set version to 2.1.6 for bugfix/regression release

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

.github/workflows/build-docs.yml

@@ -2,7 +2,8 @@ name: build-documentation
 
 on:
   release:
-    types: [published]
+    # only run for stable releases
+    types: [released]
 
 jobs:
   build_docs:
@@ -11,4 +12,4 @@ jobs:
       - env:
           GITHUB_TOKEN: ${{ secrets.ORG_GITHUB_TOKEN }}
         run: |
-          gh workflow run --repo Froxlor/Documentation build-and-deploy.yml -f type=tags ref=${{github.ref_name}}
+          gh workflow run --repo Froxlor/Documentation build-and-deploy.yml -f type=tags -f ref=${{github.ref_name}}

.github/workflows/build-mariadb.yml

@@ -1,5 +1,5 @@
 name: Froxlor-CI-MariaDB
-on: ['push', 'pull_request', 'create']
+on: [ 'push', 'pull_request', 'create' ]
 
 jobs:
   froxlor:
@@ -8,8 +8,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-versions: ['7.4', '8.2']
-        mariadb-version: [10.11, 10.5]
+        php-versions: [ '7.4', '8.2' ]
+        mariadb-version: [ 10.11, 10.5 ]
     steps:
       - name: Checkout
         uses: actions/checkout@v3
@@ -49,33 +49,81 @@ jobs:
       - name: Run testing
         run: ant quick-build
 
-#      - name: irc push
-#        uses: rectalogic/notify-irc@v1
-#        if: github.event_name == 'push'
-#        with:
-#          channel: "#froxlor"
-#          server: "irc.libera.chat"
-#          nickname: froxlor-ci
-#          message: |
-#            ${{ github.actor }} pushed ${{ github.event.ref }} ${{ github.event.compare }}
-#            ${{ join(github.event.commits.*.message) }}
+  nightly:
+    name: Create nightly/testing tarball
+    runs-on: ubuntu-latest
+    needs: froxlor
+    if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
 
-#      - name: irc pull request
-#        uses: rectalogic/notify-irc@v1
-#        if: github.event_name == 'pull_request'
-#        with:
-#          channel: "#froxlor"
-#          server: "irc.libera.chat"
-#          nickname: froxlor-ci
-#          message: |
-#            ${{ github.actor }} opened PR ${{ github.event.pull_request.html_url }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
 
-#      - name: irc tag created
-#        uses: rectalogic/notify-irc@v1
-#        if: github.event_name == 'create' && github.event.ref_type == 'tag'
-#        with:
-#          channel: "#froxlor"
-#          server: "irc.libera.chat"
-#          nickname: froxlor-ci
-#          message: |
-#            ${{ github.actor }} tagged ${{ github.repository }} ${{ github.event.ref }}
+      - name: Setup PHP with PECL extension
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '7.4'
+          tools: composer:v2
+          extensions: mbstring, xml, ctype, pdo_mysql, mysql, curl, json, zip, session, filter, posix, openssl, fileinfo, bcmath, gmp, gnupg
+
+      - name: Install composer dependencies
+        run: composer install --no-dev
+
+      - name: Install Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20.x'
+
+      - name: Install npm dependencies
+        run: npm install
+
+      - name: Build assets
+        run: npm run build
+        working-directory: .
+
+      - name: Setting file/directory permissions
+        run: |
+          find -exec chmod ugo+r,u+w,go-w {} \;
+          find -type f -exec chmod ugo-x {} \;
+          find -type d -exec chmod ugo+x {} \;
+          chmod 0755 bin/froxlor-cli
+
+      - name: Remove vcs and unneeded files
+        run: |
+          rm .gitignore
+          rm .editorconfig
+          rm -rf node_modules
+          rm composer.json
+          rm composer.lock
+          rm package.json
+          rm package-lock.json
+          rm *.xml
+          rm vite.config.js
+
+      - name: Create empty index.html in built assets directory
+        run: |
+          touch templates/Froxlor/build/index.html
+          touch templates/Froxlor/build/assets/index.html
+
+      - name: Set outputs
+        id: vars
+        run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+
+      - name: Set nightly branding
+        run: |
+          sed -i "s/const BRANDING = '';/const BRANDING = '+nightly.${{steps.vars.outputs.sha_short}}';/" lib/Froxlor/Froxlor.php
+          zip -r froxlor-nightly.${{steps.vars.outputs.sha_short}}.zip . -x "*.git*"
+          sha256sum froxlor-nightly.${{steps.vars.outputs.sha_short}}.zip > froxlor-nightly.${{steps.vars.outputs.sha_short}}.zip.sha256
+          mkdir dist
+          mv froxlor-nightly.${{steps.vars.outputs.sha_short}}.zip dist/
+          mv froxlor-nightly.${{steps.vars.outputs.sha_short}}.zip.sha256 dist/
+
+      - name: Deploy nightly to server
+        uses: easingthemes/ssh-deploy@v3.4.3
+        env:
+          ARGS: "-rltDzvO --chown=${{ secrets.WEB_USER }}:${{ secrets.WEB_USER }}"
+          SOURCE: "dist/"
+          SSH_PRIVATE_KEY: ${{ secrets.SERVER_SSH_KEY }}
+          REMOTE_HOST: ${{ secrets.REMOTE_HOST }}
+          REMOTE_USER: ${{ secrets.REMOTE_USER }}
+          TARGET: "${{ secrets.REMOTE_TARGET }}"

SECURITY.md

@@ -10,7 +10,8 @@ With that, good luck hacking us ;)
 
 ## Supported versions
 
-- ️✅ **2.1.x**  (`main` git-branch)
+- ️✅ **2.2.x**  (`main` git-branch)
+- ️✅ **2.1.x**  (`v2.1` git-branch)
 - ❌ 2.0.x (`2.0.x`-tags)
 - ❌ 0.10.x (`0.10.x`-tags)
 - ❌ other git-branches
@@ -35,6 +36,8 @@ Only reproducible issues on a default/clean setup from the latest stable release
 - Theoretical attacks without proof of exploitability
 - Attacks that are the result of a third party library should be reported to the library maintainers
 - Social engineering
+- Attacks that require disabling security features or reducing the security level of the environment
+- Exploits by an admin user itself (privileged user and implicitly trusted)
 - Reflected file download
 - Physical attacks
 - Weak SSL/TLS/SSH algorithms or protocols

actions/admin/settings/120.system.php

@@ -130,7 +130,8 @@ return [
 					'default' => 'stable',
 					'select_var' => [
 						'stable' => lng('serversettings.uc_stable'),
-						'testing' => lng('serversettings.uc_testing')
+						'testing' => lng('serversettings.uc_testing'),
+						'nightly' => lng('serversettings.uc_nightly')
 					],
 					'save_method' => 'storeSettingField',
 					'advanced_mode' => true
@@ -171,16 +172,6 @@ return [
 					'default' => false,
 					'save_method' => 'storeSettingField'
 				],
-				'system_index_file_extension' => [
-					'label' => lng('serversettings.index_file_extension'),
-					'settinggroup' => 'system',
-					'varname' => 'index_file_extension',
-					'type' => 'text',
-					'string_regexp' => '/^[a-zA-Z0-9]{1,6}$/',
-					'default' => 'html',
-					'save_method' => 'storeSettingField',
-					'advanced_mode' => true
-				],
 				'system_store_index_file_subs' => [
 					'label' => lng('serversettings.system_store_index_file_subs'),
 					'settinggroup' => 'system',

actions/admin/settings/131.ssl.php

@@ -248,7 +248,7 @@ return [
 					'settinggroup' => 'system',
 					'varname' => 'le_domain_dnscheck_resolver',
 					'type' => 'text',
-					'string_regexp' => '/^(([0-9]+ [a-z0-9\-\._]+, ?)*[0-9]+ [a-z0-9\-\._]+)?$/i',
+					'string_type' => 'validate_ip',
 					'string_emptyallowed' => true,
 					'default' => '',
 					'save_method' => 'storeSettingField'

actions/admin/settings/185.spf.php

@@ -43,7 +43,8 @@ return [
 					'settinggroup' => 'spf',
 					'varname' => 'spf_entry',
 					'type' => 'text',
-					'default' => '"v=spf1 a mx -all"',
+					'string_regexp' => '/^v=spf[a-z0-9:~?\s.-]+$/i',
+					'default' => 'v=spf1 a mx -all',
 					'save_method' => 'storeSettingField'
 				]
 			]

admin_configfiles.php

@@ -60,7 +60,9 @@ if ($userinfo['change_serversettings'] == '1') {
 
 	if (!empty($distribution)) {
 		if (!file_exists($config_dir . '/' . $distribution . ".xml")) {
-			Response::dynamicError("Unknown distribution");
+			// unknown distribution -> redirect to select a valid distribution for config-templates
+			Settings::Set('system.distribution', '');
+			Response::redirectTo('admin_configfiles.php', ['reselect' => 1]);
 		}
 
 		// update setting if different

admin_templates.php

@@ -60,7 +60,8 @@ if (Settings::Get('panel.sendalternativemail') == 1) {
 }
 
 $file_templates = [
-	'index_html'
+	'index_html',
+	'unconfigured_html'
 ];
 
 $languages = Language::getLanguages();

bin/froxlor-cli

@@ -24,20 +24,8 @@
  * @license    https://files.froxlor.org/misc/COPYING.txt GPLv2
  */
 
-declare(strict_types=1);
-
-use Froxlor\Cli\ConfigDiff;
-use Symfony\Component\Console\Application;
-use Froxlor\Cli\RunApiCommand;
-use Froxlor\Cli\ConfigServices;
-use Froxlor\Cli\PhpSessionclean;
-use Froxlor\Cli\SwitchServerIp;
-use Froxlor\Cli\UpdateCommand;
-use Froxlor\Cli\InstallCommand;
-use Froxlor\Cli\MasterCron;
-use Froxlor\Cli\UserCommand;
-use Froxlor\Cli\ValidateAcmeWebroot;
 use Froxlor\Froxlor;
+use Symfony\Component\Console\Application;
 
 // validate correct php version
 if (version_compare("7.4.0", PHP_VERSION, ">=")) {
@@ -53,14 +41,31 @@ require dirname(__DIR__) . '/vendor/autoload.php';
 require dirname(__DIR__) . '/lib/tables.inc.php';
 
 $application = new Application('froxlor-cli', Froxlor::getFullVersion());
-$application->add(new RunApiCommand());
-$application->add(new ConfigServices());
-$application->add(new PhpSessionclean());
-$application->add(new SwitchServerIp());
-$application->add(new UpdateCommand());
-$application->add(new InstallCommand());
-$application->add(new MasterCron());
-$application->add(new UserCommand());
-$application->add(new ValidateAcmeWebroot());
-$application->add(new ConfigDiff());
+
+// files that are no commands
+$fileIgnoreList = [
+	// Current non-command files
+	'CliCommand.php',
+	'index.html',
+	'install.functions.php',
+];
+// directory of commands to include
+$cmd_files = glob(Froxlor::getInstallDir() . '/lib/Froxlor/Cli/*.php');
+
+// include and add commands
+foreach ($cmd_files as $cmdFile) {
+	// check ignore-list
+	if (!in_array(basename($cmdFile), $fileIgnoreList)) {
+		// include class-file
+		require $cmdFile;
+		// create class-name including namespace
+		$cmdClass = "\\Froxlor\\Cli\\" . substr(basename($cmdFile), 0, -4);
+		// check whether it exists
+		if (class_exists($cmdClass) && is_subclass_of($cmdClass, '\Symfony\Component\Console\Command\Command')) {
+			// add to cli application
+			$application->add(new $cmdClass());
+		}
+	}
+}
+
 $application->run();

composer.json

@@ -57,7 +57,7 @@
 		"pear/net_dns2": "^1.5",
 		"amnuts/opcache-gui": "^3.4",
 		"league/commonmark": "^2.4"
-    },
+	},
 	"require-dev": {
 		"phpunit/phpunit": "^9",
 		"ext-pcntl": "*",

composer.lock

@@ -8,16 +8,16 @@
     "packages": [
         {
             "name": "amnuts/opcache-gui",
-            "version": "3.5.2",
+            "version": "3.5.4",
             "source": {
                 "type": "git",
                 "url": "https://github.com/amnuts/opcache-gui.git",
-                "reference": "db9df06889067f99d95bb9f226ec99e663aed196"
+                "reference": "f3a8fe44c0a4c69dd69b9999d68f9097ee362946"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/amnuts/opcache-gui/zipball/db9df06889067f99d95bb9f226ec99e663aed196",
-                "reference": "db9df06889067f99d95bb9f226ec99e663aed196",
+                "url": "https://api.github.com/repos/amnuts/opcache-gui/zipball/f3a8fe44c0a4c69dd69b9999d68f9097ee362946",
+                "reference": "f3a8fe44c0a4c69dd69b9999d68f9097ee362946",
                 "shasum": ""
             },
             "require": {
@@ -58,7 +58,7 @@
             "support": {
                 "email": "andy@amnuts.com",
                 "issues": "https://github.com/amnuts/opcache-gui/issues",
-                "source": "https://github.com/amnuts/opcache-gui/tree/3.5.2"
+                "source": "https://github.com/amnuts/opcache-gui/tree/3.5.4"
             },
             "funding": [
                 {
@@ -66,7 +66,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2023-10-02T10:23:26+00:00"
+            "time": "2023-10-25T19:09:56+00:00"
         },
         {
             "name": "dflydev/dot-access-data",
@@ -674,16 +674,16 @@
         },
         {
             "name": "phpmailer/phpmailer",
-            "version": "v6.8.1",
+            "version": "v6.9.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/PHPMailer/PHPMailer.git",
-                "reference": "e88da8d679acc3824ff231fdc553565b802ac016"
+                "reference": "039de174cd9c17a8389754d3b877a2ed22743e18"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/e88da8d679acc3824ff231fdc553565b802ac016",
-                "reference": "e88da8d679acc3824ff231fdc553565b802ac016",
+                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/039de174cd9c17a8389754d3b877a2ed22743e18",
+                "reference": "039de174cd9c17a8389754d3b877a2ed22743e18",
                 "shasum": ""
             },
             "require": {
@@ -703,6 +703,7 @@
                 "yoast/phpunit-polyfills": "^1.0.4"
             },
             "suggest": {
+                "decomplexity/SendOauth2": "Adapter for using XOAUTH2 authentication",
                 "ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses",
                 "ext-openssl": "Needed for secure SMTP sending and DKIM signing",
                 "greew/oauth2-azure-provider": "Needed for Microsoft Azure XOAUTH2 authentication",
@@ -742,7 +743,7 @@
             "description": "PHPMailer is a full-featured email creation and transfer class for PHP",
             "support": {
                 "issues": "https://github.com/PHPMailer/PHPMailer/issues",
-                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.8.1"
+                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.9.1"
             },
             "funding": [
                 {
@@ -750,7 +751,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2023-08-29T08:26:30+00:00"
+            "time": "2023-11-25T22:23:28+00:00"
         },
         {
             "name": "psr/container",
@@ -972,16 +973,16 @@
         },
         {
             "name": "symfony/console",
-            "version": "v5.4.28",
+            "version": "v5.4.32",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/console.git",
-                "reference": "f4f71842f24c2023b91237c72a365306f3c58827"
+                "reference": "c70df1ffaf23a8d340bded3cfab1b86752ad6ed7"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/console/zipball/f4f71842f24c2023b91237c72a365306f3c58827",
-                "reference": "f4f71842f24c2023b91237c72a365306f3c58827",
+                "url": "https://api.github.com/repos/symfony/console/zipball/c70df1ffaf23a8d340bded3cfab1b86752ad6ed7",
+                "reference": "c70df1ffaf23a8d340bded3cfab1b86752ad6ed7",
                 "shasum": ""
             },
             "require": {
@@ -1051,7 +1052,7 @@
                 "terminal"
             ],
             "support": {
-                "source": "https://github.com/symfony/console/tree/v5.4.28"
+                "source": "https://github.com/symfony/console/tree/v5.4.32"
             },
             "funding": [
                 {
@@ -1067,7 +1068,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-08-07T06:12:30+00:00"
+            "time": "2023-11-18T18:23:04+00:00"
         },
         {
             "name": "symfony/deprecation-contracts",
@@ -1872,16 +1873,16 @@
         },
         {
             "name": "symfony/string",
-            "version": "v5.4.29",
+            "version": "v5.4.32",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/string.git",
-                "reference": "e41bdc93def20eaf3bfc1537c4e0a2b0680a152d"
+                "reference": "91bf4453d65d8231688a04376c3a40efe0770f04"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/string/zipball/e41bdc93def20eaf3bfc1537c4e0a2b0680a152d",
-                "reference": "e41bdc93def20eaf3bfc1537c4e0a2b0680a152d",
+                "url": "https://api.github.com/repos/symfony/string/zipball/91bf4453d65d8231688a04376c3a40efe0770f04",
+                "reference": "91bf4453d65d8231688a04376c3a40efe0770f04",
                 "shasum": ""
             },
             "require": {
@@ -1938,7 +1939,7 @@
                 "utf8"
             ],
             "support": {
-                "source": "https://github.com/symfony/string/tree/v5.4.29"
+                "source": "https://github.com/symfony/string/tree/v5.4.32"
             },
             "funding": [
                 {
@@ -1954,30 +1955,31 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-09-13T11:47:41+00:00"
+            "time": "2023-11-26T13:43:46+00:00"
         },
         {
             "name": "twig/twig",
-            "version": "v3.7.1",
+            "version": "v3.8.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/twigphp/Twig.git",
-                "reference": "a0ce373a0ca3bf6c64b9e3e2124aca502ba39554"
+                "reference": "9d15f0ac07f44dc4217883ec6ae02fd555c6f71d"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/Twig/zipball/a0ce373a0ca3bf6c64b9e3e2124aca502ba39554",
-                "reference": "a0ce373a0ca3bf6c64b9e3e2124aca502ba39554",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/9d15f0ac07f44dc4217883ec6ae02fd555c6f71d",
+                "reference": "9d15f0ac07f44dc4217883ec6ae02fd555c6f71d",
                 "shasum": ""
             },
             "require": {
                 "php": ">=7.2.5",
                 "symfony/polyfill-ctype": "^1.8",
-                "symfony/polyfill-mbstring": "^1.3"
+                "symfony/polyfill-mbstring": "^1.3",
+                "symfony/polyfill-php80": "^1.22"
             },
             "require-dev": {
                 "psr/container": "^1.0|^2.0",
-                "symfony/phpunit-bridge": "^5.4.9|^6.3"
+                "symfony/phpunit-bridge": "^5.4.9|^6.3|^7.0"
             },
             "type": "library",
             "autoload": {
@@ -2013,7 +2015,7 @@
             ],
             "support": {
                 "issues": "https://github.com/twigphp/Twig/issues",
-                "source": "https://github.com/twigphp/Twig/tree/v3.7.1"
+                "source": "https://github.com/twigphp/Twig/tree/v3.8.0"
             },
             "funding": [
                 {
@@ -2025,7 +2027,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-08-28T11:09:02+00:00"
+            "time": "2023-11-21T18:54:41+00:00"
         },
         {
             "name": "voku/anti-xss",
@@ -2291,16 +2293,16 @@
     "packages-dev": [
         {
             "name": "composer/pcre",
-            "version": "3.1.0",
+            "version": "3.1.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/composer/pcre.git",
-                "reference": "4bff79ddd77851fe3cdd11616ed3f92841ba5bd2"
+                "reference": "00104306927c7a0919b4ced2aaa6782c1e61a3c9"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/composer/pcre/zipball/4bff79ddd77851fe3cdd11616ed3f92841ba5bd2",
-                "reference": "4bff79ddd77851fe3cdd11616ed3f92841ba5bd2",
+                "url": "https://api.github.com/repos/composer/pcre/zipball/00104306927c7a0919b4ced2aaa6782c1e61a3c9",
+                "reference": "00104306927c7a0919b4ced2aaa6782c1e61a3c9",
                 "shasum": ""
             },
             "require": {
@@ -2342,7 +2344,7 @@
             ],
             "support": {
                 "issues": "https://github.com/composer/pcre/issues",
-                "source": "https://github.com/composer/pcre/tree/3.1.0"
+                "source": "https://github.com/composer/pcre/tree/3.1.1"
             },
             "funding": [
                 {
@@ -2358,7 +2360,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2022-11-17T09:50:14+00:00"
+            "time": "2023-10-11T07:11:09+00:00"
         },
         {
             "name": "composer/xdebug-handler",
@@ -2613,23 +2615,24 @@
         },
         {
             "name": "pdepend/pdepend",
-            "version": "2.15.1",
+            "version": "2.16.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/pdepend/pdepend.git",
-                "reference": "d12f25bcdfb7754bea458a4a5cb159d55e9950d0"
+                "reference": "8dfc0c46529e2073fa97986552f80646eedac562"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/pdepend/pdepend/zipball/d12f25bcdfb7754bea458a4a5cb159d55e9950d0",
-                "reference": "d12f25bcdfb7754bea458a4a5cb159d55e9950d0",
+                "url": "https://api.github.com/repos/pdepend/pdepend/zipball/8dfc0c46529e2073fa97986552f80646eedac562",
+                "reference": "8dfc0c46529e2073fa97986552f80646eedac562",
                 "shasum": ""
             },
             "require": {
                 "php": ">=5.3.7",
-                "symfony/config": "^2.3.0|^3|^4|^5|^6.0",
-                "symfony/dependency-injection": "^2.3.0|^3|^4|^5|^6.0",
-                "symfony/filesystem": "^2.3.0|^3|^4|^5|^6.0"
+                "symfony/config": "^2.3.0|^3|^4|^5|^6.0|^7.0",
+                "symfony/dependency-injection": "^2.3.0|^3|^4|^5|^6.0|^7.0",
+                "symfony/filesystem": "^2.3.0|^3|^4|^5|^6.0|^7.0",
+                "symfony/polyfill-mbstring": "^1.19"
             },
             "require-dev": {
                 "easy-doc/easy-doc": "0.0.0|^1.2.3",
@@ -2664,7 +2667,7 @@
             ],
             "support": {
                 "issues": "https://github.com/pdepend/pdepend/issues",
-                "source": "https://github.com/pdepend/pdepend/tree/2.15.1"
+                "source": "https://github.com/pdepend/pdepend/tree/2.16.0"
             },
             "funding": [
                 {
@@ -2672,7 +2675,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-09-28T12:00:56+00:00"
+            "time": "2023-11-29T08:52:35+00:00"
         },
         {
             "name": "phar-io/manifest",
@@ -2906,7 +2909,6 @@
                     "type": "github"
                 }
             ],
-            "abandoned": true,
             "time": "2020-12-07T05:51:20+00:00"
         },
         {
@@ -2995,16 +2997,16 @@
         },
         {
             "name": "phpstan/phpstan",
-            "version": "1.10.38",
+            "version": "1.10.46",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpstan/phpstan.git",
-                "reference": "5302bb402c57f00fb3c2c015bac86e0827e4b691"
+                "reference": "90d3d25c5b98b8068916bbf08ce42d5cb6c54e70"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpstan/phpstan/zipball/5302bb402c57f00fb3c2c015bac86e0827e4b691",
-                "reference": "5302bb402c57f00fb3c2c015bac86e0827e4b691",
+                "url": "https://api.github.com/repos/phpstan/phpstan/zipball/90d3d25c5b98b8068916bbf08ce42d5cb6c54e70",
+                "reference": "90d3d25c5b98b8068916bbf08ce42d5cb6c54e70",
                 "shasum": ""
             },
             "require": {
@@ -3053,7 +3055,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-10-06T14:19:14+00:00"
+            "time": "2023-11-28T14:57:26+00:00"
         },
         {
             "name": "phpunit/php-code-coverage",
@@ -4562,16 +4564,16 @@
         },
         {
             "name": "symfony/config",
-            "version": "v5.4.26",
+            "version": "v5.4.31",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/config.git",
-                "reference": "8109892f27beed9252bd1f1c1880aeb4ad842650"
+                "reference": "dd5ea39de228813aba0c23c3a4153da2a4cf3cd9"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/config/zipball/8109892f27beed9252bd1f1c1880aeb4ad842650",
-                "reference": "8109892f27beed9252bd1f1c1880aeb4ad842650",
+                "url": "https://api.github.com/repos/symfony/config/zipball/dd5ea39de228813aba0c23c3a4153da2a4cf3cd9",
+                "reference": "dd5ea39de228813aba0c23c3a4153da2a4cf3cd9",
                 "shasum": ""
             },
             "require": {
@@ -4621,7 +4623,7 @@
             "description": "Helps you find, load, combine, autofill and validate configuration values of any kind",
             "homepage": "https://symfony.com",
             "support": {
-                "source": "https://github.com/symfony/config/tree/v5.4.26"
+                "source": "https://github.com/symfony/config/tree/v5.4.31"
             },
             "funding": [
                 {
@@ -4637,20 +4639,20 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-07-19T20:21:11+00:00"
+            "time": "2023-11-09T08:22:43+00:00"
         },
         {
             "name": "symfony/dependency-injection",
-            "version": "v5.4.29",
+            "version": "v5.4.32",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/dependency-injection.git",
-                "reference": "338638ed8c9d5c7fcb136a73f5c7043465ae2f05"
+                "reference": "d5d48f215ed73f7973d01256b9a2fac729bef759"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/338638ed8c9d5c7fcb136a73f5c7043465ae2f05",
-                "reference": "338638ed8c9d5c7fcb136a73f5c7043465ae2f05",
+                "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/d5d48f215ed73f7973d01256b9a2fac729bef759",
+                "reference": "d5d48f215ed73f7973d01256b9a2fac729bef759",
                 "shasum": ""
             },
             "require": {
@@ -4710,7 +4712,7 @@
             "description": "Allows you to standardize and centralize the way objects are constructed in your application",
             "homepage": "https://symfony.com",
             "support": {
-                "source": "https://github.com/symfony/dependency-injection/tree/v5.4.29"
+                "source": "https://github.com/symfony/dependency-injection/tree/v5.4.32"
             },
             "funding": [
                 {
@@ -4726,7 +4728,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-09-20T06:23:43+00:00"
+            "time": "2023-11-29T06:58:28+00:00"
         },
         {
             "name": "symfony/filesystem",
@@ -4873,16 +4875,16 @@
         },
         {
             "name": "theseer/tokenizer",
-            "version": "1.2.1",
+            "version": "1.2.2",
             "source": {
                 "type": "git",
                 "url": "https://github.com/theseer/tokenizer.git",
-                "reference": "34a41e998c2183e22995f158c581e7b5e755ab9e"
+                "reference": "b2ad5003ca10d4ee50a12da31de12a5774ba6b96"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/theseer/tokenizer/zipball/34a41e998c2183e22995f158c581e7b5e755ab9e",
-                "reference": "34a41e998c2183e22995f158c581e7b5e755ab9e",
+                "url": "https://api.github.com/repos/theseer/tokenizer/zipball/b2ad5003ca10d4ee50a12da31de12a5774ba6b96",
+                "reference": "b2ad5003ca10d4ee50a12da31de12a5774ba6b96",
                 "shasum": ""
             },
             "require": {
@@ -4911,7 +4913,7 @@
             "description": "A small library for converting tokenized PHP source code into XML and potentially other formats",
             "support": {
                 "issues": "https://github.com/theseer/tokenizer/issues",
-                "source": "https://github.com/theseer/tokenizer/tree/1.2.1"
+                "source": "https://github.com/theseer/tokenizer/tree/1.2.2"
             },
             "funding": [
                 {
@@ -4919,7 +4921,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2021-07-28T10:34:58+00:00"
+            "time": "2023-11-20T00:12:19+00:00"
         }
     ],
     "aliases": [],

customer_domains.php

@@ -72,7 +72,7 @@ if ($page == 'overview' || $page == 'domains') {
 		}
 
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/domains/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/domains/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'

customer_email.php

@@ -76,7 +76,7 @@ if ($page == 'overview' || $page == 'emails') {
 		}
 
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/emails/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/emails/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'
@@ -138,7 +138,7 @@ if ($page == 'email_domain') {
 			];
 		}
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/emails/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/emails/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'

customer_extras.php

@@ -75,7 +75,7 @@ if ($page == 'overview' || $page == 'htpasswds') {
 		];
 
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/extras/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/extras/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'
@@ -200,7 +200,7 @@ if ($page == 'overview' || $page == 'htpasswds') {
 		];
 
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/extras/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/extras/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'
@@ -349,7 +349,7 @@ if ($page == 'overview' || $page == 'htpasswds') {
 
 				$actions_links = [
 					[
-						'href' => 'https://docs.froxlor.org/v2/user-guide/extras/',
+						'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/extras/',
 						'target' => '_blank',
 						'icon' => 'fa-solid fa-circle-info',
 						'class' => 'btn-outline-secondary'

customer_ftp.php

@@ -65,7 +65,7 @@ if ($page == 'overview' || $page == 'accounts') {
 			];
 		}
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/ftp-accounts/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/ftp-accounts/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'

customer_index.php

@@ -115,8 +115,8 @@ if ($page == 'overview') {
 	$userinfo['traffic_bytes_used'] = $userinfo['traffic_used'] * 1024;
 
 	if (Settings::Get('system.mail_quota_enabled')) {
-		$userinfo['email_quota_bytes'] = ($userinfo['email_quota'] > -1) ? $userinfo['email_quota'] * 1024 : -1;
-		$userinfo['email_quota_bytes_used'] = $userinfo['email_quota_used'] * 1024;
+		$userinfo['email_quota_bytes'] = ($userinfo['email_quota'] > -1) ? $userinfo['email_quota'] * 1024 * 1024 : -1;
+		$userinfo['email_quota_bytes_used'] = $userinfo['email_quota_used'] * 1024 * 1024;
 	}
 
 	if ($usages) {

customer_mysql.php

@@ -75,7 +75,7 @@ if ($page == 'overview' || $page == 'mysqls') {
 		}
 
 		$actions_links[] = [
-			'href' => 'https://docs.froxlor.org/v2/user-guide/databases/',
+			'href' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/databases/',
 			'target' => '_blank',
 			'icon' => 'fa-solid fa-circle-info',
 			'class' => 'btn-outline-secondary'

index.php

@@ -74,27 +74,26 @@ if ($action == '2fa_entercode') {
 	$code = isset($_POST['2fa_code']) ? $_POST['2fa_code'] : null;
 	// verify entered code
 	$tfa = new FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname'));
-	$result = ($_SESSION['secret_2fa'] == 'email' ? true : $tfa->verifyCode($_SESSION['secret_2fa'], $code, 3));
 	// get user-data
 	$table = $_SESSION['uidtable_2fa'];
 	$field = $_SESSION['uidfield_2fa'];
 	$uid = $_SESSION['uid_2fa'];
 	$isadmin = $_SESSION['unfo_2fa'];
+	if ($_SESSION['secret_2fa'] == 'email') {
+		// verify code set to user's data_2fa field
+		$sel_stmt = Database::prepare("SELECT `data_2fa` FROM " . $table . " WHERE `" . $field . "` = :uid");
+		$userinfo_code = Database::pexecute_first($sel_stmt, ['uid' => $uid]);
+		$result = $tfa->verifyCode($userinfo_code['data_2fa'], $code);
+	} else {
+		$result = $tfa->verifyCode($_SESSION['secret_2fa'], $code, 3);
+	}
 	// either the code is valid when using authenticator-app, or we will select userdata by id and entered code
 	// which is temporarily stored for the customer when using email-2fa
 	if ($result) {
 		$sel_param = [
 			'uid' => $uid
 		];
-		if ($_SESSION['secret_2fa'] == 'email') {
-			// verify code by selecting user by id and the temp. stored code,
-			// so only if it's the correct code, we get the user-data
-			$sel_stmt = Database::prepare("SELECT * FROM " . $table . " WHERE `" . $field . "` = :uid AND `data_2fa` = :code");
-			$sel_param['code'] = $code;
-		} else {
-			// Authenticator-verification has already happened at this point, so just get the user-data
-			$sel_stmt = Database::prepare("SELECT * FROM " . $table . " WHERE `" . $field . "` = :uid");
-		}
+		$sel_stmt = Database::prepare("SELECT * FROM " . $table . " WHERE `" . $field . "` = :uid");
 		$userinfo = Database::pexecute_first($sel_stmt, $sel_param);
 		// whoops, no (valid) user? Start again
 		if (empty($userinfo)) {
@@ -327,11 +326,12 @@ if ($action == '2fa_entercode') {
 			if ($userinfo['type_2fa'] == 1) {
 				// generate code
 				$tfa = new FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname'));
-				$code = $tfa->getCode($tfa->createSecret());
+				$secret = $tfa->createSecret();
+				$code = $tfa->getCode($secret);
 				// set code for user
 				$stmt = Database::prepare("UPDATE $table SET `data_2fa` = :d2fa WHERE `$uid` = :uid");
 				Database::pexecute($stmt, [
-					"d2fa" => $code,
+					"d2fa" => $secret,
 					"uid" => $userinfo[$uid]
 				]);
 				// build up & send email

install/froxlor.sql.php

@@ -157,7 +157,7 @@ CREATE TABLE `panel_admins` (
   `api_allowed` tinyint(1) NOT NULL default '1',
    PRIMARY KEY  (`adminid`),
    UNIQUE KEY `loginname` (`loginname`)
-) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;
+) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci ROW_FORMAT=DYNAMIC;
 
 
 DROP TABLE IF EXISTS `panel_customers`;
@@ -299,7 +299,7 @@ CREATE TABLE `panel_domains` (
   KEY `customerid` (`customerid`),
   KEY `parentdomain` (`parentdomainid`),
   KEY `domain` (`domain`)
-) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;
+) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci ROW_FORMAT=DYNAMIC;
 
 
 DROP TABLE IF EXISTS `panel_ipsandports`;
@@ -391,7 +391,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('admin', 'show_version_footer', '0'),
 	('caa', 'caa_entry', ''),
 	('spf', 'use_spf', '0'),
-	('spf', 'spf_entry', '"v=spf1 a mx -all"'),
+	('spf', 'spf_entry', 'v=spf1 a mx -all'),
 	('dkim', 'dkim_algorithm', 'all'),
 	('dkim', 'dkim_keylength', '1024'),
 	('dkim', 'dkim_servicetype', '0'),
@@ -562,7 +562,6 @@ opcache.validate_timestamps'),
 	('system', 'mod_fcgid_wrapper', '1'),
 	('system', 'mod_fcgid_starter', '0'),
 	('system', 'mod_fcgid_peardir', '/usr/share/php/:/usr/share/php5/'),
-	('system', 'index_file_extension', 'html'),
 	('system', 'mod_fcgid_maxrequests', '250'),
 	('system', 'ssl_key_file','/etc/ssl/froxlor_selfsigned.key'),
 	('system', 'ssl_ca_file', ''),
@@ -679,7 +678,7 @@ opcache.validate_timestamps'),
 	('system', 'distribution', ''),
 	('system', 'update_channel', 'stable'),
 	('system', 'updatecheck_data', ''),
-	('system', 'update_notify_last', '2.1.0-rc1'),
+	('system', 'update_notify_last', ''),
 	('system', 'traffictool', 'goaccess'),
 	('system', 'req_limit_per_interval', 60),
 	('system', 'req_limit_interval', 60),
@@ -687,7 +686,7 @@ opcache.validate_timestamps'),
 	('api', 'customer_default', '1'),
 	('2fa', 'enabled', '1'),
 	('panel', 'decimal_places', '4'),
-	('panel', 'adminmail', 'admin@SERVERNAME'),
+	('panel', 'adminmail', 'ADMIN_MAIL'),
 	('panel', 'phpmyadmin_url', ''),
 	('panel', 'webmail_url', ''),
 	('panel', 'webftp_url', ''),
@@ -727,8 +726,8 @@ opcache.validate_timestamps'),
 	('panel', 'logo_overridecustom', '0'),
 	('panel', 'settings_mode', '0'),
 	('panel', 'menu_collapsed', '1'),
-	('panel', 'version', '2.1.0-rc1'),
-	('panel', 'db_version', '202305240');
+	('panel', 'version', '2.1.6'),
+	('panel', 'db_version', '202312120');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;
@@ -751,6 +750,7 @@ CREATE TABLE `panel_templates` (
   `templategroup` varchar(255) NOT NULL default '',
   `varname` varchar(255) NOT NULL default '',
   `value` longtext NOT NULL,
+  `file_extension` varchar(50) NOT NULL default 'html',
   PRIMARY KEY  (id),
   KEY adminid (adminid)
 ) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;

install/updates/froxlor/update_2.1.inc.php

@@ -38,6 +38,7 @@ if (!defined('_CRON_UPDATE')) {
 
 if (Froxlor::isFroxlorVersion('2.0.24')) {
 	Update::showUpdateStep("Cleaning domains table");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ROW_FORMAT=DYNAMIC;");
 	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` DROP COLUMN `ismainbutsubto`;");
 	Update::lastStepStatus(0);
 
@@ -67,15 +68,18 @@ if (Froxlor::isFroxlorVersion('2.0.24')) {
 	}
 
 	Update::showUpdateStep("Adjusting cronjobs");
-	Database::query("
+	$cfupd_stmt = Database::prepare("
         UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET
         `module`= 'froxlor/export',
         `cronfile` = 'export',
-        `cronclass` = '\\Froxlor\\Cron\\System\\ExportCron',
+        `cronclass` = :cc,
         `interval` = '1 HOUR',
         `desc_lng_key` = 'cron_export'
         WHERE `module` = 'froxlor/backup'
     ");
+	Database::pexecute($cfupd_stmt, [
+		'cc' => '\\Froxlor\\Cron\\System\\ExportCron'
+	]);
 	Update::lastStepStatus(0);
 
 	Update::showUpdateStep("Adjusting system for data-export function");
@@ -108,3 +112,180 @@ if (Froxlor::isFroxlorVersion('2.1.0-beta2')) {
 	Update::showUpdateStep("Updating from 2.1.0-beta2 to 2.1.0-rc1", false);
 	Froxlor::updateToVersion('2.1.0-rc1');
 }
+
+if (Froxlor::isFroxlorVersion('2.1.0-rc1')) {
+	Update::showUpdateStep("Updating from 2.1.0-rc1 to 2.1.0-rc2", false);
+
+	Update::showUpdateStep("Adjusting setting spf_entry");
+	$spf_entry = Settings::Get('spf.spf_entry');
+	if (!preg_match('/^v=spf[a-z0-9:~?\s.-]+$/i', $spf_entry)) {
+		Settings::Set('spf.spf_entry', 'v=spf1 a mx -all');
+		Update::lastStepStatus(1, 'corrected');
+	} else {
+		Update::lastStepStatus(0);
+	}
+
+	Froxlor::updateToVersion('2.1.0-rc2');
+}
+
+if (Froxlor::isDatabaseVersion('202305240')) {
+
+	Update::showUpdateStep("Adjusting file-template file extension setttings");
+	$current_fileextension = Settings::Get('system.index_file_extension');
+	Database::query("DELETE FROM `" . TABLE_PANEL_SETTINGS . "` WHERE `settinggroup`= 'system' AND `varname`= 'index_file_extension'");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_TEMPLATES . "` ADD `file_extension` varchar(50) NOT NULL default 'html';");
+	if (!empty(trim($current_fileextension)) && strtolower(trim($current_fileextension)) != 'html') {
+		$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_TEMPLATES . "` SET `file_extension` = :ext WHERE `templategroup` = 'files'");
+		Database::pexecute($stmt, ['ext' => strtolower(trim($current_fileextension))]);
+	}
+	Update::lastStepStatus(0);
+
+	Froxlor::updateToDbVersion('202311260');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.0-rc2')) {
+	Update::showUpdateStep("Updating from 2.1.0-rc2 to 2.1.0-rc3", false);
+	Froxlor::updateToVersion('2.1.0-rc3');
+}
+
+if (Froxlor::isDatabaseVersion('202311260')) {
+	Update::showUpdateStep("Cleaning up old files");
+	$to_clean = array(
+		"install/updates/froxlor/update_2.x.inc.php",
+		"install/updates/preconfig/preconfig_2.x.inc.php",
+		"lib/Froxlor/Api/Commands/CustomerBackups.php",
+		"lib/Froxlor/Cli/Action",
+		"lib/Froxlor/Cli/Action.php",
+		"lib/Froxlor/Cli/CmdLineHandler.php",
+		"lib/Froxlor/Cli/ConfigServicesCmd.php",
+		"lib/Froxlor/Cli/PhpSessioncleanCmd.php",
+		"lib/Froxlor/Cli/SwitchServerIpCmd.php",
+		"lib/Froxlor/Cli/UpdateCliCmd.php",
+		"lib/Froxlor/Cron/System/BackupCron.php",
+		"lib/formfields/customer/extras/formfield.backup.php",
+		"lib/tablelisting/customer/tablelisting.backups.php",
+		"templates/Froxlor/assets/mix-manifest.json",
+		"templates/Froxlor/assets/css",
+		"templates/Froxlor/assets/webfonts",
+		"templates/Froxlor/assets/js/main.js",
+		"templates/Froxlor/assets/js/main.js.LICENSE.txt",
+		"templates/Froxlor/src",
+		"templates/Froxlor/user/change_language.html.twig",
+		"templates/Froxlor/user/change_password.html.twig",
+		"templates/Froxlor/user/change_theme.html.twig",
+		"tests/Backup/CustomerBackupsTest.php"
+	);
+	$disabled = explode(',', ini_get('disable_functions'));
+	$exec_allowed = !in_array('exec', $disabled);
+	$del_list = "";
+	foreach ($to_clean as $filedir) {
+		$complete_filedir = Froxlor::getInstallDir() . $filedir;
+		if (file_exists($complete_filedir)) {
+			if ($exec_allowed) {
+				FileDir::safe_exec("rm -rf " . escapeshellarg($complete_filedir));
+			} else {
+				$del_list .= "rm -rf " . escapeshellarg($complete_filedir) . PHP_EOL;
+			}
+		}
+	}
+	if ($exec_allowed) {
+		Update::lastStepStatus(0);
+	} else {
+		if (empty($del_list)) {
+			// none of the files existed
+			Update::lastStepStatus(0);
+		} else {
+			Update::lastStepStatus(
+                1,
+                'manual commands needed',
+                'Please run the following commands manually:<br><pre>' . $del_list . '</pre>'
+            );
+		}
+	}
+	Froxlor::updateToDbVersion('202312050');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.0-rc3')) {
+	Update::showUpdateStep("Updating from 2.1.0-rc3 to 2.1.0 stable", false);
+	Froxlor::updateToVersion('2.1.0');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.0')) {
+	Update::showUpdateStep("Updating from 2.1.0 to 2.1.1", false);
+	Froxlor::updateToVersion('2.1.1');
+}
+
+if (Froxlor::isDatabaseVersion('202312050')) {
+	Update::showUpdateStep("Cleaning up old files");
+	$to_clean = array(
+		"lib/configfiles/centos7.xml",
+		"lib/configfiles/centos8.xml",
+		"lib/configfiles/stretch.xml",
+		"lib/configfiles/xenial.xml",
+		"lib/configfiles/buster.xml",
+		"lib/configfiles/bionic.xml",
+	);
+	$disabled = explode(',', ini_get('disable_functions'));
+	$exec_allowed = !in_array('exec', $disabled);
+	$del_list = "";
+	foreach ($to_clean as $filedir) {
+		$complete_filedir = Froxlor::getInstallDir() . $filedir;
+		if (file_exists($complete_filedir)) {
+			if ($exec_allowed) {
+				FileDir::safe_exec("rm -rf " . escapeshellarg($complete_filedir));
+			} else {
+				$del_list .= "rm -rf " . escapeshellarg($complete_filedir) . PHP_EOL;
+			}
+		}
+	}
+	if ($exec_allowed) {
+		Update::lastStepStatus(0);
+	} else {
+		if (empty($del_list)) {
+			// none of the files existed
+			Update::lastStepStatus(0);
+		} else {
+			Update::lastStepStatus(
+				1,
+				'manual commands needed',
+				'Please run the following commands manually:<br><pre>' . $del_list . '</pre>'
+			);
+		}
+	}
+	Froxlor::updateToDbVersion('202312100');
+}
+
+if (Froxlor::isDatabaseVersion('202312100')) {
+
+	Update::showUpdateStep("Adjusting table row format of larger tables");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_ADMINS . "` ROW_FORMAT=DYNAMIC;");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` ROW_FORMAT=DYNAMIC;");
+	Update::lastStepStatus(0);
+
+	Froxlor::updateToDbVersion('202312120');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.1')) {
+	Update::showUpdateStep("Updating from 2.1.1 to 2.1.2", false);
+	Froxlor::updateToVersion('2.1.2');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.2')) {
+	Update::showUpdateStep("Updating from 2.1.2 to 2.1.3", false);
+	Froxlor::updateToVersion('2.1.3');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.3')) {
+	Update::showUpdateStep("Updating from 2.1.3 to 2.1.4", false);
+	Froxlor::updateToVersion('2.1.4');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.4')) {
+	Update::showUpdateStep("Updating from 2.1.4 to 2.1.5", false);
+	Froxlor::updateToVersion('2.1.5');
+}
+
+if (Froxlor::isFroxlorVersion('2.1.5')) {
+	Update::showUpdateStep("Updating from 2.1.5 to 2.1.6", false);
+	Froxlor::updateToVersion('2.1.6');
+}

lib/Froxlor/Api/Commands/Customers.php

@@ -400,7 +400,10 @@ class Customers extends ApiCommand implements ResourceEntity
 				$allowed_phpconfigs = array_map('intval', $allowed_phpconfigs);
 
 				if (empty($allowed_phpconfigs) && $phpenabled == 1) {
-					Response::standardError('customerphpenabledbutnoconfig', '', true);
+					// only required if not using mod_php
+					if ((int)Settings::Get('system.mod_fcgid') == 1 || (int)Settings::Get('phpfpm.enabled') == 1) {
+						Response::standardError('customerphpenabledbutnoconfig', '', true);
+					}
 				}
 
 				$allowed_mysqlserver = array();
@@ -1053,7 +1056,7 @@ class Customers extends ApiCommand implements ResourceEntity
 			$email = $this->getParam('email', true, $idna_convert->decode($result['email']));
 			$name = $this->getParam('name', true, $result['name']);
 			$firstname = $this->getParam('firstname', true, $result['firstname']);
-			$company_required = empty($result['company']) && ((!empty($name) && empty($firstname)) || (empty($name) && !empty($firstname)) || (empty($name) && empty($firstname)));
+			$company_required = (!empty($name) && empty($firstname)) || (empty($name) && !empty($firstname)) || (empty($name) && empty($firstname));
 			$company = $this->getParam('company', !$company_required, $result['company']);
 			$street = $this->getParam('street', true, $result['street']);
 			$zipcode = $this->getParam('zipcode', true, $result['zipcode']);
@@ -1114,7 +1117,10 @@ class Customers extends ApiCommand implements ResourceEntity
 				$allowed_phpconfigs = array_map('intval', $allowed_phpconfigs);
 			}
 			if (empty($allowed_phpconfigs) && $phpenabled == 1) {
-				Response::standardError('customerphpenabledbutnoconfig', '', true);
+				// only required if not using mod_php
+				if ((int)Settings::Get('system.mod_fcgid') == 1 || (int)Settings::Get('phpfpm.enabled') == 1) {
+					Response::standardError('customerphpenabledbutnoconfig', '', true);
+				}
 			}
 
 			// add permission for allowed mysql usage if customer was not allowed to use mysql prior

lib/Froxlor/Api/Commands/Domains.php

@@ -349,6 +349,8 @@ class Domains extends ApiCommand implements ResourceEntity
 
 				if (substr($p_domain, 0, 4) == 'xn--') {
 					Response::standardError('domain_nopunycode', '', true);
+				} elseif (Validate::validate_ip2($p_domain, true, '', true, true)) {
+					Response::standardError('domain_noipaddress', '', true);
 				}
 
 				$idna_convert = new IdnaWrapper();
@@ -1650,6 +1652,7 @@ class Domains extends ApiCommand implements ResourceEntity
 				|| $iswildcarddomain != $result['iswildcarddomain']
 				|| $phpenabled != $result['phpenabled']
 				|| $openbasedir != $result['openbasedir']
+				|| $openbasedir_path != $result['openbasedir_path']
 				|| $phpsettingid != $result['phpsettingid']
 				|| $mod_fcgid_starter != $result['mod_fcgid_starter']
 				|| $mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests']
@@ -1667,6 +1670,7 @@ class Domains extends ApiCommand implements ResourceEntity
 				|| $hsts_sub != $result['hsts_sub']
 				|| $hsts_preload != $result['hsts_preload']
 				|| $ocsp_stapling != $result['ocsp_stapling']
+				|| $sslenabled != $result['ssl_enabled']
 			) {
 				Cronjob::inserttask(TaskId::REBUILD_VHOST);
 			}
@@ -1815,7 +1819,7 @@ class Domains extends ApiCommand implements ResourceEntity
 			$update_data['wwwserveralias'] = $wwwserveralias;
 			$update_data['iswildcarddomain'] = $iswildcarddomain;
 			$update_data['phpenabled'] = $phpenabled;
-			$update_data['openbasedir'] = $openbasedir;;
+			$update_data['openbasedir'] = $openbasedir;
 			$update_data['openbasedir_path'] = $openbasedir_path;
 			$update_data['speciallogfile'] = $speciallogfile;
 			$update_data['phpsettingid'] = $phpsettingid;

lib/Froxlor/Api/Commands/EmailAccounts.php

@@ -157,10 +157,10 @@ class EmailAccounts extends ApiCommand implements ResourceEntity
 
 			// prefix hash-algo
 			switch (Settings::Get('system.passwordcryptfunc')) {
-				case PASSWORD_ARGON2I:
+				case 'argon2i':
 					$cpPrefix = '{ARGON2I}';
 					break;
-				case PASSWORD_ARGON2ID:
+				case 'argon2id':
 					$cpPrefix = '{ARGON2ID}';
 					break;
 				default:
@@ -404,10 +404,10 @@ class EmailAccounts extends ApiCommand implements ResourceEntity
 			$password = Crypt::validatePassword($password, true);
 			// prefix hash-algo
 			switch (Settings::Get('system.passwordcryptfunc')) {
-				case PASSWORD_ARGON2I:
+				case 'argon2i':
 					$cpPrefix = '{ARGON2I}';
 					break;
-				case PASSWORD_ARGON2ID:
+				case 'argon2id':
 					$cpPrefix = '{ARGON2ID}';
 					break;
 				default:

lib/Froxlor/Api/Commands/Froxlor.php

@@ -82,7 +82,7 @@ class Froxlor extends ApiCommand
 				if ($aucheck == 1) {
 					// anzeige über version-status mit ggfls. formular
 					// zum update schritt #1 -> download
-					$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') == 'testing' ? 'testing ' : ''), AutoUpdate::getFromResult('version'), $this->version]);
+					$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') != 'stable' ? Settings::Get('system.update_channel').' ' : ''), AutoUpdate::getFromResult('version'), $this->version]);
 					$response = [
 						'isnewerversion' => (int) !AutoUpdate::getFromResult('has_latest'),
 						'version' => $this->version,
@@ -91,7 +91,7 @@ class Froxlor extends ApiCommand
 						'additional_info' => AutoUpdate::getFromResult('info'),
 						'aucheck' => $aucheck
 					];
-				} else if ($aucheck < 0 || $aucheck > 1) {
+				} elseif ($aucheck < 0 || $aucheck > 1) {
 					// errors
 					if ($aucheck < 0) {
 						$errmsg = AutoUpdate::getLastError();
@@ -259,14 +259,15 @@ class Froxlor extends ApiCommand
 	 * returns a random password based on froxlor settings for min-length, included characters, etc.
 	 *
 	 * @param int $length
-	 *            optional length of password, defaults to 10
+	 *            optional length of password, defaults to 0 (panel.password_min_length)
 	 *
 	 * @access admin, customer
 	 * @return string
+	 * @throws Exception
 	 */
-	public function generatePassword()
+	public function generatePassword(): string
 	{
-		$length = $this->getParam('length', true, 10);
+		$length = $this->getParam('length', true, 0);
 		return $this->response(Crypt::generatePassword($length));
 	}
 

lib/Froxlor/Cli/ConfigServices.php

@@ -402,7 +402,7 @@ final class ConfigServices extends CliCommand
 							case "file":
 								if (array_key_exists('content', $action)) {
 									$output->writeln('<comment>Creating file "' . $action['name'] . '"</>');
-									file_put_contents($action['name'], trim(strtr($action['content'], $replace_arr)));
+									file_put_contents($action['name'], trim(strtr($action['content'], $replace_arr)) . PHP_EOL);
 								} elseif (array_key_exists('subcommands', $action)) {
 									foreach ($action['subcommands'] as $fileaction) {
 										if (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "pre") {
@@ -411,7 +411,7 @@ final class ConfigServices extends CliCommand
 											exec(strtr($fileaction['content'], $replace_arr));
 										} elseif ($fileaction['type'] == 'file') {
 											$output->writeln('<comment>Creating file "' . $fileaction['name'] . '"</>');
-											file_put_contents($fileaction['name'], trim(strtr($fileaction['content'], $replace_arr)));
+											file_put_contents($fileaction['name'], trim(strtr($fileaction['content'], $replace_arr)) . PHP_EOL);
 										}
 									}
 								}
@@ -514,6 +514,7 @@ final class ConfigServices extends CliCommand
 			'<WEBSERVER_GROUP>' => Settings::Get('system.httpgroup'),
 			'<SSL_CERT_FILE>' => Settings::Get('system.ssl_cert_file'),
 			'<SSL_KEY_FILE>' => Settings::Get('system.ssl_key_file'),
+			'<ADMIN_MAIL>' => Settings::Get('panel.adminmail'),
 		];
 	}
 }

lib/Froxlor/Cli/InstallCommand.php

@@ -211,7 +211,7 @@ final class InstallCommand extends Command
 						$ask_field = false;
 					}
 					$fielddata['value'] = $this->formfielddata[$fieldname] ?? ($fielddata['value'] ?? null);
-					$fielddata['label'] = strip_tags(str_replace("<br>", " ", $fielddata['label']));
+					$fielddata['label'] = $this->cliTextFormat($fielddata['label'], " ");
 					if ($ask_field) {
 						if ($fielddata['type'] == 'password') {
 							$this->formfielddata[$fieldname] = $this->io->askHidden($fielddata['label'], function ($value) use ($fielddata) {
@@ -267,14 +267,16 @@ final class InstallCommand extends Command
 			case 4:
 				$section = $inst->formfield['install']['sections']['step' . $step] ?? [];
 				$this->io->section($section['title']);
-				$this->io->note($section['description']);
+				$this->io->note($this->cliTextFormat($section['description']));
 				$cmdfield = $section['fields']['system'];
 				$this->io->success([
 					$cmdfield['label'],
 					$cmdfield['value']
 				]);
-				if (!empty($decoded_input) || $this->io->confirm('Execute command now?', false)) {
-					passthru($cmdfield['value']);
+				if (!isset($decoded_input['manual_config']) || (bool)$decoded_input['manual_config'] === false) {
+					if (!empty($decoded_input) || $this->io->confirm('Execute command now?', false)) {
+						passthru($cmdfield['value']);
+					}
 				}
 				break;
 		}
@@ -305,7 +307,7 @@ final class InstallCommand extends Command
 		$json_output = [];
 		foreach ($fields['install']['sections'] as $section => $section_fields) {
 			foreach ($section_fields['fields'] as $name => $field) {
-				if ($name == 'system' || $name == 'manual_config' || $name == 'target_servername') {
+				if ($name == 'system' || $name == 'target_servername') {
 					continue;
 				}
 				if ($field['type'] == 'text' || $field['type'] == 'email') {
@@ -318,7 +320,7 @@ final class InstallCommand extends Command
 					$fieldval = '******';
 				} elseif ($field['type'] == 'select') {
 					$fieldval = implode("|", array_keys($field['select_var']));
-				} else if ($field['type'] == 'checkbox') {
+				} elseif ($field['type'] == 'checkbox') {
 					$fieldval = "1|0";
 				} else {
 					$fieldval = "?";
@@ -346,4 +348,10 @@ final class InstallCommand extends Command
 		curl_close($ch);
 		fclose($fp);
 	}
+
+	private function cliTextFormat(string $text, string $nl_char = "\n"): string
+	{
+		$text = str_replace(['<br>', '<br/>', '<br />'], [$nl_char, $nl_char, $nl_char], $text);
+		return strip_tags($text);
+	}
 }

lib/Froxlor/Cli/MasterCron.php

@@ -263,6 +263,8 @@ final class MasterCron extends CliCommand
 		if ($jobcount > 0) {
 			if (Settings::Get('system.nssextrausers') == 1) {
 				Extrausers::generateFiles($this->cronLog);
+				// reload crond as shell users might use crontab and the user is only known to crond if reloaded
+				FileDir::safe_exec(escapeshellcmd(Settings::Get('system.crondreload')));
 				return;
 			}
 
@@ -275,6 +277,8 @@ final class MasterCron extends CliCommand
 				FileDir::safe_exec('nscd -i group 1> /dev/null', $false_val, [
 					'>'
 				]);
+				// reload crond as shell users might use crontab and the user is only known to crond if reloaded
+				FileDir::safe_exec(escapeshellcmd(Settings::Get('system.crondreload')));
 			}
 		}
 	}

lib/Froxlor/Cli/UpdateCommand.php

@@ -100,7 +100,7 @@ final class UpdateCommand extends CliCommand
 					}
 					// there is a new version
 					if ($input->getOption('check-only')) {
-						$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') == 'testing' ? 'testing ' : ''), AutoUpdate::getFromResult('version'), Froxlor::VERSION]);
+						$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') != 'stable' ? Settings::Get('system.update_channel').' ' : ''), AutoUpdate::getFromResult('version'), Froxlor::VERSION]);
 					} else {
 						$text = lng('admin.newerversionavailable') . ' ' . lng('admin.newerversiondetails', [AutoUpdate::getFromResult('version'), Froxlor::VERSION]);
 					}
@@ -110,7 +110,7 @@ final class UpdateCommand extends CliCommand
 					$newversionavail = true;
 					$output->writeln('<comment>' . $text . '</>');
 					$result = self::SUCCESS;
-				} else if ($aucheck < 0 || $aucheck > 1) {
+				} elseif ($aucheck < 0 || $aucheck > 1) {
 					if ($input->getOption('integer-return')) {
 						$output->write(-1);
 						return self::INVALID;
@@ -175,7 +175,7 @@ final class UpdateCommand extends CliCommand
 								$result = self::SUCCESS;
 								$question = new ConfirmationQuestion('Update database? [no] ', false, '/^(y|j)/i');
 								if ($yestoall || $helper->ask($input, $output, $question)) {
-									$result = $this->updateDatabase();
+									$result = $this->runUpdate($output, true);
 								}
 							} else {
 								$errmsg = 'error.autoupdate_' . $auex;
@@ -199,7 +199,7 @@ final class UpdateCommand extends CliCommand
 		if ($input->getOption('mail-notify')) {
 			$last_check_version = Settings::Get('system.update_notify_last');
 			if (Update::versionInUpdate($last_check_version, AutoUpdate::getFromResult('version'))) {
-				$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') == 'testing' ? 'testing ' : ''), AutoUpdate::getFromResult('version'), Froxlor::VERSION]);
+				$text = lng('update.uc_newinfo', [(Settings::Get('system.update_channel') != 'stable' ? Settings::Get('system.update_channel').' ' : ''), AutoUpdate::getFromResult('version'), Froxlor::VERSION]);
 				$mail = new Mailer(true);
 				$mail->Body = $text;
 				$mail->Subject = "[froxlor] " . lng('update.notify_subject');

lib/Froxlor/Config/ConfigDisplay.php

@@ -117,7 +117,7 @@ class ConfigDisplay
 			'<SQL_UNPRIVILEGED_PASSWORD>' => 'FROXLOR_MYSQL_PASSWORD',
 			'<SQL_DB>' => $sql['db'],
 			'<SQL_HOST>' => $sql['host'],
-			'<SQL_SOCKET>' => isset($sql['socket']) ? $sql['socket'] : null,
+			'<SQL_SOCKET>' => $sql['socket'] ?? null,
 			'<SERVERNAME>' => Settings::Get('system.hostname'),
 			'<SERVERIP>' => Settings::Get('system.ipaddress'),
 			'<NAMESERVERS>' => Settings::Get('system.nameservers'),
@@ -127,12 +127,15 @@ class ConfigDisplay
 			'<VIRTUAL_GID_MAPS>' => Settings::Get('system.vmail_gid'),
 			'<SSLPROTOCOLS>' => (Settings::Get('system.use_ssl') == '1') ? 'imaps pop3s' : '',
 			'<CUSTOMER_TMP>' => FileDir::makeCorrectDir($customer_tmpdir),
-			'<BASE_PATH>' => FileDir::makeCorrectDir(Froxlor::getInstallDir()),
+			'<BASE_PATH>' => Froxlor::getInstallDir(),
 			'<BIND_CONFIG_PATH>' => FileDir::makeCorrectDir(Settings::Get('system.bindconf_directory')),
 			'<WEBSERVER_RELOAD_CMD>' => Settings::Get('system.apachereload_command'),
 			'<CUSTOMER_LOGS>' => FileDir::makeCorrectDir(Settings::Get('system.logfiles_directory')),
 			'<FPM_IPCDIR>' => FileDir::makeCorrectDir(Settings::Get('phpfpm.fastcgi_ipcdir')),
-			'<WEBSERVER_GROUP>' => Settings::Get('system.httpgroup')
+			'<WEBSERVER_GROUP>' => Settings::Get('system.httpgroup'),
+			'<SSL_CERT_FILE>' => Settings::Get('system.ssl_cert_file'),
+			'<SSL_KEY_FILE>' => Settings::Get('system.ssl_key_file'),
+			'<ADMIN_MAIL>' => Settings::Get('panel.adminmail'),
 		];
 
 		$commands_pre = "";

lib/Froxlor/Cron/Dns/Bind.php

@@ -55,18 +55,17 @@ class Bind extends DnsBase
 		$domains = $this->getDomainList();
 
 		if (empty($domains)) {
-			$this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'No domains found for nameserver-config, skipping...');
-			return;
-		}
-
-		$this->bindconf_file = '# ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf' . "\n" . '# Created ' . date('d.m.Y H:i') . "\n" . '# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.' . "\n\n";
-
-		foreach ($domains as $domain) {
-			if ($domain['is_child']) {
-				// domains that are subdomains to other main domains are handled by recursion within walkDomainList()
-				continue;
+			$this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'No domains found for nameserver-config, not creating any zones...');
+			$this->bindconf_file = '';
+		} else {
+			$this->bindconf_file = '# ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf' . "\n" . '# Created ' . date('d.m.Y H:i') . "\n" . '# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.' . "\n\n";
+			foreach ($domains as $domain) {
+				if ($domain['is_child']) {
+					// domains that are subdomains to other main domains are handled by recursion within walkDomainList()
+					continue;
+				}
+				$this->walkDomainList($domain, $domains);
 			}
-			$this->walkDomainList($domain, $domains);
 		}
 
 		$bindconf_file_handler = fopen(FileDir::makeCorrectFile(Settings::Get('system.bindconf_directory') . '/froxlor_bind.conf'), 'w');

lib/Froxlor/Cron/Dns/DnsBase.php

@@ -244,7 +244,7 @@ abstract class DnsBase
 				'zonefile' => '',
 				'froxlorhost' => '1'
 			];
-			$domains['none'] = $hostname_arr;
+			$domains[0] = $hostname_arr;
 		}
 
 		if (empty($domains)) {

lib/Froxlor/Cron/Dns/PowerDNS.php

@@ -45,18 +45,16 @@ class PowerDNS extends DnsBase
 		$this->clearZoneTables($domains);
 
 		if (empty($domains)) {
-			$this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'No domains found for nameserver-config, skipping...');
-			return;
-		}
-
-		foreach ($domains as $domain) {
-			if ($domain['is_child']) {
-				// domains that are subdomains to other main domains are handled by recursion within walkDomainList()
-				continue;
+			$this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'No domains found for nameserver-config, not creating any zones...');
+		} else {
+			foreach ($domains as $domain) {
+				if ($domain['is_child']) {
+					// domains that are subdomains to other main domains are handled by recursion within walkDomainList()
+					continue;
+				}
+				$this->walkDomainList($domain, $domains);
 			}
-			$this->walkDomainList($domain, $domains);
 		}
-
 		$this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'PowerDNS database updated');
 		$this->reloadDaemon();
 		$this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Task4 finished');

lib/Froxlor/Cron/Http/DomainSSL.php

@@ -43,23 +43,29 @@ class DomainSSL
 	 *            domain-array as reference so we can set the corresponding array-indices
 	 *
 	 * @return null
+	 * @throws \Exception
 	 */
 	public function setDomainSSLFilesArray(array &$domain = null)
 	{
 		// check if the domain itself has a certificate defined
 		$dom_certs_stmt = Database::prepare("
-			SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :domid
+			SELECT s.*, d.domain
+			FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` s
+			LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` d ON d.id = s.domainid
+			WHERE s.`domainid` = :domid
 		");
 		$dom_certs = Database::pexecute_first($dom_certs_stmt, [
 			'domid' => $domain['id']
 		]);
 
+		$parent_certificate = false;
 		if (!is_array($dom_certs) || !isset($dom_certs['ssl_cert_file']) || $dom_certs['ssl_cert_file'] == '') {
 			// maybe its parent?
 			if (isset($domain['parentdomainid']) && $domain['parentdomainid'] != 0) {
 				$dom_certs = Database::pexecute_first($dom_certs_stmt, [
 					'domid' => $domain['parentdomainid']
 				]);
+				$parent_certificate = true;
 			}
 		}
 
@@ -73,8 +79,8 @@ class DomainSSL
 			}
 			// make correct files for the certificates
 			$ssl_files = [
-				'ssl_cert_file' => FileDir::makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '.crt'),
-				'ssl_key_file' => FileDir::makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '.key')
+				'ssl_cert_file' => FileDir::makeCorrectFile($sslcertpath . '/' . ($parent_certificate ? $dom_certs['domain'] : $domain['domain']) . '.crt'),
+				'ssl_key_file' => FileDir::makeCorrectFile($sslcertpath . '/' . ($parent_certificate ? $dom_certs['domain'] : $domain['domain']) . '.key')
 			];
 
 			if (!$this->validateCertificate($dom_certs)) {
@@ -93,19 +99,19 @@ class DomainSSL
 			$ssl_files['ssl_cert_chainfile'] = '';
 			// set them if they are != empty
 			if ($dom_certs['ssl_ca_file'] != '') {
-				$ssl_files['ssl_ca_file'] = FileDir::makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '_CA.pem');
+				$ssl_files['ssl_ca_file'] = FileDir::makeCorrectFile($sslcertpath . '/' . ($parent_certificate ? $dom_certs['domain'] : $domain['domain']) . '_CA.pem');
 			}
 			if ($dom_certs['ssl_cert_chainfile'] != '') {
 				if (Settings::Get('system.webserver') == 'nginx') {
 					// put ca.crt in my.crt, as nginx does not support a separate chain file.
 					$dom_certs['ssl_cert_file'] = trim($dom_certs['ssl_cert_file']) . "\n" . trim($dom_certs['ssl_cert_chainfile']) . "\n";
 				} else {
-					$ssl_files['ssl_cert_chainfile'] = FileDir::makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '_chain.pem');
+					$ssl_files['ssl_cert_chainfile'] = FileDir::makeCorrectFile($sslcertpath . '/' . ($parent_certificate ? $dom_certs['domain'] : $domain['domain']) . '_chain.pem');
 				}
 			}
 			// will only be generated to be used externally, froxlor does not need this
 			if ($dom_certs['ssl_fullchain_file'] != '') {
-				$ssl_files['ssl_fullchain_file'] = FileDir::makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '_fullchain.pem');
+				$ssl_files['ssl_fullchain_file'] = FileDir::makeCorrectFile($sslcertpath . '/' . ($parent_certificate ? $dom_certs['domain'] : $domain['domain']) . '_fullchain.pem');
 			}
 			// create them on the filesystem
 			foreach ($ssl_files as $type => $filename) {
@@ -131,7 +137,7 @@ class DomainSSL
 		return;
 	}
 
-	private function validateCertificate($dom_certs = [])
+	private function validateCertificate($dom_certs = []): bool
 	{
 		return openssl_x509_check_private_key($dom_certs['ssl_cert_file'], $dom_certs['ssl_key_file']);
 	}

lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php

@@ -26,6 +26,7 @@
 namespace Froxlor\Cron\Http\LetsEncrypt;
 
 use Froxlor\Cron\FroxlorCron;
+use Froxlor\Cron\TaskId;
 use Froxlor\Database\Database;
 use Froxlor\Domain\Domain;
 use Froxlor\FileDir;
@@ -83,7 +84,7 @@ class AcmeSh extends FroxlorCron
 			$renew_domains = self::renewDomains(true);
 			if ($issue_froxlor || !empty($issue_domains) || !empty($renew_froxlor) || $renew_domains) {
 				// insert task to generate certificates and vhost-configs
-				Cronjob::inserttask(1);
+				Cronjob::inserttask(TaskId::REBUILD_VHOST);
 			}
 			return 0;
 		}
@@ -203,7 +204,7 @@ class AcmeSh extends FroxlorCron
 		// This is easiest done by just creating a new task ;)
 		if ($changedetected) {
 			if (self::$no_inserttask == false) {
-				Cronjob::inserttask(1);
+				Cronjob::inserttask(TaskId::REBUILD_VHOST);
 			}
 			FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Let's Encrypt certificates have been updated");
 		} else {

lib/Froxlor/Cron/Traffic/TrafficCron.php

@@ -47,7 +47,7 @@ class TrafficCron extends FroxlorCron
 
 	public static function run()
 	{
-		self::runFork([self::class, 'handle']);
+		self::runFork([self::class, 'handle'], [true]);
 	}
 
 	public static function handle()
@@ -163,14 +163,14 @@ class TrafficCron extends FroxlorCron
 
 			if (isset($domainlist[$row['customerid']]) && is_array($domainlist[$row['customerid']]) && count($domainlist[$row['customerid']]) != 0) {
 				// Examining which caption to use for default webalizer stats...
-				if ($row['standardsubdomain'] != '0') {
+				if ($row['standardsubdomain'] != '0' && isset($domainlist[$row['customerid']][$row['standardsubdomain']])) {
 					// ... of course we'd prefer to use the standardsubdomain ...
 					$caption = $domainlist[$row['customerid']][$row['standardsubdomain']];
 				} else {
 					// ... but if there is no standardsubdomain, we have to use the loginname ...
 					$caption = $row['loginname'];
 
-					// ... which results in non-usable links to files in the stats, so lets have a look if we find a domain which is not speciallogfiledomain
+					// ... which results in non-usable links to files in the stats, so let's have a look if we find a domain which is not speciallogfiledomain
 					foreach ($domainlist[$row['customerid']] as $domainid => $domain) {
 						if (!isset($speciallogfile_domainlist[$row['customerid']]) || !isset($speciallogfile_domainlist[$row['customerid']][$domainid])) {
 							$caption = $domain;
@@ -193,6 +193,8 @@ class TrafficCron extends FroxlorCron
 							} else {
 								$httptraffic += floatval(self::callWebalizerGetTraffic($row['loginname'] . '-' . $domain, $row['documentroot'] . '/webalizer/' . $domain . '/', $domain, $domainlist[$row['customerid']]));
 							}
+							// kind of a keep-alive-call as this unsets the link which leads to a new connection to the database
+							Database::needRoot();
 						}
 					}
 				}
@@ -210,6 +212,8 @@ class TrafficCron extends FroxlorCron
 				} else {
 					$httptraffic += floatval(self::callWebalizerGetTraffic($row['loginname'], $row['documentroot'] . '/webalizer/', $caption, $domainlist[$row['customerid']]));
 				}
+				// kind of a keep-alive-call as this unsets the link which leads to a new connection to the database
+				Database::needRoot();
 
 				// make the stuff readable for the customer, #258
 				Statistics::makeChownWithNewStats($row);
@@ -618,7 +622,7 @@ class TrafficCron extends FroxlorCron
 			$format = Settings::Get('system.logfiles_type') == '2' ? 'VCOMBINED' : 'COMBINED';
 			$monthyear = $monthyear_arr['month'] . '/' . $monthyear_arr['year'];
 			$return_value = false;
-			FileDir::safe_exec("grep '" . $monthyear . "' " . escapeshellarg($logfile) . " | goaccess " . $keep_params . " --db-path=" . escapeshellarg($outputdir) . " -o " . escapeshellarg($outputdir . '.tmp.json') . " -o " . escapeshellarg($outputdir . 'index.html') . " --html-report-title=" . escapeshellarg($caption) . " --log-format=" . $format . " - ", $return_value, ['|']);
+			FileDir::safe_exec("grep '" . $monthyear . "' " . escapeshellarg($logfile) . " | goaccess " . $keep_params . " --db-path=" . escapeshellarg($outputdir) . " -o " . escapeshellarg($outputdir . '.tmp.json') . " -o " . escapeshellarg($outputdir . 'index.html') . " --html-report-title=" . escapeshellarg($caption) . " --log-format=" . $format . " --no-parsing-spinner --no-progress - ", $return_value, ['|']);
 
 			if (file_exists($outputdir . '.tmp.json')) {
 				// need jq here because of potentially LARGE json files
@@ -787,6 +791,8 @@ class TrafficCron extends FroxlorCron
 			// 'real' domains and no subdomains which are aliases in the
 			// model-config-file.
 			$returnval += self::awstatsDoSingleDomain($singledomain, $outputdir, $current_stamp);
+			// kind of a keep-alive-call as this unsets the link which leads to a new connection to the database
+			Database::needRoot();
 		}
 
 		/**

lib/Froxlor/CurrentUser.php

@@ -187,7 +187,8 @@ class CurrentUser
 		if (self::getField('type_2fa') == 1) {
 			// generate code
 			$tfa = new FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname'));
-			$code = $tfa->getCode($tfa->createSecret());
+			$secret = $tfa->createSecret();
+			$code = $tfa->getCode($secret);
 			// set code for user
 			$table = TABLE_PANEL_CUSTOMERS;
 			$uid = 'customerid';
@@ -197,7 +198,7 @@ class CurrentUser
 			}
 			$stmt = Database::prepare("UPDATE $table SET `data_2fa` = :d2fa WHERE `$uid` = :uid");
 			Database::pexecute($stmt, [
-				"d2fa" => $code,
+				"d2fa" => $secret,
 				"uid" => self::getField($uid)
 			]);
 			// build up & send email

lib/Froxlor/Domain/Domain.php

@@ -256,7 +256,7 @@ class Domain
 		]);
 		$result = [];
 		while ($entry = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-			$result = $entry['id'];
+			$result[] = $entry['id'];
 		}
 		return $result;
 	}

lib/Froxlor/Domain/IpAddr.php

@@ -43,9 +43,6 @@ class IpAddr
 
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			if (!isset($system_ipaddress_array[$row['ip']]) && !in_array($row['ip'], $system_ipaddress_array)) {
-				if (filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
-					$row['ip'] = '[' . $row['ip'] . ']';
-				}
 				$system_ipaddress_array[$row['ip']] = $row['ip'];
 			}
 		}

lib/Froxlor/FileDir.php

@@ -257,6 +257,41 @@ class FileDir
 		return $return;
 	}
 
+	/**
+	 * Read unconfigured-domain template from database if exists or fallback to default
+	 *
+	 * @param string $servername
+	 *
+	 * @return string
+	 * @throws Exception
+	 */
+	public static function getUnknownDomainTemplate(string $servername = "")
+	{
+		$result_stmt = Database::prepare("
+			SELECT * FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `templategroup` = 'files' AND `varname` = 'unconfigured_html'
+		");
+		Database::pexecute($result_stmt);
+		if (Database::num_rows() > 0) {
+			$template = $result_stmt->fetch(PDO::FETCH_ASSOC);
+			$replace_arr = [
+				'SERVERNAME' => $servername,
+			];
+			$tpl_content = PhpHelper::replaceVariables($template['value'], $replace_arr);
+			$tpl_ext = $template['file_extension'];
+		} else {
+			$tpl_ext = 'html';
+			$unconfiguredPath = FileDir::makeCorrectFile(Froxlor::getInstallDir() . '/templates/misc/unconfigured/index.html');
+			if (file_exists($unconfiguredPath)) {
+				$tpl_content = file_get_contents($unconfiguredPath);
+			} else {
+				$tpl_content = lng('admin.templates.unconfigured_content_fallback');
+			}
+		}
+		$redirect_file = FileDir::makeCorrectFile(Froxlor::getInstallDir().'/notice.'.$tpl_ext);
+		file_put_contents($redirect_file, $tpl_content);
+		return basename($redirect_file);
+	}
+
 	/**
 	 * store the default index-file in a given destination folder
 	 *
@@ -277,7 +312,7 @@ class FileDir
 	{
 		if ($force || (int)Settings::Get('system.store_index_file_subs') == 1) {
 			$result_stmt = Database::prepare("
-			SELECT `t`.`value`, `c`.`email` AS `customer_email`, `a`.`email` AS `admin_email`, `c`.`loginname` AS `customer_login`, `a`.`loginname` AS `admin_login`
+			SELECT `t`.`value`, `t`.`file_extension`, `c`.`email` AS `customer_email`, `a`.`email` AS `admin_email`, `c`.`loginname` AS `customer_login`, `a`.`loginname` AS `admin_login`
 			FROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c` INNER JOIN `" . TABLE_PANEL_ADMINS . "` AS `a`
 			ON `c`.`adminid` = `a`.`adminid`
 			INNER JOIN `" . TABLE_PANEL_TEMPLATES . "` AS `t`
@@ -300,7 +335,7 @@ class FileDir
 
 				// replaceVariables
 				$htmlcontent = PhpHelper::replaceVariables($template['value'], $replace_arr);
-				$indexhtmlpath = self::makeCorrectFile($destination . '/index.' . Settings::Get('system.index_file_extension'));
+				$indexhtmlpath = self::makeCorrectFile($destination . '/index.' . $template['file_extension']);
 				$index_html_handler = fopen($indexhtmlpath, 'w');
 				fwrite($index_html_handler, $htmlcontent);
 				fclose($index_html_handler);
@@ -308,7 +343,7 @@ class FileDir
 					$logger->logAction(
 						FroxlorLogger::CRON_ACTION,
 						LOG_NOTICE,
-						'Creating \'index.' . Settings::Get('system.index_file_extension') . '\' for Customer \'' . $template['customer_login'] . '\' based on template in directory ' . escapeshellarg($indexhtmlpath)
+						'Creating \'index.' . $template['file_extension'] . '\' for Customer \'' . $template['customer_login'] . '\' based on template in directory ' . escapeshellarg($indexhtmlpath)
 					);
 				}
 			} else {

lib/Froxlor/Froxlor.php

@@ -31,14 +31,16 @@ final class Froxlor
 {
 
 	// Main version variable
-	const VERSION = '2.1.0-rc1';
+	const VERSION = '2.1.6';
 
 	// Database version (YYYYMMDDC where C is a daily counter)
-	const DBVERSION = '202305240';
+	const DBVERSION = '202312120';
 
 	// Distribution branding-tag (used for Debian etc.)
 	const BRANDING = '';
 
+	const DOCS_URL = 'https://docs.froxlor.org/v2.1/';
+
 	/**
 	 * return path to where froxlor is installed, e.g.
 	 * /var/www/froxlor/

lib/Froxlor/FroxlorLogger.php

@@ -104,17 +104,15 @@ class FroxlorLogger
 						self::$ml->pushHandler(new SyslogHandler('froxlor', LOG_USER, Logger::DEBUG));
 						break;
 					case 'file':
+						$setings_logfile = Settings::Get('logger.logfile');
+						if (empty($setings_logfile)) {
+							Settings::Set('logger.logfile', 'froxlor.log');
+						}
 						$logger_logfile = FileDir::makeCorrectFile(Froxlor::getInstallDir() . '/logs/' . Settings::Get('logger.logfile'));
 						// is_writable needs an existing file to check if it's actually writable
-						@touch($logger_logfile);
-						if (empty($logger_logfile) || !is_writable($logger_logfile)) {
-							Settings::Set('logger.logfile', 'froxlor.log');
-							$logger_logfile = FileDir::makeCorrectFile(Froxlor::getInstallDir() . '/logs/froxlor.log');
-							@touch($logger_logfile);
-							if (empty($logger_logfile) || !is_writable($logger_logfile)) {
-								// not writable in our own directory? Skip
-								break;
-							}
+						if (!@touch($logger_logfile) || !is_writable($logger_logfile)) {
+							// not writable in our own directory? Skip
+							break;
 						}
 						self::$ml->pushHandler(new StreamHandler($logger_logfile, Logger::DEBUG));
 						break;

lib/Froxlor/Idna/IdnaWrapper.php

@@ -64,7 +64,7 @@ class IdnaWrapper
 	 */
 	public function encode(string $to_encode): string
 	{
-		$to_encode = $this->isUtf8($to_encode) ? $to_encode : utf8_encode($to_encode);
+		$to_encode = $this->isUtf8($to_encode) ? $to_encode : mb_convert_encoding($to_encode, 'UTF-8');
 		try {
 			return $this->idna_converter->encode($to_encode);
 		} catch (InvalidArgumentException $iae) {

lib/Froxlor/Install/AutoUpdate.php

@@ -51,13 +51,13 @@ class AutoUpdate
 
 	/**
 	 * returns status about whether there is a newer version
-	 * 
+	 *
 	 * 0 = no new version available
 	 * 1 = new version available
 	 * -1 = remote error message
 	 * >1 = local error message
 	 *
-	 * @return int 
+	 * @return int
 	 */
 	public static function checkVersion(): int
 	{
@@ -68,6 +68,12 @@ class AutoUpdate
 				$channel = '';
 				if (Settings::Get('system.update_channel') == 'testing') {
 					$channel = '/testing';
+				} elseif (Settings::Get('system.update_channel') == 'nightly') {
+					if (empty(Froxlor::BRANDING) || substr(Froxlor::BRANDING, 0, 1) == '-') {
+						$channel = '/nightly.0000000';
+					} else {
+						$channel = '/' . substr(Froxlor::BRANDING, 1);
+					}
 				}
 				$latestversion = HttpClient::urlGet(self::UPDATE_URI . Froxlor::VERSION . $channel, true, 3);
 			} catch (Exception $e) {
@@ -81,7 +87,7 @@ class AutoUpdate
 				if (!empty(self::$latestversion['error']) && self::$latestversion['error']) {
 					$result = -1;
 					self::$lasterror = self::$latestversion['message'];
-				} else if (isset(self::$latestversion['has_latest']) && self::$latestversion['has_latest'] == false) {
+				} elseif (isset(self::$latestversion['has_latest']) && self::$latestversion['has_latest'] == false) {
 					$result = 1;
 				}
 			}
@@ -145,6 +151,8 @@ class AutoUpdate
 			$zip->close();
 			// success - remove unused archive
 			@unlink($localArchive);
+			// reset cached version check
+			Settings::Set('system.updatecheck_data', '');
 			// wait a bit before we redirect to be sure
 			sleep(3);
 			return 0;

lib/Froxlor/Install/Install.php

@@ -26,13 +26,14 @@
 namespace Froxlor\Install;
 
 use Exception;
-use PDO;
+use Froxlor\Config\ConfigParser;
+use Froxlor\Froxlor;
 use Froxlor\Install\Install\Core;
+use Froxlor\System\IPTools;
 use Froxlor\UI\Panel\UI;
 use Froxlor\UI\Request;
-use Froxlor\Config\ConfigParser;
 use Froxlor\Validate\Validate;
-use Froxlor\System\IPTools;
+use PDO;
 
 class Install
 {
@@ -41,34 +42,37 @@ class Install
 	public $maxSteps;
 	public $phpVersion;
 	public $formfield;
-	public string $requiredVersion = '7.4.0';
-	public array $requiredExtensions = ['session', 'ctype', 'xml', 'filter', 'posix', 'mbstring', 'curl', 'gmp', 'json', 'gd'];
-	public array $suggestedExtensions = ['bcmath', 'zip', 'gnupg'];
 	public array $suggestions = [];
 	public array $criticals = [];
 	public array $loadedExtensions;
 	public array $supportedOS = [];
 	public array $webserverBackend = [
 		'php-fpm' => 'PHP-FPM',
-		'fcgid' => 'FCGID',
+		'fcgid' => 'FCGID (apache2 only)',
 		'mod_php' => 'mod_php (not recommended)',
 	];
 
 	public function __construct(array $cliData = [])
 	{
+		// set actual php version and extensions
+		$this->phpVersion = phpversion();
+		$this->loadedExtensions = get_loaded_extensions();
+
 		// get all supported OS
 		// show list of available distro's
 		$distros = glob(dirname(__DIR__, 3) . '/lib/configfiles/*.xml');
 		$distributions_select[''] = '-';
-		// read in all the distros
-		foreach ($distros as $distribution) {
-			// get configparser object
-			$dist = new ConfigParser($distribution);
-			// store in tmp array
-			$this->supportedOS[str_replace(".xml", "", strtolower(basename($distribution)))] = $dist->getCompleteDistroName();
+		if (in_array('xml', $this->loadedExtensions)) {
+			// read in all the distros
+			foreach ($distros as $distribution) {
+				// get configparser object
+				$dist = new ConfigParser($distribution);
+				// store in tmp array
+				$this->supportedOS[str_replace(".xml", "", strtolower(basename($distribution)))] = $dist->getCompleteDistroName();
+			}
+			// sort by distribution name
+			asort($this->supportedOS);
 		}
-		// sort by distribution name
-		asort($this->supportedOS);
 
 		// guess distribution and webserver to preselect in formfield
 		$webserverBackend = $this->webserverBackend;
@@ -84,10 +88,6 @@ class Install
 		$this->extendedView = $cliData['extended'] ?? Request::any('extended', 0);
 		$this->maxSteps = count($this->formfield['install']['sections']);
 
-		// set actual php version and extensions
-		$this->phpVersion = phpversion();
-		$this->loadedExtensions = get_loaded_extensions();
-
 		if (empty($cliData)) {
 			// set global variables
 			UI::twig()->addGlobal('install_mode', true);
@@ -99,7 +99,7 @@ class Install
 			}
 
 			// check for url manipulation or wrong step
-			if ((isset($_SESSION['installation']['stepCompleted']) && ($this->currentStep + 1) > ($_SESSION['installation']['stepCompleted'] ?? 0))
+			if ((isset($_SESSION['installation']['stepCompleted']) && $this->currentStep > $_SESSION['installation']['stepCompleted'])
 				|| (!isset($_SESSION['installation']['stepCompleted']) && $this->currentStep > 0)
 			) {
 				$this->currentStep = isset($_SESSION['installation']['stepCompleted']) ? $_SESSION['installation']['stepCompleted'] + 1 : 1;
@@ -136,6 +136,7 @@ class Install
 			'section' => $this->formfield['install']['sections']['step' . $this->currentStep] ?? [],
 			'error' => $error ?? null,
 			'extended' => $this->extendedView,
+			'csrf_token' => Froxlor::genSessionId(20),
 		]);
 
 		// output view
@@ -151,16 +152,14 @@ class Install
 		if ($this->currentStep <= $this->maxSteps) {
 			// Validate user data
 			$validatedData = $this->validateRequest($formfield['sections']['step' . $this->currentStep]['fields']);
-			// Check database connection (
 			if ($this->currentStep == 1) {
+				// Check database connection
 				$this->checkDatabase($validatedData);
-			}
-			// Check validity of admin user data
-			elseif ($this->currentStep == 2) {
+			} elseif ($this->currentStep == 2) {
+				// Check validity of admin user data
 				$this->checkAdminUser($validatedData);
-			}
-			// Check validity of system data
-			elseif ($this->currentStep == 3) {
+			} elseif ($this->currentStep == 3) {
+				// Check validity of system data
 				$this->checkSystem($validatedData);
 			}
 			$validatedData['stepCompleted'] = ($this->currentStep < $this->maxSteps) ? $this->currentStep : ($this->maxSteps - 1);
@@ -192,7 +191,7 @@ class Install
 	private function checkInstallStateFinished(): bool
 	{
 		$core = new Core($_SESSION['installation']);
-		if (isset($_SESSION['installation']['manual_config']) && (int) $_SESSION['installation']['manual_config'] == 1) {
+		if (isset($_SESSION['installation']['manual_config']) && (int)$_SESSION['installation']['manual_config'] == 1) {
 			$core->createUserdataConf();
 			return true;
 		}
@@ -200,7 +199,7 @@ class Install
 		$stmt = $pdo->prepare("SELECT `value` FROM `panel_settings` WHERE `settinggroup` = 'panel' AND `varname` = 'is_configured'");
 		$stmt->execute();
 		$result = $stmt->fetch(PDO::FETCH_ASSOC);
-		if ($result && (int) $result['value'] == 1) {
+		if ($result && (int)$result['value'] == 1) {
 			$core->createUserdataConf();
 			return true;
 		}
@@ -223,7 +222,7 @@ class Install
 		}
 
 		// check for required extensions
-		foreach ($this->requiredExtensions as $requiredExtension) {
+		foreach (Requirements::REQUIRED_EXTENSIONS as $requiredExtension) {
 			if (in_array($requiredExtension, $this->loadedExtensions)) {
 				continue;
 			}
@@ -231,7 +230,7 @@ class Install
 		}
 
 		// check for suggested extensions
-		foreach ($this->suggestedExtensions as $suggestedExtension) {
+		foreach (Requirements::SUGGESTED_EXTENSIONS as $suggestedExtension) {
 			if (in_array($suggestedExtension, $this->loadedExtensions)) {
 				continue;
 			}
@@ -250,11 +249,11 @@ class Install
 	 */
 	private function getInformationText(): string
 	{
-		if (version_compare($this->requiredVersion, PHP_VERSION, "<")) {
+		if (version_compare(Requirements::REQUIRED_VERSION, PHP_VERSION, "<")) {
 			$text = lng('install.phpinfosuccess', [$this->phpVersion]);
 		} else {
-			$text = lng('install.phpinfowarn', [$this->requiredVersion]);
-			$this->criticals[] = lng('install.phpinfoupdate', [$this->phpVersion, $this->requiredVersion]);
+			$text = lng('install.phpinfowarn', [Requirements::REQUIRED_VERSION]);
+			$this->criticals[] = lng('install.phpinfoupdate', [$this->phpVersion, Requirements::REQUIRED_VERSION]);
 		}
 		return $text;
 	}
@@ -302,9 +301,9 @@ class Install
 			throw new Exception(lng('install.errors.nov4andnov6ip'));
 		} elseif (!empty($serveripv4) && (!Validate::validate_ip2($serveripv4, true, '', false, true) || IPTools::is_ipv6($serveripv4))) {
 			throw new Exception(lng('error.invalidip', [$serveripv4]));
-		} elseif (!empty($serveripv6) && (!Validate::validate_ip2($serveripv6, true, '', false, true) || IPTools::is_ipv6($serveripv6) == false)) {
+		} elseif (!empty($serveripv6) && (!Validate::validate_ip2($serveripv6, true, '', false, true) || !IPTools::is_ipv6($serveripv6))) {
 			throw new Exception(lng('error.invalidip', [$serveripv6]));
-		} elseif (!Validate::validateDomain($servername) && !Validate::validateLocalHostname($servername)) {
+		} elseif (!Validate::validateDomain($servername)) {
 			throw new Exception(lng('install.errors.servernameneedstobevalid'));
 		} elseif (posix_getpwnam($httpuser) === false) {
 			throw new Exception(lng('install.errors.websrvuserdoesnotexist'));
@@ -323,6 +322,8 @@ class Install
 		$email = $validatedData['admin_email'] ?? '';
 		$password = $validatedData['admin_pass'] ?? '';
 		$password_confirm = $validatedData['admin_pass_confirm'] ?? '';
+		$useadminmailassender = $validatedData['use_admin_email_as_sender'] ?? '1';
+		$senderemail = $validatedData['sender_email'] ?? '';
 
 		if (!preg_match('/^[^\r\n\t\f\0]*$/D', $name)) {
 			throw new Exception(lng('error.stringformaterror', ['admin_name']));
@@ -330,6 +331,8 @@ class Install
 			throw new Exception(lng('error.loginnameiswrong', [$loginname]));
 		} elseif (empty(trim($email)) || !Validate::validateEmail($email)) {
 			throw new Exception(lng('error.emailiswrong', [$email]));
+		} elseif ((int)$useadminmailassender == 0 && !empty(trim($senderemail)) && !Validate::validateEmail($senderemail)) {
+			throw new Exception(lng('error.emailiswrong', [$senderemail]));
 		} elseif (empty($password) || $password != $password_confirm) {
 			throw new Exception(lng('error.newpasswordconfirmerror'));
 		} elseif ($password == $loginname) {
@@ -410,7 +413,7 @@ class Install
 			} else {
 				$osrf = explode("\n", file_get_contents('/etc/os-release'));
 				foreach ($osrf as $line) {
-					$osrfline = explode("\n", $line);
+					$osrfline = explode("=", $line);
 					if ($osrfline[0] == 'VERSION_CODENAME') {
 						$os_dist['VERSION_CODENAME'] = $osrfline[1];
 					} else if ($osrfline[0] == 'ID') {

lib/Froxlor/Install/Install/Core.php

@@ -301,8 +301,8 @@ class Core
 				/* continue */
 			}
 		}
-		if (version_compare($db_root->getAttribute(PDO::ATTR_SERVER_VERSION), '10.0.0', '>=')) {
-			// mariadb compatibility
+		if (version_compare($db_root->getAttribute(PDO::ATTR_SERVER_VERSION), '8.0.11', '>=')) {
+			// mariadb & mysql8
 			// create user
 			$stmt = $db_root->prepare("CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED BY :password");
 			$stmt->execute([
@@ -314,19 +314,6 @@ class Core
 				"username" => $username,
 				"host" => $access_host
 			]);
-		} elseif (version_compare($db_root->getAttribute(PDO::ATTR_SERVER_VERSION), '8.0.11', '>=')) {
-			// mysql8 compatibility
-			// create user
-			$stmt = $db_root->prepare("CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED WITH mysql_native_password BY :password");
-			$stmt->execute([
-				"password" => $password
-			]);
-			// grant privileges
-			$stmt = $db_root->prepare("GRANT ALL ON `" . $database . "`.* TO :username@:host");
-			$stmt->execute([
-				"username" => $username,
-				"host" => $access_host
-			]);
 		} else {
 			// grant privileges
 			$stmt = $db_root->prepare("GRANT ALL PRIVILEGES ON `" . $database . "`.* TO :username@:host IDENTIFIED BY :password");
@@ -378,7 +365,14 @@ class Core
 
 		$mainip = !empty($this->validatedData['serveripv6']) ? $this->validatedData['serveripv6'] : $this->validatedData['serveripv4'];
 
-		$this->updateSetting($upd_stmt, 'admin@' . $this->validatedData['servername'], 'panel', 'adminmail');
+		if ($this->validatedData['use_admin_email_as_sender'] == '1') {
+			$adminmail_value = $this->validatedData['admin_email'];
+		} elseif ($this->validatedData['use_admin_email_as_sender'] == '0' && !empty($this->validatedData['sender_email'])) {
+			$adminmail_value = $this->validatedData['sender_email'];
+		} else {
+			$adminmail_value = 'admin@' . $this->validatedData['servername'];
+		}
+		$this->updateSetting($upd_stmt, $adminmail_value, 'panel', 'adminmail');
 		$this->updateSetting($upd_stmt, $mainip, 'system', 'ipaddress');
 		if ($this->validatedData['use_ssl']) {
 			$this->updateSetting($upd_stmt, 1, 'system', 'use_ssl');
@@ -576,7 +570,7 @@ class Core
 			'password' => password_hash($this->validatedData['admin_pass'], PASSWORD_DEFAULT),
 			'adminname' => $this->validatedData['admin_name'],
 			'email' => $this->validatedData['admin_email'],
-			'deflang' => 'en' // TODO: set lanuage
+			'deflang' => 'en' // TODO: set language
 		];
 		$ins_stmt = $db_user->prepare("
 			INSERT INTO `" . TABLE_PANEL_ADMINS . "` SET

lib/Froxlor/Install/Requirements.php

@@ -0,0 +1,10 @@
+<?php
+
+namespace Froxlor\Install;
+
+class Requirements
+{
+	const REQUIRED_VERSION = '7.4.0';
+	const REQUIRED_EXTENSIONS = ['session', 'ctype', 'xml', 'filter', 'posix', 'mbstring', 'pdo_mysql', 'curl', 'gmp', 'json', 'gd'];
+	const SUGGESTED_EXTENSIONS = ['bcmath', 'zip', 'gnupg'];
+}

lib/Froxlor/PhpHelper.php

@@ -220,8 +220,11 @@ class PhpHelper
 			if (is_dir($data_dirname)) {
 				$data_dirhandle = opendir($data_dirname);
 				while (false !== ($data_filename = readdir($data_dirhandle))) {
-					if ($data_filename != '.' && $data_filename != '..' && $data_filename != '' && substr($data_filename,
-							-4) == '.php') {
+					if ($data_filename != '.'
+						&& $data_filename != '..'
+						&& $data_filename != ''
+						&& substr($data_filename, -4) == '.php'
+					) {
 						$data_files[] = $data_dirname . $data_filename;
 					}
 				}
@@ -415,8 +418,8 @@ class PhpHelper
 	 */
 	public static function recursive_array_search(
 		string $needle,
-		array $haystack,
-		array &$keys = [],
+		array  $haystack,
+		array  &$keys = [],
 		string $currentKey = ''
 	): bool {
 		foreach ($haystack as $key => $value) {
@@ -458,6 +461,10 @@ class PhpHelper
 			'directory_password',
 			'ftp_password',
 			'mysql_password',
+			'mysql_root_pass',
+			'mysql_unprivileged_pass',
+			'admin_pass',
+			'admin_pass_confirm',
 		];
 		if (!empty($global)) {
 			$tmp = $global;
@@ -557,4 +564,17 @@ class PhpHelper
 		}
 		return $tab . $str;
 	}
+
+	public static function array_merge_recursive_distinct(array &$array1, array &$array2)
+	{
+		$merged = $array1;
+		foreach ($array2 as $key => &$value) {
+			if (is_array($value) && isset($merged[$key]) && is_array($merged[$key])) {
+				$merged[$key] = self::array_merge_recursive_distinct($merged[$key], $value);
+			} else {
+				$merged[$key] = $value;
+			}
+		}
+		return $merged;
+	}
 }

lib/Froxlor/Traffic/Traffic.php

@@ -102,6 +102,14 @@ class Traffic
 			$years_avail = $sel_stmt->fetchAll(\PDO::FETCH_ASSOC);
 		}
 
+		// sort users by total traffic
+		usort($users, function ($user_a, $user_b) {
+			if ($user_a['total'] == $user_b['total']) {
+				return 0;
+			}
+			return ($user_a['total'] < $user_b['total']) ? 1 : -1;
+		});
+
 		return [
 			'metrics' => $metrics,
 			'users' => $users,

lib/Froxlor/UI/Callbacks/Domain.php

@@ -81,7 +81,7 @@ class Domain
 		return lng('domains.aliasdomain') . ' ' . $attributes['fields']['aliasdomain'];
 	}
 
-	public static function domainExternalLinkInfo(array $attributes)
+	public static function domainExternalLinkInfo(array $attributes): string
 	{
 		$result = '';
 		if ($attributes['fields']['parentdomainid'] != 0) {
@@ -89,7 +89,11 @@ class Domain
 		}
 		$result .= '<a href="http://' . $attributes['data'] . '" target="_blank">' . $attributes['data'] . '</a>';
 		// check for statistics if parentdomainid==0 to show stats-link for customers
-		if ((int)UI::getCurrentUser()['adminsession'] == 0 && $attributes['fields']['parentdomainid'] == 0 && $attributes['fields']['deactivated'] == 0) {
+		if ((int)UI::getCurrentUser()['adminsession'] == 0
+			&& $attributes['fields']['parentdomainid'] == 0
+			&& $attributes['fields']['deactivated'] == 0
+			&& preg_match('/^https?:\/\/(.*)/i', $attributes['fields']['documentroot']) == false
+		) {
 			$statsapp = Settings::Get('system.traffictool');
 			$result .= ' <a href="http://' . $attributes['data'] . '/' . $statsapp . '" rel="external" target="_blank" title="' . lng('domains.statstics') . '"><i class="fa-solid fa-chart-line text-secondary"></i></a>';
 		}

lib/Froxlor/UI/Form.php

@@ -193,10 +193,14 @@ class Form
 				if (!$do_show) {
 					$fielddata['note'] = lng('serversettings.option_requires_otp');
 					if (!$otp_enabled_system) {
+						$fielddata['disabled'] = true;
 						$fielddata['note'] .= '<br>' . lng('2fa.2fa_not_activated');
 					} elseif (!$otp_enabled_user) {
+						$fielddata['disabled'] = true;
 						$fielddata['note'] .= '<br>' . lng('2fa.2fa_not_activated_for_user');
 					}
+					// show field in any case
+					$do_show = true;
 				}
 			}
 
@@ -213,7 +217,7 @@ class Form
 	{
 		$returnvalue = [];
 		if (is_array($fielddata) && isset($fielddata['type']) && $fielddata['type'] == 'select') {
-			if ((!isset($fielddata['select_var']) || !is_array($fielddata['select_var']) || empty($fielddata['select_var'])) && (isset($fielddata['option_options_method']))) {
+			if ((!is_array($fielddata['select_var']) || empty($fielddata['select_var'])) && (isset($fielddata['option_options_method']))) {
 				$returnvalue['select_var'] = call_user_func($fielddata['option_options_method']);
 			}
 		}
@@ -232,8 +236,8 @@ class Form
 					if (\Froxlor\Validate\Form::validateFieldDefinition($groupdetails)) {
 						// Prefetch form fields
 						foreach ($groupdetails['fields'] as $fieldname => $fielddetails) {
-							if (!$only_enabledisable || ($only_enabledisable && isset($fielddetails['overview_option']))) {
-								$groupdetails['fields'][$fieldname] = self::arrayMergePrefix($fielddetails, $fielddetails['type'], self::prefetchFormFieldData($fieldname, $fielddetails));
+							if (!$only_enabledisable || isset($fielddetails['overview_option'])) {
+								$groupdetails['fields'][$fieldname] = array_merge($fielddetails, self::prefetchFormFieldData($fieldname, $fielddetails));
 								$form['groups'][$groupname]['fields'][$fieldname] = $groupdetails['fields'][$fieldname];
 							}
 						}
@@ -343,7 +347,7 @@ class Form
 					if (\Froxlor\Validate\Form::validateFieldDefinition($groupdetails)) {
 						// Save fields
 						foreach ($groupdetails['fields'] as $fieldname => $fielddetails) {
-							if (!$only_enabledisable || ($only_enabledisable && isset($fielddetails['overview_option']))) {
+							if (!$only_enabledisable || (isset($fielddetails['overview_option']))) {
 								if (isset($changed_fields[$fieldname])) {
 									if (($saved_field = self::saveFormField($fieldname, $fielddetails, self::manipulateFormFieldData($fieldname, $fielddetails, $changed_fields[$fieldname]))) !== false) {
 										$saved_fields = array_merge($saved_fields, $saved_field);
@@ -360,24 +364,7 @@ class Form
 			// Save form
 			return self::saveForm($form, $saved_fields);
 		}
-	}
-
-	private static function arrayMergePrefix($array1, $key_prefix, $array2)
-	{
-		if (is_array($array1) && is_array($array2)) {
-			if ($key_prefix != '') {
-				foreach ($array2 as $key => $value) {
-					$array1[$key_prefix . '_' . $key] = $value;
-					unset($array2[$key]);
-				}
-				unset($array2);
-				return $array1;
-			} else {
-				return array_merge($array1, $array2);
-			}
-		} else {
-			return $array1;
-		}
+		return false;
 	}
 
 	public static function getFormFieldData($fieldname, $fielddata, &$input)

lib/Froxlor/UI/Panel/UI.php

@@ -321,6 +321,10 @@ class UI
 				}
 			}
 		}
+		// check for template-variant
+		if (preg_match("/([a-z0-9.\-]+)_([a-z0-9.\-]+)/i", $theme, $matches)) {
+			$theme = $matches[1];
+		}
 		if (!file_exists(Froxlor::getInstallDir() . '/templates/' . $theme)) {
 			PhpHelper::phpErrHandler(E_USER_WARNING, "Theme '" . $theme . "' could not be found.", __FILE__, __LINE__);
 			$theme = self::$default_theme;

lib/Froxlor/Validate/Form/Data.php

@@ -35,6 +35,11 @@ class Data
 		return self::validateFormFieldString($fieldname, $fielddata, $newfieldvalue);
 	}
 
+	public static function validateFormFieldPassword($fieldname, $fielddata, $newfieldvalue)
+	{
+		return self::validateFormFieldString($fieldname, $fielddata, $newfieldvalue);
+	}
+
 	public static function validateFormFieldString($fieldname, $fielddata, $newfieldvalue)
 	{
 		if (isset($fielddata['string_delimiter']) && $fielddata['string_delimiter'] != '') {
@@ -210,75 +215,6 @@ class Data
 		}
 	}
 
-	public static function validateFormFieldHiddenString($fieldname, $fielddata, $newfieldvalue)
-	{
-		if (isset($fielddata['string_delimiter']) && $fielddata['string_delimiter'] != '') {
-			$newfieldvalues = explode($fielddata['string_delimiter'], $newfieldvalue);
-			unset($fielddata['string_delimiter']);
-
-			$returnvalue = true;
-			foreach ($newfieldvalues as $single_newfieldvalue) {
-				/**
-				 * don't use tabs in value-fields, #81
-				 */
-				$single_newfieldvalue = str_replace("\t", " ", $single_newfieldvalue);
-				$single_returnvalue = Data::validateFormFieldString($fieldname, $fielddata, $single_newfieldvalue);
-				if ($single_returnvalue !== true) {
-					$returnvalue = $single_returnvalue;
-					break;
-				}
-			}
-		} else {
-			$returnvalue = false;
-
-			/**
-			 * don't use tabs in value-fields, #81
-			 */
-			$newfieldvalue = str_replace("\t", " ", $newfieldvalue);
-
-			if (isset($fielddata['string_type']) && $fielddata['string_type'] == 'mail') {
-				$returnvalue = Validate::validateEmail($newfieldvalue);
-			} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'url') {
-				$returnvalue = Validate::validateUrl($newfieldvalue);
-			} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'dir') {
-				// add trailing slash to validate path if needed
-				// refs #331
-				if (substr($newfieldvalue, -1) != '/') {
-					$newfieldvalue .= '/';
-				}
-				$returnvalue = ($newfieldvalue == FileDir::makeCorrectDir($newfieldvalue));
-			} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'file') {
-				$returnvalue = ($newfieldvalue == FileDir::makeCorrectFile($newfieldvalue));
-			} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'filedir') {
-				$returnvalue = (($newfieldvalue == FileDir::makeCorrectDir($newfieldvalue)) || ($newfieldvalue == FileDir::makeCorrectFile($newfieldvalue)));
-			} elseif (preg_match('/^[^\r\n\t\f\0]*$/D', $newfieldvalue)) {
-				$returnvalue = true;
-			}
-
-			if (isset($fielddata['string_regexp']) && $fielddata['string_regexp'] != '') {
-				if (preg_match($fielddata['string_regexp'], $newfieldvalue)) {
-					$returnvalue = true;
-				} else {
-					$returnvalue = false;
-				}
-			}
-
-			if (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === true && $newfieldvalue === '') {
-				$returnvalue = true;
-			} elseif (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === false && $newfieldvalue === '') {
-				$returnvalue = 'stringmustntbeempty';
-			}
-		}
-
-		if ($returnvalue === true) {
-			return true;
-		} elseif ($returnvalue === false) {
-			return 'stringformaterror';
-		} else {
-			return $returnvalue;
-		}
-	}
-
 	public static function validateFormFieldNumber($fieldname, $fielddata, $newfieldvalue)
 	{
 		if (isset($fielddata['min']) && (int)$newfieldvalue < (int)$fielddata['min']) {
@@ -323,10 +259,16 @@ class Data
 			if (preg_match($fielddata['string_regexp'], $newfieldvalue)) {
 				$returnvalue = true;
 			}
-		} else if (preg_match('/^[^\0]*$/', $newfieldvalue)) {
+		} elseif (preg_match('/^[^\0]*$/', $newfieldvalue)) {
 			$returnvalue = true;
 		}
 
 		return $returnvalue;
 	}
+
+	public static function validateFormFieldImage($fieldname, $fielddata, $newfieldvalue)
+	{
+		// validation is handled in \Froxlor\Settings\Store::storeSettingImage()
+		return true;
+	}
 }

lib/Froxlor/Validate/Validate.php

@@ -176,7 +176,7 @@ class Validate
 		}
 
 		// special case where localhost ip is allowed (mysql-access-hosts for example)
-		if ($allow_localhost && $ip == '127.0.0.1') {
+		if ($allow_localhost && ($ip == '127.0.0.1' || $ip == '::1')) {
 			return $ip . $cidr;
 		}
 
@@ -224,7 +224,7 @@ class Validate
 	 * Check if the submitted string is a valid domainname
 	 *
 	 * @param string $domainname The domainname which should be checked.
-	 * @param bool $allow_underscore optional if true, allowes the underscore character in a domain label (DKIM etc.)
+	 * @param bool $allow_underscore optional if true, allows the underscore character in a domain label (DKIM etc.)
 	 *
 	 * @return string|boolean the domain-name if the domain is valid, false otherwise
 	 */

lib/config.example.inc.php

@@ -9,11 +9,18 @@ return [
 	 * recommended value for debian/ubuntu package users is false to rely on apt and not have version mixup.
 	 * This is also useful for providers that manage the servers but give admin access to froxlor to handle
 	 * updates the way the providers does it (e.g. automation, etc.)
+	 *
+	 * Default: false
 	 */
 	'enable_webupdate' => false,
 
 	/**
-	 * @todo description
+	 * settings that have a major impact on the system or which values are used to be executed with high
+	 * privileges on the system require the admin-user to have set up and enabled OTP for the corresponding
+	 * account to change these values.
+	 * To disable this extra security validation, set the value of this to true
+	 *
+	 * Default: false
 	 */
 	'disable_otp_security_check' => false,
 ];

lib/configfiles/bookworm.xml

@@ -1556,7 +1556,7 @@ noc: root
 security: root
 
 # change this to a valid e-mail address you can access
-root:               root@<SERVERNAME>
+root:               <ADMIN_MAIL>
 ]]>
 							</content>
 						</file>
@@ -2547,6 +2547,7 @@ plugin {
 						</file>
 					</files>
 					<commands index="1">
+						<command><![CDATA[sed -i.bak 's/^!include auth-system.conf.ext/#!include auth-system.conf.ext/' /etc/dovecot/conf.d/10-auth.conf]]></command>
 						<command><![CDATA[service dovecot restart]]></command>
 					</commands>
 				</general>
@@ -3383,6 +3384,11 @@ aliases:     files
 						</visibility>
 						<command><![CDATA[a2dismod php8.2]]></command>
 					</commands>
+					<commands index="5">
+						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
+						</visibility>
+						<command><![CDATA[a2disconf php8.2-fpm]]></command>
+					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
 					<command><![CDATA[php {{const.install_dir}}bin/froxlor-cli froxlor:cron --force]]></command>

lib/configfiles/bullseye.xml

@@ -1556,7 +1556,7 @@ noc: root
 security: root
 
 # change this to a valid e-mail address you can access
-root:               root@<SERVERNAME>
+root:               <ADMIN_MAIL>
 ]]>
 							</content>
 						</file>

lib/configfiles/focal.xml

@@ -1585,7 +1585,7 @@ noc: root
 security: root
 
 # change this to a valid e-mail address you can access
-root:               root@<SERVERNAME>
+root:               <ADMIN_MAIL>
 ]]>
 							</content>
 						</file>

lib/configfiles/gentoo.xml

@@ -1541,7 +1541,7 @@ noc: root
 security: root
 
 # change this to a valid e-mail address you can access
-root:               root@<SERVERNAME>
+root:               <ADMIN_MAIL>
 ]]>
 							</content>
 						</file>

lib/configfiles/jammy.xml

@@ -1585,7 +1585,7 @@ noc: root
 security: root
 
 # change this to a valid e-mail address you can access
-root:               root@<SERVERNAME>
+root:               <ADMIN_MAIL>
 ]]>
 							</content>
 						</file>
@@ -4172,6 +4172,11 @@ aliases:     files
 						</visibility>
 						<command><![CDATA[a2dismod php8.1]]></command>
 					</commands>
+					<commands index="5">
+						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
+						</visibility>
+						<command><![CDATA[a2disconf php8.1-fpm]]></command>
+					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
 					<command><![CDATA[php {{const.install_dir}}bin/froxlor-cli froxlor:cron --force]]></command>

lib/formfields/admin/customer/formfield.customer_add.php

@@ -59,7 +59,7 @@ return [
 						'label' => lng('login.password'),
 						'type' => 'password',
 						'autocomplete' => 'off',
-						'placeholder' => lng('admin.username_default_msg'),
+						'placeholder' => lng('admin.password_default_msg'),
 						'next_to' => [
 							'new_customer_password_suggestion' => [
 								'next_to_prefix' => lng('customer.generated_pwd') . ':',

lib/formfields/admin/templates/formfield.filetemplate_add.php

@@ -38,11 +38,20 @@ return [
 						'type' => 'select',
 						'select_var' => $free_templates
 					],
+					'file_extension' => [
+						'label' => lng('admin.templates.file_extension'),
+						'type' => 'text',
+						'string_regexp' => '/^[a-zA-Z0-9]{1,6}$/',
+						'default' => 'html',
+						'value' => 'html',
+						'mandatory' => true
+					],
 					'filecontent' => [
 						'label' => lng('admin.templates.filecontent'),
 						'type' => 'textarea',
 						'cols' => 60,
-						'rows' => 12
+						'rows' => 12,
+						'mandatory' => true
 					],
 					'filesend' => [
 						'type' => 'hidden',

lib/formfields/admin/templates/formfield.filetemplate_edit.php

@@ -39,12 +39,21 @@ return [
 						'value' => lng('admin.templates.' . $row['varname']),
 						'display' => lng('admin.templates.' . $row['varname'])
 					],
+					'file_extension' => [
+						'label' => lng('admin.templates.file_extension'),
+						'type' => 'text',
+						'string_regexp' => '/^[a-zA-Z0-9]{1,6}$/',
+						'value' => $row['file_extension'],
+						'default' => 'html',
+						'mandatory' => true
+					],
 					'filecontent' => [
 						'label' => lng('admin.templates.filecontent'),
 						'type' => 'textarea',
 						'cols' => 60,
 						'rows' => 12,
-						'value' => $row['value']
+						'value' => $row['value'],
+						'mandatory' => true
 					],
 					'filesend' => [
 						'type' => 'hidden',

lib/formfields/install/formfield.install.php

@@ -143,6 +143,18 @@ return [
 						'mandatory' => true,
 						'value' => old('admin_email', null, 'installation'),
 					],
+					'use_admin_email_as_sender' => [
+						'label' => lng('install.admin.use_admin_email_as_sender'),
+						'type' => 'checkbox',
+						'value' => '1',
+						'checked' => old('use_admin_email_as_sender', '1', 'installation'),
+					],
+					'sender_email' => [
+						'label' => lng('serversettings.adminmail.title'),
+						'placeholder' => lng('install.admin.use_autogenerated_email_as_sender'),
+						'type' => 'email',
+						'value' => old('sender_email', null, 'installation'),
+					],
 				]
 			],
 			'step3' => [

lib/functions.php

@@ -112,9 +112,14 @@ function vite($basehref, array $filenames): string
 			$assetDirectory = '/templates/' . $matches[1] . '/build/';
 			$viteManifest = dirname(__DIR__) . $assetDirectory . '/manifest.json';
 			$manifest = json_decode(file_get_contents($viteManifest), true);
-			$links[] = $basehref . ltrim($assetDirectory, '/') . $manifest[$filename]['file'];
+			if (!empty($manifest[$filename]['file'])) {
+				$links[] = $basehref . ltrim($assetDirectory, '/') . $manifest[$filename]['file'];
+			} else {
+				// additional asset from config.json that was not prebuilt on release (e.g. custom.css)
+				$links[] = $filename;
+			}
 		} else {
-			$links = $filenames;
+			$links[] = $filename;
 		}
 	}
 

lib/init.php

@@ -65,6 +65,7 @@ use Froxlor\UI\Linker;
 use Froxlor\UI\Panel\UI;
 use Froxlor\UI\Request;
 use Froxlor\UI\Response;
+use Froxlor\Install\Requirements;
 
 // include MySQL-tabledefinitions
 require Froxlor::getInstallDir() . '/lib/tables.inc.php';
@@ -114,18 +115,34 @@ if (!isset($sql) || !is_array($sql)) {
 /**
  * Show nice note if requested domain is "unknown" to froxlor and thus is being lead to its vhost
  */
-if ($_SERVER['HTTP_HOST'] != Settings::Get('system.hostname') &&
-		!filter_var($_SERVER['HTTP_HOST'], FILTER_VALIDATE_IP) && (
+$req_host = UI::getCookieHost();
+if ($req_host != Settings::Get('system.hostname') &&
+	    Settings::Get('panel.is_configured') == 1 &&
+		!filter_var($req_host, FILTER_VALIDATE_IP) && (
 		empty(Settings::Get('system.froxloraliases')) ||
-		(!empty(Settings::Get('system.froxloraliases')) && !in_array($_SERVER['HTTP_HOST'], array_map('trim', explode(',', Settings::Get('system.froxloraliases')))))
+		(!empty(Settings::Get('system.froxloraliases')) && !in_array($req_host, array_map('trim', explode(',', Settings::Get('system.froxloraliases')))))
 )) {
 	// not the froxlor system-hostname, show info page for domains not configured in froxlor
-	$unconfiguredPath = FileDir::makeCorrectFile(Froxlor::getInstallDir() . '/templates/misc/unconfigured/index.html');
-	if (file_exists($unconfiguredPath)) {
-		echo file_get_contents($unconfiguredPath);
-	} else {
-		echo "This domain requires configuration via the froxlor server management panel, as it is currently not assigned to any customer.";
+	$redirect_file = FileDir::getUnknownDomainTemplate($req_host ?? "non-detectable http-host");
+	header('Location: '.$redirect_file);
+	die();
+}
+
+// validate php-extensions requirements
+$loadedExtensions = get_loaded_extensions();
+$missingExtensions = [];
+foreach (Requirements::REQUIRED_EXTENSIONS as $requiredExtension) {
+	if (in_array($requiredExtension, $loadedExtensions)) {
+		continue;
 	}
+	$missingExtensions[] = $requiredExtension;
+}
+if (!empty($missingExtensions)) {
+	UI::twig()->addGlobal('install_mode', '1');
+	echo UI::twig()->render($_deftheme . '/misc/missingextensionhint.html.twig', [
+		'phpversion' => phpversion(),
+		'missing_extensions' => implode(", ", $missingExtensions),
+	]);
 	die();
 }
 
@@ -187,7 +204,7 @@ if (Update::versionInUpdate(Settings::Get('panel.version'), '2.0.0-beta1')) {
 
 // Check if a different variant of the theme is used
 $themevariant = "default";
-if (preg_match("/([a-z0-9\.\-]+)_([a-z0-9\.\-]+)/i", $theme, $matches)) {
+if (preg_match("/([a-z0-9.\-]+)_([a-z0-9.\-]+)/i", $theme, $matches)) {
 	$theme = $matches[1];
 	$themevariant = $matches[2];
 }
@@ -208,7 +225,7 @@ if (is_array($_themeoptions) && (!array_key_exists('variants', $_themeoptions) |
 }
 
 if (array_key_exists('global', $_themeoptions)) {
-	$_themeoptions['variants'][$themevariant] = array_merge_recursive($_themeoptions['variants'][$themevariant], $_themeoptions['global']);
+	$_themeoptions['variants'][$themevariant] = PhpHelper::array_merge_recursive_distinct($_themeoptions['global'], $_themeoptions['variants'][$themevariant]);
 }
 
 // check for custom header-graphic
@@ -346,6 +363,7 @@ if (CurrentUser::hasSession()) {
 	if (in_array($_SERVER['REQUEST_METHOD'], ['POST', 'PUT', 'PATCH', 'DELETE'])) {
 		$current_token = $_POST['csrf_token'] ?? $_SERVER['HTTP_X_CSRF_TOKEN'] ?? null;
 		if ($current_token != CurrentUser::getField('csrf_token')) {
+			http_response_code(403);
 			Response::dynamicError('CSRF validation failed');
 		}
 	}
@@ -359,4 +377,6 @@ if (CurrentUser::hasSession()) {
 		'samesite' => 'Strict'
 	];
 	setcookie(session_name(), $_COOKIE[session_name()], $cookie_params);
+} else {
+	UI::twig()->addGlobal('csrf_token', Froxlor::genSessionId(20));
 }

lib/navigation/00.froxlor.main.php

@@ -161,13 +161,13 @@ return [
 			'show_element' => (!Settings::IsInList('panel.customer_hide_options', 'misc.documentation')),
 			'elements' => [
 				[
-					'url' => 'https://docs.froxlor.org/v2/user-guide/',
+					'url' => \Froxlor\Froxlor::DOCS_URL . 'user-guide/',
 					'label' => lng('admin.userguide'),
 					'new_window' => true,
 					'is_external' => true,
 				],
 				[
-					'url' => 'https://docs.froxlor.org/v2/api-guide/',
+					'url' => \Froxlor\Froxlor::DOCS_URL . 'api-guide/',
 					'label' => lng('admin.apiguide'),
 					'new_window' => true,
 					'show_element' => Settings::Get('api.enabled') == 1 && CurrentUser::getField('api_allowed') == 1,
@@ -348,13 +348,13 @@ return [
 			'icon' => 'fa-solid fa-circle-info',
 			'elements' => [
 				[
-					'url' => 'https://docs.froxlor.org/v2/admin-guide/',
+					'url' => \Froxlor\Froxlor::DOCS_URL . 'admin-guide/',
 					'label' => lng('admin.adminguide'),
 					'new_window' => true,
 					'is_external' => true,
 				],
 				[
-					'url' => 'https://docs.froxlor.org/v2/api-guide/',
+					'url' => \Froxlor\Froxlor::DOCS_URL . 'api-guide/',
 					'label' => lng('admin.apiguide'),
 					'new_window' => true,
 					'show_element' => Settings::Get('api.enabled') == 1,

lib/tablelisting/admin/tablelisting.phpconfigs.php

@@ -49,6 +49,7 @@ return [
 				'field' => 'domains',
 				'callback' => [PHPConf::class, 'domainList'],
 				'searchable' => false,
+				'sortable' => false,
 			],
 			'fpmdesc' => [
 				'label' => lng('admin.phpsettings.fpmdesc'),

lng/de.lng.php

@@ -67,6 +67,7 @@ return [
 		'customer_add' => 'Kunden anlegen',
 		'customer_edit' => 'Kunden bearbeiten',
 		'username_default_msg' => 'Leer lassen für automatische Benutzername-Vergabe',
+		'password_default_msg' => 'Leer lassen für Passwortgenerierung',
 		'domains' => 'Domains',
 		'domain_add' => 'Domain anlegen',
 		'domain_edit' => 'Domain bearbeiten',
@@ -140,12 +141,18 @@ return [
 			'TRAFFICUSED' => 'Wird mit Traffic, der vom Kunden bereits verbraucht wurde, ersetzt.',
 			'pop_success_alternative' => 'Willkommensmail für neue E-Mail-Konten für die alternative E-Mail-Adresse',
 			'EMAIL_PASSWORD' => 'Wird mit dem Passwort des neuen POP3/IMAP Kontos ersetzt.',
-			'index_html' => 'index.html Datei für neu erzeugte Kundenverzeichnisse',
+			'index_html' => 'index Datei für neu erzeugte Kundenverzeichnisse',
+			'unconfigured_html' => 'index Datei für unkonfigurierte/unbekannte Domains',
+			'unconfigured_content_fallback' => 'Diese Domain muss über das Froxlor-Serververwaltungspanel konfiguriert werden, da sie derzeit keinem Kunden zugewiesen ist.',
+			'file_extension' => [
+				'description' => 'Die Dateiendung für die index Datei muss zwischen 1 und 6 Zeichen lang sein und darf nur aus den Zeichen a-z, A-Z und 0-9 bestehen<br><br>Standard: html',
+				'title' => 'Dateiendung für Datei Vorlage',
+			],
 			'SERVERNAME' => 'Wird mit dem Servernamen ersetzt.',
-			'CUSTOMER' => 'Wird mit dem Loginnamen des Kunden ersetzt.',
-			'ADMIN' => 'Wird mit dem Loginnamen des Admins ersetzt.',
-			'CUSTOMER_EMAIL' => 'Wird mit der E-Mail-Adresse des Kunden ersetzt.',
-			'ADMIN_EMAIL' => 'Wird mit der E-Mail-Adresse des Admin ersetzt.',
+			'CUSTOMER' => 'Wird mit dem Loginnamen des Kunden ersetzt. Nur für "index Datei für neu erzeugte Kundenverzeichnisse".',
+			'ADMIN' => 'Wird mit dem Loginnamen des Admins ersetzt. Nur für "index Datei für neu erzeugte Kundenverzeichnisse".',
+			'CUSTOMER_EMAIL' => 'Wird mit der E-Mail-Adresse des Kunden ersetzt. Nur für "index Datei für neu erzeugte Kundenverzeichnisse".',
+			'ADMIN_EMAIL' => 'Wird mit der E-Mail-Adresse des Admin ersetzt. Nur für "index Datei für neu erzeugte Kundenverzeichnisse".',
 			'filetemplates' => 'Dateivorlagen',
 			'filecontent' => 'Dateiinhalt',
 			'new_database_by_customer' => 'Kunden-Benachrichtigungs nach Erstellung einer neuen Datenbank',
@@ -831,7 +838,6 @@ return [
 		'descriptioninvalid' => 'Der Beschreibungstext ist zu kurz, zu lang oder enthält ungültige Zeichen',
 		'info' => 'Info',
 		'filecontentnotset' => 'Diese Datei darf nicht leer sein!',
-		'index_file_extension' => 'Die Dateiendung für die index Datei muss zwischen 1 und 6 Zeichen lang sein und darf nur aus den Zeichen a-z, A-Z und 0-9 bestehen',
 		'customerdoesntexist' => 'Der ausgewählte Kunde existiert nicht.',
 		'admindoesntexist' => 'Der ausgewählte Admin existiert nicht.',
 		'ipportdoesntexist' => 'Die gewählte IP/Port-Kombination existiert nicht.',
@@ -920,6 +926,7 @@ return [
 		'dns_duplicate_entry' => 'Eintrag existiert bereits',
 		'dns_notfoundorallowed' => 'Domain nicht gefunden oder keine Berechtigung',
 		'domain_nopunycode' => 'Die Eingabe von Punycode (IDNA) ist nicht notwendig. Die Domain wird automatisch konvertiert.',
+		'domain_noipaddress' => 'Eine IP-Adresse kann nicht als Domain angelegt werden',
 		'dns_record_toolong' => 'Records/Labels können maximal 63 Zeichen lang sein',
 		'noipportgiven' => 'Keine IP/Port angegeben',
 		'nosslippportgiven' => 'Wenn SSL aktiviert ist, muss eine SSL IP/Port angegeben werden',
@@ -1308,6 +1315,8 @@ Vielen Dank, Ihr Administrator',
 		'dnsentry_reallydelete' => 'Wollen Sie den DNS-Eintrag wirklich löschen?',
 		'certificate_reallydelete' => 'Wollen Sie diese Zertifikat wirklich löschen?',
 		'cache_reallydelete' => 'Wollen Sie den Cache wirklich leeren?',
+		'please_enter_otp' => 'Bitte 2FA Code eingeben',
+		'admin_mysqlserver_reallydelete' => 'Wollen Sie wirklich diesen MySQL-Server löschen?',
 	],
 	'serversettings' => [
 		'session_timeout' => [
@@ -1608,10 +1617,6 @@ Vielen Dank, Ihr Administrator',
 			'removelink' => 'Hier klicken, um alle E-Mail-Kontingente zu entfernen',
 			'enforcelink' => 'Hier klicken, um allen Benutzern das Standard-Kontingent zu zuweisen.',
 		],
-		'index_file_extension' => [
-			'description' => 'Welche Dateiendung soll die index Datei in neu erstellten Kundenverzeichnissen haben? Diese Dateiendung wird dann verwendet, wenn Sie bzw. einer Ihrer Admins eigene index Dateivorlagen erstellt haben.',
-			'title' => 'Dateiendung für index Datei in neu erstellen Kundenverzeichnissen',
-		],
 		'session_allow_multiple_login' => [
 			'title' => 'Erlaube gleichzeitigen Login',
 			'description' => 'Wenn diese Option aktiviert ist, können sich Nutzer mehrmals gleichzeitig anmelden.',
@@ -2240,7 +2245,7 @@ Vielen Dank, Ihr Administrator',
 		'database' => [
 			'top' => 'Datenbank',
 			'title' => 'Datenbank und Benutzer erstellen',
-			'description' => 'Froxlor benötigt eine Datenbank und zusätzlich einen Benutzer mit privilegierten Rechten, welcher Benutzer und Datenbanken erstellen darf (GRANT Option). Die angegebene Datenbank und der unprivilegierte Benutzer werden automatisch in diesem Prozess erstellt. Der privilegierte Benutzer muss existieren.',
+			'description' => 'Froxlor benötigt eine Datenbank und zusätzlich <a href="https://docs.froxlor.org/latest/general/installation/tarball.html#_3-create-privileged-database-user" target="_blank">einen Benutzer mit privilegierten Rechten</a>, welcher Benutzer und Datenbanken erstellen darf (GRANT Option). Die angegebene Datenbank und der unprivilegierte Benutzer werden automatisch in diesem Prozess erstellt. Der privilegierte Benutzer muss existieren.',
 			'user' => 'Unprivilegierter Datenbank Benutzer',
 			'dbname' => 'Datenbank Name',
 			'force_create' => 'Sichern und überschreiben, sofern Datenbank existiert?',
@@ -2249,6 +2254,8 @@ Vielen Dank, Ihr Administrator',
 			'top' => 'Admin Konto',
 			'title' => 'Erstellen des Haupt-Administrators.',
 			'description' => 'Dieser Benutzer erhält alle Berechtigungen zur Anpassungen von Einstellungen und Erstellen/Bearbeiten/Löschen von Resourcen wie Kunden, Domains, etc.',
+			'use_admin_email_as_sender' => 'Verwende die oben angegebene E-Mail-Adresse als Absenderadresse. Wenn die Option deaktiviert ist, geben Sie unten bitte eine Absenderadresse an.',
+			'use_autogenerated_email_as_sender' => 'Leer lassen für Standard: admin@servername',
 		],
 		'system' => [
 			'top' => 'System Setup',
@@ -2263,7 +2270,7 @@ Vielen Dank, Ihr Administrator',
 		'install' => [
 			'top' => 'Abschluss',
 			'title' => 'Ein letzter Schritt...',
-			'description' => 'Der untenstehende Befehl lädt, installiert und konfiguriert die benötigten Dienste auf dem System aufgrund der Angaben die während des Installationsprozessen gesammelt wurden.<br><br><span class="text-danger">Führe die gezeigten Befehle als <b>root</b> in der Shell/Konsole des Servers aus.</span>',
+			'description' => 'Der untenstehende Befehl lädt, installiert und konfiguriert die benötigten Dienste auf dem System aufgrund der Angaben die während des Installationsprozessen gesammelt wurden.<br><br><span class="text-danger">Führe die gezeigten Befehle als <b>root</b> in der Shell/Konsole des Servers aus. <b>Beachte bitte</b> das dieser Befehl vorhandene Konfigurationen <b>überschreibt</b> (Sicherungsdateien werden erstellt)!<br>Sollte dies nicht gewünscht sein, wähle <i>Ich werden die Dienste manuell konfigurieren</i> am Ende dieser Seite.</span>',
 			'runcmd' => 'Folgende Befehle ausführen, um die Installation abzuschließen:',
 			'manual_config' => 'Ich werden die Dienste manuell konfigurieren, direkt zum Login umleiten',
 			'waitforconfig' => 'Warte auf Abschluss der Dienstkonfiguration...',

lng/en.lng.php

@@ -68,6 +68,7 @@ return [
 		'customer_add' => 'Create customer',
 		'customer_edit' => 'Edit customer',
 		'username_default_msg' => 'Leave empty for autogenerated value',
+		'password_default_msg' => 'Autogenerated if empty',
 		'domains' => 'Domains',
 		'domain_add' => 'Create domain',
 		'domain_edit' => 'Edit domain',
@@ -144,11 +145,17 @@ return [
 			'pop_success_alternative' => 'Welcome mail for new email accounts sent to alternative address',
 			'EMAIL_PASSWORD' => 'Replaced with the POP3/IMAP account password.',
 			'index_html' => 'index file for newly created customer directories',
+			'unconfigured_html' => 'index file for unconfigured/unknown domains',
+			'unconfigured_content_fallback' => 'This domain requires configuration via the froxlor server management panel, as it is currently not assigned to any customer.',
+			'file_extension' => [
+				'description' => 'The file extension for the index file must be between 1 and 6 characters long. The extension can only contain characters like a-z, A-Z and 0-9<br><br>Default: html',
+				'title' => 'File extension for the file template',
+			],
 			'SERVERNAME' => 'Replaced with the servername.',
-			'CUSTOMER' => 'Replaced with the loginname of the customer.',
-			'ADMIN' => 'Replaced with the loginname of the admin.',
-			'CUSTOMER_EMAIL' => 'Replaced with the e-mail address of the customer.',
-			'ADMIN_EMAIL' => 'Replaced with the e-mail address of the admin.',
+			'CUSTOMER' => 'Replaced with the loginname of the customer. Only for "index file for newly created customer directories"',
+			'ADMIN' => 'Replaced with the loginname of the admin. Only for "index file for newly created customer directories"',
+			'CUSTOMER_EMAIL' => 'Replaced with the e-mail address of the customer. Only for "index file for newly created customer directories"',
+			'ADMIN_EMAIL' => 'Replaced with the e-mail address of the admin. Only for "index file for newly created customer directories"',
 			'filetemplates' => 'File templates',
 			'filecontent' => 'File content',
 			'new_database_by_customer' => 'Customer-notification when a database has been created',
@@ -903,7 +910,6 @@ return [
 		'descriptioninvalid' => 'The description is too short, too long or contains illegal characters.',
 		'info' => 'Info',
 		'filecontentnotset' => 'The file cannot be empty!',
-		'index_file_extension' => 'The file extension for the index file must be between 1 and 6 characters long. The extension can only contain characters like a-z, A-Z and 0-9',
 		'customerdoesntexist' => 'The customer you have chosen doesn\'t exist.',
 		'admindoesntexist' => 'The admin you have chosen doesn\'t exist.',
 		'ipportdoesntexist' => 'The ip/port combination you have chosen doesn\'t exist.',
@@ -992,6 +998,7 @@ return [
 		'dns_duplicate_entry' => 'Record already exists',
 		'dns_notfoundorallowed' => 'Domain not found or no permission',
 		'domain_nopunycode' => 'You must not specify punycode (IDNA). The domain will automatically be converted',
+		'domain_noipaddress' => 'Cannot add an IP address as domain',
 		'dns_record_toolong' => 'Records/labels can only be up to 63 characters',
 		'noipportgiven' => 'No IP/port given',
 		'nosslippportgiven' => 'When enabling SSL you need to select a SSL IP/port',
@@ -1423,6 +1430,8 @@ Yours sincerely, your administrator',
 		'dnsentry_reallydelete' => 'Do you really want to delete this zone entry?',
 		'certificate_reallydelete' => 'Do you really want to delete this certificate?',
 		'cache_reallydelete' => 'Do you really want to clear the cache?',
+		'please_enter_otp' => 'Please enter 2FA code',
+		'admin_mysqlserver_reallydelete' => 'Do you really want to delete this MySQL-server?',
 	],
 	'redirect_desc' => [
 		'rc_default' => 'default',
@@ -1730,10 +1739,6 @@ Yours sincerely, your administrator',
 			'removelink' => 'Click here to wipe all quotas for mail accounts.',
 			'enforcelink' => 'Click here to enforce default quota to all User mail accounts.',
 		],
-		'index_file_extension' => [
-			'description' => 'Which file extension should be used for the index file in newly created customer directories? This file extension will be used, if you or one of your admins has created its own index file template.',
-			'title' => 'File extension for index file in newly created customer directories',
-		],
 		'session_allow_multiple_login' => [
 			'title' => 'Allow multiple login',
 			'description' => 'If activated a user could login multiple times.',
@@ -2208,6 +2213,7 @@ Yours sincerely, your administrator',
 		],
 		'uc_stable' => 'stable',
 		'uc_testing' => 'testing',
+		'uc_nightly' => 'nightly',
 		'traffictool' => [
 			'toolselect' => 'Traffic analyzer',
 			'webalizer' => 'Webalizer',
@@ -2375,7 +2381,7 @@ Yours sincerely, your administrator',
 		'database' => [
 			'top' => 'Database',
 			'title' => 'Create database and user',
-			'description' => 'Froxlor requires a database and additionally a privileged user to be able to create users and databases (GRANT option). The given database and unprivileged database-user will be created in this process. The privileged user must exist.',
+			'description' => 'Froxlor requires a database and additionally <a href="https://docs.froxlor.org/latest/general/installation/tarball.html#_3-create-privileged-database-user" target="_blank">a privileged user</a> to be able to create users and databases (GRANT option). The given database and unprivileged database-user will be created in this process. The privileged user must exist.',
 			'user' => 'Unprivileged database user',
 			'dbname' => 'Database name',
 			'force_create' => 'Backup and overwrite database if exists?',
@@ -2384,6 +2390,8 @@ Yours sincerely, your administrator',
 			'top' => 'Admin user',
 			'title' => 'Let\'s create the main administrator user.',
 			'description' => 'This user will be granted all privileges to adjust settings and add/update/delete resources like customers, domains, etc.',
+			'use_admin_email_as_sender' => 'Use the email address above as sender address. If unchecked, please specify a sender address below.',
+			'use_autogenerated_email_as_sender' => 'Leave empty for default: admin@servername',
 		],
 		'system' => [
 			'top' => 'System setup',
@@ -2398,7 +2406,7 @@ Yours sincerely, your administrator',
 		'install' => [
 			'top' => 'Finish setup',
 			'title' => 'One last step...',
-			'description' => 'The command below will download, install and configure required services on your system according to the data you have given in this installation process.<br><br><span class="text-danger">Be sure to run the following command as <b>root</b> on the server\'s shell/terminal.</span>',
+			'description' => 'The command below will download, install and configure required services on your system according to the data you have given in this installation process.<br><br><span class="text-danger">Be sure to run the following command as <b>root</b> on the server\'s shell/terminal and <b>be aware</b> that this command will <b>overwrite</b> any existing configuration for the used services (backups will be created)!.<br>If you do not want to overwrite any configurations, select <i>I will manually configure the services</i> at the bottom of this page!</span>',
 			'runcmd' => 'Run the following command to finish the installation:',
 			'manual_config' => 'I will manually configure the services, just take me to the login',
 			'waitforconfig' => 'Waiting for services to be configured...',

package-lock.json

@@ -9,7 +9,7 @@
 				"@fortawesome/fontawesome-free": "^6.4.2",
 				"@popperjs/core": "^2.11.8",
 				"@vitejs/plugin-vue": "^4.0.0",
-				"axios": "^1.1.2",
+				"axios": "^1.6.0",
 				"bootstrap": "^5.3.2",
 				"chart.js": "^4.4.0",
 				"jquery": "^3.6.1",
@@ -19,8 +19,11 @@
 				"postcss": "^8.1.14",
 				"resolve-url-loader": "^5.0.0",
 				"sass": "^1.69.3",
-				"vite": "^4.0.0",
+				"vite": "^4.4.12",
 				"vue": "^3.2.37"
+			},
+			"engines": {
+				"node": ">=18"
 			}
 		},
 		"node_modules/@babel/parser": {
@@ -577,9 +580,9 @@
 			"dev": true
 		},
 		"node_modules/axios": {
-			"version": "1.5.1",
-			"resolved": "https://registry.npmjs.org/axios/-/axios-1.5.1.tgz",
-			"integrity": "sha512-Q28iYCWzNHjAm+yEAot5QaAMxhMghWLFVf7rRdwhUI+c2jix2DUXjAHXVi+s1ibs3mjPO/cCgbA++3BjD0vP/A==",
+			"version": "1.6.0",
+			"resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz",
+			"integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==",
 			"dev": true,
 			"dependencies": {
 				"follow-redirects": "^1.15.0",
@@ -1153,9 +1156,9 @@
 			}
 		},
 		"node_modules/vite": {
-			"version": "4.4.11",
-			"resolved": "https://registry.npmjs.org/vite/-/vite-4.4.11.tgz",
-			"integrity": "sha512-ksNZJlkcU9b0lBwAGZGGaZHCMqHsc8OpgtoYhsQ4/I2v5cnpmmmqe5pM4nv/4Hn6G/2GhTdj0DhZh2e+Er1q5A==",
+			"version": "4.4.12",
+			"resolved": "https://registry.npmjs.org/vite/-/vite-4.4.12.tgz",
+			"integrity": "sha512-KtPlUbWfxzGVul8Nut8Gw2Qe8sBzWY+8QVc5SL8iRFnpnrcoCaNlzO40c1R6hPmcdTwIPEDkq0Y9+27a5tVbdQ==",
 			"dev": true,
 			"dependencies": {
 				"esbuild": "^0.18.10",

package.json

@@ -9,7 +9,7 @@
 		"@fortawesome/fontawesome-free": "^6.4.2",
 		"@popperjs/core": "^2.11.8",
 		"@vitejs/plugin-vue": "^4.0.0",
-		"axios": "^1.1.2",
+		"axios": "^1.6.0",
 		"bootstrap": "^5.3.2",
 		"chart.js": "^4.4.0",
 		"jquery": "^3.6.1",
@@ -19,7 +19,10 @@
 		"postcss": "^8.1.14",
 		"resolve-url-loader": "^5.0.0",
 		"sass": "^1.69.3",
-		"vite": "^4.0.0",
+		"vite": "^4.4.12",
 		"vue": "^3.2.37"
+	},
+	"engines": {
+		"node": ">=18"
 	}
 }

templates/Froxlor/assets/js/bootstrap.js

@@ -18,3 +18,4 @@ window.Chart = Chart;
 import axios from 'axios';
 window.axios = axios;
 window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
+window.axios.defaults.headers.common['X-CSRF-TOKEN'] = document.querySelector('meta[name="csrf-token"]').getAttribute('content');

templates/Froxlor/assets/js/jquery/customer.js

@@ -31,6 +31,9 @@ export default function () {
 						planid: pid
 					},
 					dataType: "json",
+					beforeSend: function(request) {
+						request.setRequestHeader('X-CSRF-TOKEN', document.querySelector('meta[name="csrf-token"]').getAttribute('content'));
+					},
 					success: function (json) {
 						for (var i in json) {
 							if (i == 'email_imap' || i == 'email_pop3' || i == 'perlenabled' || i == 'phpenabled' || i == 'dnsenabled' || i == 'logviewenabled') {

templates/Froxlor/assets/js/jquery/validation.js

@@ -8,18 +8,18 @@ export default function () {
 				rules: {
 					'name': {
 						required: function () {
-							return $('#company').val().length === 0 || $('#firstname').val().length > 0;
+							return $('#company').val().trim().length === 0 || $('#firstname').val().trim().length > 0;
 						}
 					},
 					'firstname': {
 						required: function () {
-							return $('#company').val().length === 0 || $('#name').val().length > 0;
+							return $('#company').val().trim().length === 0 || $('#name').val().trim().length > 0;
 						}
 					},
 					'company': {
 						required: function () {
-							return $('#name').val().length === 0
-								&& $('#firstname').val().length === 0;
+							return $('#name').val().trim().length === 0
+								&& $('#firstname').val().trim().length === 0;
 						}
 					}
 				},

templates/Froxlor/assets/scss/components/_card.scss

@@ -22,6 +22,9 @@
 		}
 	}
 }
+.list-group-item {
+	background: $white;
+}
 
 @include color-mode(dark) {
 	.card, .list-group-item {

templates/Froxlor/assets/scss/components/_form.scss

@@ -6,6 +6,14 @@
 	background-color: $body-tertiary-bg;
 }
 
+.form-floating > .form-control::placeholder {
+	color: revert;
+}
+
+.form-floating > .form-control:not(:focus)::placeholder {
+	color: transparent;
+}
+
 @include color-mode(dark) {
 	.formfield {
 		border-bottom: $border-color-dark solid 1px;

templates/Froxlor/assets/scss/components/_search.scss

@@ -17,7 +17,8 @@
 		position: absolute;
 		top: 2.75rem;
 		z-index: 50;
-		width: 70vh;
+		width: 90vw;
+		max-width: 750px;
 		max-height: 50vh;
 
 		background: $search-bg;

templates/Froxlor/config.json

@@ -1,8 +1,8 @@
 {
 	"global": {
 		"css": [
-			"assets/css/custom.css",
-			"assets/scss/app.scss"
+			"assets/scss/app.scss",
+			"assets/css/custom.css"
 		],
 		"js": [
 			"assets/js/app.js",

templates/Froxlor/footer.html.twig

@@ -8,7 +8,7 @@
 				{{ call_static('\\Froxlor\\Froxlor', 'getFullVersion') }}
 			{% endif %}
 		{% endif %}
-		&copy; 2009-{{ "now"|date("Y") }} by <a href="https://www.froxlor.org/" rel="external" target="_blank">the Froxlor Team</a><br>
+		&copy; 2009-{{ "now"|date("Y") }} by <a href="https://www.froxlor.org/" rel="external" target="_blank">the froxlor team</a><br>
 		{% if install_mode is not defined %}
 			{% if (get_setting('panel.imprint_url') != '') %}<a href="{{ get_setting('panel.imprint_url') }}" target="_blank" class="footer-link">{{ lng('imprint') }}</a>{% endif %}
 			{% if (get_setting('panel.terms_url') != '') %}<a href="{{ get_setting('panel.terms_url') }}" target="_blank" class="footer-link">{{ lng('terms') }}</a>{% endif %}

templates/Froxlor/form/formfields.html.twig

@@ -144,7 +144,7 @@
 {% endmacro %}
 
 {% macro plain(id, field) %}
-	<input type="text" readonly class="form-control-plaintext" id="{{ id }}" name="{{ id }}" value="{{ field.value|raw|e }}">
+	<input type="text" readonly class="form-control-plaintext" id="{{ id }}" name="{{ id }}" value="{{ field.value|raw }}">
 	{% if field.next_to is defined %}
 		{% for nid, nfield in field.next_to %}
 			{% if nfield.next_to_prefix is defined %}
@@ -159,9 +159,9 @@
 	{% if field.next_to is defined %}
 		<div class="input-group">
 		{% endif %}
-		<input type="{{ field.type }}" {% if field.visible is defined and field.visible == false %} disabled {% endif %} {% if field.type == 'number' and field.min is defined %} min="{{ field.min }}" {% endif %} {% if field.type == 'number' and field.max is defined %} max="{{ field.max }}" {% endif %} {% if field.type != 'number' and field.maxlength is defined %} maxlength="{{ field.maxlength }}" {% endif %} id="{{ id }}" name="{{ id }}" value="{{ field.value|raw|e }}" class="form-control {% if field.valid is defined and field.valid == false %}is-invalid{% endif %}" {% if field.mandatory is defined and field.mandatory %} required {% endif %} {% if field.readonly is defined and field.readonly %} readonly {% endif %} {% if field.autocomplete is defined %} autocomplete="{{ field.autocomplete }}" {% endif %} {% if field.placeholder is defined %} placeholder="{{ field.placeholder }}" {% endif %} {% if field.type == 'file' and field.accept is defined %} accept="{{ field.accept }}" {% endif %} {% if field.pattern is defined %} pattern="{{ field.pattern }}" {% endif %}/>
+	<input type="{{ field.type }}" {% if (field.visible is defined and field.visible == false) or (field.disabled is defined and field.disabled == true) %} disabled {% endif %} {% if field.type == 'number' and field.min is defined %} min="{{ field.min }}" {% endif %} {% if field.type == 'number' and field.max is defined %} max="{{ field.max }}" {% endif %} {% if field.type != 'number' and field.maxlength is defined %} maxlength="{{ field.maxlength }}" {% endif %} id="{{ id }}" name="{{ id }}" value="{{ field.value|raw }}" class="form-control {% if field.valid is defined and field.valid == false %}is-invalid{% endif %}" {% if field.mandatory is defined and field.mandatory %} required {% endif %} {% if field.readonly is defined and field.readonly %} readonly {% endif %} {% if field.autocomplete is defined %} autocomplete="{{ field.autocomplete }}" {% endif %} {% if field.placeholder is defined %} placeholder="{{ field.placeholder }}" {% endif %} {% if field.type == 'file' and field.accept is defined %} accept="{{ field.accept }}" {% endif %} {% if field.pattern is defined %} pattern="{{ field.pattern }}" {% endif %}/>
 		{% if field.type == 'hidden' and field.display is defined %}
-			<input type="text" readonly class="form-control-plaintext" value="{{ field.display|raw|e }}">
+			<input type="text" readonly class="form-control-plaintext" value="{{ field.display|raw }}">
 		{% endif %}
 		{% if field.next_to is defined %}
 			{% for nid, nfield in field.next_to %}
@@ -184,7 +184,7 @@
 			</label>
 		</div>
 	{% endif %}
-	{% set field = field|merge({'type':'file'}) %}
+	{% set field = field|merge({'type':'file'})|merge({'value':''}) %}
 	{{ _self.input(id, field) }}
 {% endmacro %}
 

templates/Froxlor/login/enter2fa.html.twig

@@ -27,7 +27,7 @@
 					<div class="card-body d-grid gap-2">
 						<input type="hidden" name="action" value="2fa_verify"/>
 						<input type="hidden" name="send" value="send"/>
-						<button class="btn btn-primary rounded-top-0" type="submit" name="2faverify">{{ lng('2fa.2fa_verify') }}</button>
+						<button class="btn btn-primary" type="submit" name="2faverify">{{ lng('2fa.2fa_verify') }}</button>
 					</div>
 				</div>
 			</form>

templates/Froxlor/login/fpwd.html.twig

@@ -38,7 +38,7 @@
 					</div>
 
 					<div class="card-body d-grid gap-2">
-						<button class="btn btn-primary rounded-top-0" type="submit" name="doremind">{{ lng('login.remind') }}</button>
+						<button class="btn btn-primary" type="submit" name="doremind">{{ lng('login.remind') }}</button>
 					</div>
 
 					<div class="card-footer">

templates/Froxlor/login/login.html.twig

@@ -39,7 +39,7 @@
 					</div>
 
 					<div class="card-body d-grid gap-2">
-						<button class="btn btn-primary rounded-top-0" type="submit" name="dologin">{{ lng('login.login') }}</button>
+						<button class="btn btn-primary" type="submit" name="dologin">{{ lng('login.login') }}</button>
 					</div>
 
 					{% if get_setting('panel.allow_preset') == '1' %}

templates/Froxlor/login/rpwd.html.twig

@@ -30,7 +30,7 @@
 					</div>
 
 					<div class="card-body d-grid gap-2">
-						<button class="btn btn-primary rounded-top-0" type="submit" name="doremind">{{ lng('login.remind') }}</button>
+						<button class="btn btn-primary" type="submit" name="doremind">{{ lng('login.remind') }}</button>
 					</div>
 
 					<div class="card-footer">

templates/Froxlor/misc/configurehint.html.twig

@@ -6,8 +6,8 @@
 
 		<div class="row gx-0 rounded shadow bg-primary text-white mt-5">
 			<div class="col p-5 rounded-start">
-				<h2 class="card-title">Welcome to Froxlor</h2>
-				<p class="lead mt-5">It seems that Froxlor has not been installed yet.</p>
+				<h2 class="card-title">Welcome to froxlor</h2>
+				<p class="lead mt-5">It seems that froxlor has not been installed yet.</p>
 				<p class="lead">Click on the button below to start the installation.</p>
 			</div>
 

templates/Froxlor/misc/missingextensionhint.html.twig

@@ -0,0 +1,18 @@
+{% extends "Froxlor/base.html.twig" %}
+
+{% block content %}
+<div class="container my-auto">
+<div class="alert alert-warning fade show" role="alert">
+	<h4 class="alert-heading">
+		Whoops!
+	</h4>
+	<p>It looks like you are missing some of the required php requirements.</p>
+	<p>Please ensure that the following extension for the currently used php version ({{ phpversion }}) are installed:</p>
+	<pre>{{ missing_extensions }}</pre>
+	<hr>
+	<p class="mt-1 text-center">
+		<a href="" class="btn btn-primary" title="Reload page">Reload</a>
+	</p>
+</div>
+</div>
+{% endblock %}

templates/Froxlor/misc/phprequirementfailed.html.twig

@@ -35,7 +35,7 @@
         <footer class="pý-5 text-center">
             <span>
                 <img src="{{ basehref }}templates/Froxlor/assets/img/logo_grey.png" alt="Froxlor" />
-                &copy; 2009-{{ current_year }} by <a href="https://www.froxlor.org/" rel="external">the Froxlor Team</a>
+                &copy; 2009-{{ current_year }} by <a href="https://www.froxlor.org/" rel="external">the froxlor team</a>
             </span>
         </footer>
     </div>

templates/Froxlor/misc/vendormissinghint.html.twig

@@ -35,7 +35,7 @@
         <footer class="py-5 text-center">
             <span>
                 <img src="{{ basehref }}templates/Froxlor/assets/img/logo_grey.png" alt="Froxlor" />
-                &copy; 2009-{{ current_year }} by <a href="https://www.froxlor.org/" rel="external">the Froxlor Team</a>
+                &copy; 2009-{{ current_year }} by <a href="https://www.froxlor.org/" rel="external">the froxlor team</a>
             </span>
         </footer>
     </div>

templates/Froxlor/misc/version_popover.html.twig

@@ -21,6 +21,9 @@
 		<p>{{ message }}</p>
 		{% if get_config('enable_webupdate') %}
 			<a class='btn d-block btn-outline-warning' href='admin_autoupdate.php?page=overview'>Open updater</a>
+		{% else %}
+			<p>Run the following command in your shell to update:</p>
+			<code>{{ call_static('\\Froxlor\\Froxlor', 'getInstallDir') }}bin/froxlor-cli froxlor:update</code>
 		{% endif %}
 	{% endif %}
 {% endmacro %}

templates/Froxlor/settings/apcuinfo.html.twig

@@ -24,7 +24,7 @@
 						 aria-valuemin="0" aria-valuemax="{{ apcuinfo.mem_avail }}">
 						<div class="progress-bar bg-success" style="width: {{ apcuinfo.mem_used_percentage }}%"></div>
 						<small
-							class="justify-content-center d-flex position-absolute w-100 text-dark">{{ apcuinfo.mem_used_percentage }}
+							class="justify-content-center d-flex position-absolute w-100">{{ apcuinfo.mem_used_percentage }}
 							%</small>
 					</div>
 				</div>

templates/Froxlor/user/2fa.html.twig

@@ -45,13 +45,13 @@
 						<input type="hidden" name="page" value="{{ page }}"/>
 						<input type="hidden" name="send" value="send"/>
 						{% if userinfo.type_2fa == 0 %}
-							<button class="btn btn-primary rounded-top-0" type="submit" name="preadd">
+							<button class="btn btn-primary" type="submit" name="preadd">
 								{{ lng('2fa.2fa_add') }}</button>
 						{% elseif userinfo['2fa_unsaved'] is defined and userinfo['2fa_unsaved'] %}
-							<button class="btn btn-primary rounded-top-0" type="submit" name="add">
+							<button class="btn btn-primary" type="submit" name="add">
 								{{ lng('2fa.2fa_add') }}</button>
 						{% else %}
-							<button class="btn btn-warning rounded-top-0" type="submit" name="delete">
+							<button class="btn btn-warning" type="submit" name="delete">
 								{{ lng('2fa.2fa_delete') }}</button>
 						{% endif %}
 					</div>

templates/Froxlor/user/index.html.twig

@@ -51,8 +51,16 @@
 
 	<div class="row">
 		{% if userinfo.adminsession == 1 %}
-			<div
-				class="col-12 col-lg-6">
+			<div class="col-12 col-lg-6">
+
+				{% if userinfo.custom_notes|markdown is not empty and userinfo.custom_notes_show == 1 %}
+					<div class="card mb-3">
+						<div class="card-body">
+							{{ userinfo.custom_notes|markdown|raw }}
+						</div>
+					</div>
+				{% endif %}
+
 				{# system infos #}
 				<div class="card mb-3">
 					<div class="card-header">
@@ -135,22 +143,9 @@
 						{% endif %}
 					</ul>
 				</div>
-
-				{% if userinfo.custom_notes|markdown is not empty and userinfo.custom_notes_show == 1 %}
-					<div class="card mb-3">
-						<ul class="list-group list-group-flush">
-							<li class="list-group-item list-group-item-info d-flex justify-content-between align-items-start">
-								<div class="ms-2 me-auto">
-									{{ userinfo.custom_notes|markdown|raw }}
-								</div>
-							</li>
-						</ul>
-					</div>
-				{% endif %}
 			</div>
 		{% else %}
-			<div
-				class="col-12 col-md-6 col-lg-4">
+			<div class="col-12 col-md-6 col-lg-4">
 				{# account info #}
 				<div class="card mb-3">
 					<div class="card-header">
@@ -174,16 +169,16 @@
 							<div class="ms-2 me-auto">
 								<div class="fw-bold">{{ lng('customer.services') }}</div>
 								{% if userinfo.imap == 1 %}
-									<span class="badge bg-success">IMAP</span>
+									<span class="badge bg-success me-1">IMAP</span>
 								{% endif %}
 								{% if userinfo.pop3 == 1 %}
-									<span class="badge bg-success">POP3</span>
+									<span class="badge bg-success me-1">POP3</span>
 								{% endif %}
 								{% if userinfo.phpenabled == 1 %}
-									<span class="badge bg-success">PHP</span>
+									<span class="badge bg-success me-1">PHP</span>
 								{% endif %}
 								{% if userinfo.perlenabled == 1 %}
-									<span class="badge bg-success">Perl/CGI</span>
+									<span class="badge bg-success me-1">Perl/CGI</span>
 								{% endif %}
 								{% if userinfo.api_allowed == 1 %}
 									<a href="{{ linker({'section':'index','page':'apikeys'}) }}">
@@ -212,8 +207,7 @@
 					</ul>
 				</div>
 			</div>
-			<div
-				class="col-12 col-md-6 col-lg-4">
+			<div class="col-12 col-md-6 col-lg-4">
 				{# customer details #}
 				<div class="card">
 					<div class="card-header">

templates/Froxlor/user/profile.html.twig

@@ -64,7 +64,7 @@
 						<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
 						<input type="hidden" name="page" value="{{ page }}"/>
 						<input type="hidden" name="send" value="changepassword"/>
-						<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
+						<button class="btn btn-primary" type="submit" name="dosave">
 							<i class="fa-regular fa-floppy-disk"></i>
 							{{ lng('menue.main.changepassword') }}</button>
 					</div>
@@ -96,7 +96,7 @@
 							<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
 							<input type="hidden" name="page" value="{{ page }}"/>
 							<input type="hidden" name="send" value="changetheme"/>
-							<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
+							<button class="btn btn-primary" type="submit" name="dosave">
 								<i class="fa-regular fa-floppy-disk"></i>
 								{{ lng('menue.main.changetheme') }}
 							</button>
@@ -130,7 +130,7 @@
 						<input type="hidden" name="csrf_token" value="{{ csrf_token }}"/>
 						<input type="hidden" name="page" value="{{ page }}"/>
 						<input type="hidden" name="send" value="changelanguage"/>
-						<button class="btn btn-primary rounded-top-0" type="submit" name="dosave">
+						<button class="btn btn-primary" type="submit" name="dosave">
 							<i class="fa-regular fa-floppy-disk"></i>
 							{{ lng('menue.main.changelanguage') }}</button>
 					</div>

templates/Froxlor/user/traffic.html.twig

@@ -152,7 +152,7 @@
 		{% if userinfo.adminsession == 1 %}
 			const labelsC = [];
 			const dataValues = [];
-			{% for user in users|sort((a, b) => a.total <=> b.total)|slice(0, 5) %}
+			{% for user in users|slice(0, 5) %}
 				labelsC.push('{{ user.loginname }}');
 				dataValues.push({value: '{{ user.total|default(0) }}', formatted: '{{ user.total|formatBytes }}'});
 			{% endfor %}

templates/Froxlor/userarea.html.twig

@@ -27,7 +27,7 @@
 			<a class="navbar-brand me-0 {% if block('heading') %}shadow-sm{% endif %}" href="{{ linker({'section': 'index'}) }}">
 				<img src="{{ header_logo }}" alt="logo" class="header-logo d-inline-block align-text-top ms-md-3">
 			</a>
-			<div class="order-0 order-md-1 d-flex flex-grow-0 flex-md-grow-1" id="navbar">
+			<div class="order-0 order-md-1 d-flex flex-grow-0 flex-md-grow-auto" id="navbar">
 				<ul class="navbar-nav ms-md-auto me-3 me-lg-5">
 					<a class="nav-link d-md-none" data-bs-toggle="collapse" href="#collapseSearch" role="button" aria-expanded="false" aria-controls="collapseSearch">
 						<i class="fa-solid fa-search text-body-secondary"></i>
@@ -77,10 +77,10 @@
 				</ul>
 			</div>
 			<div class="order-1 order-md-0 collapse navbar-collapse" id="collapseSearch">
-				<form class="ms-3 mt-3 ms-lg-5 my-md-0" id="search" method="post">
-					<div class="d-flex align-items-center">
+				<form class="ms-3 mt-3 ms-lg-5 my-md-0 w-100" id="search" method="post">
+					<div class="d-flex align-items-center w-100">
 						<i class="fa-solid fa-search text-body-secondary"></i>
-						<input tabindex="1" class="search-input" title="search" type="search" placeholder="{{ lng('panel.search') }}...">
+						<input tabindex="1" class="search-input w-75" title="search" type="search" placeholder="{{ lng('panel.search') }}...">
 					</div>
 					<div class="search-results-box p-2 shadow" style="display:none;">
 						<div class="search-results list-group-flush"></div>

templates/misc/unconfigured/index.html

@@ -4,7 +4,7 @@
 	<meta charset="UTF-8">
 	<meta name="robots" content="noindex, nofollow">
 	<meta name="viewport" content="width=device-width, initial-scale=1.0">
-	<title>froxlor - Deactivated page</title>
+	<title>froxlor - Domain not configured</title>
 	<style>
 		:root{--primary:#1872a2;--fonts:ui-sans-serif,system-ui,-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji"}
 		body{display:flex;flex-direction:column;background:#f8f9fa;color:#4b5563;align-items:center;justify-content:center;font-family:var(--fonts)}

tests/Emails/EmailsTest.php

@@ -426,10 +426,10 @@ class MailsTest extends TestCase
 		$this->assertEquals(1, $result['popaccountid']);
 
 		switch (Settings::Get('system.passwordcryptfunc')) {
-			case PASSWORD_ARGON2I:
+			case 'argon2i':
 				$cpPrefix = '{ARGON2I}';
 				break;
-			case PASSWORD_ARGON2ID:
+			case 'argon2id':
 				$cpPrefix = '{ARGON2ID}';
 				break;
 			default: