Master update of include files

First step to clean up all files that are not mandatory for outside
access
* move all header/footer/smarty/set_paths/config files (inc) into
includes/ folder
* generate basic config.php that JUST loads the config.inc file (search)
* config.inc file has sub sections for db access arrays and host
configs, so config.inc is more static
* Also move edit base and template arrays to the include folder
* move the language po files to the 4dev folder as they do not need to
sit outside
* remove not maintained "files.php"

TODO:
split out templates and language files into external layout group
perhaps drop the whole sub template include path thing as this is
actually never really used and more annoying to maintain

eg: layout/frontend/default/ -> layout/frontend
eg: layout/fronend/default/template -> includes/frontend/template

Also check splitting out the NOT define parts of the config.inc file
G_TITLE, EDIT_STYLESHEET, EDIT_JAVASCRIPT, STYLESHEET, JAVASCRIPT
to default define?

4dev/database/ORDER

@@ -1,5 +1,7 @@
 # functions
 function/update_function.sql
+function/random_string.sql
+function/edit_set_access_uid.sql
 # generic tables
 table/edit_temp_files.sql
 table/edit_generic.sql
@@ -18,9 +20,11 @@ table/edit_user.sql
 table/edit_log.sql
 table/edit_access.sql
 table/edit_access_user.sql
+table/edit_access_data.sql
 # all triggers (after all tables have been created)
 trigger/trg_edit_access_right.sql
 trigger/trg_edit_access.sql
+trigger/trg_edit_access_data.sql
 trigger/trg_edit_access_user.sql
 trigger/trg_edit_generic.sql
 trigger/trg_edit_group.sql
@@ -33,3 +37,6 @@ trigger/trg_edit_scheme.sql
 trigger/trg_edit_user.sql
 trigger/trg_edit_visible_group.sql
 trigger/trg_edit_menu_group.sql
+trigger/trg_set_edit_access_uid.sql
+# insert data
+data/edit_tables.sql

4dev/database/data/edit_tables.sql

@@ -0,0 +1,147 @@
+-- edit tables insert data in order
+
+-- edit visible group
+DELETE FROM edit_visible_group;
+INSERT INTO edit_visible_group (name, flag) VALUES ('Main Menu', 'main');
+INSERT INTO edit_visible_group (name, flag) VALUES ('Data popup Menu', 'datapopup');
+
+-- edit menu group
+DELETE FROM edit_menu_group;
+INSERT INTO edit_menu_group (name, flag, order_number) VALUES ('Admin Menu', 'admin', 1);
+INSERT INTO edit_menu_group (name, flag, order_number) VALUES ('Admin Data Popup Menu', 'AdminDataPopup', 2);
+
+-- edit page
+DELETE FROM edit_page;
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_pages.php', 'Edit Pages', 1, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_users.php', 'Edit Users', 2, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_languages.php', 'Edit Languages', 3, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_schemes.php', 'Edit Schemes', 4, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_groups.php', 'Edit Groups', 5, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_visible_group.php', 'Edit Visible Groups', 6, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_menu_group.php', 'Edit Menu Groups', 7, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_access.php', 'Edit Access', 8, 1, 1);
+INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_order.php', 'Edit Order', 9, 1, 0);
+
+-- edit visible group
+DELETE FROM edit_page_visible_group;
+INSERT INTO edit_page_visible_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Pages'), (SELECT edit_visible_group_id FROM edit_visible_group WHERE flag = 'main'));
+INSERT INTO edit_page_visible_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Users'), (SELECT edit_visible_group_id FROM edit_visible_group WHERE flag = 'main'));
+INSERT INTO edit_page_visible_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Languages'), (SELECT edit_visible_group_id FROM edit_visible_group WHERE flag = 'main'));
+INSERT INTO edit_page_visible_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Schemes'), (SELECT edit_visible_group_id FROM edit_visible_group WHERE flag = 'main'));
+INSERT INTO edit_page_visible_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Groups'), (SELECT edit_visible_group_id FROM edit_visible_group WHERE flag = 'main'));
+INSERT INTO edit_page_visible_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Visible Groups'), (SELECT edit_visible_group_id FROM edit_visible_group WHERE flag = 'main'));
+INSERT INTO edit_page_visible_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Menu Groups'), (SELECT edit_visible_group_id FROM edit_visible_group WHERE flag = 'main'));
+INSERT INTO edit_page_visible_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Access'), (SELECT edit_visible_group_id FROM edit_visible_group WHERE flag = 'main'));
+-- INSERT INTO edit_page_visible_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Order'), (SELECT edit_visible_group_id FROM edit_visible_group WHERE flag = 'main'));
+
+-- edit page menu group
+DELETE FROM edit_page_menu_group;
+INSERT INTO edit_page_menu_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Pages'), (SELECT edit_menu_group_id FROM edit_menu_group WHERE flag = 'admin'));
+INSERT INTO edit_page_menu_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Users'), (SELECT edit_menu_group_id FROM edit_menu_group WHERE flag = 'admin'));
+INSERT INTO edit_page_menu_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Languages'), (SELECT edit_menu_group_id FROM edit_menu_group WHERE flag = 'admin'));
+INSERT INTO edit_page_menu_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Schemes'), (SELECT edit_menu_group_id FROM edit_menu_group WHERE flag = 'admin'));
+INSERT INTO edit_page_menu_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Groups'), (SELECT edit_menu_group_id FROM edit_menu_group WHERE flag = 'admin'));
+INSERT INTO edit_page_menu_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Visible Groups'), (SELECT edit_menu_group_id FROM edit_menu_group WHERE flag = 'admin'));
+INSERT INTO edit_page_menu_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Menu Groups'), (SELECT edit_menu_group_id FROM edit_menu_group WHERE flag = 'admin'));
+INSERT INTO edit_page_menu_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Access'), (SELECT edit_menu_group_id FROM edit_menu_group WHERE flag = 'admin'));
+-- INSERT INTO edit_page_menu_group VALUES ((SELECT edit_page_id FROM edit_page WHERE name = 'Edit Order'), (SELECT edit_menu_group_id FROM edit_menu_group WHERE flag = 'admin'));
+
+
+-- edit access right
+DELETE FROM edit_access_right;
+INSERT INTO edit_access_right (name, level, type) VALUES ('Default', -1, 'default');
+INSERT INTO edit_access_right (name, level, type) VALUES ('No Access', 0, 'none');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Read', 20, 'read');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Translator', 30, 'mod_trans');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Modify', 40, 'mod');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Create/Write', 60, 'write');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Delete', 80, 'del');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Site Admin', 90, 'siteadmin');
+INSERT INTO edit_access_right (name, level, type) VALUES ('Admin', 100, 'admin');
+
+-- edit scheme
+DELETE FROM edit_scheme;
+INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Default Scheme', 'E0E2FF', 1);
+INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Admin', 'CC7E7E', 1);
+INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Visitor', 'B0C4B3', 1);
+INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('User', '1E789E', 1);
+
+-- edit language
+DELETE FROM edit_language;
+INSERT INTO edit_language (short_name, long_name, iso_name, order_number, enabled, lang_default) VALUES ('en', 'English', 'UTF-8', 1, 1, 1);
+INSERT INTO edit_language (short_name, long_name, iso_name, order_number, enabled, lang_default) VALUES ('ja', 'Japanese', 'UTF-8', 2, 1, 0);
+
+-- edit group
+DELETE FROM edit_group;
+INSERT INTO edit_group (name, enabled, edit_scheme_id, edit_access_right_id) VALUES ('Admin', 1, (SELECT edit_scheme_id FROM edit_scheme WHERE name = 'Admin'), (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin'));
+INSERT INTO edit_group (name, enabled, edit_scheme_id, edit_access_right_id) VALUES ('User', 1, (SELECT edit_scheme_id FROM edit_scheme WHERE name = 'User'), (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'write'));
+
+-- edit page access
+DELETE FROM edit_page_access;
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+    (SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+    (SELECT edit_page_id FROM edit_page WHERE name = 'Edit Pages'),
+    (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+    (SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+    (SELECT edit_page_id FROM edit_page WHERE name = 'Edit Users'),
+    (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+    (SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+    (SELECT edit_page_id FROM edit_page WHERE name = 'Edit Languages'),
+    (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+    (SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+    (SELECT edit_page_id FROM edit_page WHERE name = 'Edit Schemes'),
+    (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+    (SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+    (SELECT edit_page_id FROM edit_page WHERE name = 'Edit Groups'),
+    (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+    (SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+    (SELECT edit_page_id FROM edit_page WHERE name = 'Edit Visible Groups'),
+    (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+    (SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+    (SELECT edit_page_id FROM edit_page WHERE name = 'Edit Menu Groups'),
+    (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+    (SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+    (SELECT edit_page_id FROM edit_page WHERE name = 'Edit Access'),
+    (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1,
+    (SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+    (SELECT edit_page_id FROM edit_page WHERE name = 'Edit Order'),
+    (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+
+-- edit user
+-- inserts admin user so basic users can be created
+DELETE FROM edit_user;
+INSERT INTO edit_user (username, password, enabled, debug, db_debug, email, protected, admin, edit_language_id, edit_group_id, edit_scheme_id, edit_access_right_id) VALUES ('admin', 'admin', 1, 1, 1, '', 1, 1,
+    (SELECT edit_language_id FROM edit_language WHERE short_name = 'en'),
+    (SELECT edit_group_id FROM edit_group WHERE name = 'Admin'),
+    (SELECT edit_scheme_id FROM edit_scheme WHERE name = 'Admin'),
+    (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);
+
+-- edit access
+DELETE FROM edit_access;
+INSERT INTO edit_access (name, enabled, protected) VALUES ('Admin Access', 't', 1);
+
+-- edit access user
+DELETE FROM edit_access_user;
+INSERT INTO edit_access_user (edit_default, enabled, edit_access_id, edit_user_id, edit_access_right_id) VALUES (1, 1,
+    (SELECT edit_access_id FROM edit_access WHERE uid = 'AdminAccess'),
+    (SELECT edit_user_id FROM edit_user WHERE username = 'admin'),
+    (SELECT edit_access_right_id FROM edit_access_right WHERE type = 'admin')
+);

4dev/database/function/edit_log_partition_insert.sql

@@ -0,0 +1,59 @@
+CREATE OR REPLACE FUNCTION edit_log_insert_trigger ()
+RETURNS TRIGGER AS
+$$
+DECLARE
+	start_date DATE := '2010-01-01';
+	end_date DATE;
+	timeformat TEXT := 'YYYY';
+	selector TEXT := 'year';
+	_interval INTERVAL;
+	table_name TEXT;
+BEGIN
+	-- get year and month from edit_log date so we can build the target edit_log table
+
+	-- move interval
+	_interval := '1 ' || selector;
+	-- current table name
+	table_name := 'edit_log_' || to_char(NEW.event_date, timeformat);
+
+	-- we are in valid start time area
+	IF (NEW.event_date >= start_date) THEN
+		BEGIN
+			EXECUTE 'INSERT INTO ' || quote_ident(table_name) || ' SELECT ($1).*' USING NEW;
+		-- if insert failed because of missing table, create new below
+		EXCEPTION
+		WHEN undefined_table THEN
+			-- another block, so in case the creation fails here too
+			BEGIN
+				-- create new talbe here + all indexes
+				start_date := date_trunc(selector, NEW.event_date);
+				end_date := date_trunc(selector, NEW.event_date + _interval);
+				-- creat table
+				EXECUTE 'CREATE TABLE IF NOT EXISTS ' || quote_ident(table_name) || ' ( CHECK ( event_date >= ' || quote_literal(start_date) || ' AND event_date < ' || quote_literal(end_date) || ' ) ) INHERITS (edit_log)';
+				-- create all indexes and triggers
+				EXECUTE 'ALTER TABLE ' || quote_ident(table_name) || ' ADD PRIMARY KEY (edit_log_id)';
+				-- FK constraints
+				EXECUTE 'ALTER TABLE ' || quote_ident(table_name) || ' ADD CONSTRAINT fk_' || quote_ident(table_name) || '_euid_fkey FOREIGN KEY (euid) REFERENCES edit_user (edit_user_id) MATCH FULL ON UPDATE CASCADE ON DELETE CASCADE';
+				-- generic trigger
+				EXECUTE 'CREATE TRIGGER trg_' || quote_ident(table_name) || ' BEFORE INSERT OR UPDATE ON ' || quote_ident(table_name) || ' FOR EACH ROW EXECUTE PROCEDURE set_edit_generic()';
+
+				-- insert try again
+				EXECUTE 'INSERT INTO ' || quote_ident(table_name) || ' SELECT ($1).*' USING NEW;
+			EXCEPTION
+			WHEN OTHERS THEN
+				-- if this faled, throw it into the overflow table (so we don't loose anything)
+				INSERT INTO edit_log_overflow VALUES (NEW.*);
+			END;
+		-- other errors, insert into overlow
+		WHEN OTHERS THEN
+			-- if this faled, throw it into the overflow table (so we don't loose anything)
+			INSERT INTO edit_log_overflow VALUES (NEW.*);
+		END;
+	ELSE
+		-- if outside valid date, insert into overflow
+		INSERT INTO edit_log_overflow VALUES (NEW.*);
+	END IF;
+	RETURN NULL;
+END
+$$
+LANGUAGE 'plpgsql'

4dev/database/function/edit_set_access_uid.sql

@@ -1,6 +1,6 @@
 -- add uid add for edit_access table
 
-CREATE OR REPLACE FUNCTION set_edit_access_uid() RETURNS TRIGGER AS 
+CREATE OR REPLACE FUNCTION set_edit_access_uid() RETURNS TRIGGER AS
 $$
 	DECLARE
 		myrec RECORD;

4dev/database/function/random_string.sql

@@ -0,0 +1,18 @@
+-- create random string with length X
+
+CREATE FUNCTION random_string(randomLength int)
+RETURNS text AS $$
+SELECT array_to_string(
+	ARRAY(
+		SELECT substring(
+			'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789',
+			trunc(random() * 62)::int + 1,
+			1
+		)
+		FROM generate_series(1, randomLength) AS gs(x)
+	),
+	''
+)
+$$ LANGUAGE SQL
+RETURNS NULL ON NULL INPUT
+VOLATILE; -- LEAKPROOF;

4dev/database/function/set_edit_generic.sql

@@ -0,0 +1,15 @@
+-- adds the created or updated date tags
+
+CREATE OR REPLACE FUNCTION set_edit_generic() RETURNS TRIGGER AS '
+	DECLARE
+		random_length INT = 12; -- that should be long enough
+	BEGIN
+		IF TG_OP = ''INSERT'' THEN
+			NEW.date_created := ''now'';
+			NEW.cuid := random_string(random_length);
+		ELSIF TG_OP = ''UPDATE'' THEN
+			NEW.date_updated := ''now'';
+		END IF;
+		RETURN NEW;
+	END;
+' LANGUAGE 'plpgsql';

4dev/database/function/set_uid.sql

@@ -0,0 +1,12 @@
+-- adds the created or updated date tags
+
+CREATE OR REPLACE FUNCTION set_uid() RETURNS TRIGGER AS '
+	DECLARE
+		random_length INT = 12; -- that should be long enough
+	BEGIN
+		IF TG_OP = ''INSERT'' THEN
+			NEW.uid := random_string(random_length);
+		END IF;
+		RETURN NEW;
+	END;
+' LANGUAGE 'plpgsql';

4dev/database/table/edit_access.sql

@@ -8,10 +8,10 @@
 -- DROP TABLE edit_access;
 CREATE TABLE edit_access (
 	edit_access_id	SERIAL PRIMARY KEY,
-	name	VARCHAR(255) UNIQUE,
+	name	VARCHAR UNIQUE,
 	description	VARCHAR,
-	COLOR	VARCHAR
+	color	VARCHAR,
+	uid	VARCHAR,
+	enabled	BOOLEAN DEFAULT 'true',
+	protected INT
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-DELETE FROM edit_access;
-INSERT INTO edit_access (name) VALUES ('Admin Access');

4dev/database/table/edit_access_right.sql

@@ -14,14 +14,3 @@ CREATE TABLE edit_access_right (
 	type VARCHAR,
 	UNIQUE (level,type)
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-DELETE FROM edit_access_right;
-INSERT INTO edit_access_right (name, level, type) VALUES ('Default', -1, 'default');
-INSERT INTO edit_access_right (name, level, type) VALUES ('No Access', 0, 'none');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Read', 20, 'read');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Translator', 30, 'mod_trans');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Modify', 40, 'mod');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Create/Write', 60, 'write');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Delete', 80, 'del');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Site Admin', 90, 'siteadmin');
-INSERT INTO edit_access_right (name, level, type) VALUES ('Admin', 100, 'admin');

4dev/database/table/edit_access_user.sql

@@ -17,6 +17,3 @@ CREATE TABLE edit_access_user (
 	FOREIGN KEY (edit_user_id) REFERENCES edit_user (edit_user_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-DELETE FROM edit_access_user;
-INSERT INTO edit_access_user (edit_default, edit_access_id, edit_user_id, edit_access_right_id) VALUES (1, 1, 1, 8);

4dev/database/table/edit_generic.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_generic;
 CREATE TABLE edit_generic (
-	eg_status	INT,
+	cuid	VARCHAR,
 	date_created	TIMESTAMP WITHOUT TIME ZONE DEFAULT clock_timestamp(),
 	date_updated	TIMESTAMP WITHOUT TIME ZONE
 );

4dev/database/table/edit_group.sql

@@ -8,12 +8,10 @@
 -- DROP TABLE edit_group;
 CREATE TABLE edit_group (
 	edit_group_id	SERIAL PRIMARY KEY,
-	name	VARCHAR(50),
+	name	VARCHAR,
 	enabled	SMALLINT NOT NULL DEFAULT 0,
 	edit_scheme_id INT,
 	edit_access_right_id INT NOT NULL,
 	FOREIGN KEY (edit_scheme_id) REFERENCES edit_scheme (edit_scheme_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-INSERT INTO edit_group (name, enabled, edit_scheme_id, edit_access_right_id) VALUES ('Admin', 1, 2, 8);

4dev/database/table/edit_language.sql

@@ -9,12 +9,10 @@
 -- DROP TABLE edit_language;
 CREATE TABLE edit_language (
 	edit_language_id SERIAL PRIMARY KEY,
-	short_name VARCHAR(2),
-	long_name VARCHAR(70),
-	iso_name VARCHAR(12),
+	short_name VARCHAR,
+	long_name VARCHAR,
+	iso_name VARCHAR,
 	order_number INT,
 	enabled SMALLINT NOT NULL DEFAULT 0,
-	lang_default SMALLINT NOT NULL DEFAULT 0 UNIQUE
+	lang_default SMALLINT NOT NULL DEFAULT 0
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-INSERT INTO edit_language (short_name, long_name, iso_name, order_number, enabled, lang_default) VALUES ('en', 'English', 'UTF-8', 1, 1, 1);

4dev/database/table/edit_menu_group.sql

@@ -8,11 +8,9 @@
 -- DROP TABLE edit_menu_group;
 CREATE TABLE edit_menu_group (
 	edit_menu_group_id	SERIAL PRIMARY KEY,
-	name	VARCHAR(255),
-	flag	VARCHAR(50),
+	name	VARCHAR,
+	flag	VARCHAR,
 	order_number	INT NOT NULL
 ) INHERITS (edit_generic) WITHOUT OIDS;
 
-DELETE FROM edit_menu_group;
-INSERT INTO edit_menu_group (name, flag, order_number) VALUES ('Admin Menu', 'admin', 1);
-INSERT INTO edit_menu_group (name, flag, order_number) VALUES ('Admin Data Popup Menu', 'AdminDataPopup', 2);
+

4dev/database/table/edit_page.sql

@@ -8,8 +8,8 @@
 -- DROP TABLE edit_page;
 CREATE TABLE edit_page (
 	edit_page_id	SERIAL PRIMARY KEY,
-	filename	VARCHAR(70),
-	name	VARCHAR(255) UNIQUE,
+	filename	VARCHAR,
+	name	VARCHAR UNIQUE,
 	order_number INT NOT NULL,
 	online	SMALLINT NOT NULL DEFAULT 0,
 	menu	SMALLINT NOT NULL DEFAULT 0,
@@ -17,14 +17,3 @@ CREATE TABLE edit_page (
 	popup_x	SMALLINT,
 	popup_y SMALLINT
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-DELETE FROM edit_page;
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_pages.php', 'Edit Pages', 1, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_users.php', 'Edit Users', 2, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_languages.php', 'Edit Languages', 3, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_schemes.php', 'Edit Schemes', 4, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_groups.php', 'Edit Groups', 5, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_visible_group.php', 'Edit Visible Groups', 6, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_menu_group.php', 'Edit Menu Groups', 7, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_access.php', 'Edit Access', 8, 1, 1);
-INSERT INTO edit_page (filename, name, order_number, online, menu) VALUES ('edit_order.php', 'Edit Order', 9, 1, 0);

4dev/database/table/edit_page_access.sql

@@ -17,12 +17,4 @@ CREATE TABLE edit_page_access (
 	FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 ) INHERITS (edit_generic) WITHOUT OIDS;
 
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 1, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 2, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 3, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 4, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 5, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 6, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 7, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 8, 8);
-INSERT INTO edit_page_access (enabled, edit_group_id, edit_page_id, edit_access_right_id) VALUES (1, 1, 9, 8);
+

4dev/database/table/edit_page_menu_group.sql

@@ -12,12 +12,3 @@ CREATE TABLE edit_page_menu_group (
 	FOREIGN KEY (edit_page_id) REFERENCES edit_page (edit_page_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_menu_group_id) REFERENCES edit_menu_group (edit_menu_group_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 );
-
-DELETE FROM edit_page_menu_group;
-INSERT INTO edit_page_menu_group VALUES (1, 1);
-INSERT INTO edit_page_menu_group VALUES (2, 1);
-INSERT INTO edit_page_menu_group VALUES (3, 1);
-INSERT INTO edit_page_menu_group VALUES (4, 1);
-INSERT INTO edit_page_menu_group VALUES (5, 1);
-INSERT INTO edit_page_menu_group VALUES (6, 1);
-INSERT INTO edit_page_menu_group VALUES (7, 1);

4dev/database/table/edit_page_visible_group.sql

@@ -12,12 +12,3 @@ CREATE TABLE edit_page_visible_group (
 	FOREIGN KEY (edit_page_id) REFERENCES edit_page (edit_page_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_visible_group_id) REFERENCES edit_visible_group (edit_visible_group_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 );
-
-DELETE FROM edit_page_visible_group;
-INSERT INTO edit_page_visible_group VALUES (1, 1);
-INSERT INTO edit_page_visible_group VALUES (2, 1);
-INSERT INTO edit_page_visible_group VALUES (3, 1);
-INSERT INTO edit_page_visible_group VALUES (4, 1);
-INSERT INTO edit_page_visible_group VALUES (5, 1);
-INSERT INTO edit_page_visible_group VALUES (6, 1);
-INSERT INTO edit_page_visible_group VALUES (7, 1);

4dev/database/table/edit_query_string.sql

@@ -8,8 +8,8 @@
 -- DROP TABLE edit_query_string;
 CREATE TABLE edit_query_string (
 	edit_query_string_id	SERIAL PRIMARY KEY,
-	name	VARCHAR(255),
-	value	VARCHAR(255),
+	name	VARCHAR,
+	value	VARCHAR,
 	enabled	SMALLINT NOT NULL DEFAULT 0,
 	dynamic	SMALLINT NOT NULL DEFAULT 0,
 	edit_page_id	INT NOT NULL,

4dev/database/table/edit_scheme.sql

@@ -9,12 +9,8 @@
 CREATE TABLE edit_scheme (
 	edit_scheme_id	SERIAL PRIMARY KEY,
 	enabled	SMALLINT NOT NULL DEFAULT 0,
-	name	VARCHAR(50),
-	header_color	VARCHAR(7),
-	css_file	VARCHAR(50),
-	template	VARCHAR(50)
+	name	VARCHAR,
+	header_color	VARCHAR,
+	css_file	VARCHAR,
+	template	VARCHARs
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Default Scheme', '#E0E2FF', 1);
-INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Admin', '#CC7E7E', 1);
-INSERT INTO edit_scheme (name, header_color, enabled) VALUES ('Visitor', '#B0C4B3', 1);

4dev/database/table/edit_temp_files.sql

@@ -7,5 +7,5 @@
 
 -- DROP TABLE temp_files;
 CREATE TABLE temp_files (
-	filename	VARCHAR(250)
+	filename	VARCHAR
 );

4dev/database/table/edit_user.sql

@@ -8,8 +8,13 @@
 -- DROP TABLE edit_user;
 CREATE TABLE edit_user (
 	edit_user_id	SERIAL PRIMARY KEY,
+	connect_edit_user_id	INT, -- possible reference to other user
 	username	VARCHAR UNIQUE,
 	password	VARCHAR,
+	first_name	VARCHAR,
+	last_name	VARCHAR,
+	first_name_furigana	VARCHAR,
+	last_name_furigana	VARCHAR,
 	enabled	SMALLINT NOT NULL DEFAULT 0,
 	debug	SMALLINT NOT NULL DEFAULT 0,
 	db_debug	SMALLINT NOT NULL DEFAULT 0,
@@ -27,12 +32,9 @@ CREATE TABLE edit_user (
 	locked	SMALLINT DEFAULT 0,
 	password_change_date	TIMESTAMP WITHOUT TIME ZONE, -- only when password is first set or changed
 	password_change_interval	INTERVAL, -- null if no change is needed, or d/m/y time interval
+	FOREIGN KEY (connect_edit_user_id) REFERENCES edit_user (edit_user_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_language_id) REFERENCES edit_language (edit_language_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_group_id) REFERENCES edit_group (edit_group_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_scheme_id) REFERENCES edit_scheme (edit_scheme_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
--- inserts admin user so basic users can be created
-DELETE FROM edit_user;
-INSERT INTO edit_user (username, password, enabled, debug, db_debug, email, protected, admin, edit_language_id, edit_group_id, edit_scheme_id, edit_access_right_id) VALUES ('admin', 'admin', 1, 1, 1, '', 1, 1, 1, 1, 2, 8);

4dev/database/table/edit_visible_group.sql

@@ -8,8 +8,8 @@
 -- DROP TABLE edit_visible_group;
 CREATE TABLE edit_visible_group (
 	edit_visible_group_id	SERIAL PRIMARY KEY,
-	name	VARCHAR(255),
-	flag	VARCHAR(50)
+	name	VARCHAR,
+	flag	VARCHAR
 ) INHERITS (edit_generic) WITHOUT OIDS;
 
 DELETE FROM edit_visible_group;

4dev/database/trigger/trg_edit_access.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_access ON edit_access;
+DROP TRIGGER trg_edit_access ON edit_access;
 CREATE TRIGGER trg_edit_access
 BEFORE INSERT OR UPDATE ON edit_access
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_access_data.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_access_data ON edit_access_data;
+DROP TRIGGER trg_edit_access_data ON edit_access_data;
 CREATE TRIGGER trg_edit_access_data
 BEFORE INSERT OR UPDATE ON edit_access_data
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_access_right.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_access_right ON edit_access_right;
+DROP TRIGGER trg_edit_access_right ON edit_access_right;
 CREATE TRIGGER trg_edit_access_right
 BEFORE INSERT OR UPDATE ON edit_access_right
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_access_user.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_access_user ON edit_access_user;
+DROP TRIGGER trg_edit_access_user ON edit_access_user;
 CREATE TRIGGER trg_edit_access_user
 BEFORE INSERT OR UPDATE ON edit_access_user
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_group.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_group ON edit_group;
+DROP TRIGGER trg_edit_group ON edit_group;
 CREATE TRIGGER trg_edit_group
 BEFORE INSERT OR UPDATE ON edit_group
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_language.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_language ON edit_language;
+DROP TRIGGER trg_edit_language ON edit_language;
 CREATE TRIGGER trg_edit_language
 BEFORE INSERT OR UPDATE ON edit_language
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_log.sql

@@ -1,4 +1,9 @@
--- DROP TRIGGER trg_edit_log ON edit_log;
+DROP TRIGGER trg_edit_log ON edit_log;
 CREATE TRIGGER trg_edit_log
 BEFORE INSERT OR UPDATE ON edit_log
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();
+
+DROP TRIGGER trg_edit_log_insert_partition ON edit_log;
+CREATE TRIGGER trg_edit_log_insert_partition
+BEFORE INSERT OR UPDATE ON edit_log
+FOR EACH ROW EXECUTE PROCEDURE edit_log_insert_trigger();

4dev/database/trigger/trg_edit_menu_group.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_visible_group ON edit_visible_group;
+DROP TRIGGER trg_edit_menu_group ON edit_menu_group;
 CREATE TRIGGER trg_edit_menu_group
 BEFORE INSERT OR UPDATE ON edit_menu_group
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_page.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_page ON edit_page;
+DROP TRIGGER trg_edit_page ON edit_page;
 CREATE TRIGGER trg_edit_page
 BEFORE INSERT OR UPDATE ON edit_page
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_page_access.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_page_access ON edit_page_access;
+DROP TRIGGER trg_edit_page_access ON edit_page_access;
 CREATE TRIGGER trg_edit_page_access
 BEFORE INSERT OR UPDATE ON edit_page_access
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_query_string.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_query_string ON edit_query_string;
+DROP TRIGGER trg_edit_query_string ON edit_query_string;
 CREATE TRIGGER trg_edit_query_string
 BEFORE INSERT OR UPDATE ON edit_query_string
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_scheme.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_scheme ON edit_scheme;
+DROP TRIGGER trg_edit_scheme ON edit_scheme;
 CREATE TRIGGER trg_edit_scheme
 BEFORE INSERT OR UPDATE ON edit_scheme
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_user.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_user ON edit_user;
+DROP TRIGGER trg_edit_user ON edit_user;
 CREATE TRIGGER trg_edit_user
 BEFORE INSERT OR UPDATE ON edit_user
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/trigger/trg_edit_visible_group.sql

@@ -1,4 +1,4 @@
--- DROP TRIGGER trg_edit_visible_group ON edit_visible_group;
+DROP TRIGGER trg_edit_visible_group ON edit_visible_group;
 CREATE TRIGGER trg_edit_visible_group
 BEFORE INSERT OR UPDATE ON edit_visible_group
-FOR EACH ROW EXECUTE PROCEDURE set_generic();
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

www/admin/.htaccess

@@ -1,3 +1,7 @@
-php_value xdebug.profiler_output_dir /home/developer/html/adidas/20081208_catalogue/4dev/xdebug/
-php_value xdebug.profiler_output_name timestamp 
-php_value xdebug.profiler_enable 0
+# php_value xdebug.profiler_output_dir /home/developer/xdebug/
+# php_value xdebug.profiler_output_name timestamp
+# php_value xdebug.profiler_enable 0
+# all .inc files are denied access from outside
+<Files "*.inc">
+	Require all denied
+</Files>

www/admin/class_test.php

@@ -14,7 +14,8 @@ ob_start();
 // basic class test file
 define('USE_DATABASE', true);
 // sample config
-require("config.inc");
+// require("config.inc");
+require 'config.php';
 // set session name
 if (!defined('SET_SESSION_NAME')) {
 	DEFINE('SET_SESSION_NAME', EDIT_SESSION_NAME);
@@ -97,6 +98,9 @@ print "DIRECT MULTIPLE INSERT STATUS: $status | PRIMARY KEYS: ".print_r($basic->
 // no returning, but not needed ;
 $status = $basic->dbExec("INSERT INTO foo (test) VALUES ('FOO; TEST ".time()."');");
 print "DIRECT INSERT STATUS: $status | PRIMARY KEY: ".$basic->insert_id." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, 1)."<br>";
+// UPDATE WITH RETURNING
+$status = $basic->dbExec("UPDATE foo SET test = 'SOMETHING DIFFERENT' WHERE foo_id = 3688452 RETURNING test");
+print "UPDATE STATUS: $status | RETURNING EXT: ".print_r($basic->insert_id_ext, 1)."<br>";
 
 # db write class test
 $table = 'foo';
@@ -202,6 +206,9 @@ $date_1 = '2017/1/5';
 $date_2 = '2017-01-05';
 print "COMPARE DATE: ".$basic->compareDate($date_1, $date_2)."<br>";
 
+
+// array re
+
 // print error messages
 print $login->printErrorMsg();
 print $basic->printErrorMsg();

www/admin/config.inc

@@ -1 +0,0 @@
-../configs/config.inc

www/admin/config.php

@@ -0,0 +1,25 @@
+<?php
+/********************************************************************
+* AUTHOR: Clemens Schwaighofer
+* CREATED: 2018/10/11
+* SHORT DESCRIPTION:
+* pre config included -> includes master config
+* HISTORY:
+*********************************************************************/
+
+define('CONFIG_PATH', 'configs'.DIRECTORY_SEPARATOR);
+// config path prefix search, start with 0, got down each level __DIR__ has, if nothing found -> bail
+$CONFIG_PATH_PREFIX = '';
+for ($dir_pos = 0, $dir_max = count(explode('/', __DIR__)); $dir_pos <= $dir_max; $dir_pos ++) {
+	$CONFIG_PATH_PREFIX .= '..'.DIRECTORY_SEPARATOR;
+	if (file_exists($CONFIG_PATH_PREFIX.CONFIG_PATH.'config.inc')) {
+		require $CONFIG_PATH_PREFIX.CONFIG_PATH.'config.inc';
+		break;
+	}
+}
+// fail if no base DS is not set
+if (!defined('DS')) {
+	exit('Base config unloadable');
+}
+
+// __END__

www/admin/edit_access.php

@@ -1 +1 @@
-edit_base.inc
+../includes/edit_base.inc

www/admin/edit_groups.php

@@ -1 +1 @@
-edit_base.inc
+../includes/edit_base.inc

www/admin/edit_languages.php

@@ -1 +1 @@
-edit_base.inc
+../includes/edit_base.inc

www/admin/edit_menu_group.php

@@ -1 +1 @@
-edit_base.inc
+../includes/edit_base.inc

www/admin/edit_order.php

@@ -16,7 +16,7 @@ $DB_DEBUG = 1;
 extract($_GET, EXTR_SKIP);
 extract($_POST, EXTR_SKIP);
 
-include("config.inc");
+require 'config.php';
 // set session name
 define('SET_SESSION_NAME', EDIT_SESSION_NAME);
 // overrride debug flags

www/admin/edit_pages.php

@@ -1 +1 @@
-edit_base.inc
+../includes/edit_base.inc

www/admin/edit_schemes.php

@@ -1 +1 @@
-edit_base.inc
+../includes/edit_base.inc

www/admin/edit_users.php

@@ -1 +1 @@
-edit_base.inc
+../includes/edit_base.inc

www/admin/edit_visible_group.php

@@ -1 +1 @@
-edit_base.inc
+../includes/edit_base.inc

www/admin/files.php

@@ -1,480 +0,0 @@
-<?php
-/********************************************************************
-* AUTHOR: Clemens Schwaighofer
-* CREATED: 2005/07/13
-* SHORT DESCRIPTION:
-* Create categories for CMS
-* HISTORY:
-* 2005/08/19 (cs) changed the mime type get from the _FILE to mime get fkt
-*********************************************************************/
-
-// DEBUG vars here
-$DEBUG_ALL = 1;
-$DB_DEBUG = 1;
-$DEBUG_TMPL = 1;
-
-//------------------------------ header
-require("header.inc");
-$MASTER_TEMPLATE_NAME = 'cms_popup.tpl';
-$TEMPLATE_NAME = 'cms_files.tpl';
-$PAGE_WIDTH = 750;
-require("set_paths.inc");
-//------------------------------ header
-
-//------------------------------ processing data start
-$form_name = $_GET['form'];
-$value_name = $_GET['name'];
-$data_id = $_GET['id'];
-$show_type = $_GET['type']; // P (pic), F (flash), V (video), D (document: word), A (document: pdf), B (binary); , separated string
-
-// default view is list
-if (!$view && !$data_id) {
-	$view = 'list';
-} elseif (!$view && $data_id) {
-	$view = 'list';
-}
-// default is online
-if (!isset($online)) {
-	$online = 't';
-}
-// if not set, it is a fresh load
-if (!$show_amount) {
-	$fresh_load = 1;
-}
-// the next two are for page view
-if (!$start_row) {
-	$start_row = 0;
-}
-if (!$show_amount) {
-	$show_amount = 12;
-}
-if (!$show_type) {
-	$show_type = 'P';
-}
-
-// set edit access array
-$edit_access_ids = array_keys($cms->user_unit);
-
-// yes no list (online)
-$yesno_list['f'] = 'No';
-$yesno_list['t'] = 'Yes';
-// order list
-$sort_order_list['date_created'] = 'ID / Insert time'; // default
-$sort_order_list['file_name'] = 'File Name';
-$sort_order_list['file_size'] = 'File Size';
-$sort_order_list['mime_type'] = 'Mime Type';
-$sort_order_list['name_en'] = 'Alt Name English';
-$sort_order_list['name_ja'] = 'Alt Name Japanese';
-$sort_order_list['date_updated'] = 'Updated';
-if (!$sort_order) {
-	$sort_order = 'date_created';
-}
-$sort_direction_list['ASC'] = 'Normal';
-$sort_direction_list['DESC'] = 'Reverse';
-if (!$sort_direction) {
-	$sort_direction = 'ASC';
-}
-// set if we need to write to any of the set live queues
-// a) on page save with set_live
-// b) global page with live_queue
-// set via QUEUE variable
-
-// create 0 entries for: templates, menu, data_group?
-if ($cms->action == 'new' && $cms->action_yes == 'true') {
-	unset($file_uid);
-	unset($file_id);
-	unset($file_type);
-	$new_okay = 1;
-}
-// file type: P picture, M mouse over picutre, F flash, V video, B binary
-if ($cms->action == 'save') {
-	if (!$file_type) {
-		$file_type = 'B';
-	}
-	$file_ok = false;
-	if (!$_FILES['file_up']['name'] && !$file_uid) {
-		$cms->messages[] = array('msg' => 'No file name given', 'class' => 'error');
-		$error = 1;
-	}
-	if (!$_FILES['file_up']['name'] && $file_uid) {
-		$file_ok = true;
-	}
-	// echo "FILE TYPE: ".$_FILES['file_up']['type']."<br>";
-	foreach (split(',', $show_type) as $_show_type) {
-		// check if the uploaded filename matches to the given type
-		if ($_FILES['file_up']['name'] && preg_match("/jpeg|png|gif/", $_FILES['file_up']['type']) && preg_match("/P/", $show_type)) {
-			$file_ok = true;
-		}
-		if ($_FILES['file_up']['name'] && preg_match("/swf/", $_FILES['file_up']['type']) && preg_match("/F/", $show_type)) {
-			$file_ok = true;
-		}
-		if ($_FILES['file_up']['name'] && preg_match("/video/", $_FILES['file_up']['type']) && preg_match("/V/", $show_type)) {
-			$file_ok = true;
-		}
-		if ($_FILES['file_up']['name'] && preg_match("/msword|vnd.oasis.opendocument.text/", $_FILES['file_up']['type']) && preg_match("/D/", $show_type)) {
-			$file_ok = true;
-		}
-		if ($_FILES['file_up']['name'] && preg_match("/pdf/", $_FILES['file_up']['type']) && preg_match("/A/", $show_type)) {
-			$file_ok = true;
-		}
-		if ($_FILES['file_up']['name'] && preg_match("/B/", $show_type)) {
-			$file_ok = true;
-		}
-	}
-	// write out error messages according to show type
-	if (!$file_ok) {
-		if (preg_match("/P/", $show_type)) {
-			$cms->messages[] = array('msg' => 'File is not a JPEG/PNG/GIF file', 'class' => 'error');
-			$error = 1;
-		}
-		if (preg_match("/F/", $show_type)) {
-			$cms->messages[] = array('msg' => 'File is not a Flash File', 'class' => 'error');
-			$error = 1;
-		}
-		if (preg_match("/V/", $show_type)) {
-			$cms->messages[] = array('msg' => 'File is not a Video', 'class' => 'error');
-			$error = 1;
-		}
-		if (preg_match("/D/", $show_type)) {
-			$cms->messages[] = array('msg' => 'File is not a DOC/ODT file', 'class' => 'error');
-			$error = 1;
-		}
-		if (preg_match("/A/", $show_type)) {
-			$cms->messages[] = array('msg' => 'File is not a PDF file', 'class' => 'error');
-			$error = 1;
-		}
-		if (preg_match("/B/", $show_type)) {
-			$cms->messages[] = array('msg' => 'No valid file was given', 'class' => 'error');
-			$error = 1;
-		}
-	}
-	// binary: all okay
-	// if no error, save data
-	if (!$error) {
-		if ($_FILES['file_up']['name']) {
-			$mime_type = $_FILES['file_up']['type'];
-			$file_size = $_FILES['file_up']['size'];
-			$file_name = $_FILES['file_up']['name'];
-			// get picture size
-			list($width, $height) = getimagesize($_FILES['file_up']['tmp_name']);
-			$cms->debug('upload', "Width: $width X Height: $height");
-			// set the file type and the target folder
-			if (preg_match("/jpeg|png|gif/", $mime_type)) {
-				$file_type = 'P';
-			} elseif (preg_match("/swf/", $mime_type)) {
-				$file_type = 'F';
-			} elseif (preg_match("/video/", $mime_type)) {
-				$file_type = 'V';
-			} elseif (preg_match("/msword|vnd.oasis.opendocument.text/", $mime_type)) {
-				$file_type = 'D';
-			} elseif (preg_match("/pdf/", $mime_type)) {
-				$file_type = 'A';
-			} elseif ($mime_type) {
-				$file_type = 'B';
-			}
-		}
-		// if we have an id -> updated
-		if ($file_uid) {
-			$q = "UPDATE file SET";
-			$q_set = " name_en = '".addslashes($name_en)."', name_ja = '".addslashes($name_ja)."', file_name = '".addslashes($file_name)."', online = '".$online."' ";
-			if ($_FILES['file_up']['name']) {
-				$q_set .= ", type = '".$file_type."', mime_type = '$mime_type', file_size = $file_size, size_x = $width, size_y = $height ";
-			}
-			$q .= $q_set."WHERE file_uid = '".$file_uid."'";
-			$cms->db_exec($q);
-			if (QUEUE == 'live_queue') {
-				$sql_action = 'UPDATE';
-				$sql_data = $q_set;
-			}
-		} else {
-			// insert new data
-			$file_uid = md5(uniqid(rand(), true));
-			$q = "INSERT INTO file (name_en, name_ja, file_name, online, mime_type, file_size, size_x, size_y, file_uid, type) VALUES (";
-			$q .= "'".addslashes($name_en)."', '".addslashes($name_ja)."', '".addslashes($file_name)."', '".$online."', '".$mime_type."', ";
-			$q .= "$file_size, ".(($width) ? $width : 'NULL').", ".(($height) ? $height : 'NULL').", '".$file_uid."', '".$file_type."')";
-			$cms->db_exec($q);
-			$file_id = $cms->insert_id;
-			// if queue
-			if (QUEUE == 'live_queue') {
-				$sql_data = $q;
-				$sql_action = 'INSERT';
-			}
-		}
-		$size_x = $width;
-		$size_y = $height;
-		$file = DEV_SCHEMA."_".$file_uid;
-		// now upload the file
-		if ($_FILES['file_up']['name']) {
-			$upload_file = BASE.MEDIA.$cms->data_path[$file_type].$file;
-			// wipe out any old tmp data for this new upload
-			if (is_array(glob(BASE.TMP."thumb_".$file."*"))) {
-				foreach (glob(BASE.TMP."thumb_".$file."*") as $filename) {
-					@unlink($filename);
-				}
-			}
-			# copy file to correct path
-			$error = move_uploaded_file($_FILES['file_up']['tmp_name'], $upload_file);
-
-			$cms->debug('file_upload', "UP: $upload_file");
-			$cms->debug('file_upload', "Orig: ".$cms->printAr($_FILES['file_up']));
-
-			// because I get bogus error info from move_uploaded_file ...
-			$error = 0;
-			if ($error) {
-				$cms->debug('file_upload', "ERROR: $error | INI FSize: ".ini_get("upload_max_filesize"));
-				$cms->messages[] = array('msg' => 'File upload failed', 'class' => 'error');
-				$q = "DELETE FROM file WHERE file_uid = '".$file_uid."'";
-				$cms->db_exec($q);
-				unset($file_id);
-				unset($file_uid);
-				$view = 'list';
-			} else {
-				$cms->messages[] = array('msg' => 'File upload successful', 'class' => 'warning');
-				// $view = 'list';
-			}
-		} // if file upload
-		// create thumbs + file size
-		$picture = $cms->cache_pictures.$cms->adbCreateThumbnail($file, 400, 280, $file_type, '', $cms->cache_pictures_root);
-		$picture_small = $cms->cache_pictures.$cms->adbCreateThumbnail($file, 80, 60, $file_type, '', $cms->cache_pictures_root);
-		$file_size = $cms->adbByteStringFormat($file_size);
-		// for live queue this is here needed
-		if (QUEUE == 'live_queue') {
-			$q = "INSERT INTO ".GLOBAL_DB_SCHEMA.".live_queue (queue_key, key_value, key_name, type, target, data, group_key, action";
-			if ($_FILES['file_up']['name']) {
-				$q .= ", file";
-			}
-			$q .= ") VALUES ('".$cms->queue_name."', '".$file_uid."', 'file_uid', '".$sql_action."', 'file', '".$cms->db_escape_string($sql_data)."', '".$cms->queue_key."', '".$cms->action."'";
-			if ($_FILES['file_up']['name']) {
-				$q .= ", '".BASE.MEDIA.$cms->data_path[$file_type].$file."#".BASE.MEDIA.$cms->data_path[$file_type].PUBLIC_SCHEMA."_".$file_uid."'";
-			}
-			$q .= ")";
-			$cms->db_exec($q);
-		}
-	} // if not error
-}
-if ($cms->action == 'delete' && $cms->action_yes == 'true') {
-	$file_uid = $cms->action_id;
-	$q = "SELECT type FROM file WHERE file_uid = '".$file_uid."'";
-	list ($file_type) = $cms->db_return_row($q);
-	// get the file type for the file path
-	$q = "DELETE FROM file WHERE file_uid = '".$file_uid."'";
-	$cms->db_exec($q);
-	if (QUEUE == 'set_live') {
-		$q = "INSERT INTO ".GLOBAL_DB_SCHEMA.".set_live (table_name, pkid, delete_flag) VALUES ('".$cms->page_name."', ".$file_uid.", 't')";
-		$cms->db_exec($q);
-	}
-	if (QUEUE == 'live_queue') {
-		$q = "INSERT INTO ".GLOBAL_DB_SCHEMA.".live_queue (queue_key, key_value, key_name, type, target, data, group_key, action, file) VALUES (";
-		$q .= "'".$cms->queue_name."', '".$file_uid."', 'file_uid', 'DELETE', 'file', '', '".$cms->queue_key."', '".$cms->action."', '".
-		$q .= BASE.MEDIA.$cms->data_path[$file_type].PUBLIC_SCHEMA."_".$file_uid."')";
-	}
-	@unlink(BASE.MEDIA.$cms->data_path[$file_type].DEV_SCHEMA."_".$file_uid);
-	// wipe out any old cache data for this new upload
-	if (is_array(glob($cms->cache_pictures."thumb_".TEST_SCHEMA."_".$file_uid."*"))) {
-		foreach (glob($cms->cache_pictures."thumb_".TEST_SCHEMA."_".$file_uid."*") as $filename) {
-			@unlink($filename);
-		}
-	}
-	unset($file_uid);
-	unset($file_id);
-	$delete_done = 1;
-	$view = 'list';
-}
-if ($cms->action == 'load') {
-	$file_uid = $cms->action_id;
-	// load the data
-	$q = "SELECT file_id, name_en, name_ja, file_name, online, mime_type, file_size, size_x, size_y, type FROM file WHERE file_uid = '".$file_uid."'";
-	list($file_id, $name_en, $name_ja, $file_name, $online, $mime_type, $file_size, $size_x, $size_y, $file_type) = $cms->db_return_row($q);
-	// create thumbnail for edit view
-	$file = DEV_SCHEMA."_".$file_uid;
-	// thumbnails are only valid for pictures
-	$picture = $cms->cache_pictures.$cms->adbCreateThumbnail($file, 400, 280, $file_type, '', $cms->cache_pictures_root);
-	$picture_small = $cms->cache_pictures.$cms->adbCreateThumbnail($file, 80, 60, $file_type, '', $cms->cache_pictures_root);
-	$file_size = $cms->adbByteStringFormat($file_size);
-	// view to edit
-	$view = 'edit';
-}
-if ($cms->action == 'add_new') {
-	$view = 'edit';
-}
-if ($cms->action == 'view_files' && $cms->action_yes == 'true') {
-	$view = 'list';
-}
-// set delete live
-if ($cms->action_flag == 'set_live' && $cms->action = 'set_delete') {
-	$q = "SELECT file_uid, pkid, type FROM ".LOGIN_DB_SCHEMA.".set_live sl, file f WHERE sl.pkid = f.file_uid table_name = '".$cms->page_name."' AND delete_flag = 't'";
-	while ($res = $cms->db_return($q)) {
-		$q_del = "DELETE FROM ".PUBLIC_SCHEMA.".file WHERE file_uid = '".$res['pkid'].'"';
-		$cms->db_exec($q_del);
-		@unlink(BASE.MEDIA.$cms->data_path[$res['type']].PUBLIC_SCHEMA."_".$res['file_uid']);
-		// wipe out any old cache data for this new upload
-		if (is_array(glob($cms->cache_pictures."thumb_".LIVE_SCHEMA."_".$file_uid."*"))) {
-			foreach (glob($cms->cache_pictures."thumb_".LIVE_SCHEMA."_".$file_uid."*") as $filename) {
-				@unlink($filename);
-			}
-		}
-	}
-	$q = "DELETE FROM ".LOGIN_DB_SCHEMA.".set_live WHERE table_name = '".$cms->page_name."' AND delete_flag = 't'";
-	$cms->db_exec($q);
-}
-if (DEV_SCHEMA != PUBLIC_SCHEMA) {
-	// read out possible deleted, to add "delete from live"
-	$q = "SELECT pkid FROM ".LOGIN_DB_SCHEMA.".set_live WHERE table_name = '".$cms->page_name."' AND delete_flag = 't'";
-	if ($cms->access_rights['base_acl'] < 90) {
-		$q .= "AND edit_access_id IN (".join(',', $edit_access_ids).") ";
-	}
-	while ($res = $cms->db_return($q, 3)) {
-		$cms->DATA['set_delete'][]['pkid'] = $res['pkid'];
-	}
-}
-// get th max entries
-$q = "SELECT COUNT(file_uid) FROM file ";
-$q_search_where = "WHERE ";
-// only for current edit_access id, unless it is an admin user, then he can see all of them
-if ($cms->access_rights['base_acl'] < 90) {
-	$q_search_where .= "edit_access_id IN (".join(',', $edit_access_ids).") AND ";
-}
-$q_search_where .= "type in ('".str_replace(',', "','", $show_type)."') ";
-if ($search_what) {
-	$q_search_where .= "AND LOWER(name_en) LIKE '%".addslashes(strtolower($search_what))."%' OR name_ja LIKE '%".addslashes($search_what)."%' OR LOWER(file_name) LIKE '%".addslashes(strtolower($search_what))."%' ";
-}
-$q .= $q_search_where;
-// get selection from show_type
-list ($file_count) = $cms->db_return_row($q);
-
-if ($cms->action == 'browse') {
-	// browse in the list of data
-	switch ($cms->action_id) {
-		case "<<<<":
-			$start_row = 0;
-			break;
-		case "<":
-			$start_row -= $show_amount;
-			break;
-		case ">":
-			$start_row += $show_amount;
-			break;
-		case ">>>>":
-			$start_row = $file_count - $show_amount;
-			break;
-		case "gopage":
-			// for page is page -1, so page 1 start from 0, etc
-			$start_row = ((($cms->action_value - 1) > 0) ? ($cms->action_value - 1) * $show_amount : 0);
-			$current_page = $cms->action_value;
-			break;
-	}
-}
-
-// check overflow
-if ($start_row < 0) {
-	$start_row = 0;
-}
-if ($start_row > $file_count) {
-	$start_row = $file_count - $show_amount;
-}
-
-// if we have a "fresh_load"
-if ($fresh_load) {
-	$count = 1;
-	$q = "SELECT file_uid FROM file ";
-	if ($q_search_where) {
-		$q .= $q_search_where;
-	}
-	$q .= "ORDER BY ".$sort_order." ".$sort_direction." ";
-	while ($res = $cms->db_return($q)) {
-		// if data_id is set and not file_id, go to the page where the current highlight is, but only if this is a "virgin" load of the page
-		if ($data_id && ($data_id == $res['file_uid'])) {
-			$current_page = floor(($count / $show_amount));
-			$start_row = $current_page * $show_amount;
-			$current_page ++;
-		}
-		$count ++;
-	}
-}
-
-// page forward/back buttons settings
-if ($start_row > 0) {
-	$cms->DATA['show_back'] = 1;
-}
-$cms->DATA['page_number'] = ceil($start_row / $show_amount) + 1;
-$cms->DATA['page_count'] = ceil($file_count / $show_amount);
-if ($cms->DATA['page_count'] > 2 && !$current_page) {
-	$current_page = 1;
-}
-if (($start_row + $show_amount) < $file_count) {
-	$cms->DATA['show_forward'] = 1;
-}
-
-$q = "SELECT file_id, name_en, name_ja, file_name, online, mime_type, file_size, size_x, size_y, file_uid, type FROM file ";
-// if search what, search in name_en, name_ja, file_name for the string
-if ($q_search_where) {
-	$q .= $q_search_where;
-}
-$q .= "ORDER BY ".$sort_order." ".$sort_direction." ";
-$q .= "LIMIT ".$show_amount." OFFSET ".$start_row;
-while ($res = $cms->db_return($q)) {
-	$data_files[] = array (
-		'id' => $res['file_id'],
-		'name_en' => $res['name_en'],
-		'name_ja' => $res['name_ja'],
-		'file_name' => $res['file_name'],
-		'online' => $res['online'],
-		'mime_type' => $res['mime_type'],
-		'file_size' => $cms->adbByteStringFormat($res['file_size']),
-		'size_x' => $res['size_x'],
-		'size_y' => $res['size_y'],
-		'file_uid' => $res['file_uid'],
-		'file_type' => $res['type'],
-		'picture' => $cms->cache_pictures.$cms->adbCreateThumbnail(DEV_SCHEMA.'_'.$res['file_uid'], 80, 60, $res['type'], '', $cms->cache_pictures_root)
-	);
-}
-
-$cms->DATA['show_type'] = $show_type;
-$cms->DATA['data_files'] = $data_files;
-$cms->DATA['view'] = $view;
-$cms->DATA['images_path'] = MEDIA.$cms->data_path[$file_type];
-// get vars for position (only when)
-$cms->DATA['form_name'] = $form_name;
-$cms->DATA['value_name'] = $value_name;
-$cms->DATA['file_id'] = $file_id;
-$cms->DATA['file_uid'] = $file_uid;
-
-// write back all the other vars
-if (!($delete_done || $new_okay)) {
-	// data name
-	$cms->DATA['file_name'] = $file_name;
-	$cms->DATA['name_en'] = $name_en;
-	$cms->DATA['name_ja'] = $name_ja;
-	$cms->DATA['mime_type'] = $mime_type;
-	$cms->DATA['file_size'] = $file_size;
-	$cms->DATA['size_x'] = $size_x;
-	$cms->DATA['size_y'] = $size_y;
-	$cms->DATA['online'] = $online;
-	$cms->DATA['picture'] = $picture;
-	$cms->DATA['picture_small'] = $picture_small;
-	$cms->DATA['file_type'] = $file_type;
-}
-$cms->DATA['sort_order_list'] = $sort_order_list;
-$cms->DATA['sort_order'] = $sort_order;
-$cms->DATA['sort_direction_list'] = $sort_direction_list;
-$cms->DATA['sort_direction'] = $sort_direction;
-$cms->DATA['search_what'] = $search_what;
-$cms->DATA['current_page'] = $current_page;
-$cms->DATA['yesno_list'] = $yesno_list;
-$cms->DATA['start_row'] = $start_row;
-$cms->DATA['show_amount'] = $show_amount;
-if ($data_id) {
-	$cms->DATA['data_id'] = $data_id;
-}
-$cms->DATA['top'] = 0;
-$cms->DATA['left'] = 0;
-
-//------------------------------ processing data end
-
-//------------------------------ smarty start
-require("smarty.inc");
-//------------------------------ smarty end
-
-//------------------------------ footer
-require("footer.inc");
-//------------------------------ footer

www/admin/namespace_test.php

@@ -11,7 +11,7 @@ $DB_DEBUG = 1;
 ob_start();
 
 // admin class tests
-require 'config.inc' ;
+require 'config.php';
 DEFINE('SET_SESSION_NAME', EDIT_SESSION_NAME);
 
 echo "DIR: ".DIR."<br>ROOT: ".ROOT."<br>BASE: ".BASE."<br>";

www/admin/qq_file_upload_ajax.php

@@ -0,0 +1,46 @@
+<?php
+
+$DEBUG_ALL = 1;
+$ECHO_ALL = 0;
+$PRINT_ALL = 1;
+
+// load the Basic && qq file uploader here
+require 'config.php';
+// class load
+$base = new CoreLibs\Basic();
+$base->debug('AJAX UPLOAD', 'START Backend');
+// set max upload size
+$MAX_UPLOAD_SIZE = $base->StringByteFormat(ini_get('upload_max_filesize'));
+
+// test for qqFileUploader (AJAX side)
+$allowedExtensions = array ('csv', 'zip', 'jpg', 'pdf', 'bz2');
+$sizeLimit = $MAX_UPLOAD_SIZE; // as set in php ini
+$base->debug('AJAX UPLOAD', 'Size: '.$sizeLimit.', Memory Limit: '.ini_get('memory_limit'));
+$uploader = new CoreLibs\Upload\qqFileUploader($allowedExtensions, $sizeLimit);
+// either in post or get
+$_action= $_POST['action'] ? $_POST['action'] : $_GET['action'];
+$_task_uid = $_POST['task_uid'] ? $_POST['task_uid'] : $_GET['task_uid'];
+$get_post['start'] = microtime(true);
+$base->debug('AJAX UPLOAD', 'Action: '.$_action.', Task UID: '.$_task_uid.' => '.$base->dateStringFormat($get_post['start']));
+
+$upload_path = ROOT.MEDIA.UPLOADS;
+$get_post['result'] = $uploader->handleUpload($upload_path, false);
+$base->debug('AJAX UPLOAD', 'Memory peak: '.$base->ByteStringFormat(memory_get_usage()).' | '.$base->ByteStringFormat(memory_get_peak_usage()));
+
+// set file name
+$get_post['filename'] = $uploader->uploadFileName;
+$get_post['type'] = $uploader->uploadFileExt;
+$get_post['filesize'] = filesize($uploader->uploadFileName);
+$get_post['filesize_formated'] = $base->ByteStringFormat($get_post['filesize']);
+$get_post['end'] = microtime(true);
+$get_post['time'] = $get_post['end'] - $get_post['start'];
+
+$base->debug('AJAX RESULT', $base->printAr($get_post));
+// return data
+$output = htmlspecialchars(json_encode($get_post), ENT_NOQUOTES);
+// $base->debug('AJAX JSON', $output);
+print $output;
+
+$base->printErrorMsg();
+
+// __END__

www/admin/qq_file_upload_front.php

@@ -0,0 +1,225 @@
+<?php
+
+$DEBUG_ALL = 1;
+$ECHO_ALL = 0;
+$PRINT_ALL = 1;
+
+// test file for qqFileUploader (HTML side)
+// load the Basic class here
+require 'config.php';
+$base = new CoreLibs\Basic();
+// set max upload size
+$MAX_UPLOAD_SIZE = $base->StringByteFormat(ini_get('upload_max_filesize'));
+$base->debug('UPLOADED FRONT', 'With max size: '.$MAX_UPLOAD_SIZE);
+
+// very basic template output with super basic div for two file upload
+?>
+<html>
+<head>
+<title>File upload AJAX</title>
+<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
+<style type="text/css">
+.normal {
+	width: 25%;
+}
+.flx-s {
+	align-content: stretch;
+	display: flex;
+	flex: 1 100%;
+}
+.uploadError {
+	font-weight: bold;
+	color: red;
+}
+.uploadCancel {
+	font-weight: bold;
+	color: orange;
+}
+
+.qq-file-upload-button {
+	border: 1px solid #999999;
+	border-radius: 2px 2px 2px 2px;
+	box-shadow: 0 10px rgba(255, 255, 255, 0.3) inset, 0 10px rgba(255, 255, 255, 0.2) inset, 0 10px 2px rgba(255, 255, 255, 0.25) inset, 0 -1px 2px rgba(0, 0, 0, 0.3) inset;
+	text-align: center;
+	padding: 3px 5px 3px;
+	background-color: #cacaca;
+	margin: 2px;
+}
+
+.qq-file-upload-button:hover {
+	box-shadow: 0 10px 2px rgba(107, 107, 107, 0.2) inset, 0 12px rgba(107, 107, 107, 0.05) inset, 0 12px 2px rgba(107, 107, 107, 0.1) inset, 0 -1px 2px rgba(255, 255, 255, 0.3) inset;
+}
+
+.qq-file-upload-button:active {
+	border: 1px solid red;
+	background-color: rgba(80, 80, 80, 0.5);
+}
+
+.qq-upload-cancel {
+	border: 1px solid red;
+	border-radius: 2px;
+	text-align: center;
+	padding: 3px 5px 3px;
+	background-color: #eb652d;
+	margin: 2px;
+}
+.qq-upload-cancel:hover {
+	background-color: #eb8686;
+}
+.qq-upload-cancel:active {
+	border: 1px solid black;
+	background-color: #eb2d2d;
+}
+
+.progressBarOutside {
+	background-color: #f1f1f1;
+	color: black;
+	width: 100%;
+}
+
+.progressBarInside {
+	background-color: #1e9e84;
+	border-radius: 4px;
+	padding: 0.01em;
+	text-align: center;
+	font-size: 0.8em;
+}
+
+</style>
+<script src="layout/default/javascript/prototype.js" type="text/javascript"></script>
+<script src="layout/default/javascript/file-uploader/fileuploader.js" type="text/javascript"></script>
+<script type="text/javascript">
+function formatBytes(bytes)
+{
+	var i = -1;
+	do {
+		bytes = bytes / 1024;
+		i++;
+	} while (bytes > 99);
+
+	// return Math.max(bytes, 0.1).toFixed(1) + ['kB', 'MB', 'GB', 'TB', 'PB', 'EB'][i];
+	return parseFloat(Math.round(bytes * Math.pow(10, 2)) / Math.pow(10, 2)) + ['kB', 'MB', 'GB', 'TB', 'PB', 'EB'][i];
+}
+var MAX_UPLOAD_SIZE = <?=$MAX_UPLOAD_SIZE;?>;
+// function to add an AJAX uploadeder to the set
+function createUploaderSin(divName, divNumber) {
+	divID = divName + '_' + divNumber;
+	console.log('Div: %s, Number: %s => ID: %s', divName, divNumber, divID);
+	$(divID + '_Cancel').hide();
+	var uploader = new qq.FileUploaderBasic({
+		// element: document.getElementById(divID),
+		element: $(divID),
+		cancel: $(divID + '_Cancel'),
+		action: 'qq_file_upload_ajax.php',
+		multiple: false,
+		button: $(divID),
+		allowedExtensions: ['csv', 'zip', 'jpg', 'pdf', 'bz2'],
+		sizeLimit: MAX_UPLOAD_SIZE, // size set from php ini
+		name: divID,
+		params: {
+			'file_pos': divNumber, // we need to add here ID or something
+			'action': 'upload',
+			'task_uid': divNumber // -> test for some internal uid
+		},
+		onSubmit: function(id, filename, target) {
+			console.log('File upload: "%s", ID: "%s" => "%s"', filename, id, target);
+			// remove any assigned error classes and flags
+			if ($(target + '_ProgressText').hasClassName('uploadError') || $(target + '_ProgressText').hasClassName('uploadCancel')) {
+				$(target + '_ProgressText').className = '';
+				$(target + '_Error').value = 0;
+			}
+			$(target + '_ProgressText').innerHTML = 'Start uploading file: ' + filename;
+			$(target + '_Cancel').show();
+			// disabled stuff here
+		},
+		onProgress: function(id, filename, loaded, total, target) {
+			console.log('Progress for file: "%s", ID: "%s", loaded: "%s", total: "%s" => "%s"', id, filename, loaded, total, target);
+			var percent = Math.round((loaded / total) * 100);
+			$(target + '_ProgressBar').innerHTML = percent + '%';
+			$(target + '_ProgressBar').style.width = percent + '%';
+			$(target + '_ProgressText').innerHTML = 'Uploading: ' + filename + ', ' + formatBytes(loaded) + '/' + formatBytes(total);
+		},
+		onComplete: function(id, filename, responseJSON, target) {
+			console.log('File upload for file "%s", id "%s" done with status "%s" => "%s", And success: %s', filename, id, responseJSON, target, responseJSON.result.success);
+			if (responseJSON.result.success) {
+				$(target + '_ProgressBar').innerHTML = '100%';
+				$(target + '_ProgressBar').style.width = '100%';
+				$(target + '_ProgressText').innerHTML = 'Uploaded: ' + filename + ' (' + responseJSON.filesize_formated + ')';
+				// also write hidden vars for this (file name, etc)
+				// for that we replace the divName part from the target and get just the pos number ?
+				// $(target + 'Name').value = filename;
+				// $(target + 'NameUpload').value = responseJSON.filename;
+				// $(target + 'Type').value = responseJSON.type;
+				// $(target + 'Size').value = responseJSON.filesize;
+			} else {
+				// set the error class
+				$(target + '_ProgressText').className = 'uploadError';
+				// flag error
+				$(target + '_Error').value = 1;
+				// and write the error
+				$(target + '_ProgressText').innerHTML = 'UPLOAD FAILED FOR FILE: ' + filename;
+			}
+			// renable stuff here
+			$(target + '_Cancel').hide();
+		},
+		onCancel: function (id, filename, target) {
+			// cancel upload
+			console.log('File upload cancled for file "%s", id "%s"', filename, id);
+			// upload cancel
+			$(target + '_ProgressText').className = 'uploadCancel';
+			$(target + '_Error').value = 1;
+			$(target + '_ProgressText').innerHTML = 'UPLOAD CANCELED FOR FILE: ' + filename;
+			$(target + '_Cancel').hide();
+		},
+		/*showMessage: function(message) {
+			console.log('MESSAGE: %s', message);
+		}, */
+		debug: true
+	});
+	// console.log('INIT Nr %s => cnt: %s', divNumber, uploader);
+	return uploader;
+}
+</script>
+</head>
+
+<body>
+<div id="masterGroup">
+	<div>File upload via AJAX (MAX SIZE: <?=$base->byteStringFormat($MAX_UPLOAD_SIZE);?>)</div>
+	<div class="flx-s">
+		<div id="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_MF5tISORiay7" class="normal qq-file-upload-button" style="width: 20%">Upload File</div>
+		<div style="width: 5%">
+			<div id="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_MF5tISORiay7_Cancel" class="qq-upload-cancel">X</div>
+		</div>
+		<div style="width: 75%; padding: 5px;">
+			<div id="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_MF5tISORiay7_ProgressText"></div>
+			<div class="progressBarOutside">
+				<div class="progressBarInside" id="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_MF5tISORiay7_ProgressBar" style="width: 0%">0%</div>
+			</div>
+		</div>
+		<input type="hidden" name="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_MF5tISORiay7_Error" id="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_MF5tISORiay7_Error" value="">
+	</div>
+	<div class="flx-s">
+		<div id="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_Ww9iWKrl3Xou" class="normal qq-file-upload-button" style="width: 20%">Upload File</div>
+		<div style="width: 5%">
+			<div id="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_Ww9iWKrl3Xou_Cancel" class="qq-upload-cancel">X</div>
+		</div>
+		<div style="width: 75%; padding: 5px;">
+			<div id="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_Ww9iWKrl3Xou_ProgressText"></div>
+			<div class="progressBarOutside">
+				<div class="progressBarInside" id="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_Ww9iWKrl3Xou_ProgressBar" style="width: 0%">0%</div>
+			</div>
+		</div>
+		<input type="hidden" name="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_Ww9iWKrl3Xou_Error" id="Uploader_3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_Ww9iWKrl3Xou_Error" value="">
+	</div>
+</div>
+</body>
+</html>
+<script type="text/javascript">
+// attach uploader to div areas
+createUploaderSin('Uploader', '3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_MF5tISORiay7');
+createUploaderSin('Uploader', '3WD7MAFmjAux_dlvvu13tezNj_XeSO0Ovauli0_Ww9iWKrl3Xou');
+</script>
+<?php
+$base->printErrorMsg();
+
+// __END__

www/admin/smarty_test.php

@@ -7,14 +7,16 @@ $DB_DEBUG = 1;
 $LOG_PER_RUN = 1;
 
 define('USE_DATABASE', true);
-require("header.inc");
+define('USE_HEADER', true);
+require 'config.php';
+require BASE.INCLUDES.'admin_header.inc';
 $MASTER_TEMPLATE_NAME = 'main_body.tpl';
 $TEMPLATE_NAME = 'smarty_test.tpl';
 $PAGE_WIDTH = 750;
-require("set_paths.inc");
+require BASE.INCLUDES.'admin_set_paths.inc';
 
 // smarty test
 $cms->DATA['SMARTY_TEST'] = 'Test Data';
 
-require("smarty.inc");
-require("footer.inc");
+require BASE.INCLUDES.'admin_smarty.inc';
+require BASE.INCLUDES.'admin_footer.inc';

www/admin/various_class_test.php

@@ -0,0 +1,97 @@
+<?php
+
+$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+$DEBUG_ALL = 1;
+$PRINT_ALL = 1;
+$DB_DEBUG = 1;
+
+// admin class tests
+// require 'config.inc';
+require 'config.php';
+DEFINE('SET_SESSION_NAME', EDIT_SESSION_NAME);
+$base = new CoreLibs\Basic();
+
+print "THIS HOST: ".HOST_NAME.", with PROTOCOL: ".HOST_PROTOCOL." is running SSL: ".HOST_SSL."<br>";
+print "DIR: ".DIR."<br>";
+print "BASE: ".BASE."<br>";
+print "ROOT: ".ROOT."<br>";
+print "HOST: ".$HOST_NAME." => DB HOST: ".$DB_HOST[$HOST_NAME]." => ".MAIN_DB."<br>";
+
+// $test = array (
+// 	'A' => array (
+// 		'B' => array (),
+// 		'C' => array (
+// 			'D' => array (),
+// 			'E' => array (
+// 				'F' => array ()
+// 			)
+// 		)
+// 	),
+// 	'1' => array (),
+// 	'2' => array (),
+// 	'3' => array (
+// 		'G' => array ()
+// 	)
+// );
+
+$base->debug('ARRAY', $base->printAr($test));
+
+function rec($pre, $cur, $node = array ())
+{
+	if (!is_array($node)) {
+		$node = array ();
+	}
+	print "<div style='color: green;'>#### PRE: ".$pre.", CUR: ".$cur.", N-c: ".count($node)." [".join('|', array_keys($node))."]</div>";
+	if (!$pre) {
+		print "** <span style='color: red;'>NEW</span><br>";
+		$node[$cur] = array ();
+	} else {
+		if (array_key_exists($pre, $node)) {
+			print "+ <span style='color: orange;'>KEY FOUND:</span> ".$pre.", add: ".$cur."<br>";
+			$node[$pre][$cur] = array ();
+		} else {
+			print "- NOT FOUND: loop<br>";
+			foreach ($node as $_pre => $_cur) {
+				print "> TRY: ".$_pre." => ".count($_cur)." [".join('|', array_keys($_cur))."]<br>";
+				if (count($_cur) > 0) {
+					$node[$_pre] = rec($pre, $cur, $_cur);
+				}
+			}
+		}
+	}
+	return $node;
+}
+
+function flattenArrayKey(array $array, array $return = array ())
+{
+	foreach ($array as $key => $sub) {
+		$return[] = $key;
+		if (count($sub) > 0) {
+			$return = flattenArrayKey($sub, $return);
+		}
+	}
+	return $return;
+}
+
+// core
+$test = rec('', 'A', $test);
+$test = rec('', '1', $test);
+$test = rec('', '2', $test);
+$test = rec('', '3', $test);
+$test = rec('3', 'G', $test);
+$test = rec('A', 'B', $test);
+$test = rec('A', 'C', $test);
+$test = rec('C', 'D', $test);
+$test = rec('C', 'E', $test);
+$test = rec('E', 'F', $test);
+// new
+$test = rec('C', 'U', $test);
+$test = rec('F', 'U', $test);
+$test = rec('', 'Al', $test);
+$test = rec('B', 'B1', $test);
+$base->debug('REC', $base->printAr($test));
+print "FLATTEN: ".$base->printAr(flattenArrayKey($test))."<br>";
+
+print $base->printErrorMsg();
+
+// __END__

www/configs/config.db.inc

@@ -0,0 +1,25 @@
+<?php
+/********************************************************************
+* AUTHOR: Clemens Schwaighofer
+* CREATED: 2018/10/11
+* SHORT DESCRIPTION:
+* configuration file for database settings
+* HISTORY:
+*********************************************************************/
+
+// please be VERY carefull only to change the right side
+$DB_CONFIG = array (
+	'test' => array (
+		'db_name' => 'gullevek',
+		'db_user' => 'gullevek',
+		'db_pass' => 'gullevek',
+		'db_host' => 'db.tokyo.tequila.jp',
+		'db_port' => '5432',
+		'db_schema' => 'public',
+		'db_type' => 'pgsql',
+		'db_encoding' => '',
+		'db_ssl' => 'disable' // allow, disable, require, prefer
+	)
+);
+
+// __END__

www/configs/config.host.inc

@@ -0,0 +1,33 @@
+<?php
+/********************************************************************
+* AUTHOR: Clemens Schwaighofer
+* CREATED: 2018/10/11
+* SHORT DESCRIPTION:
+* configuration file for core host settings
+* - DB access name (array group from config.db)
+* - location (test/stage/live)
+* - debug flag (true/false)
+* - DB path (eg PUBLIC_SCHEMA)
+* - stie lang
+* HISTORY:
+*********************************************************************/
+
+// each host has a different db_host
+// development host
+$DB_HOST['soba.tokyo.tequila.jp'] = 'test';
+// target host (live)
+//	$DB_TARGET_HOST['soba'] = '<DB ID>';
+// url redirect database
+//	$DB_URL_REDIRECT_HOST['soba'] = '<DB ID>';
+// location flagging
+// test/dev/live
+$LOCATION['soba.tokyo.tequila.jp'] = 'test';
+// show DEBUG override
+// true/false
+$DEBUG_FLAG['soba.tokyo.tequila.jp'] = true;
+// set postgresql paths (schemas)
+$DB_PATH['soba.tokyo.tequila.jp'] = PUBLIC_SCHEMA;
+// site language
+$SITE_LANG['soba.tokyo.tequila.jp'] = 'en_utf8';
+
+// __END__

www/configs/config.template.inc

@@ -8,17 +8,19 @@
 *********************************************************************/
 
 /************* SESSION NAMES *************/
+// server name HASH
+DEFINE('SERVER_NAME_HASH', hash('crc32b', $_SERVER['HTTP_HOST']));
 // backend
-DEFINE('EDIT_SESSION_NAME', "<ADMIN SESSION NAME>");
+DEFINE('EDIT_SESSION_NAME', '<ADMIN SESSION NAME>'.SERVER_NAME_HASH);
 // frontend
-DEFINE('SESSION_NAME', "<SESSION NAME>");
-// set the session name
-define('SET_SESSION_NAME', EDIT_SESSION_NAME);
+DEFINE('SESSION_NAME', '<SESSION NAME>'.SERVER_NAME_HASH);
+// SET_SESSION_NAME should be set in the header if a special session name is needed
+// DEFINE('SET_SESSION_NAME', SESSION_NAME);
 
 /************* LANGUAGE / ENCODING *******/
-DEFINE('DEFAULT_LANG', "en_utf8");
+DEFINE('DEFAULT_LANG', 'en_utf8');
 // default web page encoding setting
-DEFINE('DEFAULT_ENCODING', "UTF-8");
+DEFINE('DEFAULT_ENCODING', 'UTF-8');
 
 /************* PATHS *********************/
 // directory seperator
@@ -35,56 +37,58 @@ DEFINE('ROOT', getcwd().DS);
 // libs path
 DEFINE('LIB', 'lib'.DS);
 DEFINE('LIBS', 'lib'.DS);
+// configs folder
+DEFINE('CONFIGS', 'configs'.DS);
 // includes (strings, arrays for static, etc)
 DEFINE('INCLUDES', 'includes'.DS);
 // layout base path
 DEFINE('LAYOUT', 'layout'.DS);
 // pic-root (compatible to CMS)
-DEFINE('PICTURES', "images".DS);
+DEFINE('PICTURES', 'images'.DS);
 // images
-DEFINE('IMAGES', "images".DS);
+DEFINE('IMAGES', 'images'.DS);
 // icons (below the images/ folder)
 DEFINE('ICONS', 'icons'.DS);
 // media
-DEFINE('MEDIA', "media".DS);
+DEFINE('MEDIA', 'media'.DS);
 // flash-root (below media)
-DEFINE('FLASH', "flash".DS);
+DEFINE('FLASH', 'flash'.DS);
 // uploads (anything to keep)
-DEFINE('UPLOADS', "uploads".DS);
+DEFINE('UPLOADS', 'uploads'.DS);
 // files (binaries) (below media)
-DEFINE('BINARIES', "binaries".DS);
+DEFINE('BINARIES', 'binaries'.DS);
 // files (videos) (below media)
-DEFINE('VIDEOS', "videos".DS);
+DEFINE('VIDEOS', 'videos'.DS);
 // files (documents) (below media)
-DEFINE('DOCUMENTS', "documents".DS);
+DEFINE('DOCUMENTS', 'documents'.DS);
 // files (pdfs) (below media)
-DEFINE('PDFS', "documents".DS);
+DEFINE('PDFS', 'documents'.DS);
 // CSV
 DEFINE('CSV', 'csv'.DS);
 // css
-DEFINE('CSS', "css".DS);
+DEFINE('CSS', 'css'.DS);
 // js
-DEFINE('JS', "javascript".DS);
+DEFINE('JS', 'javascript'.DS);
 // table arrays
-DEFINE('TABLE_ARRAYS', "table_arrays".DS);
+DEFINE('TABLE_ARRAYS', 'table_arrays'.DS);
 // smarty libs path
-DEFINE('SMARTY', "Smarty".DS);
+DEFINE('SMARTY', 'Smarty'.DS);
 // po langs
-DEFINE('LANG', "lang".DS);
+DEFINE('LANG', 'lang'.DS);
 // cache path
-DEFINE('CACHE', "cache".DS);
+DEFINE('CACHE', 'cache'.DS);
 // temp path
-DEFINE('TMP', "tmp".DS);
+DEFINE('TMP', 'tmp'.DS);
 // log files
 DEFINE('LOG', 'log'.DS);
 // compiled template folder
 DEFINE('TEMPLATES_C', 'templates_c'.DS);
 // template base
-DEFINE('TEMPLATES', "templates".DS);
+DEFINE('TEMPLATES', 'templates'.DS);
 // frontend template dir', only for admin
-DEFINE('TEMPLATES_FRONTEND', "templates_frontend".DS);
+DEFINE('TEMPLATES_FRONTEND', 'templates_frontend'.DS);
 // default template
-DEFINE('DEFAULT_TEMPLATE', "default".DS);
+DEFINE('DEFAULT_TEMPLATE', 'default'.DS);
 // default template file
 DEFINE('DEFAULT_TEMPLATE_FILE', 'default.tpl');
 
@@ -102,14 +106,14 @@ DEFINE('DEFAULT_ACL_SEND', 70);
 DEFINE('DEFAULT_ACL_DEL', 80);
 DEFINE('DEFAULT_ACL_ADMIN', 100); */
 // SSL host name
-//	DEFINE('SSL_HOST', "ssl.host.name");
+//	DEFINE('SSL_HOST', 'ssl.host.name');
 // error page strictness, Default is 3
 // 1: only show error page as the last mesure if really no mid & aid can be loaded and found at all
 // 2: if template not found, do not search, show error template
 // 3: if default template is not found, show error template, do not fall back to default tree
 // 4: very strict, even on normal fixable errors through error
 //	DEFINE('ERROR_STRICT', 3);
-// allow page caching in general, set to "FALSE" if you do debugging or development!
+// allow page caching in general, set to 'FALSE' if you do debugging or development!
 //	DEFINE('ALLOW_SMARTY_CACHE', FALSE);
 // cache life time, in seconds, default here is 2 days (172800s)
 // -1 is never expire cache
@@ -120,6 +124,9 @@ DEFINE('DEFAULT_ACL_ADMIN', 100); */
 DEFINE('LOGOUT_TARGET', '');
 // password change allowed
 DEFINE('PASSWORD_CHANGE', false);
+// min/max password length
+DEFINE('PASSWORD_MIN_LENGTH', 8);
+DEFINE('PASSWORD_MAX_LENGTH', 255);
 
 /************* AJAX / ACCESS *************/
 // ajax request type
@@ -134,6 +141,11 @@ DEFINE('PAGE_WIDTH', 800);
 // the default template name
 DEFINE('MASTER_TEMPLATE_NAME', 'main_body.tpl');
 
+// below two can be defined here, but they should be
+// defined in either the header file or the file itself
+/************* LOGGING *******************/
+// DEFINE('LOG_FILE_ID', '');
+
 /************* QUEUE TABLE *************/
 // if we have a dev/live system
 // set_live is a per page/per item
@@ -147,44 +159,56 @@ DEFINE('DEV_SCHEMA', 'public');
 DEFINE('TEST_SCHEMA', 'public');
 DEFINE('LIVE_SCHEMA', 'public');
 
-// non constant part
-/************* DB ACCESS *****************/
-// please be VERY carefull only to change the right side
-$DB_CONFIG = array (
-	"<DB ID>" => array (
-		"db_name" => "<DB NAME>",
-		"db_user" => "<DB USER>",
-		"db_pass" => "<DB PASSWORD>",
-		"db_host" => "<DB HOST>",
-		"db_port" => "5432",
-		"db_schema" => "<DB SCHEMA>", // if not set, uses public
-		"db_type" => "pgsql",
-		"db_encoding" => '',
-		"db_ssl" => 'disable' // allow, disable, require, prefer
-	)
-);
-
+/************* OTHER PATHS *****************/
 // File and Folder paths
 // ID is TARGET (first array element)
-//	$PATHS["test"]["csv_path"] = "";
-//	$PATHS["test"]["perl_bin"] = "";
-//	$PATHS["test"]["redirect_url"] = "";
+//	$PATHS['test']['csv_path'] = '';
+//	$PATHS['test']['perl_bin'] = '';
+//	$PATHS['test']['redirect_url'] = '';
 
-// each host has a different db_host
-// development host
-$DB_HOST['<HOST NAME>'] = "<DB ID>";
-// target host (live)
-//	$DB_TARGET_HOST['<HOST NAME>'] = "<DB ID>";
-// url redirect database
-//	$DB_URL_REDIRECT_HOST['<HOST NAME>'] = "<DB ID>";
-// location flagging
-// test/dev/live
-$LOCATION['<HOST NAME>'] = '<test|live|remote|etc>';
-// show DEBUG override
-// true/false
-$DEBUG_FLAG['<HOST NAME>'] = true;
-// set postgresql paths (schemas)
-$DB_PATH['<HOST NAME>'] = PUBLIC_SCHEMA;
+// non constant part
+/************* DB ACCESS *****************/
+if (file_exists(BASE.CONFIGS.'config.db.inc')) {
+	require BASE.CONFIGS.'config.db.inc';
+}
+// -> below in config.db.inc
+// *** START ***
+// // please be VERY carefull only to change the right side
+// $DB_CONFIG = array (
+// 	'<DB ID>' => array (
+// 		'db_name' => '<DB NAME>',
+// 		'db_user' => '<DB USER>',
+// 		'db_pass' => '<DB PASSWORD>',
+// 		'db_host' => '<DB HOST>',
+// 		'db_port' => '5432',
+// 		'db_schema' => '<DB SCHEMA>', // if not set, uses public
+// 		'db_type' => 'pgsql',
+// 		'db_encoding' => '',
+// 		'db_ssl' => 'disable' // allow, disable, require, prefer
+// 	)
+// );
+// *** END ***
+if (file_exists(BASE.CONFIGS.'config.host.inc')) {
+	require BASE.CONFIGS.'config.host.inc';
+}
+// // -> below in config.host.inc
+// *** START ***
+// // each host has a different db_host
+// // development host
+// $DB_HOST['<HOST NAME>'] = '<DB ID>';
+// // target host (live)
+// //	$DB_TARGET_HOST['<HOST NAME>'] = '<DB ID>';
+// // url redirect database
+// //	$DB_URL_REDIRECT_HOST['<HOST NAME>'] = '<DB ID>';
+// // location flagging
+// // test/dev/live
+// $LOCATION['<HOST NAME>'] = '<test|live|remote|etc>';
+// // show DEBUG override
+// // true/false
+// $DEBUG_FLAG['<HOST NAME>'] = true;
+// // set postgresql paths (schemas)
+// $DB_PATH['<HOST NAME>'] = PUBLIC_SCHEMA;
+// *** END ***
 
 // set the USE_DATABASE var, if there is nothing set, we assume TRUE
 $USE_DATABASE = defined('USE_DATABASE') ? USE_DATABASE : true;
@@ -192,12 +216,22 @@ $USE_DATABASE = defined('USE_DATABASE') ? USE_DATABASE : true;
 // live frontend pages
 // ** missing live domains **
 // get the name without the port
-list($HOST_NAME, $PORT) = array_pad(explode(":", $_SERVER['HTTP_HOST'], 2), 2, null);
+list($HOST_NAME, $PORT) = array_pad(explode(':', $_SERVER['HTTP_HOST'], 2), 2, null);
 if (!$DB_HOST[$HOST_NAME] && $USE_DATABASE) {
-	echo "No matching DB config found. Contact Admin<br>";
+	echo 'No matching DB config found. Contact Admin<br>';
 	exit -1;
 }
-
+// set HOST name
+DEFINE('HOST_NAME', $HOST_NAME);
+// set SSL on
+if ((array_key_exists('HTTPS', $_SERVER) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ||
+	$_SERVER['SERVER_PORT'] == 443) {
+	DEFINE('HOST_SSL', true);
+	DEFINE('HOST_PROTOCOL', 'https://');
+} else {
+	DEFINE('HOST_SSL', false);
+	DEFINE('HOST_PROTOCOL', 'http://');
+}
 // define the static names
 DEFINE('LOGIN_DB', $DB_HOST[$HOST_NAME]);
 DEFINE('MAIN_DB', $DB_HOST[$HOST_NAME]);
@@ -221,11 +255,11 @@ DEFINE('SHOW_ALL_ERRORS', false); // show all errors if debug_all & show_error_h
 $G_TITLE = '<OVERALL PAGE TITLE>';
 
 /************ STYLE SHEETS / JS **********/
-$EDIT_STYLESHEET = "edit.css";
-$EDIT_JAVASCRIPT = "edit.js";
+$EDIT_STYLESHEET = 'edit.css';
+$EDIT_JAVASCRIPT = 'edit.js';
 
-$STYLESHEET = "frontend.css";
-$JAVASCRIPT = "frontend.js";
+$STYLESHEET = 'frontend.css';
+$JAVASCRIPT = 'frontend.js';
 
 /************* CONVERT *******************/
 $paths = array (
@@ -235,9 +269,9 @@ $paths = array (
 );
 // find convert
 foreach ($paths as $path) {
-	if (file_exists($path."/convert") && is_file($path."/convert")) {
+	if (file_exists($path.'/convert') && is_file($path.'/convert')) {
 		// image magick convert location
-		DEFINE('CONVERT', $path."/convert");
+		DEFINE('CONVERT', $path.'/convert');
 	}
 }
 

www/includes/admin_header.inc

@@ -10,7 +10,7 @@
 //------------------------------ variable init start
 // for dev test we set full error reporting; writes everything, except E_ERROR into logs/php_error-<day>.log
 if ($DEBUG_ALL && $ENABLE_ERROR_HANDLING) {
-	include("libs/Error.Handling.inc");
+	include("../lib/Error.Handling.inc");
 }
 // predefine vars
 $lang = '';
@@ -22,7 +22,6 @@ extract($_POST, EXTR_SKIP);
 //------------------------------ library include start
 // set output to quiet for load of classes & session settings
 ob_start();
-require("config.inc");
 //------------------------------ library include end
 
 //------------------------------ basic variable settings start

www/includes/admin_set_paths.inc

@@ -32,7 +32,7 @@ if ($_SESSION['DEFAULT_CHARSET']) {
 if ($_SESSION['DEFAULT_LANG']) {
 	$lang = $_SESSION['DEFAULT_LANG'];
 } elseif (!$lang) {
-	$lang = DEFAULT_LANG;
+	$lang = defined('SITE_LANG') ? SITE_LANG : DEFAULT_LANG;
 }
 // create the char lang encoding
 $lang_short = substr($lang, 0, 2);
@@ -55,13 +55,13 @@ $cms->CSS_SPECIAL_TEMPLATE_NAME = @$CSS_NAME;
 $cms->JS_SPECIAL_TEMPLATE_NAME = @$JS_NAME;
 
 // set basic template path (tmp)
-$smarty->setTemplateDir(LAYOUT.$TEMPLATE_DIR.TEMPLATES);
-$cms->lang_dir = LAYOUT.$TEMPLATE_DIR.LANG;
-$cms->includes = LAYOUT.$TEMPLATE_DIR.INCLUDES;
+$smarty->setTemplateDir(LAYOUT.$TEMPLATE_DIR.TEMPLATES); // no outside
+$cms->lang_dir = LAYOUT.$TEMPLATE_DIR.LANG; // no outside
+$cms->includes = BASE.INCLUDES; // no longer in templates, only global
 $cms->javascript = LAYOUT.$TEMPLATE_DIR.JS;
 $cms->css = LAYOUT.$TEMPLATE_DIR.CSS;
 $cms->pictures = LAYOUT.$TEMPLATE_DIR.IMAGES;
-$cms->cache_pictures = LAYOUT.$TEMPLATE_DIR.CACHE.IMAGES;
+$cms->cache_pictures = LAYOUT.$TEMPLATE_DIR.CACHE;
 $cms->cache_pictures_root = ROOT.$cms->cache_pictures;
 if (!is_dir($cms->cache_pictures_root)) {
 	mkdir($cms->cache_pictures_root);
@@ -80,20 +80,13 @@ if (!file_exists(ROOT.$smarty->getTemplateDir()[0].DS.MASTER_TEMPLATE_NAME)) {
 	$smarty->setTemplateDir(LAYOUT.DEFAULT_TEMPLATE.TEMPLATES);
 	$template_set = DEFAULT_TEMPLATE;
 }
-// loop to check if dir exists
-// check if file exists, if not reset to default path
-
-// check if the javascript folder exists in the template path, if not fall back to default
-if (!is_dir($cms->javascript)) {
-	$cms->javascript = LAYOUT.DEFAULT_TEMPLATE.JS;
-}
 // check if lang_dir folder exists in the template path, if not fall back to default
 if (!is_dir($cms->lang_dir)) {
 	$cms->lang_dir = LAYOUT.DEFAULT_TEMPLATE.LANG;
 }
-// check if include folder exists in the template path, if not fall back to default
-if (!is_dir($cms->includes)) {
-	$cms->includes = LAYOUT.DEFAULT_TEMPLATE.INCLUDES;
+// check if the javascript folder exists in the template path, if not fall back to default
+if (!is_dir($cms->javascript)) {
+	$cms->javascript = LAYOUT.DEFAULT_TEMPLATE.JS;
 }
 // check if css folder exists in the template path, if not fall back to default
 if (!is_dir($cms->css)) {
@@ -103,15 +96,45 @@ if (!is_dir($cms->pictures)) {
 	$cms->pictures = LAYOUT.DEFAULT_TEMPLATE.PICTURES;
 }
 if (!is_dir($cms->cache_pictures)) {
-	$cms->cache_pictures = LAYOUT.DEFAULT_TEMPLATE.CACHE.IMAGES;
+	$cms->cache_pictures = LAYOUT.DEFAULT_TEMPLATE.CACHE;
+	$cms->cache_pictures_root = ROOT.$cms->cache_pictures;
 }
 
 // if the template_dir is != DEFAULT_TEMPLATE, then try to make a lang switch
 // if the default lang is not like the lang given, switch lang
-if (false === strstr(LAYOUT.DEFAULT_TEMPLATE.LANG, $cms->lang_dir) || strcasecmp(DEFAULT_LANG, $lang)) {
-	$cms->debug('LANG', 'Orig: '.LAYOUT.DEFAULT_TEMPLATE.LANG.', New: '.$cms->lang_dir.' | Orig Lang: '.DEFAULT_LANG.', New Lang: '.$lang);
+if (false === strstr(LAYOUT.DEFAULT_TEMPLATE.LANG, $cms->lang_dir) ||
+	strcasecmp(defined('SITE_LANG') ? SITE_LANG : DEFAULT_LANG, $lang)
+) {
+	$cms->debug('LANG', 'Orig: '.LAYOUT.DEFAULT_TEMPLATE.LANG.', New: '.$cms->lang_dir.' | Orig Lang: '.(defined('SITE_LANG') ? SITE_LANG : DEFAULT_LANG).', New Lang: '.$lang);
 	$cms->l->l10nReloadMOfile($lang, $cms->lang_dir);
-	$smarty->l10n->l10nReloadMOfile($lang, $cms->lang_dir);
+		// if we have login class
+	if ($login) {
+		$login->l->l10nReloadMOfile($lang, $cms->lang_dir);
+	}
+	// if we have smarty template class
+	if ($smarty) {
+		$smarty->l10n->l10nReloadMOfile($lang, $cms->lang_dir);
+	}
+}
+
+// javascrip translate data as template for auto translate
+if (!$TEMPLATE_TRANSLATE) {
+	$cms->debug('LANG', 'Load lang: '.$lang.', for page file jsTranslate_'.$lang.'.tpl');
+	$TEMPLATE_TRANSLATE = 'jsTranslate_'.$lang.'.tpl';
+} else {
+	// we assume we have some fixed set
+	// we must add _<$lang>
+	// if .tpl, put before .tpl
+	// if not .tpl, add _<$lang>.tpl
+	if (strpos($TEMPLATE_TRANSLATE, '.tpl')) {
+		$TEMPLATE_TRANSLATE = str_replace('.tpl', '_'.$lang.'.tpl', $TEMPLATE_TRANSLATE);
+	} else {
+		$TEMPLATE_TRANSLATE .= '_'.$lang.'.tpl';
+	}
+}
+// if we can't find it, dump it
+if (!file_exists($smarty->getTemplateDir()[0].DS.$TEMPLATE_TRANSLATE)) {
+	unset($TEMPLATE_TRANSLATE);
 }
 
 //	$cms->debug("LANGUAGE", "L: $lang | ".$cms->lang_dir." | MO File: ".$cms->l->mofile);

www/includes/edit_base.inc

@@ -24,10 +24,10 @@ extract($_POST, EXTR_SKIP);
 
 $table_width = 750;
 // this is for certain CMS modules that set a relative path
-define(REL_PATH, '');
+define('REL_PATH', '');
 
 ob_start();
-include("config.inc");
+require 'config.php';
 // set session name here
 define('SET_SESSION_NAME', EDIT_SESSION_NAME);
 // overrride debug flags
@@ -137,10 +137,13 @@ $DATA['GROUP_NAME'] = $_SESSION["GROUP_NAME"];
 $DATA['GROUP_LEVEL'] = $_SESSION["GROUP_LEVEL"];
 $PAGES = $_SESSION["PAGES"];
 
-//$form->debug('menu', $form->print_ar($PAGES));
+//$form->debug('menu', $form->printAr($PAGES));
 
-// baue nav aus $PAGES ...
-for ($i = 0; $i < count($PAGES); $i ++) {
+// build nav from $PAGES ...
+if (!is_array($PAGES)) {
+	$PAGES = array ();
+}
+for ($i = 0, $i_max = count($PAGES); $i < $i_max; $i ++) {
 	if ($PAGES[$i]["menu"] && $PAGES[$i]["online"]) {
 		$menuarray[] = $PAGES[$i];
 	}
@@ -204,6 +207,7 @@ if ($form->yes) {
 			$elements[] = $form->formCreateElement("login_error_date_last");
 			$elements[] = $form->formCreateElement("login_error_date_first");
 			$elements[] = $form->formCreateElement("enabled");
+			$elements[] = $form->formCreateElement("protected");
 			$elements[] = $form->formCreateElement("username");
 			$elements[] = $form->formCreateElement("password");
 			$elements[] = $form->formCreateElement("password_change_interval");
@@ -283,6 +287,8 @@ if ($form->yes) {
 			break;
 		case "edit_access":
 			$elements[] = $form->formCreateElement("name");
+			$elements[] = $form->formCreateElement("enabled");
+			$elements[] = $form->formCreateElement("protected");
 			$elements[] = $form->formCreateElement("color");
 			$elements[] = $form->formCreateElement("description");
 			// add name/value list here
@@ -292,7 +298,7 @@ if ($form->yes) {
 			print "[No valid page definition given]";
 			break;
 	}
-//		$form->debug('edit', "Elements: <pre>".$form->print_ar($elements));
+//		$form->debug('edit', "Elements: <pre>".$form->printAr($elements));
 	$DATA['elements'] = $elements;
 	$DATA['hidden'] = $form->formCreateHiddenFields();
 	$DATA['save_delete'] = $form->formCreateSaveDelete();
@@ -304,7 +310,7 @@ $DEBUG_DATA['DEBUG'] = $DEBUG_TMPL;
 // create main data array
 $CONTENT_DATA = array_merge($HEADER, $DATA, $DEBUG_DATA);
 // data is 1:1 mapping (all vars, values, etc)
-while (list($key, $value) = each($CONTENT_DATA)) {
+foreach ($CONTENT_DATA as $key => $value) {
 	$smarty->assign($key, $value);
 }
 if (is_dir(BASE.TEMPLATES_C)) {

www/includes/table_arrays/array_edit_access.inc

@@ -28,6 +28,26 @@ $edit_access = array (
 			"error_check" => "custom",
 			"error_regex" => "/[\dA-Fa-f]{6}/",
 			"error_example" => "F6A544"
+		),
+		"enabled" => array (
+			"value" => $GLOBALS["enabled"],
+			"output_name" => "Enabled",
+			"type" => "binary",
+			"int" => 1,
+			"element_list" => array (
+				"1" => "Yes",
+				"0" => "No"
+			)
+		),
+		"protected" => array (
+			"value" => $GLOBALS["protected"],
+			"output_name" => "Protected",
+			"type" => "binary",
+			"int" => 1,
+			"element_list" => array (
+				"1" => "Yes",
+				"0" => "No"
+			)
 		)
 	),
 	"table_name" => "edit_access",

www/includes/table_arrays/array_edit_users.inc

@@ -29,6 +29,7 @@ $edit_users = array (
 			)
 		),
 		// password date when first insert and password is set, needs special field with connection to password
+		// password reset force interval, if set, user needs to reset password after X time period
 		'password_change_interval' => array (
 			'value' => $GLOBALS['password_change_interval'],
 			'output_name' => 'Password change interval',
@@ -38,7 +39,6 @@ $edit_users = array (
 			'size' => 5, // make it 5 chars long
 			'length' => 5
 		),
-		// password reset force interval, if set, user needs to reset password after X time period
 		"enabled" => array (
 			"value" => $GLOBALS["enabled"],
 			"output_name" => "Enabled",
@@ -163,10 +163,15 @@ $edit_users = array (
 			"type" => "view",
 			"empty" => "-"
 		),
-		// planned delete lock flag
 		"protected" => array (
 			"value" => $GLOBALS["protected"],
-			"int" => 1
+			"output_name" => "Protected",
+			"type" => "binary",
+			"int" => 1,
+			"element_list" => array (
+				"1" => "Yes",
+				"0" => "No"
+			)
 		)
 	),
 	"load_query" => "SELECT edit_user_id, username, enabled, debug, db_debug, strict, locked, login_error_count FROM edit_user ORDER BY username",

www/layout/admin/default/css/edit.css

@@ -367,6 +367,30 @@ input[type="text"]:focus, textarea:focus, select:focus {
 	font-size: 8px;
 }
 
+/* NEW VERSION with CSS key frame animation */
+.progress {
+	width: 100px;
+	height: 100px;
+	background: rgba(255, 255, 255, 0.6);
+	border: 20px solid rgba(255, 255, 255 ,0.25);
+	border-left-color: rgba(3, 155, 229 ,1);
+	border-top-color: rgba(3, 155, 229 ,1);
+	border-radius: 50%;
+	display: inline-block;
+	animation: rotate 600ms infinite linear;
+	/* align */
+	left: 0;
+	top: 0;
+	position: absolute;
+	z-index: 100;
+}
+/* Animation for above progress */
+@keyframes rotate {
+	to {
+		transform: rotate(1turn)
+	}
+}
+
 /* ***************************** ADMIN EDIT INTERFACE COLORS ********************************* */
 /* set all colors here and not in the config file */
 /* for edit interface */

www/layout/admin/default/css/file-uploader/fileuploader.css

@@ -0,0 +1,88 @@
+.qq-uploader {
+	position: relative;
+	width: 100%;
+}
+
+.qq-upload-button {
+    display: block; /* or inline-block */
+    width: 105px;
+    padding: 7px 0;
+    text-align: center;
+    background: #880000;
+    border-bottom: 1px solid #ddd;
+    color: #fff;
+}
+.qq-upload-button-hover {
+	background: #cc0000;
+}
+.qq-upload-button-focus {
+	outline: 1px dotted black;
+}
+
+.qq-upload-drop-area {
+    position: absolute;
+    top: 0;
+    left: 0;
+    width: 100%;
+    height: 100%;
+    min-height: 70px;
+    z-index: 2;
+    background: #FF9797;
+    text-align: center;
+}
+.qq-upload-drop-area span {
+    display: block;
+    position: absolute;
+    top: 50%;
+    width: 100%;
+    margin-top: -8px;
+    font-size: 16px;
+}
+.qq-upload-drop-area-active {
+	background:
+	#FF7171;
+}
+
+.qq-upload-list {
+	margin:
+	15px 35px;
+	padding: 0;
+	list-style: disc;
+}
+.qq-upload-list li {
+	margin: 0;
+	padding: 0;
+	line-height: 15px;
+	font-size: 12px;
+}
+.qq-upload-file, .qq-upload-spinner, .qq-upload-size, .qq-upload-cancel, .qq-upload-failed-text {
+    margin-right: 7px;
+}
+
+.qq-upload-file {
+}
+.qq-upload-spinner {
+	display: inline-block;
+	/*background: url("loading.gif");*/
+	width: 15px;
+	height: 15px;
+	vertical-align: text-bottom;
+	/* non gif css rotate */
+	background: rgba(255, 255, 255, 0.6);
+	border: 2px solid rgba(255, 255, 255, 0.25);
+	border-left-color: rgba(102, 102, 102 ,1);
+	border-right-color: rgba(102, 102, 102 ,1);
+	border-radius: 50%;
+	animation: rotate 600ms infinite linear;
+}
+
+.qq-upload-size, .qq-upload-cancel {
+	font-size: 11px;
+}
+
+.qq-upload-failed-text {
+	display: none;
+}
+.qq-upload-fail .qq-upload-failed-text {
+	display: inline;
+}

www/layout/admin/default/javascript/edit.js

@@ -2,6 +2,8 @@
 	code is taken and adapted from dokuwiki
 */
 
+/* jshint esversion: 6 */
+
 /**
  * Some browser detection
  */
@@ -207,3 +209,240 @@ function formatBytes(bytes)
 
 	return parseFloat(Math.round(bytes * Math.pow(10, 2)) / Math.pow(10, 2)) + ['kB', 'MB', 'GB', 'TB', 'PB', 'EB'][i];
 }
+
+// *** DOM MANAGEMENT FUNCTIONS
+// METHOD: cel [create element]
+// PARAMS: tag: must set tag (div, span, etc)
+//         id: optional set for id, if input, select will be used for name
+//         content: text content inside, is skipped if sub elements exist
+//         css: array for css tags
+//         options: anything else (value, placeholder, OnClick, style)
+// RETURN: object
+// DESC  : creates object for DOM element creation flow
+const cel = (tag, id = '', content = '', css = [], options = {}) =>
+	element = {
+		tag: tag,
+		id: id,
+		name: options.name, // override name if set [name gets ignored in tree build anyway]
+		content: content,
+		css: css,
+		options: options,
+		sub: []
+	};
+
+// METHOD: ael [attach element]
+// PARAMS: base: object where to attach/search
+//         attach: the object to be attached
+//         id: optional id, if given search in base for this id and attach there
+// RETURN: "none", technically there is no return needed
+// DESC  : attach a cel created object to another to create a basic DOM tree
+function ael(base, attach, id = '')
+{
+	if (id) {
+		// base id match already
+		if (base.id == id) {
+			base.sub.push(attach);
+		} else {
+			// sub check
+			if (base.sub.length > 0) {
+				base.sub.each(function(t) {
+					// recursive call to sub element
+					ael(t, attach, id);
+				});
+			}
+		}
+	} else {
+		base.sub.push(attach);
+	}
+	return base;
+}
+
+// METHOD: aelx [attach n elements]
+// PARAMS: base: object to where we attach the elements
+//         attach 1..n: attach directly to the base element those attachments
+// RETURN: "none", technically there is no return needed
+// DESC  : directly attach n elements to one master base element
+//         this type does not support attach with optional id
+function aelx(base, ...attach)
+{
+	attach.each(function(t) {
+		base.sub.push(Object.assign({}, t));
+	});
+	return base;
+}
+
+// METHOD: rel [rese element]
+// PARAMS: cel created element
+// RETURN: "none", is self change, but returns base.sub
+// DESC  : resets the sub elements of the base element given
+const rel = (base) => base.sub = [];
+
+// METHOD: rcssel [remove a css from the element]
+// PARAMS: element, style sheet to remove
+// RETURN: "none", in place because of reference
+// DESC  : searches and removes style from css array
+function rcssel(element, css)
+{
+	let css_index = element.css.indexOf(css);
+	if (css_index > -1) {
+		element.css.splice(css_index, 1);
+	}
+}
+
+// METHOD acssel [add css element]
+// PARAMS: element, style sheet to add
+// RETURN: "none", in place add because of reference
+// DESC  : adds a new style sheet to the element given
+function acssel(element, css)
+{
+	let css_index = element.css.indexOf(css);
+	if (css_index == -1) {
+		element.css.push(css);
+	}
+}
+
+// METHOD: scssel
+// PARAMS: element, style to remove, style to add
+// RETURN: "none", in place add because of reference
+// DESC  : removes one css and adds another
+//         is a wrapper around rcssel/acssel
+function scssel(element, rcss, acss)
+{
+	rcssel(element, rcss);
+	acssel(element, acss);
+}
+
+// METHOD: phfo [produce html from object]
+// PARAMS: object tree with dom element declarations
+// RETURN: HTML string that can be used as innerHTML
+// DESC  : parses the object tree created with cel/ael
+//         and converts it into an HTML string that can
+//         be inserted into the page
+function phfo(tree)
+{
+	// holds the elements
+	let content = [];
+	// main part line
+	let line = '<' + tree.tag;
+	// first id, if set
+	if (tree.id) {
+		line += ' id="' + tree.id + '"';
+		// if anything input (input, textarea, select then add name too)
+		if (['input', 'textarea', 'select'].includes(tree.tag)) {
+			line += ' name="' + (tree.name ? tree.name : tree.id) + '"';
+		}
+	}
+	// second CSS
+	if (tree.css.length > 0) {
+		line += ' class="';
+		tree.css.each(function(t) {
+			line += t + ' ';
+		});
+		// strip last space
+		line = line.slice(0, -1);
+		line += '"';
+	}
+	// options is anything key = "data"
+	if (tree.options) {
+		// ignores id, name, class as key
+		for (const [key, item] of Object.entries(tree.options)) {
+			if (!['id', 'name', 'class'].includes(key)) {
+				line += ' ' + key + '="' + item + '"';
+			}
+		}
+	}
+	// finish open tag
+	line += '>';
+	// push finished line
+	content.push(line);
+	// dive into sub tree to attach sub nodes
+	// NOTES: we can have content (text) AND sub nodes at the same level
+	// CONTENT (TEXT) takes preference over SUB NODE in order
+	if (tree.sub.length > 0) {
+		if (tree.content) {
+			content.push(tree.content);
+		}
+		tree.sub.each(function(t) {
+			content.push(phfo(t));
+		});
+	} else if (tree.content) {
+		content.push(tree.content);
+	}
+	// if not input close
+	if (tree.tag != 'input') {
+		content.push('</' + tree.tag + '>');
+	}
+	// combine to string
+	return content.join('');
+}
+
+// BLOCK: html wrappers for quickly creating html data blocks
+// METHOD: html_options
+// PARAMS: name/id, array for the options, selected item uid
+//         options_only [def false] if this is true, it will not print the select part
+//         return_string [def false]: return as string and not as element
+//         sort [def '']: if empty as is, else allowed 'keys', 'values' all others are ignored
+// RETURN: html with build options block
+// DESC  : creates an select/options drop down block.
+//         the array needs to be key -> value format. key is for the option id and value is for the data output
+function html_options(name, data, selected = '', options_only = false, return_string = false, sort = '')
+{
+	let content = [];
+	let element_select;
+	let element_option;
+	let data_list = []; // for sorted output
+	// set outside select, gets stripped on return if options only is true
+	element_select = cel('select', name);
+	if (isObject(data)) {
+		// console.log('Call for %s, options: %s', name, options_only);
+		// console.log('Call for %s, options: %s', name, options_only);
+		if (sort == 'keys') {
+			data_list = Object.keys(data).sort();
+		} else if (sort == 'values') {
+			data_list = Object.keys(data).sort((a, b) => ('' + data[a]).localeCompare(data[b]));
+		} else {
+			data_list = Object.keys(data);
+		}
+		// console.log('ORDER: %s', data_list);
+		// use the previously sorted list
+		// for (const [key, value] of Object.entries(data)) {
+		for (const key of data_list) {
+			let value = data[key];
+			console.log('options: key: %s, value: %s', key, value);
+			// basic options init
+			let options = {
+				'label': value,
+				'value': key
+			};
+			// add selected if matching
+			if (selected == key) {
+				options.selected = '';
+			}
+			// create the element option
+			element_option = cel('option', '', value, '', options);
+			// attach it to the select element
+			ael(element_select, element_option);
+		}
+	}
+	// if with select part, convert to text
+	if (!options_only) {
+		if (return_string) {
+			content.push(phfo(element_select));
+			return content.join('');
+		} else {
+			return element_select;
+		}
+	} else {
+		// strip select part
+		if (return_string) {
+			element_select.sub.each(function(t) {
+				content.push(phfo(t));
+			});
+			return content.join('');
+		} else {
+			return element_select.sub;
+		}
+	}
+}
+
+/* END */

www/layout/admin/default/javascript/scriptaculous/prototype-1.7.3.0.js

@@ -1,4 +1,4 @@
-/*  Prototype JavaScript framework, version 1.7.2
+/*  Prototype JavaScript framework, version 1.7.3
  *  (c) 2005-2010 Sam Stephenson
  *
  *  Prototype is freely distributable under the terms of an MIT-style license.
@@ -8,7 +8,7 @@
 
 var Prototype = {
 
-  Version: '1.7.2',
+  Version: '1.7.3',
 
   Browser: (function(){
     var ua = navigator.userAgent;
@@ -621,7 +621,7 @@ Object.extend(String.prototype, (function() {
   }
 
   function stripTags() {
-    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?>|<\/\w+>/gi, '');
+    return this.replace(/<\w+(\s+("[^"]*"|'[^']*'|[^>])+)?(\/)?>|<\/\w+>/gi, '');
   }
 
   function stripScripts() {
@@ -734,7 +734,7 @@ Object.extend(String.prototype, (function() {
 
   function evalJSON(sanitize) {
     var json = this.unfilterJSON(),
-        cx = /[\u0000\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]/g;
+        cx = /[\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff\u0000]/g;
     if (cx.test(json)) {
       json = json.replace(cx, function (a) {
         return '\\u' + ('0000' + a.charCodeAt(0).toString(16)).slice(-4);
@@ -1332,10 +1332,9 @@ Array.from = $A;
   }
 
   if (arrayProto.some) {
-    var some = wrapNative(Array.prototype.some);
+    some = wrapNative(Array.prototype.some);
   }
 
-
   function every(iterator) {
     if (this == null) throw new TypeError();
     iterator = iterator || Prototype.K;
@@ -1352,22 +1351,16 @@ Array.from = $A;
   }
 
   if (arrayProto.every) {
-    var every = wrapNative(Array.prototype.every);
+    every = wrapNative(Array.prototype.every);
   }
 
-  var _reduce = arrayProto.reduce;
-  function inject(memo, iterator) {
-    iterator = iterator || Prototype.K;
-    var context = arguments[2];
-    return _reduce.call(this, iterator.bind(context), memo);
-  }
-
-  if (!arrayProto.reduce) {
-    var inject = Enumerable.inject;
-  }
 
   Object.extend(arrayProto, Enumerable);
 
+  if (arrayProto.entries === Enumerable.entries) {
+    delete arrayProto.entries;
+  }
+
   if (!arrayProto._reverse)
     arrayProto._reverse = arrayProto.reverse;
 
@@ -1383,7 +1376,6 @@ Array.from = $A;
     any:       some,
     every:     every,
     all:       every,
-    inject:    inject,
 
     clear:     clear,
     first:     first,
@@ -2146,12 +2138,12 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
 
 
   function visible(element) {
-    return $(element).style.display !== 'none';
+    return $(element).getStyle('display') !== 'none';
   }
 
   function toggle(element, bool) {
     element = $(element);
-    if (Object.isUndefined(bool))
+    if (typeof bool !== 'boolean')
       bool = !Element.visible(element);
     Element[bool ? 'show' : 'hide'](element);
 
@@ -2683,6 +2675,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
 
   function descendantOf_DOM(element, ancestor) {
     element = $(element), ancestor = $(ancestor);
+    if (!element || !ancestor) return false;
     while (element = element.parentNode)
       if (element === ancestor) return true;
     return false;
@@ -2690,12 +2683,14 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
 
   function descendantOf_contains(element, ancestor) {
     element = $(element), ancestor = $(ancestor);
+    if (!element || !ancestor) return false;
     if (!ancestor.contains) return descendantOf_DOM(element, ancestor);
     return ancestor.contains(element) && ancestor !== element;
   }
 
   function descendantOf_compareDocumentPosition(element, ancestor) {
     element = $(element), ancestor = $(ancestor);
+    if (!element || !ancestor) return false;
     return (element.compareDocumentPosition(ancestor) & 8) === 8;
   }
 
@@ -2800,8 +2795,10 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     for (var attr in attributes) {
       name = table.names[attr] || attr;
       value = attributes[attr];
-      if (table.values[attr])
-        name = table.values[attr](element, value) || name;
+      if (table.values[attr]) {
+        value = table.values[attr](element, value);
+        if (Object.isUndefined(value)) continue;
+      }
       if (value === false || value === null)
         element.removeAttribute(name);
       else if (value === true)
@@ -2979,7 +2976,9 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
 
     values: {
       checked: function(element, value) {
-        element.checked = !!value;
+        value = !!value;
+        element.checked = value;
+        return value ? 'checked' : null;
       },
 
       style: function(element, value) {
@@ -3124,8 +3123,11 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       value = element.currentStyle[style];
     }
 
-    if (style === 'opacity' && !STANDARD_CSS_OPACITY_SUPPORTED)
-      return getOpacity_IE(element);
+    if (style === 'opacity') {
+      if (!STANDARD_CSS_OPACITY_SUPPORTED)
+        return getOpacity_IE(element);
+      else return value ? parseFloat(value) : 1.0;
+    }
 
     if (value === 'auto') {
       if ((style === 'width' || style === 'height') && Element.visible(element))
@@ -3177,7 +3179,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     if (value < 0.00001) value = 0;
 
     style.filter = stripAlphaFromFilter_IE(filter) +
-     'alpha(opacity=' + (value * 100) + ')';
+     ' alpha(opacity=' + (value * 100) + ')';
 
     return element;
   }
@@ -3193,7 +3195,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
 
     var filter = Element.getStyle(element, 'filter');
     if (filter.length === 0) return 1.0;
-    var match = (filter || '').match(/alpha\(opacity=(.*)\)/);
+    var match = (filter || '').match(/alpha\(opacity=(.*)\)/i);
     if (match && match[1]) return parseFloat(match[1]) / 100;
     return 1.0;
   }
@@ -3519,7 +3521,7 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
     return boxWidth - bl - br - pl - pr;
   }
 
-  if ('currentStyle' in document.documentElement) {
+  if (!Object.isUndefined(document.documentElement.currentStyle) && !Prototype.Browser.Opera) {
     getRawStyle = getRawStyle_IE;
   }
 
@@ -4047,15 +4049,19 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
   function getOffsetParent(element) {
     element = $(element);
 
+    function selfOrBody(element) {
+      return isHtml(element) ? $(document.body) : $(element);
+    }
+
     if (isDocument(element) || isDetached(element) || isBody(element) || isHtml(element))
       return $(document.body);
 
     var isInline = (Element.getStyle(element, 'display') === 'inline');
-    if (!isInline && element.offsetParent) return $(element.offsetParent);
+    if (!isInline && element.offsetParent) return selfOrBody(element.offsetParent);
 
     while ((element = element.parentNode) && element !== document.body) {
       if (Element.getStyle(element, 'position') !== 'static') {
-        return isHtml(element) ? $(document.body) : $(element);
+        return selfOrBody(element);
       }
     }
 
@@ -4093,8 +4099,8 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       }
     } while (element);
 
-    valueL -= layout.get('margin-top');
-    valueT -= layout.get('margin-left');
+    valueL -= layout.get('margin-left');
+    valueT -= layout.get('margin-top');
 
     return new Element.Offset(valueL, valueT);
   }
@@ -4265,6 +4271,8 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       offsetLeft: 0
     }, options || {});
 
+    var docEl = document.documentElement;
+
     source  = $(source);
     element = $(element);
     var p, delta, layout, styles = {};
@@ -4278,19 +4286,41 @@ Ajax.PeriodicalUpdater = Class.create(Ajax.Base, {
       }
     }
 
+    function pageScrollXY() {
+      var x = 0, y = 0;
+      if (Object.isNumber(window.pageXOffset)) {
+        x = window.pageXOffset;
+        y = window.pageYOffset;
+      } else if (document.body && (document.body.scrollLeft || document.body.scrollTop)) {
+        x = document.body.scrollLeft;
+        y = document.body.scrollTop;
+      } else if (docEl && (docEl.scrollLeft || docEl.scrollTop)) {
+        x = docEl.scrollLeft;
+        y = docEl.scrollTop;
+      }
+      return { x: x, y: y };
+    }
+
+    var pageXY = pageScrollXY();
+
+
     if (options.setWidth || options.setHeight) {
       layout = Element.getLayout(source);
     }
 
     if (options.setLeft)
-      styles.left = (p[0] - delta[0] + options.offsetLeft) + 'px';
+      styles.left = (p[0] + pageXY.x - delta[0] + options.offsetLeft) + 'px';
     if (options.setTop)
-      styles.top  = (p[1] - delta[1] + options.offsetTop)  + 'px';
+      styles.top  = (p[1] + pageXY.y - delta[1] + options.offsetTop)  + 'px';
 
-    if (options.setWidth)
-      styles.width  = layout.get('border-box-width')  + 'px';
-    if (options.setHeight)
-      styles.height = layout.get('border-box-height') + 'px';
+    var currentLayout = element.getLayout();
+
+    if (options.setWidth) {
+      styles.width = layout.get('width')  + 'px';
+    }
+    if (options.setHeight) {
+      styles.height = layout.get('height') + 'px';
+    }
 
     return Element.setStyle(element, styles);
   }
@@ -4488,15 +4518,29 @@ Prototype.Selector = (function() {
   };
 })();
 Prototype._original_property = window.Sizzle;
+
+;(function () {
+  function fakeDefine(fn) {
+    Prototype._actual_sizzle = fn();
+  }
+  fakeDefine.amd = true;
+
+  if (typeof define !== 'undefined' && define.amd) {
+    Prototype._original_define = define;
+    Prototype._actual_sizzle = null;
+    window.define = fakeDefine;
+  }
+})();
+
 /*!
- * Sizzle CSS Selector Engine v@VERSION
+ * Sizzle CSS Selector Engine v1.10.18
  * http://sizzlejs.com/
  *
  * Copyright 2013 jQuery Foundation, Inc. and other contributors
  * Released under the MIT license
  * http://jquery.org/license
  *
- * Date: @DATE
+ * Date: 2014-02-05
  */
 (function( window ) {
 
@@ -6229,6 +6273,22 @@ if ( typeof define === "function" && define.amd ) {
 
 })( window );
 
+;(function() {
+  if (typeof Sizzle !== 'undefined') {
+    return;
+  }
+
+  if (typeof define !== 'undefined' && define.amd) {
+    window.Sizzle = Prototype._actual_sizzle;
+    window.define = Prototype._original_define;
+    delete Prototype._actual_sizzle;
+    delete Prototype._original_define;
+  } else if (typeof module !== 'undefined' && module.exports) {
+    window.Sizzle = module.exports;
+    module.exports = {};
+  }
+})();
+
 ;(function(engine) {
   var extendElements = Prototype.Selector.extendElements;
 
@@ -6870,7 +6930,7 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
 
   Event._isCustomEvent = isCustomEvent;
 
-  function getRegistryForElement(element, uid) {
+  function getOrCreateRegistryFor(element, uid) {
     var CACHE = GLOBAL.Event.cache;
     if (Object.isUndefined(uid))
       uid = getUniqueElementID(element);
@@ -6886,7 +6946,7 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
 
 
   function register(element, eventName, handler) {
-    var registry = getRegistryForElement(element);
+    var registry = getOrCreateRegistryFor(element);
     if (!registry[eventName]) registry[eventName] = [];
     var entries = registry[eventName];
 
@@ -6906,9 +6966,8 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
   }
 
   function unregister(element, eventName, handler) {
-    var registry = getRegistryForElement(element);
-    var entries = registry[eventName];
-    if (!entries) return;
+    var registry = getOrCreateRegistryFor(element);
+    var entries = registry[eventName] || [];
 
     var i = entries.length, entry;
     while (i--) {
@@ -6918,10 +6977,16 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
       }
     }
 
-    if (!entry) return;
+    if (entry) {
+      var index = entries.indexOf(entry);
+      entries.splice(index, 1);
+    }
 
-    var index = entries.indexOf(entry);
-    entries.splice(index, 1);
+    if (entries.length === 0) {
+      delete registry[eventName];
+      if (Object.keys(registry).length === 1 && ('element' in registry))
+        destroyRegistryForElement(element);
+    }
 
     return entry;
   }
@@ -7020,14 +7085,24 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
   }
 
   function stopObservingEventName(element, eventName) {
-    var registry = getRegistryForElement(element);
+    var registry = getOrCreateRegistryFor(element);
     var entries = registry[eventName];
-    if (!entries) return;
-    delete registry[eventName];
+    if (entries) {
+      delete registry[eventName];
+    }
+
+    entries = entries || [];
 
     var i = entries.length;
     while (i--)
       removeEvent(element, eventName, entries[i].responder);
+
+    for (var name in registry) {
+      if (name === 'element') continue;
+      return; // There is another registered event
+    }
+
+    destroyRegistryForElement(element);
   }
 
 
@@ -7194,7 +7269,8 @@ Form.EventObserver = Class.create(Abstract.EventObserver, {
 
   function createResponderForCustomEvent(uid, eventName, handler) {
     return function(event) {
-      var element = Event.cache[uid].element;
+      var cache = Event.cache[uid];
+      var element =  cache && cache.element;
 
       if (Object.isUndefined(event.eventName))
         return false;
@@ -7283,7 +7359,9 @@ Hash.toQueryString = Object.toQueryString;
 
 var Toggle = { display: Element.toggle };
 
-Element.Methods.childOf = Element.Methods.descendantOf;
+Element.addMethods({
+  childOf: Element.Methods.descendantOf
+});
 
 var Insertion = {
   Before: function(element, content) {

www/layout/admin/default/javascript/scriptaculous/prototype.js

@@ -1 +1 @@
-prototype-1.7.2.0.js
+prototype-1.7.3.0.js

www/layout/frontend/default/css/frontend.css

@@ -3,3 +3,27 @@
 	color: #a4a4a4;
 	font-size: 8px;
 }
+
+/* NEW VERSION with CSS key frame animation */
+.progress {
+	width: 100px;
+	height: 100px;
+	background: rgba(255, 255, 255, 0.6);
+	border: 20px solid rgba(255, 255, 255 ,0.25);
+	border-left-color: rgba(3, 155, 229 ,1);
+	border-top-color: rgba(3, 155, 229 ,1);
+	border-radius: 50%;
+	display: inline-block;
+	animation: rotate 600ms infinite linear;
+	/* align */
+	left: 0;
+	top: 0;
+	position: absolute;
+	z-index: 100;
+}
+/* Animation for above progress */
+@keyframes rotate {
+	to {
+		transform: rotate(1turn)
+	}
+}

www/lib/CoreLibs/ACL/Login.inc

@@ -70,10 +70,14 @@ class Login extends \CoreLibs\DB\IO
 	private $login_error; // login error code, can be matched to the array login_error_msg, which holds the string
 	private $password_change = false; // if this is set to true, the user can change passwords
 	private $password_change_ok = false; // password change was successful
+	private $password_forgot = false; // can we reset password and mail to user with new password set screen
+	private $password_forgot_ok = false; // password forgot mail send ok
 	private $pw_change_deny_users = array (); // array of users for which the password change is forbidden
 
 	// if we have password change we need to define some rules
-	private $password_min_length = 8;
+	private $password_min_length = PASSWORD_MIN_LENGTH;
+	// max length is fixed as 255 (for input type max), if set highter, it will be set back to 255
+	private $password_max_length = PASSWORD_MAX_LENGTH;
 	// can have several regexes, if nothing set, all is ok
 	private $password_valid_chars = array (
 		// '^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!@#$%]{8,}$',
@@ -83,7 +87,11 @@ class Login extends \CoreLibs\DB\IO
 	// all possible login error conditions
 	private $login_error_msg = array ();
 	// this is an array holding all strings & templates passed from the outside (translation)
-	private $login_template = array ('strings' => array (), 'password_change' => '', 'template' => '');
+	private $login_template = array (
+		'strings' => array (),
+		'password_change' => '',
+		'template' => ''
+	);
 
 	// acl vars
 	public $acl = array ();
@@ -113,6 +121,16 @@ class Login extends \CoreLibs\DB\IO
 			exit;
 		}
 
+		// pre-check that password min/max lengths are inbetween 1 and 255;
+		if ($this->password_max_length > 255) {
+			echo "<b>Settings problem</b> PMaL<br>";
+			exit;
+		}
+		if ($this->password_min_length < 1) {
+			echo "<b>Settings problem</b> PMiL<br>";
+			exit;
+		}
+
 		$this->l = new \CoreLibs\Language\L10n($lang);
 
 		// if we have a search path we need to set it, to use the correct DB to login
@@ -179,6 +197,10 @@ class Login extends \CoreLibs\DB\IO
 		if (defined('PASSWORD_CHANGE')) {
 			$this->password_change = PASSWORD_CHANGE;
 		}
+		// NOTE: forgot password flow with email
+		if (defined('PASSWORD_FORGOT')) {
+			$this->password_forgot = PASSWORD_FORGOT;
+		}
 		// max login counts before error reporting
 		$this->max_login_error_count = 10;
 		// users that never get locked, even if they are set strict
@@ -216,6 +238,10 @@ class Login extends \CoreLibs\DB\IO
 		if ($this->password_change) {
 			$this->loginPasswordChange();
 		}
+		// password forgot
+		if ($this->password_forgot) {
+			$this->loginPasswordForgot();
+		}
 		// if !$euid || permission not okay, print login screan
 		echo $this->loginPrintLogin();
 		// closing all connections, depending on error status, exit
@@ -332,7 +358,7 @@ class Login extends \CoreLibs\DB\IO
 				$q .= "eu.edit_access_right_id = eareu.edit_access_right_id AND ";
 				$q .= "eg.edit_access_right_id = eareg.edit_access_right_id AND ";
 				// password match is done in script, against old plain or new blowfish encypted
-				$q .= "(LOWER(username) = '".strtolower($this->username)."') ";
+				$q .= "(LOWER(username) = '".$this->dbEscapeString(strtolower($this->username))."') ";
 				$res = $this->dbReturn($q);
 				// username is wrong, but we throw for wrong username and wrong password the same error
 				if (!$this->cursor_ext[md5($q)]["num_rows"]) {
@@ -386,7 +412,9 @@ class Login extends \CoreLibs\DB\IO
 							$_SESSION["DEFAULT_LANG"] = $res["lang_short"].'_'.strtolower(str_replace('-', '', $res["lang_iso"]));
 							// reset any login error count for this user
 							if ($res['login_error_count'] > 0) {
-								$q = "UPDATE edit_user SET login_error_count = 0, login_error_date_last = NULL, login_error_date_first = NULL WHERE edit_user_id = ".$res['edit_user_id'];
+								$q = "UPDATE edit_user ";
+								$q .= "SET login_error_count = 0, login_error_date_last = NULL, login_error_date_first = NULL ";
+								$q .= "WHERE edit_user_id = ".$res['edit_user_id'];
 								$this->dbExec($q);
 							}
 							$pages = array();
@@ -573,7 +601,7 @@ class Login extends \CoreLibs\DB\IO
 			unset($_SESSION["GROUP_NAME"]);
 			unset($_SESSION["HEADER_COLOR"]);
 			session_destroy();
-			// he prints the login screen again
+			// then prints the login screen again
 			$this->permission_okay = 0;
 		}
 	}
@@ -596,88 +624,91 @@ class Login extends \CoreLibs\DB\IO
 	//         * if an account ACL is set, set this parallel, account ACL overrides user ACL if it applies
 	//         * if edit access ACL level is set, use this, else use page
 	//         set all base ACL levels as a list keyword -> ACL number
-	public function loginSetAcl()
+	private function loginSetAcl()
 	{
-		// we start with the default acl
-		$this->acl['base'] = DEFAULT_ACL_LEVEL;
+		// only set acl if we have permission okay
+		if ($this->permission_okay) {
+			// we start with the default acl
+			$this->acl['base'] = DEFAULT_ACL_LEVEL;
 
-		// set admin flag and base to 100
-		if ($_SESSION['ADMIN']) {
-			$this->acl['admin'] = 1;
-			$this->acl['base'] = 100;
-		} else {
-			$this->acl['admin'] = 0;
-			// now go throw the flow and set the correct ACL
-			// user > page > group
-			// group ACL 0
-			if ($_SESSION['GROUP_ACL_LEVEL'] != -1) {
-				$this->acl['base'] = $_SESSION['GROUP_ACL_LEVEL'];
-			}
-			// page ACL 1
-			if ($_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1) {
-				$this->acl['base'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
-			}
-			// user ACL 2
-			if ($_SESSION['USER_ACL_LEVEL'] != -1) {
-				$this->acl['base'] = $_SESSION['USER_ACL_LEVEL'];
-			}
-		}
-
-		// set the current page acl
-		// start with default acl
-		// set group if not -1, overrides default
-		// set page if not -1, overrides group set
-		$this->acl['page'] = DEFAULT_ACL_LEVEL;
-		if ($_SESSION['GROUP_ACL_LEVEL'] != -1) {
-			$this->acl['page'] = $_SESSION['GROUP_ACL_LEVEL'];
-		}
-		if (isset($_SESSION['PAGES_ACL_LEVEL'][$this->page_name]) && $_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1) {
-			$this->acl['page'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
-		}
-
-		// PER ACCOUNT (UNIT/edit access)->
-		foreach ($_SESSION['UNIT'] as $ea_id => $unit) {
-			// if admin flag is set, all units are set to 100
-			if ($this->acl['admin']) {
-				$this->acl['unit'][$ea_id] = $this->acl['base'];
+			// set admin flag and base to 100
+			if ($_SESSION['ADMIN']) {
+				$this->acl['admin'] = 1;
+				$this->acl['base'] = 100;
 			} else {
-				if ($unit['acl_level'] != -1) {
-					$this->acl['unit'][$ea_id] = $unit['acl_level'];
-				} else {
-					$this->acl['unit'][$ea_id] = $this->acl['base'];
+				$this->acl['admin'] = 0;
+				// now go throw the flow and set the correct ACL
+				// user > page > group
+				// group ACL 0
+				if ($_SESSION['GROUP_ACL_LEVEL'] != -1) {
+					$this->acl['base'] = $_SESSION['GROUP_ACL_LEVEL'];
+				}
+				// page ACL 1
+				if ($_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1) {
+					$this->acl['base'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
+				}
+				// user ACL 2
+				if ($_SESSION['USER_ACL_LEVEL'] != -1) {
+					$this->acl['base'] = $_SESSION['USER_ACL_LEVEL'];
 				}
 			}
-			// detail name/level set
-			$this->acl['unit_detail'][$ea_id] = array (
-				'name' => $unit['name'],
-				'uid' => $unit['uid'],
-				'level' => $this->default_acl_list[$this->acl['unit'][$ea_id]]['name'],
-				'default' => $unit['default'],
-				'data' => $unit['data']
-			);
-			// set default
-			if ($unit['default']) {
-				$this->acl['unit_id'] = $unit['id'];
-				$this->acl['unit_name'] = $unit['name'];
-				$this->acl['unit_uid'] = $unit['uid'];
+
+			// set the current page acl
+			// start with default acl
+			// set group if not -1, overrides default
+			// set page if not -1, overrides group set
+			$this->acl['page'] = DEFAULT_ACL_LEVEL;
+			if ($_SESSION['GROUP_ACL_LEVEL'] != -1) {
+				$this->acl['page'] = $_SESSION['GROUP_ACL_LEVEL'];
 			}
+			if (isset($_SESSION['PAGES_ACL_LEVEL'][$this->page_name]) && $_SESSION['PAGES_ACL_LEVEL'][$this->page_name] != -1) {
+				$this->acl['page'] = $_SESSION['PAGES_ACL_LEVEL'][$this->page_name];
+			}
+
+			// PER ACCOUNT (UNIT/edit access)->
+			foreach ($_SESSION['UNIT'] as $ea_id => $unit) {
+				// if admin flag is set, all units are set to 100
+				if ($this->acl['admin']) {
+					$this->acl['unit'][$ea_id] = $this->acl['base'];
+				} else {
+					if ($unit['acl_level'] != -1) {
+						$this->acl['unit'][$ea_id] = $unit['acl_level'];
+					} else {
+						$this->acl['unit'][$ea_id] = $this->acl['base'];
+					}
+				}
+				// detail name/level set
+				$this->acl['unit_detail'][$ea_id] = array (
+					'name' => $unit['name'],
+					'uid' => $unit['uid'],
+					'level' => $this->default_acl_list[$this->acl['unit'][$ea_id]]['name'],
+					'default' => $unit['default'],
+					'data' => $unit['data']
+				);
+				// set default
+				if ($unit['default']) {
+					$this->acl['unit_id'] = $unit['id'];
+					$this->acl['unit_name'] = $unit['name'];
+					$this->acl['unit_uid'] = $unit['uid'];
+				}
+			}
+			// flag if to show extra edit access drop downs (because user has multiple groups assigned)
+			if (count($_SESSION['UNIT']) > 1) {
+				$this->acl['show_ea_extra'] = 1;
+			} else {
+				$this->acl['show_ea_extra'] = 0;
+			}
+			// set the default edit access
+			$this->acl['default_edit_access'] = $_SESSION['UNIT_DEFAULT'];
+			// integrate the type acl list, but only for the keyword -> level
+			foreach ($this->default_acl_list as $level => $data) {
+				$this->acl['min'][$data['type']] = $level;
+			}
+			// set the full acl list too
+			$this->acl['acl_list'] = $_SESSION['DEFAULT_ACL_LIST'];
+			// debug
+			// $this->debug('ACL', $this->print_ar($this->acl));
 		}
-		// flag if to show extra edit access drop downs (because user has multiple groups assigned)
-		if (count($_SESSION['UNIT']) > 1) {
-			$this->acl['show_ea_extra'] = 1;
-		} else {
-			$this->acl['show_ea_extra'] = 0;
-		}
-		// set the default edit access
-		$this->acl['default_edit_access'] = $_SESSION['UNIT_DEFAULT'];
-		// integrate the type acl list, but only for the keyword -> level
-		foreach ($this->default_acl_list as $level => $data) {
-			$this->acl['min'][$data['type']] = $level;
-		}
-		// set the full acl list too
-		$this->acl['acl_list'] = $_SESSION['DEFAULT_ACL_LIST'];
-		// debug
-		// $this->debug('ACL', $this->print_ar($this->acl));
 	}
 
 	// METHOD: loginCheckEditAccess
@@ -710,12 +741,28 @@ class Login extends \CoreLibs\DB\IO
 			}
 		}
 		// check for min length
-		if (strlen($password) < $this->password_min_length) {
+		if (strlen($password) < $this->password_min_length || strlen($password) > $this->password_max_length) {
 			$is_valid_password = false;
 		}
 		return $is_valid_password;
 	}
 
+	// METHOD: loginSetPasswordMinLength
+	// PARAMS: set the minimum length
+	// RETURN: true/false on success
+	// DESC  : sets the minium length and checks on valid
+	public function loginSetPasswordMinLength($length)
+	{
+		// check that numeric, positive numeric, not longer than max input string lenght
+		// and not short than min password length
+		if (is_numeric($length) && $length >= PASSWORD_MIN_LENGTH && $length <= $this->password_max_length) {
+			$this->password_min_length = $length;
+			return true;
+		} else {
+			return false;
+		}
+	}
+
 	// METHOD: loginPasswordChange
 	// WAS   : login_password_change
 	// PARAMS: none
@@ -793,7 +840,7 @@ class Login extends \CoreLibs\DB\IO
 	// METHOD: loginPrintLogin
 	// WAS   : login_print_login
 	// PARAMS: none
-	// RETURN: none
+	// RETURN: html data for login page
 	// DESC  : prints out login html part if no permission (error) is set
 	private function loginPrintLogin()
 	{
@@ -863,7 +910,7 @@ class Login extends \CoreLibs\DB\IO
 	// METHOD: loginCloseClass
 	// WAS   : login_close_class
 	// PARAMS: none
-	// RETURN: none
+	// RETURN: true on permission ok, false on permission wrong
 	// DESC  : last function called, writes log and prints out error msg and exists script if permission 0
 	private function loginCloseClass()
 	{
@@ -882,8 +929,8 @@ class Login extends \CoreLibs\DB\IO
 			// prepare for log
 			if ($this->euid) {
 				// get user from user table
-				$q = "SELECT username, password FROM edit_user WHERE edit_user_id = ".$this->euid;
-				list($username, $password) = $this->dbReturnRow($q);
+				$q = "SELECT username FROM edit_user WHERE edit_user_id = ".$this->euid;
+				list($username) = $this->dbReturnRow($q);
 			} // if euid is set, get username (or try)
 			$this->writeLog($event, '', $this->login_error, $username);
 		} // write log under certain settings
@@ -898,50 +945,50 @@ class Login extends \CoreLibs\DB\IO
 
 	// METHOD: loginSetTemplates
 	// WAS   : login_set_templates
-	// PARAMS:
+	// PARAMS: none
 	// RETURN: none
 	// DESC  : checks if there are external templates, if not uses internal fallback ones
 	private function loginSetTemplates()
 	{
 		$strings = array (
-			'HTML_TITLE' => $this->l->__("LOGIN"),
-			'TITLE' => $this->l->__("LOGIN"),
-			'USERNAME' => $this->l->__("Username"),
-			'PASSWORD' => $this->l->__("Password"),
-			'LOGIN' => $this->l->__("Login"),
+			'HTML_TITLE' => $this->l->__('LOGIN'),
+			'TITLE' => $this->l->__('LOGIN'),
+			'USERNAME' => $this->l->__('Username'),
+			'PASSWORD' => $this->l->__('Password'),
+			'LOGIN' => $this->l->__('Login'),
 			'ERROR_MSG' => '',
 			'LOGOUT_TARGET' => '',
 			'PASSWORD_CHANGE_BUTTON_VALUE' => $this->l->__('Change Password')
 		);
 
 		$error_msgs = array (
-			"100" => $this->l->__("Fatal Error: <b>[EUID] came in as GET/POST!</b>"), // actually obsolete
-			"1010" => $this->l->__("Fatal Error: <b>Login Failed - Wrong Username or Password</b>"), // user not found
-			"1011" => $this->l->__("Fatal Error: <b>Login Failed - Wrong Username or Password</b>"), // blowfish password wrong
-			"1012" => $this->l->__("Fatal Error: <b>Login Failed - Wrong Username or Password</b>"), // fallback md5 password wrong
-			"1013" => $this->l->__("Fatal Error: <b>Login Failed - Wrong Username or Password</b>"), // new password_hash wrong
-			"102" => $this->l->__("Fatal Error: <b>Login Failed - Please enter username and password</b>"),
-			"103" => $this->l->__("Fatal Error: <b>You do not have the rights to access this Page</b>"),
-			"104" => $this->l->__("Fatal Error: <b>Login Failed - User not enabled</b>"),
-			"105" => $this->l->__("Fatal Error: <b>Login Failed - User is locked</b>"),
-			"220" => $this->l->__("Fatal Error: <b>Password change - The user could not be found</b>"), // actually this is an illegal user, but I mask it
-			'200' => $this->l->__("Fatal Error: <b>Password change - Please enter username and old password</b>"),
-			"201" => $this->l->__("Fatal Error: <b>Password change - The user could not be found</b>"),
-			"202" => $this->l->__("Fatal Error: <b>Password change - The old password is not correct</b>"),
-			"203" => $this->l->__("Fatal Error: <b>Password change - Please fill out both new password fields</b>"),
-			"204" => $this->l->__("Fatal Error: <b>Password change - The new passwords do not match</b>"),
-			"205" => $this->l->__("Fatal Error: <b>Password change - The new password is not in a valid format</b>"), // we should also not here WHAT is valid
-			"300" => $this->l->__("Success: <b>Password change successful</b>"), // for OK password change
-			"9999" => $this->l->__("Fatal Error: <b>necessary crypt engine could not be found</b>. Login is impossible") // this is bad bad error
+			'100' => $this->l->__('Fatal Error: <b>[EUID] came in as GET/POST!</b>'), // actually obsolete
+			'1010' => $this->l->__('Fatal Error: <b>Login Failed - Wrong Username or Password</b>'), // user not found
+			'1011' => $this->l->__('Fatal Error: <b>Login Failed - Wrong Username or Password</b>'), // blowfish password wrong
+			'1012' => $this->l->__('Fatal Error: <b>Login Failed - Wrong Username or Password</b>'), // fallback md5 password wrong
+			'1013' => $this->l->__('Fatal Error: <b>Login Failed - Wrong Username or Password</b>'), // new password_hash wrong
+			'102' => $this->l->__('Fatal Error: <b>Login Failed - Please enter username and password</b>'),
+			'103' => $this->l->__('Fatal Error: <b>You do not have the rights to access this Page</b>'),
+			'104' => $this->l->__('Fatal Error: <b>Login Failed - User not enabled</b>'),
+			'105' => $this->l->__('Fatal Error: <b>Login Failed - User is locked</b>'),
+			'220' => $this->l->__('Fatal Error: <b>Password change - The user could not be found</b>'), // actually this is an illegal user, but I mask it
+			'200' => $this->l->__('Fatal Error: <b>Password change - Please enter username and old password</b>'),
+			'201' => $this->l->__('Fatal Error: <b>Password change - The user could not be found</b>'),
+			'202' => $this->l->__('Fatal Error: <b>Password change - The old password is not correct</b>'),
+			'203' => $this->l->__('Fatal Error: <b>Password change - Please fill out both new password fields</b>'),
+			'204' => $this->l->__('Fatal Error: <b>Password change - The new passwords do not match</b>'),
+			'205' => $this->l->__('Fatal Error: <b>Password change - The new password is not in a valid format</b>'), // we should also not here WHAT is valid
+			'300' => $this->l->__('Success: <b>Password change successful</b>'), // for OK password change
+			'9999' => $this->l->__('Fatal Error: <b>necessary crypt engine could not be found</b>. Login is impossible') // this is bad bad error
 		);
 
 		// if password change is okay
 		if ($this->password_change) {
 			$strings = array_merge($strings, array (
 				'TITLE_PASSWORD_CHANGE' => 'Change Password for User',
-				'OLD_PASSWORD' => $this->l->__("Old Password"),
-				'NEW_PASSWORD' => $this->l->__("New Password"),
-				'NEW_PASSWORD_CONFIRM' => $this->l->__("New Password confirm"),
+				'OLD_PASSWORD' => $this->l->__('Old Password'),
+				'NEW_PASSWORD' => $this->l->__('New Password'),
+				'NEW_PASSWORD_CONFIRM' => $this->l->__('New Password confirm'),
 				'CLOSE' => $this->l->__('Close'),
 				'JS_SHOW_HIDE' => "function ShowHideDiv(id) { element = document.getElementById(id); if (element.className == 'visible' || !element.className) element.className = 'hidden'; else element.className = 'visible'; }",
 				'PASSWORD_CHANGE_BUTTON' => '<input type="button" name="pw_change" value="'.$strings['PASSWORD_CHANGE_BUTTON_VALUE'].'" OnClick="ShowHideDiv(\'pw_change_div\');">'
@@ -960,7 +1007,10 @@ class Login extends \CoreLibs\DB\IO
 </div>
 {PASSWORD_CHANGE_SHOW}
 EOM;
-		} else {
+		}
+		if ($this->password_forgot) {
+		}
+		if (!$this->password_change && !$this->password_forgot) {
 			$strings = array_merge($strings, array (
 				'JS_SHOW_HIDE' => '',
 				'PASSWORD_CHANGE_BUTTON' => '',

www/lib/CoreLibs/Basic.inc

@@ -202,7 +202,14 @@ class Basic
 		$this->page_name = $this->getPageName();
 		$this->host_name = $this->getHostName();
 		// init the log file id
-		$this->log_file_id = defined('LOG_FILE_ID') ? LOG_FILE_ID : '';
+		// * GLOBALS
+		// * CONSTANT
+		// can be overridden with basicSetLogFileId
+		if (isset($GLOBALS['LOG_FILE_ID'])) {
+			$this->basicSetLogId($GLOBALS['LOG_FILE_ID']);
+		} elseif (defined('LOG_FILE_ID')) {
+			$this->basicSetLogId(LOG_FILE_ID);
+		}
 
 		// set the paths matching to the valid file types
 		$this->data_path = array (
@@ -388,6 +395,22 @@ class Basic
 	// GENERAL METHODS
 	// *************************************************************
 
+	// METHOD: basicSetLogId
+	// PARAMS: string
+	// RETURN: current set string
+	// DESC  : sets the log file prefix id
+	//         must be alphanumeric only (\w)
+	public function basicSetLogId($string)
+	{
+		if (!isset($log_file_id)) {
+			$log_file_id = '';
+		}
+		if (isset($string) && preg_match("/^\w+$/", $string)) {
+			$this->log_file_id = $string;
+		}
+		return $log_file_id;
+	}
+
 	// METHOD: db_io_info
 	// PARAMS: show, default 1, if set to 0 won't write to error_msg var
 	// RETURN: string with info
@@ -1133,7 +1156,7 @@ class Basic
 	//         does NOT preserve keys
 	public static function flattenArray(array $array)
 	{
-		$return = array();
+		$return = array ();
 		array_walk_recursive(
 			$array,
 			function ($a) use (&$return) {
@@ -1143,6 +1166,22 @@ class Basic
 		return $return;
 	}
 
+	// METHOD: flattenArrayKey
+	// PARAMS: the array to flatten
+	// RETURN: flattened array with array keys as values in order of tree
+	// DESC  : note: the second parameter $return is automatically set
+	//         will loop through an array recursivly and write the array keys back
+	public static function flattenArrayKey(array $array, array $return = array ())
+	{
+		foreach ($array as $key => $sub) {
+			$return[] = $key;
+			if (count($sub) > 0) {
+				$return = Basic::flattenArrayKey($sub, $return);
+			}
+		}
+		return $return;
+	}
+
 	// METHOD: __mbMimeEncode
 	// WAS   : _mb_mime_encode
 	// PARAMS: string to encode, encoding to encode in
@@ -1341,7 +1380,7 @@ class Basic
 	// METHOD: compareDate
 	// WAS   : CompareDate
 	// PARAMS: start_date, end_date (both: YYYY-MM-DD)
-	// RETURN: -1 if the first date is smaller the last, 0 if both are equal, 1 if the end date is bigger than the last
+	// RETURN: -1 if the first date is smaller the last, 0 if both are equal, 1 if the first date is bigger than the last
 	// DESC  : splits & checks date, wrap around for check_date function
 	public static function compareDate($start_date, $end_date)
 	{
@@ -1388,7 +1427,7 @@ class Basic
 	public static function compareDateTime($start_datetime, $end_datetime)
 	{
 		// pre check for empty or wrong
-		if ($start_date == '--' || $end_date == '--' || !$start_date || !$end_date) {
+		if ($start_datetime == '--' || $end_datetime == '--' || !$start_datetime || !$end_datetime) {
 			return false;
 		}
 		$start_timestamp = strtotime($start_datetime);

www/lib/CoreLibs/DB/IO.inc

@@ -461,15 +461,15 @@ class IO extends \CoreLibs\Basic
 	// WAS   : _check_query_for_select
 	// PARAMS: query
 	// RETURN: true if matching, false if not
-	// DESC  : checks if query is a SELECT or SHOW, if not error, 0 return
-	// NOTE  : Query needs to start with SELECT or SHOW. if starts with "with" it is ignored
+	// DESC  : checks if query is a SELECT, SHOW or WITH, if not error, 0 return
+	// NOTE  : Query needs to start with SELECT, SHOW or WITH. if starts with "with" it is ignored
 	private function __checkQueryForSelect($query)
 	{
 		// perhaps allow spaces before select ?!?
-		if (!preg_match("/^(select|show) /i", $query)) {
-			return false;
+		if (preg_match("/^(select|show|with) /i", $query)) {
+			return true;
 		}
-		return true;
+		return false;
 	}
 
 	// METHOD: __checkQueryForInsert
@@ -481,16 +481,26 @@ class IO extends \CoreLibs\Basic
 	// NOTE  : Queries need to start with INSERT, UPDATE, DELETE. Anything else is ignored
 	private function __checkQueryForInsert($query, $pure = false)
 	{
-		if (!preg_match("/^insert /i", $query) && !preg_match("/^update /i", $query) && !preg_match("/^delete /i", $query)) {
-			return false;
-		}
-		if (!$pure) {
+		if ($pure && preg_match("/^insert /i", $query)) {
 			return true;
-		} elseif (preg_match("/^insert /i", $query)) {
-			return true;
-		} else {
-			return false;
 		}
+		if (!$pure && preg_match("/^(insert|update|delete) /i", $query)) {
+			return true;
+		}
+		return false;
+	}
+
+	// METHOD: __checkQueryForUpdate
+	// PARAMS: query
+	// RETURN: true if UPDATE, else false
+	// DESC  : returns true if the query starts with UPDATE
+	// NOTE  : query NEEDS to start with UPDATE
+	private function __checkQueryForUpdate($query)
+	{
+		if (preg_match("/^update /i", $query)) {
+			return true;
+		}
+		return false;
 	}
 
 	// METHOD: __printArray
@@ -683,15 +693,22 @@ class IO extends \CoreLibs\Basic
 					$this->query = preg_replace("/(;\s*)$/", '', $this->query);
 					$this->query .= " RETURNING ".$this->pk_name;
 					$this->returning_id = true;
-				} elseif (preg_match("/ returning (.*)/i", $this->query, $matches) && $this->pk_name && $this->pk_name != 'NULL') {
-					// add the primary key if it is not in the returning set
-					if (!preg_match("/$this->pk_name/", $matches[1])) {
-						$this->query .= " , ".$this->pk_name;
+				} elseif (preg_match("/ returning (.*)/i", $this->query, $matches)) {
+					if ($this->pk_name && $this->pk_name != 'NULL') {
+						// add the primary key if it is not in the returning set
+						if (!preg_match("/$this->pk_name/", $matches[1])) {
+							$this->query .= " , ".$this->pk_name;
+						}
 					}
 					$this->returning_id = true;
 				}
 			}
 		}
+		// if we have an UPDATE and RETURNING, flag for true, but do not add anything
+		if ($this->__checkQueryForUpdate($this->query) && preg_match("/ returning (.*)/i", $this->query, $matches)) {
+			$this->returning_id = true;
+		}
+		// $this->debug('DB IO', 'Q: '.$this->query.', RETURN: '.$this->returning_id);
 		// for DEBUG, only on first time ;)
 		if ($this->db_debug) {
 			$this->__dbDebug('db', $this->query, '__dbPrepareExec', 'Q');
@@ -752,7 +769,9 @@ class IO extends \CoreLibs\Basic
 				// if not select do here
 				// count affected rows
 				$this->num_rows = $this->db_functions->__dbAffectedRows($this->cursor);
-				if ($this->__checkQueryForInsert($this->query, true) && $this->pk_name != 'NULL') {
+				if (($this->__checkQueryForInsert($this->query, true) && $this->pk_name != 'NULL') ||
+					($this->__checkQueryForUpdate($this->query) && $this->returning_id)
+				) {
 					// set insert_id
 					// if we do not have a returning, we try to get it via the primary key and another select
 					if (!$this->returning_id) {
@@ -770,14 +789,16 @@ class IO extends \CoreLibs\Basic
 						// if we have only one, revert from array to single
 						if (count($this->insert_id) == 1) {
 							// echo "* SINGLE DATA CONVERT: ".count($this->insert_id[0])." => ".array_key_exists($this->pk_name, $this->insert_id[0])."<br>";
-							// echo "* PK DIRECT: ".$this->insert_id[0][$this->pk_name]."<Br>";
+							// echo "* PK DIRECT: ".(isset($this->insert_id[0][$this->pk_name]) ? $this->insert_id[0][$this->pk_name] : '[NO PK NAME SET]' )."<Br>";
 							// if this has only the pk_name, then only return this, else array of all data (but without the position)
 							// example if insert_id[0]['foo'] && insert_id[0]['bar'] it will become insert_id['foo'] & insert_id['bar']
 							// if only ['foo_id'] and it is the PK then the PK is directly written to the insert_id
 							if (count($this->insert_id[0]) > 1 || !array_key_exists($this->pk_name, $this->insert_id[0])) {
 								$this->insert_id_ext = $this->insert_id[0];
-								$this->insert_id = $this->insert_id[0][$this->pk_name];
-							} elseif ($this->insert_id[0][$this->pk_name]) {
+								if (isset($this->insert_id[0][$this->pk_name])) {
+									$this->insert_id = $this->insert_id[0][$this->pk_name];
+								}
+							} elseif (isset($this->insert_id[0][$this->pk_name])) {
 								$this->insert_id = $this->insert_id[0][$this->pk_name];
 							}
 						} elseif (count($this->insert_id) == 0) {
@@ -1621,6 +1642,12 @@ class IO extends \CoreLibs\Basic
 			if ($string == 'f' || $string == 'false') {
 				return false;
 			}
+			// fallback in case top is not t/f, default on set unset
+			if ($string) {
+				return true;
+			} else {
+				return false;
+			}
 		} else {
 			if ($string) {
 				return 't';
@@ -1656,7 +1683,7 @@ class IO extends \CoreLibs\Basic
 			return false;
 		}
 		$not_write_update_array = array ();
-		return $this->dbWriteData_ext($write_array, $primary_key, $table, $not_write_array, $not_write_update_array, $data);
+		return $this->dbWriteDataExt($write_array, $primary_key, $table, $not_write_array, $not_write_update_array, $data);
 	}
 
 	// METHOD: dbWriteDataExt

www/lib/CoreLibs/DB/SQL/PgSQL.inc

@@ -350,7 +350,8 @@ class PgSQL
 	// DESC  : wrapper for pg_emta_data
 	public function __dbMetaData($table)
 	{
-		return pg_meta_data($this->dbh, $table);
+		// needs to prefixed with @ or it throws a warning on not existing table
+		return @pg_meta_data($this->dbh, $table);
 	}
 
 	// METHOD: __dbEscapeString

www/lib/CoreLibs/Output/Form/Generate.inc

@@ -256,7 +256,12 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		// load config array
 		// get table array definitions for current page name
 		// WARNING: auto spl load does not work with this as it is an array and not a function/object
-		include(TABLE_ARRAYS."array_".$this->my_page_name.".inc");
+		// check if this is the old path or the new path
+		if (is_dir(TABLE_ARRAYS)) {
+			include(TABLE_ARRAYS."array_".$this->my_page_name.".inc");
+		} else {
+			include(BASE.INCLUDES.TABLE_ARRAYS.'array_'.$this->my_page_name.'.inc');
+		}
 		$config_array = ${$this->my_page_name};
 
 		// start the array_io class which will start db_io ...
@@ -270,12 +275,12 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		$this->int_pk_name = $this->pk_name;
 		// check if reference_arrays are given and proceed them
 		if (is_array($config_array["reference_arrays"])) {
-			while (list($key, $value) = each($config_array["reference_arrays"])) {
+			foreach ($config_array["reference_arrays"] as $key => $value) {
 				$this->reference_array[$key] = $value;
 			}
 		}
 		if (is_array($config_array["element_list"])) {
-			while (list($key, $value) = each($config_array["element_list"])) {
+			foreach ($config_array["element_list"] as $key => $value) {
 				$this->element_list[$key] = $value;
 			}
 		}
@@ -319,7 +324,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		}
 		reset($this->table_array);
 		$string .= "<b>TABLE ARRAY DUMP:</b> ".$this->table_name."<br>";
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			$string .= "<b>$key</b>: ".$value["value"]."<br>";
 		}
 		return $string;
@@ -347,7 +352,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			if ($value[$want_key] && !$key_value) {
 				return $key;
 			} elseif ($value[$want_key] == $key_value && $key_value) {
@@ -368,7 +373,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			if ($value[$want_key] && !$key_value) {
 				array_push($key_array, $key);
 			}
@@ -474,22 +479,26 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 	{
 		// only do if the user is allowed to delete
 		if ($this->group_level_user <= $this->security_level["delete"] && !$this->table_array["protected"]["value"] && !$this->error) {
-			for ($i = 0; $i < count($element_list); $i ++) {
+			if (!is_array($element_list)) {
+				$element_list = array ();
+			}
+			for ($i = 0, $i_max = count($element_list); $i < $i_max; $i ++) {
 				// $this->debug('form_error', "Array: ".is_array($this->element_list[$element_list[$i]]["read_data"])." | ".$this->element_list[$element_list[$i]]["delete"]);
 				// if prefix, set it
 				$prfx = ($this->element_list[$element_list[$i]]["prefix"]) ? $this->element_list[$element_list[$i]]["prefix"]."_" : '';
 				// get the primary key
-				while (list($el_name, $data) = each($this->element_list[$element_list[$i]]["elements"])) {
+				foreach ($this->element_list[$element_list[$i]]["elements"] as $el_name => $data) {
 					if ($data["pk_id"]) {
 						$pk_name = $el_name;
 					}
 				}
 				// which key should be deleted
 				$id = $remove_name[$i];
-				if (($this->element_list[$element_list[$i]]["delete_name"] || $this->element_list[$element_list[$i]]["delete"]) && !$this->element_list[$element_list[$i]]["enable_name"]) {
+				if (($this->element_list[$element_list[$i]]["delete_name"] || $this->element_list[$element_list[$i]]["delete"]) &&
+					!$this->element_list[$element_list[$i]]["enable_name"]
+				) {
 					// flag var name
 					$flag = $remove_name[$i]."_flag";
-
 					if ($_POST[$flag] == "true") {
 						$q = "DELETE FROM ".$element_list[$i]." WHERE ".$pk_name." = ".$_POST[$id];
 						$this->dbExec($q);
@@ -497,7 +506,10 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 						$this->warning = 1;
 					} // post okay true -> delete
 				} elseif (is_array($this->element_list[$element_list[$i]]["read_data"]) && !$this->element_list[$element_list[$i]]["delete"]) {
-					for ($j = 0; $j < count($_POST[$id]); $j ++) {
+					if (!is_array($_POST[$id])) {
+						$_POST[$id] = array ();
+					}
+					for ($j = 0, $j_max = count($_POST[$id]); $j < $j_max; $j ++) {
 						// if it is not activated
 						if (!$_POST[$remove_name[$i]][$j]) {
 							$q = "UPDATE ".$element_list[$i]." WHERE ".$pk_name." = ".$_POST[$prfx.$pk_name][$j];
@@ -509,9 +521,9 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 					}
 				} elseif (is_array($this->element_list[$element_list[$i]]["read_data"]) && $this->element_list[$element_list[$i]]["delete"]) {
 					// $this->debug('form_clean', "ID [$id] [$prfx.$pk_name]");
-					// $this->debug('form_clean', "ID arr: ".$this->print_ar($_POST[$id]));
-					// $this->debug('form_clean', "PK arr: ".$this->print_ar($_POST[$prfx.$pk_name]));
-					for ($j = 0; $j < count($_POST[$prfx.$pk_name]); $j ++) {
+					// $this->debug('form_clean', "ID arr: ".$this->printAr($_POST[$id]));
+					// $this->debug('form_clean', "PK arr: ".$this->printAr($_POST[$prfx.$pk_name]));
+					for ($j = 0, $j_max = count($_POST[$prfx.$pk_name]); $j < $j_max; $j ++) {
 						if (!$_POST[$remove_name[$i]][$j] && $_POST[$prfx.$pk_name][$j]) {
 							$q = "DELETE FROM ".$element_list[$i]." WHERE ".$pk_name." = ".$_POST[$prfx.$pk_name][$j];
 							// $this->debug('edit_db', "DEL: $q");
@@ -540,13 +552,13 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 
 			// lade liste
 			$this->dbExec($this->load_query);
-			while ($res = $this->db_fetch_array()) {
+			while ($res = $this->dbFetchArray()) {
 				$pk_ids[] = $res[$this->int_pk_name];
 				if ($res[$this->int_pk_name] == $this->table_array[$this->int_pk_name]["value"]) {
 					$pk_selected = $res[$this->int_pk_name];
 				}
 				unset($t_string);
-				for ($i = 0; $i < count($this->field_array); $i ++) {
+				for ($i = 0, $i_max = count($this->field_array); $i < $i_max; $i ++) {
 					if ($t_string) {
 						$t_string .= ", ";
 					}
@@ -612,7 +624,14 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$show_delete = 1;
 			}
 		} // print save/delete row at all$
-		return array('seclevel_okay' => $seclevel_okay, 'save' => $save, 'pk_name' => $pk_name, 'pk_value' => $pk_value, 'show_delete' => $show_delete, 'hide_delete_checkbox' => $hide_delete_checkbox);
+		return array(
+			'seclevel_okay' => $seclevel_okay,
+			'save' => $save,
+			'pk_name' => $pk_name,
+			'pk_value' => $pk_value,
+			'show_delete' => $show_delete,
+			'hide_delete_checkbox' => $hide_delete_checkbox
+		);
 	} // end of function
 
 	// METHOD: formCreateElement
@@ -717,7 +736,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$data['name'] = $element_name;
 			$data['value'][] = "";
 			$data['output'][] = $this->l->__("Please choose ...");
-			while ($res = $this->db_return($query)) {
+			while ($res = $this->dbReturn($query)) {
 				$data['value'][] = $res[0];
 				$data['output'][] = $res[1];
 				if ($this->table_array[$element_name]["value"] == $res[0]) {
@@ -743,7 +762,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$data['value'][] = "";
 			$data['output'][] = $this->l->__("Please choose ...");
 			// outer query overrules inner
-			while (list($key, $value) = each($query)) {
+			foreach ($query as $key => $value) {
 				$data['value'][] = $key;
 				$data['output'][] = $value;
 				if ($this->table_array[$element_name]["value"] == $key) {
@@ -757,7 +776,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$query = $this->table_array[$element_name]["query"];
 			}
 			$data['name'] = $element_name;
-			while (list($key, $value) = each($query)) {
+			foreach ($query as $key => $value) {
 				$data['value'][] = $key;
 				$data['output'][] = $value;
 				if ($this->table_array[$element_name]["value"] == $key) {
@@ -806,7 +825,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			//if ($value["mandatory"] && $value["error_check"])
 			// if error value set && somethign input, check if input okay
 			if ($value["error_check"] && $this->table_array[$key]["value"]) {
@@ -844,7 +863,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 							break;
 						// check unique, check if field in table is not yet exist
 						case "unique":
-							$q = "SELECT ".$key." FROM ".$this->table_name." WHERE ".$key." = '".$this->db_escape_string($this->table_array[$key]["value"])."'";
+							$q = "SELECT ".$key." FROM ".$this->table_name." WHERE ".$key." = '".$this->dbEscapeString($this->table_array[$key]["value"])."'";
 							if ($this->table_array[$this->int_pk_name]["value"]) {
 								$q .= " AND ".$this->int_pk_name." <> ".$this->table_array[$this->int_pk_name]["value"];
 							}
@@ -928,7 +947,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->reference_array = array ();
 			}
 			reset($this->reference_array);
-			while (list($key, $value) = each($this->reference_array)) {
+			foreach ($this->reference_array as $key => $value) {
 				if ($this->reference_array[$key]["mandatory"] && !$this->reference_array[$key]["selected"][0]) {
 					$this->msg .= sprintf($this->l->__("Please select at least one Element from field <b>%s</b>!<br>"), $this->reference_array[$key]["output_name"]);
 				}
@@ -938,7 +957,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		if (is_array($this->element_list)) {
 			// check the mandatory stuff
 			// if mandatory, check that at least on pk exists or if at least the mandatory field is filled
-			while (list($table_name, $reference_array) = each($this->element_list)) {
+			foreach ($this->element_list as $table_name => $reference_array) {
 				// set pk/fk id for this
 				foreach ($reference_array['elements'] as $_name => $_data) {
 					if ($_data['pk_id']) {
@@ -955,17 +974,17 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				// get max elements
 				$max = 0;
 				foreach ($keys as $key) {
-					if (count($_POST[$prfx.$key]) > $max) {
+					if (is_array($_POST[$prfx.$key]) && count($_POST[$prfx.$key]) > $max) {
 						$max = count($_POST[$prfx.$key]);
 					}
 					// $this->debug('edit_error_chk', "KEY: $prfx$key | count: ".count($_POST[$prfx.$key])." | M: $max");
 					// $this->debug('edit_error_chk', "K: ".$_POST[$prfx.$key]." | ".$_POST[$prfx.$key][0]);
 				}
-				$this->debug('post_array', $this->print_ar($_POST));
+				$this->debug('post_array', $this->printAr($_POST));
 				# check each row
 				for ($i = 0; $i < $max; $i ++) {
 					// either one of the post pks is set, or the mandatory
-					while (list($el_name, $data_array) = each($reference_array["elements"])) {
+					foreach ($reference_array["elements"] as $el_name => $data_array) {
 						if ($data_array["mandatory"]) {
 							$mand_name = $data_array["output_name"];
 						}
@@ -999,7 +1018,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 								switch ($error_check) {
 									// check unique, check if field in table is not yet exist
 									case "unique":
-										$q = "SELECT ".$_pk_name." FROM ".$table_name." WHERE ".$el_name." = '".$this->db_escape_string($_POST[$prfx.$el_name][$i])."'";
+										$q = "SELECT ".$_pk_name." FROM ".$table_name." WHERE ".$el_name." = '".$this->dbEscapeString($_POST[$prfx.$el_name][$i])."'";
 										if ($this->table_array[$this->int_pk_name]["value"]) {
 											$q .= " AND ".$this->int_pk_name." <> ".$this->table_array[$this->int_pk_name]["value"];
 										}
@@ -1078,7 +1097,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			unset($this->table_array[$key]["value"]);
 			unset($this->table_array[$key]["input_value"]);
 			// if preset var present preset
@@ -1091,7 +1110,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->reference_array = array ();
 			}
 			reset($this->reference_array);
-			while (list($key, $value) = each($this->reference_array)) {
+			foreach ($this->reference_array as $key => $value) {
 				unset($this->reference_array[$key]["selected"]);
 			}
 		}
@@ -1109,14 +1128,14 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		if ($pk_id) {
 			$this->pk_id = $pk_id;
 		}
-		$this->table_array = $this->db_read(1);
+		$this->table_array = $this->dbRead(1);
 
 		// reset all temp fields
 		if (!is_array($this->table_array)) {
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			unset($this->table_array[$key]["input_value"]);
 		}
 
@@ -1126,10 +1145,10 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->reference_array = array ();
 			}
 			reset($this->reference_array);
-			while (list($key, $value) = each($this->reference_array)) {
+			foreach ($this->reference_array as $key => $value) {
 				unset($this->reference_array[$key]["selected"]);
 				$q = "SELECT ".$this->reference_array[$key]["other_table_pk"]." FROM ".$this->reference_array[$key]["table_name"]." WHERE ".$this->int_pk_name."=".$this->table_array[$this->int_pk_name]["value"];
-				while ($res = $this->db_return($q)) {
+				while ($res = $this->dbReturn($q)) {
 					$this->reference_array[$key]["selected"][] = $res[$this->reference_array[$key]["other_table_pk"]];
 				}
 			}
@@ -1151,13 +1170,13 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			// drop_down_db with input + reference table
 			// $this->debug('form', "A: ".$this->table_array[$key]["type"]." --- ".$this->table_array[$key]["input_value"]);
 			if ($this->table_array[$key]["type"] == "drop_down_db_input" && $this->table_array[$key]["input_value"]) {
 				// $this->debug('form', "HERE");
 				// check if this text name already exists (lowercase compare)
-				$q = "SELECT ".$this->table_array[$key]["pk_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".$this->db_escape_string(strtolower($this->table_array[$key]["input_value"]))."'";
+				$q = "SELECT ".$this->table_array[$key]["pk_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".$this->dbEscapeString(strtolower($this->table_array[$key]["input_value"]))."'";
 				// if a where was given, add here
 				if ($this->table_array[$key]["where"]) {
 					$q .= " AND ".$this->table_array[$key]["where"];
@@ -1168,7 +1187,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				} else {
 					// if a where was given, set this key also [dangerous!]
 					// postgreSQL compatible insert
-					$q = "INSERT INTO ".$this->table_array[$key]["table_name"]." (".$this->table_array[$key]["input_name"].") VALUES ('".$this->db_escape_string($this->table_array[$key]["input_value"])."')";
+					$q = "INSERT INTO ".$this->table_array[$key]["table_name"]." (".$this->table_array[$key]["input_name"].") VALUES ('".$this->dbEscapeString($this->table_array[$key]["input_value"])."')";
 					$this->dbExec($q);
 					if ($this->table_array[$key]["where"]) {
 						// make an update on the just inseted data with the where data als update values
@@ -1186,7 +1205,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				// if drop down & input are different
 				if ($this->table_array[$key]["input_value"] != $this->table_array[$key]["value"]) {
 					// check if "right input" is in DB
-					$q = "SELECT ".$this->table_array[$key]["input_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".strtolower($this->db_escape_string($this->table_array[$key]["input_value"]))."'";
+					$q = "SELECT ".$this->table_array[$key]["input_name"]." FROM ".$this->table_array[$key]["table_name"]." WHERE LCASE(".$this->table_array[$key]["input_name"].") = '".strtolower($this->dbEscapeString($this->table_array[$key]["input_value"]))."'";
 					// if a where was given, add here
 					if ($this->table_array[$key]["where"]) {
 						$q .= " AND ".$this->table_array[$key]["where"];
@@ -1262,7 +1281,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$q = "DELETE FROM ".$reference_array["table_name"]." WHERE ".$this->int_pk_name."=".$this->table_array[$this->int_pk_name]["value"];
 				$this->dbExec($q);
 				$q = "INSERT INTO ".$reference_array["table_name"]." (".$reference_array["other_table_pk"].", ".$this->int_pk_name.") VALUES ";
-				for ($i = 0; $i < count($reference_array["selected"]); $i ++) {
+				for ($i = 0, $i_max = count($reference_array["selected"]); $i < $i_max; $i ++) {
 					$t_q = "(".$reference_array["selected"][$i].", ".$this->table_array[$this->int_pk_name]["value"].")";
 					$this->dbExec($q.$t_q);
 				}
@@ -1274,7 +1293,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->element_list = array ();
 			}
 			reset($this->element_list);
-			while (list($table_name, $reference_array) = each($this->element_list)) {
+			foreach ($this->element_list as $table_name => $reference_array) {
 				// get the number of keys from the elements array
 				$keys = array_keys($reference_array["elements"]);
 				// element prefix name
@@ -1282,16 +1301,16 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				// get max elements
 				$max = 0;
 				foreach ($keys as $key) {
-					if (count($_POST[$prfx.$key]) > $max) {
+					if (is_array($_POST[$prfx.$key]) && count($_POST[$prfx.$key]) > $max) {
 						$max = count($_POST[$prfx.$key]);
 					}
 				}
 				// $this->debug('edit_error', "MAX: $max");
 				// check if there is a hidden key, update, else insert
-				while (list($el_name, $data_array) = each($reference_array["elements"])) {
+				foreach ($reference_array["elements"] as $el_name => $data_array) {
 					// this is only for reference_data part, at least one of the text fields need to be set for writing
 					$blow_write = array ();
-					// $this->debug('edit_error_query', "QUERY: ".$this->print_ar($_POST));
+					// $this->debug('edit_error_query', "QUERY: ".$this->printAr($_POST));
 					// go through all submitted data
 					// for ($i = 0; $i < count($_POST[$el_name]); $i ++)
 					for ($i = 0; $i < $max; $i ++) {
@@ -1364,14 +1383,14 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 								$q_values[$i] .= $_value;
 							} else {
 								// normal data gets escaped
-								$q_data[$i] .= $el_name." = '".$this->db_escape_string($_value)."'";
-								$q_values[$i] .= "'".$this->db_escape_string($_value)."'";
+								$q_data[$i] .= $el_name." = '".$this->dbEscapeString($_value)."'";
+								$q_values[$i] .= "'".$this->dbEscapeString($_value)."'";
 							}
 						}
 					}
 				} // eche table elements
 				// finalize the queries, add FK key reference for inserts and run the query
-				for ($i = 0; $i < count($type); $i ++) {
+				for ($i = 0, $i_max = count($type); $i < $i_max; $i ++) {
 					$q = '';
 					if (!$no_write[$i]) {
 						if ($type[$i] == "update") {
@@ -1416,7 +1435,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->element_list = array ();
 			}
 			reset($this->element_list);
-			while (list($table_name, $data_array) = each($this->element_list)) {
+			foreach ($this->element_list as $table_name => $data_array) {
 				$q = "DELETE FROM ".$table_name." WHERE ".$this->int_pk_name." = ".$this->table_array[$this->int_pk_name]["value"];
 				$this->dbExec($q);
 			}
@@ -1426,12 +1445,12 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			if ($this->table_array[$key]["type"] == "file") {
 				unlink($this->table_array[$key]["save_dir"].$this->table_array[$key]["value"]);
 			}
 		}
-		$this->db_delete();
+		$this->dbDelete();
 		$this->warning = 1;
 		$this->msg = $this->l->__("Dataset has been deleted!");
 	}
@@ -1441,21 +1460,25 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 	// PARAMS: $hidden_array
 	// RETURN: the input fields (html)
 	// DESC  : creates HTML hidden input fields out of an hash array
-	public function formCreateHiddenFields($hidden_array = "")
+	public function formCreateHiddenFields($hidden_array = array ())
 	{
 		$hidden = array ();
 		if (!is_array($this->table_array)) {
 			$this->table_array = array ();
 		}
 		reset($this->table_array);
-		while (list($key, $value) = each($this->table_array)) {
+		foreach ($this->table_array as $key => $value) {
 			if ($this->table_array[$key]["type"] == "hidden") {
-				$hidden_array[$key] = $this->table_array[$key]["value"];
+				if (array_key_exists($key, $this->table_array)) {
+					$hidden_array[$key] = $this->table_array[$key]["value"];
+				} else {
+					$hidden_array[$key] = '';
+				}
 			}
 		}
 		if (is_array($hidden_array)) {
 			reset($hidden_array);
-			while (list($key, $value) = each($hidden_array)) {
+			foreach ($hidden_array as $key => $value) {
 				$hidden[] = array('key' => $key, 'value' => $value);
 			}
 		}
@@ -1475,7 +1498,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		}
 		$data['name'] = $this->reference_array[$table_name]["other_table_pk"];
 		$data['size'] = $this->reference_array[$table_name]["select_size"];
-		while ($res = $this->db_return($this->reference_array[$table_name]["query"])) {
+		while ($res = $this->dbReturn($this->reference_array[$table_name]["query"])) {
 			$data['value'][] = $res[0];
 			$data['output'][] = $res[1];
 			$data['selected'][] = ($this->checked($this->reference_array[$table_name]["selected"], $res[0])) ? $res[0] : '';
@@ -1523,8 +1546,8 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		reset($this->element_list[$table_name]["elements"]);
 		// generic data read in (counts for all rows)
 		// visible list data output
-		while (list($el_name, $data_array) = each($this->element_list[$table_name]["elements"])) {
-			$this->debug('CFG', 'El: '.$el_name.' -> '.$this->print_ar($data_array));
+		foreach ($this->element_list[$table_name]["elements"] as $el_name => $data_array) {
+			$this->debug('CFG', 'El: '.$el_name.' -> '.$this->printAr($data_array));
 			// if the element name matches the read array, then set the table as a name prefix
 			$q_select[] = $el_name; // this is for reading the data
 			// prefix the name for any further data parts
@@ -1542,7 +1565,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			// only two elements are allowed: pos 0 is key, pso 1 is visible output name
 			if ($data_array['type'] == 'drop_down_db') {
 				$md_q = md5($data_array['query']);
-				while ($res = $this->db_return($data_array['query'])) {
+				while ($res = $this->dbReturn($data_array['query'])) {
 					$this->debug('edit', "Q[$md_q] pos: ".$this->cursor_ext[$md_q]["pos"]." | want: ".$data_array["preset"]." | set: ".$data['preset'][$el_name]);
 					// first is default for this element
 					if (!$data['preset'][$el_name] && ($this->cursor_ext[$md_q]["pos"] == $data_array['preset'])) {
@@ -1555,11 +1578,23 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 			} elseif ($data_array["element_list"]) {
 				$data['element_list'][$el_name] = $data_array["element_list"]; // this is for the checkboxes
 			}
-			$proto[$el_name] = ($this->error) ? $_POST[$el_name][(count($_POST[$el_name]) - 1)] : ''; // this is for the new line
+			$this->debug('CREATE ELEMENT LIST TABLE', 'Post: '.$el_name.' => '.$_POST[$el_name].' => '.is_array($_POST[$el_name]));
+			// if error, check new line addition so we don't loose it
+			if ($this->error) {
+				if (is_array($_POST[$el_name])) {
+					// this is for the new line
+					$proto[$el_name] = $_POST[$el_name][(count($_POST[$el_name]) - 1)];
+				} else {
+					$proto[$el_name] = 0;
+				}
+			} else {
+				$proto[$el_name] = '';
+			}
+			// $proto[$el_name] = $this->error ? $_POST[$el_name][(count($_POST[$el_name]) - 1)] : '';
 		}
-		// $this->debug('CFG DATA', 'Data: '.$this->print_ar($data));
-		// $this->debug('CFG PROTO', 'Proto: '.$this->print_ar($proto));
-		// $this->debug('CFG SELECT', 'Proto: '.$this->print_ar($q_select));
+		// $this->debug('CFG DATA', 'Data: '.$this->printAr($data));
+		// $this->debug('CFG PROTO', 'Proto: '.$this->printAr($proto));
+		// $this->debug('CFG SELECT', 'Proto: '.$this->printAr($q_select));
 		// query for reading in the data
 		$this->debug('edit_error', "ERR: ".$this->error);
 		// if we got a read data, build the read select for the read, and read out the "selected" data
@@ -1610,11 +1645,11 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		if ($q) {
 			$pos = 0; // position in while for overwrite if needed
 			// read out the list and add the selected data if needed
-			while ($res = $this->db_return($q)) {
+			while ($res = $this->dbReturn($q)) {
 				$_data = array ();
 				$prfx = $data["prefix"]; // short
 				// go through each res
-				for ($i = 0; $i < count($q_select); $i ++) {
+				for ($i = 0, $i_max = count($q_select); $i < $i_max; $i ++) {
 					// query select part, set to the element name
 					$el_name = $q_select[$i];
 					// $this->debug('edit_error', "[$i] ELNAME: $el_name | POS[$prfx$el_name]: ".$_POST[$prfx.$el_name][$pos]." | RES: ".$res[$el_name]);
@@ -1649,12 +1684,12 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 				$this->element_list[$table_name]['max_empty'] = 10;
 			}
 			// check if we need to fill fields
-			$element_count = count($data['content']);
-			$missing_empty_count = $this->element_list[$table_name]['max_empty'] - count($data['content']);
+			$element_count = is_array($data['content']) ? count($data['content']) : 0;
+			$missing_empty_count = $this->element_list[$table_name]['max_empty'] - $element_count;
 			$this->debug('CFG MAX', 'Max empty: '.$this->element_list[$table_name]['max_empty'].', Missing: '.$missing_empty_count.', Has: '.$element_count);
 			// set if we need more open entries or if we do not have any entries yet
 			if (($missing_empty_count < $this->element_list[$table_name]['max_empty']) || $element_count == 0) {
-				for ($pos = count($data['content']); $pos <= ($this->element_list[$table_name]['max_empty'] + $element_count); $pos ++) {
+				for ($pos = $element_count , $pos_max = $this->element_list[$table_name]['max_empty'] + $element_count; $pos <= $pos_max; $pos ++) {
 					$_data = array ();
 
 					// the fields that need to be filled are in data->type array:

www/lib/CoreLibs/Upload/qqFileUploader.inc

@@ -101,9 +101,9 @@ class qqFileUploader
 		$this->uploadFileExt = $ext;
 
 		if ($this->file->save($uploadDirectory . $filename . '.' . $ext)) {
-			return array('success'=>true);
+			return array('success' => true);
 		} else {
-			return array('error'=> 'Could not save uploaded file.' .
+			return array('error' => 'Could not save uploaded file.' .
 				'The upload was cancelled, or server error encountered');
 		}
 	}