set version to 0.9.39.2 for bugfix release

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
add script to automatically configure services from shell without the need of copy/paste from the interface
2018-02-12 07:49:07 +01:00 · 2018-02-12 07:47:51 +01:00 · 2018-02-12 07:46:38 +01:00 · 2018-02-11 16:10:10 +01:00 · 2018-02-11 13:57:07 +01:00 · 2018-02-10 16:06:57 +01:00
117 changed files with 11039 additions and 2324 deletions
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -0,0 +1,58 @@
 # Contributing
 Before you start working on a PR, contact us via IRC in #froxlor on Freenode or
 the forum at https://forum.froxlor.org to get a clue whether someone else isn't
 already working on it or if we don't want to invest the effort in favour of
 working on Froxlor 2.0.
 Of course, bug fixes are always welcome.
 However, at this stage of the 0.9.x branch, we are not looking for new
 features or refactoring, especially not the kind which requires changes to a
 lot of files.
 Currently, we are working on a complete re-write, which, at this point in
 time, is not yet public to keep delays due to discussions about internal
 details to a minimum.
 ## Checklist
 General rules for PRs are:
 * Please save us all some trouble and unnecessary round-trips by _testing_ your
 changes.
 * Re-write your commit history to provide a CLEAN history!
 	* i.e. do not provide PRs which contain a commit that changes something,
 	the next changes it back, a third one changes it again, only a little
 	differently...
 Thanks!
 ### Webserver changes
 If you make changes to the functionality of webserver configuration, please
 make sure your implementation covers both apache **and** nginx.
 ### l10n
 If you add new language strings, please make sure you add the english fallback
 strings in
 * `lng/english.lng.php`
 * `install/lng/english.lng.php` (if applicable)
 ### New settings
 If you add new settings, please make sure you add the default values to
 * `install/froxlor.sql`
 * handle the update (see `install/updates/froxlor/0.9/update_0.9.inc.php`)
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -0,0 +1,64 @@
 # Bug report vs. support request
 If you're unsure of whether your problem is a bug or a configuration error
 * contact us via IRC in #froxlor on freenode
 * or post a thread in our forum at https://forum.froxlor.org
 As a rule of thumb: before reporting an issue
 * see if it hasn't been [reported](https://github.com/Froxlor/froxlor/issues) (and possibly already been [fixed](https://github.com/Froxlor/froxlor/issues?utf8=✓&q=is:issue%20is:closed)) first
 * try with the git master
 # Summary
 Please provide a concise summary of the problem you're experiencing...
 # System information
 * Froxlor version: $version/$gitSHA1
 * Web server: apache2/nginx/lighttpd
 * DNS server: Bind/PowerDNS (standalone)/PowerDNS (Bind-backend)
 * POP/IMAP server: Courier/Dovecot
 * SMTP server: postfix/exim
 * FTP server: proftpd/pureftpd
 * OS/Version: ...
 # Steps to reproduce
 1.
 2.
 3.
 # Expected behavior
 1.
 2.
 3.
 # Actual behavior
 1.
 2.
 3.
 # Log files/log entries
 syslog:
 <pre>
 example
 </pre>
--- a/README.md
+++ b/README.md
@@ -17,7 +17,7 @@ Developed by experienced server administrators, this panel simplifies the effort
 9. Have fun!
 ### Detailed installation
-http://redmine.froxlor.org/projects/froxlor/wiki/Installationtarball
+https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-from-tarball
 ## Help
@@ -30,12 +30,12 @@ irc://chat.freenode.net/froxlor
 ### Forum
-The community is located on http://forum.froxlor.org
+The community is located on https://forum.froxlor.org/
 ### Wiki
 More documentation may be found in the froxlor - wiki:
-http://redmine.froxlor.org/projects/froxlor/wiki
+https://github.com/Froxlor/Froxlor/wiki
 ## License
@@ -44,31 +44,21 @@ May be found in COPYING
 ## Downloads
 ### Tarball
-http://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](http://files.froxlor.org/releases/froxlor-latest.tar.gz.md5) [SHA1](http://files.froxlor.org/releases/froxlor-latest.tar.gz.sha1)
+https://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](https://files.froxlor.org/releases/froxlor-latest.tar.gz.md5) [SHA1](https://files.froxlor.org/releases/froxlor-latest.tar.gz.sha1)
 ### Debian repository
-[HowTo](http://redmine.froxlor.org/projects/froxlor/wiki/Installationdebian)
+[HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-debian)
 /etc/apt/sources.list.d/froxlor.list
 > deb http://debian.froxlor.org {wheezy|jessie} main
 ### Gentoo repository
-[HowTo](http://redmine.froxlor.org/projects/froxlor/wiki/Installationgentoo)
+[HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-gentoo)
-http://files.froxlor.org/gentoo/repositories.xml
+https://files.froxlor.org/gentoo/repositories.xml
-## Let's Encrypt support
+## Contributing
 This version of Froxlor contains a test implementation of support for [Let's Encrypt](https://letsencrypt.org). This is (as Let's Encrypt is in itself)
 still a beta version and may break your system. The way it currently works is by creating a (sub-)domain with the default system - certificate,
 after which the Let's Encrypt cronjob orders the certificate for this (sub-)domain and inserts the certificates in the database. With the next run
 of the default cronjob, the certificates will be updated on the disk and the webserver reloaded.
 This has 2 known side-effects at the moment:
 * The basic ip/port combinations don't work with the Froxlor - integration of Let's Encrypt, since it needs a certificate for the very first creation
 * After creating a domain, it will have the default certificate for a short time (by default 5 minutes until the cronjob runs the next time)
 It may be possible to fix these issues, but they are not a priority at the moment
 [see here](.github/CONTRIBUTING.md)
--- a/actions/admin/settings/120.system.php
+++ b/actions/admin/settings/120.system.php
@@ -94,6 +94,14 @@ return array(
 					'plausibility_check_method' => 'checkMysqlAccessHost',
 					'save_method' => 'storeSettingMysqlAccessHost',
 					),
 				'system_nssextrausers' => array(
 					'label' => $lng['serversettings']['nssextrausers'],
 					'settinggroup' => 'system',
 					'varname' => 'nssextrausers',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField'
 					),
 				'system_index_file_extension' => array(
 					'label' => $lng['serversettings']['index_file_extension'],
 					'settinggroup' => 'system',
--- a/actions/admin/settings/122.froxlorvhost.php
+++ b/actions/admin/settings/122.froxlorvhost.php
@@ -80,6 +80,19 @@ return array(
 					'save_method' => 'storeSettingField',
 					'visible' => Settings::Get('system.use_ssl')
 				),
 				'system_http2_support' => array(
 					'label' => $lng['serversettings']['http2_support'],
 					'settinggroup' => 'system',
 					'varname' => 'http2_support',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array(
 						'apache2',
 						'nginx'
 					),
 					'visible' => Settings::Get('system.use_ssl')
 				),
 				/**
 				 * FCGID
 				 */
--- a/actions/admin/settings/130.webserver.php
+++ b/actions/admin/settings/130.webserver.php
@@ -179,17 +179,6 @@ return array(
 						'nginx'
 					)
 				),
 				'system_nginx_http2_support' => array(
 					'label' => $lng['serversettings']['nginx_http2_support'],
 					'settinggroup' => 'system',
 					'varname' => 'nginx_http2_support',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array(
 						'nginx'
 					)
 				),
 				'system_nginx_php_backend' => array(
 					'label' => $lng['serversettings']['nginx_php_backend'],
 					'settinggroup' => 'system',
--- a/actions/admin/settings/131.ssl.php
+++ b/actions/admin/settings/131.ssl.php
@@ -30,6 +30,20 @@ return array(
 					'save_method' => 'storeSettingField',
 					'overview_option' => true
 				),
 				'system_ssl_protocols' => array(
 					'label' => $lng['serversettings']['ssl']['ssl_protocols'],
 					'settinggroup' => 'system',
 					'varname' => 'ssl_protocols',
 					'type' => 'option',
 					'default' => 'TLSv1,TLSv1.2',
 					'option_mode' => 'multiple',
 					'option_options' => array(
 						'TLSv1' => 'TLSv1',
 						'TLSv1.1' => 'TLSv1.1',
 						'TLSv1.2' => 'TLSv1.2'
 					),
 					'save_method' => 'storeSettingField'
 				),
 				'system_ssl_cipher_list' => array(
 					'label' => $lng['serversettings']['ssl']['ssl_cipher_list'],
 					'settinggroup' => 'system',
@@ -79,6 +93,17 @@ return array(
 					'default' => '',
 					'save_method' => 'storeSettingField'
 				),
 				'system_apache24_ocsp_cache_path' => array(
 					'label' => $lng['serversettings']['ssl']['apache24_ocsp_cache_path'],
 					'settinggroup' => 'system',
 					'varname' => 'apache24_ocsp_cache_path',
 					'type' => 'string',
 					'string_type' => 'string',
 					'string_emptyallowed' => false,
 					'default' => 'shmcb:/var/run/apache2/ocsp-stapling.cache(131072)',
 					'visible' => Settings::Get('system.webserver') == "apache2" && Settings::Get('system.apache24') == 1,
 					'save_method' => 'storeSettingField'
 				),
 				'system_leenabled' => array(
 					'label' => $lng['serversettings']['leenabled'],
 					'settinggroup' => 'system',
@@ -95,7 +120,20 @@ return array(
 					'type' => 'string',
 					'string_type' => 'file',
 					'default' => '/etc/apache2/conf-enabled/acme.conf',
-					'save_method' => 'storeSettingField',
+					'save_method' => 'storeSettingField'
 				),
 				'system_leapiversion' => array(
 					'label' => $lng['serversettings']['leapiversion'],
 					'settinggroup' => 'system',
 					'varname' => 'leapiversion',
 					'type' => 'option',
 					'default' => '1',
 					'option_mode' => 'one',
 					'option_options' => array(
 						'1' => 'ACME v1',
 						'2' => 'ACME v2'
 					),
 					'save_method' => 'storeSettingField'
 				),
 				'system_letsencryptca' => array(
 					'label' => $lng['serversettings']['letsencryptca'],
@@ -105,8 +143,8 @@ return array(
 					'default' => 'testing',
 					'option_mode' => 'one',
 					'option_options' => array(
-						'testing' => 'https://acme-staging.api.letsencrypt.org (Test)',
+						'testing' => 'https://acme-staging' . (Settings::Get('system.leapiversion') == '2' ? '-v02' : '') . '.api.letsencrypt.org (Test)',
-						'production' => 'https://acme-v01.api.letsencrypt.org (Live)'
+						'production' => 'https://acme-v0' . Settings::Get('system.leapiversion') . '.api.letsencrypt.org (Live)'
 					),
 					'save_method' => 'storeSettingField'
 				),
@@ -153,6 +191,14 @@ return array(
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField'
 				),
 				'system_disable_le_selfcheck' => array(
 					'label' => $lng['serversettings']['disable_le_selfcheck'],
 					'settinggroup' => 'system',
 					'varname' => 'disable_le_selfcheck',
 					'type' => 'bool',
 					'default' => false,
 					'save_method' => 'storeSettingField'
 				)
 			)
 		)
--- a/actions/admin/settings/135.fcgid.php
+++ b/actions/admin/settings/135.fcgid.php
@@ -104,7 +104,7 @@ return array(
 					'type' => 'int',
 					'default' => 30,
 					'save_method' => 'storeSettingField'
-					),
+					)
 				)
 			)
 		)
--- a/actions/admin/settings/136.phpfpm.php
+++ b/actions/admin/settings/136.phpfpm.php
@@ -40,15 +40,6 @@ return array(
 					'option_options_method' => 'getPhpConfigs',
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_configdir' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'configdir',
 					'type' => 'string',
 					'string_type' => 'confdir',
 					'default' => '/etc/php-fpm.d/',
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_aliasconfigdir' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['aliasconfigdir'],
 					'settinggroup' => 'phpfpm',
@@ -73,9 +64,22 @@ return array(
 					'varname' => 'peardir',
 					'type' => 'string',
 					'string_type' => 'dir',
 					'string_delimiter' => ':',
 					'string_emptyallowed' => true,
 					'default' => '/usr/share/php/:/usr/share/php5/',
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_envpath' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['envpath'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'envpath',
 					'type' => 'string',
 					'string_type' => 'dir',
 					'string_delimiter' => ':',
 					'string_emptyallowed' => true,
 					'default' => '/usr/local/bin:/usr/bin:/bin',
 					'save_method' => 'storeSettingField'
 				),
 				'system_phpfpm_fastcgi_ipcdir' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['ipcdir'],
 					'settinggroup' => 'phpfpm',
@@ -85,72 +89,6 @@ return array(
 					'default' => '/var/lib/apache2/fastcgi/',
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_reload' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['reload'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'reload',
 					'type' => 'string',
 					'default' => '/etc/init.d/php-fpm restart',
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_pm' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['pm'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'pm',
 					'type' => 'option',
 					'default' => 'static',
 					'option_mode' => 'one',
 					'option_options' => array('static' => 'static', 'dynamic' => 'dynamic', 'ondemand' => 'ondemand'),
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_max_children' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['max_children'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'max_children',
 					'type' => 'int',
 					'default' => 1,
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_start_servers' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['start_servers'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'start_servers',
 					'type' => 'int',
 					'default' => 20,
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_min_spare_servers' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'min_spare_servers',
 					'type' => 'int',
 					'default' => 5,
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_max_spare_servers' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'max_spare_servers',
 					'type' => 'int',
 					'default' => 35,
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_max_requests' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['max_requests'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'max_requests',
 					'type' => 'int',
 					'default' => 0,
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_idle_timeout' => array(
 					'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'idle_timeout',
 					'type' => 'int',
 					'default' => 30,
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_use_mod_proxy' => array(
 					'label' => $lng['phpfpm']['use_mod_proxy'],
 					'settinggroup' => 'phpfpm',
@@ -160,6 +98,38 @@ return array(
 					'visible' => Settings::Get('system.apache24'),
 					'save_method' => 'storeSettingField'
 					),
 				'system_phpfpm_ini_flags' => array(
 					'label' => $lng['phpfpm']['ini_flags'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'ini_flags',
 					'type' => 'text',
 					'default' => '',
 					'save_method' => 'storeSettingField'
 				),
 				'system_phpfpm_ini_values' => array(
 					'label' => $lng['phpfpm']['ini_values'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'ini_values',
 					'type' => 'text',
 					'default' => '',
 					'save_method' => 'storeSettingField'
 				),
 				'system_phpfpm_ini_admin_flags' => array(
 					'label' => $lng['phpfpm']['ini_admin_flags'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'ini_admin_flags',
 					'type' => 'text',
 					'default' => '',
 					'save_method' => 'storeSettingField'
 				),
 				'system_phpfpm_ini_admin_values' => array(
 					'label' => $lng['phpfpm']['ini_admin_values'],
 					'settinggroup' => 'phpfpm',
 					'varname' => 'ini_admin_values',
 					'type' => 'text',
 					'default' => '',
 					'save_method' => 'storeSettingField'
 				)
 				),
 			),
 		),
--- a/admin_admins.php
+++ b/admin_admins.php
@@ -440,7 +440,7 @@ if ($page == 'admins'
 		} else {
 			$language_options = '';
-			while (list($language_file, $language_name) = each($languages)) {
+			foreach ($languages as $language_file => $language_name) {
 				$language_options.= makeoption($language_name, $language_file, $userinfo['language'], true);
 			}
@@ -840,13 +840,13 @@ if ($page == 'admins'
 				}
 				$language_options = '';
-				while (list($language_file, $language_name) = each($languages)) {
+				foreach ($languages as $language_file => $language_name) {
 					$language_options.= makeoption($language_name, $language_file, $result['def_language'], true);
 				}
 				$ipaddress = makeoption($lng['admin']['allips'], "-1", $result['ip']);
 				$ipsandports_stmt = Database::query("
-					SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` GROUP BY `ip` ORDER BY `ip`, `port` ASC
+					SELECT `id`, `ip` FROM `" . TABLE_PANEL_IPSANDPORTS . "` GROUP BY `id`, `ip` ORDER BY `ip`, `port` ASC
 				");
 				while ($row = $ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) {
--- a/admin_autoupdate.php
+++ b/admin_autoupdate.php
@@ -17,7 +17,6 @@
 * @since      0.9.35
 *
 */
 define('AREA', 'admin');
 require './lib/init.php';
@@ -26,14 +25,13 @@ define('UPDATE_URI', "https://version.froxlor.org/Froxlor/legacy/" . $version);
 define('RELEASE_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip");
 define('CHECKSUM_URI', "https://autoupdate.froxlor.org/froxlor-{version}.zip.sha256");
 // check for allow_url_fopen
 if (ini_get('allow_url_fopen') === false) {
 	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 1));
 }
 // check for archive-stuff
 if (! extension_loaded('zip')) {
-	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 2));
+	redirectTo($filename, array(
 		's' => $s,
 		'page' => 'error',
 		'errno' => 2
 	));
 }
 // display initial version check
@@ -43,58 +41,54 @@ if ($page == 'overview') {
 	$log->logAction(ADM_ACTION, LOG_NOTICE, "checking auto-update");
 	// check for new version
-	$latestversion = @file(UPDATE_URI);
+	$latestversion = HttpClient::urlGet(UPDATE_URI);
-	if (isset($latestversion[0])) {
+	$latestversion = explode('|', $latestversion);
 		$latestversion = explode('|', $latestversion[0]);
-		if (is_array($latestversion)
+	if (is_array($latestversion) && count($latestversion) >= 1) {
-				&& count($latestversion) >= 1
+		$_version = $latestversion[0];
-		) {
+		$_message = isset($latestversion[1]) ? $latestversion[1] : '';
-			$_version = $latestversion[0];
+		$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
 			$_message = isset($latestversion[1]) ? $latestversion[1] : '';
 			$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
-			// add the branding so debian guys are not gettings confused
+		// add the branding so debian guys are not gettings confused
-			// about their version-number
+		// about their version-number
-			$version_label = $_version.$branding;
+		$version_label = $_version . $branding;
-			$version_link = $_link;
+		$version_link = $_link;
-			$message_addinfo = $_message;
+		$message_addinfo = $_message;
-			// not numeric -> error-message
+		// not numeric -> error-message
-			if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
+		if (! preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
-				// check for customized version to not output
+			// check for customized version to not output
-				// "There is a newer version of froxlor" besides the error-message
+			// "There is a newer version of froxlor" besides the error-message
-				redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 3));
+			redirectTo($filename, array(
-			} elseif (version_compare2($version, $_version) == -1) {
+				's' => $s,
-				// there is a newer version - yay
+				'page' => 'error',
-				$isnewerversion = 1;
+				'errno' => 3
-			} else {
+			));
-				// nothing new
+		} elseif (version_compare2($version, $_version) == - 1) {
-				$isnewerversion = 0;
+			// there is a newer version - yay
-			}
+			$isnewerversion = 1;
 		} else {
 			// nothing new
 			$isnewerversion = 0;
 		}
-			// anzeige über version-status mit ggfls. formular
+		// anzeige über version-status mit ggfls. formular
-			// zum update schritt #1 -> download
+		// zum update schritt #1 -> download
-			if ($isnewerversion == 1) {
+		if ($isnewerversion == 1) {
-				$text = 'There is a newer version available. Update to version <b>'.$_version.'</b> now?<br/>(Your current version is: '.$version.')';
+			$text = 'There is a newer version available. Update to version <b>' . $_version . '</b> now?<br/>(Your current version is: ' . $version . ')';
-				$hiddenparams = '<input type="hidden" name="newversion" value="'.$_version.'" />';
+			$hiddenparams = '<input type="hidden" name="newversion" value="' . $_version . '" />';
-				$yesfile = $filename.'?s='.$s.'&amp;page=getdownload';
+			$yesfile = $filename . '?s=' . $s . '&amp;page=getdownload';
-				eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
+			eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
-				exit;
+			exit();
-			}
+		} elseif ($isnewerversion == 0) {
-			elseif ($isnewerversion == 0) {
+			// all good
-				// all good
+			standard_success('noupdatesavail');
-				standard_success ('noupdatesavail');
+		} else {
-			} else {
+			standard_error('customized_version');
 				standard_error ('customized_version');
 			}
 		}
 	}
-	// error (something weird came from version.froxlor.org)
+}// download the new archive
 	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 5));
 }
 // download the new archive
 elseif ($page == 'getdownload') {
 	// retrieve the new version from the form
@@ -107,36 +101,35 @@ elseif ($page == 'getdownload') {
 		$toLoad = str_replace('{version}', $newversion, RELEASE_URI);
 		$toCheck = str_replace('{version}', $newversion, CHECKSUM_URI);
 		// get archive data
 		$newArchive = @file_get_contents($toLoad);
 		// check for local destination folder
-		if (!is_dir(FROXLOR_INSTALL_DIR.'/updates/')) {
+		if (! is_dir(FROXLOR_INSTALL_DIR . '/updates/')) {
-			mkdir(FROXLOR_INSTALL_DIR.'/updates/');
+			mkdir(FROXLOR_INSTALL_DIR . '/updates/');
 		}
 		// name archive
-		$localArchive = FROXLOR_INSTALL_DIR.'/updates/'.basename($toLoad);
+		$localArchive = FROXLOR_INSTALL_DIR . '/updates/' . basename($toLoad);
-		$log->logAction(ADM_ACTION, LOG_NOTICE, "Downloading ".$toLoad." to ".$localArchive);
+		$log->logAction(ADM_ACTION, LOG_NOTICE, "Downloading " . $toLoad . " to " . $localArchive);
 		// remove old archive
 		if (file_exists($localArchive)) {
 			@unlink($localArchive);
 		}
-		// store archive
+		// get archive data
-		$fh = fopen($localArchive, 'w');
+		try {
-		if (!fwrite($fh, $newArchive)) {
+			HttpClient::fileGet($toLoad, $localArchive);
-			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 4));
+		} catch (Exception $e) {
 			redirectTo($filename, array(
 				's' => $s,
 				'page' => 'error',
 				'errno' => 4
 			));
 		}
 		// close file-handle
 		fclose($fh);
 		// validate the integrity of the downloaded file
-		$_shouldsum = @file_get_contents($toCheck);
+		$_shouldsum = HttpClient::urlGet($toCheck);
-		if (!empty($_shouldsum)) {
+		if (! empty($_shouldsum)) {
 			$_t = explode(" ", $_shouldsum);
 			$shouldsum = $_t[0];
 		} else {
@@ -145,58 +138,75 @@ elseif ($page == 'getdownload') {
 		$filesum = hash_file('sha256', $localArchive);
 		if ($filesum != $shouldsum) {
-			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 9));
+			redirectTo($filename, array(
 				's' => $s,
 				'page' => 'error',
 				'errno' => 9
 			));
 		}
 		// to the next step
-		redirectTo($filename, array('s' => $s, 'page' => 'extract', 'archive' => basename($localArchive)));
+		redirectTo($filename, array(
 			's' => $s,
 			'page' => 'extract',
 			'archive' => basename($localArchive)
 		));
 	}
-	redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 6));
+	redirectTo($filename, array(
-}
+		's' => $s,
-// extract and install new version
+		'page' => 'error',
 		'errno' => 6
 	));
 }// extract and install new version
 elseif ($page == 'extract') {
 	$toExtract = isset($_GET['archive']) ? $_GET['archive'] : null;
-	$localArchive = FROXLOR_INSTALL_DIR.'/updates/'.$toExtract;
+	$localArchive = FROXLOR_INSTALL_DIR . '/updates/' . $toExtract;
-	if (isset($_POST['send'])
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			&& $_POST['send'] == 'send'
 	) {
 		// decompress from zip
-		$zip = new ZipArchive;
+		$zip = new ZipArchive();
 		$res = $zip->open($localArchive);
 		if ($res === true) {
-			$log->logAction(ADM_ACTION, LOG_NOTICE, "Extracting ".$localArchive." to ".FROXLOR_INSTALL_DIR);
+			$log->logAction(ADM_ACTION, LOG_NOTICE, "Extracting " . $localArchive . " to " . FROXLOR_INSTALL_DIR);
 			$zip->extractTo(FROXLOR_INSTALL_DIR);
 			$zip->close();
 			// success - remove unused archive
 			@unlink($localArchive);
 		} else {
 			// error
-			redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 8));
+			redirectTo($filename, array(
 				's' => $s,
 				'page' => 'error',
 				'errno' => 8
 			));
 		}
 		// redirect to update-page?
-		redirectTo('admin_updates.php', array('s' => $s));
+		redirectTo('admin_updates.php', array(
 			's' => $s
 		));
 	}
-	if (!file_exists($localArchive)) {
+	if (! file_exists($localArchive)) {
-		redirectTo($filename, array('s' => $s, 'page' => 'error', 'errno' => 7));
+		redirectTo($filename, array(
 			's' => $s,
 			'page' => 'error',
 			'errno' => 7
 		));
 	}
-	$text = 'Extract downloaded archive "'.$toExtract.'"?';
+	$text = 'Extract downloaded archive "' . $toExtract . '"?';
 	$hiddenparams = '';
-	$yesfile = $filename.'?s='.$s.'&amp;page=extract&amp;archive='.$toExtract;
+	$yesfile = $filename . '?s=' . $s . '&amp;page=extract&amp;archive=' . $toExtract;
 	eval("echo \"" . getTemplate("misc/question_yesno", true) . "\";");
 }
 // display error
 elseif ($page == 'error') {
 	// retrieve error-number via url-parameter
-	$errno = isset($_GET['errno']) ? (int)$_GET['errno'] : 0;
+	$errno = isset($_GET['errno']) ? (int) $_GET['errno'] : 0;
 	// 1 = no allow_url_fopen
 	// 2 = no Zlib
 	// 3 = custom version detected
 	// 4 = could not store archive to local hdd
@@ -205,5 +215,5 @@ elseif ($page == 'error') {
 	// 7 = local archive does not exist
 	// 8 = could not extract archive
 	// 9 = checksum mismatch
-	standard_error ('autoupdate_'.$errno);
+	standard_error('autoupdate_' . $errno);
 }
--- a/admin_configfiles.php
+++ b/admin_configfiles.php
@@ -45,7 +45,7 @@ if ($userinfo['change_serversettings'] == '1') {
 	$replace_arr = Array(
 		'<SQL_UNPRIVILEGED_USER>' => $sql['user'],
-		'<SQL_UNPRIVILEGED_PASSWORD>' => 'MYSQL_PASSWORD',
+		'<SQL_UNPRIVILEGED_PASSWORD>' => 'FROXLOR_MYSQL_PASSWORD',
 		'<SQL_DB>' => $sql['db'],
 		'<SQL_HOST>' => $sql['host'],
 		'<SQL_SOCKET>' => isset($sql['socket']) ? $sql['socket'] : null,
@@ -82,6 +82,12 @@ if ($userinfo['change_serversettings'] == '1') {
 	$config_dir = makeCorrectDir(FROXLOR_INSTALL_DIR . '/lib/configfiles/');
 	if ($distribution != "") {
 		if (!file_exists($config_dir . '/' . $distribution . ".xml")) {
 			trigger_error("Unknown distribution, are you playing around with the URL?");
 			exit;
 		}
 		// create configparser object
 		$configfiles = new ConfigParser($config_dir . '/' . $distribution . ".xml");
@@ -93,6 +99,11 @@ if ($userinfo['change_serversettings'] == '1') {
 		if ($service != "") {
 			if (!isset($services[$service])) {
 				trigger_error("Unknown service, are you playing around with the URL?");
 				exit;
 			}
 			$daemons = $services[$service]->getDaemons();
 			if ($daemon == "") {
@@ -136,6 +147,11 @@ if ($userinfo['change_serversettings'] == '1') {
 	if ($distribution != "" && $service != "" && $daemon != "") {
 		if (!isset($daemons[$daemon])) {
 			trigger_error("Unknown daemon, are you playing around with the URL?");
 			exit;
 		}
 		$confarr = $daemons[$daemon]->getConfig();
 		$configpage = '';
--- a/admin_customers.php
+++ b/admin_customers.php
@@ -532,6 +532,14 @@ if ($page == 'customers'
 					$phpenabled = intval($_POST['phpenabled']);
 				}
 				$allowed_phpconfigs = array();
 				if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) {
 					foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) {
 						$allowed_phpconfig = intval($allowed_phpconfig);
 						$allowed_phpconfigs[] = $allowed_phpconfig;
 					}
 				}
 				$perlenabled = 0;
 				if (isset($_POST['perlenabled'])) {
 					$perlenabled = intval($_POST['perlenabled']);
@@ -693,6 +701,7 @@ if ($page == 'customers'
 						'tickets' => $tickets,
 						'mysqls' => $mysqls,
 						'phpenabled' => $phpenabled,
 						'allowed_phpconfigs' => empty($allowed_phpconfigs) ? "" : json_encode($allowed_phpconfigs),
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
 						'perlenabled' => $perlenabled,
@@ -733,6 +742,7 @@ if ($page == 'customers'
 						`mysqls` = :mysqls,
 						`standardsubdomain` = '0',
 						`phpenabled` = :phpenabled,
 						`allowed_phpconfigs` = :allowed_phpconfigs,
 						`imap` = :imap,
 						`pop3` = :pop3,
 						`perlenabled` = :perlenabled,
@@ -910,7 +920,8 @@ if ($page == 'customers'
 							'customerid' => $customerid,
 							'adminid' => $userinfo['adminid'],
 							'docroot' => $documentroot,
-							'adddate' => date('Y-m-d')
+							'adddate' => time(),
 							'phpenabled' => $phpenabled
 						);
 						$ins_stmt = Database::prepare("
 							INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
@@ -928,6 +939,7 @@ if ($page == 'customers'
 							`dkim_id` = '0',
 							`dkim_privkey` = '',
 							`dkim_pubkey` = '',
 							`phpenabled` = :phpenabled,
 							`add_date` = :adddate"
 						);
 						Database::pexecute($ins_stmt, $ins_data);
@@ -1022,7 +1034,7 @@ if ($page == 'customers'
 			} else {
 				$language_options = '';
-				while (list($language_file, $language_name) = each($languages)) {
+				foreach ($languages as $language_file => $language_name) {
 					$language_options.= makeoption($language_name, $language_file, Settings::Get('panel.standardlanguage'), true);
 				}
@@ -1041,6 +1053,26 @@ if ($page == 'customers'
 				$gender_options .= makeoption($lng['gender']['male'], 1, null, true, true);
 				$gender_options .= makeoption($lng['gender']['female'], 2, null, true, true);
 				$phpconfigs = array();
 				$configs = Database::query("
 					SELECT c.*, fc.description as interpreter
 					FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
 					LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
 				");
 				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
 					if ((int) Settings::Get('phpfpm.enabled') == 1) {
 						$phpconfigs[] = array(
 							'label' => $row['description'] . " [".$row['interpreter']."]<br />",
 							'value' => $row['id']
 						);
 					} else {
 						$phpconfigs[] = array(
 							'label' => $row['description']."<br />",
 							'value' => $row['id']
 						);
 					}
 				}
 				$customer_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/customer/formfield.customer_add.php';
 				$customer_add_form = htmlform::genHTMLForm($customer_add_data);
@@ -1203,6 +1235,14 @@ if ($page == 'customers'
 					$phpenabled = intval($_POST['phpenabled']);
 				}
 				$allowed_phpconfigs = array();
 				if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) {
 					foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) {
 						$allowed_phpconfig = intval($allowed_phpconfig);
 						$allowed_phpconfigs[] = $allowed_phpconfig;
 					}
 				}
 				$perlenabled = 0;
 				if (isset($_POST['perlenabled'])) {
 					$perlenabled = intval($_POST['perlenabled']);
@@ -1281,7 +1321,7 @@ if ($page == 'customers'
 								'customerid' => $result['customerid'],
 								'adminid' => $userinfo['adminid'],
 								'docroot' => $result['documentroot'],
-								'adddate' => date('Y-m-d')
+								'adddate' => time()
 						);
 						$ins_stmt = Database::prepare("
 							INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
@@ -1455,6 +1495,7 @@ if ($page == 'customers'
 						'mysqls' => $mysqls,
 						'deactivated' => $deactivated,
 						'phpenabled' => $phpenabled,
 						'allowed_phpconfigs' => empty($allowed_phpconfigs) ? "" : json_encode($allowed_phpconfigs),
 						'imap' => $email_imap,
 						'pop3' => $email_pop3,
 						'perlenabled' => $perlenabled,
@@ -1488,6 +1529,7 @@ if ($page == 'customers'
 						`mysqls` = :mysqls,
 						`deactivated` = :deactivated,
 						`phpenabled` = :phpenabled,
 						`allowed_phpconfigs` = :allowed_phpconfigs,
 						`email_quota` = :email_quota,
 						`imap` = :imap,
 						`pop3` = :pop3,
@@ -1628,7 +1670,7 @@ if ($page == 'customers'
 			} else {
 				$language_options = '';
-				while (list($language_file, $language_name) = each($languages)) {
+				foreach ($languages as $language_file => $language_name) {
 					$language_options.= makeoption($language_name, $language_file, $result['def_language'], true);
 				}
@@ -1693,6 +1735,26 @@ if ($page == 'customers'
 				$gender_options .= makeoption($lng['gender']['male'], 1, ($result['gender'] == '1' ? true : false), true, true);
 				$gender_options .= makeoption($lng['gender']['female'], 2, ($result['gender'] == '2' ? true : false), true, true);
 				$phpconfigs = array();
 				$configs = Database::query("
 					SELECT c.*, fc.description as interpreter
 					FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
 					LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
 				");
 				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
 					if ((int) Settings::Get('phpfpm.enabled') == 1) {
 						$phpconfigs[] = array(
 							'label' => $row['description'] . " [".$row['interpreter']."]<br />",
 							'value' => $row['id']
 						);
 					} else {
 						$phpconfigs[] = array(
 							'label' => $row['description']."<br />",
 							'value' => $row['id']
 						);
 					}
 				}
 				$customer_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/customer/formfield.customer_edit.php';
 				$customer_edit_form = htmlform::genHTMLForm($customer_edit_data);
--- a/admin_domains.php
+++ b/admin_domains.php
@@ -306,7 +306,7 @@ if ($page == 'domains' || $page == 'overview') {
 					standard_error('admin_domain_emailsystemhostname');
 				}
-				if (strpos($_POST['domain'], '--') !== false) {
+				if (substr($_POST['domain'], 0, 4) == 'xn--') {
 					standard_error('domain_nopunycode');
 				}
@@ -455,7 +455,7 @@ if ($page == 'domains' || $page == 'overview') {
 				if ($userinfo['caneditphpsettings'] == '1' || $userinfo['change_serversettings'] == '1') {
-                                        $phpenabled  = isset($POST_['phpenabled']) ? intval($_POST['phpenabled']) : 0;
+					$phpenabled  = isset($_POST['phpenabled']) ? intval($_POST['phpenabled']) : 0;
 					$openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0;
 					if ((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) {
@@ -496,7 +496,7 @@ if ($page == 'domains' || $page == 'overview') {
 					}
 				} else {
-                                        $phpenabled = '1';
+					$phpenabled = '1';
 					$openbasedir = '1';
 					if ((int) Settings::Get('phpfpm.enabled') == 1) {
@@ -590,14 +590,20 @@ if ($page == 'domains' || $page == 'overview') {
 							}
 						}
 						$http2 = isset($_POST['http2']) && (int)$_POST['http2'] == 1 ? 1 : 0;
 						// HSTS
 						$hsts_maxage = isset($_POST['hsts_maxage']) ? (int)$_POST['hsts_maxage'] : 0;
 						$hsts_sub = isset($_POST['hsts_sub']) && (int)$_POST['hsts_sub'] == 1 ? 1 : 0;
 						$hsts_preload = isset($_POST['hsts_preload']) && (int)$_POST['hsts_preload'] == 1 ? 1 : 0;
 						// OCSP stapling
 						$ocsp_stapling = isset($_POST['ocsp_stapling']) && (int)$_POST['ocsp_stapling'] == 1 ? 1 : 0;
 					} else {
 						$ssl_redirect = 0;
 						$letsencrypt = 0;
 						$http2 = 0;
 						// we need this for the serialize
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = - 1;
@@ -606,10 +612,14 @@ if ($page == 'domains' || $page == 'overview') {
 						$hsts_maxage = 0;
 						$hsts_sub = 0;
 						$hsts_preload = 0;
 						// OCSP stapling
 						$ocsp_stapling = 0;
 					}
 				} else {
 					$ssl_redirect = 0;
 					$letsencrypt = 0;
 					$http2 = 0;
 					// we need this for the serialize
 					// if ssl is disabled or no ssl-ip/port exists
 					$ssl_ipandports[] = - 1;
@@ -618,12 +628,20 @@ if ($page == 'domains' || $page == 'overview') {
 					$hsts_maxage = 0;
 					$hsts_sub = 0;
 					$hsts_preload = 0;
 					// OCSP stapling
 					$ocsp_stapling = 0;
 				}
-				// We can't enable let's encrypt for wildcard - domains
+				// We can't enable let's encrypt for wildcard - domains if using acme-v1
-				if ($serveraliasoption == '0' && $letsencrypt == '1') {
+				if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
 					standard_error('nowildcardwithletsencrypt');
 				}
 				// if using acme-v2 we cannot issue wildcard-certificates
 				// because they currently only support the dns-01 challenge
 				if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
 					standard_error('nowildcardwithletsencryptv2');
 				}
 				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
 				if ($ssl_redirect > 0 && $letsencrypt == 1) {
@@ -694,7 +712,7 @@ if ($page == 'domains' || $page == 'overview') {
 					standard_error('noipportgiven');
 				}
-				if($phpenabled != '1') {
+				if ($phpenabled != '1') {
 					$phpenabled = '0';
 				}
@@ -787,9 +805,11 @@ if ($page == 'domains' || $page == 'overview') {
 						'termination_date' => $termination_date,
 						'issubof' => $issubof,
 						'letsencrypt' => $letsencrypt,
 						'http2' => $http2,
 						'hsts_maxage' => $hsts_maxage,
 						'hsts_sub' => $hsts_sub,
-						'hsts_preload' => $hsts_preload
+						'hsts_preload' => $hsts_preload,
 						'ocsp_stapling' => $ocsp_stapling
 					);
 					$security_questions = array(
@@ -839,9 +859,11 @@ if ($page == 'domains' || $page == 'overview') {
 						'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 						'ismainbutsubto' => $issubof,
 						'letsencrypt' => $letsencrypt,
 						'http2' => $http2,
 						'hsts' => $hsts_maxage,
 						'hsts_sub' => $hsts_sub,
-						'hsts_preload' => $hsts_preload
+						'hsts_preload' => $hsts_preload,
 						'ocsp_stapling' => $ocsp_stapling
 					);
 					$ins_stmt = Database::prepare("
@@ -876,9 +898,11 @@ if ($page == 'domains' || $page == 'overview') {
 						`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests,
 						`ismainbutsubto` = :ismainbutsubto,
 						`letsencrypt` = :letsencrypt,
 						`http2` = :http2,
 						`hsts` = :hsts,
 						`hsts_sub` = :hsts_sub,
-						`hsts_preload` = :hsts_preload
+						`hsts_preload` = :hsts_preload,
 						`ocsp_stapling` = :ocsp_stapling
 					");
 					Database::pexecute($ins_stmt, $ins_data);
 					$domainid = Database::lastInsertId();
@@ -1058,11 +1082,15 @@ if ($page == 'domains' || $page == 'overview') {
 				}
 				$phpconfigs = '';
-				$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
+				$configs = Database::query("
 					SELECT c.*, fc.description as interpreter
 					FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
 					LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
 				");
 				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
 					if ((int) Settings::Get('phpfpm.enabled') == 1) {
-						$phpconfigs .= makeoption($row['description'], $row['id'], Settings::Get('phpfpm.defaultini'), true, true);
+						$phpconfigs .= makeoption($row['description'] . " [".$row['interpreter']."]", $row['id'], Settings::Get('phpfpm.defaultini'), true, true);
 					} else {
 						$phpconfigs .= makeoption($row['description'], $row['id'], Settings::Get('system.mod_fcgid_defaultini'), true, true);
 					}
@@ -1340,6 +1368,7 @@ if ($page == 'domains' || $page == 'overview') {
 					$phpenabled  = isset($_POST['phpenabled']) ? intval($_POST['phpenabled']) : 0;
 					$openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0;
 					$phpfs = (isset($_POST['phpsettingsforsubdomains']) && intval($_POST['phpsettingsforsubdomains']) == 1) ? 1 : 0;
 					if ((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) {
 						$phpsettingid = (int) $_POST['phpsettingid'];
@@ -1369,6 +1398,7 @@ if ($page == 'domains' || $page == 'overview') {
 						}
 					} else {
 						$phpsettingid = $result['phpsettingid'];
 						$phpfs = 1;
 						$mod_fcgid_starter = $result['mod_fcgid_starter'];
 						$mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests'];
 					}
@@ -1376,6 +1406,7 @@ if ($page == 'domains' || $page == 'overview') {
 					$phpenabled = $result['phpenabled'];
 					$openbasedir = $result['openbasedir'];
 					$phpsettingid = $result['phpsettingid'];
 					$phpfs = 1;
 					$mod_fcgid_starter = $result['mod_fcgid_starter'];
 					$mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests'];
 				}
@@ -1416,11 +1447,16 @@ if ($page == 'domains' || $page == 'overview') {
 						$letsencrypt = (int) $_POST['letsencrypt'];
 					}
 					$http2 = isset($_POST['http2']) && (int)$_POST['http2'] == 1 ? 1 : 0;
 					// HSTS
 					$hsts_maxage = isset($_POST['hsts_maxage']) ? (int)$_POST['hsts_maxage'] : 0;
 					$hsts_sub = isset($_POST['hsts_sub']) && (int)$_POST['hsts_sub'] == 1 ? 1 : 0;
 					$hsts_preload = isset($_POST['hsts_preload']) && (int)$_POST['hsts_preload'] == 1 ? 1 : 0;
 					// OCSP stapling
 					$ocsp_stapling = isset($_POST['ocsp_stapling']) && (int)$_POST['ocsp_stapling'] == 1 ? 1 : 0;
 					$ssl_ipandports = array();
 					if (isset($_POST['ssl_ipandport']) && ! is_array($_POST['ssl_ipandport'])) {
 						$_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']);
@@ -1450,6 +1486,7 @@ if ($page == 'domains' || $page == 'overview') {
 					} else {
 						$ssl_redirect = 0;
 						$letsencrypt = 0;
 						$http2 = 0;
 						// we need this for the serialize
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = - 1;
@@ -1458,10 +1495,14 @@ if ($page == 'domains' || $page == 'overview') {
 						$hsts_maxage = 0;
 						$hsts_sub = 0;
 						$hsts_preload = 0;
 						// OCSP stapling
 						$ocsp_stapling = 0;
 					}
 				} else {
 					$ssl_redirect = 0;
 					$letsencrypt = 0;
 					$http2 = 0;
 					// we need this for the serialize
 					// if ssl is disabled or no ssl-ip/port exists
 					$ssl_ipandports[] = - 1;
@@ -1470,12 +1511,20 @@ if ($page == 'domains' || $page == 'overview') {
 					$hsts_maxage = 0;
 					$hsts_sub = 0;
 					$hsts_preload = 0;
 					// OCSP stapling
 					$ocsp_stapling = 0;
 				}
-				// We can't enable let's encrypt for wildcard domains
+				// We can't enable let's encrypt for wildcard domains when using acme-v1
-				if ($serveraliasoption == '0' && $letsencrypt == '1') {
+				if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
 					standard_error('nowildcardwithletsencrypt');
 				}
 				// if using acme-v2 we cannot issue wildcard-certificates
 				// because they currently only support the dns-01 challenge
 				if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
 					standard_error('nowildcardwithletsencryptv2');
 				}
 				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
 				if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) {
@@ -1601,6 +1650,7 @@ if ($page == 'domains' || $page == 'overview') {
 					'phpenabled' => $phpenabled,
 					'openbasedir' => $openbasedir,
 					'phpsettingid' => $phpsettingid,
 					'phpsettingsforsubdomains' => $phpfs,
 					'mod_fcgid_starter' => $mod_fcgid_starter,
 					'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
 					'specialsettings' => $specialsettings,
@@ -1613,9 +1663,11 @@ if ($page == 'domains' || $page == 'overview') {
 					'ipandport' => serialize($ipandports),
 					'ssl_ipandport' => serialize($ssl_ipandports),
 					'letsencrypt' => $letsencrypt,
 					'http2' => $http2,
 					'hsts_maxage' => $hsts_maxage,
 					'hsts_sub' => $hsts_sub,
-					'hsts_preload' => $hsts_preload
+					'hsts_preload' => $hsts_preload,
 					'ocsp_stapling' => $ocsp_stapling
 				);
 				$security_questions = array(
@@ -1634,7 +1686,28 @@ if ($page == 'domains' || $page == 'overview') {
 				$wwwserveralias = ($serveraliasoption == '1') ? '1' : '0';
 				$iswildcarddomain = ($serveraliasoption == '0') ? '1' : '0';
-				if ($documentroot != $result['documentroot'] || $ssl_redirect != $result['ssl_redirect'] || $wwwserveralias != $result['wwwserveralias'] || $iswildcarddomain != $result['iswildcarddomain'] || $phpenabled != $result['phpenabled'] || $openbasedir != $result['openbasedir'] || $phpsettingid != $result['phpsettingid'] || $mod_fcgid_starter != $result['mod_fcgid_starter'] || $mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests'] || $specialsettings != $result['specialsettings'] || $aliasdomain != $result['aliasdomain'] || $issubof != $result['ismainbutsubto'] || $email_only != $result['email_only'] || ($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1') || $letsencrypt != $result['letsencrypt'] || $hsts_maxage != $result['hsts'] || $hsts_sub != $result['hsts_sub'] || $hsts_preload != $result['hsts_preload']) {
+				if (
 					$documentroot != $result['documentroot'] ||
 					$ssl_redirect != $result['ssl_redirect'] ||
 					$wwwserveralias != $result['wwwserveralias'] ||
 					$iswildcarddomain != $result['iswildcarddomain'] ||
 					$phpenabled != $result['phpenabled'] ||
 					$openbasedir != $result['openbasedir'] ||
 					$phpsettingid != $result['phpsettingid'] ||
 					$mod_fcgid_starter != $result['mod_fcgid_starter'] ||
 					$mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests'] ||
 					$specialsettings != $result['specialsettings'] ||
 					$aliasdomain != $result['aliasdomain'] ||
 					$issubof != $result['ismainbutsubto'] ||
 					$email_only != $result['email_only'] ||
 					($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1') ||
 					$letsencrypt != $result['letsencrypt'] ||
 					$http2 != $result['http2'] ||
 					$hsts_maxage != $result['hsts'] ||
 					$hsts_sub != $result['hsts_sub'] ||
 					$hsts_preload != $result['hsts_preload'] ||
 					$ocsp_stapling != $result['ocsp_stapling']
 				) {
 					inserttask('1');
 				}
@@ -1786,9 +1859,11 @@ if ($page == 'domains' || $page == 'overview') {
 				$update_data['termination_date'] = $termination_date;
 				$update_data['ismainbutsubto'] = $issubof;
 				$update_data['letsencrypt'] = $letsencrypt;
 				$update_data['http2'] = $http2;
 				$update_data['hsts'] = $hsts_maxage;
 				$update_data['hsts_sub'] = $hsts_sub;
 				$update_data['hsts_preload'] = $hsts_preload;
 				$update_data['ocsp_stapling'] = $ocsp_stapling;
 				$update_data['id'] = $id;
 				$update_stmt = Database::prepare("
@@ -1818,9 +1893,11 @@ if ($page == 'domains' || $page == 'overview') {
 					`termination_date` = :termination_date,
 					`ismainbutsubto` = :ismainbutsubto,
 					`letsencrypt` = :letsencrypt,
 					`http2` = :http2,
 					`hsts` = :hsts,
 					`hsts_sub` = :hsts_sub,
-					`hsts_preload` = :hsts_preload
+					`hsts_preload` = :hsts_preload,
 					`ocsp_stapling` = :ocsp_stapling
 					WHERE `id` = :id
 				");
 				Database::pexecute($update_stmt, $update_data);
@@ -1829,11 +1906,18 @@ if ($page == 'domains' || $page == 'overview') {
 				$_update_data['adminid'] = $adminid;
 				$_update_data['phpenabled'] = $phpenabled;
 				$_update_data['openbasedir'] = $openbasedir;
 				$_update_data['phpsettingid'] = $phpsettingid;
 				$_update_data['mod_fcgid_starter'] = $mod_fcgid_starter;
 				$_update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests;
 				$_update_data['parentdomainid'] = $id;
 				// if php config is to be set for all subdomains, check here
 				$update_phpconfig = '';
 				$phpfs = isset($_POST['phpsettingsforsubdomains']) ? 1 : 0;
 				if ($phpfs == 1) {
 					$_update_data['phpsettingid'] = $phpsettingid;
 					$update_phpconfig = ", `phpsettingid` = :phpsettingid";
 				}
 				// if we have no more ssl-ip's for this domain,
 				// all its subdomains must have "ssl-redirect = 0"
 				// and disable let's encrypt
@@ -1848,10 +1932,9 @@ if ($page == 'domains' || $page == 'overview') {
 					`adminid` = :adminid,
 					`phpenabled` = :phpenabled,
 					`openbasedir` = :openbasedir,
 					`phpsettingid` = :phpsettingid,
 					`mod_fcgid_starter` = :mod_fcgid_starter,
 					`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests
-					" . $upd_specialsettings . $updatechildren . $update_sslredirect . "
+					" . $update_phpconfig . $upd_specialsettings . $updatechildren . $update_sslredirect . "
 					WHERE `parentdomainid` = :parentdomainid
 				");
 				Database::pexecute($_update_stmt, $_update_data);
@@ -2121,10 +2204,25 @@ if ($page == 'domains' || $page == 'overview') {
 				$result['add_date'] = date('Y-m-d', $result['add_date']);
 				$phpconfigs = '';
-				$phpconfigs_result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
+				$phpconfigs_result_stmt = Database::query("
 					SELECT c.*, fc.description as interpreter
 					FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
 					LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
 				");
 				$c_allowed_configs = getCustomerDetail($result['customerid'], 'allowed_phpconfigs');
 				if (!empty($c_allowed_configs)) {
 					$c_allowed_configs = json_decode($c_allowed_configs, true);
 				} else {
 					$c_allowed_configs = array();
 				}
 				while ($phpconfigs_row = $phpconfigs_result_stmt->fetch(PDO::FETCH_ASSOC)) {
-					$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true);
+					$disabled = !empty($c_allowed_configs) && !in_array($phpconfigs_row['id'], $c_allowed_configs);
 					if ((int) Settings::Get('phpfpm.enabled') == 1) {
 						$phpconfigs .= makeoption($phpconfigs_row['description'] . " [".$phpconfigs_row['interpreter']."]", $phpconfigs_row['id'], $result['phpsettingid'], true, true, null, $disabled);
 					} else {
 						$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true, null, $disabled);
 					}
 				}
 				$result = htmlentities_array($result);
@@ -2140,6 +2238,13 @@ if ($page == 'domains' || $page == 'overview') {
 				eval("echo \"" . getTemplate("domains/domains_edit") . "\";");
 			}
 		}
 	} elseif ($action == 'jqGetCustomerPHPConfigs') {
 		$customerid = intval($_POST['customerid']);
 		$allowed_phpconfigs = getCustomerDetail($customerid, 'allowed_phpconfigs');
 		echo !empty($allowed_phpconfigs) ? $allowed_phpconfigs : json_encode(array());
 		exit;
 	} elseif ($action == 'import') {
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
@@ -2164,6 +2269,8 @@ if ($page == 'domains' || $page == 'overview') {
 			// update customer/admin counters
 			updateCounters(false);
 			inserttask('1');
 			inserttask('4');
 			$result_str = $result['imported'] . ' / ' . $result['all'];
 			standard_success('domain_import_successfully', $result_str, array(
--- a/admin_index.php
+++ b/admin_index.php
@@ -86,41 +86,31 @@ if ($page == 'overview') {
 		|| (isset($lookfornewversion) && $lookfornewversion == 'yes')
 	) {
 		$update_check_uri = 'http://version.froxlor.org/Froxlor/legacy/' . $version;
 		$latestversion = HttpClient::urlGet($update_check_uri);
 		$latestversion = explode('|', $latestversion);
-		if (ini_get('allow_url_fopen')) {
+		if (is_array($latestversion)
-			$latestversion = @file($update_check_uri);
+			&& count($latestversion) >= 1
 		) {
 			$_version = $latestversion[0];
 			$_message = isset($latestversion[1]) ? $latestversion[1] : '';
 			$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
-			if (isset($latestversion[0])) {
+			// add the branding so debian guys are not gettings confused
-				$latestversion = explode('|', $latestversion[0]);
+			// about their version-number
 			$lookfornewversion_lable = $_version.$branding;
 			$lookfornewversion_link = $_link;
 			$lookfornewversion_addinfo = $_message;
-				if (is_array($latestversion)
+			// not numeric -> error-message
-					&& count($latestversion) >= 1
+			if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
-				) {
+				// check for customized version to not output
-					$_version = $latestversion[0];
+				// "There is a newer version of froxlor" besides the error-message
-					$_message = isset($latestversion[1]) ? $latestversion[1] : '';
+				$isnewerversion = 2;
-					$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
+			} elseif (version_compare2($version, $_version) == -1) {
-
+				$isnewerversion = 1;
 					// add the branding so debian guys are not gettings confused
 					// about their version-number
 					$lookfornewversion_lable = $_version.$branding;
 					$lookfornewversion_link = $_link;
 					$lookfornewversion_addinfo = $_message;
 					// not numeric -> error-message
 					if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
 						// check for customized version to not output
 						// "There is a newer version of froxlor" besides the error-message
 						$isnewerversion = 2;
 					} elseif (version_compare2($version, $_version) == -1) {
 						$isnewerversion = 1;
 					} else {
 						$isnewerversion = 0;
 					}
 				} else {
 					redirectTo($update_check_uri.'/pretty', NULL, false);
 				}
 			} else {
-				redirectTo($update_check_uri.'/pretty', NULL, false);
+				$isnewerversion = 0;
 			}
 		} else {
 			redirectTo($update_check_uri.'/pretty', NULL, false);
@@ -280,7 +270,7 @@ if ($page == 'overview') {
 			$default_lang = $userinfo['def_language'];
 		}
-		while (list($language_file, $language_name) = each($languages)) {
+		foreach ($languages as $language_file => $language_name) {
 			$language_options.= makeoption($language_name, $language_file, $default_lang, true);
 		}
--- a/admin_logger.php
+++ b/admin_logger.php
@@ -30,11 +30,11 @@ if ($page == 'log'
 			'user' => $lng['logger']['user'],
 			'text' => $lng['logger']['action']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc');
+		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc', 30);
-		$result_stmt = Database::query('
+		$query = 'SELECT * FROM `' . TABLE_PANEL_LOG . '` ' . $paging->getSqlWhere(false) . ' ' . $paging->getSqlOrderBy();
-			SELECT * FROM `' . TABLE_PANEL_LOG . '` ' . $paging->getSqlWhere(false) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit()
+		$result_stmt = Database::query($query . ' ' . $paging->getSqlLimit());
-		);
+		$result_cnt_stmt = Database::query($query);
-		$logs_count = Database::num_rows();
+		$logs_count = $result_cnt_stmt->rowCount();
 		$paging->setEntries($logs_count);
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -67,7 +67,7 @@ if ($page == 'log'
 		foreach ($clog as $action => $logrows) {
 			$_action = 0;
 			foreach ($logrows as $row) {
-				if ($paging->checkDisplay($i)) {
+				// if ($paging->checkDisplay($i)) {
 					$row = htmlentities_array($row);
 					$row['date'] = date("d.m.y H:i:s", $row['date']);
@@ -105,7 +105,7 @@ if ($page == 'log'
 					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
 					$count++;
 					$_action = $action;
-				}
+				// }
 				$i++;
 			}
 			$i++;
--- a/admin_phpsettings.php
+++ b/admin_phpsettings.php
@@ -16,7 +16,6 @@
 * @package    Panel
 *
 */
 define('AREA', 'admin');
 require './lib/init.php';
@@ -32,33 +31,39 @@ if ($page == 'overview') {
 		$tablecontent = '';
 		$count = 0;
-		$result = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
+		$result = Database::query("
 			SELECT c.*, fd.description as fpmdesc
 			FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
 			LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fd ON fd.id = c.fpmsettingid
 			ORDER BY c.description ASC
 		");
 		while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
 			$domainresult = false;
-			$query_params = array('id' => $row['id']);
+			$query_params = array(
 				'id' => $row['id']
 			);
-			$query = "SELECT * FROM `".TABLE_PANEL_DOMAINS."`
+			$query = "SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
 					WHERE `phpsettingid` = :id
 					AND `parentdomainid` = '0'";
-			if ((int)$userinfo['domains_see_all'] == 0) {
+			if ((int) $userinfo['domains_see_all'] == 0) {
 				$query .= " AND `adminid` = :adminid";
 				$query_params['adminid'] = $userinfo['adminid'];
 			}
-			if ((int)Settings::Get('panel.phpconfigs_hidestdsubdomain') == 1) {
+			if ((int) Settings::Get('panel.phpconfigs_hidestdsubdomain') == 1) {
 				$ssdids_res = Database::query("
-					SELECT DISTINCT `standardsubdomain` FROM `".TABLE_PANEL_CUSTOMERS."`
+					SELECT DISTINCT `standardsubdomain` FROM `" . TABLE_PANEL_CUSTOMERS . "`
-					WHERE `standardsubdomain` > 0 ORDER BY `standardsubdomain` ASC;"
+					WHERE `standardsubdomain` > 0 ORDER BY `standardsubdomain` ASC;");
 				);
 				$ssdids = array();
 				while ($ssd = $ssdids_res->fetch(PDO::FETCH_ASSOC)) {
 					$ssdids[] = $ssd['standardsubdomain'];
 				}
 				if (count($ssdids) > 0) {
-					$query .= " AND `id` NOT IN (".implode(', ', $ssdids).")";
+					$query .= " AND `id` NOT IN (" . implode(', ', $ssdids) . ")";
 				}
 			}
@@ -68,14 +73,12 @@ if ($page == 'overview') {
 			$domains = '';
 			if (Database::num_rows() > 0) {
 				while ($row2 = $domainresult_stmt->fetch(PDO::FETCH_ASSOC)) {
-					$domains.= $row2['domain'] . '<br/>';
+					$domains .= $row2['domain'] . '<br/>';
 				}
 			}
 			// check whether we use that config as froxor-vhost config
-			if (Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $row['id']
+			if (Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $row['id'] || Settings::Get('phpfpm.vhost_defaultini') == $row['id']) {
 				|| Settings::Get('phpfpm.vhost_defaultini') == $row['id']
 			) {
 				$domains .= Settings::Get('system.hostname');
 			}
@@ -84,12 +87,8 @@ if ($page == 'overview') {
 			}
 			// check whether this is our default config
-			if ((Settings::Get('system.mod_fcgid') == '1'
+			if ((Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini') == $row['id']) || (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.defaultini') == $row['id'])) {
-				&& Settings::Get('system.mod_fcgid_defaultini') == $row['id'])
+				$row['description'] = '<b>' . $row['description'] . '</b>';
 				|| (Settings::Get('phpfpm.enabled') == '1'
 				&& Settings::Get('phpfpm.defaultini') == $row['id'])
 			) {
 				$row['description'] = '<b>'.$row['description'].'</b>';
 			}
 			$count ++;
@@ -102,29 +101,36 @@ if ($page == 'overview') {
 	if ($action == 'add') {
-		if ((int)$userinfo['change_serversettings'] == 1) {
+		if ((int) $userinfo['change_serversettings'] == 1) {
-			if (isset($_POST['send'])
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				&& $_POST['send'] == 'send'
 			) {
 				$description = validate($_POST['description'], 'description');
 				$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');
 				if (Settings::Get('system.mod_fcgid') == 1) {
 					$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
 					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
-					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array(
-					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+						'-1',
 						''
 					));
 					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array(
 						'-1',
 						''
 					));
 					$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
 					// disable fpm stuff
 					$fpm_config_id = 1;
 					$fpm_enableslowlog = 0;
 					$fpm_reqtermtimeout = 0;
 					$fpm_reqslowtimeout = 0;
-				}
+					$fpm_pass_authorizationheader = 0;
-				elseif (Settings::Get('phpfpm.enabled') == 1) {
+				} elseif (Settings::Get('phpfpm.enabled') == 1) {
-					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
+					$fpm_config_id = intval($_POST['fpmconfig']);
 					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int) $_POST['phpfpm_enable_slowlog'] : 0;
 					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_pass_authorizationheader = isset($_POST['phpfpm_pass_authorizationheader']) ? (int) $_POST['phpfpm_pass_authorizationheader'] : 0;
 					// disable fcgid stuff
 					$binary = '/usr/bin/php-cgi';
 					$file_extensions = 'php';
@@ -133,9 +139,7 @@ if ($page == 'overview') {
 					$mod_fcgid_umask = "022";
 				}
-				if (strlen($description) == 0
+				if (strlen($description) == 0 || strlen($description) > 50) {
 					|| strlen($description) > 50
 				) {
 					standard_error('descriptioninvalid');
 				}
@@ -150,8 +154,9 @@ if ($page == 'overview') {
 						`fpm_slowlog` = :fpmslow,
 						`fpm_reqterm` = :fpmreqterm,
 						`fpm_reqslow` = :fpmreqslow,
-						`phpsettings` = :phpsettings"
+						`phpsettings` = :phpsettings,
-				);
+						`fpmsettingid` = :fpmsettingid,
 						`pass_authorizationheader` = :fpmpassauth");
 				$ins_data = array(
 					'desc' => $description,
 					'binary' => $binary,
@@ -162,20 +167,30 @@ if ($page == 'overview') {
 					'fpmslow' => $fpm_enableslowlog,
 					'fpmreqterm' => $fpm_reqtermtimeout,
 					'fpmreqslow' => $fpm_reqslowtimeout,
-					'phpsettings' => $phpsettings
+					'phpsettings' => $phpsettings,
 					'fpmsettingid' => $fpm_config_id,
 					'fpmpassauth' => $fpm_pass_authorizationheader
 				);
 				Database::pexecute($ins_stmt, $ins_data);
 				inserttask('1');
 				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $description . "' has been created by '" . $userinfo['loginname'] . "'");
-				redirectTo($filename, array('page' => $page, 's' => $s));
+				redirectTo($filename, array(
-
+					'page' => $page,
 					's' => $s
 				));
 			} else {
 				$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = 1");
 				$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-				$phpconfig_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php';
+				$fpmconfigs = '';
 				$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC");
 				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
 					$fpmconfigs .= makeoption($row['description'], $row['id'], 1, true, true);
 				}
 				$phpconfig_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php';
 				$phpconfig_add_form = htmlform::genHTMLForm($phpconfig_add_data);
 				$title = $phpconfig_add_data['phpconfig_add']['title'];
@@ -183,7 +198,6 @@ if ($page == 'overview') {
 				eval("echo \"" . getTemplate("phpconfig/overview_add") . "\";");
 			}
 		} else {
 			standard_error('nopermissionsorinvalidid');
 		}
@@ -192,54 +206,50 @@ if ($page == 'overview') {
 	if ($action == 'delete') {
 		$result_stmt = Database::prepare("
-			SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
+			SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
-		);
+		$result = Database::pexecute_first($result_stmt, array(
-		$result = Database::pexecute_first($result_stmt, array('id' => $id));
+			'id' => $id
 		));
-		if ((Settings::Get('system.mod_fcgid') == '1'
+		if ((Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $id) || (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.vhost_defaultini') == $id)) {
 			&& Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $id)
 			|| (Settings::Get('phpfpm.enabled') == '1'
 			&& Settings::Get('phpfpm.vhost_defaultini') == $id)
 		) {
 			standard_error('cannotdeletehostnamephpconfig');
 		}
-		if ((Settings::Get('system.mod_fcgid') == '1'
+		if ((Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini') == $id) || (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.defaultini') == $id)) {
 			&& Settings::Get('system.mod_fcgid_defaultini') == $id)
 			|| (Settings::Get('phpfpm.enabled') == '1'
 			&& Settings::Get('phpfpm.defaultini') == $id)
 		) {
 			standard_error('cannotdeletedefaultphpconfig');
 		}
-		if ($result['id'] != 0
+		if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1 && $id != 1) // cannot delete the default php.config
-			&& $result['id'] == $id
+		{
 			&& (int)$userinfo['change_serversettings'] == 1
 			&& $id != 1 // cannot delete the default php.config
 		) {
-			if (isset($_POST['send'])
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				&& $_POST['send'] == 'send'
 			) {
 				// set php-config to default for all domains using the
 				// config that is to be deleted
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
-					`phpsettingid` = '1' WHERE `phpsettingid` = :id"
+					`phpsettingid` = '1' WHERE `phpsettingid` = :id");
-				);
+				Database::pexecute($upd_stmt, array(
-				Database::pexecute($upd_stmt, array('id' => $id));
+					'id' => $id
 				));
 				$del_stmt = Database::prepare("
-					DELETE FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
+					DELETE FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
-				);
+				Database::pexecute($del_stmt, array(
-				Database::pexecute($del_stmt, array('id' => $id));
+					'id' => $id
 				));
 				inserttask('1');
-				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with id #" . (int)$id . " has been deleted by '" . $userinfo['loginname'] . "'");
+				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with id #" . (int) $id . " has been deleted by '" . $userinfo['loginname'] . "'");
-				redirectTo($filename, array('page' => $page, 's' => $s));
+				redirectTo($filename, array(
-
+					'page' => $page,
 					's' => $s
 				));
 			} else {
-				ask_yesno('phpsetting_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['description']);
+				ask_yesno('phpsetting_reallydelete', $filename, array(
 					'id' => $id,
 					'page' => $page,
 					'action' => $action
 				), $result['description']);
 			}
 		} else {
 			standard_error('nopermissionsorinvalidid');
@@ -249,36 +259,41 @@ if ($page == 'overview') {
 	if ($action == 'edit') {
 		$result_stmt = Database::prepare("
-			SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
+			SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
-		);
+		$result = Database::pexecute_first($result_stmt, array(
-		$result = Database::pexecute_first($result_stmt, array('id' => $id));
+			'id' => $id
 		));
-		if ($result['id'] != 0
+		if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1) {
 			&& $result['id'] == $id
 			&& (int)$userinfo['change_serversettings'] == 1
 		) {
-			if (isset($_POST['send'])
+			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				&& $_POST['send'] == 'send'
 			) {
 				$description = validate($_POST['description'], 'description');
 				$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');
 				if (Settings::Get('system.mod_fcgid') == 1) {
 					$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
 					$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
-					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
+					$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array(
-					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
+						'-1',
 						''
 					));
 					$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array(
 						'-1',
 						''
 					));
 					$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
 					// disable fpm stuff
 					$fpm_config_id = 1;
 					$fpm_enableslowlog = 0;
 					$fpm_reqtermtimeout = 0;
 					$fpm_reqslowtimeout = 0;
-				}
+					$fpm_pass_authorizationheader = 0;
-				elseif (Settings::Get('phpfpm.enabled') == 1) {
+				} elseif (Settings::Get('phpfpm.enabled') == 1) {
-					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
+					$fpm_config_id = intval($_POST['fpmconfig']);
 					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int) $_POST['phpfpm_enable_slowlog'] : 0;
 					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_pass_authorizationheader = isset($_POST['phpfpm_pass_authorizationheader']) ? (int) $_POST['phpfpm_pass_authorizationheader'] : 0;
 					// disable fcgid stuff
 					$binary = '/usr/bin/php-cgi';
 					$file_extensions = 'php';
@@ -287,9 +302,7 @@ if ($page == 'overview') {
 					$mod_fcgid_umask = "022";
 				}
-				if (strlen($description) == 0
+				if (strlen($description) == 0 || strlen($description) > 50) {
 					|| strlen($description) > 50
 				) {
 					standard_error('descriptioninvalid');
 				}
@@ -304,31 +317,42 @@ if ($page == 'overview') {
 						`fpm_slowlog` = :fpmslow,
 						`fpm_reqterm` = :fpmreqterm,
 						`fpm_reqslow` = :fpmreqslow,
-						`phpsettings` = :phpsettings
+						`phpsettings` = :phpsettings,
-					WHERE `id` = :id"
+						`fpmsettingid` = :fpmsettingid,
-				);
+						`pass_authorizationheader` = :fpmpassauth
 					WHERE `id` = :id");
 				$upd_data = array(
-						'desc' => $description,
+					'desc' => $description,
-						'binary' => $binary,
+					'binary' => $binary,
-						'fext' => $file_extensions,
+					'fext' => $file_extensions,
-						'starter' => $mod_fcgid_starter,
+					'starter' => $mod_fcgid_starter,
-						'mreq' => $mod_fcgid_maxrequests,
+					'mreq' => $mod_fcgid_maxrequests,
-						'umask' => $mod_fcgid_umask,
+					'umask' => $mod_fcgid_umask,
-						'fpmslow' => $fpm_enableslowlog,
+					'fpmslow' => $fpm_enableslowlog,
-						'fpmreqterm' => $fpm_reqtermtimeout,
+					'fpmreqterm' => $fpm_reqtermtimeout,
-						'fpmreqslow' => $fpm_reqslowtimeout,
+					'fpmreqslow' => $fpm_reqslowtimeout,
-						'phpsettings' => $phpsettings,
+					'phpsettings' => $phpsettings,
-						'id' => $id
+					'fpmsettingid' => $fpm_config_id,
 					'fpmpassauth' => $fpm_pass_authorizationheader,
 					'id' => $id
 				);
 				Database::pexecute($upd_stmt, $upd_data);
 				inserttask('1');
 				$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $description . "' has been changed by '" . $userinfo['loginname'] . "'");
-				redirectTo($filename, array('page' => $page, 's' => $s));
+				redirectTo($filename, array(
-
+					'page' => $page,
 					's' => $s
 				));
 			} else {
-				$phpconfig_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php';
+				$fpmconfigs = '';
 				$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC");
 				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
 					$fpmconfigs .= makeoption($row['description'], $row['id'], $result['fpmsettingid'], true, true);
 				}
 				$phpconfig_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php';
 				$phpconfig_edit_form = htmlform::genHTMLForm($phpconfig_edit_data);
 				$title = $phpconfig_edit_data['phpconfig_edit']['title'];
@@ -336,7 +360,249 @@ if ($page == 'overview') {
 				eval("echo \"" . getTemplate("phpconfig/overview_edit") . "\";");
 			}
 		} else {
 			standard_error('nopermissionsorinvalidid');
 		}
 	}
 } elseif ($page == 'fpmdaemons') {
 	if ($action == '') {
 		$tablecontent = '';
 		$count = 0;
 		$result = Database::query("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC");
 		while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
 			$query_params = array(
 				'id' => $row['id']
 			);
 			$query = "SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `fpmsettingid` = :id";
 			$configresult_stmt = Database::prepare($query);
 			Database::pexecute($configresult_stmt, $query_params);
 			$configs = '';
 			if (Database::num_rows() > 0) {
 				while ($row2 = $configresult_stmt->fetch(PDO::FETCH_ASSOC)) {
 					$configs .= $row2['description'] . '<br/>';
 				}
 			}
 			if ($configs == '') {
 				$configs = $lng['admin']['phpsettings']['notused'];
 			}
 			$count ++;
 			eval("\$tablecontent.=\"" . getTemplate("phpconfig/fpmdaemons_overview") . "\";");
 		}
 		$log->logAction(ADM_ACTION, LOG_INFO, "fpm daemons setting overview has been viewed by '" . $userinfo['loginname'] . "'");
 		eval("echo \"" . getTemplate("phpconfig/fpmdaemons") . "\";");
 	}
 	if ($action == 'add') {
 		if ((int) $userinfo['change_serversettings'] == 1) {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$description = validate($_POST['description'], 'description');
 				$reload_cmd = validate($_POST['reload_cmd'], 'reload_cmd');
 				$config_dir = validate($_POST['config_dir'], 'config_dir');
 				$pm = $_POST['pm'];
 				$max_children = isset($_POST['max_children']) ? (int) $_POST['max_children'] : 0;
 				$start_servers = isset($_POST['start_servers']) ? (int) $_POST['start_servers'] : 0;
 				$min_spare_servers = isset($_POST['min_spare_servers']) ? (int) $_POST['min_spare_servers'] : 0;
 				$max_spare_servers = isset($_POST['max_spare_servers']) ? (int) $_POST['max_spare_servers'] : 0;
 				$max_requests = isset($_POST['max_requests']) ? (int) $_POST['max_requests'] : 0;
 				$idle_timeout = isset($_POST['idle_timeout']) ? (int) $_POST['idle_timeout'] : 0;
 				$limit_extensions = validate($_POST['limit_extensions'], 'limit_extensions', '/^(\.[a-z]([a-z0-9]+)\ ?)+$/');
 				if (strlen($description) == 0 || strlen($description) > 50) {
 					standard_error('descriptioninvalid');
 				}
 				$ins_stmt = Database::prepare("
 					INSERT INTO `" . TABLE_PANEL_FPMDAEMONS . "` SET
 					`description` = :desc,
 					`reload_cmd` = :reload_cmd,
 					`config_dir` = :config_dir,
 					`pm` = :pm,
 					`max_children` = :max_children,
 					`start_servers` = :start_servers,
 					`min_spare_servers` = :min_spare_servers,
 					`max_spare_servers` = :max_spare_servers,
 					`max_requests` = :max_requests,
 					`idle_timeout` = :idle_timeout,
 					`limit_extensions` = :limit_extensions
 				");
 				$ins_data = array(
 					'desc' => $description,
 					'reload_cmd' => $reload_cmd,
 					'config_dir' => makeCorrectDir($config_dir),
 					'pm' => $pm,
 					'max_children' => $max_children,
 					'start_servers' => $start_servers,
 					'min_spare_servers' => $min_spare_servers,
 					'max_spare_servers' => $max_spare_servers,
 					'max_requests' => $max_requests,
 					'idle_timeout' => $idle_timeout,
 					'limit_extensions' => $limit_extensions
 				);
 				Database::pexecute($ins_stmt, $ins_data);
 				inserttask('1');
 				$log->logAction(ADM_ACTION, LOG_INFO, "fpm-daemon setting with description '" . $description . "' has been created by '" . $userinfo['loginname'] . "'");
 				redirectTo($filename, array(
 					'page' => $page,
 					's' => $s
 				));
 			} else {
 				$pm_select = makeoption('static', 'static', 'static', true, true);
 				$pm_select.= makeoption('dynamic', 'dynamic', 'static', true, true);
 				$pm_select.= makeoption('ondemand', 'ondemand', 'static', true, true);
 				$fpmconfig_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php';
 				$fpmconfig_add_form = htmlform::genHTMLForm($fpmconfig_add_data);
 				$title = $fpmconfig_add_data['fpmconfig_add']['title'];
 				$image = $fpmconfig_add_data['fpmconfig_add']['image'];
 				eval("echo \"" . getTemplate("phpconfig/fpmconfig_add") . "\";");
 			}
 		} else {
 			standard_error('nopermissionsorinvalidid');
 		}
 	}
 	if ($action == 'delete') {
 		$result_stmt = Database::prepare("
 			SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
 		$result = Database::pexecute_first($result_stmt, array(
 			'id' => $id
 		));
 		if ($id == 1) {
 			standard_error('cannotdeletedefaultphpconfig');
 		}
 		if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1 && $id != 1) // cannot delete the default php.config
 		{
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				// set default fpm daemon config for all php-config that use this config that is to be deleted
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET
 					`fpmsettingid` = '1' WHERE `fpmsettingid` = :id");
 				Database::pexecute($upd_stmt, array(
 					'id' => $id
 				));
 				$del_stmt = Database::prepare("
 					DELETE FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
 				Database::pexecute($del_stmt, array(
 					'id' => $id
 				));
 				inserttask('1');
 				$log->logAction(ADM_ACTION, LOG_INFO, "fpm-daemon setting with id #" . (int) $id . " has been deleted by '" . $userinfo['loginname'] . "'");
 				redirectTo($filename, array(
 					'page' => $page,
 					's' => $s
 				));
 			} else {
 				ask_yesno('fpmsetting_reallydelete', $filename, array(
 					'id' => $id,
 					'page' => $page,
 					'action' => $action
 				), $result['description']);
 			}
 		} else {
 			standard_error('nopermissionsorinvalidid');
 		}
 	}
 	if ($action == 'edit') {
 		$result_stmt = Database::prepare("
 			SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
 		$result = Database::pexecute_first($result_stmt, array(
 			'id' => $id
 		));
 		if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1) {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				$description = validate($_POST['description'], 'description');
 				$reload_cmd = validate($_POST['reload_cmd'], 'reload_cmd');
 				$config_dir = validate($_POST['config_dir'], 'config_dir');
 				$pm = $_POST['pm'];
 				$max_children = isset($_POST['max_children']) ? (int) $_POST['max_children'] : $result['max_children'];
 				$start_servers = isset($_POST['start_servers']) ? (int) $_POST['start_servers'] : $result['start_servers'];
 				$min_spare_servers = isset($_POST['min_spare_servers']) ? (int) $_POST['min_spare_servers'] : $result['min_spare_servers'];
 				$max_spare_servers = isset($_POST['max_spare_servers']) ? (int) $_POST['max_spare_servers'] : $result['max_spare_servers'];
 				$max_requests = isset($_POST['max_requests']) ? (int) $_POST['max_requests'] : $result['max_requests'];
 				$idle_timeout = isset($_POST['idle_timeout']) ? (int) $_POST['idle_timeout'] : $result['idle_timeout'];
 				$limit_extensions = validate($_POST['limit_extensions'], 'limit_extensions', '/^(\.[a-z]([a-z0-9]+)\ ?)+$/');
 				if (strlen($description) == 0 || strlen($description) > 50) {
 					standard_error('descriptioninvalid');
 				}
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_FPMDAEMONS . "` SET
 					`description` = :desc,
 					`reload_cmd` = :reload_cmd,
 					`config_dir` = :config_dir,
 					`pm` = :pm,
 					`max_children` = :max_children,
 					`start_servers` = :start_servers,
 					`min_spare_servers` = :min_spare_servers,
 					`max_spare_servers` = :max_spare_servers,
 					`max_requests` = :max_requests,
 					`idle_timeout` = :idle_timeout,
 					`limit_extensions` = :limit_extensions
 					WHERE `id` = :id
 				");
 				$upd_data = array(
 					'desc' => $description,
 					'reload_cmd' => $reload_cmd,
 					'config_dir' => makeCorrectDir($config_dir),
 					'pm' => $pm,
 					'max_children' => $max_children,
 					'start_servers' => $start_servers,
 					'min_spare_servers' => $min_spare_servers,
 					'max_spare_servers' => $max_spare_servers,
 					'max_requests' => $max_requests,
 					'idle_timeout' => $idle_timeout,
 					'limit_extensions' => $limit_extensions,
 					'id' => $id
 				);
 				Database::pexecute($upd_stmt, $upd_data);
 				inserttask('1');
 				$log->logAction(ADM_ACTION, LOG_INFO, "fpm-daemon setting with description '" . $description . "' has been changed by '" . $userinfo['loginname'] . "'");
 				redirectTo($filename, array(
 					'page' => $page,
 					's' => $s
 				));
 			} else {
 				$pm_select = makeoption('static', 'static', $result['pm'], true, true);
 				$pm_select.= makeoption('dynamic', 'dynamic', $result['pm'], true, true);
 				$pm_select.= makeoption('ondemand', 'ondemand', $result['pm'], true, true);
 				$fpmconfig_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php';
 				$fpmconfig_edit_form = htmlform::genHTMLForm($fpmconfig_edit_data);
 				$title = $fpmconfig_edit_data['fpmconfig_edit']['title'];
 				$image = $fpmconfig_edit_data['fpmconfig_edit']['image'];
 				eval("echo \"" . getTemplate("phpconfig/fpmconfig_edit") . "\";");
 			}
 		} else {
 			standard_error('nopermissionsorinvalidid');
 		}
--- a/admin_settings.php
+++ b/admin_settings.php
@@ -290,3 +290,107 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 	}
 	eval("echo \"" . getTemplate("settings/integritycheck") . "\";");
 }
 elseif ($page == 'importexport' && $userinfo['change_serversettings'] == '1')
 {
 	// check for json-stuff
 	if (! extension_loaded('json')) {
 		standard_error('jsonextensionnotfound');
 	}
 	if (isset($_GET['action']) && $_GET['action'] == "export") {
 		// export
 		try {
 			$json_export = SImExporter::export();
 		} catch(Exception $e) {
 			dynamic_error($e->getMessage());
 		}
 		header('Content-disposition: attachment; filename=Froxlor_settings-'.$version.'-'.$dbversion.'_'.date('d.m.Y').'.json');
 		header('Content-type: application/json');
 		echo $json_export;
 		exit;
 	} elseif (isset($_GET['action']) && $_GET['action'] == "import") {
 		// import
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			// get uploaded file
 			if (isset($_FILES["import_file"]["tmp_name"])) {
 				$imp_content = file_get_contents($_FILES["import_file"]["tmp_name"]);
 				try {
 					SImExporter::import($imp_content);
 				} catch(Exception $e) {
 					dynamic_error($e->getMessage());
 				}
 				standard_success('settingsimported', '', array('filename' => 'admin_settings.php'));
 			}
 			dynamic_error("Upload failed");
 		}
 	} else {
 		eval("echo \"" . getTemplate("settings/importexport/index") . "\";");
 	}
 }
 elseif ($page == 'testmail')
 {
 		if (isset($_POST['send']) && $_POST['send'] == 'send')
 		{
 			$test_addr = isset($_POST['test_addr']) ? $_POST['test_addr'] : null;
 			/**
 			 * Initialize the mailingsystem
 			 */
 			$testmail = new PHPMailer(true);
 			$testmail->CharSet = "UTF-8";
 			if (Settings::Get('system.mail_use_smtp')) {
 				$testmail->isSMTP();
 				$testmail->Host = Settings::Get('system.mail_smtp_host');
 				$testmail->SMTPAuth = Settings::Get('system.mail_smtp_auth') == '1' ? true : false;
 				$testmail->Username = Settings::Get('system.mail_smtp_user');
 				$testmail->Password = Settings::Get('system.mail_smtp_passwd');
 				if (Settings::Get('system.mail_smtp_usetls')) {
 					$testmail->SMTPSecure = 'tls';
 				} else {
 					$testmail->SMTPAutoTLS = false;
 				}
 				$testmail->Port = Settings::Get('system.mail_smtp_port');
 			}
 			$_mailerror = false;
 			if (PHPMailer::ValidateAddress(Settings::Get('panel.adminmail')) !== false) {
 				// set return-to address and custom sender-name, see #76
 				$testmail->SetFrom(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
 				if (Settings::Get('panel.adminmail_return') != '') {
 					$testmail->AddReplyTo(Settings::Get('panel.adminmail_return'), Settings::Get('panel.adminmail_defname'));
 				}
 				try {
 					$testmail->Subject = "Froxlor Test-Mail";
 					$mail_body = "Yay, this worked :)";
 					$testmail->AltBody = $mail_body;
 					$testmail->MsgHTML(str_replace("\n", "<br />", $mail_body));
 					$testmail->AddAddress($test_addr);
 					$testmail->Send();
 				} catch(phpmailerException $e) {
 					$mailerr_msg = $e->errorMessage();
 					$_mailerror = true;
 				} catch (Exception $e) {
 					$mailerr_msg = $e->getMessage();
 					$_mailerror = true;
 				}
 				if (!$_mailerror) {
 					// success
 					$mail->ClearAddresses();
 					standard_success('testmailsent', '', array('filename' => 'admin_settings.php', 'page' => 'testmail'));
 				}
 			} else {
 				// invalid sender e-mail
 				$mailerr_msg = "Invalid sender e-mail address: ".Settings::Get('panel.adminmail');
 				$_mailerror = true;
 			}
 		}
 		$mail_smtp_user = Settings::Get('system.mail_smtp_user');
 		$mail_smtp_host = Settings::Get('system.mail_smtp_host');
 		$mail_smtp_port = Settings::Get('system.mail_smtp_port');
 		eval("echo \"" . getTemplate("settings/testmail") . "\";");
 }
--- a/admin_templates.php
+++ b/admin_templates.php
@@ -99,7 +99,7 @@ if ($action == '') {
 	}
 	$add = false;
-	while (list($language_file, $language_name) = each($languages)) {
+	foreach ($languages as $language_file => $language_name) {
 		$templates_done = array();
 		$result_stmt = Database::prepare("
@@ -328,7 +328,7 @@ if ($action == '') {
 		$language_options = '';
 		$template_options = '';
-		while (list($language_file, $language_name) = each($languages)) {
+		foreach ($languages as $language_file => $language_name) {
 			$templates = array();
 			$result_stmt = Database::prepare("
 				SELECT `varname` FROM `" . TABLE_PANEL_TEMPLATES . "`
--- a/customer_domains.php
+++ b/customer_domains.php
@@ -260,7 +260,7 @@ if ($page == 'overview') {
 		if ($userinfo['subdomains_used'] < $userinfo['subdomains'] || $userinfo['subdomains'] == '-1') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
-				if (strpos($_POST['subdomain'], '--') !== false) {
+				if (substr($_POST['subdomain'], 0, 4) == 'xn--') {
 					standard_error('domain_nopunycode');
 				}
@@ -327,6 +327,9 @@ if ($page == 'overview') {
 				}
 				if (!preg_match('/^https?\:\/\//', $path) || !validateUrl($path)) {
 					if (strstr($path, ":") !== FALSE) {
 						standard_error('pathmaynotcontaincolon');
 					}
 					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
 					// set default path to subdomain or domain name
 					if ((($path == '') || ($path == '/')) && Settings::Get('system.documentroot_use_default_value') == 1) {
@@ -334,9 +337,6 @@ if ($page == 'overview') {
 					} else {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 					}
 					if (strstr($path, ":") !== FALSE) {
 						standard_error('pathmaynotcontaincolon');
 					}
 				} else {
 					$_doredirect = true;
 				}
@@ -405,6 +405,10 @@ if ($page == 'overview') {
 						// assign default config
 						$phpsid_result['phpsettingid'] = 1;
 					}
 					// check whether the customer has chosen its own php-config
 					if (isset($_POST['phpsettingid']) && intval($_POST['phpsettingid']) != $phpsid_result['phpsettingid']) {
 						$phpsid_result['phpsettingid'] = intval($_POST['phpsettingid']);
 					}
 					$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
 						`customerid` = :customerid,
@@ -415,6 +419,7 @@ if ($page == 'overview') {
 						`wwwserveralias` = :wwwserveralias,
 						`isemaildomain` = :isemaildomain,
 						`iswildcarddomain` = :iswildcarddomain,
 						`phpenabled` = :phpenabled,
 						`openbasedir` = :openbasedir,
 						`openbasedir_path` = :openbasedir_path,
 						`speciallogfile` = :speciallogfile,
@@ -437,6 +442,7 @@ if ($page == 'overview') {
 						"isemaildomain" => $domain_check['subcanemaildomain'] == '3' ? '1' : '0',
 						"openbasedir" => $domain_check['openbasedir'],
 						"openbasedir_path" => $openbasedir_path,
 						"phpenabled" => $domain_check['phpenabled'],
 						"speciallogfile" => $domain_check['speciallogfile'],
 						"specialsettings" => $domain_check['specialsettings'],
 						"ssl_redirect" => $ssl_redirect,
@@ -532,6 +538,27 @@ if ($page == 'overview') {
 				$openbasedir = makeoption($lng['domain']['docroot'], 0, NULL, true) . makeoption($lng['domain']['homedir'], 1, NULL, true);
 				$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
 				$phpconfigs = '';
 				$has_phpconfigs = false;
 				if (isset($userinfo['allowed_phpconfigs']) && !empty($userinfo['allowed_phpconfigs']))
 				{
 					$has_phpconfigs = true;
 					$allowed_cfg = json_decode($userinfo['allowed_phpconfigs'], JSON_OBJECT_AS_ARRAY);
 					$phpconfigs_result_stmt = Database::query("
 						SELECT c.*, fc.description as interpreter
 						FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
 						LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
 						WHERE c.id IN (".implode(", ", $allowed_cfg).")
 					");
 					while ($phpconfigs_row = $phpconfigs_result_stmt->fetch(PDO::FETCH_ASSOC)) {
 						if ((int) Settings::Get('phpfpm.enabled') == 1) {
 							$phpconfigs .= makeoption($phpconfigs_row['description'] . " [".$phpconfigs_row['interpreter']."]", $phpconfigs_row['id'], Settings::Get('phpfpm.defaultini'), true, true);
 						} else {
 							$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], Settings::Get('system.mod_fcgid_defaultini'), true, true);
 						}
 					}
 				}
 				$subdomain_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/domains/formfield.domains_add.php';
 				$subdomain_add_form = htmlform::genHTMLForm($subdomain_add_data);
@@ -569,6 +596,9 @@ if ($page == 'overview') {
 				}
 				if (!preg_match('/^https?\:\/\//', $path) || !validateUrl($path)) {
 					if (strstr($path, ":") !== FALSE) {
 						standard_error('pathmaynotcontaincolon');
 					}
 					// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
 					// set default path to subdomain or domain name
 					if ((($path == '') || ($path == '/')) && Settings::Get('system.documentroot_use_default_value') == 1) {
@@ -576,9 +606,6 @@ if ($page == 'overview') {
 					} else {
 						$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 					}
 					if (strstr($path, ":") !== FALSE) {
 						standard_error('pathmaynotcontaincolon');
 					}
 				} else {
 					$_doredirect = true;
 				}
@@ -622,6 +649,13 @@ if ($page == 'overview') {
 					$openbasedir_path = '0';
 				}
 				// check whether the customer has chosen its own php-config
 				if (isset($_POST['phpsettingid'])) {
 					$phpsettingid = intval($_POST['phpsettingid']);
 				} else {
 					$phpsettingid = $result['phpsettingid'];
 				}
 				if (isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') {
 					// a ssl-redirect only works if there actually is a
 					// ssl ip/port assigned to the domain
@@ -647,10 +681,15 @@ if ($page == 'overview') {
 					$letsencrypt = '0';
 				}
-				// We can't enable let's encrypt for wildcard - domains
+				// We can't enable let's encrypt for wildcard - domains when using acme-v1
-				if ($iswildcarddomain == '1' && $letsencrypt == '1') {
+				if ($iswildcarddomain == '1' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
 					standard_error('nowildcardwithletsencrypt');
 				}
 				// if using acme-v2 we cannot issue wildcard-certificates
 				// because they currently only support the dns-01 challenge
 				if ($iswildcarddomain == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
 					standard_error('nowildcardwithletsencryptv2');
 				}
 				// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
 				if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) {
@@ -690,6 +729,7 @@ if ($page == 'overview') {
 						|| $hsts_maxage != $result['hsts']
 						|| $hsts_sub != $result['hsts_sub']
 						|| $hsts_preload != $result['hsts_preload']
 						|| $phpsettingid != $result['phpsettingid']
 					) {
 						$log->logAction(USR_ACTION, LOG_INFO, "edited domain '" . $idna_convert->decode($result['domain']) . "'");
@@ -704,7 +744,8 @@ if ($page == 'overview') {
 							`letsencrypt`= :letsencrypt,
 							`hsts` = :hsts,
 							`hsts_sub` = :hsts_sub,
-							`hsts_preload` = :hsts_preload
+							`hsts_preload` = :hsts_preload,
 							`phpsettingid` = :phpsettingid
 							WHERE `customerid`= :customerid
 							AND `id`= :id"
 						);
@@ -720,6 +761,7 @@ if ($page == 'overview') {
 							"hsts" => $hsts_maxage,
 							"hsts_sub" => $hsts_sub,
 							"hsts_preload" => $hsts_preload,
 							"phpsettingid" => $phpsettingid,
 							"customerid" => $userinfo['customerid'],
 							"id" => $id
 						);
@@ -844,6 +886,27 @@ if ($page == 'overview') {
 					$result_ipandport['ip'] .= $rowip['ip'] . "<br />";
 				}
 				$phpconfigs = '';
 				$has_phpconfigs = false;
 				if (isset($userinfo['allowed_phpconfigs']) && !empty($userinfo['allowed_phpconfigs']))
 				{
 					$has_phpconfigs = true;
 					$allowed_cfg = json_decode($userinfo['allowed_phpconfigs'], JSON_OBJECT_AS_ARRAY);
 					$phpconfigs_result_stmt = Database::query("
 						SELECT c.*, fc.description as interpreter
 						FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
 						LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
 						WHERE c.id IN (".implode(", ", $allowed_cfg).")
 					");
 					while ($phpconfigs_row = $phpconfigs_result_stmt->fetch(PDO::FETCH_ASSOC)) {
 						if ((int) Settings::Get('phpfpm.enabled') == 1) {
 							$phpconfigs .= makeoption($phpconfigs_row['description'] . " [".$phpconfigs_row['interpreter']."]", $phpconfigs_row['id'], $result['phpsettingid'], true, true);
 						} else {
 							$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true);
 						}
 					}
 				}
 				$domainip = $result_ipandport['ip'];
 				$result = htmlentities_array($result);
--- a/customer_email.php
+++ b/customer_email.php
@@ -96,7 +96,8 @@ if ($page == 'overview') {
 					$row['destination'] = explode(' ', $row['destination']);
 					uasort($row['destination'], 'strcasecmp');
-					while (list($dest_id, $destination) = each($row['destination'])) {
+					$dest_list = $row['destination'];
 					foreach ($dest_list as $dest_id => $destination) {
 						$row['destination'][$dest_id] = $idna_convert->decode($row['destination'][$dest_id]);
 						if ($row['destination'][$dest_id] == $row['email_full']) {
@@ -164,7 +165,7 @@ if ($page == 'overview') {
 						Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $result['popaccountid']));
 						$update_users_query_addon .= " , `email_accounts_used` = `email_accounts_used` - 1 ";
 						$number_forwarders-= 1;
-						$log->logAction(USR_ACTION, LOG_NOTICE, "deleted forwarder for email address '" . $result['email'] . "'");
+						$log->logAction(USR_ACTION, LOG_INFO, "deleted forwarder for email address '" . $result['email'] . "'");
 					}
 				} else {
 					$number_forwarders = 0;
@@ -323,7 +324,7 @@ if ($page == 'overview') {
 			$forwarders = '';
 			$forwarders_count = 0;
-			while (list($dest_id, $destination) = each($result['destination'])) {
+			foreach ($result['destination'] as $dest_id => $destination) {
 				$destination = $idna_convert->decode($destination);
 				if ($destination != $result['email_full'] && $destination != '') {
@@ -652,7 +653,7 @@ if ($page == 'overview') {
 				$password = validatePassword($password);
-				$log->logAction(USR_ACTION, LOG_NOTICE, "changed email password for '" . $result['email_full'] . "'");
+				$log->logAction(USR_ACTION, LOG_INFO, "changed email password for '" . $result['email_full'] . "'");
 				$cryptPassword = makeCryptPassword($password);
 				$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "`
 					SET " . (Settings::Get('system.mailpwcleartext') == '1' ? "`password` = :password, " : '') . "
@@ -699,7 +700,7 @@ if ($page == 'overview') {
 				if ($userinfo['email_quota'] != '-1' && ($quota == 0 || ($quota + $userinfo['email_quota_used'] - $result['quota']) > $userinfo['email_quota'])) {
 					standard_error('allocatetoomuchquota', $quota);
 				} else {
-					$log->logAction(USR_ACTION, LOG_NOTICE, "updated quota for email address '" . $result['email'] . "' to " . $quota . " MB");
+					$log->logAction(USR_ACTION, LOG_INFO, "updated quota for email address '" . $result['email'] . "' to " . $quota . " MB");
 					$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_USERS . "`
 						SET `quota` = :quota
 						WHERE `id` = :id
@@ -834,7 +835,7 @@ if ($page == 'overview') {
 						);
 						Database::pexecute($stmt, array("cid" => $userinfo['customerid']));
-						$log->logAction(USR_ACTION, LOG_NOTICE, "added email forwarder for '" . $result['email_full'] . "'");
+						$log->logAction(USR_ACTION, LOG_INFO, "added email forwarder for '" . $result['email_full'] . "'");
 						redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 					}
 				} else {
@@ -895,7 +896,7 @@ if ($page == 'overview') {
 					);
 					Database::pexecute($stmt, array("cid" => $userinfo['customerid']));
-					$log->logAction(USR_ACTION, LOG_NOTICE, "deleted email forwarder for '" . $result['email_full'] . "'");
+					$log->logAction(USR_ACTION, LOG_INFO, "deleted email forwarder for '" . $result['email_full'] . "'");
 					redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
 				} else {
 					ask_yesno('email_reallydelete_forwarder', $filename, array('id' => $id, 'forwarderid' => $forwarderid, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']) . ' -> ' . $idna_convert->decode($forwarder));
--- a/customer_ftp.php
+++ b/customer_ftp.php
@@ -134,6 +134,12 @@ if ($page == 'overview') {
 				// refs #293
 				if (isset($_POST['delete_userfiles']) && (int)$_POST['delete_userfiles'] == 1) {
 					inserttask('8', $userinfo['loginname'], $result['homedir']);
 				} else {
 					if (Settings::Get('system.nssextrausers') == 1)
 					{
 						// this is used so that the libnss-extrausers cron is fired
 						inserttask(5);
 					}
 				}
 				$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
@@ -431,6 +437,7 @@ if ($page == 'overview') {
 				}
 				$log->logAction(USR_ACTION, LOG_INFO, "edited ftp-account '" . $result['username'] . "'");
 				inserttask(5);
 				$description = validate($_POST['ftp_description'], 'description');
 				$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
 					SET `description` = :desc, `shell` = :shell
--- a/customer_index.php
+++ b/customer_index.php
@@ -204,7 +204,7 @@ if ($page == 'overview') {
 		}
 		$language_options = '';
-		while (list($language_file, $language_name) = each($languages)) {
+		foreach ($languages as $language_file => $language_name) {
 			$language_options .= makeoption($language_name, $language_file, $default_lang, true);
 		}
--- a/customer_logger.php
+++ b/customer_logger.php
@@ -16,17 +16,15 @@
 * @package    Panel
 *
 */
 define('AREA', 'customer');
 require './lib/init.php';
 // redirect if this customer page is hidden via settings
-if (Settings::IsInList('panel.customer_hide_options','extras.logger')) {
+if (Settings::IsInList('panel.customer_hide_options', 'extras.logger')) {
 	redirectTo('customer_index.php');
 }
-if ($page == 'log'
+if ($page == 'log') {
 ) {
 	if ($action == '') {
 		$fields = array(
 			'date' => $lng['logger']['date'],
@@ -34,12 +32,18 @@ if ($page == 'log'
 			'user' => $lng['logger']['user'],
 			'text' => $lng['logger']['action']
 		);
-		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc');
+		$paging = new paging($userinfo, TABLE_PANEL_LOG, $fields, null, null, 0, 'desc', 30);
-		$result_stmt = Database::prepare('
+		$query = 'SELECT * FROM `' . TABLE_PANEL_LOG . '` WHERE `user` = :loginname ' . $paging->getSqlWhere(true) . ' ' . $paging->getSqlOrderBy();
-			SELECT * FROM `' . TABLE_PANEL_LOG . '` WHERE `user` = :loginname ' . $paging->getSqlWhere(true) . ' ' . $paging->getSqlOrderBy() . ' ' . $paging->getSqlLimit()
+		$result_stmt = Database::prepare($query . ' ' . $paging->getSqlLimit());
-		);
+		Database::pexecute($result_stmt, array(
-		Database::pexecute($result_stmt, array("loginname" => $userinfo['loginname']));
+			"loginname" => $userinfo['loginname']
-		$logs_count = Database::num_rows();
+		));
 		$result_cnt_stmt = Database::prepare($query);
 		Database::pexecute($result_cnt_stmt, array(
 			"loginname" => $userinfo['loginname']
 		));
 		$res_cnt = $result_cnt_stmt->fetch(PDO::FETCH_ASSOC);
 		$logs_count = $result_cnt_stmt->rowCount();
 		$paging->setEntries($logs_count);
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -49,17 +53,13 @@ if ($page == 'log'
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-			if (!isset($clog[$row['action']])
+			if (! isset($clog[$row['action']]) || ! is_array($clog[$row['action']])) {
 				|| !is_array($clog[$row['action']])
 			) {
 				$clog[$row['action']] = array();
 			}
 			$clog[$row['action']][$row['logid']] = $row;
 		}
-		if ($paging->sortfield == 'date'
+		if ($paging->sortfield == 'date' && $paging->sortorder == 'desc') {
 			&& $paging->sortorder == 'desc'
 		) {
 			krsort($clog);
 		} else {
 			ksort($clog);
@@ -72,51 +72,50 @@ if ($page == 'log'
 		foreach ($clog as $action => $logrows) {
 			$_action = 0;
 			foreach ($logrows as $row) {
-				if ($paging->checkDisplay($i)) {
+				// if ($paging->checkDisplay($i)) {
-					$row = htmlentities_array($row);
+				$row = htmlentities_array($row);
-					$row['date'] = date("d.m.y H:i:s", $row['date']);
+				$row['date'] = date("d.m.y H:i:s", $row['date']);
-					if ($_action != $action) {
+				if ($_action != $action) {
-						switch ($action) {
+					switch ($action) {
-							case USR_ACTION:
+						case USR_ACTION:
-								$_action = $lng['admin']['customer'];
+							$_action = $lng['admin']['customer'];
-								break;
+							break;
-							case RES_ACTION:
+						case RES_ACTION:
-								$_action = $lng['logger']['reseller'];
+							$_action = $lng['logger']['reseller'];
-								break;
+							break;
-							case ADM_ACTION:
+						case ADM_ACTION:
-								$_action = $lng['logger']['admin'];
+							$_action = $lng['logger']['admin'];
-								break;
+							break;
-							case CRON_ACTION:
+						case CRON_ACTION:
-								$_action = $lng['logger']['cron'];
+							$_action = $lng['logger']['cron'];
-								break;
+							break;
-							case LOGIN_ACTION:
+						case LOGIN_ACTION:
-								$_action = $lng['logger']['login'];
+							$_action = $lng['logger']['login'];
-								break;
+							break;
-							case LOG_ERROR:
+						case LOG_ERROR:
-								$_action = $lng['logger']['intern'];
+							$_action = $lng['logger']['intern'];
-								break;
+							break;
-							default:
+						default:
-								$_action = $lng['logger']['unknown'];
+							$_action = $lng['logger']['unknown'];
-								break;
+							break;
 						}
 						$row['action'] = $_action;
 						eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";");
 					}
-					$log_count++;
+					$row['action'] = $_action;
-					$row['type'] = getLogLevelDesc($row['type']);
+					eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";");
 					eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
 					$count++;
 					$_action = $action;
 				}
-				$i++;
+				
 				$log_count ++;
 				$row['type'] = getLogLevelDesc($row['type']);
 				eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
 				$count ++;
 				$_action = $action;
 				// }
 				$i ++;
 			}
-			$i++;
+			$i ++;
 		}
 		eval("echo \"" . getTemplate('logger/logger') . "\";");
 	}
 }
--- a/customer_tickets.php
+++ b/customer_tickets.php
@@ -20,10 +20,6 @@
 define('AREA', 'customer');
 require './lib/init.php';
 // redirect if this customer page is hidden via settings
 if (Settings::IsInList('panel.customer_hide_options','domains')) {
 	redirectTo('customer_index.php');
 }
 if (isset($_POST['id'])) {
--- a/dns_editor.php
+++ b/dns_editor.php
@@ -56,13 +56,29 @@ if ($action == 'add_record' && ! empty($_POST)) {
 		if (strpos($record, '--') !== false) {
 			$errors[] = $lng['error']['domain_nopunycode'];
 		} else {
 			// check for wildcard-record
 			$add_wildcard_again = false;
 			if (substr($record, 0, 2) == '*.') {
 				$record = substr($record, 2);
 				$add_wildcard_again = true;
 			}
 			// convert entry
 			$record = $idna_convert->encode($record);
 			if ($add_wildcard_again) {
 				$record = '*.'.$record;
 			}
 			/*
 			 * see https://redmine.froxlor.org/issues/1697
 			 *
 			if ($type != 'SRV' && $type != 'TXT') {
 				$check_dom = $record . '.example.com';
 				if (! validateDomain($check_dom)) {
 					$errors[] = sprintf($lng['error']['subdomainiswrong'], $idna_convert->decode($record));
 				}
 			}
 			*/
 			if (strlen($record) > 63) {
 				$errors[] = $lng['error']['dns_record_toolong'];
 			}
@@ -112,6 +128,9 @@ if ($action == 'add_record' && ! empty($_POST)) {
 		if (substr($content, - 1) == '.') {
 			// remove it for checks
 			$content = substr($content, 0, - 1);
 		} else {
 			// add domain name
 			$content .= '.' . $domain;
 		}
 		if (! validateDomain($content)) {
 			$errors[] = $lng['error']['dns_cname_invaliddom'];
@@ -171,8 +190,8 @@ if ($action == 'add_record' && ! empty($_POST)) {
 				}
 			}
 		}
-		// append trailing dot (again)
+		// append trailing dot if there's none
-		if ($target != '.') {
+		if (substr($content, - 1) != '.') {
 			$content .= '.';
 		}
 	}
--- a/index.php
+++ b/index.php
@@ -250,7 +250,7 @@ if ($action == 'login') {
 		$language_options = '';
 		$language_options .= makeoption($lng['login']['profile_lng'], 'profile', 'profile', true, true);
-		while (list($language_file, $language_name) = each($languages)) {
+		foreach ($languages as $language_file => $language_name) {
 			$language_options .= makeoption($language_name, $language_file, 'profile', true);
 		}
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -66,7 +66,7 @@ CREATE TABLE `mail_virtual` (
  `id` int(11) NOT NULL auto_increment,
  `email` varchar(255) NOT NULL default '',
  `email_full` varchar(255) NOT NULL default '',
-  `destination` text NOT NULL default '',
+  `destination` text,
  `domainid` int(11) NOT NULL default '0',
  `customerid` int(11) NOT NULL default '0',
  `popaccountid` int(11) NOT NULL default '0',
@@ -198,6 +198,7 @@ CREATE TABLE `panel_customers` (
  `lepublickey` mediumtext default NULL,
  `leprivatekey` mediumtext default NULL,
  `leregistered` tinyint(1) NOT NULL default '0',
  `allowed_phpconfigs` varchar(500) NOT NULL default '',
   PRIMARY KEY  (`customerid`),
   UNIQUE KEY `loginname` (`loginname`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -257,6 +258,8 @@ CREATE TABLE `panel_domains` (
  `hsts` varchar(10) NOT NULL default '0',
  `hsts_sub` tinyint(1) NOT NULL default '0',
  `hsts_preload` tinyint(1) NOT NULL default '0',
  `ocsp_stapling` tinyint(1) DEFAULT '0',
  `http2` tinyint(1) DEFAULT '0',
  PRIMARY KEY  (`id`),
  KEY `customerid` (`customerid`),
  KEY `parentdomain` (`parentdomainid`),
@@ -411,6 +414,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('phpfpm', 'max_requests', '0'),
 	('phpfpm', 'tmpdir', '/var/customers/tmp/'),
 	('phpfpm', 'peardir', '/usr/share/php/:/usr/share/php5/'),
 	('phpfpm', 'envpath', '/usr/local/bin:/usr/bin:/bin'),
 	('phpfpm', 'enabled_ownvhost', '0'),
 	('phpfpm', 'vhost_httpuser', 'froxlorlocal'),
 	('phpfpm', 'vhost_httpgroup', 'froxlorlocal'),
@@ -420,6 +424,102 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('phpfpm', 'vhost_defaultini', '2'),
 	('phpfpm', 'fastcgi_ipcdir', '/var/lib/apache2/fastcgi/'),
 	('phpfpm', 'use_mod_proxy', '0'),
 	('phpfpm', 'ini_flags', 'asp_tags
 display_errors
 display_startup_errors
 html_errors
 log_errors
 magic_quotes_gpc
 magic_quotes_runtime
 magic_quotes_sybase
 mail.add_x_header
 session.cookie_secure
 session.use_cookies
 short_open_tag
 track_errors
 xmlrpc_errors
 suhosin.simulation
 suhosin.session.encrypt
 suhosin.session.cryptua
 suhosin.session.cryptdocroot
 suhosin.cookie.encrypt
 suhosin.cookie.cryptua
 suhosin.cookie.cryptdocroot
 suhosin.executor.disable_eval
 mbstring.func_overload'),
 	('phpfpm', 'ini_values', 'auto_append_file
 auto_prepend_file
 date.timezone
 default_charset
 error_reporting
 include_path
 log_errors_max_len
 mail.log
 max_execution_time
 session.cookie_domain
 session.cookie_lifetime
 session.cookie_path
 session.name
 session.serialize_handler
 upload_max_filesize
 xmlrpc_error_number
 session.auto_start
 always_populate_raw_post_data
 suhosin.session.cryptkey
 suhosin.session.cryptraddr
 suhosin.session.checkraddr
 suhosin.cookie.cryptkey
 suhosin.cookie.plainlist
 suhosin.cookie.cryptraddr
 suhosin.cookie.checkraddr
 suhosin.executor.func.blacklist
 suhosin.executor.eval.whitelist'),
 	('phpfpm', 'ini_admin_flags', 'allow_call_time_pass_reference
 allow_url_fopen
 allow_url_include
 auto_detect_line_endings
 cgi.fix_pathinfo
 cgi.force_redirect
 enable_dl
 expose_php
 file_uploads
 ignore_repeated_errors
 ignore_repeated_source
 log_errors
 register_argc_argv
 report_memleaks
 opcache.enable
 opcache.consistency_checks
 opcache.dups_fix
 opcache.load_comments
 opcache.revalidate_path
 opcache.save_comments
 opcache.use_cwd
 opcache.validate_timestamps
 opcache.fast_shutdown'),
 	('phpfpm', 'ini_admin_values', 'cgi.redirect_status_env
 date.timezone
 disable_classes
 disable_functions
 error_log
 gpc_order
 max_input_time
 max_input_vars
 memory_limit
 open_basedir
 output_buffering
 post_max_size
 precision
 sendmail_path
 session.gc_divisor
 session.gc_probability
 variables_order
 opcache.log_verbosity_level
 opcache.restrict_api
 opcache.revalidate_freq
 opcache.max_accelerated_files
 opcache.memory_consumption
 opcache.interned_strings_buffer'),
 	('nginx', 'fastcgiparams', '/etc/nginx/fastcgi_params'),
 	('system', 'lastaccountnumber', '0'),
 	('system', 'lastguid', '9999'),
@@ -499,10 +599,11 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'ssl_cert_chainfile', ''),
 	('system', 'ssl_cipher_list', 'ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128'),
 	('system', 'nginx_php_backend', '127.0.0.1:8888'),
-	('system', 'nginx_http2_support', '0'),
+	('system', 'http2_support', '0'),
 	('system', 'perl_server', 'unix:/var/run/nginx/cgiwrap-dispatch.sock'),
 	('system', 'phpreload_command', ''),
-	('system', 'apache24', '0'),
+	('system', 'apache24', '1'),
 	('system', 'apache24_ocsp_cache_path', 'shmcb:/var/run/apache2/ocsp-stapling.cache(131072)'),
 	('system', 'documentroot_use_default_value', '0'),
 	('system', 'passwordcryptfunc', '3'),
 	('system', 'axfrservers', ''),
@@ -530,6 +631,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'letsencryptkeysize', '4096'),
 	('system', 'letsencryptreuseold', 0),
 	('system', 'leenabled', '0'),
 	('system', 'leapiversion', '1'),
 	('system', 'backupenabled', '0'),
 	('system', 'dnsenabled', '0'),
 	('system', 'dns_server', 'bind'),
@@ -550,6 +652,9 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'hsts_incsub', '0'),
 	('system', 'hsts_preload', '0'),
 	('system', 'leregistered', '0'),
 	('system', 'nssextrausers', '0'),
 	('system', 'disable_le_selfcheck', '0'),
 	('system', 'ssl_protocols', 'TLSv1,TLSv1.2'),
 	('panel', 'decimal_places', '4'),
 	('panel', 'adminmail', 'admin@SERVERNAME'),
 	('panel', 'phpmyadmin_url', ''),
@@ -581,8 +686,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'password_special_char_required', '0'),
 	('panel', 'password_special_char', '!?<>§$%+#=@'),
 	('panel', 'customer_hide_options', ''),
-	('panel', 'version', '0.9.38.5'),
+	('panel', 'version', '0.9.39.2'),
-	('panel', 'db_version', '201612110');
+	('panel', 'db_version', '201801260');
 DROP TABLE IF EXISTS `panel_tasks`;
@@ -748,6 +853,33 @@ CREATE TABLE IF NOT EXISTS `panel_syslog` (
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
 DROP TABLE IF EXISTS `panel_fpmdaemons`;
 CREATE TABLE `panel_fpmdaemons` (
  `id` int(11) unsigned NOT NULL auto_increment,
  `description` varchar(50) NOT NULL,
  `reload_cmd` varchar(255) NOT NULL,
  `config_dir` varchar(255) NOT NULL,
  `pm` varchar(15) NOT NULL DEFAULT 'static',
  `max_children` int(4) NOT NULL DEFAULT '1',
  `start_servers` int(4) NOT NULL DEFAULT '20',
  `min_spare_servers` int(4) NOT NULL DEFAULT '5',
  `max_spare_servers` int(4) NOT NULL DEFAULT '35',
  `max_requests` int(4) NOT NULL DEFAULT '0',
  `idle_timeout` int(4) NOT NULL DEFAULT '30',
  `limit_extensions` varchar(255) NOT NULL default '.php',
  PRIMARY KEY  (`id`),
  UNIQUE KEY `reload` (`reload_cmd`),
  UNIQUE KEY `config` (`config_dir`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
 INSERT INTO `panel_fpmdaemons` (`id`, `description`, `reload_cmd`, `config_dir`) VALUES
 (1, 'System default', 'service php7.0-fpm restart', '/etc/php/7.0/fpm/pool.d/');
 DROP TABLE IF EXISTS `panel_phpconfigs`;
 CREATE TABLE `panel_phpconfigs` (
  `id` int(11) unsigned NOT NULL auto_increment,
@@ -761,14 +893,17 @@ CREATE TABLE `panel_phpconfigs` (
  `fpm_reqterm` varchar(15) NOT NULL default '60s',
  `fpm_reqslow` varchar(15) NOT NULL default '5s',
  `phpsettings` text NOT NULL,
-  PRIMARY KEY  (`id`)
+  `fpmsettingid` int(11) NOT NULL DEFAULT '1',
  `pass_authorizationheader` tinyint(1) NOT NULL default '0',
  PRIMARY KEY  (`id`),
  KEY `fpmsettingid` (`fpmsettingid`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
 INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `phpsettings`) VALUES
 (1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = "{DOCUMENT_ROOT}"\r\n'),
-(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = ""\r\n');
+(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 128M\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n;mail.add_x_header = On\r\n;mail.log = "/var/log/phpmail.log"\r\nopcache.restrict_api = ""\r\n');
 DROP TABLE IF EXISTS `cronjobs_run`;
--- a/install/lib/class.FroxlorInstall.php
+++ b/install/lib/class.FroxlorInstall.php
@@ -74,10 +74,17 @@ class FroxlorInstall
 	/**
 	 * currently used language
 	 *
-	 * @var unknown
+	 * @var string
 	 */
 	private $_activelng = 'english';
 	/**
 	 * check whether to abort due to errors
 	 *
 	 * @var bool
 	 */
 	private $_abort = false;
 	/**
 	 * Class constructor
 	 */
@@ -181,7 +188,7 @@ class FroxlorInstall
 			$this->_data['servername'] = '';
 		}
-		if (empty($this->_data['serverip'] || $this->_validate_ip($this->_data['serverip']) == false)) {
+		if (empty($this->_data['serverip']) || $this->_validate_ip($this->_data['serverip']) == false) {
 			return false;
 		}
@@ -204,7 +211,7 @@ class FroxlorInstall
 		$content .= $this->_status_message('begin', $this->_lng['install']['testing_mysql']);
 		$options = array(
-			'PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8'
+			'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"'
 		);
 		$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";";
 		$fatal_fail = false;
@@ -238,36 +245,37 @@ class FroxlorInstall
 			$content .= $this->_createDatabaseAndUser($db_root);
 			// importing data to new database
 			$content .= $this->_importDatabaseData();
-			// create DB object for new database
+			if (! $this->_abort) {
-			$options = array(
+				// create DB object for new database
-				'PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8'
+				$options = array(
-			);
+					'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"'
-			$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
+				);
-			$another_fail = false;
+				$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
-			try {
+				$another_fail = false;
-				$db = new PDO($dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options);
+				try {
-			} catch (PDOException $e) {
+					$db = new PDO($dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options);
-				// dafuq? this should have happened in _importDatabaseData()
+				} catch (PDOException $e) {
-				$content .= $this->_status_message('red', $e->getMessage());
+					// dafuq? this should have happened in _importDatabaseData()
-				$another_fail = true;
+					$content .= $this->_status_message('red', $e->getMessage());
-			}
+					$another_fail = true;
-			;
+				}
-			if (! $another_fail) {
+				if (! $another_fail) {
-				// change settings accordingly
+					// change settings accordingly
-				$content .= $this->_doSettings($db);
+					$content .= $this->_doSettings($db);
-				// create entries
+					// create entries
-				$content .= $this->_doDataEntries($db);
+					$content .= $this->_doDataEntries($db);
-				$db = null;
+					$db = null;
-				// create config-file
+					// create config-file
-				$content .= $this->_createUserdataConf();
+					$content .= $this->_createUserdataConf();
 				}
 			}
 		}
 		$content .= "</table>";
 		// check if we have unrecoverable errors
-		if ($fatal_fail || $another_fail) {
+		if ($fatal_fail || $another_fail || $this->_abort) {
 			// D'oh
 			$navigation = '';
 			$msgcolor = 'red';
@@ -511,17 +519,23 @@ class FroxlorInstall
 		$content = "";
 		$content .= $this->_status_message('begin', $this->_lng['install']['testing_new_db']);
 		$options = array(
-			'PDO::MYSQL_ATTR_INIT_COMMAND' => 'set names utf8'
+			'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"'
 		);
 		$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
 		$fatal_fail = false;
 		try {
 			$db = new PDO($dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options);
 			$attributes = array(
 				'ATTR_ERRMODE' => 'ERRMODE_EXCEPTION'
 			);
 			// set attributes
 			foreach ($attributes as $k => $v) {
 				$db->setAttribute(constant("PDO::" . $k), constant("PDO::" . $v));
 			}
 		} catch (PDOException $e) {
 			$content .= $this->_status_message('red', $e->getMessage());
 			$fatal_fail = true;
 		}
 		;
 		if (! $fatal_fail) {
@@ -534,12 +548,21 @@ class FroxlorInstall
 			$sql_query = $this->_split_sql_file($sql_query, ';');
 			for ($i = 0; $i < sizeof($sql_query); $i ++) {
 				if (trim($sql_query[$i]) != '') {
-					$result = $db->query($sql_query[$i]);
+					try {
 						$result = $db->query($sql_query[$i]);
 					} catch (\PDOException $e) {
 						$content .= $this->_status_message('red', $e->getMessage());
 						$fatal_fail = true;
 						$this->_abort = true;
 						break;
 					}
 				}
 			}
 			$db = null;
-			$content .= $this->_status_message('green', 'OK');
+			if (! $fatal_fail) {
 				$content .= $this->_status_message('green', 'OK');
 			}
 			$db = null;
 		}
 		return $content;
@@ -702,7 +725,7 @@ class FroxlorInstall
 		}
 		// language selection
 		$language_options = '';
-		while (list ($language_file, $language_name) = each($this->_languages)) {
+		foreach ($this->_languages as $language_name => $language_file) {
 			$language_options .= makeoption($language_name, $language_file, $this->_activelng, true, true);
 		}
 		// get language-form-template
@@ -913,7 +936,7 @@ class FroxlorInstall
 			$_die = true;
 		} else {
 			if (version_compare("5.6.0", PHP_VERSION, ">=")) {
-				$content .= $this->_status_message('orange', $this->_lng['requirements']['newerphpprefered'] . ' (' .PHP_VERSION . ')');
+				$content .= $this->_status_message('orange', $this->_lng['requirements']['newerphpprefered'] . ' (' . PHP_VERSION . ')');
 			} else {
 				$content .= $this->_status_message('green', PHP_VERSION);
 			}
@@ -1009,6 +1032,15 @@ class FroxlorInstall
 			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
 		}
 		// check for json extension
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpjson']);
 		if (! extension_loaded('json')) {
 			$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['jsondescription']);
 		} else {
 			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
 		}
 		// check for open_basedir
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['openbasedir']);
 		$php_ob = @ini_get("open_basedir");
@@ -1168,14 +1200,13 @@ class FroxlorInstall
 			$this->_data['servername'] = $_POST['servername'];
 			return;
 			// from $_SERVER
-		} else
+		} else if (! empty($_SERVER['SERVER_NAME'])) {
-			if (! empty($_SERVER['SERVER_NAME'])) {
+			// no ips
-				// no ips
+			if ($this->_validate_ip($_SERVER['SERVER_NAME']) == false) {
-				if ($this->_validate_ip($_SERVER['SERVER_NAME']) == false) {
+				$this->_data['servername'] = $_SERVER['SERVER_NAME'];
-					$this->_data['servername'] = $_SERVER['SERVER_NAME'];
+				return;
 					return;
 				}
 			}
 		}
 		// empty
 		$this->_data['servername'] = '';
 	}
@@ -1208,7 +1239,7 @@ class FroxlorInstall
 			$this->_data['webserver'] = $_POST['webserver'];
 		} else {
 			if (strtoupper(@php_sapi_name()) == "APACHE2HANDLER" || stristr($_SERVER['SERVER_SOFTWARE'], "apache/2")) {
-				$this->_data['webserver'] = 'apache2';
+				$this->_data['webserver'] = 'apache24';
 			} elseif (substr(strtoupper(@php_sapi_name()), 0, 8) == "LIGHTTPD" || stristr($_SERVER['SERVER_SOFTWARE'], "lighttpd")) {
 				$this->_data['webserver'] = 'lighttpd';
 			} elseif (substr(strtoupper(@php_sapi_name()), 0, 8) == "NGINX" || stristr($_SERVER['SERVER_SOFTWARE'], "nginx")) {
--- a/install/lng/english.lng.php
+++ b/install/lng/english.lng.php
@@ -35,8 +35,10 @@ $lng['requirements']['phpbcmath'] = 'PHP bcmath-extension...';
 $lng['requirements']['phpcurl'] = 'PHP curl-extension...';
 $lng['requirements']['phpmbstring'] = 'PHP mbstring-extension...';
 $lng['requirements']['phpzip'] = 'PHP zip-extension...';
 $lng['requirements']['phpjson'] = 'PHP json-extension...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!';
 $lng['requirements']['zipdescription'] = 'The auto-update feature requires the zip extension.';
 $lng['requirements']['jsondescription'] = 'The settings import/export feature requires the json extension.';
 $lng['requirements']['openbasedir'] = 'open_basedir...';
 $lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini';
 $lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.';
@@ -63,7 +65,7 @@ $lng['install']['serversettings'] = 'Server settings';
 $lng['install']['servername'] = 'Server name (FQDN, no ip-address)';
 $lng['install']['serverip'] = 'Server IP';
 $lng['install']['webserver'] = 'Webserver';
-$lng['install']['apache2'] = 'Apache 2';
+$lng['install']['apache2'] = 'Apache 2.2';
 $lng['install']['apache24'] = 'Apache 2.4';
 $lng['install']['lighttpd'] = 'LigHTTPd';
 $lng['install']['nginx'] = 'NGINX';
@@ -83,8 +85,8 @@ $lng['install']['changing_data'] = 'Adjusting settings...';
 $lng['install']['creating_entries'] = 'Inserting new values...';
 $lng['install']['adding_admin_user'] = 'Creating admin-account...';
 $lng['install']['creating_configfile'] = 'Creating configfile...';
-$lng['install']['creating_configfile_temp'] = 'File was saved in /tmp/userdata.inc.php, please move to lib/.';
+$lng['install']['creating_configfile_temp'] = 'File was saved in /tmp/userdata.inc.php, please move to '.dirname(dirname(__DIR__)).'/lib/.';
-$lng['install']['creating_configfile_failed'] = 'Could not create lib/userdata.inc.php, please create it manually with the following content:';
+$lng['install']['creating_configfile_failed'] = 'Could not create '.dirname(dirname(__DIR__)).'/lib/userdata.inc.php, please create it manually with the following content:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor was installed successfully.';
 $lng['click_here_to_refresh'] = 'Click here to check again';
--- a/install/lng/french.lng.php
+++ b/install/lng/french.lng.php
@@ -79,8 +79,8 @@ $lng['install']['changing_data'] = 'Ajustement des paramètres...';
 $lng['install']['creating_entries'] = 'Insertion des nouvelles valeurs...';
 $lng['install']['adding_admin_user'] = 'Création du compte administrateur...';
 $lng['install']['creating_configfile'] = 'Création du fichier de configuration...';
-$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans lib/.';
+$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans '.dirname(dirname(__DIR__)).'/lib/.';
-$lng['install']['creating_configfile_failed'] = 'Impossible de créer lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
+$lng['install']['creating_configfile_failed'] = 'Impossible de créer '.dirname(dirname(__DIR__)).'/lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor a été installé avec succès.';
 $lng['click_here_to_refresh'] = 'Cliquez ici pour vérifier à nouveau';
--- a/install/lng/german.lng.php
+++ b/install/lng/german.lng.php
@@ -35,8 +35,10 @@ $lng['requirements']['phpbcmath'] = 'PHP bcmath-Erweiterung...';
 $lng['requirements']['phpcurl'] = 'PHP curl-Erweiterung...';
 $lng['requirements']['phpmbstring'] = 'PHP mbstring-Erweiterung...';
 $lng['requirements']['phpzip'] = 'PHP zip-Erweiterung...';
 $lng['requirements']['phpjson'] = 'PHP json-Erweiterung...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollständig zur Verfügung!';
 $lng['requirements']['zipdescription'] = 'Die Auto-Update Funktion benötigt die zip Erweiterung.';
 $lng['requirements']['jsondescription'] = 'Die Einstellungen Import/Export Funktion benötigt die json Erweiterung.';
 $lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...';
 $lng['requirements']['openbasedirenabled'] = 'Froxlor wird mit aktiviertem open_basedir nicht vollständig funktionieren. Bitte deaktivieren Sie open_basedir für Froxlor in der entsprechenden php.ini';
 $lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Beheben Sie die angezeigten Probleme und versuchen Sie es erneut.';
@@ -83,8 +85,8 @@ $lng['install']['changing_data'] = 'Einstellungen anpassen...';
 $lng['install']['creating_entries'] = 'Trage neue Werte ein...';
 $lng['install']['adding_admin_user'] = 'Erstelle Admin-Benutzer...';
 $lng['install']['creating_configfile'] = 'Erstelle Konfigurationsdatei...';
-$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach lib/ verschieben.';
+$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach '.dirname(dirname(__DIR__)).'/lib/ verschieben.';
-$lng['install']['creating_configfile_failed'] = 'Konnte lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
+$lng['install']['creating_configfile_failed'] = 'Konnte '.dirname(dirname(__DIR__)).'/lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
 $lng['install']['froxlor_succ_installed'] = 'Froxlor wurde erfolgreich installiert.';
 $lng['click_here_to_refresh'] = 'Hier klicken, um erneut zu prüfen';
--- a/install/scripts/config-services.php
+++ b/install/scripts/config-services.php
@@ -0,0 +1,427 @@
 #!/usr/bin/php
 <?php
 /**
 * This file is part of the Froxlor project.
 * Copyright (c) 2018 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright (c) the authors
 * @author Froxlor team <team@froxlor.org> (2018-)
 * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package Cron
 *         
 */
 // Check if we're in the CLI
 if (@php_sapi_name() !== 'cli') {
 	die('This script will only work in the shell.');
 }
 require dirname(dirname(__DIR__)) . '/lib/classes/output/class.CmdLineHandler.php';
 class ConfigServicesCmd extends CmdLineHandler
 {
 	/**
 	 * list of valid switches
 	 *
 	 * @var array
 	 */
 	public static $switches = array(
 		'h'
 	);
 	/**
 	 * list of valid parameters
 	 *
 	 * @var array
 	 */
 	public static $params = array(
 		'create',
 		'apply',
 		'daemon',
 		'list-daemons',
 		'froxlor-dir',
 		'help'
 	);
 	public static $action_class = 'Action';
 	public static function printHelp()
 	{
 		self::println("");
 		self::println("Help / command line parameters:");
 		self::println("");
 		// commands
 		self::println("--create\t\tlets you create a services list configuration for the 'apply' command");
 		self::println("");
 		self::println("--apply\t\t\tconfigure your services by given configuration file. To create one run the --create command");
 		self::println("\t\t\tExample: --apply=/path/to/my-config.json");
 		self::println("");
 		self::println("--list-daemons\t\tOutput the services that are going to be configured using a given config file. No services will be configured.");
 		self::println("\t\t\tExample: --apply=/path/to/my-config.json --list-daemons");
 		self::println("");
 		self::println("--daemon\t\tWhen running --apply you can specify a daemon. This will be the only service that gets configured");
 		self::println("\t\t\tExample: --apply=/path/to/my-config.json --daemon=apache24");
 		self::println("");
 		self::println("--froxlor-dir\t\tpath to froxlor installation");
 		self::println("\t\t\tExample: --froxlor-dir=/var/www/froxlor/");
 		self::println("");
 		self::println("--help\t\t\tshow help screen (this)");
 		self::println("");
 		// switches
 		// self::println("-d\t\t\tenable debug output");
 		self::println("-h\t\t\tsame as --help");
 		self::println("");
 		die(); // end of execution
 	}
 }
 class Action
 {
 	private $_args = null;
 	private $_name = null;
 	private $_db = null;
 	public function __construct($args)
 	{
 		$this->_args = $args;
 		$this->_validate();
 	}
 	public function getActionName()
 	{
 		return $this->_name;
 	}
 	/**
 	 * validates the parsed command line parameters
 	 *
 	 * @throws Exception
 	 */
 	private function _validate()
 	{
 		$this->_checkConfigParam(true);
 		$this->_parseConfig();
 		require FROXLOR_INSTALL_DIR . '/lib/tables.inc.php';
 		require FROXLOR_INSTALL_DIR . '/lib/functions.php';
 		require FROXLOR_INSTALL_DIR . '/lib/classes/settings/class.Settings.php';
 		require FROXLOR_INSTALL_DIR . '/lib/classes/config/class.ConfigParser.php';
 		require FROXLOR_INSTALL_DIR . '/lib/classes/config/class.ConfigService.php';
 		require FROXLOR_INSTALL_DIR . '/lib/classes/config/class.ConfigDaemon.php';
 		if (array_key_exists("create", $this->_args)) {
 			$this->_createConfig();
 		} elseif (array_key_exists("apply", $this->_args)) {
 			$this->_applyConfig();
 		} elseif (array_key_exists("list-daemons", $this->_args) || array_key_exists("daemon", $this->_args)) {
 			CmdLineHandler::printwarn("--list-daemons and --daemon only work together with --apply");
 		}
 	}
 	private function _createConfig()
 	{
 		$_daemons_config = array(
 			'distro' => ""
 		);
 		$config_dir = FROXLOR_INSTALL_DIR . '/lib/configfiles/';
 		// show list of available distro's
 		$distros = glob($config_dir . '*.xml');
 		// tmp array
 		$distributions_select_data = array();
 		// read in all the distros
 		foreach ($distros as $_distribution) {
 			// get configparser object
 			$dist = new ConfigParser($_distribution);
 			// get distro-info
 			$dist_display = $this->getCompleteDistroName($dist);
 			// store in tmp array
 			$distributions_select_data[$dist_display] = str_replace(".xml", "", strtolower(basename($_distribution)));
 		}
 		// sort by distribution name
 		ksort($distributions_select_data);
 		// list all distributions
 		$mask = "|%-50.50s |%-50.50s |\n";
 		printf($mask, str_repeat("-", 50), str_repeat("-", 50));
 		printf($mask, 'dist', 'name');
 		printf($mask, str_repeat("-", 50), str_repeat("-", 50));
 		foreach ($distributions_select_data as $name => $filename) {
 			printf($mask, $filename, $name);
 		}
 		printf($mask, str_repeat("-", 50), str_repeat("-", 50));
 		echo PHP_EOL;
 		while (! in_array($_daemons_config['distro'], $distributions_select_data)) {
 			$_daemons_config['distro'] = CmdLineHandler::getInput("choose distribution", "stretch");
 		}
 		// go through all services and let user check whether to include it or not
 		$configfiles = new ConfigParser($config_dir . '/' . $_daemons_config['distro'] . ".xml");
 		$services = $configfiles->getServices();
 		foreach ($services as $si => $service) {
 			echo PHP_EOL . "--- " . strtoupper($si) . " ---" . PHP_EOL . PHP_EOL;
 			$_daemons_config[$si] = "";
 			$daemons = $service->getDaemons();
 			$mask = "|%-50.50s |%-50.50s |\n";
 			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
 			printf($mask, 'value', 'name');
 			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
 			$default_daemon = "";
 			foreach ($daemons as $di => $dd) {
 				$title = $dd->title;
 				if ($dd->default) {
 					$default_daemon = $di;
 					$title = $title . " (default)";
 				}
 				printf($mask, $di, $title);
 			}
 			printf($mask, "x", "No " . $si);
 			$daemons['x'] = 'x';
 			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
 			echo PHP_EOL;
 			if ($si == 'system') {
 				$_daemons_config[$si] = array();
 				// for the system/other services we need a multiple choice possibility
 				CmdLineHandler::println("Select every service you need. Enter empty value when done");
 				$sysservice = "";
 				do {
 					$sysservice = CmdLineHandler::getInput("choose service");
 					if (! empty($sysservice)) {
 						$_daemons_config[$si][] = $sysservice;
 					}
 				} while (! empty($sysservice));
 			} else {
 				// for all others -> only one value
 				while (! array_key_exists($_daemons_config[$si], $daemons)) {
 					$_daemons_config[$si] = CmdLineHandler::getInput("choose service", $default_daemon);
 				}
 			}
 		}
 		echo PHP_EOL . PHP_EOL;
 		$daemons_config = json_encode($_daemons_config);
 		$output = CmdLineHandler::getInput("choose output-filename", "/tmp/froxlor-config-" . date('Ymd') . ".json");
 		file_put_contents($output, $daemons_config);
 		CmdLineHandler::printsucc("Successfully generated service-configfile '" . $output . "'");
 	}
 	private function getCompleteDistroName($cparser)
 	{
 		// get distro-info
 		$dist_display = $cparser->distributionName;
 		if ($cparser->distributionCodename != '') {
 			$dist_display .= " " . $cparser->distributionCodename;
 		}
 		if ($cparser->distributionVersion != '') {
 			$dist_display .= " (" . $cparser->distributionVersion . ")";
 		}
 		if ($cparser->deprecated) {
 			$dist_display .= " [deprecated]";
 		}
 		return $dist_display;
 	}
 	private function _applyConfig()
 	{
 		if (! is_file($this->_args["apply"])) {
 			throw new Exception("Given config file is not a file");
 		} elseif (! file_exists($this->_args["apply"])) {
 			throw new Exception("Given config file cannot be found ('" . $this->_args["apply"] . "')");
 		} elseif (! is_readable($this->_args["apply"])) {
 			throw new Exception("Given config file cannot be read ('" . $this->_args["apply"] . "')");
 		}
 		$config = file_get_contents($this->_args["apply"]);
 		$decoded_config = json_decode($config, true);
 		if (array_key_exists("list-daemons", $this->_args)) {
 			$mask = "|%-50.50s |%-50.50s |\n";
 			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
 			printf($mask, 'service', 'daemon');
 			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
 			foreach ($decoded_config as $service => $daemon) {
 				if (is_array($daemon) && count($daemon) > 0) {
 					foreach ($daemon as $sysdaemon) {
 						printf($mask, $service, $sysdaemon);
 					}
 				} else {
 					if ($daemon == 'x') {
 						$daemon = '--- skipped ---';
 					}
 					printf($mask, $service, $daemon);
 				}
 			}
 			printf($mask, str_repeat("-", 50), str_repeat("-", 50));
 			echo PHP_EOL;
 			exit();
 		}
 		$only_daemon = null;
 		if (array_key_exists("daemon", $this->_args)) {
 			$only_daemon = $this->_args['daemon'];
 		}
 		if (! empty($decoded_config)) {
 			$config_dir = FROXLOR_INSTALL_DIR . '/lib/configfiles/';
 			$configfiles = new ConfigParser($config_dir . '/' . $decoded_config['distro'] . ".xml");
 			$services = $configfiles->getServices();
 			$replace_arr = $this->_getReplacerArray();
 			foreach ($services as $si => $service) {
 				echo PHP_EOL . "--- Configuring: " . strtoupper($si) . " ---" . PHP_EOL . PHP_EOL;
 				if (! isset($decoded_config[$si]) || $decoded_config[$si] == 'x') {
 					CmdLineHandler::printwarn("Skipping " . strtoupper($si) . " configuration as desired");
 					continue;
 				}
 				$daemons = $service->getDaemons();
 				foreach ($daemons as $di => $dd) {
 					// check for desired service
 					if (($si != 'system' && $decoded_config[$si] != $di) || (is_array($decoded_config[$si]) && ! in_array($di, $decoded_config[$si]))) {
 						continue;
 					}
 					CmdLineHandler::println("Configuring '" . $di . "'");
 					if (! empty($only_daemon) && $only_daemon != $di) {
 						CmdLineHandler::printwarn("Skipping " . $di . " configuration as desired");
 						continue;
 					}
 					// run all cmds
 					$confarr = $dd->getConfig();
 					foreach ($confarr as $idx => $action) {
 						switch ($action['type']) {
 							case "install":
 								CmdLineHandler::println("Installing required packages");
 								passthru(strtr($action['content'], $replace_arr), $result);
 								if (strlen($result) > 1) {
 									echo $result;
 								}
 								break;
 							case "command":
 								exec(strtr($action['content'], $replace_arr));
 								break;
 							case "file":
 								if (array_key_exists('content', $action)) {
 									CmdLineHandler::printwarn("Creating file '" . $action['name'] . "'");
 									file_put_contents($action['name'], strtr($action['content'], $replace_arr));
 								} elseif (array_key_exists('subcommands', $action)) {
 									foreach ($action['subcommands'] as $fileaction) {
 										if (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "pre") {
 											exec(strtr($fileaction['content'], $replace_arr));
 										} elseif (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "post") {
 											exec(strtr($fileaction['content'], $replace_arr));
 										} elseif ($fileaction['type'] == 'file') {
 											CmdLineHandler::printwarn("Creating file '" . $fileaction['name'] . "'");
 											file_put_contents($fileaction['name'], strtr($fileaction['content'], $replace_arr));
 										}
 									}
 								}
 								break;
 						}
 					}
 				}
 			}
 			CmdLineHandler::printsucc("All services have been configured");
 		} else {
 			CmdLineHandler::printerr("Unable to decode given JSON file");
 		}
 	}
 	private function _getReplacerArray()
 	{
 		$customer_tmpdir = '/tmp/';
 		if (Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_tmpdir') != '') {
 			$customer_tmpdir = Settings::Get('system.mod_fcgid_tmpdir');
 		} elseif (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.tmpdir') != '') {
 			$customer_tmpdir = Settings::Get('phpfpm.tmpdir');
 		}
 		// try to convert namserver hosts to ip's
 		$ns_ips = "";
 		if (Settings::Get('system.nameservers') != '') {
 			$nameservers = explode(',', Settings::Get('system.nameservers'));
 			foreach ($nameservers as $nameserver) {
 				$nameserver = trim($nameserver);
 				$nameserver_ips = gethostbynamel($nameserver);
 				if (is_array($nameserver_ips) && count($nameserver_ips) > 0) {
 					$ns_ips .= implode(",", $nameserver_ips);
 				}
 			}
 		}
 		Database::needSqlData();
 		$sql = Database::getSqlData();
 		$replace_arr = array(
 			'<SQL_UNPRIVILEGED_USER>' => $sql['user'],
 			'<SQL_UNPRIVILEGED_PASSWORD>' => $sql['passwd'],
 			'<SQL_DB>' => $sql['db'],
 			'<SQL_HOST>' => $sql['host'],
 			'<SQL_SOCKET>' => isset($sql['socket']) ? $sql['socket'] : null,
 			'<SERVERNAME>' => Settings::Get('system.hostname'),
 			'<SERVERIP>' => Settings::Get('system.ipaddress'),
 			'<NAMESERVERS>' => Settings::Get('system.nameservers'),
 			'<NAMESERVERS_IP>' => $ns_ips,
 			'<AXFRSERVERS>' => Settings::Get('system.axfrservers'),
 			'<VIRTUAL_MAILBOX_BASE>' => Settings::Get('system.vmail_homedir'),
 			'<VIRTUAL_UID_MAPS>' => Settings::Get('system.vmail_uid'),
 			'<VIRTUAL_GID_MAPS>' => Settings::Get('system.vmail_gid'),
 			'<SSLPROTOCOLS>' => (Settings::Get('system.use_ssl') == '1') ? 'imaps pop3s' : '',
 			'<CUSTOMER_TMP>' => makeCorrectDir($customer_tmpdir),
 			'<BASE_PATH>' => makeCorrectDir(FROXLOR_INSTALL_DIR),
 			'<BIND_CONFIG_PATH>' => makeCorrectDir(Settings::Get('system.bindconf_directory')),
 			'<WEBSERVER_RELOAD_CMD>' => Settings::Get('system.apachereload_command'),
 			'<CUSTOMER_LOGS>' => makeCorrectDir(Settings::Get('system.logfiles_directory')),
 			'<FPM_IPCDIR>' => makeCorrectDir(Settings::Get('phpfpm.fastcgi_ipcdir')),
 			'<WEBSERVER_GROUP>' => Settings::Get('system.httpgroup')
 		);
 		return $replace_arr;
 	}
 	private function _parseConfig()
 	{
 		define('FROXLOR_INSTALL_DIR', $this->_args['froxlor-dir']);
 		if (! file_exists(FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php')) {
 			throw new Exception("Could not find froxlor's Database class. Is froxlor really installed to '" . FROXLOR_INSTALL_DIR . "'?");
 		}
 		if (! file_exists(FROXLOR_INSTALL_DIR . '/lib/userdata.inc.php')) {
 			throw new Exception("Could not find froxlor's userdata.inc.php file. You should use this script only with a fully installed and setup froxlor system.");
 		}
 		require FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php';
 	}
 	private function _checkConfigParam($needed = false)
 	{
 		if ($needed) {
 			if (! isset($this->_args["froxlor-dir"])) {
 				throw new Exception("No configuration given (missing --froxlor-dir parameter?)");
 			} elseif (! is_dir($this->_args["froxlor-dir"])) {
 				throw new Exception("Given --froxlor-dir parameter is not a directory");
 			} elseif (! file_exists($this->_args["froxlor-dir"])) {
 				throw new Exception("Given froxlor directory cannot be found ('" . $this->_args["froxlor-dir"] . "')");
 			} elseif (! is_readable($this->_args["froxlor-dir"])) {
 				throw new Exception("Given froxlor direcotry cannot be read ('" . $this->_args["froxlor-dir"] . "')");
 			}
 		}
 	}
 }
 // give control to command line handler
 try {
 	ConfigServicesCmd::processParameters($argc, $argv);
 } catch (Exception $e) {
 	ConfigServicesCmd::printerr($e->getMessage());
 }
--- a/install/scripts/switch-server-ip.php
+++ b/install/scripts/switch-server-ip.php
@@ -17,42 +17,29 @@
 */
 // Check if we're in the CLI
-if(@php_sapi_name() !== 'cli') {
+if (@php_sapi_name() !== 'cli') {
 	die('This script will only work in the shell.');
 }
-// give control to command line handler
+require dirname(dirname(__DIR__)) . '/lib/classes/output/class.CmdLineHandler.php';
 try {
 	CmdLineHandler::processParameters($argc, $argv);
 } catch (Exception $e) {
 	CmdLineHandler::printerr($e->getMessage());
 }
-class CmdLineHandler
+class SwitchServerIp extends CmdLineHandler
 {
 	/**
-	 * internal variable for passed arguments
+	 * list of valid switches
 	 *
 	 * @var array
 	 */
 	private static $args = null;
 	/**
 	 * Action object read from commandline/config
 	 *
 	 * @var Action
 	 */
 	private $_action = null;
 	/**
 	 * list of valid parameters/switches
 	 */
 	public static $switches = array(
 		/* 'd', // debug / output information for everything */
 		'h'
 	);
- // same as --help
+
 	/**
 	 * list of valid parameters
 	 *
 	 * @var array
 	 */
 	public static $params = array(
 		'switch',
 		'list',
@@ -60,131 +47,7 @@ class CmdLineHandler
 		'help'
 	);
-	/**
+	public static $action_class = 'Action';
 	 * Returns a CmdLineHandler object with given
 	 * arguments from command line
 	 *
 	 * @param int $argc
 	 * @param array $argv
 	 *
 	 * @return CmdLineHandler
 	 */
 	public static function processParameters($argc, $argv)
 	{
 		return new CmdLineHandler($argc, $argv);
 	}
 	/**
 	 * returns the Action object generated in
 	 * the class constructor
 	 *
 	 * @return Action
 	 */
 	public function getAction()
 	{
 		return $this->_action;
 	}
 	/**
 	 * class constructor, validates the command line parameters
 	 * and sets the Action-object if valid
 	 *
 	 * @param int $argc
 	 * @param string[] $argv
 	 *
 	 * @return null
 	 * @throws Exception
 	 */
 	private function __construct($argc, $argv)
 	{
 		self::$args = $this->_parseArgs($argv);
 		$this->_action = $this->_createAction();
 	}
 	/**
 	 * Parses the arguments given via the command line;
 	 * three types are supported:
 	 * 1.
 	 * --parm1 or --parm2=value
 	 * 2. -xyz (multiple switches in one) or -a=value
 	 * 3. parm1 parm2
 	 *
 	 * The 1. will be mapped as
 	 * ["parm1"] => true, ["parm2"] => "value"
 	 * The 2. as
 	 * ["x"] => true, ["y"] => true, ["z"] => true, ["a"] => "value"
 	 * And the 3. as
 	 * [0] => "parm1", [1] => "parm2"
 	 *
 	 * @param array $argv
 	 *
 	 * @return array
 	 */
 	private function _parseArgs($argv)
 	{
 		array_shift($argv);
 		$o = array();
 		foreach ($argv as $a) {
 			if (substr($a, 0, 2) == '--') {
 				$eq = strpos($a, '=');
 				if ($eq !== false) {
 					$o[substr($a, 2, $eq - 2)] = substr($a, $eq + 1);
 				} else {
 					$k = substr($a, 2);
 					if (! isset($o[$k])) {
 						$o[$k] = true;
 					}
 				}
 			} else
 				if (substr($a, 0, 1) == '-') {
 					if (substr($a, 2, 1) == '=') {
 						$o[substr($a, 1, 1)] = substr($a, 3);
 					} else {
 						foreach (str_split(substr($a, 1)) as $k) {
 							if (! isset($o[$k])) {
 								$o[$k] = true;
 							}
 						}
 					}
 				} else {
 					$o[] = $a;
 				}
 		}
 		return $o;
 	}
 	/**
 	 * Creates an Action-Object for the Action-Handler
 	 *
 	 * @return Action
 	 * @throws Exception
 	 */
 	private function _createAction()
 	{
 		// Test for help-switch
 		if (empty(self::$args) || array_key_exists("help", self::$args) || array_key_exists("h", self::$args)) {
 			self::printHelp();
 			// end of execution
 		}
 		// check if no unknown parameters are present
 		foreach (self::$args as $arg => $value) {
 			if (is_numeric($arg)) {
 				throw new Exception("Unknown parameter '" . $value . "' in argument list");
 			} elseif (! in_array($arg, self::$params) && ! in_array($arg, self::$switches)) {
 				throw new Exception("Unknown parameter '" . $arg . "' in argument list");
 			}
 		}
 		// set debugger switch
 		if (isset(self::$args["d"]) && self::$args["d"] == true) {
 			// Debugger::getInstance()->setEnabled(true);
 			// Debugger::getInstance()->debug("debug output enabled");
 		}
 		return new Action(self::$args);
 	}
 	public static function printHelp()
 	{
@@ -210,31 +73,6 @@ class CmdLineHandler
 		die(); // end of execution
 	}
 	public static function println($msg = "")
 	{
 		print $msg . PHP_EOL;
 	}
 	private static function _printcolor($msg = "", $color = "0")
 	{
 		print "\033[" . $color . "m" . $msg . "\033[0m" . PHP_EOL;
 	}
 	public static function printerr($msg = "")
 	{
 		self::_printcolor($msg, "31");
 	}
 	public static function printsucc($msg = "")
 	{
 		self::_printcolor($msg, "32");
 	}
 	public static function printwarn($msg = "")
 	{
 		self::_printcolor($msg, "33");
 	}
 }
 class Action
@@ -391,10 +229,10 @@ class Action
 	private function _parseConfig()
 	{
 		define('FROXLOR_INSTALL_DIR', $this->_args['froxlor-dir']);
-		if (!file_exists(FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php')) {
+		if (! file_exists(FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php')) {
-			throw new Exception("Could not find froxlor's Database class. Is froxlor really installed to '".FROXLOR_INSTALL_DIR."'?");
+			throw new Exception("Could not find froxlor's Database class. Is froxlor really installed to '" . FROXLOR_INSTALL_DIR . "'?");
 		}
-		if (!file_exists(FROXLOR_INSTALL_DIR . '/lib/userdata.inc.php')) {
+		if (! file_exists(FROXLOR_INSTALL_DIR . '/lib/userdata.inc.php')) {
 			throw new Exception("Could not find froxlor's userdata.inc.php file. You should use this script only with a fully installed and setup froxlor system.");
 		}
 		require FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php';
@@ -415,3 +253,10 @@ class Action
 		}
 	}
 }
 // give control to command line handler
 try {
 	SwitchServerIp::processParameters($argc, $argv);
 } catch (Exception $e) {
 	SwitchServerIp::printerr($e->getMessage());
 }
--- a/install/updates/froxlor/0.9/update_0.9.inc.php
+++ b/install/updates/froxlor/0.9/update_0.9.inc.php
@@ -14,9 +14,11 @@
 * @package    Install
 *
 */
-if (! defined('AREA') || (defined('AREA') && AREA != 'admin') || ! isset($userinfo['loginname']) || (isset($userinfo['loginname']) && $userinfo['loginname'] == '')) {
+if (!defined('_CRON_UPDATE')) {
-	header('Location: ../../../../index.php');
+	if (! defined('AREA') || (defined('AREA') && AREA != 'admin') || ! isset($userinfo['loginname']) || (isset($userinfo['loginname']) && $userinfo['loginname'] == '')) {
-	exit();
+		header('Location: ../../../../index.php');
 		exit();
 	}
 }
 if (isFroxlorVersion('0.9-r0')) {
@@ -3579,3 +3581,314 @@ if (isFroxlorVersion('0.9.38.4')) {
 	showUpdateStep("Updating from 0.9.38.4 to 0.9.38.5", false);
 	updateToVersion('0.9.38.5');
 }
 if (isFroxlorVersion('0.9.38.5')) {
 	showUpdateStep("Updating from 0.9.38.5 to 0.9.38.6", false);
 	updateToVersion('0.9.38.6');
 }
 if (isFroxlorVersion('0.9.38.6')) {
 	showUpdateStep("Updating from 0.9.38.6 to 0.9.38.7", false);
 	updateToVersion('0.9.38.7');
 }
 if (isDatabaseVersion('201612110')) {
 	showUpdateStep("Adding field for OCSP stapling");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS .
 		"` ADD `ocsp_stapling` TINYINT(1) NOT NULL DEFAULT '0';");
 	lastStepStatus(0);
 	showUpdateStep("Adding default setting for Apache 2.4 OCSP cache path");
 	Settings::AddNew('system.apache24_ocsp_cache_path', 'shmcb:/var/run/apache2/ocsp-stapling.cache(131072)');
 	lastStepStatus(0);
 	updateToDbVersion('201704100');
 }
 if (isDatabaseVersion('201704100')) {
 	showUpdateStep("Adding new setting for libnss-extrausers");
 	$system_nssextrausers= isset($_POST['system_nssextrausers']) ? (int) $_POST['system_nssextrausers'] : 0;
 	Settings::AddNew('system.nssextrausers', $system_nssextrausers);
 	lastStepStatus(0);
 	updateToDbVersion('201705050');
 }
 if (isDatabaseVersion('201705050')) {
 	showUpdateStep("Updating HTTP2 setting");
 	if (Settings::Get('system.nginx_http2_support') != null) {
 		Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `varname` = 'http2_support' WHERE `varname` = 'nginx_http2_support';");
 	} else {
 		Settings::AddNew('system.http2_support', 0);
 	}
 	lastStepStatus(0);
 	showUpdateStep("Adding domain field for HTTP2 stapling");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ADD `http2` TINYINT(1) NOT NULL DEFAULT '0';");
 	lastStepStatus(0);
 	updateToDbVersion('201708240');
 }
 if (isDatabaseVersion('201708240')) {
 	showUpdateStep("Adding new 'disable LE self-check' setting");
 	$system_disable_le_selfcheck = isset($_POST['system_disable_le_selfcheck']) ? (int) $_POST['system_disable_le_selfcheck'] : 0;
 	Settings::AddNew('system.disable_le_selfcheck', $system_disable_le_selfcheck);
 	lastStepStatus(0);
 	updateToDbVersion('201712310');
 	showUpdateStep("Updating from 0.9.38.7 to 0.9.38.8", false);
 	updateToVersion('0.9.38.8');
 }
 if (isDatabaseVersion('201712310')) {
 	showUpdateStep("Adding field for fpm-daemon configs");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `fpmsettingid` int(11) NOT NULL DEFAULT '1';");
 	lastStepStatus(0);
 	showUpdateStep("Adding new fpm-daemons table");
 	Database::query("DROP TABLE IF EXISTS `panel_fpmdaemons`;");
 	$sql = "CREATE TABLE `panel_fpmdaemons` (
 	  `id` int(11) unsigned NOT NULL auto_increment,
 	  `description` varchar(50) NOT NULL,
 	  `reload_cmd` varchar(255) NOT NULL,
 	  `config_dir` varchar(255) NOT NULL,
 	  `pm` varchar(15) NOT NULL DEFAULT 'static',
 	  `max_children` int(4) NOT NULL DEFAULT '1',
 	  `start_servers` int(4) NOT NULL DEFAULT '20',
 	  `min_spare_servers` int(4) NOT NULL DEFAULT '5',
 	  `max_spare_servers` int(4) NOT NULL DEFAULT '35',
 	  `max_requests` int(4) NOT NULL DEFAULT '0',
 	  `idle_timeout` int(4) NOT NULL DEFAULT '30',
 	  PRIMARY KEY  (`id`),
 	  UNIQUE KEY `reload` (`reload_cmd`),
 	  UNIQUE KEY `config` (`config_dir`)
 	) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;";
 	Database::query($sql);
 	lastStepStatus(0);
 	showUpdateStep("Converting php-fpm settings to new layout");
 	$ins_stmt = Database::prepare("
 		INSERT INTO `panel_fpmdaemons` SET
 		`id` = 1,
 		`description` = 'System default',
 		`reload_cmd` = :reloadcmd,
 		`config_dir` = :confdir,
 		`pm` = :pm,
 		`max_children` = :maxc,
 		`start_servers` = :starts,
 		`min_spare_servers` = :minss,
 		`max_spare_servers` = :maxss,
 		`max_requests` = :maxr,
 		`idle_timeout` = :it
 	");
 	Database::pexecute($ins_stmt, array(
 		'reloadcmd' => Settings::Get('phpfpm.reload'),
 		'confdir' => Settings::Get('phpfpm.configdir'),
 		'pm' => Settings::Get('phpfpm.pm'),
 		'maxc' => Settings::Get('phpfpm.max_children'),
 		'starts' => Settings::Get('phpfpm.start_servers'),
 		'minss' => Settings::Get('phpfpm.min_spare_servers'),
 		'maxss' => Settings::Get('phpfpm.max_spare_servers'),
 		'maxr' => Settings::Get('phpfpm.max_requests'),
 		'it' => Settings::Get('phpfpm.idle_timeout')
 	));
 	lastStepStatus(0);
 	showUpdateStep("Deleting unneeded settings");
 	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'reload'");
 	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'configdir'");
 	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'pm'");
 	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'max_children'");
 	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'start_servers'");
 	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'min_spare_servers'");
 	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'max_spare_servers'");
 	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'max_requests'");
 	Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'idle_timeout'");
 	lastStepStatus(0);
 	updateToDbVersion('201801070');
 }
 if (isDatabaseVersion('201801070')) {
 	showUpdateStep("Adding field allowed_phpconfigs for customers");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` ADD `allowed_phpconfigs` varchar(500) NOT NULL default '';");
 	lastStepStatus(0);
 	updateToDbVersion('201801080');
 }
 if (isDatabaseVersion('201801080')) {
 	showUpdateStep("Adding new setting for Let's Encrypt ACME version");
 	Settings::AddNew('system.leapiversion', '1');
 	lastStepStatus(0);
 	updateToDbVersion('201801090');
 }
 if (isDatabaseVersion('201801090')) {
 	showUpdateStep("Adding field pass_authorizationheader for php-configs");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `pass_authorizationheader` tinyint(1) NOT NULL default '0';");
 	lastStepStatus(0);
 	updateToDbVersion('201801091');
 }
 if (isDatabaseVersion('201801091')) {
 	showUpdateStep("Adding new setting for SSL protocols");
 	Settings::AddNew('system.ssl_protocols', 'TLSv1,TLSv1.2');
 	lastStepStatus(0);
 	updateToDbVersion('201801100');
 }
 if (isDatabaseVersion('201801100')) {
 	showUpdateStep("Adding field for security.limit_extensions fpm-setting");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_FPMDAEMONS . "` ADD `limit_extensions` varchar(255) NOT NULL default '.php';");
 	lastStepStatus(0);
 	updateToDbVersion('201801101');
 }
 if (isDatabaseVersion('201801101')) {
 	showUpdateStep("Adding dynamic php-fpm php.ini settings");
 	Settings::AddNew('phpfpm.ini_flags', 'asp_tags
 display_errors
 display_startup_errors
 html_errors
 log_errors
 magic_quotes_gpc
 magic_quotes_runtime
 magic_quotes_sybase
 mail.add_x_header
 session.cookie_secure
 session.use_cookies
 short_open_tag
 track_errors
 xmlrpc_errors
 suhosin.simulation
 suhosin.session.encrypt
 suhosin.session.cryptua
 suhosin.session.cryptdocroot
 suhosin.cookie.encrypt
 suhosin.cookie.cryptua
 suhosin.cookie.cryptdocroot
 suhosin.executor.disable_eval
 mbstring.func_overload');
 	Settings::AddNew('phpfpm.ini_values', 'auto_append_file
 auto_prepend_file
 date.timezone
 default_charset
 error_reporting
 include_path
 log_errors_max_len
 mail.log
 max_execution_time
 session.cookie_domain
 session.cookie_lifetime
 session.cookie_path
 session.name
 session.serialize_handler
 upload_max_filesize
 xmlrpc_error_number
 session.auto_start
 always_populate_raw_post_data
 suhosin.session.cryptkey
 suhosin.session.cryptraddr
 suhosin.session.checkraddr
 suhosin.cookie.cryptkey
 suhosin.cookie.plainlist
 suhosin.cookie.cryptraddr
 suhosin.cookie.checkraddr
 suhosin.executor.func.blacklist
 suhosin.executor.eval.whitelist');
 	Settings::AddNew('phpfpm.ini_admin_flags', 'allow_call_time_pass_reference
 allow_url_fopen
 allow_url_include
 auto_detect_line_endings
 cgi.fix_pathinfo
 cgi.force_redirect
 enable_dl
 expose_php
 file_uploads
 ignore_repeated_errors
 ignore_repeated_source
 log_errors
 register_argc_argv
 report_memleaks
 opcache.enable
 opcache.consistency_checks
 opcache.dups_fix
 opcache.load_comments
 opcache.revalidate_path
 opcache.save_comments
 opcache.use_cwd
 opcache.validate_timestamps
 opcache.fast_shutdown');
 	Settings::AddNew('phpfpm.ini_admin_values', 'cgi.redirect_status_env
 date.timezone
 disable_classes
 disable_functions
 error_log
 gpc_order
 max_input_time
 max_input_vars
 memory_limit
 open_basedir
 output_buffering
 post_max_size
 precision
 sendmail_path
 session.gc_divisor
 session.gc_probability
 variables_order
 opcache.log_verbosity_level
 opcache.restrict_api
 opcache.revalidate_freq
 opcache.max_accelerated_files
 opcache.memory_consumption
 opcache.interned_strings_buffer');
 	lastStepStatus(0);
 	updateToDbVersion('201801110');
 }
 if (isDatabaseVersion('201801110')) {
 	showUpdateStep("Adding php-fpm php PATH setting for envrironment");
 	Settings::AddNew("phpfpm.envpath",  '/usr/local/bin:/usr/bin:/bin');
 	lastStepStatus(0);
 	updateToDbVersion('201801260');
 }
 if (isFroxlorVersion('0.9.38.8')) {
 	showUpdateStep("Updating from 0.9.38.8 to 0.9.39 final", false);
 	updateToVersion('0.9.39');
 }
 if (isFroxlorVersion('0.9.39')) {
 	showUpdateStep("Updating from 0.9.39 to 0.9.39.1", false);
 	updateToVersion('0.9.39.1');
 }
 if (isFroxlorVersion('0.9.39.1')) {
 	showUpdateStep("Updating from 0.9.39.1 to 0.9.39.2", false);
 	updateToVersion('0.9.39.2');
 }
--- a/install/updates/preconfig/0.9/preconfig_0.9.inc.php
+++ b/install/updates/preconfig/0.9/preconfig_0.9.inc.php
@@ -709,4 +709,22 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
 		$question .= '<input type="password" class="text" name="smtp_passwd" value="" /><br />';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
 	if (versionInUpdate($current_db_version, '201705050')) {
 		$has_preconfig = true;
 		$description = 'DEBIAN/UBUNTU ONLY: Enable usage of libnss-extrausers as alternative to libnss-mysql (NOTE: if enabled, go through the configuration steps right after the update!!!)<br /><br />';
 		$question = '<strong>Enable usage of libnss-extrausers?</strong><br />';
 		$question .= makeyesno('system_nssextrausers', '1', '0', '0') . '<br />';
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
 	if (versionInUpdate($current_db_version, '201712310')) {
 		if (Settings::Get('system.leenabled') == 1) {
 			$has_preconfig = true;
 			$description = 'Chose whether you want to disable the Let\'s Encrypt selfcheck as it causes false positives for some configurations.<br /><br />';
 			$question = '<strong>Disable Let\'s Encrypt self-check?</strong><br />';
 			$question .= makeyesno('system_disable_le_selfcheck', '1', '0', '0') . '<br />';
 			eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 		}
 	}
 }
--- a/install/updatesql.php
+++ b/install/updatesql.php
@@ -17,13 +17,15 @@
 *
 */
-if (!defined('AREA')
+if (!defined('_CRON_UPDATE')) {
-	|| (defined('AREA') && AREA != 'admin')
+	if (!defined('AREA')
-	|| !isset($userinfo['loginname'])
+		|| (defined('AREA') && AREA != 'admin')
-	|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
+		|| !isset($userinfo['loginname'])
-) {
+		|| (isset($userinfo['loginname']) && $userinfo['loginname'] == '')
-	header('Location: ../index.php');
+	) {
-	exit;
+		header('Location: ../index.php');
 		exit;
 	}
 }
 $updatelog = FroxlorLogger::getInstanceOf(array('loginname' => 'updater'));
--- a/lib/ajax.php
+++ b/lib/ajax.php
@@ -18,7 +18,7 @@
 // Load the user settings
 define('FROXLOR_INSTALL_DIR', dirname(dirname(__FILE__)));
-if (!file_exists('./userdata.inc.php')) {
+if (! file_exists('./userdata.inc.php')) {
 	die();
 }
 require './userdata.inc.php';
@@ -27,10 +27,11 @@ require './classes/database/class.Database.php';
 require './classes/settings/class.Settings.php';
 require './functions/validate/function.validate_ip.php';
 require './functions/validate/function.validateDomain.php';
 require './classes/cURL/class.HttpClient.php';
-if(isset($_POST['action'])) {
+if (isset($_POST['action'])) {
 	$action = $_POST['action'];
-} elseif(isset($_GET['action'])) {
+} elseif (isset($_GET['action'])) {
 	$action = $_GET['action'];
 } else {
 	$action = "";
@@ -44,49 +45,29 @@ if ($action == "newsfeed") {
 	}
 	if (function_exists("simplexml_load_file") == false) {
-		die();
+		outputItem("Newsfeed not available due to missing php-simplexml extension", "Please install the php-simplexml extension in order to view our newsfeed.");
 		exit();
 	}
 	if (function_exists('curl_version')) {
-		$ch = curl_init();
+		$output = HttpClient::urlGet($feed);
 		curl_setopt($ch, CURLOPT_URL, $feed);
 		curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/'.$version);
 		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 		$output = curl_exec($ch);
 		curl_close($ch);
 		$news = simplexml_load_string(trim($output));
 	} else {
-		if (ini_get('allow_url_fopen')) {
+		outputItem("Newsfeed not available due to missing php-curl extension", "Please install the php-curl extension in order to view our newsfeed.");
-			ini_set('user_agent', 'Froxlor/'.$version);
+		exit();
 			$news = simplexml_load_file($feed, null, LIBXML_NOCDATA);
 		} else {
 			$news = false;
 		}
 	}
 	if ($news !== false) {
-		for ($i = 0; $i < 3; $i++) {
+		for ($i = 0; $i < 3; $i ++) {
 			$item = $news->channel->item[$i];
-			$title = (string)$item->title;
+			$title = (string) $item->title;
-			$link = (string)$item->link;
+			$link = (string) $item->link;
 			$date = date("Y-m-d G:i", strtotime($item->pubDate));
 			$content = preg_replace("/[\r\n]+/", " ", strip_tags($item->description));
 			$content = substr($content, 0, 150) . "...";
-			echo "<li class=\"clearfix\">
+			outputItem($title, $content, $link, $date);
                <div class=\"newsfeed-body clearfix\">
                    <div class=\"header\">
                        <strong class=\"primary-font\"><a href=\"{$link}\" target=\"_blank\">{$title}</a></strong>
                        <small class=\"pull-right text-muted\">
                            <i class=\"fa fa-clock-o fa-fw\"></i> {$date}
                        </small>
                    </div>
                    <p>
                        {$content}
                    </p>
                </div>
            </li>";
 		}
 	} else {
 		echo "";
@@ -94,3 +75,30 @@ if ($action == "newsfeed") {
 } else {
 	echo "No action set.";
 }
 function outputItem($title, $content, $link = null, $date = null)
 {
 	echo "<li class=\"clearfix\">
 			<div class=\"newsfeed-body clearfix\">
 				<div class=\"header\">
 					<strong class=\"primary-font\">";
 			if (! empty($link)) {
 				echo "<a href=\"{$link}\" target=\"_blank\">";
 			}
 			echo $title;
 			if (! empty($link)) {
 				echo "</a>";
 			}
 			echo "</strong>";
 			if (! empty($date)) {
 				echo "<small class=\"pull-right text-muted\">
                            <i class=\"fa fa-clock-o fa-fw\"></i> {$date}
                        </small>";
 			}
 			echo "</div>
                    <p>
                        {$content}
                    </p>
                </div>
            </li>";
 }
--- a/lib/classes/bulk/class.DomainBulkAction.php
+++ b/lib/classes/bulk/class.DomainBulkAction.php
@@ -93,6 +93,13 @@ class DomainBulkAction
 /* 16 */    'use_ssl',
 /* 17 */	'registration_date',
 /* 18 */	'ips',
 /* 19 */	'letsencrypt',
 /* 20 */	'hsts',
 /* 21 */	'hsts_sub',
 /* 22 */	'hsts_preload',
 /* 23 */	'ocsp_stapling',
 /* 24 */	'phpenabled',
 /* 25 */	'http2',
 	    /* automatically added */
 		'adminid',
        'customerid',
@@ -180,13 +187,14 @@ class DomainBulkAction
        }
        // preapre insert statement as it is used a few times
        // leave out aliasdomain for now, cause empty = NULL value which cannot be
        // added this easily using prepared statements
        $this->_ins_stmt = Database::prepare("
 			INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
 				`domain` = :domain,
 				`adminid` = :adminid,
 				`customerid` = :customerid,
 				`documentroot` = :documentroot,
                `aliasdomain` = :aliasdomain,
 				`isbinddomain` = :isbinddomain,
 				`isemaildomain` = :isemaildomain,
 				`email_only` = :email_only,
@@ -200,7 +208,14 @@ class DomainBulkAction
 				`specialsettings` = :specialsettings,
 				`ssl_redirect` = :ssl_redirect,
 				`registration_date` = :registration_date,
-				`add_date` = :add_date
+				`add_date` = :add_date,
 				`letsencrypt` = :letsencrypt,
 				`hsts` = :hsts,
 				`hsts_sub` = :hsts_sub,
 				`hsts_preload` = :hsts_preload,
 				`ocsp_stapling` = :ocsp_stapling,
 				`phpenabled` = :phpenabled,
 				`http2` = :http2
 		");
        // prepare insert statement for ip/port <> domain
@@ -293,6 +308,7 @@ class DomainBulkAction
        }
        // check for alias-domain
        $hasAlias = false;
        if (! empty($domain_data['aliasdomain'])) {
            // format
            $domain_data['aliasdomain'] = $idna_convert->encode(preg_replace(array(
@@ -311,6 +327,7 @@ class DomainBulkAction
                // - we'd better skip
                return false;
            }
            $hasAlias = $domain_data['aliasdomain'];
        }
        // check for use_ssl and ssl_redirect
@@ -335,6 +352,38 @@ class DomainBulkAction
            $domain_data['ssl_redirect'] = 0;
        }
        // only check for letsencrypt, hsts and oscp-stapling if ssl is enabled
        if ($domain_data['use_ssl'] == 1) {
 			//lets encrypt
 			if ($domain_data['letsencrypt'] != 1 || $domain_data['iswildcarddomain'] == 1) {
 				$domain_data['letsencrypt'] = 0;
 			}
 		} else {
 			$domain_data['letsencrypt'] = 0;
 		}
 		// hsts
 		if ($domain_data['hsts'] != 1) {
 			$domain_data['hsts'] = 0;
 		}
 		if ($domain_data['hsts_sub'] != 1) {
 			$domain_data['hsts_sub'] = 0;
 		}
 		if ($domain_data['hsts_preload'] != 1) {
 			$domain_data['hsts_preload'] = 0;
 		}
 		if ($domain_data['ocsp_stapling'] != 1) {
 			$domain_data['ocsp_stapling'] = 0;
 		}
 		if ($domain_data['phpenabled'] != 1) {
 			$domain_data['phpenabled'] = 0;
 		}
 		if ($domain_data['http2'] != 1) {
 			$domain_data['http2'] = 0;
 		}
        // add to known domains
        $this->_knownDomains[] = $domain_data['domain'];
@@ -416,6 +465,8 @@ class DomainBulkAction
        $use_ssl = (bool)$domain_data['use_ssl'];
        // don't need that for the domain-insert-statement
        unset($domain_data['use_ssl']);
        // don't need alias
        unset($domain_data['aliasdomain']);
        // finally ADD the domain to panel_domains
        Database::pexecute($this->_ins_stmt, $domain_data);
@@ -423,6 +474,12 @@ class DomainBulkAction
        // get the newly inserted domain-id
        $domain_id = Database::lastInsertId();
        // add alias if any
        if ($hasAlias != false) {
 			$alias_stmt = Database::prepare("UPDATE `".TABLE_PANEL_DOMAINS."` SET `aliasdomain` = :aliasdomain WHERE `id` = :did");
 			Database::pexecute($alias_stmt, array('aliasdomain' => $hasAlias, 'did' => $domain_id));
        }
        // insert domain <-> ip/port reference
        if (empty($iplist)) {
            $iplist = Settings::Get('system.ipaddress');
--- a/lib/classes/cURL/class.HttpClient.php
+++ b/lib/classes/cURL/class.HttpClient.php
@@ -0,0 +1,60 @@
 <?php
 class HttpClient
 {
 	/**
 	 * Executes simple GET request
 	 *
 	 * @param string $url
 	 *
 	 * @return array
 	 */
 	public static function urlGet($url)
 	{
 		include FROXLOR_INSTALL_DIR . '/lib/version.inc.php';
 		$ch = curl_init();
 		curl_setopt($ch, CURLOPT_URL, $url);
 		curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/' . $version);
 		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
 		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 		$output = curl_exec($ch);
 		if ($output === false) {
 			$e = curl_error($ch);
 			curl_close($ch);
 			throw new \Exception("Curl error: " . $e);
 		}
 		curl_close($ch);
 		return $output;
 	}
 	/**
 	 * Downloads and stores a file from an url
 	 *
 	 * @param string $url
 	 * @param string $target
 	 *
 	 * @return array
 	 */
 	public static function fileGet($url, $target)
 	{
 		include FROXLOR_INSTALL_DIR . '/lib/version.inc.php';
 		$fh = fopen($target, 'w');
 		$ch = curl_init();
 		curl_setopt($ch, CURLOPT_URL, $url);
 		curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/' . $version);
 		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
 		curl_setopt($ch, CURLOPT_TIMEOUT, 50);
 		//give curl the file pointer so that it can write to it
 		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 		curl_setopt($ch, CURLOPT_FILE, $fh);
 		$output = curl_exec($ch);
 		if ($output === false) {
 			$e = curl_error($ch);
 			curl_close($ch);
 			throw new \Exception("Curl error: " . $e);
 		}
 		curl_close($ch);
 		return $output;
 	}
 }
--- a/lib/classes/database/class.Database.php
+++ b/lib/classes/database/class.Database.php
@@ -262,7 +262,7 @@ class Database {
 		// build up connection string
 		$driver = 'mysql';
 		$dsn = $driver.":";
-		$options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'set names utf8');
+		$options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"');
 		$attributes = array('ATTR_ERRMODE' => 'ERRMODE_EXCEPTION');
 		$dbconf["dsn"] = array(
--- a/lib/classes/database/manager/class.DbManagerMySQL.php
+++ b/lib/classes/database/manager/class.DbManagerMySQL.php
@@ -134,7 +134,7 @@ class DbManagerMySQL {
 	 * @param string $host (unused in mysql)
 	 */
 	public function disableUser($username = null, $host = null) {
-		$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$row_database['databasename']."`");
+		$stmt = Database::prepare('REVOKE ALL PRIVILEGES, GRANT OPTION FROM `' . $username . '`@`' . $host . '`');
 		Database::pexecute($stmt, array(), false);
 	}
--- a/lib/classes/dns/class.DnsEntry.php
+++ b/lib/classes/dns/class.DnsEntry.php
@@ -41,7 +41,31 @@ class DnsEntry
 	public function __toString()
 	{
-		$result = $this->record . "\t" . $this->ttl . "\t" . $this->class . "\t" . $this->type . "\t" . (($this->priority >= 0 && ($this->type == 'MX' || $this->type == 'SRV')) ? $this->priority . "\t" : "") . $this->content . PHP_EOL;
+		$_content = $this->content;
 		// check content length for txt records for bind9 (multiline)
 		if (Settings::Get('system.dns_server') != 'pdns' && $this->type == 'TXT' && strlen($_content) >= 64) {
 			// split string
 			$_contentlines = str_split($_content, 63);
 			// first line
 			$_l = array_shift($_contentlines);
 			// check for starting quote
 			if (substr($_l, 0, 1) == '"') {
 				$_l = substr($_l, 1);
 			}
 			$_content = '("' . $_l . '"' . PHP_EOL;
 			$_l = array_pop($_contentlines);
 			// check for ending quote
 			if (substr($_l, - 1) == '"') {
 				$_l = substr($_l, 0, - 1);
 			}
 			foreach ($_contentlines as $_cl) {
 				// lines in between
 				$_content .= "\t\t\t\t" . '"' . $_cl . '"' . PHP_EOL;
 			}
 			// last line
 			$_content .= "\t\t\t\t" . '"' . $_l . '")';
 		}
 		$result = $this->record . "\t" . $this->ttl . "\t" . $this->class . "\t" . $this->type . "\t" . (($this->priority >= 0 && ($this->type == 'MX' || $this->type == 'SRV')) ? $this->priority . "\t" : "") . $_content . PHP_EOL;
 		return $result;
 	}
 }
--- a/lib/classes/integrity/class.IntegrityCheck.php
+++ b/lib/classes/integrity/class.IntegrityCheck.php
@@ -85,11 +85,10 @@ class IntegrityCheck {
 				// fix database
 				Database::query('ALTER DATABASE `' . Database::getDbName() . '` CHARACTER SET utf8 COLLATE utf8_general_ci');
 				// fix all tables
-				$handle = Database::query('SHOW TABLES');
+				$handle = Database::query('SHOW FULL TABLES WHERE Table_type != "VIEW"');
-				while ($row = $handle->fetch(PDO::FETCH_ASSOC)) {
+				while ($row = $handle->fetch(PDO::FETCH_BOTH)) {
-					foreach ($row as $table) {
+					$table = $row[0];
-						Database::query('ALTER TABLE `' . $table . '` CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;');
+					Database::query('ALTER TABLE `' . $table . '` CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci;');
 					}
 				}
 				$this->_log->logAction(ADM_ACTION, LOG_WARNING, "database charset was different from UTF-8, integrity-check fixed that");
 			} else {
--- a/lib/classes/output/class.CmdLineHandler.php
+++ b/lib/classes/output/class.CmdLineHandler.php
@@ -0,0 +1,196 @@
 <?php
 /**
 * This file is part of the Froxlor project.
 * Copyright (c) 2018 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright (c) the authors
 * @author Froxlor team <team@froxlor.org> (2018-)
 * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package Cron
 *
 */
 abstract class CmdLineHandler
 {
 	/**
 	 * internal variable for passed arguments
 	 *
 	 * @var array
 	 */
 	private static $args = null;
 	/**
 	 * Action object read from commandline/config
 	 *
 	 * @var Action
 	 */
 	private $_action = null;
 	/**
 	 * Returns a CmdLineHandler object with given
 	 * arguments from command line
 	 *
 	 * @param int $argc
 	 * @param array $argv
 	 *
 	 * @return CmdLineHandler
 	 */
 	public static function processParameters($argc, $argv)
 	{
 		$me = get_called_class();
 		return new $me($argc, $argv);
 	}
 	/**
 	 * returns the Action object generated in
 	 * the class constructor
 	 *
 	 * @return Action
 	 */
 	public function getAction()
 	{
 		return $this->_action;
 	}
 	/**
 	 * class constructor, validates the command line parameters
 	 * and sets the Action-object if valid
 	 *
 	 * @param int $argc
 	 * @param string[] $argv
 	 *
 	 * @return null
 	 * @throws Exception
 	 */
 	private function __construct($argc, $argv)
 	{
 		self::$args = $this->_parseArgs($argv);
 		$this->_action = $this->_createAction();
 	}
 	/**
 	 * Parses the arguments given via the command line;
 	 * three types are supported:
 	 * 1.
 	 * --parm1 or --parm2=value
 	 * 2. -xyz (multiple switches in one) or -a=value
 	 * 3. parm1 parm2
 	 *
 	 * The 1. will be mapped as
 	 * ["parm1"] => true, ["parm2"] => "value"
 	 * The 2. as
 	 * ["x"] => true, ["y"] => true, ["z"] => true, ["a"] => "value"
 	 * And the 3. as
 	 * [0] => "parm1", [1] => "parm2"
 	 *
 	 * @param array $argv
 	 *
 	 * @return array
 	 */
 	private function _parseArgs($argv)
 	{
 		array_shift($argv);
 		$o = array();
 		foreach ($argv as $a) {
 			if (substr($a, 0, 2) == '--') {
 				$eq = strpos($a, '=');
 				if ($eq !== false) {
 					$o[substr($a, 2, $eq - 2)] = substr($a, $eq + 1);
 				} else {
 					$k = substr($a, 2);
 					if (! isset($o[$k])) {
 						$o[$k] = true;
 					}
 				}
 			} else if (substr($a, 0, 1) == '-') {
 				if (substr($a, 2, 1) == '=') {
 					$o[substr($a, 1, 1)] = substr($a, 3);
 				} else {
 					foreach (str_split(substr($a, 1)) as $k) {
 						if (! isset($o[$k])) {
 							$o[$k] = true;
 						}
 					}
 				}
 			} else {
 				$o[] = $a;
 			}
 		}
 		return $o;
 	}
 	/**
 	 * Creates an Action-Object for the Action-Handler
 	 *
 	 * @return Action
 	 * @throws Exception
 	 */
 	private function _createAction()
 	{
 		// Test for help-switch
 		if (empty(self::$args) || array_key_exists("help", self::$args) || array_key_exists("h", self::$args)) {
 			static::printHelp();
 			// end of execution
 		}
 		// check if no unknown parameters are present
 		foreach (self::$args as $arg => $value) {
 			if (is_numeric($arg)) {
 				throw new Exception("Unknown parameter '" . $value . "' in argument list");
 			} elseif (! in_array($arg, static::$params) && ! in_array($arg, static::$switches)) {
 				throw new Exception("Unknown parameter '" . $arg . "' in argument list");
 			}
 		}
 		// set debugger switch
 		if (isset(self::$args["d"]) && self::$args["d"] == true) {
 			// Debugger::getInstance()->setEnabled(true);
 			// Debugger::getInstance()->debug("debug output enabled");
 		}
 		return new static::$action_class(self::$args);
 	}
 	public static function getInput($prompt = "#", $default = "")
 	{
 		if (! empty($default)) {
 			$prompt .= " [" . $default . "]";
 		}
 		$result = readline($prompt . ":");
 		if (empty($result) && ! empty($default)) {
 			$result = $default;
 		}
 		return mb_strtolower($result);
 	}
 	public static function println($msg = "")
 	{
 		print $msg . PHP_EOL;
 	}
 	private static function _printcolor($msg = "", $color = "0")
 	{
 		print "\033[" . $color . "m" . $msg . "\033[0m" . PHP_EOL;
 	}
 	public static function printerr($msg = "")
 	{
 		self::_printcolor($msg, "31");
 	}
 	public static function printsucc($msg = "")
 	{
 		self::_printcolor($msg, "32");
 	}
 	public static function printwarn($msg = "")
 	{
 		self::_printcolor($msg, "33");
 	}
 }
--- a/lib/classes/output/class.paging.php
+++ b/lib/classes/output/class.paging.php
@@ -89,6 +89,8 @@ class paging {
 	 */
 	private $natSorting = false;
 	private $_limit = 0;
 	/**
 	 * Class constructor. Loads settings from request or from userdata and saves them to session.
 	 *
@@ -101,7 +103,7 @@ class paging {
 	 * @param string $default_order default sorting order 'asc' or 'desc'
 	 *
 	 */
-	public function __construct($userinfo, $table, $fields, $entriesperpage = 0, $natSorting = false, $default_field = 0, $default_order = 'asc') {
+	public function __construct($userinfo, $table, $fields, $entriesperpage = 0, $natSorting = false, $default_field = 0, $default_order = 'asc', $limit = 0) {
 		// entries per page and natsorting-flag are not
 		// passed as parameter anymore, because these are
@@ -230,6 +232,8 @@ class paging {
 			'adminsession' => $userinfo['adminsession']
 		);
 		Database::pexecute($upd_stmt, $upd_data);
 		$this->_limit = $limit;
 	}
 	/**
@@ -378,6 +382,11 @@ class paging {
 	 * @return string always empty
 	 */
 	public function getSqlLimit() {
 		if ($this->_limit > 0) {
 			$_offset = ($this->pageno - 1) * $this->_limit;
 			return ' LIMIT '.$_offset.','.$this->_limit;
 		}
 		/**
 		 * currently not in use
 		 */
--- a/lib/classes/phpinterface/class.phpinterface.php
+++ b/lib/classes/phpinterface/class.phpinterface.php
@@ -91,6 +91,12 @@ class phpinterface {
 					SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
 			);
 			$this->_php_configs_cache[$php_config_id] = Database::pexecute_first($stmt, array('id' => $php_config_id));
 			if ((int)Settings::Get('phpfpm.enabled') == 1) {
 				$stmt = Database::prepare("
 					SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id"
 				);
 				$this->_php_configs_cache[$php_config_id]['fpm_settings'] = Database::pexecute_first($stmt, array('id' => $this->_php_configs_cache[$php_config_id]['fpmsettingid']));
 			}
 		}
 		return $this->_php_configs_cache[$php_config_id];
--- a/lib/classes/phpinterface/class.phpinterface_fpm.php
+++ b/lib/classes/phpinterface/class.phpinterface_fpm.php
@@ -18,19 +18,28 @@
 * @since      0.9.16
 *
 */
-
+class phpinterface_fpm
-class phpinterface_fpm {
+{
 	/**
 	 * Domain-Data array
 	 *
 	 * @var array
-	*/
+	 */
 	private $_domain = array();
 	/**
-	 * Admin-Date cache array
+	 * fpm config
 	 *
 	 * @var array
-	*/
+	 */
 	private $_fpm_cfg = array();
 	/**
 	 * Admin-Date cache array
 	 *
 	 * @var array
 	 */
 	private $_admin_cache = array();
 	/**
@@ -38,119 +47,38 @@ class phpinterface_fpm {
 	 * Mostly taken from http://php.net/manual/en/ini.list.php
 	 *
 	 * @var array
-	*/
+	 */
-	private $_ini = array(
+	private $_ini = array();
 			'php_value' => array(
 				'auto_append_file',
 				'auto_prepend_file',
 				'date.timezone',
 				'default_charset',
 				'error_reporting',
 				'include_path',
 				'log_errors_max_len',
 				'mail.log',
 				'max_execution_time',
 				'session.cookie_domain',
 				'session.cookie_lifetime',
 				'session.cookie_path',
 				'session.name',
 				'session.serialize_handler',
 				'upload_max_filesize',
 				'xmlrpc_error_number',
 				'session.auto_start',
 				'always_populate_raw_post_data',
 				'suhosin.session.cryptkey',
 				'suhosin.session.cryptraddr',
 				'suhosin.session.checkraddr',
 				'suhosin.cookie.cryptkey',
 				'suhosin.cookie.plainlist',
 				'suhosin.cookie.cryptraddr',
 				'suhosin.cookie.checkraddr',
 				'suhosin.executor.func.blacklist',
 				'suhosin.executor.eval.whitelist'
 			),
 			'php_flag' => array(
 				'asp_tags',
 				'display_errors',
 				'display_startup_errors',
 				'html_errors',
 				'log_errors',
 				'magic_quotes_gpc',
 				'magic_quotes_runtime',
 				'magic_quotes_sybase',
 				'mail.add_x_header',
 				'session.cookie_secure',
 				'session.use_cookies',
 				'short_open_tag',
 				'track_errors',
 				'xmlrpc_errors',
 				'suhosin.simulation',
 				'suhosin.session.encrypt',
 				'suhosin.session.cryptua',
 				'suhosin.session.cryptdocroot',
 				'suhosin.cookie.encrypt',
 				'suhosin.cookie.cryptua',
 				'suhosin.cookie.cryptdocroot',
 				'suhosin.executor.disable_eval',
 				'mbstring.func_overload'
 			),
 			'php_admin_value' => array(
 				'cgi.redirect_status_env',
 				'date.timezone',
 				'disable_classes',
 				'disable_functions',
 				'error_log',
 				'gpc_order',
 				'max_input_time',
 				'max_input_vars',
 				'memory_limit',
 				'open_basedir',
 				'output_buffering',
 				'post_max_size',
 				'precision',
 				'sendmail_path',
 				'session.gc_divisor',
 				'session.gc_probability',
 				'variables_order',
 				'opcache.log_verbosity_level',
 				'opcache.restrict_api',
 				'opcache.revalidate_freq',
 				'opcache.max_accelerated_files',
 				'opcache.memory_consumption',
 				'opcache.interned_strings_buffer'
 			),
 			'php_admin_flag' => array(
 				'allow_call_time_pass_reference',
 				'allow_url_fopen',
 				'allow_url_include',
 				'auto_detect_line_endings',
 				'cgi.fix_pathinfo',
 				'cgi.force_redirect',
 				'enable_dl',
 				'expose_php',
 				'file_uploads',
 				'ignore_repeated_errors',
 				'ignore_repeated_source',
 				'log_errors',
 				'register_argc_argv',
 				'report_memleaks',
 				'opcache.enable',
 				'opcache.consistency_checks',
 				'opcache.dups_fix',
 				'opcache.load_comments',
 				'opcache.revalidate_path',
 				'opcache.save_comments',
 				'opcache.use_cwd',
 				'opcache.validate_timestamps',
 				'opcache.fast_shutdown'
 			)
 	);
 	/**
 	 * main constructor
-	*/
+	 */
-	public function __construct($domain) {
+	public function __construct($domain)
 	{
 		if (!isset($domain['fpm_config_id']) || empty($domain['fpm_config_id'])) {
 			$domain['fpm_config_id'] = 1;
 		}
 		$this->_domain = $domain;
 		$this->_readFpmConfig($domain['fpm_config_id']);
 		$this->_buildIniMapping();
 	}
 	private function _buildIniMapping()
 	{
 		$this->_ini = array(
 			'php_flag' => explode("\n", Settings::Get('phpfpm.ini_flags')),
 			'php_value' => explode("\n", Settings::Get('phpfpm.ini_values')),
 			'php_admin_flag' => explode("\n", Settings::Get('phpfpm.ini_admin_flags')),
 			'php_admin_value' => explode("\n", Settings::Get('phpfpm.ini_admin_values'))
 		);
 	}
 	private function _readFpmConfig($fpm_config_id)
 	{
 		$stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
 		$this->_fpm_cfg = Database::pexecute_first($stmt, array(
 			'id' => $fpm_config_id
 		));
 	}
 	/**
@@ -158,46 +86,47 @@ class phpinterface_fpm {
 	 *
 	 * @param array $phpconfig
 	 */
-	public function createConfig($phpconfig) {
+	public function createConfig($phpconfig)
-
+	{
 		$fh = @fopen($this->getConfigFile(), 'w');
 		if ($fh) {
-			$fpm_pm = Settings::Get('phpfpm.pm');
+			$fpm_pm = $this->_fpm_cfg['pm'];
-			$fpm_children = (int)Settings::Get('phpfpm.max_children');
+			$fpm_children = (int) $this->_fpm_cfg['max_children'];
-			$fpm_start_servers = (int)Settings::Get('phpfpm.start_servers');
+			$fpm_start_servers = (int) $this->_fpm_cfg['start_servers'];
-			$fpm_min_spare_servers = (int)Settings::Get('phpfpm.min_spare_servers');
+			$fpm_min_spare_servers = (int) $this->_fpm_cfg['min_spare_servers'];
-			$fpm_max_spare_servers = (int)Settings::Get('phpfpm.max_spare_servers');
+			$fpm_max_spare_servers = (int) $this->_fpm_cfg['max_spare_servers'];
-			$fpm_requests = (int)Settings::Get('phpfpm.max_requests');
+			$fpm_requests = (int) $this->_fpm_cfg['max_requests'];
-			$fpm_process_idle_timeout = (int)Settings::Get('phpfpm.idle_timeout');
+			$fpm_process_idle_timeout = (int) $this->_fpm_cfg['idle_timeout'];
 			$fpm_limit_extensions = $this->_fpm_cfg['limit_extensions'];
 			if ($fpm_children == 0) {
 				$fpm_children = 1;
 			}
-			$fpm_config = ';PHP-FPM configuration for "'.$this->_domain['domain'].'" created on ' . date("Y.m.d H:i:s") . "\n";
+			$fpm_config = ';PHP-FPM configuration for "' . $this->_domain['domain'] . '" created on ' . date("Y.m.d H:i:s") . "\n";
-			$fpm_config.= '['.$this->_domain['domain'].']'."\n";
+			$fpm_config .= '[' . $this->_domain['domain'] . ']' . "\n";
-			$fpm_config.= 'listen = '.$this->getSocketFile()."\n";
+			$fpm_config .= 'listen = ' . $this->getSocketFile() . "\n";
 			if ($this->_domain['loginname'] == 'froxlor.panel') {
-				$fpm_config.= 'listen.owner = '.$this->_domain['guid']."\n";
+				$fpm_config .= 'listen.owner = ' . $this->_domain['guid'] . "\n";
-				$fpm_config.= 'listen.group = '.$this->_domain['guid']."\n";
+				$fpm_config .= 'listen.group = ' . $this->_domain['guid'] . "\n";
 			} else {
-				$fpm_config.= 'listen.owner = '.$this->_domain['loginname']."\n";
+				$fpm_config .= 'listen.owner = ' . $this->_domain['loginname'] . "\n";
-				$fpm_config.= 'listen.group = '.$this->_domain['loginname']."\n";
+				$fpm_config .= 'listen.group = ' . $this->_domain['loginname'] . "\n";
 			}
 			// see #1418 why this is 0660
-			$fpm_config.= 'listen.mode = 0660'."\n";
+			$fpm_config .= 'listen.mode = 0660' . "\n";
 			if ($this->_domain['loginname'] == 'froxlor.panel') {
-				$fpm_config.= 'user = '.$this->_domain['guid']."\n";
+				$fpm_config .= 'user = ' . $this->_domain['guid'] . "\n";
-				$fpm_config.= 'group = '.$this->_domain['guid']."\n";
+				$fpm_config .= 'group = ' . $this->_domain['guid'] . "\n";
 			} else {
-				$fpm_config.= 'user = '.$this->_domain['loginname']."\n";
+				$fpm_config .= 'user = ' . $this->_domain['loginname'] . "\n";
-				$fpm_config.= 'group = '.$this->_domain['loginname']."\n";
+				$fpm_config .= 'group = ' . $this->_domain['loginname'] . "\n";
 			}
-			$fpm_config.= 'pm = '.$fpm_pm."\n";
+			$fpm_config .= 'pm = ' . $fpm_pm . "\n";
-			$fpm_config.= 'pm.max_children = '.$fpm_children."\n";
+			$fpm_config .= 'pm.max_children = ' . $fpm_children . "\n";
 			if ($fpm_pm == 'dynamic') {
 				// honor max_children
@@ -214,34 +143,39 @@ class phpinterface_fpm {
 				if ($fpm_start_servers > $fpm_max_spare_servers) {
 					$fpm_start_servers = $fpm_max_spare_servers;
 				}
-				$fpm_config.= 'pm.start_servers = '.$fpm_start_servers."\n";
+				$fpm_config .= 'pm.start_servers = ' . $fpm_start_servers . "\n";
-				$fpm_config.= 'pm.min_spare_servers = '.$fpm_min_spare_servers."\n";
+				$fpm_config .= 'pm.min_spare_servers = ' . $fpm_min_spare_servers . "\n";
-				$fpm_config.= 'pm.max_spare_servers = '.$fpm_max_spare_servers."\n";
+				$fpm_config .= 'pm.max_spare_servers = ' . $fpm_max_spare_servers . "\n";
 			} elseif ($fpm_pm == 'ondemand') {
-				$fpm_config.= 'pm.process_idle_timeout = '.$fpm_process_idle_timeout."\n";
+				$fpm_config .= 'pm.process_idle_timeout = ' . $fpm_process_idle_timeout . "\n";
 			}
-			$fpm_config.= 'pm.max_requests = '.$fpm_requests."\n";
+			$fpm_config .= 'pm.max_requests = ' . $fpm_requests . "\n";
 			// possible slowlog configs
 			if ($phpconfig['fpm_slowlog'] == '1') {
-				$fpm_config.= 'request_terminate_timeout = ' . $phpconfig['fpm_reqterm'] . "\n";
+				$fpm_config .= 'request_terminate_timeout = ' . $phpconfig['fpm_reqterm'] . "\n";
-				$fpm_config.= 'request_slowlog_timeout = ' . $phpconfig['fpm_reqslow'] . "\n";
+				$fpm_config .= 'request_slowlog_timeout = ' . $phpconfig['fpm_reqslow'] . "\n";
 				$slowlog = makeCorrectFile(Settings::Get('system.logfiles_directory') . '/' . $this->_domain['loginname'] . '-php-slow.log');
-				$fpm_config.= 'slowlog = ' . $slowlog . "\n";
+				$fpm_config .= 'slowlog = ' . $slowlog . "\n";
-				$fpm_config.= 'catch_workers_output = yes' . "\n";
+				$fpm_config .= 'catch_workers_output = yes' . "\n";
 			}
-			$fpm_config.= ';chroot = '.makeCorrectDir($this->_domain['documentroot'])."\n";
+			$fpm_config .= ';chroot = ' . makeCorrectDir($this->_domain['documentroot']) . "\n";
 			$fpm_config .= 'security.limit_extensions = '.$fpm_limit_extensions . "\n";
 			$tmpdir = makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/');
-			if (!is_dir($tmpdir)) {
+			if (! is_dir($tmpdir)) {
 				$this->getTempDir();
 			}
-			$fpm_config.= 'env[TMP] = '.$tmpdir."\n";
+			$env_path = Settings::Get('phpfpm.envpath');
-			$fpm_config.= 'env[TMPDIR] = '.$tmpdir."\n";
+			if (!empty($env_path)) {
-			$fpm_config.= 'env[TEMP] = '.$tmpdir."\n";
+				$fpm_config .= 'env[PATH] = ' . $env_path . "\n";
 			}
 			$fpm_config .= 'env[TMP] = ' . $tmpdir . "\n";
 			$fpm_config .= 'env[TMPDIR] = ' . $tmpdir . "\n";
 			$fpm_config .= 'env[TEMP] = ' . $tmpdir . "\n";
 			$openbasedir = '';
 			if ($this->_domain['loginname'] != 'froxlor.panel') {
@@ -257,9 +191,7 @@ class phpinterface_fpm {
 						$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
 					}
-					if ($this->_domain['openbasedir_path'] == '0'
+					if ($this->_domain['openbasedir_path'] == '0' && strstr($this->_domain['documentroot'], ":") === false) {
 							&& strstr($this->_domain['documentroot'], ":") === false
 					) {
 						$openbasedir = appendOpenBasedirPath($this->_domain['documentroot'], true);
 					} else {
 						$openbasedir = appendOpenBasedirPath($this->_domain['customerroot'], true);
@@ -269,29 +201,29 @@ class phpinterface_fpm {
 					$openbasedir .= $_phpappendopenbasedir;
 				}
 			}
-			$fpm_config.= 'php_admin_value[session.save_path] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
+			$fpm_config .= 'php_admin_value[session.save_path] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
-			$fpm_config.= 'php_admin_value[upload_tmp_dir] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
+			$fpm_config .= 'php_admin_value[upload_tmp_dir] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
 			$admin = $this->_getAdminData($this->_domain['adminid']);
 			$php_ini_variables = array(
-					'SAFE_MODE' => 'Off', // keep this for compatibility, just in case
+				'SAFE_MODE' => 'Off', // keep this for compatibility, just in case
-					'PEAR_DIR' => Settings::Get('phpfpm.peardir'),
+				'PEAR_DIR' => Settings::Get('phpfpm.peardir'),
-					'TMP_DIR' => $this->getTempDir(),
+				'TMP_DIR' => $this->getTempDir(),
-					'CUSTOMER_EMAIL' => $this->_domain['email'],
+				'CUSTOMER_EMAIL' => $this->_domain['email'],
-					'ADMIN_EMAIL' => $admin['email'],
+				'ADMIN_EMAIL' => $admin['email'],
-					'DOMAIN' => $this->_domain['domain'],
+				'DOMAIN' => $this->_domain['domain'],
-					'CUSTOMER' => $this->_domain['loginname'],
+				'CUSTOMER' => $this->_domain['loginname'],
-					'ADMIN' => $admin['loginname'],
+				'ADMIN' => $admin['loginname'],
-					'OPEN_BASEDIR' => $openbasedir,
+				'OPEN_BASEDIR' => $openbasedir,
-					'OPEN_BASEDIR_C' => '',
+				'OPEN_BASEDIR_C' => '',
-					'OPEN_BASEDIR_GLOBAL' => Settings::Get('system.phpappendopenbasedir'),
+				'OPEN_BASEDIR_GLOBAL' => Settings::Get('system.phpappendopenbasedir'),
-					'DOCUMENT_ROOT' => makeCorrectDir($this->_domain['documentroot'])
+				'DOCUMENT_ROOT' => makeCorrectDir($this->_domain['documentroot'])
 			);
 			$phpini = replace_variables($phpconfig['phpsettings'], $php_ini_variables);
 			$phpini_array = explode("\n", $phpini);
-			$fpm_config.= "\n\n";
+			$fpm_config .= "\n\n";
 			foreach ($phpini_array as $inisection) {
 				$is = explode("=", $inisection);
 				foreach ($this->_ini as $sec => $possibles) {
@@ -300,7 +232,7 @@ class phpinterface_fpm {
 						if (trim($is[0]) == 'open_basedir' && $openbasedir == '') {
 							continue;
 						}
-						$fpm_config.= $sec.'['.trim($is[0]).'] = ' . trim($is[1]) . "\n";
+						$fpm_config .= $sec . '[' . trim($is[0]) . '] = ' . trim($is[1]) . "\n";
 					}
 				}
 			}
@@ -308,7 +240,7 @@ class phpinterface_fpm {
 			// now check if 'sendmail_path' has not beed set in the custom-php.ini
 			// if not we use our fallback-default as usual
 			if (strpos($fpm_config, 'php_admin_value[sendmail_path]') === false) {
-				$fpm_config.= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f '.$this->_domain['email']."\n";
+				$fpm_config .= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f ' . $this->_domain['email'] . "\n";
 			}
 			fwrite($fh, $fpm_config, strlen($fpm_config));
@@ -322,23 +254,25 @@ class phpinterface_fpm {
 	 *
 	 * @param string $phpconfig
 	 */
-	public function createIniFile($phpconfig) {
+	public function createIniFile($phpconfig)
 	{
 		return;
 	}
 	/**
 	 * fpm-config file
 	 *
-	 * @param boolean $createifnotexists create the directory if it does not exist
+	 * @param boolean $createifnotexists
 	 *        	create the directory if it does not exist
 	 *        	
 	 * @return string the full path to the file
 	 */
-	public function getConfigFile($createifnotexists = true) {
+	public function getConfigFile($createifnotexists = true)
 	{
 		$configdir = $this->_fpm_cfg['config_dir'];
 		$config = makeCorrectFile($configdir . '/' . $this->_domain['domain'] . '.conf');
-		$configdir = makeCorrectDir(Settings::Get('phpfpm.configdir'));
+		if (! is_dir($configdir) && $createifnotexists) {
 		$config = makeCorrectFile($configdir.'/'.$this->_domain['domain'].'.conf');
 		if (!is_dir($configdir) && $createifnotexists) {
 			safe_exec('mkdir -p ' . escapeshellarg($configdir));
 		}
@@ -348,18 +282,20 @@ class phpinterface_fpm {
 	/**
 	 * return path of fpm-socket file
 	 *
-	 * @param boolean $createifnotexists create the directory if it does not exist
+	 * @param boolean $createifnotexists
 	 *        	create the directory if it does not exist
 	 *        	
 	 * @return string the full path to the socket
 	 */
-	public function getSocketFile($createifnotexists = true) {
+	public function getSocketFile($createifnotexists = true)
-
+	{
 		$socketdir = makeCorrectDir(Settings::Get('phpfpm.fastcgi_ipcdir'));
-		$socket = strtolower(makeCorrectFile($socketdir.'/'.$this->_domain['loginname'].'-'.$this->_domain['domain'].'-php-fpm.socket'));
+		// add fpm-config-id to filename so it's unique for the fpm-daemon and doesn't interfere with running configs when reuilding
 		$socket = strtolower(makeCorrectFile($socketdir . '/' . $this->_domain['fpm_config_id'] . '-' . $this->_domain['loginname'] . '-' . $this->_domain['domain'] . '-php-fpm.socket'));
-		if (!is_dir($socketdir) && $createifnotexists) {
+		if (! is_dir($socketdir) && $createifnotexists) {
-			safe_exec('mkdir -p '.escapeshellarg($socketdir));
+			safe_exec('mkdir -p ' . escapeshellarg($socketdir));
-			safe_exec('chown -R '.Settings::Get('system.httpuser').':'.Settings::Get('system.httpgroup').' '.escapeshellarg($socketdir));
+			safe_exec('chown -R ' . Settings::Get('system.httpuser') . ':' . Settings::Get('system.httpgroup') . ' ' . escapeshellarg($socketdir));
 		}
 		return $socket;
@@ -368,15 +304,16 @@ class phpinterface_fpm {
 	/**
 	 * fpm-temp directory
 	 *
-	 * @param boolean $createifnotexists create the directory if it does not exist
+	 * @param boolean $createifnotexists
 	 *        	create the directory if it does not exist
 	 *        	
 	 * @return string the directory
 	 */
-	public function getTempDir($createifnotexists = true) {
+	public function getTempDir($createifnotexists = true)
-
+	{
 		$tmpdir = makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/');
-		if (!is_dir($tmpdir) && $createifnotexists) {
+		if (! is_dir($tmpdir) && $createifnotexists) {
 			safe_exec('mkdir -p ' . escapeshellarg($tmpdir));
 			safe_exec('chown -R ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($tmpdir));
 			safe_exec('chmod 0750 ' . escapeshellarg($tmpdir));
@@ -388,11 +325,13 @@ class phpinterface_fpm {
 	/**
 	 * fastcgi-fakedirectory directory
 	 *
-	 * @param boolean $createifnotexists create the directory if it does not exist
+	 * @param boolean $createifnotexists
 	 *        	create the directory if it does not exist
 	 *        	
 	 * @return string the directory
 	 */
-	public function getAliasConfigDir($createifnotexists = true) {
+	public function getAliasConfigDir($createifnotexists = true)
 	{
 		// ensure default...
 		if (Settings::Get('phpfpm.aliasconfigdir') == null) {
@@ -400,7 +339,7 @@ class phpinterface_fpm {
 		}
 		$configdir = makeCorrectDir(Settings::Get('phpfpm.aliasconfigdir') . '/' . $this->_domain['loginname'] . '/' . $this->_domain['domain'] . '/');
-		if (!is_dir($configdir) && $createifnotexists) {
+		if (! is_dir($configdir) && $createifnotexists) {
 			safe_exec('mkdir -p ' . escapeshellarg($configdir));
 			safe_exec('chown ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($configdir));
 		}
@@ -408,22 +347,45 @@ class phpinterface_fpm {
 		return $configdir;
 	}
 	/**
 	 * create a dummy fpm pool config with minimal configuration
 	 * (this is used whenever a config directory is empty but needs at least one pool to startup/restart)
 	 *
 	 * @param string $configdir
 	 */
 	public static function createDummyPool($configdir)
 	{
 		if (! is_dir($configdir)) {
 			safe_exec('mkdir -p ' . escapeshellarg($configdir));
 		}
 		$config = makeCorrectFile($configdir . '/dummy.conf');
 		$dummy = "[dummy]
 user = ".Settings::Get('system.httpuser')."
 listen = /run/" . md5($configdir) . "-fpm.sock
 pm = static
 pm.max_children = 1
 ";
 		file_put_contents($config, $dummy);
 	}
 	/**
 	 * return the admin-data of a specific admin
 	 *
-	 * @param int $adminid id of the admin-user
+	 * @param int $adminid
 	 *        	id of the admin-user
 	 *        	
 	 * @return array
 	 */
-	private function _getAdminData($adminid) {
+	private function _getAdminData($adminid)
-
+	{
 		$adminid = intval($adminid);
-		if (!isset($this->_admin_cache[$adminid])) {
+		if (! isset($this->_admin_cache[$adminid])) {
 			$stmt = Database::prepare("
-					SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :id"
+					SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :id");
-			);
+			$this->_admin_cache[$adminid] = Database::pexecute_first($stmt, array(
-			$this->_admin_cache[$adminid] = Database::pexecute_first($stmt, array('id' => $adminid));
+				'id' => $adminid
 			));
 		}
 		return $this->_admin_cache[$adminid];
 	}
--- a/lib/classes/phpmailer/class.PHPMailer.php
+++ b/lib/classes/phpmailer/class.PHPMailer.php
@@ -1,37 +1,37 @@
 <?php
 /**
 * PHPMailer - PHP email creation and transport class.
-* PHP Version 5
+ * PHP Version 5
-* @package PHPMailer
+ * @package PHPMailer
-* @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
+ * @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
-* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
+ * @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
-* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
+ * @author Jim Jagielski (jimjag) <jimjag@gmail.com>
-* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
+ * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
-* @author Brent R. Matzelle (original founder)
+ * @author Brent R. Matzelle (original founder)
-* @copyright 2012 - 2014 Marcus Bointon
+ * @copyright 2012 - 2014 Marcus Bointon
-* @copyright 2010 - 2012 Jim Jagielski
+ * @copyright 2010 - 2012 Jim Jagielski
-* @copyright 2004 - 2009 Andy Prevost
+ * @copyright 2004 - 2009 Andy Prevost
-* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
+ * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
-* @note This program is distributed in the hope that it will be useful - WITHOUT
+ * @note This program is distributed in the hope that it will be useful - WITHOUT
-* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-* FITNESS FOR A PARTICULAR PURPOSE.
+ * FITNESS FOR A PARTICULAR PURPOSE.
-*/
+ */
 /**
 * PHPMailer - PHP email creation and transport class.
-* @package PHPMailer
+ * @package PHPMailer
-* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
+ * @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
-* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
+ * @author Jim Jagielski (jimjag) <jimjag@gmail.com>
-* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
+ * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
-* @author Brent R. Matzelle (original founder)
+ * @author Brent R. Matzelle (original founder)
-*/
+ */
 class PHPMailer
 {
 	/**
 	 * The PHPMailer Version number.
 	 * @var string
 	 */
-	public $Version = '5.2.21';
+	public $Version = '5.2.26';
 	/**
 	 * Email priority.
@@ -440,9 +440,9 @@ class PHPMailer
 	 *
 	 * Parameters:
 	 *   boolean $result        result of the send action
-	 *   string  $to            email address of the recipient
+	 *   array   $to            email addresses of the recipients
-	 *   string  $cc            cc email addresses
+	 *   array   $cc            cc email addresses
-	 *   string  $bcc           bcc email addresses
+	 *   array   $bcc           bcc email addresses
 	 *   string  $subject       the subject
 	 *   string  $body          the email body
 	 *   string  $from          email address of sender
@@ -659,6 +659,8 @@ class PHPMailer
 		if ($exceptions !== null) {
 			$this->exceptions = (boolean)$exceptions;
 		}
 		//Pick an appropriate debug output format automatically
 		$this->Debugoutput = (strpos(PHP_SAPI, 'cli') !== false ? 'echo' : 'html');
 	}
 	/**
@@ -1622,84 +1624,89 @@ class PHPMailer
 		foreach ($hosts as $hostentry) {
 			$hostinfo = array();
-			if (!preg_match('/^((ssl|tls):\/\/)*([a-zA-Z0-9\.-]*):?([0-9]*)$/', trim($hostentry), $hostinfo)) {
+			if (!preg_match(
-				// Not a valid host entry
+				'/^((ssl|tls):\/\/)*([a-zA-Z0-9\.-]*|\[[a-fA-F0-9:]+\]):?([0-9]*)$/',
-				continue;
+				trim($hostentry),
-			}
+				$hostinfo
-			// $hostinfo[2]: optional ssl or tls prefix
+				)) {
-			// $hostinfo[3]: the hostname
+					// Not a valid host entry
-			// $hostinfo[4]: optional port number
+					$this->edebug('Ignoring invalid host: ' . $hostentry);
-			// The host string prefix can temporarily override the current setting for SMTPSecure
+					continue;
 			// If it's not specified, the default value is used
 			$prefix = '';
 			$secure = $this->SMTPSecure;
 			$tls = ($this->SMTPSecure == 'tls');
 			if ('ssl' == $hostinfo[2] or ('' == $hostinfo[2] and 'ssl' == $this->SMTPSecure)) {
 				$prefix = 'ssl://';
 				$tls = false; // Can't have SSL and TLS at the same time
 				$secure = 'ssl';
 			} elseif ($hostinfo[2] == 'tls') {
 				$tls = true;
 				// tls doesn't use a prefix
 				$secure = 'tls';
 			}
 			//Do we need the OpenSSL extension?
 			$sslext = defined('OPENSSL_ALGO_SHA1');
 			if ('tls' === $secure or 'ssl' === $secure) {
 				//Check for an OpenSSL constant rather than using extension_loaded, which is sometimes disabled
 				if (!$sslext) {
 					throw new phpmailerException($this->lang('extension_missing').'openssl', self::STOP_CRITICAL);
 				}
-			}
+				// $hostinfo[2]: optional ssl or tls prefix
-			$host = $hostinfo[3];
+				// $hostinfo[3]: the hostname
-			$port = $this->Port;
+				// $hostinfo[4]: optional port number
-			$tport = (integer)$hostinfo[4];
+				// The host string prefix can temporarily override the current setting for SMTPSecure
-			if ($tport > 0 and $tport < 65536) {
+				// If it's not specified, the default value is used
-				$port = $tport;
+				$prefix = '';
-			}
+				$secure = $this->SMTPSecure;
-			if ($this->smtp->connect($prefix . $host, $port, $this->Timeout, $options)) {
+				$tls = ($this->SMTPSecure == 'tls');
-				try {
+				if ('ssl' == $hostinfo[2] or ('' == $hostinfo[2] and 'ssl' == $this->SMTPSecure)) {
-					if ($this->Helo) {
+					$prefix = 'ssl://';
-						$hello = $this->Helo;
+					$tls = false; // Can't have SSL and TLS at the same time
-					} else {
+					$secure = 'ssl';
-						$hello = $this->serverHostname();
+				} elseif ($hostinfo[2] == 'tls') {
 					$tls = true;
 					// tls doesn't use a prefix
 					$secure = 'tls';
 				}
 				//Do we need the OpenSSL extension?
 				$sslext = defined('OPENSSL_ALGO_SHA1');
 				if ('tls' === $secure or 'ssl' === $secure) {
 					//Check for an OpenSSL constant rather than using extension_loaded, which is sometimes disabled
 					if (!$sslext) {
 						throw new phpmailerException($this->lang('extension_missing').'openssl', self::STOP_CRITICAL);
 					}
-					$this->smtp->hello($hello);
+				}
-					//Automatically enable TLS encryption if:
+				$host = $hostinfo[3];
-					// * it's not disabled
+				$port = $this->Port;
-					// * we have openssl extension
+				$tport = (integer)$hostinfo[4];
-					// * we are not already using SSL
+				if ($tport > 0 and $tport < 65536) {
-					// * the server offers STARTTLS
+					$port = $tport;
-					if ($this->SMTPAutoTLS and $sslext and $secure != 'ssl' and $this->smtp->getServerExt('STARTTLS')) {
+				}
-						$tls = true;
+				if ($this->smtp->connect($prefix . $host, $port, $this->Timeout, $options)) {
-					}
+					try {
-					if ($tls) {
+						if ($this->Helo) {
-						if (!$this->smtp->startTLS()) {
+							$hello = $this->Helo;
-							throw new phpmailerException($this->lang('connect_host'));
+						} else {
 							$hello = $this->serverHostname();
 						}
 						// We must resend EHLO after TLS negotiation
 						$this->smtp->hello($hello);
-					}
+						//Automatically enable TLS encryption if:
-					if ($this->SMTPAuth) {
+						// * it's not disabled
-						if (!$this->smtp->authenticate(
+						// * we have openssl extension
-							$this->Username,
+						// * we are not already using SSL
-							$this->Password,
+						// * the server offers STARTTLS
-							$this->AuthType,
+						if ($this->SMTPAutoTLS and $sslext and $secure != 'ssl' and $this->smtp->getServerExt('STARTTLS')) {
-							$this->Realm,
+							$tls = true;
-							$this->Workstation
+						}
-							)
+						if ($tls) {
-							) {
+							if (!$this->smtp->startTLS()) {
-								throw new phpmailerException($this->lang('authenticate'));
+								throw new phpmailerException($this->lang('connect_host'));
 							}
 							// We must resend EHLO after TLS negotiation
 							$this->smtp->hello($hello);
 						}
 						if ($this->SMTPAuth) {
 							if (!$this->smtp->authenticate(
 								$this->Username,
 								$this->Password,
 								$this->AuthType,
 								$this->Realm,
 								$this->Workstation
 								)
 								) {
 									throw new phpmailerException($this->lang('authenticate'));
 								}
 						}
 						return true;
 					} catch (phpmailerException $exc) {
 						$lastexception = $exc;
 						$this->edebug($exc->getMessage());
 						// We must have connected, but then failed TLS or Auth, so close connection nicely
 						$this->smtp->quit();
 					}
 					return true;
 				} catch (phpmailerException $exc) {
 					$lastexception = $exc;
 					$this->edebug($exc->getMessage());
 					// We must have connected, but then failed TLS or Auth, so close connection nicely
 					$this->smtp->quit();
 				}
 			}
 		}
 		// If we get here, all connection attempts have failed, so close connection hard
 		$this->smtp->close();
@@ -1742,6 +1749,7 @@ class PHPMailer
 			'dk' => 'da',
 			'no' => 'nb',
 			'se' => 'sv',
 			'sr' => 'rs'
 		);
 		if (isset($renamed_langcodes[$langcode])) {
@@ -2024,10 +2032,7 @@ class PHPMailer
 	{
 		$result = '';
-		if ($this->MessageDate == '') {
+		$result .= $this->headerLine('Date', $this->MessageDate == '' ? self::rfcDate() : $this->MessageDate);
 			$this->MessageDate = self::rfcDate();
 		}
 		$result .= $this->headerLine('Date', $this->MessageDate);
 		// To be created automatically by mail()
 		if ($this->SingleTo) {
@@ -2492,6 +2497,7 @@ class PHPMailer
 	/**
 	 * Add an attachment from a path on the filesystem.
 	 * Never use a user-supplied path to a file!
 	 * Returns false if the file could not be found or read.
 	 * @param string $path Path to the attachment.
 	 * @param string $name Overrides the attachment name.
@@ -3017,6 +3023,7 @@ class PHPMailer
 	 * displayed inline with the message, not just attached for download.
 	 * This is used in HTML messages that embed the images
 	 * the HTML refers to using the $cid value.
 	 * Never use a user-supplied path to a file!
 	 * @param string $path Path to the attachment.
 	 * @param string $cid Content ID of the attachment; Use this to reference
 	 *        the content when using an embedded image in HTML.
@@ -3380,12 +3387,14 @@ class PHPMailer
 	 * Create a message body from an HTML string.
 	 * Automatically inlines images and creates a plain-text version by converting the HTML,
 	 * overwriting any existing values in Body and AltBody.
-	 * $basedir is used when handling relative image paths, e.g. <img src="images/a.png">
+	 * Do not source $message content from user input!
 	 * $basedir is prepended when handling relative URLs, e.g. <img src="/images/a.png"> and must not be empty
 	 * will look for an image file in $basedir/images/a.png and convert it to inline.
-	 * If you don't want to apply these transformations to your HTML, just set Body and AltBody yourself.
+	 * If you don't provide a $basedir, relative paths will be left untouched (and thus probably break in email)
 	 * If you don't want to apply these transformations to your HTML, just set Body and AltBody directly.
 	 * @access public
 	 * @param string $message HTML message string
-	 * @param string $basedir base directory for relative paths to images
+	 * @param string $basedir Absolute path to a base directory to prepend to relative paths to images
 	 * @param boolean|callable $advanced Whether to use the internal HTML to text converter
 	 *    or your own custom converter @see PHPMailer::html2text()
 	 * @return string $message The transformed message Body
@@ -3394,6 +3403,10 @@ class PHPMailer
 	{
 		preg_match_all('/(src|background)=["\'](.*)["\']/Ui', $message, $images);
 		if (array_key_exists(2, $images)) {
 			if (strlen($basedir) > 1 && substr($basedir, -1) != '/') {
 				// Ensure $basedir has a trailing /
 				$basedir .= '/';
 			}
 			foreach ($images[2] as $imgindex => $url) {
 				// Convert data URIs into embedded images
 				if (preg_match('#^data:(image[^;,]*)(;base64)?,#', $url, $match)) {
@@ -3411,36 +3424,42 @@ class PHPMailer
 							$message
 							);
 					}
-				} elseif (substr($url, 0, 4) !== 'cid:' && !preg_match('#^[a-z][a-z0-9+.-]*://#i', $url)) {
+					continue;
 					// Do not change urls for absolute images (thanks to corvuscorax)
 					// Do not change urls that are already inline images
 					$filename = basename($url);
 					$directory = dirname($url);
 					if ($directory == '.') {
 						$directory = '';
 					}
 					$cid = md5($url) . '@phpmailer.0'; // RFC2392 S 2
 					if (strlen($basedir) > 1 && substr($basedir, -1) != '/') {
 						$basedir .= '/';
 					}
 					if (strlen($directory) > 1 && substr($directory, -1) != '/') {
 						$directory .= '/';
 					}
 					if ($this->addEmbeddedImage(
 						$basedir . $directory . $filename,
 						$cid,
 						$filename,
 						'base64',
 						self::_mime_types((string)self::mb_pathinfo($filename, PATHINFO_EXTENSION))
 						)
 						) {
 							$message = preg_replace(
 								'/' . $images[1][$imgindex] . '=["\']' . preg_quote($url, '/') . '["\']/Ui',
 								$images[1][$imgindex] . '="cid:' . $cid . '"',
 								$message
 								);
 						}
 				}
 				if (
 					// Only process relative URLs if a basedir is provided (i.e. no absolute local paths)
 					!empty($basedir)
 					// Ignore URLs containing parent dir traversal (..)
 					&& (strpos($url, '..') === false)
 					// Do not change urls that are already inline images
 					&& substr($url, 0, 4) !== 'cid:'
 					// Do not change absolute URLs, including anonymous protocol
 					&& !preg_match('#^[a-z][a-z0-9+.-]*:?//#i', $url)
 					) {
 						$filename = basename($url);
 						$directory = dirname($url);
 						if ($directory == '.') {
 							$directory = '';
 						}
 						$cid = md5($url) . '@phpmailer.0'; // RFC2392 S 2
 						if (strlen($directory) > 1 && substr($directory, -1) != '/') {
 							$directory .= '/';
 						}
 						if ($this->addEmbeddedImage(
 							$basedir . $directory . $filename,
 							$cid,
 							$filename,
 							'base64',
 							self::_mime_types((string)self::mb_pathinfo($filename, PATHINFO_EXTENSION))
 							)
 							) {
 								$message = preg_replace(
 									'/' . $images[1][$imgindex] . '=["\']' . preg_quote($url, '/') . '["\']/Ui',
 									$images[1][$imgindex] . '="cid:' . $cid . '"',
 									$message
 									);
 							}
 					}
 			}
 		}
 		$this->isHTML(true);
@@ -4019,7 +4038,7 @@ class phpmailerException extends Exception
 	 */
 	public function errorMessage()
 	{
-		$errorMsg = '<strong>' . $this->getMessage() . "</strong><br />\n";
+		$errorMsg = '<strong>' . htmlspecialchars($this->getMessage()) . "</strong><br />\n";
 		return $errorMsg;
 	}
 }
--- a/lib/classes/phpmailer/class.SMTP.php
+++ b/lib/classes/phpmailer/class.SMTP.php
@@ -1,36 +1,36 @@
 <?php
 /**
 * PHPMailer RFC821 SMTP email transport class.
-* PHP Version 5
+ * PHP Version 5
-* @package PHPMailer
+ * @package PHPMailer
-* @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
+ * @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
-* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
+ * @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
-* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
+ * @author Jim Jagielski (jimjag) <jimjag@gmail.com>
-* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
+ * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
-* @author Brent R. Matzelle (original founder)
+ * @author Brent R. Matzelle (original founder)
-* @copyright 2014 Marcus Bointon
+ * @copyright 2014 Marcus Bointon
-* @copyright 2010 - 2012 Jim Jagielski
+ * @copyright 2010 - 2012 Jim Jagielski
-* @copyright 2004 - 2009 Andy Prevost
+ * @copyright 2004 - 2009 Andy Prevost
-* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
+ * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
-* @note This program is distributed in the hope that it will be useful - WITHOUT
+ * @note This program is distributed in the hope that it will be useful - WITHOUT
-* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-* FITNESS FOR A PARTICULAR PURPOSE.
+ * FITNESS FOR A PARTICULAR PURPOSE.
-*/
+ */
 /**
 * PHPMailer RFC821 SMTP email transport class.
-* Implements RFC 821 SMTP commands and provides some utility methods for sending mail to an SMTP server.
+ * Implements RFC 821 SMTP commands and provides some utility methods for sending mail to an SMTP server.
-* @package PHPMailer
+ * @package PHPMailer
-* @author Chris Ryan
+ * @author Chris Ryan
-* @author Marcus Bointon <phpmailer@synchromedia.co.uk>
+ * @author Marcus Bointon <phpmailer@synchromedia.co.uk>
-*/
+ */
 class SMTP
 {
 	/**
 	 * The PHPMailer SMTP version number.
 	 * @var string
 	 */
-	const VERSION = '5.2.21';
+	const VERSION = '5.2.26';
 	/**
 	 * SMTP line break constant.
@@ -81,7 +81,7 @@ class SMTP
 	 * @deprecated Use the `VERSION` constant instead
 	 * @see SMTP::VERSION
 	 */
-	public $Version = '5.2.21';
+	public $Version = '5.2.26';
 	/**
 	 * SMTP server port number.
@@ -151,9 +151,8 @@ class SMTP
 	public $Timelimit = 300;
 	/**
-	 * @var array patterns to extract smtp transaction id from smtp reply
+	 * @var array Patterns to extract an SMTP transaction id from reply to a DATA command.
-	 * Only first capture group will be use, use non-capturing group to deal with it
+	 * The first capture group in each regex will be used as the ID.
 	 * Extend this class to override this property to fulfil your needs.
 	 */
 	protected $smtp_transaction_id_patterns = array(
 		'exim' => '/[0-9]{3} OK id=(.*)/',
@@ -161,6 +160,12 @@ class SMTP
 		'postfix' => '/[0-9]{3} 2.0.0 Ok: queued as (.*)/'
 	);
 	/**
 	 * @var string The last transaction ID issued in response to a DATA command,
 	 * if one was detected
 	 */
 	protected $last_smtp_transaction_id;
 	/**
 	 * The socket for the server connection.
 	 * @var resource
@@ -227,12 +232,11 @@ class SMTP
 				break;
 			case 'html':
 				//Cleans up output a bit for a better looking, HTML-safe output
-				echo htmlentities(
+				echo gmdate('Y-m-d H:i:s') . ' ' . htmlentities(
 				preg_replace('/[\r\n]+/', '', $str),
 				ENT_QUOTES,
 				'UTF-8'
-					)
+					) . "<br>\n";
 					. "<br>\n";
 					break;
 			case 'echo':
 			default:
@@ -242,7 +246,7 @@ class SMTP
 					"\n",
 					"\n                   \t                  ",
 					trim($str)
-					)."\n";
+					) . "\n";
 		}
 	}
@@ -276,7 +280,8 @@ class SMTP
 		}
 		// Connect to the SMTP server
 		$this->edebug(
-			"Connection: opening to $host:$port, timeout=$timeout, options=".var_export($options, true),
+			"Connection: opening to $host:$port, timeout=$timeout, options=" .
 			var_export($options, true),
 			self::DEBUG_CONNECTION
 			);
 		$errno = 0;
@@ -362,14 +367,14 @@ class SMTP
 		}
 		// Begin encrypted connection
-		if (!stream_socket_enable_crypto(
+		set_error_handler(array($this, 'errorHandler'));
 		$crypto_ok = stream_socket_enable_crypto(
 			$this->smtp_conn,
 			true,
 			$crypto_method
-			)) {
+			);
-				return false;
+		restore_error_handler();
-			}
+		return $crypto_ok;
 			return true;
 	}
 	/**
@@ -398,8 +403,7 @@ class SMTP
 			}
 			if (array_key_exists('EHLO', $this->server_caps)) {
-				// SMTP extensions are available. Let's try to find a proper authentication method
+				// SMTP extensions are available; try to find a proper authentication method
 				if (!array_key_exists('AUTH', $this->server_caps)) {
 					$this->setError('Authentication is not allowed at this stage');
 					// 'at this stage' means that auth may be allowed after the stage changes
@@ -424,7 +428,7 @@ class SMTP
 						$this->setError('No supported authentication methods found');
 						return false;
 					}
-					self::edebug('Auth method selected: '.$authtype, self::DEBUG_LOWLEVEL);
+					self::edebug('Auth method selected: ' . $authtype, self::DEBUG_LOWLEVEL);
 				}
 				if (!in_array($authtype, $this->server_caps['AUTH'])) {
@@ -550,7 +554,7 @@ class SMTP
 	 * Works like hash_hmac('md5', $data, $key)
 	 * in case that function is not available
 	 * @param string $data The data to hash
-	 * @param string $key  The key to hash with
+	 * @param string $key The key to hash with
 	 * @access protected
 	 * @return string
 	 */
@@ -710,6 +714,7 @@ class SMTP
 		$savetimelimit = $this->Timelimit;
 		$this->Timelimit = $this->Timelimit * 2;
 		$result = $this->sendCommand('DATA END', '.', 250);
 		$this->recordLastTransactionID();
 		//Restore timelimit
 		$this->Timelimit = $savetimelimit;
 		return $result;
@@ -893,7 +898,8 @@ class SMTP
 			$code_ex = (count($matches) > 2 ? $matches[2] : null);
 			// Cut off error code from each response line
 			$detail = preg_replace(
-				"/{$code}[ -]".($code_ex ? str_replace('.', '\\.', $code_ex).' ' : '')."/m",
+				"/{$code}[ -]" .
 				($code_ex ? str_replace('.', '\\.', $code_ex) . ' ' : '') . "/m",
 				'',
 				$this->last_reply
 			);
@@ -989,7 +995,10 @@ class SMTP
 	public function client_send($data)
 	{
 		$this->edebug("CLIENT -> SERVER: $data", self::DEBUG_CLIENT);
-		return fwrite($this->smtp_conn, $data);
+		set_error_handler(array($this, 'errorHandler'));
 		$result = fwrite($this->smtp_conn, $data);
 		restore_error_handler();
 		return $result;
 	}
 	/**
@@ -1089,8 +1098,10 @@ class SMTP
 			$this->edebug("SMTP -> get_lines(): \$data is \"$data\"", self::DEBUG_LOWLEVEL);
 			$this->edebug("SMTP -> get_lines(): \$str is  \"$str\"", self::DEBUG_LOWLEVEL);
 			$data .= $str;
-			// If 4th character is a space, we are done reading, break the loop, micro-optimisation over strlen
+			// If response is only 3 chars (not valid, but RFC5321 S4.2 says it must be handled),
-			if ((isset($str[3]) and $str[3] == ' ')) {
+			// or 4th character is a space, we are done reading, break the loop,
 			// string array access is a micro-optimisation over strlen
 			if (!isset($str[3]) or (isset($str[3]) and $str[3] == ' ')) {
 				break;
 			}
 			// Timed-out? Log and break
@@ -1105,7 +1116,7 @@ class SMTP
 			// Now check if reads took too long
 			if ($endtime and time() > $endtime) {
 				$this->edebug(
-					'SMTP -> get_lines(): timelimit reached ('.
+					'SMTP -> get_lines(): timelimit reached (' .
 					$this->Timelimit . ' sec)',
 					self::DEBUG_LOWLEVEL
 					);
@@ -1208,42 +1219,58 @@ class SMTP
 	 * Reports an error number and string.
 	 * @param integer $errno The error number returned by PHP.
 	 * @param string $errmsg The error message returned by PHP.
 	 * @param string $errfile The file the error occurred in
 	 * @param integer $errline The line number the error occurred on
 	 */
-	protected function errorHandler($errno, $errmsg)
+	protected function errorHandler($errno, $errmsg, $errfile = '', $errline = 0)
 	{
-		$notice = 'Connection: Failed to connect to server.';
+		$notice = 'Connection failed.';
 		$this->setError(
 			$notice,
 			$errno,
 			$errmsg
 			);
 		$this->edebug(
-			$notice . ' Error number ' . $errno . '. "Error notice: ' . $errmsg,
+			$notice . ' Error #' . $errno . ': ' . $errmsg . " [$errfile line $errline]",
 			self::DEBUG_CONNECTION
 			);
 	}
 	/**
-	 * Will return the ID of the last smtp transaction based on a list of patterns provided
+	 * Extract and return the ID of the last SMTP transaction based on
-	 * in SMTP::$smtp_transaction_id_patterns.
+	 * a list of patterns provided in SMTP::$smtp_transaction_id_patterns.
 	 * Relies on the host providing the ID in response to a DATA command.
 	 * If no reply has been received yet, it will return null.
-	 * If no pattern has been matched, it will return false.
+	 * If no pattern was matched, it will return false.
 	 * @return bool|null|string
 	 */
-	public function getLastTransactionID()
+	protected function recordLastTransactionID()
 	{
 		$reply = $this->getLastReply();
 		if (empty($reply)) {
-			return null;
+			$this->last_smtp_transaction_id = null;
-		}
+		} else {
-
+			$this->last_smtp_transaction_id = false;
-		foreach($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
+			foreach ($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
-			if(preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
+				if (preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
-				return $matches[1];
+					$this->last_smtp_transaction_id = $matches[1];
 				}
 			}
 		}
-		return false;
+		return $this->last_smtp_transaction_id;
 	}
 	/**
 	 * Get the queue/transaction ID of the last SMTP transaction
 	 * If no reply has been received yet, it will return null.
 	 * If no pattern was matched, it will return false.
 	 * @return bool|null|string
 	 * @see recordLastTransactionID()
 	 */
 	public function getLastTransactionID()
 	{
 		return $this->last_smtp_transaction_id;
 	}
 }
--- a/lib/classes/settings/class.SImExporter.php
+++ b/lib/classes/settings/class.SImExporter.php
@@ -0,0 +1,114 @@
 <?php
 /**
 * This file is part of the Froxlor project.
 * Copyright (c) 2018 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
 * @author     Michael Kaufmann <d00p@froxlor.org>
 * @author     Froxlor team <team@froxlor.org> (2018-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Classes
 *
 * @since      0.9.39
 *
 */
 /**
 * Class SImExporter
 *
 * Import/Export settings to JSON
 *
 * @copyright (c) the authors
 * @author Michael Kaufmann <d00p@froxlor.org>
 * @author Froxlor team <team@froxlor.org> (2018-)
 * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package Classes
 */
 class SImExporter
 {
 	/**
 	 * settings which are not being exported
 	 *
 	 * @var array
 	 */
 	private static $_no_export = [
 		'panel.adminmail',
 		'admin.show_news_feed',
 		'system.lastaccountnumber',
 		'system.lastguid',
 		'system.ipaddress',
 		'system.last_traffic_run',
 		'system.hostname',
 		'system.mysql_access_host',
 		'system.lastcronrun',
 		'system.defaultip',
 		'system.last_tasks_run',
 		'system.last_archive_run',
 		'system.leprivatekey',
 		'system.lepublickey'
 	];
 	public static function export()
 	{
 		$result_stmt = Database::query("
 			SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` ORDER BY `settingid` ASC
 		");
 		$_data = array();
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$index = $row['settinggroup'] . "." . $row['varname'];
 			if (! in_array($index, self::$_no_export)) {
 				$_data[$index] = $row['value'];
 			}
 		}
 		// add checksum for validation
 		$_data['_sha'] = sha1(var_export($_data, true));
 		$_export = json_encode($_data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
 		if (! $_export) {
 			throw new Exception("Error exporting settings: " . json_last_error_msg());
 		}
 		return $_export;
 	}
 	public static function import($json_str = null)
 	{
 		// decode data
 		$_data = json_decode($json_str, true);
 		if ($_data) {
 			// get validity check data
 			$_sha = isset($_data['_sha']) ? $_data['_sha'] : false;
 			$_version = isset($_data['panel.version']) ? $_data['panel.version'] : false;
 			$_dbversion = isset($_data['panel.db_version']) ? $_data['panel.db_version'] : false;
 			// check if we have everything we need
 			if (! $_sha || ! $_version || ! $_dbversion) {
 				throw new Exception("Invalid froxlor settings data. Unable to import.");
 			}
 			// validate import file
 			unset($_data['_sha']);
 			// compare
 			if ($_sha != sha1(var_export($_data, true))) {
 				throw new Exception("SHA check of import data failed. Unable to import.");
 			}
 			// do not import version info - but we need that to possibily update settings
 			// when there were changes in the variable-name or similar
 			unset($_data['panel.version']);
 			unset($_data['panel.db_version']);
 			// store new data
 			foreach ($_data as $index => $value) {
 				Settings::Set($index, $value);
 			}
 			// save to DB
 			Settings::Flush();
 			// all good
 			return true;
 		}
 		throw new Exception("Invalid JSON data: " . json_last_error_msg());
 	}
 }
--- a/lib/classes/ssl/class.lescript.php
+++ b/lib/classes/ssl/class.lescript.php
@@ -30,7 +30,6 @@ class lescript
 {
 	// https://letsencrypt.org/repository/
 	public $license;
 	private $logger;
@@ -63,7 +62,7 @@ class lescript
 	{
 		// Let's see if we have the private accountkey
 		$this->accountKey = $certrow['leprivatekey'];
-		$this->customerId = $certrow['customerid'];
+		$this->customerId = (!$isFroxlorVhost ? $certrow['customerid'] : null);
 		$this->isFroxlorVhost = $isFroxlorVhost;
 		$this->isLeProduction = (Settings::Get('system.letsencryptca') == 'production');
@@ -111,19 +110,7 @@ class lescript
 			}
 			$accountUrl=$this->client->getLastLocation();
-			$this->log('Accepting lets encrypt Terms of Service');
+			$leregistered = 1;
 			$this->license = $this->client->getAgreementURL();
 			// Terms of Service are optional according to ACME specs; if no ToS are presented, no need to update registration
 			if (!empty($this->license)) {
 				$response = $this->postRegAgreement(parse_url($accountUrl, PHP_URL_PATH));
 				if ($this->client->getLastCode() != 202) {
 					throw new \RuntimeException("Terms of Service not accepted. Whole response: " . json_encode($response));
 				}
 			}
 			$leregistered=1;
 			$this->setLeRegisteredState($leregistered); // Account registered
 			$this->log('Lets encrypt Terms of Service accepted');
 		}
@@ -227,17 +214,18 @@ class lescript
 			$this->log("Token for $domain saved at $tokenPath and should be available at $uri");
 			// simple self check
-			$selfcheckContextOptions = array('http' => array('header' => "User-Agent: Froxlor/".$this->version));
+			if (Settings::Get('system.disable_le_selfcheck') == '0')
-			$selfcheckContext = stream_context_create($selfcheckContextOptions);
+			{
-			if ($payload !== trim(@file_get_contents($uri, false, $selfcheckContext))) {
+				$selfcheckpayload = HttpClient::urlGet($uri);
-				$errmsg = json_encode(error_get_last());
+				if ($payload !== trim($selfcheckpayload)) {
-				if ($errmsg != "null") {
+					$errmsg = json_encode(error_get_last());
-					$errmsg = "; PHP error: " . $errmsg;
+					if ($errmsg != "null") {
-				} else {
+						$errmsg = "; PHP error: " . $errmsg;
-					$errmsg = "";
+					} else {
 						$errmsg = "";
 					}
 					$this->logger->logAction(CRON_ACTION, LOG_WARNING, "[Lets Encrypt self-check] Please check $uri - token seems to be not available. This is just a simple self-check, it might be wrong but consider using this information when Let's Encrypt fails to issue a certificate" . $errmsg);
 				}
 				@unlink($tokenPath);
 				$this->logger->logAction(CRON_ACTION, LOG_ERR, "letsencrypt Please check $uri - token not available" . $errmsg);
 			}
 			$this->log("Sending request to challenge");
@@ -371,21 +359,16 @@ class lescript
 	private function postNewReg()
 	{
 		$this->log('Getting last terms of service URL');
 		$directory = $this->client->get('/directory');
 		if (!isset($directory['meta']) || !isset($directory['meta']['terms-of-service'])) {
 			throw new \RuntimeException("No terms of service link available!");
 		}
 		$this->log('Sending registration to letsencrypt server');
 		return $this->signedRequest('/acme/new-reg', array(
 			'resource' => 'new-reg',
-			'agreement' => $this->license
+			'agreement' => $directory['meta']['terms-of-service']
 		));
 	}
 	private function postRegAgreement($uri)
 	{
 		$this->log('Accepting agreement at URL: ' . $this->license);
 		return $this->signedRequest($uri, array(
 			'resource' => 'reg',
 			'agreement' => $this->license
 		));
 	}
@@ -590,49 +573,6 @@ class Client
 		preg_match_all('~Link: <(.+)>;rel="up"~', $this->lastHeader, $matches);
 		return $matches[1];
 	}
 	public function getAgreementURLFromLastResponse()
 	{
 		if (preg_match_all('~Link: <(.+)>;rel="terms-of-service"~', $this->lastHeader, $matches)) {
 			return $matches[1][0];
 		}
 		return "";
 	}
 	public function getAgreementURLFromDirectory()
 	{
 		// FIXME: Current license should be found in /directory but LE does not implement this yet
 		// $this->curl('GET', '/directory');
 		return "";
 	}
 	public function getAgreementURLFromTermsUrl()
 	{
 		$this->curl('GET', '/terms');
 		if (preg_match_all('~Location: (.+)~', $this->lastHeader, $matches)) {
 			return trim($matches[1][0]);
 		}
 		return "";
 	}
 	public function getAgreementURL()
 	{
 		// 1. check the header of the last response
 		$license=$this->getAgreementURLFromLastResponse();
 		if (!empty($license)) return $license;
 		// 2. query directory for license
 		$license=$this->getAgreementURLFromDirectory();
 		if (!empty($license)) return $license;
 		// 3. query /terms endpoint (not ACME standard but implemented by let's enrypt)
 		$license=$this->getAgreementURLFromTermsUrl();
 		if (!empty($license)) return $license;
 		// Fallback: use latest known license. This is only valid for let's encrypt and should be removed as soon as there is an official
 		// ACME-endpoint to get the current ToS
 		return "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf";
 		// return "";
 	}
 }
 class Base64UrlSafeEncoder
--- a/lib/classes/ssl/class.lescript_v2.php
+++ b/lib/classes/ssl/class.lescript_v2.php
@@ -0,0 +1,594 @@
 <?php
 // Copyright (c) 2015, Stanislav Humplik <sh@analogic.cz>
 // All rights reserved.
 //
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are met:
 // * Redistributions of source code must retain the above copyright
 // notice, this list of conditions and the following disclaimer.
 // * Redistributions in binary form must reproduce the above copyright
 // notice, this list of conditions and the following disclaimer in the
 // documentation and/or other materials provided with the distribution.
 // * Neither the name of the <organization> nor the
 // names of its contributors may be used to endorse or promote products
 // derived from this software without specific prior written permission.
 //
 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
 // ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 // DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
 // DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 // LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 // ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 // This file is copied from https://github.com/analogic/lescript
 // and modified to work without files and integrate in Froxlor
 class lescript_v2
 {
 	// https://letsencrypt.org/repository/
 	private $logger;
 	private $client;
 	private $accountKey;
 	private $customerid;
 	private $isFroxlorVhost;
 	private $isLeProduction;
 	private $version;
 	private $_req_uris = array();
 	private $_acc_location = null;
 	public function __construct($logger, $version = '2')
 	{
 		$this->logger = $logger;
 		$this->version = $version;
 		if (Settings::Get('system.letsencryptca') == 'production') {
 			$ca = 'https://acme-v02.api.letsencrypt.org';
 		} else {
 			$ca = 'https://acme-staging-v02.api.letsencrypt.org';
 		}
 		$this->client = new Client($ca);
 		$this->log("Using '$ca' to generate certificate");
 		// get request-uris from /directory
 		$response = $this->client->get('/directory');
 		$this->_req_uris['newAccount'] = $response['newAccount'];
 		$this->_req_uris['newOrder'] = $response['newOrder'];
 		$this->_req_uris['newNonce'] = $response['newNonce'];
 		$this->_req_uris['revokeCert'] = $response['revokeCert'];
 	}
 	public function initAccount($certrow, $isFroxlorVhost = false)
 	{
 		// Let's see if we have the private accountkey
 		$this->accountKey = $certrow['leprivatekey'];
 		$this->customerId = (! $isFroxlorVhost ? $certrow['customerid'] : null);
 		$this->isFroxlorVhost = $isFroxlorVhost;
 		$this->isLeProduction = (Settings::Get('system.letsencryptca') == 'production');
 		$leregistered = $certrow['leregistered'];
 		if (! $this->accountKey || $this->accountKey == 'unset' || ! $this->isLeProduction) {
 			// generate and save new private key for account
 			// ---------------------------------------------
 			$this->log('Creating new account key');
 			$keys = $this->generateKey();
 			// Only store the accountkey in production, in staging always generate a new key
 			if ($this->isLeProduction) {
 				if ($isFroxlorVhost) {
 					Settings::Set('system.lepublickey', $keys['public']);
 					Settings::Set('system.leprivatekey', $keys['private']);
 					Settings::Set('system.leregistered', 0); // key is not registered
 				} else {
 					$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
 					Database::pexecute($upd_stmt, array(
 						'public' => $keys['public'],
 						'private' => $keys['private'],
 						'registered' => 0,
 						'customerid' => $this->customerId
 					));
 				}
 			}
 			$leregistered = 0;
 			$this->accountKey = $keys['private'];
 		} else {
 			$this->log('Using existing account key');
 		}
 		if ($leregistered == 0) { // Account not registered
 			$this->log('Starting new account registration');
 			$response = $this->postNewReg();
 			if ($this->client->getLastCode() == 409) {
 				$this->log('The key was already registered. Using existing account.');
 			} else if ($this->client->getLastCode() == 201) {
 				$this->log('New account registered.');
 			} else {
 				throw new \RuntimeException("Account not initialized, probably due to rate limiting. Whole response: " . json_encode($response));
 			}
 			$this->_acc_location = $this->client->getLastLocation();
 			$leregistered = 1;
 			$this->setLeRegisteredState($leregistered);
 		}
 	}
 	/**
 	 *
 	 * @param array $domains
 	 * @param string $domainkey
 	 * @param string $csr
 	 *        	optional, same behavior as $reuseCsr from the original class, but we're passing the content of the csr already
 	 *        	
 	 * @throws \RuntimeException
 	 * @return string[]
 	 */
 	public function signDomains(array $domains, $domainkey = null, $csr = null)
 	{
 		if (! $this->accountKey) {
 			throw new \RuntimeException("Account not initialized");
 		}
 		$this->log('Starting certificate generation process for domains');
 		$privateAccountKey = openssl_pkey_get_private($this->accountKey);
 		$accountKeyDetails = openssl_pkey_get_details($privateAccountKey);
 		// start domains authentication
 		// ----------------------------
 		foreach ($domains as $domain) {
 			// 1. getting available authentication options
 			// -------------------------------------------
 			$this->log("Requesting challenge for $domain");
 			$response = $this->signedRequest($this->_req_uris['newOrder'], array(
 				"identifiers" => array(
 					array(
 						"type" => "dns",
 						"value" => $domain
 					)
 				)
 			), false);
 			if ($this->client->getLastCode() == 403) {
 				$this->log("Got status 403 - setting LE status to unregistered.");
 				$this->setLeRegisteredState(0);
 				throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run.  Whole response: " . json_encode($response));
 			}
 			// if response is not an array but a string, it's most likely a server-error, e.g.
 			// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
 			// <p>Reference&#32;&#35;179&#46;d8be1402&#46;1458059103&#46;3613c4db</BODY></HTML>
 			if (! is_array($response)) {
 				throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
 			}
 			if (! array_key_exists('authorizations', $response)) {
 				throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
 			}
 			// get authorization
 			$auth_response = $this->client->get($response['authorizations'][0]);
 			if (! array_key_exists('challenges', $auth_response)) {
 				throw new RuntimeException("No challenges received for $domain. Whole response: " . json_encode($auth_response));
 			}
 			// choose http-01 challenge only
 			$challenge = array_reduce($auth_response['challenges'], function ($v, $w) {
 				return $v ? $v : ($w['type'] == 'http-01' ? $w : false);
 			});
 			if (! $challenge) {
 				throw new RuntimeException("HTTP Challenge for $domain is not available. Whole response: " . json_encode($response));
 			}
 			$this->log("Got challenge token for $domain");
 			$location = $challenge['url'];
 			$finalizeLink = $response['finalize'];
 			// 2. saving authentication token for web verification
 			// ---------------------------------------------------
 			$directory = Settings::Get('system.letsencryptchallengepath') . '/.well-known/acme-challenge';
 			$tokenPath = $directory . '/' . $challenge['token'];
 			if (! file_exists($directory) && ! @mkdir($directory, 0755, true)) {
 				throw new \RuntimeException("Couldn't create directory to expose challenge: ${tokenPath}");
 			}
 			$header = array(
 				// need to be in precise order!
 				"e" => Base64UrlSafeEncoder::encode($accountKeyDetails["rsa"]["e"]),
 				"kty" => "RSA",
 				"n" => Base64UrlSafeEncoder::encode($accountKeyDetails["rsa"]["n"])
 			);
 			$payload = $challenge['token'] . '.' . Base64UrlSafeEncoder::encode(hash('sha256', json_encode($header), true));
 			file_put_contents($tokenPath, $payload);
 			chmod($tokenPath, 0644);
 			// 3. verification process itself
 			// -------------------------------
 			$uri = "http://${domain}/.well-known/acme-challenge/${challenge['token']}";
 			$this->log("Token for $domain saved at $tokenPath and should be available at $uri");
 			// simple self check
 			if (Settings::Get('system.disable_le_selfcheck') == '0') {
 				$selfcheckpayload = HttpClient::urlGet($uri);
 				if ($payload !== trim($selfcheckpayload)) {
 					$errmsg = json_encode(error_get_last());
 					if ($errmsg != "null") {
 						$errmsg = "; PHP error: " . $errmsg;
 					} else {
 						$errmsg = "";
 					}
 					$this->logger->logAction(CRON_ACTION, LOG_WARNING, "[Lets Encrypt self-check] Please check $uri - token seems to be not available. This is just a simple self-check, it might be wrong but consider using this information when Let's Encrypt fails to issue a certificate" . $errmsg);
 				}
 			}
 			$this->log("Sending request to challenge");
 			// send request to challenge
 			$result = $this->signedRequest($challenge['url'], array(
 				"type" => "http-01",
 				"keyAuthorization" => $payload,
 				"token" => $challenge['token']
 			), false);
 			// waiting loop
 			// we wait for a maximum of 30 seconds to avoid endless loops
 			$count = 0;
 			do {
 				if (empty($result['status']) || $result['status'] == "invalid") {
 					@unlink($tokenPath);
 					throw new \RuntimeException("Verification ended with error: " . json_encode($result));
 				}
 				$ended = ! ($result['status'] === "pending" || $result['status'] === "processing");
 				if (! $ended) {
 					$this->log("Verification " . $result['status'] . ", sleeping 1s");
 					sleep(1);
 					$count ++;
 				}
 				$result = $this->client->get($location);
 			} while (! $ended && $count < 30);
 			$this->log("Verification ended with status: ${result['status']}");
 			@unlink($tokenPath);
 		}
 		// requesting certificate
 		// ----------------------
 		// generate private key for domain if not exist
 		if (empty($domainkey) || Settings::Get('system.letsencryptreuseold') == 0) {
 			$keys = $this->generateKey();
 			$domainkey = $keys['private'];
 		}
 		// load domain key
 		$privateDomainKey = openssl_pkey_get_private($domainkey);
 		if (empty($csr)) {
 			$csr = $this->generateCSR($privateDomainKey, $domains);
 		}
 		// request certificates creation
 		$result = $this->signedRequest($finalizeLink, array(
 			'csr' => $csr
 		), false);
 		if ($this->client->getLastCode() !== 200) {
 			throw new \RuntimeException("Invalid response code: " . $this->client->getLastCode() . ", " . json_encode($result));
 		}
 		if (! isset($result['certificate'])) {
 			throw new \RuntimeException("No certificate URL specified in result");
 		}
 		$certificates = array();
 		$certdata = $this->client->get($result['certificate']);
 		$this->log("Got certificate! YAY!");
 		$certificates[] = $certdata;
 		foreach ($this->client->getLastLinks() as $link) {
 			$this->log("Requesting chained cert at $link");
 			$result = $this->client->get($link);
 			$certificates[] = $result;
 		}
 		if (empty($certificates))
 			throw new \RuntimeException('No certificates generated');
 		$fullchain = implode("\n", $certificates);
 		$crt = array_shift($certificates);
 		$chain = implode("\n", $certificates);
 		$this->log("Done, returning new certificates and key");
 		return array(
 			'fullchain' => $fullchain,
 			'crt' => $crt,
 			'chain' => $chain,
 			'key' => $domainkey,
 			'csr' => $csr
 		);
 	}
 	private function setLeRegisteredState($state)
 	{
 		if ($this->isLeProduction) {
 			if ($this->isFroxlorVhost) {
 				Settings::Set('system.leregistered', $state);
 			} else {
 				$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
 				Database::pexecute($upd_stmt, array(
 					'registered' => $state,
 					'customerid' => $this->customerId
 				));
 			}
 		}
 	}
 	private function parsePemFromBody($body)
 	{
 		$pem = chunk_split(base64_encode($body), 64, "\n");
 		return "-----BEGIN CERTIFICATE-----\n" . $pem . "-----END CERTIFICATE-----\n";
 	}
 	private function postNewReg()
 	{
 		$this->log('Getting last terms of service URL');
 		$directory = $this->client->get('/directory');
 		if (! isset($directory['meta']) || ! isset($directory['meta']['termsOfService'])) {
 			throw new \RuntimeException("No terms of service link available!");
 		}
 		$this->log('Sending registration to letsencrypt server');
 		return $this->signedRequest($this->_req_uris['newAccount'], array(
 			'termsOfServiceAgreed' => true
 		));
 	}
 	private function generateCSR($privateKey, array $domains)
 	{
 		$domain = reset($domains);
 		$san = implode(",", array_map(function ($dns) {
 			return "DNS:" . $dns;
 		}, $domains));
 		$tmpConf = tmpfile();
 		$tmpConfMeta = stream_get_meta_data($tmpConf);
 		$tmpConfPath = $tmpConfMeta["uri"];
 		// workaround to get SAN working
 		fwrite($tmpConf, 'HOME = .
 RANDFILE = $ENV::HOME/.rnd
 [ req ]
 default_bits = ' . Settings::Get('system.letsencryptkeysize') . '
 default_keyfile = privkey.pem
 distinguished_name = req_distinguished_name
 req_extensions = v3_req
 [ req_distinguished_name ]
 countryName = Country Name (2 letter code)
 [ v3_req ]
 basicConstraints = CA:FALSE
 subjectAltName = ' . $san . '
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment');
 		$csr = openssl_csr_new(array(
 			"CN" => $domain,
 			"ST" => Settings::Get('system.letsencryptstate'),
 			"C" => Settings::Get('system.letsencryptcountrycode'),
 			"O" => "Unknown"
 		), $privateKey, array(
 			"config" => $tmpConfPath,
 			"digest_alg" => "sha256"
 		));
 		if (! $csr)
 			throw new \RuntimeException("CSR couldn't be generated! " . openssl_error_string());
 		openssl_csr_export($csr, $csr);
 		fclose($tmpConf);
 		preg_match('~REQUEST-----(.*)-----END~s', $csr, $matches);
 		return trim(Base64UrlSafeEncoder::encode(base64_decode($matches[1])));
 	}
 	private function generateKey()
 	{
 		$res = openssl_pkey_new(array(
 			"private_key_type" => OPENSSL_KEYTYPE_RSA,
 			"private_key_bits" => (int) Settings::Get('system.letsencryptkeysize')
 		));
 		if (! openssl_pkey_export($res, $privateKey)) {
 			throw new \RuntimeException("Key export failed!");
 		}
 		$details = openssl_pkey_get_details($res);
 		return array(
 			'private' => $privateKey,
 			'public' => $details['key']
 		);
 	}
 	private function signedRequest($uri, array $payload, $needs_jwk = true)
 	{
 		$privateKey = openssl_pkey_get_private($this->accountKey);
 		$details = openssl_pkey_get_details($privateKey);
 		$header = array(
 			"alg" => "RS256"
 		);
 		if ($needs_jwk) {
 			$header["jwk"] = array(
 				"kty" => "RSA",
 				"n" => Base64UrlSafeEncoder::encode($details["rsa"]["n"]),
 				"e" => Base64UrlSafeEncoder::encode($details["rsa"]["e"])
 			);
 		} else {
 			// need account-url
 			$header["kid"] = $this->_acc_location;
 		}
 		$protected = $header;
 		$protected["nonce"] = $this->client->getLastNonce();
 		$protected["url"] = $uri;
 		$payload64 = Base64UrlSafeEncoder::encode(json_encode($payload, JSON_UNESCAPED_SLASHES));
 		$protected64 = Base64UrlSafeEncoder::encode(json_encode($protected));
 		openssl_sign($protected64 . '.' . $payload64, $signed, $privateKey, "SHA256");
 		$signed64 = Base64UrlSafeEncoder::encode($signed);
 		$data = array(
 			'protected' => $protected64,
 			'payload' => $payload64,
 			'signature' => $signed64
 		);
 		$this->log("Sending signed request to $uri");
 		return $this->client->post($uri, json_encode($data));
 	}
 	protected function log($message)
 	{
 		$this->logger->logAction(CRON_ACTION, LOG_INFO, "letsencrypt-v2 " . $message);
 	}
 }
 class Client
 {
 	private $lastCode;
 	public $lastHeader;
 	private $base;
 	public function __construct($base)
 	{
 		$this->base = $base;
 	}
 	private function curl($method, $url, $data = null)
 	{
 		$headers = array(
 			'Accept: application/json',
 			'Content-Type: application/json'
 		);
 		$handle = curl_init();
 		curl_setopt($handle, CURLOPT_URL, preg_match('~^http~', $url) ? $url : $this->base . $url);
 		curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
 		curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
 		curl_setopt($handle, CURLOPT_HEADER, true);
 		// DO NOT DO THAT!
 		// curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, false);
 		// curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, false);
 		switch ($method) {
 			case 'GET':
 				break;
 			case 'POST':
 				curl_setopt($handle, CURLOPT_POST, true);
 				curl_setopt($handle, CURLOPT_POSTFIELDS, $data);
 				break;
 		}
 		$response = curl_exec($handle);
 		if (curl_errno($handle)) {
 			throw new \RuntimeException('Curl: ' . curl_error($handle));
 		}
 		$header_size = curl_getinfo($handle, CURLINFO_HEADER_SIZE);
 		$header = substr($response, 0, $header_size);
 		$body = substr($response, $header_size);
 		$this->lastHeader = $header;
 		$this->lastCode = curl_getinfo($handle, CURLINFO_HTTP_CODE);
 		$data = json_decode($body, true);
 		return $data === null ? $body : $data;
 	}
 	public function post($url, $data)
 	{
 		return $this->curl('POST', $url, $data);
 	}
 	public function get($url)
 	{
 		return $this->curl('GET', $url);
 	}
 	public function getLastNonce()
 	{
 		if (preg_match('~Replay\-Nonce: (.+)~i', $this->lastHeader, $matches)) {
 			return trim($matches[1]);
 		}
 		$this->curl('GET', '/directory');
 		return $this->getLastNonce();
 	}
 	public function getLastLocation()
 	{
 		if (preg_match('~Location: (.+)~i', $this->lastHeader, $matches)) {
 			return trim($matches[1]);
 		}
 		return null;
 	}
 	public function getLastCode()
 	{
 		return $this->lastCode;
 	}
 	public function getLastLinks()
 	{
 		preg_match_all('~Link: <(.+)>;rel="up"~', $this->lastHeader, $matches);
 		return $matches[1];
 	}
 }
 class Base64UrlSafeEncoder
 {
 	public static function encode($input)
 	{
 		return str_replace('=', '', strtr(base64_encode($input), '+/', '-_'));
 	}
 	public static function decode($input)
 	{
 		$remainder = strlen($input) % 4;
 		if ($remainder) {
 			$padlen = 4 - $remainder;
 			$input .= str_repeat('=', $padlen);
 		}
 		return base64_decode(strtr($input, '-_', '+/'));
 	}
 }
--- a/lib/classes/webserver/class.ConfigIO.php
+++ b/lib/classes/webserver/class.ConfigIO.php
@@ -17,13 +17,14 @@
 * @since      0.9.29
 *
 */
-
+class ConfigIO
-class ConfigIO {
+{
 	/**
 	 * constructor
 	 */
-	public function __construct() {}
+	public function __construct()
 	{}
 	/**
 	 * clean up former created configs, including (if enabled)
@@ -32,7 +33,8 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	public function cleanUp() {
+	public function cleanUp()
 	{
 		// old error logs
 		$this->_cleanErrLogs();
@@ -56,15 +58,15 @@ class ConfigIO {
 		$this->_cleanCustomerSslCerts();
 	}
-	private function _cleanErrLogs() {
+	private function _cleanErrLogs()
-
+	{
-	    $err_dir = makeCorrectDir(FROXLOR_INSTALL_DIR."/logs/");
+		$err_dir = makeCorrectDir(FROXLOR_INSTALL_DIR . "/logs/");
-	    if (@is_dir($err_dir)) {
+		if (@is_dir($err_dir)) {
-	        // now get rid of old stuff
+			// now get rid of old stuff
-	        //(but append /*.log so we don't delete the directory)
+			// (but append /*.log so we don't delete the directory)
-	        $err_dir.='/*.log';
+			$err_dir .= '/*.log';
-	        safe_exec('rm -rf '. makeCorrectFile($err_dir));
+			safe_exec('rm -f ' . makeCorrectFile($err_dir));
-	    }
+		}
 	}
 	/**
@@ -73,7 +75,8 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanCustomerSslCerts() {
+	private function _cleanCustomerSslCerts()
 	{
 		/*
 		 * only clean up if we're actually using SSL
@@ -87,9 +90,9 @@ class ConfigIO {
 				if (@is_dir($configdir)) {
 					// now get rid of old stuff
-					//(but append /* so we don't delete the directory)
+					// (but append /* so we don't delete the directory)
-					$configdir.='/*';
+					$configdir .= '/*';
-					safe_exec('rm -rf '. makeCorrectFile($configdir));
+					safe_exec('rm -f ' . makeCorrectFile($configdir));
 				}
 			}
 		}
@@ -100,7 +103,8 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanWebserverConfigs() {
+	private function _cleanWebserverConfigs()
 	{
 		// get directories
 		$configdirs = array();
@@ -122,17 +126,15 @@ class ConfigIO {
 			if (@is_dir($config_dir)) {
 				// create directory iterator
-				$its = new RecursiveIteratorIterator(
+				$its = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($config_dir));
 						new RecursiveDirectoryIterator($config_dir)
 				);
 				// iterate through all subdirs,
 				// look for vhost/diroption files
 				// and delete them
-				foreach ($its as $fullFileName => $it ) {
+				foreach ($its as $fullFileName => $it) {
 					if ($it->isFile() && preg_match($pattern, $it->getFilename())) {
 						// remove file
-						safe_exec('rm -f '. escapeshellarg(makeCorrectFile($its->getPathname())));
+						safe_exec('rm -f ' . escapeshellarg(makeCorrectFile($its->getPathname())));
 					}
 				}
 			}
@@ -144,7 +146,8 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanHtpasswdFiles() {
+	private function _cleanHtpasswdFiles()
 	{
 		// get correct directory
 		$configdir = $this->_getFile('system', 'apacheconf_htpasswddir');
@@ -154,9 +157,9 @@ class ConfigIO {
 			if (@is_dir($configdir)) {
 				// now get rid of old stuff
-				//(but append /* so we don't delete the directory)
+				// (but append /* so we don't delete the directory)
-				$configdir.='/*';
+				$configdir .= '/*';
-				safe_exec('rm -rf '. makeCorrectFile($configdir));
+				safe_exec('rm -f ' . makeCorrectFile($configdir));
 			}
 		}
 	}
@@ -166,37 +169,36 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanAwstatsFiles() {
+	private function _cleanAwstatsFiles()
-
+	{
 		if (Settings::Get('system.awstats_enabled') == '0') {
 			return;
 		}
-		//dhr: cleanout froxlor-generated awstats configs prior to re-creation
+		// dhr: cleanout froxlor-generated awstats configs prior to re-creation
 		$awstatsclean['header'] = "## GENERATED BY FROXLOR\n";
 		$awstatsclean['headerold'] = "## GENERATED BY SYSCP\n";
 		$awstatsclean['path'] = $this->_getFile('system', 'awstats_conf');
 		/**
 		 * don't do anything if the directory does not exist
-		 * (e.g. awstats not installed yet or whatever)
+		 * (e.g.
 		 * awstats not installed yet or whatever)
 		 * fixes #45
-		*/
+		 */
 		if ($awstatsclean['path'] !== false && is_dir($awstatsclean['path'])) {
 			$awstatsclean['dir'] = dir($awstatsclean['path']);
 			while ($awstatsclean['entry'] = $awstatsclean['dir']->read()) {
-				$awstatsclean['fullentry'] = makeCorrectFile($awstatsclean['path'].'/'.$awstatsclean['entry']);
+				$awstatsclean['fullentry'] = makeCorrectFile($awstatsclean['path'] . '/' . $awstatsclean['entry']);
 				/**
 				 * don't do anything if the file does not exist
-				*/
+				 */
 				if (@file_exists($awstatsclean['fullentry'])) {
 					$awstatsclean['fh'] = fopen($awstatsclean['fullentry'], 'r');
-					$awstatsclean['headerRead'] = fgets($awstatsclean['fh'], strlen($awstatsclean['header'])+1);
+					$awstatsclean['headerRead'] = fgets($awstatsclean['fh'], strlen($awstatsclean['header']) + 1);
 					fclose($awstatsclean['fh']);
-					if ($awstatsclean['headerRead'] == $awstatsclean['header']
+					if ($awstatsclean['headerRead'] == $awstatsclean['header'] || $awstatsclean['headerRead'] == $awstatsclean['headerold']) {
 							|| $awstatsclean['headerRead'] == $awstatsclean['headerold']
 					) {
 						$awstats_conf_file = makeCorrectFile($awstatsclean['fullentry']);
 						@unlink($awstats_conf_file);
 					}
@@ -204,7 +206,7 @@ class ConfigIO {
 			}
 		}
 		unset($awstatsclean);
-		//end dhr
+		// end dhr
 	}
 	/**
@@ -212,8 +214,8 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanFcgidFiles() {
+	private function _cleanFcgidFiles()
-
+	{
 		if (Settings::Get('system.mod_fcgid') == '0') {
 			return;
 		}
@@ -226,15 +228,13 @@ class ConfigIO {
 			if (@is_dir($configdir)) {
 				// create directory iterator
-				$its = new RecursiveIteratorIterator(
+				$its = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($configdir));
 						new RecursiveDirectoryIterator($configdir)
 				);
 				// iterate through all subdirs,
 				// look for php-fcgi-starter files
 				// and take immutable-flag away from them
 				// so we can delete them :)
-				foreach ($its as $fullFileName => $it ) {
+				foreach ($its as $fullFileName => $it) {
 					if ($it->isFile() && $it->getFilename() == 'php-fcgi-starter') {
 						// set chattr -i
 						removeImmutable($its->getPathname());
@@ -242,9 +242,9 @@ class ConfigIO {
 				}
 				// now get rid of old stuff
-				//(but append /* so we don't delete the directory)
+				// (but append /* so we don't delete the directory)
-				$configdir.='/*';
+				$configdir .= '/*';
-				safe_exec('rm -rf '. makeCorrectFile($configdir));
+				safe_exec('rm -rf ' . makeCorrectFile($configdir));
 			}
 		}
 	}
@@ -254,23 +254,26 @@ class ConfigIO {
 	 *
 	 * @return null
 	 */
-	private function _cleanFpmFiles() {
+	private function _cleanFpmFiles()
-
+	{
 		if (Settings::Get('phpfpm.enabled') == '0') {
 			return;
 		}
-		// get correct directory
+		// get all fpm config paths
-		$configdir = $this->_getFile('phpfpm', 'configdir');
+		$fpmconf_sel = Database::prepare("SELECT config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
-		if ($configdir !== false) {
+		Database::pexecute($fpmconf_sel);
-
+		$fpmconf_paths = $fpmconf_sel->fetchAll(PDO::FETCH_ASSOC);
-			$configdir = makeCorrectDir($configdir);
+		// clean all php-fpm config-dirs
-
+		foreach ($fpmconf_paths as $configdir) {
 			$configdir = makeCorrectDir($configdir['config_dir']);
 			if (@is_dir($configdir)) {
 				// now get rid of old stuff
-				//(but append /* so we don't delete the directory)
+				// (but append /*.conf so we don't delete the directory)
-				$configdir.='/*';
+				$configdir .= '/*.conf';
-				safe_exec('rm -rf '. makeCorrectFile($configdir));
+				safe_exec('rm -f ' . makeCorrectFile($configdir));
 			} else {
 				safe_exec('mkdir -p ' . $configdir);
 			}
 		}
@@ -279,8 +282,8 @@ class ConfigIO {
 		if ($aliasconfigdir !== false) {
 			$aliasconfigdir = makeCorrectDir($aliasconfigdir);
 			if (@is_dir($aliasconfigdir)) {
-				$aliasconfigdir.='/*';
+				$aliasconfigdir .= '/*';
-				safe_exec('rm -rf '. makeCorrectFile($aliasconfigdir));
+				safe_exec('rm -rf ' . makeCorrectFile($aliasconfigdir));
 			}
 		}
 	}
@@ -288,16 +291,20 @@ class ConfigIO {
 	/**
 	 * returns a file/direcotry from the settings and checks whether it exists
 	 *
-	 * @param string $group         settings-group
+	 * @param string $group
-	 * @param string $varname       var-name
+	 *        	settings-group
-	 * @param boolean $check_exists check if the file exists
+	 * @param string $varname
 	 *        	var-name
 	 * @param boolean $check_exists
 	 *        	check if the file exists
 	 *        	
 	 * @return string|boolean complete path including filename if any or false on error
 	 */
-	private function _getFile($group, $varname, $check_exists = true) {
+	private function _getFile($group, $varname, $check_exists = true)
 	{
 		// read from settings
-		$file = Settings::Get($group.'.'.$varname);
+		$file = Settings::Get($group . '.' . $varname);
 		// check whether it exists
 		if ($check_exists && @file_exists($file) == false) {
--- a/lib/classes/webserver/class.WebserverBase.php
+++ b/lib/classes/webserver/class.WebserverBase.php
@@ -17,8 +17,8 @@
 * @since      0.9.31
 *
 */
-
+class WebserverBase
-class WebserverBase {
+{
 	/**
 	 * returns an array with all entries required for all
@@ -26,18 +26,19 @@ class WebserverBase {
 	 *
 	 * @return array
 	 */
-	public static function getVhostsToCreate() {
+	public static function getVhostsToCreate()
-
+	{
 		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
 				`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`,
 				`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
 				`c`.`phpenabled` AS `phpenabled_customer`,
 				`d`.`phpenabled` AS `phpenabled_vhost`,
-				`d`.`mod_fcgid_starter`,`d`.`mod_fcgid_maxrequests`
+				`d`.`mod_fcgid_starter`,`d`.`mod_fcgid_maxrequests`,
-				FROM `".TABLE_PANEL_DOMAINS."` `d`
+				`d`.`ocsp_stapling`
 				FROM `" . TABLE_PANEL_DOMAINS . "` `d`
-				LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`)
+				LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
-				LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
+				LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
 				WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
 				ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;
@@ -45,6 +46,22 @@ class WebserverBase {
 		$result_domains_stmt = Database::query($query);
 		// prepare IP statement
 		$ip_stmt = Database::prepare("
 			SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
 			FROM `" . TABLE_DOMAINTOIP . "` `di`, `" . TABLE_PANEL_IPSANDPORTS . "` `p`
 			WHERE `p`.`id` = `di`.`id_ipandports`
 			AND `di`.`id_domain` = :domainid
 			AND `p`.`ssl` = '1'
 		");
 		// prepare fpm-config select query
 		$fpm_sel_stmt = Database::prepare("
 			SELECT f.id FROM `" . TABLE_PANEL_FPMDAEMONS . "` f
 			LEFT JOIN `" . TABLE_PANEL_PHPCONFIGS . "` p ON p.fpmsettingid = f.id
 			WHERE p.id = :phpconfigid
 		");
 		$domains = array();
 		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
@@ -61,14 +78,9 @@ class WebserverBase {
 			// the corresponding information from the db
 			if (domainHasSslIpPort($domain['id'])) {
-				$ip_stmt = Database::prepare("
+				$ssl_ip = Database::pexecute_first($ip_stmt, array(
-						SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
+					'domainid' => $domain['id']
-						FROM `".TABLE_DOMAINTOIP."` `di`, `".TABLE_PANEL_IPSANDPORTS."` `p`
+				));
 						WHERE `p`.`id` = `di`.`id_ipandports`
 						AND `di`.`id_domain` = :domainid
 						AND `p`.`ssl` = '1'
 						");
 				$ssl_ip = Database::pexecute_first($ip_stmt, array('domainid' => $domain['id']));
 				// set ssl info for domain
 				$domains[$domain['domain']]['ssl'] = '1';
@@ -76,11 +88,23 @@ class WebserverBase {
 				$domains[$domain['domain']]['ssl_key_file'] = $ssl_ip['ssl_key_file'];
 				$domains[$domain['domain']]['ssl_ca_file'] = $ssl_ip['ssl_ca_file'];
 				$domains[$domain['domain']]['ssl_cert_chainfile'] = $ssl_ip['ssl_cert_chainfile'];
 			}
 			// read fpm-config-id if using fpm
 			if ((int) Settings::Get('phpfpm.enabled') == 1) {
 				$fpm_config = Database::pexecute_first($fpm_sel_stmt, array(
 					'phpconfigid' => $domain['phpsettingid']
 				));
 				if ($fpm_config) {
 					$domains[$domain['domain']]['fpm_config_id'] = $fpm_config['id'];
 				} else {
 					// fallback
 					$domains[$domain['domain']]['fpm_config_id'] = 1;
 				}
 			}
 		}
 		return $domains;
 	}
 }
--- a/lib/configfiles/gentoo.xml
+++ b/lib/configfiles/gentoo.xml
@@ -353,7 +353,7 @@ exit "$RETVAL"
 			<!--DNS -->
 			<service type="dns" title="{{lng.admin.configfiles.dns}}">
 				<!--Bind9 -->
-				<daemon name="bind" title="Bind9 nameserver">
+				<daemon name="bind" title="Bind9 nameserver" default="true">
 					<install><![CDATA[emerge net-dns/bind]]></install>
 					<file name="/etc/bind/default.zone">
 						<content><![CDATA[
@@ -3422,10 +3422,17 @@ MAILDIRPATH=.maildir
 				<daemon name="proftpd" title="ProFTPd" default="true">
 					<command><![CDATA[echo "net-ftp/proftpd mysql" >> /etc/portage/package.use]]></command>
 					<install><![CDATA[emerge net-ftp/proftpd]]></install>
-					<commands>
+					<file name="/etc/proftpd/create-cert.sh" chown="root:0" chmod="0700">
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
+						<content><![CDATA[#!/bin/bash
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
+[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
-						<command><![CDATA[chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key]]></command>
+[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
 chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key
 ]]>
 						</content>
 					</file>
 					<commands index="1">
 						<command><![CDATA[/etc/proftpd/create-cert.sh]]></command>
 						<command><![CDATA[rm -f /etc/proftpd/create-cert.sh]]></command>
 					</commands>
 					<file name="/etc/proftpd/proftpd.conf" chown="root:0" chmod="0600"
 						backup="true">
--- a/lib/configfiles/jessie.xml
+++ b/lib/configfiles/jessie.xml
@@ -365,7 +365,7 @@ exit "$RETVAL"
 			<!--DNS -->
 			<service type="dns" title="{{lng.admin.configfiles.dns}}">
 				<!--Bind9 -->
-				<daemon name="bind" title="Bind9 nameserver">
+				<daemon name="bind" title="Bind9 nameserver" default="true">
 					<install><![CDATA[apt-get install bind9]]></install>
 					<command><![CDATA[echo "include \"{{settings.system.bindconf_directory}}froxlor_bind.conf\";" >> /etc/bind/named.conf.local]]></command>
 					<command><![CDATA[touch {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
@@ -3814,10 +3814,17 @@ plugin {
 				<!-- Proftpd -->
 				<daemon name="proftpd" title="ProFTPd" default="true">
 					<install><![CDATA[apt-get install proftpd-basic proftpd-mod-mysql]]></install>
-					<commands>
+					<file name="/etc/proftpd/create-cert.sh" chown="root:0" chmod="0700">
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
+						<content><![CDATA[#!/bin/bash
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
+[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
-						<command><![CDATA[chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key]]></command>
+[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
 chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key
 ]]>
 						</content>
 					</file>
 					<commands index="1">
 						<command><![CDATA[/etc/proftpd/create-cert.sh]]></command>
 						<command><![CDATA[rm -f /etc/proftpd/create-cert.sh]]></command>
 					</commands>
 					<file name="/etc/proftpd/proftpd.conf" chown="root:0" chmod="0600"
 						backup="true">
@@ -4469,9 +4476,9 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
 				<!-- libnss-mysql -->
 				<daemon name="libnss" title="libnss-mysql (required for FCGID/php-fpm/mpm-itk)">
 					<install><![CDATA[apt-get install nscd
-wget http://ftp.us.debian.org/debian/pool/main/libn/libnss-mysql-bg/libnss-mysql-bg_1.5-5_`dpkg --print-architecture`.deb
+wget http://debian.froxlor.org/pool/main/libn/libnss-mysql-bg/libnss-mysql-bg_1.5-3+frx1_amd64.deb
-dpkg -i libnss-mysql-bg_1.5-5_`dpkg --print-architecture`.deb
+dpkg -i libnss-mysql-bg_1.5-3+frx1_amd64.deb
-rm libnss-mysql-bg_1.5-5_`dpkg --print-architecture`.deb
+rm libnss-mysql-bg_1.5-3+frx1_amd64.deb
 ]]></install>
 					<file name="/etc/libnss-mysql.cfg" chown="root:root" chmod="0600"
 						backup="true">
@@ -4634,6 +4641,42 @@ aliases:     files
 						</content>
 					</file>
 				</daemon>
 				<!-- libnss-extrausers -->
 				<daemon name="libnssextrausers" title="libnss-extrausers (alternative to libnss-mysql, required for FCGID/php-fpm/mpm-itk)">
 					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
 					<commands index="1">
 						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
 						<command><![CDATA[touch /var/lib/extrausers/{passwd,group,shadow}]]></command>
 					</commands>
 					<file name="/etc/nsswitch.conf" backup="true">
 						<content><![CDATA[
 # Make sure that `passwd`, `group` and `shadow` have extrausers in their lines
 # You should place extrausers at the end, so that it is queried after the other mechanisams
 #
 passwd:         compat extrausers
 group:          compat extrausers
 shadow:         compat extrausers
 hosts:       files dns
 networks:    files dns
 services:    db files
 protocols:   db files
 rpc:         db files
 ethers:      db files
 netmasks:    files
 netgroup:    files
 bootparams:  files
 automount:   files
 aliases:     files
 ]]>
 						</content>
 					</file>
 					<command><![CDATA[/etc/init.d/nscd restart]]></command>
 					<!-- clear group chache -->
 					<command><![CDATA[nscd --invalidate=group]]></command>
 				</daemon>
 				<!-- Logrotate -->
 				<daemon name="logrotate" title="Logrotate">
 					<install><![CDATA[apt-get install logrotate]]></install>
--- a/lib/configfiles/precise.xml
+++ b/lib/configfiles/precise.xml
@@ -334,7 +334,7 @@ exit "$RETVAL"
 			<!--DNS -->
 			<service type="dns" title="{{lng.admin.configfiles.dns}}">
 				<!--Bind9 -->
-				<daemon name="bind" title="Bind9 nameserver">
+				<daemon name="bind" title="Bind9 nameserver" default="true">
 					<install><![CDATA[apt-get install bind9]]></install>
 					<command><![CDATA[echo "include \"{{settings.system.bindconf_directory}}froxlor_bind.conf\";" >> /etc/bind/named.conf]]></command>
 					<command><![CDATA[touch {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
@@ -1143,10 +1143,17 @@ MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)
 				<!-- Proftpd -->
 				<daemon name="proftpd" title="ProFTPd" default="true">
 					<install><![CDATA[apt-get install proftpd-basic proftpd-mod-mysql]]></install>
-					<commands>
+					<file name="/etc/proftpd/create-cert.sh" chown="root:0" chmod="0700">
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
+						<content><![CDATA[#!/bin/bash
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
+[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
-						<command><![CDATA[chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key]]></command>
+[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
 chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key
 ]]>
 						</content>
 					</file>
 					<commands index="1">
 						<command><![CDATA[/etc/proftpd/create-cert.sh]]></command>
 						<command><![CDATA[rm -f /etc/proftpd/create-cert.sh]]></command>
 					</commands>
 					<file name="/etc/proftpd/proftpd.conf" chown="root:0" chmod="0600"
 						backup="true">
@@ -1624,6 +1631,42 @@ netmasks:    files
 netgroup:    files
 bootparams:  files
 automount:   files
 aliases:     files
 ]]>
 						</content>
 					</file>
 					<command><![CDATA[/etc/init.d/nscd restart]]></command>
 					<!-- clear group chache -->
 					<command><![CDATA[nscd --invalidate=group]]></command>
 				</daemon>
 				<!-- libnss-extrausers -->
 				<daemon name="libnssextrausers" title="libnss-extrausers (alternative to libnss-mysql, required for FCGID/php-fpm/mpm-itk)">
 					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
 					<commands index="1">
 						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
 						<command><![CDATA[touch /var/lib/extrausers/{passwd,group,shadow}]]></command>
 					</commands>
 					<file name="/etc/nsswitch.conf" backup="true">
 						<content><![CDATA[
 # Make sure that `passwd`, `group` and `shadow` have extrausers in their lines
 # You should place extrausers at the end, so that it is queried after the other mechanisams
 #
 passwd:         compat extrausers
 group:          compat extrausers
 shadow:         compat extrausers
 hosts:       files dns
 networks:    files dns
 services:    db files
 protocols:   db files
 rpc:         db files
 ethers:      db files
 netmasks:    files
 netgroup:    files
 bootparams:  files
 automount:   files
 aliases:     files
 ]]>
--- a/lib/configfiles/rhel_centos.xml
+++ b/lib/configfiles/rhel_centos.xml
@@ -2089,7 +2089,7 @@ LoadModule mod_ctrls_admin.c
 # (http://www.castaglia.org/proftpd/modules/mod_vroot.html)
 # Using this module rather than the kernel's chroot() system call works
 # around issues with PAM and chroot (http://bugzilla.redhat.com/506735)
-LoadModule mod_vroot.c
+# LoadModule mod_vroot.c
 #
 # Provide a flexible way of specifying that certain configuration directives
 # only apply to certain sessions, based on credentials such as connection
--- a/lib/configfiles/stretch.xml
+++ b/lib/configfiles/stretch.xml
--- a/lib/configfiles/trusty.xml
+++ b/lib/configfiles/trusty.xml
@@ -367,7 +367,7 @@ exit "$RETVAL"
 			<!--DNS -->
 			<service type="dns" title="{{lng.admin.configfiles.dns}}">
 				<!--Bind9 -->
-				<daemon name="bind" title="Bind9 nameserver">
+				<daemon name="bind" title="Bind9 nameserver" default="true">
 					<install><![CDATA[apt-get install bind9]]></install>
 					<command><![CDATA[echo "include \"{{settings.system.bindconf_directory}}froxlor_bind.conf\";" >> /etc/bind/named.conf]]></command>
 					<command><![CDATA[touch {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
@@ -1152,10 +1152,17 @@ MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)
 				<!-- Proftpd -->
 				<daemon name="proftpd" title="ProFTPd" default="true">
 					<install><![CDATA[apt-get install proftpd-basic proftpd-mod-mysql]]></install>
-					<commands>
+					<file name="/etc/proftpd/create-cert.sh" chown="root:0" chmod="0700">
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
+						<content><![CDATA[#!/bin/bash
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
+[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
-						<command><![CDATA[chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key]]></command>
+[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
 chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key
 ]]>
 						</content>
 					</file>
 					<commands index="1">
 						<command><![CDATA[/etc/proftpd/create-cert.sh]]></command>
 						<command><![CDATA[rm -f /etc/proftpd/create-cert.sh]]></command>
 					</commands>
 					<file name="/etc/proftpd/proftpd.conf" chown="root:0" chmod="0600"
 						backup="true">
@@ -1642,6 +1649,42 @@ aliases:     files
 					<!-- clear group chache -->
 					<command><![CDATA[nscd --invalidate=group]]></command>
 				</daemon>
 				<!-- libnss-extrausers -->
 				<daemon name="libnssextrausers" title="libnss-extrausers (alternative to libnss-mysql, required for FCGID/php-fpm/mpm-itk)">
 					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
 					<commands index="1">
 						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
 						<command><![CDATA[touch /var/lib/extrausers/{passwd,group,shadow}]]></command>
 					</commands>
 					<file name="/etc/nsswitch.conf" backup="true">
 						<content><![CDATA[
 # Make sure that `passwd`, `group` and `shadow` have extrausers in their lines
 # You should place extrausers at the end, so that it is queried after the other mechanisams
 #
 passwd:         compat extrausers
 group:          compat extrausers
 shadow:         compat extrausers
 hosts:       files dns
 networks:    files dns
 services:    db files
 protocols:   db files
 rpc:         db files
 ethers:      db files
 netmasks:    files
 netgroup:    files
 bootparams:  files
 automount:   files
 aliases:     files
 ]]>
 						</content>
 					</file>
 					<command><![CDATA[/etc/init.d/nscd restart]]></command>
 					<!-- clear group chache -->
 					<command><![CDATA[nscd --invalidate=group]]></command>
 				</daemon>
 				<!-- Logrotate -->
 				<daemon name="logrotate" title="Logrotate">
 					<install><![CDATA[apt-get install logrotate]]></install>
--- a/lib/configfiles/wheezy.xml
+++ b/lib/configfiles/wheezy.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <froxlor>
-	<distribution name="Debian" codename="Wheezy" version="7.x" defaulteditor="/usr/bin/nano">
+	<distribution name="Debian" codename="Wheezy" version="7.x" defaulteditor="/usr/bin/nano" deprecated="true">
 		<services>
 			<!-- HTTP -->
 			<service type="http" title="{{lng.admin.configfiles.http}}">
@@ -407,7 +407,7 @@ exit "$RETVAL"
 			<!--DNS -->
 			<service type="dns" title="{{lng.admin.configfiles.dns}}">
 				<!--Bind9 -->
-				<daemon name="bind" title="Bind9 nameserver">
+				<daemon name="bind" title="Bind9 nameserver" default="true">
 					<install><![CDATA[apt-get install bind9]]></install>
 					<command><![CDATA[echo "include \"{{settings.system.bindconf_directory}}froxlor_bind.conf\";" >> /etc/bind/named.conf.local]]></command>
 					<command><![CDATA[touch {{settings.system.bindconf_directory}}froxlor_bind.conf]]></command>
@@ -4716,10 +4716,17 @@ MYSQL_AUXOPTIONS_FIELD	CONCAT("allowimap=",imap,",allowpop3=",pop3)
 				<!-- Proftpd -->
 				<daemon name="proftpd" title="ProFTPd" default="true">
 					<install><![CDATA[apt-get install proftpd-basic proftpd-mod-mysql]]></install>
-					<commands>
+					<file name="/etc/proftpd/create-cert.sh" chown="root:0" chmod="0700">
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
+						<content><![CDATA[#!/bin/bash
-						<command><![CDATA[[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"]]></command>
+[ -f /etc/ssl/certs/proftpd.crt ] || openssl req -new -x509 -newkey rsa:4096 -days 3650 -nodes -out /etc/ssl/certs/proftpd.crt -keyout /etc/ssl/private/proftpd.key -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
-						<command><![CDATA[chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key]]></command>
+[ -f /etc/ssl/certs/proftpd_ec.crt ] || openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp521r1) -keyout /etc/ssl/private/proftpd_ec.key -out /etc/ssl/certs/proftpd_ec.crt -days 3650 -subj "/C=US/ST=Some-State/O=Internet Widgits Pty Ltd/CN=<SERVERNAME>"
 chmod 0600 /etc/ssl/private/proftpd.key /etc/ssl/private/proftpd_ec.key
 ]]>
 						</content>
 					</file>
 					<commands index="1">
 						<command><![CDATA[/etc/proftpd/create-cert.sh]]></command>
 						<command><![CDATA[rm -f /etc/proftpd/create-cert.sh]]></command>
 					</commands>
 					<file name="/etc/proftpd/proftpd.conf" chown="root:0" chmod="0600"
 						backup="true">
@@ -5433,6 +5440,42 @@ netmasks:    files
 netgroup:    files
 bootparams:  files
 automount:   files
 aliases:     files
 ]]>
 						</content>
 					</file>
 					<command><![CDATA[/etc/init.d/nscd restart]]></command>
 					<!-- clear group chache -->
 					<command><![CDATA[nscd --invalidate=group]]></command>
 				</daemon>
 				<!-- libnss-extrausers -->
 				<daemon name="libnssextrausers" title="libnss-extrausers (alternative to libnss-mysql, required for FCGID/php-fpm/mpm-itk)">
 					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
 					<commands index="1">
 						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
 						<command><![CDATA[touch /var/lib/extrausers/{passwd,group,shadow}]]></command>
 					</commands>
 					<file name="/etc/nsswitch.conf" backup="true">
 						<content><![CDATA[
 # Make sure that `passwd`, `group` and `shadow` have extrausers in their lines
 # You should place extrausers at the end, so that it is queried after the other mechanisams
 #
 passwd:         compat extrausers
 group:          compat extrausers
 shadow:         compat extrausers
 hosts:       files dns
 networks:    files dns
 services:    db files
 protocols:   db files
 rpc:         db files
 ethers:      db files
 netmasks:    files
 netgroup:    files
 bootparams:  files
 automount:   files
 aliases:     files
 ]]>
--- a/lib/cron_init.php
+++ b/lib/cron_init.php
@@ -205,6 +205,7 @@ if (hasUpdates($version) || hasDbUpdates($dbversion)
 		fwrite($debugHandler, '*** WARNING *** - all new settings etc. will be stored with the default value, that might not always be right for your system!' . "\n");
 		fwrite($debugHandler, "*** WARNING *** - If you don't want this to happen in the future consider removing the --allow-autoupdate flag from the cronjob\n");
 		// including update procedures
 		define('_CRON_UPDATE', 1);
 		include_once FROXLOR_INSTALL_DIR.'/install/updatesql.php';
 		// pew - everything went better than expected
 		$cronlog->logAction(CRON_ACTION, LOG_WARNING, 'Automatic update done - you should check your settings to be sure everything is fine');
--- a/lib/formfields/admin/customer/formfield.customer_add.php
+++ b/lib/formfields/admin/customer/formfield.customer_add.php
@@ -14,7 +14,6 @@
 * @package    Formfields
 *
 */
 return array(
 	'customer_add' => array(
 		'title' => $lng['admin']['customer_add'],
@@ -29,20 +28,30 @@ return array(
 						'type' => 'text'
 					),
 					'createstdsubdomain' => array(
-						'label' => $lng['admin']['stdsubdomain_add'].'?',
+						'label' => $lng['admin']['stdsubdomain_add'] . '?',
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
-									),
+								'label' => $lng['panel']['yes'],
-						'value' => array('1')
+								'value' => '1'
 							)
 						),
 						'value' => array(
 							'1'
 						)
 					),
 					'store_defaultindex' => array(
-						'label' => $lng['admin']['store_defaultindex'].'?',
+						'label' => $lng['admin']['store_defaultindex'] . '?',
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
-									),
+								'label' => $lng['panel']['yes'],
-						'value' => array('1')
+								'value' => '1'
 							)
 						),
 						'value' => array(
 							'1'
 						)
 					),
 					'new_customer_password' => array(
 						'label' => $lng['login']['password'],
@@ -53,15 +62,20 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword(),
+						'value' => generatePassword()
 					),
 					'sendpassword' => array(
 						'label' => $lng['admin']['sendpassword'],
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
-									),
+								'label' => $lng['panel']['yes'],
-						'value' => array('1')
+								'value' => '1'
 							)
 						),
 						'value' => array(
 							'1'
 						)
 					),
 					'def_language' => array(
 						'label' => $lng['login']['language'],
@@ -135,7 +149,10 @@ return array(
 						'label' => $lng['usersettings']['custom_notes']['show'],
 						'type' => 'checkbox',
 						'values' => array(
-							array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
 								'label' => $lng['panel']['yes'],
 								'value' => '1'
 							)
 						),
 						'value' => array()
 					)
@@ -206,18 +223,28 @@ return array(
 						'label' => $lng['customer']['email_imap'],
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
-									),
+								'label' => $lng['panel']['yes'],
-						'value' => array('1'),
+								'value' => '1'
 							)
 						),
 						'value' => array(
 							'1'
 						),
 						'mandatory' => true
 					),
 					'email_pop3' => array(
 						'label' => $lng['customer']['email_pop3'],
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
-									),
+								'label' => $lng['panel']['yes'],
-						'value' => array('1'),
+								'value' => '1'
 							)
 						),
 						'value' => array(
 							'1'
 						),
 						'mandatory' => true
 					),
 					'ftps' => array(
@@ -244,28 +271,51 @@ return array(
 						'ul_field' => $mysqls_ul
 					),
 					'phpenabled' => array(
-						'label' => $lng['admin']['phpenabled'].'?',
+						'label' => $lng['admin']['phpenabled'] . '?',
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
-									),
+								'label' => $lng['panel']['yes'],
-						'value' => array('1')
+								'value' => '1'
 							)
 						),
 						'value' => array(
 							'1'
 						)
 					),
 					'allowed_phpconfigs' => array(
 						'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) ? true : false),
 						'label' => $lng['admin']['phpsettings']['title'],
 						'type' => 'checkbox',
 						'values' => $phpconfigs,
 						'value' => ((int) Settings::Get('system.mod_fcgid') == 1 ? array(
 							Settings::Get('system.mod_fcgid_defaultini')
 						) : (int) Settings::Get('phpfpm.enabled') == 1) ? array(
 							Settings::Get('phpfpm.defaultini')
 						) : array(),
 						'is_array' => 1
 					),
 					'perlenabled' => array(
-						'label' => $lng['admin']['perlenabled'].'?',
+						'label' => $lng['admin']['perlenabled'] . '?',
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
-									)
+								'label' => $lng['panel']['yes'],
 								'value' => '1'
 							)
 						)
 					),
 					'dnsenabled' => array(
-						'label' => $lng['admin']['dnsenabled'].'?',
+						'label' => $lng['admin']['dnsenabled'] . '?',
 						'type' => 'checkbox',
 						'values' => array(
-										array ('label' => $lng['panel']['yes'], 'value' => '1')
+							array(
-									),
+								'label' => $lng['panel']['yes'],
 								'value' => '1'
 							)
 						),
 						'visible' => (Settings::Get('system.dnsenabled') == '1' ? true : false)
-					),
+					)
 				)
 			)
 		)
--- a/lib/formfields/admin/customer/formfield.customer_edit.php
+++ b/lib/formfields/admin/customer/formfield.customer_edit.php
@@ -260,6 +260,14 @@ return array(
 						),
 						'value' => array($result['phpenabled'])
 					),
 					'allowed_phpconfigs' => array(
 						'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) ? true : false),
 						'label' => $lng['admin']['phpsettings']['title'],
 						'type' => 'checkbox',
 						'values' => $phpconfigs,
 						'value' => isset($result['allowed_phpconfigs']) && !empty($result['allowed_phpconfigs']) ? json_decode($result['allowed_phpconfigs'], JSON_OBJECT_AS_ARRAY) : array(),
 						'is_array' => 1
 					),
 					'perlenabled' => array(
 						'label' => $lng['admin']['perlenabled'].'?',
 						'type' => 'checkbox',
--- a/lib/formfields/admin/domains/formfield.domains_add.php
+++ b/lib/formfields/admin/domains/formfield.domains_add.php
@@ -173,6 +173,19 @@ return array(
 						),
 						'value' => array()
 					),
 					'http2' => array(
 						'visible' => ($ssl_ipsandports != '' ? true : false) && Settings::Get('system.webserver') != 'lighttpd' && Settings::Get('system.http2_support') == '1',
 						'label' => $lng['admin']['domain_http2']['title'],
 						'desc' => $lng['admin']['domain_http2']['description'],
 						'type' => 'checkbox',
 						'values' => array(
 							array (
 								'label' => $lng['panel']['yes'],
 								'value' => '1'
 							)
 						),
 						'value' => array()
 					),
 					'no_ssl_available_info' => array(
 						'visible' => ($ssl_ipsandports == '' ? true : false),
 						'label' => 'SSL',
@@ -213,7 +226,24 @@ return array(
 							)
 						),
 						'value' => array()
-					)
+					),
 					'ocsp_stapling' => array(
 						'visible' => ($ssl_ipsandports != '' ? true : false) &&
 								Settings::Get('system.webserver') != 'lighttpd',
 						'label' => $lng['admin']['domain_ocsp_stapling']['title'],
 						'desc' => $lng['admin']['domain_ocsp_stapling']['description'] .
 								(Settings::Get('system.webserver') == 'nginx' ?
 								$lng['admin']['domain_ocsp_stapling']['nginx_version_warning'] :
 								""),
 						'type' => 'checkbox',
 						'values' => array(
 							array (
 								'label' => $lng['panel']['yes'],
 								'value' => '1'
 							)
 						),
 						'value' => array()
 					),
 				)
 			),
 			'section_c' => array(
--- a/lib/formfields/admin/domains/formfield.domains_edit.php
+++ b/lib/formfields/admin/domains/formfield.domains_edit.php
@@ -207,6 +207,21 @@ return array(
 							$result['letsencrypt']
 						)
 					),
 					'http2' => array(
 						'visible' => ($ssl_ipsandports != '' ? true : false) && Settings::Get('system.webserver') != 'lighttpd' && Settings::Get('system.http2_support') == '1',
 						'label' => $lng['admin']['domain_http2']['title'],
 						'desc' => $lng['admin']['domain_http2']['description'],
 						'type' => 'checkbox',
 						'values' => array(
 							array (
 								'label' => $lng['panel']['yes'],
 								'value' => '1'
 							)
 						),
 						'value' => array(
 							$result['http2']
 						)
 					),
 					'no_ssl_available_info' => array(
 						'visible' => ($ssl_ipsandports == '' ? true : false),
 						'label' => 'SSL',
@@ -251,7 +266,26 @@ return array(
 						'value' => array(
 							$result['hsts_preload']
 						)
-					)
+					),
 					'ocsp_stapling' => array(
 						'visible' => ($ssl_ipsandports != '' ? true : false) &&
 								Settings::Get('system.webserver') != 'lighttpd',
 						'label' => $lng['admin']['domain_ocsp_stapling']['title'],
 						'desc' => $lng['admin']['domain_ocsp_stapling']['description'] .
 								(Settings::Get('system.webserver') == 'nginx' ?
 								$lng['admin']['domain_ocsp_stapling']['nginx_version_warning'] :
 								""),
 						'type' => 'checkbox',
 						'values' => array(
 							array (
 								'label' => $lng['panel']['yes'],
 								'value' => '1'
 							)
 						),
 						'value' => array(
 							$result['ocsp_stapling']
 						)
 					),
 				)
 			),
 			'section_c' => array(
@@ -291,6 +325,21 @@ return array(
 						'type' => 'select',
 						'select_var' => $phpconfigs
 					),
 					'phpsettingsforsubdomains' => array(
 						'visible' => ($userinfo['change_serversettings'] == '1' ? true : false),
 						'label' => $lng['admin']['phpsettingsforsubdomains'],
 						'desc' => $lng['serversettings']['phpsettingsforsubdomains']['description'],
 						'type' => 'checkbox',
 						'values' => array(
 							array(
 								'label' => $lng['panel']['yes'],
 								'value' => '1'
 							)
 						),
 						'value' => array(
 							'1'
 						)
 					),
 					'mod_fcgid_starter' => array(
 						'visible' => ((int) Settings::Get('system.mod_fcgid') == 1 ? true : false),
 						'label' => $lng['admin']['mod_fcgid_starter']['title'],
--- a/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php
+++ b/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php
@@ -0,0 +1,95 @@
 <?php
 /**
 * This file is part of the Froxlor project.
 * Copyright (c) 2010 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Formfields
 *
 */
 return array(
 	'fpmconfig_add' => array(
 		'title' => $lng['admin']['phpsettings']['addsettings'],
 		'image' => 'icons/phpsettings_add.png',
 		'sections' => array(
 			'section_a' => array(
 				'title' => $lng['admin']['phpsettings']['addsettings'],
 				'image' => 'icons/phpsettings_add.png',
 				'fields' => array(
 					'description' => array(
 						'label' => $lng['admin']['phpsettings']['description'],
 						'type' => 'text',
 						'maxlength' => 50
 					),
 					'reload_cmd' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['reload'],
 						'type' => 'text',
 						'maxlength' => 255,
 						'value' => 'service php7.0-fpm restart'
 					),
 					'config_dir' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
 						'type' => 'text',
 						'maxlength' => 255,
 						'value' => '/etc/php/7.0/fpm/pool.d/'
 					),
 					'pm' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['pm'],
 						'type' => 'select',
 						'select_var' => $pm_select
 					),
 					'max_children' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['max_children']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['max_children']['description'],
 						'type' => 'int',
 						'value' => 1
 					),
 					'start_servers' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['start_servers']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['start_servers']['description'],
 						'type' => 'int',
 						'value' => 20
 					),
 					'min_spare_servers' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['description'],
 						'type' => 'int',
 						'value' => 5
 					),
 					'max_spare_servers' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['description'],
 						'type' => 'int',
 						'value' => 35
 					),
 					'max_requests' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['max_requests']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['max_requests']['description'],
 						'type' => 'int',
 						'value' => 0
 					),
 					'idle_timeout' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['description'],
 						'type' => 'int',
 						'value' => 30
 					),
 					'limit_extensions' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'],
 						'type' => 'text',
 						'value' => '.php'
 					)
 				)
 			)
 		)
 	)
 );
--- a/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php
+++ b/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php
@@ -0,0 +1,96 @@
 <?php
 /**
 * This file is part of the Froxlor project.
 * Copyright (c) 2010 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
 * @author     Froxlor team <team@froxlor.org> (2010-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Formfields
 *
 */
 return array(
 	'fpmconfig_edit' => array(
 		'title' => $lng['admin']['phpsettings']['editsettings'],
 		'image' => 'icons/phpsettings_edit.png',
 		'sections' => array(
 			'section_a' => array(
 				'title' => $lng['admin']['phpsettings']['editsettings'],
 				'image' => 'icons/phpsettings_edit.png',
 				'fields' => array(
 					'description' => array(
 						'label' => $lng['admin']['phpsettings']['description'],
 						'type' => 'text',
 						'maxlength' => 50,
 						'value' => $result['description']
 					),
 					'reload_cmd' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['reload'],
 						'type' => 'text',
 						'maxlength' => 255,
 						'value' => $result['reload_cmd']
 					),
 					'config_dir' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
 						'type' => 'text',
 						'maxlength' => 255,
 						'value' => $result['config_dir']
 					),
 					'pm' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['pm'],
 						'type' => 'select',
 						'select_var' => $pm_select
 					),
 					'max_children' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['max_children']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['max_children']['description'],
 						'type' => 'int',
 						'value' => $result['max_children']
 					),
 					'start_servers' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['start_servers']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['start_servers']['description'],
 						'type' => 'int',
 						'value' => $result['start_servers']
 					),
 					'min_spare_servers' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['description'],
 						'type' => 'int',
 						'value' => $result['min_spare_servers']
 					),
 					'max_spare_servers' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['description'],
 						'type' => 'int',
 						'value' => $result['max_spare_servers']
 					),
 					'max_requests' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['max_requests']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['max_requests']['description'],
 						'type' => 'int',
 						'value' => $result['max_requests']
 					),
 					'idle_timeout' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['description'],
 						'type' => 'int',
 						'value' => $result['idle_timeout']
 					),
 					'limit_extensions' => array(
 						'label' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'],
 						'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'],
 						'type' => 'text',
 						'value' => $result['limit_extensions']
 					)
 				)
 			)
 		)
 	)
 );
--- a/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php
+++ b/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php
@@ -36,6 +36,12 @@ return array(
 						'maxlength' => 255,
 						'value' => '/usr/bin/php-cgi'
 					),
 					'fpmconfig' => array(
 						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
 						'label' => $lng['admin']['phpsettings']['fpmdesc'],
 						'type' => 'select',
 						'select_var' => $fpmconfigs
 					),
 					'file_extensions' => array(
 						'visible' => (Settings::Get('system.mod_fcgid') == 1 ? true : false),
 						'label' => $lng['admin']['phpsettings']['file_extensions'],
@@ -84,6 +90,15 @@ return array(
 						'maxlength' => 10,
 						'value' => '5s'
 					),
 					'phpfpm_pass_authorizationheader' => array(
 						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
 						'label' => $lng['admin']['phpsettings']['pass_authorizationheader'],
 						'type' => 'checkbox',
 						'values' => array(
 							array ('label' => $lng['panel']['yes'], 'value' => '1')
 						),
 						'value' => array()
 					),
 					'phpsettings' => array(
 						'style' => 'align-top',
 						'label' => $lng['admin']['phpsettings']['phpinisettings'],
--- a/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php
+++ b/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php
@@ -37,6 +37,12 @@ return array(
 						'maxlength' => 255,
 						'value' => $result['binary']
 					),
 					'fpmconfig' => array(
 						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
 						'label' => $lng['admin']['phpsettings']['fpmdesc'],
 						'type' => 'select',
 						'select_var' => $fpmconfigs
 					),
 					'file_extensions' => array(
 						'visible' => (Settings::Get('system.mod_fcgid') == 1 ? true : false),
 						'label' => $lng['admin']['phpsettings']['file_extensions'],
@@ -87,6 +93,15 @@ return array(
 						'maxlength' => 10,
 						'value' => $result['fpm_reqslow']
 					),
 					'phpfpm_pass_authorizationheader' => array(
 						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
 						'label' => $lng['admin']['phpsettings']['pass_authorizationheader'],
 						'type' => 'checkbox',
 						'values' => array(
 							array ('label' => $lng['panel']['yes'], 'value' => '1')
 						),
 						'value' => array($result['pass_authorizationheader'])
 					),
 					'phpsettings' => array(
 						'style' => 'align-top',
 						'label' => $lng['admin']['phpsettings']['phpinisettings'],
--- a/lib/formfields/customer/domains/formfield.domains_add.php
+++ b/lib/formfields/customer/domains/formfield.domains_add.php
@@ -70,6 +70,12 @@ return array(
 						'label' => $lng['domain']['openbasedirpath'],
 						'type' => 'select',
 						'select_var' => $openbasedir
 					),
 					'phpsettingid' => array(
 						'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) && $has_phpconfigs ? true : false),
 						'label' => $lng['admin']['phpsettings']['title'],
 						'type' => 'select',
 						'select_var' => $phpconfigs
 					)
 				)
 			),
--- a/lib/formfields/customer/domains/formfield.domains_edit.php
+++ b/lib/formfields/customer/domains/formfield.domains_edit.php
@@ -81,6 +81,12 @@ return array(
 						'label' => $lng['domain']['openbasedirpath'],
 						'type' => 'select',
 						'select_var' => $openbasedir
 					),
 					'phpsettingid' => array(
 						'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) && $has_phpconfigs ? true : false),
 						'label' => $lng['admin']['phpsettings']['title'],
 						'type' => 'select',
 						'select_var' => $phpconfigs
 					)
 				)
 			),
--- a/lib/functions/dns/function.generateDkimEntries.php
+++ b/lib/functions/dns/function.generateDkimEntries.php
@@ -54,20 +54,8 @@ function generateDkimEntries($domain)
 		// end-part
 		$dkim_txt .= 't=s';
 		if (Settings::Get('system.dns_server') == 'pdns') {
 			// PowerDNS does not need/want splitted content
 			$txt_record_split = $dkim_txt;
 		} else {
 			// split if necessary
 			$txt_record_split = '';
 			$lbr = 50;
 			for ($pos = 0; $pos <= strlen($dkim_txt) - 1; $pos += $lbr) {
 				$txt_record_split .= (($pos == 0) ? '("' : "\t\t\t\t\t \"") . substr($dkim_txt, $pos, $lbr) . (($pos >= strlen($dkim_txt) - $lbr) ? '")' : '"') . "\n";
 			}
 		}
 		// dkim-entry
-		$zone_dkim[] = $txt_record_split;
+		$zone_dkim[] = $dkim_txt;
 		// adsp-entry
 		if (Settings::Get('dkim.dkim_add_adsp') == "1") {
--- a/lib/functions/froxlor/function.phpErrHandler.php
+++ b/lib/functions/froxlor/function.phpErrHandler.php
@@ -25,6 +25,8 @@ function phpErrHandler($errno, $errstr, $errfile, $errline, $errcontext) {
 		if (empty($theme)) {
 			$theme = "Sparkle";
 		}
 		// prevent possible file-path-disclosure
 		$errfile = str_replace(FROXLOR_INSTALL_DIR, "", $errfile);
 		// if we're not on the shell, output a nicer error-message
 		$err_hint = file_get_contents(FROXLOR_INSTALL_DIR.'/templates/'.$theme.'/misc/phperrornice.tpl');
 		// replace values
--- a/lib/functions/output/function.dieWithMail.php
+++ b/lib/functions/output/function.dieWithMail.php
@@ -42,6 +42,8 @@ function dieWithMail($message, $subject = "[froxlor] Cronjob error") {
 			$_mail->Password = Settings::Get('system.mail_smtp_passwd');
 			if (Settings::Get('system.mail_smtp_usetls')) {
 				$_mail->SMTPSecure = 'tls';
 			} else {
 				$mail->SMTPAutoTLS = false;
 			}
 			$_mail->Port = Settings::Get('system.mail_smtp_port');
 		}
--- a/lib/functions/output/function.makeoption.php
+++ b/lib/functions/output/function.makeoption.php
@@ -29,7 +29,7 @@
 * @author Florian Lippert <flo@syscp.org>
 */
-function makeoption($title, $value, $selvalue = NULL, $title_trusted = false, $value_trusted = false, $id = NULL)
+function makeoption($title, $value, $selvalue = NULL, $title_trusted = false, $value_trusted = false, $id = NULL, $disabled = false)
 {
 	if($selvalue !== NULL
 	   && ((is_array($selvalue) && in_array($value, $selvalue)) || $value == $selvalue))
@@ -41,6 +41,10 @@ function makeoption($title, $value, $selvalue = NULL, $title_trusted = false, $v
 		$selected = '';
 	}
 	if ($disabled) {
 		$selected .= ' disabled="disabled"';
 	}
 	if(!$title_trusted)
 	{
 		$title = htmlspecialchars($title);
--- a/lib/functions/output/function.standard_error.php
+++ b/lib/functions/output/function.standard_error.php
@@ -63,3 +63,15 @@ function standard_error($errors = '', $replacer = '') {
 	eval("echo \"" . getTemplate('misc/error', '1') . "\";");
 	exit;
 }
 function dynamic_error($message) {
 	global $userinfo, $s, $header, $footer, $lng, $theme;
 	$_SESSION['requestData'] = $_POST;
 	$link = '';
 	if (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST']) !== false) {
 		$link = '<a href="'.htmlentities($_SERVER['HTTP_REFERER']).'">'.$lng['panel']['back'].'</a>';
 	}
 	$error = $message;
 	eval("echo \"" . getTemplate('misc/error', '1') . "\";");
 	exit;
 }
--- a/lib/functions/phphelpers/function.array_trim.php
+++ b/lib/functions/phphelpers/function.array_trim.php
@@ -20,27 +20,22 @@
 /**
 * Returns Array, whose elements have been checked whether thay are empty or not
 *
- * @param array The array to trim
+ * @param array $source
 *        	The array to trim
 * @return array The trim'med array
 * @author Florian Lippert <flo@syscp.org>
 */
 function array_trim($source)
 {
 	$returnval = array();
-
+	if (is_array($source)) {
-	if(is_array($source))
+		foreach ($source as $var => $val) {
-	{
+			if ($val != ' ' && $val != '') {
-		while(list($var, $val) = each($source))
+				$returnval[$var] = $val;
-		{
+			}
 			if($val != ' '
 			   && $val != '')$returnval[$var] = $val;
 		}
-	}
+	} else {
 	else
 	{
 		$returnval = $source;
 	}
 	return $returnval;
 }
--- a/lib/functions/settings/function.storeSettingMysqlAccessHost.php
+++ b/lib/functions/settings/function.storeSettingMysqlAccessHost.php
@@ -16,27 +16,24 @@
 * @package    Functions
 *
 */
 function storeSettingMysqlAccessHost($fieldname, $fielddata, $newfieldvalue)
 {
 	$returnvalue = storeSettingField($fieldname, $fielddata, $newfieldvalue);
-	if($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'mysql_access_host')
+	if ($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'mysql_access_host') {
 	{
 		$mysql_access_host_array = array_map('trim', explode(',', $newfieldvalue));
-		if(in_array('127.0.0.1', $mysql_access_host_array)
+		if (in_array('127.0.0.1', $mysql_access_host_array) && ! in_array('localhost', $mysql_access_host_array)) {
 		   && !in_array('localhost', $mysql_access_host_array))
 		{
 			$mysql_access_host_array[] = 'localhost';
 		}
-		if(!in_array('127.0.0.1', $mysql_access_host_array)
+		if (! in_array('127.0.0.1', $mysql_access_host_array) && in_array('localhost', $mysql_access_host_array)) {
 		   && in_array('localhost', $mysql_access_host_array))
 		{
 			$mysql_access_host_array[] = '127.0.0.1';
 		}
 		// be aware that ipv6 addresses are enclosed in [ ] when passed here
 		$mysql_access_host_array = array_map('cleanMySQLAccessHost', $mysql_access_host_array);
 		$mysql_access_host_array = array_unique(array_trim($mysql_access_host_array));
 		$newfieldvalue = implode(',', $mysql_access_host_array);
 		correctMysqlUsers($mysql_access_host_array);
@@ -45,4 +42,10 @@ function storeSettingMysqlAccessHost($fieldname, $fielddata, $newfieldvalue)
 	return $returnvalue;
 }
-?>
+function cleanMySQLAccessHost($value)
 {
 	if (substr($value, 0, 1) == '[' && substr($value, - 1) == ']') {
 		return substr($value, 1, - 1);
 	}
 	return $value;
 }
--- a/lib/init.php
+++ b/lib/init.php
@@ -156,7 +156,8 @@ if (version_compare(PHP_VERSION, "5.4.0", "<")) {
 	if (get_magic_quotes_gpc()) {
 		$in = array(&$_GET, &$_POST, &$_COOKIE);
-		while (list($k, $v) = each($in)) {
+		$_in = $in;
 		foreach ($_in as $k => $v) {
 			foreach ($v as $key => $val) {
 				if (!is_array($val)) {
 					$in[$k][$key] = stripslashes($val);
@@ -563,6 +564,8 @@ if (Settings::Get('system.mail_use_smtp')) {
 	$mail->Password = Settings::Get('system.mail_smtp_passwd');
 	if (Settings::Get('system.mail_smtp_usetls')) {
 		$mail->SMTPSecure = 'tls';
 	} else {
 		$mail->SMTPAutoTLS = false;
 	}
 	$mail->Port = Settings::Get('system.mail_smtp_port');
 }
--- a/lib/navigation/00.froxlor.main.php
+++ b/lib/navigation/00.froxlor.main.php
@@ -279,6 +279,12 @@ return array(
 					'label' => $lng['menue']['phpsettings']['maintitle'],
 					'show_element' => (Settings::Get('system.mod_fcgid') == true || Settings::Get('phpfpm.enabled') == true)
 				),
 				array(
 					'url' => 'admin_phpsettings.php?page=fpmdaemons',
 					'label' => $lng['menue']['phpsettings']['fpmdaemons'],
 					'required_resources' => 'change_serversettings',
 					'show_element' => Settings::Get('phpfpm.enabled') == true
 				),
 				array(
 					'url' => 'admin_settings.php?page=phpinfo',
 					'label' => $lng['admin']['phpinfo'],
@@ -313,6 +319,10 @@ return array(
 				array(
 					'url' => 'admin_message.php?page=message',
 					'label' => $lng['admin']['message']
 				),
 				array(
 					'url' => 'admin_settings.php?page=testmail',
 					'label' => $lng['admin']['testmail']
 				)
 			)
 		)
--- a/lib/tables.inc.php
+++ b/lib/tables.inc.php
@@ -51,5 +51,6 @@ define('TABLE_PANEL_DOMAINREDIRECTS', 'domain_redirect_codes');
 define('TABLE_PANEL_DOMAIN_SSL_SETTINGS', 'domain_ssl_settings');
 define('TABLE_DOMAINTOIP', 'panel_domaintoip');
 define('TABLE_DOMAIN_DNS', 'domain_dns_entries');
 define('TABLE_PANEL_FPMDAEMONS', 'panel_fpmdaemons');
 require dirname(__FILE__).'/version.inc.php';
--- a/lib/version.inc.php
+++ b/lib/version.inc.php
@@ -16,10 +16,10 @@
 */
 // Main version variable
-$version = '0.9.38.5';
+$version = '0.9.39.2';
 // Database version (YYYYMMDDC where C is a daily counter)
-$dbversion = '201612110';
+$dbversion = '201801260';
 // Distribution branding-tag (used for Debian etc.)
 $branding = '';
--- a/lng/dutch.lng.php
+++ b/lng/dutch.lng.php
@@ -1031,7 +1031,7 @@ $lng['dkim']['dkim_notes']['description'] = 'Notities die van belang kunnen zijn
 $lng['dkim']['dkim_add_adsp']['title'] = 'DKIM ADSP toevoegen';
 $lng['dkim']['dkim_add_adsp']['description'] = 'Indien u niet weet wat dit is, laat het op "actief" staan.';
 $lng['dkim']['dkim_add_adsppolicy']['title'] = 'ADSP beleid';
-$lng['dkim']['dkim_add_adsppolicy']['description'] = 'Voor meer informatie inzake deze instelling zie <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-dkim-adsp-policies">DKIM ADSP policies</a>';
+$lng['dkim']['dkim_add_adsppolicy']['description'] = 'Voor meer informatie inzake deze instelling zie <a target="blank" href="https://en.wikipedia.org/wiki/Author_Domain_Signing_Practices">DKIM ADSP policies</a>';
 $lng['admin']['cron']['cronsettings'] = 'Instellingen cron-taken';
 $lng['cron']['cronname'] = 'naam cron-taak';
@@ -1146,7 +1146,7 @@ $lng['serversettings']['perl_path']['description'] = 'Alleen relevant voor light
 // ADDED IN FROXLOR 0.9.12-svn1
 $lng['admin']['fcgid_settings'] = 'FCGID';
 $lng['serversettings']['mod_fcgid_ownvhost']['title'] = 'FCGID inschakelen voor de VHost voor Froxlor';
-$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Indien ingeschakeld wordt Froxlor ook uitgevoerd onder een lokale gebruiker<br /><strong>Let op:</strong>Dit vereist handmatige configuratie, zie <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID - handbook</a>';
+$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Indien ingeschakeld wordt Froxlor ook uitgevoerd onder een lokale gebruiker<br /><strong>Let op:</strong>Dit vereist handmatige configuratie, zie <a target="blank" href="https://github.com/Froxlor/Froxlor/wiki/apache2-with-fcgid">FCGID - handbook</a>';
 $lng['admin']['mod_fcgid_user'] = 'Lokale gebruiker voor FCGID (Froxlor vhost)';
 $lng['admin']['mod_fcgid_group'] = 'Lokale groep voor FCGID (Froxlor vhost)';
--- a/lng/english.lng.php
+++ b/lng/english.lng.php
@@ -534,7 +534,7 @@ $lng['panel']['back'] = 'Back';
 // ADDED IN 1.2.16-svn12
 $lng['serversettings']['mod_fcgid']['title'] = 'Enable FCGID';
-$lng['serversettings']['mod_fcgid']['description'] = 'Use this to run PHP with the corresponding useraccount.<br /><br /><b>This needs a special webserver configuration for Apache, see <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID - handbook</a></b>';
+$lng['serversettings']['mod_fcgid']['description'] = 'Use this to run PHP with the corresponding useraccount.<br /><br /><b>This needs a special webserver configuration for Apache, see <a target="blank" href="https://github.com/Froxlor/Froxlor/wiki/apache2-with-fcgid">FCGID - handbook</a></b>';
 $lng['serversettings']['sendalternativemail']['title'] = 'Use alternative email-address';
 $lng['serversettings']['sendalternativemail']['description'] = 'Send the password-email to a different address during email-account-creation';
 $lng['emails']['alternative_emailaddress'] = 'Alternative e-mail-address';
@@ -940,6 +940,7 @@ $lng['admin']['phpsettings']['phpinisettings'] = 'php.ini settings';
 $lng['error']['nopermissionsorinvalidid'] = 'You don\'t have enough permissions to change these settings or an invalid id was given.';
 $lng['panel']['view'] = 'view';
 $lng['question']['phpsetting_reallydelete'] = 'Do you really want to delete these settings? All domains which use these settings currently will be changed to the default config.';
 $lng['question']['fpmsetting_reallydelete'] = 'Do you really want to delete these php-fpm settings? All php configurations which use these settings currently will be changed to the default config.';
 $lng['admin']['phpsettings']['addnew'] = 'Create new settings';
 $lng['error']['phpsettingidwrong'] = 'A PHP Configuration with this id doesn\'t exist';
 $lng['error']['descriptioninvalid'] = 'The description is too short, too long or contains illegal characters.';
@@ -1001,6 +1002,7 @@ $lng['error']['ipportdoesntexist'] = 'The ip/port combination you have chosen do
 $lng['admin']['phpserversettings'] = 'PHP Settings';
 $lng['admin']['phpsettings']['binary'] = 'PHP Binary';
 $lng['admin']['phpsettings']['fpmdesc'] = 'PHP-FPM config';
 $lng['admin']['phpsettings']['file_extensions'] = 'File extensions';
 $lng['admin']['phpsettings']['file_extensions_note'] = '(without dot, separated by spaces)';
 $lng['admin']['mod_fcgid_maxrequests']['title'] = 'Maximum php requests for this domain (empty for default value)';
@@ -1102,7 +1104,7 @@ $lng['dkim']['dkim_notes']['description'] = 'Notes that might be of interest to
 $lng['dkim']['dkim_add_adsp']['title'] = 'Add DKIM ADSP entry';
 $lng['dkim']['dkim_add_adsp']['description'] = 'If you don\'t know what this is, leave it "enabled"';
 $lng['dkim']['dkim_add_adsppolicy']['title'] = 'ADSP policy';
-$lng['dkim']['dkim_add_adsppolicy']['description'] = 'For more information about this setting see <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-dkim-adsp-policies">DKIM ADSP policies</a>';
+$lng['dkim']['dkim_add_adsppolicy']['description'] = 'For more information about this setting see <a target="blank" href="https://en.wikipedia.org/wiki/Author_Domain_Signing_Practices">DKIM ADSP policies</a>';
 $lng['admin']['cron']['cronsettings'] = 'Cronjob settings';
 $lng['cron']['cronname'] = 'cronjob-name';
@@ -1293,7 +1295,7 @@ $lng['error']['intvaluetoolow'] = 'The given number is too low (field %s)';
 $lng['error']['intvaluetoohigh'] = 'The given number is too high (field %s)';
 $lng['admin']['phpfpm_settings'] = 'PHP-FPM';
 $lng['serversettings']['phpfpm']['title'] = 'Enable php-fpm';
-$lng['serversettings']['phpfpm']['description'] = '<b>This needs a special webserver configuration see FPM-handbook for <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_phpfpm">Apache2</a> or <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookNginx_phpfpm">nginx</a></b>';
+$lng['serversettings']['phpfpm']['description'] = '<b>This needs a special webserver configuration see FPM-handbook for <a target="blank" href="https://github.com/Froxlor/Froxlor/wiki/apache2-with-php-fpm">Apache2</a> or <a target="blank" href="https://github.com/Froxlor/Froxlor/wiki/nginx-with-php-fpm">nginx</a></b>';
 $lng['serversettings']['phpfpm_settings']['configdir'] = 'Configuration directory of php-fpm';
 $lng['serversettings']['phpfpm_settings']['aliasconfigdir'] = 'Configuration Alias-directory of php-fpm';
 $lng['serversettings']['phpfpm_settings']['reload'] = 'php-fpm restart command';
@@ -1656,7 +1658,7 @@ $lng['traffic']['mail'] = 'Mail (MiB)';
 $lng['serversettings']['mod_fcgid']['idle_timeout']['title'] = 'Idle Timeout';
 $lng['serversettings']['mod_fcgid']['idle_timeout']['description'] = 'Timeout setting for Mod FastCGI.';
 $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'] = 'Idle Timeout';
-$lng['serversettings']['phpfpm_settings']['idle_timeout']['description'] = 'Timeout setting for PHP5 FPM FastCGI.';
+$lng['serversettings']['phpfpm_settings']['idle_timeout']['description'] = 'Timeout setting for PHP FPM FastCGI.';
 // ADDED IN 0.9.27-svn2
 $lng['panel']['cancel'] = 'Cancel';
@@ -1826,7 +1828,7 @@ $lng['serversettings']['panel_password_special_char_required']['description'] =
 $lng['serversettings']['panel_password_special_char']['title'] = 'Special characters list';
 $lng['serversettings']['panel_password_special_char']['description'] = 'One of these characters is required if the above option is set.';
 $lng['phpfpm']['use_mod_proxy']['title'] = 'Use mod_proxy / mod_proxy_fcgi';
-$lng['phpfpm']['use_mod_proxy']['description'] = 'Activate to use php-fpm via mod_proxy_fcgi. Requires at least apache-2.4.9';
+$lng['phpfpm']['use_mod_proxy']['description'] = '<strong class="red">Must be enabled when using Debian 9.x (Stretch)</strong>. Activate to use php-fpm via mod_proxy_fcgi. Requires at least apache-2.4.9';
 $lng['error']['no_phpinfo'] = 'Sorry, unable to read phpinfo()';
 $lng['admin']['movetoadmin'] = 'Move customer';
@@ -1840,16 +1842,16 @@ $lng['domains']['import_file'] = 'CSV-File';
 $lng['success']['domain_import_successfully'] = 'Successfully imported %s domains.';
 $lng['error']['domain_import_error'] = 'Following error occurred while importing domains: %s';
 $lng['admin']['note'] = 'Note';
-$lng['domains']['import_description'] = 'Detailed information about the structure of the import-file and how to import successfully, please visit <a href="http://redmine.froxlor.org/projects/froxlor/wiki/DomainBulkActionDoc" target="_blank">http://redmine.froxlor.org/projects/froxlor/wiki/DomainBulkActionDoc</a>';
+$lng['domains']['import_description'] = 'Detailed information about the structure of the import-file and how to import successfully, please visit <a href="https://github.com/Froxlor/Froxlor/wiki/Domain-import-documenation" target="_blank">https://github.com/Froxlor/Froxlor/wiki/Domain-import-documenation</a>';
 $lng['usersettings']['custom_notes']['title'] = 'Custom notes';
 $lng['usersettings']['custom_notes']['description'] = 'Feel free to put any notes you want/need in here. They will show up in the admin/customer overview for the corresponding user.';
 $lng['usersettings']['custom_notes']['show'] = 'Show your notes on the dashboard of the user';
 $lng['error']['fcgidandphpfpmnogoodtogether'] = 'FCGID and PHP-FPM cannot be activated at the same time';
 // Added in Froxlor 0.9.34
-$lng['admin']['configfiles']['legend'] = 'You are about to configure a service/daemon. The following legend explains the nomenclature.';
+$lng['admin']['configfiles']['legend'] = '<h3>You are about to configure a service/daemon</h3>';
 $lng['admin']['configfiles']['commands'] = '<span class="red">Commands:</span> These commands are to be executed line by line as root-user in a shell. It is safe to copy the whole block and paste it into the shell.';
-$lng['admin']['configfiles']['files'] = '<span class="red">Configfiles:</span> This is an example of the contents of a configuration file. The commands before these textfields should open an editor with the target file. Just copy and paste the contents into the editor and save the file.<br><br><span class="red">Please note:</span> The MySQL-password has not been replaced for security reasons. Please replace "MYSQL_PASSWORD" on your own. If you forgot your MySQL-password you\'ll find it in "lib/userdata.inc.php"';
+$lng['admin']['configfiles']['files'] = '<span class="red">Configfiles:</span> The commands before the textfields should open an editor with the target file. Just copy and paste the contents into the editor and save the file.<br><span class="red">Please note:</span> The MySQL-password has not been replaced for security reasons. Please replace "FROXLOR_MYSQL_PASSWORD" on your own or use the javascript form below to replace it on-site. If you forgot your MySQL-password you\'ll find it in "lib/userdata.inc.php"';
 $lng['serversettings']['apache_itksupport']['title'] = 'Use modifications for Apache ITK-MPM';
 $lng['serversettings']['apache_itksupport']['description'] = '<strong class="red">ATTENTION:</strong> use only if you acutally have apache itk-mpm enabled<br />otherwise your webserver will not be able to start';
 $lng['integrity_check']['DatabaseCharset'] = 'Characterset of database (should be UTF-8)';
@@ -1938,7 +1940,7 @@ $lng['admin']['letsencrypt']['description'] = 'Get a free certificate from <a hr
 $lng['customer']['letsencrypt']['title'] = 'Use Let\'s Encrypt';
 $lng['customer']['letsencrypt']['description'] = 'Get a free certificate from <a href="https://letsencrypt.org">Let\'s Encrypt</a>. The certificate will be created and renewed automatically.<br><strong class="red">ATTENTION:</strong> This feature is still in beta.';
 $lng['error']['sslredirectonlypossiblewithsslipport'] = 'Using Let\'s Encrypt is only possible when the domain has at least one ssl-enabled IP/port combination assigned.';
-$lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt cannot (yet) handle wildcard-domains. Please set the ServerAlias to WWW or disable it completely';
+$lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt cannot handle wildcard-domains using ACME v1. Please set the ServerAlias to WWW or disable it completely';
 $lng['panel']['letsencrypt'] = 'Using Let\'s encrypt';
 $lng['crondesc']['cron_letsencrypt'] = 'updating Let\'s Encrypt certificates';
 $lng['serversettings']['letsencryptca']['title'] = "Let's Encrypt environment";
@@ -1972,7 +1974,7 @@ $lng['error']['autoupdate_9'] = 'The downloaded file did not pass the integrity
 $lng['admin']['server_php'] = 'PHP';
 $lng['domains']['termination_date'] = 'Date of termination';
-$lng['domains']['termination_date_overview'] = 'canceled until ';
+$lng['domains']['termination_date_overview'] = 'terminated as of ';
 $lng['panel']['set'] = 'Apply';
 $lng['customer']['selectserveralias_addinfo'] = 'This option can be set when editing the domain. Its initial value is inherited from the parent-domain.';
 $lng['error']['mailaccistobedeleted'] = "Another account with the same name (%s) is currently being deleted and can therefore not be added at this moment.";
@@ -2038,8 +2040,8 @@ $lng['serversettings']['le_froxlor_enabled']['description'] = "If activated, the
 $lng['serversettings']['le_froxlor_redirect']['title'] = "Enable SSL-redirect for the froxlor vhost";
 $lng['serversettings']['le_froxlor_redirect']['description'] = "If activated, all http requests to your froxlor will be redirected to the corresponding SSL site.";
 $lng['admin']['froxlorvhost'] = 'Froxlor VirtualHost settings';
-$lng['serversettings']['option_unavailable_websrv'] = '<br><em class="red">Availble only for: %s</em>';
+$lng['serversettings']['option_unavailable_websrv'] = '<br><em class="red">Available only for: %s</em>';
-$lng['serversettings']['option_unavailable'] = '<br><em class="red">Option not availble due to other settings.</em>';
+$lng['serversettings']['option_unavailable'] = '<br><em class="red">Option not available due to other settings.</em>';
 $lng['serversettings']['letsencryptacmeconf']['title'] = "Path to the acme.conf snippet";
 $lng['serversettings']['letsencryptacmeconf']['description'] = "File name of the config snippet which allows the web server to serve the acme challenge.";
 $lng['admin']['hostname'] = 'Hostname';
@@ -2063,5 +2065,42 @@ $lng['admin']['domain_hsts_incsub']['description'] = 'The optional "includeSubDo
 $lng['admin']['domain_hsts_preload']['title'] = 'Include domain in <a href="https://hstspreload.appspot.com/" target="_blank">HSTS preload list</a>';
 $lng['admin']['domain_hsts_preload']['description'] = 'If you would like this domain to be included in the HSTS preload list maintained by Chrome (and used by Firefox and Safari), then use activate this.<br>Sending the preload directive from your site can have PERMANENT CONSEQUENCES and prevent users from accessing your site and any of its subdomains.<br>Please read the details at <a href="https://hstspreload.appspot.com/#removal" target="_blank">hstspreload.appspot.com/#removal</a> before sending the header with "preload".';
-$lng['serversettings']['nginx_http2_support']['title'] = 'Nginx HTTP2 Support';
+$lng['serversettings']['http2_support']['title'] = 'HTTP2 Support';
-$lng['serversettings']['nginx_http2_support']['description'] = 'enable http2 support for ssl. ENABLE ONLY IF YOUR Nginx SUPPORT THIS FEATURE. (version 1.9.5+)';
+$lng['serversettings']['http2_support']['description'] = 'enable HTTP2 support for ssl.<br><em class="red">ENABLE ONLY IF YOUR WEBSERVER SUPPORTS THIS FEATURE (nginx version 1.9.5+, apache2 version 2.4.17+)</em>';
 $lng['error']['noipportgiven'] = 'No IP/port given';
 // Added in froxlor 0.9.38.8
 $lng['admin']['domain_ocsp_stapling']['title'] = 'OCSP stapling';
 $lng['admin']['domain_ocsp_stapling']['description'] = 'See <a target="_blank" href="https://en.wikipedia.org/wiki/OCSP_stapling">Wikipedia</a> for a detailed explanation of OCSP stapling';
 $lng['admin']['domain_ocsp_stapling']['nginx_version_warning'] = '<br /><strong class="red">WARNING:</strong> Nginx version 1.3.7 or above is required for OCSP stapling. If your version is older, the webserver will NOT start correctly while OCSP stapling is enabled!';
 $lng['serversettings']['ssl']['apache24_ocsp_cache_path']['title'] = 'Apache 2.4: path to the OCSP stapling cache';
 $lng['serversettings']['ssl']['apache24_ocsp_cache_path']['description'] = 'Configures the cache used to store OCSP responses which get included in TLS handshakes.';
 $lng['serversettings']['nssextrausers']['title'] = 'Use libnss-extrausers instead of libnss-mysql';
 $lng['serversettings']['nssextrausers']['description'] = 'Do not read users from the database but from files. Please only activate if you have already gone through the required configuration steps (system -> libnss-extrausers).<br><strong class="red">For Debian/Ubuntu only (or if you have compiled libnss-extrausers yourself!)</strong>';
 $lng['admin']['domain_http2']['title'] = 'HTTP2 support';
 $lng['admin']['domain_http2']['description'] = 'See <a target="_blank" href="https://en.wikipedia.org/wiki/HTTP/2">Wikipedia</a> for a detailed explanation of HTTP2';
 $lng['admin']['testmail'] = 'SMTP test';
 $lng['success']['testmailsent'] = 'Test mail sent successfully';
 $lng['serversettings']['disable_le_selfcheck']['title'] = "Disable Let's Encrypt local self-check";
 $lng['serversettings']['disable_le_selfcheck']['description'] = "If activated, froxlor will <strong>not</strong> perform its self-check for token accessability. Needed for NATed IP's or similar.";
 $lng['menue']['phpsettings']['fpmdaemons'] = 'PHP-FPM versions';
 $lng['admin']['phpsettings']['activephpconfigs'] = 'In use for php-config(s)';
 $lng['admin']['phpsettingsforsubdomains'] = 'Apply php-config to all subdomains:';
 $lng['serversettings']['phpsettingsforsubdomains']['description'] = 'If yes the chosen php-config will be updated to all subdomains';
 $lng['serversettings']['leapiversion']['title'] = "Chose Let's Encrypt ACME implementation";
 $lng['serversettings']['leapiversion']['description'] = "Chose between ACME v1 and ACME v2 implementation for Let's Encrypt.";
 $lng['error']['nowildcardwithletsencryptv2'] = 'Let\'s Encrypt can only validate wildcard-domains by DNS with ACME v2, sorry. Please set the ServerAlias to WWW or disable it completely';
 $lng['admin']['phpsettings']['pass_authorizationheader'] = 'Add "-pass-header Authorization" / "CGIPassAuth On" to vhosts';
 $lng['serversettings']['ssl']['ssl_protocols']['title'] = 'Configure the TLS protocol version';
 $lng['serversettings']['ssl']['ssl_protocols']['description'] = 'This is a list of ssl protocols that you want (or don\'t want) to use when using SSL. <b>Notice:</b> Some older browsers may not support the newest protcol versions.<br /><br /><b>Default value is:</b><pre>TLSv1, TLSv1.2</pre>';
 $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'] = 'Allowed extensions';
 $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'] = 'Limits the extensions of the main script FPM will allow to parse. This can prevent configuration mistakes on the web server side. You should only limit FPM to .php extensions to prevent malicious users to use other extensions to execute php code. Default value: .php';
 $lng['phpfpm']['ini_flags'] = 'Enter possible <strong>php_flag</strong>s for php.ini. One entry per line';
 $lng['phpfpm']['ini_values'] = 'Enter possible <strong>php_value</strong>s for php.ini. One entry per line';
 $lng['phpfpm']['ini_admin_flags'] = 'Enter possible <strong>php_admin_flag</strong>s for php.ini. One entry per line';
 $lng['phpfpm']['ini_admin_values'] = 'Enter possible <strong>php_admin_value</strong>s for php.ini. One entry per line';
 $lng['serversettings']['phpfpm_settings']['envpath'] = 'Paths to add to the PATH environment. Leave empty for no PATH environment variable';
 $lng['admin']['configfiles']['importexport'] = 'Import/Export';
 $lng['success']['settingsimported'] = 'Settings imported successfully';
 $lng['error']['jsonextensionnotfound'] = 'This feature requires the php json-extension.';
--- a/lng/french.lng.php
+++ b/lng/french.lng.php
@@ -569,18 +569,18 @@ $lng['serversettings']['webalizer_quiet']['description'] = 'Verbosité du progra
 $lng['ticket']['admin_email'] = 'root@localhost';
 $lng['ticket']['noreply_email'] = 'billets@froxlor';
-$lng['admin']['ticketsystem'] = 'Système de billets';
+$lng['admin']['ticketsystem'] = 'Système de tickets';
-$lng['menue']['ticket']['ticket'] = 'Billets de support';
+$lng['menue']['ticket']['ticket'] = 'Tickets support';
 $lng['menue']['ticket']['categories'] = 'Catégories de support';
-$lng['menue']['ticket']['archive'] = 'Archives de billets';
+$lng['menue']['ticket']['archive'] = 'Archives de tickets';
 $lng['ticket']['description'] = 'Entrez une description !';
-$lng['ticket']['ticket_new'] = 'Ouvrir un nouveau billet';
+$lng['ticket']['ticket_new'] = 'Ouvrir un nouveau ticket';
-$lng['ticket']['ticket_reply'] = 'Réponse au billet';
+$lng['ticket']['ticket_reply'] = 'Réponse au ticket';
-$lng['ticket']['ticket_reopen'] = 'Réouvrir le billet';
+$lng['ticket']['ticket_reopen'] = 'Réouvrir le ticket';
 $lng['ticket']['ticket_newcateory'] = 'Créer une nouvelle catégorie';
 $lng['ticket']['ticket_editcateory'] = 'Editer la catégorie';
-$lng['ticket']['ticket_view'] = 'Voir l\'historique du billet';
+$lng['ticket']['ticket_view'] = 'Voir l\'historique du ticket';
-$lng['ticket']['ticketcount'] = 'Billets';
+$lng['ticket']['ticketcount'] = 'Tickets';
 $lng['ticket']['ticket_answers'] = 'Réponses';
 // $lng['ticket']['lastchange'] = 'Dernière action';
 $lng['ticket']['lastchange'] = 'Dernier changement';
@@ -601,8 +601,8 @@ $lng['ticket']['answer'] = 'Répondre';
 $lng['ticket']['close'] = 'Fermer';
 $lng['ticket']['reopen'] = 'Réouvrir';
 $lng['ticket']['archive'] = 'Archive';
-$lng['ticket']['ticket_delete'] = 'Effacer le billet';
+$lng['ticket']['ticket_delete'] = 'Effacer le ticket';
-$lng['ticket']['lastarchived'] = 'Billets récemment archivés';
+$lng['ticket']['lastarchived'] = 'Tickets récemment archivés';
 $lng['ticket']['archivedtime'] = 'Archivé';
 $lng['ticket']['open'] = 'Ouvert';
 $lng['ticket']['wait_reply'] = 'Attente d\'une réponse';
@@ -610,43 +610,43 @@ $lng['ticket']['replied'] = 'Répondu';
 $lng['ticket']['closed'] = 'Fermé';
 $lng['ticket']['staff'] = 'L\'équipe';
 $lng['ticket']['customer'] = 'Client';
-$lng['ticket']['old_tickets'] = 'Messages du billet';
+$lng['ticket']['old_tickets'] = 'Messages du ticket';
 $lng['ticket']['search'] = 'Rechercher dans les archives';
 $lng['ticket']['nocustomer'] = 'Aucun choix';
 $lng['ticket']['archivesearch'] = 'Résultat de la recherche dans les archives';
-$lng['ticket']['noresults'] = 'Aucun billet trouvé';
+$lng['ticket']['noresults'] = 'Aucun ticket trouvé';
-$lng['ticket']['notmorethanxopentickets'] = 'Pour éviter les abus, vous ne pouvez avoir plus de %s billets ouverts';
+$lng['ticket']['notmorethanxopentickets'] = 'Pour éviter les abus, vous ne pouvez avoir plus de %s tickets ouverts';
 $lng['ticket']['supportstatus'] = 'Etat du support';
 $lng['ticket']['supportavailable'] = '<span class="ticket_low">Nos équipes de support sont disponibles et prètes à vous assister.</span>';
 $lng['ticket']['supportnotavailable'] = '<span class="ticket_high">Nos équipes de support ne sont actuellement pas disponibles.</span>';
-$lng['admin']['templates']['ticket'] = 'E-mail de notification pour les billets de support';
+$lng['admin']['templates']['ticket'] = 'E-mail de notification pour les tickets de support';
-$lng['admin']['templates']['SUBJECT'] = 'Sera remplacé par le sujet du billet de support.';
+$lng['admin']['templates']['SUBJECT'] = 'Sera remplacé par le sujet du ticket de support.';
-$lng['admin']['templates']['new_ticket_for_customer'] = 'Informe le client que le billet a été envoyé';
+$lng['admin']['templates']['new_ticket_for_customer'] = 'Informe le client que le ticket a été envoyé';
-$lng['admin']['templates']['new_ticket_by_customer'] = 'Notifie l\'administrateur qu\'un nouveau billet a été ouvert par un client';
+$lng['admin']['templates']['new_ticket_by_customer'] = 'Notifie l\'administrateur qu\'un nouveau ticket a été ouvert par un client';
-$lng['admin']['templates']['new_reply_ticket_by_customer'] = 'Notifie l\'administrateur d\'une réponse du client au billet';
+$lng['admin']['templates']['new_reply_ticket_by_customer'] = 'Notifie l\'administrateur d\'une réponse du client au ticket';
-$lng['admin']['templates']['new_ticket_by_staff'] = 'Informe le client qu\'un billet a été ouvert par l\'équipe de support';
+$lng['admin']['templates']['new_ticket_by_staff'] = 'Informe le client qu\'un ticket a été ouvert par l\'équipe de support';
-$lng['admin']['templates']['new_reply_ticket_by_staff'] = 'Informe le client d\'une réponse de l\'équipe de support au billet';
+$lng['admin']['templates']['new_reply_ticket_by_staff'] = 'Informe le client d\'une réponse de l\'équipe de support au ticket';
-$lng['mails']['new_ticket_for_customer']['mailbody'] = 'Bonjour {FIRSTNAME} {NAME},\n\nVotre demande de billet de support ayant comme sujet "{SUBJECT}" a été envoyé.\n\nVous receverez une notification lorsque votre billet aura une réponse.\n\nMerci,\nL\'équipe Froxlor.';
+$lng['mails']['new_ticket_for_customer']['mailbody'] = 'Bonjour {FIRSTNAME} {NAME},\n\nVotre demande de ticket de support ayant comme sujet "{SUBJECT}" a été envoyé.\n\nVous receverez une notification lorsque votre billet aura une réponse.\n\nMerci,\nL\'équipe Froxlor.';
-$lng['mails']['new_ticket_for_customer']['subject'] = 'Votre billet de support a été envoyé';
+$lng['mails']['new_ticket_for_customer']['subject'] = 'Votre ticket de support a été envoyé';
-$lng['mails']['new_ticket_by_customer']['mailbody'] = 'Bonjour administrateur,\n\nUn nouveau billet de support ayant comme sujet "{SUBJECT}" a été ouvert.\n\nVeuillez vous connecter pour consulter le billet.\n\nMerci,\nl\'équipe Froxlor.';
+$lng['mails']['new_ticket_by_customer']['mailbody'] = 'Bonjour administrateur,\n\nUn nouveau ticket de support ayant comme sujet "{SUBJECT}" a été ouvert.\n\nVeuillez vous connecter pour consulter le billet.\n\nMerci,\nl\'équipe Froxlor.';
-$lng['mails']['new_ticket_by_customer']['subject'] = 'Nouveau billet de support soumis';
+$lng['mails']['new_ticket_by_customer']['subject'] = 'Nouveau ticket de support soumis';
-$lng['mails']['new_reply_ticket_by_customer']['mailbody'] = 'Bonjour administrateur,\n\nLe billet de support "{SUBJECT}" a reçu une réponse de la part du client.\n\nVeuillez vous connecter pour consulter le billet.\n\nMerci,\nL\'équipe Froxlor.';
+$lng['mails']['new_reply_ticket_by_customer']['mailbody'] = 'Bonjour administrateur,\n\nLe ticket de support "{SUBJECT}" a reçu une réponse de la part du client.\n\nVeuillez vous connecter pour consulter le billet.\n\nMerci,\nL\'équipe Froxlor.';
-$lng['mails']['new_reply_ticket_by_customer']['subject'] = 'Nouvelle réponse au billet de support';
+$lng['mails']['new_reply_ticket_by_customer']['subject'] = 'Nouvelle réponse au ticket de support';
-$lng['mails']['new_ticket_by_staff']['mailbody'] = 'Bonjour {FIRSTNAME} {NAME},\n\nUn billet de support ayant comme sujet "{SUBJECT}" a été ouvert pour vous par notre équipe.\n\nVeuillez vous connecter pour consulter le billet.\n\nMerci,\nL\'équipe Froxlor.';
+$lng['mails']['new_ticket_by_staff']['mailbody'] = 'Bonjour {FIRSTNAME} {NAME},\n\nUn ticket de support ayant comme sujet "{SUBJECT}" a été ouvert pour vous par notre équipe.\n\nVeuillez vous connecter pour consulter le billet.\n\nMerci,\nL\'équipe Froxlor.';
 $lng['mails']['new_ticket_by_staff']['subject'] = 'Nouvelle demande de support soumise';
-$lng['mails']['new_reply_ticket_by_staff']['mailbody'] = 'Bonjour {FIRSTNAME} {NAME},\n\nLe billet de support ayant comme sujet "{SUBJECT}" a reçu une réponse par notre équipe.\n\nVeuillez vous connecter pour consulter le billet.\n\nMerci,\nL\équipe Froxlor.';
+$lng['mails']['new_reply_ticket_by_staff']['mailbody'] = 'Bonjour {FIRSTNAME} {NAME},\n\nLe ticket de support ayant comme sujet "{SUBJECT}" a reçu une réponse par notre équipe.\n\nVeuillez vous connecter pour consulter le billet.\n\nMerci,\nL\équipe Froxlor.';
-$lng['mails']['new_reply_ticket_by_staff']['subject'] = 'Nouvelle réponse au billet de support';
+$lng['mails']['new_reply_ticket_by_staff']['subject'] = 'Nouvelle réponse au ticket de support';
-$lng['question']['ticket_reallyclose'] = 'Etes-vous sûr de vouloir clôturer le billet "%s" ?';
+$lng['question']['ticket_reallyclose'] = 'Etes-vous sûr de vouloir clôturer le ticket "%s" ?';
-$lng['question']['ticket_reallydelete'] = 'Etes-vous sûr de vouloir supprimer le billet "%s" ?';
+$lng['question']['ticket_reallydelete'] = 'Etes-vous sûr de vouloir supprimer le ticket "%s" ?';
 $lng['question']['ticket_reallydeletecat'] = 'Etes-vous sûr de vouloir supprimer la catégorie "%s" ?';
-$lng['question']['ticket_reallyarchive'] = 'Etes-vous sûr de vouloir archiver le billet "%s" ?';
+$lng['question']['ticket_reallyarchive'] = 'Etes-vous sûr de vouloir archiver le ticket "%s" ?';
-$lng['error']['nomoreticketsavailable'] = 'Vous n\'avez plus de billets de disponibles. Veuillez contacter votre administrateur.';
+$lng['error']['nomoreticketsavailable'] = 'Vous n\'avez plus de tickets de disponibles. Veuillez contacter votre administrateur.';
-$lng['error']['nocustomerforticket'] = 'Ne peut créer de billet sans client';
+$lng['error']['nocustomerforticket'] = 'Impossible de créer un ticket sans clients dans la base';
-$lng['error']['categoryhastickets'] = 'La catégorie possède des billets.<br />Veuillez d\'abord supprimer tous les billets de cette catégorie.';
+$lng['error']['categoryhastickets'] = 'La catégorie possède des tickets.<br />Veuillez d\'abord supprimer tous les tickets de cette catégorie.';
-$lng['admin']['ticketsettings'] = 'Paramètres des billets de support';
+$lng['admin']['ticketsettings'] = 'Paramètres des tickets de support';
-$lng['admin']['archivelastrun'] = 'Derniers billets archivés';
+$lng['admin']['archivelastrun'] = 'Derniers tickets archivés';
 $lng['serversettings']['ticket']['noreply_email']['title'] = 'Adresse e-mail de non réponse';
-$lng['serversettings']['ticket']['noreply_email']['description'] = 'L\'adresse e-mail de l\'expéditeur de notification pour les billets de support, quelque chose du type no-reply@domaine.com';
+$lng['serversettings']['ticket']['noreply_email']['description'] = 'L\'adresse e-mail de l\'expéditeur de notification pour les tickets de support, quelque chose du type no-reply@domaine.com';
 $lng['serversettings']['ticket']['worktime_begin']['title'] = 'Début du support (hh:mm)';
 $lng['serversettings']['ticket']['worktime_begin']['description'] = 'Horaire de début du support';
 $lng['serversettings']['ticket']['worktime_end']['title'] = 'Fin du support (hh:mm)';
@@ -655,21 +655,21 @@ $lng['serversettings']['ticket']['worktime_sat'] = 'Support disponible le samedi
 $lng['serversettings']['ticket']['worktime_sun'] = 'Support disponible le dimanche ?';
 $lng['serversettings']['ticket']['worktime_all']['title'] = 'Aucune limite horaire pour le support';
 $lng['serversettings']['ticket']['worktime_all']['description'] = 'Si "Oui", les options pour le début et la fin du support seront écrasés.';
-$lng['serversettings']['ticket']['archiving_days'] = 'Après combien de jours un billet fermé sera automatiquement archivé ?';
+$lng['serversettings']['ticket']['archiving_days'] = 'Après combien de jours un ticket fermé sera automatiquement archivé ?';
-$lng['customer']['tickets'] = 'Billet de support';
+$lng['customer']['tickets'] = 'Ticket de support';
 // ADDED IN 1.2.18-svn4
 $lng['admin']['domain_nocustomeraddingavailable'] = 'Il n\'est acutellement pas possible d\'ajouter de domaines. Vous devez d\'abord ajouter un client.';
-$lng['serversettings']['ticket']['enable'] = 'Activer le système de billets';
+$lng['serversettings']['ticket']['enable'] = 'Activer le système de tickets';
-$lng['serversettings']['ticket']['concurrentlyopen'] = 'Combien  de billets peuvent être ouverts au même moment ?';
+$lng['serversettings']['ticket']['concurrentlyopen'] = 'Combien  de tickets peuvent être ouverts au même moment ?';
 $lng['error']['norepymailiswrong'] = 'L\'adresse de "non réponse" n\'est pas bonne. Une adresse e-mail valide doit être entrée.';
-$lng['error']['tadminmailiswrong'] = 'L\'adresse de "l\'administrateur de billets" n\'est pas bonne. Une adresse e-mail valide doit être entrée.';
+$lng['error']['tadminmailiswrong'] = 'L\'adresse de "l\'administrateur de tickets" n\'est pas bonne. Une adresse e-mail valide doit être entrée.';
-$lng['ticket']['awaitingticketreply'] = 'Vous avez %s billet(s) de support non répondu(s).';
+$lng['ticket']['awaitingticketreply'] = 'Vous avez %s ticket(s) de support non répondu(s).';
 // ADDED IN 1.2.18-svn5
-$lng['serversettings']['ticket']['noreply_name'] = 'Nom de l\'expéditeur e-mail des billets';
+$lng['serversettings']['ticket']['noreply_name'] = 'Nom de l\'expéditeur e-mail des tickets';
 // ADDED IN 1.2.19-svn1
@@ -679,8 +679,8 @@ $lng['serversettings']['mod_fcgid']['tmpdir']['title'] = 'Dossier temporaire pou
 // ADDED IN 1.2.19-svn3
-$lng['serversettings']['ticket']['reset_cycle']['title'] = 'Intervalle de réinitialisation des billets utilisés';
+$lng['serversettings']['ticket']['reset_cycle']['title'] = 'Intervalle de réinitialisation des tickets utilisés';
-$lng['serversettings']['ticket']['reset_cycle']['description'] = 'Remettre le compteur de billets à 0 dans le temps imparti';
+$lng['serversettings']['ticket']['reset_cycle']['description'] = 'Remettre le compteur de tickets à 0 dans le temps imparti';
 $lng['admin']['tickets']['daily'] = 'Journalière';
 $lng['admin']['tickets']['weekly'] = 'Hebdomadaire';
 $lng['admin']['tickets']['monthly'] = 'Mensuelle';
--- a/lng/german.lng.php
+++ b/lng/german.lng.php
@@ -529,7 +529,7 @@ $lng['panel']['back'] = 'Zurück';
 // ADDED IN 1.2.16-svn12
 $lng['serversettings']['mod_fcgid']['title'] = 'PHP über mod_fcgid/suexec einbinden';
-$lng['serversettings']['mod_fcgid']['description'] = 'PHP wird unter dem Benutzer des Kunden ausgeführt.<br /><br /><b>Dies benötigt eine spezielle Webserver-Konfiguration für Apache, siehe <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID-Handbuch</a>.</b>';
+$lng['serversettings']['mod_fcgid']['description'] = 'PHP wird unter dem Benutzer des Kunden ausgeführt.<br /><br /><b>Dies benötigt eine spezielle Webserver-Konfiguration für Apache, siehe <a target="blank" href="https://github.com/Froxlor/Froxlor/wiki/apache2-with-fcgid">FCGID-Handbuch</a>.</b>';
 $lng['serversettings']['sendalternativemail']['title'] = 'Alternative E-Mail-Adresse benutzen';
 $lng['serversettings']['sendalternativemail']['description'] = 'Während des Erstellens eines Accounts das Passwort an eine andere E-Mail-Adresse senden';
 $lng['emails']['alternative_emailaddress'] = 'Alternative E-Mail-Adresse';
@@ -934,6 +934,7 @@ $lng['admin']['phpsettings']['phpinisettings'] = 'php.ini-Einstellungen';
 $lng['error']['nopermissionsorinvalidid'] = 'Entweder fehlen Ihnen die nötigen Rechte diese Einstellung zu ändern oder es wurde eine ungültige ID übergeben';
 $lng['panel']['view'] = 'ansehen';
 $lng['question']['phpsetting_reallydelete'] = 'Wollen Sie diese PHP-Einstellungen wirklich löschen? Alle Domains die diese Einstellungen bis jetzt verwendet haben, werden dann auf die Standardeinstellungen umgestellt.';
 $lng['question']['fpmsetting_reallydelete'] = 'Wollen Sie diese PHP-FPM Einstellungen wirklich löschen? Alle PHP Konfigurationen die diese Einstellungen bis jetzt verwendet haben, werden dann auf die Standardeinstellungen umgestellt.';
 $lng['admin']['phpsettings']['addnew'] = 'Neue Konfiguration erstellen';
 $lng['error']['phpsettingidwrong'] = 'Eine PHP-Konfiguration mit dieser ID existiert nicht';
 $lng['error']['descriptioninvalid'] = 'Der Beschreibungstext ist zu kurz, zu lang oder enthält ungültige Zeichen';
@@ -997,6 +998,7 @@ $lng['error']['ipportdoesntexist'] = 'Die gewählte IP/Port-Kombination existier
 $lng['admin']['phpserversettings'] = 'PHP-Einstellungen';
 $lng['admin']['phpsettings']['binary'] = 'PHP-Binary';
 $lng['admin']['phpsettings']['fpmdesc'] = 'PHP-FPM Config';
 $lng['admin']['phpsettings']['file_extensions'] = 'Dateiendungen';
 $lng['admin']['phpsettings']['file_extensions_note'] = '(ohne Punkt, durch Leerzeichen getrennt)';
 $lng['admin']['mod_fcgid_maxrequests']['title'] = 'Maximale PHP-Requests für diese Domain (leer für Standardwert)';
@@ -1075,7 +1077,7 @@ $lng['dkim']['dkim_notes']['description'] = 'Eine Notiz, welche für Menschen in
 $lng['dkim']['dkim_add_adsp']['title'] = 'DKIM-ADSP Eintrag hinzufügen';
 $lng['dkim']['dkim_add_adsp']['description'] = 'Wenn unsicher oder unbekannt, belassen sie es auf "aktiviert"';
 $lng['dkim']['dkim_add_adsppolicy']['title'] = 'ADSP-Richtlinie';
-$lng['dkim']['dkim_add_adsppolicy']['description'] = 'Mehr Informationen zu dieser Einstellung (englisch) <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-dkim-adsp-policies">DKIM-ADSP-Policies</a>';
+$lng['dkim']['dkim_add_adsppolicy']['description'] = 'Mehr Informationen zu dieser Einstellung (englisch) <a target="blank" href="https://en.wikipedia.org/wiki/Author_Domain_Signing_Practices">DKIM-ADSP-Policies</a>';
 $lng['admin']['cron']['cronsettings'] = 'Cronjob-Einstellungen';
 $lng['cron']['cronname'] = 'Cronjob-Name';
@@ -1271,7 +1273,7 @@ $lng['error']['intvaluetoolow'] = 'Die angegebene Zahl ist zu klein (Feld "%s")'
 $lng['error']['intvaluetoohigh'] = 'Die angegebene Zahl ist zu groß (Feld "%s")';
 $lng['admin']['phpfpm_settings'] = 'PHP-FPM';
 $lng['serversettings']['phpfpm']['title'] = 'Aktiviere PHP-FPM';
-$lng['serversettings']['phpfpm']['description'] = '<b>Dies benötigt eine spezielle Webserver-Konfiguration, siehe FPM-Handbuch für <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_phpfpm">Apache2</a> oder <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookNginx_phpfpm">nginx</a></b>';
+$lng['serversettings']['phpfpm']['description'] = '<b>Dies benötigt eine spezielle Webserver-Konfiguration, siehe FPM-Handbuch für <a target="blank" href="https://github.com/Froxlor/Froxlor/wiki/apache2-with-php-fpm">Apache2</a> oder <a target="blank" href="https://github.com/Froxlor/Froxlor/wiki/nginx-with-php-fpm">nginx</a></b>';
 $lng['serversettings']['phpfpm_settings']['configdir'] = 'Pfad zu php-fpm-Konfigurationen';
 $lng['serversettings']['phpfpm_settings']['aliasconfigdir'] = 'Alias-Ordner der php-fpm Konfiguration';
 $lng['serversettings']['phpfpm_settings']['reload'] = 'Kommando zum Neustarten von php-fpm';
@@ -1383,7 +1385,7 @@ $lng['traffic']['mail'] = 'Mail (MiB)';
 $lng['serversettings']['mod_fcgid']['idle_timeout']['title'] = 'Idle-Timeout';
 $lng['serversettings']['mod_fcgid']['idle_timeout']['description'] = 'Timeout-Einstellung für mod_FastCGI.';
 $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'] = 'Idle-Timeout';
-$lng['serversettings']['phpfpm_settings']['idle_timeout']['description'] = 'Timeout-Einstellung für PHP5-FPM FastCGI.';
+$lng['serversettings']['phpfpm_settings']['idle_timeout']['description'] = 'Timeout-Einstellung für PHP-FPM FastCGI.';
 // ADDED IN 0.9.27-svn2
 $lng['admin']['delete_statistics'] = 'Statistiken Löschen';
@@ -1551,7 +1553,7 @@ $lng['serversettings']['panel_password_special_char_required']['description'] =
 $lng['serversettings']['panel_password_special_char']['title'] = 'Sonderzeichen-Liste';
 $lng['serversettings']['panel_password_special_char']['description'] = 'Mindestens eines dieser Sonderzeichen muss in dem Passwort vorkommen, sofern die Sonderzeichen-Option aktiviert ist.';
 $lng['phpfpm']['use_mod_proxy']['title'] = 'Verwende mod_proxy / mod_proxy_fcgi';
-$lng['phpfpm']['use_mod_proxy']['description'] = 'Diese Option kann aktiviert werden, um php-fpm via mod_proxy_fcgi einzubinden. Dies setzt mindestens apache-2.4.9 voraus';
+$lng['phpfpm']['use_mod_proxy']['description'] = '<strong class="red">Muss gesetzt sein bei Debian 9.x (Stretch)</strong>. Diese Option kann aktiviert werden, um php-fpm via mod_proxy_fcgi einzubinden. Dies setzt mindestens apache-2.4.9 voraus';
 $lng['error']['no_phpinfo'] = 'Entschuldigung, es ist nicht möglich die phpinfo() auszulesen.';
 $lng['admin']['movetoadmin'] = 'Kunde verschieben';
@@ -1565,16 +1567,16 @@ $lng['domains']['import_file'] = 'CSV-Datei';
 $lng['success']['domain_import_successfully'] = 'Erfolgreich %s Domains importiert.';
 $lng['error']['domain_import_error'] = 'Der folgende Fehler trat beim Importieren der Domains auf: %s';
 $lng['admin']['note'] = 'Hinweis';
-$lng['domains']['import_description'] = 'Detaillierte Informationen über den Aufbau der Importdatei und einen erfolgreichen Import gibt es hier: <a href="http://redmine.froxlor.org/projects/froxlor/wiki/DomainBulkActionDoc" target="_blank">http://redmine.froxlor.org/projects/froxlor/wiki/DomainBulkActionDoc</a> (englisch)';
+$lng['domains']['import_description'] = 'Detaillierte Informationen über den Aufbau der Importdatei und einen erfolgreichen Import gibt es hier: <a href="https://github.com/Froxlor/Froxlor/wiki/Domain-import-documenation" target="_blank">https://github.com/Froxlor/Froxlor/wiki/Domain-import-documenation</a> (englisch)';
 $lng['usersettings']['custom_notes']['title'] = 'Eigene Notizen';
 $lng['usersettings']['custom_notes']['description'] = 'Hier können Notizen je nach Lust und Laune eingetragen werden. Diese werden in der Administrator/Kunden-Übersicht bei dem jeweiligen Benutzer angezeigt.';
 $lng['usersettings']['custom_notes']['show'] = 'Zeige die Notizen auf dem Dashboard des Benutzers';
 $lng['error']['fcgidandphpfpmnogoodtogether'] = 'FCGID und PHP-FPM können nicht gleichzeitig aktiviert werden.';
 // Added in Froxlor 0.9.34
-$lng['admin']['configfiles']['legend'] = 'Du konfigurierst nun einen Service/Daemon. Die folgende Legende zeigt unsere Nomenklatur.';
+$lng['admin']['configfiles']['legend'] = '<h3>Du konfigurierst nun einen Service/Daemon.</h3>';
 $lng['admin']['configfiles']['commands'] = '<span class="red">Kommandos:</span> Die angezeigten Befehle müssen als Benutzer root in einer Shell ausgeführt werden. Es kann auch problemlos der ganze Block kopiert und in die Shell eingefügt werden.';
-$lng['admin']['configfiles']['files'] = '<span class="red">Konfigurationsdateien:</span> Dies ist der Inhalt einer Konfigurationsdatei. Der Befehl direkt vor dem Textfeld sollte einen Editor mit der Zieldatei öffnen. Der Inhalt kann nun einfach kopiert und in den Editor eingefügt und die Datei gespeichert werden.<br><br><span class="red">Beachten Sie:</span> Das MySQL-Passwort wurde aus Sicherheitsgründen nicht ersetzt. Bitte ersetzen Sie "MYSQL_PASSWORD" manuell durch das entsprechende Passwort. Falls Sie es vergessen haben sollten, finden Sie es in der Datei "lib/userdata.inc.php".';
+$lng['admin']['configfiles']['files'] = '<span class="red">Konfigurationsdateien:</span> Der Befehl direkt vor dem Textfeld sollte einen Editor mit der Zieldatei öffnen. Der Inhalt kann nun einfach kopiert und in den Editor eingefügt und die Datei gespeichert werden.<br><span class="red">Bitte beachten:</span> Das MySQL-Passwort wurde aus Sicherheitsgründen nicht ersetzt. Bitte ersetze "FROXLOR_MYSQL_PASSWORD" manuell oder nutze das folgende Formular, um es temporär auf dieser Seite zu setzen. Falls das Passwort vergessen wurde, findet es sich in der Datei "lib/userdata.inc.php".';
 $lng['serversettings']['apache_itksupport']['title'] = 'Anpassungen für Apache ITK-MPM verwenden';
 $lng['serversettings']['apache_itksupport']['description'] = '<div class="red">Achtung: Bitte nur verwenden, wenn wirklich Apache itk-mpm verwendet wird, ansonsten wird der Webserver nicht starten.</div>';
 $lng['integrity_check']['DatabaseCharset'] = 'Characterset der Datenbank (sollte UTF-8 sein)';
@@ -1591,7 +1593,7 @@ $lng['admin']['letsencrypt']['description'] = 'Holt ein kostenloses Zertifikat v
 $lng['customer']['letsencrypt']['title'] = 'Benutze Let\'s Encrypt';
 $lng['customer']['letsencrypt']['description'] = 'Holt ein kostenloses Zertifikat von <a href="https://letsencrypt.org">Let\'s Encrypt</a>. Das Zertifikat wird automatisch erstellt und verlängert.<br><strong class="red">ACHTUNG:</strong> Dieses Feature befindet sich noch im Test.';
 $lng['error']['sslredirectonlypossiblewithsslipport'] = 'Die Nutzung von Let\'s Encrypt ist nur möglich, wenn die Domain mindestens eine IP/Port - Kombination mit aktiviertem SSL zugewiesen hat.';
-$lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt kann (noch) nicht mit Wildcard-Domains umgehen. Bitte den ServerAlias auf WWW setzen oder deaktivieren';
+$lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt kann in ACME v1 nicht mit Wildcard-Domains umgehen. Bitte den ServerAlias auf WWW setzen oder deaktivieren';
 $lng['panel']['letsencrypt'] = 'Benutzt Let\'s encrypt';
 $lng['crondesc']['cron_letsencrypt'] = 'aktualisiert Let\'s Encrypt Zertifikate';
 $lng['serversettings']['letsencryptca']['title'] = "Let's Encrypt Umgebung";
@@ -1713,3 +1715,42 @@ $lng['admin']['domain_hsts_incsub']['title'] = 'Inkludiere HSTS für jede Subdom
 $lng['admin']['domain_hsts_incsub']['description'] = 'Die optionale "includeSubDomains" Direktive, wenn vorhanden, signalisiert dem UA, dass die HSTS Regel für diese Domain und auch jede Subdomain dieser gilt.';
 $lng['admin']['domain_hsts_preload']['title'] = 'Füge Domain in die <a href="https://hstspreload.appspot.com/" target="_blank">HSTS preload Liste</a> hinzu';
 $lng['admin']['domain_hsts_preload']['description'] = 'Wenn die Domain in die HSTS preload Liste, verwaltet von Chrome (und genutzt von Firefox und Safari), hinzugefügt werden soll, dann aktiviere diese Einstellung.<br>Die preload-Direktive zu senden kann PERMANTENTE KONSEQUENZEN haben und dazu führen, dass Benutzer auf diese Domain und auch Subdomains nicht zugreifen können.<br>Beachte Details unter <a href="https://hstspreload.appspot.com/#removal" target="_blank">hstspreload.appspot.com/#removal</a> bevor ein Header mit "preload" gesendet wird.';
 $lng['serversettings']['http2_support']['title'] = 'HTTP2 Unterstützung';
 $lng['serversettings']['http2_support']['description'] = 'Aktiviere HTTP2 Unterstützung für SSL.<br><em class="red">NUR AKTIVIEREN, WENN DER WEBSERVER DIESE FUNKTION UNTERSTÜTZT (nginx version 1.9.5+, apache2 version 2.4.17+)</em>';
 $lng['error']['noipportgiven'] = 'Keine IP/Port angegeben';
 // Added in froxlor 0.9.38.8
 $lng['admin']['domain_ocsp_stapling']['title'] = 'OCSP stapling';
 $lng['admin']['domain_ocsp_stapling']['description'] = 'Siehe <a target="_blank" href="https://de.wikipedia.org/wiki/Online_Certificate_Status_Protocol_stapling">Wikipedia</a> für eine ausführliche Beschreibung von OCSP-Stapling';
 $lng['admin']['domain_ocsp_stapling']['nginx_version_warning'] = '<br /><strong class="red">WARNUNG:</strong> Nginx unterstützt OCSP-Stapling erst ab Version 1.3.7. Wenn Ihre Version älter ist, wird der Webserver bei aktiviertem OCSP-Stapling NICHT korrekt starten.';
 $lng['serversettings']['ssl']['apache24_ocsp_cache_path']['title'] = 'Apache 2.4: Pfad zum OCSP-Stapling-Cache';
 $lng['serversettings']['ssl']['apache24_ocsp_cache_path']['description'] = 'Konfiguriert den Cache-Pfad zum Zwischenspeichern der OCSP-Antworten,<br />die an TLS-Handshakes angehängt werden.';
 $lng['serversettings']['nssextrausers']['title'] = 'Verwende libnss-extrausers anstatt libnss-mysql';
 $lng['serversettings']['nssextrausers']['description'] = 'Lese Benutzer nicht direkt aus der Datenbank sondern über Dateien, bitte nur aktivieren, wenn die entsprechende Konfiguration vorgenommen wurde (System -> libnss-extrausers).<br><strong class="red">Nur für Debian/Ubuntu (oder wenn libnss-extrausers manuell kompiliert wurde!)</strong>';
 $lng['admin']['domain_http2']['title'] = 'HTTP2 Unterstützung';
 $lng['admin']['domain_http2']['description'] = 'Siehe <a target="_blank" href="https://de.wikipedia.org/wiki/Hypertext_Transfer_Protocol#HTTP.2F2">Wikipedia</a> für eine ausführliche Beschreibung von HTTP2';
 $lng['admin']['testmail'] = 'SMTP Test';
 $lng['success']['testmailsent'] = 'Test E-Mail erfolgreich gesendet';
 $lng['serversettings']['disable_le_selfcheck']['title'] = "Deaktiviere Let's Encrypt lokale Selbstprüfung";
 $lng['serversettings']['disable_le_selfcheck']['description'] = "Wenn aktiviert wird Froxlor <strong>keine</strong> Erreichbarkeitsprüfung des Tokens vornehmen. Nötig bei ge-NAT-eten IP's oder Ähnlichem";
 $lng['menue']['phpsettings']['fpmdaemons'] = 'PHP-FPM Versionen';
 $lng['admin']['phpsettings']['activephpconfigs'] = 'In Verwendung für PHP-Konfiguration(en)';
 $lng['admin']['phpsettingsforsubdomains'] = 'PHP-Config für alle Subdomains übernehmen:';
 $lng['serversettings']['phpsettingsforsubdomains']['description'] = 'Wenn ja, wird die gewählte PHP-Config für alle Subdomains übernommen';
 $lng['serversettings']['leapiversion']['title'] = "Wähle Let's Encrypt ACME Implementierung";
 $lng['serversettings']['leapiversion']['description'] = "Wähle zwischen ACME v1 und ACME v2 Implementierung von Let's Encrypt.";
 $lng['error']['nowildcardwithletsencryptv2'] = 'Let\'s Encrypt kann in ACME v2 Wildcard-Domains nur via DNS validieren, sorry. Bitte den ServerAlias auf WWW setzen oder deaktivieren';
 $lng['admin']['phpsettings']['pass_authorizationheader'] = 'Füge "-pass-header Authorization" / "CGIPassAuth On" in Vhosts ein';
 $lng['serversettings']['ssl']['ssl_protocols']['title'] = 'SSL Protokollversion festlegen';
 $lng['serversettings']['ssl']['ssl_protocols']['description'] = 'Dies ist eine Liste von SSL/TLS Protokollversionen die genutzt werden sollen (oder auch nicht genutzt werden sollen), wenn SSL verwendet wird. <b>Hinweis:</b> Ältere Browser sind möglicherweise nicht vollständig zum neusten Protokoll kompatibel.<br /><br /><b>Standard-Wert ist:</b><pre>TLSv1, TLSv1.2</pre>';
 $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'] = 'Erlaubte Dateiendungen';
 $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'] = 'Beschränkt die Dateierweiterungen des Haupt-Skripts, das FPM zu parsen erlaubt. Dies kann Konfigurationsfehler auf der Webserverseite verhindern. Sie sollten FPM nur auf .php Erweiterungen beschränken, um zu verhindern, dass bösartige Nutzter andere Erweiterungen verwenden, um PHP Code auszuführen. Standardwert: .php';
 $lng['phpfpm']['ini_flags'] = 'Mögliche <strong>php_flag</strong>s für die php.ini. Pro Zeile eine Direktive';
 $lng['phpfpm']['ini_values'] = 'Mögliche <strong>php_value</strong>s für die php.ini. Pro Zeile eine Direktive';
 $lng['phpfpm']['ini_admin_flags'] = 'Mögliche <strong>php_admin_flag</strong>s für die php.ini. Pro Zeile eine Direktive';
 $lng['phpfpm']['ini_admin_values'] = 'Mögliche <strong>php_admin_value</strong>s für die php.ini. Pro Zeile eine Direktive';
 $lng['serversettings']['phpfpm_settings']['envpath'] = 'Pfade für die PATH Umgebungsvariable. Leerlassen, um keine PATH Umgebungsvariable zu setzen.';
 $lng['success']['settingsimported'] = 'Einstellungnen erfolgreich importiert';
 $lng['error']['jsonextensionnotfound'] = 'Diese Funktion benötigt die PHP json-Erweiterung.';
--- a/lng/italian.lng.php
+++ b/lng/italian.lng.php
@@ -435,7 +435,7 @@ $lng['panel']['translator'] = 'Traduttore';
 $lng['error']['stringformaterror'] = 'Il valore per il campo "%s" non è nel formato atteso.';
 // ADDED IN 1.2.15-rc1
-// Translated by marone42@googlemail.com on 03/15/2007 (see https://trac.froxlor.org/ticket/126#comment:21)
+// Translated by marone42@googlemail.com on 03/15/2007
 $lng['admin']['phpversion'] = 'Versione PHP';
 $lng['admin']['mysqlserverversion'] = 'Versione MySQL Server';
@@ -1050,7 +1050,7 @@ $lng['dkim']['dkim_notes']['description'] = 'Nota potrebbe essere di interesse,
 $lng['dkim']['dkim_add_adsp']['title'] = 'Aggiungi un valore DKIM ADSP';
 $lng['dkim']['dkim_add_adsp']['description'] = 'Se non si sa di cosa si tratta, lasciare "enabled"';
 $lng['dkim']['dkim_add_adsppolicy']['title'] = 'Regola ADSP';
-$lng['dkim']['dkim_add_adsppolicy']['description'] = 'Per ulteriori informazioni su questa impostazione leggere <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-dkim-adsp-policies">DKIM ADSP policies</a>';
+$lng['dkim']['dkim_add_adsppolicy']['description'] = 'Per ulteriori informazioni su questa impostazione leggere <a target="blank" href="https://en.wikipedia.org/wiki/Author_Domain_Signing_Practices">DKIM ADSP policies</a>';
 $lng['admin']['cron']['cronsettings'] = 'Impostazioni Cronjob';
 $lng['cron']['cronname'] = 'Nome cronjob';
@@ -1171,7 +1171,7 @@ $lng['serversettings']['perl_path']['description'] = 'Rilevante solo se si utili
 // ADDED IN FROXLOR 0.9.12-svn1
 $lng['admin']['fcgid_settings'] = 'FCGID';
 $lng['serversettings']['mod_fcgid_ownvhost']['title'] = 'Abilita FCGID per i vhost Froxlor';
-$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Se attivato, Froxlor verrà eseguito con un utente locale<br /><strong>ATTENZIONE:</strong>Questo richiede una configurazione manuale, vedi <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID - handbook</a>';
+$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Se attivato, Froxlor verrà eseguito con un utente locale<br /><strong>ATTENZIONE:</strong>Questo richiede una configurazione manuale, vedi <a target="blank" href="https://github.com/Froxlor/Froxlor/wiki/apache2-with-fcgid">FCGID - handbook</a>';
 $lng['admin']['mod_fcgid_user'] = 'Utente locale per FCGID (Froxlor vhost)';
 $lng['admin']['mod_fcgid_group'] = 'Gruppo locale per FCGID (Froxlor vhost)';
@@ -1361,7 +1361,7 @@ $lng['admin']['store_defaultindex'] = 'Archivio del file indice predefinito al p
 $lng['admin']['ipsandports']['ssl_cert_chainfile']['title'] = 'Percorso al file catena dei certificati SSL';
 $lng['admin']['ipsandports']['ssl_cert_chainfile']['description'] = 'Principalmente Bundle CA, o similare, presubilmente vuoi impostare questo se hai acquistato un certificato SSL.';
 $lng['serversettings']['phpfpm']['title'] = 'Abilita php-fpm';
-$lng['serversettings']['phpfpm']['description'] = '<b>Questa impostazione richiede una configurazione speciale del server web. Vedi il manuale FPM per <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_phpfpm">Apache2</a> o <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookNginx_phpfpm">nginx</a></b>';
+$lng['serversettings']['phpfpm']['description'] = '<b>Questa impostazione richiede una configurazione speciale del server web. Vedi il manuale FPM per <a target="blank" href="https://github.com/Froxlor/Froxlor/wiki/apache2-with-php-fpm">Apache2</a> o <a target="blank" href="https://github.com/Froxlor/Froxlor/wiki/nginx-with-php-fpm">nginx</a></b>';
 $lng['serversettings']['phpfpm_settings']['aliasconfigdir'] = 'Configurazione cartella Alias per php-fpm';
 $lng['gender']['title'] = 'Titolo';
 $lng['gender']['male'] = 'Sig.';
@@ -1795,7 +1795,7 @@ $lng['domains']['import_file'] = 'File CSV';
 $lng['success']['domain_import_successfully'] = 'Importato %s dominii con successo.';
 $lng['error']['domain_import_error'] = 'Il seguente errore è occorsonell \'importazione di dominii: %s';
 $lng['admin']['note'] = 'Nota';
-$lng['domains']['import_description'] = 'Per ottenere informazioni dettagliate sulla struttura del file di importazione e  su come importare con successo, visita <a href="http://redmine.froxlor.org/projects/froxlor/wiki/DomainBulkActionDoc" target="_blank">http://redmine.froxlor.org/projects/froxlor/wiki/DomainBulkActionDoc</a>';
+$lng['domains']['import_description'] = 'Per ottenere informazioni dettagliate sulla struttura del file di importazione e  su come importare con successo, visita <a href="https://github.com/Froxlor/Froxlor/wiki/Domain-import-documenation" target="_blank">https://github.com/Froxlor/Froxlor/wiki/Domain-import-documenation</a>';
 $lng['usersettings']['custom_notes']['title'] = 'Note personali';
 $lng['usersettings']['custom_notes']['description'] = 'Sentiti libero di inserire qualsi nota vuoi o necessiti qui. Apparirano nel riepilogo dell\'amministratore/cliente perl \'utente corrispondente.';
 $lng['usersettings']['custom_notes']['show'] = 'Mostra le tue note nel cruscotto dell\'utente';
--- a/scripts/classes/class.DnsBase.php
+++ b/scripts/classes/class.DnsBase.php
@@ -233,7 +233,7 @@ abstract class DnsBase
 					$pubkey_file_handler = fopen($pubkey_filename, "w");
 					fwrite($pubkey_file_handler, $domain['dkim_pubkey']);
 					fclose($pubkey_file_handler);
-					safe_exec("chmod 0664 " . escapeshellarg($pubkey_filename));
+					safe_exec("chmod 0644 " . escapeshellarg($pubkey_filename));
 				}
 				$dkimdomains .= $domain['domain'] . "\n";
--- a/scripts/classes/class.Extrausers.php
+++ b/scripts/classes/class.Extrausers.php
@@ -0,0 +1,83 @@
 <?php
 /**
 * This file is part of the Froxlor project.
 * Copyright (c) 2017 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright  (c) the authors
 * @author     Froxlor team <team@froxlor.org> (2017-)
 * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package    Cron
 *
 */
 class Extrausers
 {
 	public static function generateFiles(&$cronlog)
 	{
 		// passwd
 		$passwd = '/var/lib/extrausers/passwd';
 		$sql = "SELECT username,'x' as password,uid,gid,'Froxlor User' as comment,homedir,shell, login_enabled FROM ftp_users ORDER BY uid ASC";
 		self::_generateFile($passwd, $sql, $cronlog);
 		// group
 		$group = '/var/lib/extrausers/group';
 		$sql = "SELECT groupname,'x' as password,gid,members FROM ftp_groups ORDER BY gid ASC";
 		self::_generateFile($group, $sql, $cronlog);
 		// shadow
 		$shadow = '/var/lib/extrausers/shadow';
 		$sql = "SELECT username,password FROM ftp_users ORDER BY gid ASC";
 		self::_generateFile($shadow, $sql, $cronlog);
 		// set correct permissions
 		@chmod('/var/lib/extrausers/', 0755);
 		@chmod('/var/lib/extrausers/passwd', 0644);
 		@chmod('/var/lib/extrausers/group', 0644);
 		@chmod('/var/lib/extrausers/shadow', 0640);
 	}
 	private static function _generateFile($file, $query, &$cronlog)
 	{
 		$type = basename($file);
 		$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Creating ' . $type . ' file');
 		if (! file_exists($file)) {
 			$cronlog->logAction(CRON_ACTION, LOG_NOTICE, $type . ' file does not yet exist');
 			@mkdir(dirname($file), 0750, true);
 			touch($file);
 		}
 		$data_sel_stmt = Database::query($query);
 		$data_content = "";
 		$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Writing ' . $data_sel_stmt->rowCount() . ' entries to ' . $type . ' file');
 		while ($u = $data_sel_stmt->fetch(PDO::FETCH_ASSOC)) {
 			switch ($type) {
 				case 'passwd':
 					if ($u['login_enabled'] != 'Y') {
 						$u['password'] = '*';
 						$u['shell'] = '/bin/false';
 						$u['comment'] = 'Locked Froxlor User';
 					}
 					$line = $u['username'] . ':' . $u['password'] . ':' . $u['uid'] . ':' . $u['gid'] . ':' . $u['comment'] . ':' . $u['homedir'] . ':' . $u['shell'] . PHP_EOL;
 					break;
 				case 'group':
 					$line = $u['groupname'] . ':' . $u['password'] . ':' . $u['gid'] . ':' . $u['members'] . PHP_EOL;
 					break;
 				case 'shadow':
 					$line = $u['username'] . ':' . $u['password'] . ':' . floor(time() / 86400 - 1) . ':0:99999:7:::' . PHP_EOL;
 					break;
 			}
 			$data_content .= $line;
 		}
 		if (file_put_contents($file, $data_content) !== false) {
 			$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Succesfully wrote ' . $type . ' file');
 		} else {
 			$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Error when writing ' . $type . ' file entries');
 		}
 	}
 }
--- a/scripts/froxlor_master_cronjob.php
+++ b/scripts/froxlor_master_cronjob.php
@@ -68,6 +68,9 @@ for ($x = 1; $x < count($argv); $x++) {
 $cronlog->setCronDebugFlag(defined('CRON_DEBUG_FLAG'));
 $tasks_cnt_stmt = Database::query("SELECT COUNT(*) as jobcnt FROM `panel_tasks`");
 $tasks_cnt = $tasks_cnt_stmt->fetch(PDO::FETCH_ASSOC);
 // do we have anything to include?
 if (count($jobs_to_run) > 0) {
 	// include all jobs we want to execute
@@ -76,6 +79,22 @@ if (count($jobs_to_run) > 0) {
 		$cronfile = getCronFile($cron);
 		require_once $cronfile;
 	}
 	if ($tasks_cnt['jobcnt'] > 0)
 	{
 		if (Settings::Get('system.nssextrausers') == 1)
 		{
 			include_once makeCorrectFile(FROXLOR_INSTALL_DIR.'/scripts/classes/class.Extrausers.php');
 			Extrausers::generateFiles($cronlog);
 		}
 		// clear NSCD cache if using fcgid or fpm, #1570
 		if (Settings::Get('system.mod_fcgid') == 1 || (int)Settings::Get('phpfpm.enabled') == 1) {
 			$false_val = false;
 			safe_exec('nscd -i passwd 1> /dev/null', $false_val, array('>'));
 			safe_exec('nscd -i group 1> /dev/null', $false_val, array('>'));
 		}
 	}
 }
 fwrite($debugHandler, 'Cronfiles have been included' . "\n");
--- a/scripts/jobs/cron_letsencrypt.php
+++ b/scripts/jobs/cron_letsencrypt.php
@@ -20,6 +20,12 @@ if (! defined('MASTER_CRONJOB'))
 *
 */
 if (Settings::Get('system.leapiversion') == '2') {
 	// use ACME v2 is specified
 	require_once __DIR__ . '/cron_letsencrypt_v2.php';
 	exit;
 }
 $cronlog->logAction(CRON_ACTION, LOG_INFO, "Updating Let's Encrypt certificates");
 if (! extension_loaded('curl')) {
--- a/scripts/jobs/cron_letsencrypt_v2.php
+++ b/scripts/jobs/cron_letsencrypt_v2.php
@@ -0,0 +1,294 @@
 <?php
 if (! defined('MASTER_CRONJOB'))
 	die('You cannot access this file directly!');
 /**
 * This file is part of the Froxlor project.
 * Copyright (c) 2016 the Froxlor Team (see authors).
 *
 * For the full copyright and license information, please view the COPYING
 * file that was distributed with this source code. You can also view the
 * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
 *
 * @copyright (c) the authors
 * @author Florian Aders <kontakt-froxlor@neteraser.de>
 * @author Froxlor team <team@froxlor.org> (2016-)
 * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
 * @package Cron
 *
 * @since 0.9.35
 *
 */
 $cronlog->logAction(CRON_ACTION, LOG_INFO, "Updating Let's Encrypt certificates");
 if (! extension_loaded('curl')) {
 	$cronlog->logAction(CRON_ACTION, LOG_ERR, "Let's Encrypt requires the php cURL extension to be installed.");
 	exit();
 }
 $certificates_stmt = Database::query("
 		SELECT
 			domssl.`id`,
 			domssl.`domainid`,
 			domssl.expirationdate,
 			domssl.`ssl_cert_file`,
 			domssl.`ssl_key_file`,
 			domssl.`ssl_ca_file`,
 			domssl.`ssl_csr_file`,
 			dom.`domain`,
 			dom.`wwwserveralias`,
 			dom.`iswildcarddomain`,
 			dom.`documentroot`,
 			dom.`id` AS 'domainid',
 			dom.`ssl_redirect`,
 			cust.`leprivatekey`,
 			cust.`lepublickey`,
 			cust.`leregistered`,
 			cust.`customerid`,
 			cust.`loginname`
 		FROM
 			`" . TABLE_PANEL_CUSTOMERS . "` AS cust,
 			`" . TABLE_PANEL_DOMAINS . "` AS dom
 		LEFT JOIN
 			`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` AS domssl ON
 				dom.`id` = domssl.`domainid`
 		WHERE
 			dom.`customerid` = cust.`customerid`
 			AND dom.`letsencrypt` = 1
 			AND dom.`aliasdomain` IS NULL
 			AND dom.`iswildcarddomain` = 0
 			AND (
 				domssl.`expirationdate` < DATE_ADD(NOW(), INTERVAL 30 DAY)
 				OR domssl.`expirationdate` IS NULL
 			)
 	");
 $aliasdomains_stmt = Database::prepare("
 		SELECT
 			dom.`id` as domainid,
 			dom.`domain`,
 			dom.`wwwserveralias`,
 			dom.`iswildcarddomain`
 		FROM `" . TABLE_PANEL_DOMAINS . "` AS dom
 		WHERE
 			dom.`aliasdomain` = :id
 			AND dom.`letsencrypt` = 1
 			AND dom.`iswildcarddomain` = 0
 	");
 $updcert_stmt = Database::prepare("
 		REPLACE INTO
 			`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
 		SET
 			`id` = :id,
 			`domainid` = :domainid,
 			`ssl_cert_file` = :crt,
 			`ssl_key_file` = :key,
 			`ssl_ca_file` = :ca,
 			`ssl_cert_chainfile` = :chain,
 			`ssl_csr_file` = :csr,
 			`expirationdate` = :expirationdate
 	");
 $upddom_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `ssl_redirect` = '1' WHERE `id` = :domainid");
 // flag for re-generation of vhost files
 $changedetected = 0;
 // first - generate LE for system-vhost if enabled
 if (Settings::Get('system.le_froxlor_enabled') == '1') {
 	$certrow = array(
 		'loginname' => 'froxlor.panel',
 		'domain' => Settings::Get('system.hostname'),
 		'domainid' => 0,
 		'documentroot' => FROXLOR_INSTALL_DIR,
 		'leprivatekey' => Settings::Get('system.leprivatekey'),
 		'lepublickey' => Settings::Get('system.lepublickey'),
 		'leregistered' => Settings::Get('system.leregistered'),
 		'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'),
 		'expirationdate' => null,
 		'ssl_cert_file' => null,
 		'ssl_key_file' => null,
 		'ssl_ca_file' => null,
 		'ssl_csr_file' => null,
 		'id' => null
 	);
 	$froxlor_ssl_settings_stmt = Database::prepare("
 		SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
 		WHERE `domainid` = '0' AND
 		(`expirationdate` < DATE_ADD(NOW(), INTERVAL 30 DAY) OR `expirationdate` IS NULL)
 	");
 	$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
 	$insert_or_update_required = true;
 	if ($froxlor_ssl) {
 		$certrow['id'] = $froxlor_ssl['id'];
 		$certrow['expirationdate'] = $froxlor_ssl['expirationdate'];
 		$certrow['ssl_cert_file'] = $froxlor_ssl['ssl_cert_file'];
 		$certrow['ssl_key_file'] = $froxlor_ssl['ssl_key_file'];
 		$certrow['ssl_ca_file'] = $froxlor_ssl['ssl_ca_file'];
 		$certrow['ssl_csr_file'] = $froxlor_ssl['ssl_csr_file'];
 	} else {
 		// check whether we have an entry with valid certificates which just does not need
 		// updating yet, so we need to skip this here
 		$froxlor_ssl_settings_stmt = Database::prepare("
 			SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = '0'
 		");
 		$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
 		if ($froxlor_ssl && ! empty($froxlor_ssl['ssl_cert_file'])) {
 			$insert_or_update_required = false;
 		}
 	}
 	if ($insert_or_update_required) {
 		$domains = array(
 			$certrow['domain']
 		);
 		// Only renew let's encrypt certificate if no broken ssl_redirect is enabled
 		// - this temp. deactivation of the ssl-redirect is handled by the webserver-cronjob
 		$cronlog->logAction(CRON_ACTION, LOG_INFO, "Updating " . $certrow['domain']);
 		$cronlog = FroxlorLogger::getInstanceOf(array(
 			'loginname' => $certrow['loginname']
 		));
 		try {
 			// Initialize Lescript with documentroot
 			$le = new lescript_v2($cronlog, $version);
 			// Initialize Lescript
 			$le->initAccount($certrow, true);
 			// Request the new certificate (old key may be used)
 			$return = $le->signDomains($domains, $certrow['ssl_key_file']);
 			// We are interessted in the expirationdate
 			$newcert = openssl_x509_parse($return['crt']);
 			// Store the new data
 			Database::pexecute($updcert_stmt, array(
 				'id' => $certrow['id'],
 				'domainid' => $certrow['domainid'],
 				'crt' => $return['crt'],
 				'key' => $return['key'],
 				'ca' => $return['chain'],
 				'chain' => $return['chain'],
 				'csr' => $return['csr'],
 				'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
 			));
 			if ($certrow['ssl_redirect'] == 3) {
 				Settings::Set('system.le_froxlor_redirect', '1');
 			}
 			$cronlog->logAction(CRON_ACTION, LOG_INFO, "Updated Let's Encrypt certificate for " . $certrow['domain']);
 			$changedetected = 1;
 		} catch (Exception $e) {
 			$cronlog->logAction(CRON_ACTION, LOG_ERR, "Could not get Let's Encrypt certificate for " . $certrow['domain'] . ": " . $e->getMessage());
 		}
 	}
 }
 // customer domains
 $certrows = $certificates_stmt->fetchAll(PDO::FETCH_ASSOC);
 foreach ($certrows as $certrow) {
 	// set logger to corresponding loginname for the log to appear in the users system-log
 	$cronlog = FroxlorLogger::getInstanceOf(array(
 		'loginname' => $certrow['loginname']
 	));
 	// Only renew let's encrypt certificate if no broken ssl_redirect is enabled
 	if ($certrow['ssl_redirect'] != 2) {
 		$cronlog->logAction(CRON_ACTION, LOG_INFO, "Updating " . $certrow['domain']);
 		$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: " . $certrow['domain']);
 		$domains = array(
 			$certrow['domain']
 		);
 		if ($certrow['iswildcarddomain'] == 1) {
 			$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: *." . $certrow['domain']);
 			$domains[] = '*.' . $certrow['domain'];
 		}
 		elseif ($certrow['wwwserveralias'] == 1) {
 			// add www.<domain> to SAN list
 			$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $certrow['domain']);
 			$domains[] = 'www.' . $certrow['domain'];
 		}
 		// add alias domains (and possibly www.<aliasdomain>) to SAN list
 		Database::pexecute($aliasdomains_stmt, array(
 			'id' => $certrow['domainid']
 		));
 		$aliasdomains = $aliasdomains_stmt->fetchAll(PDO::FETCH_ASSOC);
 		foreach ($aliasdomains as $aliasdomain) {
 			$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: " . $aliasdomain['domain']);
 			$domains[] = $aliasdomain['domain'];
 			if ($aliasdomain['iswildcarddomain'] == 1) {
 				$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: *." . $aliasdomain['domain']);
 				$domains[] = '*.' . $aliasdomain['domain'];
 			}
 			elseif ($aliasdomain['wwwserveralias'] == 1) {
 				$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $aliasdomain['domain']);
 				$domains[] = 'www.' . $aliasdomain['domain'];
 			}
 		}
 		try {
 			// Initialize Lescript with documentroot
 			$le = new lescript_v2($cronlog, $version);
 			// Initialize Lescript
 			$le->initAccount($certrow);
 			// Request the new certificate (old key may be used)
 			$return = $le->signDomains($domains, $certrow['ssl_key_file']);
 			// We are interessted in the expirationdate
 			$newcert = openssl_x509_parse($return['crt']);
 			// Store the new data
 			Database::pexecute($updcert_stmt, array(
 				'id' => $certrow['id'],
 				'domainid' => $certrow['domainid'],
 				'crt' => $return['crt'],
 				'key' => $return['key'],
 				'ca' => $return['chain'],
 				'chain' => $return['chain'],
 				'csr' => $return['csr'],
 				'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
 			));
 			if ($certrow['ssl_redirect'] == 3) {
 				Database::pexecute($upddom_stmt, array(
 					'domainid' => $certrow['domainid']
 				));
 			}
 			$cronlog->logAction(CRON_ACTION, LOG_INFO, "Updated Let's Encrypt certificate for " . $certrow['domain']);
 			$changedetected = 1;
 		} catch (Exception $e) {
 			$cronlog->logAction(CRON_ACTION, LOG_ERR, "Could not get Let's Encrypt certificate for " . $certrow['domain'] . ": " . $e->getMessage());
 		}
 	} else {
 		$cronlog->logAction(CRON_ACTION, LOG_WARNING, "Skipping Let's Encrypt generation for " . $certrow['domain'] . " due to an enabled ssl_redirect");
 	}
 }
 // If we have a change in a certificate, we need to update the webserver - configs
 // This is easiest done by just creating a new task ;)
 if ($changedetected) {
 	inserttask(1);
 }
 // reset logger
 $cronlog = FroxlorLogger::getInstanceOf(array(
 	'loginname' => 'cronjob'
 ));
 $cronlog->logAction(CRON_ACTION, LOG_INFO, "Let's Encrypt certificates have been updated");
--- a/scripts/jobs/cron_tasks.inc.dns.20.pdns.php
+++ b/scripts/jobs/cron_tasks.inc.dns.20.pdns.php
@@ -227,7 +227,7 @@ class pdns extends DnsBase
 		// build up connection string
 		$driver = 'mysql';
 		$dsn = $driver.":";
-		$options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'set names utf8');
+		$options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"');
 		$attributes = array('ATTR_ERRMODE' => 'ERRMODE_EXCEPTION');
 		$dbconf = array();
--- a/scripts/jobs/cron_tasks.inc.http.10.apache.php
+++ b/scripts/jobs/cron_tasks.inc.http.10.apache.php
@@ -58,8 +58,22 @@ class apache extends HttpConfigBase
 	public function reload()
 	{
 		if ((int) Settings::Get('phpfpm.enabled') == 1) {
-			$this->logger->logAction(CRON_ACTION, LOG_INFO, 'apache::reload: reloading php-fpm');
+			// get all start/stop commands
-			safe_exec(escapeshellcmd(Settings::Get('phpfpm.reload')));
+			$startstop_sel = Database::prepare("SELECT reload_cmd, config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
 			Database::pexecute($startstop_sel);
 			$restart_cmds = $startstop_sel->fetchAll(PDO::FETCH_ASSOC);
 			// restart all php-fpm instances
 			foreach ($restart_cmds as $restart_cmd) {
 				// check whether the config dir is empty (no domains uses this daemon)
 				// so we need to create a dummy
 				$isDirEmpty = !(new \FilesystemIterator($restart_cmd['config_dir']))->valid();
 				if ($isDirEmpty) {
 					$this->logger->logAction(CRON_ACTION, LOG_INFO, 'apache::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
 					phpinterface_fpm::createDummyPool($restart_cmd['config_dir']);
 				}
 				$this->logger->logAction(CRON_ACTION, LOG_INFO, 'apache::reload: running ' . $restart_cmd['reload_cmd']);
 				safe_exec(escapeshellcmd($restart_cmd['reload_cmd']));
 			}
 		}
 		$this->logger->logAction(CRON_ACTION, LOG_INFO, 'apache::reload: reloading apache');
 		safe_exec(escapeshellcmd(Settings::Get('system.apachereload_command')));
@@ -78,34 +92,36 @@ class apache extends HttpConfigBase
 		}
 		$vhosts_filename = makeCorrectFile($vhosts_folder . '/05_froxlor_dirfix_nofcgid.conf');
-		if (Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1') {
+		if (! isset($this->virtualhosts_data[$vhosts_filename])) {
-			// if we use fcgid or php-fpm we don't need this file
+			$this->virtualhosts_data[$vhosts_filename] = '';
-			if (file_exists($vhosts_filename)) {
+		}
-				$this->logger->logAction(CRON_ACTION, LOG_NOTICE, 'apache::_createStandardDirectoryEntry: unlinking ' . basename($vhosts_filename));
+		
-				unlink(makeCorrectFile($vhosts_filename));
+		$this->virtualhosts_data[$vhosts_filename] .= '  <Directory "' . makeCorrectDir(Settings::Get('system.documentroot_prefix')) . '">' . "\n";
-			}
+		
 		// check for custom values, see #1638
 		$custom_opts = Settings::Get('system.apacheglobaldiropt');
 		if (! empty($custom_opts)) {
 			$this->virtualhosts_data[$vhosts_filename] .= $custom_opts . "\n";
 		} else {
-			if (! isset($this->virtualhosts_data[$vhosts_filename])) {
+			// >=apache-2.4 enabled?
-				$this->virtualhosts_data[$vhosts_filename] = '';
+			if (Settings::Get('system.apache24') == '1') {
-			}
+				$this->virtualhosts_data[$vhosts_filename] .= '    Require all granted' . "\n";
-
+				$this->virtualhosts_data[$vhosts_filename] .= '    AllowOverride All' . "\n";
 			$this->virtualhosts_data[$vhosts_filename] .= '  <Directory "' . makeCorrectDir(Settings::Get('system.documentroot_prefix')) . '">' . "\n";
 			// check for custom values, see #1638
 			$custom_opts = Settings::Get('system.apacheglobaldiropt');
 			if (! empty($custom_opts)) {
 				$this->virtualhosts_data[$vhosts_filename] .= $custom_opts . "\n";
 			} else {
-				// >=apache-2.4 enabled?
+				$this->virtualhosts_data[$vhosts_filename] .= '    Order allow,deny' . "\n";
-				if (Settings::Get('system.apache24') == '1') {
+				$this->virtualhosts_data[$vhosts_filename] .= '    allow from all' . "\n";
-					$this->virtualhosts_data[$vhosts_filename] .= '    Require all granted' . "\n";
+			}
-					$this->virtualhosts_data[$vhosts_filename] .= '    AllowOverride All' . "\n";
+		}
-				} else {
+		$this->virtualhosts_data[$vhosts_filename] .= '  </Directory>' . "\n";
-					$this->virtualhosts_data[$vhosts_filename] .= '    Order allow,deny' . "\n";
+		
-					$this->virtualhosts_data[$vhosts_filename] .= '    allow from all' . "\n";
+		$ocsp_cache_filename = makeCorrectFile($vhosts_folder . '/03_froxlor_ocsp_cache.conf');
-				}
+		if (Settings::Get('system.use_ssl') == '1' && Settings::Get('system.apache24') == 1) {
 			$this->virtualhosts_data[$ocsp_cache_filename] = 'SSLStaplingCache ' . Settings::Get('system.apache24_ocsp_cache_path') . "\n";
 		} else {
 			if (file_exists($ocsp_cache_filename)) {
 				$this->logger->logAction(CRON_ACTION, LOG_NOTICE, 'apache::_createStandardDirectoryEntry: unlinking ' . basename($ocsp_cache_filename));
 				unlink(makeCorrectFile($ocsp_cache_filename));
 			}
 			$this->virtualhosts_data[$vhosts_filename] .= '  </Directory>' . "\n";
 		}
 	}
@@ -242,7 +258,7 @@ class apache extends HttpConfigBase
 								'adminid' => 1, /* first admin-user (superadmin) */
 								'mod_fcgid_starter' => - 1,
 								'mod_fcgid_maxrequests' => - 1,
-								'guid' => Settings::Get('phpfpm.vhost_httpuser'),
+								'guid' => Settings::Get('system.mod_fcgid_httpuser'),
 								'openbasedir' => 0,
 								'email' => Settings::Get('panel.adminmail'),
 								'loginname' => 'froxlor.panel',
@@ -277,8 +293,16 @@ class apache extends HttpConfigBase
 							}
 							$this->virtualhosts_data[$vhosts_filename] .= '  </Directory>' . "\n";
 						}
-					}
+					} elseif (Settings::Get('phpfpm.enabled') == '1') {
-					elseif (Settings::Get('phpfpm.enabled') == '1') {
+						// get fpm config
 						$fpm_sel_stmt = Database::prepare("
 							SELECT f.id FROM `" . TABLE_PANEL_FPMDAEMONS . "` f
 							LEFT JOIN `" . TABLE_PANEL_PHPCONFIGS . "` p ON p.fpmsettingid = f.id
 							WHERE p.id = :phpconfigid
 						");
 						$fpm_config = Database::pexecute_first($fpm_sel_stmt, array(
 							'phpconfigid' => Settings::Get('phpfpm.vhost_defaultini')
 						));
 						// create php-fpm <Directory>-Part (config is created in apache_fcgid)
 						$domain = array(
 							'id' => 'none',
@@ -290,7 +314,8 @@ class apache extends HttpConfigBase
 							'openbasedir' => 0,
 							'email' => Settings::Get('panel.adminmail'),
 							'loginname' => 'froxlor.panel',
-							'documentroot' => $mypath
+							'documentroot' => $mypath,
 							'fpm_config_id' => isset($fpm_config['id']) ? $fpm_config['id'] : 1
 						);
 						$php = new phpinterface($domain);
@@ -302,14 +327,38 @@ class apache extends HttpConfigBase
 						// mod_proxy stuff for apache-2.4
 						if (Settings::Get('system.apache24') == '1' && Settings::Get('phpfpm.use_mod_proxy') == '1') {
-							$this->virtualhosts_data[$vhosts_filename] .= '  <FilesMatch \.php$>' . "\n";
+							$filesmatch = $phpconfig['fpm_settings']['limit_extensions'];
 							$extensions = explode(" ", $filesmatch);
 							$filesmatch = "";
 							foreach ($extensions as $ext) {
 								$filesmatch .= substr($ext, 1).'|';
 							}
 							// start block, cut off last pipe and close block
 							$filesmatch = '('.str_replace(".", "\.", substr($filesmatch, 0, -1)).')';
 							$this->virtualhosts_data[$vhosts_filename] .= '  <FilesMatch \.'.$filesmatch.'$>'. "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= '  SetHandler proxy:unix:' . $php->getInterface()->getSocketFile() . '|fcgi://localhost' . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= '  </FilesMatch>' . "\n";
 							if ($phpconfig['pass_authorizationheader'] == '1') {
 								$this->virtualhosts_data[$vhosts_filename] .= '  <Directory "' . $mypath . '">' . "\n";
 								$this->virtualhosts_data[$vhosts_filename] .= '      CGIPassAuth On' . "\n";
 								$this->virtualhosts_data[$vhosts_filename] .= '  </Directory>' . "\n";
 							}
 						} else {
-							$this->virtualhosts_data[$vhosts_filename] .= '  FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . $srvName . ' -socket ' . $php->getInterface()->getSocketFile() . ' -idle-timeout ' . Settings::Get('phpfpm.idle_timeout') . "\n";
+							$addheader = "";
 							if ($phpconfig['pass_authorizationheader'] == '1') {
 								$addheader = " -pass-header Authorization";
 							}
 							$this->virtualhosts_data[$vhosts_filename] .= '  FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . $srvName . ' -socket ' . $php->getInterface()->getSocketFile() . ' -idle-timeout ' . $phpconfig['fpm_settings']['idle_timeout'] . $addheader . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= '  <Directory "' . $mypath . '">' . "\n";
-							$file_extensions = explode(' ', $phpconfig['file_extensions']);
+							$filesmatch = $phpconfig['fpm_settings']['limit_extensions'];
-							$this->virtualhosts_data[$vhosts_filename] .= '   <FilesMatch "\.(' . implode('|', $file_extensions) . ')$">' . "\n";
+							$extensions = explode(" ", $filesmatch);
 							$filesmatch = "";
 							foreach ($extensions as $ext) {
 								$filesmatch .= substr($ext, 1).'|';
 							}
 							// start block, cut off last pipe and close block
 							$filesmatch = '('.str_replace(".", "\.", substr($filesmatch, 0, -1)).')';
 							$this->virtualhosts_data[$vhosts_filename] .= '   <FilesMatch \.'.$filesmatch.'$>'. "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= '     AddHandler php5-fastcgi .php' . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= '     Action php5-fastcgi /fastcgiphp' . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= '      Options +ExecCGI' . "\n";
@@ -344,8 +393,7 @@ class apache extends HttpConfigBase
 						);
 					}
 				} // end of ssl-redirect check
-				else
+				else {
 				{
 					// fallback of froxlor domain-data for processSpecialConfigTemplate()
 					$domain = array(
 						'domain' => Settings::Get('system.hostname'),
@@ -421,7 +469,13 @@ class apache extends HttpConfigBase
 						} else {
 							$this->virtualhosts_data[$vhosts_filename] .= ' SSLEngine On' . "\n";
-							$this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol -ALL +TLSv1 +TLSv1.2' . "\n";
+							$this->virtualhosts_data[$vhosts_filename] .= ' SSLProtocol -ALL +' . str_replace(","," +", Settings::Get('system.ssl_protocols')) . "\n";
 							if (Settings::Get('system.apache24') == '1') {
 								if (Settings::Get('system.http2_support') == '1') {
 									$this->virtualhosts_data[$vhosts_filename] .= ' Protocols h2 http/1.1' . "\n";
 								}
 								$this->virtualhosts_data[$vhosts_filename] .= ' SSLCompression Off' . "\n";
 							}
 							// this makes it more secure, thx to Marcel (08/2013)
 							$this->virtualhosts_data[$vhosts_filename] .= ' SSLHonorCipherOrder On' . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= ' SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";
@@ -499,6 +553,8 @@ class apache extends HttpConfigBase
 		if ($domain['phpenabled_customer'] == 1 && $domain['phpenabled_vhost'] == '1') {
 			// This vHost has PHP enabled and we are using the regular mod_php
 			$cmail = getCustomerDetail($domain['customerid'], 'email');
 			$php_options_text .= '  php_admin_value sendmail_path "/usr/sbin/sendmail -t -f ' . $cmail . '"' . PHP_EOL;
 			if ($domain['openbasedir'] == '1') {
 				if ($domain['openbasedir_path'] == '1' || strstr($domain['documentroot'], ":") !== false) {
@@ -592,6 +648,16 @@ class apache extends HttpConfigBase
 		if ($domain['deactivated'] == '1' && Settings::Get('system.deactivateddocroot') != '') {
 			$webroot_text .= '  # Using docroot for deactivated users...' . "\n";
 			$webroot_text .= '  DocumentRoot "' . makeCorrectDir(Settings::Get('system.deactivateddocroot')) . "\"\n";
 			$webroot_text .= '  <Directory "' . makeCorrectDir(Settings::Get('system.deactivateddocroot')) . '">' . "\n";
 			// >=apache-2.4 enabled?
 			if (Settings::Get('system.apache24') == '1') {
 				$webroot_text .= '    Require all granted' . "\n";
 				$webroot_text .= '    AllowOverride All' . "\n";
 			} else {
 				$webroot_text .= '    Order allow,deny' . "\n";
 				$webroot_text .= '    allow from all' . "\n";
 			}
 			$webroot_text .= '  </Directory>' . "\n";
 			$this->_deactivated = true;
 		} else {
 			$webroot_text .= '  DocumentRoot "' . $domain['documentroot'] . "\"\n";
@@ -795,6 +861,7 @@ class apache extends HttpConfigBase
 		$vhost_content .= '<VirtualHost ' . trim($ipportlist) . '>' . "\n";
 		$vhost_content .= $this->getServerNames($domain);
 		$domain['documentroot_norewrite'] = $domain['documentroot'];
 		if (($ssl_vhost == false && $domain['ssl'] == '1' && $domain['ssl_redirect'] == '1')) {
 			// We must not check if our port differs from port 443,
 			// but if there is a destination-port != 443
@@ -818,6 +885,7 @@ class apache extends HttpConfigBase
 			}
 			$domain['documentroot'] = 'https://%{HTTP_HOST}' . $_sslport . '/';
 			$domain['documentroot_norewrite'] = 'https://' . $domain['domain'] . $_sslport . '/';
 		}
 		if ($ssl_vhost === true && $domain['ssl'] == '1' && Settings::Get('system.use_ssl') == '1') {
@@ -839,7 +907,13 @@ class apache extends HttpConfigBase
 			if ($domain['ssl_cert_file'] != '') {
 				$vhost_content .= '  SSLEngine On' . "\n";
-				$vhost_content .= '  SSLProtocol -ALL +TLSv1 +TLSv1.2' . "\n";
+				$vhost_content .= '  SSLProtocol -ALL +' . str_replace(","," +", Settings::Get('system.ssl_protocols')) . "\n";
 				if (Settings::Get('system.apache24') == '1') {
 					if (isset($domain['http2']) && $domain['http2'] == '1' && Settings::Get('system.http2_support') == '1') {
 						$vhost_content .= ' Protocols h2 http/1.1' . "\n";
 					}
 					$vhost_content .= '  SSLCompression Off' . "\n";
 				}
 				// this makes it more secure, thx to Marcel (08/2013)
 				$vhost_content .= '  SSLHonorCipherOrder On' . "\n";
 				$vhost_content .= '  SSLCipherSuite ' . Settings::Get('system.ssl_cipher_list') . "\n";
@@ -858,6 +932,10 @@ class apache extends HttpConfigBase
 					$vhost_content .= '  SSLCertificateChainFile ' . makeCorrectFile($domain['ssl_cert_chainfile']) . "\n";
 				}
 				if (Settings::Get('system.apache24') == '1' && isset($domain['ocsp_stapling']) && $domain['ocsp_stapling'] == '1') {
 					$vhost_content .= '  SSLUseStapling on' . PHP_EOL;
 				}
 				if ($domain['hsts'] >= 0) {
 					$vhost_content .= '  <IfModule mod_headers.c>' . "\n";
 					$vhost_content .= '    Header always set Strict-Transport-Security "max-age=' . $domain['hsts'];
@@ -903,7 +981,7 @@ class apache extends HttpConfigBase
 			$vhost_content .= '    RewriteRule ^/(.*) ' . $corrected_docroot . '$1' . $modrew_red . "\n";
 			$vhost_content .= '  </IfModule>' . "\n";
 			$vhost_content .= '  <IfModule !mod_rewrite.c>' . "\n";
-			$vhost_content .= '    Redirect ' . $code . ' / ' . $corrected_docroot . "\n";
+			$vhost_content .= '    Redirect ' . $code . ' / ' . $domain['documentroot_norewrite'] . "\n";
 			$vhost_content .= '  </IfModule>' . "\n";
 		} else {
--- a/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php
+++ b/scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php
@@ -44,7 +44,15 @@ class apache_fcgid extends apache
 				if (Settings::Get('system.apache24') == '1'
 					&& Settings::Get('phpfpm.use_mod_proxy') == '1'
 				) {
-					$php_options_text.= '  <FilesMatch \.php$>'. "\n";
+					$filesmatch = $phpconfig['fpm_settings']['limit_extensions'];
 					$extensions = explode(" ", $filesmatch);
 					$filesmatch = "";
 					foreach ($extensions as $ext) {
 						$filesmatch .= substr($ext, 1).'|';
 					}
 					// start block, cut off last pipe and close block
 					$filesmatch = '('.str_replace(".", "\.", substr($filesmatch, 0, -1)).')';
 					$php_options_text.= '  <FilesMatch \.'.$filesmatch.'$>'. "\n";
 					$php_options_text.= '  SetHandler proxy:unix:' . $php->getInterface()->getSocketFile()  . '|fcgi://localhost'. "\n";
 					$php_options_text.= '  </FilesMatch>' . "\n";
@@ -54,15 +62,35 @@ class apache_fcgid extends apache
 				    // for this path, as this would be the first require and therefore grant all access
 				    if ($mypath_dir->isUserProtected() == false) {
 						$php_options_text.= '  <Directory "' . makeCorrectDir($domain['documentroot']) . '">' . "\n";
 						if ($phpconfig['pass_authorizationheader'] == '1') {
 							$php_options_text.= '    CGIPassAuth On' . "\n";
 						}
 					    $php_options_text.= '    Require all granted' . "\n";
 						$php_options_text.= '    AllowOverride All' . "\n";
 						$php_options_text.= '  </Directory>' . "\n";
 				    } elseif ($phpconfig['pass_authorizationheader'] == '1') {
 						// allow Pass of Authorization header
 						$php_options_text.= '  <Directory "' . makeCorrectDir($domain['documentroot']) . '">' . "\n";
 						$php_options_text.= '    CGIPassAuth On' . "\n";
 						$php_options_text.= '  </Directory>' . "\n";
 				    }
 				} else {
-					$php_options_text.= '  FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . $srvName . ' -socket ' . $php->getInterface()->getSocketFile()  . ' -idle-timeout ' . Settings::Get('phpfpm.idle_timeout') . "\n";
+					$addheader = "";
 					if ($phpconfig['pass_authorizationheader'] == '1') {
 						$addheader = " -pass-header Authorization";
 					}
 					$php_options_text.= '  FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . $srvName . ' -socket ' . $php->getInterface()->getSocketFile()  . ' -idle-timeout ' . $phpconfig['fpm_settings']['idle_timeout'] . $addheader . "\n";
 					$php_options_text.= '  <Directory "' . makeCorrectDir($domain['documentroot']) . '">' . "\n";
-					$php_options_text.= '    <FilesMatch "\.php$">' . "\n";
+					$filesmatch = $phpconfig['fpm_settings']['limit_extensions'];
 					$extensions = explode(" ", $filesmatch);
 					$filesmatch = "";
 					foreach ($extensions as $ext) {
 						$filesmatch .= substr($ext, 1).'|';
 					}
 					// start block, cut off last pipe and close block
 					$filesmatch = '('.str_replace(".", "\.", substr($filesmatch, 0, -1)).')';
 					$php_options_text.= '    <FilesMatch \.'.$filesmatch.'$>'. "\n";
 					$php_options_text.= '      SetHandler php5-fastcgi'. "\n";
 					$php_options_text.= '      Action php5-fastcgi /fastcgiphp' . "\n";
 					$php_options_text.= '      Options +ExecCGI' . "\n";
@@ -155,6 +183,16 @@ class apache_fcgid extends apache
 			) {
 				$user = Settings::Get('phpfpm.vhost_httpuser');
 				$group = Settings::Get('phpfpm.vhost_httpgroup');
 				// get fpm config
 				$fpm_sel_stmt = Database::prepare("
 					SELECT f.id FROM `" . TABLE_PANEL_FPMDAEMONS . "` f
 					LEFT JOIN `" . TABLE_PANEL_PHPCONFIGS . "` p ON p.fpmsettingid = f.id
 					WHERE p.id = :phpconfigid
 				");
 				$fpm_config = Database::pexecute_first($fpm_sel_stmt, array(
 					'phpconfigid' => Settings::Get('phpfpm.vhost_defaultini')
 				));
 			}
 			$domain = array(
@@ -167,7 +205,8 @@ class apache_fcgid extends apache
 				'openbasedir' => 0,
 				'email' => Settings::Get('panel.adminmail'),
 				'loginname' => 'froxlor.panel',
-				'documentroot' => $mypath
+				'documentroot' => $mypath,
 				'fpm_config_id' => isset($fpm_config['id']) ? $fpm_config['id'] : 1
 			);
 			// all the files and folders have to belong to the local user
--- a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
+++ b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
@@ -58,8 +58,22 @@ class lighttpd extends HttpConfigBase
 	public function reload()
 	{
 		if ((int) Settings::Get('phpfpm.enabled') == 1) {
-			$this->logger->logAction(CRON_ACTION, LOG_INFO, 'lighttpd::reload: reloading php-fpm');
+			// get all start/stop commands
-			safe_exec(escapeshellcmd(Settings::Get('phpfpm.reload')));
+			$startstop_sel = Database::prepare("SELECT reload_cmd, config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
 			Database::pexecute($startstop_sel);
 			$restart_cmds = $startstop_sel->fetchAll(PDO::FETCH_ASSOC);
 			// restart all php-fpm instances
 			foreach ($restart_cmds as $restart_cmd) {
 				// check whether the config dir is empty (no domains uses this daemon)
 				// so we need to create a dummy
 				$isDirEmpty = !(new \FilesystemIterator($restart_cmd['config_dir']))->valid();
 				if ($isDirEmpty) {
 					$this->logger->logAction(CRON_ACTION, LOG_INFO, 'lighttpd::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
 					phpinterface_fpm::createDummyPool($restart_cmd['config_dir']);
 				}
 				$this->logger->logAction(CRON_ACTION, LOG_INFO, 'lighttpd::reload: running ' . $restart_cmd['reload_cmd']);
 				safe_exec(escapeshellcmd($restart_cmd['reload_cmd']));
 			}
 		}
 		$this->logger->logAction(CRON_ACTION, LOG_INFO, 'lighttpd::reload: reloading lighttpd');
 		safe_exec(escapeshellcmd(Settings::Get('system.apachereload_command')));
@@ -535,7 +549,8 @@ class lighttpd extends HttpConfigBase
 			if ($domain['ssl_cert_file'] != '') {
-				$ssl_settings .= 'ssl.engine = "enable"' . "\n";
+				// ssl.engine only necessary once in the ip/port vhost (SERVER['socket'] condition)
 				//$ssl_settings .= 'ssl.engine = "enable"' . "\n";
 				$ssl_settings .= 'ssl.use-compression = "disable"' . "\n";
 				$ssl_settings .= 'ssl.use-sslv2 = "disable"' . "\n";
 				$ssl_settings .= 'ssl.use-sslv3 = "disable"' . "\n";
--- a/scripts/jobs/cron_tasks.inc.http.30.nginx.php
+++ b/scripts/jobs/cron_tasks.inc.http.30.nginx.php
@@ -73,8 +73,22 @@ class nginx extends HttpConfigBase
 			$this->logger->logAction(CRON_ACTION, LOG_INFO, 'nginx::reload: restarting php processes');
 			safe_exec(Settings::Get('system.phpreload_command'));
 		} elseif ((int) Settings::Get('phpfpm.enabled') == 1) {
-			$this->logger->logAction(CRON_ACTION, LOG_INFO, 'nginx::reload: reloading php-fpm');
+			// get all start/stop commands
-			safe_exec(escapeshellcmd(Settings::Get('phpfpm.reload')));
+			$startstop_sel = Database::prepare("SELECT reload_cmd, config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
 			Database::pexecute($startstop_sel);
 			$restart_cmds = $startstop_sel->fetchAll(PDO::FETCH_ASSOC);
 			// restart all php-fpm instances
 			foreach ($restart_cmds as $restart_cmd) {
 				// check whether the config dir is empty (no domains uses this daemon)
 				// so we need to create a dummy
 				$isDirEmpty = !(new \FilesystemIterator($restart_cmd['config_dir']))->valid();
 				if ($isDirEmpty) {
 					$this->logger->logAction(CRON_ACTION, LOG_INFO, 'nginx::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
 					phpinterface_fpm::createDummyPool($restart_cmd['config_dir']);
 				}
 				$this->logger->logAction(CRON_ACTION, LOG_INFO, 'nginx::reload: running ' . $restart_cmd['reload_cmd']);
 				safe_exec(escapeshellcmd($restart_cmd['reload_cmd']));
 			}
 		}
 	}
@@ -196,7 +210,7 @@ class nginx extends HttpConfigBase
 					}
 				}
-				$http2 = $ssl_vhost == true && Settings::Get('system.nginx_http2_support') == '1';
+				$http2 = $ssl_vhost == true && Settings::Get('system.http2_support') == '1';
 				/**
 				 * this HAS to be set for the default host in nginx or else no vhost will work
@@ -418,7 +432,7 @@ class nginx extends HttpConfigBase
 				$_vhost_content .= $this->processSpecialConfigTemplate($ipandport['default_vhostconf_domain'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
 			}
-            $http2 = $ssl_vhost == true && Settings::Get('system.nginx_http2_support') == '1';
+			$http2 = $ssl_vhost == true && (isset($domain['http2']) && $domain['http2'] == '1' && Settings::Get('system.http2_support') == '1');
            $vhost_content .= "\t" . 'listen ' . $ipport . ($ssl_vhost == true ? ' ssl' : '') . ($http2 == true ? ' http2' : '') . ';' . "\n";
 		}
@@ -609,7 +623,7 @@ class nginx extends HttpConfigBase
 			} else {
 				// obsolete: ssl on now belongs to the listen block as 'ssl' at the end
 				// $sslsettings .= "\t" . 'ssl on;' . "\n";
-				$sslsettings .= "\t" . 'ssl_protocols TLSv1 TLSv1.2;' . "\n";
+				$sslsettings .= "\t" . 'ssl_protocols ' . str_replace(",", " ", Settings::Get('system.ssl_protocols')) . ';' . "\n";
 				$sslsettings .= "\t" . 'ssl_ciphers ' . Settings::Get('system.ssl_cipher_list') . ';' . "\n";
 				$sslsettings .= "\t" . 'ssl_ecdh_curve secp384r1;' . "\n";
 				$sslsettings .= "\t" . 'ssl_prefer_server_ciphers on;' . "\n";
@@ -634,6 +648,14 @@ class nginx extends HttpConfigBase
 					}
 					$sslsettings .= '";' . "\n";
 				}
 				if ((isset($domain_or_ip['ocsp_stapling']) && $domain_or_ip['ocsp_stapling'] == "1") ||
 						(isset($domain_or_ip['letsencrypt']) && $domain_or_ip['letsencrypt'] == "1") ) {
 					$sslsettings .= "\t" . 'ssl_stapling on;' . "\n";
 					$sslsettings .= "\t" . 'ssl_stapling_verify on;' . "\n";
 					$sslsettings .= "\t" . 'ssl_trusted_certificate ' .
 							makeCorrectFile($domain_or_ip['ssl_cert_file']) . ';' . "\n";
 				}
 			}
 		}
@@ -711,6 +733,11 @@ class nginx extends HttpConfigBase
 								if ($single['path'] == '/') {
 									$path_options .= "\t\t" . 'auth_basic            "' . $single['authname'] . '";' . "\n";
 									$path_options .= "\t\t" . 'auth_basic_user_file  ' . makeCorrectFile($single['usrf']) . ';' . "\n";
 									if ($domain['phpenabled_customer'] == 1 && $domain['phpenabled_vhost'] == '1') {
 										$path_options .= "\t\t" . 'index    index.php index.html index.htm;' . "\n";
 									} else {
 										$path_options .= "\t\t" . 'index    index.html index.htm;' . "\n";
 									}
 									$path_options .= "\t\t" . 'location ~ ^(.+?\.php)(/.*)?$ {' . "\n";
 									$path_options .= "\t\t\t" . 'try_files ' . $domain['nonexistinguri'] . ' @php;' . "\n";
 									$path_options .= "\t\t" . '}' . "\n";
@@ -768,6 +795,11 @@ class nginx extends HttpConfigBase
 						$path_options .= "\t" . 'location ' . makeCorrectDir($single['path']) . ' {' . "\n";
 						$path_options .= "\t\t" . 'auth_basic            "' . $single['authname'] . '";' . "\n";
 						$path_options .= "\t\t" . 'auth_basic_user_file  ' . makeCorrectFile($single['usrf']) . ';' . "\n";
 						if ($domain['phpenabled_customer'] == 1 && $domain['phpenabled_vhost'] == '1') {
 							$path_options .= "\t\t" . 'index    index.php index.html index.htm;' . "\n";
 						} else {
 							$path_options .= "\t\t" . 'index    index.html index.htm;' . "\n";
 						}
 						$path_options .= "\t\t" . 'location ~ ^(.+?\.php)(/.*)?$ {' . "\n";
 						$path_options .= "\t\t\t" . 'try_files ' . $domain['nonexistinguri'] . ' @php;' . "\n";
 						$path_options .= "\t\t" . '}' . "\n";
--- a/scripts/jobs/cron_tasks.php
+++ b/scripts/jobs/cron_tasks.php
@@ -168,9 +168,17 @@ while ($row = $result_tasks_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Running: chown -R ' . (int)Settings::Get('system.vmail_uid') . ':' . (int)Settings::Get('system.vmail_gid') . ' ' . escapeshellarg($usermaildir));
 			safe_exec('chown -R ' . (int)Settings::Get('system.vmail_uid') . ':' . (int)Settings::Get('system.vmail_gid') . ' ' . escapeshellarg($usermaildir));
 			if (Settings::Get('system.nssextrausers') == 1)
 			{
 				// explicitly create files after user has been created to avoid unknown user issues for apache/php-fpm when task#1 runs after this
 				include_once makeCorrectFile(FROXLOR_INSTALL_DIR.'/scripts/classes/class.Extrausers.php');
 				Extrausers::generateFiles($cronlog);
 			}
 			// clear NSCD cache if using fcgid or fpm, #1570
 			if (Settings::Get('system.mod_fcgid') == 1 || (int)Settings::Get('phpfpm.enabled') == 1) {
 				$false_val = false;
 				safe_exec('nscd -i passwd 1> /dev/null', $false_val, array('>'));
 				safe_exec('nscd -i group 1> /dev/null', $false_val, array('>'));
 			}
 		}
--- a/Show More
+++ b/Show More