Allow with as start in queries for select type

Also remove all inserts from the table declaration and add them in a
separate file instead

Add add/remove css to element for the element js declarations

4dev/database/ORDER

@@ -1,5 +1,7 @@
 # functions
 function/update_function.sql
+function/random_string.sql
+function/edit_set_access_uid.sql
 # generic tables
 table/edit_temp_files.sql
 table/edit_generic.sql
@@ -18,9 +20,11 @@ table/edit_user.sql
 table/edit_log.sql
 table/edit_access.sql
 table/edit_access_user.sql
+table/edit_access_data.sql
 # all triggers (after all tables have been created)
 trigger/trg_edit_access_right.sql
 trigger/trg_edit_access.sql
+trigger/trg_edit_access_data.sql
 trigger/trg_edit_access_user.sql
 trigger/trg_edit_generic.sql
 trigger/trg_edit_group.sql
@@ -33,3 +37,6 @@ trigger/trg_edit_scheme.sql
 trigger/trg_edit_user.sql
 trigger/trg_edit_visible_group.sql
 trigger/trg_edit_menu_group.sql
+trigger/trg_set_edit_access_uid.sql
+# insert data
+data/edit_tables.sql

4dev/database/data/edit_tables.sql

@@ -0,0 +1,141 @@
+-- edit tables insert data in order
+
+-- edit visible group
+DELETE FROM edit_page_visible_group;
+INSERT INTO edit_page_visible_group VALUES (1, 1);
+INSERT INTO edit_page_visible_group VALUES (2, 1);
+INSERT INTO edit_page_visible_group VALUES (3, 1);
+INSERT INTO edit_page_visible_group VALUES (4, 1);
+INSERT INTO edit_page_visible_group VALUES (5, 1);
+INSERT INTO edit_page_visible_group VALUES (6, 1);
+INSERT INTO edit_page_visible_group VALUES (7, 1);
+
+-- edit menu group
+DELETE FROM edit_menu_group;
+INSERT INTO edit_menu_group (name, flag, order_number) VALUES ('Admin Menu', 'admin', 1);
+INSERT INTO edit_menu_group (name, flag, order_number) VALUES ('Admin Data Popup Menu', 'AdminDataPopup', 2);
+
+-- edit page
+DELETE FROM edit_page;
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_pages.php', 'Edit Pages', 1, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_users.php', 'Edit Users', 2, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_languages.php', 'Edit Languages', 3, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_schemes.php', 'Edit Schemes', 4, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_groups.php', 'Edit Groups', 5, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_visible_group.php', 'Edit Visible Groups', 6, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_menu_group.php', 'Edit Menu Groups', 7, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_access.php', 'Edit Access', 8, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_order.php', 'Edit Order', 9, 1, 0);
+
+-- edit page menu group
+DELETE FROM edit_page_menu_group;
+INSERT INTO edit_page_menu_group VALUES (1, 1);
+INSERT INTO edit_page_menu_group VALUES (2, 1);
+INSERT INTO edit_page_menu_group VALUES (3, 1);
+INSERT INTO edit_page_menu_group VALUES (4, 1);
+INSERT INTO edit_page_menu_group VALUES (5, 1);
+INSERT INTO edit_page_menu_group VALUES (6, 1);
+INSERT INTO edit_page_menu_group VALUES (7, 1);
+
+-- edit access right
+DELETE FROM edit_access_right;
+INSERT INTO edit_access_right (name, level, type) VALUES ('Default', -1, 'default');
+INSERT INTO edit_access_right (name, level, type) VALUES ('No Access', 0, 'none');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Read', 20, 'read');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Translator', 30, 'mod_trans');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Modify', 40, 'mod');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Create/Write', 60, 'write');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Delete', 80, 'del');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Site Admin', 90, 'siteadmin');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Admin', 100, 'admin');
+
+-- edit scheme
+INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Default Scheme', 'E0E2FF', 1);
+INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Admin', 'CC7E7E', 1);
+INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Visitor', 'B0C4B3', 1);
+INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('User', '1E789E', 1);
+
+-- edit language
+INSERT INTO edit_language (short_name, long_name, iso_name, order_number, enabled, lang_default) VALUES ('en', 'English', 'UTF-8', 1, 1, 1);
+INSERT INTO edit_language (short_name, long_name, iso_name, order_number, enabled, lang_default) VALUES ('ja', 'Japanese', 'UTF-8', 2, 1, 0);
+
+-- edit group
+INSERT INTO edit_group (name, enabled, edit_scheme_id, edit_access_right_id) VALUES ('Admin', 1,
+	(SELECT edit_scheme_id FROM edit_scheme WHERE name = 'Admin'),
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_group (name, enabled, edit_scheme_id, edit_access_right_id) VALUES ('User', 1,
+	(SELECT edit_scheme_id FROM edit_scheme WHERE name = 'User'),
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'write')
+);
+
+-- edit page access
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+	(SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+	1,
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+	(SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+	2,
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+	);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+	(SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+	3,
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+	(SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+	4,
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+	(SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+	5,
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+	(SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+	6,
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin'
+		);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+	(SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+	7,
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin'
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+	(SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+	8,
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+	(SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+	9,
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+
+-- edit user
+-- inserts admin user so basic users can be created
+DELETE FROM edit_user;
+INSERT INTO edit_user (username, password, enabled, debug, db_debug, email, protected, admin, edit_language_id, edit_group_id, edit_scheme_id, edit_access_right_id) VALUES ('admin', 'admin', 1, 1, 1, '', 1, 1,
+	(SELECT edit_language_id FROM edit_language WHERE short_name = 'en'),
+	(SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+	(SELECT edit_scheme_id FROM edit_scheme WHERE name = 'Admin')
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+
+-- edit access
+DELETE FROM edit_access;
+INSERT INTO edit_access (name, enabled, protected) VALUES ('Admin Access', 't', 1);
+INSERT INTO edit_access (name, enabled, protected) VALUES ('User Access', 't', 1);
+
+-- edit access user
+DELETE FROM edit_access_user;
+INSERT INTO edit_access_user (edit_default, edit_access_id, edit_user_id, edit_access_right_id) VALUES (1,
+	(SELECT edit_access_id FROM edit_access WHERE uid = 'AdminAccess')
+	(SELECT edit_user_id FROM edit_user WHERE username = 'admin')
+	(SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+

4dev/database/function/edit_set_access_uid.sql

@@ -1,6 +1,6 @@
 -- add uid add for edit_access table
 
-CREATE OR REPLACE FUNCTION set_edit_access_uid() RETURNS TRIGGER AS 
+CREATE OR REPLACE FUNCTION set_edit_access_uid() RETURNS TRIGGER AS
 $$
 	DECLARE
 		myrec RECORD;

4dev/database/function/random_string.sql

@@ -0,0 +1,18 @@
+-- create random string with length X
+
+CREATE FUNCTION random_string(randomLength int)
+RETURNS text AS $$
+SELECT array_to_string(
+	ARRAY(
+		SELECT substring(
+			'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789',
+			trunc(random() * 62)::int + 1,
+			1
+		)
+		FROM generate_series(1, randomLength) AS gs(x)
+	),
+	''
+)
+$$ LANGUAGE SQL
+RETURNS NULL ON NULL INPUT
+VOLATILE; -- LEAKPROOF;

4dev/database/function/set_edit_generic.sql

@@ -0,0 +1,15 @@
+-- adds the created or updated date tags
+
+CREATE OR REPLACE FUNCTION set_edit_generic() RETURNS TRIGGER AS '
+	DECLARE
+		random_length INT = 12; -- that should be long enough
+	BEGIN
+		IF TG_OP = ''INSERT'' THEN
+			NEW.date_created := ''now'';
+			NEW.cuid := random_string(random_length);
+		ELSIF TG_OP = ''UPDATE'' THEN
+			NEW.date_updated := ''now'';
+		END IF;
+		RETURN NEW;
+	END;
+' LANGUAGE 'plpgsql';

4dev/database/function/set_generic.sql

@@ -3,7 +3,7 @@
 CREATE OR REPLACE FUNCTION set_generic() RETURNS TRIGGER AS '
 	BEGIN
 		IF TG_OP = ''INSERT'' THEN
-			NEW.date_created := ''now'';
+			NEW.cuid := random_string(random_length);
 		ELSIF TG_OP = ''UPDATE'' THEN
 			NEW.date_updated := ''now'';
 		END IF;

4dev/database/table/edit_access.sql

@@ -8,10 +8,10 @@
 -- DROP TABLE edit_access;
 CREATE TABLE edit_access (
 	edit_access_id	SERIAL PRIMARY KEY,
-	name	VARCHAR(255) UNIQUE,
+	name	VARCHAR UNIQUE,
 	description	VARCHAR,
-	COLOR	VARCHAR
+	color	VARCHAR,
+	uid	VARCHAR,
+	enabled	BOOLEAN DEFAULT 'true',
+	protected INT
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-DELETE FROM edit_access;
-INSERT INTO edit_access (name) VALUES ('Admin Access');

4dev/database/table/edit_access_right.sql

@@ -14,14 +14,3 @@ CREATE TABLE edit_access_right (
 	type VARCHAR,
 	UNIQUE (level,type)
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-DELETE FROM edit_access_right;
-INSERT INTO edit_access_right (name, level, type) VALUES ('Default', -1, 'default');
-INSERT INTO edit_access_right (name, level, type) VALUES ('No Access', 0, 'none');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Read', 20, 'read');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Translator', 30, 'mod_trans');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Modify', 40, 'mod');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Create/Write', 60, 'write');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Delete', 80, 'del');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Site Admin', 90, 'siteadmin');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Admin', 100, 'admin');

4dev/database/table/edit_access_user.sql

@@ -17,6 +17,3 @@ CREATE TABLE edit_access_user (
 	FOREIGN KEY (edit_user_id) REFERENCES edit_user (edit_user_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-DELETE FROM edit_access_user;
-INSERT INTO edit_access_user (edit_default, edit_access_id, edit_user_id, edit_access_right_id) VALUES (1, 1, 1, 8);

4dev/database/table/edit_generic.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_generic;
 CREATE TABLE edit_generic (
-	eg_status	INT,
+	cuid	VARCHAR,
 	date_created	TIMESTAMP WITHOUT TIME ZONE DEFAULT clock_timestamp(),
 	date_updated	TIMESTAMP WITHOUT TIME ZONE
 );

4dev/database/table/edit_group.sql

@@ -8,12 +8,10 @@
 -- DROP TABLE edit_group;
 CREATE TABLE edit_group (
 	edit_group_id	SERIAL PRIMARY KEY,
-	name	VARCHAR(50),
+	name	VARCHAR,
 	enabled	SMALLINT NOT NULL DEFAULT 0,
 	edit_scheme_id INT,
 	edit_access_right_id INT NOT NULL,
 	FOREIGN KEY (edit_scheme_id) REFERENCES edit_scheme (edit_scheme_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-INSERT INTO edit_group (name, enabled, edit_scheme_id, edit_access_right_id) VALUES ('Admin', 1, 2, 8);

4dev/database/table/edit_language.sql

@@ -9,12 +9,10 @@
 -- DROP TABLE edit_language;
 CREATE TABLE edit_language (
 	edit_language_id SERIAL PRIMARY KEY,
-	short_name VARCHAR(2),
-	long_name VARCHAR(70),
-	iso_name VARCHAR(12),
+	short_name VARCHAR,
+	long_name VARCHAR,
+	iso_name VARCHAR,
 	order_number INT,
 	enabled SMALLINT NOT NULL DEFAULT 0,
-	lang_default SMALLINT NOT NULL DEFAULT 0 UNIQUE
+	lang_default SMALLINT NOT NULL DEFAULT 0
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-INSERT INTO edit_language (short_name, long_name, iso_name, order_number, enabled, lang_default) VALUES ('en', 'English', 'UTF-8', 1, 1, 1);

4dev/database/table/edit_menu_group.sql

@@ -8,11 +8,9 @@
 -- DROP TABLE edit_menu_group;
 CREATE TABLE edit_menu_group (
 	edit_menu_group_id	SERIAL PRIMARY KEY,
-	name	VARCHAR(255),
-	flag	VARCHAR(50),
+	name	VARCHAR,
+	flag	VARCHAR,
 	order_number	INT NOT NULL
 ) INHERITS (edit_generic) WITHOUT OIDS;
 
-DELETE FROM edit_menu_group;
-INSERT INTO edit_menu_group (name, flag, order_number) VALUES ('Admin Menu', 'admin', 1);
-INSERT INTO edit_menu_group (name, flag, order_number) VALUES ('Admin Data Popup Menu', 'AdminDataPopup', 2);
+

4dev/database/table/edit_page.sql

@@ -8,8 +8,8 @@
 -- DROP TABLE edit_page;
 CREATE TABLE edit_page (
 	edit_page_id	SERIAL PRIMARY KEY,
-	filename	VARCHAR(70),
-	name	VARCHAR(255) UNIQUE,
+	filename	VARCHAR,
+	name	VARCHAR UNIQUE,
 	order_number INT NOT NULL,
 	online	SMALLINT NOT NULL DEFAULT 0,
 	menu	SMALLINT NOT NULL DEFAULT 0,
@@ -17,14 +17,3 @@ CREATE TABLE edit_page (
 	popup_x	SMALLINT,
 	popup_y SMALLINT
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-DELETE FROM edit_page;
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_pages.php', 'Edit Pages', 1, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_users.php', 'Edit Users', 2, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_languages.php', 'Edit Languages', 3, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_schemes.php', 'Edit Schemes', 4, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_groups.php', 'Edit Groups', 5, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_visible_group.php', 'Edit Visible Groups', 6, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_menu_group.php', 'Edit Menu Groups', 7, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_access.php', 'Edit Access', 8, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_order.php', 'Edit Order', 9, 1, 0);

4dev/database/table/edit_page_access.sql

@@ -17,12 +17,4 @@ CREATE TABLE edit_page_access (
 	FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 ) INHERITS (edit_generic) WITHOUT OIDS;
 
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 1, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 2, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 3, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 4, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 5, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 6, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 7, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 8, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 9, 8);
+

4dev/database/table/edit_page_menu_group.sql

@@ -12,12 +12,3 @@ CREATE TABLE edit_page_menu_group (
 	FOREIGN KEY (edit_page_id) REFERENCES edit_page (edit_page_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_menu_group_id) REFERENCES edit_menu_group (edit_menu_group_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 );
-
-DELETE FROM edit_page_menu_group;
-INSERT INTO edit_page_menu_group VALUES (1, 1);
-INSERT INTO edit_page_menu_group VALUES (2, 1);
-INSERT INTO edit_page_menu_group VALUES (3, 1);
-INSERT INTO edit_page_menu_group VALUES (4, 1);
-INSERT INTO edit_page_menu_group VALUES (5, 1);
-INSERT INTO edit_page_menu_group VALUES (6, 1);
-INSERT INTO edit_page_menu_group VALUES (7, 1);

4dev/database/table/edit_page_visible_group.sql

@@ -12,12 +12,3 @@ CREATE TABLE edit_page_visible_group (
 	FOREIGN KEY (edit_page_id) REFERENCES edit_page (edit_page_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_visible_group_id) REFERENCES edit_visible_group (edit_visible_group_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 );
-
-DELETE FROM edit_page_visible_group;
-INSERT INTO edit_page_visible_group VALUES (1, 1);
-INSERT INTO edit_page_visible_group VALUES (2, 1);
-INSERT INTO edit_page_visible_group VALUES (3, 1);
-INSERT INTO edit_page_visible_group VALUES (4, 1);
-INSERT INTO edit_page_visible_group VALUES (5, 1);
-INSERT INTO edit_page_visible_group VALUES (6, 1);
-INSERT INTO edit_page_visible_group VALUES (7, 1);

4dev/database/table/edit_query_string.sql

@@ -8,8 +8,8 @@
 -- DROP TABLE edit_query_string;
 CREATE TABLE edit_query_string (
 	edit_query_string_id	SERIAL PRIMARY KEY,
-	name	VARCHAR(255),
-	value	VARCHAR(255),
+	name	VARCHAR,
+	value	VARCHAR,
 	enabled	SMALLINT NOT NULL DEFAULT 0,
 	dynamic	SMALLINT NOT NULL DEFAULT 0,
 	edit_page_id	INT NOT NULL,

4dev/database/table/edit_scheme.sql

@@ -9,12 +9,8 @@
 CREATE TABLE edit_scheme (
 	edit_scheme_id	SERIAL PRIMARY KEY,
 	enabled	SMALLINT NOT NULL DEFAULT 0,
-	name	VARCHAR(50),
-	header_color	VARCHAR(7),
-	css_file	VARCHAR(50),
-	template	VARCHAR(50)
+	name	VARCHAR,
+	header_color	VARCHAR,
+	css_file	VARCHAR,
+	template	VARCHARs
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Default Scheme', '#E0E2FF', 1);
-INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Admin', '#CC7E7E', 1);
-INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Visitor', '#B0C4B3', 1);

4dev/database/table/edit_temp_files.sql

@@ -7,5 +7,5 @@
 
 -- DROP TABLE temp_files;
 CREATE TABLE temp_files (
-	filename	VARCHAR(250)
+	filename	VARCHAR
 );

4dev/database/table/edit_user.sql

@@ -8,8 +8,13 @@
 -- DROP TABLE edit_user;
 CREATE TABLE edit_user (
 	edit_user_id	SERIAL PRIMARY KEY,
+	connect_edit_user_id	INT, -- possible reference to other user
 	username	VARCHAR UNIQUE,
 	password	VARCHAR,
+	first_name	VARCHAR,
+	last_name	VARCHAR,
+	first_name_furigana	VARCHAR,
+	last_name_furigana	VARCHAR,
 	enabled	SMALLINT NOT NULL DEFAULT 0,
 	debug	SMALLINT NOT NULL DEFAULT 0,
 	db_debug	SMALLINT NOT NULL DEFAULT 0,
@@ -27,12 +32,9 @@ CREATE TABLE edit_user (
 	locked	SMALLINT DEFAULT 0,
 	password_change_date	TIMESTAMP WITHOUT TIME ZONE, -- only when password is first set or changed
 	password_change_interval	INTERVAL, -- null if no change is needed, or d/m/y time interval
+	FOREIGN KEY (connect_edit_user_id) REFERENCES edit_user (edit_user_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_language_id) REFERENCES edit_language (edit_language_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_group_id) REFERENCES edit_group (edit_group_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_scheme_id) REFERENCES edit_scheme (edit_scheme_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
--- inserts admin user so basic users can be created
-DELETE FROM edit_user;
-INSERT INTO edit_user (username, password, enabled, debug, db_debug, email, protected, admin, edit_language_id, edit_group_id, edit_scheme_id, edit_access_right_id) VALUES ('admin', 'admin', 1, 1, 1, '', 1, 1, 1, 1, 2, 8);

4dev/database/table/edit_visible_group.sql

@@ -8,8 +8,8 @@
 -- DROP TABLE edit_visible_group;
 CREATE TABLE edit_visible_group (
 	edit_visible_group_id	SERIAL PRIMARY KEY,
-	name	VARCHAR(255),
-	flag	VARCHAR(50)
+	name	VARCHAR,
+	flag	VARCHAR
 ) INHERITS (edit_generic) WITHOUT OIDS;
 
 DELETE FROM edit_visible_group;

4dev/database/trigger/trg_edit_access.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_access ON edit_access;
+DROP TRIGGER trg_edit_access ON edit_access;
 CREATE TRIGGER trg_edit_access
 BEFORE INSERT OR UPDATE ON edit_access
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_access_data.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_access_data ON edit_access_data;
+DROP TRIGGER trg_edit_access_data ON edit_access_data;
 CREATE TRIGGER trg_edit_access_data
 BEFORE INSERT OR UPDATE ON edit_access_data
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_access_right.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_access_right ON edit_access_right;
+DROP TRIGGER trg_edit_access_right ON edit_access_right;
 CREATE TRIGGER trg_edit_access_right
 BEFORE INSERT OR UPDATE ON edit_access_right
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_access_user.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_access_user ON edit_access_user;
+DROP TRIGGER trg_edit_access_user ON edit_access_user;
 CREATE TRIGGER trg_edit_access_user
 BEFORE INSERT OR UPDATE ON edit_access_user
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_group.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_group ON edit_group;
+DROP TRIGGER trg_edit_group ON edit_group;
 CREATE TRIGGER trg_edit_group
 BEFORE INSERT OR UPDATE ON edit_group
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_language.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_language ON edit_language;
+DROP TRIGGER trg_edit_language ON edit_language;
 CREATE TRIGGER trg_edit_language
 BEFORE INSERT OR UPDATE ON edit_language
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_log.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_log ON edit_log;
+DROP TRIGGER trg_edit_log ON edit_log;
 CREATE TRIGGER trg_edit_log
 BEFORE INSERT OR UPDATE ON edit_log
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_menu_group.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_visible_group ON edit_visible_group;
+DROP TRIGGER trg_edit_menu_group ON edit_menu_group;
 CREATE TRIGGER trg_edit_menu_group
 BEFORE INSERT OR UPDATE ON edit_menu_group
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_page.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_page ON edit_page;
+DROP TRIGGER trg_edit_page ON edit_page;
 CREATE TRIGGER trg_edit_page
 BEFORE INSERT OR UPDATE ON edit_page
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_page_access.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_page_access ON edit_page_access;
+DROP TRIGGER trg_edit_page_access ON edit_page_access;
 CREATE TRIGGER trg_edit_page_access
 BEFORE INSERT OR UPDATE ON edit_page_access
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_query_string.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_query_string ON edit_query_string;
+DROP TRIGGER trg_edit_query_string ON edit_query_string;
 CREATE TRIGGER trg_edit_query_string
 BEFORE INSERT OR UPDATE ON edit_query_string
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_scheme.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_scheme ON edit_scheme;
+DROP TRIGGER trg_edit_scheme ON edit_scheme;
 CREATE TRIGGER trg_edit_scheme
 BEFORE INSERT OR UPDATE ON edit_scheme
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_user.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_user ON edit_user;
+DROP TRIGGER trg_edit_user ON edit_user;
 CREATE TRIGGER trg_edit_user
 BEFORE INSERT OR UPDATE ON edit_user
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_visible_group.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_visible_group ON edit_visible_group;
+DROP TRIGGER trg_edit_visible_group ON edit_visible_group;
 CREATE TRIGGER trg_edit_visible_group
 BEFORE INSERT OR UPDATE ON edit_visible_group
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

README.md

@@ -18,7 +18,9 @@ The active branch, which is the namespace branch
 
 ### legacy
 
-The old non namepsace format layout. This will only get bug fixes and no new development
+The old non namepsace format layout.
+This is fully deprecated and will no longer be maintaned.
+last tested PHP 5.6 and PHP 7.0
 
 ### namespace
 

www/admin/edit_base.inc

@@ -24,7 +24,7 @@ extract($_POST, EXTR_SKIP);
 
 $table_width = 750;
 // this is for certain CMS modules that set a relative path
-define(REL_PATH, '');
+define('REL_PATH', '');
 
 ob_start();
 include("config.inc");
@@ -137,10 +137,13 @@ $DATA['GROUP_NAME'] = $_SESSION["GROUP_NAME"];
 $DATA['GROUP_LEVEL'] = $_SESSION["GROUP_LEVEL"];
 $PAGES = $_SESSION["PAGES"];
 
-//$form->debug('menu', $form->print_ar($PAGES));
+//$form->debug('menu', $form->printAr($PAGES));
 
-// baue nav aus $PAGES ...
-for ($i = 0; $i < count($PAGES); $i ++) {
+// build nav from $PAGES ...
+if (!is_array($PAGES)) {
+	$PAGES = array ();
+}
+for ($i = 0, $i_max = count($PAGES); $i < $i_max; $i ++) {
 	if ($PAGES[$i]["menu"] && $PAGES[$i]["online"]) {
 		$menuarray[] = $PAGES[$i];
 	}
@@ -204,6 +207,7 @@ if ($form->yes) {
 			$elements[] = $form->formCreateElement("login_error_date_last");
 			$elements[] = $form->formCreateElement("login_error_date_first");
 			$elements[] = $form->formCreateElement("enabled");
+			$elements[] = $form->formCreateElement("protected");
 			$elements[] = $form->formCreateElement("username");
 			$elements[] = $form->formCreateElement("password");
 			$elements[] = $form->formCreateElement("password_change_interval");
@@ -283,6 +287,8 @@ if ($form->yes) {
 			break;
 		case "edit_access":
 			$elements[] = $form->formCreateElement("name");
+			$elements[] = $form->formCreateElement("enabled");
+			$elements[] = $form->formCreateElement("protected");
 			$elements[] = $form->formCreateElement("color");
 			$elements[] = $form->formCreateElement("description");
 			// add name/value list here
@@ -292,7 +298,7 @@ if ($form->yes) {
 			print "[No valid page definition given]";
 			break;
 	}
-//		$form->debug('edit', "Elements: <pre>".$form->print_ar($elements));
+//		$form->debug('edit', "Elements: <pre>".$form->printAr($elements));
 	$DATA['elements'] = $elements;
 	$DATA['hidden'] = $form->formCreateHiddenFields();
 	$DATA['save_delete'] = $form->formCreateSaveDelete();
@@ -304,7 +310,7 @@ $DEBUG_DATA['DEBUG'] = $DEBUG_TMPL;
 // create main data array
 $CONTENT_DATA = array_merge($HEADER, $DATA, $DEBUG_DATA);
 // data is 1:1 mapping (all vars, values, etc)
-while (list($key, $value) = each($CONTENT_DATA)) {
+foreach ($CONTENT_DATA as $key => $value) {
 	$smarty->assign($key, $value);
 }
 if (is_dir(BASE.TEMPLATES_C)) {

www/admin/table_arrays/array_edit_access.inc

@@ -28,6 +28,26 @@ $edit_access = array (
 			"error_check" => "custom",
 			"error_regex" => "/[\dA-Fa-f]{6}/",
 			"error_example" => "F6A544"
+		),
+		"enabled" => array (
+			"value" => $GLOBALS["enabled"],
+			"output_name" => "Enabled",
+			"type" => "binary",
+			"int" => 1,
+			"element_list" => array (
+				"1" => "Yes",
+				"0" => "No"
+			)
+		),
+		"protected" => array (
+			"value" => $GLOBALS["protected"],
+			"output_name" => "Protected",
+			"type" => "binary",
+			"int" => 1,
+			"element_list" => array (
+				"1" => "Yes",
+				"0" => "No"
+			)
 		)
 	),
 	"table_name" => "edit_access",

www/admin/table_arrays/array_edit_users.inc

@@ -29,6 +29,7 @@ $edit_users = array (
 			)
 		),
 		// password date when first insert and password is set, needs special field with connection to password
+		// password reset force interval, if set, user needs to reset password after X time period
 		'password_change_interval' => array (
 			'value' => $GLOBALS['password_change_interval'],
 			'output_name' => 'Password change interval',
@@ -38,7 +39,6 @@ $edit_users = array (
 			'size' => 5, // make it 5 chars long
 			'length' => 5
 		),
-		// password reset force interval, if set, user needs to reset password after X time period
 		"enabled" => array (
 			"value" => $GLOBALS["enabled"],
 			"output_name" => "Enabled",
@@ -163,10 +163,15 @@ $edit_users = array (
 			"type" => "view",
 			"empty" => "-"
 		),
-		// planned delete lock flag
 		"protected" => array (
 			"value" => $GLOBALS["protected"],
-			"int" => 1
+			"output_name" => "Protected",
+			"type" => "binary",
+			"int" => 1,
+			"element_list" => array (
+				"1" => "Yes",
+				"0" => "No"
+			)
 		)
 	),
 	"load_query" => "SELECT edit_user_id, username, enabled, debug, db_debug, strict, locked, login_error_count FROM edit_user ORDER BY username",

www/configs/config.inc

@@ -1,6 +1,6 @@
 <?
 /********************************************************************
-* AUTHOR: Clemens "Gullevek" Schwaighofer (www.gullevek.org)
+* AUTHOR: Clemens Schwaighofer
 * CREATED: 2003/06/10
 * SHORT DESCRIPTION:
 *   configuration file
@@ -9,16 +9,16 @@
 
 /************* SESSION NAMES *************/
 // backend
-DEFINE('EDIT_SESSION_NAME', "<ADMIN SESSION NAME>");
+DEFINE('EDIT_SESSION_NAME', '<ADMIN SESSION NAME>');
 // frontend
-DEFINE('SESSION_NAME', "<SESSION NAME>");
+DEFINE('SESSION_NAME', '<SESSION NAME>');
 // set the session name
 define('SET_SESSION_NAME', EDIT_SESSION_NAME);
 
 /************* LANGUAGE / ENCODING *******/
-DEFINE('DEFAULT_LANG', "en_utf8");
+DEFINE('DEFAULT_LANG', 'en_utf8');
 // default web page encoding setting
-DEFINE('DEFAULT_ENCODING', "UTF-8");
+DEFINE('DEFAULT_ENCODING', 'UTF-8');
 
 /************* PATHS *********************/
 // directory seperator
@@ -40,51 +40,51 @@ DEFINE('INCLUDES', 'includes'.DS);
 // layout base path
 DEFINE('LAYOUT', 'layout'.DS);
 // pic-root (compatible to CMS)
-DEFINE('PICTURES', "images".DS);
+DEFINE('PICTURES', 'images'.DS);
 // images
-DEFINE('IMAGES', "images".DS);
+DEFINE('IMAGES', 'images'.DS);
 // icons (below the images/ folder)
 DEFINE('ICONS', 'icons'.DS);
 // media
-DEFINE('MEDIA', "media".DS);
+DEFINE('MEDIA', 'media'.DS);
 // flash-root (below media)
-DEFINE('FLASH', "flash".DS);
+DEFINE('FLASH', 'flash'.DS);
 // uploads (anything to keep)
-DEFINE('UPLOADS', "uploads".DS);
+DEFINE('UPLOADS', 'uploads'.DS);
 // files (binaries) (below media)
-DEFINE('BINARIES', "binaries".DS);
+DEFINE('BINARIES', 'binaries'.DS);
 // files (videos) (below media)
-DEFINE('VIDEOS', "videos".DS);
+DEFINE('VIDEOS', 'videos'.DS);
 // files (documents) (below media)
-DEFINE('DOCUMENTS', "documents".DS);
+DEFINE('DOCUMENTS', 'documents'.DS);
 // files (pdfs) (below media)
-DEFINE('PDFS', "documents".DS);
+DEFINE('PDFS', 'documents'.DS);
 // CSV
 DEFINE('CSV', 'csv'.DS);
 // css
-DEFINE('CSS', "css".DS);
+DEFINE('CSS', 'css'.DS);
 // js
-DEFINE('JS', "javascript".DS);
+DEFINE('JS', 'javascript'.DS);
 // table arrays
-DEFINE('TABLE_ARRAYS', "table_arrays".DS);
+DEFINE('TABLE_ARRAYS', 'table_arrays'.DS);
 // smarty libs path
-DEFINE('SMARTY', "Smarty".DS);
+DEFINE('SMARTY', 'Smarty'.DS);
 // po langs
-DEFINE('LANG', "lang".DS);
+DEFINE('LANG', 'lang'.DS);
 // cache path
-DEFINE('CACHE', "cache".DS);
+DEFINE('CACHE', 'cache'.DS);
 // temp path
-DEFINE('TMP', "tmp".DS);
+DEFINE('TMP', 'tmp'.DS);
 // log files
 DEFINE('LOG', 'log'.DS);
 // compiled template folder
 DEFINE('TEMPLATES_C', 'templates_c'.DS);
 // template base
-DEFINE('TEMPLATES', "templates".DS);
+DEFINE('TEMPLATES', 'templates'.DS);
 // frontend template dir', only for admin
-DEFINE('TEMPLATES_FRONTEND', "templates_frontend".DS);
+DEFINE('TEMPLATES_FRONTEND', 'templates_frontend'.DS);
 // default template
-DEFINE('DEFAULT_TEMPLATE', "default".DS);
+DEFINE('DEFAULT_TEMPLATE', 'default'.DS);
 // default template file
 DEFINE('DEFAULT_TEMPLATE_FILE', 'default.tpl');
 
@@ -102,14 +102,14 @@ DEFINE('DEFAULT_ACL_SEND', 70);
 DEFINE('DEFAULT_ACL_DEL', 80);
 DEFINE('DEFAULT_ACL_ADMIN', 100); */
 // SSL host name
-//	DEFINE('SSL_HOST', "ssl.host.name");
+//	DEFINE('SSL_HOST', 'ssl.host.name');
 // error page strictness, Default is 3
 // 1: only show error page as the last mesure if really no mid & aid can be loaded and found at all
 // 2: if template not found, do not search, show error template
 // 3: if default template is not found, show error template, do not fall back to default tree
 // 4: very strict, even on normal fixable errors through error
 //	DEFINE('ERROR_STRICT', 3);
-// allow page caching in general, set to "FALSE" if you do debugging or development!
+// allow page caching in general, set to 'FALSE' if you do debugging or development!
 //	DEFINE('ALLOW_SMARTY_CACHE', FALSE);
 // cache life time, in seconds, default here is 2 days (172800s)
 // -1 is never expire cache
@@ -134,6 +134,11 @@ DEFINE('PAGE_WIDTH', 800);
 // the default template name
 DEFINE('MASTER_TEMPLATE_NAME', 'main_body.tpl');
 
+// below two can be defined here, but they should be
+// defined in either the header file or the file itself
+/************* LOGGING *******************/
+// DEFINE('LOG_FILE_ID', '');
+
 /************* QUEUE TABLE *************/
 // if we have a dev/live system
 // set_live is a per page/per item
@@ -151,32 +156,32 @@ DEFINE('LIVE_SCHEMA', 'public');
 /************* DB ACCESS *****************/
 // please be VERY carefull only to change the right side
 $DB_CONFIG = array (
-	"<db id>" => array (
-		"db_name" => "<database>",
-		"db_user" => "<user>",
-		"db_pass" => "<password>",
-		"db_host" => "<host>",
-		"db_port" => "5432",
-		"db_schema" => "public", // if not set, uses public
-		"db_type" => "pgsql",
-		"db_encoding" => '',
-		"db_ssl" => 'disable' // allow, disable, require, prefer
+	'<db id>' => array (
+		'db_name' => '<database>',
+		'db_user' => '<user>',
+		'db_pass' => '<password>',
+		'db_host' => '<host>',
+		'db_port' => '5432',
+		'db_schema' => 'public', // if not set, uses public
+		'db_type' => 'pgsql',
+		'db_encoding' => '',
+		'db_ssl' => 'disable' // allow, disable, require, prefer
 	)
 );
 
 // File and Folder paths
 // ID is TARGET (first array element)
-//	$PATHS["test"]["csv_path"] = "";
-//	$PATHS["test"]["perl_bin"] = "";
-//	$PATHS["test"]["redirect_url"] = "";
+//	$PATHS['test']['csv_path'] = '';
+//	$PATHS['test']['perl_bin'] = '';
+//	$PATHS['test']['redirect_url'] = '';
 
 // each host has a different db_host
 // development host
-$DB_HOST['<host>'] = "<db id>";
+$DB_HOST['<host>'] = '<db id>';
 // target host (live)
-//	$DB_TARGET_HOST['<host>'] = "<DB ID>";
+//	$DB_TARGET_HOST['<host>'] = '<DB ID>';
 // url redirect database
-//	$DB_URL_REDIRECT_HOST['<host>'] = "<DB ID>";
+//	$DB_URL_REDIRECT_HOST['<host>'] = '<DB ID>';
 // location flagging
 // test/dev/live
 $LOCATION['<host>'] = '<test|live|remote|etc>';
@@ -192,9 +197,9 @@ $USE_DATABASE = defined('USE_DATABASE') ? USE_DATABASE : true;
 // live frontend pages
 // ** missing live domains **
 // get the name without the port
-list($HOST_NAME, $PORT) = array_pad(explode(":", $_SERVER['HTTP_HOST'], 2), 2, null);
+list($HOST_NAME) = array_pad(explode(':', $_SERVER['HTTP_HOST'], 2), 2, null);
 if (!$DB_HOST[$HOST_NAME] && $USE_DATABASE) {
-	echo "No matching DB config found. Contact Admin<br>";
+	echo 'No matching DB config found. Contact Admin<br>';
 	exit -1;
 }
 
@@ -221,11 +226,11 @@ DEFINE('SHOW_ALL_ERRORS', false); // show all errors if debug_all & show_error_h
 $G_TITLE = '<OVERALL PAGE TITLE>';
 
 /************ STYLE SHEETS / JS **********/
-$EDIT_STYLESHEET = "edit.css";
-$EDIT_JAVASCRIPT = "edit.js";
+$EDIT_STYLESHEET = 'edit.css';
+$EDIT_JAVASCRIPT = 'edit.js';
 
-$STYLESHEET = "frontend.css";
-$JAVASCRIPT = "frontend.js";
+$STYLESHEET = 'frontend.css';
+$JAVASCRIPT = 'frontend.js';
 
 /************* CONVERT *******************/
 $paths = array (
@@ -235,14 +240,14 @@ $paths = array (
 );
 // find convert
 foreach ($paths as $path) {
-	if (file_exists($path."/convert") && is_file($path."/convert")) {
+	if (file_exists($path.DS.'convert') && is_file($path.DS.'convert')) {
 		// image magick convert location
-		DEFINE('CONVERT', $path."/convert");
+		DEFINE('CONVERT', $path.DS.'convert');
 	}
 }
 
 // turn off debug if debug flag is OFF
-if (DEBUG == false) {
+if (defined('DEBUG') && DEBUG == false) {
 	$ECHO_ALL = 0;
 	$DEBUG_ALL = 0;
 	$PRINT_ALL = 0;
@@ -255,3 +260,5 @@ if (DEBUG == false) {
 
 // read auto loader
 require BASE.LIB.'autoloader.php';
+
+# __END__

www/layout/admin/default/css/edit.css

@@ -367,6 +367,30 @@ input[type="text"]:focus, textarea:focus, select:focus {
 	font-size: 8px;
 }
 
+/* NEW VERSION with CSS key frame animation */
+.progress {
+	width: 100px;
+	height: 100px;
+	background: rgba(255, 255, 255, 0.6);
+	border: 20px solid rgba(255, 255, 255 ,0.25);
+	border-left-color: rgba(3, 155, 229 ,1);
+	border-top-color: rgba(3, 155, 229 ,1);
+	border-radius: 50%;
+	display: inline-block;
+	animation: rotate 600ms infinite linear;
+	/* align */
+	left: 0;
+	top: 0;
+	position: absolute;
+	z-index: 100;
+}
+/* Animation for above progress */
+@keyframes rotate {
+	to {
+		transform: rotate(1turn)
+	}
+}
+
 /* ***************************** ADMIN EDIT INTERFACE COLORS ********************************* */
 /* set all colors here and not in the config file */
 /* for edit interface */

www/layout/admin/default/javascript/edit.js

@@ -2,6 +2,8 @@
 	code is taken and adapted from dokuwiki
 */
 
+/* jshint esversion: 6 */
+
 /**
  * Some browser detection
  */
@@ -207,3 +209,196 @@ function formatBytes(bytes)
 
 	return parseFloat(Math.round(bytes * Math.pow(10, 2)) / Math.pow(10, 2)) + ['kB', 'MB', 'GB', 'TB', 'PB', 'EB'][i];
 }
+
+// *** DOM MANAGEMENT FUNCTIONS
+// METHOD: cel [create element]
+// PARAMS: tag: must set tag (div, span, etc)
+//         id: optional set for id, if input, select will be used for name
+//         content: text content inside, is skipped if sub elements exist
+//         css: array for css tags
+//         options: anything else (value, placeholder, OnClick, style)
+// RETURN: object
+// DESC  : creates object for DOM element creation flow
+const cel = (tag, id = '', content = '', css = [], options = {}) =>
+	element = {
+		tag: tag,
+		id: id,
+		name: options.name, // override name if set [name gets ignored in tree build anyway]
+		content: content,
+		css: css,
+		options: options,
+		sub: []
+	};
+
+// METHOD: ael [attach element]
+// PARAMS: base: object where to attach/search
+//         attach: the object to be attached
+//         id: optional id, if given search in base for this id and attach there
+// RETURN: "none", technically there is no return needed
+// DESC  : attach a cel created object to another to create a basic DOM tree
+function ael(base, attach, id = '')
+{
+	if (id) {
+		// base id match already
+		if (base.id == id) {
+			base.sub.push(attach);
+		} else {
+			// sub check
+			if (base.sub.length > 0) {
+				base.sub.each(function(t) {
+					// recursive call to sub element
+					ael(t, attach, id);
+				});
+			}
+		}
+	} else {
+		base.sub.push(attach);
+	}
+	return base;
+}
+
+// METHOD: rel [rese element]
+// PARAMS: cel created element
+// RETURN: "none", is self change, but returns base.sub
+// DESC  : resets the sub elements of the base element given
+const rel = (base) => base.sub = [];
+
+// METHOD: rcssel [remove a css from the element]
+// PARAMS: element, style sheet to remove
+// RETURN: "none", in place because of reference
+// DESC  : searches and removes style from css array
+function rcssel(element, css)
+{
+	let css_index = element.css.indexOf(css);
+	if (css_index > -1) {
+		element.css.splice(css_index, 1);
+	}
+}
+
+// METHOD acssel [add css element]
+// PARAMS: element, style sheet to add
+// RETURN: "none", in place add because of reference
+// DESC  : adds a new style sheet to the element given
+function acssel(element, css)
+{
+	let css_index = element.css.indexOf(css);
+	if (css_index > -1) {
+		element.css.push(css);
+	}
+}
+
+// METHOD: phfo [produce html from object]
+// PARAMS: object tree with dom element declarations
+// RETURN: HTML string that can be used as innerHTML
+// DESC  : parses the object tree created with cel/ael
+//         and converts it into an HTML string that can
+//         be inserted into the page
+function phfo(tree)
+{
+	// holds the elements
+	let content = [];
+	// main part line
+	let line = '<' + tree.tag;
+	// first id, if set
+	if (tree.id) {
+		line += ' id="' + tree.id + '"';
+		// if anything input (input, textarea, select then add name too)
+		if (['input', 'textarea', 'select'].includes(tree.tag)) {
+			line += ' name="' + (tree.name ? tree.name : tree.id) + '"';
+		}
+	}
+	// second CSS
+	if (tree.css.length > 0) {
+		line += ' class="';
+		tree.css.each(function(t) {
+			line += t + ' ';
+		});
+		// strip last space
+		line = line.slice(0, -1);
+		line += '"';
+	}
+	// options is anything key = "data"
+	if (tree.options) {
+		// ignores id, name, class as key
+		for (const [key, item] of Object.entries(tree.options)) {
+			if (!['id', 'name', 'class'].includes(key)) {
+				line += ' ' + key + '="' + item + '"';
+			}
+		}
+	}
+	// finish open tag
+	line += '>';
+	// push finished line
+	content.push(line);
+	// dive into sub tree to attach sub nodes
+	// NOTES: we cannot have content (text) AND sub nodes at the same level
+	// NODE takes preference over content
+	if (tree.sub.length > 0) {
+		tree.sub.each(function(t) {
+			content.push(phfo(t));
+		});
+	} else if (tree.content) {
+		content.push(tree.content);
+	}
+	// if not input close
+	if (tree.tag != 'input') {
+		content.push('</' + tree.tag + '>');
+	}
+	// combine to string
+	return content.join('');
+}
+
+// BLOCK: html wrappers for quickly creating html data blocks
+// METHOD: html_options
+// PARAMS: name/id, array for the options, selected item uid
+//         options_only: if this is true, it will not print the select part
+//         return_string, return as string and not as element
+// RETURN: html with build options block
+// DESC  : creates an select/options drop down block.
+//         the array needs to be key -> value format. key is for the option id and value is for the data output
+function html_options(name, data, selected = '', options_only = false, return_string = false)
+{
+	let content = [];
+	let element_select;
+	let element_option;
+	// set outside select, gets stripped on return if options only is true
+	element_select = cel('select', name);
+	// console.log('Call for %s, options: %s', name, options_only);
+	$H(data).each(function(t) {
+		console.log('options: key: %s, value: %s', t.key, t.value);
+		// basic options init
+		let options = {
+			'label': t.value,
+			'value': t.key
+		};
+		// add selected if matching
+		if (selected == t.key) {
+			options.selected = '';
+		}
+		// create the element option
+		element_option = cel('option', '', t.value, '', options);
+		// attach it to the select element
+		ael(element_select, element_option);
+	});
+	// if with select part, convert to text
+	if (!options_only) {
+		if (return_string) {
+			content.push(phfo(element_select));
+			return content.join('');
+		} else {
+			return element_select;
+		}
+	} else {
+		// strip select part
+		if (return_string) {
+			element.sub.each(function(t) {
+				content.push(phfo(t));
+			});
+			return content.join('');
+		} else {
+			return element_select.sub;
+		}
+	}
+}
+
+/* END */

www/layout/frontend/default/css/frontend.css

@@ -3,3 +3,27 @@
 	color: #a4a4a4;
 	font-size: 8px;
 }
+
+/* NEW VERSION with CSS key frame animation */
+.progress {
+	width: 100px;
+	height: 100px;
+	background: rgba(255, 255, 255, 0.6);
+	border: 20px solid rgba(255, 255, 255 ,0.25);
+	border-left-color: rgba(3, 155, 229 ,1);
+	border-top-color: rgba(3, 155, 229 ,1);
+	border-radius: 50%;
+	display: inline-block;
+	animation: rotate 600ms infinite linear;
+	/* align */
+	left: 0;
+	top: 0;
+	position: absolute;
+	z-index: 100;
+}
+/* Animation for above progress */
+@keyframes rotate {
+	to {
+		transform: rotate(1turn)
+	}
+}

www/lib/CoreLibs/ACL/Login.inc

@@ -70,10 +70,14 @@ class Login extends \CoreLibs\DB\IO
 	private $login_error; // login error code, can be matched to the array login_error_msg, which holds the string
 	private $password_change = false; // if this is set to true, the user can change passwords
 	private $password_change_ok = false; // password change was successful
+	private $password_forgot = false; // can we reset password and mail to user with new password set screen
+	private $password_forgot_ok = false; // password forgot mail send ok
 	private $pw_change_deny_users = array (); // array of users for which the password change is forbidden
 
 	// if we have password change we need to define some rules
-	private $password_min_length = 8;
+	private $password_min_length = PASSWORD_MIN_LENGTH;
+	// max length is fixed as 255 (for input type max), if set highter, it will be set back to 255
+	private $password_max_length = PASSWORD_MAX_LENGTH;
 	// can have several regexes, if nothing set, all is ok
 	private $password_valid_chars = array (
 		// '^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!@#$%]{8,}$',
@@ -83,7 +87,11 @@ class Login extends \CoreLibs\DB\IO
 	// all possible login error conditions
 	private $login_error_msg = array ();
 	// this is an array holding all strings & templates passed from the outside (translation)
-	private $login_template = array ('strings' => array (), 'password_change' => '', 'template' => '');
+	private $login_template = array (
+		'strings' => array (),
+		'password_change' => '',
+		'template' => ''
+	);
 
 	// acl vars
 	public $acl = array ();
@@ -113,6 +121,16 @@ class Login extends \CoreLibs\DB\IO
 			exit;
 		}
 
+		// pre-check that password min/max lengths are inbetween 1 and 255;
+		if ($this->password_max_length > 255) {
+			echo "<b>Settings problem</b> PMaL<br>";
+			exit;
+		}
+		if ($this->password_min_length < 1) {
+			echo "<b>Settings problem</b> PMiL<br>";
+			exit;
+		}
+
 		$this->l = new \CoreLibs\Language\L10n($lang);
 
 		// if we have a search path we need to set it, to use the correct DB to login
@@ -179,6 +197,10 @@ class Login extends \CoreLibs\DB\IO
 		if (defined('PASSWORD_CHANGE')) {
 			$this->password_change = PASSWORD_CHANGE;
 		}
+		// NOTE: forgot password flow with email
+		if (defined('PASSWORD_FORGOT')) {
+			$this->password_forgot = PASSWORD_FORGOT;
+		}
 		// max login counts before error reporting
 		$this->max_login_error_count = 10;
 		// users that never get locked, even if they are set strict
@@ -216,6 +238,10 @@ class Login extends \CoreLibs\DB\IO
 		if ($this->password_change) {
 			$this->loginPasswordChange();
 		}
+		// password forgot
+		if ($this->password_forgot) {
+			$this->loginPasswordForgot();
+		}
 		// if !$euid || permission not okay, print login screan
 		echo $this->loginPrintLogin();
 		// closing all connections, depending on error status, exit
@@ -332,7 +358,7 @@ class Login extends \CoreLibs\DB\IO
 				$q .= "eu.edit_access_right_id = eareu.edit_access_right_id AND ";
 				$q .= "eg.edit_access_right_id = eareg.edit_access_right_id AND ";
 				// password match is done in script, against old plain or new blowfish encypted
-				$q .= "(LOWER(username) = '".strtolower($this->username)."') ";
+				$q .= "(LOWER(username) = '".$this->dbEscapeString(strtolower($this->username))."') ";
 				$res = $this->dbReturn($q);
 				// username is wrong, but we throw for wrong username and wrong password the same error
 				if (!$this->cursor_ext[md5($q)]["num_rows"]) {
@@ -386,7 +412,9 @@ class Login extends \CoreLibs\DB\IO
 							$_SESSION["DEFAULT_LANG"] = $res["lang_short"].'_'.strtolower(str_replace('-', '', $res["lang_iso"]));
 							// reset any login error count for this user
 							if ($res['login_error_count'] > 0) {
-								$q = "UPDATE edit_user SET login_error_count = 0, login_error_date_last = NULL, login_error_date_first = NULL WHERE edit_user_id = ".$res['edit_user_id'];
+								$q = "UPDATE edit_user ";
+								$q .= "SET login_error_count = 0, login_error_date_last = NULL, login_error_date_first = NULL ";
+								$q .= "WHERE edit_user_id = ".$res['edit_user_id'];
 								$this->dbExec($q);
 							}
 							$pages = array();
@@ -573,7 +601,7 @@ class Login extends \CoreLibs\DB\IO
 			unset($_SESSION["GROUP_NAME"]);
 			unset($_SESSION["HEADER_COLOR"]);
 			session_destroy();
-			// he prints the login screen again
+			// then prints the login screen again
 			$this->permission_okay = 0;
 		}
 	}
@@ -596,88 +624,91 @@ class Login extends \CoreLibs\DB\IO
 	//         * if an account ACL is set, set this parallel, account ACL overrides user ACL if it applies
 	//         * if edit access ACL level is set, use this, else use page
 	//         set all base ACL levels as a list keyword -> ACL number
-	public function loginSetAcl()
+	private function loginSetAcl()
 	{
-		// we start with the default acl
-		$this->acl['base'] = DEFAULT_ACL_LEVEL;
+		// only set acl if we have permission okay
+		if ($this->permission_okay) {
+			// we start with the default acl
+			$this->acl['base'] = DEFAULT_ACL_LEVEL;
 
-		// set admin flag and base to 100
-		if ($_SESSION['ADMIN']) {
-			$this->acl['admin'] = 1;
-			$this->acl['base'] = 100;
-		} else {
-			$this->acl['admin'] = 0;
-			// now go throw the flow and set the correct ACL
-			// user > page > group
-			// group ACL 0
-			if ($_SESSION['GROUP_ACL_LEVEL'] != -1) {
-				$this->acl['base'] = $_SESSION['GROUP_ACL_LEVEL'];
-			}
-			// page ACL 1
-			if ($_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1) {
-				$this->acl['base'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
-			}
-			// user ACL 2
-			if ($_SESSION['USER_ACL_LEVEL'] != -1) {
-				$this->acl['base'] = $_SESSION['USER_ACL_LEVEL'];
-			}
-		}
-
-		// set the current page acl
-		// start with default acl
-		// set group if not -1, overrides default
-		// set page if not -1, overrides group set
-		$this->acl['page'] = DEFAULT_ACL_LEVEL;
-		if ($_SESSION['GROUP_ACL_LEVEL'] != -1) {
-			$this->acl['page'] = $_SESSION['GROUP_ACL_LEVEL'];
-		}
-		if (isset($_SESSION['PAGES_ACL_LEVEL'][$this->page_name]) && $_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1) {
-			$this->acl['page'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
-		}
-
-		// PER ACCOUNT (UNIT/edit access)->
-		foreach ($_SESSION['UNIT'] as $ea_id => $unit) {
-			// if admin flag is set, all units are set to 100
-			if ($this->acl['admin']) {
-				$this->acl['unit'][$ea_id] = $this->acl['base'];
+			// set admin flag and base to 100
+			if ($_SESSION['ADMIN']) {
+				$this->acl['admin'] = 1;
+				$this->acl['base'] = 100;
 			} else {
-				if ($unit['acl_level'] != -1) {
-					$this->acl['unit'][$ea_id] = $unit['acl_level'];
-				} else {
-					$this->acl['unit'][$ea_id] = $this->acl['base'];
+				$this->acl['admin'] = 0;
+				// now go throw the flow and set the correct ACL
+				// user > page > group
+				// group ACL 0
+				if ($_SESSION['GROUP_ACL_LEVEL'] != -1) {
+					$this->acl['base'] = $_SESSION['GROUP_ACL_LEVEL'];
+				}
+				// page ACL 1
+				if ($_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1) {
+					$this->acl['base'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
+				}
+				// user ACL 2
+				if ($_SESSION['USER_ACL_LEVEL'] != -1) {
+					$this->acl['base'] = $_SESSION['USER_ACL_LEVEL'];
 				}
 			}
-			// detail name/level set
-			$this->acl['unit_detail'][$ea_id] = array (
-				'name' => $unit['name'],
-				'uid' => $unit['uid'],
-				'level' => $this->default_acl_list[$this->acl['unit'][$ea_id]]['name'],
-				'default' => $unit['default'],
-				'data' => $unit['data']
-			);
-			// set default
-			if ($unit['default']) {
-				$this->acl['unit_id'] = $unit['id'];
-				$this->acl['unit_name'] = $unit['name'];
-				$this->acl['unit_uid'] = $unit['uid'];
+
+			// set the current page acl
+			// start with default acl
+			// set group if not -1, overrides default
+			// set page if not -1, overrides group set
+			$this->acl['page'] = DEFAULT_ACL_LEVEL;
+			if ($_SESSION['GROUP_ACL_LEVEL'] != -1) {
+				$this->acl['page'] = $_SESSION['GROUP_ACL_LEVEL'];
 			}
+			if (isset($_SESSION['PAGES_ACL_LEVEL'][$this->page_name]) && $_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1) {
+				$this->acl['page'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
+			}
+
+			// PER ACCOUNT (UNIT/edit access)->
+			foreach ($_SESSION['UNIT'] as $ea_id => $unit) {
+				// if admin flag is set, all units are set to 100
+				if ($this->acl['admin']) {
+					$this->acl['unit'][$ea_id] = $this->acl['base'];
+				} else {
+					if ($unit['acl_level'] != -1) {
+						$this->acl['unit'][$ea_id] = $unit['acl_level'];
+					} else {
+						$this->acl['unit'][$ea_id] = $this->acl['base'];
+					}
+				}
+				// detail name/level set
+				$this->acl['unit_detail'][$ea_id] = array (
+					'name' => $unit['name'],
+					'uid' => $unit['uid'],
+					'level' => $this->default_acl_list[$this->acl['unit'][$ea_id]]['name'],
+					'default' => $unit['default'],
+					'data' => $unit['data']
+				);
+				// set default
+				if ($unit['default']) {
+					$this->acl['unit_id'] = $unit['id'];
+					$this->acl['unit_name'] = $unit['name'];
+					$this->acl['unit_uid'] = $unit['uid'];
+				}
+			}
+			// flag if to show extra edit access drop downs (because user has multiple groups assigned)
+			if (count($_SESSION['UNIT']) > 1) {
+				$this->acl['show_ea_extra'] = 1;
+			} else {
+				$this->acl['show_ea_extra'] = 0;
+			}
+			// set the default edit access
+			$this->acl['default_edit_access'] = $_SESSION['UNIT_DEFAULT'];
+			// integrate the type acl list, but only for the keyword -> level
+			foreach ($this->default_acl_list as $level => $data) {
+				$this->acl['min'][$data['type']] = $level;
+			}
+			// set the full acl list too
+			$this->acl['acl_list'] = $_SESSION['DEFAULT_ACL_LIST'];
+			// debug
+			// $this->debug('ACL', $this->print_ar($this->acl));
 		}
-		// flag if to show extra edit access drop downs (because user has multiple groups assigned)
-		if (count($_SESSION['UNIT']) > 1) {
-			$this->acl['show_ea_extra'] = 1;
-		} else {
-			$this->acl['show_ea_extra'] = 0;
-		}
-		// set the default edit access
-		$this->acl['default_edit_access'] = $_SESSION['UNIT_DEFAULT'];
-		// integrate the type acl list, but only for the keyword -> level
-		foreach ($this->default_acl_list as $level => $data) {
-			$this->acl['min'][$data['type']] = $level;
-		}
-		// set the full acl list too
-		$this->acl['acl_list'] = $_SESSION['DEFAULT_ACL_LIST'];
-		// debug
-		// $this->debug('ACL', $this->print_ar($this->acl));
 	}
 
 	// METHOD: loginCheckEditAccess
@@ -710,12 +741,28 @@ class Login extends \CoreLibs\DB\IO
 			}
 		}
 		// check for min length
-		if (strlen($password) < $this->password_min_length) {
+		if (strlen($password) < $this->password_min_length || strlen($password) > $this->password_max_length) {
 			$is_valid_password = false;
 		}
 		return $is_valid_password;
 	}
 
+	// METHOD: loginSetPasswordMinLength
+	// PARAMS: set the minimum length
+	// RETURN: true/false on success
+	// DESC  : sets the minium length and checks on valid
+	public function loginSetPasswordMinLength($length)
+	{
+		// check that numeric, positive numeric, not longer than max input string lenght
+		// and not short than min password length
+		if (is_numeric($length) && $length >= PASSWORD_MIN_LENGTH && $length <= $this->password_max_length) {
+			$this->password_min_length = $length;
+			return true;
+		} else {
+			return false;
+		}
+	}
+
 	// METHOD: loginPasswordChange
 	// WAS   : login_password_change
 	// PARAMS: none
@@ -793,7 +840,7 @@ class Login extends \CoreLibs\DB\IO
 	// METHOD: loginPrintLogin
 	// WAS   : login_print_login
 	// PARAMS: none
-	// RETURN: none
+	// RETURN: html data for login page
 	// DESC  : prints out login html part if no permission (error) is set
 	private function loginPrintLogin()
 	{
@@ -863,7 +910,7 @@ class Login extends \CoreLibs\DB\IO
 	// METHOD: loginCloseClass
 	// WAS   : login_close_class
 	// PARAMS: none
-	// RETURN: none
+	// RETURN: true on permission ok, false on permission wrong
 	// DESC  : last function called, writes log and prints out error msg and exists script if permission 0
 	private function loginCloseClass()
 	{
@@ -882,8 +929,8 @@ class Login extends \CoreLibs\DB\IO
 			// prepare for log
 			if ($this->euid) {
 				// get user from user table
-				$q = "SELECT username, password FROM edit_user WHERE edit_user_id = ".$this->euid;
-				list($username, $password) = $this->dbReturnRow($q);
+				$q = "SELECT username FROM edit_user WHERE edit_user_id = ".$this->euid;
+				list($username) = $this->dbReturnRow($q);
 			} // if euid is set, get username (or try)
 			$this->writeLog($event, '', $this->login_error, $username);
 		} // write log under certain settings
@@ -898,50 +945,50 @@ class Login extends \CoreLibs\DB\IO
 
 	// METHOD: loginSetTemplates
 	// WAS   : login_set_templates
-	// PARAMS:
+	// PARAMS: none
 	// RETURN: none
 	// DESC  : checks if there are external templates, if not uses internal fallback ones
 	private function loginSetTemplates()
 	{
 		$strings = array (
-			'HTML_TITLE' => $this->l->__("LOGIN"),
-			'TITLE' => $this->l->__("LOGIN"),
-			'USERNAME' => $this->l->__("Username"),
-			'PASSWORD' => $this->l->__("Password"),
-			'LOGIN' => $this->l->__("Login"),
+			'HTML_TITLE' => $this->l->__('LOGIN'),
+			'TITLE' => $this->l->__('LOGIN'),
+			'USERNAME' => $this->l->__('Username'),
+			'PASSWORD' => $this->l->__('Password'),
+			'LOGIN' => $this->l->__('Login'),
 			'ERROR_MSG' => '',
 			'LOGOUT_TARGET' => '',
 			'PASSWORD_CHANGE_BUTTON_VALUE' => $this->l->__('Change Password')
 		);
 
 		$error_msgs = array (
-			"100" => $this->l->__("Fatal Error: <b>[EUID] came in as GET/POST!</b>"), // actually obsolete
-			"1010" => $this->l->__("Fatal Error: <b>Login Failed - Wrong Username or Password</b>"), // user not found
-			"1011" => $this->l->__("Fatal Error: <b>Login Failed - Wrong Username or Password</b>"), // blowfish password wrong
-			"1012" => $this->l->__("Fatal Error: <b>Login Failed - Wrong Username or Password</b>"), // fallback md5 password wrong
-			"1013" => $this->l->__("Fatal Error: <b>Login Failed - Wrong Username or Password</b>"), // new password_hash wrong
-			"102" => $this->l->__("Fatal Error: <b>Login Failed - Please enter username and password</b>"),
-			"103" => $this->l->__("Fatal Error: <b>You do not have the rights to access this Page</b>"),
-			"104" => $this->l->__("Fatal Error: <b>Login Failed - User not enabled</b>"),
-			"105" => $this->l->__("Fatal Error: <b>Login Failed - User is locked</b>"),
-			"220" => $this->l->__("Fatal Error: <b>Password change - The user could not be found</b>"), // actually this is an illegal user, but I mask it
-			'200' => $this->l->__("Fatal Error: <b>Password change - Please enter username and old password</b>"),
-			"201" => $this->l->__("Fatal Error: <b>Password change - The user could not be found</b>"),
-			"202" => $this->l->__("Fatal Error: <b>Password change - The old password is not correct</b>"),
-			"203" => $this->l->__("Fatal Error: <b>Password change - Please fill out both new password fields</b>"),
-			"204" => $this->l->__("Fatal Error: <b>Password change - The new passwords do not match</b>"),
-			"205" => $this->l->__("Fatal Error: <b>Password change - The new password is not in a valid format</b>"), // we should also not here WHAT is valid
-			"300" => $this->l->__("Success: <b>Password change successful</b>"), // for OK password change
-			"9999" => $this->l->__("Fatal Error: <b>necessary crypt engine could not be found</b>. Login is impossible") // this is bad bad error
+			'100' => $this->l->__('Fatal Error: <b>[EUID] came in as GET/POST!</b>'), // actually obsolete
+			'1010' => $this->l->__('Fatal Error: <b>Login Failed - Wrong Username or Password</b>'), // user not found
+			'1011' => $this->l->__('Fatal Error: <b>Login Failed - Wrong Username or Password</b>'), // blowfish password wrong
+			'1012' => $this->l->__('Fatal Error: <b>Login Failed - Wrong Username or Password</b>'), // fallback md5 password wrong
+			'1013' => $this->l->__('Fatal Error: <b>Login Failed - Wrong Username or Password</b>'), // new password_hash wrong
+			'102' => $this->l->__('Fatal Error: <b>Login Failed - Please enter username and password</b>'),
+			'103' => $this->l->__('Fatal Error: <b>You do not have the rights to access this Page</b>'),
+			'104' => $this->l->__('Fatal Error: <b>Login Failed - User not enabled</b>'),
+			'105' => $this->l->__('Fatal Error: <b>Login Failed - User is locked</b>'),
+			'220' => $this->l->__('Fatal Error: <b>Password change - The user could not be found</b>'), // actually this is an illegal user, but I mask it
+			'200' => $this->l->__('Fatal Error: <b>Password change - Please enter username and old password</b>'),
+			'201' => $this->l->__('Fatal Error: <b>Password change - The user could not be found</b>'),
+			'202' => $this->l->__('Fatal Error: <b>Password change - The old password is not correct</b>'),
+			'203' => $this->l->__('Fatal Error: <b>Password change - Please fill out both new password fields</b>'),
+			'204' => $this->l->__('Fatal Error: <b>Password change - The new passwords do not match</b>'),
+			'205' => $this->l->__('Fatal Error: <b>Password change - The new password is not in a valid format</b>'), // we should also not here WHAT is valid
+			'300' => $this->l->__('Success: <b>Password change successful</b>'), // for OK password change
+			'9999' => $this->l->__('Fatal Error: <b>necessary crypt engine could not be found</b>. Login is impossible') // this is bad bad error
 		);
 
 		// if password change is okay
 		if ($this->password_change) {
 			$strings = array_merge($strings, array (
 				'TITLE_PASSWORD_CHANGE' => 'Change Password for User',
-				'OLD_PASSWORD' => $this->l->__("Old Password"),
-				'NEW_PASSWORD' => $this->l->__("New Password"),
-				'NEW_PASSWORD_CONFIRM' => $this->l->__("New Password confirm"),
+				'OLD_PASSWORD' => $this->l->__('Old Password'),
+				'NEW_PASSWORD' => $this->l->__('New Password'),
+				'NEW_PASSWORD_CONFIRM' => $this->l->__('New Password confirm'),
 				'CLOSE' => $this->l->__('Close'),
 				'JS_SHOW_HIDE' => "function ShowHideDiv(id) { element = document.getElementById(id); if (element.className == 'visible' || !element.className) element.className = 'hidden'; else element.className = 'visible'; }",
 				'PASSWORD_CHANGE_BUTTON' => '<input type="button" name="pw_change" value="'.$strings['PASSWORD_CHANGE_BUTTON_VALUE'].'" OnClick="ShowHideDiv(\'pw_change_div\');">'
@@ -960,7 +1007,10 @@ class Login extends \CoreLibs\DB\IO
 </div>
 {PASSWORD_CHANGE_SHOW}
 EOM;
-		} else {
+		}
+		if ($this->password_forgot) {
+		}
+		if (!$this->password_change && !$this->password_forgot) {
 			$strings = array_merge($strings, array (
 				'JS_SHOW_HIDE' => '',
 				'PASSWORD_CHANGE_BUTTON' => '',

www/lib/CoreLibs/Basic.inc

@@ -1341,7 +1341,7 @@ class Basic
 	// METHOD: compareDate
 	// WAS   : CompareDate
 	// PARAMS: start_date, end_date (both: YYYY-MM-DD)
-	// RETURN: -1 if the first date is smaller the last, 0 if both are equal, 1 if the end date is bigger than the last
+	// RETURN: -1 if the first date is smaller the last, 0 if both are equal, 1 if the first date is bigger than the last
 	// DESC  : splits & checks date, wrap around for check_date function
 	public static function compareDate($start_date, $end_date)
 	{

www/lib/CoreLibs/DB/IO.inc

@@ -466,7 +466,7 @@ class IO extends \CoreLibs\Basic
 	private function __checkQueryForSelect($query)
 	{
 		// perhaps allow spaces before select ?!?
-		if (!preg_match("/^(select|show) /i", $query)) {
+		if (!preg_match("/^(select|show|with) /i", $query)) {
 			return false;
 		}
 		return true;
@@ -1621,6 +1621,12 @@ class IO extends \CoreLibs\Basic
 			if ($string == 'f' || $string == 'false') {
 				return false;
 			}
+			// fallback in case top is not t/f, default on set unset
+			if ($string) {
+				return true;
+			} else {
+				return false;
+			}
 		} else {
 			if ($string) {
 				return 't';
@@ -1656,7 +1662,7 @@ class IO extends \CoreLibs\Basic
 			return false;
 		}
 		$not_write_update_array = array ();
-		return $this->dbWriteData_ext($write_array, $primary_key, $table, $not_write_array, $not_write_update_array, $data);
+		return $this->dbWriteDataExt($write_array, $primary_key, $table, $not_write_array, $not_write_update_array, $data);
 	}
 
 	// METHOD: dbWriteDataExt

www/lib/CoreLibs/Output/Form/Generate.inc

@@ -270,12 +270,12 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		$this->int_pk_name = $this->pk_name;
 		// check if reference_arrays are given and proceed them
 		if (is_array($config_array["reference_arrays"])) {
-			while (list($key, $value) = each($config_array["reference_arrays"])) {
+			foreach ($config_array["reference_arrays"] as $key => $value) {
 				$this->reference_array[$key] = $value;
 			}
 		}
 		if (is_array($config_array["element_list"])) {
-			while (list($key, $value) = each($config_array["element_list"])) {
+			foreach ($config_array["element_list"] as $key => $value) {
 				$this->element_list[$key] = $value;
 			}
 		}
@@ -319,7 +319,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		}
 		reset($this->table_array);
 		$string .= "<b>TABLE ARRAY DUMP:</b> ".$this->table_name."<br>";
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			$string .= "<b>$key</b>: ".$value["value"]."<br>";
 		}
 		return $string;
@@ -347,7 +347,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			if ($value[$want_key] && !$key_value) {
 				return $key;
 			} elseif ($value[$want_key] == $key_value && $key_value) {
@@ -368,7 +368,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			if ($value[$want_key] && !$key_value) {
 				array_push($key_array, $key);
 			}
@@ -474,22 +474,26 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 	{
 		// only do if the user is allowed to delete
 		if ($this->group_level_user <= $this->security_level["delete"] && !$this->table_array["protected"]["value"] && !$this->error) {
-			for ($i = 0; $i < count($element_list); $i ++) {
+			if (!is_array($element_list)) {
+				$element_list = array ();
+			}
+			for ($i = 0, $i_max = count($element_list); $i < $i_max; $i ++) {
 				// $this->debug('form_error', "Array: ".is_array($this->element_list[$element_list[$i]]["read_data"])." | ".$this->element_list[$element_list[$i]]["delete"]);
 				// if prefix, set it
 				$prfx = ($this->element_list[$element_list[$i]]["prefix"]) ? $this->element_list[$element_list[$i]]["prefix"]."_" : '';
 				// get the primary key
-				while (list($el_name, $data) = each($this->element_list[$element_list[$i]]["elements"])) {
+				foreach ($this->element_list[$element_list[$i]]["elements"] as $el_name => $data) {
 					if ($data["pk_id"]) {
 						$pk_name = $el_name;
 					}
 				}
 				// which key should be deleted
 				$id = $remove_name[$i];
-				if (($this->element_list[$element_list[$i]]["delete_name"] || $this->element_list[$element_list[$i]]["delete"]) && !$this->element_list[$element_list[$i]]["enable_name"]) {
+				if (($this->element_list[$element_list[$i]]["delete_name"] || $this->element_list[$element_list[$i]]["delete"]) &&
+					!$this->element_list[$element_list[$i]]["enable_name"]
+				) {
 					// flag var name
 					$flag = $remove_name[$i]."_flag";
-
 					if ($_POST[$flag] == "true") {
 						$q = "DELETE FROM ".$element_list[$i]." WHERE ".$pk_name." = ".$_POST[$id];
 						$this->dbExec($q);
@@ -497,7 +501,10 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 						$this->warning = 1;
 					} // post okay true -> delete
 				} elseif (is_array($this->element_list[$element_list[$i]]["read_data"]) && !$this->element_list[$element_list[$i]]["delete"]) {
-					for ($j = 0; $j < count($_POST[$id]); $j ++) {
+					if (!is_array($_POST[$id])) {
+						$_POST[$id] = array ();
+					}
+					for ($j = 0, $j_max = count($_POST[$id]); $j < $j_max; $j ++) {
 						// if it is not activated
 						if (!$_POST[$remove_name[$i]][$j]) {
 							$q = "UPDATE ".$element_list[$i]." WHERE ".$pk_name." = ".$_POST[$prfx.$pk_name][$j];
@@ -509,9 +516,9 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 					}
 				} elseif (is_array($this->element_list[$element_list[$i]]["read_data"]) && $this->element_list[$element_list[$i]]["delete"]) {
 					// $this->debug('form_clean', "ID [$id] [$prfx.$pk_name]");
-					// $this->debug('form_clean', "ID arr: ".$this->print_ar($_POST[$id]));
-					// $this->debug('form_clean', "PK arr: ".$this->print_ar($_POST[$prfx.$pk_name]));
-					for ($j = 0; $j < count($_POST[$prfx.$pk_name]); $j ++) {
+					// $this->debug('form_clean', "ID arr: ".$this->printAr($_POST[$id]));
+					// $this->debug('form_clean', "PK arr: ".$this->printAr($_POST[$prfx.$pk_name]));
+					for ($j = 0, $j_max = count($_POST[$prfx.$pk_name]); $j < $j_max; $j ++) {
 						if (!$_POST[$remove_name[$i]][$j] && $_POST[$prfx.$pk_name][$j]) {
 							$q = "DELETE FROM ".$element_list[$i]." WHERE ".$pk_name." = ".$_POST[$prfx.$pk_name][$j];
 							// $this->debug('edit_db', "DEL: $q");
@@ -540,13 +547,13 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 
 			// lade liste
 			$this->dbExec($this->load_query);
-			while ($res = $this->db_fetch_array()) {
+			while ($res = $this->dbFetchArray()) {
 				$pk_ids[] = $res[$this->int_pk_name];
 				if ($res[$this->int_pk_name] == $this->table_array[$this->int_pk_name]["value"]) {
 					$pk_selected = $res[$this->int_pk_name];
 				}
 				unset($t_string);
-				for ($i = 0; $i < count($this->field_array); $i ++) {
+				for ($i = 0, $i_max = count($this->field_array); $i < $i_max; $i ++) {
 					if ($t_string) {
 						$t_string .= ", ";
 					}
@@ -612,7 +619,14 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$show_delete = 1;
 			}
 		} // print save/delete row at all$
-		return array('seclevel_okay' => $seclevel_okay, 'save' => $save, 'pk_name' => $pk_name, 'pk_value' => $pk_value, 'show_delete' => $show_delete, 'hide_delete_checkbox' => $hide_delete_checkbox);
+		return array(
+			'seclevel_okay' => $seclevel_okay,
+			'save' => $save,
+			'pk_name' => $pk_name,
+			'pk_value' => $pk_value,
+			'show_delete' => $show_delete,
+			'hide_delete_checkbox' => $hide_delete_checkbox
+		);
 	} // end of function
 
 	// METHOD: formCreateElement
@@ -717,7 +731,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$data['name'] = $element_name;
 			$data['value'][] = "";
 			$data['output'][] = $this->l->__("Please choose ...");
-			while ($res = $this->db_return($query)) {
+			while ($res = $this->dbReturn($query)) {
 				$data['value'][] = $res[0];
 				$data['output'][] = $res[1];
 				if ($this->table_array[$element_name]["value"] == $res[0]) {
@@ -743,7 +757,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$data['value'][] = "";
 			$data['output'][] = $this->l->__("Please choose ...");
 			// outer query overrules inner
-			while (list($key, $value) = each($query)) {
+			foreach ($query as $key => $value) {
 				$data['value'][] = $key;
 				$data['output'][] = $value;
 				if ($this->table_array[$element_name]["value"] == $key) {
@@ -757,7 +771,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$query = $this->table_array[$element_name]["query"];
 			}
 			$data['name'] = $element_name;
-			while (list($key, $value) = each($query)) {
+			foreach ($query as $key => $value) {
 				$data['value'][] = $key;
 				$data['output'][] = $value;
 				if ($this->table_array[$element_name]["value"] == $key) {
@@ -806,7 +820,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			//if ($value["mandatory"] && $value["error_check"])
 			// if error value set && somethign input, check if input okay
 			if ($value["error_check"] && $this->table_array[$key]["value"]) {
@@ -844,7 +858,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 							break;
 						// check unique, check if field in table is not yet exist
 						case "unique":
-							$q = "SELECT ".$key." FROM ".$this->table_name." WHERE ".$key." = '".$this->db_escape_string($this->table_array[$key]["value"])."'";
+							$q = "SELECT ".$key." FROM ".$this->table_name." WHERE ".$key." = '".$this->dbEscapeString($this->table_array[$key]["value"])."'";
 							if ($this->table_array[$this->int_pk_name]["value"]) {
 								$q .= " AND ".$this->int_pk_name." <> ".$this->table_array[$this->int_pk_name]["value"];
 							}
@@ -928,7 +942,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->reference_array = array ();
 			}
 			reset($this->reference_array);
-			while (list($key, $value) = each($this->reference_array)) {
+			foreach ($this->reference_array as $key => $value) {
 				if ($this->reference_array[$key]["mandatory"] && !$this->reference_array[$key]["selected"][0]) {
 					$this->msg .= sprintf($this->l->__("Please select at least one Element from field <b>%s</b>!<br>"), $this->reference_array[$key]["output_name"]);
 				}
@@ -938,7 +952,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		if (is_array($this->element_list)) {
 			// check the mandatory stuff
 			// if mandatory, check that at least on pk exists or if at least the mandatory field is filled
-			while (list($table_name, $reference_array) = each($this->element_list)) {
+			foreach ($this->element_list as $table_name => $reference_array) {
 				// set pk/fk id for this
 				foreach ($reference_array['elements'] as $_name => $_data) {
 					if ($_data['pk_id']) {
@@ -955,17 +969,17 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				// get max elements
 				$max = 0;
 				foreach ($keys as $key) {
-					if (count($_POST[$prfx.$key]) > $max) {
+					if (is_array($_POST[$prfx.$key]) && count($_POST[$prfx.$key]) > $max) {
 						$max = count($_POST[$prfx.$key]);
 					}
 					// $this->debug('edit_error_chk', "KEY: $prfx$key | count: ".count($_POST[$prfx.$key])." | M: $max");
 					// $this->debug('edit_error_chk', "K: ".$_POST[$prfx.$key]." | ".$_POST[$prfx.$key][0]);
 				}
-				$this->debug('post_array', $this->print_ar($_POST));
+				$this->debug('post_array', $this->printAr($_POST));
 				# check each row
 				for ($i = 0; $i < $max; $i ++) {
 					// either one of the post pks is set, or the mandatory
-					while (list($el_name, $data_array) = each($reference_array["elements"])) {
+					foreach ($reference_array["elements"] as $el_name => $data_array) {
 						if ($data_array["mandatory"]) {
 							$mand_name = $data_array["output_name"];
 						}
@@ -999,7 +1013,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 								switch ($error_check) {
 									// check unique, check if field in table is not yet exist
 									case "unique":
-										$q = "SELECT ".$_pk_name." FROM ".$table_name." WHERE ".$el_name." = '".$this->db_escape_string($_POST[$prfx.$el_name][$i])."'";
+										$q = "SELECT ".$_pk_name." FROM ".$table_name." WHERE ".$el_name." = '".$this->dbEscapeString($_POST[$prfx.$el_name][$i])."'";
 										if ($this->table_array[$this->int_pk_name]["value"]) {
 											$q .= " AND ".$this->int_pk_name." <> ".$this->table_array[$this->int_pk_name]["value"];
 										}
@@ -1078,7 +1092,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			unset($this->table_array[$key]["value"]);
 			unset($this->table_array[$key]["input_value"]);
 			// if preset var present preset
@@ -1091,7 +1105,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->reference_array = array ();
 			}
 			reset($this->reference_array);
-			while (list($key, $value) = each($this->reference_array)) {
+			foreach ($this->reference_array as $key => $value) {
 				unset($this->reference_array[$key]["selected"]);
 			}
 		}
@@ -1109,14 +1123,14 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		if ($pk_id) {
 			$this->pk_id = $pk_id;
 		}
-		$this->table_array = $this->db_read(1);
+		$this->table_array = $this->dbRead(1);
 
 		// reset all temp fields
 		if (!is_array($this->table_array)) {
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			unset($this->table_array[$key]["input_value"]);
 		}
 
@@ -1126,10 +1140,10 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->reference_array = array ();
 			}
 			reset($this->reference_array);
-			while (list($key, $value) = each($this->reference_array)) {
+			foreach ($this->reference_array as $key => $value) {
 				unset($this->reference_array[$key]["selected"]);
 				$q = "SELECT ".$this->reference_array[$key]["other_table_pk"]." FROM ".$this->reference_array[$key]["table_name"]." WHERE ".$this->int_pk_name."=".$this->table_array[$this->int_pk_name]["value"];
-				while ($res = $this->db_return($q)) {
+				while ($res = $this->dbReturn($q)) {
 					$this->reference_array[$key]["selected"][] = $res[$this->reference_array[$key]["other_table_pk"]];
 				}
 			}
@@ -1151,13 +1165,13 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			// drop_down_db with input + reference table
 			// $this->debug('form', "A: ".$this->table_array[$key]["type"]." --- ".$this->table_array[$key]["input_value"]);
 			if ($this->table_array[$key]["type"] == "drop_down_db_input" && $this->table_array[$key]["input_value"]) {
 				// $this->debug('form', "HERE");
 				// check if this text name already exists (lowercase compare)
-				$q = "SELECT ".$this->table_array[$key]["pk_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".$this->db_escape_string(strtolower($this->table_array[$key]["input_value"]))."'";
+				$q = "SELECT ".$this->table_array[$key]["pk_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".$this->dbEscapeString(strtolower($this->table_array[$key]["input_value"]))."'";
 				// if a where was given, add here
 				if ($this->table_array[$key]["where"]) {
 					$q .= " AND ".$this->table_array[$key]["where"];
@@ -1168,7 +1182,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				} else {
 					// if a where was given, set this key also [dangerous!]
 					// postgreSQL compatible insert
-					$q = "INSERT INTO ".$this->table_array[$key]["table_name"]." (".$this->table_array[$key]["input_name"].") VALUES ('".$this->db_escape_string($this->table_array[$key]["input_value"])."')";
+					$q = "INSERT INTO ".$this->table_array[$key]["table_name"]." (".$this->table_array[$key]["input_name"].") VALUES ('".$this->dbEscapeString($this->table_array[$key]["input_value"])."')";
 					$this->dbExec($q);
 					if ($this->table_array[$key]["where"]) {
 						// make an update on the just inseted data with the where data als update values
@@ -1186,7 +1200,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				// if drop down & input are different
 				if ($this->table_array[$key]["input_value"] != $this->table_array[$key]["value"]) {
 					// check if "right input" is in DB
-					$q = "SELECT ".$this->table_array[$key]["input_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".strtolower($this->db_escape_string($this->table_array[$key]["input_value"]))."'";
+					$q = "SELECT ".$this->table_array[$key]["input_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".strtolower($this->dbEscapeString($this->table_array[$key]["input_value"]))."'";
 					// if a where was given, add here
 					if ($this->table_array[$key]["where"]) {
 						$q .= " AND ".$this->table_array[$key]["where"];
@@ -1262,7 +1276,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$q = "DELETE FROM ".$reference_array["table_name"]." WHERE ".$this->int_pk_name."=".$this->table_array[$this->int_pk_name]["value"];
 				$this->dbExec($q);
 				$q = "INSERT INTO ".$reference_array["table_name"]." (".$reference_array["other_table_pk"].", ".$this->int_pk_name.") VALUES ";
-				for ($i = 0; $i < count($reference_array["selected"]); $i ++) {
+				for ($i = 0, $i_max = count($reference_array["selected"]); $i < $i_max; $i ++) {
 					$t_q = "(".$reference_array["selected"][$i].", ".$this->table_array[$this->int_pk_name]["value"].")";
 					$this->dbExec($q.$t_q);
 				}
@@ -1274,7 +1288,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->element_list = array ();
 			}
 			reset($this->element_list);
-			while (list($table_name, $reference_array) = each($this->element_list)) {
+			foreach ($this->element_list as $table_name => $reference_array) {
 				// get the number of keys from the elements array
 				$keys = array_keys($reference_array["elements"]);
 				// element prefix name
@@ -1282,16 +1296,16 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				// get max elements
 				$max = 0;
 				foreach ($keys as $key) {
-					if (count($_POST[$prfx.$key]) > $max) {
+					if (is_array($_POST[$prfx.$key]) && count($_POST[$prfx.$key]) > $max) {
 						$max = count($_POST[$prfx.$key]);
 					}
 				}
 				// $this->debug('edit_error', "MAX: $max");
 				// check if there is a hidden key, update, else insert
-				while (list($el_name, $data_array) = each($reference_array["elements"])) {
+				foreach ($reference_array["elements"] as $el_name => $data_array) {
 					// this is only for reference_data part, at least one of the text fields need to be set for writing
 					$blow_write = array ();
-					// $this->debug('edit_error_query', "QUERY: ".$this->print_ar($_POST));
+					// $this->debug('edit_error_query', "QUERY: ".$this->printAr($_POST));
 					// go through all submitted data
 					// for ($i = 0; $i < count($_POST[$el_name]); $i ++)
 					for ($i = 0; $i < $max; $i ++) {
@@ -1364,14 +1378,14 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 								$q_values[$i] .= $_value;
 							} else {
 								// normal data gets escaped
-								$q_data[$i] .= $el_name." = '".$this->db_escape_string($_value)."'";
-								$q_values[$i] .= "'".$this->db_escape_string($_value)."'";
+								$q_data[$i] .= $el_name." = '".$this->dbEscapeString($_value)."'";
+								$q_values[$i] .= "'".$this->dbEscapeString($_value)."'";
 							}
 						}
 					}
 				} // eche table elements
 				// finalize the queries, add FK key reference for inserts and run the query
-				for ($i = 0; $i < count($type); $i ++) {
+				for ($i = 0, $i_max = count($type); $i < $i_max; $i ++) {
 					$q = '';
 					if (!$no_write[$i]) {
 						if ($type[$i] == "update") {
@@ -1416,7 +1430,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->element_list = array ();
 			}
 			reset($this->element_list);
-			while (list($table_name, $data_array) = each($this->element_list)) {
+			foreach ($this->element_list as $table_name => $data_array) {
 				$q = "DELETE FROM ".$table_name." WHERE ".$this->int_pk_name." = ".$this->table_array[$this->int_pk_name]["value"];
 				$this->dbExec($q);
 			}
@@ -1426,12 +1440,12 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			if ($this->table_array[$key]["type"] == "file") {
 				unlink($this->table_array[$key]["save_dir"].$this->table_array[$key]["value"]);
 			}
 		}
-		$this->db_delete();
+		$this->dbDelete();
 		$this->warning = 1;
 		$this->msg = $this->l->__("Dataset has been deleted!");
 	}
@@ -1441,21 +1455,25 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 	// PARAMS: $hidden_array
 	// RETURN: the input fields (html)
 	// DESC  : creates HTML hidden input fields out of an hash array
-	public function formCreateHiddenFields($hidden_array = "")
+	public function formCreateHiddenFields($hidden_array = array ())
 	{
 		$hidden = array ();
 		if (!is_array($this->table_array)) {
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			if ($this->table_array[$key]["type"] == "hidden") {
-				$hidden_array[$key] = $this->table_array[$key]["value"];
+				if (array_key_exists($key, $this->table_array)) {
+					$hidden_array[$key] = $this->table_array[$key]["value"];
+				} else {
+					$hidden_array[$key] = '';
+				}
 			}
 		}
 		if (is_array($hidden_array)) {
 			reset($hidden_array);
-			while (list($key, $value) = each($hidden_array)) {
+			foreach ($hidden_array as $key => $value) {
 				$hidden[] = array('key' => $key, 'value' => $value);
 			}
 		}
@@ -1475,7 +1493,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		}
 		$data['name'] = $this->reference_array[$table_name]["other_table_pk"];
 		$data['size'] = $this->reference_array[$table_name]["select_size"];
-		while ($res = $this->db_return($this->reference_array[$table_name]["query"])) {
+		while ($res = $this->dbReturn($this->reference_array[$table_name]["query"])) {
 			$data['value'][] = $res[0];
 			$data['output'][] = $res[1];
 			$data['selected'][] = ($this->checked($this->reference_array[$table_name]["selected"], $res[0])) ? $res[0] : '';
@@ -1523,8 +1541,8 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		reset($this->element_list[$table_name]["elements"]);
 		// generic data read in (counts for all rows)
 		// visible list data output
-		while (list($el_name, $data_array) = each($this->element_list[$table_name]["elements"])) {
-			$this->debug('CFG', 'El: '.$el_name.' -> '.$this->print_ar($data_array));
+		foreach ($this->element_list[$table_name]["elements"] as $el_name => $data_array) {
+			$this->debug('CFG', 'El: '.$el_name.' -> '.$this->printAr($data_array));
 			// if the element name matches the read array, then set the table as a name prefix
 			$q_select[] = $el_name; // this is for reading the data
 			// prefix the name for any further data parts
@@ -1542,7 +1560,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			// only two elements are allowed: pos 0 is key, pso 1 is visible output name
 			if ($data_array['type'] == 'drop_down_db') {
 				$md_q = md5($data_array['query']);
-				while ($res = $this->db_return($data_array['query'])) {
+				while ($res = $this->dbReturn($data_array['query'])) {
 					$this->debug('edit', "Q[$md_q] pos: ".$this->cursor_ext[$md_q]["pos"]." | want: ".$data_array["preset"]." | set: ".$data['preset'][$el_name]);
 					// first is default for this element
 					if (!$data['preset'][$el_name] && ($this->cursor_ext[$md_q]["pos"] == $data_array['preset'])) {
@@ -1555,11 +1573,23 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			} elseif ($data_array["element_list"]) {
 				$data['element_list'][$el_name] = $data_array["element_list"]; // this is for the checkboxes
 			}
-			$proto[$el_name] = ($this->error) ? $_POST[$el_name][(count($_POST[$el_name]) - 1)] : ''; // this is for the new line
+			$this->debug('CREATE ELEMENT LIST TABLE', 'Post: '.$el_name.' => '.$_POST[$el_name].' => '.is_array($_POST[$el_name]));
+			// if error, check new line addition so we don't loose it
+			if ($this->error) {
+				if (is_array($_POST[$el_name])) {
+					// this is for the new line
+					$proto[$el_name] = $_POST[$el_name][(count($_POST[$el_name]) - 1)];
+				} else {
+					$proto[$el_name] = 0;
+				}
+			} else {
+				$proto[$el_name] = '';
+			}
+			// $proto[$el_name] = $this->error ? $_POST[$el_name][(count($_POST[$el_name]) - 1)] : '';
 		}
-		// $this->debug('CFG DATA', 'Data: '.$this->print_ar($data));
-		// $this->debug('CFG PROTO', 'Proto: '.$this->print_ar($proto));
-		// $this->debug('CFG SELECT', 'Proto: '.$this->print_ar($q_select));
+		// $this->debug('CFG DATA', 'Data: '.$this->printAr($data));
+		// $this->debug('CFG PROTO', 'Proto: '.$this->printAr($proto));
+		// $this->debug('CFG SELECT', 'Proto: '.$this->printAr($q_select));
 		// query for reading in the data
 		$this->debug('edit_error', "ERR: ".$this->error);
 		// if we got a read data, build the read select for the read, and read out the "selected" data
@@ -1610,11 +1640,11 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		if ($q) {
 			$pos = 0; // position in while for overwrite if needed
 			// read out the list and add the selected data if needed
-			while ($res = $this->db_return($q)) {
+			while ($res = $this->dbReturn($q)) {
 				$_data = array ();
 				$prfx = $data["prefix"]; // short
 				// go through each res
-				for ($i = 0; $i < count($q_select); $i ++) {
+				for ($i = 0, $i_max = count($q_select); $i < $i_max; $i ++) {
 					// query select part, set to the element name
 					$el_name = $q_select[$i];
 					// $this->debug('edit_error', "[$i] ELNAME: $el_name | POS[$prfx$el_name]: ".$_POST[$prfx.$el_name][$pos]." | RES: ".$res[$el_name]);
@@ -1649,12 +1679,12 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->element_list[$table_name]['max_empty'] = 10;
 			}
 			// check if we need to fill fields
-			$element_count = count($data['content']);
-			$missing_empty_count = $this->element_list[$table_name]['max_empty'] - count($data['content']);
+			$element_count = is_array($data['content']) ? count($data['content']) : 0;
+			$missing_empty_count = $this->element_list[$table_name]['max_empty'] - $element_count;
 			$this->debug('CFG MAX', 'Max empty: '.$this->element_list[$table_name]['max_empty'].', Missing: '.$missing_empty_count.', Has: '.$element_count);
 			// set if we need more open entries or if we do not have any entries yet
 			if (($missing_empty_count < $this->element_list[$table_name]['max_empty']) || $element_count == 0) {
-				for ($pos = count($data['content']); $pos <= ($this->element_list[$table_name]['max_empty'] + $element_count); $pos ++) {
+				for ($pos = $element_count , $pos_max = $this->element_list[$table_name]['max_empty'] + $element_count; $pos <= $pos_max; $pos ++) {
 					$_data = array ();
 
 					// the fields that need to be filled are in data->type array: