Merge branch 'development'

composer.json

@@ -25,7 +25,7 @@
 		"phpstan/phpdoc-parser": "^2.0",
 		"phpstan/phpstan-deprecation-rules": "^2.0",
         "phan/phan": "^5.4",
-        "egrajp/smarty-extended": "^4.3",
+        "egrajp/smarty-extended": "^5.4",
         "gullevek/dotenv": "dev-master",
         "phpunit/phpunit": "^9"
     },

publish/last.published

@@ -1 +1 @@
-9.25.2
+9.26.8

src/ACL/Login.php

@@ -1418,6 +1418,7 @@ class Login
 				'additional_acl' => Json::jsonConvertToArray($res['additional_acl']),
 				'data' => $ea_data
 			];
+			// LEGACY LOOKUP
 			$unit_access_eaid[$res['edit_access_id']] = [
 				'cuid' => $res['cuid'],
 			];
@@ -1477,6 +1478,8 @@ class Login
 		// username (login), group name
 		$this->acl['user_name'] = $_SESSION['LOGIN_USER_NAME'];
 		$this->acl['group_name'] = $_SESSION['LOGIN_GROUP_NAME'];
+		// DEPRECATED
+		$this->acl['euid'] = $_SESSION['LOGIN_EUID'];
 		// edit user cuid
 		$this->acl['eucuid'] = $_SESSION['LOGIN_EUCUID'];
 		$this->acl['eucuuid'] = $_SESSION['LOGIN_EUCUUID'];
@@ -1529,7 +1532,7 @@ class Login
 			$this->acl['page'] = $_SESSION['LOGIN_PAGES_ACL_LEVEL'][$this->page_name];
 		}
 
-		$this->acl['unit_id'] = null;
+		$this->acl['unit_cuid'] = null;
 		$this->acl['unit_name'] = null;
 		$this->acl['unit_uid'] = null;
 		$this->acl['unit'] = [];
@@ -1552,9 +1555,12 @@ class Login
 			$this->acl['unit_legacy'][$unit['id']] = $this->acl['unit'][$ea_cuid];
 			// detail name/level set
 			$this->acl['unit_detail'][$ea_cuid] = [
+				'id' =>  $unit['id'],
 				'name' => $unit['name'],
 				'uid' => $unit['uid'],
+				'cuuid' => $unit['cuuid'],
 				'level' => $this->default_acl_list[$this->acl['unit'][$ea_cuid]]['name'] ?? -1,
+				'level_number' => $this->acl['unit'][$ea_cuid],
 				'default' => $unit['default'],
 				'data' => $unit['data'],
 				'additional_acl' => $unit['additional_acl']
@@ -2533,7 +2539,7 @@ HTML;
 				$this->login_user_id,
 				-1,
 				$login_user_id_changed
-			);
+			) ?? '';
 			// flag unclean input data
 			if ($login_user_id_changed > 0) {
 				$this->login_user_id_unclear = true;
@@ -3212,7 +3218,7 @@ HTML;
 	 * @return int|null                 same edit access id if ok
 	 *                                  or the default edit access id
 	 *                                  if given one is not valid
-	 * @deprecated Please switch to using edit access cuid check with ->loginCheckEditAccessValidCuid()
+	 * @#deprecated Please switch to using edit access cuid check with ->loginCheckEditAccessValidCuid()
 	 */
 	public function loginCheckEditAccessId(?int $edit_access_id): ?int
 	{
@@ -3277,6 +3283,34 @@ HTML;
 		return (int)$_SESSION['LOGIN_UNIT_CUID'][$uid];
 	}
 
+	/**
+	 * Legacy lookup for edit access id to cuid
+	 *
+	 * @param  int          $id edit access id PK
+	 * @return string|false     edit access cuid or false if not found
+	 */
+	public function loginGetEditAccessCuidFromId(int $id): string|false
+	{
+		if (!isset($_SESSION['LOGIN_UNIT_LEGACY'][$id])) {
+			return false;
+		}
+		return (string)$_SESSION['LOGIN_UNIT_LEGACY'][$id]['cuid'];
+	}
+
+	/**
+	 * This is a Legacy lookup from the edit access id to cuid for further lookups in the normal list
+	 *
+	 * @param  string    $cuid edit access cuid
+	 * @return int|false       false on not found or edit access id PK
+	 */
+	public function loginGetEditAccessIdFromCuid(string $cuid): int|false
+	{
+		if (!isset($_SESSION['LOGIN_UNIT'][$cuid])) {
+			return false;
+		}
+		return $_SESSION['LOGIN_UNIT'][$cuid]['id'];
+	}
+
 	/**
 	 * Check if admin flag is set
 	 *

src/Admin/Backend.php

@@ -289,7 +289,7 @@ class Backend
 	 *                                                        JSON, STRING/SERIEAL, BINARY/BZIP or ZLIB
 	 * @param  string|null         $db_schema [default=null]  override target schema
 	 * @return void
-	 * @deprecated Use $login->writeLog() and set action_set from ->adbGetActionSet()
+	 * @deprecated Use $login->writeLog($event, $data, action_set:$cms->adbGetActionSet(), write_type:$write_type)
 	 */
 	public function adbEditLog(
 		string $event = '',

src/Admin/EditBase.php

@@ -14,9 +14,6 @@ declare(strict_types=1);
 
 namespace CoreLibs\Admin;
 
-use Exception;
-use SmartyException;
-
 class EditBase
 {
 	/** @var array<mixed> */
@@ -63,6 +60,7 @@ class EditBase
 		// smarty template engine (extended Translation version)
 		$this->smarty = new \CoreLibs\Template\SmartyExtend(
 			$l10n,
+			$log,
 			$options['cache_id'] ?? '',
 			$options['compile_id'] ?? '',
 		);
@@ -78,7 +76,7 @@ class EditBase
 		);
 		if ($this->form->mobile_phone) {
 			echo "I am sorry, but this page cannot be viewed by a mobile phone";
-			exit;
+			exit(1);
 		}
 		// $this->log->debug('POST', $this->log->prAr($_POST));
 	}
@@ -538,8 +536,7 @@ class EditBase
 	 * builds the smarty content and runs smarty display output
 	 *
 	 * @return void
-	 * @throws Exception
-	 * @throws SmartyException
+	 * @throws \Smarty\Exception
 	 */
 	public function editBaseRun(
 		?string $template_dir = null,

src/Combined/DateTime.php

@@ -639,16 +639,26 @@ class DateTime
 	 *
 	 * @param  string $start_date   valid start date (y/m/d)
 	 * @param  string $end_date     valid end date (y/m/d)
-	 * @param  bool   $return_named return array type, false (default), true for named
-	 * @return array<mixed>         0/overall, 1/weekday, 2/weekend
+	 * @param  bool   $return_named [default=false] return array type, false (default), true for named
+	 * @param  bool   $include_end_date [default=true] include end date in calc
+	 * @param  bool   $exclude_start_date [default=false] include end date in calc
+	 * @return array{0:int,1:int,2:int,3:bool}|array{overall:int,weekday:int,weekend:int,reverse:bool}
+	 *                0/overall, 1/weekday, 2/weekend, 3/reverse
 	 */
 	public static function calcDaysInterval(
 		string $start_date,
 		string $end_date,
-		bool $return_named = false
+		bool $return_named = false,
+		bool $include_end_date = true,
+		bool $exclude_start_date = false
 	): array {
 		// pos 0 all, pos 1 weekday, pos 2 weekend
-		$days = [];
+		$days = [
+			0 => 0,
+			1 => 0,
+			2 => 0,
+			3 => false,
+		];
 		// if anything invalid, return 0,0,0
 		try {
 			$start = new \DateTime($start_date);
@@ -659,19 +669,30 @@ class DateTime
 					'overall' => 0,
 					'weekday' => 0,
 					'weekend' => 0,
+					'reverse' => false
 				];
 			} else {
-				return [0, 0, 0];
+				return $days;
 			}
 		}
 		// so we include the last day too, we need to add +1 second in the time
-		$end->setTime(0, 0, 1);
-		// if end date before start date, only this will be filled
-		$days[0] = $end->diff($start)->days;
-		$days[1] = 0;
-		$days[2] = 0;
+		// if start is before end, switch dates and flag
+		$days[3] = false;
+		if ($start > $end) {
+			$new_start = $end;
+			$end = $start;
+			$start = $new_start;
+			$days[3] = true;
+		}
 		// get period for weekends/weekdays
-		$period = new \DatePeriod($start, new \DateInterval('P1D'), $end);
+		$options = 0;
+		if ($include_end_date) {
+			$options |= \DatePeriod::INCLUDE_END_DATE;
+		}
+		if ($exclude_start_date) {
+			$options |= \DatePeriod::EXCLUDE_START_DATE;
+		}
+		$period = new \DatePeriod($start, new \DateInterval('P1D'), $end, $options);
 		foreach ($period as $dt) {
 			$curr = $dt->format('D');
 			if ($curr == 'Sat' || $curr == 'Sun') {
@@ -679,12 +700,14 @@ class DateTime
 			} else {
 				$days[1]++;
 			}
+			$days[0]++;
 		}
 		if ($return_named === true) {
 			return [
 				'overall' => $days[0],
 				'weekday' => $days[1],
 				'weekend' => $days[2],
+				'reverse' => $days[3],
 			];
 		} else {
 			return $days;
@@ -705,6 +728,13 @@ class DateTime
 	): bool {
 		$dd_start = new \DateTime($start_date);
 		$dd_end = new \DateTime($end_date);
+		// flip if start is after end
+		if ($dd_start > $dd_end) {
+			$new_start = $dd_end;
+			$dd_end = $dd_start;
+			$dd_start = $new_start;
+		}
+		// if start > end, flip
 		if (
 			// starts with a weekend
 			$dd_start->format('N') >= 6 ||

src/DB/IO.php

@@ -500,7 +500,7 @@ class IO
 			die('<!-- Cannot load db functions class for: ' . $this->db_type . ' -->');
 		}
 		// write to internal one, once OK
-		$this->db_functions = $db_functions;
+		$this->db_functions = $db_functions; /** @phan-suppress-current-line PhanPossiblyNullTypeMismatchProperty */
 
 		// connect to DB
 		if (!$this->__connectToDB()) {
@@ -1413,10 +1413,7 @@ class IO
 						$this->pk_name_table[$table] ?
 							$this->pk_name_table[$table] : 'NULL';
 				}
-				if (
-					!preg_match(self::REGEX_RETURNING, $this->query) &&
-					$this->pk_name && $this->pk_name != 'NULL'
-				) {
+				if (!preg_match(self::REGEX_RETURNING, $this->query) && $this->pk_name != 'NULL') {
 					// check if this query has a ; at the end and remove it
 					$__query = preg_replace("/(;\s*)$/", '', $this->query);
 					// must be query, if preg replace failed, use query as before
@@ -1426,7 +1423,7 @@ class IO
 				} elseif (
 					preg_match(self::REGEX_RETURNING, $this->query, $matches)
 				) {
-					if ($this->pk_name && $this->pk_name != 'NULL') {
+					if ($this->pk_name != 'NULL') {
 						// add the primary key if it is not in the returning set
 						if (!preg_match("/$this->pk_name/", $matches[1])) {
 							$this->query .= " , " . $this->pk_name;
@@ -2946,7 +2943,7 @@ class IO
 		$query_hash = $this->dbGetQueryHash($query, $params);
 		// clears cache for this query
 		if (empty($this->cursor_ext[$query_hash]['query'])) {
-			$this->__dbError(18, context: [
+			$this->__dbWarning(18, context: [
 				'query' => $query,
 				'params' => $params,
 				'hash' => $query_hash,
@@ -3141,6 +3138,7 @@ class IO
 				'pk_name' => '',
 				'count' => 0,
 				'query' => '',
+				'query_raw' => $query,
 				'result' =>  null,
 				'returning_id' => false,
 				'placeholder_converted' => [],
@@ -3237,11 +3235,12 @@ class IO
 			}
 		} else {
 			// if we try to use the same statement name for a differnt query, error abort
-			if ($this->prepare_cursor[$stm_name]['query'] != $query) {
+			if ($this->prepare_cursor[$stm_name]['query_raw'] != $query) {
 				// thrown error
 				$this->__dbError(26, false, context: [
 					'statement_name' => $stm_name,
 					'prepared_query' => $this->prepare_cursor[$stm_name]['query'],
+					'prepared_query_raw' => $this->prepare_cursor[$stm_name]['query_raw'],
 					'query' => $query,
 					'pk_name' => $pk_name,
 				]);
@@ -4364,6 +4363,37 @@ class IO
 		return $this->prepare_cursor[$stm_name][$key];
 	}
 
+	/**
+	 * Checks if a prepared query eixsts
+	 *
+	 * @param  string $stm_name Statement to check
+	 * @param  string $query [default=''] If set then query must also match
+	 * @return false|int<0,2>             False on missing stm_name
+	 *                                    0: ok, 1: stm_name matchin, 2: stm_name and query matching
+	 */
+	public function dbPreparedCursorStatus(string $stm_name, string $query = ''): false|int
+	{
+		if (empty($stm_name)) {
+			$this->__dbError(
+				101,
+				false,
+				'No statement name given'
+			);
+			return false;
+		}
+		// does not exist
+		$return_value = 0;
+		if (!empty($this->prepare_cursor[$stm_name]['query_raw'])) {
+			// statement name eixts
+			$return_value = 1;
+			if ($this->prepare_cursor[$stm_name]['query_raw'] == $query) {
+				// query also matches
+				$return_value = 2;
+			}
+		}
+		return $return_value;
+	}
+
 	// ***************************
 	// ERROR AND WARNING DATA
 	// ***************************

src/DeprecatedHelper/Deprecated84.php

@@ -0,0 +1,95 @@
+<?php
+
+/**
+ * AUTHOR: Clemens Schwaighofer
+ * CREATED: 2025/1/17
+ * DESCRIPTION:
+ * Deprecated helper for fputcsv
+*/
+
+declare(strict_types=1);
+
+namespace CoreLibs\DeprecatedHelper;
+
+use InvalidArgumentException;
+
+class Deprecated84
+{
+	/**
+	 * This is a wrapper for fputcsv to fix deprecated warning for $escape parameter
+	 * See: https://www.php.net/manual/en/function.fputcsv.php
+	 * escape parameter deprecation and recommend to set to "" for compatible with PHP 9.0
+	 *
+	 * @param mixed $stream
+	 * @param array<mixed> $fields
+	 * @param string $separator
+	 * @param string $enclosure
+	 * @param string $escape
+	 * @param string $eol
+	 * @return int|false
+	 * @throws InvalidArgumentException
+	 */
+	public static function fputcsv(
+		mixed $stream,
+		array $fields,
+		string $separator = ",",
+		string $enclosure = '"',
+		string $escape = '', // set to empty for future compatible
+		string $eol = PHP_EOL
+	): int | false {
+		if (!is_resource($stream)) {
+			throw new \InvalidArgumentException("fputcsv stream parameter must be a resrouce");
+		}
+		return fputcsv($stream, $fields, $separator, $enclosure, $escape, $eol);
+	}
+
+	/**
+	 * This is a wrapper for fgetcsv to fix deprecated warning for $escape parameter
+	 * See: https://www.php.net/manual/en/function.fgetcsv.php
+	 * escape parameter deprecation and recommend to set to "" for compatible with PHP 9.0
+	 *
+	 * @param mixed $stream
+	 * @param null|int<0,max> $length
+	 * @param string $separator
+	 * @param string $enclosure
+	 * @param string $escape
+	 * @return array<mixed>|false
+	 * @throws InvalidArgumentException
+	 */
+	public static function fgetcsv(
+		mixed $stream,
+		?int $length = null,
+		string $separator = ',',
+		string $enclosure = '"',
+		string $escape = '' // set to empty for future compatible
+	): array | false {
+		if (!is_resource($stream)) {
+			throw new \InvalidArgumentException("fgetcsv stream parameter must be a resrouce");
+		}
+		return fgetcsv($stream, $length, $separator, $enclosure, $escape);
+	}
+
+	/**
+	 * This is a wrapper for str_getcsv to fix deprecated warning for $escape parameter
+	 * See: https://www.php.net/manual/en/function.str-getcsv.php
+	 * escape parameter deprecation and recommend to set to "" for compatible with PHP 9.0
+	 *
+	 * @param string $string
+	 * @param string $separator
+	 * @param string $enclosure
+	 * @param string $escape
+	 * @return array<mixed>
+	 */
+	// phpcs:disable PSR1.Methods.CamelCapsMethodName
+	public static function str_getcsv(
+		string $string,
+		string $separator = ",",
+		string $enclosure = '"',
+		string $escape = '' // set to empty for future compatible
+	): array {
+		return str_getcsv($string, $separator, $enclosure, $escape);
+	}
+	// phpcs:enable PSR1.Methods.CamelCapsMethodName
+}
+
+// __END__

src/Logging/Logging.php

@@ -30,6 +30,10 @@ class Logging
 {
 	/** @var int minimum size for a max file size, so we don't set 1 byte, 10kb */
 	public const MIN_LOG_MAX_FILESIZE = 10 * 1024;
+	/** @var string log file extension, not changeable */
+	private const LOG_FILE_NAME_EXT = "log";
+	/** @var string log file block separator, not changeable */
+	private const LOG_FILE_BLOCK_SEPARATOR = '.';
 
 	// NOTE: the second party array{} hs some errors
 	/** @var array<string,array<string,string|bool|Level>>|array{string:array{type:string,type_info?:string,mandatory:true,alias?:string,default:string|bool|Level,deprecated:bool,use?:string}} */
@@ -104,8 +108,6 @@ class Logging
 	private string $log_folder = '';
 	/** @var string a alphanumeric name that has to be set as global definition */
 	private string $log_file_id = '';
-	/** @var string log file name extension */
-	private string $log_file_name_ext = 'log';
 	/** @var string log file name with folder, for actual writing */
 	private string $log_file_name = '';
 	/** @var int set in bytes */
@@ -431,7 +433,7 @@ class Logging
 	private function buildLogFileName(Level $level, string $group_id = ''): string
 	{
 		// init base file path
-		$fn = $this->log_print_file . '.' . $this->log_file_name_ext;
+		$fn = $this->log_print_file . '.' . self::LOG_FILE_NAME_EXT;
 		// log ID prefix settings, if not valid, replace with empty
 		if (!empty($this->log_file_id)) {
 			$rpl_string = $this->log_file_id;
@@ -440,14 +442,15 @@ class Logging
 		}
 		$fn = str_replace('{LOGID}', $rpl_string, $fn); // log id (like a log file prefix)
 
-		$rpl_string = !$this->getLogFlag(Flag::per_level) ? '' :
-			'_' . $level->getName();
+		$rpl_string = $this->getLogFlag(Flag::per_level) ?
+			self::LOG_FILE_BLOCK_SEPARATOR . $level->getName() :
+			'';
 		$fn = str_replace('{LEVEL}', $rpl_string, $fn); // create output filename
 
 		// write per level
-		$rpl_string = !$this->getLogFlag(Flag::per_group) ? '' :
+		$rpl_string = $this->getLogFlag(Flag::per_group) ?
 			// normalize level, replace all non alphanumeric characters with -
-			'_' . (
+			self::LOG_FILE_BLOCK_SEPARATOR . (
 				// if return is only - then set error string
 				preg_match(
 					"/^-+$/",
@@ -455,25 +458,29 @@ class Logging
 				) ?
 					'INVALID-LEVEL-STRING' :
 					$level_string
-			);
+			) :
+			'';
 		$fn = str_replace('{GROUP}', $rpl_string, $fn); // create output filename
 		// set per class, but don't use get_class as we will only get self
-		$rpl_string = !$this->getLogFlag(Flag::per_class) ? '' : '_'
-			// set sub class settings
-			. str_replace('\\', '-', Support::getCallerTopLevelClass());
+		$rpl_string = $this->getLogFlag(Flag::per_class) ?
+				// set sub class settings
+				self::LOG_FILE_BLOCK_SEPARATOR . str_replace('\\', '-', Support::getCallerTopLevelClass()) :
+			'';
 		$fn = str_replace('{CLASS}', $rpl_string, $fn); // create output filename
 
 		// if request to write to one file
-		$rpl_string = !$this->getLogFlag(Flag::per_page) ?
-			'' :
-			'_' . System::getPageName(System::NO_EXTENSION);
+		$rpl_string = $this->getLogFlag(Flag::per_page) ?
+			self::LOG_FILE_BLOCK_SEPARATOR . System::getPageName(System::NO_EXTENSION) :
+			'';
 		$fn = str_replace('{PAGENAME}', $rpl_string, $fn); // create output filename
 
 		// if run id, we auto add ymd, so we ignore the log file date
 		if ($this->getLogFlag(Flag::per_run)) {
-			$rpl_string = '_' . $this->getLogUniqueId(); // add 8 char unique string
+			// add 8 char unique string and date block with time
+			$rpl_string = self::LOG_FILE_BLOCK_SEPARATOR . $this->getLogUniqueId();
 		} elseif ($this->getLogFlag(Flag::per_date)) {
-			$rpl_string = '_' . $this->getLogDate(); // add date to file
+			// add date to file
+			$rpl_string = self::LOG_FILE_BLOCK_SEPARATOR . $this->getLogDate();
 		} else {
 			$rpl_string = '';
 		}
@@ -739,7 +746,10 @@ class Logging
 	{
 		if (empty($this->log_file_unique_id) || $override == true) {
 			$this->log_file_unique_id =
-				date('Y-m-d_His') . '_U_'
+				date('Y-m-d_His')
+					. self::LOG_FILE_BLOCK_SEPARATOR
+					. 'U_'
+					// this doesn't have to be unique for everything, just for this logging purpose
 					. substr(hash(
 						'sha1',
 						random_bytes(63)

src/Template/SmartyExtend.php

@@ -19,12 +19,13 @@ declare(strict_types=1);
 
 namespace CoreLibs\Template;
 
-// leading slash if this is in lib\Smarty
-class SmartyExtend extends \Smarty
+class SmartyExtend extends \Smarty\Smarty
 {
 	// internal translation engine
-	/** @var \CoreLibs\Language\L10n */
+	/** @var \CoreLibs\Language\L10n language class */
 	public \CoreLibs\Language\L10n $l10n;
+	/** @var \CoreLibs\Logging\Logging $log logging class */
+	public \CoreLibs\Logging\Logging $log;
 
 	// lang & encoding
 	/** @var string */
@@ -157,14 +158,18 @@ class SmartyExtend extends \Smarty
 	 * calls L10 for pass on internaly in smarty
 	 * also registers the getvar caller plugin
 	 *
-	 * @param \CoreLibs\Language\L10n $l10n l10n language class
-	 * @param string|null             $cache_id
-	 * @param string|null             $compile_id
+	 * @param \CoreLibs\Language\L10n   $l10n l10n language class
+	 * @param \CoreLibs\Logging\Logging $log Logger class
+	 * @param string|null               $cache_id [default=null]
+	 * @param string|null               $compile_id [default=null]
+	 * @param array<string,mixed>       $options [default=[]]
 	 */
 	public function __construct(
 		\CoreLibs\Language\L10n $l10n,
+		\CoreLibs\Logging\Logging $log,
 		?string $cache_id = null,
-		?string $compile_id = null
+		?string $compile_id = null,
+		array $options = []
 	) {
 		// trigger deprecation
 		if (
@@ -177,14 +182,33 @@ class SmartyExtend extends \Smarty
 				E_USER_DEPRECATED
 			);
 		}
-		// set variables (to be deprecated)
-		$cache_id = $cache_id ??
-			(defined('CACHE_ID') ? CACHE_ID : '');
-		$compile_id = $compile_id ??
-			(defined('COMPILE_ID') ? COMPILE_ID : '');
+		// set variables from global constants (deprecated)
+		if ($cache_id === null && defined('CACHE_ID')) {
+			trigger_error(
+				'SmartyExtended: No cache_id set and CACHE_ID constant set, this is deprecated',
+				E_USER_DEPRECATED
+			);
+			$cache_id = CACHE_ID;
+		}
+		if ($compile_id === null && defined('COMPILE_ID')) {
+			trigger_error(
+				'SmartyExtended: No compile_id set and COMPILE_ID constant set, this is deprecated',
+				E_USER_DEPRECATED
+			);
+			$compile_id = COMPILE_ID;
+		}
+		if (empty($cache_id)) {
+			throw new \BadMethodCallException('cache_id parameter is not set');
+		}
+		if (empty($compile_id)) {
+			throw new \BadMethodCallException('compile_id parameter is not set');
+		}
+
 		// call basic smarty
-		// or Smarty::__construct();
 		parent::__construct();
+
+		$this->log = $log;
+
 		// init lang
 		$this->l10n = $l10n;
 		// parse and read, legacy stuff
@@ -194,7 +218,6 @@ class SmartyExtend extends \Smarty
 		$this->lang_short = $locale['lang_short'];
 		$this->domain = $locale['domain'];
 		$this->lang_dir = $locale['path'];
-
 		// opt load functions so we can use legacy init for smarty run perhaps
 		\CoreLibs\Language\L10n::loadFunctions();
 		_setlocale(LC_MESSAGES, $locale['locale']);
@@ -203,7 +226,6 @@ class SmartyExtend extends \Smarty
 		_bind_textdomain_codeset($this->domain, $this->encoding);
 
 		// register smarty variable
-		// $this->registerPlugin(\Smarty\Smarty::PLUGIN_MODIFIER, 'getvar', [&$this, 'getTemplateVars']);
 		$this->registerPlugin(self::PLUGIN_MODIFIER, 'getvar', [&$this, 'getTemplateVars']);
 
 		$this->page_name = \CoreLibs\Get\System::getPageName();
@@ -211,6 +233,77 @@ class SmartyExtend extends \Smarty
 		// set internal settings
 		$this->CACHE_ID = $cache_id;
 		$this->COMPILE_ID = $compile_id;
+		// set options
+		$this->setOptions($options);
+	}
+
+	/**
+	 * set options
+	 *
+	 * @param  array<string,mixed> $options
+	 * @return void
+	 */
+	private function setOptions(array $options): void
+	{
+		// set escape html if option is set
+		if (!empty($options['escape_html'])) {
+			$this->setEscapeHtml(true);
+		}
+		// load plugins
+		// plugin array:
+		// 'file': string, path to plugin content to load
+		// 'type': a valid smarty type see Smarty PLUGIN_ constants for correct names
+		// 'tag': the smarty tag
+		// 'callback': the function to call in 'file'
+		if (!empty($options['plugins'])) {
+			foreach ($options['plugins'] as $plugin) {
+				// file is readable
+				if (
+					empty($plugin['file']) ||
+					!is_file($plugin['file']) ||
+					!is_readable($plugin['file'])
+				) {
+					$this->log->warning('SmartyExtended plugin load failed, file not accessable', [
+						'plugin' => $plugin,
+					]);
+					continue;
+				}
+				// tag is alphanumeric
+				if (!preg_match("/^\w+$/", $plugin['tag'] ?? '')) {
+					$this->log->warning('SmartyExtended plugin load failed, invalid tag', [
+						'plugin' => $plugin,
+					]);
+					continue;
+				}
+				// callback is alphanumeric
+				if (!preg_match("/^\w+$/", $plugin['callback'] ?? '')) {
+					$this->log->warning('SmartyExtended plugin load failed, invalid callback', [
+						'plugin' => $plugin,
+					]);
+					continue;
+				}
+				try {
+					/** @phan-suppress-next-line PhanNoopNew */
+					new \ReflectionClassConstant($this, $plugin['type']);
+				} catch (\ReflectionException $e) {
+					$this->log->error('SmartyExtended plugin load failed, type is not valid', [
+						'message' => $e->getMessage(),
+						'plugin' => $plugin,
+					]);
+					continue;
+				}
+				try {
+					require $plugin['file'];
+					$this->registerPlugin($plugin['type'], $plugin['tag'], $plugin['callback']);
+				} catch (\Smarty\Exception $e) {
+					$this->log->error('SmartyExtended plugin load failed with exception', [
+						'message' => $e->getMessage(),
+						'plugin' => $plugin,
+					]);
+					continue;
+				}
+			}
+		}
 	}
 
 	/**

test/phpunit/AAASetupData/requests/http_requests.php

@@ -48,7 +48,7 @@ header("Content-Type: application/json; charset=UTF-8");
 if (!empty($http_headers['HTTP_AUTHORIZATION']) && !empty($http_headers['HTTP_RUNAUTHTEST'])) {
 	header("HTTP/1.1 401 Unauthorized");
 	print buildContent($http_headers, '{"code": 401, "content": {"Error": "Not Authorized"}}');
-	exit;
+	exit(1);
 }
 
 // if server request type is get set file_get to null -> no body
@@ -57,7 +57,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
 } elseif (($file_get = file_get_contents('php://input')) === false) {
 	header("HTTP/1.1 404 Not Found");
 	print buildContent($http_headers, '{"code": 404, "content": {"Error": "file_get_contents failed"}}');
-	exit;
+	exit(1);
 }
 
 print buildContent($http_headers, $file_get);

test/phpunit/ACL/CoreLibsACLLoginTest.php

@@ -1531,6 +1531,12 @@ final class CoreLibsACLLoginTest extends TestCase
 				$login_mock->loginGetEditAccessCuidFromUid($mock_settings['edit_access_uid']),
 				'Assert check access uid to cuid valid'
 			);
+			// - loginGetEditAccessCuidFromId
+			$this->assertEquals(
+				$expected['check_access_cuid'],
+				$login_mock->loginGetEditAccessCuidFromUid($mock_settings['edit_access_id']),
+				'Assert check access id to cuid valid'
+			);
 			// Deprecated
 			// - loginCheckEditAccess
 			$this->assertEquals(

test/phpunit/Combined/CoreLibsCombinedDateTimeTest.php

@@ -926,48 +926,114 @@ final class CoreLibsCombinedDateTimeTest extends TestCase
 	public function daysIntervalProvider(): array
 	{
 		return [
-			'valid interval /, not named array' => [
-				'2020/1/1',
-				'2020/1/30',
-				false,
-				[29, 22, 8],
+			// normal and format tests
+			'valid interval / not named array' => [
+				'input_a' => '2020/1/1',
+				'input_b' => '2020/1/30',
+				'return_named' => false, // return_named
+				'include_end_date' => true, // include_end_date
+				'exclude_start_date' => false, // exclude_start_date
+				'expected' => [30, 22, 8, false],
 			],
-			'valid interval /, named array' => [
-				'2020/1/1',
-				'2020/1/30',
-				true,
-				['overall' => 29, 'weekday' => 22, 'weekend' => 8],
+			'valid interval / named array' => [
+				'input_a' => '2020/1/1',
+				'input_b' => '2020/1/30',
+				'return_named' => true,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => ['overall' => 30, 'weekday' => 22, 'weekend' => 8, 'reverse' => false],
 			],
-			'valid interval -' => [
-				'2020-1-1',
-				'2020-1-30',
-				false,
-				[29, 22, 8],
-			],
-			'valid interval switched' => [
-				'2020/1/30',
-				'2020/1/1',
-				false,
-				[28, 0, 0],
+			'valid interval with "-"' => [
+				'input_a' => '2020-1-1',
+				'input_b' => '2020-1-30',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => [30, 22, 8, false],
 			],
 			'valid interval with time' => [
-				'2020/1/1 12:12:12',
-				'2020/1/30 13:13:13',
-				false,
-				[28, 21, 8],
+				'input_a' => '2020/1/1 12:12:12',
+				'input_b' => '2020/1/30 13:13:13',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => [30, 22, 8, false],
 			],
+			// invalid
 			'invalid dates' => [
-				'abc',
-				'xyz',
-				false,
-				[0, 0, 0]
+				'input_a' => 'abc',
+				'input_b' => 'xyz',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => [0, 0, 0, false]
 			],
-			// this test will take a long imte
+			// this test will take a long time
 			'out of bound dates' => [
-				'1900-1-1',
-				'9999-12-31',
-				false,
-				[2958463,2113189,845274],
+				'input_a' => '1900-1-1',
+				'input_b' => '9999-12-31',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => [2958463, 2113189, 845274, false],
+			],
+			// tests for include/exclude
+			'exclude end date' => [
+				'input_b' => '2020/1/1',
+				'input_a' => '2020/1/30',
+				'return_named' => false,
+				'include_end_date' => false,
+				'exclude_start_date' => false,
+				'expected' => [29, 21, 8, false],
+			],
+			'exclude start date' => [
+				'input_b' => '2020/1/1',
+				'input_a' => '2020/1/30',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => true,
+				'expected' => [29, 21, 8, false],
+			],
+			'exclude start and end date' => [
+				'input_b' => '2020/1/1',
+				'input_a' => '2020/1/30',
+				'return_named' => false,
+				'include_end_date' => false,
+				'exclude_start_date' => true,
+				'expected' => [28, 20, 8, false],
+			],
+			// reverse
+			'reverse: valid interval' => [
+				'input_a' => '2020/1/30',
+				'input_b' => '2020/1/1',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => [30, 22, 8, true],
+			],
+			'reverse: exclude end date' => [
+				'input_a' => '2020/1/30',
+				'input_b' => '2020/1/1',
+				'return_named' => false,
+				'include_end_date' => false,
+				'exclude_start_date' => false,
+				'expected' => [29, 21, 8, true],
+			],
+			'reverse: exclude start date' => [
+				'input_a' => '2020/1/30',
+				'input_b' => '2020/1/1',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => true,
+				'expected' => [29, 21, 8, true],
+			],
+			'reverse: exclude start and end date' => [
+				'input_a' => '2020/1/30',
+				'input_b' => '2020/1/1',
+				'return_named' => false,
+				'include_end_date' => false,
+				'exclude_start_date' => true,
+				'expected' => [28, 20, 8, true],
 			],
 		];
 	}
@@ -982,19 +1048,27 @@ final class CoreLibsCombinedDateTimeTest extends TestCase
 	 *
 	 * @param string $input_a
 	 * @param string $input_b
-	 * @param bool   $flag
-	 * @param array $expected
+	 * @param bool   $return_named
+	 * @param array  $expected
 	 * @return void
 	 */
 	public function testCalcDaysInterval(
 		string $input_a,
 		string $input_b,
-		bool $flag,
+		bool $return_named,
+		bool $include_end_date,
+		bool $exclude_start_date,
 		$expected
 	): void {
 		$this->assertEquals(
 			$expected,
-			\CoreLibs\Combined\DateTime::calcDaysInterval($input_a, $input_b, $flag)
+			\CoreLibs\Combined\DateTime::calcDaysInterval(
+				$input_a,
+				$input_b,
+				return_named:$return_named,
+				include_end_date:$include_end_date,
+				exclude_start_date:$exclude_start_date
+			)
 		);
 	}
 
@@ -1187,7 +1261,38 @@ final class CoreLibsCombinedDateTimeTest extends TestCase
 				'2023-07-03',
 				'2023-07-27',
 				true
-			]
+			],
+			// reverse
+			'reverse: no weekend' => [
+				'2023-07-04',
+				'2023-07-03',
+				false
+			],
+			'reverse: start weekend sat' => [
+				'2023-07-04',
+				'2023-07-01',
+				true
+			],
+			'reverse: start weekend sun' => [
+				'2023-07-04',
+				'2023-07-02',
+				true
+			],
+			'reverse: end weekend sat' => [
+				'2023-07-08',
+				'2023-07-03',
+				true
+			],
+			'reverse: end weekend sun' => [
+				'2023-07-09',
+				'2023-07-03',
+				true
+			],
+			'reverse: long period > 6 days' => [
+				'2023-07-27',
+				'2023-07-03',
+				true
+			],
 		];
 	}
 

test/phpunit/DB/CoreLibsDBIOTest.php

@@ -3692,7 +3692,7 @@ final class CoreLibsDBIOTest extends TestCase
 	 *
 	 * @return array
 	 */
-	public function preparedProviderValue(): array
+	public function providerDbGetPrepareCursorValue(): array
 	{
 		// 1: query (can be empty for do not set)
 		// 2: stm name
@@ -3736,7 +3736,7 @@ final class CoreLibsDBIOTest extends TestCase
 	 * test return prepare cursor errors
 	 *
 	 * @covers ::dbGetPrepareCursorValue
-	 * @dataProvider preparedProviderValue
+	 * @dataProvider providerDbGetPrepareCursorValue
 	 * @testdox prepared query $stm_name with $key expect error id $error_id [$_dataName]
 	 *
 	 * @param string $query
@@ -3769,6 +3769,94 @@ final class CoreLibsDBIOTest extends TestCase
 		);
 	}
 
+	/**
+	 * Undocumented function
+	 *
+	 * @return array
+	 */
+	public function providerDbPreparedCursorStatus(): array
+	{
+		return [
+			'empty statement pararm' => [
+				'query' => 'SELECT row_int, uid FROM table_with_primary_key',
+				'stm_name' => 'test_stm_a',
+				'check_stm_name' => '',
+				'check_query' => '',
+				'expected' => false
+			],
+			'different stm_name' => [
+				'query' => 'SELECT row_int, uid FROM table_with_primary_key',
+				'stm_name' => 'test_stm_b',
+				'check_stm_name' => 'other_name',
+				'check_query' => '',
+				'expected' => 0
+			],
+			'same stm_name' => [
+				'query' => 'SELECT row_int, uid FROM table_with_primary_key',
+				'stm_name' => 'test_stm_c',
+				'check_stm_name' => 'test_stm_c',
+				'check_query' => '',
+				'expected' => 1
+			],
+			'same stm_name and query' => [
+				'query' => 'SELECT row_int, uid FROM table_with_primary_key',
+				'stm_name' => 'test_stm_d',
+				'check_stm_name' => 'test_stm_d',
+				'check_query' => 'SELECT row_int, uid FROM table_with_primary_key',
+				'expected' => 2
+			],
+			'same stm_name and different query' => [
+				'query' => 'SELECT row_int, uid FROM table_with_primary_key',
+				'stm_name' => 'test_stm_e',
+				'check_stm_name' => 'test_stm_e',
+				'check_query' => 'SELECT row_int, uid, row_int FROM table_with_primary_key',
+				'expected' => 1
+			],
+			'insert query test' => [
+				'query' => 'INSERT INTO table_with_primary_key (row_int, uid) VALUES ($1, $2)',
+				'stm_name' => 'test_stm_f',
+				'check_stm_name' => 'test_stm_f',
+				'check_query' => 'INSERT INTO table_with_primary_key (row_int, uid) VALUES ($1, $2)',
+				'expected' => 2
+			]
+		];
+	}
+
+	/**
+	 * test cursor status for prepared statement
+	 *
+	 * @covers ::dbPreparedCursorStatus
+	 * @dataProvider providerDbPreparedCursorStatus
+	 * @testdox Check prepared $stm_name ($check_stm_name) status is $expected [$_dataName]
+	 *
+	 * @param  string   $query
+	 * @param  string   $stm_name
+	 * @param  string   $check_stm_name
+	 * @param  string   $check_query
+	 * @param  bool|int $expected
+	 * @return void
+	 */
+	public function testDbPreparedCursorStatus(
+		string $query,
+		string $stm_name,
+		string $check_stm_name,
+		string $check_query,
+		bool|int $expected
+	): void {
+		$db = new \CoreLibs\DB\IO(
+			self::$db_config['valid'],
+			self::$log
+		);
+		$db->dbPrepare($stm_name, $query);
+		// $db->dbExecute($stm_name);
+		$this->assertEquals(
+			$expected,
+			$db->dbPreparedCursorStatus($check_stm_name, $check_query),
+			'check prepared stement cursor status'
+		);
+		unset($db);
+	}
+
 	// - schema set/get tests
 	//   dbGetSchema, dbSetSchema
 

test/phpunit/Logging/CoreLibsLoggingLoggingTest.php

@@ -395,7 +395,7 @@ final class CoreLibsLoggingLoggingTest extends TestCase
 		}
 		$per_run_id = $log->getLogUniqueId();
 		$this->assertMatchesRegularExpression(
-			"/^\d{4}-\d{2}-\d{2}_\d{6}_U_[a-z0-9]{8}$/",
+			"/^\d{4}-\d{2}-\d{2}_\d{6}\.U_[a-z0-9]{8}$/",
 			$per_run_id,
 			'assert per log run id 1st'
 		);
@@ -403,7 +403,7 @@ final class CoreLibsLoggingLoggingTest extends TestCase
 			$log->setLogUniqueId(true);
 			$per_run_id_2nd = $log->getLogUniqueId();
 			$this->assertMatchesRegularExpression(
-				"/^\d{4}-\d{2}-\d{2}_\d{6}_U_[a-z0-9]{8}$/",
+				"/^\d{4}-\d{2}-\d{2}_\d{6}\.U_[a-z0-9]{8}$/",
 				$per_run_id_2nd,
 				'assert per log run id 2nd'
 			);
@@ -824,13 +824,13 @@ final class CoreLibsLoggingLoggingTest extends TestCase
 		$this->assertTrue($log_ok, 'assert ::log (debug) OK');
 		$this->assertEquals(
 			$log->getLogFile(),
-			$log->getLogFileId() . '_DEBUG.log'
+			$log->getLogFileId() . '.DEBUG.log'
 		);
 		$log_ok = $log->log(Level::Info, 'INFO', group_id: 'GROUP_ID', prefix: 'PREFIX:');
 		$this->assertTrue($log_ok, 'assert ::log (info) OK');
 		$this->assertEquals(
 			$log->getLogFile(),
-			$log->getLogFileId() . '_INFO.log'
+			$log->getLogFileId() . '.INFO.log'
 		);
 	}
 

test/phpunit/Security/CoreLibsSecurityPasswordTest.php

@@ -13,6 +13,11 @@ use PHPUnit\Framework\TestCase;
  */
 final class CoreLibsSecurityPasswordTest extends TestCase
 {
+	/**
+	 * Undocumented function
+	 *
+	 * @return array
+	 */
 	public function passwordProvider(): array
 	{
 		return [
@@ -21,6 +26,11 @@ final class CoreLibsSecurityPasswordTest extends TestCase
 		];
 	}
 
+	/**
+	 * Note: we need different hash types for PHP versions
+	 *
+	 * @return array
+	 */
 	public function passwordRehashProvider(): array
 	{
 		return [
@@ -63,6 +73,10 @@ final class CoreLibsSecurityPasswordTest extends TestCase
 	 */
 	public function testPasswordRehashCheck(string $input, bool $expected): void
 	{
+		// in PHP 8.4 the length is $12
+		if (PHP_VERSION_ID > 80400) {
+			$input = str_replace('$2y$10$', '$2y$12$', $input);
+		}
 		$this->assertEquals(
 			$expected,
 			\CoreLibs\Security\Password::passwordRehashCheck($input)

test/phpunit/UrlRequests/CoreLibsUrlRequestsCurlTest.php

@@ -969,44 +969,76 @@ final class CoreLibsUrlRequestsCurlTest extends TestCase
 			"query" => ["foo-get" => "bar"]
 		]);
 		$this->assertEquals("200", $response["code"], "multi call: get response code not matching");
-		$this->assertEquals(
-			'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
-			. '"HTTP_FIRST_CALL":"get","HTTP_ACCEPT":"*\/*",'
-			. '"HTTP_HOST":"soba.egplusww.jp"},'
-			. '"REQUEST_TYPE":"GET",'
-			. '"PARAMS":{"foo-get":"bar"},"BODY":null}',
-			$response['content'],
-			'multi call: get content not matching'
-		);
+		if (PHP_VERSION_ID >= 80400) {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_HOST":"soba.egplusww.jp",'
+				. '"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1","HTTP_FIRST_CALL":"get",'
+				. '"HTTP_ACCEPT":"*\/*"},"REQUEST_TYPE":"GET","PARAMS":{"foo-get":"bar"},"BODY":null}',
+				$response['content'],
+				'multi call: get content not matching'
+			);
+		} else {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
+				. '"HTTP_FIRST_CALL":"get","HTTP_ACCEPT":"*\/*",'
+				. '"HTTP_HOST":"soba.egplusww.jp"},'
+				. '"REQUEST_TYPE":"GET",'
+				. '"PARAMS":{"foo-get":"bar"},"BODY":null}',
+				$response['content'],
+				'multi call: get content not matching'
+			);
+		}
 		// post
 		$response = $curl->post($this->url_basic, [
 			"headers" => ["second-call" => "post"],
 			"body" => ["foo-post" => "baz"]
 		]);
 		$this->assertEquals("200", $response["code"], "multi call: post response code not matching");
-		$this->assertEquals(
-			'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
-			. '"HTTP_SECOND_CALL":"post","HTTP_ACCEPT":"*\/*",'
-			. '"HTTP_HOST":"soba.egplusww.jp"},'
-			. '"REQUEST_TYPE":"POST",'
-			. '"PARAMS":[],"BODY":{"foo-post":"baz"}}',
-			$response['content'],
-			'multi call: post content not matching'
-		);
+		if (PHP_VERSION_ID >= 80400) {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_HOST":"soba.egplusww.jp",'
+				. '"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
+				. '"HTTP_SECOND_CALL":"post","HTTP_ACCEPT":"*\/*"},'
+				. '"REQUEST_TYPE":"POST","PARAMS":[],"BODY":{"foo-post":"baz"}}',
+				$response['content'],
+				'multi call: post content not matching'
+			);
+		} else {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
+				. '"HTTP_SECOND_CALL":"post","HTTP_ACCEPT":"*\/*",'
+				. '"HTTP_HOST":"soba.egplusww.jp"},'
+				. '"REQUEST_TYPE":"POST",'
+				. '"PARAMS":[],"BODY":{"foo-post":"baz"}}',
+				$response['content'],
+				'multi call: post content not matching'
+			);
+		}
 		// delete
 		$response = $curl->delete($this->url_basic, [
 			"headers" => ["third-call" => "delete"],
 		]);
 		$this->assertEquals("200", $response["code"], "multi call: delete response code not matching");
-		$this->assertEquals(
-			'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
-			. '"HTTP_THIRD_CALL":"delete","HTTP_ACCEPT":"*\/*",'
-			. '"HTTP_HOST":"soba.egplusww.jp"},'
-			. '"REQUEST_TYPE":"DELETE",'
-			. '"PARAMS":[],"BODY":[]}',
-			$response['content'],
-			'multi call: delete content not matching'
-		);
+		if (PHP_VERSION_ID >= 80400) {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_HOST":"soba.egplusww.jp",'
+				. '"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
+				. '"HTTP_THIRD_CALL":"delete","HTTP_ACCEPT":"*\/*"},'
+				. '"REQUEST_TYPE":"DELETE","PARAMS":[],"BODY":[]}',
+				$response['content'],
+				'multi call: delete content not matching'
+			);
+		} else {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
+				. '"HTTP_THIRD_CALL":"delete","HTTP_ACCEPT":"*\/*",'
+				. '"HTTP_HOST":"soba.egplusww.jp"},'
+				. '"REQUEST_TYPE":"DELETE",'
+				. '"PARAMS":[],"BODY":[]}',
+				$response['content'],
+				'multi call: delete content not matching'
+			);
+		}
 	}
 
 	// MARK: auth header set via config