set version to 2.0.24 for upcoming maintenance release

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

admin_admins.php

@@ -77,6 +77,7 @@ if (($page == 'admins' || $page == 'overview') && $userinfo['change_serversettin
 			$result['switched_user'] = CurrentUser::getData();
 			$result['adminsession'] = 1;
 			$result['userid'] = $result['adminid'];
+			session_regenerate_id(true);
 			CurrentUser::setData($result);
 
 			$log->logAction(

admin_configfiles.php

@@ -33,6 +33,7 @@ use Froxlor\Settings;
 use Froxlor\UI\Panel\UI;
 use Froxlor\UI\Request;
 use Froxlor\UI\Response;
+use Froxlor\Validate\Validate;
 
 if ($userinfo['change_serversettings'] == '1') {
 	if ($action == 'setconfigured') {
@@ -91,6 +92,7 @@ if ($userinfo['change_serversettings'] == '1') {
 	}
 
 	if ($distribution != "" && isset($_POST['finish'])) {
+		$valid_keys = ['http', 'dns', 'smtp', 'mail', 'ftp', 'system', 'distro'];
 		unset($_POST['finish']);
 		unset($_POST['csrf_token']);
 		$params = $_POST;
@@ -99,6 +101,20 @@ if ($userinfo['change_serversettings'] == '1') {
 		foreach ($_POST['system'] as $sysdaemon) {
 			$params['system'][] = $sysdaemon;
 		}
+		// validate params
+		foreach ($params as $key => $value) {
+			if (!in_array($key, $valid_keys)) {
+				unset($params[$key]);
+				continue;
+			}
+			if (!is_array($value)) {
+				$params[$key] = Validate::validate($value, $key);
+			} else {
+				foreach ($value as $subkey => $subvalue) {
+					$params[$key][$subkey] = Validate::validate($subvalue, $key.'.'.$subkey);
+				}
+			}
+		}
 		$params_content = json_encode($params);
 		$params_filename = FileDir::makeCorrectFile(Froxlor::getInstallDir() . 'install/' . Froxlor::genSessionId() . '.json');
 		file_put_contents($params_filename, $params_content);

admin_customers.php

@@ -93,6 +93,7 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != '
 			$result['switched_user'] = CurrentUser::getData();
 			$result['adminsession'] = 0;
 			$result['userid'] = $result['customerid'];
+			session_regenerate_id(true);
 			CurrentUser::setData($result);
 
 			$log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "switched user and is now '" . $destination_user . "'");

admin_index.php

@@ -53,6 +53,7 @@ if ($action == 'logout') {
 	if (is_array(CurrentUser::getField('switched_user'))) {
 		$result = CurrentUser::getData();
 		$result = $result['switched_user'];
+		session_regenerate_id(true);
 		CurrentUser::setData($result);
 		$target = (isset($_GET['target']) ? $_GET['target'] : 'index');
 		$redirect = "admin_" . $target . ".php";

bin/froxlor-cli

@@ -26,6 +26,7 @@
 
 declare(strict_types=1);
 
+use Froxlor\Cli\ConfigDiff;
 use Symfony\Component\Console\Application;
 use Froxlor\Cli\RunApiCommand;
 use Froxlor\Cli\ConfigServices;
@@ -61,4 +62,5 @@ $application->add(new InstallCommand());
 $application->add(new MasterCron());
 $application->add(new UserCommand());
 $application->add(new ValidateAcmeWebroot());
+$application->add(new ConfigDiff());
 $application->run();

customer_index.php

@@ -52,6 +52,7 @@ if ($action == 'logout') {
 	if (is_array(CurrentUser::getField('switched_user'))) {
 		$result = CurrentUser::getData();
 		$result = $result['switched_user'];
+		session_regenerate_id(true);
 		CurrentUser::setData($result);
 		$target = (isset($_GET['target']) ? $_GET['target'] : 'index');
 		$redirect = "admin_" . $target . ".php";

index.php

@@ -40,7 +40,6 @@ use Froxlor\UI\Panel\UI;
 use Froxlor\UI\Response;
 use Froxlor\User;
 use Froxlor\Validate\Validate;
-use Froxlor\Language;
 
 if ($action == '') {
 	$action = 'login';
@@ -161,7 +160,7 @@ if ($action == '2fa_entercode') {
 	]);
 	exit();
 } elseif ($action == 'login') {
-	if (isset($_POST['send']) && $_POST['send'] == 'send') {
+	if (!empty($_POST)) {
 		$loginname = Validate::validate($_POST['loginname'], 'loginname');
 		$password = Validate::validate($_POST['password'], 'password');
 
@@ -431,13 +430,18 @@ if ($action == '2fa_entercode') {
 		}
 		$lastqrystr = "";
 		if (isset($_REQUEST['qrystr']) && $_REQUEST['qrystr'] != "") {
-			$lastqrystr = htmlspecialchars($_REQUEST['qrystr'], ENT_QUOTES);
+			$lastqrystr = urlencode($_REQUEST['qrystr']);
+		}
+
+		if (!empty($lastscript)) {
+			$_SESSION['lastscript'] = $lastscript;
+		}
+		if (!empty($lastqrystr)) {
+			$_SESSION['lastqrystr'] = $lastqrystr;
 		}
 
 		UI::view('login/login.html.twig', [
 			'pagetitle' => 'Login',
-			'lastscript' => $lastscript,
-			'lastqrystr' => $lastqrystr,
 			'upd_in_progress' => $update_in_progress,
 			'message' => $message,
 			'successmsg' => $successmessage
@@ -449,7 +453,7 @@ if ($action == 'forgotpwd') {
 	$adminchecked = false;
 	$message = '';
 
-	if (isset($_POST['send']) && $_POST['send'] == 'send') {
+	if (!empty($_POST)) {
 		$loginname = Validate::validate($_POST['loginname'], 'loginname');
 		$email = Validate::validateEmail($_POST['loginemail']);
 		$result_stmt = Database::prepare("SELECT `adminid`, `customerid`, `customernumber`, `firstname`, `name`, `company`, `email`, `loginname`, `def_language`, `deactivated` FROM `" . TABLE_PANEL_CUSTOMERS . "`
@@ -633,7 +637,7 @@ if ($action == 'forgotpwd') {
 
 	UI::view('login/fpwd.html.twig', [
 		'pagetitle' => lng('login.presend'),
-		'action' => $action,
+		'formaction' => 'index.php?action=' . $action,
 		'message' => $message,
 	]);
 }
@@ -656,7 +660,7 @@ if ($action == 'resetpwd') {
 		$check = substr($activationcode, 40, 10);
 
 		if (substr(md5($third . $timestamp), 0, 10) == $check && $timestamp >= time() - 86400) {
-			if (isset($_POST['send']) && $_POST['send'] == 'send') {
+			if (!empty($_POST)) {
 				$stmt = Database::prepare("SELECT `userid`, `admin` FROM `" . TABLE_PANEL_ACTIVATION . "`
 					WHERE `activationcode` = :activationcode");
 				$result = Database::pexecute_first($stmt, [
@@ -733,6 +737,7 @@ if ($action == 'resetpwd') {
 function finishLogin($userinfo)
 {
 	if (isset($userinfo['userid']) && $userinfo['userid'] != '') {
+		session_regenerate_id(true);
 		CurrentUser::setData($userinfo);
 
 		$language = $userinfo['def_language'] ?? Settings::Get('panel.standardlanguage');
@@ -746,29 +751,34 @@ function finishLogin($userinfo)
 		}
 
 		$qryparams = [];
-		if (isset($_POST['qrystr']) && $_POST['qrystr'] != "") {
-			parse_str(urldecode($_POST['qrystr']), $qryparams);
+		if (!empty($_SESSION['lastqrystr'])) {
+			parse_str(urldecode($_SESSION['lastqrystr']), $qryparams);
+			unset($_SESSION['lastqrystr']);
 		}
 
 		if ($userinfo['adminsession'] == '1') {
 			if (Froxlor::hasUpdates() || Froxlor::hasDbUpdates()) {
 				Response::redirectTo('admin_updates.php?page=overview');
 			} else {
-				if (isset($_POST['script']) && $_POST['script'] != "") {
-					if (preg_match("/customer\_/", $_POST['script']) === 1) {
+				if (!empty($_SESSION['lastscript'])) {
+					$lastscript = $_SESSION['lastscript'];
+					unset($_SESSION['lastscript']);
+					if (preg_match("/customer\_/", $lastscript) === 1) {
 						Response::redirectTo('admin_customers.php', [
 							"page" => "customers"
 						]);
 					} else {
-						Response::redirectTo($_POST['script'], $qryparams);
+						Response::redirectTo($lastscript, $qryparams);
 					}
 				} else {
 					Response::redirectTo('admin_index.php', $qryparams);
 				}
 			}
 		} else {
-			if (isset($_POST['script']) && $_POST['script'] != "") {
-				Response::redirectTo($_POST['script'], $qryparams);
+			if (!empty($_SESSION['lastscript'])) {
+				$lastscript = $_SESSION['lastscript'];
+				unset($_SESSION['lastscript']);
+				Response::redirectTo($lastscript, $qryparams);
 			} else {
 				Response::redirectTo('customer_index.php', $qryparams);
 			}

install/froxlor.sql.php

@@ -697,7 +697,7 @@ opcache.validate_timestamps'),
 	('system', 'distribution', ''),
 	('system', 'update_channel', 'stable'),
 	('system', 'updatecheck_data', ''),
-	('system', 'update_notify_last', '2.0.20'),
+	('system', 'update_notify_last', '2.0.24'),
 	('system', 'traffictool', 'goaccess'),
 	('system', 'req_limit_per_interval', 60),
 	('system', 'req_limit_interval', 60),
@@ -744,7 +744,7 @@ opcache.validate_timestamps'),
 	('panel', 'logo_overridetheme', '0'),
 	('panel', 'logo_overridecustom', '0'),
 	('panel', 'settings_mode', '0'),
-	('panel', 'version', '2.0.20'),
+	('panel', 'version', '2.0.24'),
 	('panel', 'db_version', '202304260');
 
 

install/updates/froxlor/update_2.x.inc.php

@@ -149,7 +149,7 @@ if (Froxlor::isFroxlorVersion('0.10.38.3')) {
 	Update::showUpdateStep("Adding new settings");
 	$panel_settings_mode = isset($_POST['panel_settings_mode']) ? (int)$_POST['panel_settings_mode'] : 0;
 	Settings::AddNew("panel.settings_mode", $panel_settings_mode);
-	$system_distribution = isset($_POST['system_distribution']) ? $_POST['system_distribution'] : '';
+	$system_distribution = isset($_POST['system_distribution']) ? $_POST['system_distribution'] : 'bullseye';
 	Settings::AddNew("system.distribution", $system_distribution);
 	Settings::AddNew("system.update_channel", 'stable');
 	Settings::AddNew("system.updatecheck_data", '');
@@ -497,3 +497,23 @@ if (Froxlor::isFroxlorVersion('2.0.19')) {
 	Update::showUpdateStep("Updating from 2.0.19 to 2.0.20", false);
 	Froxlor::updateToVersion('2.0.20');
 }
+
+if (Froxlor::isFroxlorVersion('2.0.20')) {
+	Update::showUpdateStep("Updating from 2.0.20 to 2.0.21", false);
+	Froxlor::updateToVersion('2.0.21');
+}
+
+if (Froxlor::isFroxlorVersion('2.0.21')) {
+	Update::showUpdateStep("Updating from 2.0.21 to 2.0.22", false);
+	Froxlor::updateToVersion('2.0.22');
+}
+
+if (Froxlor::isFroxlorVersion('2.0.22')) {
+	Update::showUpdateStep("Updating from 2.0.22 to 2.0.23", false);
+	Froxlor::updateToVersion('2.0.23');
+}
+
+if (Froxlor::isFroxlorVersion('2.0.23')) {
+	Update::showUpdateStep("Updating from 2.0.23 to 2.0.24", false);
+	Froxlor::updateToVersion('2.0.24');
+}

install/updates/preconfig/preconfig_2.x.inc.php

@@ -54,7 +54,7 @@ if (Update::versionInUpdate($current_version, '2.0.0-beta1')) {
 	$config_dir = FileDir::makeCorrectDir(Froxlor::getInstallDir() . '/lib/configfiles/');
 	// show list of available distro's
 	$distros = glob($config_dir . '*.xml');
-	$distributions_select[''] = '-';
+	// selection is required $distributions_select[''] = '-';
 	// read in all the distros
 	foreach ($distros as $_distribution) {
 		// get configparser object

lib/Froxlor/Api/ApiParameter.php

@@ -39,12 +39,12 @@ abstract class ApiParameter
 
 	/**
 	 *
-	 * @param array $params
+	 * @param array|null $params
 	 *            optional, array of parameters (var=>value) for the command
 	 *
 	 * @throws Exception
 	 */
-	public function __construct($params = null)
+	public function __construct(array $params = null)
 	{
 		if (!is_null($params)) {
 			$params = $this->trimArray($params);
@@ -57,7 +57,7 @@ abstract class ApiParameter
 	 *
 	 * @param array $input
 	 *
-	 * @return array
+	 * @return string|array
 	 */
 	private function trimArray($input)
 	{
@@ -79,9 +79,9 @@ abstract class ApiParameter
 	/**
 	 * get specific parameter which also has and unlimited-field
 	 *
-	 * @param string $param
+	 * @param string|null $param
 	 *            parameter to get out of the request-parameter list
-	 * @param string $ul_field
+	 * @param string|null $ul_field
 	 *            parameter to get out of the request-parameter list
 	 * @param bool $optional
 	 *            default: false
@@ -91,7 +91,7 @@ abstract class ApiParameter
 	 * @return mixed
 	 * @throws Exception
 	 */
-	protected function getUlParam($param = null, $ul_field = null, $optional = false, $default = 0)
+	protected function getUlParam(string $param = null, string $ul_field = null, bool $optional = false, $default = 0)
 	{
 		$param_value = (int)$this->getParam($param, $optional, $default);
 		$ul_field_value = $this->getBoolParam($ul_field, true, 0);
@@ -102,11 +102,11 @@ abstract class ApiParameter
 	}
 
 	/**
-	 * get specific parameter from the parameterlist;
+	 * get specific parameter from the parameter list;
 	 * check for existence and != empty if needed.
 	 * Maybe more in the future
 	 *
-	 * @param string $param
+	 * @param string|null $param
 	 *            parameter to get out of the request-parameter list
 	 * @param bool $optional
 	 *            default: false
@@ -116,7 +116,7 @@ abstract class ApiParameter
 	 * @return mixed
 	 * @throws Exception
 	 */
-	protected function getParam($param = null, $optional = false, $default = '')
+	protected function getParam(string $param = null, bool $optional = false, $default = '')
 	{
 		// does it exist?
 		if (!isset($this->cmd_params[$param])) {
@@ -128,7 +128,7 @@ abstract class ApiParameter
 			return $default;
 		}
 		// is it empty? - test really on string, as value 0 is being seen as empty by php
-		if ($this->cmd_params[$param] === "") {
+		if (!is_array($this->cmd_params[$param]) && trim($this->cmd_params[$param]) === "") {
 			if ($optional === false) {
 				// get module + function for better error-messages
 				$inmod = $this->getModFunctionString();
@@ -142,7 +142,7 @@ abstract class ApiParameter
 
 	/**
 	 * returns "module::function()" for better error-messages (missing parameter etc.)
-	 * makes debugging a whole lot more comfortable
+	 * makes debugging a lot more comfortable
 	 *
 	 * @param int $level
 	 *            depth of backtrace, default 2
@@ -152,7 +152,7 @@ abstract class ApiParameter
 	 *
 	 * @return string
 	 */
-	private function getModFunctionString($level = 1, $max_level = 5, $trace = null)
+	private function getModFunctionString(int $level = 1, int $max_level = 5, $trace = null)
 	{
 		// which class called us
 		$_class = get_called_class();
@@ -174,7 +174,7 @@ abstract class ApiParameter
 	/**
 	 * getParam wrapper for boolean parameter
 	 *
-	 * @param string $param
+	 * @param string|null $param
 	 *            parameter to get out of the request-parameter list
 	 * @param bool $optional
 	 *            default: false
@@ -183,7 +183,7 @@ abstract class ApiParameter
 	 *
 	 * @return string
 	 */
-	protected function getBoolParam($param = null, $optional = false, $default = false)
+	protected function getBoolParam(string $param = null, bool $optional = false, $default = false)
 	{
 		$_default = '0';
 		if ($default) {

lib/Froxlor/Api/Commands/Admins.php

@@ -95,7 +95,7 @@ class Admins extends ApiCommand implements ResourceEntity
 	public function listing()
 	{
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list admins");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list admins");
 			$query_fields = [];
 			$result_stmt = Database::prepare("
 				SELECT *
@@ -407,7 +407,7 @@ class Admins extends ApiCommand implements ResourceEntity
 			];
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
-				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] get admin '" . $result['loginname'] . "'");
+				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] get admin '" . $result['loginname'] . "'");
 				return $this->response($result);
 			}
 			$key = ($id > 0 ? "id #" . $id : "loginname '" . $loginname . "'");
@@ -584,6 +584,18 @@ class Admins extends ApiCommand implements ResourceEntity
 					$theme = Settings::Get('panel.default_theme');
 				}
 
+				if (empty(trim($name))) {
+					Response::standardError([
+						'stringisempty',
+						'admin.name'
+					], '', true);
+				}
+				if (empty(trim($email))) {
+					Response::standardError([
+						'stringisempty',
+						'admin.email'
+					], '', true);
+				}
 				if (!Validate::validateEmail($email)) {
 					Response::standardError('emailiswrong', $email, true);
 				} else {
@@ -705,7 +717,7 @@ class Admins extends ApiCommand implements ResourceEntity
 						WHERE `adminid` = :adminid
 					");
 					Database::pexecute($upd_stmt, $upd_data, true, true);
-					$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] edited admin '" . $result['loginname'] . "'");
+					$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] edited admin '" . $result['loginname'] . "'");
 
 					// get all admin-data for return-array
 					$result = $this->apiCall('Admins.get', [

lib/Froxlor/Api/Commands/Certificates.php

@@ -97,7 +97,7 @@ class Certificates extends ApiCommand implements ResourceEntity
 		}
 		if (!$has_cert) {
 			$this->addOrUpdateCertificate($domain['id'], $ssl_cert_file, $ssl_key_file, $ssl_ca_file, $ssl_cert_chainfile, true);
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] added ssl-certificate for '" . $domain['domain'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added ssl-certificate for '" . $domain['domain'] . "'");
 			$result = $this->apiCall('Certificates.get', [
 				'id' => $domain['id']
 			]);
@@ -248,7 +248,7 @@ class Certificates extends ApiCommand implements ResourceEntity
 		$ssl_ca_file = $this->getParam('ssl_ca_file', true, '');
 		$ssl_cert_chainfile = $this->getParam('ssl_cert_chainfile', true, '');
 		$this->addOrUpdateCertificate($domain['id'], $ssl_cert_file, $ssl_key_file, $ssl_ca_file, $ssl_cert_chainfile, false);
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] updated ssl-certificate for '" . $domain['domain'] . "'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] updated ssl-certificate for '" . $domain['domain'] . "'");
 		$result = $this->apiCall('Certificates.get', [
 			'id' => $domain['id']
 		]);
@@ -470,7 +470,7 @@ class Certificates extends ApiCommand implements ResourceEntity
 			if ($chk['letsencrypt'] == '1') {
 				Cronjob::inserttask(TaskId::DELETE_DOMAIN_SSL, $chk['domain']);
 			}
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] removed ssl-certificate for '" . $chk['domain'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] removed ssl-certificate for '" . $chk['domain'] . "'");
 			return $this->response($result);
 		}
 		throw new Exception("Unable to determine SSL certificate. Maybe no access?", 406);

lib/Froxlor/Api/Commands/Cronjobs.php

@@ -147,7 +147,7 @@ class Cronjobs extends ApiCommand implements ResourceEntity
 
 			// insert task to re-generate the cron.d-file
 			Cronjob::inserttask(TaskId::REBUILD_CRON);
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] cronjob with description '" . $result['module'] . '/' . $result['cronfile'] . "' has been updated by '" . $this->getUserDetail('loginname') . "'");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] cronjob with description '" . $result['module'] . '/' . $result['cronfile'] . "' has been updated by '" . $this->getUserDetail('loginname') . "'");
 			$result = $this->apiCall('Cronjobs.get', [
 				'id' => $id
 			]);
@@ -177,7 +177,7 @@ class Cronjobs extends ApiCommand implements ResourceEntity
 	public function listing()
 	{
 		if ($this->isAdmin()) {
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list cronjobs");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list cronjobs");
 			$query_fields = [];
 			$result_stmt = Database::prepare("
 				SELECT `c`.* FROM `" . TABLE_PANEL_CRONRUNS . "` `c` " . $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit());

lib/Froxlor/Api/Commands/CustomerBackups.php

@@ -194,7 +194,7 @@ class CustomerBackups extends ApiCommand implements ResourceEntity
 				$result[] = $entry;
 			}
 		}
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list customer-backups");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] list customer-backups");
 		return $this->response([
 			'count' => count($result),
 			'list' => $result

lib/Froxlor/Api/Commands/Customers.php

@@ -895,7 +895,7 @@ class Customers extends ApiCommand implements ResourceEntity
 					$result['dbspace_used'] = 0;
 				}
 			}
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get customer '" . $result['loginname'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] get customer '" . $result['loginname'] . "'");
 			return $this->response($result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "loginname '" . $loginname . "'");
@@ -1327,7 +1327,7 @@ class Customers extends ApiCommand implements ResourceEntity
 					'vu' => $valid_until
 				], true, true);
 
-				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] " . ($deactivated ? 'deactivated' : 'reactivated') . " user '" . $result['loginname'] . "'");
+				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] " . ($deactivated ? 'deactivated' : 'reactivated') . " user '" . $result['loginname'] . "'");
 				Cronjob::inserttask(TaskId::REBUILD_VHOST);
 			}
 
@@ -1538,7 +1538,7 @@ class Customers extends ApiCommand implements ResourceEntity
 			Database::query($admin_update_query);
 		}
 
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] edited user '" . $result['loginname'] . "'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] edited user '" . $result['loginname'] . "'");
 
 		/*
 		 * move customer to another admin/reseller; #1166
@@ -1911,7 +1911,7 @@ class Customers extends ApiCommand implements ResourceEntity
 			// now, recalculate the resource-usage for the old and the new admin
 			User::updateCounters(false);
 
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] moved user '" . $c_result['loginname'] . "' from admin/reseller '" . $c_result['adminname'] . " to admin/reseller '" . $a_result['loginname'] . "'");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] moved user '" . $c_result['loginname'] . "' from admin/reseller '" . $c_result['adminname'] . " to admin/reseller '" . $a_result['loginname'] . "'");
 
 			$result = $this->apiCall('Customers.get', [
 				'id' => $c_result['customerid']

lib/Froxlor/Api/Commands/DirOptions.php

@@ -144,7 +144,7 @@ class DirOptions extends ApiCommand implements ResourceEntity
 		];
 		Database::pexecute($stmt, $params, true, true);
 		$id = Database::lastInsertId();
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] added directory-option for '" . $userpath . "'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added directory-option for '" . $userpath . "'");
 		Cronjob::inserttask(TaskId::REBUILD_VHOST);
 
 		$result = $this->apiCall('DirOptions.get', [
@@ -247,7 +247,7 @@ class DirOptions extends ApiCommand implements ResourceEntity
 		$params['id'] = $id;
 		$result = Database::pexecute_first($result_stmt, $params, true, true);
 		if ($result) {
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get directory options for '" . $result['path'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] get directory options for '" . $result['path'] . "'");
 			return $this->response($result);
 		}
 		$key = "id #" . $id;
@@ -331,7 +331,7 @@ class DirOptions extends ApiCommand implements ResourceEntity
 				"id" => $id
 			];
 			Database::pexecute($stmt, $params, true, true);
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] edited directory options for '" . str_replace($customer['documentroot'], '/', $result['path']) . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] edited directory options for '" . str_replace($customer['documentroot'], '/', $result['path']) . "'");
 		}
 
 		$result = $this->apiCall('DirOptions.get', [
@@ -379,7 +379,7 @@ class DirOptions extends ApiCommand implements ResourceEntity
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list directory-options");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] list directory-options");
 		return $this->response([
 			'count' => count($result),
 			'list' => $result
@@ -478,7 +478,7 @@ class DirOptions extends ApiCommand implements ResourceEntity
 			"customerid" => $customer_data['customerid'],
 			"id" => $id
 		], true, true);
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted directory-option for '" . str_replace($customer_data['documentroot'], '/', $result['path']) . "'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] deleted directory-option for '" . str_replace($customer_data['documentroot'], '/', $result['path']) . "'");
 		Cronjob::inserttask(TaskId::REBUILD_VHOST);
 		return $this->response($result);
 	}

lib/Froxlor/Api/Commands/DirProtections.php

@@ -129,7 +129,7 @@ class DirProtections extends ApiCommand implements ResourceEntity
 		];
 		Database::pexecute($stmt, $params, true, true);
 		$id = Database::lastInsertId();
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] added directory-protection for '" . $username . " (" . $path . ")'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added directory-protection for '" . $username . " (" . $path . ")'");
 		Cronjob::inserttask(TaskId::REBUILD_VHOST);
 
 		$result = $this->apiCall('DirProtections.get', [
@@ -196,7 +196,7 @@ class DirProtections extends ApiCommand implements ResourceEntity
 		$params['idun'] = ($id <= 0 ? $username : $id);
 		$result = Database::pexecute_first($result_stmt, $params, true, true);
 		if ($result) {
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get directory protection for '" . $result['path'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] get directory protection for '" . $result['path'] . "'");
 			return $this->response($result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "username '" . $username . "'");
@@ -279,7 +279,7 @@ class DirProtections extends ApiCommand implements ResourceEntity
 			Cronjob::inserttask(TaskId::REBUILD_VHOST);
 		}
 
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] updated directory-protection '" . $result['username'] . " (" . $result['path'] . ")'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] updated directory-protection '" . $result['username'] . " (" . $result['path'] . ")'");
 		$result = $this->apiCall('DirProtections.get', [
 			'id' => $result['id']
 		]);
@@ -325,7 +325,7 @@ class DirProtections extends ApiCommand implements ResourceEntity
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list directory-protections");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] list directory-protections");
 		return $this->response([
 			'count' => count($result),
 			'list' => $result
@@ -413,7 +413,7 @@ class DirProtections extends ApiCommand implements ResourceEntity
 			"id" => $id
 		]);
 
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] deleted htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
 		Cronjob::inserttask(TaskId::REBUILD_VHOST);
 		return $this->response($result);
 	}

lib/Froxlor/Api/Commands/DomainZones.php

@@ -413,7 +413,7 @@ class DomainZones extends ApiCommand implements ResourceEntity
 		$zone = Dns::createDomainZone($id);
 		$zonefile = (string)$zone;
 
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get dns-zone for '" . $result['domain'] . "'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] get dns-zone for '" . $result['domain'] . "'");
 		return $this->response(explode("\n", $zonefile));
 	}
 

lib/Froxlor/Api/Commands/Domains.php

@@ -898,7 +898,7 @@ class Domains extends ApiCommand implements ResourceEntity
 					$result['ipsandports'] = $this->getIpsForDomain($result['id']);
 				}
 				$result['domain_hascert'] = $this->getHasCertValueForDomain((int)$result['id'], (int)$result['parentdomainid']);
-				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] get domain '" . $result['domain'] . "'");
+				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] get domain '" . $result['domain'] . "'");
 				return $this->response($result);
 			}
 			$key = ($id > 0 ? "id #" . $id : "domainname '" . $domainname . "'");
@@ -1801,7 +1801,7 @@ class Domains extends ApiCommand implements ResourceEntity
 				Database::pexecute($upd_stmt, [
 					'id' => $id
 				], true, true);
-				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] removed specialsettings on all subdomains of domain #" . $id);
+				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] removed specialsettings on all subdomains of domain #" . $id);
 			}
 
 			$wwwserveralias = ($serveraliasoption == '1') ? '1' : '0';
@@ -2221,7 +2221,7 @@ class Domains extends ApiCommand implements ResourceEntity
 			// remove domain from acme.sh / lets encrypt if used
 			Cronjob::inserttask(TaskId::DELETE_DOMAIN_SSL, $result['domain']);
 
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] deleted domain/subdomains (#" . $result['id'] . ")");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] deleted domain/subdomains (#" . $result['id'] . ")");
 			User::updateCounters();
 			Cronjob::inserttask(TaskId::REBUILD_VHOST);
 			// Using nameserver, insert a task which rebuilds the server config

lib/Froxlor/Api/Commands/EmailAccounts.php

@@ -311,7 +311,7 @@ class EmailAccounts extends ApiCommand implements ResourceEntity
 				}
 			}
 
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] added email account for '" . $result['email_full'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added email account for '" . $result['email_full'] . "'");
 			$result = $this->apiCall('Emails.get', [
 				'emailaddr' => $result['email_full']
 			]);
@@ -460,7 +460,7 @@ class EmailAccounts extends ApiCommand implements ResourceEntity
 			Admins::increaseUsage($customer['adminid'], 'email_quota_used', '', ($quota - $result['quota']));
 		}
 
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] updated email account '" . $result['email_full'] . "'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] updated email account '" . $result['email_full'] . "'");
 		$result = $this->apiCall('Emails.get', [
 			'emailaddr' => $result['email_full']
 		]);
@@ -566,7 +566,7 @@ class EmailAccounts extends ApiCommand implements ResourceEntity
 		Customers::decreaseUsage($customer['customerid'], 'email_accounts_used');
 		Customers::decreaseUsage($customer['customerid'], 'email_quota_used', '', $quota);
 
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted email account for '" . $result['email_full'] . "'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] deleted email account for '" . $result['email_full'] . "'");
 		return $this->response($result);
 	}
 }

lib/Froxlor/Api/Commands/EmailDomains.php

@@ -89,7 +89,7 @@ class EmailDomains extends ApiCommand implements ResourceEntity
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE,
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO,
 			"[API] list email-domains");
 		return $this->response([
 			'count' => count($result),

lib/Froxlor/Api/Commands/EmailForwarders.php

@@ -121,7 +121,7 @@ class EmailForwarders extends ApiCommand implements ResourceEntity
 			// update customer usage
 			Customers::increaseUsage($customer['customerid'], 'email_forwarders_used');
 
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] added email forwarder for '" . $result['email_full'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added email forwarder for '" . $result['email_full'] . "'");
 
 			$result = $this->apiCall('Emails.get', [
 				'emailaddr' => $result['email_full']
@@ -298,7 +298,7 @@ class EmailForwarders extends ApiCommand implements ResourceEntity
 			// update customer usage
 			Customers::decreaseUsage($customer['customerid'], 'email_forwarders_used');
 
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted email forwarder for '" . $result['email_full'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] deleted email forwarder for '" . $result['email_full'] . "'");
 
 			$result = $this->apiCall('Emails.get', [
 				'emailaddr' => $result['email_full']

lib/Froxlor/Api/Commands/Emails.php

@@ -159,7 +159,7 @@ class Emails extends ApiCommand implements ResourceEntity
 			// update customer usage
 			Customers::increaseUsage($customer['customerid'], 'emails_used');
 
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] added email address '" . $email_full . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added email address '" . $email_full . "'");
 
 			$result = $this->apiCall('Emails.get', [
 				'emailaddr' => $email_full
@@ -199,7 +199,7 @@ class Emails extends ApiCommand implements ResourceEntity
 		);
 		$result = Database::pexecute_first($result_stmt, $params, true, true);
 		if ($result) {
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get email address '" . $result['email_full'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] get email address '" . $result['email_full'] . "'");
 			return $this->response($result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "emailaddr '" . $emailaddr . "'");
@@ -294,7 +294,7 @@ class Emails extends ApiCommand implements ResourceEntity
 			"id" => $id
 		];
 		Database::pexecute($stmt, $params, true, true);
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] toggled catchall-flag for email address '" . $result['email_full'] . "'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] toggled catchall-flag for email address '" . $result['email_full'] . "'");
 
 		$result = $this->apiCall('Emails.get', [
 			'emailaddr' => $result['email_full']
@@ -340,7 +340,7 @@ class Emails extends ApiCommand implements ResourceEntity
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list email-addresses");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] list email-addresses");
 		return $this->response([
 			'count' => count($result),
 			'list' => $result
@@ -445,7 +445,7 @@ class Emails extends ApiCommand implements ResourceEntity
 		], true, true);
 		Customers::decreaseUsage($customer['customerid'], 'emails_used');
 
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] deleted email address '" . $result['email_full'] . "'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] deleted email address '" . $result['email_full'] . "'");
 		return $this->response($result);
 	}
 }

lib/Froxlor/Api/Commands/FpmDaemons.php

@@ -64,7 +64,7 @@ class FpmDaemons extends ApiCommand implements ResourceEntity
 	public function listing()
 	{
 		if ($this->isAdmin()) {
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list fpm-daemons");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list fpm-daemons");
 			$query_fields = [];
 			$result_stmt = Database::prepare("
 				SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "`" . $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit());
@@ -258,7 +258,7 @@ class FpmDaemons extends ApiCommand implements ResourceEntity
 			$id = Database::lastInsertId();
 
 			Cronjob::inserttask(TaskId::REBUILD_VHOST);
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] fpm-daemon with description '" . $description . "' has been created by '" . $this->getUserDetail('loginname') . "'");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] fpm-daemon with description '" . $description . "' has been created by '" . $this->getUserDetail('loginname') . "'");
 			$result = $this->apiCall('FpmDaemons.get', [
 				'id' => $id
 			]);
@@ -384,7 +384,7 @@ class FpmDaemons extends ApiCommand implements ResourceEntity
 			Database::pexecute($upd_stmt, $upd_data, true, true);
 
 			Cronjob::inserttask(TaskId::REBUILD_VHOST);
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] fpm-daemon with description '" . $description . "' has been updated by '" . $this->getUserDetail('loginname') . "'");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] fpm-daemon with description '" . $description . "' has been updated by '" . $this->getUserDetail('loginname') . "'");
 			$result = $this->apiCall('FpmDaemons.get', [
 				'id' => $id
 			]);
@@ -433,7 +433,7 @@ class FpmDaemons extends ApiCommand implements ResourceEntity
 			], true, true);
 
 			Cronjob::inserttask(TaskId::REBUILD_VHOST);
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] fpm-daemon setting '" . $result['description'] . "' has been deleted by '" . $this->getUserDetail('loginname') . "'");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] fpm-daemon setting '" . $result['description'] . "' has been deleted by '" . $this->getUserDetail('loginname') . "'");
 			return $this->response($result);
 		}
 		throw new Exception("Not allowed to execute given command.", 403);

lib/Froxlor/Api/Commands/Froxlor.php

@@ -72,7 +72,7 @@ class Froxlor extends ApiCommand
 
 			if (empty($uc_data) || empty($response) || $uc_data['ts'] + self::UPDATE_CHECK_INTERVAL < time() || $uc_data['channel'] != Settings::Get('system.update_channel') || $force_ucheck) {
 				// log our actions
-				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] checking for updates");
+				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] checking for updates");
 
 				// check for new version
 				$aucheck = AutoUpdate::checkVersion();
@@ -142,7 +142,7 @@ class Froxlor extends ApiCommand
 	{
 		if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
 			$json_str = $this->getParam('json_str');
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "User " . $this->getUserDetail('loginname') . " imported settings");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_WARNING, "User " . $this->getUserDetail('loginname') . " imported settings");
 			try {
 				SImExporter::import($json_str);
 				Cronjob::inserttask(TaskId::REBUILD_VHOST);

lib/Froxlor/Api/Commands/Ftps.php

@@ -257,7 +257,7 @@ class Ftps extends ApiCommand implements ResourceEntity
 					Customers::increaseUsage($customer['customerid'], 'ftp_lastaccountnumber');
 				}
 
-				$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] added ftp-account '" . $username . " (" . $path . ")'");
+				$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added ftp-account '" . $username . " (" . $path . ")'");
 				Cronjob::inserttask(TaskId::CREATE_FTP);
 
 				if ($sendinfomail == 1) {
@@ -302,7 +302,7 @@ class Ftps extends ApiCommand implements ResourceEntity
 
 					$this->mailer()->clearAddresses();
 				}
-				$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] added ftp-user '" . $username . "'");
+				$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added ftp-user '" . $username . "'");
 
 				$result = $this->apiCall('Ftps.get', [
 					'username' => $username
@@ -367,7 +367,7 @@ class Ftps extends ApiCommand implements ResourceEntity
 		$params['idun'] = ($id <= 0 ? $username : $id);
 		$result = Database::pexecute_first($result_stmt, $params, true, true);
 		if ($result) {
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get ftp-user '" . $result['username'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] get ftp-user '" . $result['username'] . "'");
 			return $this->response($result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "username '" . $username . "'");
@@ -453,7 +453,7 @@ class Ftps extends ApiCommand implements ResourceEntity
 				"id" => $id,
 				"password" => $cryptPassword
 			], true, true);
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] updated ftp-account password for '" . $result['username'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] updated ftp-account password for '" . $result['username'] . "'");
 		}
 
 		// path update?
@@ -471,7 +471,7 @@ class Ftps extends ApiCommand implements ResourceEntity
 					"customerid" => $customer['customerid'],
 					"id" => $id
 				], true, true);
-				$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] updated ftp-account homdir for '" . $result['username'] . "'");
+				$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] updated ftp-account homdir for '" . $result['username'] . "'");
 			}
 		}
 		// it's the task for "new ftp" but that will
@@ -533,7 +533,7 @@ class Ftps extends ApiCommand implements ResourceEntity
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list ftp-users");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] list ftp-users");
 		return $this->response([
 			'count' => count($result),
 			'list' => $result

lib/Froxlor/Api/Commands/HostingPlans.php

@@ -61,7 +61,7 @@ class HostingPlans extends ApiCommand implements ResourceEntity
 	public function listing()
 	{
 		if ($this->isAdmin()) {
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list hosting-plans");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list hosting-plans");
 			$query_fields = [];
 			$result_stmt = Database::prepare("
 				SELECT p.*, a.loginname as adminname
@@ -200,8 +200,8 @@ class HostingPlans extends ApiCommand implements ResourceEntity
 			$value_arr['logviewenabled'] = $this->getBoolParam('logviewenabled', true, 0);
 
 			// validation
-			$name = Validate::validate(trim($name), 'name', '', '', [], true);
-			$description = Validate::validate(str_replace("\r\n", "\n", $description), 'description', Validate::REGEX_DESC_TEXT);
+			$name = Validate::validate(trim($name), 'name', Validate::REGEX_DESC_TEXT, '', [], true);
+			$description = Validate::validate(str_replace("\r\n", "\n", $description), 'description', Validate::REGEX_CONF_TEXT);
 
 			if (Settings::Get('system.mail_quota_enabled') != '1') {
 				$value_arr['email_quota'] = -1;
@@ -227,7 +227,7 @@ class HostingPlans extends ApiCommand implements ResourceEntity
 				'valuearr' => json_encode($value_arr)
 			];
 			Database::pexecute($ins_stmt, $ins_data, true, true);
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] added hosting-plan '" . $name . "'");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] added hosting-plan '" . $name . "'");
 			$result = $this->apiCall('HostingPlans.get', [
 				'planname' => $name
 			]);
@@ -264,7 +264,7 @@ class HostingPlans extends ApiCommand implements ResourceEntity
 			}
 			$result = Database::pexecute_first($result_stmt, $params, true, true);
 			if ($result) {
-				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] get hosting-plan '" . $result['name'] . "'");
+				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] get hosting-plan '" . $result['name'] . "'");
 				return $this->response($result);
 			}
 			$key = ($id > 0 ? "id #" . $id : "planname '" . $planname . "'");
@@ -382,8 +382,8 @@ class HostingPlans extends ApiCommand implements ResourceEntity
 			$value_arr['logviewenabled'] = $this->getBoolParam('logviewenabled', true, $result['logviewenabled']);
 
 			// validation
-			$name = Validate::validate(trim($name), 'name', '', '', [], true);
-			$description = Validate::validate(str_replace("\r\n", "\n", $description), 'description', Validate::REGEX_DESC_TEXT);
+			$name = Validate::validate(trim($name), 'name', Validate::REGEX_DESC_TEXT, '', [], true);
+			$description = Validate::validate(str_replace("\r\n", "\n", $description), 'description', Validate::REGEX_CONF_TEXT);
 
 			if (Settings::Get('system.mail_quota_enabled') != '1') {
 				$value_arr['email_quota'] = -1;
@@ -414,7 +414,7 @@ class HostingPlans extends ApiCommand implements ResourceEntity
 				'id' => $id
 			];
 			Database::pexecute($upd_stmt, $update_data, true, true);
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] updated hosting-plan '" . $result['name'] . "'");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] updated hosting-plan '" . $result['name'] . "'");
 			return $this->response($update_data);
 		}
 		throw new Exception("Not allowed to execute given command.", 403);

lib/Froxlor/Api/Commands/IpsAndPorts.php

@@ -65,7 +65,7 @@ class IpsAndPorts extends ApiCommand implements ResourceEntity
 	public function listing()
 	{
 		if ($this->isAdmin() && ($this->getUserDetail('change_serversettings') || !empty($this->getUserDetail('ip')))) {
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list ips and ports");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list ips and ports");
 			$ip_where = "";
 			$append_where = false;
 			if (!empty($this->getUserDetail('ip')) && $this->getUserDetail('ip') != -1) {
@@ -175,9 +175,9 @@ class IpsAndPorts extends ApiCommand implements ResourceEntity
 			$docroot = Validate::validate($this->getParam('docroot', true, ''), 'docroot', Validate::REGEX_DIR, '', [], true);
 
 			if ((int)Settings::Get('system.use_ssl') == 1) {
-				$ssl = !empty($this->getBoolParam('ssl', true, 0)) ? intval($this->getBoolParam('ssl', true, 0)) : 0;
-				$ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', $ssl, ''), 'ssl_cert_file', '', '', [], true);
-				$ssl_key_file = Validate::validate($this->getParam('ssl_key_file', $ssl, ''), 'ssl_key_file', '', '', [], true);
+				$ssl = (bool)$this->getBoolParam('ssl', true, 0);
+				$ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', !$ssl, ''), 'ssl_cert_file', '', '', [], true);
+				$ssl_key_file = Validate::validate($this->getParam('ssl_key_file', !$ssl, ''), 'ssl_key_file', '', '', [], true);
 				$ssl_ca_file = Validate::validate($this->getParam('ssl_ca_file', true, ''), 'ssl_ca_file', '', '', [], true);
 				$ssl_cert_chainfile = Validate::validate($this->getParam('ssl_cert_chainfile', true, ''), 'ssl_cert_chainfile', '', '', [], true);
 				$sslss = $this->getParam('ssl_specialsettings', true, '');
@@ -335,7 +335,7 @@ class IpsAndPorts extends ApiCommand implements ResourceEntity
 				'id' => $id
 			], true, true);
 			if ($result) {
-				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] get ip " . $result['ip'] . " " . $result['port']);
+				$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] get ip " . $result['ip'] . " " . $result['port']);
 				return $this->response($result);
 			}
 			throw new Exception("IP/port with id #" . $id . " could not be found", 404);
@@ -414,9 +414,9 @@ class IpsAndPorts extends ApiCommand implements ResourceEntity
 			$docroot = Validate::validate($this->getParam('docroot', true, $result['docroot']), 'docroot', Validate::REGEX_DIR, '', [], true);
 
 			if ((int)Settings::Get('system.use_ssl') == 1) {
-				$ssl = $this->getBoolParam('ssl', true, $result['ssl']);
-				$ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', $ssl, $result['ssl_cert_file']), 'ssl_cert_file', '', '', [], true);
-				$ssl_key_file = Validate::validate($this->getParam('ssl_key_file', $ssl, $result['ssl_key_file']), 'ssl_key_file', '', '', [], true);
+				$ssl = (bool)$this->getBoolParam('ssl', true, $result['ssl']);
+				$ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', !$ssl, $result['ssl_cert_file']), 'ssl_cert_file', '', '', [], true);
+				$ssl_key_file = Validate::validate($this->getParam('ssl_key_file', !$ssl, $result['ssl_key_file']), 'ssl_key_file', '', '', [], true);
 				$ssl_ca_file = Validate::validate($this->getParam('ssl_ca_file', true, $result['ssl_ca_file']), 'ssl_ca_file', '', '', [], true);
 				$ssl_cert_chainfile = Validate::validate($this->getParam('ssl_cert_chainfile', true, $result['ssl_cert_chainfile']), 'ssl_cert_chainfile', '', '', [], true);
 				$sslss = $this->getParam('ssl_specialsettings', true, $result['ssl_specialsettings']);

lib/Froxlor/Api/Commands/MysqlServer.php

@@ -26,14 +26,15 @@
 namespace Froxlor\Api\Commands;
 
 use Exception;
-use PDO;
-use PDOException;
-use Froxlor\Froxlor;
-use Froxlor\PhpHelper;
 use Froxlor\Api\ApiCommand;
 use Froxlor\Api\ResourceEntity;
 use Froxlor\Database\Database;
+use Froxlor\Froxlor;
+use Froxlor\FroxlorLogger;
+use Froxlor\PhpHelper;
 use Froxlor\Validate\Validate;
+use PDO;
+use PDOException;
 
 class MysqlServer extends ApiCommand implements ResourceEntity
 {
@@ -73,8 +74,8 @@ class MysqlServer extends ApiCommand implements ResourceEntity
 	 *             optional, test connection with given credentials, default is true (yes)
 	 *
 	 * @access admin
-	 * @throws Exception
 	 * @return string json-encoded array
+	 * @throws Exception
 	 */
 	public function add()
 	{
@@ -112,7 +113,7 @@ class MysqlServer extends ApiCommand implements ResourceEntity
 			);
 			if (!empty($mysql_ca)) {
 				$options[PDO::MYSQL_ATTR_SSL_CA] = $mysql_ca;
-				$options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = (bool) $mysql_verifycert;
+				$options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = (bool)$mysql_verifycert;
 			}
 
 			$dsn = "mysql:host=" . $mysql_host . ";port=" . $mysql_port . ";";
@@ -167,6 +168,8 @@ class MysqlServer extends ApiCommand implements ResourceEntity
 			$this->addDatabaseFromCustomerAllowedList($newdbserver);
 		}
 
+		$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] added new database server '" . $description . "' (" . $mysql_host . ")");
+
 		return $this->response(['dbserver' => $newdbserver]);
 	}
 
@@ -179,16 +182,16 @@ class MysqlServer extends ApiCommand implements ResourceEntity
 	 *             optional the number of the mysql server (either id or dbserver must be set)
 	 *
 	 * @access admin
-	 * @throws Exception
 	 * @return string json-encoded array
+	 * @throws Exception
 	 */
 	public function delete()
 	{
 		$this->validateAccess();
 
-		$id = (int) $this->getParam('id', true, -1);
+		$id = (int)$this->getParam('id', true, -1);
 		$dn_optional = $id >= 0;
-		$dbserver = (int) $this->getParam('dbserver', $dn_optional, -1);
+		$dbserver = (int)$this->getParam('dbserver', $dn_optional, -1);
 		$dbserver = $id >= 0 ? $id : $dbserver;
 
 		if ($dbserver == 0) {
@@ -212,8 +215,12 @@ class MysqlServer extends ApiCommand implements ResourceEntity
 		// when removing, remove from list of allowed_mysqlservers from any customers
 		$this->removeDatabaseFromCustomerAllowedList($dbserver);
 
+		$description = $sql_root[$dbserver]['caption'] ?? "unknown";
+		$mysql_host = $sql_root[$dbserver]['host'] ?? "unknown";
 		unset($sql_root[$dbserver]);
 
+		$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] removed database server '" . $description . "' (" . $mysql_host . ")");
+
 		$this->generateNewUserData($sql, $sql_root);
 		return $this->response(['true']);
 	}
@@ -287,14 +294,14 @@ class MysqlServer extends ApiCommand implements ResourceEntity
 	 *             optional the number of the mysql server (either id or dbserver must be set)
 	 *
 	 * @access admin, customer
-	 * @throws Exception
 	 * @return string json-encoded array
+	 * @throws Exception
 	 */
 	public function get()
 	{
-		$id = (int) $this->getParam('id', true, -1);
+		$id = (int)$this->getParam('id', true, -1);
 		$dn_optional = $id >= 0;
-		$dbserver = (int) $this->getParam('dbserver', $dn_optional, -1);
+		$dbserver = (int)$this->getParam('dbserver', $dn_optional, -1);
 		$dbserver = $id >= 0 ? $id : $dbserver;
 
 		$sql_root = [];
@@ -317,6 +324,7 @@ class MysqlServer extends ApiCommand implements ResourceEntity
 
 		unset($sql_root[$dbserver]['password']);
 		$sql_root[$dbserver]['id'] = $dbserver;
+		$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] get database-server '" . $sql_root[$dbserver]['caption'] . "'");
 		return $this->response($sql_root[$dbserver]);
 	}
 
@@ -347,16 +355,16 @@ class MysqlServer extends ApiCommand implements ResourceEntity
 	 *             optional, test connection with given credentials, default is true (yes)
 	 *
 	 * @access admin
-	 * @throws Exception
 	 * @return string json-encoded array
+	 * @throws Exception
 	 */
 	public function update()
 	{
 		$this->validateAccess();
 
-		$id = (int) $this->getParam('id', true, -1);
+		$id = (int)$this->getParam('id', true, -1);
 		$dn_optional = $id >= 0;
-		$dbserver = (int) $this->getParam('dbserver', $dn_optional, -1);
+		$dbserver = (int)$this->getParam('dbserver', $dn_optional, -1);
 		$dbserver = $id >= 0 ? $id : $dbserver;
 
 		$sql_root = [];
@@ -417,7 +425,7 @@ class MysqlServer extends ApiCommand implements ResourceEntity
 			);
 			if (!empty($mysql_ca)) {
 				$options[PDO::MYSQL_ATTR_SSL_CA] = $mysql_ca;
-				$options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = (bool) $mysql_verifycert;
+				$options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = (bool)$mysql_verifycert;
 			}
 
 			$dsn = "mysql:host=" . $mysql_host . ";port=" . $mysql_port . ";";
@@ -448,6 +456,8 @@ class MysqlServer extends ApiCommand implements ResourceEntity
 			$this->addDatabaseFromCustomerAllowedList($dbserver);
 		}
 
+		$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] edited database server '" . $description . "' (" . $mysql_host . ")");
+
 		return $this->response(['true']);
 	}
 
@@ -472,7 +482,7 @@ class MysqlServer extends ApiCommand implements ResourceEntity
 				WHERE `dbserver` = :dbserver
 			");
 			$result = Database::pexecute_first($result_stmt, ['dbserver' => $dbserver], true, true);
-			return (int) $result['num_dbs'];
+			return (int)$result['num_dbs'];
 		} else {
 			$dbserver = $this->getParam('mysql_server');
 			$customer_ids = $this->getAllowedCustomerIds();

lib/Froxlor/Api/Commands/Mysqls.php

@@ -199,7 +199,7 @@ class Mysqls extends ApiCommand implements ResourceEntity
 
 				$this->mailer()->clearAddresses();
 			}
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] added mysql-database '" . $username . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added mysql-database '" . $username . "'");
 
 			$result = $this->apiCall('Mysqls.get', [
 				'dbname' => $username,
@@ -299,7 +299,7 @@ class Mysqls extends ApiCommand implements ResourceEntity
 			$mbdata = $mbdata_stmt->fetch(PDO::FETCH_ASSOC);
 			Database::needRoot(false);
 			$result['size'] = $mbdata['MB'] ?? 0;
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get database '" . $result['databasename'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] get database '" . $result['databasename'] . "'");
 			return $this->response($result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "dbname '" . $dbname . "'");
@@ -388,7 +388,7 @@ class Mysqls extends ApiCommand implements ResourceEntity
 		];
 		Database::pexecute($stmt, $params, true, true);
 
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_WARNING, "[API] updated mysql-database '" . $result['databasename'] . "'");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] updated mysql-database '" . $result['databasename'] . "'");
 		$result = $this->apiCall('Mysqls.get', [
 			'dbname' => $result['databasename']
 		]);

lib/Froxlor/Api/Commands/PhpSettings.php

@@ -67,7 +67,7 @@ class PhpSettings extends ApiCommand implements ResourceEntity
 	public function listing()
 	{
 		if ($this->isAdmin()) {
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list php-configs");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list php-configs");
 
 			$with_subdomains = $this->getBoolParam('with_subdomains', true, false);
 			$query_fields = [];
@@ -392,7 +392,7 @@ class PhpSettings extends ApiCommand implements ResourceEntity
 			$ins_data['id'] = Database::lastInsertId();
 
 			Cronjob::inserttask(TaskId::REBUILD_VHOST);
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] php setting with description '" . $description . "' has been created by '" . $this->getUserDetail('loginname') . "'");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] php setting with description '" . $description . "' has been created by '" . $this->getUserDetail('loginname') . "'");
 
 			$result = $this->apiCall('PhpSettings.get', [
 				'id' => $ins_data['id']
@@ -629,7 +629,7 @@ class PhpSettings extends ApiCommand implements ResourceEntity
 			Database::pexecute($upd_stmt, $upd_data, true, true);
 
 			Cronjob::inserttask(TaskId::REBUILD_VHOST);
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] php setting with description '" . $description . "' has been updated by '" . $this->getUserDetail('loginname') . "'");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] php setting with description '" . $description . "' has been updated by '" . $this->getUserDetail('loginname') . "'");
 
 			$result = $this->apiCall('PhpSettings.get', [
 				'id' => $id
@@ -686,7 +686,7 @@ class PhpSettings extends ApiCommand implements ResourceEntity
 			], true, true);
 
 			Cronjob::inserttask(TaskId::REBUILD_VHOST);
-			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] php setting '" . $result['description'] . "' has been deleted by '" . $this->getUserDetail('loginname') . "'");
+			$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] php setting '" . $result['description'] . "' has been deleted by '" . $this->getUserDetail('loginname') . "'");
 			return $this->response($result);
 		}
 		throw new Exception("Not allowed to execute given command.", 403);

lib/Froxlor/Api/Commands/SubDomains.php

@@ -486,7 +486,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
 				$result['ipsandports'] = $this->getIpsForDomain($result['id']);
 			}
 			$result['domain_hascert'] = $this->getHasCertValueForDomain((int)$result['id'], (int)$result['parentdomainid']);
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get subdomain '" . $result['domain'] . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] get subdomain '" . $result['domain'] . "'");
 			return $this->response($result);
 		}
 		$key = ($id > 0 ? "id #" . $id : "domainname '" . $domainname . "'");
@@ -856,7 +856,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
 			Cronjob::inserttask(TaskId::REBUILD_VHOST);
 			Cronjob::inserttask(TaskId::REBUILD_DNS);
 			$idna_convert = new IdnaWrapper();
-			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] edited domain '" . $idna_convert->decode($result['domain']) . "'");
+			$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] edited domain '" . $idna_convert->decode($result['domain']) . "'");
 		}
 		$result = $this->apiCall('SubDomains.get', [
 			'id' => $id

lib/Froxlor/Api/Commands/SysLog.php

@@ -92,7 +92,7 @@ class SysLog extends ApiCommand implements ResourceEntity
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$result[] = $row;
 		}
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list log-entries");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] list log-entries");
 		return $this->response([
 			'count' => count($result),
 			'list' => $result

lib/Froxlor/Api/Commands/Traffic.php

@@ -166,7 +166,7 @@ class Traffic extends ApiCommand implements ResourceEntity
 			$row['mail'] *= 1024;
 			$result[] = $row;
 		}
-		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] list traffic");
+		$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] list traffic");
 		return $this->response([
 			'count' => count($result),
 			'list' => $result

lib/Froxlor/Cli/ConfigDiff.php

@@ -0,0 +1,178 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, you can also view it online at
+ * https://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  the authors
+ * @author     Froxlor team <team@froxlor.org>
+ * @license    https://files.froxlor.org/misc/COPYING.txt GPLv2
+ */
+
+namespace Froxlor\Cli;
+
+use Froxlor\Config\ConfigParser;
+use Froxlor\FileDir;
+use Froxlor\Froxlor;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Output\OutputInterface;
+
+final class ConfigDiff extends CliCommand
+{
+	protected function configure(): void
+	{
+		$this->setName('froxlor:config-diff')
+			->setDescription('Shows differences in config templates between OS versions')
+			->addArgument('from', InputArgument::OPTIONAL, 'OS version to compare against')
+			->addArgument('to', InputArgument::OPTIONAL, 'OS version to compare from')
+			->addOption('list', 'l', InputOption::VALUE_NONE, 'List all possible OS versions')
+			->addOption('diff-params', '', InputOption::VALUE_REQUIRED, 'Additional parameters for `diff`, e.g. --diff-params="--color=always"');
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output): int
+	{
+		require Froxlor::getInstallDir() . '/lib/functions.php';
+
+		$parsers = $versions = [];
+		foreach (glob(Froxlor::getInstallDir() . '/lib/configfiles/*.xml') as $config) {
+			$name = str_replace(".xml", "", strtolower(basename($config)));
+			$parser = new ConfigParser($config);
+			$versions[$name] = $parser->getCompleteDistroName();
+			$parsers[$name] = $parser;
+		}
+		asort($versions);
+
+		if ($input->getOption('list') === true) {
+			$output->writeln('The following OS version templates are available:');
+			foreach ($versions as $k => $v) {
+				$output->writeln(str_pad($k, 20) . $v);
+			}
+			return self::SUCCESS;
+		}
+
+		if (!$input->hasArgument('from') || !array_key_exists($input->getArgument('from'), $versions)) {
+			$output->writeln('<error>Missing or invalid "from" argument.</error>');
+			$output->writeln('Available versions: ' . implode(', ', array_keys($versions)));
+			return self::INVALID;
+		}
+
+		if (!$input->hasArgument('to') || !array_key_exists($input->getArgument('to'), $versions)) {
+			$output->writeln('<error>Missing or invalid "to" argument.</error>');
+			$output->writeln('Available versions: ' . implode(', ', array_keys($versions)));
+			return self::INVALID;
+		}
+
+		// Make sure diff is installed
+		$check_diff_installed = FileDir::safe_exec('which diff');
+		if (count($check_diff_installed) === 0) {
+			$output->writeln('<error>Unable to find "diff" installation on your system.</error>');
+			return self::INVALID;
+		}
+
+		$parser_from = $parsers[$input->getArgument('from')];
+		$parser_to = $parsers[$input->getArgument('to')];
+		$tmp_from = tempnam(sys_get_temp_dir(), 'froxlor_config_diff_from');
+		$tmp_to = tempnam(sys_get_temp_dir(), 'froxlor_config_diff_to');
+		$files = [];
+		$titles_by_key = [];
+
+		// Aggregate content for each config file
+		foreach ([[$parser_from, 'from'], [$parser_to, 'to']] as $todo) {
+			foreach ($todo[0]->getServices() as $service_type => $service) {
+				foreach ($service->getDaemons() as $daemon_name => $daemon) {
+					foreach ($daemon->getConfig() as $instruction) {
+						if ($instruction['type'] !== 'file') {
+							continue;
+						}
+
+						if (isset($instruction['subcommands'])) {
+							foreach ($instruction['subcommands'] as $subinstruction) {
+								if ($subinstruction['type'] !== 'file') {
+									continue;
+								}
+
+								$content = $subinstruction['content'];
+							}
+						} else {
+							$content = $instruction['content'];
+						}
+
+						if (!isset($content)) {
+							throw new \Exception("Cannot find content for {$instruction['name']}");
+						}
+
+						$key = "{$service_type}_{$daemon_name}_{$instruction['name']}";
+						$titles_by_key[$key] = "{$service->title} : {$daemon->title} : {$instruction['name']}";
+						if (!isset($files[$key])) {
+							$files[$key] = ['from' => '', 'to' => ''];
+						}
+						$files[$key][$todo[1]] = $this->filterContent($content);
+					}
+				}
+			}
+		}
+		ksort($files);
+
+		$diff_params = '';
+		if ($input->hasOption('diff-params') && trim($input->getOption('diff-params')) !== '') {
+			$diff_params = trim($input->getOption('diff-params'));
+		}
+
+		// Run diff on each file and output, if anything changed
+		foreach ($files as $file_key => $content) {
+			file_put_contents($tmp_from, $content['from']);
+			file_put_contents($tmp_to, $content['to']);
+			$diff_output = FileDir::safe_exec("{$check_diff_installed[0]} {$diff_params} {$tmp_from} {$tmp_to}");
+
+			if (count($diff_output) === 0) {
+				continue;
+			}
+
+			$output->writeln('<info># ' . $titles_by_key[$file_key] . '</info>');
+			$output->writeln(implode("\n", $diff_output) . "\n");
+			unset($diff_output);
+		}
+
+		// Remove tmp files again
+		unlink($tmp_from);
+		unlink($tmp_to);
+
+		return self::SUCCESS;
+	}
+
+	private function filterContent(string $content): string
+	{
+		$new_content = '';
+
+		foreach (explode("\n", $content) as $n) {
+			$n = trim($n);
+			if (!$n) {
+				continue;
+			}
+
+			if (str_starts_with($n, '#')) {
+				continue;
+			}
+
+			$new_content .= $n . "\n";
+		}
+
+		return $new_content;
+	}
+}

lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php

@@ -236,9 +236,12 @@ class AcmeSh extends FroxlorCron
 		return false;
 	}
 
-	private static function checkFsFilesAreNewer($domain, $cert_date = 0)
+	private static function checkFsFilesAreNewer($domain, $cert_date = 0): bool
 	{
-		$certificate_folder = self::getWorkingDirFromEnv(strtolower($domain));
+		$certificate_folder = self::getCertificateFolder(strtolower($domain));
+		if (empty($certificate_folder)) {
+			return false;
+		}
 		$ssl_file = FileDir::makeCorrectFile($certificate_folder . '/' . strtolower($domain) . '.cer');
 
 		if (is_dir($certificate_folder) && file_exists($ssl_file) && is_readable($ssl_file)) {
@@ -250,9 +253,13 @@ class AcmeSh extends FroxlorCron
 		return false;
 	}
 
-	public static function getWorkingDirFromEnv($domain = "", $forced_noecc = false)
+	public static function getWorkingDirFromEnv($domain = "", $forced_ecc = false): string
 	{
-		if (Settings::Get('system.leecc') > 0 && !$forced_noecc) {
+		// first try without _ecc either if it's enabled currently or not as
+		// it might have been at some point so there is a chance we have certificates
+		// with and without _ecc - the method getCertificateFolder() will check both
+		// possibilities
+		if ($forced_ecc) {
 			$domain .= "_ecc";
 		}
 		$env_file = FileDir::makeCorrectFile(dirname(self::getAcmeSh()) . '/acme.sh.env');
@@ -262,7 +269,7 @@ class AcmeSh extends FroxlorCron
 cut -d'"' -f2
 EOC;
 			exec('grep "LE_WORKING_DIR" ' . escapeshellarg($env_file) . ' | ' . $cut, $output);
-			if (is_array($output) && !empty($output) && isset($output[0]) && !empty($output[0])) {
+			if (is_array($output) && !empty($output) && !empty($output[0])) {
 				return FileDir::makeCorrectDir($output[0] . "/" . $domain);
 			}
 		}
@@ -635,35 +642,21 @@ EOC;
 	 */
 	private static function readCertificateToVar($domain, &$return, &$cronlog)
 	{
-		$certificate_folder = self::getWorkingDirFromEnv($domain);
-		$certificate_folder_noecc = null;
-		if (Settings::Get('system.leecc') > 0) {
-			$certificate_folder_noecc = self::getWorkingDirFromEnv($domain, true);
-		}
-		$certificate_folder = FileDir::makeCorrectDir($certificate_folder);
+		$certificate_folder = self::getCertificateFolder($domain);
 
-		if (is_dir($certificate_folder) || is_dir($certificate_folder_noecc)) {
-			foreach (
-				[
-					'crt' => $domain . '.cer',
-					'key' => $domain . '.key',
-					'chain' => 'ca.cer',
-					'fullchain' => 'fullchain.cer',
-					'csr' => $domain . '.csr'
-				] as $index => $sslfile
-			) {
+		if (!empty($certificate_folder)) {
+			$certificate_files = [
+				'crt' => $domain . '.cer',
+				'key' => $domain . '.key',
+				'chain' => 'ca.cer',
+				'fullchain' => 'fullchain.cer',
+				'csr' => $domain . '.csr'
+			];
+			foreach ($certificate_files as $index => $sslfile) {
 				$ssl_file = FileDir::makeCorrectFile($certificate_folder . '/' . $sslfile);
 				if (file_exists($ssl_file)) {
 					$return[$index] = file_get_contents($ssl_file);
 				} else {
-					if (!empty($certificate_folder_noecc)) {
-						$ssl_file_fb = FileDir::makeCorrectFile($certificate_folder_noecc . '/' . $sslfile);
-						if (file_exists($ssl_file_fb)) {
-							$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "ECC certificates activated but found only non-ecc file");
-							$return[$index] = file_get_contents($ssl_file_fb);
-							continue;
-						}
-					}
 					$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not find file '" . $sslfile . "' in '" . $certificate_folder . "'");
 					$return[$index] = null;
 				}
@@ -672,4 +665,18 @@ EOC;
 			$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not find certificate-folder '" . $certificate_folder . "'");
 		}
 	}
+
+	private static function getCertificateFolder(string $domain): string
+	{
+		$certificate_folder = self::getWorkingDirFromEnv(strtolower($domain));
+		if (file_exists($certificate_folder)) {
+			return $certificate_folder;
+		}
+		$certificate_folder_ecc = self::getWorkingDirFromEnv($domain, true);
+		if (file_exists($certificate_folder_ecc)) {
+			return $certificate_folder_ecc;
+		}
+		FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not find certificate-folder for domain '" . $domain . "'");
+		return "";
+	}
 }

lib/Froxlor/Cron/Http/Nginx.php

@@ -225,7 +225,7 @@ class Nginx extends HttpConfigBase
 					$this->nginx_data[$vhost_filename] .= "\t" . '}' . "\n";
 
 					// protect bin/
-					$this->nginx_data[$vhost_filename] .= "\t" . 'location ~ ' . rtrim($relpath, "/") . '/(bin|cache|logs|tests|vendor) {' . "\n";
+					$this->nginx_data[$vhost_filename] .= "\t" . 'location ~ ^' . rtrim($relpath, "/") . '/(bin|cache|logs|tests|vendor) {' . "\n";
 					$this->nginx_data[$vhost_filename] .= "\t" . '    deny all;' . "\n";
 					$this->nginx_data[$vhost_filename] .= "\t" . '}' . "\n";
 				}
@@ -883,13 +883,7 @@ class Nginx extends HttpConfigBase
 		// remove comments
 		$vhost = implode("\n", preg_replace('/^(\s+)?#(.*)$/', '', explode("\n", $vhost)));
 		// Break blocks into lines
-		$vhost = str_replace([
-			"{",
-			"}"
-		], [
-			" {\n",
-			"\n}"
-		], $vhost);
+		$vhost = preg_replace("/^(\s+)?location(.+)\{(.+)\}$/misU", "location $2 {\n $3 \n}", $vhost);
 		// Break into array items
 		$vhost = explode("\n", preg_replace('/[ \t]+/', ' ', trim(preg_replace('/\t+/', '', $vhost))));
 		// Remove empty lines

lib/Froxlor/CurrentUser.php

@@ -25,10 +25,10 @@
 
 namespace Froxlor;
 
-use Froxlor\Database\Database;
-use Froxlor\UI\Collection;
 use Froxlor\Api\Commands\Customers;
 use Froxlor\Api\Commands\SubDomains;
+use Froxlor\Database\Database;
+use Froxlor\UI\Collection;
 
 /**
  * Class to manage the current user / session
@@ -151,9 +151,13 @@ class CurrentUser
 			]);
 			$addition = $result['emaildomains'] != 0;
 		} elseif ($resource == 'subdomains') {
-			$parentDomainCollection = (new Collection(SubDomains::class, $_SESSION['userinfo'],
-				['sql_search' => ['d.parentdomainid' => 0]]));
-			$addition = $parentDomainCollection != 0;
+			if (Settings::IsInList('panel.customer_hide_options', 'domains')) {
+				$addition = false;
+			} else {
+				$parentDomainCollection = (new Collection(SubDomains::class, $_SESSION['userinfo'],
+					['sql_search' => ['d.parentdomainid' => 0]]));
+				$addition = $parentDomainCollection->count() != 0;
+			}
 		} elseif ($resource == 'domains') {
 			$customerCollection = (new Collection(Customers::class, $_SESSION['userinfo']));
 			$addition = $customerCollection != 0;

lib/Froxlor/Domain/IpAddr.php

@@ -55,6 +55,7 @@ class IpAddr
 
 	/**
 	 * @return array
+	 * @throws \Exception
 	 */
 	public static function getSslIpPortCombinations(): array
 	{
@@ -75,7 +76,7 @@ class IpAddr
 		$additional_conditions_params = [];
 		$additional_conditions_array = [];
 
-		if ($userinfo['ip'] != '-1') {
+		if (!empty($userinfo) && $userinfo['ip'] != '-1') {
 			$admin_ip_stmt = Database::prepare("
 				SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = IN (:ipid)
 			");

lib/Froxlor/Froxlor.php

@@ -31,7 +31,7 @@ final class Froxlor
 {
 
 	// Main version variable
-	const VERSION = '2.0.20';
+	const VERSION = '2.0.24';
 
 	// Database version (YYYYMMDDC where C is a daily counter)
 	const DBVERSION = '202304260';

lib/Froxlor/Install/Install/Core.php

@@ -448,7 +448,11 @@ class Core
 				$reload = "service php" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "-fpm restart";
 				$config_dir = "/etc/php/" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "/fpm/pool.d/";
 				// fcgid
-				$binary = "/usr/bin/php" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "-cgi";
+				if ($this->validatedData['distribution'] == 'bookworm') {
+					$binary = "/usr/bin/php-cgi" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION;
+				} else {
+					$binary = "/usr/bin/php" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "-cgi";
+				}
 			}
 			$db_user->query("UPDATE `" . TABLE_PANEL_FPMDAEMONS . "` SET `reload_cmd` = '" . $reload . "', `config_dir` = '" . $config_dir . "' WHERE `id` ='1';");
 			$db_user->query("UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET `binary` = '" . $binary . "';");

lib/Froxlor/PhpHelper.php

@@ -449,7 +449,15 @@ class PhpHelper
 			'ssl_specialsettings',
 			'default_vhostconf_domain',
 			'ssl_default_vhostconf_domain',
-			'filecontent'
+			'filecontent',
+			'admin_password',
+			'password',
+			'new_customer_password',
+			'privileged_password',
+			'email_password',
+			'directory_password',
+			'ftp_password',
+			'mysql_password',
 		];
 		if (!empty($global)) {
 			$tmp = $global;

lib/Froxlor/UI/Panel/UI.php

@@ -290,7 +290,8 @@ class UI
 		];
 	}
 
-	public static function validateThemeTemplate(string $name, string $theme = "") {
+	public static function validateThemeTemplate(string $name, string $theme = "")
+	{
 		if (empty(trim($theme))) {
 			$theme = self::getTheme();
 		}

lib/Froxlor/Validate/Validate.php

@@ -260,7 +260,7 @@ class Validate
 	}
 
 	/**
-	 * Returns if an emailaddress is in correct format or not
+	 * Returns if an email-address is in correct format or not
 	 *
 	 * @param string $email The email address to check
 	 *

lib/configfiles/bookworm.xml

@@ -2600,7 +2600,6 @@ ServerName                     "<SERVERNAME> FTP Server"
 ServerType			standalone
 DeferWelcome			off
 
-MultilineRFC2228		on
 DefaultServer			on
 ShowSymlinks			on
 
@@ -2939,7 +2938,6 @@ SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimit
 SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
 SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies
 SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies
-
 </IfModule>
 ]]>
 						</content>
@@ -2955,7 +2953,7 @@ TLSRSACertificateFile                   /etc/ssl/certs/proftpd.crt
 TLSRSACertificateKeyFile                /etc/ssl/private/proftpd.key
 TLSECCertificateFile                    /etc/ssl/certs/proftpd_ec.crt
 TLSECCertificateKeyFile                 /etc/ssl/private/proftpd_ec.key
-TLSOptions                              NoCertRequest NoSessionReuseRequired
+TLSOptions                              NoSessionReuseRequired
 TLSVerifyClient                         off
 
 # Are clients required to use FTP over TLS when talking to this server?
@@ -3317,7 +3315,7 @@ aliases:     files
 						<command><![CDATA[mkdir -p {{settings.system.mod_fcgid_configdir}}]]></command>
 						<command><![CDATA[mkdir -p {{settings.system.mod_fcgid_tmpdir}}]]></command>
 						<command><![CDATA[chmod 1777 {{settings.system.mod_fcgid_tmpdir}}]]></command>
-						<command><![CDATA[a2dismod php8.1]]></command>
+						<command><![CDATA[a2dismod php8.2]]></command>
 					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
@@ -3350,7 +3348,7 @@ aliases:     files
 						</visibility>
 						<visibility mode="true">{{settings.phpfpm.enabled_ownvhost}}
 						</visibility>
-						<command><![CDATA[a2dismod php8.1]]></command>
+						<command><![CDATA[a2dismod php8.2]]></command>
 					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->

lib/init.php

@@ -181,8 +181,10 @@ if (@file_exists('templates/' . $theme . '/config.json')) {
 }
 
 // check for existence of variant in theme
-if (is_array($_themeoptions) && (!array_key_exists('variants', $_themeoptions) || !array_key_exists($themevariant,
-			$_themeoptions['variants']))) {
+if (is_array($_themeoptions) && (!array_key_exists('variants', $_themeoptions) || !array_key_exists(
+    $themevariant,
+    $_themeoptions['variants']
+))) {
 	$themevariant = "default";
 }
 
@@ -216,12 +218,11 @@ UI::twig()->addGlobal('header_logo', $header_logo);
 if (!CurrentUser::hasSession() && AREA != 'login') {
 	unset($_SESSION['userinfo']);
 	CurrentUser::setData();
-	session_destroy();
-	$params = [
-		"script" => basename($_SERVER["SCRIPT_NAME"]),
-		"qrystr" => $_SERVER["QUERY_STRING"]
+	$_SESSION = [
+		"lastscript" => basename($_SERVER["SCRIPT_NAME"]),
+		"lastqrystr" => $_SERVER["QUERY_STRING"]
 	];
-	Response::redirectTo('index.php', $params);
+	Response::redirectTo('index.php');
 	exit();
 }
 

lib/navigation/00.froxlor.main.php

@@ -38,7 +38,7 @@ return [
 					'url' => 'customer_email.php?page=emails',
 					'label' => lng('menue.email.emails'),
 					'required_resources' => 'emails',
-					'add_shortlink' => CurrentUser::canAddResource('emails') ? 'customer_email.php?page=emails&action=add' : null,
+					'add_shortlink' => !CurrentUser::isAdmin() && CurrentUser::canAddResource('emails') ? 'customer_email.php?page=email_domain&action=add' : null,
 				],
 				[
 					'url' => Settings::Get('panel.webmail_url'),
@@ -60,7 +60,7 @@ return [
 					'url' => 'customer_mysql.php?page=mysqls',
 					'label' => lng('menue.mysql.databases'),
 					'required_resources' => 'mysqls',
-					'add_shortlink' => CurrentUser::canAddResource('mysqls')? 'customer_mysql.php?page=mysqls&action=add' : null,
+					'add_shortlink' => !CurrentUser::isAdmin() && CurrentUser::canAddResource('mysqls')? 'customer_mysql.php?page=mysqls&action=add' : null,
 				],
 				[
 					'url' => Settings::Get('panel.phpmyadmin_url'),
@@ -81,7 +81,7 @@ return [
 				[
 					'url' => 'customer_domains.php?page=domains',
 					'label' => lng('menue.domains.settings'),
-					'add_shortlink' => CurrentUser::canAddResource('subdomains') ? 'customer_domains.php?page=domains&action=add' : null,
+					'add_shortlink' => !CurrentUser::isAdmin() && CurrentUser::canAddResource('subdomains') ? 'customer_domains.php?page=domains&action=add' : null,
 				],
 				[
 					'url' => 'customer_domains.php?page=sslcertificates',
@@ -98,7 +98,7 @@ return [
 				[
 					'url' => 'customer_ftp.php?page=accounts',
 					'label' => lng('menue.ftp.accounts'),
-					'add_shortlink' => CurrentUser::canAddResource('ftps') ? 'customer_ftp.php?page=accounts&action=add' : null,
+					'add_shortlink' => !CurrentUser::isAdmin() && CurrentUser::canAddResource('ftps') ? 'customer_ftp.php?page=accounts&action=add' : null,
 				],
 				[
 					'url' => Settings::Get('panel.webftp_url'),

lng/en.lng.php

@@ -34,6 +34,7 @@ return [
 		'pt' => 'Portuguese',
 		'se' => 'Swedish',
 		'es' => 'Spanish',
+		'ca' => 'Catalan',
 	],
 	'2fa' => [
 		'2fa' => '2FA options',
@@ -1263,7 +1264,7 @@ Yours sincerely, your administrator',
 		'reset' => 'Discard changes',
 		'pathDescription' => 'If the directory doesn\'t exist, it will be created automatically.',
 		'pathDescriptionEx' => '<br /><br /><span class="text-danger">Please note:</span> The path <code>/</code> is not allowed due to administrative settings, it will automatically be set to <code>/chosen.subdomain.tld/</code> if not set to another directory.',
-		'pathDescriptionSubdomain' => 'If the directory doesn\'t exist, it will be created automatically.<br /><br />If you want a redirect to another domain than this entry has to start with http:// or https://.<br /><br />If the URL ends with / it is considered a folder, if not, it is treated as file.',
+		'pathDescriptionSubdomain' => 'If the directory doesn\'t exist, it will be created automatically.<br /><br />If you want a redirect to another domain then this entry has to start with http:// or https://.<br /><br />If the URL ends with / it is considered a folder, if not, it is treated as file.',
 		'back' => 'Back',
 		'reseller' => 'reseller',
 		'admin' => 'admin',

templates/Froxlor/login/fpwd.html.twig

@@ -3,7 +3,7 @@
 {% block content %}
 	<div class="container">
 		<div class="row justify-content-center">
-			<form class="col-12 max-w-420 d-flex flex-column" method="post" enctype="application/x-www-form-urlencoded">
+			<form action="{{ formaction }}" class="col-12 max-w-420 d-flex flex-column" method="post" enctype="application/x-www-form-urlencoded">
 				<img class="align-self-center my-5" src="{{ header_logo_login }}" alt="Froxlor Server Management Panel"/>
 
 				<div class="card shadow">
@@ -38,8 +38,6 @@
 					</div>
 
 					<div class="card-body d-grid gap-2">
-						<input type="hidden" name="action" value="{{ action }}"/>
-						<input type="hidden" name="send" value="send"/>
 						<button class="btn btn-primary rounded-top-0" type="submit" name="doremind">{{ lng('login.remind') }}</button>
 					</div>
 

templates/Froxlor/login/login.html.twig

@@ -39,9 +39,6 @@
 					</div>
 
 					<div class="card-body d-grid gap-2">
-						<input type="hidden" name="script" value="{{ lastscript }}"/>
-						<input type="hidden" name="qrystr" value="{{ lastqrystr|raw }}"/>
-						<input type="hidden" name="send" value="send"/>
 						<button class="btn btn-primary rounded-top-0" type="submit" name="dologin">{{ lng('login.login') }}</button>
 					</div>
 

templates/Froxlor/login/rpwd.html.twig

@@ -30,8 +30,6 @@
 					</div>
 
 					<div class="card-body d-grid gap-2">
-						<input type="hidden" name="action" value="resetpwd"/>
-						<input type="hidden" name="send" value="send"/>
 						<button class="btn btn-primary rounded-top-0" type="submit" name="doremind">{{ lng('login.remind') }}</button>
 					</div>
 

tests/Froxlor/FroxlorTest.php

@@ -19,11 +19,14 @@ class FroxlorTest extends TestCase
 
 		$json_result = Froxlor::getLocal($admin_userdata)->checkUpdate();
 		$result = json_decode($json_result, true)['data'];
-		$this->assertEquals(0, $result['isnewerversion']);
-		if (defined('DEV_FROXLOR') && DEV_FROXLOR == 1) {
-			$this->assertEquals("You already have the latest testing-version of Froxlor installed.", $result['additional_info']);
-		} else {
-			$this->assertEquals("You already have the latest version of Froxlor installed.", $result['additional_info']);
+		$this->assertContains($result['isnewerversion'] ?? -1, [0,1]);
+		$this->assertNotEmpty($result['version']);
+		if ($result['isnewerversion'] == 0) {
+			if (defined('DEV_FROXLOR') && DEV_FROXLOR == 1) {
+				$this->assertEquals("You already have the latest testing-version of Froxlor installed.", $result['additional_info']);
+			} else {
+				$this->assertEquals("You already have the latest version of Froxlor installed.", $result['additional_info']);
+			}
 		}
 	}
 }