set version to 2.1.3 for bugfix release

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

.github/workflows/build-docs.yml

@@ -2,7 +2,8 @@ name: build-documentation
 
 on:
   release:
-    types: [published]
+    # only run for stable releases
+    types: [released]
 
 jobs:
   build_docs:
@@ -11,4 +12,4 @@ jobs:
       - env:
           GITHUB_TOKEN: ${{ secrets.ORG_GITHUB_TOKEN }}
         run: |
-          gh workflow run --repo Froxlor/Documentation build-and-deploy.yml -f type=tags ref=${{github.ref_name}}
+          gh workflow run --repo Froxlor/Documentation build-and-deploy.yml -f type=tags -f ref=${{github.ref_name}}

.github/workflows/build-mariadb.yml

@@ -1,5 +1,5 @@
 name: Froxlor-CI-MariaDB
-on: ['push', 'pull_request', 'create']
+on: [ 'push', 'pull_request', 'create' ]
 
 jobs:
   froxlor:
@@ -8,8 +8,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-versions: ['7.4', '8.2']
-        mariadb-version: [10.11, 10.5]
+        php-versions: [ '7.4', '8.2' ]
+        mariadb-version: [ 10.11, 10.5 ]
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -49,33 +49,81 @@ jobs:
       - name: Run testing
         run: ant quick-build
 
-#      - name: irc push
-#        uses: rectalogic/notify-irc@v1
-#        if: github.event_name == 'push'
-#        with:
-#          channel: "#froxlor"
-#          server: "irc.libera.chat"
-#          nickname: froxlor-ci
-#          message: |
-#            ${{ github.actor }} pushed ${{ github.event.ref }} ${{ github.event.compare }}
-#            ${{ join(github.event.commits.*.message) }}
+  nightly:
+    name: Create nightly/testing tarball
+    runs-on: ubuntu-latest
+    needs: froxlor
+    if: ${{ github.event_name == 'push' }}
 
-#      - name: irc pull request
-#        uses: rectalogic/notify-irc@v1
-#        if: github.event_name == 'pull_request'
-#        with:
-#          channel: "#froxlor"
-#          server: "irc.libera.chat"
-#          nickname: froxlor-ci
-#          message: |
-#            ${{ github.actor }} opened PR ${{ github.event.pull_request.html_url }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
 
-#      - name: irc tag created
-#        uses: rectalogic/notify-irc@v1
-#        if: github.event_name == 'create' && github.event.ref_type == 'tag'
-#        with:
-#          channel: "#froxlor"
-#          server: "irc.libera.chat"
-#          nickname: froxlor-ci
-#          message: |
-#            ${{ github.actor }} tagged ${{ github.repository }} ${{ github.event.ref }}
+      - name: Setup PHP with PECL extension
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '7.4'
+          tools: composer:v2
+          extensions: mbstring, xml, ctype, pdo_mysql, mysql, curl, json, zip, session, filter, posix, openssl, fileinfo, bcmath, gmp, gnupg
+
+      - name: Install composer dependencies
+        run: composer install --no-dev
+
+      - name: Install Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20.x'
+
+      - name: Install npm dependencies
+        run: npm install
+
+      - name: Build assets
+        run: npm run build
+        working-directory: .
+
+      - name: Setting file/directory permissions
+        run: |
+          find -exec chmod ugo+r,u+w,go-w {} \;
+          find -type f -exec chmod ugo-x {} \;
+          find -type d -exec chmod ugo+x {} \;
+          chmod 0755 bin/froxlor-cli
+
+      - name: Remove vcs and unneeded files
+        run: |
+          rm .gitignore
+          rm .editorconfig
+          rm -rf node_modules
+          rm composer.json
+          rm composer.lock
+          rm package.json
+          rm package-lock.json
+          rm *.xml
+          rm vite.config.js
+
+      - name: Create empty index.html in built assets directory
+        run: |
+          touch templates/Froxlor/build/index.html
+          touch templates/Froxlor/build/assets/index.html
+
+      - name: Set outputs
+        id: vars
+        run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+
+      - name: Set nightly branding
+        run: |
+          sed -i "s/const BRANDING = '';/const BRANDING = '+nightly.${{steps.vars.outputs.sha_short}}';/" lib/Froxlor/Froxlor.php
+          zip -r froxlor-nightly.${{steps.vars.outputs.sha_short}}.zip . -x "*.git*"
+          sha256sum froxlor-nightly.${{steps.vars.outputs.sha_short}}.zip > froxlor-nightly.${{steps.vars.outputs.sha_short}}.zip.sha256
+          mkdir dist
+          mv froxlor-nightly.${{steps.vars.outputs.sha_short}}.zip dist/
+          mv froxlor-nightly.${{steps.vars.outputs.sha_short}}.zip.sha256 dist/
+
+      - name: Deploy nightly to server
+        uses: easingthemes/ssh-deploy@v3.4.3
+        env:
+          ARGS: "-rltDzvO --chown=${{ secrets.WEB_USER }}:${{ secrets.WEB_USER }}"
+          SOURCE: "dist/"
+          SSH_PRIVATE_KEY: ${{ secrets.SERVER_SSH_KEY }}
+          REMOTE_HOST: ${{ secrets.REMOTE_HOST }}
+          REMOTE_USER: ${{ secrets.REMOTE_USER }}
+          TARGET: "${{ secrets.REMOTE_TARGET }}"

README.md

@@ -34,19 +34,13 @@ You may find help in the following places:
 
 The froxlor community discord server can be found here: https://discord.froxlor.org
 
-### IRC
-
-froxlor may be found on libera.chat, channel #froxlor:
-irc://irc.libera.chat/froxlor
-
 ### Forum
 
 The community is located on https://forum.froxlor.org/
 
-### Wiki
+### Documentation
 
-More documentation may be found in the froxlor - documentation:
-https://docs.froxlor.org/
+The documentation may be found at https://docs.froxlor.org/
 
 ## License
 

SECURITY.md

@@ -27,7 +27,7 @@ With that, good luck hacking us ;)
 
 ### Vulnerabilities we accept
 
-Only reproducable issues on a default/clean setup from the latest stable release of a supported version will be accepted.
+Only reproducible issues on a default/clean setup from the latest stable release of a supported version will be accepted.
 
 ## Non-Qualifying Vulnerabilities
 
@@ -35,6 +35,8 @@ Only reproducable issues on a default/clean setup from the latest stable release
 - Theoretical attacks without proof of exploitability
 - Attacks that are the result of a third party library should be reported to the library maintainers
 - Social engineering
+- Attacks that require disabling security features or reducing the security level of the environment
+- Exploits by an admin user itself (privileged user and implicitly trusted)
 - Reflected file download
 - Physical attacks
 - Weak SSL/TLS/SSH algorithms or protocols
@@ -45,4 +47,4 @@ Only reproducable issues on a default/clean setup from the latest stable release
 
 ## Reporting a Vulnerability
 
-If you think you have found a vulnerability in froxlor, please head over to [https://huntr.dev/repos/froxlor/froxlor](https://huntr.dev/repos/froxlor/froxlor) and use the reporting possibilities there as we are funding the prize-pot for froxlor on this platform. Also, please give us appropriate time to fix the issue and build update-packages before publishing anything into the wild. Alternatively you can send us an email to [team@froxlor.org](team@froxlor.org).
+If you think you have found a vulnerability in froxlor, please head over to [https://github.com/Froxlor/Froxlor/security/advisories](https://github.com/Froxlor/Froxlor/security/advisories/new) and use the reporting possibilities there. Also, please give us appropriate time to fix the issue and build update-packages before publishing anything into the wild. Alternatively you can email us to [team@froxlor.org](team@froxlor.org).

actions/admin/settings/120.system.php

@@ -130,7 +130,8 @@ return [
 					'default' => 'stable',
 					'select_var' => [
 						'stable' => lng('serversettings.uc_stable'),
-						'testing' => lng('serversettings.uc_testing')
+						'testing' => lng('serversettings.uc_testing'),
+						'nightly' => lng('serversettings.uc_nightly')
 					],
 					'save_method' => 'storeSettingField',
 					'advanced_mode' => true
@@ -171,16 +172,6 @@ return [
 					'default' => false,
 					'save_method' => 'storeSettingField'
 				],
-				'system_index_file_extension' => [
-					'label' => lng('serversettings.index_file_extension'),
-					'settinggroup' => 'system',
-					'varname' => 'index_file_extension',
-					'type' => 'text',
-					'string_regexp' => '/^[a-zA-Z0-9]{1,6}$/',
-					'default' => 'html',
-					'save_method' => 'storeSettingField',
-					'advanced_mode' => true
-				],
 				'system_store_index_file_subs' => [
 					'label' => lng('serversettings.system_store_index_file_subs'),
 					'settinggroup' => 'system',

actions/admin/settings/185.spf.php

@@ -43,7 +43,8 @@ return [
 					'settinggroup' => 'spf',
 					'varname' => 'spf_entry',
 					'type' => 'text',
-					'default' => '"v=spf1 a mx -all"',
+					'string_regexp' => '/^v=spf[a-z0-9:~?\s.-]+$/i',
+					'default' => 'v=spf1 a mx -all',
 					'save_method' => 'storeSettingField'
 				]
 			]

admin_configfiles.php

@@ -60,7 +60,9 @@ if ($userinfo['change_serversettings'] == '1') {
 
 	if (!empty($distribution)) {
 		if (!file_exists($config_dir . '/' . $distribution . ".xml")) {
-			Response::dynamicError("Unknown distribution");
+			// unknown distribution -> redirect to select a valid distribution for config-templates
+			Settings::Set('system.distribution', '');
+			Response::redirectTo('admin_configfiles.php', ['reselect' => 1]);
 		}
 
 		// update setting if different

admin_templates.php

@@ -60,7 +60,8 @@ if (Settings::Get('panel.sendalternativemail') == 1) {
 }
 
 $file_templates = [
-	'index_html'
+	'index_html',
+	'unconfigured_html'
 ];
 
 $languages = Language::getLanguages();

bin/froxlor-cli

@@ -24,20 +24,8 @@
  * @license    https://files.froxlor.org/misc/COPYING.txt GPLv2
  */
 
-declare(strict_types=1);
-
-use Froxlor\Cli\ConfigDiff;
-use Symfony\Component\Console\Application;
-use Froxlor\Cli\RunApiCommand;
-use Froxlor\Cli\ConfigServices;
-use Froxlor\Cli\PhpSessionclean;
-use Froxlor\Cli\SwitchServerIp;
-use Froxlor\Cli\UpdateCommand;
-use Froxlor\Cli\InstallCommand;
-use Froxlor\Cli\MasterCron;
-use Froxlor\Cli\UserCommand;
-use Froxlor\Cli\ValidateAcmeWebroot;
 use Froxlor\Froxlor;
+use Symfony\Component\Console\Application;
 
 // validate correct php version
 if (version_compare("7.4.0", PHP_VERSION, ">=")) {
@@ -53,14 +41,31 @@ require dirname(__DIR__) . '/vendor/autoload.php';
 require dirname(__DIR__) . '/lib/tables.inc.php';
 
 $application = new Application('froxlor-cli', Froxlor::getFullVersion());
-$application->add(new RunApiCommand());
-$application->add(new ConfigServices());
-$application->add(new PhpSessionclean());
-$application->add(new SwitchServerIp());
-$application->add(new UpdateCommand());
-$application->add(new InstallCommand());
-$application->add(new MasterCron());
-$application->add(new UserCommand());
-$application->add(new ValidateAcmeWebroot());
-$application->add(new ConfigDiff());
+
+// files that are no commands
+$fileIgnoreList = [
+	// Current non-command files
+	'CliCommand.php',
+	'index.html',
+	'install.functions.php',
+];
+// directory of commands to include
+$cmd_files = glob(Froxlor::getInstallDir() . '/lib/Froxlor/Cli/*.php');
+
+// include and add commands
+foreach ($cmd_files as $cmdFile) {
+	// check ignore-list
+	if (!in_array(basename($cmdFile), $fileIgnoreList)) {
+		// include class-file
+		require $cmdFile;
+		// create class-name including namespace
+		$cmdClass = "\\Froxlor\\Cli\\" . substr(basename($cmdFile), 0, -4);
+		// check whether it exists
+		if (class_exists($cmdClass) && is_subclass_of($cmdClass, '\Symfony\Component\Console\Command\Command')) {
+			// add to cli application
+			$application->add(new $cmdClass());
+		}
+	}
+}
+
 $application->run();

composer.lock

@@ -8,16 +8,16 @@
     "packages": [
         {
             "name": "amnuts/opcache-gui",
-            "version": "3.5.2",
+            "version": "3.5.4",
             "source": {
                 "type": "git",
                 "url": "https://github.com/amnuts/opcache-gui.git",
-                "reference": "db9df06889067f99d95bb9f226ec99e663aed196"
+                "reference": "f3a8fe44c0a4c69dd69b9999d68f9097ee362946"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/amnuts/opcache-gui/zipball/db9df06889067f99d95bb9f226ec99e663aed196",
-                "reference": "db9df06889067f99d95bb9f226ec99e663aed196",
+                "url": "https://api.github.com/repos/amnuts/opcache-gui/zipball/f3a8fe44c0a4c69dd69b9999d68f9097ee362946",
+                "reference": "f3a8fe44c0a4c69dd69b9999d68f9097ee362946",
                 "shasum": ""
             },
             "require": {
@@ -58,7 +58,7 @@
             "support": {
                 "email": "andy@amnuts.com",
                 "issues": "https://github.com/amnuts/opcache-gui/issues",
-                "source": "https://github.com/amnuts/opcache-gui/tree/3.5.2"
+                "source": "https://github.com/amnuts/opcache-gui/tree/3.5.4"
             },
             "funding": [
                 {
@@ -66,7 +66,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2023-10-02T10:23:26+00:00"
+            "time": "2023-10-25T19:09:56+00:00"
         },
         {
             "name": "dflydev/dot-access-data",
@@ -674,16 +674,16 @@
         },
         {
             "name": "phpmailer/phpmailer",
-            "version": "v6.8.1",
+            "version": "v6.9.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/PHPMailer/PHPMailer.git",
-                "reference": "e88da8d679acc3824ff231fdc553565b802ac016"
+                "reference": "039de174cd9c17a8389754d3b877a2ed22743e18"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/e88da8d679acc3824ff231fdc553565b802ac016",
-                "reference": "e88da8d679acc3824ff231fdc553565b802ac016",
+                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/039de174cd9c17a8389754d3b877a2ed22743e18",
+                "reference": "039de174cd9c17a8389754d3b877a2ed22743e18",
                 "shasum": ""
             },
             "require": {
@@ -703,6 +703,7 @@
                 "yoast/phpunit-polyfills": "^1.0.4"
             },
             "suggest": {
+                "decomplexity/SendOauth2": "Adapter for using XOAUTH2 authentication",
                 "ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses",
                 "ext-openssl": "Needed for secure SMTP sending and DKIM signing",
                 "greew/oauth2-azure-provider": "Needed for Microsoft Azure XOAUTH2 authentication",
@@ -742,7 +743,7 @@
             "description": "PHPMailer is a full-featured email creation and transfer class for PHP",
             "support": {
                 "issues": "https://github.com/PHPMailer/PHPMailer/issues",
-                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.8.1"
+                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.9.1"
             },
             "funding": [
                 {
@@ -750,7 +751,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2023-08-29T08:26:30+00:00"
+            "time": "2023-11-25T22:23:28+00:00"
         },
         {
             "name": "psr/container",
@@ -972,16 +973,16 @@
         },
         {
             "name": "symfony/console",
-            "version": "v5.4.28",
+            "version": "v5.4.32",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/console.git",
-                "reference": "f4f71842f24c2023b91237c72a365306f3c58827"
+                "reference": "c70df1ffaf23a8d340bded3cfab1b86752ad6ed7"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/console/zipball/f4f71842f24c2023b91237c72a365306f3c58827",
-                "reference": "f4f71842f24c2023b91237c72a365306f3c58827",
+                "url": "https://api.github.com/repos/symfony/console/zipball/c70df1ffaf23a8d340bded3cfab1b86752ad6ed7",
+                "reference": "c70df1ffaf23a8d340bded3cfab1b86752ad6ed7",
                 "shasum": ""
             },
             "require": {
@@ -1051,7 +1052,7 @@
                 "terminal"
             ],
             "support": {
-                "source": "https://github.com/symfony/console/tree/v5.4.28"
+                "source": "https://github.com/symfony/console/tree/v5.4.32"
             },
             "funding": [
                 {
@@ -1067,7 +1068,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-08-07T06:12:30+00:00"
+            "time": "2023-11-18T18:23:04+00:00"
         },
         {
             "name": "symfony/deprecation-contracts",
@@ -1872,16 +1873,16 @@
         },
         {
             "name": "symfony/string",
-            "version": "v5.4.29",
+            "version": "v5.4.32",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/string.git",
-                "reference": "e41bdc93def20eaf3bfc1537c4e0a2b0680a152d"
+                "reference": "91bf4453d65d8231688a04376c3a40efe0770f04"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/string/zipball/e41bdc93def20eaf3bfc1537c4e0a2b0680a152d",
-                "reference": "e41bdc93def20eaf3bfc1537c4e0a2b0680a152d",
+                "url": "https://api.github.com/repos/symfony/string/zipball/91bf4453d65d8231688a04376c3a40efe0770f04",
+                "reference": "91bf4453d65d8231688a04376c3a40efe0770f04",
                 "shasum": ""
             },
             "require": {
@@ -1938,7 +1939,7 @@
                 "utf8"
             ],
             "support": {
-                "source": "https://github.com/symfony/string/tree/v5.4.29"
+                "source": "https://github.com/symfony/string/tree/v5.4.32"
             },
             "funding": [
                 {
@@ -1954,30 +1955,31 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-09-13T11:47:41+00:00"
+            "time": "2023-11-26T13:43:46+00:00"
         },
         {
             "name": "twig/twig",
-            "version": "v3.7.1",
+            "version": "v3.8.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/twigphp/Twig.git",
-                "reference": "a0ce373a0ca3bf6c64b9e3e2124aca502ba39554"
+                "reference": "9d15f0ac07f44dc4217883ec6ae02fd555c6f71d"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/Twig/zipball/a0ce373a0ca3bf6c64b9e3e2124aca502ba39554",
-                "reference": "a0ce373a0ca3bf6c64b9e3e2124aca502ba39554",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/9d15f0ac07f44dc4217883ec6ae02fd555c6f71d",
+                "reference": "9d15f0ac07f44dc4217883ec6ae02fd555c6f71d",
                 "shasum": ""
             },
             "require": {
                 "php": ">=7.2.5",
                 "symfony/polyfill-ctype": "^1.8",
-                "symfony/polyfill-mbstring": "^1.3"
+                "symfony/polyfill-mbstring": "^1.3",
+                "symfony/polyfill-php80": "^1.22"
             },
             "require-dev": {
                 "psr/container": "^1.0|^2.0",
-                "symfony/phpunit-bridge": "^5.4.9|^6.3"
+                "symfony/phpunit-bridge": "^5.4.9|^6.3|^7.0"
             },
             "type": "library",
             "autoload": {
@@ -2013,7 +2015,7 @@
             ],
             "support": {
                 "issues": "https://github.com/twigphp/Twig/issues",
-                "source": "https://github.com/twigphp/Twig/tree/v3.7.1"
+                "source": "https://github.com/twigphp/Twig/tree/v3.8.0"
             },
             "funding": [
                 {
@@ -2025,7 +2027,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-08-28T11:09:02+00:00"
+            "time": "2023-11-21T18:54:41+00:00"
         },
         {
             "name": "voku/anti-xss",
@@ -2291,16 +2293,16 @@
     "packages-dev": [
         {
             "name": "composer/pcre",
-            "version": "3.1.0",
+            "version": "3.1.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/composer/pcre.git",
-                "reference": "4bff79ddd77851fe3cdd11616ed3f92841ba5bd2"
+                "reference": "00104306927c7a0919b4ced2aaa6782c1e61a3c9"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/composer/pcre/zipball/4bff79ddd77851fe3cdd11616ed3f92841ba5bd2",
-                "reference": "4bff79ddd77851fe3cdd11616ed3f92841ba5bd2",
+                "url": "https://api.github.com/repos/composer/pcre/zipball/00104306927c7a0919b4ced2aaa6782c1e61a3c9",
+                "reference": "00104306927c7a0919b4ced2aaa6782c1e61a3c9",
                 "shasum": ""
             },
             "require": {
@@ -2342,7 +2344,7 @@
             ],
             "support": {
                 "issues": "https://github.com/composer/pcre/issues",
-                "source": "https://github.com/composer/pcre/tree/3.1.0"
+                "source": "https://github.com/composer/pcre/tree/3.1.1"
             },
             "funding": [
                 {
@@ -2358,7 +2360,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2022-11-17T09:50:14+00:00"
+            "time": "2023-10-11T07:11:09+00:00"
         },
         {
             "name": "composer/xdebug-handler",
@@ -2613,23 +2615,24 @@
         },
         {
             "name": "pdepend/pdepend",
-            "version": "2.15.1",
+            "version": "2.16.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/pdepend/pdepend.git",
-                "reference": "d12f25bcdfb7754bea458a4a5cb159d55e9950d0"
+                "reference": "8dfc0c46529e2073fa97986552f80646eedac562"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/pdepend/pdepend/zipball/d12f25bcdfb7754bea458a4a5cb159d55e9950d0",
-                "reference": "d12f25bcdfb7754bea458a4a5cb159d55e9950d0",
+                "url": "https://api.github.com/repos/pdepend/pdepend/zipball/8dfc0c46529e2073fa97986552f80646eedac562",
+                "reference": "8dfc0c46529e2073fa97986552f80646eedac562",
                 "shasum": ""
             },
             "require": {
                 "php": ">=5.3.7",
-                "symfony/config": "^2.3.0|^3|^4|^5|^6.0",
-                "symfony/dependency-injection": "^2.3.0|^3|^4|^5|^6.0",
-                "symfony/filesystem": "^2.3.0|^3|^4|^5|^6.0"
+                "symfony/config": "^2.3.0|^3|^4|^5|^6.0|^7.0",
+                "symfony/dependency-injection": "^2.3.0|^3|^4|^5|^6.0|^7.0",
+                "symfony/filesystem": "^2.3.0|^3|^4|^5|^6.0|^7.0",
+                "symfony/polyfill-mbstring": "^1.19"
             },
             "require-dev": {
                 "easy-doc/easy-doc": "0.0.0|^1.2.3",
@@ -2664,7 +2667,7 @@
             ],
             "support": {
                 "issues": "https://github.com/pdepend/pdepend/issues",
-                "source": "https://github.com/pdepend/pdepend/tree/2.15.1"
+                "source": "https://github.com/pdepend/pdepend/tree/2.16.0"
             },
             "funding": [
                 {
@@ -2672,7 +2675,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-09-28T12:00:56+00:00"
+            "time": "2023-11-29T08:52:35+00:00"
         },
         {
             "name": "phar-io/manifest",
@@ -2906,7 +2909,6 @@
                     "type": "github"
                 }
             ],
-            "abandoned": true,
             "time": "2020-12-07T05:51:20+00:00"
         },
         {
@@ -2995,16 +2997,16 @@
         },
         {
             "name": "phpstan/phpstan",
-            "version": "1.10.38",
+            "version": "1.10.46",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpstan/phpstan.git",
-                "reference": "5302bb402c57f00fb3c2c015bac86e0827e4b691"
+                "reference": "90d3d25c5b98b8068916bbf08ce42d5cb6c54e70"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpstan/phpstan/zipball/5302bb402c57f00fb3c2c015bac86e0827e4b691",
-                "reference": "5302bb402c57f00fb3c2c015bac86e0827e4b691",
+                "url": "https://api.github.com/repos/phpstan/phpstan/zipball/90d3d25c5b98b8068916bbf08ce42d5cb6c54e70",
+                "reference": "90d3d25c5b98b8068916bbf08ce42d5cb6c54e70",
                 "shasum": ""
             },
             "require": {
@@ -3053,7 +3055,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-10-06T14:19:14+00:00"
+            "time": "2023-11-28T14:57:26+00:00"
         },
         {
             "name": "phpunit/php-code-coverage",
@@ -4562,16 +4564,16 @@
         },
         {
             "name": "symfony/config",
-            "version": "v5.4.26",
+            "version": "v5.4.31",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/config.git",
-                "reference": "8109892f27beed9252bd1f1c1880aeb4ad842650"
+                "reference": "dd5ea39de228813aba0c23c3a4153da2a4cf3cd9"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/config/zipball/8109892f27beed9252bd1f1c1880aeb4ad842650",
-                "reference": "8109892f27beed9252bd1f1c1880aeb4ad842650",
+                "url": "https://api.github.com/repos/symfony/config/zipball/dd5ea39de228813aba0c23c3a4153da2a4cf3cd9",
+                "reference": "dd5ea39de228813aba0c23c3a4153da2a4cf3cd9",
                 "shasum": ""
             },
             "require": {
@@ -4621,7 +4623,7 @@
             "description": "Helps you find, load, combine, autofill and validate configuration values of any kind",
             "homepage": "https://symfony.com",
             "support": {
-                "source": "https://github.com/symfony/config/tree/v5.4.26"
+                "source": "https://github.com/symfony/config/tree/v5.4.31"
             },
             "funding": [
                 {
@@ -4637,20 +4639,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-07-19T20:21:11+00:00"
+            "time": "2023-11-09T08:22:43+00:00"
         },
         {
             "name": "symfony/dependency-injection",
-            "version": "v5.4.29",
+            "version": "v5.4.32",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/dependency-injection.git",
-                "reference": "338638ed8c9d5c7fcb136a73f5c7043465ae2f05"
+                "reference": "d5d48f215ed73f7973d01256b9a2fac729bef759"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/338638ed8c9d5c7fcb136a73f5c7043465ae2f05",
-                "reference": "338638ed8c9d5c7fcb136a73f5c7043465ae2f05",
+                "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/d5d48f215ed73f7973d01256b9a2fac729bef759",
+                "reference": "d5d48f215ed73f7973d01256b9a2fac729bef759",
                 "shasum": ""
             },
             "require": {
@@ -4710,7 +4712,7 @@
             "description": "Allows you to standardize and centralize the way objects are constructed in your application",
             "homepage": "https://symfony.com",
             "support": {
-                "source": "https://github.com/symfony/dependency-injection/tree/v5.4.29"
+                "source": "https://github.com/symfony/dependency-injection/tree/v5.4.32"
             },
             "funding": [
                 {
@@ -4726,7 +4728,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-09-20T06:23:43+00:00"
+            "time": "2023-11-29T06:58:28+00:00"
         },
         {
             "name": "symfony/filesystem",
@@ -4873,16 +4875,16 @@
         },
         {
             "name": "theseer/tokenizer",
-            "version": "1.2.1",
+            "version": "1.2.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/theseer/tokenizer.git",
-                "reference": "34a41e998c2183e22995f158c581e7b5e755ab9e"
+                "reference": "b2ad5003ca10d4ee50a12da31de12a5774ba6b96"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/theseer/tokenizer/zipball/34a41e998c2183e22995f158c581e7b5e755ab9e",
-                "reference": "34a41e998c2183e22995f158c581e7b5e755ab9e",
+                "url": "https://api.github.com/repos/theseer/tokenizer/zipball/b2ad5003ca10d4ee50a12da31de12a5774ba6b96",
+                "reference": "b2ad5003ca10d4ee50a12da31de12a5774ba6b96",
                 "shasum": ""
             },
             "require": {
@@ -4911,7 +4913,7 @@
             "description": "A small library for converting tokenized PHP source code into XML and potentially other formats",
             "support": {
                 "issues": "https://github.com/theseer/tokenizer/issues",
-                "source": "https://github.com/theseer/tokenizer/tree/1.2.1"
+                "source": "https://github.com/theseer/tokenizer/tree/1.2.2"
             },
             "funding": [
                 {
@@ -4919,7 +4921,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2021-07-28T10:34:58+00:00"
+            "time": "2023-11-20T00:12:19+00:00"
         }
     ],
     "aliases": [],

customer_domains.php

@@ -72,7 +72,7 @@ if ($page == 'overview' || $page == 'domains') {
 		}
 
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/domains/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/domains/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'

customer_email.php

@@ -76,7 +76,7 @@ if ($page == 'overview' || $page == 'emails') {
 		}
 
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/emails/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/emails/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'
@@ -138,7 +138,7 @@ if ($page == 'email_domain') {
 			];
 		}
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/emails/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/emails/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'

customer_extras.php

@@ -75,7 +75,7 @@ if ($page == 'overview' || $page == 'htpasswds') {
 		];
 
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/extras/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/extras/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'
@@ -200,7 +200,7 @@ if ($page == 'overview' || $page == 'htpasswds') {
 		];
 
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/extras/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/extras/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'
@@ -349,7 +349,7 @@ if ($page == 'overview' || $page == 'htpasswds') {
 
 				$actions_links = [
 					[
-						'href' => 'https://docs.froxlor.org/v2/user-guide/extras/',
+						'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/extras/',
 						'target' => '_blank',
 						'icon' => 'fa-solid fa-circle-info',
 						'class' => 'btn-outline-secondary'

customer_ftp.php

@@ -65,7 +65,7 @@ if ($page == 'overview' || $page == 'accounts') {
 			];
 		}
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/ftp-accounts/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/ftp-accounts/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'

customer_index.php

@@ -115,8 +115,8 @@ if ($page == 'overview') {
 	$userinfo['traffic_bytes_used'] = $userinfo['traffic_used'] * 1024;
 
 	if (Settings::Get('system.mail_quota_enabled')) {
-		$userinfo['email_quota_bytes'] = ($userinfo['email_quota'] > -1) ? $userinfo['email_quota'] * 1024 : -1;
-		$userinfo['email_quota_bytes_used'] = $userinfo['email_quota_used'] * 1024;
+		$userinfo['email_quota_bytes'] = ($userinfo['email_quota'] > -1) ? $userinfo['email_quota'] * 1024 * 1024 : -1;
+		$userinfo['email_quota_bytes_used'] = $userinfo['email_quota_used'] * 1024 * 1024;
 	}
 
 	if ($usages) {

customer_mysql.php

@@ -75,7 +75,7 @@ if ($page == 'overview' || $page == 'mysqls') {
 		}
 
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/databases/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/databases/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'

index.php

@@ -74,27 +74,26 @@ if ($action == '2fa_entercode') {
 	$code = isset($_POST['2fa_code']) ? $_POST['2fa_code'] : null;
 	// verify entered code
 	$tfa = new FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname'));
-	$result = ($_SESSION['secret_2fa'] == 'email' ? true : $tfa->verifyCode($_SESSION['secret_2fa'], $code, 3));
 	// get user-data
 	$table = $_SESSION['uidtable_2fa'];
 	$field = $_SESSION['uidfield_2fa'];
 	$uid = $_SESSION['uid_2fa'];
 	$isadmin = $_SESSION['unfo_2fa'];
+	if ($_SESSION['secret_2fa'] == 'email') {
+		// verify code set to user's data_2fa field
+		$sel_stmt = Database::prepare("SELECT `data_2fa` FROM " . $table . " WHERE `" . $field . "` = :uid");
+		$userinfo_code = Database::pexecute_first($sel_stmt, ['uid' => $uid]);
+		$result = $tfa->verifyCode($userinfo_code['data_2fa'], $code);
+	} else {
+		$result = $tfa->verifyCode($_SESSION['secret_2fa'], $code, 3);
+	}
 	// either the code is valid when using authenticator-app, or we will select userdata by id and entered code
 	// which is temporarily stored for the customer when using email-2fa
 	if ($result) {
 		$sel_param = [
 			'uid' => $uid
 		];
-		if ($_SESSION['secret_2fa'] == 'email') {
-			// verify code by selecting user by id and the temp. stored code,
-			// so only if it's the correct code, we get the user-data
-			$sel_stmt = Database::prepare("SELECT * FROM " . $table . " WHERE `" . $field . "` = :uid AND `data_2fa` = :code");
-			$sel_param['code'] = $code;
-		} else {
-			// Authenticator-verification has already happened at this point, so just get the user-data
 		$sel_stmt = Database::prepare("SELECT * FROM " . $table . " WHERE `" . $field . "` = :uid");
-		}
 		$userinfo = Database::pexecute_first($sel_stmt, $sel_param);
 		// whoops, no (valid) user? Start again
 		if (empty($userinfo)) {
@@ -327,11 +326,12 @@ if ($action == '2fa_entercode') {
 			if ($userinfo['type_2fa'] == 1) {
 				// generate code
 				$tfa = new FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname'));
-				$code = $tfa->getCode($tfa->createSecret());
+				$secret = $tfa->createSecret();
+				$code = $tfa->getCode($secret);
 				// set code for user
 				$stmt = Database::prepare("UPDATE $table SET `data_2fa` = :d2fa WHERE `$uid` = :uid");
 				Database::pexecute($stmt, [
-					"d2fa" => $code,
+					"d2fa" => $secret,
 					"uid" => $userinfo[$uid]
 				]);
 				// build up & send email

install/froxlor.sql.php

@@ -157,7 +157,7 @@ CREATE TABLE `panel_admins` (
   `api_allowed` tinyint(1) NOT NULL default '1',
    PRIMARY KEY  (`adminid`),
    UNIQUE KEY `loginname` (`loginname`)
-) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;
+) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci ROW_FORMAT=DYNAMIC;
 
 
 DROP TABLE IF EXISTS `panel_customers`;
@@ -299,7 +299,7 @@ CREATE TABLE `panel_domains` (
   KEY `customerid` (`customerid`),
   KEY `parentdomain` (`parentdomainid`),
   KEY `domain` (`domain`)
-) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;
+) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci ROW_FORMAT=DYNAMIC;
 
 
 DROP TABLE IF EXISTS `panel_ipsandports`;
@@ -391,7 +391,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('admin', 'show_version_footer', '0'),
 	('caa', 'caa_entry', ''),
 	('spf', 'use_spf', '0'),
-	('spf', 'spf_entry', '"v=spf1 a mx -all"'),
+	('spf', 'spf_entry', 'v=spf1 a mx -all'),
 	('dkim', 'dkim_algorithm', 'all'),
 	('dkim', 'dkim_keylength', '1024'),
 	('dkim', 'dkim_servicetype', '0'),
@@ -562,7 +562,6 @@ opcache.validate_timestamps'),
 	('system', 'mod_fcgid_wrapper', '1'),
 	('system', 'mod_fcgid_starter', '0'),
 	('system', 'mod_fcgid_peardir', '/usr/share/php/:/usr/share/php5/'),
-	('system', 'index_file_extension', 'html'),
 	('system', 'mod_fcgid_maxrequests', '250'),
 	('system', 'ssl_key_file','/etc/ssl/froxlor_selfsigned.key'),
 	('system', 'ssl_ca_file', ''),
@@ -679,7 +678,7 @@ opcache.validate_timestamps'),
 	('system', 'distribution', ''),
 	('system', 'update_channel', 'stable'),
 	('system', 'updatecheck_data', ''),
-	('system', 'update_notify_last', '2.1.0-beta2'),
+	('system', 'update_notify_last', ''),
 	('system', 'traffictool', 'goaccess'),
 	('system', 'req_limit_per_interval', 60),
 	('system', 'req_limit_interval', 60),
@@ -727,8 +726,8 @@ opcache.validate_timestamps'),
 	('panel', 'logo_overridecustom', '0'),
 	('panel', 'settings_mode', '0'),
 	('panel', 'menu_collapsed', '1'),
-	('panel', 'version', '2.1.0-beta2'),
-	('panel', 'db_version', '202305240');
+	('panel', 'version', '2.1.3'),
+	('panel', 'db_version', '202312120');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;
@@ -751,6 +750,7 @@ CREATE TABLE `panel_templates` (
   `templategroup` varchar(255) NOT NULL default '',
   `varname` varchar(255) NOT NULL default '',
   `value` longtext NOT NULL,
+  `file_extension` varchar(50) NOT NULL default 'html',
   PRIMARY KEY  (id),
   KEY adminid (adminid)
 ) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;

install/updates/froxlor/update_2.1.inc.php

@@ -38,6 +38,7 @@ if (!defined('_CRON_UPDATE')) {
 
 if (Froxlor::isFroxlorVersion('2.0.24')) {
 	Update::showUpdateStep("Cleaning domains table");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ROW_FORMAT=DYNAMIC;");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` DROP COLUMN `ismainbutsubto`;");
 	Update::lastStepStatus(0);
 
@@ -67,15 +68,18 @@ if (Froxlor::isFroxlorVersion('2.0.24')) {
 	}
 
 	Update::showUpdateStep("Adjusting cronjobs");
-	Database::query("
+	$cfupd_stmt = Database::prepare("
         UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET
         `module`= 'froxlor/export',
         `cronfile` = 'export',
-        `cronclass` = '\\Froxlor\\Cron\\System\\ExportCron',
+        `cronclass` = :cc,
         `interval` = '1 HOUR',
         `desc_lng_key` = 'cron_export'
         WHERE `module` = 'froxlor/backup'
     ");
+	Database::pexecute($cfupd_stmt, [
+		'cc' => '\\Froxlor\\Cron\\System\\ExportCron'
+	]);
 	Update::lastStepStatus(0);
 
 	Update::showUpdateStep("Adjusting system for data-export function");
@@ -103,3 +107,170 @@ if (Froxlor::isFroxlorVersion('2.1.0-beta1')) {
 
 	Froxlor::updateToVersion('2.1.0-beta2');
 }
+
+if (Froxlor::isFroxlorVersion('2.1.0-beta2')) {
+	Update::showUpdateStep("Updating from 2.1.0-beta2 to 2.1.0-rc1", false);
+	Froxlor::updateToVersion('2.1.0-rc1');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.0-rc1')) {
+	Update::showUpdateStep("Updating from 2.1.0-rc1 to 2.1.0-rc2", false);
+
+	Update::showUpdateStep("Adjusting setting spf_entry");
+	$spf_entry = Settings::Get('spf.spf_entry');
+	if (!preg_match('/^v=spf[a-z0-9:~?\s.-]+$/i', $spf_entry)) {
+		Settings::Set('spf.spf_entry', 'v=spf1 a mx -all');
+		Update::lastStepStatus(1, 'corrected');
+	} else {
+		Update::lastStepStatus(0);
+	}
+
+	Froxlor::updateToVersion('2.1.0-rc2');
+}
+
+if (Froxlor::isDatabaseVersion('202305240')) {
+
+	Update::showUpdateStep("Adjusting file-template file extension setttings");
+	$current_fileextension = Settings::Get('system.index_file_extension');
+	Database::query("DELETE FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup`= 'system' AND `varname`= 'index_file_extension'");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_TEMPLATES . "` ADD `file_extension` varchar(50) NOT NULL default 'html';");
+	if (!empty(trim($current_fileextension)) && strtolower(trim($current_fileextension)) != 'html') {
+		$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_TEMPLATES . "` SET `file_extension` = :ext WHERE `templategroup` = 'files'");
+		Database::pexecute($stmt, ['ext' => strtolower(trim($current_fileextension))]);
+	}
+	Update::lastStepStatus(0);
+
+	Froxlor::updateToDbVersion('202311260');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.0-rc2')) {
+	Update::showUpdateStep("Updating from 2.1.0-rc2 to 2.1.0-rc3", false);
+	Froxlor::updateToVersion('2.1.0-rc3');
+}
+
+if (Froxlor::isDatabaseVersion('202311260')) {
+	Update::showUpdateStep("Cleaning up old files");
+	$to_clean = array(
+		"install/updates/froxlor/update_2.x.inc.php",
+		"install/updates/preconfig/preconfig_2.x.inc.php",
+		"lib/Froxlor/Api/Commands/CustomerBackups.php",
+		"lib/Froxlor/Cli/Action",
+		"lib/Froxlor/Cli/Action.php",
+		"lib/Froxlor/Cli/CmdLineHandler.php",
+		"lib/Froxlor/Cli/ConfigServicesCmd.php",
+		"lib/Froxlor/Cli/PhpSessioncleanCmd.php",
+		"lib/Froxlor/Cli/SwitchServerIpCmd.php",
+		"lib/Froxlor/Cli/UpdateCliCmd.php",
+		"lib/Froxlor/Cron/System/BackupCron.php",
+		"lib/formfields/customer/extras/formfield.backup.php",
+		"lib/tablelisting/customer/tablelisting.backups.php",
+		"templates/Froxlor/assets/mix-manifest.json",
+		"templates/Froxlor/assets/css",
+		"templates/Froxlor/assets/webfonts",
+		"templates/Froxlor/assets/js/main.js",
+		"templates/Froxlor/assets/js/main.js.LICENSE.txt",
+		"templates/Froxlor/src",
+		"templates/Froxlor/user/change_language.html.twig",
+		"templates/Froxlor/user/change_password.html.twig",
+		"templates/Froxlor/user/change_theme.html.twig",
+		"tests/Backup/CustomerBackupsTest.php"
+	);
+	$disabled = explode(',', ini_get('disable_functions'));
+	$exec_allowed = !in_array('exec', $disabled);
+	$del_list = "";
+	foreach ($to_clean as $filedir) {
+		$complete_filedir = Froxlor::getInstallDir() . $filedir;
+		if (file_exists($complete_filedir)) {
+			if ($exec_allowed) {
+				FileDir::safe_exec("rm -rf " . escapeshellarg($complete_filedir));
+			} else {
+				$del_list .= "rm -rf " . escapeshellarg($complete_filedir) . PHP_EOL;
+			}
+		}
+	}
+	if ($exec_allowed) {
+		Update::lastStepStatus(0);
+	} else {
+		if (empty($del_list)) {
+			// none of the files existed
+			Update::lastStepStatus(0);
+		} else {
+			Update::lastStepStatus(
+                1,
+                'manual commands needed',
+                'Please run the following commands manually:<br><pre>' . $del_list . '</pre>'
+            );
+		}
+	}
+	Froxlor::updateToDbVersion('202312050');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.0-rc3')) {
+	Update::showUpdateStep("Updating from 2.1.0-rc3 to 2.1.0 stable", false);
+	Froxlor::updateToVersion('2.1.0');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.0')) {
+	Update::showUpdateStep("Updating from 2.1.0 to 2.1.1", false);
+	Froxlor::updateToVersion('2.1.1');
+}
+
+if (Froxlor::isDatabaseVersion('202312050')) {
+	Update::showUpdateStep("Cleaning up old files");
+	$to_clean = array(
+		"lib/configfiles/centos7.xml",
+		"lib/configfiles/centos8.xml",
+		"lib/configfiles/stretch.xml",
+		"lib/configfiles/xenial.xml",
+		"lib/configfiles/buster.xml",
+		"lib/configfiles/bionic.xml",
+	);
+	$disabled = explode(',', ini_get('disable_functions'));
+	$exec_allowed = !in_array('exec', $disabled);
+	$del_list = "";
+	foreach ($to_clean as $filedir) {
+		$complete_filedir = Froxlor::getInstallDir() . $filedir;
+		if (file_exists($complete_filedir)) {
+			if ($exec_allowed) {
+				FileDir::safe_exec("rm -rf " . escapeshellarg($complete_filedir));
+			} else {
+				$del_list .= "rm -rf " . escapeshellarg($complete_filedir) . PHP_EOL;
+			}
+		}
+	}
+	if ($exec_allowed) {
+		Update::lastStepStatus(0);
+	} else {
+		if (empty($del_list)) {
+			// none of the files existed
+			Update::lastStepStatus(0);
+		} else {
+			Update::lastStepStatus(
+				1,
+				'manual commands needed',
+				'Please run the following commands manually:<br><pre>' . $del_list . '</pre>'
+			);
+		}
+	}
+	Froxlor::updateToDbVersion('202312100');
+}
+
+if (Froxlor::isDatabaseVersion('202312100')) {
+
+	Update::showUpdateStep("Adjusting table row format of larger tables");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_ADMINS . "` ROW_FORMAT=DYNAMIC;");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ROW_FORMAT=DYNAMIC;");
+	Update::lastStepStatus(0);
+
+	Froxlor::updateToDbVersion('202312120');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.1')) {
+	Update::showUpdateStep("Updating from 2.1.1 to 2.1.2", false);
+	Froxlor::updateToVersion('2.1.2');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.2')) {
+	Update::showUpdateStep("Updating from 2.1.2 to 2.1.3", false);
+	Froxlor::updateToVersion('2.1.3');
+}

lib/Froxlor/Api/Commands/Customers.php

@@ -1053,7 +1053,7 @@ class Customers extends ApiCommand implements ResourceEntity
 			$email = $this->getParam('email', true, $idna_convert->decode($result['email']));
 			$name = $this->getParam('name', true, $result['name']);
 			$firstname = $this->getParam('firstname', true, $result['firstname']);
-			$company_required = empty($result['company']) && ((!empty($name) && empty($firstname)) || (empty($name) && !empty($firstname)) || (empty($name) && empty($firstname)));
+			$company_required = (!empty($name) && empty($firstname)) || (empty($name) && !empty($firstname)) || (empty($name) && empty($firstname));
 			$company = $this->getParam('company', !$company_required, $result['company']);
 			$street = $this->getParam('street', true, $result['street']);
 			$zipcode = $this->getParam('zipcode', true, $result['zipcode']);

lib/Froxlor/Api/Commands/Domains.php

@@ -349,6 +349,8 @@ class Domains extends ApiCommand implements ResourceEntity
 
 				if (substr($p_domain, 0, 4) == 'xn--') {
 					Response::standardError('domain_nopunycode', '', true);
+				} elseif (Validate::validate_ip2($p_domain, true, '', true, true)) {
+					Response::standardError('domain_noipaddress', '', true);
 				}
 
 				$idna_convert = new IdnaWrapper();
@@ -1650,6 +1652,7 @@ class Domains extends ApiCommand implements ResourceEntity
 				|| $iswildcarddomain != $result['iswildcarddomain']
 				|| $phpenabled != $result['phpenabled']
 				|| $openbasedir != $result['openbasedir']
+				|| $openbasedir_path != $result['openbasedir_path']
 				|| $phpsettingid != $result['phpsettingid']
 				|| $mod_fcgid_starter != $result['mod_fcgid_starter']
 				|| $mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests']
@@ -1667,6 +1670,7 @@ class Domains extends ApiCommand implements ResourceEntity
 				|| $hsts_sub != $result['hsts_sub']
 				|| $hsts_preload != $result['hsts_preload']
 				|| $ocsp_stapling != $result['ocsp_stapling']
+				|| $sslenabled != $result['ssl_enabled']
 			) {
 				Cronjob::inserttask(TaskId::REBUILD_VHOST);
 			}
@@ -1815,7 +1819,7 @@ class Domains extends ApiCommand implements ResourceEntity
 			$update_data['wwwserveralias'] = $wwwserveralias;
 			$update_data['iswildcarddomain'] = $iswildcarddomain;
 			$update_data['phpenabled'] = $phpenabled;
-			$update_data['openbasedir'] = $openbasedir;;
+			$update_data['openbasedir'] = $openbasedir;
 			$update_data['openbasedir_path'] = $openbasedir_path;
 			$update_data['speciallogfile'] = $speciallogfile;
 			$update_data['phpsettingid'] = $phpsettingid;

lib/Froxlor/Api/Commands/Froxlor.php

@@ -82,7 +82,7 @@ class Froxlor extends ApiCommand
 				if ($aucheck == 1) {
 					// anzeige über version-status mit ggfls. formular
 					// zum update schritt #1 -> download
-					$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') == 'testing' ? 'testing ' : ''), AutoUpdate::getFromResult('version'), $this->version]);
+					$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') != 'stable' ? Settings::Get('system.update_channel').' ' : ''), AutoUpdate::getFromResult('version'), $this->version]);
 					$response = [
 						'isnewerversion' => (int) !AutoUpdate::getFromResult('has_latest'),
 						'version' => $this->version,
@@ -91,7 +91,7 @@ class Froxlor extends ApiCommand
 						'additional_info' => AutoUpdate::getFromResult('info'),
 						'aucheck' => $aucheck
 					];
-				} else if ($aucheck < 0 || $aucheck > 1) {
+				} elseif ($aucheck < 0 || $aucheck > 1) {
 					// errors
 					if ($aucheck < 0) {
 						$errmsg = AutoUpdate::getLastError();
@@ -259,14 +259,15 @@ class Froxlor extends ApiCommand
 	 * returns a random password based on froxlor settings for min-length, included characters, etc.
 	 *
 	 * @param int $length
-	 *            optional length of password, defaults to 10
+	 *            optional length of password, defaults to 0 (panel.password_min_length)
 	 *
 	 * @access admin, customer
 	 * @return string
+	 * @throws Exception
 	 */
-	public function generatePassword()
+	public function generatePassword(): string
 	{
-		$length = $this->getParam('length', true, 10);
+		$length = $this->getParam('length', true, 0);
 		return $this->response(Crypt::generatePassword($length));
 	}
 

lib/Froxlor/Api/Commands/IpsAndPorts.php

@@ -176,8 +176,9 @@ class IpsAndPorts extends ApiCommand implements ResourceEntity
 
 			if ((int)Settings::Get('system.use_ssl') == 1) {
 				$ssl = (bool)$this->getBoolParam('ssl', true, 0);
-				$ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', !$ssl, ''), 'ssl_cert_file', '', '', [], true);
-				$ssl_key_file = Validate::validate($this->getParam('ssl_key_file', !$ssl, ''), 'ssl_key_file', '', '', [], true);
+				$cert_optional = !($ssl && empty(Settings::Get('system.ssl_cert_file')));
+				$ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', $cert_optional, ''), 'ssl_cert_file', '', '', [], true);
+				$ssl_key_file = Validate::validate($this->getParam('ssl_key_file', $cert_optional, ''), 'ssl_key_file', '', '', [], true);
 				$ssl_ca_file = Validate::validate($this->getParam('ssl_ca_file', true, ''), 'ssl_ca_file', '', '', [], true);
 				$ssl_cert_chainfile = Validate::validate($this->getParam('ssl_cert_chainfile', true, ''), 'ssl_cert_chainfile', '', '', [], true);
 				$sslss = $this->getParam('ssl_specialsettings', true, '');
@@ -415,8 +416,9 @@ class IpsAndPorts extends ApiCommand implements ResourceEntity
 
 			if ((int)Settings::Get('system.use_ssl') == 1) {
 				$ssl = (bool)$this->getBoolParam('ssl', true, $result['ssl']);
-				$ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', !$ssl, $result['ssl_cert_file']), 'ssl_cert_file', '', '', [], true);
-				$ssl_key_file = Validate::validate($this->getParam('ssl_key_file', !$ssl, $result['ssl_key_file']), 'ssl_key_file', '', '', [], true);
+				$cert_optional = !($ssl && empty(Settings::Get('system.ssl_cert_file')));
+				$ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', $cert_optional, $result['ssl_cert_file']), 'ssl_cert_file', '', '', [], true);
+				$ssl_key_file = Validate::validate($this->getParam('ssl_key_file', $cert_optional, $result['ssl_key_file']), 'ssl_key_file', '', '', [], true);
 				$ssl_ca_file = Validate::validate($this->getParam('ssl_ca_file', true, $result['ssl_ca_file']), 'ssl_ca_file', '', '', [], true);
 				$ssl_cert_chainfile = Validate::validate($this->getParam('ssl_cert_chainfile', true, $result['ssl_cert_chainfile']), 'ssl_cert_chainfile', '', '', [], true);
 				$sslss = $this->getParam('ssl_specialsettings', true, $result['ssl_specialsettings']);

lib/Froxlor/Cli/InstallCommand.php

@@ -211,7 +211,7 @@ final class InstallCommand extends Command
 						$ask_field = false;
 					}
 					$fielddata['value'] = $this->formfielddata[$fieldname] ?? ($fielddata['value'] ?? null);
-					$fielddata['label'] = strip_tags(str_replace("<br>", " ", $fielddata['label']));
+					$fielddata['label'] = $this->cliTextFormat($fielddata['label'], " ");
 					if ($ask_field) {
 						if ($fielddata['type'] == 'password') {
 							$this->formfielddata[$fieldname] = $this->io->askHidden($fielddata['label'], function ($value) use ($fielddata) {
@@ -267,15 +267,17 @@ final class InstallCommand extends Command
 			case 4:
 				$section = $inst->formfield['install']['sections']['step' . $step] ?? [];
 				$this->io->section($section['title']);
-				$this->io->note($section['description']);
+				$this->io->note($this->cliTextFormat($section['description']));
 				$cmdfield = $section['fields']['system'];
 				$this->io->success([
 					$cmdfield['label'],
 					$cmdfield['value']
 				]);
+				if (!isset($decoded_input['manual_config']) || (bool)$decoded_input['manual_config'] === false) {
 					if (!empty($decoded_input) || $this->io->confirm('Execute command now?', false)) {
 						passthru($cmdfield['value']);
 					}
+				}
 				break;
 		}
 		return $result;
@@ -305,7 +307,7 @@ final class InstallCommand extends Command
 		$json_output = [];
 		foreach ($fields['install']['sections'] as $section => $section_fields) {
 			foreach ($section_fields['fields'] as $name => $field) {
-				if ($name == 'system' || $name == 'manual_config' || $name == 'target_servername') {
+				if ($name == 'system' || $name == 'target_servername') {
 					continue;
 				}
 				if ($field['type'] == 'text' || $field['type'] == 'email') {
@@ -318,7 +320,7 @@ final class InstallCommand extends Command
 					$fieldval = '******';
 				} elseif ($field['type'] == 'select') {
 					$fieldval = implode("|", array_keys($field['select_var']));
-				} else if ($field['type'] == 'checkbox') {
+				} elseif ($field['type'] == 'checkbox') {
 					$fieldval = "1|0";
 				} else {
 					$fieldval = "?";
@@ -346,4 +348,10 @@ final class InstallCommand extends Command
 		curl_close($ch);
 		fclose($fp);
 	}
+
+	private function cliTextFormat(string $text, string $nl_char = "\n"): string
+	{
+		$text = str_replace(['<br>', '<br/>', '<br />'], [$nl_char, $nl_char, $nl_char], $text);
+		return strip_tags($text);
+	}
 }

lib/Froxlor/Cli/UpdateCommand.php

@@ -56,7 +56,7 @@ final class UpdateCommand extends CliCommand
 
 		// database update only
 		if ($input->getOption('database')) {
-			$result = $this->validateRequirements($input, $output, true);
+			$result = $this->validateRequirements($output, true);
 			if ($result == self::SUCCESS) {
 				if (Froxlor::hasUpdates() || Froxlor::hasDbUpdates()) {
 					$output->writeln('<info>' . lng('updates.dbupdate_required') . '</>');
@@ -77,7 +77,7 @@ final class UpdateCommand extends CliCommand
 			return $result;
 		}
 
-		$result = $this->validateRequirements($input, $output);
+		$result = $this->validateRequirements($output);
 
 		if ($result != self::SUCCESS) {
 			// requirements failed, exit
@@ -100,7 +100,7 @@ final class UpdateCommand extends CliCommand
 					}
 					// there is a new version
 					if ($input->getOption('check-only')) {
-						$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') == 'testing' ? 'testing ' : ''), AutoUpdate::getFromResult('version'), Froxlor::VERSION]);
+						$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') != 'stable' ? Settings::Get('system.update_channel').' ' : ''), AutoUpdate::getFromResult('version'), Froxlor::VERSION]);
 					} else {
 						$text = lng('admin.newerversionavailable') . ' ' . lng('admin.newerversiondetails', [AutoUpdate::getFromResult('version'), Froxlor::VERSION]);
 					}
@@ -175,7 +175,7 @@ final class UpdateCommand extends CliCommand
 								$result = self::SUCCESS;
 								$question = new ConfirmationQuestion('Update database? [no] ', false, '/^(y|j)/i');
 								if ($yestoall || $helper->ask($input, $output, $question)) {
-									$result = $this->updateDatabase();
+									$result = $this->runUpdate($output, true);
 								}
 							} else {
 								$errmsg = 'error.autoupdate_' . $auex;
@@ -199,7 +199,7 @@ final class UpdateCommand extends CliCommand
 		if ($input->getOption('mail-notify')) {
 			$last_check_version = Settings::Get('system.update_notify_last');
 			if (Update::versionInUpdate($last_check_version, AutoUpdate::getFromResult('version'))) {
-				$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') == 'testing' ? 'testing ' : ''), AutoUpdate::getFromResult('version'), Froxlor::VERSION]);
+				$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') != 'stable' ? Settings::Get('system.update_channel').' ' : ''), AutoUpdate::getFromResult('version'), Froxlor::VERSION]);
 				$mail = new Mailer(true);
 				$mail->Body = $text;
 				$mail->Subject = "[froxlor] " . lng('update.notify_subject');

lib/Froxlor/Cron/Dns/DnsBase.php

@@ -244,7 +244,7 @@ abstract class DnsBase
 				'zonefile' => '',
 				'froxlorhost' => '1'
 			];
-			$domains['none'] = $hostname_arr;
+			$domains[0] = $hostname_arr;
 		}
 
 		if (empty($domains)) {

lib/Froxlor/Cron/Http/Apache.php

@@ -515,13 +515,7 @@ class Apache extends HttpConfigBase
 	 */
 	private function createStandardDirectoryEntry()
 	{
-		$vhosts_folder = '';
-		if (is_dir(Settings::Get('system.apacheconf_vhost'))) {
-			$vhosts_folder = FileDir::makeCorrectDir(Settings::Get('system.apacheconf_vhost'));
-		} else {
-			$vhosts_folder = FileDir::makeCorrectDir(dirname(Settings::Get('system.apacheconf_vhost')));
-		}
-		$vhosts_filename = FileDir::makeCorrectFile($vhosts_folder . '/05_froxlor_dirfix_nofcgid.conf');
+		$vhosts_filename = $this->getCustomVhostFilename('05_froxlor_dirfix_nofcgid.conf');
 
 		if (!isset($this->virtualhosts_data[$vhosts_filename])) {
 			$this->virtualhosts_data[$vhosts_filename] = '';
@@ -545,7 +539,7 @@ class Apache extends HttpConfigBase
 		}
 		$this->virtualhosts_data[$vhosts_filename] .= '  </Directory>' . "\n";
 
-		$ocsp_cache_filename = FileDir::makeCorrectFile($vhosts_folder . '/03_froxlor_ocsp_cache.conf');
+		$ocsp_cache_filename = $this->getCustomVhostFilename('03_froxlor_ocsp_cache.conf');
 		if (Settings::Get('system.use_ssl') == '1' && Settings::Get('system.apache24') == 1) {
 			$this->virtualhosts_data[$ocsp_cache_filename] = 'SSLStaplingCache ' . Settings::Get('system.apache24_ocsp_cache_path') . "\n";
 		} else {
@@ -562,14 +556,7 @@ class Apache extends HttpConfigBase
 	private function createStandardErrorHandler()
 	{
 		if (Settings::Get('defaultwebsrverrhandler.enabled') == '1' && (Settings::Get('defaultwebsrverrhandler.err401') != '' || Settings::Get('defaultwebsrverrhandler.err403') != '' || Settings::Get('defaultwebsrverrhandler.err404') != '' || Settings::Get('defaultwebsrverrhandler.err500') != '')) {
-			$vhosts_folder = '';
-			if (is_dir(Settings::Get('system.apacheconf_vhost'))) {
-				$vhosts_folder = FileDir::makeCorrectDir(Settings::Get('system.apacheconf_vhost'));
-			} else {
-				$vhosts_folder = FileDir::makeCorrectDir(dirname(Settings::Get('system.apacheconf_vhost')));
-			}
-
-			$vhosts_filename = FileDir::makeCorrectFile($vhosts_folder . '/05_froxlor_default_errorhandler.conf');
+			$vhosts_filename = $this->getCustomVhostFilename('05_froxlor_default_errorhandler.conf');
 
 			if (!isset($this->virtualhosts_data[$vhosts_filename])) {
 				$this->virtualhosts_data[$vhosts_filename] = '';

lib/Froxlor/Cron/Http/HttpConfigBase.php

@@ -202,4 +202,13 @@ class HttpConfigBase
 		}
 		return FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/' . $filename);
 	}
+
+	protected function getCustomVhostFilename(string $name)
+	{
+		$vhosts_folder = FileDir::makeCorrectDir(dirname(Settings::Get('system.apacheconf_vhost')));
+		if (is_dir(Settings::Get('system.apacheconf_vhost'))) {
+			$vhosts_folder = FileDir::makeCorrectDir(Settings::Get('system.apacheconf_vhost'));
+		}
+		return FileDir::makeCorrectFile($vhosts_folder . '/' . $name);
+	}
 }

lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php

@@ -26,6 +26,7 @@
 namespace Froxlor\Cron\Http\LetsEncrypt;
 
 use Froxlor\Cron\FroxlorCron;
+use Froxlor\Cron\TaskId;
 use Froxlor\Database\Database;
 use Froxlor\Domain\Domain;
 use Froxlor\FileDir;
@@ -83,7 +84,7 @@ class AcmeSh extends FroxlorCron
 			$renew_domains = self::renewDomains(true);
 			if ($issue_froxlor || !empty($issue_domains) || !empty($renew_froxlor) || $renew_domains) {
 				// insert task to generate certificates and vhost-configs
-				Cronjob::inserttask(1);
+				Cronjob::inserttask(TaskId::REBUILD_VHOST);
 			}
 			return 0;
 		}
@@ -203,7 +204,7 @@ class AcmeSh extends FroxlorCron
 		// This is easiest done by just creating a new task ;)
 		if ($changedetected) {
 			if (self::$no_inserttask == false) {
-				Cronjob::inserttask(1);
+				Cronjob::inserttask(TaskId::REBUILD_VHOST);
 			}
 			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Let's Encrypt certificates have been updated");
 		} else {

lib/Froxlor/Cron/Http/Nginx.php

@@ -1161,14 +1161,7 @@ class Nginx extends HttpConfigBase
 	private function createStandardErrorHandler()
 	{
 		if (Settings::Get('defaultwebsrverrhandler.enabled') == '1' && (Settings::Get('defaultwebsrverrhandler.err401') != '' || Settings::Get('defaultwebsrverrhandler.err403') != '' || Settings::Get('defaultwebsrverrhandler.err404') != '' || Settings::Get('defaultwebsrverrhandler.err500') != '')) {
-			$vhosts_folder = '';
-			if (is_dir(Settings::Get('system.apacheconf_vhost'))) {
-				$vhosts_folder = FileDir::makeCorrectDir(Settings::Get('system.apacheconf_vhost'));
-			} else {
-				$vhosts_folder = FileDir::makeCorrectDir(dirname(Settings::Get('system.apacheconf_vhost')));
-			}
-
-			$vhosts_filename = FileDir::makeCorrectFile($vhosts_folder . '/05_froxlor_default_errorhandler.conf');
+			$vhosts_filename = $this->getCustomVhostFilename('05_froxlor_default_errorhandler.conf');
 
 			if (!isset($this->nginx_data[$vhosts_filename])) {
 				$this->nginx_data[$vhosts_filename] = '';

lib/Froxlor/Cron/Traffic/TrafficCron.php

@@ -47,7 +47,7 @@ class TrafficCron extends FroxlorCron
 
 	public static function run()
 	{
-		self::runFork([self::class, 'handle']);
+		self::runFork([self::class, 'handle'], [true]);
 	}
 
 	public static function handle()

lib/Froxlor/CurrentUser.php

@@ -187,7 +187,8 @@ class CurrentUser
 		if (self::getField('type_2fa') == 1) {
 			// generate code
 			$tfa = new FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname'));
-			$code = $tfa->getCode($tfa->createSecret());
+			$secret = $tfa->createSecret();
+			$code = $tfa->getCode($secret);
 			// set code for user
 			$table = TABLE_PANEL_CUSTOMERS;
 			$uid = 'customerid';
@@ -197,7 +198,7 @@ class CurrentUser
 			}
 			$stmt = Database::prepare("UPDATE $table SET `data_2fa` = :d2fa WHERE `$uid` = :uid");
 			Database::pexecute($stmt, [
-				"d2fa" => $code,
+				"d2fa" => $secret,
 				"uid" => self::getField($uid)
 			]);
 			// build up & send email

lib/Froxlor/Domain/Domain.php

@@ -256,7 +256,7 @@ class Domain
 		]);
 		$result = [];
 		while ($entry = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-			$result = $entry['id'];
+			$result[] = $entry['id'];
 		}
 		return $result;
 	}
@@ -324,8 +324,11 @@ class Domain
 		FroxlorLogger $log
 	) {
 		if ($aliasDestinationDomainID > 0) {
-			$log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO,
-				"LetsEncrypt CSR triggered for domain ID " . $aliasDestinationDomainID);
+			$log->logAction(
+				FroxlorLogger::ADM_ACTION,
+				LOG_INFO,
+				"LetsEncrypt CSR triggered for domain ID " . $aliasDestinationDomainID
+			);
 			$upd_stmt = Database::prepare("UPDATE
 					`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
 				SET
@@ -349,15 +352,20 @@ class Domain
 		$acmesh = AcmeSh::getAcmeSh();
 		if (file_exists($acmesh)) {
 			$certificate_folder = AcmeSh::getWorkingDirFromEnv($domainname);
-			if (file_exists($certificate_folder)) {
+			$certificate_ecc_folder = AcmeSh::getWorkingDirFromEnv($domainname, true);
+			if (file_exists($certificate_folder) || file_exists($certificate_ecc_folder)) {
 				$params = " --remove -d " . $domainname;
-				if (Settings::Get('system.leecc') > 0) {
+				if (file_exists($certificate_ecc_folder)) {
 					$params .= " --ecc";
 				}
 				// run remove command
 				FileDir::safe_exec($acmesh . $params);
 				// remove certificates directory
+				if (file_exists($certificate_folder)) {
 					FileDir::safe_exec('rm -rf ' . $certificate_folder);
+				} elseif (file_exists($certificate_ecc_folder)) {
+					FileDir::safe_exec('rm -rf ' . $certificate_ecc_folder);
+				}
 			}
 		}
 		return true;

lib/Froxlor/FileDir.php

@@ -257,6 +257,41 @@ class FileDir
 		return $return;
 	}
 
+	/**
+	 * Read unconfigured-domain template from database if exists or fallback to default
+	 *
+	 * @param string $servername
+	 *
+	 * @return string
+	 * @throws Exception
+	 */
+	public static function getUnknownDomainTemplate(string $servername = "")
+	{
+		$result_stmt = Database::prepare("
+			SELECT * FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `templategroup` = 'files' AND `varname` = 'unconfigured_html'
+		");
+		Database::pexecute($result_stmt);
+		if (Database::num_rows() > 0) {
+			$template = $result_stmt->fetch(PDO::FETCH_ASSOC);
+			$replace_arr = [
+				'SERVERNAME' => $servername,
+			];
+			$tpl_content = PhpHelper::replaceVariables($template['value'], $replace_arr);
+			$tpl_ext = $template['file_extension'];
+		} else {
+			$tpl_ext = 'html';
+			$unconfiguredPath = FileDir::makeCorrectFile(Froxlor::getInstallDir() . '/templates/misc/unconfigured/index.html');
+			if (file_exists($unconfiguredPath)) {
+				$tpl_content = file_get_contents($unconfiguredPath);
+			} else {
+				$tpl_content = lng('admin.templates.unconfigured_content_fallback');
+			}
+		}
+		$redirect_file = FileDir::makeCorrectFile(Froxlor::getInstallDir().'/notice.'.$tpl_ext);
+		file_put_contents($redirect_file, $tpl_content);
+		return basename($redirect_file);
+	}
+
 	/**
 	 * store the default index-file in a given destination folder
 	 *
@@ -277,7 +312,7 @@ class FileDir
 	{
 		if ($force || (int)Settings::Get('system.store_index_file_subs') == 1) {
 			$result_stmt = Database::prepare("
-			SELECT `t`.`value`, `c`.`email` AS `customer_email`, `a`.`email` AS `admin_email`, `c`.`loginname` AS `customer_login`, `a`.`loginname` AS `admin_login`
+			SELECT `t`.`value`, `t`.`file_extension`, `c`.`email` AS `customer_email`, `a`.`email` AS `admin_email`, `c`.`loginname` AS `customer_login`, `a`.`loginname` AS `admin_login`
 			FROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c` INNER JOIN `" . TABLE_PANEL_ADMINS . "` AS `a`
 			ON `c`.`adminid` = `a`.`adminid`
 			INNER JOIN `" . TABLE_PANEL_TEMPLATES . "` AS `t`
@@ -300,7 +335,7 @@ class FileDir
 
 				// replaceVariables
 				$htmlcontent = PhpHelper::replaceVariables($template['value'], $replace_arr);
-				$indexhtmlpath = self::makeCorrectFile($destination . '/index.' . Settings::Get('system.index_file_extension'));
+				$indexhtmlpath = self::makeCorrectFile($destination . '/index.' . $template['file_extension']);
 				$index_html_handler = fopen($indexhtmlpath, 'w');
 				fwrite($index_html_handler, $htmlcontent);
 				fclose($index_html_handler);
@@ -308,7 +343,7 @@ class FileDir
 					$logger->logAction(
 						FroxlorLogger::CRON_ACTION,
 						LOG_NOTICE,
-						'Creating \'index.' . Settings::Get('system.index_file_extension') . '\' for Customer \'' . $template['customer_login'] . '\' based on template in directory ' . escapeshellarg($indexhtmlpath)
+						'Creating \'index.' . $template['file_extension'] . '\' for Customer \'' . $template['customer_login'] . '\' based on template in directory ' . escapeshellarg($indexhtmlpath)
 					);
 				}
 			} else {

lib/Froxlor/Froxlor.php

@@ -31,14 +31,16 @@ final class Froxlor
 {
 
 	// Main version variable
-	const VERSION = '2.1.0-beta2';
+	const VERSION = '2.1.3';
 
 	// Database version (YYYYMMDDC where C is a daily counter)
-	const DBVERSION = '202305240';
+	const DBVERSION = '202312120';
 
 	// Distribution branding-tag (used for Debian etc.)
 	const BRANDING = '';
 
+	const DOCS_URL = 'https://docs.froxlor.org/v2.1/';
+
 	/**
 	 * return path to where froxlor is installed, e.g.
 	 * /var/www/froxlor/

lib/Froxlor/FroxlorLogger.php

@@ -104,18 +104,16 @@ class FroxlorLogger
 						self::$ml->pushHandler(new SyslogHandler('froxlor', LOG_USER, Logger::DEBUG));
 						break;
 					case 'file':
+						$setings_logfile = Settings::Get('logger.logfile');
+						if (empty($setings_logfile)) {
+							Settings::Set('logger.logfile', 'froxlor.log');
+						}
 						$logger_logfile = FileDir::makeCorrectFile(Froxlor::getInstallDir() . '/logs/' . Settings::Get('logger.logfile'));
 						// is_writable needs an existing file to check if it's actually writable
-						@touch($logger_logfile);
-						if (empty($logger_logfile) || !is_writable($logger_logfile)) {
-							Settings::Set('logger.logfile', 'froxlor.log');
-							$logger_logfile = FileDir::makeCorrectFile(Froxlor::getInstallDir() . '/logs/froxlor.log');
-							@touch($logger_logfile);
-							if (empty($logger_logfile) || !is_writable($logger_logfile)) {
+						if (!@touch($logger_logfile) || !is_writable($logger_logfile)) {
 							// not writable in our own directory? Skip
 							break;
 						}
-						}
 						self::$ml->pushHandler(new StreamHandler($logger_logfile, Logger::DEBUG));
 						break;
 					case 'mysql':

lib/Froxlor/Idna/IdnaWrapper.php

@@ -64,7 +64,7 @@ class IdnaWrapper
 	 */
 	public function encode(string $to_encode): string
 	{
-		$to_encode = $this->isUtf8($to_encode) ? $to_encode : utf8_encode($to_encode);
+		$to_encode = $this->isUtf8($to_encode) ? $to_encode : mb_convert_encoding($to_encode, 'UTF-8');
 		try {
 			return $this->idna_converter->encode($to_encode);
 		} catch (InvalidArgumentException $iae) {

lib/Froxlor/Install/AutoUpdate.php

@@ -68,6 +68,12 @@ class AutoUpdate
 				$channel = '';
 				if (Settings::Get('system.update_channel') == 'testing') {
 					$channel = '/testing';
+				} elseif (Settings::Get('system.update_channel') == 'nightly') {
+					if (empty(Froxlor::BRANDING)) {
+						$channel = '/nightly.0000000';
+					} else {
+						$channel = '/' . substr(Froxlor::BRANDING, 1);
+					}
 				}
 				$latestversion = HttpClient::urlGet(self::UPDATE_URI . Froxlor::VERSION . $channel, true, 3);
 			} catch (Exception $e) {
@@ -81,7 +87,7 @@ class AutoUpdate
 				if (!empty(self::$latestversion['error']) && self::$latestversion['error']) {
 					$result = -1;
 					self::$lasterror = self::$latestversion['message'];
-				} else if (isset(self::$latestversion['has_latest']) && self::$latestversion['has_latest'] == false) {
+				} elseif (isset(self::$latestversion['has_latest']) && self::$latestversion['has_latest'] == false) {
 					$result = 1;
 				}
 			}

lib/Froxlor/Install/Install.php

@@ -26,13 +26,14 @@
 namespace Froxlor\Install;
 
 use Exception;
-use PDO;
+use Froxlor\Config\ConfigParser;
+use Froxlor\Froxlor;
 use Froxlor\Install\Install\Core;
+use Froxlor\System\IPTools;
 use Froxlor\UI\Panel\UI;
 use Froxlor\UI\Request;
-use Froxlor\Config\ConfigParser;
 use Froxlor\Validate\Validate;
-use Froxlor\System\IPTools;
+use PDO;
 
 class Install
 {
@@ -41,25 +42,27 @@ class Install
 	public $maxSteps;
 	public $phpVersion;
 	public $formfield;
-	public string $requiredVersion = '7.4.0';
-	public array $requiredExtensions = ['session', 'ctype', 'xml', 'filter', 'posix', 'mbstring', 'curl', 'gmp', 'json', 'gd'];
-	public array $suggestedExtensions = ['bcmath', 'zip', 'gnupg'];
 	public array $suggestions = [];
 	public array $criticals = [];
 	public array $loadedExtensions;
 	public array $supportedOS = [];
 	public array $webserverBackend = [
 		'php-fpm' => 'PHP-FPM',
-		'fcgid' => 'FCGID',
+		'fcgid' => 'FCGID (apache2 only)',
 		'mod_php' => 'mod_php (not recommended)',
 	];
 
 	public function __construct(array $cliData = [])
 	{
+		// set actual php version and extensions
+		$this->phpVersion = phpversion();
+		$this->loadedExtensions = get_loaded_extensions();
+
 		// get all supported OS
 		// show list of available distro's
 		$distros = glob(dirname(__DIR__, 3) . '/lib/configfiles/*.xml');
 		$distributions_select[''] = '-';
+		if (in_array('xml', $this->loadedExtensions)) {
 			// read in all the distros
 			foreach ($distros as $distribution) {
 				// get configparser object
@@ -69,6 +72,7 @@ class Install
 			}
 			// sort by distribution name
 			asort($this->supportedOS);
+		}
 
 		// guess distribution and webserver to preselect in formfield
 		$webserverBackend = $this->webserverBackend;
@@ -84,10 +88,6 @@ class Install
 		$this->extendedView = $cliData['extended'] ?? Request::any('extended', 0);
 		$this->maxSteps = count($this->formfield['install']['sections']);
 
-		// set actual php version and extensions
-		$this->phpVersion = phpversion();
-		$this->loadedExtensions = get_loaded_extensions();
-
 		if (empty($cliData)) {
 			// set global variables
 			UI::twig()->addGlobal('install_mode', true);
@@ -99,7 +99,7 @@ class Install
 			}
 
 			// check for url manipulation or wrong step
-			if ((isset($_SESSION['installation']['stepCompleted']) && ($this->currentStep + 1) > ($_SESSION['installation']['stepCompleted'] ?? 0))
+			if ((isset($_SESSION['installation']['stepCompleted']) && ($this->currentStep + 1) > $_SESSION['installation']['stepCompleted'])
 				|| (!isset($_SESSION['installation']['stepCompleted']) && $this->currentStep > 0)
 			) {
 				$this->currentStep = isset($_SESSION['installation']['stepCompleted']) ? $_SESSION['installation']['stepCompleted'] + 1 : 1;
@@ -136,6 +136,7 @@ class Install
 			'section' => $this->formfield['install']['sections']['step' . $this->currentStep] ?? [],
 			'error' => $error ?? null,
 			'extended' => $this->extendedView,
+			'csrf_token' => Froxlor::genSessionId(20),
 		]);
 
 		// output view
@@ -151,16 +152,14 @@ class Install
 		if ($this->currentStep <= $this->maxSteps) {
 			// Validate user data
 			$validatedData = $this->validateRequest($formfield['sections']['step' . $this->currentStep]['fields']);
-			// Check database connection (
 			if ($this->currentStep == 1) {
+				// Check database connection
 				$this->checkDatabase($validatedData);
-			}
+			} elseif ($this->currentStep == 2) {
 				// Check validity of admin user data
-			elseif ($this->currentStep == 2) {
 				$this->checkAdminUser($validatedData);
-			}
+			} elseif ($this->currentStep == 3) {
 				// Check validity of system data
-			elseif ($this->currentStep == 3) {
 				$this->checkSystem($validatedData);
 			}
 			$validatedData['stepCompleted'] = ($this->currentStep < $this->maxSteps) ? $this->currentStep : ($this->maxSteps - 1);
@@ -192,7 +191,7 @@ class Install
 	private function checkInstallStateFinished(): bool
 	{
 		$core = new Core($_SESSION['installation']);
-		if (isset($_SESSION['installation']['manual_config']) && (int) $_SESSION['installation']['manual_config'] == 1) {
+		if (isset($_SESSION['installation']['manual_config']) && (int)$_SESSION['installation']['manual_config'] == 1) {
 			$core->createUserdataConf();
 			return true;
 		}
@@ -200,7 +199,7 @@ class Install
 		$stmt = $pdo->prepare("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'panel' AND `varname` = 'is_configured'");
 		$stmt->execute();
 		$result = $stmt->fetch(PDO::FETCH_ASSOC);
-		if ($result && (int) $result['value'] == 1) {
+		if ($result && (int)$result['value'] == 1) {
 			$core->createUserdataConf();
 			return true;
 		}
@@ -223,7 +222,7 @@ class Install
 		}
 
 		// check for required extensions
-		foreach ($this->requiredExtensions as $requiredExtension) {
+		foreach (Requirements::REQUIRED_EXTENSIONS as $requiredExtension) {
 			if (in_array($requiredExtension, $this->loadedExtensions)) {
 				continue;
 			}
@@ -231,7 +230,7 @@ class Install
 		}
 
 		// check for suggested extensions
-		foreach ($this->suggestedExtensions as $suggestedExtension) {
+		foreach (Requirements::SUGGESTED_EXTENSIONS as $suggestedExtension) {
 			if (in_array($suggestedExtension, $this->loadedExtensions)) {
 				continue;
 			}
@@ -250,11 +249,11 @@ class Install
 	 */
 	private function getInformationText(): string
 	{
-		if (version_compare($this->requiredVersion, PHP_VERSION, "<")) {
+		if (version_compare(Requirements::REQUIRED_VERSION, PHP_VERSION, "<")) {
 			$text = lng('install.phpinfosuccess', [$this->phpVersion]);
 		} else {
-			$text = lng('install.phpinfowarn', [$this->requiredVersion]);
-			$this->criticals[] = lng('install.phpinfoupdate', [$this->phpVersion, $this->requiredVersion]);
+			$text = lng('install.phpinfowarn', [Requirements::REQUIRED_VERSION]);
+			$this->criticals[] = lng('install.phpinfoupdate', [$this->phpVersion, Requirements::REQUIRED_VERSION]);
 		}
 		return $text;
 	}
@@ -302,9 +301,9 @@ class Install
 			throw new Exception(lng('install.errors.nov4andnov6ip'));
 		} elseif (!empty($serveripv4) && (!Validate::validate_ip2($serveripv4, true, '', false, true) || IPTools::is_ipv6($serveripv4))) {
 			throw new Exception(lng('error.invalidip', [$serveripv4]));
-		} elseif (!empty($serveripv6) && (!Validate::validate_ip2($serveripv6, true, '', false, true) || IPTools::is_ipv6($serveripv6) == false)) {
+		} elseif (!empty($serveripv6) && (!Validate::validate_ip2($serveripv6, true, '', false, true) || !IPTools::is_ipv6($serveripv6))) {
 			throw new Exception(lng('error.invalidip', [$serveripv6]));
-		} elseif (!Validate::validateDomain($servername) && !Validate::validateLocalHostname($servername)) {
+		} elseif (!Validate::validateDomain($servername)) {
 			throw new Exception(lng('install.errors.servernameneedstobevalid'));
 		} elseif (posix_getpwnam($httpuser) === false) {
 			throw new Exception(lng('install.errors.websrvuserdoesnotexist'));
@@ -410,7 +409,7 @@ class Install
 			} else {
 				$osrf = explode("\n", file_get_contents('/etc/os-release'));
 				foreach ($osrf as $line) {
-					$osrfline = explode("\n", $line);
+					$osrfline = explode("=", $line);
 					if ($osrfline[0] == 'VERSION_CODENAME') {
 						$os_dist['VERSION_CODENAME'] = $osrfline[1];
 					} else if ($osrfline[0] == 'ID') {

lib/Froxlor/Install/Requirements.php

@@ -0,0 +1,10 @@
+<?php
+
+namespace Froxlor\Install;
+
+class Requirements
+{
+	const REQUIRED_VERSION = '7.4.0';
+	const REQUIRED_EXTENSIONS = ['session', 'ctype', 'xml', 'filter', 'posix', 'mbstring', 'pdo_mysql', 'curl', 'gmp', 'json', 'gd'];
+	const SUGGESTED_EXTENSIONS = ['bcmath', 'zip', 'gnupg'];
+}

lib/Froxlor/PhpHelper.php

@@ -220,8 +220,11 @@ class PhpHelper
 			if (is_dir($data_dirname)) {
 				$data_dirhandle = opendir($data_dirname);
 				while (false !== ($data_filename = readdir($data_dirhandle))) {
-					if ($data_filename != '.' && $data_filename != '..' && $data_filename != '' && substr($data_filename,
-							-4) == '.php') {
+					if ($data_filename != '.'
+						&& $data_filename != '..'
+						&& $data_filename != ''
+						&& substr($data_filename, -4) == '.php'
+					) {
 						$data_files[] = $data_dirname . $data_filename;
 					}
 				}
@@ -458,6 +461,10 @@ class PhpHelper
 			'directory_password',
 			'ftp_password',
 			'mysql_password',
+			'mysql_root_pass',
+			'mysql_unprivileged_pass',
+			'admin_pass',
+			'admin_pass_confirm',
 		];
 		if (!empty($global)) {
 			$tmp = $global;
@@ -557,4 +564,17 @@ class PhpHelper
 		}
 		return $tab . $str;
 	}
+
+	public static function array_merge_recursive_distinct(array &$array1, array &$array2)
+	{
+		$merged = $array1;
+		foreach ($array2 as $key => &$value) {
+			if (is_array($value) && isset($merged[$key]) && is_array($merged[$key])) {
+				$merged[$key] = self::array_merge_recursive_distinct($merged[$key], $value);
+			} else {
+				$merged[$key] = $value;
+			}
+		}
+		return $merged;
+	}
 }

lib/Froxlor/SImExporter.php

@@ -65,7 +65,7 @@ class SImExporter
 	public static function export()
 	{
 		$settings_definitions = [];
-		foreach (PhpHelper::loadConfigArrayDir('./actions/admin/settings/')['groups'] as $group) {
+		foreach (PhpHelper::loadConfigArrayDir(Froxlor::getInstallDir() . '/actions/admin/settings/')['groups'] as $group) {
 			foreach ($group['fields'] as $field) {
 				$settings_definitions[$field['settinggroup']][$field['varname']] = $field;
 			}

lib/Froxlor/UI/Form.php

@@ -193,10 +193,14 @@ class Form
 				if (!$do_show) {
 					$fielddata['note'] = lng('serversettings.option_requires_otp');
 					if (!$otp_enabled_system) {
+						$fielddata['disabled'] = true;
 						$fielddata['note'] .= '<br>' . lng('2fa.2fa_not_activated');
 					} elseif (!$otp_enabled_user) {
+						$fielddata['disabled'] = true;
 						$fielddata['note'] .= '<br>' . lng('2fa.2fa_not_activated_for_user');
 					}
+					// show field in any case
+					$do_show = true;
 				}
 			}
 
@@ -213,7 +217,7 @@ class Form
 	{
 		$returnvalue = [];
 		if (is_array($fielddata) && isset($fielddata['type']) && $fielddata['type'] == 'select') {
-			if ((!isset($fielddata['select_var']) || !is_array($fielddata['select_var']) || empty($fielddata['select_var'])) && (isset($fielddata['option_options_method']))) {
+			if ((!is_array($fielddata['select_var']) || empty($fielddata['select_var'])) && (isset($fielddata['option_options_method']))) {
 				$returnvalue['select_var'] = call_user_func($fielddata['option_options_method']);
 			}
 		}
@@ -232,8 +236,8 @@ class Form
 					if (\Froxlor\Validate\Form::validateFieldDefinition($groupdetails)) {
 						// Prefetch form fields
 						foreach ($groupdetails['fields'] as $fieldname => $fielddetails) {
-							if (!$only_enabledisable || ($only_enabledisable && isset($fielddetails['overview_option']))) {
-								$groupdetails['fields'][$fieldname] = self::arrayMergePrefix($fielddetails, $fielddetails['type'], self::prefetchFormFieldData($fieldname, $fielddetails));
+							if (!$only_enabledisable || isset($fielddetails['overview_option'])) {
+								$groupdetails['fields'][$fieldname] = array_merge($fielddetails, self::prefetchFormFieldData($fieldname, $fielddetails));
 								$form['groups'][$groupname]['fields'][$fieldname] = $groupdetails['fields'][$fieldname];
 							}
 						}
@@ -343,7 +347,7 @@ class Form
 					if (\Froxlor\Validate\Form::validateFieldDefinition($groupdetails)) {
 						// Save fields
 						foreach ($groupdetails['fields'] as $fieldname => $fielddetails) {
-							if (!$only_enabledisable || ($only_enabledisable && isset($fielddetails['overview_option']))) {
+							if (!$only_enabledisable || (isset($fielddetails['overview_option']))) {
 								if (isset($changed_fields[$fieldname])) {
 									if (($saved_field = self::saveFormField($fieldname, $fielddetails, self::manipulateFormFieldData($fieldname, $fielddetails, $changed_fields[$fieldname]))) !== false) {
 										$saved_fields = array_merge($saved_fields, $saved_field);
@@ -360,24 +364,7 @@ class Form
 			// Save form
 			return self::saveForm($form, $saved_fields);
 		}
-	}
-
-	private static function arrayMergePrefix($array1, $key_prefix, $array2)
-	{
-		if (is_array($array1) && is_array($array2)) {
-			if ($key_prefix != '') {
-				foreach ($array2 as $key => $value) {
-					$array1[$key_prefix . '_' . $key] = $value;
-					unset($array2[$key]);
-				}
-				unset($array2);
-				return $array1;
-			} else {
-				return array_merge($array1, $array2);
-			}
-		} else {
-			return $array1;
-		}
+		return false;
 	}
 
 	public static function getFormFieldData($fieldname, $fielddata, &$input)

lib/Froxlor/UI/Panel/UI.php

@@ -142,8 +142,6 @@ class UI
 		header("X-Content-Security-Policy: " . $csp_content);
 		header("X-WebKit-CSP: " . $csp_content);
 
-		header("X-XSS-Protection: 1; mode=block");
-
 		// Don't allow to load Froxlor in an iframe to prevent i.e. clickjacking
 		header("X-Frame-Options: DENY");
 
@@ -323,6 +321,10 @@ class UI
 				}
 			}
 		}
+		// check for template-variant
+		if (preg_match("/([a-z0-9.\-]+)_([a-z0-9.\-]+)/i", $theme, $matches)) {
+			$theme = $matches[1];
+		}
 		if (!file_exists(Froxlor::getInstallDir() . '/templates/' . $theme)) {
 			PhpHelper::phpErrHandler(E_USER_WARNING, "Theme '" . $theme . "' could not be found.", __FILE__, __LINE__);
 			$theme = self::$default_theme;

lib/Froxlor/Validate/Form/Data.php

@@ -35,6 +35,11 @@ class Data
 		return self::validateFormFieldString($fieldname, $fielddata, $newfieldvalue);
 	}
 
+	public static function validateFormFieldPassword($fieldname, $fielddata, $newfieldvalue)
+	{
+		return self::validateFormFieldString($fieldname, $fielddata, $newfieldvalue);
+	}
+
 	public static function validateFormFieldString($fieldname, $fielddata, $newfieldvalue)
 	{
 		if (isset($fielddata['string_delimiter']) && $fielddata['string_delimiter'] != '') {
@@ -210,75 +215,6 @@ class Data
 		}
 	}
 
-	public static function validateFormFieldHiddenString($fieldname, $fielddata, $newfieldvalue)
-	{
-		if (isset($fielddata['string_delimiter']) && $fielddata['string_delimiter'] != '') {
-			$newfieldvalues = explode($fielddata['string_delimiter'], $newfieldvalue);
-			unset($fielddata['string_delimiter']);
-
-			$returnvalue = true;
-			foreach ($newfieldvalues as $single_newfieldvalue) {
-				/**
-				 * don't use tabs in value-fields, #81
-				 */
-				$single_newfieldvalue = str_replace("\t", " ", $single_newfieldvalue);
-				$single_returnvalue = Data::validateFormFieldString($fieldname, $fielddata, $single_newfieldvalue);
-				if ($single_returnvalue !== true) {
-					$returnvalue = $single_returnvalue;
-					break;
-				}
-			}
-		} else {
-			$returnvalue = false;
-
-			/**
-			 * don't use tabs in value-fields, #81
-			 */
-			$newfieldvalue = str_replace("\t", " ", $newfieldvalue);
-
-			if (isset($fielddata['string_type']) && $fielddata['string_type'] == 'mail') {
-				$returnvalue = Validate::validateEmail($newfieldvalue);
-			} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'url') {
-				$returnvalue = Validate::validateUrl($newfieldvalue);
-			} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'dir') {
-				// add trailing slash to validate path if needed
-				// refs #331
-				if (substr($newfieldvalue, -1) != '/') {
-					$newfieldvalue .= '/';
-				}
-				$returnvalue = ($newfieldvalue == FileDir::makeCorrectDir($newfieldvalue));
-			} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'file') {
-				$returnvalue = ($newfieldvalue == FileDir::makeCorrectFile($newfieldvalue));
-			} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'filedir') {
-				$returnvalue = (($newfieldvalue == FileDir::makeCorrectDir($newfieldvalue)) || ($newfieldvalue == FileDir::makeCorrectFile($newfieldvalue)));
-			} elseif (preg_match('/^[^\r\n\t\f\0]*$/D', $newfieldvalue)) {
-				$returnvalue = true;
-			}
-
-			if (isset($fielddata['string_regexp']) && $fielddata['string_regexp'] != '') {
-				if (preg_match($fielddata['string_regexp'], $newfieldvalue)) {
-					$returnvalue = true;
-				} else {
-					$returnvalue = false;
-				}
-			}
-
-			if (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === true && $newfieldvalue === '') {
-				$returnvalue = true;
-			} elseif (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === false && $newfieldvalue === '') {
-				$returnvalue = 'stringmustntbeempty';
-			}
-		}
-
-		if ($returnvalue === true) {
-			return true;
-		} elseif ($returnvalue === false) {
-			return 'stringformaterror';
-		} else {
-			return $returnvalue;
-		}
-	}
-
 	public static function validateFormFieldNumber($fieldname, $fielddata, $newfieldvalue)
 	{
 		if (isset($fielddata['min']) && (int)$newfieldvalue < (int)$fielddata['min']) {
@@ -323,10 +259,16 @@ class Data
 			if (preg_match($fielddata['string_regexp'], $newfieldvalue)) {
 				$returnvalue = true;
 			}
-		} else if (preg_match('/^[^\0]*$/', $newfieldvalue)) {
+		} elseif (preg_match('/^[^\0]*$/', $newfieldvalue)) {
 			$returnvalue = true;
 		}
 
 		return $returnvalue;
 	}
+
+	public static function validateFormFieldImage($fieldname, $fielddata, $newfieldvalue)
+	{
+		// validation is handled in \Froxlor\Settings\Store::storeSettingImage()
+		return true;
+	}
 }

lib/Froxlor/Validate/Validate.php

@@ -176,7 +176,7 @@ class Validate
 		}
 
 		// special case where localhost ip is allowed (mysql-access-hosts for example)
-		if ($allow_localhost && $ip == '127.0.0.1') {
+		if ($allow_localhost && ($ip == '127.0.0.1' || $ip == '::1')) {
 			return $ip . $cidr;
 		}
 
@@ -224,7 +224,7 @@ class Validate
 	 * Check if the submitted string is a valid domainname
 	 *
 	 * @param string $domainname The domainname which should be checked.
-	 * @param bool $allow_underscore optional if true, allowes the underscore character in a domain label (DKIM etc.)
+	 * @param bool $allow_underscore optional if true, allows the underscore character in a domain label (DKIM etc.)
 	 *
 	 * @return string|boolean the domain-name if the domain is valid, false otherwise
 	 */

lib/config.example.inc.php

@@ -9,11 +9,18 @@ return [
 	 * recommended value for debian/ubuntu package users is false to rely on apt and not have version mixup.
 	 * This is also useful for providers that manage the servers but give admin access to froxlor to handle
 	 * updates the way the providers does it (e.g. automation, etc.)
+	 *
+	 * Default: false
 	 */
 	'enable_webupdate' => false,
 
 	/**
-	 * @todo description
+	 * settings that have a major impact on the system or which values are used to be executed with high
+	 * privileges on the system require the admin-user to have set up and enabled OTP for the corresponding
+	 * account to change these values.
+	 * To disable this extra security validation, set the value of this to true
+	 *
+	 * Default: false
 	 */
 	'disable_otp_security_check' => false,
 ];

lib/configfiles/bookworm.xml

@@ -92,7 +92,7 @@ Alias "/.well-known/acme-challenge" "{{settings.system.letsencryptchallengepath}
 					<command><![CDATA[{{settings.system.apachereload_command}}]]></command>
 				</daemon>
 				<!-- HTTP Lighttpd -->
-				<daemon name="lighttpd" title="LigHTTPd">
+				<daemon name="lighttpd" title="LigHTTPd (deprecated)">
 					<install><![CDATA[apt-get install lighttpd]]></install>
 					<file name="/etc/lighttpd/lighttpd.conf">
 						<content><![CDATA[
@@ -3383,6 +3383,11 @@ aliases:     files
 						</visibility>
 						<command><![CDATA[a2dismod php8.2]]></command>
 					</commands>
+					<commands index="5">
+						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
+						</visibility>
+						<command><![CDATA[a2disconf php8.2-fpm]]></command>
+					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
 					<command><![CDATA[php {{const.install_dir}}bin/froxlor-cli froxlor:cron --force]]></command>

lib/configfiles/bullseye.xml

@@ -92,7 +92,7 @@ Alias "/.well-known/acme-challenge" "{{settings.system.letsencryptchallengepath}
 					<command><![CDATA[{{settings.system.apachereload_command}}]]></command>
 				</daemon>
 				<!-- HTTP Lighttpd -->
-				<daemon name="lighttpd" title="LigHTTPd">
+				<daemon name="lighttpd" title="LigHTTPd (deprecated)">
 					<install><![CDATA[apt-get install lighttpd]]></install>
 					<file name="/etc/lighttpd/lighttpd.conf">
 						<content><![CDATA[

lib/configfiles/focal.xml

@@ -91,7 +91,7 @@ Alias "/.well-known/acme-challenge" "{{settings.system.letsencryptchallengepath}
 					<command><![CDATA[{{settings.system.apachereload_command}}]]></command>
 				</daemon>
 				<!-- HTTP Lighttpd -->
-				<daemon name="lighttpd" title="LigHTTPd">
+				<daemon name="lighttpd" title="LigHTTPd (deprecated)">
 					<install><![CDATA[apt-get install lighttpd]]></install>
 					<file name="/etc/lighttpd/lighttpd.conf">
 						<content><![CDATA[

lib/configfiles/gentoo.xml

@@ -100,7 +100,7 @@ Alias "/.well-known/acme-challenge" "{{settings.system.letsencryptchallengepath}
 					<command><![CDATA[{{settings.system.apachereload_command}}]]></command>
 				</daemon>
 				<!-- HTTP Lighttpd -->
-				<daemon name="lighttpd" title="LigHTTPd">
+				<daemon name="lighttpd" title="LigHTTPd (deprecated)">
 					<install><![CDATA[emerge www-servers/lighttpd]]></install>
 					<file name="/etc/lighttpd/lighttpd.conf">
 						<content><![CDATA[

lib/configfiles/jammy.xml

@@ -91,7 +91,7 @@ Alias "/.well-known/acme-challenge" "{{settings.system.letsencryptchallengepath}
 					<command><![CDATA[{{settings.system.apachereload_command}}]]></command>
 				</daemon>
 				<!-- HTTP Lighttpd -->
-				<daemon name="lighttpd" title="LigHTTPd">
+				<daemon name="lighttpd" title="LigHTTPd (deprecated)">
 					<install><![CDATA[apt-get install lighttpd]]></install>
 					<file name="/etc/lighttpd/lighttpd.conf">
 						<content><![CDATA[
@@ -4172,6 +4172,11 @@ aliases:     files
 						</visibility>
 						<command><![CDATA[a2dismod php8.1]]></command>
 					</commands>
+					<commands index="5">
+						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
+						</visibility>
+						<command><![CDATA[a2disconf php8.1-fpm]]></command>
+					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
 					<command><![CDATA[php {{const.install_dir}}bin/froxlor-cli froxlor:cron --force]]></command>

lib/formfields/admin/templates/formfield.filetemplate_add.php

@@ -38,11 +38,20 @@ return [
 						'type' => 'select',
 						'select_var' => $free_templates
 					],
+					'file_extension' => [
+						'label' => lng('admin.templates.file_extension'),
+						'type' => 'text',
+						'string_regexp' => '/^[a-zA-Z0-9]{1,6}$/',
+						'default' => 'html',
+						'value' => 'html',
+						'mandatory' => true
+					],
 					'filecontent' => [
 						'label' => lng('admin.templates.filecontent'),
 						'type' => 'textarea',
 						'cols' => 60,
-						'rows' => 12
+						'rows' => 12,
+						'mandatory' => true
 					],
 					'filesend' => [
 						'type' => 'hidden',

lib/formfields/admin/templates/formfield.filetemplate_edit.php

@@ -39,12 +39,21 @@ return [
 						'value' => lng('admin.templates.' . $row['varname']),
 						'display' => lng('admin.templates.' . $row['varname'])
 					],
+					'file_extension' => [
+						'label' => lng('admin.templates.file_extension'),
+						'type' => 'text',
+						'string_regexp' => '/^[a-zA-Z0-9]{1,6}$/',
+						'value' => $row['file_extension'],
+						'default' => 'html',
+						'mandatory' => true
+					],
 					'filecontent' => [
 						'label' => lng('admin.templates.filecontent'),
 						'type' => 'textarea',
 						'cols' => 60,
 						'rows' => 12,
-						'value' => $row['value']
+						'value' => $row['value'],
+						'mandatory' => true
 					],
 					'filesend' => [
 						'type' => 'hidden',

lib/formfields/customer/extras/formfield.htpasswd_add.php

@@ -55,13 +55,16 @@ return [
 						'label' => lng('login.password'),
 						'type' => 'password',
 						'autocomplete' => 'off',
-						'mandatory' => true
-					],
+						'mandatory' => true,
+						'next_to' => [
 							'directory_password_suggestion' => [
-						'label' => lng('customer.generated_pwd'),
+								'next_to_prefix' => lng('customer.generated_pwd') . ':',
 								'type' => 'text',
 								'visible' => (Settings::Get('panel.password_regex') == ''),
-						'value' => Crypt::generatePassword()
+								'value' => Crypt::generatePassword(),
+								'readonly' => true
+							]
+						]
 					],
 					'directory_authname' => [
 						'label' => lng('extras.htpasswdauthname'),

lib/formfields/customer/extras/formfield.htpasswd_edit.php

@@ -49,13 +49,16 @@ return [
 					'directory_password' => [
 						'label' => lng('login.password'),
 						'type' => 'password',
-						'autocomplete' => 'off'
-					],
+						'autocomplete' => 'off',
+						'next_to' => [
 							'directory_password_suggestion' => [
-						'label' => lng('customer.generated_pwd'),
+								'next_to_prefix' => lng('customer.generated_pwd') . ':',
 								'type' => 'text',
 								'visible' => (Settings::Get('panel.password_regex') == ''),
-						'value' => Crypt::generatePassword()
+								'value' => Crypt::generatePassword(),
+								'readonly' => true
+							]
+						]
 					],
 					'directory_authname' => [
 						'label' => lng('extras.htpasswdauthname'),

lib/formfields/customer/mysql/formfield.mysql_add.php

@@ -46,14 +46,16 @@ return [
 						'label' => lng('login.password'),
 						'type' => 'password',
 						'autocomplete' => 'off',
-						'mandatory' => true
-					],
+						'mandatory' => true,
+						'next_to' => [
 							'mysql_password_suggestion' => [
-						'label' => lng('customer.generated_pwd'),
+								'next_to_prefix' => lng('customer.generated_pwd') . ':',
 								'type' => 'text',
 								'visible' => (Settings::Get('panel.password_regex') == ''),
 								'value' => Crypt::generatePassword(),
 								'readonly' => true
+							]
+						]
 					],
 					'sendinfomail' => [
 						'label' => lng('customer.sendinfomail'),

lib/formfields/customer/mysql/formfield.mysql_edit.php

@@ -52,10 +52,10 @@ return [
 					'mysql_password' => [
 						'label' => lng('changepassword.new_password_ifnotempty'),
 						'type' => 'password',
-						'autocomplete' => 'off'
-					],
+						'autocomplete' => 'off',
+						'next_to' => [
 							'mysql_password_suggestion' => [
-						'label' => lng('customer.generated_pwd'),
+								'next_to_prefix' => lng('customer.generated_pwd') . ':',
 								'type' => 'text',
 								'visible' => (Settings::Get('panel.password_regex') == ''),
 								'value' => Crypt::generatePassword(),
@@ -65,4 +65,6 @@ return [
 					]
 				]
 			]
+		]
+	]
 ];

lib/formfields/formfield.domain_ssleditor.php

@@ -44,7 +44,8 @@ return [
 						'cols' => 100,
 						'rows' => 15,
 						'value' => $result['ssl_cert_file'],
-						'placeholder' => lng('domain.ssl_certificate_placeholder')
+						'placeholder' => lng('domain.ssl_certificate_placeholder'),
+						'mandatory' => true
 					],
 					'ssl_key_file' => [
 						'label' => lng('admin.ipsandports.ssl_key_file_content'),
@@ -53,7 +54,8 @@ return [
 						'cols' => 100,
 						'rows' => 15,
 						'value' => $result['ssl_key_file'],
-						'placeholder' => lng('domain.ssl_key_placeholder')
+						'placeholder' => lng('domain.ssl_key_placeholder'),
+						'mandatory' => true
 					],
 					'ssl_cert_chainfile' => [
 						'label' => lng('admin.ipsandports.ssl_cert_chainfile_content'),

lib/functions.php

@@ -112,9 +112,14 @@ function vite($basehref, array $filenames): string
 			$assetDirectory = '/templates/' . $matches[1] . '/build/';
 			$viteManifest = dirname(__DIR__) . $assetDirectory . '/manifest.json';
 			$manifest = json_decode(file_get_contents($viteManifest), true);
+			if (!empty($manifest[$filename]['file'])) {
 				$links[] = $basehref . ltrim($assetDirectory, '/') . $manifest[$filename]['file'];
 			} else {
-			$links = $filenames;
+				// additional asset from config.json that was not prebuilt on release (e.g. custom.css)
+				$links[] = $filename;
+			}
+		} else {
+			$links[] = $filename;
 		}
 	}
 

lib/init.php

@@ -50,10 +50,12 @@ if (!file_exists(dirname(__DIR__) . '/vendor/autoload.php')) {
 require dirname(__DIR__) . '/vendor/autoload.php';
 
 use Froxlor\CurrentUser;
+use Froxlor\FileDir;
 use Froxlor\Froxlor;
 use Froxlor\FroxlorLogger;
 use Froxlor\Http\RateLimiter;
 use Froxlor\Idna\IdnaWrapper;
+use Froxlor\Install\Update;
 use Froxlor\Language;
 use Froxlor\PhpHelper;
 use Froxlor\Settings;
@@ -63,7 +65,7 @@ use Froxlor\UI\Linker;
 use Froxlor\UI\Panel\UI;
 use Froxlor\UI\Request;
 use Froxlor\UI\Response;
-use Froxlor\Install\Update;
+use Froxlor\Install\Requirements;
 
 // include MySQL-tabledefinitions
 require Froxlor::getInstallDir() . '/lib/tables.inc.php';
@@ -110,6 +112,40 @@ if (!isset($sql) || !is_array($sql)) {
 	die();
 }
 
+/**
+ * Show nice note if requested domain is "unknown" to froxlor and thus is being lead to its vhost
+ */
+$req_host = UI::getCookieHost();
+if ($req_host != Settings::Get('system.hostname') &&
+	    Settings::Get('panel.is_configured') == 1 &&
+		!filter_var($req_host, FILTER_VALIDATE_IP) && (
+		empty(Settings::Get('system.froxloraliases')) ||
+		(!empty(Settings::Get('system.froxloraliases')) && !in_array($req_host, array_map('trim', explode(',', Settings::Get('system.froxloraliases')))))
+)) {
+	// not the froxlor system-hostname, show info page for domains not configured in froxlor
+	$redirect_file = FileDir::getUnknownDomainTemplate($req_host ?? "non-detectable http-host");
+	header('Location: '.$redirect_file);
+	die();
+}
+
+// validate php-extensions requirements
+$loadedExtensions = get_loaded_extensions();
+$missingExtensions = [];
+foreach (Requirements::REQUIRED_EXTENSIONS as $requiredExtension) {
+	if (in_array($requiredExtension, $loadedExtensions)) {
+		continue;
+	}
+	$missingExtensions[] = $requiredExtension;
+}
+if (!empty($missingExtensions)) {
+	UI::twig()->addGlobal('install_mode', '1');
+	echo UI::twig()->render($_deftheme . '/misc/missingextensionhint.html.twig', [
+		'phpversion' => phpversion(),
+		'missing_extensions' => implode(", ", $missingExtensions),
+	]);
+	die();
+}
+
 // set error-handler
 @set_error_handler([
 	'\\Froxlor\\PhpHelper',
@@ -168,7 +204,7 @@ if (Update::versionInUpdate(Settings::Get('panel.version'), '2.0.0-beta1')) {
 
 // Check if a different variant of the theme is used
 $themevariant = "default";
-if (preg_match("/([a-z0-9\.\-]+)_([a-z0-9\.\-]+)/i", $theme, $matches)) {
+if (preg_match("/([a-z0-9.\-]+)_([a-z0-9.\-]+)/i", $theme, $matches)) {
 	$theme = $matches[1];
 	$themevariant = $matches[2];
 }
@@ -184,12 +220,12 @@ if (@file_exists('templates/' . $theme . '/config.json')) {
 if (is_array($_themeoptions) && (!array_key_exists('variants', $_themeoptions) || !array_key_exists(
 			$themevariant,
 			$_themeoptions['variants']
-))) {
+		))) {
 	$themevariant = "default";
 }
 
 if (array_key_exists('global', $_themeoptions)) {
-	$_themeoptions['variants'][$themevariant] = array_merge_recursive($_themeoptions['variants'][$themevariant], $_themeoptions['global']);
+	$_themeoptions['variants'][$themevariant] = PhpHelper::array_merge_recursive_distinct($_themeoptions['global'], $_themeoptions['variants'][$themevariant]);
 }
 
 // check for custom header-graphic
@@ -242,7 +278,7 @@ if (CurrentUser::hasSession()) {
 	$log = FroxlorLogger::getInstanceOf($userinfo);
 	if ((CurrentUser::isAdmin() && AREA != 'admin') || (!CurrentUser::isAdmin() && AREA != 'customer')) {
 		// user tries to access an area not meant for him -> redirect to corresponding index
-		Response::redirectTo((CurrentUser::isAdmin() ? 'admin' : 'customer') . '_index.php', $params);
+		Response::redirectTo((CurrentUser::isAdmin() ? 'admin' : 'customer') . '_index.php');
 		exit();
 	}
 }
@@ -327,6 +363,7 @@ if (CurrentUser::hasSession()) {
 	if (in_array($_SERVER['REQUEST_METHOD'], ['POST', 'PUT', 'PATCH', 'DELETE'])) {
 		$current_token = $_POST['csrf_token'] ?? $_SERVER['HTTP_X_CSRF_TOKEN'] ?? null;
 		if ($current_token != CurrentUser::getField('csrf_token')) {
+			http_response_code(403);
 			Response::dynamicError('CSRF validation failed');
 		}
 	}
@@ -340,4 +377,6 @@ if (CurrentUser::hasSession()) {
 		'samesite' => 'Strict'
 	];
 	setcookie(session_name(), $_COOKIE[session_name()], $cookie_params);
+} else {
+	UI::twig()->addGlobal('csrf_token', Froxlor::genSessionId(20));
 }

lib/navigation/00.froxlor.main.php

@@ -161,13 +161,13 @@ return [
 			'show_element' => (!Settings::IsInList('panel.customer_hide_options', 'misc.documentation')),
 			'elements' => [
 				[
-					'url' => 'https://docs.froxlor.org/v2/user-guide/',
+					'url' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/',
 					'label' => lng('admin.userguide'),
 					'new_window' => true,
 					'is_external' => true,
 				],
 				[
-					'url' => 'https://docs.froxlor.org/v2/api-guide/',
+					'url' => \Froxlor\Froxlor::DOCS_URL . 'api-guide/',
 					'label' => lng('admin.apiguide'),
 					'new_window' => true,
 					'show_element' => Settings::Get('api.enabled') == 1 && CurrentUser::getField('api_allowed') == 1,
@@ -348,13 +348,13 @@ return [
 			'icon' => 'fa-solid fa-circle-info',
 			'elements' => [
 				[
-					'url' => 'https://docs.froxlor.org/v2/admin-guide/',
+					'url' => \Froxlor\Froxlor::DOCS_URL . 'admin-guide/',
 					'label' => lng('admin.adminguide'),
 					'new_window' => true,
 					'is_external' => true,
 				],
 				[
-					'url' => 'https://docs.froxlor.org/v2/api-guide/',
+					'url' => \Froxlor\Froxlor::DOCS_URL . 'api-guide/',
 					'label' => lng('admin.apiguide'),
 					'new_window' => true,
 					'show_element' => Settings::Get('api.enabled') == 1,

lib/tablelisting/admin/tablelisting.phpconfigs.php

@@ -49,6 +49,7 @@ return [
 				'field' => 'domains',
 				'callback' => [PHPConf::class, 'domainList'],
 				'searchable' => false,
+				'sortable' => false,
 			],
 			'fpmdesc' => [
 				'label' => lng('admin.phpsettings.fpmdesc'),

lng/de.lng.php

@@ -140,12 +140,18 @@ return [
 			'TRAFFICUSED' => 'Wird mit Traffic, der vom Kunden bereits verbraucht wurde, ersetzt.',
 			'pop_success_alternative' => 'Willkommensmail für neue E-Mail-Konten für die alternative E-Mail-Adresse',
 			'EMAIL_PASSWORD' => 'Wird mit dem Passwort des neuen POP3/IMAP Kontos ersetzt.',
-			'index_html' => 'index.html Datei für neu erzeugte Kundenverzeichnisse',
+			'index_html' => 'index Datei für neu erzeugte Kundenverzeichnisse',
+			'unconfigured_html' => 'index Datei für unkonfigurierte/unbekannte Domains',
+			'unconfigured_content_fallback' => 'Diese Domain muss über das Froxlor-Serververwaltungspanel konfiguriert werden, da sie derzeit keinem Kunden zugewiesen ist.',
+			'file_extension' => [
+				'description' => 'Die Dateiendung für die index Datei muss zwischen 1 und 6 Zeichen lang sein und darf nur aus den Zeichen a-z, A-Z und 0-9 bestehen<br><br>Standard: html',
+				'title' => 'Dateiendung für Datei Vorlage',
+			],
 			'SERVERNAME' => 'Wird mit dem Servernamen ersetzt.',
-			'CUSTOMER' => 'Wird mit dem Loginnamen des Kunden ersetzt.',
-			'ADMIN' => 'Wird mit dem Loginnamen des Admins ersetzt.',
-			'CUSTOMER_EMAIL' => 'Wird mit der E-Mail-Adresse des Kunden ersetzt.',
-			'ADMIN_EMAIL' => 'Wird mit der E-Mail-Adresse des Admin ersetzt.',
+			'CUSTOMER' => 'Wird mit dem Loginnamen des Kunden ersetzt. Nur für "index Datei für neu erzeugte Kundenverzeichnisse".',
+			'ADMIN' => 'Wird mit dem Loginnamen des Admins ersetzt. Nur für "index Datei für neu erzeugte Kundenverzeichnisse".',
+			'CUSTOMER_EMAIL' => 'Wird mit der E-Mail-Adresse des Kunden ersetzt. Nur für "index Datei für neu erzeugte Kundenverzeichnisse".',
+			'ADMIN_EMAIL' => 'Wird mit der E-Mail-Adresse des Admin ersetzt. Nur für "index Datei für neu erzeugte Kundenverzeichnisse".',
 			'filetemplates' => 'Dateivorlagen',
 			'filecontent' => 'Dateiinhalt',
 			'new_database_by_customer' => 'Kunden-Benachrichtigungs nach Erstellung einer neuen Datenbank',
@@ -831,7 +837,6 @@ return [
 		'descriptioninvalid' => 'Der Beschreibungstext ist zu kurz, zu lang oder enthält ungültige Zeichen',
 		'info' => 'Info',
 		'filecontentnotset' => 'Diese Datei darf nicht leer sein!',
-		'index_file_extension' => 'Die Dateiendung für die index Datei muss zwischen 1 und 6 Zeichen lang sein und darf nur aus den Zeichen a-z, A-Z und 0-9 bestehen',
 		'customerdoesntexist' => 'Der ausgewählte Kunde existiert nicht.',
 		'admindoesntexist' => 'Der ausgewählte Admin existiert nicht.',
 		'ipportdoesntexist' => 'Die gewählte IP/Port-Kombination existiert nicht.',
@@ -920,6 +925,7 @@ return [
 		'dns_duplicate_entry' => 'Eintrag existiert bereits',
 		'dns_notfoundorallowed' => 'Domain nicht gefunden oder keine Berechtigung',
 		'domain_nopunycode' => 'Die Eingabe von Punycode (IDNA) ist nicht notwendig. Die Domain wird automatisch konvertiert.',
+		'domain_noipaddress' => 'Eine IP-Adresse kann nicht als Domain angelegt werden',
 		'dns_record_toolong' => 'Records/Labels können maximal 63 Zeichen lang sein',
 		'noipportgiven' => 'Keine IP/Port angegeben',
 		'nosslippportgiven' => 'Wenn SSL aktiviert ist, muss eine SSL IP/Port angegeben werden',
@@ -1308,6 +1314,7 @@ Vielen Dank, Ihr Administrator',
 		'dnsentry_reallydelete' => 'Wollen Sie den DNS-Eintrag wirklich löschen?',
 		'certificate_reallydelete' => 'Wollen Sie diese Zertifikat wirklich löschen?',
 		'cache_reallydelete' => 'Wollen Sie den Cache wirklich leeren?',
+		'please_enter_otp' => 'Bitte 2FA Code eingeben',
 	],
 	'serversettings' => [
 		'session_timeout' => [
@@ -1608,10 +1615,6 @@ Vielen Dank, Ihr Administrator',
 			'removelink' => 'Hier klicken, um alle E-Mail-Kontingente zu entfernen',
 			'enforcelink' => 'Hier klicken, um allen Benutzern das Standard-Kontingent zu zuweisen.',
 		],
-		'index_file_extension' => [
-			'description' => 'Welche Dateiendung soll die index Datei in neu erstellten Kundenverzeichnissen haben? Diese Dateiendung wird dann verwendet, wenn Sie bzw. einer Ihrer Admins eigene index Dateivorlagen erstellt haben.',
-			'title' => 'Dateiendung für index Datei in neu erstellen Kundenverzeichnissen',
-		],
 		'session_allow_multiple_login' => [
 			'title' => 'Erlaube gleichzeitigen Login',
 			'description' => 'Wenn diese Option aktiviert ist, können sich Nutzer mehrmals gleichzeitig anmelden.',
@@ -2240,7 +2243,7 @@ Vielen Dank, Ihr Administrator',
 		'database' => [
 			'top' => 'Datenbank',
 			'title' => 'Datenbank und Benutzer erstellen',
-			'description' => 'Froxlor benötigt eine Datenbank und zusätzlich einen Benutzer mit privilegierten Rechten, welcher Benutzer und Datenbanken erstellen darf (GRANT Option). Die angegebene Datenbank und der unprivilegierte Benutzer werden automatisch in diesem Prozess erstellt. Der privilegierte Benutzer muss existieren.',
+			'description' => 'Froxlor benötigt eine Datenbank und zusätzlich <a href="https://docs.froxlor.org/latest/general/installation/tarball.html#_3-create-privileged-database-user" target="_blank">einen Benutzer mit privilegierten Rechten</a>, welcher Benutzer und Datenbanken erstellen darf (GRANT Option). Die angegebene Datenbank und der unprivilegierte Benutzer werden automatisch in diesem Prozess erstellt. Der privilegierte Benutzer muss existieren.',
 			'user' => 'Unprivilegierter Datenbank Benutzer',
 			'dbname' => 'Datenbank Name',
 			'force_create' => 'Sichern und überschreiben, sofern Datenbank existiert?',

lng/en.lng.php

@@ -144,11 +144,17 @@ return [
 			'pop_success_alternative' => 'Welcome mail for new email accounts sent to alternative address',
 			'EMAIL_PASSWORD' => 'Replaced with the POP3/IMAP account password.',
 			'index_html' => 'index file for newly created customer directories',
+			'unconfigured_html' => 'index file for unconfigured/unknown domains',
+			'unconfigured_content_fallback' => 'This domain requires configuration via the froxlor server management panel, as it is currently not assigned to any customer.',
+			'file_extension' => [
+				'description' => 'The file extension for the index file must be between 1 and 6 characters long. The extension can only contain characters like a-z, A-Z and 0-9<br><br>Default: html',
+				'title' => 'File extension for the file template',
+			],
 			'SERVERNAME' => 'Replaced with the servername.',
-			'CUSTOMER' => 'Replaced with the loginname of the customer.',
-			'ADMIN' => 'Replaced with the loginname of the admin.',
-			'CUSTOMER_EMAIL' => 'Replaced with the e-mail address of the customer.',
-			'ADMIN_EMAIL' => 'Replaced with the e-mail address of the admin.',
+			'CUSTOMER' => 'Replaced with the loginname of the customer. Only for "index file for newly created customer directories"',
+			'ADMIN' => 'Replaced with the loginname of the admin. Only for "index file for newly created customer directories"',
+			'CUSTOMER_EMAIL' => 'Replaced with the e-mail address of the customer. Only for "index file for newly created customer directories"',
+			'ADMIN_EMAIL' => 'Replaced with the e-mail address of the admin. Only for "index file for newly created customer directories"',
 			'filetemplates' => 'File templates',
 			'filecontent' => 'File content',
 			'new_database_by_customer' => 'Customer-notification when a database has been created',
@@ -903,7 +909,6 @@ return [
 		'descriptioninvalid' => 'The description is too short, too long or contains illegal characters.',
 		'info' => 'Info',
 		'filecontentnotset' => 'The file cannot be empty!',
-		'index_file_extension' => 'The file extension for the index file must be between 1 and 6 characters long. The extension can only contain characters like a-z, A-Z and 0-9',
 		'customerdoesntexist' => 'The customer you have chosen doesn\'t exist.',
 		'admindoesntexist' => 'The admin you have chosen doesn\'t exist.',
 		'ipportdoesntexist' => 'The ip/port combination you have chosen doesn\'t exist.',
@@ -992,6 +997,7 @@ return [
 		'dns_duplicate_entry' => 'Record already exists',
 		'dns_notfoundorallowed' => 'Domain not found or no permission',
 		'domain_nopunycode' => 'You must not specify punycode (IDNA). The domain will automatically be converted',
+		'domain_noipaddress' => 'Cannot add an IP address as domain',
 		'dns_record_toolong' => 'Records/labels can only be up to 63 characters',
 		'noipportgiven' => 'No IP/port given',
 		'nosslippportgiven' => 'When enabling SSL you need to select a SSL IP/port',
@@ -1423,6 +1429,7 @@ Yours sincerely, your administrator',
 		'dnsentry_reallydelete' => 'Do you really want to delete this zone entry?',
 		'certificate_reallydelete' => 'Do you really want to delete this certificate?',
 		'cache_reallydelete' => 'Do you really want to clear the cache?',
+		'please_enter_otp' => 'Please enter 2FA code',
 	],
 	'redirect_desc' => [
 		'rc_default' => 'default',
@@ -1730,10 +1737,6 @@ Yours sincerely, your administrator',
 			'removelink' => 'Click here to wipe all quotas for mail accounts.',
 			'enforcelink' => 'Click here to enforce default quota to all User mail accounts.',
 		],
-		'index_file_extension' => [
-			'description' => 'Which file extension should be used for the index file in newly created customer directories? This file extension will be used, if you or one of your admins has created its own index file template.',
-			'title' => 'File extension for index file in newly created customer directories',
-		],
 		'session_allow_multiple_login' => [
 			'title' => 'Allow multiple login',
 			'description' => 'If activated a user could login multiple times.',
@@ -2208,6 +2211,7 @@ Yours sincerely, your administrator',
 		],
 		'uc_stable' => 'stable',
 		'uc_testing' => 'testing',
+		'uc_nightly' => 'nightly',
 		'traffictool' => [
 			'toolselect' => 'Traffic analyzer',
 			'webalizer' => 'Webalizer',
@@ -2375,7 +2379,7 @@ Yours sincerely, your administrator',
 		'database' => [
 			'top' => 'Database',
 			'title' => 'Create database and user',
-			'description' => 'Froxlor requires a database and additionally a privileged user to be able to create users and databases (GRANT option). The given database and unprivileged database-user will be created in this process. The privileged user must exist.',
+			'description' => 'Froxlor requires a database and additionally <a href="https://docs.froxlor.org/latest/general/installation/tarball.html#_3-create-privileged-database-user" target="_blank">a privileged user</a> to be able to create users and databases (GRANT option). The given database and unprivileged database-user will be created in this process. The privileged user must exist.',
 			'user' => 'Unprivileged database user',
 			'dbname' => 'Database name',
 			'force_create' => 'Backup and overwrite database if exists?',

package-lock.json

@@ -9,7 +9,7 @@
 				"@fortawesome/fontawesome-free": "^6.4.2",
 				"@popperjs/core": "^2.11.8",
 				"@vitejs/plugin-vue": "^4.0.0",
-				"axios": "^1.1.2",
+				"axios": "^1.6.0",
 				"bootstrap": "^5.3.2",
 				"chart.js": "^4.4.0",
 				"jquery": "^3.6.1",
@@ -19,8 +19,11 @@
 				"postcss": "^8.1.14",
 				"resolve-url-loader": "^5.0.0",
 				"sass": "^1.69.3",
-				"vite": "^4.0.0",
+				"vite": "^4.4.12",
 				"vue": "^3.2.37"
+			},
+			"engines": {
+				"node": ">=18"
 			}
 		},
 		"node_modules/@babel/parser": {
@@ -577,9 +580,9 @@
 			"dev": true
 		},
 		"node_modules/axios": {
-			"version": "1.5.1",
-			"resolved": "https://registry.npmjs.org/axios/-/axios-1.5.1.tgz",
-			"integrity": "sha512-Q28iYCWzNHjAm+yEAot5QaAMxhMghWLFVf7rRdwhUI+c2jix2DUXjAHXVi+s1ibs3mjPO/cCgbA++3BjD0vP/A==",
+			"version": "1.6.0",
+			"resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz",
+			"integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==",
 			"dev": true,
 			"dependencies": {
 				"follow-redirects": "^1.15.0",
@@ -1153,9 +1156,9 @@
 			}
 		},
 		"node_modules/vite": {
-			"version": "4.4.11",
-			"resolved": "https://registry.npmjs.org/vite/-/vite-4.4.11.tgz",
-			"integrity": "sha512-ksNZJlkcU9b0lBwAGZGGaZHCMqHsc8OpgtoYhsQ4/I2v5cnpmmmqe5pM4nv/4Hn6G/2GhTdj0DhZh2e+Er1q5A==",
+			"version": "4.4.12",
+			"resolved": "https://registry.npmjs.org/vite/-/vite-4.4.12.tgz",
+			"integrity": "sha512-KtPlUbWfxzGVul8Nut8Gw2Qe8sBzWY+8QVc5SL8iRFnpnrcoCaNlzO40c1R6hPmcdTwIPEDkq0Y9+27a5tVbdQ==",
 			"dev": true,
 			"dependencies": {
 				"esbuild": "^0.18.10",

package.json

@@ -9,7 +9,7 @@
 		"@fortawesome/fontawesome-free": "^6.4.2",
 		"@popperjs/core": "^2.11.8",
 		"@vitejs/plugin-vue": "^4.0.0",
-		"axios": "^1.1.2",
+		"axios": "^1.6.0",
 		"bootstrap": "^5.3.2",
 		"chart.js": "^4.4.0",
 		"jquery": "^3.6.1",
@@ -19,7 +19,10 @@
 		"postcss": "^8.1.14",
 		"resolve-url-loader": "^5.0.0",
 		"sass": "^1.69.3",
-		"vite": "^4.0.0",
+		"vite": "^4.4.12",
 		"vue": "^3.2.37"
+	},
+	"engines": {
+		"node": ">=18"
 	}
 }

templates/Froxlor/assets/js/bootstrap.js

@@ -18,3 +18,4 @@ window.Chart = Chart;
 import axios from 'axios';
 window.axios = axios;
 window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
+window.axios.defaults.headers.common['X-CSRF-TOKEN'] = document.querySelector('meta[name="csrf-token"]').getAttribute('content');

templates/Froxlor/assets/js/jquery/customer.js

@@ -31,6 +31,9 @@ export default function () {
 						planid: pid
 					},
 					dataType: "json",
+					beforeSend: function(request) {
+						request.setRequestHeader('X-CSRF-TOKEN', document.querySelector('meta[name="csrf-token"]').getAttribute('content'));
+					},
 					success: function (json) {
 						for (var i in json) {
 							if (i == 'email_imap' || i == 'email_pop3' || i == 'perlenabled' || i == 'phpenabled' || i == 'dnsenabled' || i == 'logviewenabled') {

templates/Froxlor/assets/js/jquery/validation.js

@@ -8,18 +8,18 @@ export default function () {
 				rules: {
 					'name': {
 						required: function () {
-							return $('#company').val().length === 0 || $('#firstname').val().length > 0;
+							return $('#company').val().trim().length === 0 || $('#firstname').val().trim().length > 0;
 						}
 					},
 					'firstname': {
 						required: function () {
-							return $('#company').val().length === 0 || $('#name').val().length > 0;
+							return $('#company').val().trim().length === 0 || $('#name').val().trim().length > 0;
 						}
 					},
 					'company': {
 						required: function () {
-							return $('#name').val().length === 0
-								&& $('#firstname').val().length === 0;
+							return $('#name').val().trim().length === 0
+								&& $('#firstname').val().trim().length === 0;
 						}
 					}
 				},

templates/Froxlor/assets/scss/components/_card.scss

@@ -22,6 +22,9 @@
 		}
 	}
 }
+.list-group-item {
+	background: $white;
+}
 
 @include color-mode(dark) {
 	.card, .list-group-item {

templates/Froxlor/assets/scss/components/_generic.scss

@@ -92,3 +92,10 @@ td.text-end {
 		background-color: transparent;
 	}
 }
+
+// Table
+@include color-mode(light) {
+	.table {
+		--bs-table-bg: white;
+	}
+}

templates/Froxlor/assets/scss/components/_search.scss

@@ -17,7 +17,8 @@
 		position: absolute;
 		top: 2.75rem;
 		z-index: 50;
-		width: 70vh;
+		width: 90vw;
+		max-width: 750px;
 		max-height: 50vh;
 
 		background: $search-bg;

templates/Froxlor/config.json

@@ -1,8 +1,8 @@
 {
 	"global": {
 		"css": [
-			"assets/css/custom.css",
-			"assets/scss/app.scss"
+			"assets/scss/app.scss",
+			"assets/css/custom.css"
 		],
 		"js": [
 			"assets/js/app.js",

templates/Froxlor/footer.html.twig

@@ -8,7 +8,7 @@
 				{{ call_static('\\Froxlor\\Froxlor', 'getFullVersion') }}
 			{% endif %}
 		{% endif %}
-		&copy; 2009-{{ "now"|date("Y") }} by <a href="https://www.froxlor.org/" rel="external" target="_blank">the Froxlor Team</a><br>
+		&copy; 2009-{{ "now"|date("Y") }} by <a href="https://www.froxlor.org/" rel="external" target="_blank">the froxlor team</a><br>
 		{% if install_mode is not defined %}
 			{% if (get_setting('panel.imprint_url') != '') %}<a href="{{ get_setting('panel.imprint_url') }}" target="_blank" class="footer-link">{{ lng('imprint') }}</a>{% endif %}
 			{% if (get_setting('panel.terms_url') != '') %}<a href="{{ get_setting('panel.terms_url') }}" target="_blank" class="footer-link">{{ lng('terms') }}</a>{% endif %}

templates/Froxlor/form/formfields.html.twig

@@ -184,7 +184,7 @@
 			</label>
 		</div>
 	{% endif %}
-	{% set field = field|merge({'type':'file'}) %}
+	{% set field = field|merge({'type':'file'})|merge({'value':''}) %}
 	{{ _self.input(id, field) }}
 {% endmacro %}
 

templates/Froxlor/install/update.html.twig

@@ -20,7 +20,7 @@
 						<td class="w-75" scope="row">{{ check.title }}</td>
 						<td class="col-auto text-end{% if check.result == 0 %} text-success{% endif %}">
 							<span class="d-none d-md-inline">{{ check.result_txt }}</span>
-							{% if check.result == 0 %}&nbsp;<i class="fa-solid fa-check-circle" {% elseif check.result == 2 %}<span class="d-md-none">&nbsp;???</span>{% elseif check.result == 1 %}<span class="d-md-none">&nbsp;!!!</span>
+							{% if check.result == 0 %}&nbsp;<i class="fa-solid fa-check-circle"></i>{% elseif check.result == 2 %}<span class="d-md-none">&nbsp;???</span>{% elseif check.result == 1 %}<span class="d-md-none">&nbsp;!!!</span>
 							{% endif %}
 						</td>
 					</tr>

templates/Froxlor/login/enter2fa.html.twig

@@ -27,7 +27,7 @@
 					<div class="card-body d-grid gap-2">
 						<input type="hidden" name="action" value="2fa_verify"/>
 						<input type="hidden" name="send" value="send"/>
-						<button class="btn btn-primary rounded-top-0" type="submit" name="2faverify">{{ lng('2fa.2fa_verify') }}</button>
+						<button class="btn btn-primary" type="submit" name="2faverify">{{ lng('2fa.2fa_verify') }}</button>
 					</div>
 				</div>
 			</form>

templates/Froxlor/login/fpwd.html.twig

@@ -38,7 +38,7 @@
 					</div>
 
 					<div class="card-body d-grid gap-2">
-						<button class="btn btn-primary rounded-top-0" type="submit" name="doremind">{{ lng('login.remind') }}</button>
+						<button class="btn btn-primary" type="submit" name="doremind">{{ lng('login.remind') }}</button>
 					</div>
 
 					<div class="card-footer">

templates/Froxlor/login/login.html.twig

@@ -39,7 +39,7 @@
 					</div>
 
 					<div class="card-body d-grid gap-2">
-						<button class="btn btn-primary rounded-top-0" type="submit" name="dologin">{{ lng('login.login') }}</button>
+						<button class="btn btn-primary" type="submit" name="dologin">{{ lng('login.login') }}</button>
 					</div>
 
 					{% if get_setting('panel.allow_preset') == '1' %}

templates/Froxlor/login/rpwd.html.twig

@@ -30,7 +30,7 @@
 					</div>
 
 					<div class="card-body d-grid gap-2">
-						<button class="btn btn-primary rounded-top-0" type="submit" name="doremind">{{ lng('login.remind') }}</button>
+						<button class="btn btn-primary" type="submit" name="doremind">{{ lng('login.remind') }}</button>
 					</div>
 
 					<div class="card-footer">

templates/Froxlor/misc/configurehint.html.twig

@@ -6,8 +6,8 @@
 
 		<div class="row gx-0 rounded shadow bg-primary text-white mt-5">
 			<div class="col p-5 rounded-start">
-				<h2 class="card-title">Welcome to Froxlor</h2>
-				<p class="lead mt-5">It seems that Froxlor has not been installed yet.</p>
+				<h2 class="card-title">Welcome to froxlor</h2>
+				<p class="lead mt-5">It seems that froxlor has not been installed yet.</p>
 				<p class="lead">Click on the button below to start the installation.</p>
 			</div>
 

templates/Froxlor/misc/missingextensionhint.html.twig

@@ -0,0 +1,18 @@
+{% extends "Froxlor/base.html.twig" %}
+
+{% block content %}
+<div class="container my-auto">
+<div class="alert alert-warning fade show" role="alert">
+	<h4 class="alert-heading">
+		Whoops!
+	</h4>
+	<p>It looks like you are missing some of the required php requirements.</p>
+	<p>Please ensure that the following extension for the currently used php version ({{ phpversion }}) are installed:</p>
+	<pre>{{ missing_extensions }}</pre>
+	<hr>
+	<p class="mt-1 text-center">
+		<a href="" class="btn btn-primary" title="Reload page">Reload</a>
+	</p>
+</div>
+</div>
+{% endblock %}

templates/Froxlor/misc/phprequirementfailed.html.twig

@@ -35,7 +35,7 @@
         <footer class="pý-5 text-center">
             <span>
                 <img src="{{ basehref }}templates/Froxlor/assets/img/logo_grey.png" alt="Froxlor" />
-                &copy; 2009-{{ current_year }} by <a href="https://www.froxlor.org/" rel="external">the Froxlor Team</a>
+                &copy; 2009-{{ current_year }} by <a href="https://www.froxlor.org/" rel="external">the froxlor team</a>
             </span>
         </footer>
     </div>

templates/Froxlor/misc/vendormissinghint.html.twig

@@ -35,7 +35,7 @@
         <footer class="py-5 text-center">
             <span>
                 <img src="{{ basehref }}templates/Froxlor/assets/img/logo_grey.png" alt="Froxlor" />
-                &copy; 2009-{{ current_year }} by <a href="https://www.froxlor.org/" rel="external">the Froxlor Team</a>
+                &copy; 2009-{{ current_year }} by <a href="https://www.froxlor.org/" rel="external">the froxlor team</a>
             </span>
         </footer>
     </div>

templates/Froxlor/user/2fa.html.twig

@@ -45,13 +45,13 @@
 						<input type="hidden" name="page" value="{{ page }}"/>
 						<input type="hidden" name="send" value="send"/>
 						{% if userinfo.type_2fa == 0 %}
-							<button class="btn btn-primary rounded-top-0" type="submit" name="preadd">
+							<button class="btn btn-primary" type="submit" name="preadd">
 								{{ lng('2fa.2fa_add') }}</button>
 						{% elseif userinfo['2fa_unsaved'] is defined and userinfo['2fa_unsaved'] %}
-							<button class="btn btn-primary rounded-top-0" type="submit" name="add">
+							<button class="btn btn-primary" type="submit" name="add">
 								{{ lng('2fa.2fa_add') }}</button>
 						{% else %}
-							<button class="btn btn-warning rounded-top-0" type="submit" name="delete">
+							<button class="btn btn-warning" type="submit" name="delete">
 								{{ lng('2fa.2fa_delete') }}</button>
 						{% endif %}
 					</div>

templates/Froxlor/user/index.html.twig

@@ -51,8 +51,16 @@
 
 	<div class="row">
 		{% if userinfo.adminsession == 1 %}
-			<div
-				class="col-12 col-lg-6">
+			<div class="col-12 col-lg-6">
+
+				{% if userinfo.custom_notes|markdown is not empty and userinfo.custom_notes_show == 1 %}
+					<div class="card mb-3">
+						<div class="card-body">
+							{{ userinfo.custom_notes|markdown|raw }}
+						</div>
+					</div>
+				{% endif %}
+
 				{# system infos #}
 				<div class="card mb-3">
 					<div class="card-header">
@@ -135,22 +143,9 @@
 						{% endif %}
 					</ul>
 				</div>
-
-				{% if userinfo.custom_notes|markdown is not empty and userinfo.custom_notes_show == 1 %}
-					<div class="card mb-3">
-						<ul class="list-group list-group-flush">
-							<li class="list-group-item list-group-item-info d-flex justify-content-between align-items-start">
-								<div class="ms-2 me-auto">
-									{{ userinfo.custom_notes|markdown|raw }}
-								</div>
-							</li>
-						</ul>
-					</div>
-				{% endif %}
 			</div>
 		{% else %}
-			<div
-				class="col-12 col-md-6 col-lg-4">
+			<div class="col-12 col-md-6 col-lg-4">
 				{# account info #}
 				<div class="card mb-3">
 					<div class="card-header">
@@ -174,16 +169,16 @@
 							<div class="ms-2 me-auto">
 								<div class="fw-bold">{{ lng('customer.services') }}</div>
 								{% if userinfo.imap == 1 %}
-									<span class="badge bg-success">IMAP</span>
+									<span class="badge bg-success me-1">IMAP</span>
 								{% endif %}
 								{% if userinfo.pop3 == 1 %}
-									<span class="badge bg-success">POP3</span>
+									<span class="badge bg-success me-1">POP3</span>
 								{% endif %}
 								{% if userinfo.phpenabled == 1 %}
-									<span class="badge bg-success">PHP</span>
+									<span class="badge bg-success me-1">PHP</span>
 								{% endif %}
 								{% if userinfo.perlenabled == 1 %}
-									<span class="badge bg-success">Perl/CGI</span>
+									<span class="badge bg-success me-1">Perl/CGI</span>
 								{% endif %}
 								{% if userinfo.api_allowed == 1 %}
 									<a href="{{ linker({'section':'index','page':'apikeys'}) }}">
@@ -212,8 +207,7 @@
 					</ul>
 				</div>
 			</div>
-			<div
-				class="col-12 col-md-6 col-lg-4">
+			<div class="col-12 col-md-6 col-lg-4">
 				{# customer details #}
 				<div class="card">
 					<div class="card-header">

templates/Froxlor/user/profile.html.twig

@@ -64,7 +64,7 @@
 						<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
 						<input type="hidden" name="page" value="{{ page }}"/>
 						<input type="hidden" name="send" value="changepassword"/>
-						<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
+						<button class="btn btn-primary" type="submit" name="dosave">
 							<i class="fa-regular fa-floppy-disk"></i>
 							{{ lng('menue.main.changepassword') }}</button>
 					</div>
@@ -96,7 +96,7 @@
 							<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
 							<input type="hidden" name="page" value="{{ page }}"/>
 							<input type="hidden" name="send" value="changetheme"/>
-							<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
+							<button class="btn btn-primary" type="submit" name="dosave">
 								<i class="fa-regular fa-floppy-disk"></i>
 								{{ lng('menue.main.changetheme') }}
 							</button>
@@ -130,7 +130,7 @@
 						<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
 						<input type="hidden" name="page" value="{{ page }}"/>
 						<input type="hidden" name="send" value="changelanguage"/>
-						<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
+						<button class="btn btn-primary" type="submit" name="dosave">
 							<i class="fa-regular fa-floppy-disk"></i>
 							{{ lng('menue.main.changelanguage') }}</button>
 					</div>

templates/Froxlor/userarea.html.twig

@@ -27,7 +27,7 @@
 			<a class="navbar-brand me-0 {% if block('heading') %}shadow-sm{% endif %}" href="{{ linker({'section': 'index'}) }}">
 				<img src="{{ header_logo }}" alt="logo" class="header-logo d-inline-block align-text-top ms-md-3">
 			</a>
-			<div class="order-0 order-md-1 d-flex flex-grow-0 flex-md-grow-1" id="navbar">
+			<div class="order-0 order-md-1 d-flex flex-grow-0 flex-md-grow-auto" id="navbar">
 				<ul class="navbar-nav ms-md-auto me-3 me-lg-5">
 					<a class="nav-link d-md-none" data-bs-toggle="collapse" href="#collapseSearch" role="button" aria-expanded="false" aria-controls="collapseSearch">
 						<i class="fa-solid fa-search text-body-secondary"></i>
@@ -77,10 +77,10 @@
 				</ul>
 			</div>
 			<div class="order-1 order-md-0 collapse navbar-collapse" id="collapseSearch">
-				<form class="ms-3 mt-3 ms-lg-5 my-md-0" id="search" method="post">
-					<div class="d-flex align-items-center">
+				<form class="ms-3 mt-3 ms-lg-5 my-md-0 w-100" id="search" method="post">
+					<div class="d-flex align-items-center w-100">
 						<i class="fa-solid fa-search text-body-secondary"></i>
-						<input tabindex="1" class="search-input" title="search" type="search" placeholder="{{ lng('panel.search') }}...">
+						<input tabindex="1" class="search-input w-75" title="search" type="search" placeholder="{{ lng('panel.search') }}...">
 					</div>
 					<div class="search-results-box p-2 shadow" style="display:none;">
 						<div class="search-results list-group-flush"></div>

templates/misc/deactivated/index.html

@@ -41,7 +41,7 @@
 			<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="icon">
 				<path stroke-linecap="round" stroke-linejoin="round" d="M11.25 11.25l.041-.02a.75.75 0 011.063.852l-.708 2.836a.75.75 0 001.063.853l.041-.021M21 12a9 9 0 11-18 0 9 9 0 0118 0zm-9-3.75h.008v.008H12V8.25z" />
 			</svg>
-			<span>Please ask your provider/hoster if you think this is not correct</span>
+			<span>Please ask your provider/hoster if you have any questions.</span>
 		</li>
 	</ul>
 </main>

templates/misc/unconfigured/index.html

@@ -0,0 +1,55 @@
+<!doctype html>
+<html lang="en">
+<head>
+	<meta charset="UTF-8">
+	<meta name="robots" content="noindex, nofollow">
+	<meta name="viewport" content="width=device-width, initial-scale=1.0">
+	<title>froxlor - Domain not configured</title>
+	<style>
+		:root{--primary:#1872a2;--fonts:ui-sans-serif,system-ui,-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji"}
+		body{display:flex;flex-direction:column;background:#f8f9fa;color:#4b5563;align-items:center;justify-content:center;font-family:var(--fonts)}
+		main{background:#fff;margin:10% auto 12px;max-width:540px;padding:2rem;box-shadow:4px 8px 16px 0 rgba(0,0,0,.07);border-radius:.375rem}
+		main h2{margin:0}
+		main p{margin-bottom:1.5rem}
+		main p:last-child{margin-bottom:0}
+		main ul{list-style:none;margin-left:-40px}
+		main li{display:flex;align-items:center;margin-bottom:1rem}
+		main .icon{min-width:24px;width:24px;stroke:var(--primary);margin-right:.75rem}
+		code{background:#eee;padding:.1rem .25rem;border-radius:4px;color:rgba(0,0,0,.75)}
+		hr{margin:2rem 0;border:none;border-bottom:solid 1px rgba(0,0,0,.1)}
+		a,a:active,a:visited{color:var(--primary);text-decoration:none}
+		a:hover{text-decoration:underline}
+		footer{display:flex;align-items:center;margin-top:.5rem}
+		footer .logo{margin-right:.35rem}
+		@media (prefers-color-scheme: dark) {
+			:root{--primary:#29a2d6}
+			body{background:#212529;color:#f8f9fa}
+			main{background:#343a40}
+			hr{border-color:rgba(0,0,0,.2)}
+		}
+	</style>
+</head>
+<body>
+<main>
+	<h2>Domain not configured</h2>
+	<p>
+		This domain requires configuration via the froxlor server management panel, as it is currently not assigned to any customer.
+	</p>
+	<ul>
+		<li>
+			<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="icon">
+				<path stroke-linecap="round" stroke-linejoin="round" d="M11.25 11.25l.041-.02a.75.75 0 011.063.852l-.708 2.836a.75.75 0 001.063.853l.041-.021M21 12a9 9 0 11-18 0 9 9 0 0118 0zm-9-3.75h.008v.008H12V8.25z" />
+			</svg>
+			<span>Please ask your provider/hoster if you have any questions.</span>
+		</li>
+	</ul>
+</main>
+<footer>
+	<img class="logo" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEgAAAAQCAYAAAC1MDndAAAACXBIWXMAAAsTAAALEwEAmpwYAAAKT2lDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVNnVFPpFj333vRCS4iAlEtvUhUIIFJCi4AUkSYqIQkQSoghodkVUcERRUUEG8igiAOOjoCMFVEsDIoK2AfkIaKOg6OIisr74Xuja9a89+bN/rXXPues852zzwfACAyWSDNRNYAMqUIeEeCDx8TG4eQuQIEKJHAAEAizZCFz/SMBAPh+PDwrIsAHvgABeNMLCADATZvAMByH/w/qQplcAYCEAcB0kThLCIAUAEB6jkKmAEBGAYCdmCZTAKAEAGDLY2LjAFAtAGAnf+bTAICd+Jl7AQBblCEVAaCRACATZYhEAGg7AKzPVopFAFgwABRmS8Q5ANgtADBJV2ZIALC3AMDOEAuyAAgMADBRiIUpAAR7AGDIIyN4AISZABRG8lc88SuuEOcqAAB4mbI8uSQ5RYFbCC1xB1dXLh4ozkkXKxQ2YQJhmkAuwnmZGTKBNA/g88wAAKCRFRHgg/P9eM4Ors7ONo62Dl8t6r8G/yJiYuP+5c+rcEAAAOF0ftH+LC+zGoA7BoBt/qIl7gRoXgugdfeLZrIPQLUAoOnaV/Nw+H48PEWhkLnZ2eXk5NhKxEJbYcpXff5nwl/AV/1s+X48/Pf14L7iJIEyXYFHBPjgwsz0TKUcz5IJhGLc5o9H/LcL//wd0yLESWK5WCoU41EScY5EmozzMqUiiUKSKcUl0v9k4t8s+wM+3zUAsGo+AXuRLahdYwP2SycQWHTA4vcAAPK7b8HUKAgDgGiD4c93/+8//UegJQCAZkmScQAAXkQkLlTKsz/HCAAARKCBKrBBG/TBGCzABhzBBdzBC/xgNoRCJMTCQhBCCmSAHHJgKayCQiiGzbAdKmAv1EAdNMBRaIaTcA4uwlW4Dj1wD/phCJ7BKLyBCQRByAgTYSHaiAFiilgjjggXmYX4IcFIBBKLJCDJiBRRIkuRNUgxUopUIFVIHfI9cgI5h1xGupE7yAAygvyGvEcxlIGyUT3UDLVDuag3GoRGogvQZHQxmo8WoJvQcrQaPYw2oefQq2gP2o8+Q8cwwOgYBzPEbDAuxsNCsTgsCZNjy7EirAyrxhqwVqwDu4n1Y8+xdwQSgUXACTYEd0IgYR5BSFhMWE7YSKggHCQ0EdoJNwkDhFHCJyKTqEu0JroR+cQYYjIxh1hILCPWEo8TLxB7iEPENyQSiUMyJ7mQAkmxpFTSEtJG0m5SI+ksqZs0SBojk8naZGuyBzmULCAryIXkneTD5DPkG+Qh8lsKnWJAcaT4U+IoUspqShnlEOU05QZlmDJBVaOaUt2ooVQRNY9aQq2htlKvUYeoEzR1mjnNgxZJS6WtopXTGmgXaPdpr+h0uhHdlR5Ol9BX0svpR+iX6AP0dwwNhhWDx4hnKBmbGAcYZxl3GK+YTKYZ04sZx1QwNzHrmOeZD5lvVVgqtip8FZHKCpVKlSaVGyovVKmqpqreqgtV81XLVI+pXlN9rkZVM1PjqQnUlqtVqp1Q61MbU2epO6iHqmeob1Q/pH5Z/YkGWcNMw09DpFGgsV/jvMYgC2MZs3gsIWsNq4Z1gTXEJrHN2Xx2KruY/R27iz2qqaE5QzNKM1ezUvOUZj8H45hx+Jx0TgnnKKeX836K3hTvKeIpG6Y0TLkxZVxrqpaXllirSKtRq0frvTau7aedpr1Fu1n7gQ5Bx0onXCdHZ4/OBZ3nU9lT3acKpxZNPTr1ri6qa6UbobtEd79up+6Ynr5egJ5Mb6feeb3n+hx9L/1U/W36p/VHDFgGswwkBtsMzhg8xTVxbzwdL8fb8VFDXcNAQ6VhlWGX4YSRudE8o9VGjUYPjGnGXOMk423GbcajJgYmISZLTepN7ppSTbmmKaY7TDtMx83MzaLN1pk1mz0x1zLnm+eb15vft2BaeFostqi2uGVJsuRaplnutrxuhVo5WaVYVVpds0atna0l1rutu6cRp7lOk06rntZnw7Dxtsm2qbcZsOXYBtuutm22fWFnYhdnt8Wuw+6TvZN9un2N/T0HDYfZDqsdWh1+c7RyFDpWOt6azpzuP33F9JbpL2dYzxDP2DPjthPLKcRpnVOb00dnF2e5c4PziIuJS4LLLpc+Lpsbxt3IveRKdPVxXeF60vWdm7Obwu2o26/uNu5p7ofcn8w0nymeWTNz0MPIQ+BR5dE/C5+VMGvfrH5PQ0+BZ7XnIy9jL5FXrdewt6V3qvdh7xc+9j5yn+M+4zw33jLeWV/MN8C3yLfLT8Nvnl+F30N/I/9k/3r/0QCngCUBZwOJgUGBWwL7+Hp8Ib+OPzrbZfay2e1BjKC5QRVBj4KtguXBrSFoyOyQrSH355jOkc5pDoVQfujW0Adh5mGLw34MJ4WHhVeGP45wiFga0TGXNXfR3ENz30T6RJZE3ptnMU85ry1KNSo+qi5qPNo3ujS6P8YuZlnM1VidWElsSxw5LiquNm5svt/87fOH4p3iC+N7F5gvyF1weaHOwvSFpxapLhIsOpZATIhOOJTwQRAqqBaMJfITdyWOCnnCHcJnIi/RNtGI2ENcKh5O8kgqTXqS7JG8NXkkxTOlLOW5hCepkLxMDUzdmzqeFpp2IG0yPTq9MYOSkZBxQqohTZO2Z+pn5mZ2y6xlhbL+xW6Lty8elQfJa7OQrAVZLQq2QqboVFoo1yoHsmdlV2a/zYnKOZarnivN7cyzytuQN5zvn//tEsIS4ZK2pYZLVy0dWOa9rGo5sjxxedsK4xUFK4ZWBqw8uIq2Km3VT6vtV5eufr0mek1rgV7ByoLBtQFr6wtVCuWFfevc1+1dT1gvWd+1YfqGnRs+FYmKrhTbF5cVf9go3HjlG4dvyr+Z3JS0qavEuWTPZtJm6ebeLZ5bDpaql+aXDm4N2dq0Dd9WtO319kXbL5fNKNu7g7ZDuaO/PLi8ZafJzs07P1SkVPRU+lQ27tLdtWHX+G7R7ht7vPY07NXbW7z3/T7JvttVAVVN1WbVZftJ+7P3P66Jqun4lvttXa1ObXHtxwPSA/0HIw6217nU1R3SPVRSj9Yr60cOxx++/p3vdy0NNg1VjZzG4iNwRHnk6fcJ3/ceDTradox7rOEH0x92HWcdL2pCmvKaRptTmvtbYlu6T8w+0dbq3nr8R9sfD5w0PFl5SvNUyWna6YLTk2fyz4ydlZ19fi753GDborZ752PO32oPb++6EHTh0kX/i+c7vDvOXPK4dPKy2+UTV7hXmq86X23qdOo8/pPTT8e7nLuarrlca7nuer21e2b36RueN87d9L158Rb/1tWeOT3dvfN6b/fF9/XfFt1+cif9zsu72Xcn7q28T7xf9EDtQdlD3YfVP1v+3Njv3H9qwHeg89HcR/cGhYPP/pH1jw9DBY+Zj8uGDYbrnjg+OTniP3L96fynQ89kzyaeF/6i/suuFxYvfvjV69fO0ZjRoZfyl5O/bXyl/erA6xmv28bCxh6+yXgzMV70VvvtwXfcdx3vo98PT+R8IH8o/2j5sfVT0Kf7kxmTk/8EA5jz/GMzLdsAAAAgY0hSTQAAeiUAAICDAAD5/wAAgOkAAHUwAADqYAAAOpgAABdvkl/FRgAAAy1JREFUeNrs1muIVlUUBuBnvqZkoswudKErZFOG0kWt6WpN0wWCDMOsgX4UmVS/KovKhIKYLhRBJvV1o/5VlJCmYEmUFYijaBYhSRQVBVE0ZnRBJ/vzfnA4nDN+wTh/pgWHc/baa6+z97v3et/d0Ww24SQ8ij5MNL7tN6zBvdjWiZOxDpP8b3JA5qAXPQ0MtAnOm9jZBvqbsQHbsGsMFrQLv+KPUc47CQONlFXZPsNfJd/buBrDFfHDWIDDcAZmohsPjwFAD+EQnL8Xcl/WqOGc+/FJyXcxVuHJivjX8Hx2cwGeweO4fIxOkL10Wg9o1HSsxUcl30V5P1JxnFuxp+M53I67cQ5mYwZexj2YlnarJBdl3BE4FfPxdfofSOwNhX+uwgXxf1Uz/024DpNxFHrwRIEiPs74XnyIq3A8Xion6qxIvj0TX1vyb8x7CJ/jrELfjrx/zgmS0p2bCWzHzejAQTgmO35J+OpInIcv8GLKeROuzcI24lAsRH/yzcGJFfMfDIB/B/ipeD8bNojX8W1hPR+gCxPwTzsAdaGRgTeGrAZLJXd4zc59l1Jr2dzC91S8g+PSXhFwGgGxO4s6Bd9gaQRkAHdhSQHso/FCzRweS56ezLmB1bgCb+DBCg67rwaLSud+uDAAvVLRfw1OqCO18JEKbusvgNMqA/F153sCpgegT+O7Iwt8NwrZwKsh5irbUuDMFoXMquhv2eKRSKiOg54OUFXSt3SEfPvi4Dz77IEAW/8uH+vdpf6dkXGF+F9GyNtRkXe4or8tqwNoWrigbDeFTEfDZhbKckuBy9blu0XkC1Pi++PK+Objy5q80/NeXSDl9wrgnDkaAIlyzCj5zh1FCb00JL07Jd2LKfgBx+LWXE6XJP6pcMiUiMg8/FmRd3GEYHNiZ+H6wgZP/i+T7MzPJo5wkjYU2t01cWfjp6hH2WZn0adVbM7KALAS3weYftwZIVgTIHtxS8YtD6kOYX2Uqi8iIKCsD6CDhXnNi+iI+vXhwD3g83tHs9l8K5JZZbfh2UL7x0jyeLFljVzUhtoc0DWOwBnCoga25s6wrHDhG8+2I1j0YOu/AwBUU7aBHvM/ZwAAAABJRU5ErkJggg==" alt="froxlor"/>
+	<small>&copy; 2009-<span id="year"></span> by <a href="https://froxlor.org" rel="external">the froxlor team</a></small>
+</footer>
+<script>
+	document.getElementById("year").innerHTML = new Date().getFullYear();
+</script>
+</body>
+</html>