sh@analogic.cz>
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright
+// notice, this list of conditions and the following disclaimer in the
+// documentation and/or other materials provided with the distribution.
+// * Neither the name of the <organization> nor the
+// names of its contributors may be used to endorse or promote products
+// derived from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+// DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// This file is copied from https://github.com/analogic/lescript
+// and modified to work without files and integrate in Froxlor
+class lescript_v2
+{
+
+	// https://letsencrypt.org/repository/
+	private $logger;
+
+	private $client;
+
+	private $accountKey;
+
+	private $customerid;
+
+	private $isFroxlorVhost;
+
+	private $isLeProduction;
+
+	private $version;
+
+	private $_req_uris = array();
+
+	private $_acc_location = null;
+
+	public function __construct($logger, $version = '2')
+	{
+		$this->logger = $logger;
+		$this->version = $version;
+		if (Settings::Get('system.letsencryptca') == 'production') {
+			$ca = 'https://acme-v02.api.letsencrypt.org';
+		} else {
+			$ca = 'https://acme-staging-v02.api.letsencrypt.org';
+		}
+		$this->client = new Client($ca);
+		$this->log("Using '$ca' to generate certificate");
+		
+		// get request-uris from /directory
+		$response = $this->client->get('/directory');
+		$this->_req_uris['newAccount'] = $response['newAccount'];
+		$this->_req_uris['newOrder'] = $response['newOrder'];
+		$this->_req_uris['newNonce'] = $response['newNonce'];
+		$this->_req_uris['revokeCert'] = $response['revokeCert'];
+	}
+
+	public function initAccount($certrow, $isFroxlorVhost = false)
+	{
+		// Let's see if we have the private accountkey
+		$this->accountKey = $certrow['leprivatekey'];
+		$this->customerId = (! $isFroxlorVhost ? $certrow['customerid'] : null);
+		$this->isFroxlorVhost = $isFroxlorVhost;
+		$this->isLeProduction = (Settings::Get('system.letsencryptca') == 'production');
+		$this->_acc_location = $certrow['leaccount'];
+		
+		$leregistered = $certrow['leregistered'];
+		
+		if (! $this->accountKey || $this->accountKey == 'unset' || ! $this->isLeProduction) {
+			
+			// generate and save new private key for account
+			// ---------------------------------------------
+			
+			$this->log('Creating new account key');
+			$keys = $this->generateKey();
+			// Only store the accountkey in production, in staging always generate a new key
+			if ($this->isLeProduction) {
+				if ($isFroxlorVhost) {
+					Settings::Set('system.lepublickey', $keys['public']);
+					Settings::Set('system.leprivatekey', $keys['private']);
+					Settings::Set('system.leregistered', 0); // key is not registered
+				} else {
+					$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered WHERE `customerid` = :customerid;");
+					Database::pexecute($upd_stmt, array(
+						'public' => $keys['public'],
+						'private' => $keys['private'],
+						'registered' => 0,
+						'customerid' => $this->customerId
+					));
+				}
+			}
+			$leregistered = 0;
+			$this->accountKey = $keys['private'];
+		} else {
+			$this->log('Using existing account key');
+		}
+		
+		if ($leregistered == 0) { // Account not registered
+			
+			$this->log('Starting new account registration');
+			$response = $this->postNewReg();
+			if ($this->client->getLastCode() == 409) {
+				$this->log('The key was already registered. Using existing account.');
+			} else if ($this->client->getLastCode() == 201) {
+				$this->log('New account registered.');
+			} else {
+				throw new \RuntimeException("Account not initialized, probably due to rate limiting. Whole response: " . json_encode($response));
+			}
+			$this->_acc_location = $this->client->getLastLocation();
+			
+			$leregistered = 1;
+			$this->setLeRegisteredState($leregistered);
+		}
+	}
+
+	/**
+	 *
+	 * @param array $domains
+	 * @param string $domainkey
+	 * @param string $csr
+	 *        	optional, same behavior as $reuseCsr from the original class, but we're passing the content of the csr already
+	 *        	
+	 * @throws \RuntimeException
+	 * @return string[]
+	 */
+	public function signDomains(array $domains, $domainkey = null, $csr = null)
+	{
+		if (! $this->accountKey) {
+			throw new \RuntimeException("Account not initialized");
+		}
+		
+		$this->log('Starting certificate generation process for domains');
+		
+		$privateAccountKey = openssl_pkey_get_private($this->accountKey);
+		$accountKeyDetails = openssl_pkey_get_details($privateAccountKey);
+		
+		// start domains authentication
+		// ----------------------------
+
+		// Prepare order
+		$domains_in_order = array();
+		foreach ($domains as $domain) {
+			$domains_in_order []= array(
+				"type" => "dns",
+				"value" => $domain
+			);
+		}
+
+		// Send new-order request
+		$response = $this->signedRequest($this->_req_uris['newOrder'], array(
+			"identifiers" => $domains_in_order
+		), false);
+		
+		if ($this->client->getLastCode() == 403) {
+			$this->log("Got status 403 - setting LE status to unregistered.");
+			$this->_acc_location = '';
+			$this->setLeRegisteredState(0);
+			throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run.  Whole response: " . json_encode($response));
+		}
+		
+		// if response is not an array but a string, it's most likely a server-error, e.g.
+		// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
+		// <p>Reference&#32;&#35;179&#46;d8be1402&#46;1458059103&#46;3613c4db</BODY></HTML>
+		if (! is_array($response)) {
+			throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
+		}
+		
+		if (! array_key_exists('authorizations', $response)) {
+			throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
+		}
+
+		$authorizations = $response['authorizations'];
+		$finalizeLink = $response['finalize'];
+
+		$i = 0;
+		
+		foreach ($authorizations as $authorization) {
+			
+			// 1. getting available authentication options
+			// -------------------------------------------
+
+			$domain = $response['identifiers'][$i++]['value'];
+			
+			$this->log("Requesting challenge for $domain");
+			
+			// get authorization
+			$auth_response = $this->client->get($authorization);
+			
+			if (! array_key_exists('challenges', $auth_response)) {
+				throw new RuntimeException("No challenges received for $domain. Whole response: " . json_encode($auth_response));
+			}
+			
+			// choose http-01 challenge only
+			$challenge = array_reduce($auth_response['challenges'], function ($v, $w) {
+				return $v ? $v : ($w['type'] == 'http-01' ? $w : false);
+			});
+			
+			if (! $challenge) {
+				throw new RuntimeException("HTTP Challenge for $domain is not available. Whole response: " . json_encode($response));
+			}
+			
+			$this->log("Got challenge token for $domain");
+			$location = $challenge['url'];
+			
+			// 2. saving authentication token for web verification
+			// ---------------------------------------------------
+			
+			$directory = Settings::Get('system.letsencryptchallengepath') . '/.well-known/acme-challenge';
+			$tokenPath = $directory . '/' . $challenge['token'];
+			
+			if (! file_exists($directory) && ! @mkdir($directory, 0755, true)) {
+				throw new \RuntimeException("Couldn't create directory to expose challenge: ${tokenPath}");
+			}
+			
+			$header = array(
+				// need to be in precise order!
+				"e" => Base64UrlSafeEncoder::encode($accountKeyDetails["rsa"]["e"]),
+				"kty" => "RSA",
+				"n" => Base64UrlSafeEncoder::encode($accountKeyDetails["rsa"]["n"])
+			);
+			$payload = $challenge['token'] . '.' . Base64UrlSafeEncoder::encode(hash('sha256', json_encode($header), true));
+			
+			file_put_contents($tokenPath, $payload);
+			chmod($tokenPath, 0644);
+			
+			// 3. verification process itself
+			// -------------------------------
+			
+			$uri = "http://${domain}/.well-known/acme-challenge/${challenge['token']}";
+			
+			$this->log("Token for $domain saved at $tokenPath and should be available at $uri");
+			
+			// simple self check
+			if (Settings::Get('system.disable_le_selfcheck') == '0') {
+				$selfcheckpayload = HttpClient::urlGet($uri, false);
+				if ($payload !== trim($selfcheckpayload)) {
+					$errmsg = json_encode(error_get_last());
+					if ($errmsg != "null") {
+						$errmsg = "; PHP error: " . $errmsg;
+					} else {
+						$errmsg = "";
+					}
+					$this->logger->logAction(CRON_ACTION, LOG_WARNING, "[Lets Encrypt self-check] Please check $uri - token seems to be not available. This is just a simple self-check, it might be wrong but consider using this information when Let's Encrypt fails to issue a certificate" . $errmsg);
+				}
+			}
+			
+			$this->log("Sending request to challenge");
+			
+			// send request to challenge
+			$result = $this->signedRequest($challenge['url'], array(
+				"type" => "http-01",
+				"keyAuthorization" => $payload,
+				"token" => $challenge['token']
+			), false);
+			
+			// waiting loop
+			// we wait for a maximum of 30 seconds to avoid endless loops
+			$count = 0;
+			do {
+				if (empty($result['status']) || $result['status'] == "invalid") {
+					@unlink($tokenPath);
+					throw new \RuntimeException("Verification ended with error: " . json_encode($result));
+				}
+				$ended = ! ($result['status'] === "pending" || $result['status'] === "processing");
+				
+				if (! $ended) {
+					$this->log("Verification " . $result['status'] . ", sleeping 1s");
+					sleep(1);
+					$count ++;
+				}
+				
+				$result = $this->client->get($location);
+			} while (! $ended && $count < 30);
+			
+			$this->log("Verification ended with status: ${result['status']}");
+			@unlink($tokenPath);
+		}
+		
+		// requesting certificate
+		// ----------------------
+		
+		// generate private key for domain if not exist
+		if (empty($domainkey) || Settings::Get('system.letsencryptreuseold') == 0) {
+			$keys = $this->generateKey();
+			$domainkey = $keys['private'];
+		}
+		
+		// load domain key
+		$privateDomainKey = openssl_pkey_get_private($domainkey);
+		
+		if (empty($csr)) {
+			$csr = $this->generateCSR($privateDomainKey, $domains);
+		}
+		
+		// request certificates creation
+		$result = $this->signedRequest($finalizeLink, array(
+			'csr' => $csr
+		), false);
+		if ($this->client->getLastCode() !== 200) {
+			throw new \RuntimeException("Invalid response code: " . $this->client->getLastCode() . ", " . json_encode($result));
+		}
+		if (! isset($result['certificate'])) {
+			throw new \RuntimeException("No certificate URL specified in result");
+		}
+		
+		$certificates = array();
+		$certdata = $this->client->get($result['certificate']);
+		$this->log("Got certificate! YAY!");
+		$certificates[] = $certdata;
+		foreach ($this->client->getLastLinks() as $link) {
+			$this->log("Requesting chained cert at $link");
+			$result = $this->client->get($link);
+			$certificates[] = $result;
+		}
+		
+		if (empty($certificates))
+			throw new \RuntimeException('No certificates generated');
+		
+		$fullchain = implode("\n", $certificates);
+		$crt = array_shift($certificates);
+		$chain = implode("\n", $certificates);
+		
+		$this->log("Done, returning new certificates and key");
+		return array(
+			'fullchain' => $fullchain,
+			'crt' => $crt,
+			'chain' => $chain,
+			'key' => $domainkey,
+			'csr' => $csr
+		);
+	}
+
+	private function setLeRegisteredState($state)
+	{
+		if ($this->isLeProduction) {
+			if ($this->isFroxlorVhost) {
+				Settings::Set('system.leregistered', $state);
+				Settings::Set('system.leaccount', $this->_acc_location);
+			} else {
+				$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered, `leaccount` = :kid WHERE `customerid` = :customerid;");
+				Database::pexecute($upd_stmt, array(
+					'registered' => $state,
+					'kid' => $this->_acc_location,
+					'customerid' => $this->customerId
+				));
+			}
+		}
+	}
+
+	private function parsePemFromBody($body)
+	{
+		$pem = chunk_split(base64_encode($body), 64, "\n");
+		return "-----BEGIN CERTIFICATE-----\n" . $pem . "-----END CERTIFICATE-----\n";
+	}
+
+	private function postNewReg()
+	{
+		$this->log('Getting last terms of service URL');
+		$directory = $this->client->get('/directory');
+		if (! isset($directory['meta']) || ! isset($directory['meta']['termsOfService'])) {
+			throw new \RuntimeException("No terms of service link available!");
+		}
+		$this->log('Sending registration to letsencrypt server');
+		
+		return $this->signedRequest($this->_req_uris['newAccount'], array(
+			'termsOfServiceAgreed' => true
+		));
+	}
+
+	private function generateCSR($privateKey, array $domains)
+	{
+		$domain = reset($domains);
+		$san = implode(",", array_map(function ($dns) {
+			return "DNS:" . $dns;
+		}, $domains));
+		$tmpConf = tmpfile();
+		$tmpConfMeta = stream_get_meta_data($tmpConf);
+		$tmpConfPath = $tmpConfMeta["uri"];
+		
+		// workaround to get SAN working
+		fwrite($tmpConf, 'HOME = .
+RANDFILE = $ENV::HOME/.rnd
+[ req ]
+default_bits = ' . Settings::Get('system.letsencryptkeysize') . '
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+req_extensions = v3_req
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+[ v3_req ]
+basicConstraints = CA:FALSE
+subjectAltName = ' . $san . '
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment');
+		
+		$csr = openssl_csr_new(array(
+			"CN" => $domain,
+			"ST" => Settings::Get('system.letsencryptstate'),
+			"C" => Settings::Get('system.letsencryptcountrycode'),
+			"O" => "Unknown"
+		), $privateKey, array(
+			"config" => $tmpConfPath,
+			"digest_alg" => "sha256"
+		));
+		
+		if (! $csr)
+			throw new \RuntimeException("CSR couldn't be generated! " . openssl_error_string());
+		
+		openssl_csr_export($csr, $csr);
+		fclose($tmpConf);
+		
+		preg_match('~REQUEST-----(.*)-----END~s', $csr, $matches);
+		
+		return trim(Base64UrlSafeEncoder::encode(base64_decode($matches[1])));
+	}
+
+	private function generateKey()
+	{
+		$res = openssl_pkey_new(array(
+			"private_key_type" => OPENSSL_KEYTYPE_RSA,
+			"private_key_bits" => (int) Settings::Get('system.letsencryptkeysize')
+		));
+		
+		if (! openssl_pkey_export($res, $privateKey)) {
+			throw new \RuntimeException("Key export failed!");
+		}
+		
+		$details = openssl_pkey_get_details($res);
+		
+		return array(
+			'private' => $privateKey,
+			'public' => $details['key']
+		);
+	}
+
+	private function signedRequest($uri, array $payload, $needs_jwk = true)
+	{
+		$privateKey = openssl_pkey_get_private($this->accountKey);
+		$details = openssl_pkey_get_details($privateKey);
+		
+		$header = array(
+			"alg" => "RS256"
+		);
+		
+		if ($needs_jwk) {
+			$header["jwk"] = array(
+				"kty" => "RSA",
+				"n" => Base64UrlSafeEncoder::encode($details["rsa"]["n"]),
+				"e" => Base64UrlSafeEncoder::encode($details["rsa"]["e"])
+			);
+		} else {
+			// need account-url
+			$header["kid"] = $this->_acc_location;
+		}
+		
+		$protected = $header;
+		$protected["nonce"] = $this->client->getLastNonce();
+		$protected["url"] = $uri;
+		
+		$payload64 = Base64UrlSafeEncoder::encode(json_encode($payload, JSON_UNESCAPED_SLASHES));
+		$protected64 = Base64UrlSafeEncoder::encode(json_encode($protected));
+		
+		openssl_sign($protected64 . '.' . $payload64, $signed, $privateKey, "SHA256");
+		
+		$signed64 = Base64UrlSafeEncoder::encode($signed);
+		
+		$data = array(
+			'protected' => $protected64,
+			'payload' => $payload64,
+			'signature' => $signed64
+		);
+		
+		$this->log("Sending signed request to $uri");
+		return $this->client->post($uri, json_encode($data));
+	}
+
+	protected function log($message)
+	{
+		$this->logger->logAction(CRON_ACTION, LOG_INFO, "letsencrypt-v2 " . $message);
+	}
+}
+
+class Client
+{
+
+	private $lastCode;
+
+	public $lastHeader;
+
+	private $base;
+
+	public function __construct($base)
+	{
+		$this->base = $base;
+	}
+
+	private function curl($method, $url, $data = null)
+	{
+		$headers = array(
+			'Accept: application/jose+json',
+			'Content-Type: application/jose+json'
+		);
+		$handle = curl_init();
+		curl_setopt($handle, CURLOPT_URL, preg_match('~^http~', $url) ? $url : $this->base . $url);
+		curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
+		curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
+		curl_setopt($handle, CURLOPT_HEADER, true);
+		
+		// DO NOT DO THAT!
+		// curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, false);
+		// curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, false);
+		
+		switch ($method) {
+			case 'GET':
+				break;
+			case 'POST':
+				curl_setopt($handle, CURLOPT_POST, true);
+				curl_setopt($handle, CURLOPT_POSTFIELDS, $data);
+				break;
+		}
+		$response = curl_exec($handle);
+		
+		if (curl_errno($handle)) {
+			throw new \RuntimeException('Curl: ' . curl_error($handle));
+		}
+		
+		$header_size = curl_getinfo($handle, CURLINFO_HEADER_SIZE);
+		
+		$header = substr($response, 0, $header_size);
+		$body = substr($response, $header_size);
+		
+		$this->lastHeader = $header;
+		$this->lastCode = curl_getinfo($handle, CURLINFO_HTTP_CODE);
+		
+		$data = json_decode($body, true);
+		return $data === null ? $body : $data;
+	}
+
+	public function post($url, $data)
+	{
+		return $this->curl('POST', $url, $data);
+	}
+
+	public function get($url)
+	{
+		return $this->curl('GET', $url);
+	}
+
+	public function getLastNonce()
+	{
+		if (preg_match('~Replay\-Nonce: (.+)~i', $this->lastHeader, $matches)) {
+			return trim($matches[1]);
+		}
+		
+		$this->curl('GET', '/acme/new-nonce');
+		return $this->getLastNonce();
+	}
+
+	public function getLastLocation()
+	{
+		if (preg_match('~Location: (.+)~i', $this->lastHeader, $matches)) {
+			return trim($matches[1]);
+		}
+		return null;
+	}
+
+	public function getLastCode()
+	{
+		return $this->lastCode;
+	}
+
+	public function getLastLinks()
+	{
+		preg_match_all('~Link: <(.+)>;rel="up"~', $this->lastHeader, $matches);
+		return $matches[1];
+	}
+}
+
+class Base64UrlSafeEncoder
+{
+
+	public static function encode($input)
+	{
+		return str_replace('=', '', strtr(base64_encode($input), '+/', '-_'));
+	}
+
+	public static function decode($input)
+	{
+		$remainder = strlen($input) % 4;
+		if ($remainder) {
+			$padlen = 4 - $remainder;
+			$input .= str_repeat('=', $padlen);
+		}
+		return base64_decode(strtr($input, '-_', '+/'));
+	}
+}
--- a/lib/classes/ticket/class.ticket.php
+++ b/lib/classes/ticket/class.ticket.php
@@ -19,46 +19,53 @@
 *
 * Support Tickets - Tickets-Class
 */
-
-class ticket {
+class ticket
+{

 	/**
 	 * Userinfo
+	 *
 	 * @var array
 	 */
 	private $userinfo = array();

 	/**
 	 * Ticket ID
-	 * @var tid
+	 *
+	 * @var int
 	 */
 	private $tid = - 1;

 	/**
 	 * Ticket Data Array
-	 * @var t_data
+	 *
+	 * @var array
 	 */
 	private $t_data = array();

 	/**
 	 * Ticket-Object-Array
-	 * @var tickets
+	 *
+	 * @var ticket[]
 	 */
-	static private $tickets = array();
+	private static $tickets = array();

 	/**
 	 * Class constructor.
 	 *
-	 * @param array userinfo
-	 * @param int ticket id
+	 * @param
+	 *        	array userinfo
+	 * @param
+	 *        	int ticket id
 	 */
-	private function __construct($userinfo, $tid = - 1) {
+	private function __construct($userinfo, $tid = - 1)
+	{
 		$this->userinfo = $userinfo;
 		$this->tid = $tid;
-
+		
 		// initialize data array
 		$this->initData();
-
+		
 		// read data from database
 		$this->readData();
 	}
@@ -66,21 +73,24 @@ class ticket {
 	/**
 	 * Singleton ftw ;-)
 	 *
-	 * @param array userinfo
-	 * @param int ticket id
+	 * @param
+	 *        	array userinfo
+	 * @param
+	 *        	int ticket id
 	 */
-	static public function getInstanceOf($_usernfo, $_tid) {
-		if (!isset(self::$tickets[$_tid])) {
-			self::$tickets[$_tid] = new ticket($_usernfo, $_tid);
+	static public function getInstanceOf($_usernfo, $_tid)
+	{
+		if (! isset(self::$tickets[$_tid . '-' . $_usernfo['userid']])) {
+			self::$tickets[$_tid . '-' . $_usernfo['userid']] = new ticket($_usernfo, $_tid);
 		}
-		return self::$tickets[$_tid];
+		return self::$tickets[$_tid . '-' . $_usernfo['userid']];
 	}

 	/**
 	 * Initialize data-array
 	 */
-	private function initData() {
-
+	private function initData()
+	{
 		$this->Set('customer', 0, true, true);
 		$this->Set('admin', 1, true, true);
 		$this->Set('subject', '', true, true);
@@ -100,16 +110,33 @@ class ticket {
 	/**
 	 * Read ticket data from database.
 	 */
-	private function readData() {
-
-		if (isset($this->tid)
-			&& $this->tid != - 1
-		) {
-			$_ticket_stmt = Database::prepare('
-				SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid'
-			);
-			$_ticket = Database::pexecute_first($_ticket_stmt, array('tid' => $this->tid));
-
+	private function readData()
+	{
+		if (isset($this->tid) && $this->tid != - 1) {
+			
+			if ($this->userinfo['customerid'] > 0) {
+				$_ticket_stmt = Database::prepare('
+					SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid AND `customerid` = :cid');
+				$tdata = array(
+					'tid' => $this->tid,
+					'cid' => $this->userinfo['customerid']
+				);
+			} else {
+				$_ticket_stmt = Database::prepare('
+					SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid' . ($this->userinfo['customers_see_all'] ? '' : ' AND `adminid` = :adminid'));
+				$tdata = array(
+					'tid' => $this->tid
+				);
+				if ($this->userinfo['customers_see_all'] != '1') {
+					$tdata['adminid'] = $this->userinfo['adminid'];
+				}
+			}
+			$_ticket = Database::pexecute_first($_ticket_stmt, $tdata);
+			
+			if ($_ticket == false) {
+				throw new Exception("Invalid ticket id");
+			}
+			
 			$this->Set('customer', $_ticket['customerid'], true, false);
 			$this->Set('admin', $_ticket['adminid'], true, false);
 			$this->Set('subject', $_ticket['subject'], true, false);
@@ -130,8 +157,8 @@ class ticket {
 	/**
 	 * Insert data to database
 	 */
-	public function Insert() {
-
+	public function Insert()
+	{
 		$ins_stmt = Database::prepare("
 			INSERT INTO `" . TABLE_PANEL_TICKETS . "` SET
                `customerid` = :customerid,
@@ -146,8 +173,7 @@ class ticket {
                `status` = :status,
                `lastreplier` = :lastreplier,
                `by` = :by,
-                `answerto` = :answerto"
-		);
+                `answerto` = :answerto");
 		$ins_data = array(
 			'customerid' => $this->Get('customer'),
 			'adminid' => $this->Get('admin'),
@@ -171,8 +197,9 @@ class ticket {
 	/**
 	 * Update data in database
 	 */
-	public function Update() {
-
+	public function Update()
+	{
+		
 		// Update "main" ticket
 		$upd_stmt = Database::prepare('
 			UPDATE `' . TABLE_PANEL_TICKETS . '` SET
@@ -180,8 +207,7 @@ class ticket {
                `lastchange` = :lastchange,
                `status` = :status,
                `lastreplier` = :lastreplier
-                WHERE `id` = :tid'
-		);
+                WHERE `id` = :tid');
 		$upd_data = array(
 			'priority' => $this->Get('priority'),
 			'lastchange' => $this->Get('lastchange'),
@@ -196,38 +222,44 @@ class ticket {
 	/**
 	 * Moves a ticket to the archive
 	 */
-	public function Archive() {
-
+	public function Archive()
+	{
+		
 		// Update "main" ticket
 		$upd_stmt = Database::prepare('
-			UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `id` = :tid'
-		);
-		Database::pexecute($upd_stmt, array('tid' => $this->tid));
-
+			UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `id` = :tid');
+		Database::pexecute($upd_stmt, array(
+			'tid' => $this->tid
+		));
+		
 		// Update "answers" to ticket
 		$upd_stmt = Database::prepare('
-			UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `answerto` = :tid'
-		);
-		Database::pexecute($upd_stmt, array('tid' => $this->tid));
+			UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `answerto` = :tid');
+		Database::pexecute($upd_stmt, array(
+			'tid' => $this->tid
+		));
 		return true;
 	}

 	/**
 	 * Remove ticket from database
 	 */
-	public function Delete() {
-
+	public function Delete()
+	{
+		
 		// Delete "main" ticket
 		$del_stmt = Database::prepare('
-			DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid'
-		);
-		Database::pexecute($del_stmt, array('tid' => $this->tid));
-
+			DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid');
+		Database::pexecute($del_stmt, array(
+			'tid' => $this->tid
+		));
+		
 		// Delete "answers" to ticket"
 		$del_stmt = Database::prepare('
-			DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto` = :tid'
-		);
-		Database::pexecute($del_stmt, array('tid' => $this->tid));
+			DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto` = :tid');
+		Database::pexecute($del_stmt, array(
+			'tid' => $this->tid
+		));
 		return true;
 	}

@@ -237,16 +269,17 @@ class ticket {
 	public function sendMail($customerid = - 1, $template_subject = null, $default_subject = null, $template_body = null, $default_body = null)
 	{
 		global $mail, $theme;
-
+		
 		// Some checks are to be made here in the future
 		if ($customerid != - 1) {
 			// Get e-mail message for customer
 			$usr_stmt = Database::prepare('
 				SELECT `name`, `firstname`, `company`, `email`
-				FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `customerid` = :customerid'
-			);
-			$usr = Database::pexecute_first($usr_stmt, array('customerid' => $customerid));
-
+				FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `customerid` = :customerid');
+			$usr = Database::pexecute_first($usr_stmt, array(
+				'customerid' => $customerid
+			));
+			
 			$replace_arr = array(
 				'FIRSTNAME' => $usr['firstname'],
 				'NAME' => $usr['name'],
@@ -268,23 +301,21 @@ class ticket {
 			SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 			WHERE `adminid`= :adminid
 			AND `language`= :lang
-			AND `templategroup`= 'mails' AND `varname`= :tplsubject"
-		);
+			AND `templategroup`= 'mails' AND `varname`= :tplsubject");
 		$result = Database::pexecute_first($result_stmt, $tpl_seldata);
 		$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default_subject), $replace_arr));
-
+		
 		unset($tpl_seldata['tplsubject']);
 		$tpl_seldata['tplmailbody'] = $template_body;
-
+		
 		$result_stmt = Database::prepare("
 			SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 			WHERE `adminid`= :adminid
 			AND `language`= :lang
-			AND `templategroup`= 'mails' AND `varname`= :tplmailbody"
-		);
+			AND `templategroup`= 'mails' AND `varname`= :tplmailbody");
 		$result = Database::pexecute_first($result_stmt, $tpl_seldata);
 		$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default_body), $replace_arr));
-
+		
 		if ($customerid != - 1) {
 			$_mailerror = false;
 			try {
@@ -294,28 +325,30 @@ class ticket {
 				$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
 				$mail->AddAddress($usr['email'], $usr['firstname'] . ' ' . $usr['name']);
 				$mail->Send();
-			} catch(phpmailerException $e) {
+			} catch (phpmailerException $e) {
 				$mailerr_msg = $e->errorMessage();
 				$_mailerror = true;
 			} catch (Exception $e) {
 				$mailerr_msg = $e->getMessage();
 				$_mailerror = true;
 			}
-
+			
 			if ($_mailerror) {
-				$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'ticket_class'));
+				$rstlog = FroxlorLogger::getInstanceOf(array(
+					'loginname' => 'ticket_class'
+				));
 				$rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
 				standard_error('errorsendingmail', $usr['email']);
 			}
 			$mail->ClearAddresses();
-
 		} else {
-
+			
 			$admin_stmt = Database::prepare("
 				SELECT `name`, `email` FROM `" . TABLE_PANEL_ADMINS . "`
-				WHERE `adminid` = :adminid"
-			);
-			$admin = Database::pexecute_first($admin_stmt, array('adminid' => $this->userinfo['adminid']));
+				WHERE `adminid` = :adminid");
+			$admin = Database::pexecute_first($admin_stmt, array(
+				'adminid' => $this->userinfo['adminid']
+			));
 			$_mailerror = false;
 			try {
 				$mail->SetFrom(Settings::Get('ticket.noreply_email'), Settings::Get('ticket.noreply_name'));
@@ -324,20 +357,22 @@ class ticket {
 				$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
 				$mail->AddAddress($admin['email'], $admin['name']);
 				$mail->Send();
-			} catch(phpmailerException $e) {
+			} catch (phpmailerException $e) {
 				$mailerr_msg = $e->errorMessage();
 				$_mailerror = true;
 			} catch (Exception $e) {
 				$mailerr_msg = $e->getMessage();
 				$_mailerror = true;
 			}
-
+			
 			if ($_mailerror) {
-				$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'ticket_class'));
+				$rstlog = FroxlorLogger::getInstanceOf(array(
+					'loginname' => 'ticket_class'
+				));
 				$rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
 				standard_error('errorsendingmail', $admin['email']);
 			}
-
+			
 			$mail->ClearAddresses();
 		}
 	}
@@ -345,21 +380,18 @@ class ticket {
 	/**
 	 * Add a support-categories
 	 */
-	static public function addCategory($_category = null, $_admin = 1, $_order = 1) {
-
-		if ($_category != null
-			&& $_category != ''
-		) {
+	static public function addCategory($_category = null, $_admin = 1, $_order = 1)
+	{
+		if ($_category != null && $_category != '') {
 			if ($_order < 1) {
 				$_order = 1;
 			}
-
+			
 			$ins_stmt = Database::prepare("
 				INSERT INTO `" . TABLE_PANEL_TICKET_CATS . "` SET
 					`name` = :name,
 					`adminid` = :adminid,
-					`logicalorder` = :lo"
-			);
+					`logicalorder` = :lo");
 			$ins_data = array(
 				'name' => $_category,
 				'adminid' => $_admin,
@@ -374,23 +406,24 @@ class ticket {
 	/**
 	 * Edit a support-categories
 	 */
-	static public function editCategory($_category = null, $_id = 0, $_order = 1) {
-
-		if ($_category != null
-			&& $_category != ''
-			&& $_id != 0
-		) {
+	static public function editCategory($_category = null, $_id = 0, $_order = 1)
+	{
+		if ($_category != null && $_category != '' && $_id != 0) {
 			if ($_order < 1) {
 				$_order = 1;
 			}
-
+			
 			$upd_stmt = Database::prepare("
 				UPDATE `" . TABLE_PANEL_TICKET_CATS . "` SET
 					`name` = :name,
 					`logicalorder` = :lo
                  WHERE `id` = :id
 			");
-			Database::pexecute($upd_stmt, array('name' => $_category, 'lo' => $_order, 'id' => $_id));
+			Database::pexecute($upd_stmt, array(
+				'name' => $_category,
+				'lo' => $_order,
+				'id' => $_id
+			));
 			return true;
 		}
 		return false;
@@ -399,40 +432,43 @@ class ticket {
 	/**
 	 * Delete a support-categories
 	 */
-	static public function deleteCategory($_id = 0) {
-
+	static public function deleteCategory($_id = 0)
+	{
 		if ($_id != 0) {
-
+			
 			$result_stmt = Database::prepare("
 				SELECT COUNT(`id`) as `numtickets` FROM `" . TABLE_PANEL_TICKETS . "`
-				WHERE `category` = :cat"
-			);
-			$result = Database::pexecute_first($result_stmt, array('cat' => $_id));
-
+				WHERE `category` = :cat");
+			$result = Database::pexecute_first($result_stmt, array(
+				'cat' => $_id
+			));
+			
 			if ($result['numtickets'] == "0") {
 				$del_stmt = Database::prepare("
-					DELETE FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id"
-				);
-				Database::pexecute($del_stmt, array('id' => $_id));
+					DELETE FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id");
+				Database::pexecute($del_stmt, array(
+					'id' => $_id
+				));
 				return true;
 			} else {
 				return false;
 			}
 		}
-
+		
 		return false;
 	}

 	/**
 	 * Return a support-category-name
 	 */
-	static public function getCategoryName($_id = 0) {
-
+	static public function getCategoryName($_id = 0)
+	{
 		if ($_id != 0) {
 			$stmt = Database::prepare("
-				SELECT `name` FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id"
-			);
-			$category = Database::pexecute_first($stmt, array('id' => $_id));
+				SELECT `name` FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id");
+			$category = Database::pexecute_first($stmt, array(
+				'id' => $_id
+			));
 			return $category['name'];
 		}
 		return null;
@@ -440,32 +476,33 @@ class ticket {

 	/**
 	 * get the highest order number
-	 * 
-	 * @param object $_uid admin-id (optional)
-	 * 
+	 *
+	 * @param object $_uid
+	 *        	admin-id (optional)
+	 *        	
 	 * @return int highest order number
 	 */
-	static public function getHighestOrderNumber($_uid = 0) {
-
+	static public function getHighestOrderNumber($_uid = 0)
+	{
 		$where = '';
 		$sel_data = array();
 		if ($_uid > 0) {
 			$where = " WHERE `adminid` = :adminid";
 			$sel_data['adminid'] = $_uid;
 		}
-		$sql = "SELECT MAX(`logicalorder`) as `highestorder` FROM `" . TABLE_PANEL_TICKET_CATS . "`".$where.";";
+		$sql = "SELECT MAX(`logicalorder`) as `highestorder` FROM `" . TABLE_PANEL_TICKET_CATS . "`" . $where . ";";
 		$result_stmt = Database::prepare($sql);
 		$result = Database::pexecute_first($result_stmt, $sel_data);
-		return (isset($result['highestorder']) ? (int)$result['highestorder'] : 0);
+		return (isset($result['highestorder']) ? (int) $result['highestorder'] : 0);
 	}

 	/**
 	 * returns the last x archived tickets
 	 */
-	static public function getLastArchived($_num = 10, $_admin = 1) {
-
+	static public function getLastArchived($_num = 10, $_admin = 1)
+	{
 		if ($_num > 0) {
-
+			
 			$archived = array();
 			$counter = 0;
 			$result_stmt = Database::prepare("
@@ -477,12 +514,13 @@ class ticket {
 				FROM `" . TABLE_PANEL_TICKETS . "` `main`
 				WHERE `main`.`answerto` = '0' AND `main`.`archived` = '1'
 				AND `main`.`adminid` = :adminid
-				ORDER BY `main`.`lastchange` DESC LIMIT 0, ".(int)$_num
-			);
-			Database::pexecute($result_stmt, array('adminid' => $_admin));
-
+				ORDER BY `main`.`lastchange` DESC LIMIT 0, " . (int) $_num);
+			Database::pexecute($result_stmt, array(
+				'adminid' => $_admin
+			));
+			
 			while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-
+				
 				$archived[$counter]['id'] = $row['id'];
 				$archived[$counter]['customerid'] = $row['customerid'];
 				$archived[$counter]['adminid'] = $row['adminid'];
@@ -496,9 +534,9 @@ class ticket {
 				$archived[$counter]['lastchange'] = $row['lastchange'];
 				$archived[$counter]['status'] = $row['status'];
 				$archived[$counter]['by'] = $row['by'];
-				$counter++;
+				$counter ++;
 			}
-
+			
 			if (isset($archived[0]['id'])) {
 				return $archived;
 			} else {
@@ -516,129 +554,102 @@ class ticket {
 	static public function getArchiveSearchStatement($subject = null, $priority = null, $fromdate = null, $todate = null, $message = null, $customer = - 1, $admin = 1, $categories = null)
 	{
 		$search_params = array();
-
+		
 		$query = "
 			SELECT `main`.*, (
 				SELECT COUNT(`sub`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub`
 				WHERE `sub`.`answerto` = `main`.`id`
 			) as `ticket_answers`
 			FROM `" . TABLE_PANEL_TICKETS . "` `main`
-			WHERE `main`.`archived` = '1' AND `main`.`adminid` = :admin"
-		;
-
+			WHERE `main`.`archived` = '1' AND `main`.`adminid` = :admin";
+		
 		$search_params['admin'] = $admin;
-
-		if ($subject != NULL
-			&& $subject != ''
-		) {
+		
+		if ($subject != NULL && $subject != '') {
 			$query .= " AND `main`.`subject` LIKE :subject";
-			$search_params['subject'] = "%".$subject."%";
+			$search_params['subject'] = "%" . $subject . "%";
 		}
-
-		if ($priority != null
-			&& isset($priority[0])
-			&& $priority[0] != ''
-		) {
-
-			if (isset($priority[1])
-				&& $priority[1] != ''
-			) {
-
-				if (isset($priority[2])
-					&& $priority[2] != ''
-				) {
-
+		
+		if ($priority != null && isset($priority[0]) && $priority[0] != '') {
+			
+			if (isset($priority[1]) && $priority[1] != '') {
+				
+				if (isset($priority[2]) && $priority[2] != '') {
+					
 					$query .= " AND (`main`.`priority` = '1' OR `main`.`priority` = '2' OR `main`.`priority` = '3')";
-
 				} else {
-
+					
 					$query .= " AND (`main`.`priority` = '1' OR `main`.`priority` = '1')";
 				}
-
-			} elseif (isset($priority[2])
-				&& $priority[2] != ''
-			) {
-
+			} elseif (isset($priority[2]) && $priority[2] != '') {
+				
 				$query .= " AND (`main`.`priority` = '1' OR `main`.`priority` = '3')";
-
 			} else {
 				$query .= " AND `main`.`priority` = '1'";
 			}
-
-		} elseif($priority != null
-			&& isset($priority[1])
-			&& $priority[1] != ''
-		) {
-			if (isset($priority[2])
-				&& $priority[2] != ''
-			) {
+		} elseif ($priority != null && isset($priority[1]) && $priority[1] != '') {
+			if (isset($priority[2]) && $priority[2] != '') {
 				$query .= " AND (`main`.`priority` = '2' OR `main`.`priority` = '3')";
 			} else {
 				$query .= " AND `main`.`priority` = '2'";
 			}
-
-		} elseif($priority != null) {
-
-			if (isset($priority[3])
-				&& $priority[3] != ''
-			) {
+		} elseif ($priority != null) {
+			
+			if (isset($priority[3]) && $priority[3] != '') {
 				$query .= " AND `main`.`priority` = '3'";
 			}
 		}
-
-		if ($fromdate != null
-			&& $fromdate > 0
-		) {
+		
+		if ($fromdate != null && $fromdate > 0) {
 			$query .= " AND `main`.`lastchange` > :fromdate";
 			$search_params['fromdate'] = strtotime($fromdate);
 		}
-
-		if ($todate != null
-			&& $todate > 0
-		) {
+		
+		if ($todate != null && $todate > 0) {
 			$query .= " AND `main`.`lastchange` < :todate";
 			$search_params['todate'] = strtotime($todate);
 		}
-
-		if ($message != null
-			&& $message != ''
-		) {
+		
+		if ($message != null && $message != '') {
 			$query .= " AND `main`.`message` LIKE :message";
-			$search_params['message'] = "%".$message."%";
+			$search_params['message'] = "%" . $message . "%";
 		}
-
+		
 		if ($customer != - 1) {
 			$query .= " AND `main`.`customerid` = :customer";
 			$search_params['customer'] = $customer;
 		}
-
+		
 		if ($categories != null) {
-
+			
 			$cats = array();
 			foreach ($categories as $index => $catid) {
 				if ($catid != "") {
 					$cats[] = $catid;
 				}
 			}
-
+			
 			if (count($cats) > 0) {
 				$query .= " AND (";
 			}
-
+			
 			foreach ($cats as $catid) {
 				if (isset($catid) && $catid > 0) {
-					$query .= "`main`.`category` = :catid_".$catid." OR ";
-					$search_params['catid_'.$catid] = $catid;
+					$query .= "`main`.`category` = :catid_" . $catid . " OR ";
+					$search_params['catid_' . $catid] = $catid;
 				}
 			}
-
+			
 			if (count($cats) > 0) {
 				$query = substr($query, 0, strlen($query) - 3);
 				$query .= ") ";
 			}
 		}
-
-		return array('0' => $query, '1' => $search_params);
+		
+		return array(
+			'0' => $query,
+			'1' => $search_params
+		);
 	}

 	/**
@@ -646,8 +657,7 @@ class ticket {
 	 */
 	static public function getStatusText($_lng, $_status = 0)
 	{
-		switch($_status)
-		{
+		switch ($_status) {
 			case 0:
 				return $_lng['ticket']['open'];
 				break;
@@ -668,8 +678,7 @@ class ticket {
 	 */
 	static public function getPriorityText($_lng, $_priority = 0)
 	{
-		switch($_priority)
-		{
+		switch ($_priority) {
 			case 1:
 				return $_lng['ticket']['high'];
 				break;
@@ -684,19 +693,19 @@ class ticket {

 	private function convertLatin1ToHtml($str)
 	{
-		$html_entities = array (
-					"Ä" =>  "&Auml;",
-					"ä" =>  "&auml;",
-					"Ö" =>  "&Ouml;",
-					"ö" =>  "&ouml;",
-					"Ü" =>  "&Uuml;",
-					"ü" =>  "&uuml;",
-					"ß" =>  "&szlig;"
-					/*
-					 * @TODO continue this table for all the special-characters
-					 */
+		$html_entities = array(
+			"Ä" => "&Auml;",
+			"ä" => "&auml;",
+			"Ö" => "&Ouml;",
+			"ö" => "&ouml;",
+			"Ü" => "&Uuml;",
+			"ü" => "&uuml;",
+			"ß" => "&szlig;"
+			/*
+		 * @TODO continue this table for all the special-characters
+		 */
 		);
-
+		
 		foreach ($html_entities as $key => $value) {
 			$str = str_replace($key, $value, $str);
 		}
@@ -706,45 +715,47 @@ class ticket {
 	/**
 	 * function customerHasTickets
 	 *
-	 * @param	int		customer-id
-	 *
-	 * @return	array/bool	array of ticket-ids if customer has any, else false
+	 * @param
+	 *        	int customer-id
+	 *        	
+	 * @return array/bool array of ticket-ids if customer has any, else false
 	 */
-	static public function customerHasTickets($_cid = 0) {
-
+	static public function customerHasTickets($_cid = 0)
+	{
 		if ($_cid != 0) {
 			$result_stmt = Database::prepare("
-				SELECT `id` FROM `" . TABLE_PANEL_TICKETS . "` WHERE `customerid` = :cid"
-			);
-			Database::pexecute($result_stmt, array('cid' => $_cid));
-
+				SELECT `id` FROM `" . TABLE_PANEL_TICKETS . "` WHERE `customerid` = :cid");
+			Database::pexecute($result_stmt, array(
+				'cid' => $_cid
+			));
+			
 			$tickets = array();
 			while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 				$tickets[] = $row['id'];
 			}
-
+			
 			return $tickets;
 		}
-
+		
 		return false;
 	}

 	/**
 	 * Get a data-var
 	 */
-	public function Get($_var = '', $_vartrusted = false) {
-
+	public function Get($_var = '', $_vartrusted = false)
+	{
 		if ($_var != '') {
-			if (!$_vartrusted) {
+			if (! $_vartrusted) {
 				$_var = htmlspecialchars($_var);
 			}
-
+			
 			if (isset($this->t_data[$_var])) {
 				if (strtolower($_var) == 'message') {
 					// avoid double line-breaks, #1413
 					$this->t_data[$_var] = str_replace("<br />\n", "\n", $this->t_data[$_var]);
 					return nl2br($this->t_data[$_var]);
-				} elseif(strtolower($_var) == 'subject') {
+				} elseif (strtolower($_var) == 'subject') {
 					return nl2br($this->t_data[$_var]);
 				} else {
 					return $this->t_data[$_var];
@@ -758,25 +769,21 @@ class ticket {
 	/**
 	 * Set a data-var
 	 */
-	public function Set($_var = '', $_value = '', $_vartrusted = false, $_valuetrusted = false) {
-
-		if ($_var != ''
-			&& $_value != ''
-		) {
-			if (!$_vartrusted) {
+	public function Set($_var = '', $_value = '', $_vartrusted = false, $_valuetrusted = false)
+	{
+		if ($_var != '' && $_value != '') {
+			if (! $_vartrusted) {
 				$_var = strip_tags($_var);
 			}
-
-			if (!$_valuetrusted) {
+			
+			if (! $_valuetrusted) {
 				$_value = strip_tags($_value, '<br />');
 			}
-
-			if (strtolower($_var) == 'message'
-				|| strtolower($_var) == 'subject'
-			) {
+			
+			if (strtolower($_var) == 'message' || strtolower($_var) == 'subject') {
 				$_value = $this->convertLatin1ToHtml($_value);
 			}
-
+			
 			$this->t_data[$_var] = $_value;
 		}
 	}
--- a/lib/classes/webserver/class.ConfigIO.php
+++ b/lib/classes/webserver/class.ConfigIO.php
@@ -17,13 +17,14 @@
 * @since      0.9.29
 *
 */
-
-class ConfigIO {
+class ConfigIO
+{

 	/**
 	 * constructor
 	 */
-	public function __construct() {}
+	public function __construct()
+	{}

 	/**
 	 * clean up former created configs, including (if enabled)
@@ -32,39 +33,40 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	public function cleanUp() {
-
+	public function cleanUp()
+	{
+		
 		// old error logs
 		$this->_cleanErrLogs();
-
+		
 		// awstats files
 		$this->_cleanAwstatsFiles();
-
+		
 		// fcgid files
 		$this->_cleanFcgidFiles();
-
+		
 		// php-fpm files
 		$this->_cleanFpmFiles();
-
+		
 		// clean webserver-configs
 		$this->_cleanWebserverConfigs();
-
+		
 		// old htpasswd files
 		$this->_cleanHtpasswdFiles();
-
+		
 		// customer-specified ssl-certificates
 		$this->_cleanCustomerSslCerts();
 	}

-	private function _cleanErrLogs() {
-
-	    $err_dir = makeCorrectDir(FROXLOR_INSTALL_DIR."/logs/");
-	    if (@is_dir($err_dir)) {
-	        // now get rid of old stuff
-	        //(but append /*.log so we don't delete the directory)
-	        $err_dir.='/*.log';
-	        safe_exec('rm -rf '. makeCorrectFile($err_dir));
-	    }
+	private function _cleanErrLogs()
+	{
+		$err_dir = makeCorrectDir(FROXLOR_INSTALL_DIR . "/logs/");
+		if (@is_dir($err_dir)) {
+			// now get rid of old stuff
+			// (but append /*.log so we don't delete the directory)
+			$err_dir .= '/*.log';
+			safe_exec('rm -f ' . makeCorrectFile($err_dir));
+		}
 	}

 	/**
@@ -73,8 +75,9 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanCustomerSslCerts() {
-
+	private function _cleanCustomerSslCerts()
+	{
+		
 		/*
 		 * only clean up if we're actually using SSL
 		 */
@@ -82,14 +85,14 @@ class ConfigIO {
 			// get correct directory
 			$configdir = $this->_getFile('system', 'customer_ssl_path');
 			if ($configdir !== false) {
-
+				
 				$configdir = makeCorrectDir($configdir);
-
+				
 				if (@is_dir($configdir)) {
 					// now get rid of old stuff
-					//(but append /* so we don't delete the directory)
-					$configdir.='/*';
-					safe_exec('rm -rf '. makeCorrectFile($configdir));
+					// (but append /* so we don't delete the directory)
+					$configdir .= '/*';
+					safe_exec('rm -f ' . makeCorrectFile($configdir));
 				}
 			}
 		}
@@ -100,39 +103,38 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanWebserverConfigs() {
-
+	private function _cleanWebserverConfigs()
+	{
+		
 		// get directories
 		$configdirs = array();
 		$dir = $this->_getFile('system', 'apacheconf_vhost');
 		if ($dir !== false)
 			$configdirs[] = makeCorrectDir($dir);
-
+		
 		$dir = $this->_getFile('system', 'apacheconf_diroptions');
 		if ($dir !== false)
 			$configdirs[] = makeCorrectDir($dir);
-
+		
 		// file pattern
 		$pattern = "/^([0-9]){2}_(froxlor|syscp)_(.+)\.conf$/";
-
+		
 		// check ALL the folders
 		foreach ($configdirs as $config_dir) {
-
+			
 			// check directory
 			if (@is_dir($config_dir)) {
-
+				
 				// create directory iterator
-				$its = new RecursiveIteratorIterator(
-						new RecursiveDirectoryIterator($config_dir)
-				);
-
+				$its = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($config_dir));
+				
 				// iterate through all subdirs,
 				// look for vhost/diroption files
 				// and delete them
-				foreach ($its as $fullFileName => $it ) {
+				foreach ($its as $fullFileName => $it) {
 					if ($it->isFile() && preg_match($pattern, $it->getFilename())) {
 						// remove file
-						safe_exec('rm -f '. escapeshellarg(makeCorrectFile($its->getPathname())));
+						safe_exec('rm -f ' . escapeshellarg(makeCorrectFile($its->getPathname())));
 					}
 				}
 			}
@@ -144,19 +146,20 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanHtpasswdFiles() {
-
+	private function _cleanHtpasswdFiles()
+	{
+		
 		// get correct directory
 		$configdir = $this->_getFile('system', 'apacheconf_htpasswddir');
-
+		
 		if ($configdir !== false) {
 			$configdir = makeCorrectDir($configdir);
-
+			
 			if (@is_dir($configdir)) {
 				// now get rid of old stuff
-				//(but append /* so we don't delete the directory)
-				$configdir.='/*';
-				safe_exec('rm -rf '. makeCorrectFile($configdir));
+				// (but append /* so we don't delete the directory)
+				$configdir .= '/*';
+				safe_exec('rm -f ' . makeCorrectFile($configdir));
 			}
 		}
 	}
@@ -166,37 +169,36 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanAwstatsFiles() {
-
+	private function _cleanAwstatsFiles()
+	{
 		if (Settings::Get('system.awstats_enabled') == '0') {
 			return;
 		}
-
-		//dhr: cleanout froxlor-generated awstats configs prior to re-creation
+		
+		// dhr: cleanout froxlor-generated awstats configs prior to re-creation
 		$awstatsclean['header'] = "## GENERATED BY FROXLOR\n";
 		$awstatsclean['headerold'] = "## GENERATED BY SYSCP\n";
 		$awstatsclean['path'] = $this->_getFile('system', 'awstats_conf');
-
+		
 		/**
 		 * don't do anything if the directory does not exist
-		 * (e.g. awstats not installed yet or whatever)
+		 * (e.g.
+		 * awstats not installed yet or whatever)
 		 * fixes #45
-		*/
+		 */
 		if ($awstatsclean['path'] !== false && is_dir($awstatsclean['path'])) {
 			$awstatsclean['dir'] = dir($awstatsclean['path']);
 			while ($awstatsclean['entry'] = $awstatsclean['dir']->read()) {
-				$awstatsclean['fullentry'] = makeCorrectFile($awstatsclean['path'].'/'.$awstatsclean['entry']);
+				$awstatsclean['fullentry'] = makeCorrectFile($awstatsclean['path'] . '/' . $awstatsclean['entry']);
 				/**
 				 * don't do anything if the file does not exist
-				*/
+				 */
 				if (@file_exists($awstatsclean['fullentry'])) {
 					$awstatsclean['fh'] = fopen($awstatsclean['fullentry'], 'r');
-					$awstatsclean['headerRead'] = fgets($awstatsclean['fh'], strlen($awstatsclean['header'])+1);
+					$awstatsclean['headerRead'] = fgets($awstatsclean['fh'], strlen($awstatsclean['header']) + 1);
 					fclose($awstatsclean['fh']);
-
-					if ($awstatsclean['headerRead'] == $awstatsclean['header']
-							|| $awstatsclean['headerRead'] == $awstatsclean['headerold']
-					) {
+					
+					if ($awstatsclean['headerRead'] == $awstatsclean['header'] || $awstatsclean['headerRead'] == $awstatsclean['headerold']) {
 						$awstats_conf_file = makeCorrectFile($awstatsclean['fullentry']);
 						@unlink($awstats_conf_file);
 					}
@@ -204,7 +206,7 @@ class ConfigIO {
 			}
 		}
 		unset($awstatsclean);
-		//end dhr
+		// end dhr
 	}

 	/**
@@ -212,39 +214,37 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanFcgidFiles() {
-
+	private function _cleanFcgidFiles()
+	{
 		if (Settings::Get('system.mod_fcgid') == '0') {
 			return;
 		}
-
+		
 		// get correct directory
 		$configdir = $this->_getFile('system', 'mod_fcgid_configdir');
 		if ($configdir !== false) {
-
+			
 			$configdir = makeCorrectDir($configdir);
-
+			
 			if (@is_dir($configdir)) {
 				// create directory iterator
-				$its = new RecursiveIteratorIterator(
-						new RecursiveDirectoryIterator($configdir)
-				);
-
+				$its = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($configdir));
+				
 				// iterate through all subdirs,
 				// look for php-fcgi-starter files
 				// and take immutable-flag away from them
 				// so we can delete them :)
-				foreach ($its as $fullFileName => $it ) {
+				foreach ($its as $fullFileName => $it) {
 					if ($it->isFile() && $it->getFilename() == 'php-fcgi-starter') {
 						// set chattr -i
 						removeImmutable($its->getPathname());
 					}
 				}
-
+				
 				// now get rid of old stuff
-				//(but append /* so we don't delete the directory)
-				$configdir.='/*';
-				safe_exec('rm -rf '. makeCorrectFile($configdir));
+				// (but append /* so we don't delete the directory)
+				$configdir .= '/*';
+				safe_exec('rm -rf ' . makeCorrectFile($configdir));
 			}
 		}
 	}
@@ -254,33 +254,36 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanFpmFiles() {
-
+	private function _cleanFpmFiles()
+	{
 		if (Settings::Get('phpfpm.enabled') == '0') {
 			return;
 		}
-
-		// get correct directory
-		$configdir = $this->_getFile('phpfpm', 'configdir');
-		if ($configdir !== false) {
-
-			$configdir = makeCorrectDir($configdir);
-
+		
+		// get all fpm config paths
+		$fpmconf_sel = Database::prepare("SELECT config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
+		Database::pexecute($fpmconf_sel);
+		$fpmconf_paths = $fpmconf_sel->fetchAll(PDO::FETCH_ASSOC);
+		// clean all php-fpm config-dirs
+		foreach ($fpmconf_paths as $configdir) {
+			$configdir = makeCorrectDir($configdir['config_dir']);
 			if (@is_dir($configdir)) {
 				// now get rid of old stuff
-				//(but append /* so we don't delete the directory)
-				$configdir.='/*';
-				safe_exec('rm -rf '. makeCorrectFile($configdir));
+				// (but append /*.conf so we don't delete the directory)
+				$configdir .= '/*.conf';
+				safe_exec('rm -f ' . makeCorrectFile($configdir));
+			} else {
+				safe_exec('mkdir -p ' . $configdir);
 			}
 		}
-
+		
 		// also remove aliasconfigdir #1273
 		$aliasconfigdir = $this->_getFile('phpfpm', 'aliasconfigdir');
 		if ($aliasconfigdir !== false) {
 			$aliasconfigdir = makeCorrectDir($aliasconfigdir);
 			if (@is_dir($aliasconfigdir)) {
-				$aliasconfigdir.='/*';
-				safe_exec('rm -rf '. makeCorrectFile($aliasconfigdir));
+				$aliasconfigdir .= '/*';
+				safe_exec('rm -rf ' . makeCorrectFile($aliasconfigdir));
 			}
 		}
 	}
@@ -288,17 +291,21 @@ class ConfigIO {
 	/**
 	 * returns a file/direcotry from the settings and checks whether it exists
 	 *
-	 * @param string $group         settings-group
-	 * @param string $varname       var-name
-	 * @param boolean $check_exists check if the file exists
-	 *
+	 * @param string $group
+	 *        	settings-group
+	 * @param string $varname
+	 *        	var-name
+	 * @param boolean $check_exists
+	 *        	check if the file exists
+	 *        	
 	 * @return string|boolean complete path including filename if any or false on error
 	 */
-	private function _getFile($group, $varname, $check_exists = true) {
-
+	private function _getFile($group, $varname, $check_exists = true)
+	{
+		
 		// read from settings
-		$file = Settings::Get($group.'.'.$varname);
-
+		$file = Settings::Get($group . '.' . $varname);
+		
 		// check whether it exists
 		if ($check_exists && @file_exists($file) == false) {
 			return false;
--- a/lib/classes/webserver/class.DomainSSL.php
+++ b/lib/classes/webserver/class.DomainSSL.php
@@ -89,6 +89,10 @@ class DomainSSL {
 					$ssl_files['ssl_cert_chainfile'] = makeCorrectFile($sslcertpath.'/'.$domain['domain'].'_chain.pem');
 				}
 			}
+			// will only be generated to be used externally, froxlor does not need this
+			if ($dom_certs['ssl_fullchain_file'] != '') {
+				$ssl_files['ssl_fullchain_file'] = makeCorrectFile($sslcertpath.'/'.$domain['domain'].'_fullchain.pem');
+			}
 			// create them on the filesystem
 			foreach ($ssl_files as $type => $filename) {
 				if ($filename != '') {
--- a/lib/classes/webserver/class.WebserverBase.php
+++ b/lib/classes/webserver/class.WebserverBase.php
@@ -17,8 +17,8 @@
 * @since      0.9.31
 *
 */
-
-class WebserverBase {
+class WebserverBase
+{

 	/**
 	 * returns an array with all entries required for all
@@ -26,27 +26,45 @@ class WebserverBase {
 	 *
 	 * @return array
 	 */
-	public static function getVhostsToCreate() {
-
+	public static function getVhostsToCreate()
+	{
 		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
 				`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`,
 				`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
-				`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`,
-				`d`.`mod_fcgid_maxrequests`
-				FROM `".TABLE_PANEL_DOMAINS."` `d`
+				`c`.`phpenabled` AS `phpenabled_customer`,
+				`d`.`phpenabled` AS `phpenabled_vhost`,
+				`d`.`mod_fcgid_starter`,`d`.`mod_fcgid_maxrequests`,
+				`d`.`ocsp_stapling`
+				FROM `" . TABLE_PANEL_DOMAINS . "` `d`

-				LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`)
-				LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
+				LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
+				LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)

 				WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
 				ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;
 		";
-
+		
 		$result_domains_stmt = Database::query($query);
-
+		
+		// prepare IP statement
+		$ip_stmt = Database::prepare("
+			SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
+			FROM `" . TABLE_DOMAINTOIP . "` `di`, `" . TABLE_PANEL_IPSANDPORTS . "` `p`
+			WHERE `p`.`id` = `di`.`id_ipandports`
+			AND `di`.`id_domain` = :domainid
+			AND `p`.`ssl` = '1'
+		");
+		
+		// prepare fpm-config select query
+		$fpm_sel_stmt = Database::prepare("
+			SELECT f.id FROM `" . TABLE_PANEL_FPMDAEMONS . "` f
+			LEFT JOIN `" . TABLE_PANEL_PHPCONFIGS . "` p ON p.fpmsettingid = f.id
+			WHERE p.id = :phpconfigid
+		");
+		
 		$domains = array();
 		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
-
+			
 			// set whole domain
 			$domains[$domain['domain']] = $domain;
 			// set empty-defaults for non-ssl
@@ -55,31 +73,38 @@ class WebserverBase {
 			$domains[$domain['domain']]['ssl_key_file'] = '';
 			$domains[$domain['domain']]['ssl_ca_file'] = '';
 			$domains[$domain['domain']]['ssl_cert_chainfile'] = '';
-
+			
 			// now, if the domain has an ssl ip/port assigned, get
 			// the corresponding information from the db
 			if (domainHasSslIpPort($domain['id'])) {

-				$ip_stmt = Database::prepare("
-						SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
-						FROM `".TABLE_DOMAINTOIP."` `di`, `".TABLE_PANEL_IPSANDPORTS."` `p`
-						WHERE `p`.`id` = `di`.`id_ipandports`
-						AND `di`.`id_domain` = :domainid
-						AND `p`.`ssl` = '1'
-						");
-				$ssl_ip = Database::pexecute_first($ip_stmt, array('domainid' => $domain['id']));
-
+				$ssl_ip = Database::pexecute_first($ip_stmt, array(
+					'domainid' => $domain['id']
+				));
+				
 				// set ssl info for domain
 				$domains[$domain['domain']]['ssl'] = '1';
 				$domains[$domain['domain']]['ssl_cert_file'] = $ssl_ip['ssl_cert_file'];
 				$domains[$domain['domain']]['ssl_key_file'] = $ssl_ip['ssl_key_file'];
 				$domains[$domain['domain']]['ssl_ca_file'] = $ssl_ip['ssl_ca_file'];
 				$domains[$domain['domain']]['ssl_cert_chainfile'] = $ssl_ip['ssl_cert_chainfile'];
+			}
+			
+			// read fpm-config-id if using fpm
+			if ((int) Settings::Get('phpfpm.enabled') == 1) {

+				$fpm_config = Database::pexecute_first($fpm_sel_stmt, array(
+					'phpconfigid' => $domain['phpsettingid']
+				));
+				if ($fpm_config) {
+					$domains[$domain['domain']]['fpm_config_id'] = $fpm_config['id'];
+				} else {
+					// fallback
+					$domains[$domain['domain']]['fpm_config_id'] = 1;
+				}
 			}
 		}
-
+		
 		return $domains;
 	}
-
 }
--- a/lib/configfiles/gentoo.xml
+++ b/lib/configfiles/gentoo.xml
@@ -353,7 +353,7 @@ exit "$RETVAL"
 			<!--DNS -->
 			<service type="dns" title="{{lng.admin.configfiles.dns}}">
 				<!--Bind9 -->
-				<daemon name="bind" title="Bind9 nameserver">
+				<daemon name="bind" title="Bind9 nameserver" default="true">
 					<install><![CDATA[emerge net-dns/bind]]></install>
 					<file name="/etc/bind/default.zone">
 						<content><![CDATA[
@@ -396,7 +396,8 @@ mail	IN		A	<SERVERIP>
 #################################
 # allow-axfr-ips	Allow zonetransfers only to these subnets
 #
-allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS>
+allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS_IP>
+# add these entries to the list if any speficied: <AXFRSERVERS>

 #################################
 # allow-dnsupdate-from	A global setting to allow DNS updates from these IP ranges.
@@ -938,7 +939,8 @@ gmysql-password=
 #################################
 # allow-axfr-ips	Allow zonetransfers only to these subnets
 #
-allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS>
+allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS_IP>
+# add these entries to the list if any speficied: <AXFRSERVERS>

 #################################
 # allow-dnsupdate-from	A global setting to allow DNS updates from these IP ranges.
@@ -2136,7 +2138,7 @@ protocol lda {
 driver = mysql
 connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
 default_pass_scheme = CRYPT
-password_query = "SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota,'M') AS userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')"
+password_query = "SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota,'M') AS userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))"
 user_query = "SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', quota,'M') AS quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u')"
 iterate_query = "SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)"
 ]]>
@@ -3420,10 +3422,17 @@ MAILDIRPATH=.maildir
 				<daemon name="proftpd" title="ProFTPd" default="true">
 					<command><![CDATA[echo "net-ftp/proftpd mysql" >> /etc/portage/package.use]]></command>
 					<install><![CDATA[emerge net-ftp/proftpd]]></install>
-					<commands>
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
-						<command><![CDATA[chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key]]></command>
+					<file name="/etc/proftpd/create-cert.sh" chown="root:0" chmod="0700">
+						<content><![CDATA[#!/bin/bash
+[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
+[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
+chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key
+]]>
+						</content>
+					</file>
+					<commands index="1">
+						<command><![CDATA[/etc/proftpd/create-cert.sh]]></command>
+						<command><![CDATA[rm -f /etc/proftpd/create-cert.sh]]></command>
 					</commands>
 					<file name="/etc/proftpd/proftpd.conf" chown="root:0" chmod="0600"
 						backup="true">
--- a/lib/configfiles/jessie.xml
+++ b/lib/configfiles/jessie.xml
@@ -48,6 +48,11 @@
 					<include>//service[@type='http']/general/commands</include>
 					<command><![CDATA[a2dismod userdir]]></command>
 					<command><![CDATA[a2enmod headers]]></command>
+					<command>
+						<visibility mode="true">{{settings.system.use_ssl}}
+						</visibility>
+						<content><![CDATA[a2enmod ssl]]></content>
+					</command>
 					<command>
 						<visibility mode="true">{{settings.phpfpm.enabled}}
 						</visibility>
@@ -365,7 +370,7 @@ exit "$RETVAL"
 			<!--DNS -->
 			<service type="dns" title="{{lng.admin.configfiles.dns}}">
 				<!--Bind9 -->
-				<daemon name="bind" title="Bind9 nameserver">
+				<daemon name="bind" title="Bind9 nameserver" default="true">
 					<install><![CDATA[apt-get install bind9]]></install>
 					<command><![CDATA[echo "include \"{{settings.system.bindconf_directory}}froxlor_bind.conf\";" >> /etc/bind/named.conf.local]]></command>
 					<command><![CDATA[touch {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
@@ -380,7 +385,8 @@ exit "$RETVAL"
 #################################
 # allow-axfr-ips	Allow zonetransfers only to these subnets
 #
-allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS>
+allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS_IP>
+# add these entries to the list if any speficied: <AXFRSERVERS>

 #################################
 # allow-dnsupdate-from	A global setting to allow DNS updates from these IP ranges.
@@ -921,7 +927,8 @@ gmysql-password=
 #################################
 # allow-axfr-ips	Allow zonetransfers only to these subnets
 #
-# allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS>
+# allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS_IP>
+# add these entries to the list if any speficied: <AXFRSERVERS>

 #################################
 # allow-dnsupdate-from	A global setting to allow DNS updates from these IP ranges.
@@ -2712,7 +2719,7 @@ user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir
 #  SELECT userid AS user, password, \
 #    home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
 #  FROM users WHERE userid = '%u'
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))

 # Query to get a list of all usernames.
 #iterate_query = SELECT username AS user FROM users
@@ -3812,10 +3819,17 @@ plugin {
 				<!-- Proftpd -->
 				<daemon name="proftpd" title="ProFTPd" default="true">
 					<install><![CDATA[apt-get install proftpd-basic proftpd-mod-mysql]]></install>
-					<commands>
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
-						<command><![CDATA[chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key]]></command>
+					<file name="/etc/proftpd/create-cert.sh" chown="root:0" chmod="0700">
+						<content><![CDATA[#!/bin/bash
+[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
+[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
+chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key
+]]>
+						</content>
+					</file>
+					<commands index="1">
+						<command><![CDATA[/etc/proftpd/create-cert.sh]]></command>
+						<command><![CDATA[rm -f /etc/proftpd/create-cert.sh]]></command>
 					</commands>
 					<file name="/etc/proftpd/proftpd.conf" chown="root:0" chmod="0600"
 						backup="true">
@@ -4467,9 +4481,9 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
 				<!-- libnss-mysql -->
 				<daemon name="libnss" title="libnss-mysql (required for FCGID/php-fpm/mpm-itk)">
 					<install><![CDATA[apt-get install nscd
-wget http://ftp.us.debian.org/debian/pool/main/libn/libnss-mysql-bg/libnss-mysql-bg_1.5-4_`dpkg --print-architecture`.deb
-dpkg -i libnss-mysql-bg_1.5-4_`dpkg --print-architecture`.deb
-rm libnss-mysql-bg_1.5-4_`dpkg --print-architecture`.deb
+wget http://debian.froxlor.org/pool/main/libn/libnss-mysql-bg/libnss-mysql-bg_1.5-3+frx1_amd64.deb
+dpkg -i libnss-mysql-bg_1.5-3+frx1_amd64.deb
+rm libnss-mysql-bg_1.5-3+frx1_amd64.deb
 ]]></install>
 					<file name="/etc/libnss-mysql.cfg" chown="root:root" chmod="0600"
 						backup="true">
@@ -4632,6 +4646,44 @@ aliases:     files
 						</content>
 					</file>
 				</daemon>
+				<!-- libnss-extrausers -->
+				<daemon name="libnssextrausers" title="libnss-extrausers (alternative to libnss-mysql, required for FCGID/php-fpm/mpm-itk)">
+					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
+					<commands index="1">
+						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/passwd]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/group]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/shadow]]></command>
+					</commands>
+					<file name="/etc/nsswitch.conf" backup="true">
+						<content><![CDATA[
+# Make sure that `passwd`, `group` and `shadow` have extrausers in their lines
+# You should place extrausers at the end, so that it is queried after the other mechanisams
+#
+passwd:         compat extrausers
+group:          compat extrausers
+shadow:         compat extrausers
+
+hosts:       files dns
+networks:    files dns
+
+services:    db files
+protocols:   db files
+rpc:         db files
+ethers:      db files
+netmasks:    files
+netgroup:    files
+bootparams:  files
+
+automount:   files
+aliases:     files
+]]>
+						</content>
+					</file>
+					<command><![CDATA[/etc/init.d/nscd restart]]></command>
+					<!-- clear group chache -->
+					<command><![CDATA[nscd --invalidate=group]]></command>
+				</daemon>
 				<!-- Logrotate -->
 				<daemon name="logrotate" title="Logrotate">
 					<install><![CDATA[apt-get install logrotate]]></install>
@@ -4708,6 +4760,11 @@ aliases:     files
 						</visibility>
 						<command><![CDATA[a2dismod php5]]></command>
 					</commands>
+					<commands index="5">
+						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
+						</visibility>
+						<command><![CDATA[/etc/init.d/apache2 restart]]></command>
+					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
 					<command><![CDATA[php {{const.FROXLOR_INSTALL_DIR}}/scripts/froxlor_master_cronjob.php --force]]></command>
--- a/lib/configfiles/precise.xml
+++ b/lib/configfiles/precise.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <froxlor>
-	<distribution name="Ubuntu" codename="Precise" version="12.04" defaulteditor="/usr/bin/nano">
+	<distribution name="Ubuntu" codename="Precise" version="12.04" defaulteditor="/usr/bin/nano" deprecated="true">
 		<services>
 			<!-- HTTP -->
 			<service type="http" title="{{lng.admin.configfiles.http}}">
@@ -49,6 +49,11 @@
 					<include>//service[@type='http']/general/commands</include>
 					<command><![CDATA[a2dismod userdir]]></command>
 					<command><![CDATA[a2enmod headers]]></command>
+					<command>
+						<visibility mode="true">{{settings.system.use_ssl}}
+						</visibility>
+						<content><![CDATA[a2enmod ssl]]></content>
+					</command>
 					<file name="/etc/apache2/mods-enabled/fastcgi.conf">
 						<visibility mode="true">{{settings.phpfpm.enabled}}
 						</visibility>
@@ -334,7 +339,7 @@ exit "$RETVAL"
 			<!--DNS -->
 			<service type="dns" title="{{lng.admin.configfiles.dns}}">
 				<!--Bind9 -->
-				<daemon name="bind" title="Bind9 nameserver">
+				<daemon name="bind" title="Bind9 nameserver" default="true">
 					<install><![CDATA[apt-get install bind9]]></install>
 					<command><![CDATA[echo "include \"{{settings.system.bindconf_directory}}froxlor_bind.conf\";" >> /etc/bind/named.conf]]></command>
 					<command><![CDATA[touch {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
@@ -346,7 +351,8 @@ exit "$RETVAL"
 					<install><![CDATA[apt-get install pdns-server pdns-backend-mysql]]></install>
 					<file name="/etc/powerdns/pdns.conf" backup="true" chmod="600">
 						<content><![CDATA[
-allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS>
+allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS_IP>
+# add these entries to the list if any speficied: <AXFRSERVERS>
 allow-recursion=127.0.0.1
 config-dir=/etc/powerdns
 daemon=yes
@@ -407,7 +413,8 @@ include-dir=/etc/powerdns/froxlor/
 					<file name="/etc/powerdns/froxlor/pdns_froxlor.conf" chown="root:root"
 						chmod="600">
 						<content><![CDATA[
-allow-axfr-ips=<NAMESERVERS>
+allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS_IP>
+# add these entries to the list if any speficied: <AXFRSERVERS>
 #local-ipv6=YOUR_IPv6_(if_any)
 bind-config=<BIND_CONFIG_PATH>named.conf
 bind-check-interval=180
@@ -724,7 +731,7 @@ smtpd_sasl_local_domain = $myhostname
 broken_sasl_auth_clients = yes

 # Virtual delivery settings
-virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
+virtual_mailbox_base = /
 virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
 virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
@@ -1027,7 +1034,7 @@ userdb {
 driver = mysql
 connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
 default_pass_scheme = CRYPT
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
 user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE (username = '%u' OR email = '%u')
 iterate_query = SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)
 ]]>
@@ -1141,10 +1148,17 @@ MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)
 				<!-- Proftpd -->
 				<daemon name="proftpd" title="ProFTPd" default="true">
 					<install><![CDATA[apt-get install proftpd-basic proftpd-mod-mysql]]></install>
-					<commands>
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
-						<command><![CDATA[chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key]]></command>
+					<file name="/etc/proftpd/create-cert.sh" chown="root:0" chmod="0700">
+						<content><![CDATA[#!/bin/bash
+[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
+[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
+chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key
+]]>
+						</content>
+					</file>
+					<commands index="1">
+						<command><![CDATA[/etc/proftpd/create-cert.sh]]></command>
+						<command><![CDATA[rm -f /etc/proftpd/create-cert.sh]]></command>
 					</commands>
 					<file name="/etc/proftpd/proftpd.conf" chown="root:0" chmod="0600"
 						backup="true">
@@ -1622,6 +1636,44 @@ netmasks:    files
 netgroup:    files
 bootparams:  files

+automount:   files
+aliases:     files
+]]>
+						</content>
+					</file>
+					<command><![CDATA[/etc/init.d/nscd restart]]></command>
+					<!-- clear group chache -->
+					<command><![CDATA[nscd --invalidate=group]]></command>
+				</daemon>
+				<!-- libnss-extrausers -->
+				<daemon name="libnssextrausers" title="libnss-extrausers (alternative to libnss-mysql, required for FCGID/php-fpm/mpm-itk)">
+					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
+					<commands index="1">
+						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/passwd]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/group]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/shadow]]></command>
+					</commands>
+					<file name="/etc/nsswitch.conf" backup="true">
+						<content><![CDATA[
+# Make sure that `passwd`, `group` and `shadow` have extrausers in their lines
+# You should place extrausers at the end, so that it is queried after the other mechanisams
+#
+passwd:         compat extrausers
+group:          compat extrausers
+shadow:         compat extrausers
+
+hosts:       files dns
+networks:    files dns
+
+services:    db files
+protocols:   db files
+rpc:         db files
+ethers:      db files
+netmasks:    files
+netgroup:    files
+bootparams:  files
+
 automount:   files
 aliases:     files
 ]]>
@@ -1707,6 +1759,11 @@ aliases:     files
 						</visibility>
 						<command><![CDATA[a2dismod php5]]></command>
 					</commands>
+					<commands index="5">
+						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
+						</visibility>
+						<command><![CDATA[/etc/init.d/apache2 restart]]></command>
+					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
 					<command><![CDATA[php {{const.FROXLOR_INSTALL_DIR}}/scripts/froxlor_master_cronjob.php --force]]></command>
--- a/lib/configfiles/rhel_centos.xml
+++ b/lib/configfiles/rhel_centos.xml
@@ -1774,7 +1774,7 @@ default_pass_scheme = CRYPT
 #password_query = \
 #  SELECT username, domain, password \
 #  FROM users WHERE username = '%n' AND domain = '%d'
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
 #password_query = SELECT username as user, password, '/var/vmail/%d/%n' as userdb_home, 'maildir:/var/vmail/%d/%n' as userdb_mail, 150 as userdb_uid, 12 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'

 # userdb query to retrieve the user information. It can return fields:
@@ -2089,7 +2089,7 @@ LoadModule mod_ctrls_admin.c
 # (http://www.castaglia.org/proftpd/modules/mod_vroot.html)
 # Using this module rather than the kernel's chroot() system call works
 # around issues with PAM and chroot (http://bugzilla.redhat.com/506735)
-LoadModule mod_vroot.c
+# LoadModule mod_vroot.c
 #
 # Provide a flexible way of specifying that certain configuration directives
 # only apply to certain sessions, based on credentials such as connection
--- a/lib/configfiles/stretch.xml
+++ b/lib/configfiles/stretch.xml
--- a/lib/configfiles/trusty.xml
+++ b/lib/configfiles/trusty.xml
@@ -49,6 +49,11 @@
 					<include>//service[@type='http']/general/commands</include>
 					<command><![CDATA[a2dismod userdir]]></command>
 					<command><![CDATA[a2enmod headers]]></command>
+					<command>
+						<visibility mode="true">{{settings.system.use_ssl}}
+						</visibility>
+						<content><![CDATA[a2enmod ssl]]></content>
+					</command>
 					<file name="/etc/apache2/mods-enabled/fastcgi.conf">
 						<visibility mode="true">{{settings.phpfpm.enabled}}
 						</visibility>
@@ -85,6 +90,11 @@ Alias "/.well-known/acme-challenge" "{{settings.system.letsencryptchallengepath}
 					<include>//service[@type='http']/general/commands</include>
 					<command><![CDATA[a2dismod userdir]]></command>
 					<command><![CDATA[a2enmod headers]]></command>
+					<command>
+						<visibility mode="true">{{settings.system.use_ssl}}
+						</visibility>
+						<content><![CDATA[a2enmod ssl]]></content>
+					</command>
 					<file name="/etc/apache2/mods-enabled/fastcgi.conf">
 						<visibility mode="true">{{settings.phpfpm.enabled}}
 						</visibility>
@@ -367,7 +377,7 @@ exit "$RETVAL"
 			<!--DNS -->
 			<service type="dns" title="{{lng.admin.configfiles.dns}}">
 				<!--Bind9 -->
-				<daemon name="bind" title="Bind9 nameserver">
+				<daemon name="bind" title="Bind9 nameserver" default="true">
 					<install><![CDATA[apt-get install bind9]]></install>
 					<command><![CDATA[echo "include \"{{settings.system.bindconf_directory}}froxlor_bind.conf\";" >> /etc/bind/named.conf]]></command>
 					<command><![CDATA[touch {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
@@ -379,7 +389,8 @@ exit "$RETVAL"
 					<install><![CDATA[apt-get install pdns-server pdns-backend-mysql]]></install>
 					<file name="/etc/powerdns/pdns.conf" backup="true" chmod="600">
 						<content><![CDATA[
-allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS>
+allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS_IP>
+# add these entries to the list if any speficied: <AXFRSERVERS>
 allow-recursion=127.0.0.1
 config-dir=/etc/powerdns
 daemon=yes
@@ -417,7 +428,8 @@ gmysql-password=
 					<install><![CDATA[apt-get install pdns-server]]></install>
 					<file name="/etc/powerdns/pdns.conf" backup="true">
 						<content><![CDATA[
-allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS>
+allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS_IP>
+# add these entries to the list if any speficied: <AXFRSERVERS>
 allow-recursion=127.0.0.1
 config-dir=/etc/powerdns
 daemon=yes
@@ -441,7 +453,8 @@ include-dir=/etc/powerdns/froxlor/
 					<file name="/etc/powerdns/froxlor/pdns_froxlor.conf" chown="root:root"
 						chmod="600">
 						<content><![CDATA[
-allow-axfr-ips=<NAMESERVERS>
+allow-axfr-ips=127.0.0.0/8,::1,<NAMESERVERS_IP>
+# add these entries to the list if any speficied: <AXFRSERVERS>
 #local-ipv6=YOUR_IPv6_(if_any)
 bind-config=<BIND_CONFIG_PATH>named.conf
 bind-check-interval=180
@@ -758,7 +771,7 @@ smtpd_sasl_local_domain = $myhostname
 broken_sasl_auth_clients = yes

 # Virtual delivery settings
-virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
+virtual_mailbox_base = /
 virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
 virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
@@ -1035,7 +1048,7 @@ auth_mechanisms = plain login
 driver = mysql
 connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
 default_pass_scheme = CRYPT
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
 user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', quota, 'M') as quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u')
 iterate_query = SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)
 ]]>
@@ -1149,10 +1162,17 @@ MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)
 				<!-- Proftpd -->
 				<daemon name="proftpd" title="ProFTPd" default="true">
 					<install><![CDATA[apt-get install proftpd-basic proftpd-mod-mysql]]></install>
-					<commands>
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
-						<command><![CDATA[chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key]]></command>
+					<file name="/etc/proftpd/create-cert.sh" chown="root:0" chmod="0700">
+						<content><![CDATA[#!/bin/bash
+[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
+[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
+chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key
+]]>
+						</content>
+					</file>
+					<commands index="1">
+						<command><![CDATA[/etc/proftpd/create-cert.sh]]></command>
+						<command><![CDATA[rm -f /etc/proftpd/create-cert.sh]]></command>
 					</commands>
 					<file name="/etc/proftpd/proftpd.conf" chown="root:0" chmod="0600"
 						backup="true">
@@ -1639,6 +1659,44 @@ aliases:     files
 					<!-- clear group chache -->
 					<command><![CDATA[nscd --invalidate=group]]></command>
 				</daemon>
+				<!-- libnss-extrausers -->
+				<daemon name="libnssextrausers" title="libnss-extrausers (alternative to libnss-mysql, required for FCGID/php-fpm/mpm-itk)">
+					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
+					<commands index="1">
+						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/passwd]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/group]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/shadow]]></command>
+					</commands>
+					<file name="/etc/nsswitch.conf" backup="true">
+						<content><![CDATA[
+# Make sure that `passwd`, `group` and `shadow` have extrausers in their lines
+# You should place extrausers at the end, so that it is queried after the other mechanisams
+#
+passwd:         compat extrausers
+group:          compat extrausers
+shadow:         compat extrausers
+
+hosts:       files dns
+networks:    files dns
+
+services:    db files
+protocols:   db files
+rpc:         db files
+ethers:      db files
+netmasks:    files
+netgroup:    files
+bootparams:  files
+
+automount:   files
+aliases:     files
+]]>
+						</content>
+					</file>
+					<command><![CDATA[/etc/init.d/nscd restart]]></command>
+					<!-- clear group chache -->
+					<command><![CDATA[nscd --invalidate=group]]></command>
+				</daemon>
 				<!-- Logrotate -->
 				<daemon name="logrotate" title="Logrotate">
 					<install><![CDATA[apt-get install logrotate]]></install>
@@ -1715,6 +1773,11 @@ aliases:     files
 						</visibility>
 						<command><![CDATA[a2dismod php5]]></command>
 					</commands>
+					<commands index="5">
+						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
+						</visibility>
+						<command><![CDATA[/etc/init.d/apache2 restart]]></command>
+					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
 					<command><![CDATA[php {{const.FROXLOR_INSTALL_DIR}}/scripts/froxlor_master_cronjob.php --force]]></command>
--- a/lib/configfiles/xenial.xml
+++ b/lib/configfiles/xenial.xml
--- a/lib/cron_init.php
+++ b/lib/cron_init.php
@@ -205,6 +205,7 @@ if (hasUpdates($version) || hasDbUpdates($dbversion)
 		fwrite($debugHandler, '*** WARNING *** - all new settings etc. will be stored with the default value, that might not always be right for your system!' . "\n");
 		fwrite($debugHandler, "*** WARNING *** - If you don't want this to happen in the future consider removing the --allow-autoupdate flag from the cronjob\n");
 		// including update procedures
+		define('_CRON_UPDATE', 1);
 		include_once FROXLOR_INSTALL_DIR.'/install/updatesql.php';
 		// pew - everything went better than expected
 		$cronlog->logAction(CRON_ACTION, LOG_WARNING, 'Automatic update done - you should check your settings to be sure everything is fine');
--- a/lib/formfields/admin/customer/formfield.customer_add.php
+++ b/lib/formfields/admin/customer/formfield.customer_add.php
@@ -14,7 +14,6 @@
 * @package    Formfields
 *
 */
-
 return array(
 	'customer_add' => array(
 		'title' => $lng['admin']['customer_add'],
@@ -29,20 +28,30 @@ return array(
 						'type' => 'text'
 					),
 					'createstdsubdomain' => array(
-						'label' => $lng['admin']['stdsubdomain_add'].'?',
+						'label' => $lng['admin']['stdsubdomain_add'] . '?',
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
-									),
-						'value' => array('1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							'1'
+						)
 					),
 					'store_defaultindex' => array(
-						'label' => $lng['admin']['store_defaultindex'].'?',
+						'label' => $lng['admin']['store_defaultindex'] . '?',
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
-									),
-						'value' => array('1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							'1'
+						)
 					),
 					'new_customer_password' => array(
 						'label' => $lng['login']['password'],
@@ -53,15 +62,20 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword(),
+						'value' => generatePassword()
 					),
 					'sendpassword' => array(
 						'label' => $lng['admin']['sendpassword'],
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
-									),
-						'value' => array('1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							'1'
+						)
 					),
 					'def_language' => array(
 						'label' => $lng['login']['language'],
@@ -135,12 +149,27 @@ return array(
 						'label' => $lng['usersettings']['custom_notes']['show'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
 						'value' => array()
 					)
 				)
 			),
+			'section_cpre' => array(
+				'visible' => !empty($hosting_plans),
+				'title' => $lng['admin']['plans']['use_plan'],
+				'image' => 'icons/user_add.png',
+				'fields' => array(
+					'use_plan' => array(
+						'label' => $lng['admin']['plans']['use_plan'],
+						'type' => 'select',
+						'select_var' => $hosting_plans
+					)
+				)
+			),
 			'section_c' => array(
 				'title' => $lng['admin']['servicedata'],
 				'image' => 'icons/user_add.png',
@@ -149,7 +178,7 @@ return array(
 						'label' => $lng['customer']['diskspace'],
 						'type' => 'textul',
 						'value' => 0,
-						'maxlength' => 6,
+						'maxlength' => 16,
 						'mandatory' => true,
 						'ul_field' => $diskspace_ul
 					),
@@ -157,7 +186,7 @@ return array(
 						'label' => $lng['customer']['traffic'],
 						'type' => 'textul',
 						'value' => 0,
-						'maxlength' => 4,
+						'maxlength' => 14,
 						'mandatory' => true,
 						'ul_field' => $traffic_ul
 					),
@@ -206,18 +235,28 @@ return array(
 						'label' => $lng['customer']['email_imap'],
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
-									),
-						'value' => array('1'),
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							'1'
+						),
 						'mandatory' => true
 					),
 					'email_pop3' => array(
 						'label' => $lng['customer']['email_pop3'],
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
-									),
-						'value' => array('1'),
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							'1'
+						),
 						'mandatory' => true
 					),
 					'ftps' => array(
@@ -244,28 +283,51 @@ return array(
 						'ul_field' => $mysqls_ul
 					),
 					'phpenabled' => array(
-						'label' => $lng['admin']['phpenabled'].'?',
+						'label' => $lng['admin']['phpenabled'] . '?',
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
-									),
-						'value' => array('1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							'1'
+						)
+					),
+					'allowed_phpconfigs' => array(
+						'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) ? true : false),
+						'label' => $lng['admin']['phpsettings']['title'],
+						'type' => 'checkbox',
+						'values' => $phpconfigs,
+						'value' => ((int) Settings::Get('system.mod_fcgid') == 1 ? array(
+							Settings::Get('system.mod_fcgid_defaultini')
+						) : (int) Settings::Get('phpfpm.enabled') == 1 ? array(
+							Settings::Get('phpfpm.defaultini')
+						) : array()),
+						'is_array' => 1
 					),
 					'perlenabled' => array(
-						'label' => $lng['admin']['perlenabled'].'?',
+						'label' => $lng['admin']['perlenabled'] . '?',
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
-									)
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						)
 					),
 					'dnsenabled' => array(
-						'label' => $lng['admin']['dnsenabled'].'?',
+						'label' => $lng['admin']['dnsenabled'] . '?',
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
-									),
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
 						'visible' => (Settings::Get('system.dnsenabled') == '1' ? true : false)
-					),
+					)
 				)
 			)
 		)
--- a/lib/formfields/admin/customer/formfield.customer_edit.php
+++ b/lib/formfields/admin/customer/formfield.customer_edit.php
@@ -150,6 +150,18 @@ return array(
 					)
 				)
 			),
+			'section_cpre' => array(
+				'visible' => !empty($hosting_plans),
+				'title' => $lng['admin']['plans']['use_plan'],
+				'image' => 'icons/user_add.png',
+				'fields' => array(
+					'use_plan' => array(
+						'label' => $lng['admin']['plans']['use_plan'],
+						'type' => 'select',
+						'select_var' => $hosting_plans
+					)
+				)
+			),
 			'section_c' => array(
 				'title' => $lng['admin']['servicedata'],
 				'image' => 'icons/user_edit.png',
@@ -158,7 +170,7 @@ return array(
 						'label' => $lng['customer']['diskspace'],
 						'type' => 'textul',
 						'value' => $result['diskspace'],
-						'maxlength' => 6,
+						'maxlength' => 16,
 						'mandatory' => true,
 						'ul_field' => $diskspace_ul
 					),
@@ -166,7 +178,7 @@ return array(
 						'label' => $lng['customer']['traffic'],
 						'type' => 'textul',
 						'value' => $result['traffic'],
-						'maxlength' => 4,
+						'maxlength' => 14,
 						'mandatory' => true,
 						'ul_field' => $traffic_ul
 					),
@@ -260,6 +272,14 @@ return array(
 						),
 						'value' => array($result['phpenabled'])
 					),
+					'allowed_phpconfigs' => array(
+						'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) ? true : false),
+						'label' => $lng['admin']['phpsettings']['title'],
+						'type' => 'checkbox',
+						'values' => $phpconfigs,
+						'value' => isset($result['allowed_phpconfigs']) && !empty($result['allowed_phpconfigs']) ? json_decode($result['allowed_phpconfigs'], JSON_OBJECT_AS_ARRAY) : array(),
+						'is_array' => 1
+					),
 					'perlenabled' => array(
 						'label' => $lng['admin']['perlenabled'].'?',
 						'type' => 'checkbox',
--- a/lib/formfields/admin/domains/formfield.domains_add.php
+++ b/lib/formfields/admin/domains/formfield.domains_add.php
@@ -14,7 +14,6 @@
 * @package    Formfields
 *
 */
-
 return array(
 	'domain_add' => array(
 		'title' => $lng['admin']['domain_add'],
@@ -27,20 +26,20 @@ return array(
 					'domain' => array(
 						'label' => 'Domain',
 						'type' => 'text',
-						'mandatory' => true,
+						'mandatory' => true
 					),
 					'customerid' => array(
 						'label' => $lng['admin']['customer'],
 						'type' => 'select',
 						'select_var' => $customers,
-						'mandatory' => true,
+						'mandatory' => true
 					),
 					'adminid' => array(
 						'visible' => ($userinfo['customers_see_all'] == '1' ? true : false),
 						'label' => $lng['admin']['admin'],
 						'type' => 'select',
 						'select_var' => $admins,
-						'mandatory' => true,
+						'mandatory' => true
 					),
 					'alias' => array(
 						'label' => $lng['domains']['aliasdomain'],
@@ -58,9 +57,14 @@ return array(
 						'desc' => $lng['admin']['domain_editable']['desc'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array('1')
+						'value' => array(
+							'1'
+						)
 					),
 					'add_date' => array(
 						'label' => $lng['domains']['add_date'],
@@ -112,7 +116,10 @@ return array(
 						'desc' => $lng['admin']['speciallogfile']['description'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
 						'value' => array()
 					),
@@ -124,6 +131,19 @@ return array(
 						'type' => 'textarea',
 						'cols' => 60,
 						'rows' => 12
+					),
+					'notryfiles' => array(
+						'visible' => (Settings::Get('system.webserver') == 'nginx' && $userinfo['change_serversettings'] == '1'),
+						'label' => $lng['admin']['notryfiles']['title'],
+						'desc' => $lng['admin']['notryfiles']['description'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array()
 					)
 				)
 			),
@@ -146,7 +166,10 @@ return array(
 						'desc' => $lng['domains']['ssl_redirect']['description'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
 						'value' => array()
 					),
@@ -156,7 +179,23 @@ return array(
 						'desc' => $lng['admin']['letsencrypt']['description'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array()
+					),
+					'http2' => array(
+						'visible' => ($ssl_ipsandports != '' ? true : false) && Settings::Get('system.webserver') != 'lighttpd' && Settings::Get('system.http2_support') == '1',
+						'label' => $lng['admin']['domain_http2']['title'],
+						'desc' => $lng['admin']['domain_http2']['description'],
+						'type' => 'checkbox',
+						'values' => array(
+							array (
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
 						'value' => array()
 					),
@@ -181,7 +220,10 @@ return array(
 						'desc' => $lng['admin']['domain_hsts_incsub']['description'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
 						'value' => array()
 					),
@@ -191,11 +233,31 @@ return array(
 						'desc' => $lng['admin']['domain_hsts_preload']['description'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
 						'value' => array()
 					),
-				),
+					'ocsp_stapling' => array(
+						'visible' => ($ssl_ipsandports != '' ? true : false) &&
+								Settings::Get('system.webserver') != 'lighttpd',
+						'label' => $lng['admin']['domain_ocsp_stapling']['title'],
+						'desc' => $lng['admin']['domain_ocsp_stapling']['description'] .
+								(Settings::Get('system.webserver') == 'nginx' ?
+								$lng['admin']['domain_ocsp_stapling']['nginx_version_warning'] :
+								""),
+						'type' => 'checkbox',
+						'values' => array(
+							array (
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array()
+					),
+				)
 			),
 			'section_c' => array(
 				'title' => $lng['admin']['phpserversettings'],
@@ -206,23 +268,41 @@ return array(
 						'label' => 'OpenBasedir',
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array('1')
+						'value' => array(
+							'1'
+						)
+					),
+					'phpenabled' => array(
+						'label' => $lng['admin']['phpenabled'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							'1'
+						)
 					),
 					'phpsettingid' => array(
-						'visible' => (((int)Settings::Get('system.mod_fcgid') == 1 || (int)Settings::Get('phpfpm.enabled') == 1) ? true : false),
+						'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) ? true : false),
 						'label' => $lng['admin']['phpsettings']['title'],
 						'type' => 'select',
 						'select_var' => $phpconfigs
 					),
 					'mod_fcgid_starter' => array(
-						'visible' => ((int)Settings::Get('system.mod_fcgid') == 1 ? true : false),
+						'visible' => ((int) Settings::Get('system.mod_fcgid') == 1 ? true : false),
 						'label' => $lng['admin']['mod_fcgid_starter']['title'],
 						'type' => 'text'
 					),
 					'mod_fcgid_maxrequests' => array(
-						'visible' => ((int)Settings::Get('system.mod_fcgid') == 1 ? true : false),
+						'visible' => ((int) Settings::Get('system.mod_fcgid') == 1 ? true : false),
 						'label' => $lng['admin']['mod_fcgid_maxrequests']['title'],
 						'type' => 'text'
 					)
@@ -237,9 +317,14 @@ return array(
 						'label' => 'Nameserver',
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array('1')
+						'value' => array(
+							'1'
+						)
 					),
 					'zonefile' => array(
 						'label' => 'Zonefile',
@@ -256,15 +341,23 @@ return array(
 						'label' => $lng['admin']['emaildomain'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array('1')
+						'value' => array(
+							'1'
+						)
 					),
 					'email_only' => array(
 						'label' => $lng['admin']['email_only'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
 						'value' => array()
 					),
@@ -278,9 +371,14 @@ return array(
 						'label' => 'DomainKeys',
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array('1')
+						'value' => array(
+							'1'
+						)
 					)
 				)
 			)
--- a/lib/formfields/admin/domains/formfield.domains_edit.php
+++ b/lib/formfields/admin/domains/formfield.domains_edit.php
@@ -14,7 +14,6 @@
 * @package    Formfields
 *
 */
-
 return array(
 	'domain_edit' => array(
 		'title' => $lng['admin']['domain_edit'],
@@ -28,14 +27,14 @@ return array(
 						'label' => 'Domain',
 						'type' => 'label',
 						'value' => $result['domain'],
-						'mandatory' => true,
+						'mandatory' => true
 					),
 					'customerid' => array(
 						'label' => $lng['admin']['customer'],
 						'type' => (Settings::Get('panel.allow_domain_change_customer') == '1' ? 'select' : 'label'),
 						'select_var' => (isset($customers) ? $customers : null),
 						'value' => (isset($result['customername']) ? $result['customername'] : null),
-						'mandatory' => true,
+						'mandatory' => true
 					),
 					'adminid' => array(
 						'visible' => ($userinfo['customers_see_all'] == '1' ? true : false),
@@ -43,7 +42,7 @@ return array(
 						'type' => (Settings::Get('panel.allow_domain_change_admin') == '1' ? 'select' : 'label'),
 						'select_var' => (isset($admins) ? $admins : null),
 						'value' => (isset($result['adminname']) ? $result['adminname'] : null),
-						'mandatory' => true,
+						'mandatory' => true
 					),
 					'alias' => array(
 						'visible' => ($alias_check == '0' ? true : false),
@@ -60,16 +59,21 @@ return array(
 					'associated_info' => array(
 						'label' => $lng['domains']['associated_with_domain'],
 						'type' => 'label',
-						'value' => $subdomains.' '.$lng['customer']['subdomains'].', '.$alias_check.' '.$lng['domains']['aliasdomains'].', '.$emails.' '.$lng['customer']['emails'].', '.$email_accounts.' '.$lng['customer']['accounts'].', '.$email_forwarders.' '.$lng['customer']['forwarders']
+						'value' => $subdomains . ' ' . $lng['customer']['subdomains'] . ', ' . $alias_check . ' ' . $lng['domains']['aliasdomains'] . ', ' . $emails . ' ' . $lng['customer']['emails'] . ', ' . $email_accounts . ' ' . $lng['customer']['accounts'] . ', ' . $email_forwarders . ' ' . $lng['customer']['forwarders']
 					),
 					'caneditdomain' => array(
 						'label' => $lng['admin']['domain_editable']['title'],
 						'desc' => $lng['admin']['domain_editable']['desc'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array($result['caneditdomain'])
+						'value' => array(
+							$result['caneditdomain']
+						)
 					),
 					'add_date' => array(
 						'label' => $lng['domains']['add_date'],
@@ -124,9 +128,14 @@ return array(
 						'desc' => $lng['admin']['speciallogfile']['description'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array($result['speciallogfile'])
+						'value' => array(
+							$result['speciallogfile']
+						)
 					),
 					'specialsettings' => array(
 						'visible' => ($userinfo['change_serversettings'] == '1' ? true : false),
@@ -144,9 +153,29 @@ return array(
 						'desc' => $lng['serversettings']['specialsettingsforsubdomains']['description'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array('1')
+						'value' => array(
+							'1'
+						)
+					),
+					'notryfiles' => array(
+						'visible' => (Settings::Get('system.webserver') == 'nginx' && $userinfo['change_serversettings'] == '1'),
+						'label' => $lng['admin']['notryfiles']['title'],
+						'desc' => $lng['admin']['notryfiles']['description'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							$result['notryfiles']
+						)
 					)
 				)
 			),
@@ -169,9 +198,14 @@ return array(
 						'desc' => $lng['domains']['ssl_redirect']['description'] . ($result['temporary_ssl_redirect'] > 1 ? $lng['domains']['ssl_redirect_temporarilydisabled'] : ''),
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array($result['ssl_redirect'])
+						'value' => array(
+							$result['ssl_redirect']
+						)
 					),
 					'letsencrypt' => array(
 						'visible' => (Settings::Get('system.leenabled') == '1' ? ($ssl_ipsandports != '' ? true : false) : false),
@@ -179,9 +213,29 @@ return array(
 						'desc' => $lng['admin']['letsencrypt']['description'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array($result['letsencrypt'])
+						'value' => array(
+							$result['letsencrypt']
+						)
+					),
+					'http2' => array(
+						'visible' => ($ssl_ipsandports != '' ? true : false) && Settings::Get('system.webserver') != 'lighttpd' && Settings::Get('system.http2_support') == '1',
+						'label' => $lng['admin']['domain_http2']['title'],
+						'desc' => $lng['admin']['domain_http2']['description'],
+						'type' => 'checkbox',
+						'values' => array(
+							array (
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							$result['http2']
+						)
 					),
 					'no_ssl_available_info' => array(
 						'visible' => ($ssl_ipsandports == '' ? true : false),
@@ -204,9 +258,14 @@ return array(
 						'desc' => $lng['admin']['domain_hsts_incsub']['description'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array($result['hsts_sub'])
+						'value' => array(
+							$result['hsts_sub']
+						)
 					),
 					'hsts_preload' => array(
 						'visible' => ($ssl_ipsandports != '' ? true : false),
@@ -214,9 +273,33 @@ return array(
 						'desc' => $lng['admin']['domain_hsts_preload']['description'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array($result['hsts_preload'])
+						'value' => array(
+							$result['hsts_preload']
+						)
+					),
+					'ocsp_stapling' => array(
+						'visible' => ($ssl_ipsandports != '' ? true : false) &&
+								Settings::Get('system.webserver') != 'lighttpd',
+						'label' => $lng['admin']['domain_ocsp_stapling']['title'],
+						'desc' => $lng['admin']['domain_ocsp_stapling']['description'] .
+								(Settings::Get('system.webserver') == 'nginx' ?
+								$lng['admin']['domain_ocsp_stapling']['nginx_version_warning'] :
+								""),
+						'type' => 'checkbox',
+						'values' => array(
+							array (
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							$result['ocsp_stapling']
+						)
 					),
 				)
 			),
@@ -229,27 +312,60 @@ return array(
 						'label' => 'OpenBasedir',
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array($result['openbasedir'])
+						'value' => array(
+							$result['openbasedir']
+						)
+					),
+					'phpenabled' => array(
+						'label' => $lng['admin']['phpenabled'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							$result['phpenabled']
+						)
 					),
 					'phpsettingid' => array(
-						'visible' => (((int)Settings::Get('system.mod_fcgid') == 1 || (int)Settings::Get('phpfpm.enabled') == 1) ? true : false),
+						'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) ? true : false),
 						'label' => $lng['admin']['phpsettings']['title'],
 						'type' => 'select',
 						'select_var' => $phpconfigs
 					),
+					'phpsettingsforsubdomains' => array(
+						'visible' => ($userinfo['change_serversettings'] == '1' ? true : false),
+						'label' => $lng['admin']['phpsettingsforsubdomains'],
+						'desc' => $lng['serversettings']['phpsettingsforsubdomains']['description'],
+						'type' => 'checkbox',
+						'values' => array(
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
+						),
+						'value' => array(
+							'1'
+						)
+					),
 					'mod_fcgid_starter' => array(
-						'visible' => ((int)Settings::Get('system.mod_fcgid') == 1 ? true : false),
+						'visible' => ((int) Settings::Get('system.mod_fcgid') == 1 ? true : false),
 						'label' => $lng['admin']['mod_fcgid_starter']['title'],
 						'type' => 'text',
-						'value' => ((int)$result['mod_fcgid_starter'] != - 1 ? $result['mod_fcgid_starter'] : '')
+						'value' => ((int) $result['mod_fcgid_starter'] != - 1 ? $result['mod_fcgid_starter'] : '')
 					),
 					'mod_fcgid_maxrequests' => array(
-						'visible' => ((int)Settings::Get('system.mod_fcgid') == 1 ? true : false),
+						'visible' => ((int) Settings::Get('system.mod_fcgid') == 1 ? true : false),
 						'label' => $lng['admin']['mod_fcgid_maxrequests']['title'],
 						'type' => 'text',
-						'value' => ((int)$result['mod_fcgid_maxrequests'] != - 1 ? $result['mod_fcgid_maxrequests'] : '')
+						'value' => ((int) $result['mod_fcgid_maxrequests'] != - 1 ? $result['mod_fcgid_maxrequests'] : '')
 					)
 				)
 			),
@@ -262,9 +378,14 @@ return array(
 						'label' => 'Nameserver',
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array($result['isbinddomain'])
+						'value' => array(
+							$result['isbinddomain']
+						)
 					),
 					'zonefile' => array(
 						'label' => 'Zonefile',
@@ -282,17 +403,27 @@ return array(
 						'label' => $lng['admin']['emaildomain'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array($result['isemaildomain'])
+						'value' => array(
+							$result['isemaildomain']
+						)
 					),
 					'email_only' => array(
 						'label' => $lng['admin']['email_only'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array($result['email_only'])
+						'value' => array(
+							$result['email_only']
+						)
 					),
 					'subcanemaildomain' => array(
 						'label' => $lng['admin']['subdomainforemail'],
@@ -304,9 +435,14 @@ return array(
 						'label' => 'DomainKeys',
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
+								'label' => $lng['panel']['yes'],
+								'value' => '1'
+							)
 						),
-						'value' => array($result['dkim'])
+						'value' => array(
+							$result['dkim']
+						)
 					)
 				)
 			)
--- a/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php
+++ b/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php
@@ -0,0 +1,95 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Formfields
+ *
+ */
+
+return array(
+	'fpmconfig_add' => array(
+		'title' => $lng['admin']['phpsettings']['addsettings'],
+		'image' => 'icons/phpsettings_add.png',
+		'sections' => array(
+			'section_a' => array(
+				'title' => $lng['admin']['phpsettings']['addsettings'],
+				'image' => 'icons/phpsettings_add.png',
+				'fields' => array(
+					'description' => array(
+						'label' => $lng['admin']['phpsettings']['description'],
+						'type' => 'text',
+						'maxlength' => 50
+					),
+					'reload_cmd' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['reload'],
+						'type' => 'text',
+						'maxlength' => 255,
+						'value' => 'service php7.0-fpm restart'
+					),
+					'config_dir' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
+						'type' => 'text',
+						'maxlength' => 255,
+						'value' => '/etc/php/7.0/fpm/pool.d/'
+					),
+					'pm' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['pm'],
+						'type' => 'select',
+						'select_var' => $pm_select
+					),
+					'max_children' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['max_children']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_children']['description'],
+						'type' => 'int',
+						'value' => 1
+					),
+					'start_servers' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['start_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['start_servers']['description'],
+						'type' => 'int',
+						'value' => 20
+					),
+					'min_spare_servers' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['description'],
+						'type' => 'int',
+						'value' => 5
+					),
+					'max_spare_servers' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['description'],
+						'type' => 'int',
+						'value' => 35
+					),
+					'max_requests' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['max_requests']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_requests']['description'],
+						'type' => 'int',
+						'value' => 0
+					),
+					'idle_timeout' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['description'],
+						'type' => 'int',
+						'value' => 30
+					),
+					'limit_extensions' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'],
+						'type' => 'text',
+						'value' => '.php'
+					)
+				)
+			)
+		)
+	)
+);
--- a/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php
+++ b/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php
@@ -0,0 +1,96 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Formfields
+ *
+ */
+
+return array(
+	'fpmconfig_edit' => array(
+		'title' => $lng['admin']['phpsettings']['editsettings'],
+		'image' => 'icons/phpsettings_edit.png',
+		'sections' => array(
+			'section_a' => array(
+				'title' => $lng['admin']['phpsettings']['editsettings'],
+				'image' => 'icons/phpsettings_edit.png',
+				'fields' => array(
+					'description' => array(
+						'label' => $lng['admin']['phpsettings']['description'],
+						'type' => 'text',
+						'maxlength' => 50,
+						'value' => $result['description']
+					),
+					'reload_cmd' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['reload'],
+						'type' => 'text',
+						'maxlength' => 255,
+						'value' => $result['reload_cmd']
+					),
+					'config_dir' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
+						'type' => 'text',
+						'maxlength' => 255,
+						'value' => $result['config_dir']
+					),
+					'pm' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['pm'],
+						'type' => 'select',
+						'select_var' => $pm_select
+					),
+					'max_children' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['max_children']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_children']['description'],
+						'type' => 'int',
+						'value' => $result['max_children']
+					),
+					'start_servers' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['start_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['start_servers']['description'],
+						'type' => 'int',
+						'value' => $result['start_servers']
+					),
+					'min_spare_servers' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['description'],
+						'type' => 'int',
+						'value' => $result['min_spare_servers']
+					),
+					'max_spare_servers' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['description'],
+						'type' => 'int',
+						'value' => $result['max_spare_servers']
+					),
+					'max_requests' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['max_requests']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_requests']['description'],
+						'type' => 'int',
+						'value' => $result['max_requests']
+					),
+					'idle_timeout' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['description'],
+						'type' => 'int',
+						'value' => $result['idle_timeout']
+					),
+					'limit_extensions' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'],
+						'type' => 'text',
+						'value' => $result['limit_extensions']
+					)
+				)
+			)
+		)
+	)
+);
--- a/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php
+++ b/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php
@@ -36,6 +36,12 @@ return array(
 						'maxlength' => 255,
 						'value' => '/usr/bin/php-cgi'
 					),
+					'fpmconfig' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['admin']['phpsettings']['fpmdesc'],
+						'type' => 'select',
+						'select_var' => $fpmconfigs
+					),
 					'file_extensions' => array(
 						'visible' => (Settings::Get('system.mod_fcgid') == 1 ? true : false),
 						'label' => $lng['admin']['phpsettings']['file_extensions'],
@@ -84,6 +90,79 @@ return array(
 						'maxlength' => 10,
 						'value' => '5s'
 					),
+					'phpfpm_pass_authorizationheader' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['admin']['phpsettings']['pass_authorizationheader'],
+						'type' => 'checkbox',
+						'values' => array(
+							array ('label' => $lng['panel']['yes'], 'value' => '1')
+						),
+						'value' => array()
+					),
+					'override_fpmconfig' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['override_fpmconfig'],
+						'type' => 'checkbox',
+						'values' => array(
+							array ('label' => $lng['panel']['yes'], 'value' => '1')
+						),
+						'value' => array()
+					),
+					'pm' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['pm'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'select',
+						'select_var' => $pm_select
+					),
+					'max_children' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_children']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_children']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 1
+					),
+					'start_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['start_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['start_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 20
+					),
+					'min_spare_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 5
+					),
+					'max_spare_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 35
+					),
+					'max_requests' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_requests']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_requests']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 0
+					),
+					'idle_timeout' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 30
+					),
+					'limit_extensions' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'text',
+						'value' => '.php'
+					),
 					'phpsettings' => array(
 						'style' => 'align-top',
 						'label' => $lng['admin']['phpsettings']['phpinisettings'],
--- a/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php
+++ b/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php
@@ -37,6 +37,12 @@ return array(
 						'maxlength' => 255,
 						'value' => $result['binary']
 					),
+					'fpmconfig' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['admin']['phpsettings']['fpmdesc'],
+						'type' => 'select',
+						'select_var' => $fpmconfigs
+					),
 					'file_extensions' => array(
 						'visible' => (Settings::Get('system.mod_fcgid') == 1 ? true : false),
 						'label' => $lng['admin']['phpsettings']['file_extensions'],
@@ -87,6 +93,79 @@ return array(
 						'maxlength' => 10,
 						'value' => $result['fpm_reqslow']
 					),
+					'phpfpm_pass_authorizationheader' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['admin']['phpsettings']['pass_authorizationheader'],
+						'type' => 'checkbox',
+						'values' => array(
+							array ('label' => $lng['panel']['yes'], 'value' => '1')
+						),
+						'value' => array($result['pass_authorizationheader'])
+					),
+					'override_fpmconfig' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['override_fpmconfig'],
+						'type' => 'checkbox',
+						'values' => array(
+							array ('label' => $lng['panel']['yes'], 'value' => '1')
+						),
+						'value' => array($result['override_fpmconfig'])
+					),
+					'pm' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['pm'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'select',
+						'select_var' => $pm_select
+					),
+					'max_children' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_children']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_children']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['max_children']
+					),
+					'start_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['start_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['start_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['start_servers']
+					),
+					'min_spare_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['min_spare_servers']
+					),
+					'max_spare_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['max_spare_servers']
+					),
+					'max_requests' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_requests']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_requests']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['max_requests']
+					),
+					'idle_timeout' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['idle_timeout']
+					),
+					'limit_extensions' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'text',
+						'value' => $result['limit_extensions']
+					),
 					'phpsettings' => array(
 						'style' => 'align-top',
 						'label' => $lng['admin']['phpsettings']['phpinisettings'],
--- a/lib/formfields/admin/plans/formfield.plans_add.php
+++ b/lib/formfields/admin/plans/formfield.plans_add.php
@@ -0,0 +1,41 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Formfields
+ *
+ */
+
+return array(
+	'plans_add' => array(
+		'title' => $lng['admin']['plans']['add'],
+		'image' => 'icons/templates_add_big.png',
+		'sections' => array(
+			'section_a' => array(
+				'title' => $lng['admin']['plans']['plan_details'],
+				'image' => 'icons/templates_add_big.png',
+				'fields' => array(
+					'name' => array(
+						'label' => $lng['admin']['plans']['name'],
+						'type' => 'text'
+					),
+					'description' => array(
+						'label' => $lng['admin']['plans']['description'],
+						'type' => 'textarea',
+						'cols' => 60,
+						'rows' => 12
+					)
+				)
+			)
+		)
+	)
+);
--- a/lib/formfields/admin/plans/formfield.plans_edit.php
+++ b/lib/formfields/admin/plans/formfield.plans_edit.php
@@ -0,0 +1,43 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Formfields
+ *
+ */
+
+return array(
+	'plans_edit' => array(
+		'title' => $lng['admin']['plans']['edit'],
+		'image' => 'icons/templates_edit_big.png',
+		'sections' => array(
+			'section_a' => array(
+				'title' => $lng['admin']['plans']['plan_details'],
+				'image' => 'icons/templates_edit_big.png',
+				'fields' => array(
+					'name' => array(
+						'label' => $lng['admin']['plans']['name'],
+						'type' => 'text',
+						'value' => $result['name']
+					),
+					'description' => array(
+						'label' => $lng['admin']['plans']['description'],
+						'type' => 'textarea',
+						'cols' => 60,
+						'rows' => 12,
+						'value' => $result['description']
+					)
+				)
+			)
+		)
+	)
+);
--- a/lib/formfields/customer/domains/formfield.domains_add.php
+++ b/lib/formfields/customer/domains/formfield.domains_add.php
@@ -70,16 +70,21 @@ return array(
 						'label' => $lng['domain']['openbasedirpath'],
 						'type' => 'select',
 						'select_var' => $openbasedir
+					),
+					'phpsettingid' => array(
+						'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) && $has_phpconfigs ? true : false),
+						'label' => $lng['admin']['phpsettings']['title'],
+						'type' => 'select',
+						'select_var' => $phpconfigs
 					)
 				)
 			),
 			'section_bssl' => array(
 				'title' => $lng['admin']['webserversettings_ssl'],
 				'image' => 'icons/domain_add.png',
-				'visible' => Settings::Get('system.use_ssl') == '1' ? true : false,
+				'visible' => Settings::Get('system.use_ssl') == '1' ? ($ssl_ipsandports != '' ? true : false) : false,
 				'fields' => array(
 					'ssl_redirect' => array(
-						'visible' => ($ssl_ipsandports != '' ? true : false),
 						'label' => $lng['domains']['ssl_redirect']['title'],
 						'desc' => $lng['domains']['ssl_redirect']['description'],
 						'type' => 'checkbox',
@@ -89,7 +94,7 @@ return array(
 						'value' => array()
 					),
 					'letsencrypt' => array(
-						'visible' => (Settings::Get('system.leenabled') == '1' ? ($ssl_ipsandports != '' ? true : false) : false),
+						'visible' => (Settings::Get('system.leenabled') == '1' ? true : false),
 						'label' => $lng['customer']['letsencrypt']['title'],
 						'desc' => $lng['customer']['letsencrypt']['description'],
 						'type' => 'checkbox',
@@ -99,7 +104,6 @@ return array(
 						'value' => array()
 					),
 					'hsts_maxage' => array(
-						'visible' => ($ssl_ipsandports != '' ? true : false),
 						'label' => $lng['admin']['domain_hsts_maxage']['title'],
 						'desc' => $lng['admin']['domain_hsts_maxage']['description'],
 						'type' => 'int',
@@ -107,8 +111,7 @@ return array(
 						'int_max' => 94608000, // 3-years
 						'value' => 0
 					),
-					'hsts_incsub' => array(
-						'visible' => ($ssl_ipsandports != '' ? true : false),
+					'hsts_sub' => array(
 						'label' => $lng['admin']['domain_hsts_incsub']['title'],
 						'desc' => $lng['admin']['domain_hsts_incsub']['description'],
 						'type' => 'checkbox',
@@ -118,7 +121,6 @@ return array(
 						'value' => array()
 					),
 					'hsts_preload' => array(
-						'visible' => ($ssl_ipsandports != '' ? true : false),
 						'label' => $lng['admin']['domain_hsts_preload']['title'],
 						'desc' => $lng['admin']['domain_hsts_preload']['description'],
 						'type' => 'checkbox',
--- a/lib/formfields/customer/domains/formfield.domains_edit.php
+++ b/lib/formfields/customer/domains/formfield.domains_edit.php
@@ -81,16 +81,21 @@ return array(
 						'label' => $lng['domain']['openbasedirpath'],
 						'type' => 'select',
 						'select_var' => $openbasedir
+					),
+					'phpsettingid' => array(
+						'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) && $has_phpconfigs ? true : false),
+						'label' => $lng['admin']['phpsettings']['title'],
+						'type' => 'select',
+						'select_var' => $phpconfigs
 					)
 				)
 			),
 			'section_bssl' => array(
 				'title' => $lng['admin']['webserversettings_ssl'],
 				'image' => 'icons/domain_edit.png',
-				'visible' => Settings::Get('system.use_ssl') == '1' ? true : false,
+				'visible' => Settings::Get('system.use_ssl') == '1' ? ($ssl_ipsandports != '' ? (domainHasSslIpPort($result['id']) ? true : false) : false) : false,
 				'fields' => array(
 					'ssl_redirect' => array(
-						'visible' => (Settings::Get('system.use_ssl') == '1' ? ($ssl_ipsandports != '' ? (domainHasSslIpPort($result['id']) ? true : false) : false) : false),
 						'label' => $lng['domains']['ssl_redirect']['title'],
 						'desc' => $lng['domains']['ssl_redirect']['description'] . ($result['temporary_ssl_redirect'] > 1 ? $lng['domains']['ssl_redirect_temporarilydisabled'] : ''),
 						'type' => 'checkbox',
@@ -100,7 +105,7 @@ return array(
 						'value' => array($result['ssl_redirect'])
 					),
 					'letsencrypt' => array(
-						'visible' => (Settings::Get('system.use_ssl') == '1' ? (Settings::Get('system.leenabled') == '1' ? ($ssl_ipsandports != '' ? (domainHasSslIpPort($result['id']) ? true : false) : false) : false) : false),
+						'visible' => Settings::Get('system.leenabled') == '1' ? true : false,
 						'label' => $lng['customer']['letsencrypt']['title'],
 						'desc' => $lng['customer']['letsencrypt']['description'],
 						'type' => 'checkbox',
@@ -110,7 +115,6 @@ return array(
 						'value' => array($result['letsencrypt'])
 					),
 					'hsts_maxage' => array(
-						'visible' => ($ssl_ipsandports != '' ? true : false),
 						'label' => $lng['admin']['domain_hsts_maxage']['title'],
 						'desc' => $lng['admin']['domain_hsts_maxage']['description'],
 						'type' => 'int',
@@ -118,8 +122,7 @@ return array(
 						'int_max' => 94608000, // 3-years
 						'value' => $result['hsts']
 					),
-					'hsts_incsub' => array(
-						'visible' => ($ssl_ipsandports != '' ? true : false),
+					'hsts_sub' => array(
 						'label' => $lng['admin']['domain_hsts_incsub']['title'],
 						'desc' => $lng['admin']['domain_hsts_incsub']['description'],
 						'type' => 'checkbox',
@@ -129,7 +132,6 @@ return array(
 						'value' => array($result['hsts_sub'])
 					),
 					'hsts_preload' => array(
-						'visible' => ($ssl_ipsandports != '' ? true : false),
 						'label' => $lng['admin']['domain_hsts_preload']['title'],
 						'desc' => $lng['admin']['domain_hsts_preload']['description'],
 						'type' => 'checkbox',
--- a/lib/formfields/customer/extras/formfield.backup.php
+++ b/lib/formfields/customer/extras/formfield.backup.php
@@ -24,8 +24,8 @@ return array(
 				'image' => 'icons/backup_big.png',
 				'fields' => array(
 					'path' => array(
-						'label' => $lng['panel']['path'],
-						'desc' => (Settings::Get('panel.pathedit') != 'Dropdown' ? $lng['panel']['pathDescription'] : null).(isset($pathSelect['note']) ? '<br />'.$pathSelect['value'] : ''),
+						'label' => $lng['panel']['backuppath']['title'],
+						'desc' => $lng['panel']['backuppath']['description'].'<br>'.(Settings::Get('panel.pathedit') != 'Dropdown' ? $lng['panel']['pathDescription'] : null).(isset($pathSelect['note']) ? '<br />'.$pathSelect['value'] : ''),
 						'type' => $pathSelect['type'],
 						'select_var' => $pathSelect['value'],
 						'value' => $pathSelect['value']
--- a/lib/functions/dns/function.createDomainZone.php
+++ b/lib/functions/dns/function.createDomainZone.php
@@ -279,7 +279,7 @@ function createDomainZone($domain_id, $froxlorhostname = false, $isMainButSubTo
 		$soa_content = $primary_ns . " " . escapeSoaAdminMail(Settings::Get('panel.adminmail')) . " ";
 		$soa_content .= $domain['bindserial'] . " ";
 		// TODO for now, dummy time-periods
-		$soa_content .= "1800 900 604800 1200";
+		$soa_content .= "3600 900 604800 1200";

 		$soa_record = new DnsEntry('@', 'SOA', $soa_content);
 		array_unshift($zonerecords, $soa_record);
--- a/lib/functions/dns/function.generateDkimEntries.php
+++ b/lib/functions/dns/function.generateDkimEntries.php
@@ -54,20 +54,8 @@ function generateDkimEntries($domain)
 		// end-part
 		$dkim_txt .= 't=s';

-		if (Settings::Get('system.dns_server') == 'pdns') {
-			// PowerDNS does not need/want splitted content
-			$txt_record_split = $dkim_txt;
-		} else {
-			// split if necessary
-			$txt_record_split = '';
-			$lbr = 50;
-			for ($pos = 0; $pos <= strlen($dkim_txt) - 1; $pos += $lbr) {
-				$txt_record_split .= (($pos == 0) ? '("' : "\t\t\t\t\t \"") . substr($dkim_txt, $pos, $lbr) . (($pos >= strlen($dkim_txt) - $lbr) ? '")' : '"') . "\n";
-			}
-		}
-
 		// dkim-entry
-		$zone_dkim[] = $txt_record_split;
+		$zone_dkim[] = $dkim_txt;

 		// adsp-entry
 		if (Settings::Get('dkim.dkim_add_adsp') == "1") {
--- a/lib/functions/filedir/function.makeCorrectDir.php
+++ b/lib/functions/filedir/function.makeCorrectDir.php
@@ -26,7 +26,11 @@
 */
 function makeCorrectDir($dir) {

-	assert('is_string($dir) && strlen($dir) > 0', 'Value "' . $dir .'" does not look like an actual folder name');
+	if (version_compare("5.4.6", PHP_VERSION, ">")) {
+		assert('is_string($dir) && strlen($dir) > 0 /* $dir does not look like an actual folder name */');
+	} else {
+		assert('is_string($dir) && strlen($dir) > 0', 'Value "' . $dir .'" does not look like an actual folder name');
+	}

 	$dir = trim($dir);

--- a/lib/functions/formfields/option/function.validateFormFieldOption.php
+++ b/lib/functions/formfields/option/function.validateFormFieldOption.php
@@ -34,7 +34,7 @@ function validateFormFieldOption($fieldname, $fielddata, $newfieldvalue)
 		$returnvalue = isset($fielddata['option_options'][$newfieldvalue]);
 	}

-	if($returnvalue === true)
+	if($returnvalue === true || $fielddata['visible'] == false)
 	{
 		return true;
 	}
--- a/lib/functions/froxlor/function.CronjobFunctions.php
+++ b/lib/functions/froxlor/function.CronjobFunctions.php
@@ -63,7 +63,7 @@ function getOutstandingTasks() {
 	while ($row = $result->fetch(PDO::FETCH_ASSOC)) {

 		if ($row['data'] != '') {
-			$row['data'] = unserialize($row['data']);
+			$row['data'] = json_decode($row['data'], true);
 		}

 		// rebuilding webserver-configuration
--- a/lib/functions/froxlor/function.inserttask.php
+++ b/lib/functions/froxlor/function.inserttask.php
@@ -70,7 +70,7 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = '
 		$data['uid'] = $param2;
 		$data['gid'] = $param3;
 		$data['store_defaultindex'] = $param4;
-		$data = serialize($data);
+		$data = json_encode($data);
 		Database::pexecute($ins_stmt, array('type' => '2', 'data' => $data));

 	} elseif ($type == '6'
@@ -78,7 +78,7 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = '
 	) {
 		$data = array();
 		$data['loginname'] = $param1;
-		$data = serialize($data);
+		$data = json_encode($data);
 		Database::pexecute($ins_stmt, array('type' => '6', 'data' => $data));

 	} elseif ($type == '7'
@@ -88,7 +88,7 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = '
 		$data = array();
 		$data['loginname'] = $param1;
 		$data['email'] = $param2;
-		$data = serialize($data);
+		$data = json_encode($data);
 		Database::pexecute($ins_stmt, array('type' => '7', 'data' => $data));

 	} elseif ($type == '8'
@@ -98,13 +98,13 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = '
 		$data = array();
 		$data['loginname'] = $param1;
 		$data['homedir'] = $param2;
-		$data = serialize($data);
+		$data = json_encode($data);
 		Database::pexecute($ins_stmt, array('type' => '8', 'data' => $data));

 	} elseif ($type == '20'
 		&& is_array($param1)
 	) {
-		$data = serialize($param1);
+		$data = json_encode($param1);
 		Database::pexecute($ins_stmt, array('type' => '20', 'data' => $data));
 	}
 }
--- a/lib/functions/froxlor/function.phpErrHandler.php
+++ b/lib/functions/froxlor/function.phpErrHandler.php
@@ -25,6 +25,8 @@ function phpErrHandler($errno, $errstr, $errfile, $errline, $errcontext) {
 		if (empty($theme)) {
 			$theme = "Sparkle";
 		}
+		// prevent possible file-path-disclosure
+		$errfile = str_replace(FROXLOR_INSTALL_DIR, "", $errfile);
 		// if we're not on the shell, output a nicer error-message
 		$err_hint = file_get_contents(FROXLOR_INSTALL_DIR.'/templates/'.$theme.'/misc/phperrornice.tpl');
 		// replace values
--- a/lib/functions/output/function.RedirectCode.php
+++ b/lib/functions/output/function.RedirectCode.php
@@ -16,11 +16,11 @@

 /**
 * return an array of all enabled redirect-codes
- * 
+ *
 * @return array array of enabled redirect-codes
 */
 function getRedirectCodesArray() {
-	
+
 	$sql = "SELECT * FROM `".TABLE_PANEL_REDIRECTCODES."` WHERE `enabled` = '1' ORDER BY `id` ASC";
 	$result_stmt = Database::query($sql);

@@ -35,35 +35,47 @@ function getRedirectCodesArray() {
 /**
 * return an array of all enabled redirect-codes
 * for the settings form
- * 
+ *
+ * @param bool $add_desc optional, default true, add the code-description
+ *
 * @return array array of enabled redirect-codes
 */
-function getRedirectCodes() {
+function getRedirectCodes($add_desc = true) {

 	global $lng;
-	
+
 	$sql = "SELECT * FROM `".TABLE_PANEL_REDIRECTCODES."` WHERE `enabled` = '1' ORDER BY `id` ASC";
 	$result_stmt = Database::query($sql);

 	$codes = array();
 	while ($rc = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-		$codes[$rc['id']] = $rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')';
+		$codes[$rc['id']] = $rc['code'];
+		if ($add_desc) {
+			$codes[$rc['id']] .= ' ('.$lng['redirect_desc'][$rc['desc']].')';
+		}
 	}

 	return $codes;
 }

 /**
- * returns the redirect-code for a given 
+ * returns the redirect-code for a given
 * domain-id
- * 
+ *
 * @param integer $domainid id of the domain
- * 
+ *
 * @return string redirect-code
 */
 function getDomainRedirectCode($domainid = 0) {

-	$code = '';
+	// get system default
+	$default = '301';
+	if (Settings::Get('customredirect.enabled') == '1') {
+		$all_codes = getRedirectCodes(false);
+		$_default = $all_codes[Settings::Get('customredirect.default')];
+		$default = ($_default == '---') ? $default : $_default;
+	}
+	$code = $default;
 	if ($domainid > 0) {

 		$result_stmt = Database::prepare("
@@ -76,18 +88,18 @@ function getDomainRedirectCode($domainid = 0) {
 		if (is_array($result)
 			&& isset($result['redirect'])
 		) {
-			$code = ($result['redirect'] == '---') ? '' : $result['redirect'];
+			$code = ($result['redirect'] == '---') ? $default : $result['redirect'];
 		}
 	}
 	return $code;
 }

 /**
- * returns the redirect-id for a given 
+ * returns the redirect-id for a given
 * domain-id
- * 
+ *
 * @param integer $domainid id of the domain
- * 
+ *
 * @return integer redirect-code-id
 */
 function getDomainRedirectId($domainid = 0) {
@@ -112,10 +124,10 @@ function getDomainRedirectId($domainid = 0) {

 /**
 * adds a redirectcode for a domain
- * 
+ *
 * @param integer $domainid id of the domain to add the code for
- * @param integer $redirect selected redirect-id 
- * 
+ * @param integer $redirect selected redirect-id
+ *
 * @return null
 */
 function addRedirectToDomain($domainid = 0, $redirect = 1) {
@@ -130,10 +142,10 @@ function addRedirectToDomain($domainid = 0, $redirect = 1) {
 /**
 * updates the redirectcode of a domain
 * if redirect-code is false, nothing happens
- * 
+ *
 * @param integer $domainid id of the domain to update
 * @param integer $redirect selected redirect-id or false
- * 
+ *
 * @return null
 */
 function updateRedirectOfDomain($domainid = 0, $redirect = false) {
--- a/lib/functions/output/function.dieWithMail.php
+++ b/lib/functions/output/function.dieWithMail.php
@@ -42,6 +42,8 @@ function dieWithMail($message, $subject = "[froxlor] Cronjob error") {
 			$_mail->Password = Settings::Get('system.mail_smtp_passwd');
 			if (Settings::Get('system.mail_smtp_usetls')) {
 				$_mail->SMTPSecure = 'tls';
+			} else {
+				$mail->SMTPAutoTLS = false;
 			}
 			$_mail->Port = Settings::Get('system.mail_smtp_port');
 		}
--- a/lib/functions/output/function.makeoption.php
+++ b/lib/functions/output/function.makeoption.php
@@ -29,7 +29,7 @@
 * @author Florian Lippert <flo@syscp.org>
 */

-function makeoption($title, $value, $selvalue = NULL, $title_trusted = false, $value_trusted = false, $id = NULL)
+function makeoption($title, $value, $selvalue = NULL, $title_trusted = false, $value_trusted = false, $id = NULL, $disabled = false)
 {
 	if($selvalue !== NULL
 	   && ((is_array($selvalue) && in_array($value, $selvalue)) || $value == $selvalue))
@@ -40,6 +40,10 @@ function makeoption($title, $value, $selvalue = NULL, $title_trusted = false, $v
 	{
 		$selected = '';
 	}
+	
+	if ($disabled) {
+		$selected .= ' disabled="disabled"';
+	}

 	if(!$title_trusted)
 	{
--- a/lib/functions/output/function.standard_error.php
+++ b/lib/functions/output/function.standard_error.php
@@ -63,3 +63,15 @@ function standard_error($errors = '', $replacer = '') {
 	eval("echo \"" . getTemplate('misc/error', '1') . "\";");
 	exit;
 }
+
+function dynamic_error($message) {
+	global $userinfo, $s, $header, $footer, $lng, $theme;
+	$_SESSION['requestData'] = $_POST;
+	$link = '';
+	if (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST']) !== false) {
+		$link = '<a href="'.htmlentities($_SERVER['HTTP_REFERER']).'">'.$lng['panel']['back'].'</a>';
+	}
+	$error = $message;
+	eval("echo \"" . getTemplate('misc/error', '1') . "\";");
+	exit;
+}
--- a/lib/functions/phphelpers/function.array_trim.php
+++ b/lib/functions/phphelpers/function.array_trim.php
@@ -20,27 +20,22 @@
 /**
 * Returns Array, whose elements have been checked whether thay are empty or not
 *
- * @param array The array to trim
+ * @param array $source
+ *        	The array to trim
 * @return array The trim'med array
 * @author Florian Lippert <flo@syscp.org>
 */
-
 function array_trim($source)
 {
 	$returnval = array();
-
-	if(is_array($source))
-	{
-		while(list($var, $val) = each($source))
-		{
-			if($val != ' '
-			   && $val != '')$returnval[$var] = $val;
+	if (is_array($source)) {
+		foreach ($source as $var => $val) {
+			if ($val != ' ' && $val != '') {
+				$returnval[$var] = $val;
+			}
 		}
-	}
-	else
-	{
+	} else {
 		$returnval = $source;
 	}
-
 	return $returnval;
 }
--- a/lib/functions/settings/function.storeSettingMysqlAccessHost.php
+++ b/lib/functions/settings/function.storeSettingMysqlAccessHost.php
@@ -16,33 +16,36 @@
 * @package    Functions
 *
 */
-
 function storeSettingMysqlAccessHost($fieldname, $fielddata, $newfieldvalue)
 {
 	$returnvalue = storeSettingField($fieldname, $fielddata, $newfieldvalue);

-	if($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'mysql_access_host')
-	{
+	if ($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'mysql_access_host') {
 		$mysql_access_host_array = array_map('trim', explode(',', $newfieldvalue));

-		if(in_array('127.0.0.1', $mysql_access_host_array)
-		   && !in_array('localhost', $mysql_access_host_array))
-		{
+		if (in_array('127.0.0.1', $mysql_access_host_array) && ! in_array('localhost', $mysql_access_host_array)) {
 			$mysql_access_host_array[] = 'localhost';
 		}

-		if(!in_array('127.0.0.1', $mysql_access_host_array)
-		   && in_array('localhost', $mysql_access_host_array))
-		{
+		if (! in_array('127.0.0.1', $mysql_access_host_array) && in_array('localhost', $mysql_access_host_array)) {
 			$mysql_access_host_array[] = '127.0.0.1';
 		}

+		// be aware that ipv6 addresses are enclosed in [ ] when passed here
+		$mysql_access_host_array = array_map('cleanMySQLAccessHost', $mysql_access_host_array);
+
 		$mysql_access_host_array = array_unique(array_trim($mysql_access_host_array));
 		$newfieldvalue = implode(',', $mysql_access_host_array);
 		correctMysqlUsers($mysql_access_host_array);
 	}
-	
+
 	return $returnvalue;
 }

-?>
+function cleanMySQLAccessHost($value)
+{
+	if (substr($value, 0, 1) == '[' && substr($value, - 1) == ']') {
+		return substr($value, 1, - 1);
+	}
+	return $value;
+}
--- a/lib/functions/validate/function.checkFcgidPhpFpm.php
+++ b/lib/functions/validate/function.checkFcgidPhpFpm.php
@@ -24,12 +24,14 @@ function checkFcgidPhpFpm($fieldname, $fielddata, $newfieldvalue, $allnewfieldva
        'system_mod_fcgid_enabled' => array(
            'other_post_field' => 'system_phpfpm_enabled',
            'other_enabled' => 'phpfpm.enabled',
-            'other_enabled_lng' => 'phpfpmstillenabled'
+			'other_enabled_lng' => 'phpfpmstillenabled',
+			'deactivate' => array('phpfpm.enabled_ownvhost' => 0)
        ),
        'system_phpfpm_enabled' => array(
            'other_post_field' => 'system_mod_fcgid_enabled',
            'other_enabled' => 'system.mod_fcgid',
-            'other_enabled_lng' => 'fcgidstillenabled'
+			'other_enabled_lng' => 'fcgidstillenabled',
+			'deactivate' => array('system.mod_fcgid_ownvhost' => 0)
        )
    );
    
@@ -56,6 +58,13 @@ function checkFcgidPhpFpm($fieldname, $fielddata, $newfieldvalue, $allnewfieldva
                }
            }
        }
+        if (in_array(FORMFIELDS_PLAUSIBILITY_CHECK_OK, $returnvalue)) {
+			// be sure to deactivate the other one for the froxlor-vhost
+			// to avoid having a settings-deadlock
+			foreach ($check_array[$fieldname]['deactivate'] as $setting => $value) {
+				Settings::Set($setting, $value, true);
+			}
+        }
    }
    
    return $returnvalue;
--- a/lib/functions/validate/function.validateUrl.php
+++ b/lib/functions/validate/function.validateUrl.php
@@ -37,7 +37,11 @@ function validateUrl($url) {
 	}

 	// needs converting
-	$url = $idna_convert->encode($url);
+	try {
+		$url = $idna_convert->encode($url);
+	} catch (Exception $e) {
+		return false;
+	}

 	$pattern = "/^https?:\/\/[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,4}(\:[0-9]+)?\/?(.+)?$/i";
 	if (preg_match($pattern, $url)) {
--- a/Show More
+++ b/Show More