Remove print_r on multiple returning data warning

- all data stored in array (size contrain needs to be checked)
- allows any returning data
- only named rows are returned (no numbers for column access)
- if multiple rows then insert_id is an array with the return data
- if single row the insert_id holds the PK, and insert_id_ext holds
extended data if exists

4dev/database/bin/create_default_trigger.sh

@@ -1,6 +1,5 @@
 #!/bin/bash
 
-# $Id: create_default_trigger.sh 3158 2010-09-02 02:49:00Z gullevek $
 # creates the default on update trigger for the inherited generic tables (date/name)
 
 orig_file="../tmpl/trigger.tmpl"

4dev/database/bin/drop_data.sh

@@ -1,6 +1,5 @@
 #!/bin/bash
 
-# $Id: drop_data.sh 3158 2010-09-02 02:49:00Z gullevek $
 # quick hack for import
 
 #echo "EXIT";

4dev/database/bin/drop_reload.sh

@@ -1,7 +1,5 @@
 #!/bin/bash
 
-# $Id: drop_reload.sh 3158 2010-09-02 02:49:00Z gullevek $
-
 rm error;
 rm output;
 bin/drop_data.sh;

4dev/database/bin/import_data.sh

@@ -1,6 +1,5 @@
 #!/bin/bash
 
-# $Id: import_data.sh 4382 2013-02-18 07:27:24Z gullevek $
 # quick hack for import
 
 #echo "EXIT";

4dev/database/function/edit_set_access_uid.sql

@@ -0,0 +1,28 @@
+-- add uid add for edit_access table
+
+CREATE OR REPLACE FUNCTION set_edit_access_uid() RETURNS TRIGGER AS 
+$$
+	DECLARE
+		myrec RECORD;
+		v_uid VARCHAR;
+	BEGIN
+		-- skip if NEW.name is not set
+		IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
+			-- use NEW.name as base, remove all spaces
+			-- name data is already unique, so we do not need to worry about this here
+			v_uid := REPLACE(NEW.name, ' ', '');
+			IF TG_OP = 'INSERT' THEN
+				-- always set
+				NEW.uid := v_uid;
+			ELSIF TG_OP = 'UPDATE' THEN
+				-- check if not set, then set
+				SELECT INTO myrec t.* FROM edit_access t WHERE edit_access_id = NEW.edit_access_id;
+				IF FOUND THEN
+					NEW.uid := v_uid;
+				END IF;
+			END IF;
+		END IF;
+		RETURN NEW;
+	END;
+$$
+	LANGUAGE 'plpgsql';

4dev/database/function/set_generic.sql

@@ -0,0 +1,12 @@
+-- adds the created or updated date tags
+
+CREATE OR REPLACE FUNCTION set_generic() RETURNS TRIGGER AS '
+	BEGIN
+		IF TG_OP = ''INSERT'' THEN
+			NEW.date_created := ''now'';
+		ELSIF TG_OP = ''UPDATE'' THEN
+			NEW.date_updated := ''now'';
+		END IF;
+		RETURN NEW;
+	END;
+' LANGUAGE 'plpgsql';

4dev/database/function/update_function.sql

@@ -1,4 +1,3 @@
--- $Id: update_function.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- adds the created or updated date tags
 
 CREATE OR REPLACE FUNCTION set_generic() RETURNS TRIGGER AS '

4dev/database/table/edit_access.sql

@@ -1,4 +1,3 @@
--- $Id: edit_access.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_access_data.sql

@@ -0,0 +1,16 @@
+-- AUTHOR: Clemens Schwaighofer
+-- DATE: 2016/7/15
+-- DESCRIPTION:
+-- sub table to edit access, holds additional data for access group
+-- TABLE: edit_access_data
+-- HISTORY:
+
+-- DROP TABLE edit_access_data;
+CREATE TABLE edit_access_data (
+	edit_access_data_id	SERIAL PRIMARY KEY,
+	edit_access_id INT NOT NULL,
+	name	VARCHAR,
+	value	VARCHAR,
+	enabled	SMALLINT NOT NULL DEFAULT 0, 
+	FOREIGN KEY (edit_access_id) REFERENCES edit_access (edit_access_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE 
+) INHERITS (edit_generic) WITHOUT OIDS;

4dev/database/table/edit_access_right.sql

@@ -1,4 +1,3 @@
--- $Id: edit_access_right.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_access_user.sql

@@ -1,4 +1,3 @@
--- $Id: edit_access_user.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_generic.sql

@@ -1,4 +1,3 @@
--- $Id: edit_generic.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:
@@ -10,7 +9,5 @@
 CREATE TABLE edit_generic (
 	eg_status	INT,
 	date_created	TIMESTAMP WITHOUT TIME ZONE DEFAULT clock_timestamp(),
-	date_updated	TIMESTAMP WITHOUT TIME ZONE,
-	user_created	VARCHAR(25) DEFAULT CURRENT_USER,
-	user_updated	VARCHAR(25)
+	date_updated	TIMESTAMP WITHOUT TIME ZONE
 );

4dev/database/table/edit_group.sql

@@ -1,4 +1,3 @@
--- $Id: edit_group.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_language.sql

@@ -1,4 +1,3 @@
--- $Id: edit_language.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_log.sql

@@ -1,4 +1,3 @@
--- $Id: edit_log.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:
@@ -11,7 +10,7 @@ CREATE TABLE edit_log (
 	edit_log_id	SERIAL PRIMARY KEY,
 	username	VARCHAR,
 	password	VARCHAR,
-	event_date	TIMESTAMP(0) WITHOUT TIME ZONE DEFAULT CURRENT_TIMESTAMP,
+	event_date	TIMESTAMP WITHOUT TIME ZONE DEFAULT CURRENT_TIMESTAMP,
 	ip	VARCHAR,
 	error	TEXT,
 	event	TEXT,

4dev/database/table/edit_menu_group.sql

@@ -1,4 +1,3 @@
--- $Id: edit_menu_group.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_page.sql

@@ -1,4 +1,3 @@
--- $Id: edit_page.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_page_access.sql

@@ -1,4 +1,3 @@
--- $Id: edit_page_access.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_page_menu_group.sql

@@ -1,4 +1,3 @@
--- $Id: edit_page_menu_group.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_page_visible_group.sql

@@ -1,4 +1,3 @@
--- $Id: edit_page_visible_group.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_query_string.sql

@@ -1,4 +1,3 @@
--- $Id: edit_query_string.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_scheme.sql

@@ -1,4 +1,3 @@
--- $Id: edit_scheme.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_temp_files.sql

@@ -1,4 +1,3 @@
--- $Id: edit_temp_files.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/08
 -- DESCRIPTION:

4dev/database/table/edit_user.sql

@@ -1,4 +1,3 @@
--- $Id: edit_user.sql 4226 2012-11-02 07:19:57Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/06
 -- DESCRIPTION:

4dev/database/table/edit_visible_group.sql

@@ -1,4 +1,3 @@
--- $Id: edit_visible_group.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/generic.sql

@@ -1,4 +1,3 @@
--- $Id: generic.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:
@@ -8,9 +7,6 @@
 
 -- DROP TABLE edit_generic;
 CREATE TABLE generic (
-	row_status	INT,
 	date_created	TIMESTAMP WITHOUT TIME ZONE DEFAULT clock_timestamp(),
-	date_updated	TIMESTAMP WITHOUT TIME ZONE,
-	user_created	VARCHAR(25) DEFAULT CURRENT_USER,
-	user_updated	VARCHAR(25)
+	date_updated	TIMESTAMP WITHOUT TIME ZONE
 );

4dev/database/trigger/trg_edit_access.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_access.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_access ON edit_access;
 CREATE TRIGGER trg_edit_access
 BEFORE INSERT OR UPDATE ON edit_access

4dev/database/trigger/trg_edit_access_data.sql

@@ -0,0 +1,4 @@
+-- DROP TRIGGER trg_edit_access_data ON edit_access_data;
+CREATE TRIGGER trg_edit_access_data
+BEFORE INSERT OR UPDATE ON edit_access_data
+FOR EACH ROW EXECUTE PROCEDURE set_generic();

4dev/database/trigger/trg_edit_access_right.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_access_right.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_access_right ON edit_access_right;
 CREATE TRIGGER trg_edit_access_right
 BEFORE INSERT OR UPDATE ON edit_access_right

4dev/database/trigger/trg_edit_access_user.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_access_user.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_access_user ON edit_access_user;
 CREATE TRIGGER trg_edit_access_user
 BEFORE INSERT OR UPDATE ON edit_access_user

4dev/database/trigger/trg_edit_group.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_group.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_group ON edit_group;
 CREATE TRIGGER trg_edit_group
 BEFORE INSERT OR UPDATE ON edit_group

4dev/database/trigger/trg_edit_language.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_language.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_language ON edit_language;
 CREATE TRIGGER trg_edit_language
 BEFORE INSERT OR UPDATE ON edit_language

4dev/database/trigger/trg_edit_log.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_log.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_log ON edit_log;
 CREATE TRIGGER trg_edit_log
 BEFORE INSERT OR UPDATE ON edit_log

4dev/database/trigger/trg_edit_menu_group.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_menu_group.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_visible_group ON edit_visible_group;
 CREATE TRIGGER trg_edit_menu_group
 BEFORE INSERT OR UPDATE ON edit_menu_group

4dev/database/trigger/trg_edit_page.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_page.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_page ON edit_page;
 CREATE TRIGGER trg_edit_page
 BEFORE INSERT OR UPDATE ON edit_page

4dev/database/trigger/trg_edit_page_access.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_page_access.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_page_access ON edit_page_access;
 CREATE TRIGGER trg_edit_page_access
 BEFORE INSERT OR UPDATE ON edit_page_access

4dev/database/trigger/trg_edit_query_string.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_query_string.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_query_string ON edit_query_string;
 CREATE TRIGGER trg_edit_query_string
 BEFORE INSERT OR UPDATE ON edit_query_string

4dev/database/trigger/trg_edit_scheme.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_scheme.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_scheme ON edit_scheme;
 CREATE TRIGGER trg_edit_scheme
 BEFORE INSERT OR UPDATE ON edit_scheme

4dev/database/trigger/trg_edit_user.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_user.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_user ON edit_user;
 CREATE TRIGGER trg_edit_user
 BEFORE INSERT OR UPDATE ON edit_user

4dev/database/trigger/trg_edit_visible_group.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_visible_group.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_visible_group ON edit_visible_group;
 CREATE TRIGGER trg_edit_visible_group
 BEFORE INSERT OR UPDATE ON edit_visible_group

4dev/database/trigger/trg_set_edit_access_uid.sql

@@ -0,0 +1,4 @@
+-- DROP TRIGGER trg_set_edit_access_uid ON edit_access;
+CREATE TRIGGER trg_set_edit_access_uid
+BEFORE INSERT OR UPDATE ON edit_access
+FOR EACH ROW EXECUTE PROCEDURE set_edit_access_uid();

www/admin/class_test.php

@@ -1,11 +1,11 @@
 <?
-	$DEBGU_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+	$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
 	$DEBUG_ALL = 1;
 	$PRINT_ALL = 1;
 	$DB_DEBUG = 1;
 
 	if ($DEBUG_ALL)
-		error_reporting(E_ALL | E_STRICT |  E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+		error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
 
 	define('USE_DATABASE', true);
 	// sample config
@@ -28,10 +28,12 @@
 	
 	// set + check edit access id
 	$edit_access_id = 3;
+	print "ACL UNIT: ".print_r(array_keys($login->acl['unit']), 1)."<br>";
+	print "ACCESS CHECK: ".$login->login_check_edit_access($edit_access_id)."<br>";
 	if ($login->login_check_edit_access($edit_access_id))
 		$basic->edit_access_id = $edit_access_id;
 	else
-		$basic->edit_access_id = $login->acl['info']['default_edit_access'];
+		$basic->edit_access_id = $login->acl['unit_id'];
 
 //	$basic->debug('SESSION', $basic->print_ar($_SESSION));
 
@@ -52,9 +54,6 @@
 	print "DEBUG OUT ALL: ".$basic->debug_output_all."<br>";	
 	print "ECHO OUT ALL: ".$basic->echo_output_all."<br>";	
 	print "PRINT OUT ALL: ".$basic->print_output_all."<br>";	
-	// file name (logging)
-	print "FILENAME EXT: ".$basic->file_name_ext."<br>";
-	print "MAX FILESIZE: ".$basic->max_filesize."<br>";
 
 	print "CALLER BACKTRACE: ".$basic->get_caller_method()."<br>";
 	$basic->debug('SOME MARK', 'Some error output');
@@ -75,12 +74,17 @@
 	}
 
 	$status = $basic->db_exec("INSERT INTO foo (test) VALUES ('FOO TEST ".time()."') RETURNING test");
-	print "DIRECT INSERT STATUS: $status | PRIMARY KEY: ".$basic->insert_id."<br>";
+	print "DIRECT INSERT STATUS: $status | PRIMARY KEY: ".$basic->insert_id." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, 1)."<br>";
 	print "DIRECT INSERT PREVIOUS INSERTED: ".print_r($basic->db_return_row("SELECT foo_id, test FROM foo WHERE foo_id = ".$basic->insert_id), 1)."<br>";
 	$basic->db_prepare("ins_foo", "INSERT INTO foo (test) VALUES ($1)");
 	$status = $basic->db_execute("ins_foo", array('BAR TEST '.time()));
-	print "PREPARE INSERT STATUS: $status | PRIMARY KEY: ".$basic->insert_id."<br>";
+	print "PREPARE INSERT STATUS: $status | PRIMARY KEY: ".$basic->insert_id." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, 1)."<br>";
 	print "PREPARE INSERT PREVIOUS INSERTED: ".print_r($basic->db_return_row("SELECT foo_id, test FROM foo WHERE foo_id = ".$basic->insert_id), 1)."<br>";
+	// returning test with multiple entries
+//	$status = $basic->db_exec("INSERT INTO foo (test) values ('BAR 1 ".time()."'), ('BAR 2 ".time()."'), ('BAR 3 ".time()."') RETURNING foo_id");
+	$status = $basic->db_exec("INSERT INTO foo (test) values ('BAR 1 ".time()."'), ('BAR 2 ".time()."'), ('BAR 3 ".time()."') RETURNING foo_id, test");
+	print "DIRECT MULTIPLE INSERT STATUS: $status | PRIMARY KEYS: ".print_r($basic->insert_id, 1)." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, 1)."<br>";
+
 
 	# async test queries
 /*	$basic->db_exec_async("SELECT test FROM foo, (SELECT pg_sleep(10)) as sub WHERE foo_id IN (27, 50, 67, 44, 10)");
@@ -123,7 +127,7 @@
 	print "DB Version bigger than $to_db_version: ".$basic->db_compare_version('>='.$to_db_version)."<br>";
 	print "DB Version bigger $to_db_version: ".$basic->db_compare_version('>'.$to_db_version)."<br>";
 
-	$q = "SELECT FOO FRO BAR";
+/*	$q = "SELECT FOO FRO BAR";
 //	$q = "Select * from foo";
 	$foo = $basic->db_exec_async($q);
 	print "[ERR] Query: ".$q."<br>";
@@ -132,7 +136,7 @@
 	{
 		print "[ERR]: $ret<br>";
 //		sleep(5);
-	}
+	} */
 
 	// search path check
 	$q = "SHOW search_path";

www/admin/edit_base.inc

@@ -9,7 +9,7 @@
 	*	 - edit_pages.php
 	*	 - edit_schemes.php
 	*	 - edit_users.php
-	*    - edit_visible_group.php
+	*	 - edit_visible_group.php
 	* HISTORY:
 	* 2005/06/30 (cs) remove color settings, they are in CSS File now
 	* 2005/06/22 (cs) moved load of config array into form class, set lang and lang is must set var for form class; removed the page name setting, moved it into the form class, remove all HTML from main page
@@ -107,15 +107,15 @@
 	}
 
 	// log backend data
-    // data part creation
-    $data = array (
-        '_SESSION' => $_SESSION,
-        '_GET' => $_GET,
-        '_POST' => $_POST,
-        '_FILES' => $_FILES
-    );
-    // log action
-    EditLog('Edit Submit', serialize($data));
+	// data part creation
+	$data = array (
+		'_SESSION' => $_SESSION,
+		'_GET' => $_GET,
+		'_POST' => $_POST,
+		'_FILES' => $_FILES
+	);
+	// log action
+	EditLog('Edit Submit', serialize($data));
 
 	$form->form_procedure_load(${$form->archive_pk_name});
 	$form->form_procedure_new();
@@ -230,6 +230,8 @@
 				$elements[] = $form->form_create_element("password");
 				$elements[] = $form->form_create_element("password_change_interval");
 				$elements[] = $form->form_create_element("email");
+				$elements[] = $form->form_create_element("last_name");
+				$elements[] = $form->form_create_element("first_name");
 				$elements[] = $form->form_create_element("edit_group_id");
 				$elements[] = $form->form_create_element("edit_access_right_id");
 				$elements[] = $form->form_create_element("strict");
@@ -308,12 +310,15 @@
 				$elements[] = $form->form_create_element("name");
 				$elements[] = $form->form_create_element("color");
 				$elements[] = $form->form_create_element("description");
+				// add name/value list here
+				$elements[] = $form->form_show_list_table("edit_access_data");
+			break;
 			break;
 			default:
 				print "NO NO NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO!";
 			break;
 		}
-//$form->debug('edit', "Elements: <pre>".$form->print_ar($elements));
+//		$form->debug('edit', "Elements: <pre>".$form->print_ar($elements));
 		$DATA['elements'] = $elements;
 		$DATA['hidden'] = $form->form_create_hidden_fields();
 		$DATA['save_delete'] = $form->form_create_save_delete();

www/admin/edit_order.php

@@ -67,7 +67,7 @@
 		$smarty->setTemplateDir(TEMPLATES.DEFAULT_TEMPLATE);
 		$DATA['css'] = CSS.DEFAULT_TEMPLATE;
 		$DATA['js'] = JS.DEFAULT_TEMPLATE;
-    }
+	}
 
 	// order name is _always_ order_number for the edit interface
 

www/admin/files.php

@@ -155,7 +155,7 @@
 		if (!$error)
 		{
 			if ($_FILES['file_up']['name'])
-            {
+			{
 				$mime_type = $_FILES['file_up']['type'];
 				$file_size = $_FILES['file_up']['size'];
 				$file_name = $_FILES['file_up']['name'];

www/admin/header.inc

@@ -56,14 +56,14 @@
 	$smarty = new SmartyML($lang);
 	// create new DB class
 	$cms = new AdminBackend($DB_CONFIG[MAIN_DB], $lang);
-	// set daily rotation
-	$cms->file_name_ext = '_'.date('Y-m-d').'.log';
 	// set search path to the default DB schema
 	$cms->db_exec("SET search_path TO ".DB_SCHEMA);
 	// the menu show flag (what menu to show)
 	$cms->menu_show_flag = 'main';
 	// db nfo
 	$cms->db_info();
+	// set acl
+	$cms->acl = $login->acl;
 	//------------------------------ class init end
 
 	//------------------------------ logging start

www/admin/set_paths.inc

@@ -95,7 +95,7 @@
 	if (!is_dir($cms->pictures))
 		$cms->pictures = LAYOUT.DEFAULT_TEMPLATE.PICTURES.'/';
 	if (!is_dir($cms->cache_pictures))
-	   	$cms->cache_pictures = LAYOUT.DEFAULT_TEMPLATE.CACHE.IMAGES.'/';
+		$cms->cache_pictures = LAYOUT.DEFAULT_TEMPLATE.CACHE.IMAGES.'/';
 
 	// if the template_dir is != DEFAULT_TEMPLATE, then try to make a lang switch
 	// if the default lang is not like the lang given, switch lang

www/admin/table_arrays/array_edit_access.inc

@@ -10,7 +10,8 @@
 				"value" => $GLOBALS["name"],
 				"output_name" => $this->l->__("Access Group Name"),
 				"mandatory" => 1,
-				"type" => "text"
+				"type" => "text",
+				"error_check" => "alphanumericspace|unique"
 			),
 			"description" => array (
 				"value" => $GLOBALS["description"],
@@ -20,7 +21,7 @@
 			"color" => array (
 				"value" => $GLOBALS["color"],
 				"output_name" => $this->l->__("Color"),
-				"mandatory" => 1,
+				"mandatory" => 0,
 				"type" => "text",
 				"size" => 6,
 				"length" => 6,
@@ -28,7 +29,6 @@
 				"error_regex" => "/[\dA-Fa-f]{6}/",
 				"error_example" => "F6A544"
 			)
-
 		),
 		"table_name" => "edit_access",
 		"load_query" => "SELECT edit_access_id, name FROM edit_access ORDER BY name",
@@ -36,6 +36,43 @@
 			array (
 				"name" => "name"
 			)
+		),
+		"element_list" => array (
+			"edit_access_data" => array (
+				"output_name" => "Edit Access Data",
+				"type" => "reference_data", # is not a sub table read and connect, but only a sub table with data
+				"max_empty" => 5, # maxium visible if no data is set, if filled add this number to visible
+				"prefix" => "ead",
+				"elements" => array (
+					"edit_access_data_id" => array (
+						"output_name" => "Activate",
+						"type" => "hidden",
+						"int" => 1,
+						"pk_id" => 1
+					),
+					"name" => array (
+						"type" => "text",
+						"error_check" => "alphanumeric|unique",
+						"output_name" => "Name"
+					),
+					"value" => array (
+						"type" => "text",
+						"output_name" => "Value"
+					),
+					"enabled" => array (
+						"type" => "checkbox",
+						"output_name" => "Activate",
+						"int" => 1,
+						"element_list" => array(1)
+					),
+					"edit_access_id" => array (
+						"int" => 1,
+						"type" => "hidden",
+						"fk_id" => 1 # reference main key from master table above
+					)
+
+				)
+			)
 		)
 	);
 ?>

www/admin/table_arrays/array_edit_users.inc

@@ -2,24 +2,24 @@
 	$edit_users = array (
 		"table_array" => array (
 			"edit_user_id" => array (
-				"value" => $GLOBALS["edit_user_id"], 
+				"value" => $GLOBALS["edit_user_id"],
 				"type" => "hidden",
 				"pk" => 1,
 				"int" => 1
 			),
 			"username" => array (
-				"value" => $GLOBALS["username"], 
-				"output_name" => "Username", 
-				"mandatory" => 1, 
+				"value" => $GLOBALS["username"],
+				"output_name" => "Username",
+				"mandatory" => 1,
 				"error_check" => "unique|alphanumericextended",
 				"type" => "text"
 			),
 			"password" => array (
-				"value" => $GLOBALS["password"], 
+				"value" => $GLOBALS["password"],
 				"HIDDEN_value" => $GLOBALS["HIDDEN_password"],
 				"CONFIRM_value" => $GLOBALS["CONFIRM_password"],
-				"output_name" => "Password", 
-				"mandatory" => 1, 
+				"output_name" => "Password",
+				"mandatory" => 1,
 				"type" => "password", // later has to be password for encryption in database
 				'update' => array ( // connected field updates, and update data
 					'password_change_date' => array ( // db row to update
@@ -34,17 +34,18 @@
 				'output_name' => 'Password change interval',
 				'error_check' => 'intervalshort', // can be any date length format. n Y/M/D [not H/M/S], only one set, no combination
 				'type' => 'text',
+				'interval' => 1, // interval needs NULL write for empty
 				'size' => 5, // make it 5 chars long
 				'length' => 5
 			),
 			// password reset force interval, if set, user needs to reset password after X time period
 			"enabled" => array (
-				"value" => $GLOBALS["enabled"], 
-				"output_name" => "Enabled", 
-				"type" => "binary", 
+				"value" => $GLOBALS["enabled"],
+				"output_name" => "Enabled",
+				"type" => "binary",
 				"int" => 1,
 				"element_list" => array (
-					"1" => "Yes", 
+					"1" => "Yes",
 					"0" => "No"
 				)
 			),
@@ -79,28 +80,38 @@
 				)
 			),
 			"debug" => array (
-				"value" => $GLOBALS["debug"], 
-				"output_name" => "Debug", 
-				"type" => "binary", 
+				"value" => $GLOBALS["debug"],
+				"output_name" => "Debug",
+				"type" => "binary",
 				"int" => 1,
 				"element_list" => array (
-					"1" => "Yes", 
+					"1" => "Yes",
 					"0" => "No"
 				)
 			),
 			"db_debug" => array (
-				"value" => $GLOBALS["db_debug"], 
-				"output_name" => "DB Debug", 
-				"type" => "binary", 
+				"value" => $GLOBALS["db_debug"],
+				"output_name" => "DB Debug",
+				"type" => "binary",
 				"int" => 1,
 				"element_list" => array (
-					"1" => "Yes", 
+					"1" => "Yes",
 					"0" => "No"
 				)
 			),
 			"email" => array (
-				"value" => $GLOBALS["email"], 
-				"output_name" => "E-Mail", 
+				"value" => $GLOBALS["email"],
+				"output_name" => "E-Mail",
+				"type" => "text"
+			),
+			"last_name" => array (
+				"value" => $GLOBALS["last_name"],
+				"output_name" => "Last Name",
+				"type" => "text"
+			),
+			"first_name" => array (
+				"value" => $GLOBALS["first_name"],
+				"output_name" => "First Name",
 				"type" => "text"
 			),
 			"edit_language_id" => array (

www/configs/config.inc

@@ -9,9 +9,9 @@
 
 	/************* SESSION NAMES *************/
 	// backend
-	DEFINE('EDIT_SESSION_NAME', "ADMIN_SESSION_NAME");
+	DEFINE('EDIT_SESSION_NAME', "<ADMIN SESSION NAME>");
 	// frontend
-	DEFINE('SESSION_NAME', "SESSION_NAME");
+	DEFINE('SESSION_NAME', "<SESSION NAME>");
 	
 	/************* LANGUAGE / ENCODING *******/
 	DEFINE('DEFAULT_LANG', "en_utf8");
@@ -34,7 +34,7 @@
 	DEFINE('ROOT', getcwd()."/");
 	// libs path
 	DEFINE('LIBS', "libs/");
-	// includes (strings, arrays for stati, etc)
+	// includes (strings, arrays for static, etc)
 	DEFINE('INCLUDES', "includes/");
 	// layout base path
 	DEFINE('LAYOUT', 'layout/');
@@ -85,7 +85,7 @@
 
 	/************* HASH / ACL DEFAULT / ERROR SETTINGS / SMARTY *************/
 	// default hash type
-	DEFINE('DEFAULT_HASH', 'ripemd160');
+	DEFINE('DEFAULT_HASH', 'sha256');
 	// default acl level
 	DEFINE('DEFAULT_ACL_LEVEL', 80);
 	// default levels for certain actions
@@ -97,7 +97,7 @@
 	DEFINE('DEFAULT_ACL_DEL', 80);
 	DEFINE('DEFAULT_ACL_ADMIN', 100); */
 	// SSL host name
-//	DEFINE('SSL_HOST', "www4.adidas.co.jp");
+//	DEFINE('SSL_HOST', "ssl.host.name");
 	// error page strictness, Default is 3
 	// 1: only show error page as the last mesure if really no mid & aid can be loaded and found at all
 	// 2: if template not found, do not search, show error template
@@ -106,7 +106,7 @@
 //	DEFINE('ERROR_STRICT', 3);
 	// allow page caching in general, set to "FALSE" if you do debugging or development!
 //	DEFINE('ALLOW_SMARTY_CACHE', FALSE);
-	// cache life time, in second', default here is 2 days (172800s)
+	// cache life time, in seconds, default here is 2 days (172800s)
 	// -1 is never expire cache
 //	DEFINE('SMARTY_CACHE_LIFETIME', -1);
 
@@ -135,17 +135,23 @@
 	// live_queue is a global queue system
 //	DEFINE('QUEUE', 'live_queue');
 
+	/************* DB PATHS (PostgreSQL) *****************/
+	// schema names, can also be defined per <DB INFO>
+	DEFINE('PUBLIC_SCHEMA', 'public');
+	DEFINE('DEV_SCHEMA', 'public');
+	DEFINE('TEST_SCHEMA', 'public');
+
 	// non constant part
 	/************* DB ACCESS *****************/
 	// please be VERY carefull only to change the right side
 	$DB_CONFIG = array(
-		"test" => array (
-			"db_name" => "gullevek",
-			"db_user" => "gullevek",
-			"db_pass" => "gullevek",
-			"db_host" => "db.tokyo.tequila.jp",
+		"<db id>" => array (
+			"db_name" => "<database>",
+			"db_user" => "<user>",
+			"db_pass" => "<password>",
+			"db_host" => "<host>",
 			"db_port" => "5432",
-			"db_schema" => "public",
+			"db_schema" => "public", // if not set, uses public
 			"db_type" => "pgsql",
 			"db_encoding" => '',
 			"db_ssl" => 'disable' // allow, disable, require, prefer
@@ -160,27 +166,19 @@
 
 	// each host has a different db_host
 	// development host
-	$DB_HOST['soba'] = "test";
-	$DB_HOST['soba.tokyo.tequila.jp'] = "test";
+	$DB_HOST['<host>'] = "<db id>";
 	// target host (live)
-//	$DB_TARGET_HOST['soba'] = "<DB ID>";
+//	$DB_TARGET_HOST['<host>'] = "<DB ID>";
 	// url redirect database
-//	$DB_URL_REDIRECT_HOST['soba'] = "<DB ID>";
+//	$DB_URL_REDIRECT_HOST['<host>'] = "<DB ID>";
 	// location flagging
 	// test/dev/live
-	$LOCATION['soba'] = 'test';
-	$LOCATION['soba.tokyo.tequila.jp'] = 'test';
+	$LOCATION['<host>'] = '<test|live|remote|etc>';
 	// show DEBUG override
 	// true/false
-	$DEBUG_FLAG['soba'] = true;
-	$DEBUG_FLAG['soba.tokyo.tequila.jp'] = true;
-	// schema names, can also be defined per <DB INFO>
-	DEFINE('PUBLIC_SCHEMA', 'public');
-	DEFINE('DEV_SCHEMA', 'public');
-	DEFINE('TEST_SCHEMA', 'public');
-    // and set to domain
-    $DB_PATH['soba'] = PUBLIC_SCHEMA;
-    $DB_PATH['soba.tokyo.tequila.jp'] = PUBLIC_SCHEMA;
+	$DEBUG_FLAG['<host>'] = true;
+    // set postgresql paths (schemas)
+    $DB_PATH['<host>'] = PUBLIC_SCHEMA;
 
 	// set the USE_DATABASE var, if there is nothing set, we assume TRUE
 	$USE_DATABASE = defined('USE_DATABASE') ? USE_DATABASE : true;
@@ -206,7 +204,7 @@
 //	DEFINE('TEST_SCHEMA', $DB_CONFIG[MAIN_DB]['db_schema']);
 //	DEFINE('PUBLIC_SCHEMA', $DB_CONFIG[TARGET_DB]['db_schema']);
 	DEFINE('LOGIN_DB_SCHEMA', 'public'); // where the edit* tables are
-	DEFINE('GLOBAL_DB_SCHEMA', 'public'); // where global tables are that are used by all schemas (eg queue tables for online', etc)
+	DEFINE('GLOBAL_DB_SCHEMA', 'public'); // where global tables are that are used by all schemas (eg queue tables for online, etc)
 	DEFINE('TARGET', $LOCATION[$HOST_NAME]);
 //	DEFINE('CSV_PATH', $PATHS[TARGET]['csv_path']);
 //	DEFINE('EXPORT_SCRIPT', $PATHS[TARGET]['perl_bin']);
@@ -258,12 +256,12 @@
 	{
 		// where to search for the files to include
 		$dirs = array (
-			LIBDIR, 
+			LIBDIR,
 			SMARTYDIR,
 			TABLEARRAYDIR,
 			'',
-			LIBS, 
-			SMARTY, 
+			LIBS,
+			SMARTY,
 			TABLE_ARRAYS,
 			__DIR__.'/'.LIBS,
 			__DIR__.'/'.SMARTY
@@ -279,5 +277,4 @@
 		}
 		return false;
 	}
-	
 ?>

www/configs/config.template.inc

@@ -1,10 +1,5 @@
 <?
 	/********************************************************************
-	* $HeadURL: svn://svn/development/core_data/php/www/configs/config.template.inc $
-	* $LastChangedBy: gullevek $
-	* $LastChangedDate: 2013-02-18 16:27:24 +0900 (Mon, 18 Feb 2013) $
-	* $LastChangedRevision: 4382 $
-	*********************************************************************
 	* AUTHOR: Clemens "Gullevek" Schwaighofer (www.gullevek.org)
 	* CREATED: 2003/06/10
 	* SHORT DESCRIPTION:
@@ -24,11 +19,22 @@
 	DEFINE('DEFAULT_ENCODING', "UTF-8");
 		
 	/************* PATHS *********************/
-	// path to document root
+	// ** NEW/BETTER DIR DECLARATIONS **
+	// path to original file (if symlink)
+	DEFINE('DIR', __DIR__."/");
+	// libs base path based on DIR
+	DEFINE('LIBDIR', DIR.'libs/');
+	// SMARTY path based on DIR
+	DEFINE('SMARTYDIR', DIR.'Smarty/');
+	// table arrays for Class Form
+	DEFINE('TABLEARRAYDIR', DIR.'table_arrays/');
+
+	// ** OLD DIR DECLARATIONS **
+	// path to document root of file called
 	DEFINE('ROOT', getcwd()."/");
 	// libs path
 	DEFINE('LIBS', "libs/");
-	// includes (strings', arrays for stati, etc)
+	// includes (strings, arrays for static, etc)
 	DEFINE('INCLUDES', "includes/");
 	// layout base path
 	DEFINE('LAYOUT', 'layout/');
@@ -79,7 +85,7 @@
 
 	/************* HASH / ACL DEFAULT / ERROR SETTINGS / SMARTY *************/
 	// default hash type
-	DEFINE('DEFAULT_HASH', 'ripemd160');
+	DEFINE('DEFAULT_HASH', 'sha256');
 	// default acl level
 	DEFINE('DEFAULT_ACL_LEVEL', 80);
 	// default levels for certain actions
@@ -91,7 +97,7 @@
 	DEFINE('DEFAULT_ACL_DEL', 80);
 	DEFINE('DEFAULT_ACL_ADMIN', 100); */
 	// SSL host name
-//	DEFINE('SSL_HOST', "www4.adidas.co.jp");
+//	DEFINE('SSL_HOST', "ssl.host.name");
 	// error page strictness, Default is 3
 	// 1: only show error page as the last mesure if really no mid & aid can be loaded and found at all
 	// 2: if template not found, do not search, show error template
@@ -129,6 +135,12 @@
 	// live_queue is a global queue system
 //	DEFINE('QUEUE', 'live_queue');
 
+	/************* DB PATHS (PostgreSQL) *****************/
+	// schema names, can also be defined per <DB INFO>
+	DEFINE('PUBLIC_SCHEMA', 'public');
+	DEFINE('DEV_SCHEMA', 'public');
+	DEFINE('TEST_SCHEMA', 'public');
+
 	// non constant part
 	/************* DB ACCESS *****************/
 	// please be VERY carefull only to change the right side
@@ -139,8 +151,9 @@
 			"db_pass" => "<DB PASSWORD>",
 			"db_host" => "<DB HOST>",
 			"db_port" => "5432",
-			"db_schema" => "<DB SCHEMA>",
+			"db_schema" => "<DB SCHEMA>", // if not set, uses public
 			"db_type" => "pgsql",
+			"db_encoding" => '',
 			"db_ssl" => 'disable' // allow, disable, require, prefer
 		)
 	);
@@ -160,15 +173,11 @@
 //	$DB_URL_REDIRECT_HOST['<HOST NAME>'] = "<DB ID>";
 	// location flagging
 	// test/dev/live
-	$LOCATION['<HOST NAME>'] = 'test';
+	$LOCATION['<HOST NAME>'] = '<test|live|remote|etc>';
 	// show DEBUG override
 	// true/false
 	$DEBUG_FLAG['<HOST NAME>'] = true;
-	// schema names, can also be defined per <DB INFO>
-	DEFINE('PUBLIC_SCHEMA', 'public');
-	DEFINE('DEV_SCHEMA', 'public');
-	DEFINE('TEST_SCHEMA', 'public');
-    // and set to domain
+    // set postgresql paths (schemas)
     $DB_PATH['<HOST NAME>'] = PUBLIC_SCHEMA;
 
 	// set the USE_DATABASE var, if there is nothing set, we assume TRUE
@@ -201,6 +210,7 @@
 //	DEFINE('EXPORT_SCRIPT', $PATHS[TARGET]['perl_bin']);
 //	DEFINE('REDIRECT_URL', $PATHS[TARGET]['redirect_url']);
 	DEFINE('DEBUG', $DEBUG_FLAG[$HOST_NAME]);
+	DEFINE('SHOW_ALL_ERRORS', false); // show all errors if debug_all & show_error_handling are enabled
 
 	/************* GENERAL PAGE TITLE ********/
 	$G_TITLE = '<OVERALL PAGE TITLE>';
@@ -228,8 +238,43 @@
 		}
 	}
 
+	// turn off debug if debug flag is OFF
+	if (DEBUG == false)
+	{
+		$ECHO_ALL = 0;
+		$DEBUG_ALL = 0;
+		$PRINT_ALL = 0;
+		$DB_DEBUG = 0;
+		$ENABLE_ERROR_HANDLING = 0;
+	}
+
 	// any other global definitons here
 //	DEFINE('SOME_ID', <SOME VALUE>);
-	
-	// $Id: config.template.inc 4382 2013-02-18 07:27:24Z gullevek $	
+
+	// function that will be called on top of each class include to load the class
+	function _spl_autoload($include_file)
+	{
+		// where to search for the files to include
+		$dirs = array (
+			LIBDIR,
+			SMARTYDIR,
+			TABLEARRAYDIR,
+			'',
+			LIBS,
+			SMARTY,
+			TABLE_ARRAYS,
+			__DIR__.'/'.LIBS,
+			__DIR__.'/'.SMARTY
+		);
+		// try to find and load the class ifle
+		foreach ($dirs as $folder)
+		{
+			if (file_exists($folder.$include_file))
+			{
+				require_once($folder.$include_file);
+				return true;
+			}
+		}
+		return false;
+	}
 ?>

www/layout/admin/default/javascript/jquery-min.js

@@ -1 +1 @@
-jquery-2.1.3.min.js
+jquery-3.1.0.min.js

www/layout/admin/default/javascript/jquery.js

@@ -1 +1 @@
-jquery-2.1.3.js
+jquery-3.1.0.js

www/libs/Class.Admin.Backend.inc

@@ -8,7 +8,6 @@
 	*                   with your name on it ...
 	* DESCRIPTION
 	* Basic Admin interface backend
-	* - sets ACLs
 	* - sets action flags
 	* - menu creation
 	* - array vars for smarty
@@ -45,11 +44,8 @@
 		public $action_loaded;
 		public $action_value;
 		public $action_error;
-		// DEPRICATED -> use login acl
-//		public $page_acl; // the acl the user has on this page
-//		public $default_acl;
-		// DEPRICATED access rights
-//		public $access_rights = array ();
+		// ACL array variable if we want to set acl data from outisde
+		public $acl = array ();
 		// the current active edit access id
 		public $edit_access_id;
 		// error/warning/info messages
@@ -370,7 +366,8 @@
 			$string = $this->l->__('Year').' ';
 			$string .= '<select id="year'.$suffix.'" name="year'.$suffix.'" onChange="'.$on_change_call.'">';
 			for ($i = date("Y"); $i <= $max_year; $i ++)
-			{                  $string .= '<option value="'.$i.'" '.(($year == $i) ? 'selected' : '').'>'.$i.'</option>';
+			{
+				$string .= '<option value="'.$i.'" '.(($year == $i) ? 'selected' : '').'>'.$i.'</option>';
 			}
 			$string .= '</select> '.$this->l->__('Month').' ';
 			$string .= '<select id="month'.$suffix.'" name="month'.$suffix.'" onChange="'.$on_change_call.'">';

www/libs/Class.Basic.inc

@@ -36,11 +36,11 @@
 	* PUBLIC METHODS
 	*	debug -> calls with "level", "string" and flag to turn off (0) the newline at the end
 	*	debug_for -> sets debug on/off for a type (error, echo, print) for a certain level
-    *	print_error_msg -> prints out the error message, optional parameter is a header prefix
+	*	print_error_msg -> prints out the error message, optional parameter is a header prefix
 	*	fdebug -> prints line directly to debug_file.log in tmp
 	*
 	* 	print_time -> prints time + microtime, optional flag to turn off (0) microtime printout
-	*	basic  -> constructor  
+	*	basic  -> constructor
 	*	_basic -> desconstructor
 	*	info -> info about that class
 	*	running_time -> prints out the time of start/end (automatically called on created and error printout
@@ -103,7 +103,7 @@
 
 		private $error_id; // error ID for errors in classes
 		private $error_string; // error strings in classes (for error_id)
-		public $error_msg = array (); // the "connection" to the outside errors
+		private $error_msg = array (); // the "connection" to the outside errors
 
 		public $debug_output; // if this is true, show debug on desconstructor
 		public $debug_output_not;
@@ -115,15 +115,14 @@
 		public $print_output_not;
 		public $print_output_all;
 
-		// file rotate flags, if they are over this, file gets rotated
-		// old files are named print_file_YYYY-MM-DD_ddddd, where ddddd is a per day increasing number
-		public $file_name_ext = ''; // use this for date rotate
-		public $max_filesize = 0; // set in kilobytes
 		// log file name
-		public $print_file = 'error_msg##LEVEL####CLASS####PAGENAME##';
-		public $one_file = 0; // if this is set to true, all log dat is written to one file
-		public $per_page = 0;
-		public $per_class = 0;
+		private $log_file_name_ext = 'log'; // use this for date rotate
+		public $log_max_filesize = 0; // set in kilobytes
+		private $log_print_file = 'error_msg##LEVEL####CLASS####PAGENAME####DATE##';
+		public $log_print_file_date = 1; // if set add Y-m-d and do automatic daily rotation
+		public $log_per_level = 0; // set, it will split per level (first parameter in debug call)
+		public $log_per_class = 0; // set, will split log per class
+		public $log_per_page = 0; // set, will split log per called file
 
 		public $starttime; // start time if time debug is used
 		public $endtime; // end time if time debug is used
@@ -165,9 +164,6 @@
 		{
 			// set per run UID for logging
 			$this->running_uid = hash($this->hash_algo, uniqid(rand(), true));
-			// set core file extension for logging with Y M D date
-			if (!$this->file_name_ext)
-				$this->file_name_ext = '_'.date('Y-m-d').'.log';
 
 			// internal info var
 			$this->class_info["basic"] = array (
@@ -175,7 +171,7 @@
 				"class_version" => "0.9.0",
 				"class_created" => "2003-03-24",
 				"class_author" => 'Clemens "Gullevek" Schwaighofer (.at)'
-			); 
+			);
 
 			// set the page name
 			$this->page_name = $this->get_page_name();
@@ -219,20 +215,6 @@
 			if (isset($GLOBALS['PRINT_ALL']))
 				$this->print_output_all = $GLOBALS['PRINT_ALL'];
 
-			if (isset($GLOBALS['FILE_NAME_EXT']) && !$this->file_name_ext)
-				$this->file_name_ext = $GLOBALS['FILE_NAME_EXT'];
-			if (isset($GLOBALS['MAX_FILESIZE']))
-				$this->max_filesize = $GLOBALS['MAX_FILESIZE'];
-
-			// check the file_ext and max size
-			if (!preg_match("/\w/", $this->file_name_ext))
-				$this->file_name_ext = '';
-			if (!preg_match("/\d/", $this->max_filesize))
-				$this->max_filesize = 0;
-			// set default extension
-			if (!$this->file_name_ext)
-				$this->file_name_ext = '.log';
-
 			// set the regex for checking emails
 			$this->email_regex = "^[A-Za-z0-9!#$%&'*+-\/=?^_`{|}~][A-Za-z0-9!#$%:\(\)&'*+-\/=?^_`{|}~\.]{0,63}@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]{1,})*\.([a-zA-Z]{2,6}){1}$";
 			// this is for error check parts in where the email regex failed
@@ -247,23 +229,68 @@
 			);
 			// the array with the mobile types that are valid
 			$this->mobile_email_type = array (
-				'.*@docomo\.ne\.jp$' => 'docomo',
-				'.*@([a-z0-9]{2}\.)?ezweb\.ne\.jp$' => 'kddi_ezweb', # correct are a[2-4], b2, c[1-9], e[2-9], h[2-4], t[1-9]
-				'.*@(ez[a-j]{1}\.)?ido\.ne\.jp$' => 'kddi', # ez[a-j] or nothing
-				'.*@([a-z]{2}\.)?sky\.tu-ka\.ne\.jp$' => 'kddi_tu-ka', # (sky group)
-				'.*@([a-z]{2}\.)?sky\.tk[kc]{1}\.ne\.jp$' => 'kddi_sky', # (sky group) [tkk,tkc only]
-				'.*@([a-z]{2}\.)?sky\.dtg\.ne\.jp$' => 'kddi', # dtg (sky group)
-				'.*@[tkdhcrnsq]{1}\.vodafone\.ne\.jp$' => 'softbank', # old vodafone [t,k,d,h,c,r,n,s,q]
-				'.*@jp-[dhtkrsnqc]{1}\.ne\.jp$' => 'softbank', # very old j-phone (pre vodafone) [d,h,t,k,r,s,n,q,c]
-				'.*@([dhtcrknsq]{1}\.)?softbank\.ne\.jp$' => 'softbank', # add i for iphone also as keitai, others similar to the vodafone group
-				'.*@i{1}\.softbank(\.ne)?\.jp$' => 'softbank_iphone', # add iPhone also as keitai and not as pc
-				'.*@disney\.ne\.jp$' => 'softbank_disney', # (kids)
-				'.*@willcom\.ne\.jp$' => 'willcom',
-				'.*@willcom\.com$' => 'willcom', # new for pdx.ne.jp address
-				'.*@pdx\.ne\.jp$' => 'willcom', # old pdx address for willcom
-				'.*@bandai\.jp$' => 'willcom', # willcom paipo! (kids)
-				'.*@pipopa\.ne\.jp$' => 'willcom', # willcom paipo! (kids)
-				'.*@([a-z0-9]{2,4}\.)?pdx\.ne\.jp$' => 'willcom' # actually only di,dj,dk,wm -> all others are "wrong", but none also allowed?
+				'.*@docomo\.ne\.jp$' => 'keitai_docomo',
+				'.*@([a-z0-9]{2}\.)?ezweb\.ne\.jp$' => 'keitai_kddi_ezweb', # correct are a[2-4], b2, c[1-9], e[2-9], h[2-4], t[1-9]
+				'.*@(ez[a-j]{1}\.)?ido\.ne\.jp$' => 'keitai_kddi_ido', # ez[a-j] or nothing
+				'.*@([a-z]{2}\.)?sky\.tu-ka\.ne\.jp$' => 'keitai_kddi_tu-ka', # (sky group)
+				'.*@([a-z]{2}\.)?sky\.tk[kc]{1}\.ne\.jp$' => 'keitai_kddi_sky', # (sky group) [tkk,tkc only]
+				'.*@([a-z]{2}\.)?sky\.dtg\.ne\.jp$' => 'keitai_kddi_dtg', # dtg (sky group)
+				'.*@[tkdhcrnsq]{1}\.vodafone\.ne\.jp$' => 'keitai_softbank_vodafone', # old vodafone [t,k,d,h,c,r,n,s,q]
+				'.*@jp-[dhtkrsnqc]{1}\.ne\.jp$' => 'keitai_softbank_j-phone', # very old j-phone (pre vodafone) [d,h,t,k,r,s,n,q,c]
+				'.*@([dhtcrknsq]{1}\.)?softbank\.ne\.jp$' => 'keitai_softbank', # add i for iphone also as keitai, others similar to the vodafone group
+				'.*@i{1}\.softbank(\.ne)?\.jp$' => 'smartphone_softbank_iphone', # add iPhone also as keitai and not as pc
+				'.*@disney\.ne\.jp$' => 'keitai_softbank_disney', # (kids)
+				'.*@willcom\.ne\.jp$' => 'keitai_willcom',
+				'.*@willcom\.com$' => 'keitai_willcom', # new for pdx.ne.jp address
+				'.*@wcm\.ne\.jp$' => 'keitai_willcom', # old willcom wcm.ne.jp
+				'.*@pdx\.ne\.jp$' => 'keitai_willcom_pdx', # old pdx address for willcom
+				'.*@bandai\.jp$' => 'keitai_willcom_bandai', # willcom paipo! (kids)
+				'.*@pipopa\.ne\.jp$' => 'keitai_willcom_pipopa', # willcom paipo! (kids)
+				'.*@([a-z0-9]{2,4}\.)?pdx\.ne\.jp$' => 'keitai_willcom_pdx', # actually only di,dj,dk,wm -> all others are "wrong", but none also allowed?
+				'.*@ymobile([1]{1})?\.ne\.jp$' => 'keitai_willcom_ymobile', # ymobile, ymobile1 techincally not willcom, but I group them there
+				'.*@y-mobile\.ne\.jp$' => 'keitai_willcom_ymobile', # y-mobile techincally not willcom, but I group them there
+				'.*@emnet\.ne\.jp$' => 'keitai_willcom_emnet', # e-mobile, group will willcom
+				'.*@emobile\.ne\.jp$' => 'keitai_willcom_emnet', # e-mobile, group will willcom
+				'.*@emobile-s\.ne\.jp$' => 'keitai_willcom_emnet' # e-mobile, group will willcom
+			);
+			// short list for mobile email types
+			$this->mobile_email_type_short = array (
+				'keitai_docomo' => 'docomo',
+				'keitai_kddi_ezweb' => 'kddi',
+				'keitai_kddi' => 'kddi',
+				'keitai_kddi_tu-ka' => 'kddi',
+				'keitai_kddi_sky' => 'kddi',
+				'keitai_softbank' => 'softbank',
+				'smartphone_softbank_iphone' => 'iphone',
+				'keitai_softbank_disney' => 'softbank',
+				'keitai_softbank_vodafone' => 'softbank',
+				'keitai_softbank_j-phone' => 'softbank',
+				'keitai_willcom' => 'willcom',
+				'keitai_willcom_pdx' => 'willcom',
+				'keitai_willcom_bandai' => 'willcom',
+				'keitai_willcom_pipopa' => 'willcom',
+				'keitai_willcom_ymobile' => 'willcom',
+				'keitai_willcom_emnet' => 'willcom',
+				'pc_html' => 'pc',
+				// old sets -> to be removed later
+				'docomo' => 'docomo',
+				'kddi_ezweb' => 'kddi',
+				'kddi' => 'kddi',
+				'kddi_tu-ka' => 'kddi',
+				'kddi_sky' => 'kddi',
+				'softbank' => 'softbank',
+				'keitai_softbank_iphone' => 'iphone',
+				'softbank_iphone' => 'iphone',
+				'softbank_disney' => 'softbank',
+				'softbank_vodafone' => 'softbank',
+				'softbank_j-phone' => 'softbank',
+				'willcom' => 'willcom',
+				'willcom_pdx' => 'willcom',
+				'willcom_bandai' => 'willcom',
+				'willcom_pipopa' => 'willcom',
+				'willcom_ymobile' => 'willcom',
+				'willcom_emnet' => 'willcom',
+				'pc' => 'pc'
 			);
 
 			// initial the session if there is no session running already
@@ -485,8 +512,8 @@
 			$traces = debug_backtrace();
 			// extended info (later)
 			/*
-			 * $file   = $trace[$level]['file'];
-			 * $line   = $trace[$level]['line'];
+			 * $file = $trace[$level]['file'];
+			 * $line = $trace[$level]['line'];
 			 * $object = $trace[$level]['object'];
 			 * if (is_object($object)) { $object = get_class($object); }
 			 *
@@ -565,34 +592,42 @@
 //					$error_string = preg_replace("/(<\/?)(\w+)([^>]*>)/", "", $error_string);
 					// replace special line break tag
 //					$error_string = str_replace('<!--#BR#-->', "\n", $error_string);
+
 					// init output variable
 					$output = $error_string; // output formated error string to output file
-					$rpl_string = (!$this->one_file) ? '' : '_'.$level; // if request to write to one file
-					$fn = ROOT.LOG.str_replace('##LEVEL##', $rpl_string, $this->print_file.$this->file_name_ext); // create output filename
-					$rpl_string = (!$this->per_class) ? '' : '_'.get_class($this); // set sub class settings
+					// init base file path
+					$fn = ROOT.LOG.$this->log_print_file.'.'.$this->log_file_name_ext;
+
+					$rpl_string = !$this->log_print_file_date ? '' : '_'.date('Y-m-d'); // add date to file
+					$fn = str_replace('##DATE##', $rpl_string, $fn); // create output filename
+
+					$rpl_string = !$this->log_per_level ? '' : '_'.$level; // if request to write to one file
+					$fn = str_replace('##LEVEL##', $rpl_string, $fn); // create output filename
+
+					$rpl_string = !$this->log_per_class ? '' : '_'.get_class($this); // set sub class settings
 					$fn = str_replace('##CLASS##', $rpl_string, $fn); // create output filename
-					$rpl_string = (!$this->per_page) ? '' : '_'.$this->get_page_name(1); // if request to write to one file
+
+					$rpl_string = !$this->log_per_page ? '' : '_'.$this->get_page_name(1); // if request to write to one file
 					$fn = str_replace('##PAGENAME##', $rpl_string, $fn); // create output filename
+
 					// write to file
 					// first check if max file size is is set and file is bigger
-					if ($this->max_filesize > 0 && ((filesize($fn) / 1024) > $this->max_filesize))
+					if ($this->log_max_filesize > 0 && ((filesize($fn) / 1024) > $this->log_max_filesize))
 					{
 						// for easy purpose, rename file only to attach timestamp, nur sequence numbering
 						rename($fn, $fn.'.'.date("YmdHis"));
-						// check list of "fn"* and see if we have alrady an extension one, if not add 00001, if yes, take this and add +1
-/*						if (is_array(glob($fn."*")))
-						{
-							foreach (glob($fn."*") as $_filename)
-							{
-								if (preg_match("/\.(\d{5})$/", $_filename, $matches))
-								{
-								}
-							}
-						} */
 					}
 					$fp = fopen($fn, 'a');
-					fwrite($fp, $output);
-					fclose($fp);
+					if ($fp !== false)
+					{
+						fwrite($fp, $output);
+						fclose($fp);
+					}
+					else
+					{
+						echo "<!-- could not open file: $fn //-->";
+					}
+
 				} // do write to file
 			}
 		}
@@ -619,7 +654,7 @@
 		//        to use it call with set_error_handler(array("baisc", "ErrorHandler"));
 		//        NOTE: this will only catch any additional erros created AFTER the set_error_hanlder was set, so mostly no strict/notices from the classes are visible
 		public static function ErrorHandler($type, $message, $file, $line, $context)
-		{  
+		{
 			// error levels for PHP
 			// values based on 5.3
 			$error_level = array (
@@ -638,7 +673,7 @@
 				4096 => 'E_RECOVERABLE_ERROR', // since 5.2
 				8192 => 'E_DEPRICATED', // since 5.3
 				16384 => 'E_USER_DEPRICATED', // since 5.3
-				30719  => 'E_ALL' // 6143 in 5.2, 2047 in previous versions
+				30719 => 'E_ALL' // 6143 in 5.2, 2047 in previous versions
 			);
 
 			$fn = ROOT.LOG.'php_errors-'.date('Y-m-d').'.log';
@@ -688,7 +723,7 @@
 		// tries to find mailto:user@bubu.at and changes it into -> <a href="mailto:user@bubu.at">E-Mail senden</a>
 		// or tries to take any url (http, ftp, etc) and transform it into a valid URL
 		// the string is in the format: some url|name#css|, same for email
-		public function magic_links($string, $target = "_blank") 
+		public function magic_links($string, $target = "_blank")
 		{
 			$output = $string;
 			$protList = array("http", "https", "ftp", "news", "nntp");
@@ -716,13 +751,13 @@
 			// _1: URL or email
 			// _2: atag (>)
 			// _3: (_1) part of url or email [main url or email pre @ part]
-			// _4: (_2) parameters of url or email post @ part 
+			// _4: (_2) parameters of url or email post @ part
 			// _5: (_3) parameters of url or tld part of email
 			// _7: link name/email link name
 			// _9: style sheet class
 			$self = $this;
 //			$this->debug('URL', 'Before: '.$output);
-			$output = preg_replace_callback("/(href=\")?(\>)?\b($protRegex)([\w\.\-?&=+%#~,;\/]+)\b([\.\-?&=+%#~,;\/]*)(\|([^\||^#]+)(#([^\|]+))?\|)?/", 
+			$output = preg_replace_callback("/(href=\")?(\>)?\b($protRegex)([\w\.\-?&=+%#~,;\/]+)\b([\.\-?&=+%#~,;\/]*)(\|([^\||^#]+)(#([^\|]+))?\|)?/",
 				function ($matches) use ($self)
 				{
 					return @$self->create_url($matches[1], $matches[2], $matches[3], $matches[4], $matches[5], $matches[7], $matches[9]);
@@ -730,17 +765,17 @@
 				$output
 			);
 			// find email-addresses, but not mailto prefix ones
-			$output = preg_replace_callback("/(mailto:)?(\>)?\b([\w\.-]+)@([\w\.\-]+)\.([a-zA-Z]{2,4})\b(\|([^\||^#]+)(#([^\|]+))?\|)?/", 
+			$output = preg_replace_callback("/(mailto:)?(\>)?\b([\w\.-]+)@([\w\.\-]+)\.([a-zA-Z]{2,4})\b(\|([^\||^#]+)(#([^\|]+))?\|)?/",
 				function ($matches) use ($self)
 				{
 					return @$self->create_email($matches[1], $matches[2], $matches[3], $matches[4], $matches[5], $matches[7], $matches[9]);
-				}, 
+				},
 				$output
 			);
 
 			$this->debug('URL', 'After: '.$output);
 //			// we have one slashes after the Protocol -> internal link no domain, strip out the proto
-//			$output = preg_replace("/($protRegex)\/(.*)/e", "\\2", $ouput); 
+//			$output = preg_replace("/($protRegex)\/(.*)/e", "\\2", $ouput);
 //			$this->debug('URL', "$output");
 
 			// post processing
@@ -753,7 +788,7 @@
 		}
 
 		// METHOD create_url [INTERNAL]
-		// PARAMS url link, anchor tag (define both type or url), 
+		// PARAMS url link, anchor tag (define both type or url),
 		//        _1, _2, _3 = part of thel URL, if atag is set, _1 is not used
 		//        target: link target, name: name for the url, if not given _2 + _3 is used
 		//        class: style sheet
@@ -768,7 +803,7 @@
 			if (preg_match("/\/\/$/", $_1) && preg_match("/^\//", $_2))
 			{
 				$_1 = '';
-				$target  = '';
+				$target = '';
 			}
 			else
 			{
@@ -898,7 +933,7 @@
 		//        haystack (search in)
 		//        key: the key to look for in
 		//        path: recursive call for previous path
-		// RETURN all array elements paths where the element  was found
+		// RETURN all array elements paths where the element was found
 		// DESCRIPTION
 		// recursive array search function, which returns all found not only the first one
 		public static function array_search_recursive_all($needle, $haystack, $key, $path = NULL)
@@ -948,20 +983,20 @@
 		// DESCRIPTION
 		// array search simple. looks for key, value combination, if found, returns true
 		public static function array_search_simple($array, $key, $value)
-		{  
+		{
 			if (!is_array($array))
 				$array = array ();
 			foreach ($array as $_key => $_value)
-			{  
+			{
 				// if value is an array, we search
 				if (is_array($_value))
-				{  
+				{
 					// call recursive, and return result if it is true, else continue
 					if (($result = basic::array_search_simple($_value, $key, $value)) !== false)
 						return $result;
 				}
 				elseif ($_key == $key && $_value = $value)
-				{  
+				{
 					return true;
 				}
 			}
@@ -1004,17 +1039,17 @@
 		}
 
 		// METHOD: ByteStringFormat
-		// PARAMS: int
+		// PARAMS: int bytes, boolean for space, default is set
 		// RETURN: string
 		// DESC:   converts bytes into formated string with KB, MB, etc
-		public static function ByteStringFormat($number)
+		public static function ByteStringFormat($number, $space = true)
 		{
 			if (is_numeric($number) && $number > 0)
 			{
 				// labels in order of size
 				$labels = array('B', 'KB', 'MB', 'GB', 'TB');
 				// calc file size, round down too two digits, add label based max change
-				return round($number / pow(1024, ($i = floor(log($number, 1024)))), 2).''.$labels[$i];
+				return round($number / pow(1024, ($i = floor(log($number, 1024)))), 2).($space ? ' ' : '').$labels[$i];
 			}
 			return $number;
 		}
@@ -1036,6 +1071,20 @@
 			return $number;
 		}
 
+		// METHOD: DateStringFormat
+		// PARAMS: unix timestamp, true/false to show microtime
+		// RETURN: string formated date+time in Y-M-D h:m:s
+		// DESC  : a simple wrapper for the date format
+		public static function DateStringFormat($timestamp, $show_micro = true)
+		{
+			list ($timestamp, $ms) = explode('.', round($timestamp, 4));
+			if ($show_micro)
+				$string = date("Y-m-d H:i:s", $timestamp).' '.$ms.'ms';
+			else
+				$string = date("Y-m-d H:i:s", $timestamp);
+			return $string;
+		}
+
 		// METHOD: TimeStringFormat
 		// PARAMS: seconds
 		// RETURN: formated time string
@@ -1212,9 +1261,10 @@
 		//         dummy -> empty, or file_type to show an icon instead of nothing if file is not found
 		//         path -> if source start is not ROOT path, if empty ROOT is choosen
 		//         cache -> cache path, if not given TMP is used
+		//         clear cache -> if set to true, will create thumb all the tame
 		// RETURN: thumbnail name
 		// DESC:   converts picture to a thumbnail with max x and max y size
-		public static function CreateThumbnail($pic, $size_x, $size_y, $dummy = "", $path = "", $cache_source = "")
+		public static function CreateThumbnail($pic, $size_x, $size_y, $dummy = "", $path = "", $cache_source = "", $clear_cache = false)
 		{
 			// get image type flags
 			$image_types = array (
@@ -1241,20 +1291,46 @@
 				$tmp = explode('/', $pic);
 				$pic = $tmp[(count($tmp) - 1)];
 			}
-//			echo "[$pic] IN: $filename - ".strstr($pic, '/')." || ".file_exists($filename)." && ".is_file($filename)."<br>";
 			// does this picture exist and is it a picture
 			if (file_exists($filename) && is_file($filename))
 			{
 				list($width, $height, $type) = getimagesize($filename);
+				$convert_prefix = '';
+				$create_file = false;
+				// check if we can skip the PDF creation: if we have size, if do not have type, we assume type png
+				if (!$type && is_numeric($size_x) && is_numeric($size_y))
+				{
+					$check_thumb = $tmp_src.'thumb_'.$pic.'_'.$size_x.'x'.$size_y.'.'.$image_types[3];
+					if (!is_file($check_thumb))
+						$create_file = true;
+					else
+						$type = 3;
+				}
+				// if type is not in the list, but returns as PDF, we need to convert to JPEG before
+				if (!$type)
+				{
+					// is this a PDF, if no, return from here with nothing
+					$convert_prefix = 'png:';
+					# TEMP convert to PNG, we then override the file name
+					$convert_string = CONVERT.' '.$filename.' '.$convert_prefix.$filename.'_TEMP';
+					$status = exec($convert_string, $output, $return);
+					$filename .= '_TEMP';
+					// for delete, in case we need to glob
+					$delete_filename = $filename;
+					// find file, if we can't find base name, use -0 as the first one (ignore other pages in multiple ones)
+					if (!is_file($filename))
+						$filename .= '-0';
+					list($width, $height, $type) = getimagesize($filename);
+				}
 				// if no size given, set size to original
-				if (!$size_x)
+				if (!$size_x || $size_x < 1 || !is_numeric($size_x))
 					$size_x = $width;
-				if (!$size_y)
+				if (!$size_y || $size_y < 1 || !is_numeric($size_y))
 					$size_y = $height;
 				$thumb = 'thumb_'.$pic.'_'.$size_x.'x'.$size_y.'.'.$image_types[$type];
 				$thumbnail = $tmp_src.$thumb;
 				// check if we already have this picture converted
-				if (!is_file($thumbnail))
+				if (!is_file($thumbnail) || $clear_cache == true)
 				{
 					// convert the picture
 					if ($width > $size_x)
@@ -1271,11 +1347,16 @@
 						$status = exec($convert_string, $output, $return);
 					}
 				}
-				if (!file_exists($thumbnail))
+				if (!is_file($thumbnail))
 				{
 					copy($filename, $thumbnail);
 				}
 				$return_data = $thumb;
+				// if we have a delete filename, delete here with glob
+				if ($delete_filename)
+				{
+					array_map('unlink', glob($delete_filename.'*'));
+				}
 			}
 			else
 			{
@@ -1397,6 +1478,19 @@
 				return $this->_crc32b($string);
 		}
 
+		// METHOD: _hash
+		// PARAMS: string, type of hash to use
+		// RETURN: hashed string
+		// DESC  : replacemend for _crc32b call (alternate)
+		//         defaults to adler 32, fnv132, fnv1a32, joaat
+		//         all that create 8 char long hashes
+		public function _hash($string, $hash_type = 'adler32')
+		{
+			if (!in_array($hash_type, array('adler32', 'fnv132', 'fnv1a32', 'joaat')))
+				$hash_type = 'adler32';
+			return hash($hash_type, $string);
+		}
+
 		// METHOD: checkPHPVersion
 		// PARAMS: $min_version: minimum version. in format x, x.y or x.y.z
 		//         $max_version: default empty, else in same format as min version
@@ -1499,7 +1593,7 @@
 		// RETURN: random string
 		// DESC:   creates a random string from alphanumeric characters: A-Z a-z 0-9 ./
 		private function cryptSaltString($nSize = 22)
-		{  
+		{
 			// A-Z is 65,90
 			// a-z is 97,122
 			// 0-9 is 48,57
@@ -1508,7 +1602,7 @@
 			$max = array (57, 90, 122);
 			$chars = array ();
 			for ($i = 0; $i < count($min); $i ++)
-			{   
+			{
 				for ($j = $min[$i]; $j <= $max[$i]; $j ++)
 				{
 					$chars[] = chr($j);
@@ -1518,9 +1612,9 @@
 			$max_rand = count($chars) - 1;
 			// create the salt part
 			for ($i = 1; $i <= $nSize; $i ++)
-			{   
+			{
 				$salt_string .= $chars[mt_rand(0, $max_rand)];
-			}   
+			}
 			return $salt_string;
 		}
 
@@ -1687,12 +1781,12 @@
 			$L = round((($MAX + $MIN) / 2) * 100);
 
 			if ($MIN == $MAX)
-			{  
+			{
 				// H, S, L
 				return array(0, 0, $L);
 			}
 			else
-			{  
+			{
 				// HUE to 0~360
 				if ($r == $MAX)
 					$HUE = ($g - $b) / ($MAX - $MIN);
@@ -1725,11 +1819,11 @@
 				return array($l * 255, $l * 255, $l * 255);
 			}
 			else
-			{  
+			{
 				$m2 = ($l < 0.5) ? $l * ($s + 1) : ($l + $s) - ($l * $s);
 				$m1 = $l * 2 - $m2;
 				$hue = function ($base) use ($m1, $m2)
-				{  
+				{
 					// base = hue, hue > 360 (1) - 360 (1), else < 0 + 360 (1)
 					$base = ($base < 0) ? $base + 1 : (($base > 1) ? $base - 1 : $base);
 					// 6: 60, 2: 180, 3: 240
@@ -1792,22 +1886,40 @@
 		}
 
 		// METHOD: getEmailType
-		// PARAMS: email
+		// PARAMS: email, short == false
 		// RETURN: string for email type, eg "pc", "docomo", etc
 		// DESC:   guesses the email type (mostly for mobile) from the domain
-		public function getEmailType($email)
-		{  
+		//         if second is set to true, it will return short naming scheme (only provider)
+		public function getEmailType($email, $short = false)
+		{
 			// trip if there is no email address
 			if (!$email)
 				return "invalid";
 			// loop until we match a mobile type, return this first found type
 			foreach ($this->mobile_email_type as $email_regex => $email_type)
-			{  
+			{
 				if (preg_match("/$email_regex/", $email))
-					return $email_type;
+				{
+					if ($short)
+						return $this->getShortEmailType($email_type);
+					else
+						return $email_type;
+				}
 			}
 			// if no previous return we assume this is a pc address
-			return "pc";
+			if ($short)
+				return "pc";
+			else
+				return "pc_html";
+		}
+
+		// METHOD: getShortEmailType
+		// PARAMS: long email type (not email)
+		// RETURN: short email type
+		// DESC  : gets the short email type from a long email type
+		public function getShortEmailType($email_type)
+		{
+			return $this->mobile_email_type_short[$email_type];
 		}
 
 		// METHOD: printDateTime

www/libs/Class.DB.Array.IO.inc

@@ -15,7 +15,7 @@
 	*   PUBLIC VARIABLES
 	*
 	*   PRIVATE VARIABLES
-	* 
+	*
 	*   PUBLIC METHODS
 	*
 	*   PRIVATE METHODS
@@ -123,14 +123,14 @@
 			$text = str_replace('>', '>', $text);
 			$text = str_replace('&', '&', $text);
 			$text = str_replace('"', '"', $text);
-			$text = str_replace(''', "'", $text); 
+			$text = str_replace(''', "'", $text);
 			return $text;
 		}
 
 		// METHOD db_dump_array
 		// PARAMS none
 		// RETURN returns the current array
-		// DESC   dumps the current data 
+		// DESC   dumps the current data
 		public function db_dump_array($write = 0)
 		{
 			reset($this->table_array);
@@ -220,11 +220,11 @@
 					if (file_exists($this->table_array[$column]["path"].$dateiname))
 						unlink($this->table_array[$column]["path"].$dateiname);
 				}
- 
+
 				if ($this->table_array[$column]["fk"])
 				{
 					// zusammenstellen der FKs
-					if ($q_where) 
+					if ($q_where)
 						$q_where .= " AND ";
 					$q_where .= $column." = ".$this->table_array[$column]["value"];
 				}
@@ -235,13 +235,13 @@
 			// attach fk row if there ...
 			if ($q_where)
 				$q .= " AND ".$q_where;
-			// if 0, error 
+			// if 0, error
 			unset ($this->pk_id);
 			if (!$this->db_exec($q))
 			{
 				$this->error_id=22;
 				$this->_db_error();
-			} 
+			}
 			return $this->table_array;
 		}
 
@@ -257,11 +257,11 @@
 			if (!$this->db_check_pk_set())
 				return $this->table_array;
 			reset($this->table_array);
-			// create select part & addition FK part 
+			// create select part & addition FK part
 			while (list($column, $data_array)=each($this->table_array))
 			{
-				if ($q_select) 
-					$q_select .= ", "; 
+				if ($q_select)
+					$q_select .= ", ";
 				$q_select .= $column;
 
 				// check FK ...
@@ -272,7 +272,7 @@
 					$q_where .= $column .= " = ".$this->table_array[$column]["value"];
 				}
 			}
- 
+
 			$q = "SELECT ";
 			$q .= $q_select;
 			$q .= " FROM ".$this->table_name." WHERE ";
@@ -284,7 +284,7 @@
 			if ($this->db_exec($q))
 			{
 				if ($res = $this->db_fetch_array())
-				{  
+				{
 					reset($this->table_array);
 					while (list($column, $data_array) = each($this->table_array))
 					{
@@ -326,7 +326,7 @@
 		{
 			if (is_array($table_array))
 				$this->table_array = $table_array;
-			// PK ID check 
+			// PK ID check
 //       if ($this->pk_id && !$this->table_array[$this->pk_name]["value"])
 //         $this->table_array[$this->pk_name]["value"]=$this->pk_id;
 			// checken ob PKs gesetzt, wenn alle -> update, wenn keiner -> insert, wenn ein paar -> ERROR!
@@ -351,7 +351,7 @@
 						unset($this->table_array[$column]["delete"]);
 						if (file_exists($this->table_array[$column]["path"].$this->table_array[$column]["value"]))
 							unlink($this->table_array[$column]["path"].$this->table_array[$column]["value"]);
-						$dateiname = str_replace("_tn", "", $this->table_array[$column]["value"]); 
+						$dateiname = str_replace("_tn", "", $this->table_array[$column]["value"]);
 						if (file_exists($this->table_array[$column]["path"].$dateiname))
 							unlink($this->table_array[$column]["path"].$dateiname);
 						$this->table_array[$column]["value"] = "";
@@ -376,7 +376,7 @@
 							copy($this->table_array[$column]["tmp"], $this->table_array[$column]["path"].$dateiname);
 							// automatisch thumbnail generieren, geht nur mit convert (ImageMagic!!!), aber nur bei bild ..
 							if (strtolower($ext) == "jpeg" || strtolower($ext) == "jpg" || strtolower($ext) == "gif" || strtolower($ext) == "png")
-							{ 
+							{
 								$dateiname_tn = $name.$pk_ids_file."_tn.".$ext;
 								$eingang = $this->table_array[$column]["path"].$dateiname;
 								$ausgang = $this->table_array[$column]["path"].$dateiname_tn;
@@ -403,7 +403,7 @@
 						$this->table_array[$column]["value"] = $this->table_array[$column]["HIDDEN_value"];
 					if (!$insert)
 					{
-						if (strlen($q_data)) 
+						if (strlen($q_data))
 							$q_data .= ", ";
 						$q_data .= $column." = ";
 					}
@@ -429,6 +429,13 @@ $this->debug('write_check', "[$column][".$this->table_array[$column]["value"]."]
 							$_value = $this->table_array[$column]["value"];
 						$q_data .= $_value;
 					}
+					elseif ($this->table_array[$column]["interval"])
+					{
+						// for interval we check if no value, then we set null
+						if (!$this->table_array[$column]["value"])
+							$_value = 'NULL';
+						$q_data .= $_value;
+					}
 					else
 					// normal string
 					{
@@ -437,7 +444,7 @@ $this->debug('write_check', "[$column][".$this->table_array[$column]["value"]."]
 						if ($addslashes)
 							$q_data .= $this->db_escape_string($this->convert_entities($this->table_array[$column]["value"]));
 						else
-							$q_data .= addslashes($this->table_array[$column]["value"]);
+							$q_data .= $this->db_escape_string($this->table_array[$column]["value"]);
 						$q_data .= "'";
 					}
 				}
@@ -446,7 +453,7 @@ $this->debug('write_check', "[$column][".$this->table_array[$column]["value"]."]
 			// NOW get PK, and FK settings (FK only for update query)
 			// get it at the end, cause now we can be more sure of no double IDs, etc
 			reset($this->table_array);
-			// create select part & addition FK part 
+			// create select part & addition FK part
 			while (list($column, $data_array) = each($this->table_array))
 			{
 				// check FK ...
@@ -484,7 +491,7 @@ $this->debug('write_check', "[$column][".$this->table_array[$column]["value"]."]
 			{
 				$q = "INSERT INTO ".$this->table_name." ";
 				$q .= "(".$q_vars.") ";
-				$q .=  "VALUES (".$q_data.")";
+				$q .= "VALUES (".$q_data.")";
 				// write primary key too
 /*				if ($q_data)
 					$q .= ", ";
@@ -497,12 +504,15 @@ $this->debug('write_check', "[$column][".$this->table_array[$column]["value"]."]
 			{
 				$this->error_id = 22;
 				$this->_db_error();
-			} 
+			}
 			// set primary key
 			if ($insert)
-				$this->ok = $this->table_array[$this->pk_name]["value"] = $this->insert_id;
+			{
+				$this->table_array[$this->pk_name]["value"] = $this->insert_id;
+				$this->ok = $this->insert_id;
+			}
 			// return the table if needed
 			return $this->table_array;
-		}                                           
+		}
 	} // end of class
 ?>

www/libs/Class.DB.IO.inc

@@ -7,13 +7,13 @@
 	*                   but let me know if u made changes, and please don't redistribute it
 	*                   with your name on it ...
 	* SHORT DESCRIPTON:
-	*   2013/10/10, prepare/excute were added, including auto RETURNING primary key if 
-	*   possible for any INSERT query in exec or prepare/execute, better debugging and 
-	*   data dumping. Proper string escape wrapper, special db exec writer for complex 
+	*   2013/10/10, prepare/excute were added, including auto RETURNING primary key if
+	*   possible for any INSERT query in exec or prepare/execute, better debugging and
+	*   data dumping. Proper string escape wrapper, special db exec writer for complex
 	*   array inserts in auto calls. boolean converter from postresql to php
 	*
-	*   2003/12/08, one major change: renamed db_exec_ext to db_return, as it has not 
-	*   much in common with the normal db_exec wrapper, as it was written only for 
+	*   2003/12/08, one major change: renamed db_exec_ext to db_return, as it has not
+	*   much in common with the normal db_exec wrapper, as it was written only for
 	*   SELECT statements and better handling of those.
 	*
 	*   2002/12/20, extended the "simple" functionality to what I wanted
@@ -118,7 +118,7 @@
 	*   $mixed db_return_row($query)
 	*     - gibt die erste Zeile zurück (als array)
 	*   $array_of_hashes db_return_array($query)
-	*      - return an array of hashes with all data    
+	*      - return an array of hashes with all data
 	*   db_close()
 	*     - closes db connection and writes error_msg to global error_msg
 	*	db_cursor_pos($query)
@@ -181,7 +181,7 @@
 	* 2004/07/15 (cs) changed the deconstructor to call _basic deconstructor
 	*   2003-06-20: added a '3' flag to db_return so NO caching is done at all (if array might get too big)
 	*   2003-06-19: made the error messages in DEBUG output red so they are better to see
-	*   2003-06-09: never started class_basic, insert this, for mobile phone detection 
+	*   2003-06-09: never started class_basic, insert this, for mobile phone detection
 	*   2003-04-10: moved the error handling out of the db_pgsql.inc back to db_io class
 	*   2003-04-09: major change as db_io does not hold any DB specific calls anymore,
 	*               those are loaded dynamically during class start, from a include
@@ -193,14 +193,14 @@
 	*               changed the "shape" of class info vars to fit into extend modell
 	*   2003-02-13: in db_exec the setting for the last insert id was still via the function,
 	*               changed this to call the internal PHP mysql command.
-	*   2003-01-28: ugly bug within creating the field_names. The array was not reseted 
+	*   2003-01-28: ugly bug within creating the field_names. The array was not reseted
 	*               before, and so the field for the db_exec where not correct.
 	*   2003-01-16: fixed a "select" check in db_exec,
 	*               added a privet method for checking query of INSERT, UPDATE, DELETE
 	*   2003-01-09: code cleanups and more inline documentation
 	*   2003-01-08: renamed db_exec_ext to db_return for obious reasons
 	*               added a "check for select query" for all db_return* methods
-	*   2003-01-08: db_return gets another functionality: if u use 1 or 2 as reset value, 
+	*   2003-01-08: db_return gets another functionality: if u use 1 or 2 as reset value,
 	*               the cursor will be reset BEFORE the read and no chaced data will be read.
 	*               if you use 2, the md5 array will be kept so next read with no flag is cached,
 	*               wheres with 1, the data gets DESTROYED at the end of the read
@@ -210,9 +210,9 @@
 	*   2003-01-07: fixed a small bug in return_array as he mixed up the order if you used
 	*               SELECT * FROM ...
 	*   2002-12-26: changed strstr to stristr 'couse not everyone types SELECT, etc in capitals
-	*   2002-12-24: moved the debug output in db_return to the call if, 
+	*   2002-12-24: moved the debug output in db_return to the call if,
 	*               so it is only printed once
-	*   2002-12-20: added db_dump_data function for printing out all data in 
+	*   2002-12-20: added db_dump_data function for printing out all data in
 	*               cursor_ext (or from one query in it)
 	*   2002-12-20: testing and implemtenting of session storing the class (not fully tested!)
 	*               documenting all the functions and some code cleenup
@@ -222,7 +222,7 @@
 	*               more complex (array based IO fkts) moved into a seperate file
 	*   2002-12-16: further reconstruction ...
 	*   2002-12-10: further improvment in changing db_mysql to a class
-	*   2002-10-18: renamed lesen to db_read, speichern to db_save and 
+	*   2002-10-18: renamed lesen to db_read, speichern to db_save and
 	*               loeschen to db_delete
 	*   19.08.2002: 1 convertiert < > " & ĵ in original
 	*               HTML zeichen zurück (für htmlspecialcharsfct)
@@ -230,7 +230,7 @@
 	*               addslashes (1=ja,0=nein/default)
 	*   04.04.2002: FK added to lesen()
 	*   10.07.2001: simple return row function geschrieben
-	*   03.07.2001: kein Thumbnail erzeugen wenn Datei nicht: 
+	*   03.07.2001: kein Thumbnail erzeugen wenn Datei nicht:
 	*               JPG/JPEG/GIF/PNG als Endung hat
 	*   22.06.2001: Mozilla Fix für File upload
 	*   10.05.2001: alle fkt haben "db_" als pre zur identifizierung
@@ -253,7 +253,7 @@
 		// only inside
 		// basic vars
 		private $dbh; // the dbh handler
-		private $db_debug; // DB_DEBUG ... (if set prints out debug msgs)
+		public $db_debug; // DB_DEBUG ... (if set prints out debug msgs)
 		private $db_name; // the DB connected to
 		private $db_user; // the username used
 		private $db_pwd; // the password used
@@ -266,12 +266,13 @@
 		// FOR BELOW: (This should be private and only readable through some method)
 		// cursor array for cached readings
 		public $cursor_ext; // hash of hashes
-		// per query vars 
+		// per query vars
 		public $cursor; // actual cursor (DBH)
 		public $num_rows; // how many rows have been found
 		public $num_fields; // how many fields has the query
 		public $field_names; // array with the field names of the current query
-		public $insert_id; // last inserted ID 
+		public $insert_id; // last inserted ID
+		public $insert_id_ext; // extended insert ID (for data outside only primary key)
 		// other vars
 		private $nbsp = ''; // used by print_array recursion function
 		// error & warning id
@@ -342,6 +343,7 @@
 			$this->error_string['25'] = 'Prepare query data is not in array format.';
 			$this->error_string['30'] = 'Query call in a possible endless loop. Was called more than '.$this->MAX_QUERY_CALL.' times';
 			$this->error_string['31'] = 'Could not fetch PK after query insert';
+			$this->error_string['32'] = 'Multiple PK return as array';
 			$this->error_string['40'] = 'Query async call failed.';
 			$this->error_string['41'] = 'Connection is busy with a different query. Cannot execute.';
 			$this->error_string['42'] = 'Cannot check for async query, none has been started yet.';
@@ -391,10 +393,10 @@
 		// RETURN: true on successfull connect, false if failed
 		// DESC:
 		// internal connection function. Used to connect to the DB if there is no connection done yet.
-		// Called before any execute 
+		// Called before any execute
 		private function _connect_to_db()
 		{
-			// generate connect string 
+			// generate connect string
 			$this->dbh = $this->db_functions->_db_connect($this->db_host, $this->db_user, $this->db_pwd, $this->db_name, $this->db_port, $this->db_ssl);
 			// if no dbh here, we couldn't connect to the DB itself
 			if (!$this->dbh)
@@ -410,7 +412,7 @@
 				$this->error_id = 15;
 				$this->_db_error();
 				return false;
-			} 
+			}
 			// set search path if needed
 			if ($this->db_schema)
 			{
@@ -511,19 +513,20 @@
 			if ($id)
 				$prefix .= '[<span style="color: #920069;">'.$id.'</span>] ';
 			if ($type)
-				$prefix .= '{<span style="font-style: italic; color: #3f0092;">'.$type.'</span>} '; 
+				$prefix .= '{<span style="font-style: italic; color: #3f0092;">'.$type.'</span>} ';
 			if ($prefix)
 				$prefix .= '- ';
 			$this->debug($debug_id, $prefix.$error_string, true);
 		}
 
 		// METHOD _db_error
-		// PARAMS cursor -> current cursor for pg_result_error, mysql uses dbh, pg_last_error too, 
+		// PARAMS cursor -> current cursor for pg_result_error, mysql uses dbh, pg_last_error too,
 		//                  but pg_result_error is more accurate
 		//        msg -> optional message
 		// RETURN none
 		// DESC   if error_id set, writes long error string into error_msg
-		private function _db_error($cursor = '', $msg = '')
+		// MARK: needed to make public so it can be called from DB.Array.IO too
+		public function _db_error($cursor = '', $msg = '')
 		{
 			$where_called = $this->get_caller_method();
 			if ($cursor)
@@ -592,7 +595,7 @@
 		// METHOD _db_return_table
 		// PARAMS insert/select/update/delete query
 		// RETURN array with schema and table
-		// DESC   extracts schema and table from the query, if no schema returns just empty string 
+		// DESC   extracts schema and table from the query, if no schema returns just empty string
 		private function _db_return_table($query)
 		{
 			if (preg_match("/^SELECT /i", $query))
@@ -647,9 +650,9 @@
 			if ($this->_check_query_for_insert($this->query, true))
 			{
 				$this->pk_name = $pk_name;
-				if ($pk_name != 'NULL')
+				if ($this->pk_name != 'NULL')
 				{
-					if (!$pk_name)
+					if (!$this->pk_name)
 					{
 						// TODO: get primary key from table name
 						list($schema, $table) = $this->_db_return_table($this->query);
@@ -657,7 +660,7 @@
 						{
 							$this->pk_name_table[$table] = $this->db_functions->_db_primary_key($table, $schema);
 						}
-						$pk_name = $this->pk_name_table[$table];
+						$this->pk_name = $this->pk_name_table[$table];
 					}
 					if (!preg_match("/ returning /i", $this->query) && $this->pk_name)
 					{
@@ -666,11 +669,12 @@
 					}
 					elseif (preg_match("/ returning (.*)/i", $this->query, $matches) && $this->pk_name)
 					{
+						// add the primary key if it is not in the returning set
 						if (!preg_match("/$this->pk_name/", $matches[1]))
 						{
 							$this->query .= " , ".$this->pk_name;
-							$this->returning_id = true;
 						}
+						$this->returning_id = true;
 					}
 				}
 			}
@@ -740,16 +744,48 @@
 					if ($this->_check_query_for_insert($this->query, true) && $this->pk_name != 'NULL')
 					{
 						// set insert_id
+						// if we do not have a returning, we try to get it via the primary key and another select
 						if (!$this->returning_id)
+						{
 							$this->insert_id = $this->db_functions->_db_insert_id($this->query, $this->pk_name);
+						}
 						else
-							$this->insert_id = $this->db_functions->_db_fetch_array($this->cursor)[$this->pk_name];
-						// this error handling is only for pgsql
+						{
+							$this->insert_id = array ();
+							$this->insert_id_ext = array ();
+//							echo "** PREPARE RETURNING FOR CURSOR: ".$this->cursor."<br>";
+							// we have returning, now we need to check if we get one or many returned
+							// we'll need to loop this, if we have multiple insert_id returns
+							while ($_insert_id = $this->db_functions->_db_fetch_array($this->cursor, PGSQL_ASSOC))
+							{
+//								echo "*** RETURNING: ".print_r($_insert_id, 1)."<br>";
+								$this->insert_id[] = $_insert_id;
+							}
+							// if we have only one, revert from array to single
+							if (count($this->insert_id) == 1)
+							{
+//								echo "* SINGLE DATA CONVERT: ".count($this->insert_id[0])." => ".array_key_exists($this->pk_name, $this->insert_id[0])."<br>";
+//								echo "* PK DIRECT: ".$this->insert_id[0][$this->pk_name]."<Br>";
+								// if this has only the pk_name, then only return this, else array of all data (but without the position)
+								// example if insert_id[0]['foo'] && insert_id[0]['bar'] it will become insert_id['foo'] & insert_id['bar']
+								// if only ['foo_id'] and it is the PK then the PK is directly written to the insert_id
+								if (count($this->insert_id[0]) > 1 || !array_key_exists($this->pk_name, $this->insert_id[0]))
+								{
+									$this->insert_id_ext = $this->insert_id[0];
+									$this->insert_id = $this->insert_id[0][$this->pk_name];
+								}
+								elseif ($this->insert_id[0][$this->pk_name])
+								{
+									$this->insert_id = $this->insert_id[0][$this->pk_name];
+								}
+							}
+						}
+						// this warning handling is only for pgsql
+						// we returned an array of PKs instread of a single one
 						if (is_array($this->insert_id))
 						{
-							$this->warning_id = 19;
-							$this->_db_error($this->insert_id[1], '[db_exec]');
-							unset($this->insert_id);
+							$this->warning_id = 32;
+							$this->_db_error($this->cursor, '[db_exec]');
 						}
 					}
 				}
@@ -761,6 +797,26 @@
 		// PUBLIC METHODS
 		// *************************************************************
 
+		// METHOD db_set_debug
+		// PARAMS true/false or none
+		// RETURN new set debug flag
+		// DESC   switches the debug flag on or off
+		//        if none given, then the debug flag auto switches from
+		//        the previous setting to either then on or off
+		//        else override with boolean true/false
+		public function db_set_debug($debug = '')
+		{
+			if ($debug === true)
+				$this->db_debug = 1;
+			elseif ($debug === false)
+				$this->db_debug = 0;
+			elseif ($this->db_debug)
+				$this->db_debug = 0;
+			elseif (!$this->db_debug)
+				$this->db_debug = 1;
+			return $this->db_debug;
+		}
+
 		// METHOD db_reset_query_called
 		// PARAMS query
 		// RETURN none
@@ -853,7 +909,7 @@
 
 		// METHOD db_dump_data
 		// PARAMS query -> if given, only from this quey (if found)
-		// RETURN formated string with all the data in the array 
+		// RETURN formated string with all the data in the array
 		// DESC   dumps ALL data for this query, OR if no query given all in cursor_ext array
 		public function db_dump_data($query = 0)
 		{
@@ -877,11 +933,11 @@
 		//                 if set to 2, the data will be read new and cached (wheres 1 reads new AND destroys at end of read)
 		//              -> if set to 3, after EACH row, the data will be reset, no caching is done except for basic (count, etc)
 		// RETURN res mixed (array/hash)
-		// DESC   single running function, if called creates md5 from 
+		// DESC   single running function, if called creates md5 from
 		//        query string and so can itself call exec/return calls
 		//        caches data, so next time called with IDENTICAL (!!!!)
 		//        [this means 1:1 bit to bit identical query] returns cached
-		//        data, or with reset flag set calls data from DB again 
+		//        data, or with reset flag set calls data from DB again
 		public function db_return($query, $reset = 0)
 		{
 			if (!$query)
@@ -914,7 +970,7 @@
 				$this->_db_error('', $this->cursor_ext[$md5]['query']);
 				return false;
 			}
- 
+
 			// if it is a call with reset in it we reset the cursor, so we get an uncached return
 			// but only for the FIRST call (pos == 0)
 			if ($reset && !$this->cursor_ext[$md5]['pos'])
@@ -965,7 +1021,7 @@
 			} // only go if NO cursor exists
 			
 			// if cursor exists ...
-			if ($this->cursor_ext[$md5]['cursor']) 
+			if ($this->cursor_ext[$md5]['cursor'])
 			{
 				if ($this->cursor_ext[$md5]['firstcall'] == 1)
 				{
@@ -986,7 +1042,7 @@
 					$this->cursor_ext[$md5]['read_rows'] = 0;
 				}
 				// read data for further work ... but only if necessarry
-				if ($this->cursor_ext[$md5]['read_rows'] == $this->cursor_ext[$md5]['num_rows']) 
+				if ($this->cursor_ext[$md5]['read_rows'] == $this->cursor_ext[$md5]['num_rows'])
 					$return = 0;
 				else
 					$return = $this->_db_convert_encoding($this->db_functions->_db_fetch_array($this->cursor_ext[$md5]['cursor']));
@@ -1001,7 +1057,7 @@
 						$this->cursor_ext[$md5]['cursor'] = 1;
 						$return = 0;
 					}
-					else 
+					else
 					{
 						// unset return value ...
 						unset($return);
@@ -1011,7 +1067,7 @@
 							$field_value = $this->cursor_ext[$md5][$this->cursor_ext[$md5]['pos']][$this->cursor_ext[$md5]['field_names'][$i]];
 							$return[$i] = $field_value;
 							$return[$this->cursor_ext[$md5]['field_names'][$i]] = $field_value;
-						} 
+						}
 						$this->cursor_ext[$md5]['pos'] ++;
 					}
 				}
@@ -1042,7 +1098,7 @@
 						{
 							while (list($field_name, $data) = each($return))
 							{
-								$temp[$field_name] = $data; 
+								$temp[$field_name] = $data;
 							}
 							$this->cursor_ext[$md5][] = $temp;
 						}
@@ -1072,16 +1128,16 @@
 		}
 
 		// METHOD db_exec
-		// PARAMS query -> the query, if not given, the query class var will be used 
+		// PARAMS query -> the query, if not given, the query class var will be used
 		//                 (if this was not set, method will quit with a 0 (failure)
 		//        pk_name -> optional primary key name, for insert id return if the pk name is very different
 		//                   if pk name is table name and _id, pk_name is not needed to be set
 		//                   if NULL is given here, no RETURNING will be auto added
 		// RETURN cursor for this query
 		// DESC   executes the query and returns & sets the internal cursor
-		//        fruthermore this functions also sets varios other vars 
+		//        fruthermore this functions also sets varios other vars
 		//        like num_rows, num_fields, etc depending on query
-		//        for INSERT INTO queries it is highly recommended to set the pk_name to avoid an additional 
+		//        for INSERT INTO queries it is highly recommended to set the pk_name to avoid an additional
 		//        read from the database for the PK NAME
 		public function db_exec($query = 0, $pk_name = '')
 		{
@@ -1104,7 +1160,7 @@
 		//        pk_name -> optional primary key name, only used with insert for returning call
 		// RETURN true if async query was sent ok, false if error happened
 		// DESC   executres the query async so other methods can be run during this
-		//        for INSERT INTO queries it is highly recommended to set the pk_name to avoid an additional 
+		//        for INSERT INTO queries it is highly recommended to set the pk_name to avoid an additional
 		//        read from the database for the PK NAME
 		// NEEDS  db_check_async
 		public function db_exec_async($query, $pk_name = '')
@@ -1293,7 +1349,7 @@
 		// PARAMS $stm_name, $query, $pk_name: optional
 		// RETURN false on error
 		// DESC   prepares a query
-		//        for INSERT INTO queries it is highly recommended to set the pk_name to avoid an additional 
+		//        for INSERT INTO queries it is highly recommended to set the pk_name to avoid an additional
 		//        read from the database for the PK NAME
 		public function db_prepare($stm_name, $query, $pk_name = '')
 		{
@@ -1353,8 +1409,8 @@
 						if (!preg_match("/{$this->prepare_cursor[$stm_name]['pk_name']}/", $matches[1]))
 						{
 							$query .= " , ".$this->prepare_cursor[$stm_name]['pk_name'];
-							$this->prepare_cursor[$stm_name]['returning_id'] = true;
 						}
+						$this->prepare_cursor[$stm_name]['returning_id'] = true;
 					}
 				}
 				// search for $1, $2, in the query and push it into the control array
@@ -1423,16 +1479,43 @@ $this->debug('ExecuteData', 'ERROR in STM['.$stm_name.'|'.$this->prepare_cursor[
 				if ($this->_check_query_for_insert($this->prepare_cursor[$stm_name]['query'], true))
 				{
 					if (!$this->prepare_cursor[$stm_name]['returning_id'])
+					{
 						$this->insert_id = $this->db_functions->_db_insert_id($this->prepare_cursor[$stm_name]['query'], $this->prepare_cursor[$stm_name]['pk_name']);
+					}
 					elseif ($code)
-						$this->insert_id = $this->db_functions->_db_fetch_array($code)[$this->prepare_cursor[$stm_name]['pk_name']];
+					{
+						$this->insert_id = array ();
+						// we have returning, now we need to check if we get one or many returned
+						// we'll need to loop this, if we have multiple insert_id returns
+						while ($_insert_id = $this->db_functions->_db_fetch_array($code, PGSQL_ASSOC))
+						{
+							$this->insert_id[] = $_insert_id;
+						}
+						// if we have only one, revert from arry to single
+						if (count($this->insert_id) == 1)
+						{
+//							echo "+ SINGLE DATA CONVERT: ".count($this->insert_id[0])." => ".array_key_exists($this->prepare_cursor[$stm_name]['pk_name'], $this->insert_id[0])."<br>";
+//							echo "+ PK DIRECT: ".$this->insert_id[0][$this->prepare_cursor[$stm_name]['pk_name']]."<Br>";
+							// if this has only the pk_name, then only return this, else array of all data (but without the position)
+							// example if insert_id[0]['foo'] && insert_id[0]['bar'] it will become insert_id['foo'] & insert_id['bar']
+							// if only ['foo_id'] and it is the PK then the PK is directly written to the insert_id
+							if (count($this->insert_id[0]) > 1 || !array_key_exists($this->prepare_cursor[$stm_name]['pk_name'], $this->insert_id[0]))
+							{
+								$this->insert_id_ext = $this->insert_id[0];
+								$this->insert_id = $this->insert_id[0][$this->prepare_cursor[$stm_name]['pk_name']];
+							}
+							elseif ($this->insert_id[0][$this->pk_name])
+							{
+								$this->insert_id = $this->insert_id[0][$this->prepare_cursor[$stm_name]['pk_name']];
+							}
+						}
+					}
 					// this error handling is only for pgsql
 					if (is_array($this->insert_id))
 					{
-						$this->warning_id = 19;
-						$this->_db_error($this->insert_id[1]);
-						$this->_db_debug('db', '<span style="color: orange;"><b>DB-Warning</b> '.$stm_name.': Could not get insert id</span>', 'DB_WARNING');
-						unset($this->insert_id);
+						$this->warning_id = 32;
+						$this->_db_error();
+						$this->_db_debug('db', '<span style="color: orange;"><b>DB-Warning</b> '.$stm_name.': insert id data returned as array</span>', 'DB_WARNING');
 					}
 					elseif (!$this->insert_id)
 					{
@@ -1468,7 +1551,7 @@ $this->debug('ExecuteData', 'ERROR in STM['.$stm_name.'|'.$this->prepare_cursor[
 		// RETURN database version as string
 		// DESC   return current database version
 		public function db_version()
-		{   
+		{
 			return $this->db_functions->_db_version();
 		}
 
@@ -1478,7 +1561,7 @@ $this->debug('ExecuteData', 'ERROR in STM['.$stm_name.'|'.$this->prepare_cursor[
 		// RETURN true/false
 		// DESC   returns boolean true or false if the string matches the database version
 		public function db_compare_version($compare)
-		{   
+		{
 			// compare has =, >, < prefix, and gets stripped, if the rest is not X.Y format then error
 			preg_match("/^([<>=]{1,2})(\d{1,2})\.(\d{1,2})/", $compare, $matches);
 			$compare = $matches[1];
@@ -1495,7 +1578,7 @@ $this->debug('ExecuteData', 'ERROR in STM['.$stm_name.'|'.$this->prepare_cursor[
 			$return = false;
 			// compare
 			switch ($compare)
-			{   
+			{
 				case '=':
 					if ($to_version == $version)
 						$return = true;
@@ -1661,7 +1744,7 @@ $this->debug('ExecuteData', 'ERROR in STM['.$stm_name.'|'.$this->prepare_cursor[
 			$seconds = $matches[4] != '00' ? preg_replace('/^0/', '', $matches[4]) : '';
 			$milliseconds = $matches[6];
 
-			return $prefix.($hour ? $hour.'h ' : '').($minutes ? $minutes.'m ' : '').($seconds ? $seconds.'s' : '').($show_micro && $milliseconds? ' '.$milliseconds.'ms' : ''); 
+			return $prefix.($hour ? $hour.'h ' : '').($minutes ? $minutes.'m ' : '').($seconds ? $seconds.'s' : '').($show_micro && $milliseconds? ' '.$milliseconds.'ms' : '');
 		}
 
 		// METHOD: db_array_parse

www/libs/Class.Form.Generate.inc

@@ -34,7 +34,7 @@
 	*        "pk_name" => the pk_name of the table for the drop down
 	*        "input_name" => the text field name in the table for the drop down
 	*        "input_value" => the $name of input_name (must be same)
-	*        "order_by" => "order bY" string for drop_down_db(_input) if no query given but fields set      
+	*        "order_by" => "order bY" string for drop_down_db(_input) if no query given but fields set
 	*        "query" => for drop_down_db/array if no outer query given
 	*        "preset" => value to preset when array is unset (available for all types)
 	*        "element_list" => array ( "true", "false") - MUST (!) be set for binary
@@ -44,7 +44,7 @@
 	*        "cols" => "nr" - only available for "textarea"
 	*        "error_check" => "custom/email/date/number/unique" - 1) more will come
 	*        "error_regex" => "regex" - if error_check is custom regex here
-	*        "error_example" => "text" - example input text for error_check (only custom right now) 
+	*        "error_example" => "text" - example input text for error_check (only custom right now)
 	*        "empty" => "value/text" - ONLY for view. If no data found, set this value
 	*        --- file:
 	*        "save_dir" => "directory where it should be saved to
@@ -60,7 +60,7 @@
 	*        "output_name" => "Printed out next to multiple select field",
 	*        "mandatory" => 1/0 for must be selected,
 	*        "select_size" => size of multiple select field,
-	*        "query" => "the query to load the multiple select field 
+	*        "query" => "the query to load the multiple select field
 	*                    (select id, concat_ws(" ",name_a, name_b) from reference_table)",
 	*        "selected" => $var_name for name="xx" in multiple select
 	*      ),
@@ -165,7 +165,7 @@
 	*               delete
 	*   2003-06-12: adapted class to register_global_vars off
 	*   2003-06-10: in procedure_delete function I added "protected" variable clause, so if this field exists
-	*               in the DB and is set, you are not able to delete [at the moment used for admin edit user 
+	*               in the DB and is set, you are not able to delete [at the moment used for admin edit user
 	*               in DB]
 	*   2003-05-30: _temp for drop_down_db was added always and not only for same_db
 	*   2003-05-28: added drop_down_db_same_db for drop down/input combinations going into the same DB.
@@ -201,14 +201,14 @@
 	*   2003-03-04: drop_down_array value for option was left from array and
 	*               not right
 	*   2003-02-27: added another check in unset if reference array exists
-	*   2003-02-26: change form to extend db_array_io and created load, save, 
-	*               delete functions removed all reference table functions, 
+	*   2003-02-26: change form to extend db_array_io and created load, save,
+	*               delete functions removed all reference table functions,
 	*               except show function rewrite config array
 	*               re-wrote the class info vars into array
 	*   2003-02-25: added reference table functions
-	*   2002-10-22: create this class so creating basic and medium form pages 
+	*   2002-10-22: create this class so creating basic and medium form pages
 	*               can be handled easy.
-	*               with a given config file the class handles error checks, 
+	*               with a given config file the class handles error checks,
 	*               save data, loads data, etc
 	*********************************************************************/
 
@@ -268,7 +268,7 @@
 			// start the array_io class which will start db_io ...
 			parent::__construct($db_config, $config_array["table_array"], $config_array["table_name"], $debug, $db_debug, $echo, $print);
 			// here should be a check if the config_array is correct ...
-			// 
+			//
 			$this->field_array = $config_array["show_fields"];
 			$this->load_query = $config_array["load_query"];
 			$this->archive_pk_name = "a_".$this->pk_name;
@@ -281,7 +281,7 @@
 				{
 					$this->reference_array[$key] = $value;
 				}
-			} 
+			}
 			if (is_array($config_array["element_list"]))
 			{
 				while (list($key, $value) = each($config_array["element_list"]))
@@ -479,7 +479,7 @@
 			{
 				$this->form_error_check();
 				if (!$this->error)
-				{  
+				{
 					$this->form_save_table_array();
 				}
 				$this->yes = 1;
@@ -602,7 +602,7 @@
 				{
 					$pk_ids[] = $res[$this->int_pk_name];
 					if ($res[$this->int_pk_name] == $this->table_array[$this->int_pk_name]["value"])
-					{ 
+					{
 						$pk_selected = $res[$this->int_pk_name];
 					}
 					unset($t_string);
@@ -635,7 +635,7 @@
 			if ($this->group_level_user <= $this->security_level["new"])
 			{
 				if ($this->yes && !$hide_new_checkbox)
-				{ 
+				{
 					$show_checkbox = 1;
 				}
 				// set type of new name
@@ -658,12 +658,12 @@
 				if ($this->group_level_user <= $this->security_level["save"])
 				{
 					$seclevel_okay = 1;
-					if (!$this->table_array[$this->int_pk_name]["value"]) 
-					{ 
+					if (!$this->table_array[$this->int_pk_name]["value"])
+					{
 						$save = $this->l->__("Save");
 					}
-					else 
-					{ 
+					else
+					{
 						$save = $this->l->__("Update");
 					}
 					// print the old_school hidden if requestet
@@ -714,7 +714,7 @@
 					$data['output'][] = $this->table_array[$element_name]["element_list"][$i];
 					$data['name'] = $element_name;
 					if (($i && $this->table_array[$element_name]["value"]) || (!$i && !$this->table_array[$element_name]["value"]))
-						$data['checked'] = $this->table_array[$element_name]["value"]; 
+						$data['checked'] = $this->table_array[$element_name]["value"];
 
 					if ($i)
 						$data['separator'] = '';
@@ -839,7 +839,7 @@
 			// for media / not yet implemented
 			if ($this->table_array[$element_name]["type"] == "media")
 			{
-				//media::insert_file($element_name,$this->table_array[$element_name]["value"],$query); 
+				//media::insert_file($element_name,$this->table_array[$element_name]["value"],$query);
 			}
 			// order button
 			if ($this->table_array[$element_name]["type"] == "order")
@@ -886,11 +886,10 @@
 				{
 					// each error check can be a piped seperated value, lets split it
 //$this->debug('edit', $value["error_check"]);
-					$error_checks = explode("|", $value["error_check"]);
-					foreach ($error_checks as $error_check)
+					foreach (explode('|', $value["error_check"]) as $error_check)
 					{
 						switch ($error_check)
-						{ 
+						{
 							case "number":
 								if (!preg_match("/^[0-9]+(['\,','.']?[0-9]+)*$/", $this->table_array[$key]["value"]))
 									$this->msg .= sprintf($this->l->__("Please enter a vailid Number for the <b>%s</b> Field!<br>"), $this->table_array[$key]["output_name"]);
@@ -914,7 +913,7 @@
 								break;
 							// check unique, check if field in table is not yet exist
 							case "unique":
-								$q = "SELECT ".$key." FROM ".$this->table_name." WHERE ".$key." = '".addslashes($this->table_array[$key]["value"])."'";
+								$q = "SELECT ".$key." FROM ".$this->table_name." WHERE ".$key." = '".$this->db_escape_string($this->table_array[$key]["value"])."'";
 								if ($this->table_array[$this->int_pk_name]["value"])
 									$q .= " AND ".$this->int_pk_name." <> ".$this->table_array[$this->int_pk_name]["value"];
 								list($$key) = $this->db_return_row($q);
@@ -925,15 +924,20 @@
 								if (!preg_match($this->table_array[$key]["error_regex"], $this->table_array[$key]["value"]))
 									$this->msg .= sprintf($this->l->__("Please enter a valid (%s) input for the <b>%s</b> Field!<br>"), $this->table_array[$key]["error_example"], $this->table_array[$key]["output_name"]);
 								break;
+							case "alphanumericspace":
+//$this->debug('edit', 'IN Alphanumericspace');
+								if (!preg_match("/^[0-9A-Za-z\ ]+$/", $this->table_array[$key]["value"]))
+									$this->msg .= sprintf($this->l->__("Please enter a valid alphanumeric (Numbers and Letters, spaces allowed) value for the <b>%s</b> Field!<br>"), $this->table_array[$key]["output_name"]);
+								break;
 							case "alphanumeric":
 //$this->debug('edit', 'IN Alphanumeric');
-								if (!preg_match("/^[0-9A-Za-z_-]+$/", $this->table_array[$key]["value"]))
+								if (!preg_match("/^[0-9A-Za-z_\-]+$/", $this->table_array[$key]["value"]))
 									$this->msg .= sprintf($this->l->__("Please enter a valid alphanumeric (Numbers and Letters only also - and _, no spaces) value for the <b>%s</b> Field!<br>"), $this->table_array[$key]["output_name"]);
 								break;
 							// this one also allows @ and .
 							case "alphanumericextended":
-//$this->debug('edit', 'IN Alphanumeric');
-								if (!preg_match("/^[0-9A-Za-z_-@\.]+$/", $this->table_array[$key]["value"]))
+//$this->debug('edit', 'IN Alphanumericextended');
+								if (!preg_match("/^[0-9A-Za-z_\-@\.]+$/", $this->table_array[$key]["value"]))
 									$this->msg .= sprintf($this->l->__("Please enter a valid alphanumeric extended (Numbers, Letters, -,  _, @ and . only, no spaces) value for the <b>%s</b> Field!<br>"), $this->table_array[$key]["output_name"]);
 								break;
 							case "password":
@@ -948,15 +952,15 @@
 					} // for each error to check
 				}
 				// if mandatory && no input
-				else if ($value["mandatory"] && 
+				else if ($value["mandatory"] &&
 							(
-								   // for all "normal" fields
-								   ($this->table_array[$key]["type"] != "password" && $this->table_array[$key]["type"] != "drop_down_db_input" && !$this->table_array[$key]["value"]) || 
-								   // for drop_down_db_input check if one of both fields filled
-								   ($this->table_array[$key]["type"] == "drop_down_db_input" && !$this->table_array[$key]["input_value"] && !$this->table_array[$key]["value"]) ||
-								   // for password
-								   ($this->table_array[$key]["type"] == "password" && !$this->table_array[$key]["value"] && !$this->table_array[$key]["HIDDEN_value"])
-							  )
+								// for all "normal" fields
+								($this->table_array[$key]["type"] != "password" && $this->table_array[$key]["type"] != "drop_down_db_input" && !$this->table_array[$key]["value"]) ||
+								// for drop_down_db_input check if one of both fields filled
+								($this->table_array[$key]["type"] == "drop_down_db_input" && !$this->table_array[$key]["input_value"] && !$this->table_array[$key]["value"]) ||
+								// for password
+								($this->table_array[$key]["type"] == "password" && !$this->table_array[$key]["value"] && !$this->table_array[$key]["HIDDEN_value"])
+							)
 						) // main if end
 				{
 //$this->debug('form', "A: ".$this->table_array[$key]["type"]." -- ".$this->table_array[$key]["input_value"]." -- ".$this->table_array[$key]["value"]);
@@ -990,14 +994,22 @@
 					if ($this->reference_array[$key]["mandatory"] && !$this->reference_array[$key]["selected"][0])
 						$this->msg .= sprintf($this->l->__("Please select at least one Element from field <b>%s</b>!<br>"), $this->reference_array[$key]["output_name"]);
 				}
-			} 
+			}
 //$this->debug('edit_error', "QS: <pre>".print_r($_POST, 1)."</pre>");
-            if (is_array($this->element_list))
+			if (is_array($this->element_list))
 			{
 				// check the mandatory stuff
 				// if mandatory, check that at least on pk exists or if at least the mandatory field is filled
 				while (list($table_name, $reference_array) = each($this->element_list))
 				{
+					// set pk/fk id for this
+					foreach ($reference_array['elements'] as $_name => $_data)
+					{
+						if ($_data['pk_id'])
+							$_pk_name = $_name;
+						if ($_data['fk_id'])
+							$_fk_name = $_name;
+					}
 					// get the leasy of keys from the elements array
 					$keys = array_keys($reference_array["elements"]);
 					// prefix
@@ -1025,10 +1037,8 @@
 							{
 								$mand_okay = 1;
 							}
-						// we found a mandatory field. check now if one is set to satisfy the main mandatory
-						// also check, if this field is mandatory and its not set, but any other, throw an error
-//						for ($i = 0; $i < count($_POST[$prfx.$el_name]); $i ++)
-//						{
+							// we found a mandatory field. check now if one is set to satisfy the main mandatory
+							// also check, if this field is mandatory and its not set, but any other, throw an error
 //$this->debug('edit_error_chk', "RG error - Data[".$prfx.$el_name.": ".$_POST[$prfx.$el_name][$i]." | ".$_POST[$prfx.$el_name]." - ".$reference_array['enable_name']." - ".$_POST[$reference_array['enable_name']][$_POST[$prfx.$el_name][$i]]);
 							if ($data_array["mandatory"] && $_POST[$prfx.$el_name][$i])
 							{
@@ -1053,9 +1063,30 @@
 							{
 								$row_okay[$i] = 0;
 							}
-
-//						}
-
+							// do optional error checks like for normal fields
+							// currently active: unique/alphanumeric
+							if ($data_rray['error_check'])
+							{
+								foreach (explode('|', $value["error_check"]) as $error_check)
+								{
+									switch ($error_check)
+									{
+										// check unique, check if field in table is not yet exist
+										case "unique":
+											$q = "SELECT ".$_pk_name." FROM ".$table_name." WHERE ".$el_name." = '".$this->db_escape_string($_POST[$prfx.$el_name][$i])."'";
+											if ($this->table_array[$this->int_pk_name]["value"])
+												$q .= " AND ".$this->int_pk_name." <> ".$this->table_array[$this->int_pk_name]["value"];
+											list($$key) = $this->db_return_row($q);
+											if ($$key)
+												$this->msg .= sprintf($this->l->__("The field <b>%s</b> in row <b>%s</b> can be used only once!<br>"), $reference_array["output_name"], $i);
+											break;
+										case "alphanumericspace":
+											if (!preg_match("/^[0-9A-Za-z\ ]+$/", $_POST[$prfx.$el_name][$i]))
+												$this->msg .= sprintf($this->l->__("Please enter a valid alphanumeric (Numbers and Letters, spaces allowed) value for the <b>%s</b> Field and row <b>%s</b>!<br>"), $reference_array["output_name"], $i);
+											break;
+									}
+								}
+							}
 						} // if main mandatory
 					}
 
@@ -1128,7 +1159,7 @@
 				// if preset var present preset
 				if (isset($this->table_array[$key]["preset"]))
 					$this->table_array[$key]["value"] = $this->table_array[$key]["preset"];
-			}  
+			}
 			if (is_array($this->reference_array))
 			{
 				if (!is_array($this->reference_array))
@@ -1180,7 +1211,7 @@
 
 		// METHOD form_save_table_array
 		// PARAMS addslashes - if one, passes 1 to the db_write function
-		// RETURN none 
+		// RETURN none
 		// DESC   save a table, reference and all input fields
 		public function form_save_table_array($addslashes = 0)
 		{
@@ -1198,21 +1229,21 @@
 				{
 //$this->debug('form', "HERE");
 					// check if this text name already exists (lowercase compare)
-					$q = "SELECT ".$this->table_array[$key]["pk_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".addslashes(strtolower($this->table_array[$key]["input_value"]))."'";
+					$q = "SELECT ".$this->table_array[$key]["pk_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".$this->db_escape_string(strtolower($this->table_array[$key]["input_value"]))."'";
 					// if a where was given, add here
 					if ($this->table_array[$key]["where"])
-						$q .= " AND ".$this->table_array[$key]["where"];      
+						$q .= " AND ".$this->table_array[$key]["where"];
 					list($pk_name_temp) = $this->db_return_row($q);
 					if ($this->num_rows >= 1)
 					{
-						$this->table_array[$key]["value"] = $pk_name_temp; 
+						$this->table_array[$key]["value"] = $pk_name_temp;
 					}
 					else
 					{
 						// if a where was given, set this key also [dangerous!]
 						
-						// posgres compatible insert
-						$q = "INSERT INTO ".$this->table_array[$key]["table_name"]." (".$this->table_array[$key]["input_name"].") VALUES ('".addslashes($this->table_array[$key]["input_value"])."')";
+						// postgreSQL compatible insert
+						$q = "INSERT INTO ".$this->table_array[$key]["table_name"]." (".$this->table_array[$key]["input_name"].") VALUES ('".$this->db_escape_string($this->table_array[$key]["input_value"])."')";
 						$this->db_exec($q);
 						if ($this->table_array[$key]["where"])
 						{
@@ -1233,7 +1264,7 @@
 					if ($this->table_array[$key]["input_value"] != $this->table_array[$key]["value"])
 					{
 						// check if "right input" is in DB
-						$q = "SELECT ".$this->table_array[$key]["input_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".strtolower(addslashes($this->table_array[$key]["input_value"]))."'";
+						$q = "SELECT ".$this->table_array[$key]["input_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".strtolower($this->db_escape_string($this->table_array[$key]["input_value"]))."'";
 						// if a where was given, add here
 						if ($this->table_array[$key]["where"])
 							$q .= " AND ".$this->table_array[$key]["where"];
@@ -1267,7 +1298,7 @@
 							//if a slash at the end (if not add slash)
 							if (!preg_match("|/$|", $this->table_array[$key]["save_dir"]))
 								$this->table_array[$key]["save_dir"] .= "/";
-							if (move_uploaded_file($GLOBALS["_FILES"][$key."_file"]['tmp_name'], $this->table_array[$key]["save_dir"].$GLOBALS["_FILES"][$key."_file"]['name'])) 
+							if (move_uploaded_file($GLOBALS["_FILES"][$key."_file"]['tmp_name'], $this->table_array[$key]["save_dir"].$GLOBALS["_FILES"][$key."_file"]['name']))
 							{
 								// make it unique with a unique number at the beginning
 								$this->table_array[$key]["value"] = uniqid(rand(), 1)."_".$GLOBALS["_FILES"][$key."_file"]['name'];
@@ -1302,7 +1333,7 @@
 					}
 					else
 					{
-//						$this->table_array[$key]["HIDDEN_value"] = 
+//						$this->table_array[$key]["HIDDEN_value"] =
 					}
 				}
 			} // go through each field
@@ -1352,6 +1383,8 @@
 					// check if there is a hidden key, update, else insert
 					while (list($el_name, $data_array) = each($reference_array["elements"]))
 					{
+						// this is only for reference_data part, at least one of the text fields need to be set for writing
+						$blow_write = array ();
 //$this->debug('edit_error_query', "QUERY: ".$this->print_ar($_POST));
 						// go through all submitted data
 //						for ($i = 0; $i < count($_POST[$el_name]); $i ++)
@@ -1367,6 +1400,16 @@
 							{
 								$no_write[$i] = 1;
 							}
+							// flag if data is in the text field and we are in a reference data set
+							if ($reference_array['type'] == 'reference_data' )
+							{
+								if ($data_array['type'] == 'text' && $_POST[$prfx.$el_name][$i])
+									$block_write[$i] = 1;
+							}
+							else
+							{
+								$block_write[$i] = 1;
+							}
 							// set type and boundaries for insert/update
 							if ($data_array["pk_id"] && $_POST[$prfx.$el_name][$i])
 							{
@@ -1383,19 +1426,24 @@
 							}
 							// write all data (insert/update) because I don't know until all are processed if it is insert or update
 							// don't write primary key backup for update
-$this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prfx.$el_name][$i]." {".$_POST[$prfx.$el_name]."} | Type: ".$type[$i]." | PK: ".$data_array["pk_id"]." ");
-							if (!$data_array["pk_id"])
+							// for reference_data type, only write if at least one text type field is set
+//$this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prfx.$el_name][$i]." | Type: ".$type[$i]." | PK: ".$data_array["pk_id"].", Block write: ".$block_write[$i]);
+							// only add elements that are not PK or FK flaged
+							if (!$data_array['pk_id'] && !$data_array['fk_id'])
 							{
-								// update
+								// update data list
 								if (strlen($q_data[$i]))
 									$q_data[$i] .= ", ";
-								// insert
+								// insert name part list
 								if ($q_names[$i])
 									$q_names[$i] .= ", ";
-								$q_names[$i] .= $el_name;
+								// insert value part list
 								if (strlen($q_values[$i]))
 									$q_values[$i] .= ", ";
-								// data part
+								// insert column name add
+								$q_names[$i] .= $el_name;
+								// data part, read from where [POST]
+								// radio group selections (only one can be active)
 								if ($data_array['type'] == 'radio_group')
 								{
 									if ($i == $_POST[$prfx.$el_name])
@@ -1407,10 +1455,11 @@ $this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prf
 								{
 									$_value = $_POST[$prfx.$el_name][$i];
 								}
+								// pre write data set. if int value, unset flagged need to be set null or 0 depending on settings
 								if ($data_array['int'] || $data_array['int_null'])
 								{
 									if (!$_value && $data_array['int_null'])
-										$value = 'NULL';
+										$_value = 'NULL';
 									elseif (!isset($_value))
 										$_value = 0;
 									$q_data[$i] .= $el_name." = ".$_value;
@@ -1418,34 +1467,38 @@ $this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prf
 								}
 								else
 								{
-									$q_data[$i] .= $el_name." = '".addslashes($_value)."'";
-									$q_values[$i] .= "'".addslashes($_value)."'";
+									// normal data gets escaped
+									$q_data[$i] .= $el_name." = '".$this->db_escape_string($_value)."'";
+									$q_values[$i] .= "'".$this->db_escape_string($_value)."'";
 								}
 							}
 						}
 					} // eche table elements
+					// finalize the queries, add FK key reference for inserts and run the query
 					for ($i = 0; $i < count($type); $i ++)
 					{
+						$q = '';
 						if (!$no_write[$i])
 						{
 							if ($type[$i] == "update")
 							{
 								$q = $q_begin[$i].$q_data[$i].$q_end[$i];
 							}
-							else
+							elseif ($block_write[$i])
 							{
 								$q = $q_begin[$i].$q_names[$i].", ".$this->int_pk_name.$q_middle[$i].$q_values[$i].", ".$this->table_array[$this->int_pk_name]["value"].$q_end[$i];
 							}
-//$this->debug('edit', "Q: ".$q."<br>");
+$this->debug('edit', "Pos[$i] => ".$type[$i]." Q: ".$q."<br>");
 							// write the dataset
-							$this->db_exec($q);
+							if ($q)
+								$this->db_exec($q);
 						}
 					} // for each created query
 				} // each element list
 			}
 			$this->warning = 1;
 			$this->msg = $this->l->__("Dataset has been saved!<Br>");
-		} 
+		}
 
 		// METHOD form_delete_table_array
 		// PARAMS none
@@ -1544,42 +1597,52 @@ $this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prf
 		// PARAMS show which element list
 		// RETURN array for output
 		// DESC   create list of elements next to each other for a group of data in an input field
+		//        this currently only works for a list that is filled from a sub table and creates only a connection to this one
+		//        new version will allow a sub list with free input fields to directly fill a sub table to a master table
 		public function form_create_element_list_table($table_name)
 		{
+			// output name for the viewable left table td box, prefixed with * if mandatory
 			$output_name = $this->element_list[$table_name]["output_name"];
 			if ($this->element_list[$table_name]["mandatory"])
 				$output_name .= ' *';
 			// delete button name, if there is one set
 			if ($this->element_list[$table_name]["delete_name"])
 				$data['delete_name'] = $this->element_list[$table_name]["delete_name"];
-			// set the enable checkbox name if there is one
+			// set the enable checkbox for delete, if the delete flag is given if there is one
 			if ($this->element_list[$table_name]["enable_name"])
 			{
 				$data['enable_name'] = $this->element_list[$table_name]["enable_name"];
 				if ($this->element_list[$table_name]["delete"])
 					$data['delete'] = 1;
 			}
+			// prefix for the elements, to not collide with names in the master set
 			if ($this->element_list[$table_name]["prefix"])
 				$data["prefix"] = $this->element_list[$table_name]["prefix"]."_";
+			// the sub data table name
 			$data['table_name'] = $table_name;
-			$pos = 0; // position in while for overwrite if needed
+
 			// build the select part
 			if (!is_array($this->element_list[$table_name]["elements"]))
 				$this->element_list[$table_name]["elements"] = array ();
 			reset($this->element_list[$table_name]["elements"]);
 			// generic data read in (counts for all rows)
+			// visible list data output
 			while (list($el_name, $data_array) = each($this->element_list[$table_name]["elements"]))
 			{
-				$_el_name = $el_name;
-				$el_name = $data["prefix"].$el_name;
+//				$this->debug('CFG', 'El: '.$el_name.' -> '.$this->print_ar($data_array));
 				// if the element name matches the read array, then set the table as a name prefix
-				$q_select[] = $_el_name; // this is for reading the data
+				$q_select[] = $el_name; // this is for reading the data
+				// prefix the name for any further data parts
+				$el_name = $data["prefix"].$el_name;
 				$data['output_name'][$el_name] = $data_array["output_name"]; // this are the output names (if given)
 				$data['type'][$el_name] = $data_array["type"]; /// this is the type of the field
 				// set the primary key name
 				if ($data_array['pk_id'])
 					$data['pk_name'] = $el_name;
-				// if drop down db read data for element list
+				if ($data_array['fk_id'])
+					$data['fk_name'] = $el_name;
+				// if drop down db read data for element list from the given sub table as from the query
+				// only two elements are allowed: pos 0 is key, pso 1 is visible output name
 				if ($data_array['type'] == 'drop_down_db')
 				{
 					$md_q = md5($data_array['query']);
@@ -1594,64 +1657,87 @@ $this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prf
 						$data['output_data'][$el_name][] = $res[1];
 					}
 				}
-				else
+				elseif ($data_array["element_list"])
 				{
 					$data['element_list'][$el_name] = $data_array["element_list"]; // this is for the checkboxes
 				}
 				$proto[$el_name] = ($this->error) ? $_POST[$el_name][(count($_POST[$el_name]) - 1)] : ''; // this is for the new line
 			}
+//			$this->debug('CFG DATA', 'Data: '.$this->print_ar($data));
+//			$this->debug('CFG PROTO', 'Proto: '.$this->print_ar($proto));
+//			$this->debug('CFG SELECT', 'Proto: '.$this->print_ar($q_select));
 			// query for reading in the data
 //$this->debug('edit_error', "ERR: ".$this->error);
 			// if we got a read data, build the read select for the read, and read out the "selected" data
 			if ($this->element_list[$table_name]["read_data"])
 			{
-				array_unshift($q_select, $this->element_list[$table_name]["read_data"]["name"]);
+				// we need a second one for the query build only
+				// prefix all elements with the $table name
+				foreach ($q_select as $_pos => $element)
+				{
+					$_q_select[$_pos] = $table_name.'.'.$element;
+				}
+				// add the read names in here, prefix them with the table name
+				// earch to read part is split by |
+				if ($this->element_list[$table_name]["read_data"]["name"])
+				{
+					foreach (explode('|', $this->element_list[$table_name]["read_data"]["name"]) as $read_name)
+					{
+						array_unshift($_q_select, $this->element_list[$table_name]["read_data"]["table_name"].'.'.$read_name);
+						array_unshift($q_select, $read_name);
+					}
+				}
 				// set the rest of the data so we can print something out
 				$data['type'][$data["prefix"].$this->element_list[$table_name]["read_data"]["name"]] = 'string';	
 				// build the read query
 				$q = "SELECT ";
 //				if (!$this->table_array[$this->int_pk_name]["value"])
 //					$q .= "DISTINCT ";
-				// prefix join key with table name
-				$q .= str_replace($this->element_list[$table_name]["read_data"]["pk_id"], $this->element_list[$table_name]["read_data"]["table_name"].".".$this->element_list[$table_name]["read_data"]["pk_id"], implode(", ", $q_select))." ";
+				// prefix join key with table name, and implode the query select part
+				$q .= str_replace($table_name.'.'.$this->element_list[$table_name]["read_data"]["pk_id"], $this->element_list[$table_name]["read_data"]["table_name"].'.'.$this->element_list[$table_name]["read_data"]["pk_id"], implode(', ', $_q_select)).' ';
 //				if (!$this->table_array[$this->int_pk_name]["value"] && $this->element_list[$table_name]["read_data"]["order"])
 //					$q .= ", ".$this->element_list[$table_name]["read_data"]["order"]." ";
+				// read from the read table as main, and left join to the sub table to read the actual data
 				$q .= "FROM ".$this->element_list[$table_name]["read_data"]["table_name"]." ";
 				$q .= "LEFT JOIN ".$table_name." ";
 				$q .= "ON (";
 				$q .= $this->element_list[$table_name]["read_data"]["table_name"].".".$this->element_list[$table_name]["read_data"]["pk_id"]." = ".$table_name.".".$this->element_list[$table_name]["read_data"]["pk_id"]." ";
 //				if ($this->table_array[$this->int_pk_name]["value"])
-				$q .= "AND ".$this->int_pk_name." = ".(($this->table_array[$this->int_pk_name]["value"]) ? $this->table_array[$this->int_pk_name]["value"] : 'NULL')." ";
+				$q .= "AND ".$table_name.".".$this->int_pk_name." = ".(($this->table_array[$this->int_pk_name]["value"]) ? $this->table_array[$this->int_pk_name]["value"] : 'NULL')." ";
 				$q .= ") ";
 				if ($this->element_list[$table_name]["read_data"]["order"])
-					$q .= " ORDER BY ".$this->element_list[$table_name]["read_data"]["order"];
+					$q .= " ORDER BY ".$this->element_list[$table_name]["read_data"]["table_name"].'.'.$this->element_list[$table_name]["read_data"]["order"];
 			}
 			else
 			{
 				// only create query if we have a primary key
+				// reads directly from the reference table
 				if ($this->table_array[$this->int_pk_name]["value"])
 					$q = "SELECT ".implode(", ", $q_select)." FROM ".$table_name." WHERE ".$this->int_pk_name." = ".$this->table_array[$this->int_pk_name]["value"];
 			}
+//			$this->debug('CFG QUERY', 'Q: '.$q);
 			// only run if we have query strnig
 			if ($q)
 			{
+				$pos = 0; // position in while for overwrite if needed
 				// read out the list and add the selected data if needed
 				while ($res = $this->db_return($q))
 				{
+					$_data = array ();
 					$prfx = $data["prefix"]; // short
 					// go through each res
 					for ($i = 0; $i < count($q_select); $i ++)
 					{
 						// query select part, set to the element name
 						$el_name = $q_select[$i];
-//$this->debug('edit_error', "[$i] POS[$prfx$el_name]: ".$_POST[$prfx.$el_name][$pos]." | RES: ".$res[$el_name]);
+//$this->debug('edit_error', "[$i] ELNAME: $el_name | POS[$prfx$el_name]: ".$_POST[$prfx.$el_name][$pos]." | RES: ".$res[$el_name]);
 						// if we have an error, we take what we have in the vars, if not we take the data from the db
 						if ($this->error)
 						{
 							// if we have a radio group, set a bit different
 							if ($data['element_list'][$prfx.$el_name] == 'radio_group')
 								$_data[$prfx.$el_name] = ($res[$el_name]) ? ($res[$el_name] - 1) : 0;
-							else	 
+							else	
 								$_data[$prfx.$el_name] = $_POST[$prfx.$el_name][$pos];
 						}
 						else				
@@ -1669,6 +1755,44 @@ $this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prf
 					unset($_data);
 				}
 			}
+			// if this is normal single reference data check the content on the element count
+			// if there is a max_empty is set, then fill up new elements (unfilled) until we reach max empty
+			if ($this->element_list[$table_name]['type'] == 'reference_data' && is_numeric($this->element_list[$table_name]['max_empty']) && $this->element_list[$table_name]['max_empty'] > 0)
+			{
+				// if the max empty is bigger than 10, just cut it to ten at the moment
+				if ($this->element_list[$table_name]['max_empty'] > 10)
+					$this->element_list[$table_name]['max_empty'] = 10;
+				// check if we need to fill fields
+				$element_count = count($data['content']);
+				$missing_empty_count = $this->element_list[$table_name]['max_empty'] - count($data['content']);
+				$this->debug('CFG MAX', 'Max empty: '.$this->element_list[$table_name]['max_empty'].', Missing: '.$missing_empty_count.', Has: '.$element_count);
+				// set if we need more open entries or if we do not have any entries yet
+				if (($missing_empty_count < $this->element_list[$table_name]['max_empty']) || $element_count == 0)
+				{
+					for ($pos = count($data['content']); $pos <= ($this->element_list[$table_name]['max_empty'] + $element_count); $pos ++)
+					{
+						$_data = array ();
+
+						// the fields that need to be filled are in data->type array:
+						// pk fields are unfilled
+						// fk fields are filled with the fk_id "int_pk_name" value
+						foreach ($data['type'] as $el_name => $type)
+						{
+							$_data[$el_name] = '';
+							if ($el_name == $data['pk_name'])
+							{
+							}
+							elseif ($el_name == $data['fk_name'])
+							{
+								$_data[$el_name] = $this->table_array[$this->int_pk_name]["value"];
+							}
+						}
+						$data['content'][] = $_data;
+						$data['pos'][] = array(0 => $pos); // this is for the checkboxes
+					}
+				}
+			}
+
 			// push in an empty line of this type, but only if we have a delete key
 			if ($data['delete_name'])
 				$data['content'][] = $proto;

www/libs/Class.Login.inc

@@ -80,16 +80,7 @@
 		private $login_template = array ('strings' => array (), 'password_change' => '', 'template' => '');
 
 		// acl vars
-		public $acl = array (
-			'acl' => array (
-				'user' => array (),
-				'page' => array (),
-				'edit_access' => array ()
-			),
-			'info' => array (
-				'edit_access' => array ()
-			)
-		);
+		public $acl = array ();
 		public $default_acl_list = array ();
 
 		// METHOD: login
@@ -109,8 +100,8 @@
 				exit;
 			}
 
-			// set log file name
-			$this->file_name_ext = '_login_'.date('Y-m-d').'.log';
+			// log login data for this class only
+			$this->log_per_class = 1;
 
 			// get the language sub class & init it
 			_spl_autoload('Class.l10n.inc');
@@ -172,23 +163,23 @@
 				"class_author" => "cs/gullevek/at"
 			);
 
+			// init default ACL list array
+			$_SESSION['DEFAULT_ACL_LIST'] = array ();
 			// read the current edit_access_right list into an array
 			$q = "SELECT level, type, name FROM edit_access_right WHERE level >= 0 ORDER BY level";
 			while ($res = $this->db_return($q))
 			{
-				// level to description format
+				// level to description format (numeric)
 				$this->default_acl_list[$res['level']] = array (
 					'type' => $res['type'],
 					'name' => $res['name']
 				);
-				// format type (eg read) => acl number (eg 20)
-				$this->default_acl_list[$res['type']] = $res['level'];
 			}
 			// write that into the session
 			$_SESSION['DEFAULT_ACL_LIST'] = $this->default_acl_list;
 
 			// if username & password & !$euid start login
-			$this->login_login_user(); 
+			$this->login_login_user();
 			// checks if $euid given check if user is okay for that side
 			$this->login_check_permissions();
 			// logsout user
@@ -227,7 +218,7 @@
 		{
 			parent::__destruct();
 		}
- 
+
 		// METHOD: login_login_user
 		// PARAMS: none
 		// RETURN: none
@@ -404,7 +395,7 @@
 								$_SESSION["PAGES"] = $pages;
 								$_SESSION["PAGES_ACL_LEVEL"] = $pages_acl;
 								// load the edit_access user rights
-								$q = "SELECT ea.edit_access_id, level, type, ea.name, ea.color, edit_default ";
+								$q = "SELECT ea.edit_access_id, level, type, ea.name, ea.color, ea.uid, edit_default ";
 								$q .= "FROM edit_access_user eau, edit_access_right ear, edit_access ea ";
 								$q .= "WHERE eau.edit_access_id = ea.edit_access_id AND eau.edit_access_right_id = ear.edit_access_right_id AND eau.enabled = 1 AND edit_user_id = ".$this->euid." ";
 								$q .= "ORDER BY ea.name";
@@ -413,16 +404,28 @@
 								$unit_acl = array();
 								while ($res = $this->db_return($q))
 								{
+									// read edit access data fields and drop them into the unit access array
+									$q_sub ="SELECT name, value FROM edit_access_data WHERE enabled = 1 AND edit_access_id = ".$res['edit_access_id'];
+									$ea_data = array ();
+									while ($res_sub = $this->db_return($q_sub))
+									{
+										$ea_data[$res_sub['name']] = $res_sub['value'];
+									}
+									// build master unit array
 									$unit_access[$res['edit_access_id']] = array (
 										"id" => $res['edit_access_id'],
 										"acl_level" => $res["level"],
 										"acl_type" => $res["type"],
 										"name" => $res["name"],
+										"uid" => $res['uid'],
 										"color" => $res["color"],
-										"default" => $res["edit_default"]
+										"default" => $res["edit_default"],
+										'data' => $ea_data
 									);
+									// set the default unit
 									if ($res['edit_default'])
 										$_SESSION["UNIT_DEFAULT"] = $res['edit_access_id'];
+									// sub arrays for simple access
 									array_push($eauid, $res['edit_access_id']);
 									$unit_acl[$res['edit_access_id']] = $res['level'];
 								}
@@ -460,7 +463,7 @@
 				}
 			} // if he pressed login at least and is not yet loggined in
 		}
-  
+
 		// METHOD: login_check_permission
 		// PARAMS: none
 		// RETUNR none
@@ -482,7 +485,7 @@
 					$this->permission_okay = 1;
 				}
 				else
-				{        
+				{
 					$this->login_error = 103;
 					$this->permission_okay = 0;
 				}
@@ -526,94 +529,110 @@
 		// DESC  : sets all the basic ACLs
 		//         init set the basic acl the user has, based on the following rules
 		//         * init set from config DEFAULT ACL
-		//         * if group ACL is set, it overrides the default ACL
-		//         * if page ACL is set, it overrides the group ACL
-		//         * if user ACL is set, it overrides the page ACL
+		//         * if page ACL is set, it overrides the default ACL
+		//         * if group ACL is set, it overrides the page ACL
+		//         * if user ACL is set, it overrides the group ACL
 		//         set the page ACL
 		//         * default ACL set
 		//         * set group ACL if not default overrides default ACL
 		//         * set page ACL if not default overrides group ACL
-		//         set edit access ACL an set default edit access group
+		//         set edit access ACL and set default edit access group
 		//         * if an account ACL is set, set this parallel, account ACL overrides user ACL if it applies
 		//         * if edit access ACL level is set, use this, else use page
 		//         set all base ACL levels as a list keyword -> ACL number
 		public function login_set_acl()
 		{
-			// set the mastser user id
-			$this->acl['info']['euid'] = $_SESSION['EUID'];
-			// set admin flag, if this is on, all ACLs are set 100
-			if ($_SESSION['ADMIN'])
-				$this->acl['info']['admin'] = 1;
-			else
-				$this->acl['info']['admin'] = 0;
-			$this->acl['acl']['admin'] = $this->acl['info']['admin'];
+			// we start with the default acl
+			$this->acl['base'] = DEFAULT_ACL_LEVEL;
 
-			if (!$this->acl['info']['admin'])
+			// set admin flag and base to 100
+			if ($_SESSION['ADMIN'])
 			{
-				// this is the base if nothing is set
-				$this->acl['acl']['user'] = DEFAULT_ACL_LEVEL; // old base ACL
-				$this->acl['acl']['max'] = DEFAULT_ACL_LEVEL;
+				$this->acl['admin'] = 1;
+				$this->acl['base'] = 100;
+			}
+			else
+			{
+				// now go throw the flow and set the correct ACL
+				// user > page > group
 				// group ACL 0
 				if ($_SESSION['GROUP_ACL_LEVEL'] != -1)
 				{
-					$this->acl['acl']['user'] = $_SESSION['GROUP_ACL_LEVEL'];
-					if ($this->acl['acl']['user'] > $this->acl['acl']['max'])
-						$this->acl['acl']['max'] = $this->acl['acl']['user'];
+					$this->acl['base'] = $_SESSION['GROUP_ACL_LEVEL'];
 				}
-				// page ACL 2
+				// page ACL 1
 				if ($_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1)
 				{
-					$this->acl['acl']['user'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
-					if ($this->acl['acl']['user'] > $this->acl['acl']['max'])
-						$this->acl['acl']['max'] = $this->acl['acl']['user'];
+					$this->acl['base'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
 				}
-				// user ACL 1
+				// user ACL 2
 				if ($_SESSION['USER_ACL_LEVEL'] != -1)
 				{
-					$this->acl['acl']['user'] = $_SESSION['USER_ACL_LEVEL'];
-					if ($this->acl['acl']['user'] > $this->acl['acl']['max'])
-						$this->acl['acl']['max'] = $this->acl['acl']['user'];
+					$this->acl['base'] = $_SESSION['USER_ACL_LEVEL'];
 				}
 			}
-			else
-			{
-				// if admin is on, level is 100 (admin)
-				$this->acl['acl']['user'] = 100;
-				$this->acl['acl']['max'] = 100;
-			}
+
 			// set the current page acl
 			// start with default acl
-			// set group if not -1
-			// set page if not -1, overrides groug
-			$this->acl['acl']['page'] = DEFAULT_ACL_LEVEL;
+			// set group if not -1, overrides default
+			// set page if not -1, overrides group set
+			$this->acl['page'] = DEFAULT_ACL_LEVEL;
 			if ($_SESSION['GROUP_ACL_LEVEL'] != -1)
 			{
-				$this->acl['acl']['page'] = $_SESSION['GROUP_ACL_LEVEL'];
+				$this->acl['page'] = $_SESSION['GROUP_ACL_LEVEL'];
 			}
 			if ($_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1)
 			{
-				$this->acl['acl']['page'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
+				$this->acl['page'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
 			}
+
 			// PER ACCOUNT (UNIT/edit access)->
-			foreach ($_SESSION['UNIT'] as $unit)
+			foreach ($_SESSION['UNIT'] as $ea_id => $unit)
 			{
-				// set edit access acl, unless admin, then it is default 100
-				$this->acl['acl']['edit_access'][$unit['id']] = !$this->acl['info']['admin'] ? ($unit['acl_level'] != -1 ? $unit['acl_level'] : $this->acl['acl']['page']) : 100;
-				$this->acl['info']['edit_access'][$unit['id']] = $unit['name'];
+				// if admin flag is set, all units are set to 100
+				if ($this->acl['admin'])
+				{
+					$this->acl['unit'][$ea_id] = $this->acl['base'];
+				}
+				else
+				{
+					if ($unit['acl_level'] != -1)
+						$this->acl['unit'][$ea_id] = $unit['acl_level'];
+					else
+						$this->acl['unit'][$ea_id] = $this->acl['base'];
+				}
+				// detail name/level set
+				$this->acl['unit_detail'][$ea_id] = array (
+					'name' => $unit['name'],
+					'uid' => $unit['uid'],
+					'level' => $this->default_acl_list[$this->acl['unit'][$ea_id]]['name'],
+					'default' => $unit['default'],
+					'data' => $unit['data']
+				);
+				// set default
+				if ($unit['default'])
+				{
+					$this->acl['unit_id'] = $unit['id'];
+					$this->acl['unit_name'] = $unit['name'];
+					$this->acl['unit_uid'] = $unit['uid'];
+				}
 			}
 			// flag if to show extra edit access drop downs (because user has multiple groups assigned)
 			if (count($_SESSION['UNIT']) > 1)
-				$this->acl['acl']['show_ea_extra'] = 1;
+				$this->acl['show_ea_extra'] = 1;
 			else
-				$this->acl['acl']['show_ea_extra'] = 0;
+				$this->acl['show_ea_extra'] = 0;
 			// set the default edit access
-			$this->acl['info']['default_edit_access'] = $_SESSION['UNIT_DEFAULT'];
-			// integrate the default_acl list, but only for the keyword -> level
-			foreach ($this->default_acl_list as $key => $value)
+			$this->acl['default_edit_access'] = $_SESSION['UNIT_DEFAULT'];
+			// integrate the type acl list, but only for the keyword -> level
+			foreach ($this->default_acl_list as $level => $data)
 			{
-				if (!is_numeric($key))
-					$this->acl['list'][$key] = $value;
+				$this->acl['min'][$data['type']] = $level;
 			}
+			// set the full acl list too
+			$this->acl['acl_list'] = $_SESSION['DEFAULT_ACL_LIST'];
+			// debug
+//			$this->debug('ACL', $this->print_ar($this->acl));
 		}
 
 		// METHOD: login_check_edit_access
@@ -622,7 +641,7 @@
 		// DESC  : checks if this edit access id is valid
 		public function login_check_edit_access($edit_access_id)
 		{
-			if (array_key_exists($edit_access_id, $this->acl['info']['edit_access']))
+			if (array_key_exists($edit_access_id, $this->acl['unit']))
 				return true;
 			else
 				return false;
@@ -657,7 +676,7 @@
 							$data = 'User could not be found';
 						}
 					}
-					// check old passwords match ->  error
+					// check old passwords match -> error
 					if (!$this->login_error)
 					{
 						$q = "SELECT edit_user_id FROM edit_user WHERE enabled = 1 AND username = '".$this->db_escape_string($this->pw_username)."' AND password = '".$this->db_escape_string($this->pw_old_password)."'";
@@ -801,11 +820,11 @@
 			else
 			{
 				return true;
-			} 
+			}
 		}
 
 		// METHOD: login_set_templates
-		// PARAMS: 
+		// PARAMS:
 		// RETURN: none
 		// DESC  : checks if there are external templates, if not uses internal fallback ones
 		private function login_set_templates()
@@ -1011,5 +1030,17 @@ EOM;
 				return $edit_access_id;
 		}
 
+		// METHOD: login_set_edit_access_data
+		// PARAMS: edit access id, key value to search for
+		// RETURN: false for not found or string for found data
+		// DESC  : searchs in the data set for the unit for the data key and returns the value asociated with it
+		public function login_set_edit_access_data($edit_access_id, $data_key)
+		{
+			if (!$_SESSION['UNIT'][$edit_access_id]['data'][$data_key])
+				return false;
+			else
+				return $_SESSION['UNIT'][$edit_access_id]['data'][$data_key];
+		}
+
 	} // close class
 ?>

www/libs/Class.Progressbar.inc

@@ -102,7 +102,6 @@ class ProgressBar
 				$bar = $this->height;
 				break;
 		}
-    
 		// avoid divison through 0
 		if ($this->max - $this->min == 0)
 			$this->max ++;
@@ -557,7 +556,6 @@ class ProgressBar
 		$this->_setStep($step);
 		
 		$js = '';
-    
 		$new_position = $this->_calculatePosition($this->step);
 		if ($new_position['width'] != $this->position['width'] && ($this->direction == 'right' || $this->direction == 'left'))
 		{
@@ -576,7 +574,6 @@ class ProgressBar
 			$js .= 'PBposition'.$this->code.'("height",'.$new_position['height'].');';
 		}
 		$this->position = $new_position;
-    	
 		foreach($this->label as $name => $data)
 		{
 			if (array_key_exists('type', $data))

www/libs/Class.Smarty.Extend.inc

@@ -10,8 +10,8 @@
 
 	// read in the Smarty class for definition
 	// use smarty BC for backwards compability
-    // try to include file from LIBS path, or from normal path
-    _spl_autoload('SmartyBC.class.php');
+	// try to include file from LIBS path, or from normal path
+	_spl_autoload('SmartyBC.class.php');
 
 	class SmartyML extends SmartyBC
 	{

www/libs/Class.l10n.inc

@@ -37,7 +37,7 @@
 
 		public function __construct($lang = '', $path = '')
 		{
-			foreach (array('streas.php', 'gettext.php') as $include_file)
+			foreach (array('streams.php', 'gettext.php') as $include_file)
 				_spl_autoload($include_file);
 
 			if (!$lang)

www/libs/Error.Handling.inc

@@ -1,7 +1,7 @@
 <?
-    /*********************************************************************
-    * AUTHOR: Clemens Schwaighofer
-    * CREATED: 2011/2/8
+	/*********************************************************************
+	* AUTHOR: Clemens Schwaighofer
+	* CREATED: 2011/2/8
 	* DESCRIPTION: pre function to collect all non critical errors into a log file if possible
 	* include this file at the very beginning of the script to get the notices, strict, etc messages.
 	* error etc will still be written to the log/display
@@ -42,7 +42,7 @@
 			4096 => 'E_RECOVERABLE_ERROR',
 			8192 => 'E_DEPRICATED',
 			16384 => 'E_USER_DEPRICATED',
-			30719  => 'E_ALL'
+			30719 => 'E_ALL'
 		);
 
 		// get the current page name (strip path)
@@ -94,7 +94,7 @@
 			}
 			// if write to log is on
 			// simplified, remove datetime for log file
-			if (ini_get('log_errors')) 
+			if (ini_get('log_errors'))
 				error_log('{'.$page_temp.'} ['.$file.'] <'.$line.'> ['.$error_level[$type].'|'.$type.']: '.$message);
 		}
 		// return true, to avoid that php calls its own error stuff

www/libs/FileUploader.inc

@@ -8,21 +8,21 @@ class qqUploadedFileXhr {
      * Save the file to the specified path
      * @return boolean TRUE on success
      */
-    function save($path) {    
+    function save($path) {
         $input = fopen("php://input", "r");
         $temp = tmpfile();
         $realSize = stream_copy_to_stream($input, $temp);
         fclose($input);
-        
-        if ($realSize != $this->getSize()){            
+
+        if ($realSize != $this->getSize()){
             return false;
         }
-        
-        $target = fopen($path, "w");        
+
+        $target = fopen($path, "w");
         fseek($temp, 0, SEEK_SET);
         stream_copy_to_stream($temp, $target);
         fclose($target);
-        
+
         return true;
     }
     function getName() {
@@ -30,17 +30,17 @@ class qqUploadedFileXhr {
     }
     function getSize() {
         if (isset($_SERVER["CONTENT_LENGTH"])){
-            return (int)$_SERVER["CONTENT_LENGTH"];            
+            return (int)$_SERVER["CONTENT_LENGTH"];
         } else {
             throw new Exception('Getting content length is not supported.');
-        }      
-    }   
+        }
+    }
 }
 
 /**
  * Handle file uploads via regular form post (uses the $_FILES array)
  */
-class qqUploadedFileForm {  
+class qqUploadedFileForm {
     /**
      * Save the file to the specified path
      * @return boolean TRUE on success
@@ -64,44 +64,44 @@ class qqFileUploader {
     private $sizeLimit = 10485760;
     private $file;
 
-    function __construct(array $allowedExtensions = array(), $sizeLimit = 10485760){        
+    function __construct(array $allowedExtensions = array(), $sizeLimit = 10485760){
         $allowedExtensions = array_map("strtolower", $allowedExtensions);
-            
-        $this->allowedExtensions = $allowedExtensions;        
+
+        $this->allowedExtensions = $allowedExtensions;
         $this->sizeLimit = $sizeLimit;
-        
-        $this->checkServerSettings();       
+
+        $this->checkServerSettings();
 
         if (isset($_GET['qqfile'])) {
             $this->file = new qqUploadedFileXhr();
         } elseif (isset($_FILES['qqfile'])) {
             $this->file = new qqUploadedFileForm();
         } else {
-            $this->file = false; 
+            $this->file = false;
         }
     }
-    
-    private function checkServerSettings(){        
+
+    private function checkServerSettings(){
         $postSize = $this->toBytes(ini_get('post_max_size'));
-        $uploadSize = $this->toBytes(ini_get('upload_max_filesize'));        
-        
+        $uploadSize = $this->toBytes(ini_get('upload_max_filesize'));
+
         if ($postSize < $this->sizeLimit || $uploadSize < $this->sizeLimit){
-            $size = max(1, $this->sizeLimit / 1024 / 1024) . 'M';             
-            die("{'error':'increase post_max_size and upload_max_filesize to $size'}");    
-        }        
+            $size = max(1, $this->sizeLimit / 1024 / 1024) . 'M';
+            die("{'error':'increase post_max_size and upload_max_filesize to $size'}");
+        }
     }
-    
+
     private function toBytes($str){
         $val = trim($str);
         $last = strtolower($str[strlen($str)-1]);
         switch($last) {
             case 'g': $val *= 1024;
             case 'm': $val *= 1024;
-            case 'k': $val *= 1024;        
+            case 'k': $val *= 1024;
         }
         return $val;
     }
-    
+
     /**
      * Returns array('success'=>true) or array('error'=>'error message')
      */
@@ -109,21 +109,21 @@ class qqFileUploader {
         if (!is_writable($uploadDirectory)){
             return array('error' => "Server error. Upload directory isn't writable.");
         }
-        
+
         if (!$this->file){
             return array('error' => 'No files were uploaded.');
         }
-        
+
         $size = $this->file->getSize();
-        
+
         if ($size == 0) {
             return array('error' => 'File is empty');
         }
-        
+
         if ($size > $this->sizeLimit) {
             return array('error' => 'File is too large');
         }
-        
+
         $pathinfo = pathinfo($this->file->getName());
         $filename = $pathinfo['filename'];
         //$filename = md5(uniqid());
@@ -133,7 +133,7 @@ class qqFileUploader {
             $these = implode(', ', $this->allowedExtensions);
             return array('error' => 'File has an invalid extension, it should be one of '. $these . '.');
         }
-        
+
         if(!$replaceOldFile){
             /// don't overwrite previous files that were uploaded
             while (file_exists($uploadDirectory . $filename . '.' . $ext)) {
@@ -141,17 +141,17 @@ class qqFileUploader {
             }
         }
 
-		$this->uploadFileName = $uploadDirectory . $filename . '.' . $ext;
-		$this->uploadFileExt = $ext;
-        
+        $this->uploadFileName = $uploadDirectory . $filename . '.' . $ext;
+        $this->uploadFileExt = $ext;
+
         if ($this->file->save($uploadDirectory . $filename . '.' . $ext)){
             return array('success'=>true);
         } else {
             return array('error'=> 'Could not save uploaded file.' .
                 'The upload was cancelled, or server error encountered');
         }
-        
-    }    
+
+    }
 }
 
 ?>

www/libs/db_pgsql.inc

@@ -16,7 +16,7 @@
 	* 2004/09/30 (cs) layout cleanup
 	* /
 
-  /* collection of PostgreSQL wrappers
+	* collection of PostgreSQL wrappers
 	* REQUIRES 5.x PHP!!!
 	*
 	* pg_prepare
@@ -152,12 +152,25 @@
 		}
 
 		// METHOD: _db_fetch_array
-		// PARAMS: cursor
+		// PARAMS: cursor, opt result type
 		// RETURN: row
 		// DESC  : wrapper for pg_fetch_array
-		public function _db_fetch_array($cursor)
+		public function _db_fetch_array($cursor, $result_type = '')
 		{
-			return pg_fetch_array($cursor);
+			// result type is passed on as is [should be checked]
+			if ($result_type)
+				return pg_fetch_array($cursor, NULL, $result_type);
+			else
+				return pg_fetch_array($cursor);
+		}
+
+		// METHOD: _db_fetch_all
+		// PARAMS: cursor
+		// RETURN: all rows as array
+		// DESC  : wrapper for pg_fetch_array
+		public function _db_fetch_all($cursor)
+		{
+			return pg_fetch_all($cursor);
 		}
 
 		// METHOD: _db_affected_ros

www/libs/db_pgsql_pdo.inc

@@ -7,7 +7,7 @@
 	* HISTORY:
 	* /
 
-  /* collection of PostgreSQL wrappers
+	/* collection of PostgreSQL wrappers
 	* REQUIRES 5.x PHP with compiled pdo pgsql (--with-pdo-pgsql)
 	*
 	*/

www/libs/streams.php

@@ -49,7 +49,7 @@ class StringReader {
   var $_pos;
   var $_str;
 
-  function StringReader($str='') {
+  function __construct($str='') {
     $this->_str = $str;
     $this->_pos = 0;
   }
@@ -86,7 +86,7 @@ class FileReader {
   var $_fd;
   var $_length;
 
-  function FileReader($filename) {
+  function __construct($filename) {
     if (file_exists($filename)) {
 
       $this->_length=filesize($filename);
@@ -143,7 +143,7 @@ class FileReader {
 // Preloads entire file in memory first, then creates a StringReader
 // over it (it assumes knowledge of StringReader internals)
 class CachedFileReader extends StringReader {
-  function CachedFileReader($filename) {
+  function __construct($filename) {
     if (file_exists($filename)) {
 
       $length=filesize($filename);

www/smarty-3.1.27/plugins/function.html_options.php

@@ -183,7 +183,7 @@ function smarty_function_html_options_optoutput($key, $value, $selected, $id, $c
         $idx ++;
     } else {
         $_idx = 0;
-        $_html_result = smarty_function_html_options_optgroup($key, $value, $selected, !empty($id) ? ($id . '-' . $idx) : null, $class, $_idx);
+        $_html_result = smarty_function_html_options_optgroup($key, $value, $selected, !empty($id) ? ($id . '-' . $idx) : null, $class, $label, $_idx);
         $idx ++;
     }