White space fixes

class basic has a simple date string format method. returns Y-m-d h:i:s
for a trimestring, optional microseconds too
bug fix for unit/edit access id check in login class

4dev/database/bin/create_default_trigger.sh

@@ -1,6 +1,5 @@
 #!/bin/bash
 
-# $Id: create_default_trigger.sh 3158 2010-09-02 02:49:00Z gullevek $
 # creates the default on update trigger for the inherited generic tables (date/name)
 
 orig_file="../tmpl/trigger.tmpl"

4dev/database/bin/drop_data.sh

@@ -1,6 +1,5 @@
 #!/bin/bash
 
-# $Id: drop_data.sh 3158 2010-09-02 02:49:00Z gullevek $
 # quick hack for import
 
 #echo "EXIT";

4dev/database/bin/drop_reload.sh

@@ -1,7 +1,5 @@
 #!/bin/bash
 
-# $Id: drop_reload.sh 3158 2010-09-02 02:49:00Z gullevek $
-
 rm error;
 rm output;
 bin/drop_data.sh;

4dev/database/bin/import_data.sh

@@ -1,6 +1,5 @@
 #!/bin/bash
 
-# $Id: import_data.sh 4382 2013-02-18 07:27:24Z gullevek $
 # quick hack for import
 
 #echo "EXIT";

4dev/database/function/edit_set_access_uid.sql

@@ -0,0 +1,28 @@
+-- add uid add for edit_access table
+
+CREATE OR REPLACE FUNCTION set_edit_access_uid() RETURNS TRIGGER AS 
+$$
+	DECLARE
+		myrec RECORD;
+		v_uid VARCHAR;
+	BEGIN
+		-- skip if NEW.name is not set
+		IF NEW.name IS NOT NULL AND NEW.name <> '' THEN
+			-- use NEW.name as base, remove all spaces
+			-- name data is already unique, so we do not need to worry about this here
+			v_uid := REPLACE(NEW.name, ' ', '');
+			IF TG_OP = 'INSERT' THEN
+				-- always set
+				NEW.uid := v_uid;
+			ELSIF TG_OP = 'UPDATE' THEN
+				-- check if not set, then set
+				SELECT INTO myrec t.* FROM edit_access t WHERE edit_access_id = NEW.edit_access_id;
+				IF FOUND THEN
+					NEW.uid := v_uid;
+				END IF;
+			END IF;
+		END IF;
+		RETURN NEW;
+	END;
+$$
+	LANGUAGE 'plpgsql';

4dev/database/function/update_function.sql

@@ -1,4 +1,3 @@
--- $Id: update_function.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- adds the created or updated date tags
 
 CREATE OR REPLACE FUNCTION set_generic() RETURNS TRIGGER AS '

4dev/database/table/edit_access.sql

@@ -1,4 +1,3 @@
--- $Id: edit_access.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_access_data.sql

@@ -0,0 +1,16 @@
+-- AUTHOR: Clemens Schwaighofer
+-- DATE: 2016/7/15
+-- DESCRIPTION:
+-- sub table to edit access, holds additional data for access group
+-- TABLE: edit_access_data
+-- HISTORY:
+
+-- DROP TABLE edit_access_data;
+CREATE TABLE edit_access_data (
+	edit_access_data_id	SERIAL PRIMARY KEY,
+	edit_access_id INT NOT NULL,
+	name	VARCHAR,
+	value	VARCHAR,
+	enabled	SMALLINT NOT NULL DEFAULT 0, 
+	FOREIGN KEY (edit_access_id) REFERENCES edit_access (edit_access_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE 
+) INHERITS (edit_generic) WITHOUT OIDS;

4dev/database/table/edit_access_right.sql

@@ -1,4 +1,3 @@
--- $Id: edit_access_right.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_access_user.sql

@@ -1,4 +1,3 @@
--- $Id: edit_access_user.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_generic.sql

@@ -1,4 +1,3 @@
--- $Id: edit_generic.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_group.sql

@@ -1,4 +1,3 @@
--- $Id: edit_group.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_language.sql

@@ -1,4 +1,3 @@
--- $Id: edit_language.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_log.sql

@@ -1,4 +1,3 @@
--- $Id: edit_log.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_menu_group.sql

@@ -1,4 +1,3 @@
--- $Id: edit_menu_group.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_page.sql

@@ -1,4 +1,3 @@
--- $Id: edit_page.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_page_access.sql

@@ -1,4 +1,3 @@
--- $Id: edit_page_access.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_page_menu_group.sql

@@ -1,4 +1,3 @@
--- $Id: edit_page_menu_group.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_page_visible_group.sql

@@ -1,4 +1,3 @@
--- $Id: edit_page_visible_group.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_query_string.sql

@@ -1,4 +1,3 @@
--- $Id: edit_query_string.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_scheme.sql

@@ -1,4 +1,3 @@
--- $Id: edit_scheme.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/edit_temp_files.sql

@@ -1,4 +1,3 @@
--- $Id: edit_temp_files.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/08
 -- DESCRIPTION:

4dev/database/table/edit_user.sql

@@ -1,4 +1,3 @@
--- $Id: edit_user.sql 4226 2012-11-02 07:19:57Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/06
 -- DESCRIPTION:

4dev/database/table/edit_visible_group.sql

@@ -1,4 +1,3 @@
--- $Id: edit_visible_group.sql 4382 2013-02-18 07:27:24Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/table/generic.sql

@@ -1,4 +1,3 @@
--- $Id: generic.sql 3158 2010-09-02 02:49:00Z gullevek $
 -- AUTHOR: Clemens Schwaighofer
 -- DATE: 2005/07/05
 -- DESCRIPTION:

4dev/database/trigger/trg_edit_access.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_access.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_access ON edit_access;
 CREATE TRIGGER trg_edit_access
 BEFORE INSERT OR UPDATE ON edit_access

4dev/database/trigger/trg_edit_access_data.sql

@@ -0,0 +1,4 @@
+-- DROP TRIGGER trg_edit_access_data ON edit_access_data;
+CREATE TRIGGER trg_edit_access_data
+BEFORE INSERT OR UPDATE ON edit_access_data
+FOR EACH ROW EXECUTE PROCEDURE set_generic();

4dev/database/trigger/trg_edit_access_right.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_access_right.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_access_right ON edit_access_right;
 CREATE TRIGGER trg_edit_access_right
 BEFORE INSERT OR UPDATE ON edit_access_right

4dev/database/trigger/trg_edit_access_user.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_access_user.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_access_user ON edit_access_user;
 CREATE TRIGGER trg_edit_access_user
 BEFORE INSERT OR UPDATE ON edit_access_user

4dev/database/trigger/trg_edit_group.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_group.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_group ON edit_group;
 CREATE TRIGGER trg_edit_group
 BEFORE INSERT OR UPDATE ON edit_group

4dev/database/trigger/trg_edit_language.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_language.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_language ON edit_language;
 CREATE TRIGGER trg_edit_language
 BEFORE INSERT OR UPDATE ON edit_language

4dev/database/trigger/trg_edit_log.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_log.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_log ON edit_log;
 CREATE TRIGGER trg_edit_log
 BEFORE INSERT OR UPDATE ON edit_log

4dev/database/trigger/trg_edit_menu_group.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_menu_group.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_visible_group ON edit_visible_group;
 CREATE TRIGGER trg_edit_menu_group
 BEFORE INSERT OR UPDATE ON edit_menu_group

4dev/database/trigger/trg_edit_page.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_page.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_page ON edit_page;
 CREATE TRIGGER trg_edit_page
 BEFORE INSERT OR UPDATE ON edit_page

4dev/database/trigger/trg_edit_page_access.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_page_access.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_page_access ON edit_page_access;
 CREATE TRIGGER trg_edit_page_access
 BEFORE INSERT OR UPDATE ON edit_page_access

4dev/database/trigger/trg_edit_query_string.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_query_string.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_query_string ON edit_query_string;
 CREATE TRIGGER trg_edit_query_string
 BEFORE INSERT OR UPDATE ON edit_query_string

4dev/database/trigger/trg_edit_scheme.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_scheme.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_scheme ON edit_scheme;
 CREATE TRIGGER trg_edit_scheme
 BEFORE INSERT OR UPDATE ON edit_scheme

4dev/database/trigger/trg_edit_user.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_user.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_user ON edit_user;
 CREATE TRIGGER trg_edit_user
 BEFORE INSERT OR UPDATE ON edit_user

4dev/database/trigger/trg_edit_visible_group.sql

@@ -1,5 +1,3 @@
--- $Id: trg_edit_visible_group.sql 3158 2010-09-02 02:49:00Z gullevek $
-
 -- DROP TRIGGER trg_edit_visible_group ON edit_visible_group;
 CREATE TRIGGER trg_edit_visible_group
 BEFORE INSERT OR UPDATE ON edit_visible_group

4dev/database/trigger/trg_set_edit_access_uid.sql

@@ -0,0 +1,4 @@
+-- DROP TRIGGER trg_set_edit_access_uid ON edit_access;
+CREATE TRIGGER trg_set_edit_access_uid
+BEFORE INSERT OR UPDATE ON edit_access
+FOR EACH ROW EXECUTE PROCEDURE set_edit_access_uid();

www/admin/class_test.php

@@ -5,7 +5,7 @@
 	$DB_DEBUG = 1;
 
 	if ($DEBUG_ALL)
-		error_reporting(E_ALL | E_STRICT |  E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+		error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
 
 	define('USE_DATABASE', true);
 	// sample config
@@ -28,10 +28,12 @@
 	
 	// set + check edit access id
 	$edit_access_id = 3;
+	print "ACL UNIT: ".print_r(array_keys($login->acl['unit']), 1)."<br>";
+	print "ACCESS CHECK: ".$login->login_check_edit_access($edit_access_id)."<br>";
 	if ($login->login_check_edit_access($edit_access_id))
 		$basic->edit_access_id = $edit_access_id;
 	else
-		$basic->edit_access_id = $login->acl['info']['default_edit_access'];
+		$basic->edit_access_id = $login->acl['unit_id'];
 
 //	$basic->debug('SESSION', $basic->print_ar($_SESSION));
 

www/admin/edit_base.inc

@@ -9,7 +9,7 @@
 	*	 - edit_pages.php
 	*	 - edit_schemes.php
 	*	 - edit_users.php
-	*    - edit_visible_group.php
+	*	 - edit_visible_group.php
 	* HISTORY:
 	* 2005/06/30 (cs) remove color settings, they are in CSS File now
 	* 2005/06/22 (cs) moved load of config array into form class, set lang and lang is must set var for form class; removed the page name setting, moved it into the form class, remove all HTML from main page
@@ -107,15 +107,15 @@
 	}
 
 	// log backend data
-    // data part creation
-    $data = array (
-        '_SESSION' => $_SESSION,
-        '_GET' => $_GET,
-        '_POST' => $_POST,
-        '_FILES' => $_FILES
-    );
-    // log action
-    EditLog('Edit Submit', serialize($data));
+	// data part creation
+	$data = array (
+		'_SESSION' => $_SESSION,
+		'_GET' => $_GET,
+		'_POST' => $_POST,
+		'_FILES' => $_FILES
+	);
+	// log action
+	EditLog('Edit Submit', serialize($data));
 
 	$form->form_procedure_load(${$form->archive_pk_name});
 	$form->form_procedure_new();
@@ -310,12 +310,15 @@
 				$elements[] = $form->form_create_element("name");
 				$elements[] = $form->form_create_element("color");
 				$elements[] = $form->form_create_element("description");
+				// add name/value list here
+				$elements[] = $form->form_show_list_table("edit_access_data");
+			break;
 			break;
 			default:
 				print "NO NO NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO!";
 			break;
 		}
-//$form->debug('edit', "Elements: <pre>".$form->print_ar($elements));
+//		$form->debug('edit', "Elements: <pre>".$form->print_ar($elements));
 		$DATA['elements'] = $elements;
 		$DATA['hidden'] = $form->form_create_hidden_fields();
 		$DATA['save_delete'] = $form->form_create_save_delete();

www/admin/edit_order.php

@@ -67,7 +67,7 @@
 		$smarty->setTemplateDir(TEMPLATES.DEFAULT_TEMPLATE);
 		$DATA['css'] = CSS.DEFAULT_TEMPLATE;
 		$DATA['js'] = JS.DEFAULT_TEMPLATE;
-    }
+	}
 
 	// order name is _always_ order_number for the edit interface
 

www/admin/files.php

@@ -155,7 +155,7 @@
 		if (!$error)
 		{
 			if ($_FILES['file_up']['name'])
-            {
+			{
 				$mime_type = $_FILES['file_up']['type'];
 				$file_size = $_FILES['file_up']['size'];
 				$file_name = $_FILES['file_up']['name'];

www/admin/header.inc

@@ -64,6 +64,8 @@
 	$cms->menu_show_flag = 'main';
 	// db nfo
 	$cms->db_info();
+	// set acl
+	$cms->acl = $login->acl;
 	//------------------------------ class init end
 
 	//------------------------------ logging start

www/admin/set_paths.inc

@@ -95,7 +95,7 @@
 	if (!is_dir($cms->pictures))
 		$cms->pictures = LAYOUT.DEFAULT_TEMPLATE.PICTURES.'/';
 	if (!is_dir($cms->cache_pictures))
-	   	$cms->cache_pictures = LAYOUT.DEFAULT_TEMPLATE.CACHE.IMAGES.'/';
+		$cms->cache_pictures = LAYOUT.DEFAULT_TEMPLATE.CACHE.IMAGES.'/';
 
 	// if the template_dir is != DEFAULT_TEMPLATE, then try to make a lang switch
 	// if the default lang is not like the lang given, switch lang

www/admin/table_arrays/array_edit_access.inc

@@ -10,7 +10,8 @@
 				"value" => $GLOBALS["name"],
 				"output_name" => $this->l->__("Access Group Name"),
 				"mandatory" => 1,
-				"type" => "text"
+				"type" => "text",
+				"error_check" => "alphanumericspace|unique"
 			),
 			"description" => array (
 				"value" => $GLOBALS["description"],
@@ -20,7 +21,7 @@
 			"color" => array (
 				"value" => $GLOBALS["color"],
 				"output_name" => $this->l->__("Color"),
-				"mandatory" => 1,
+				"mandatory" => 0,
 				"type" => "text",
 				"size" => 6,
 				"length" => 6,
@@ -28,7 +29,6 @@
 				"error_regex" => "/[\dA-Fa-f]{6}/",
 				"error_example" => "F6A544"
 			)
-
 		),
 		"table_name" => "edit_access",
 		"load_query" => "SELECT edit_access_id, name FROM edit_access ORDER BY name",
@@ -36,6 +36,43 @@
 			array (
 				"name" => "name"
 			)
+		),
+		"element_list" => array (
+			"edit_access_data" => array (
+				"output_name" => "Edit Access Data",
+				"type" => "reference_data", # is not a sub table read and connect, but only a sub table with data
+				"max_empty" => 5, # maxium visible if no data is set, if filled add this number to visible
+				"prefix" => "ead",
+				"elements" => array (
+					"edit_access_data_id" => array (
+						"output_name" => "Activate",
+						"type" => "hidden",
+						"int" => 1,
+						"pk_id" => 1
+					),
+					"name" => array (
+						"type" => "text",
+						"error_check" => "alphanumeric|unique",
+						"output_name" => "Name"
+					),
+					"value" => array (
+						"type" => "text",
+						"output_name" => "Value"
+					),
+					"enabled" => array (
+						"type" => "checkbox",
+						"output_name" => "Activate",
+						"int" => 1,
+						"element_list" => array(1)
+					),
+					"edit_access_id" => array (
+						"int" => 1,
+						"type" => "hidden",
+						"fk_id" => 1 # reference main key from master table above
+					)
+
+				)
+			)
 		)
 	);
 ?>

www/configs/config.inc

@@ -9,9 +9,9 @@
 
 	/************* SESSION NAMES *************/
 	// backend
-	DEFINE('EDIT_SESSION_NAME', "ADMIN_SESSION_NAME");
+	DEFINE('EDIT_SESSION_NAME', "<ADMIN SESSION NAME>");
 	// frontend
-	DEFINE('SESSION_NAME', "SESSION_NAME");
+	DEFINE('SESSION_NAME', "<SESSION NAME>");
 	
 	/************* LANGUAGE / ENCODING *******/
 	DEFINE('DEFAULT_LANG', "en_utf8");
@@ -34,7 +34,7 @@
 	DEFINE('ROOT', getcwd()."/");
 	// libs path
 	DEFINE('LIBS', "libs/");
-	// includes (strings, arrays for stati, etc)
+	// includes (strings, arrays for static, etc)
 	DEFINE('INCLUDES', "includes/");
 	// layout base path
 	DEFINE('LAYOUT', 'layout/');
@@ -85,7 +85,7 @@
 
 	/************* HASH / ACL DEFAULT / ERROR SETTINGS / SMARTY *************/
 	// default hash type
-	DEFINE('DEFAULT_HASH', 'ripemd160');
+	DEFINE('DEFAULT_HASH', 'sha256');
 	// default acl level
 	DEFINE('DEFAULT_ACL_LEVEL', 80);
 	// default levels for certain actions
@@ -97,7 +97,7 @@
 	DEFINE('DEFAULT_ACL_DEL', 80);
 	DEFINE('DEFAULT_ACL_ADMIN', 100); */
 	// SSL host name
-//	DEFINE('SSL_HOST', "www4.adidas.co.jp");
+//	DEFINE('SSL_HOST', "ssl.host.name");
 	// error page strictness, Default is 3
 	// 1: only show error page as the last mesure if really no mid & aid can be loaded and found at all
 	// 2: if template not found, do not search, show error template
@@ -106,7 +106,7 @@
 //	DEFINE('ERROR_STRICT', 3);
 	// allow page caching in general, set to "FALSE" if you do debugging or development!
 //	DEFINE('ALLOW_SMARTY_CACHE', FALSE);
-	// cache life time, in second', default here is 2 days (172800s)
+	// cache life time, in seconds, default here is 2 days (172800s)
 	// -1 is never expire cache
 //	DEFINE('SMARTY_CACHE_LIFETIME', -1);
 
@@ -135,17 +135,23 @@
 	// live_queue is a global queue system
 //	DEFINE('QUEUE', 'live_queue');
 
+	/************* DB PATHS (PostgreSQL) *****************/
+	// schema names, can also be defined per <DB INFO>
+	DEFINE('PUBLIC_SCHEMA', 'public');
+	DEFINE('DEV_SCHEMA', 'public');
+	DEFINE('TEST_SCHEMA', 'public');
+
 	// non constant part
 	/************* DB ACCESS *****************/
 	// please be VERY carefull only to change the right side
 	$DB_CONFIG = array(
-		"test" => array (
-			"db_name" => "gullevek",
-			"db_user" => "gullevek",
-			"db_pass" => "gullevek",
-			"db_host" => "db.tokyo.tequila.jp",
+		"<db id>" => array (
+			"db_name" => "<database>",
+			"db_user" => "<user>",
+			"db_pass" => "<password>",
+			"db_host" => "<host>",
 			"db_port" => "5432",
-			"db_schema" => "public",
+			"db_schema" => "public", // if not set, uses public
 			"db_type" => "pgsql",
 			"db_encoding" => '',
 			"db_ssl" => 'disable' // allow, disable, require, prefer
@@ -160,27 +166,19 @@
 
 	// each host has a different db_host
 	// development host
-	$DB_HOST['soba'] = "test";
-	$DB_HOST['soba.tokyo.tequila.jp'] = "test";
+	$DB_HOST['<host>'] = "<db id>";
 	// target host (live)
-//	$DB_TARGET_HOST['soba'] = "<DB ID>";
+//	$DB_TARGET_HOST['<host>'] = "<DB ID>";
 	// url redirect database
-//	$DB_URL_REDIRECT_HOST['soba'] = "<DB ID>";
+//	$DB_URL_REDIRECT_HOST['<host>'] = "<DB ID>";
 	// location flagging
 	// test/dev/live
-	$LOCATION['soba'] = 'test';
-	$LOCATION['soba.tokyo.tequila.jp'] = 'test';
+	$LOCATION['<host>'] = '<test|live|remote|etc>';
 	// show DEBUG override
 	// true/false
-	$DEBUG_FLAG['soba'] = true;
-	$DEBUG_FLAG['soba.tokyo.tequila.jp'] = true;
-	// schema names, can also be defined per <DB INFO>
-	DEFINE('PUBLIC_SCHEMA', 'public');
-	DEFINE('DEV_SCHEMA', 'public');
-	DEFINE('TEST_SCHEMA', 'public');
-    // and set to domain
-    $DB_PATH['soba'] = PUBLIC_SCHEMA;
-    $DB_PATH['soba.tokyo.tequila.jp'] = PUBLIC_SCHEMA;
+	$DEBUG_FLAG['<host>'] = true;
+    // set postgresql paths (schemas)
+    $DB_PATH['<host>'] = PUBLIC_SCHEMA;
 
 	// set the USE_DATABASE var, if there is nothing set, we assume TRUE
 	$USE_DATABASE = defined('USE_DATABASE') ? USE_DATABASE : true;
@@ -206,7 +204,7 @@
 //	DEFINE('TEST_SCHEMA', $DB_CONFIG[MAIN_DB]['db_schema']);
 //	DEFINE('PUBLIC_SCHEMA', $DB_CONFIG[TARGET_DB]['db_schema']);
 	DEFINE('LOGIN_DB_SCHEMA', 'public'); // where the edit* tables are
-	DEFINE('GLOBAL_DB_SCHEMA', 'public'); // where global tables are that are used by all schemas (eg queue tables for online', etc)
+	DEFINE('GLOBAL_DB_SCHEMA', 'public'); // where global tables are that are used by all schemas (eg queue tables for online, etc)
 	DEFINE('TARGET', $LOCATION[$HOST_NAME]);
 //	DEFINE('CSV_PATH', $PATHS[TARGET]['csv_path']);
 //	DEFINE('EXPORT_SCRIPT', $PATHS[TARGET]['perl_bin']);

www/configs/config.template.inc

@@ -30,11 +30,11 @@
 	DEFINE('TABLEARRAYDIR', DIR.'table_arrays/');
 
 	// ** OLD DIR DECLARATIONS **
-	// path to document root
+	// path to document root of file called
 	DEFINE('ROOT', getcwd()."/");
 	// libs path
 	DEFINE('LIBS', "libs/");
-	// includes (strings', arrays for stati, etc)
+	// includes (strings, arrays for static, etc)
 	DEFINE('INCLUDES', "includes/");
 	// layout base path
 	DEFINE('LAYOUT', 'layout/');
@@ -85,7 +85,7 @@
 
 	/************* HASH / ACL DEFAULT / ERROR SETTINGS / SMARTY *************/
 	// default hash type
-	DEFINE('DEFAULT_HASH', 'ripemd160');
+	DEFINE('DEFAULT_HASH', 'sha256');
 	// default acl level
 	DEFINE('DEFAULT_ACL_LEVEL', 80);
 	// default levels for certain actions
@@ -97,7 +97,7 @@
 	DEFINE('DEFAULT_ACL_DEL', 80);
 	DEFINE('DEFAULT_ACL_ADMIN', 100); */
 	// SSL host name
-//	DEFINE('SSL_HOST', "www4.adidas.co.jp");
+//	DEFINE('SSL_HOST', "ssl.host.name");
 	// error page strictness, Default is 3
 	// 1: only show error page as the last mesure if really no mid & aid can be loaded and found at all
 	// 2: if template not found, do not search, show error template
@@ -135,6 +135,12 @@
 	// live_queue is a global queue system
 //	DEFINE('QUEUE', 'live_queue');
 
+	/************* DB PATHS (PostgreSQL) *****************/
+	// schema names, can also be defined per <DB INFO>
+	DEFINE('PUBLIC_SCHEMA', 'public');
+	DEFINE('DEV_SCHEMA', 'public');
+	DEFINE('TEST_SCHEMA', 'public');
+
 	// non constant part
 	/************* DB ACCESS *****************/
 	// please be VERY carefull only to change the right side
@@ -145,8 +151,9 @@
 			"db_pass" => "<DB PASSWORD>",
 			"db_host" => "<DB HOST>",
 			"db_port" => "5432",
-			"db_schema" => "<DB SCHEMA>",
+			"db_schema" => "<DB SCHEMA>", // if not set, uses public
 			"db_type" => "pgsql",
+			"db_encoding" => '',
 			"db_ssl" => 'disable' // allow, disable, require, prefer
 		)
 	);
@@ -166,15 +173,11 @@
 //	$DB_URL_REDIRECT_HOST['<HOST NAME>'] = "<DB ID>";
 	// location flagging
 	// test/dev/live
-	$LOCATION['<HOST NAME>'] = 'test';
+	$LOCATION['<HOST NAME>'] = '<test|live|remote|etc>';
 	// show DEBUG override
 	// true/false
 	$DEBUG_FLAG['<HOST NAME>'] = true;
-	// schema names, can also be defined per <DB INFO>
-	DEFINE('PUBLIC_SCHEMA', 'public');
-	DEFINE('DEV_SCHEMA', 'public');
-	DEFINE('TEST_SCHEMA', 'public');
-    // and set to domain
+    // set postgresql paths (schemas)
     $DB_PATH['<HOST NAME>'] = PUBLIC_SCHEMA;
 
 	// set the USE_DATABASE var, if there is nothing set, we assume TRUE
@@ -207,6 +210,7 @@
 //	DEFINE('EXPORT_SCRIPT', $PATHS[TARGET]['perl_bin']);
 //	DEFINE('REDIRECT_URL', $PATHS[TARGET]['redirect_url']);
 	DEFINE('DEBUG', $DEBUG_FLAG[$HOST_NAME]);
+	DEFINE('SHOW_ALL_ERRORS', false); // show all errors if debug_all & show_error_handling are enabled
 
 	/************* GENERAL PAGE TITLE ********/
 	$G_TITLE = '<OVERALL PAGE TITLE>';
@@ -234,6 +238,16 @@
 		}
 	}
 
+	// turn off debug if debug flag is OFF
+	if (DEBUG == false)
+	{
+		$ECHO_ALL = 0;
+		$DEBUG_ALL = 0;
+		$PRINT_ALL = 0;
+		$DB_DEBUG = 0;
+		$ENABLE_ERROR_HANDLING = 0;
+	}
+
 	// any other global definitons here
 //	DEFINE('SOME_ID', <SOME VALUE>);
 

www/libs/Class.Admin.Backend.inc

@@ -8,7 +8,6 @@
 	*                   with your name on it ...
 	* DESCRIPTION
 	* Basic Admin interface backend
-	* - sets ACLs
 	* - sets action flags
 	* - menu creation
 	* - array vars for smarty
@@ -45,11 +44,8 @@
 		public $action_loaded;
 		public $action_value;
 		public $action_error;
-		// DEPRICATED -> use login acl
-//		public $page_acl; // the acl the user has on this page
-//		public $default_acl;
-		// DEPRICATED access rights
-//		public $access_rights = array ();
+		// ACL array variable if we want to set acl data from outisde
+		public $acl = array ();
 		// the current active edit access id
 		public $edit_access_id;
 		// error/warning/info messages
@@ -370,7 +366,8 @@
 			$string = $this->l->__('Year').' ';
 			$string .= '<select id="year'.$suffix.'" name="year'.$suffix.'" onChange="'.$on_change_call.'">';
 			for ($i = date("Y"); $i <= $max_year; $i ++)
-			{                  $string .= '<option value="'.$i.'" '.(($year == $i) ? 'selected' : '').'>'.$i.'</option>';
+			{
+				$string .= '<option value="'.$i.'" '.(($year == $i) ? 'selected' : '').'>'.$i.'</option>';
 			}
 			$string .= '</select> '.$this->l->__('Month').' ';
 			$string .= '<select id="month'.$suffix.'" name="month'.$suffix.'" onChange="'.$on_change_call.'">';

www/libs/Class.Basic.inc

@@ -36,7 +36,7 @@
 	* PUBLIC METHODS
 	*	debug -> calls with "level", "string" and flag to turn off (0) the newline at the end
 	*	debug_for -> sets debug on/off for a type (error, echo, print) for a certain level
-    *	print_error_msg -> prints out the error message, optional parameter is a header prefix
+	*	print_error_msg -> prints out the error message, optional parameter is a header prefix
 	*	fdebug -> prints line directly to debug_file.log in tmp
 	*
 	* 	print_time -> prints time + microtime, optional flag to turn off (0) microtime printout
@@ -530,8 +530,8 @@
 			$traces = debug_backtrace();
 			// extended info (later)
 			/*
-			 * $file   = $trace[$level]['file'];
-			 * $line   = $trace[$level]['line'];
+			 * $file = $trace[$level]['file'];
+			 * $line = $trace[$level]['line'];
 			 * $object = $trace[$level]['object'];
 			 * if (is_object($object)) { $object = get_class($object); }
 			 *
@@ -683,7 +683,7 @@
 				4096 => 'E_RECOVERABLE_ERROR', // since 5.2
 				8192 => 'E_DEPRICATED', // since 5.3
 				16384 => 'E_USER_DEPRICATED', // since 5.3
-				30719  => 'E_ALL' // 6143 in 5.2, 2047 in previous versions
+				30719 => 'E_ALL' // 6143 in 5.2, 2047 in previous versions
 			);
 
 			$fn = ROOT.LOG.'php_errors-'.date('Y-m-d').'.log';
@@ -813,7 +813,7 @@
 			if (preg_match("/\/\/$/", $_1) && preg_match("/^\//", $_2))
 			{
 				$_1 = '';
-				$target  = '';
+				$target = '';
 			}
 			else
 			{
@@ -943,7 +943,7 @@
 		//        haystack (search in)
 		//        key: the key to look for in
 		//        path: recursive call for previous path
-		// RETURN all array elements paths where the element  was found
+		// RETURN all array elements paths where the element was found
 		// DESCRIPTION
 		// recursive array search function, which returns all found not only the first one
 		public static function array_search_recursive_all($needle, $haystack, $key, $path = NULL)
@@ -1049,17 +1049,17 @@
 		}
 
 		// METHOD: ByteStringFormat
-		// PARAMS: int
+		// PARAMS: int bytes, boolean for space, default is set
 		// RETURN: string
 		// DESC:   converts bytes into formated string with KB, MB, etc
-		public static function ByteStringFormat($number)
+		public static function ByteStringFormat($number, $space = true)
 		{
 			if (is_numeric($number) && $number > 0)
 			{
 				// labels in order of size
 				$labels = array('B', 'KB', 'MB', 'GB', 'TB');
 				// calc file size, round down too two digits, add label based max change
-				return round($number / pow(1024, ($i = floor(log($number, 1024)))), 2).''.$labels[$i];
+				return round($number / pow(1024, ($i = floor(log($number, 1024)))), 2).($space ? ' ' : '').$labels[$i];
 			}
 			return $number;
 		}
@@ -1081,6 +1081,20 @@
 			return $number;
 		}
 
+		// METHOD: DateStringFormat
+		// PARAMS: unix timestamp, true/false to show microtime
+		// RETURN: string formated date+time in Y-M-D h:m:s
+		// DESC  : a simple wrapper for the date format
+		public static function DateStringFormat($timestamp, $show_micro = true)
+		{
+			list ($timestamp, $ms) = explode('.', round($timestamp, 4));
+			if ($show_micro)
+				$string = date("Y-m-d H:i:s", $timestamp).' '.$ms.'ms';
+			else
+				$string = date("Y-m-d H:i:s", $timestamp);
+			return $string;
+		}
+
 		// METHOD: TimeStringFormat
 		// PARAMS: seconds
 		// RETURN: formated time string

www/libs/Class.DB.Array.IO.inc

@@ -444,7 +444,7 @@ $this->debug('write_check', "[$column][".$this->table_array[$column]["value"]."]
 						if ($addslashes)
 							$q_data .= $this->db_escape_string($this->convert_entities($this->table_array[$column]["value"]));
 						else
-							$q_data .= addslashes($this->table_array[$column]["value"]);
+							$q_data .= $this->db_escape_string($this->table_array[$column]["value"]);
 						$q_data .= "'";
 					}
 				}
@@ -491,7 +491,7 @@ $this->debug('write_check', "[$column][".$this->table_array[$column]["value"]."]
 			{
 				$q = "INSERT INTO ".$this->table_name." ";
 				$q .= "(".$q_vars.") ";
-				$q .=  "VALUES (".$q_data.")";
+				$q .= "VALUES (".$q_data.")";
 				// write primary key too
 /*				if ($q_data)
 					$q .= ", ";

www/libs/Class.Form.Generate.inc

@@ -886,8 +886,7 @@
 				{
 					// each error check can be a piped seperated value, lets split it
 //$this->debug('edit', $value["error_check"]);
-					$error_checks = explode("|", $value["error_check"]);
-					foreach ($error_checks as $error_check)
+					foreach (explode('|', $value["error_check"]) as $error_check)
 					{
 						switch ($error_check)
 						{
@@ -914,7 +913,7 @@
 								break;
 							// check unique, check if field in table is not yet exist
 							case "unique":
-								$q = "SELECT ".$key." FROM ".$this->table_name." WHERE ".$key." = '".addslashes($this->table_array[$key]["value"])."'";
+								$q = "SELECT ".$key." FROM ".$this->table_name." WHERE ".$key." = '".$this->db_escape_string($this->table_array[$key]["value"])."'";
 								if ($this->table_array[$this->int_pk_name]["value"])
 									$q .= " AND ".$this->int_pk_name." <> ".$this->table_array[$this->int_pk_name]["value"];
 								list($$key) = $this->db_return_row($q);
@@ -925,6 +924,11 @@
 								if (!preg_match($this->table_array[$key]["error_regex"], $this->table_array[$key]["value"]))
 									$this->msg .= sprintf($this->l->__("Please enter a valid (%s) input for the <b>%s</b> Field!<br>"), $this->table_array[$key]["error_example"], $this->table_array[$key]["output_name"]);
 								break;
+							case "alphanumericspace":
+//$this->debug('edit', 'IN Alphanumericspace');
+								if (!preg_match("/^[0-9A-Za-z\ ]+$/", $this->table_array[$key]["value"]))
+									$this->msg .= sprintf($this->l->__("Please enter a valid alphanumeric (Numbers and Letters, spaces allowed) value for the <b>%s</b> Field!<br>"), $this->table_array[$key]["output_name"]);
+								break;
 							case "alphanumeric":
 //$this->debug('edit', 'IN Alphanumeric');
 								if (!preg_match("/^[0-9A-Za-z_\-]+$/", $this->table_array[$key]["value"]))
@@ -932,7 +936,7 @@
 								break;
 							// this one also allows @ and .
 							case "alphanumericextended":
-//$this->debug('edit', 'IN Alphanumeric');
+//$this->debug('edit', 'IN Alphanumericextended');
 								if (!preg_match("/^[0-9A-Za-z_\-@\.]+$/", $this->table_array[$key]["value"]))
 									$this->msg .= sprintf($this->l->__("Please enter a valid alphanumeric extended (Numbers, Letters, -,  _, @ and . only, no spaces) value for the <b>%s</b> Field!<br>"), $this->table_array[$key]["output_name"]);
 								break;
@@ -950,13 +954,13 @@
 				// if mandatory && no input
 				else if ($value["mandatory"] &&
 							(
-								   // for all "normal" fields
-								   ($this->table_array[$key]["type"] != "password" && $this->table_array[$key]["type"] != "drop_down_db_input" && !$this->table_array[$key]["value"]) || 
-								   // for drop_down_db_input check if one of both fields filled
-								   ($this->table_array[$key]["type"] == "drop_down_db_input" && !$this->table_array[$key]["input_value"] && !$this->table_array[$key]["value"]) ||
-								   // for password
-								   ($this->table_array[$key]["type"] == "password" && !$this->table_array[$key]["value"] && !$this->table_array[$key]["HIDDEN_value"])
-							  )
+								// for all "normal" fields
+								($this->table_array[$key]["type"] != "password" && $this->table_array[$key]["type"] != "drop_down_db_input" && !$this->table_array[$key]["value"]) ||
+								// for drop_down_db_input check if one of both fields filled
+								($this->table_array[$key]["type"] == "drop_down_db_input" && !$this->table_array[$key]["input_value"] && !$this->table_array[$key]["value"]) ||
+								// for password
+								($this->table_array[$key]["type"] == "password" && !$this->table_array[$key]["value"] && !$this->table_array[$key]["HIDDEN_value"])
+							)
 						) // main if end
 				{
 //$this->debug('form', "A: ".$this->table_array[$key]["type"]." -- ".$this->table_array[$key]["input_value"]." -- ".$this->table_array[$key]["value"]);
@@ -992,12 +996,20 @@
 				}
 			}
 //$this->debug('edit_error', "QS: <pre>".print_r($_POST, 1)."</pre>");
-            if (is_array($this->element_list))
+			if (is_array($this->element_list))
 			{
 				// check the mandatory stuff
 				// if mandatory, check that at least on pk exists or if at least the mandatory field is filled
 				while (list($table_name, $reference_array) = each($this->element_list))
 				{
+					// set pk/fk id for this
+					foreach ($reference_array['elements'] as $_name => $_data)
+					{
+						if ($_data['pk_id'])
+							$_pk_name = $_name;
+						if ($_data['fk_id'])
+							$_fk_name = $_name;
+					}
 					// get the leasy of keys from the elements array
 					$keys = array_keys($reference_array["elements"]);
 					// prefix
@@ -1025,10 +1037,8 @@
 							{
 								$mand_okay = 1;
 							}
-						// we found a mandatory field. check now if one is set to satisfy the main mandatory
-						// also check, if this field is mandatory and its not set, but any other, throw an error
-//						for ($i = 0; $i < count($_POST[$prfx.$el_name]); $i ++)
-//						{
+							// we found a mandatory field. check now if one is set to satisfy the main mandatory
+							// also check, if this field is mandatory and its not set, but any other, throw an error
 //$this->debug('edit_error_chk', "RG error - Data[".$prfx.$el_name.": ".$_POST[$prfx.$el_name][$i]." | ".$_POST[$prfx.$el_name]." - ".$reference_array['enable_name']." - ".$_POST[$reference_array['enable_name']][$_POST[$prfx.$el_name][$i]]);
 							if ($data_array["mandatory"] && $_POST[$prfx.$el_name][$i])
 							{
@@ -1053,9 +1063,30 @@
 							{
 								$row_okay[$i] = 0;
 							}
-
-//						}
-
+							// do optional error checks like for normal fields
+							// currently active: unique/alphanumeric
+							if ($data_rray['error_check'])
+							{
+								foreach (explode('|', $value["error_check"]) as $error_check)
+								{
+									switch ($error_check)
+									{
+										// check unique, check if field in table is not yet exist
+										case "unique":
+											$q = "SELECT ".$_pk_name." FROM ".$table_name." WHERE ".$el_name." = '".$this->db_escape_string($_POST[$prfx.$el_name][$i])."'";
+											if ($this->table_array[$this->int_pk_name]["value"])
+												$q .= " AND ".$this->int_pk_name." <> ".$this->table_array[$this->int_pk_name]["value"];
+											list($$key) = $this->db_return_row($q);
+											if ($$key)
+												$this->msg .= sprintf($this->l->__("The field <b>%s</b> in row <b>%s</b> can be used only once!<br>"), $reference_array["output_name"], $i);
+											break;
+										case "alphanumericspace":
+											if (!preg_match("/^[0-9A-Za-z\ ]+$/", $_POST[$prfx.$el_name][$i]))
+												$this->msg .= sprintf($this->l->__("Please enter a valid alphanumeric (Numbers and Letters, spaces allowed) value for the <b>%s</b> Field and row <b>%s</b>!<br>"), $reference_array["output_name"], $i);
+											break;
+									}
+								}
+							}
 						} // if main mandatory
 					}
 
@@ -1198,7 +1229,7 @@
 				{
 //$this->debug('form', "HERE");
 					// check if this text name already exists (lowercase compare)
-					$q = "SELECT ".$this->table_array[$key]["pk_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".addslashes(strtolower($this->table_array[$key]["input_value"]))."'";
+					$q = "SELECT ".$this->table_array[$key]["pk_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".$this->db_escape_string(strtolower($this->table_array[$key]["input_value"]))."'";
 					// if a where was given, add here
 					if ($this->table_array[$key]["where"])
 						$q .= " AND ".$this->table_array[$key]["where"];
@@ -1212,7 +1243,7 @@
 						// if a where was given, set this key also [dangerous!]
 						
 						// postgreSQL compatible insert
-						$q = "INSERT INTO ".$this->table_array[$key]["table_name"]." (".$this->table_array[$key]["input_name"].") VALUES ('".addslashes($this->table_array[$key]["input_value"])."')";
+						$q = "INSERT INTO ".$this->table_array[$key]["table_name"]." (".$this->table_array[$key]["input_name"].") VALUES ('".$this->db_escape_string($this->table_array[$key]["input_value"])."')";
 						$this->db_exec($q);
 						if ($this->table_array[$key]["where"])
 						{
@@ -1233,7 +1264,7 @@
 					if ($this->table_array[$key]["input_value"] != $this->table_array[$key]["value"])
 					{
 						// check if "right input" is in DB
-						$q = "SELECT ".$this->table_array[$key]["input_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".strtolower(addslashes($this->table_array[$key]["input_value"]))."'";
+						$q = "SELECT ".$this->table_array[$key]["input_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".strtolower($this->db_escape_string($this->table_array[$key]["input_value"]))."'";
 						// if a where was given, add here
 						if ($this->table_array[$key]["where"])
 							$q .= " AND ".$this->table_array[$key]["where"];
@@ -1352,6 +1383,8 @@
 					// check if there is a hidden key, update, else insert
 					while (list($el_name, $data_array) = each($reference_array["elements"]))
 					{
+						// this is only for reference_data part, at least one of the text fields need to be set for writing
+						$blow_write = array ();
 //$this->debug('edit_error_query', "QUERY: ".$this->print_ar($_POST));
 						// go through all submitted data
 //						for ($i = 0; $i < count($_POST[$el_name]); $i ++)
@@ -1367,6 +1400,16 @@
 							{
 								$no_write[$i] = 1;
 							}
+							// flag if data is in the text field and we are in a reference data set
+							if ($reference_array['type'] == 'reference_data' )
+							{
+								if ($data_array['type'] == 'text' && $_POST[$prfx.$el_name][$i])
+									$block_write[$i] = 1;
+							}
+							else
+							{
+								$block_write[$i] = 1;
+							}
 							// set type and boundaries for insert/update
 							if ($data_array["pk_id"] && $_POST[$prfx.$el_name][$i])
 							{
@@ -1383,19 +1426,24 @@
 							}
 							// write all data (insert/update) because I don't know until all are processed if it is insert or update
 							// don't write primary key backup for update
-$this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prfx.$el_name][$i]." {".$_POST[$prfx.$el_name]."} | Type: ".$type[$i]." | PK: ".$data_array["pk_id"]." ");
-							if (!$data_array["pk_id"])
+							// for reference_data type, only write if at least one text type field is set
+//$this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prfx.$el_name][$i]." | Type: ".$type[$i]." | PK: ".$data_array["pk_id"].", Block write: ".$block_write[$i]);
+							// only add elements that are not PK or FK flaged
+							if (!$data_array['pk_id'] && !$data_array['fk_id'])
 							{
-								// update
+								// update data list
 								if (strlen($q_data[$i]))
 									$q_data[$i] .= ", ";
-								// insert
+								// insert name part list
 								if ($q_names[$i])
 									$q_names[$i] .= ", ";
-								$q_names[$i] .= $el_name;
+								// insert value part list
 								if (strlen($q_values[$i]))
 									$q_values[$i] .= ", ";
-								// data part
+								// insert column name add
+								$q_names[$i] .= $el_name;
+								// data part, read from where [POST]
+								// radio group selections (only one can be active)
 								if ($data_array['type'] == 'radio_group')
 								{
 									if ($i == $_POST[$prfx.$el_name])
@@ -1407,10 +1455,11 @@ $this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prf
 								{
 									$_value = $_POST[$prfx.$el_name][$i];
 								}
+								// pre write data set. if int value, unset flagged need to be set null or 0 depending on settings
 								if ($data_array['int'] || $data_array['int_null'])
 								{
 									if (!$_value && $data_array['int_null'])
-										$value = 'NULL';
+										$_value = 'NULL';
 									elseif (!isset($_value))
 										$_value = 0;
 									$q_data[$i] .= $el_name." = ".$_value;
@@ -1418,27 +1467,31 @@ $this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prf
 								}
 								else
 								{
-									$q_data[$i] .= $el_name." = '".addslashes($_value)."'";
-									$q_values[$i] .= "'".addslashes($_value)."'";
+									// normal data gets escaped
+									$q_data[$i] .= $el_name." = '".$this->db_escape_string($_value)."'";
+									$q_values[$i] .= "'".$this->db_escape_string($_value)."'";
 								}
 							}
 						}
 					} // eche table elements
+					// finalize the queries, add FK key reference for inserts and run the query
 					for ($i = 0; $i < count($type); $i ++)
 					{
+						$q = '';
 						if (!$no_write[$i])
 						{
 							if ($type[$i] == "update")
 							{
 								$q = $q_begin[$i].$q_data[$i].$q_end[$i];
 							}
-							else
+							elseif ($block_write[$i])
 							{
 								$q = $q_begin[$i].$q_names[$i].", ".$this->int_pk_name.$q_middle[$i].$q_values[$i].", ".$this->table_array[$this->int_pk_name]["value"].$q_end[$i];
 							}
-//$this->debug('edit', "Q: ".$q."<br>");
+$this->debug('edit', "Pos[$i] => ".$type[$i]." Q: ".$q."<br>");
 							// write the dataset
-							$this->db_exec($q);
+							if ($q)
+								$this->db_exec($q);
 						}
 					} // for each created query
 				} // each element list
@@ -1544,42 +1597,52 @@ $this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prf
 		// PARAMS show which element list
 		// RETURN array for output
 		// DESC   create list of elements next to each other for a group of data in an input field
+		//        this currently only works for a list that is filled from a sub table and creates only a connection to this one
+		//        new version will allow a sub list with free input fields to directly fill a sub table to a master table
 		public function form_create_element_list_table($table_name)
 		{
+			// output name for the viewable left table td box, prefixed with * if mandatory
 			$output_name = $this->element_list[$table_name]["output_name"];
 			if ($this->element_list[$table_name]["mandatory"])
 				$output_name .= ' *';
 			// delete button name, if there is one set
 			if ($this->element_list[$table_name]["delete_name"])
 				$data['delete_name'] = $this->element_list[$table_name]["delete_name"];
-			// set the enable checkbox name if there is one
+			// set the enable checkbox for delete, if the delete flag is given if there is one
 			if ($this->element_list[$table_name]["enable_name"])
 			{
 				$data['enable_name'] = $this->element_list[$table_name]["enable_name"];
 				if ($this->element_list[$table_name]["delete"])
 					$data['delete'] = 1;
 			}
+			// prefix for the elements, to not collide with names in the master set
 			if ($this->element_list[$table_name]["prefix"])
 				$data["prefix"] = $this->element_list[$table_name]["prefix"]."_";
+			// the sub data table name
 			$data['table_name'] = $table_name;
-			$pos = 0; // position in while for overwrite if needed
+
 			// build the select part
 			if (!is_array($this->element_list[$table_name]["elements"]))
 				$this->element_list[$table_name]["elements"] = array ();
 			reset($this->element_list[$table_name]["elements"]);
 			// generic data read in (counts for all rows)
+			// visible list data output
 			while (list($el_name, $data_array) = each($this->element_list[$table_name]["elements"]))
 			{
-				$_el_name = $el_name;
-				$el_name = $data["prefix"].$el_name;
+//				$this->debug('CFG', 'El: '.$el_name.' -> '.$this->print_ar($data_array));
 				// if the element name matches the read array, then set the table as a name prefix
-				$q_select[] = $_el_name; // this is for reading the data
+				$q_select[] = $el_name; // this is for reading the data
+				// prefix the name for any further data parts
+				$el_name = $data["prefix"].$el_name;
 				$data['output_name'][$el_name] = $data_array["output_name"]; // this are the output names (if given)
 				$data['type'][$el_name] = $data_array["type"]; /// this is the type of the field
 				// set the primary key name
 				if ($data_array['pk_id'])
 					$data['pk_name'] = $el_name;
-				// if drop down db read data for element list
+				if ($data_array['fk_id'])
+					$data['fk_name'] = $el_name;
+				// if drop down db read data for element list from the given sub table as from the query
+				// only two elements are allowed: pos 0 is key, pso 1 is visible output name
 				if ($data_array['type'] == 'drop_down_db')
 				{
 					$md_q = md5($data_array['query']);
@@ -1594,57 +1657,80 @@ $this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prf
 						$data['output_data'][$el_name][] = $res[1];
 					}
 				}
-				else
+				elseif ($data_array["element_list"])
 				{
 					$data['element_list'][$el_name] = $data_array["element_list"]; // this is for the checkboxes
 				}
 				$proto[$el_name] = ($this->error) ? $_POST[$el_name][(count($_POST[$el_name]) - 1)] : ''; // this is for the new line
 			}
+//			$this->debug('CFG DATA', 'Data: '.$this->print_ar($data));
+//			$this->debug('CFG PROTO', 'Proto: '.$this->print_ar($proto));
+//			$this->debug('CFG SELECT', 'Proto: '.$this->print_ar($q_select));
 			// query for reading in the data
 //$this->debug('edit_error', "ERR: ".$this->error);
 			// if we got a read data, build the read select for the read, and read out the "selected" data
 			if ($this->element_list[$table_name]["read_data"])
 			{
-				array_unshift($q_select, $this->element_list[$table_name]["read_data"]["name"]);
+				// we need a second one for the query build only
+				// prefix all elements with the $table name
+				foreach ($q_select as $_pos => $element)
+				{
+					$_q_select[$_pos] = $table_name.'.'.$element;
+				}
+				// add the read names in here, prefix them with the table name
+				// earch to read part is split by |
+				if ($this->element_list[$table_name]["read_data"]["name"])
+				{
+					foreach (explode('|', $this->element_list[$table_name]["read_data"]["name"]) as $read_name)
+					{
+						array_unshift($_q_select, $this->element_list[$table_name]["read_data"]["table_name"].'.'.$read_name);
+						array_unshift($q_select, $read_name);
+					}
+				}
 				// set the rest of the data so we can print something out
 				$data['type'][$data["prefix"].$this->element_list[$table_name]["read_data"]["name"]] = 'string';	
 				// build the read query
 				$q = "SELECT ";
 //				if (!$this->table_array[$this->int_pk_name]["value"])
 //					$q .= "DISTINCT ";
-				// prefix join key with table name
-				$q .= str_replace($this->element_list[$table_name]["read_data"]["pk_id"], $this->element_list[$table_name]["read_data"]["table_name"].".".$this->element_list[$table_name]["read_data"]["pk_id"], implode(", ", $q_select))." ";
+				// prefix join key with table name, and implode the query select part
+				$q .= str_replace($table_name.'.'.$this->element_list[$table_name]["read_data"]["pk_id"], $this->element_list[$table_name]["read_data"]["table_name"].'.'.$this->element_list[$table_name]["read_data"]["pk_id"], implode(', ', $_q_select)).' ';
 //				if (!$this->table_array[$this->int_pk_name]["value"] && $this->element_list[$table_name]["read_data"]["order"])
 //					$q .= ", ".$this->element_list[$table_name]["read_data"]["order"]." ";
+				// read from the read table as main, and left join to the sub table to read the actual data
 				$q .= "FROM ".$this->element_list[$table_name]["read_data"]["table_name"]." ";
 				$q .= "LEFT JOIN ".$table_name." ";
 				$q .= "ON (";
 				$q .= $this->element_list[$table_name]["read_data"]["table_name"].".".$this->element_list[$table_name]["read_data"]["pk_id"]." = ".$table_name.".".$this->element_list[$table_name]["read_data"]["pk_id"]." ";
 //				if ($this->table_array[$this->int_pk_name]["value"])
-				$q .= "AND ".$this->int_pk_name." = ".(($this->table_array[$this->int_pk_name]["value"]) ? $this->table_array[$this->int_pk_name]["value"] : 'NULL')." ";
+				$q .= "AND ".$table_name.".".$this->int_pk_name." = ".(($this->table_array[$this->int_pk_name]["value"]) ? $this->table_array[$this->int_pk_name]["value"] : 'NULL')." ";
 				$q .= ") ";
 				if ($this->element_list[$table_name]["read_data"]["order"])
-					$q .= " ORDER BY ".$this->element_list[$table_name]["read_data"]["order"];
+					$q .= " ORDER BY ".$this->element_list[$table_name]["read_data"]["table_name"].'.'.$this->element_list[$table_name]["read_data"]["order"];
 			}
 			else
 			{
 				// only create query if we have a primary key
+				// reads directly from the reference table
 				if ($this->table_array[$this->int_pk_name]["value"])
 					$q = "SELECT ".implode(", ", $q_select)." FROM ".$table_name." WHERE ".$this->int_pk_name." = ".$this->table_array[$this->int_pk_name]["value"];
 			}
+//			$this->debug('CFG QUERY', 'Q: '.$q);
 			// only run if we have query strnig
 			if ($q)
 			{
+				$pos = 0; // position in while for overwrite if needed
 				// read out the list and add the selected data if needed
 				while ($res = $this->db_return($q))
 				{
+					$_data = array ();
 					$prfx = $data["prefix"]; // short
 					// go through each res
 					for ($i = 0; $i < count($q_select); $i ++)
 					{
 						// query select part, set to the element name
 						$el_name = $q_select[$i];
-//$this->debug('edit_error', "[$i] POS[$prfx$el_name]: ".$_POST[$prfx.$el_name][$pos]." | RES: ".$res[$el_name]);
+//$this->debug('edit_error', "[$i] ELNAME: $el_name | POS[$prfx$el_name]: ".$_POST[$prfx.$el_name][$pos]." | RES: ".$res[$el_name]);
 						// if we have an error, we take what we have in the vars, if not we take the data from the db
 						if ($this->error)
 						{
@@ -1669,6 +1755,44 @@ $this->debug('edit_error', "I: $i | EL Name: $prfx$el_name | Data: ".$_POST[$prf
 					unset($_data);
 				}
 			}
+			// if this is normal single reference data check the content on the element count
+			// if there is a max_empty is set, then fill up new elements (unfilled) until we reach max empty
+			if ($this->element_list[$table_name]['type'] == 'reference_data' && is_numeric($this->element_list[$table_name]['max_empty']) && $this->element_list[$table_name]['max_empty'] > 0)
+			{
+				// if the max empty is bigger than 10, just cut it to ten at the moment
+				if ($this->element_list[$table_name]['max_empty'] > 10)
+					$this->element_list[$table_name]['max_empty'] = 10;
+				// check if we need to fill fields
+				$element_count = count($data['content']);
+				$missing_empty_count = $this->element_list[$table_name]['max_empty'] - count($data['content']);
+				$this->debug('CFG MAX', 'Max empty: '.$this->element_list[$table_name]['max_empty'].', Missing: '.$missing_empty_count.', Has: '.$element_count);
+				// set if we need more open entries or if we do not have any entries yet
+				if (($missing_empty_count < $this->element_list[$table_name]['max_empty']) || $element_count == 0)
+				{
+					for ($pos = count($data['content']); $pos <= ($this->element_list[$table_name]['max_empty'] + $element_count); $pos ++)
+					{
+						$_data = array ();
+
+						// the fields that need to be filled are in data->type array:
+						// pk fields are unfilled
+						// fk fields are filled with the fk_id "int_pk_name" value
+						foreach ($data['type'] as $el_name => $type)
+						{
+							$_data[$el_name] = '';
+							if ($el_name == $data['pk_name'])
+							{
+							}
+							elseif ($el_name == $data['fk_name'])
+							{
+								$_data[$el_name] = $this->table_array[$this->int_pk_name]["value"];
+							}
+						}
+						$data['content'][] = $_data;
+						$data['pos'][] = array(0 => $pos); // this is for the checkboxes
+					}
+				}
+			}
+
 			// push in an empty line of this type, but only if we have a delete key
 			if ($data['delete_name'])
 				$data['content'][] = $proto;

www/libs/Class.Login.inc

@@ -80,16 +80,7 @@
 		private $login_template = array ('strings' => array (), 'password_change' => '', 'template' => '');
 
 		// acl vars
-		public $acl = array (
-			'acl' => array (
-				'user' => array (),
-				'page' => array (),
-				'edit_access' => array ()
-			),
-			'info' => array (
-				'edit_access' => array ()
-			)
-		);
+		public $acl = array ();
 		public $default_acl_list = array ();
 
 		// METHOD: login
@@ -172,17 +163,17 @@
 				"class_author" => "cs/gullevek/at"
 			);
 
+			// init default ACL list array
+			$_SESSION['DEFAULT_ACL_LIST'] = array ();
 			// read the current edit_access_right list into an array
 			$q = "SELECT level, type, name FROM edit_access_right WHERE level >= 0 ORDER BY level";
 			while ($res = $this->db_return($q))
 			{
-				// level to description format
+				// level to description format (numeric)
 				$this->default_acl_list[$res['level']] = array (
 					'type' => $res['type'],
 					'name' => $res['name']
 				);
-				// format type (eg read) => acl number (eg 20)
-				$this->default_acl_list[$res['type']] = $res['level'];
 			}
 			// write that into the session
 			$_SESSION['DEFAULT_ACL_LIST'] = $this->default_acl_list;
@@ -404,7 +395,7 @@
 								$_SESSION["PAGES"] = $pages;
 								$_SESSION["PAGES_ACL_LEVEL"] = $pages_acl;
 								// load the edit_access user rights
-								$q = "SELECT ea.edit_access_id, level, type, ea.name, ea.color, edit_default ";
+								$q = "SELECT ea.edit_access_id, level, type, ea.name, ea.color, ea.uid, edit_default ";
 								$q .= "FROM edit_access_user eau, edit_access_right ear, edit_access ea ";
 								$q .= "WHERE eau.edit_access_id = ea.edit_access_id AND eau.edit_access_right_id = ear.edit_access_right_id AND eau.enabled = 1 AND edit_user_id = ".$this->euid." ";
 								$q .= "ORDER BY ea.name";
@@ -413,16 +404,28 @@
 								$unit_acl = array();
 								while ($res = $this->db_return($q))
 								{
+									// read edit access data fields and drop them into the unit access array
+									$q_sub ="SELECT name, value FROM edit_access_data WHERE enabled = 1 edit_access_id = ".$res['edit_access_id'];
+									$ea_data = array ();
+									while ($res_sub = $this->db_return($q_sub))
+									{
+										$ea_data[$res_sub['name']] = $res_sub['value'];
+									}
+									// build master unit array
 									$unit_access[$res['edit_access_id']] = array (
 										"id" => $res['edit_access_id'],
 										"acl_level" => $res["level"],
 										"acl_type" => $res["type"],
 										"name" => $res["name"],
+										"uid" => $res['uid'],
 										"color" => $res["color"],
-										"default" => $res["edit_default"]
+										"default" => $res["edit_default"],
+										'data' => $ea_data
 									);
+									// set the default unit
 									if ($res['edit_default'])
 										$_SESSION["UNIT_DEFAULT"] = $res['edit_access_id'];
+									// sub arrays for simple access
 									array_push($eauid, $res['edit_access_id']);
 									$unit_acl[$res['edit_access_id']] = $res['level'];
 								}
@@ -526,94 +529,110 @@
 		// DESC  : sets all the basic ACLs
 		//         init set the basic acl the user has, based on the following rules
 		//         * init set from config DEFAULT ACL
-		//         * if group ACL is set, it overrides the default ACL
-		//         * if page ACL is set, it overrides the group ACL
-		//         * if user ACL is set, it overrides the page ACL
+		//         * if page ACL is set, it overrides the default ACL
+		//         * if group ACL is set, it overrides the page ACL
+		//         * if user ACL is set, it overrides the group ACL
 		//         set the page ACL
 		//         * default ACL set
 		//         * set group ACL if not default overrides default ACL
 		//         * set page ACL if not default overrides group ACL
-		//         set edit access ACL an set default edit access group
+		//         set edit access ACL and set default edit access group
 		//         * if an account ACL is set, set this parallel, account ACL overrides user ACL if it applies
 		//         * if edit access ACL level is set, use this, else use page
 		//         set all base ACL levels as a list keyword -> ACL number
 		public function login_set_acl()
 		{
-			// set the mastser user id
-			$this->acl['info']['euid'] = $_SESSION['EUID'];
-			// set admin flag, if this is on, all ACLs are set 100
-			if ($_SESSION['ADMIN'])
-				$this->acl['info']['admin'] = 1;
-			else
-				$this->acl['info']['admin'] = 0;
-			$this->acl['acl']['admin'] = $this->acl['info']['admin'];
+			// we start with the default acl
+			$this->acl['base'] = DEFAULT_ACL_LEVEL;
 
-			if (!$this->acl['info']['admin'])
+			// set admin flag and base to 100
+			if ($_SESSION['ADMIN'])
 			{
-				// this is the base if nothing is set
-				$this->acl['acl']['user'] = DEFAULT_ACL_LEVEL; // old base ACL
-				$this->acl['acl']['max'] = DEFAULT_ACL_LEVEL;
+				$this->acl['admin'] = 1;
+				$this->acl['base'] = 100;
+			}
+			else
+			{
+				// now go throw the flow and set the correct ACL
+				// user > page > group
 				// group ACL 0
 				if ($_SESSION['GROUP_ACL_LEVEL'] != -1)
 				{
-					$this->acl['acl']['user'] = $_SESSION['GROUP_ACL_LEVEL'];
-					if ($this->acl['acl']['user'] > $this->acl['acl']['max'])
-						$this->acl['acl']['max'] = $this->acl['acl']['user'];
+					$this->acl['base'] = $_SESSION['GROUP_ACL_LEVEL'];
 				}
-				// page ACL 2
+				// page ACL 1
 				if ($_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1)
 				{
-					$this->acl['acl']['user'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
-					if ($this->acl['acl']['user'] > $this->acl['acl']['max'])
-						$this->acl['acl']['max'] = $this->acl['acl']['user'];
+					$this->acl['base'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
 				}
-				// user ACL 1
+				// user ACL 2
 				if ($_SESSION['USER_ACL_LEVEL'] != -1)
 				{
-					$this->acl['acl']['user'] = $_SESSION['USER_ACL_LEVEL'];
-					if ($this->acl['acl']['user'] > $this->acl['acl']['max'])
-						$this->acl['acl']['max'] = $this->acl['acl']['user'];
+					$this->acl['base'] = $_SESSION['USER_ACL_LEVEL'];
 				}
 			}
-			else
-			{
-				// if admin is on, level is 100 (admin)
-				$this->acl['acl']['user'] = 100;
-				$this->acl['acl']['max'] = 100;
-			}
+
 			// set the current page acl
 			// start with default acl
-			// set group if not -1
-			// set page if not -1, overrides groug
-			$this->acl['acl']['page'] = DEFAULT_ACL_LEVEL;
+			// set group if not -1, overrides default
+			// set page if not -1, overrides group set
+			$this->acl['page'] = DEFAULT_ACL_LEVEL;
 			if ($_SESSION['GROUP_ACL_LEVEL'] != -1)
 			{
-				$this->acl['acl']['page'] = $_SESSION['GROUP_ACL_LEVEL'];
+				$this->acl['page'] = $_SESSION['GROUP_ACL_LEVEL'];
 			}
 			if ($_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1)
 			{
-				$this->acl['acl']['page'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
+				$this->acl['page'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
 			}
+
 			// PER ACCOUNT (UNIT/edit access)->
-			foreach ($_SESSION['UNIT'] as $unit)
+			foreach ($_SESSION['UNIT'] as $ea_id => $unit)
 			{
-				// set edit access acl, unless admin, then it is default 100
-				$this->acl['acl']['edit_access'][$unit['id']] = !$this->acl['info']['admin'] ? ($unit['acl_level'] != -1 ? $unit['acl_level'] : $this->acl['acl']['page']) : 100;
-				$this->acl['info']['edit_access'][$unit['id']] = $unit['name'];
+				// if admin flag is set, all units are set to 100
+				if ($this->acl['admin'])
+				{
+					$this->acl['unit'][$ea_id] = $this->acl['base'];
+				}
+				else
+				{
+					if ($unit['acl_level'] != -1)
+						$this->acl['unit'][$ea_id] = $unit['acl_level'];
+					else
+						$this->acl['unit'][$ea_id] = $this->acl['base'];
+				}
+				// detail name/level set
+				$this->acl['unit_detail'][$ea_id] = array (
+					'name' => $unit['name'],
+					'uid' => $unit['uid'],
+					'level' => $this->default_acl_list[$this->acl['unit'][$ea_id]]['name'],
+					'default' => $unit['default'],
+					'data' => $unit['data']
+				);
+				// set default
+				if ($unit['default'])
+				{
+					$this->acl['unit_id'] = $unit['id'];
+					$this->acl['unit_name'] = $unit['name'];
+					$this->acl['unit_uid'] = $unit['uid'];
+				}
 			}
 			// flag if to show extra edit access drop downs (because user has multiple groups assigned)
 			if (count($_SESSION['UNIT']) > 1)
-				$this->acl['acl']['show_ea_extra'] = 1;
+				$this->acl['show_ea_extra'] = 1;
 			else
-				$this->acl['acl']['show_ea_extra'] = 0;
+				$this->acl['show_ea_extra'] = 0;
 			// set the default edit access
-			$this->acl['info']['default_edit_access'] = $_SESSION['UNIT_DEFAULT'];
-			// integrate the default_acl list, but only for the keyword -> level
-			foreach ($this->default_acl_list as $key => $value)
+			$this->acl['default_edit_access'] = $_SESSION['UNIT_DEFAULT'];
+			// integrate the type acl list, but only for the keyword -> level
+			foreach ($this->default_acl_list as $level => $data)
 			{
-				if (!is_numeric($key))
-					$this->acl['list'][$key] = $value;
+				$this->acl['min'][$data['type']] = $level;
 			}
+			// set the full acl list too
+			$this->acl['acl_list'] = $_SESSION['DEFAULT_ACL_LIST'];
+			// debug
+//			$this->debug('ACL', $this->print_ar($this->acl));
 		}
 
 		// METHOD: login_check_edit_access
@@ -622,7 +641,7 @@
 		// DESC  : checks if this edit access id is valid
 		public function login_check_edit_access($edit_access_id)
 		{
-			if (array_key_exists($edit_access_id, $this->acl['info']['edit_access']))
+			if (array_key_exists($edit_access_id, $this->acl['unit']))
 				return true;
 			else
 				return false;
@@ -657,7 +676,7 @@
 							$data = 'User could not be found';
 						}
 					}
-					// check old passwords match ->  error
+					// check old passwords match -> error
 					if (!$this->login_error)
 					{
 						$q = "SELECT edit_user_id FROM edit_user WHERE enabled = 1 AND username = '".$this->db_escape_string($this->pw_username)."' AND password = '".$this->db_escape_string($this->pw_old_password)."'";
@@ -1011,5 +1030,17 @@ EOM;
 				return $edit_access_id;
 		}
 
+		// METHOD: login_set_edit_access_data
+		// PARAMS: edit access id, key value to search for
+		// RETURN: false for not found or string for found data
+		// DESC  : searchs in the data set for the unit for the data key and returns the value asociated with it
+		public function login_set_edit_access_data($edit_access_id, $data_key)
+		{
+			if (!$_SESSION['UNIT'][$edit_access_id]['data'][$data_key])
+				return false;
+			else
+				return $_SESSION['UNIT'][$edit_access_id]['data'][$data_key];
+		}
+
 	} // close class
 ?>

www/libs/Class.Progressbar.inc

@@ -102,7 +102,6 @@ class ProgressBar
 				$bar = $this->height;
 				break;
 		}
-    
 		// avoid divison through 0
 		if ($this->max - $this->min == 0)
 			$this->max ++;
@@ -557,7 +556,6 @@ class ProgressBar
 		$this->_setStep($step);
 		
 		$js = '';
-    
 		$new_position = $this->_calculatePosition($this->step);
 		if ($new_position['width'] != $this->position['width'] && ($this->direction == 'right' || $this->direction == 'left'))
 		{
@@ -576,7 +574,6 @@ class ProgressBar
 			$js .= 'PBposition'.$this->code.'("height",'.$new_position['height'].');';
 		}
 		$this->position = $new_position;
-    	
 		foreach($this->label as $name => $data)
 		{
 			if (array_key_exists('type', $data))

www/libs/Class.Smarty.Extend.inc

@@ -10,8 +10,8 @@
 
 	// read in the Smarty class for definition
 	// use smarty BC for backwards compability
-    // try to include file from LIBS path, or from normal path
-    _spl_autoload('SmartyBC.class.php');
+	// try to include file from LIBS path, or from normal path
+	_spl_autoload('SmartyBC.class.php');
 
 	class SmartyML extends SmartyBC
 	{

www/libs/Error.Handling.inc

@@ -1,7 +1,7 @@
 <?
-    /*********************************************************************
-    * AUTHOR: Clemens Schwaighofer
-    * CREATED: 2011/2/8
+	/*********************************************************************
+	* AUTHOR: Clemens Schwaighofer
+	* CREATED: 2011/2/8
 	* DESCRIPTION: pre function to collect all non critical errors into a log file if possible
 	* include this file at the very beginning of the script to get the notices, strict, etc messages.
 	* error etc will still be written to the log/display
@@ -42,7 +42,7 @@
 			4096 => 'E_RECOVERABLE_ERROR',
 			8192 => 'E_DEPRICATED',
 			16384 => 'E_USER_DEPRICATED',
-			30719  => 'E_ALL'
+			30719 => 'E_ALL'
 		);
 
 		// get the current page name (strip path)

www/libs/FileUploader.inc

@@ -141,8 +141,8 @@ class qqFileUploader {
             }
         }
 
-		$this->uploadFileName = $uploadDirectory . $filename . '.' . $ext;
-		$this->uploadFileExt = $ext;
+        $this->uploadFileName = $uploadDirectory . $filename . '.' . $ext;
+        $this->uploadFileExt = $ext;
 
         if ($this->file->save($uploadDirectory . $filename . '.' . $ext)){
             return array('success'=>true);

www/libs/db_pgsql.inc

@@ -16,7 +16,7 @@
 	* 2004/09/30 (cs) layout cleanup
 	* /
 
-  /* collection of PostgreSQL wrappers
+	* collection of PostgreSQL wrappers
 	* REQUIRES 5.x PHP!!!
 	*
 	* pg_prepare

www/libs/db_pgsql_pdo.inc

@@ -7,7 +7,7 @@
 	* HISTORY:
 	* /
 
-  /* collection of PostgreSQL wrappers
+	/* collection of PostgreSQL wrappers
 	* REQUIRES 5.x PHP with compiled pdo pgsql (--with-pdo-pgsql)
 	*
 	*/