CoreLibs Fix mandator check & sub group checks for unique input

Login class checks if AJAX_PAGE is set to true and then does not print
the login html to the screen directly, but returns it in the _POST array
login_html, _POST action is set to login
It also resets _POST & _GET arrays before hand to avoid any misuese.
All _SESSION array access needs to be checked in any following class as
the _SESSION is unset in this moment

html element should be overwritten with this JS:
document.getElementsByTagName('html')[0].innerHTML  =
data.content.login_html;

.htaccess

@@ -0,0 +1,29 @@
+# PHP XDEBUG SETTINGS
+# php_value xdebug.profiler_output_dir xdebug/
+# php_value xdebug.profiler_output_name timestamp
+# php_value xdebug.profiler_enable 1
+php_value xdebug.collect_params 2
+php_value xdebug.collect_vars 0
+php_value xdebug.show_local_vars 0
+#php_value xdebug.dump_globals 0
+# allowed COOKIE, FILES, GET, POST, REQUEST, SERVER, SESSION
+#php_value xdebug.dump.GET *
+# PHP ERROR SETTINGS
+php_flag short_open_tag off
+php_flag display_startup_errors on
+php_flag display_errors on
+php_flag html_errors on
+php_flag log_errors on
+php_flag ignore_repeated_errors off
+php_flag ignore_repeated_source off
+php_flag report_memleaks on
+php_flag track_errors on
+php_value docref_root 0
+php_value docref_ext 0
+# Turn this on to redirect log to different folder
+#php_value error_log /var/www/html/developers/clemens/php/php-error/php-errors.log
+# this is E_ALL reporting ON
+php_value error_reporting -1
+# this is E_ALL | ~E_NOTICE
+#php_value error_reporting 2039
+php_value log_errors_max_len 0

.phan/config.php

@@ -0,0 +1,124 @@
+<?php
+
+use Phan\Config;
+
+/**
+ * This configuration will be read and overlaid on top of the
+ * default configuration. Command line arguments will be applied
+ * after this file is read.
+ *
+ * @see src/Phan/Config.php
+ * See Config for all configurable options.
+ *
+ * A Note About Paths
+ * ==================
+ *
+ * Files referenced from this file should be defined as
+ *
+ * ```
+ *   Config::projectPath('relative_path/to/file')
+ * ```
+ *
+ * where the relative path is relative to the root of the
+ * project which is defined as either the working directory
+ * of the phan executable or a path passed in via the CLI
+ * '-d' flag.
+ */
+return [
+	// If true, missing properties will be created when
+	// they are first seen. If false, we'll report an
+	// error message.
+	"allow_missing_properties" => false,
+
+	// Allow null to be cast as any type and for any
+	// type to be cast to null.
+	"null_casts_as_any_type" => false,
+
+	// Backwards Compatibility Checking
+	'backward_compatibility_checks' => true,
+
+	// Run a quick version of checks that takes less
+	// time
+	"quick_mode" => false,
+
+	// Only emit critical issues to start with
+	// (0 is low severity, 5 is normal severity, 10 is critical)
+	"minimum_severity" => 0,
+
+	// default false for include path check
+	"enable_include_path_checks" => true,
+	"include_paths" => [
+		'.', '../configs/'
+	],
+	'ignore_undeclared_variables_in_global_scope' => true,
+
+	"file_list" => [
+		"./www/configs/config.db.php",
+		"./www/configs/config.host.php",
+		"./www/configs/config.path.php",
+		"./www/configs/config.master.php",
+		"./www/includes/admin_header.php",
+	],
+
+	// A list of directories that should be parsed for class and
+	// method information. After excluding the directories
+	// defined in exclude_analysis_directory_list, the remaining
+	// files will be statically analyzed for errors.
+	//
+	// Thus, both first-party and third-party code being used by
+	// your application should be included in this list.
+	'directory_list' => [
+		 // Change this to include the folders you wish to analyze
+		 // (and the folders of their dependencies)
+		 'www',
+		 // To speed up analysis, we recommend going back later and
+		 // limiting this to only the vendor/ subdirectories your
+		 // project depends on.
+		 // `phan --init` will generate a list of folders for you
+		 //'www/vendor',
+	],
+
+
+	// A list of directories holding code that we want
+	// to parse, but not analyze
+	"exclude_analysis_directory_list" => [
+		'www/vendor',
+		'www/lib/FileUpload',
+		'www/lib/pChart',
+		'www/lib/pChart2.1.4',
+		'www/lib/Smarty',
+		'www/lib/smarty-3.1.30',
+		'www/templates_c',
+		'www/log',
+		'www/tmp',
+		'www/cache',
+		'www/media',
+	],
+	'exclude_file_list' => [
+		// ignore all symlink files to edit
+		'www/admin/edit_access.php',
+		'www/admin/edit_groups.php',
+		'www/admin/edit_languages.php',
+		'www/admin/edit_menu_group.php',
+		'www/admin/edit_order.php',
+		'www/admin/edit_pages.php',
+		'www/admin/edit_schemes.php',
+		'www/admin/edit_users.php',
+		'www/admin/edit_visible_group.php',
+		// ignore the old qq tests
+		'www/admin/qq_file_upload_front.php',
+		'www/admin/qq_file_upload_ajax.php',
+	],
+
+	// what not to show as problem
+	'suppress_issue_types' => [
+		// 'PhanUndeclaredMethod',
+		'PhanEmptyFile',
+	],
+
+	// Override to hardcode existence and types of (non-builtin) globals in the global scope.
+	// Class names should be prefixed with `\`.
+	//
+	// (E.g. `['_FOO' => '\FooClass', 'page' => '\PageClass', 'userId' => 'int']`)
+	'globals_type_map' => [],
+];

4dev/database/data/edit_tables.sql

@@ -51,6 +51,7 @@ INSERT INTO edit_page_menu_group VALUES ((SELECT edit_page_id FROM edit_page WHE
 DELETE FROM edit_access_right;
 INSERT INTO edit_access_right (name, level, type) VALUES ('Default', -1, 'default');
 INSERT INTO edit_access_right (name, level, type) VALUES ('No Access', 0, 'none');
+INSERT INTO edit_access_right (name, level, type) VALUES ('List', 10, 'list');
 INSERT INTO edit_access_right (name, level, type) VALUES ('Read', 20, 'read');
 INSERT INTO edit_access_right (name, level, type) VALUES ('Translator', 30, 'mod_trans');
 INSERT INTO edit_access_right (name, level, type) VALUES ('Modify', 40, 'mod');

4dev/database/table/edit_access.sql

@@ -14,5 +14,6 @@ CREATE TABLE edit_access (
 	uid	VARCHAR,
 	enabled	SMALLINT NOT NULL DEFAULT 0,
 	protected INT,
-	deleted	SMALLINT DEFAULT 0
+	deleted	SMALLINT DEFAULT 0,
+	additional_acl	JSONB
 ) INHERITS (edit_generic) WITHOUT OIDS;

4dev/database/table/edit_group.sql

@@ -10,8 +10,10 @@ CREATE TABLE edit_group (
 	edit_group_id	SERIAL PRIMARY KEY,
 	name	VARCHAR,
 	enabled	SMALLINT NOT NULL DEFAULT 0,
+	deleted	SMALLINT DEFAULT 0,
 	edit_scheme_id INT,
 	edit_access_right_id INT NOT NULL,
+	additional_acl	JSONB,
 	FOREIGN KEY (edit_scheme_id) REFERENCES edit_scheme (edit_scheme_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
 ) INHERITS (edit_generic) WITHOUT OIDS;

4dev/database/table/edit_page.sql

@@ -2,12 +2,13 @@
 -- DATE: 2005/07/05
 -- DESCRIPTION:
 -- edit tables, this table contains all pages in the edit interface and allocates rights + values to it
--- TABLE: edit_table
+-- TABLE: edit_page
 -- HISTORY:
 
 -- DROP TABLE edit_page;
 CREATE TABLE edit_page (
 	edit_page_id	SERIAL PRIMARY KEY,
+	content_alias_edit_page_id	INT, -- alias for page content, if the page content is defined on a different page, ege for ajax backend pages
 	filename	VARCHAR,
 	name	VARCHAR UNIQUE,
 	order_number INT NOT NULL,
@@ -15,5 +16,6 @@ CREATE TABLE edit_page (
 	menu	SMALLINT NOT NULL DEFAULT 0,
 	popup	SMALLINT NOT NULL DEFAULT 0,
 	popup_x	SMALLINT,
-	popup_y SMALLINT
+	popup_y SMALLINT,
+	FOREIGN KEY (content_alias_edit_page_id) REFERENCES edit_page (edit_page_id) MATCH FULL ON DELETE RESTRICT ON UPDATE CASCADE,
 ) INHERITS (edit_generic) WITHOUT OIDS;

4dev/database/table/edit_page_content.sql

@@ -0,0 +1,20 @@
+-- AUTHOR: Clemens Schwaighofer
+-- DATE: 2019/9/9
+-- DESCRIPTION:
+-- sub content to one page with additional edit access right set
+-- can be eg JS content groups on one page
+-- TABLE: edit_page_content
+-- HISTORY:
+
+-- DROP TABLE edit_page_content;
+CREATE TABLE edit_page_content (
+	edit_page_content_id	SERIAL PRIMARY KEY,
+	edit_page_id	INT NOT NULL,
+	edit_access_right_id	INT NOT NULL,
+	name	VARCHAR,
+	uid	VARCHAR UNIQUE,
+	order_number INT NOT NULL,
+	online	SMALLINT NOT NULL DEFAULT 0,
+	FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
+	FOREIGN KEY (edit_page_id) REFERENCES edit_page (edit_page_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
+) INHERITS (edit_generic) WITHOUT OIDS;

4dev/database/table/edit_user.sql

@@ -16,6 +16,7 @@ CREATE TABLE edit_user (
 	first_name_furigana	VARCHAR,
 	last_name_furigana	VARCHAR,
 	enabled	SMALLINT NOT NULL DEFAULT 0,
+	deleted	SMALLINT NOT NULL DEFAULT 0,
 	debug	SMALLINT NOT NULL DEFAULT 0,
 	db_debug	SMALLINT NOT NULL DEFAULT 0,
 	email	VARCHAR,
@@ -32,6 +33,7 @@ CREATE TABLE edit_user (
 	locked	SMALLINT DEFAULT 0,
 	password_change_date	TIMESTAMP WITHOUT TIME ZONE, -- only when password is first set or changed
 	password_change_interval	INTERVAL, -- null if no change is needed, or d/m/y time interval
+	additional_acl	JSONB, -- additional ACL as JSON string (can be set by other pages)
 	FOREIGN KEY (connect_edit_user_id) REFERENCES edit_user (edit_user_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_language_id) REFERENCES edit_language (edit_language_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
 	FOREIGN KEY (edit_group_id) REFERENCES edit_group (edit_group_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,

4dev/database/trigger/trg_edit_page_content.sql

@@ -0,0 +1,4 @@
+DROP TRIGGER trg_edit_page_content ON edit_page_content;
+CREATE TRIGGER trg_edit_page_content
+BEFORE INSERT OR UPDATE ON edit_page_content
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();

4dev/database/update/edit_update_missing_cuid.sql

@@ -0,0 +1,17 @@
+-- 2019/9/10 UPDATE missing cuid in edit_* tables
+
+UPDATE edit_access SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_access_data SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_access_right SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_access_user SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_group SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_language SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_log SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_menu_group SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_page SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_page_access SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_page_content SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_query_string SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_scheme SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_user SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_visible_group SET cuid = random_string(12) WHERE cuid IS NULL;

4dev/lang/admin/messages_en_utf8.po

@@ -1,11 +1,11 @@
-#********************************************************************
+# ********************************************************************
 # AUTHOR: Clemens Schwaighofer
 # CREATED: 2005/08/09
 # SHORT DESCRIPTION:
 # Backned English Messages file for gettext
 # to craete: msgfmt -o ja.mo messages_en.po
 # HISTORY:
-#********************************************************************/
+# ********************************************************************/
 
 msgid ""
 msgstr ""
@@ -24,3 +24,6 @@ msgstr "Year"
 
 msgid "Month"
 msgstr "Month"
+
+msgid "INPUT TEST"
+msgstr "OUTPUT TEST EN"

4dev/lang/admin/messages_ja_utf8.po

@@ -1,11 +1,11 @@
-#********************************************************************
+# ********************************************************************
 # AUTHOR: Clemens Schwaighofer
 # CREATED: 2018/03/28
 # SHORT DESCRIPTION:
 # Backend Japanese Messages file for gettext
 # to craete: msgfmt -o ja.mo messages_ja.po
 # HISTORY:
-#********************************************************************/
+# ********************************************************************/
 
 msgid ""
 msgstr ""
@@ -61,3 +61,6 @@ msgstr "土"
 
 msgid "Sun"
 msgstr "日"
+
+msgid "INPUT TEST"
+msgstr "OUTPUT TEST JA"

4dev/update/20190910_page_content/20190910_page_content_updates.sql

@@ -0,0 +1,90 @@
+-- 2019/9/10 update edit_page with reference and additional ACLs, update core functions
+
+-- * random_string function
+-- * add cuid column in edit_generic
+-- * update generic trigger function
+-- * edit_page_content table/trigger
+-- * edit_* additional_acl entries
+-- * edit_page content alias link
+-- * update any missing cuid entries
+
+-- create random string with length X
+CREATE FUNCTION random_string(randomLength int)
+RETURNS text AS $$
+SELECT array_to_string(
+    ARRAY(
+        SELECT substring(
+            'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789',
+            trunc(random() * 62)::int + 1,
+            1
+        )
+        FROM generate_series(1, randomLength) AS gs(x)
+    ),
+    ''
+)
+$$ LANGUAGE SQL
+RETURNS NULL ON NULL INPUT
+VOLATILE;
+-- edit_gneric update
+ALTER TABLE edit_generic ADD cuid VARCHAR;
+-- adds the created or updated date tags
+CREATE OR REPLACE FUNCTION set_edit_generic() RETURNS TRIGGER AS '
+    DECLARE
+        random_length INT = 12; -- that should be long enough
+    BEGIN
+        IF TG_OP = ''INSERT'' THEN
+            NEW.date_created := ''now'';
+            NEW.cuid := random_string(random_length);
+        ELSIF TG_OP = ''UPDATE'' THEN
+            NEW.date_updated := ''now'';
+        END IF;
+        RETURN NEW;
+    END;
+' LANGUAGE 'plpgsql';
+
+-- DROP TABLE edit_page_content;
+CREATE TABLE edit_page_content (
+    edit_page_content_id    SERIAL PRIMARY KEY,
+    edit_page_id    INT NOT NULL,
+    edit_access_right_id    INT NOT NULL,
+    name    VARCHAR,
+    uid VARCHAR UNIQUE,
+    order_number INT NOT NULL,
+    online  SMALLINT NOT NULL DEFAULT 0,
+    FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
+    FOREIGN KEY (edit_page_id) REFERENCES edit_page (edit_page_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE
+) INHERITS (edit_generic) WITHOUT OIDS;
+DROP TRIGGER trg_edit_page_content ON edit_page_content;
+CREATE TRIGGER trg_edit_page_content
+BEFORE INSERT OR UPDATE ON edit_page_content
+FOR EACH ROW EXECUTE PROCEDURE set_edit_generic();
+
+-- INSERT new list entry
+INSERT INTO edit_access_right (name, level, type) VALUES ('List', 10, 'list');
+
+-- UPDATE
+ALTER TABLE edit_user ADD additional_acl JSONB;
+ALTER TABLE edit_group ADD additional_acl JSONB;
+ALTER TABLE edit_access ADD additional_acl JSONB;
+
+-- page content reference settings
+ALTER TABLE edit_page ADD content_alias_edit_page_id INT;
+ALTER TABLE edit_page ADD CONSTRAINT edit_page_content_alias_edit_page_id_fkey FOREIGN KEY (content_alias_edit_page_id) REFERENCES edit_page (edit_page_id) MATCH FULL ON DELETE RESTRICT ON UPDATE CASCADE;
+
+
+-- 2019/9/10 UPDATE missing cuid in edit_* tables
+UPDATE edit_access SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_access_data SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_access_right SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_access_user SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_group SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_language SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_log SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_menu_group SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_page SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_page_access SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_page_content SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_query_string SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_scheme SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_user SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_visible_group SET cuid = random_string(12) WHERE cuid IS NULL;

phpstan-bootstrap.php

@@ -0,0 +1,6 @@
+<?php
+// Boostrap file for PHPstand
+// sets the _SERVER['HTTP_HOST'] var so we can have DB detection
+$_SERVER['HTTP_HOST'] = 'soba.tokyo.tequila.jp';
+
+// __END__

phpstan.neon

@@ -0,0 +1,55 @@
+# PHP Stan Config
+
+parameters:
+	tmpDir: /tmp/phpstan-corelibs
+	level: 1
+	paths:
+		- %currentWorkingDirectory%/www
+	#bootstrap: %currentWorkingDirectory%/phpstan-bootstrap.php
+	#bootstrap: phpstan-bootstrap.php
+	autoload_directories:
+	autoload_files:
+		- %currentWorkingDirectory%/phpstan-bootstrap.php
+		- www/configs/config.master.php
+		- www/lib/autoloader.php
+		- www/vendor/autoload.php
+	excludes_analyse:
+		# no check admin
+		- www/admin/qq_file_upload_front.php
+		- www/admin/qq_file_upload_ajax.php
+		# admin synlink files
+		- www/admin/edit_access.php
+		- www/admin/edit_groups.php
+		- www/admin/edit_languages.php
+		- www/admin/edit_menu_group.php
+		- www/admin/edit_order.php
+		- www/admin/edit_pages.php
+		- www/admin/edit_schemes.php
+		- www/admin/edit_users.php
+		- www/admin/edit_visible_group.php
+		# ignore admin header stuff
+		- www/includes/admin_header.php # ignore the admin include stuff
+		- www/includes/admin_footer.php # ignore the admin include stuff
+		- www/includes/admin_set_paths.php # ignore the admin include stuff
+		- www/includes/admin_smarty.php # ignore the admin include stuff
+		# folders with data no check needed
+		- www/templates_c
+		- www/cache
+		- www/log
+		- www/media
+		- www/tmp
+		- www/lib/pChart
+		- www/lib/pChart2.1.4
+		- www/lib/Smarty/
+		- www/lib/smarty-3.1.30/
+		# ignore composer
+		- www/vendor
+	# ignore errores with
+	# ignoreErrors:
+		#- 'error regex'
+		#-
+		#	message: 'error regex'
+		#	path: %currentWorkingDirectory%/www/some/*
+		#	paths:
+		#		- ...
+		#		- ...

static_checkers.txt

@@ -0,0 +1,9 @@
+# main static checker
+phan --progress-bar -C -o 4dev/tmp/analysis.txt
+# sub static checker
+phpstan analyse -c phpstan.neon --memory-limit=4G -l 0 www
+# only if we work with composer only
+www/: psalm (this needs the composer autoloader defined)
+
+# for linting
+parallel-lint www/

www/admin/class_test.php

@@ -1,4 +1,7 @@
-<?php
+<?php declare(strict_types=1);
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
 
 $DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
 $DEBUG_ALL = 1;
@@ -14,27 +17,43 @@ ob_start();
 // basic class test file
 define('USE_DATABASE', true);
 // sample config
-// require("config.inc");
 require 'config.php';
 // set session name
 if (!defined('SET_SESSION_NAME')) {
-	DEFINE('SET_SESSION_NAME', EDIT_SESSION_NAME);
+	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
 }
 // define log file id
-DEFINE('LOG_FILE_ID', 'classTest');
+$LOG_FILE_ID = 'classTest';
 // set language for l10n
 $lang = 'en_utf8';
+
 // init login & backend class
-$login = new CoreLibs\ACL\Login($DB_CONFIG[LOGIN_DB], $lang);
-$basic = new CoreLibs\Admin\Backend($DB_CONFIG[MAIN_DB], $lang);
-$basic->dbInfo(1);
+$login = new CoreLibs\ACL\Login(DB_CONFIG, $lang);
+$basic = new CoreLibs\Admin\Backend(DB_CONFIG, $lang);
+$basic->dbInfo(true);
 ob_end_flush();
 
+echo "DB_CONFIG_SET constant: <pre>".print_r(DB_CONFIG, true)."</pre><br>";
+
+$basic->hrRunningTime();
+$basic->runningTime();
+echo "RANDOM KEY [50]: ".$basic->randomKeyGen(50)."<br>";
+echo "TIMED [hr]: ".$basic->hrRunningTime()."<br>";
+echo "TIMED [def]: ".$basic->runningTime()."<br>";
+echo "TIMED [string]: ".$basic->runningtime_string."<br>";
+$basic->hrRunningTime();
+echo "RANDOM KEY [default]: ".$basic->randomKeyGen()."<br>";
+echo "TIMED [hr]: ".$basic->hrRunningTime()."<br>";
+
+// color
+print "COLOR: -1, -1, -1: ".$basic->rgb2hex(-1, -1, -1)."<br>";
+print "COLOR: 10, 20, 30: ".$basic->rgb2hex(10, 20, 30)."<br>";
+
 // set + check edit access id
 $edit_access_id = 3;
-if (isset($login) && is_object($login) && isset($login->acl['unit'])) {
-	print "ACL UNIT: ".print_r(array_keys($login->acl['unit']), 1)."<br>";
-	print "ACCESS CHECK: ".$login->loginCheckEditAccess($edit_access_id)."<br>";
+if (is_object($login) && isset($login->acl['unit'])) {
+	print "ACL UNIT: ".print_r(array_keys($login->acl['unit']), true)."<br>";
+	print "ACCESS CHECK: ".(string)$login->loginCheckEditAccess($edit_access_id)."<br>";
 	if ($login->loginCheckEditAccess($edit_access_id)) {
 		$basic->edit_access_id = $edit_access_id;
 	} else {
@@ -68,7 +87,7 @@ print "CALLER BACKTRACE: ".$basic->getCallerMethod()."<br>";
 $basic->debug('SOME MARK', 'Some error output');
 
 print "EDIT ACCESS ID: ".$basic->edit_access_id."<br>";
-if (isset($login)) {
+if (is_object($login)) {
 	//	print "ACL: <br>".$basic->print_ar($login->acl)."<br>";
 	$basic->debug('ACL', "ACL: ".$basic->printAr($login->acl));
 	//	print "DEFAULT ACL: <br>".$basic->print_ar($login->default_acl_list)."<br>";
@@ -82,27 +101,31 @@ if (isset($login)) {
 // DB client encoding
 print "DB Client encoding: ".$basic->dbGetEncoding()."<br>";
 
-while ($res = $basic->dbReturn("SELECT * FROM max_test")) {
+while ($res = $basic->dbReturn("SELECT * FROM max_test", 0, true)) {
 	print "TIME: ".$res['time']."<br>";
 }
+print "CACHED DATA: <pre>".print_r($basic->cursor_ext, true)."</pre><br>";
+while ($res = $basic->dbReturn("SELECT * FROM max_test")) {
+	print "[CACHED] TIME: ".$res['time']."<br>";
+}
 
 $status = $basic->dbExec("INSERT INTO foo (test) VALUES ('FOO TEST ".time()."') RETURNING test");
-print "DIRECT INSERT STATUS: $status | PRIMARY KEY: ".$basic->insert_id." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, 1)."<br>";
-print "DIRECT INSERT PREVIOUS INSERTED: ".print_r($basic->dbReturnRow("SELECT foo_id, test FROM foo WHERE foo_id = ".$basic->insert_id), 1)."<br>";
+print "DIRECT INSERT STATUS: $status | PRIMARY KEY: ".$basic->insert_id." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, true)."<br>";
+print "DIRECT INSERT PREVIOUS INSERTED: ".print_r($basic->dbReturnRow("SELECT foo_id, test FROM foo WHERE foo_id = ".$basic->insert_id), true)."<br>";
 $basic->dbPrepare("ins_foo", "INSERT INTO foo (test) VALUES ($1)");
 $status = $basic->dbExecute("ins_foo", array('BAR TEST '.time()));
-print "PREPARE INSERT STATUS: $status | PRIMARY KEY: ".$basic->insert_id." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, 1)."<br>";
-print "PREPARE INSERT PREVIOUS INSERTED: ".print_r($basic->dbReturnRow("SELECT foo_id, test FROM foo WHERE foo_id = ".$basic->insert_id), 1)."<br>";
+print "PREPARE INSERT STATUS: $status | PRIMARY KEY: ".$basic->insert_id." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, true)."<br>";
+print "PREPARE INSERT PREVIOUS INSERTED: ".print_r($basic->dbReturnRow("SELECT foo_id, test FROM foo WHERE foo_id = ".$basic->insert_id), true)."<br>";
 // returning test with multiple entries
 //	$status = $basic->db_exec("INSERT INTO foo (test) values ('BAR 1 ".time()."'), ('BAR 2 ".time()."'), ('BAR 3 ".time()."') RETURNING foo_id");
 $status = $basic->dbExec("INSERT INTO foo (test) values ('BAR 1 ".time()."'), ('BAR 2 ".time()."'), ('BAR 3 ".time()."') RETURNING foo_id, test");
-print "DIRECT MULTIPLE INSERT STATUS: $status | PRIMARY KEYS: ".print_r($basic->insert_id, 1)." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, 1)."<br>";
+print "DIRECT MULTIPLE INSERT STATUS: $status | PRIMARY KEYS: ".print_r($basic->insert_id, true)." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, true)."<br>";
 // no returning, but not needed ;
 $status = $basic->dbExec("INSERT INTO foo (test) VALUES ('FOO; TEST ".time()."');");
-print "DIRECT INSERT STATUS: $status | PRIMARY KEY: ".$basic->insert_id." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, 1)."<br>";
+print "DIRECT INSERT STATUS: $status | PRIMARY KEY: ".$basic->insert_id." | PRIMARY KEY EXT: ".print_r($basic->insert_id_ext, true)."<br>";
 // UPDATE WITH RETURNING
 $status = $basic->dbExec("UPDATE foo SET test = 'SOMETHING DIFFERENT' WHERE foo_id = 3688452 RETURNING test");
-print "UPDATE STATUS: $status | RETURNING EXT: ".print_r($basic->insert_id_ext, 1)."<br>";
+print "UPDATE STATUS: $status | RETURNING EXT: ".print_r($basic->insert_id_ext, true)."<br>";
 
 # db write class test
 $table = 'foo';
@@ -125,6 +148,11 @@ $data = array ('test' => 'BOOL TEST UNSET '.time());
 $primary_key = $basic->dbWriteDataExt($db_write_table, $primary_key, $table, $object_fields_not_touch, $object_fields_not_update, $data);
 print "Wrote to DB tabel $table and got primary key $primary_key<br>";
 
+// return Array Test
+$query = "SELECT type, sdate, integer FROM foobar";
+$data = $basic->dbReturnArray($query, true);
+print "Full foobar list: <br><pre>".print_r($data, true)."</pre><br>";
+
 # async test queries
 /*	$basic->dbExecAsync("SELECT test FROM foo, (SELECT pg_sleep(10)) as sub WHERE foo_id IN (27, 50, 67, 44, 10)");
 echo "WAITING FOR ASYNC: ";
@@ -156,7 +184,7 @@ while (($ret = $basic->dbCheckAsync()) === true)
 	flush();
 }
 print "<br>END STATUS: ".$ret." | PK: ".$basic->insert_id."<br>";
-print "ASYNC PREVIOUS INSERTED: ".print_r($basic->dbReturnRow("SELECT foo_id, test FROM foo WHERE foo_id = ".$basic->insert_id), 1)."<br>"; */
+print "ASYNC PREVIOUS INSERTED: ".print_r($basic->dbReturnRow("SELECT foo_id, test FROM foo WHERE foo_id = ".$basic->insert_id), true)."<br>"; */
 
 $to_db_version = '9.1.9';
 print "VERSION DB: ".$basic->dbVersion()."<br>";

www/admin/edit_access.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_groups.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_languages.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_menu_group.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_order.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_pages.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_schemes.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_users.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_visible_group.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/error_test.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 
 $DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
 $DEBUG_ALL = 1;
@@ -11,8 +11,8 @@ if ($DEBUG_ALL) {
 
 // sample config
 require 'config.php';
-echo "FILE: ".BASE.LIB."Error.Handling.inc<br>";
-require(BASE.LIB."Error.Handling.inc");
+echo "FILE: ".BASE.LIB."Error.Handling.php<br>";
+require(BASE.LIB."Error.Handling.php");
 
 if ($var) {
 	echo "OUT<br>";

www/admin/l10n_test.php

@@ -1,17 +1,29 @@
-<?php
+<?php declare(strict_types=1);
 
 // debug for L10n issues in php 7.3
 
 // namespace test
 ob_start();
 
+// init language
 $lang = 'en_utf8';
-
 // admin class tests
 require 'config.php';
 $l = new CoreLibs\Language\L10n($lang);
-
-echo "OK<br>";
-
 ob_end_flush();
+
+$string = 'INPUT TEST';
+
+echo "LANGUAGE SET: ".$l->__getLang()."<br>";
+echo "LANGUAGE FILE: ".$l->__getMoFile()."<br>";
+echo "INPUT TEST: ".$string." => ".$l->__($string)."<br>";
+
+// switch to other language
+$lang = 'ja_utf8';
+$l->l10nReloadMOfile($lang);
+
+echo "LANGUAGE SET: ".$l->__getLang()."<br>";
+echo "LANGUAGE FILE: ".$l->__getMoFile()."<br>";
+echo "INPUT TEST: ".$string." => ".$l->__($string)."<br>";
+
 // __END__

www/admin/namespace_test.php

@@ -1,6 +1,4 @@
-<?php
-
-declare(strict_types=1);
+<?php declare(strict_types=1);
 
 $DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
 $DEBUG_ALL = 1;
@@ -12,30 +10,33 @@ ob_start();
 
 // admin class tests
 require 'config.php';
-DEFINE('SET_SESSION_NAME', EDIT_SESSION_NAME);
+$SET_SESSION_NAME = EDIT_SESSION_NAME;
 
 echo "DIR: ".DIR."<br>ROOT: ".ROOT."<br>BASE: ".BASE."<br>";
 
 $lang = 'ja_utf8';
-$base = new CoreLibs\Admin\Backend($DB_CONFIG[MAIN_DB], $lang);
+$base = new CoreLibs\Admin\Backend(DB_CONFIG, $lang);
 ob_end_flush();
+if ($base->getConnectionStatus()) {
+	die("Cannot connect to database");
+}
 
 print "Start time: ".$base->runningTime()."<br>";
 print "ByteStringFormat: ".$base->ByteStringFormat(1234567.12)."<br>";
 print "byteStringFormat: ".$base->byteStringFormat(1234567.12)."<br>";
-print "get_page_name [DEPRECATED]: ".$base->get_page_name()."<br>";
+// print "get_page_name [DEPRECATED]: ".$base->get_page_name()."<br>";
 print "getPageName: ".$base->getPageName()."<br>";
 
-print "DB Info: ".$base->dbInfo(1)."<br>";
+print "DB Info: ".$base->dbInfo(true)."<br>";
 
 
 print "End Time: ".$base->runningTime()."<br>";
-print "Run Time: ".$base->runningTime()."<br>";
-$base->resetRunningtime();
+print "Start Time: ".$base->runningTime()."<br>";
 
 print "Lang: ".$base->l->__getLang().", MO File: ".$base->l->__getMoFile()."<br>";
 print "Translate test: Year -> ".$base->l->__('Year')."<br>";
 
+print "End Time: ".$base->runningTime()."<br>";
 // end error print
 print $base->printErrorMsg();
 

www/admin/other_test.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 
 namespace Foo;
 
@@ -21,3 +21,14 @@ class FooBar
 		echo "B: $wrong<br>";
 	}
 }
+
+$foo = $bar ?? 'EMPTY';
+echo "BAR: ".$foo."<br>";
+// define('DS', DIRECTORY_SEPARATOR);
+$ds = defined('DS') ? DS : DIRECTORY_SEPARATOR;
+$du = DS ?? DIRECTORY_SEPARATOR;
+echo "DS is: ".$ds."<br>";
+
+echo "SERVER HOST: ".$_SERVER['HTTP_HOST']."<br>";
+
+// __END__

www/admin/qq_file_upload_ajax.php

@@ -16,7 +16,7 @@ $MAX_UPLOAD_SIZE = $base->StringByteFormat(ini_get('upload_max_filesize'));
 $allowedExtensions = array ('csv', 'zip', 'jpg', 'pdf', 'bz2');
 $sizeLimit = $MAX_UPLOAD_SIZE; // as set in php ini
 $base->debug('AJAX UPLOAD', 'Size: '.$sizeLimit.', Memory Limit: '.ini_get('memory_limit'));
-$uploader = new CoreLibs\Upload\qqFileUploader($allowedExtensions, $sizeLimit);
+$uploader = new FileUpload\qqFileUploader($allowedExtensions, $sizeLimit);
 // either in post or get
 $_action= $_POST['action'] ? $_POST['action'] : $_GET['action'];
 $_task_uid = $_POST['task_uid'] ? $_POST['task_uid'] : $_GET['task_uid'];

www/admin/smarty_test.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 $ENABLE_ERROR_HANDLING = 0;
 $DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
 $DEBUG_ALL = 1;
@@ -9,12 +9,13 @@ $LOG_PER_RUN = 1;
 define('USE_DATABASE', true);
 define('USE_HEADER', true);
 require 'config.php';
-require BASE.INCLUDES.'admin_header.inc';
+require BASE.INCLUDES.'admin_header.php';
 $MASTER_TEMPLATE_NAME = 'main_body.tpl';
 $TEMPLATE_NAME = 'smarty_test.tpl';
 $CSS_NAME = 'smart_test.css';
 $USE_PROTOTYPE = false;
 $USE_JQUERY = true;
+$JS_DATEPICKR = false;
 if ($USE_PROTOTYPE) {
 	$ADMIN_JAVASCRIPT = 'edit.pt.js';
 	$JS_NAME = 'prototype.test.js';
@@ -23,7 +24,7 @@ if ($USE_PROTOTYPE) {
 	$JS_NAME = 'jquery.test.js';
 }
 $PAGE_WIDTH = "100%";
-require BASE.INCLUDES.'admin_set_paths.inc';
+require BASE.INCLUDES.'admin_set_paths.php';
 
 // smarty test
 $cms->DATA['SMARTY_TEST'] = 'Test Data';
@@ -47,5 +48,5 @@ $options = array (
 
 $cms->DATA['drop_down_test'] = $options;
 
-require BASE.INCLUDES.'admin_smarty.inc';
-require BASE.INCLUDES.'admin_footer.inc';
+require BASE.INCLUDES.'admin_smarty.php';
+require BASE.INCLUDES.'admin_footer.php';

www/admin/various_class_test.php

@@ -1,4 +1,9 @@
 <?php
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
+
+namespace CoreLibs;
 
 $DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
 $DEBUG_ALL = 1;
@@ -6,16 +11,15 @@ $PRINT_ALL = 1;
 $DB_DEBUG = 1;
 
 // admin class tests
-// require 'config.inc';
 require 'config.php';
-DEFINE('SET_SESSION_NAME', EDIT_SESSION_NAME);
-$base = new CoreLibs\Basic();
+$SET_SESSION_NAME = EDIT_SESSION_NAME;
+$base = new Basic();
 
 print "THIS HOST: ".HOST_NAME.", with PROTOCOL: ".HOST_PROTOCOL." is running SSL: ".HOST_SSL."<br>";
 print "DIR: ".DIR."<br>";
 print "BASE: ".BASE."<br>";
 print "ROOT: ".ROOT."<br>";
-print "HOST: ".$HOST_NAME." => DB HOST: ".$DB_HOST[$HOST_NAME]." => ".MAIN_DB."<br>";
+print "HOST: ".HOST_NAME." => DB HOST: ".DB_CONFIG_NAME." => ".print_r(DB_CONFIG, true)."<br>";
 
 $text = 'I am some text
 with some
@@ -43,7 +47,7 @@ print "LB remove: ".$base->removeLB($text, '##BR##')."<br>";
 // 	)
 // );
 
-$base->debug('ARRAY', $base->printAr($test));
+// $base->debug('ARRAY', $base->printAr($test));
 
 function rec($pre, $cur, $node = array ())
 {
@@ -82,6 +86,7 @@ function flattenArrayKey(array $array, array $return = array ())
 	return $return;
 }
 
+$test = array ();
 // core
 $test = rec('', 'A', $test);
 $test = rec('', '1', $test);

www/composer.json

@@ -0,0 +1,12 @@
+{
+    "name": "gullevek/www",
+    "description": "CoreLibs",
+    "type": "library",
+    "authors": [
+        {
+            "name": "Clemens Schwaighofer",
+            "email": "clemens.schwaighofer@egplusww.com"
+        }
+    ],
+    "require": {}
+}

www/configs/config.db.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2018/10/11
@@ -8,13 +8,13 @@
 *********************************************************************/
 
 // please be VERY carefull only to change the right side
-$DB_CONFIG = array (
-	'test' => array (
+$DB_CONFIG = array(
+	'test' => array(
 		'db_name' => 'gullevek',
 		'db_user' => 'gullevek',
 		'db_pass' => 'gullevek',
 		'db_host' => 'db.tokyo.tequila.jp',
-		'db_port' => '5432',
+		'db_port' => 5432,
 		'db_schema' => 'public',
 		'db_type' => 'pgsql',
 		'db_encoding' => '',

www/configs/config.host.inc

@@ -1,33 +0,0 @@
-<?php
-/********************************************************************
-* AUTHOR: Clemens Schwaighofer
-* CREATED: 2018/10/11
-* SHORT DESCRIPTION:
-* configuration file for core host settings
-* - DB access name (array group from config.db)
-* - location (test/stage/live)
-* - debug flag (true/false)
-* - DB path (eg PUBLIC_SCHEMA)
-* - stie lang
-* HISTORY:
-*********************************************************************/
-
-// each host has a different db_host
-// development host
-$DB_HOST['soba.tokyo.tequila.jp'] = 'test';
-// target host (live)
-//	$DB_TARGET_HOST['soba'] = '<DB ID>';
-// url redirect database
-//	$DB_URL_REDIRECT_HOST['soba'] = '<DB ID>';
-// location flagging
-// test/dev/live
-$LOCATION['soba.tokyo.tequila.jp'] = 'test';
-// show DEBUG override
-// true/false
-$DEBUG_FLAG['soba.tokyo.tequila.jp'] = true;
-// set postgresql paths (schemas)
-$DB_PATH['soba.tokyo.tequila.jp'] = PUBLIC_SCHEMA;
-// site language
-$SITE_LANG['soba.tokyo.tequila.jp'] = 'en_utf8';
-
-// __END__

www/configs/config.host.php

@@ -0,0 +1,44 @@
+<?php declare(strict_types=1);
+/********************************************************************
+* AUTHOR: Clemens Schwaighofer
+* CREATED: 2018/10/11
+* SHORT DESCRIPTION:
+* configuration file for core host settings
+* - DB access name (array group from config.db)
+* - location (test/stage/live)
+* - debug flag (true/false)
+* - site lang
+* HISTORY:
+*********************************************************************/
+
+// other master config to attach
+// $__LOCAL_CONFIG = array(
+// 	'db_host' => '',
+// 	'location' => '',
+//	'debug_flag' => true,
+//	'site_lang' => 'en_utf8',
+//	'login_enabled' => true
+// );
+
+// each host has a different db_host
+$SITE_CONFIG = array(
+	// development host
+	'soba.tokyo.tequila.jp' => array(
+		// db config selection
+		'db_host' => 'test',
+		// other db connections
+		// 'db_host_target' => '',
+		// 'db_host_other' => '',
+		// location flagging (test/dev/live) for debug output
+		'location' => 'test',
+		// show DEBUG override
+		'debug_flag' => true,
+		// site language
+		'site_lang' => 'en_utf8',
+		// enable/disable login override
+		'login_enabled' => true
+	),
+	// 'other.host.com' => $__LOCAL_CONFIG
+);
+
+// __END__

www/configs/config.master.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2003/06/10
@@ -105,6 +105,7 @@ DEFINE('DEFAULT_ACL_ADMIN', 100); */
 DEFINE('LOGOUT_TARGET', '');
 // password change allowed
 DEFINE('PASSWORD_CHANGE', false);
+DEFINE('PASSWORD_FORGOT', false);
 // min/max password length
 DEFINE('PASSWORD_MIN_LENGTH', 8);
 DEFINE('PASSWORD_MAX_LENGTH', 255);
@@ -113,9 +114,9 @@ DEFINE('PASSWORD_MAX_LENGTH', 255);
 // ajax request type
 DEFINE('AJAX_REQUEST_TYPE', 'POST');
 // what AJAX type to use
-DEFINE('USE_PROTOTYPE', true);
+DEFINE('USE_PROTOTYPE', false);
 DEFINE('USE_SCRIPTACULOUS', false);
-DEFINE('USE_JQUERY', false);
+DEFINE('USE_JQUERY', true);
 
 /************* LAYOUT WIDTHS *************/
 DEFINE('PAGE_WIDTH', 800);
@@ -130,7 +131,7 @@ DEFINE('EDIT_SESSION_NAME', 'ADMIN_SESSION_NAME'.SERVER_NAME_HASH);
 // frontend
 DEFINE('SESSION_NAME', 'SESSION_NAME'.SERVER_NAME_HASH);
 // SET_SESSION_NAME should be set in the header if a special session name is needed
-// DEFINE('SET_SESSION_NAME', SESSION_NAME);
+DEFINE('SET_SESSION_NAME', SESSION_NAME);
 
 /************* CACHE/COMPILE IDS *************/
 DEFINE('CACHE_ID', 'CACHE_'.SERVER_NAME_HASH);
@@ -144,7 +145,14 @@ DEFINE('DEFAULT_ENCODING', 'UTF-8');
 // below two can be defined here, but they should be
 // defined in either the header file or the file itself
 /************* LOGGING *******************/
-// DEFINE('LOG_FILE_ID', '');
+DEFINE('LOG_FILE_ID', '');
+
+/************* CLASS ERRORS *******************/
+// 0 = default all OFF
+// 1 = throw notice on unset class var
+// 2 = no notice on unset class var, but do not set undefined class var
+// 3 = throw error and do not set class var
+define('CLASS_VARIABLE_ERROR_MODE', 3);
 
 /************* QUEUE TABLE *************/
 // if we have a dev/live system
@@ -159,32 +167,52 @@ DEFINE('DEV_SCHEMA', 'public');
 DEFINE('TEST_SCHEMA', 'public');
 DEFINE('LIVE_SCHEMA', 'public');
 
-/************* DB ACCESS *****************/
-if (file_exists(BASE.CONFIGS.'config.db.inc')) {
-	require BASE.CONFIGS.'config.db.inc';
-}
 /************* CORE HOST SETTINGS *****************/
-if (file_exists(BASE.CONFIGS.'config.host.inc')) {
-	require BASE.CONFIGS.'config.host.inc';
+if (file_exists(BASE.CONFIGS.'config.host.php')) {
+	require BASE.CONFIGS.'config.host.php';
+}
+if (!isset($SITE_CONFIG)) {
+	$SITE_CONFIG = array();
+}
+/************* DB ACCESS *****************/
+if (file_exists(BASE.CONFIGS.'config.db.php')) {
+	require BASE.CONFIGS.'config.db.php';
+}
+if (!isset($DB_CONFIG)) {
+	$DB_CONFIG = array();
 }
 /************* OTHER PATHS *****************/
-if (file_exists(BASE.CONFIGS.'config.path.inc')) {
-	require BASE.CONFIGS.'config.path.inc';
+if (file_exists(BASE.CONFIGS.'config.path.php')) {
+	require BASE.CONFIGS.'config.path.php';
 }
 
-// set the USE_DATABASE var, if there is nothing set, we assume TRUE
-$USE_DATABASE = defined('USE_DATABASE') ? USE_DATABASE : true;
-
 // live frontend pages
 // ** missing live domains **
 // get the name without the port
 list($HOST_NAME) = array_pad(explode(':', $_SERVER['HTTP_HOST'], 2), 2, null);
-if (!isset($DB_HOST[$HOST_NAME]) && $USE_DATABASE) {
-	echo 'No matching DB config found. Contact Admin<br>';
-	exit -1;
-}
 // set HOST name
 DEFINE('HOST_NAME', $HOST_NAME);
+// BAIL ON MISSING MASTER SITE CONFIG
+if (!isset($SITE_CONFIG[HOST_NAME]['location'])) {
+	echo 'Missing SITE_CONFIG entry for: "'.HOST_NAME.'". Contact Administrator';
+	exit;
+}
+// BAIL ON MISSING DB CONFIG:
+// we have either no db selction for this host but have db config entries
+// or we have a db selection but no db config as array or empty
+// or we have a selection but no matching db config entry
+if ((!isset($SITE_CONFIG[HOST_NAME]['db_host']) && count($DB_CONFIG)) ||
+	(isset($SITE_CONFIG[HOST_NAME]['db_host']) &&
+		// missing DB CONFIG
+		((is_array($DB_CONFIG) && !count($DB_CONFIG)) ||
+		!is_array($DB_CONFIG) ||
+		// has DB CONFIG but no match
+		(is_array($DB_CONFIG) && count($DB_CONFIG) && !isset($DB_CONFIG[$SITE_CONFIG[HOST_NAME]['db_host']])))
+	)
+) {
+	echo 'No matching DB config found for: "'.HOST_NAME.'". Contact Administrator';
+	exit;
+}
 // set SSL on
 if ((array_key_exists('HTTPS', $_SERVER) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ||
 	$_SERVER['SERVER_PORT'] == 443) {
@@ -194,26 +222,26 @@ if ((array_key_exists('HTTPS', $_SERVER) && !empty($_SERVER['HTTPS']) && $_SERVE
 	DEFINE('HOST_SSL', false);
 	DEFINE('HOST_PROTOCOL', 'http://');
 }
-// define the static names
-DEFINE('LOGIN_DB', $DB_HOST[$HOST_NAME]);
-DEFINE('MAIN_DB', $DB_HOST[$HOST_NAME]);
-DEFINE('DB_SCHEMA', $DB_PATH[$HOST_NAME]);
-// DEFINE('TARGET_DB', $DB_TARGET_HOST[$HOST_NAME]);
-// DEFINE('URL_REDIRECT_DB', $DB_URL_REDIRECT_HOST[$HOST_NAME]);
-// next three if top is not set
-// DEFINE('TEST_SCHEMA', $DB_CONFIG[MAIN_DB]['db_schema']);
-// DEFINE('DEV_SCHEMA', $DB_CONFIG[MAIN_DB]['db_schema']);
-// DEFINE('PUBLIC_SCHEMA', $DB_CONFIG[TARGET_DB]['db_schema']);
-DEFINE('LOGIN_DB_SCHEMA', PUBLIC_SCHEMA); // where the edit* tables are
-DEFINE('GLOBAL_DB_SCHEMA', PUBLIC_SCHEMA); // where global tables are that are used by all schemas (eg queue tables for online, etc)
-DEFINE('TARGET', $LOCATION[$HOST_NAME]);
+// define the db config set name, the db config and the db schema
+DEFINE('DB_CONFIG_NAME', $SITE_CONFIG[HOST_NAME]['db_host']);
+DEFINE('DB_CONFIG', isset($DB_CONFIG[DB_CONFIG_NAME]) ? $DB_CONFIG[DB_CONFIG_NAME] : array());
+// DEFINE('DB_CONFIG_TARGET', SITE_CONFIG[$HOST_NAME]['db_host_target']);
+// DEFINE('DB_CONFIG_OTHER', SITE_CONFIG[$HOST_NAME]['db_host_other']);
+// override for login and global schemas
+// DEFINE('LOGIN_DB_SCHEMA', PUBLIC_SCHEMA); // where the edit* tables are
+// DEFINE('GLOBAL_DB_SCHEMA', PUBLIC_SCHEMA); // where global tables are that are used by all schemas (eg queue tables for online, etc)
+// debug settings, site lang, etc
+DEFINE('TARGET', $SITE_CONFIG[HOST_NAME]['location']);
+DEFINE('DEBUG', $SITE_CONFIG[HOST_NAME]['debug_flag']);
+DEFINE('SITE_LANG', $SITE_CONFIG[HOST_NAME]['site_lang']);
+DEFINE('LOGIN_ENABLED', $SITE_CONFIG[HOST_NAME]['login_enabled']);
+// paths
 // DEFINE('CSV_PATH', $PATHS[TARGET]['csv_path']);
 // DEFINE('EXPORT_SCRIPT', $PATHS[TARGET]['perl_bin']);
 // DEFINE('REDIRECT_URL', $PATHS[TARGET]['redirect_url']);
-DEFINE('DEBUG', $DEBUG_FLAG[$HOST_NAME]);
-DEFINE('SITE_LANG', $SITE_LANG[$HOST_NAME]);
 
-DEFINE('SHOW_ALL_ERRORS', true); // show all errors if debug_all & show_error_handling are enabled
+// show all errors if debug_all & show_error_handling are enabled
+DEFINE('SHOW_ALL_ERRORS', true);
 
 /************* GENERAL PAGE TITLE ********/
 DEFINE('G_TITLE', '<OVERALL FALLBACK PAGE TITLE>');
@@ -230,7 +258,7 @@ DEFINE('JAVASCRIPT', 'frontend.js');
 //	DEFINE('SOME_ID', <SOME VALUE>);
 
 /************* CONVERT *******************/
-$paths = array (
+$paths = array(
 	'/bin',
 	'/usr/bin',
 	'/usr/local/bin'
@@ -245,16 +273,19 @@ foreach ($paths as $path) {
 
 // turn off debug if debug flag is OFF
 if (defined('DEBUG') && DEBUG == false) {
-	$ECHO_ALL = 0;
-	$DEBUG_ALL = 0;
-	$PRINT_ALL = 0;
-	$DB_DEBUG = 0;
-	$ENABLE_ERROR_HANDLING = 0;
+	$ECHO_ALL = false;
+	$DEBUG_ALL = false;
+	$PRINT_ALL = false;
+	$DB_DEBUG = false;
+	$ENABLE_ERROR_HANDLING = false;
+	$DEBUG_ALL_OVERRIDE = false;
 } else {
-	$ECHO_ALL = 0;
-	$DEBUG_ALL = 1;
-	$PRINT_ALL = 1;
-	$DB_DEBUG = 1;
+	$ECHO_ALL = false;
+	$DEBUG_ALL = true;
+	$PRINT_ALL = true;
+	$DB_DEBUG = true;
+	$ENABLE_ERROR_HANDLING = false;
+	$DEBUG_ALL_OVERRIDE = false;
 }
 
 // read auto loader

www/configs/config.path.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2018/10/11
@@ -10,8 +10,12 @@
 
 // File and Folder paths
 // ID is TARGET (first array element)
-//	$PATHS['test']['csv_path'] = '';
-//	$PATHS['test']['perl_bin'] = '';
-//	$PATHS['test']['redirect_url'] = '';
+/*$PATHS = array(
+	'test' => array(
+		'csv_path' => '',
+		'perl_bin' => '',
+		'other_url' => '',
+	)
+)*/
 
 // __END__

www/configs/config.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2018/10/11
@@ -12,8 +12,8 @@ define('CONFIG_PATH', 'configs'.DIRECTORY_SEPARATOR);
 $CONFIG_PATH_PREFIX = '';
 for ($dir_pos = 0, $dir_max = count(explode(DIRECTORY_SEPARATOR, __DIR__)); $dir_pos <= $dir_max; $dir_pos ++) {
 	$CONFIG_PATH_PREFIX .= '..'.DIRECTORY_SEPARATOR;
-	if (file_exists($CONFIG_PATH_PREFIX.CONFIG_PATH.'config.inc')) {
-		require $CONFIG_PATH_PREFIX.CONFIG_PATH.'config.inc';
+	if (file_exists($CONFIG_PATH_PREFIX.CONFIG_PATH.'config.master.php')) {
+		require $CONFIG_PATH_PREFIX.CONFIG_PATH.'config.master.php';
 		break;
 	}
 }
@@ -22,7 +22,7 @@ if (!defined('DS')) {
 	exit('Base config unloadable');
 }
 // find trigger name "admin/" or "frontend/" in the getcwd() folder
-foreach (array ('admin', 'frontend') as $folder) {
+foreach (array('admin', 'frontend') as $folder) {
 	if (strstr(getcwd(), DS.$folder)) {
 		define('CONTENT_PATH', $folder.DS);
 		break;

www/frontend/index.php

@@ -1,3 +1,3 @@
-<?php
+<?php declare(strict_types=1);
 
 require 'config.php';

www/includes/Date.Vars.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2005/07/19
@@ -7,7 +7,7 @@
 * HISTORY:
 *********************************************************************/
 
-$day_short = array (
+$day_short = array(
 	1 => 'Mon',
 	2 => 'Tue',
 	3 => 'Wed',
@@ -17,7 +17,7 @@ $day_short = array (
 	7 => 'Sun'
 );
 
-$day_long = array (
+$day_long = array(
 	1 => 'Monday',
 	2 => 'Tuesday',
 	3 => 'Wednesday',
@@ -28,7 +28,7 @@ $day_long = array (
 );
 
 // months
-$month_long = array (
+$month_long = array(
 	1 => 'January',
 	2 => 'February',
 	3 => 'March',
@@ -43,7 +43,7 @@ $month_long = array (
 	12 => 'December'
 );
 
-$month_short = array (
+$month_short = array(
 	1 => 'Jan',
 	2 => 'Feb',
 	3 => 'Mar',

www/includes/admin_footer.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2008/08/14

www/includes/admin_header.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2008/08/01
@@ -10,11 +10,11 @@
 //------------------------------ variable init start
 // for dev test we set full error reporting; writes everything, except E_ERROR into logs/php_error-<day>.log
 if ($DEBUG_ALL && $ENABLE_ERROR_HANDLING) {
-	include BASE.LIBS."Error.Handling.inc";
+	include BASE.LIBS."Error.Handling.php";
 }
 // predefine vars
 $lang = '';
-$messages = array ();
+$messages = array();
 // import all POST vars
 extract($_POST, EXTR_SKIP);
 //------------------------------ variable init end
@@ -22,9 +22,17 @@ extract($_POST, EXTR_SKIP);
 //------------------------------ library include start
 // set output to quiet for load of classes & session settings
 ob_start();
+// set the session name
+$SET_SESSION_NAME = EDIT_SESSION_NAME;
 //------------------------------ library include end
 
 //------------------------------ basic variable settings start
+if (!isset($AJAX_PAGE)) {
+	$AJAX_PAGE = false;
+}
+if (!isset($ZIP_STREAM)) {
+	$ZIP_STREAM = false;
+}
 // set encoding
 if (!isset($encoding)) {
 	$encoding = DEFAULT_ENCODING;
@@ -36,7 +44,7 @@ if (session_id() && $_SESSION['DEFAULT_LANG']) {
 	$lang = defined('SITE_LANG') ? SITE_LANG : DEFAULT_LANG;
 }
 // end the stop of the output flow, but only if we didn't request a csv file download
-if (array_key_exists('action', $_POST) && $_POST['action'] != 'download_csv') {
+if (isset($_POST['action']) && $_POST['action'] != 'download_csv' && !$AJAX_PAGE) {
 	header("Content-type: text/html; charset=".$encoding);
 }
 if ($AJAX_PAGE && !$ZIP_STREAM) {
@@ -46,7 +54,7 @@ if ($AJAX_PAGE && !$ZIP_STREAM) {
 
 //------------------------------ class init start
 // login & page access check
-$login = new CoreLibs\ACL\Login($DB_CONFIG[LOGIN_DB], $lang);
+$login = new CoreLibs\ACL\Login(DB_CONFIG, $lang);
 // post login lang check
 if ($_SESSION['DEFAULT_LANG']) {
 	$lang = $_SESSION['DEFAULT_LANG'];
@@ -54,7 +62,7 @@ if ($_SESSION['DEFAULT_LANG']) {
 // create smarty object
 $smarty = new CoreLibs\Template\SmartyExtend($lang);
 // create new DB class
-$cms = new CoreLibs\Admin\Backend($DB_CONFIG[MAIN_DB], $lang);
+$cms = new CoreLibs\Admin\Backend(DB_CONFIG, $lang);
 // the menu show flag (what menu to show)
 $cms->menu_show_flag = 'main';
 // db nfo
@@ -68,7 +76,7 @@ ob_end_flush();
 //------------------------------ logging start
 // log backend data
 // data part creation
-$data = array (
+$data = array(
 	'_SESSION' => $_SESSION,
 	'_GET' => $_GET,
 	'_POST' => $_POST,
@@ -84,18 +92,18 @@ if (!$login->login) {
 //------------------------------ page rights start
 // flag if to show the edit access id drop down list
 // check if we have more than one EA ID
-$cms->DATA['show_ea_extra'] = $login->acl['acl']['show_ea_extra'];
+$cms->DATA['show_ea_extra'] = isset($login->acl['show_ea_extra']) ? $login->acl['show_ea_extra'] : false;
 //------------------------------ page rights ned
 
 // automatic hide for DEBUG messages on live server
 // can be overridden when setting DEBUG_ALL_OVERRIDE on top of the script (for emergency debugging of one page only)
 if ((TARGET == 'live' || TARGET == 'remote') && !$DEBUG_ALL_OVERRIDE) {
-	$login->debug_output_all = 0;
-	$login->echo_output_all = 0;
-	$login->print_output_all = 0;
-	$cms->debug_output_all = 0;
-	$cms->echo_output_all = 0;
-	$cms->print_output_all = 0;
+	$login->debug_output_all = false;
+	$login->echo_output_all = false;
+	$login->print_output_all = false;
+	$cms->debug_output_all = false;
+	$cms->echo_output_all = false;
+	$cms->print_output_all = false;
 }
 $cms->DATA['JS_DEBUG'] = DEBUG;
 

www/includes/admin_set_paths.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2007/09/03
@@ -29,25 +29,25 @@ if (isset($_SESSION['DEFAULT_LANG'])) {
 $lang_short = substr($lang, 0, 2);
 
 // set include & template names
-$PAGE_FILE_NAME = str_replace(".php", "", $cms->page_name);
+$PAGE_FILE_NAME = str_replace('.php', '', $cms->page_name);
 // set include & template names
 if (!isset($CONTENT_INCLUDE)) {
 	$CONTENT_INCLUDE = $PAGE_FILE_NAME.'.tpl';
 }
-$FORM_NAME = !isset($FORM_NAME) || !$FORM_NAME ? str_replace(".php", "", $cms->page_name) : $FORM_NAME;
+$FORM_NAME = !isset($FORM_NAME) || !$FORM_NAME ? str_replace('.php', '', $cms->page_name) : $FORM_NAME;
 // set local page title
-$L_TITLE = ucfirst(str_replace('_', ' ', $cms->getPageName(1))).' - '.$G_TITLE;
-// strip tpl and replace it with inc
+$L_TITLE = ucfirst(str_replace('_', ' ', $cms->getPageName(1))).(defined(G_TITLE) ? ' - '.G_TITLE : '');
+// strip tpl and replace it with php
 // php include file per page
-$cms->INC_TEMPLATE_NAME = str_replace(".tpl", ".inc", $CONTENT_INCLUDE);
+$cms->INC_TEMPLATE_NAME = str_replace('.tpl', '.php', $CONTENT_INCLUDE);
 // javascript include per page
-$cms->JS_TEMPLATE_NAME = str_replace(".tpl", ".js", $CONTENT_INCLUDE);
+$cms->JS_TEMPLATE_NAME = str_replace('.tpl', '.js', $CONTENT_INCLUDE);
 // css per page
-$cms->CSS_TEMPLATE_NAME = str_replace(".tpl", ".css", $CONTENT_INCLUDE);
+$cms->CSS_TEMPLATE_NAME = str_replace('.tpl', '.css', $CONTENT_INCLUDE);
 // special CSS file
-$cms->CSS_SPECIAL_TEMPLATE_NAME = $CSS_NAME;
+$cms->CSS_SPECIAL_TEMPLATE_NAME = isset($CSS_NAME) ? $CSS_NAME : '';
 // special JS file
-$cms->JS_SPECIAL_TEMPLATE_NAME = $JS_NAME;
+$cms->JS_SPECIAL_TEMPLATE_NAME = isset($JS_NAME) ? $JS_NAME : '';
 // compile & cache id
 $cms->CACHE_ID = isset($CACHE_ID) ? $CACHE_ID : CACHE_ID;
 $cms->COMPILE_ID = isset($COMPILE_ID) ? $COMPILE_ID : CACHE_ID;
@@ -78,7 +78,7 @@ if (file_exists($cms->includes.$cms->INC_TEMPLATE_NAME) &&
 	include($cms->includes.$cms->INC_TEMPLATE_NAME);
 }
 // only CSS/JS/etc include stuff if we have non AJAX page
-if (!$AJAX_PAGE) {
+if (isset($AJAX_PAGE) && !$AJAX_PAGE) {
 	// check for template include
 	if (isset($USE_INCLUDE_TEMPLATE) && $USE_INCLUDE_TEMPLATE === true && !isset($TEMPLATE_NAME)) {
 		$TEMPLATE_NAME = $CONTENT_INCLUDE;
@@ -120,6 +120,7 @@ if (!$AJAX_PAGE) {
 
 // if the lang folder is different to the default one
 // if the default lang is not like the lang given, switch lang
+/** @phan-suppress-next-line PhanParamSuspiciousOrder */
 if (false === strstr(BASE.INCLUDES.LANG.CONTENT_PATH, $cms->lang_dir) ||
 	strcasecmp(defined('SITE_LANG') ? SITE_LANG : DEFAULT_LANG, $lang)
 ) {
@@ -135,9 +136,9 @@ if (false === strstr(BASE.INCLUDES.LANG.CONTENT_PATH, $cms->lang_dir) ||
 	}
 }
 
-if (!$AJAX_PAGE) {
+if (isset($AJAX_PAGE) && !$AJAX_PAGE) {
 	// javascript translate data as template for auto translate
-	if (!$TEMPLATE_TRANSLATE) {
+	if (empty($TEMPLATE_TRANSLATE)) {
 		$TEMPLATE_TRANSLATE = 'jsTranslate_'.$lang.'.tpl';
 		$cms->debug('LANG', 'Load lang: '.$lang.', for page file '.$TEMPLATE_TRANSLATE);
 	} else {

www/includes/admin_smarty.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2005/07/12
@@ -16,6 +16,31 @@ if ($cms->HEADER['USE_PROTOTYPE']) {
 // jquery and prototype should not be used together
 $cms->HEADER['USE_JQUERY'] = isset($USE_JQUERY) ? $USE_JQUERY : USE_JQUERY; // don't use either of those two together
 
+// check if we have an external file with the template name
+if (file_exists($cms->includes.$cms->INC_TEMPLATE_NAME) && is_file($cms->includes.$cms->INC_TEMPLATE_NAME)) {
+	include($cms->includes.$cms->INC_TEMPLATE_NAME);
+}
+// additional per page Javascript include
+$cms->JS_INCLUDE = '';
+if (file_exists($cms->javascript.$cms->JS_TEMPLATE_NAME) && is_file($cms->javascript.$cms->JS_TEMPLATE_NAME)) {
+	$cms->JS_INCLUDE = $cms->javascript.$cms->JS_TEMPLATE_NAME;
+}
+// per page css file
+$cms->CSS_INCLUDE = '';
+if (file_exists($cms->css.$cms->CSS_TEMPLATE_NAME) && is_file($cms->css.$cms->CSS_TEMPLATE_NAME)) {
+	$cms->CSS_INCLUDE = $cms->css.$cms->CSS_TEMPLATE_NAME;
+}
+// optional CSS file
+$cms->CSS_SPECIAL_INCLUDE = '';
+if (file_exists($cms->css.$cms->CSS_SPECIAL_TEMPLATE_NAME) && is_file($cms->css.$cms->CSS_SPECIAL_TEMPLATE_NAME)) {
+	$cms->CSS_SPECIAL_INCLUDE = $cms->css.$cms->CSS_SPECIAL_TEMPLATE_NAME;
+}
+// optional JS file
+$cms->JS_SPECIAL_INCLUDE = '';
+if (file_exists($cms->javascript.$cms->JS_SPECIAL_TEMPLATE_NAME) && is_file($cms->javascript.$cms->JS_SPECIAL_TEMPLATE_NAME)) {
+	$cms->JS_SPECIAL_INCLUDE = $cms->javascript.$cms->JS_SPECIAL_TEMPLATE_NAME;
+}
+
 // the actual include files for javascript (per page)
 $cms->HEADER['JS_INCLUDE'] = $cms->JS_INCLUDE;
 $cms->HEADER['CSS_INCLUDE'] = $cms->CSS_INCLUDE;
@@ -44,16 +69,26 @@ $cms->DATA['messages'] = $cms->messages;
 
 // top menu
 $cms->DATA['nav_menu'] = $cms->adbTopMenu();
+$cms->DATA['nav_menu_count'] = is_array($cms->DATA['nav_menu']) ? count($cms->DATA['nav_menu']) : 0;
 // the page name
 $cms->DATA['page_name'] = $cms->page_name;
 // user name
 $cms->DATA['USER_NAME'] = $_SESSION['USER_NAME'];
+$cms->DATA['ADMIN'] = $login->acl['admin'];
 // the template part to include into the body
 $cms->DATA['TEMPLATE_NAME'] = $TEMPLATE_NAME;
 $cms->DATA['CONTENT_INCLUDE'] = $CONTENT_INCLUDE;
+$cms->DATA['TEMPLATE_TRANSLATE'] = $TEMPLATE_TRANSLATE;
+$cms->DATA['PAGE_FILE_NAME'] = $PAGE_FILE_NAME;
 // LANG
 $cms->DATA['LANG'] = $lang;
 $cms->DATA['TINYMCE_LANG'] = $lang_short;
+// form name
+$cms->DATA['FORM_NAME'] = $FORM_NAME;
+// include flags
+$cms->DATA['USE_TINY_MCE'] = isset($USE_TINY_MCE) ? $USE_TINY_MCE : false;
+$cms->DATA['JS_DATEPICKR'] = isset($JS_DATEPICKR) ? $JS_DATEPICKR : false;
+$cms->DATA['JS_FLATPICKR'] = isset($JS_FLATPICKR) ? $JS_FLATPICKR : false;
 
 // debug data, if DEBUG flag is on, this data is print out
 $cms->DEBUG_DATA['debug_error_msg'] = $cms->runningTime();

www/includes/edit_base.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /********************************************************************
 * AUTHOR: Clemens "Gullevek" Schwaighofer (www.gullevek.org)
 * CREATED: 2003/06/10
@@ -24,14 +24,10 @@ $DB_DEBUG = 1;
 // TODO: only extract _POST data that is needed
 extract($_POST, EXTR_SKIP);
 
-$table_width = '100%';
-// this is for certain CMS modules that set a relative path
-define('REL_PATH', '');
-
 ob_start();
 require 'config.php';
 // set session name here
-define('SET_SESSION_NAME', EDIT_SESSION_NAME);
+$SET_SESSION_NAME = EDIT_SESSION_NAME;
 // overrride debug flags
 if (!DEBUG)	{
 	$DEBUG_ALL = 0;
@@ -41,16 +37,16 @@ if (!DEBUG)	{
 }
 
 // set default lang if not set otherwise
-if (!$lang) {
+if (!isset($lang)) {
 	$lang = DEFAULT_LANG;
 }
 // should be utf8
 header("Content-type: text/html; charset=".DEFAULT_ENCODING);
 ob_end_flush();
-$login = new CoreLibs\ACL\Login($DB_CONFIG[LOGIN_DB], $lang);
+$login = new CoreLibs\ACL\Login(DB_CONFIG, $lang);
 
 // create form class
-$form = new CoreLibs\Output\Form\Generate($DB_CONFIG[MAIN_DB], $lang);
+$form = new CoreLibs\Output\Form\Generate(DB_CONFIG, $lang);
 if ($form->mobile_phone) {
 	echo "I am sorry, but this page cannot be viewed by a mobile phone";
 	exit;
@@ -58,6 +54,8 @@ if ($form->mobile_phone) {
 // smarty template engine (extended Translation version)
 $smarty = new CoreLibs\Template\SmartyExtend($lang);
 
+// $form->debug('POST', $form->printAr($_POST));
+
 if (TARGET == 'live' || TARGET == 'remote') {
 	// login
 	$login->debug_output_all = DEBUG ? 1 : 0;
@@ -68,6 +66,12 @@ if (TARGET == 'live' || TARGET == 'remote') {
 	$form->echo_output_all = 0;
 	$form->print_output_all = DEBUG ? 1 : 0;
 }
+// space for setting special debug flags
+$login->debug_output_all = 1;
+// set smarty arrays
+$HEADER = array();
+$DATA = array();
+$DEBUG_DATA = array();
 // set the template dir
 // WARNING: this has a special check for the mailing tool layout (old layout)
 if (defined('LAYOUT')) {
@@ -79,32 +83,8 @@ if (defined('LAYOUT')) {
 	$DATA['css'] = CSS;
 	$DATA['js'] = JS;
 }
-
-// space for setting special debug flags
-$login->debug_output_all = 1;
-
-// define edit logging function. should be in a special edit interface class later
-// METHOD: EditLog()
-// PARAMS: event -> any kind of event description, data -> any kind of data related to that event
-// RETURN: none
-// DESC:   writes all action vars plus other info into edit_log table
-function EditLog($event = '', $data = '')
-{
-	$q = "INSERT INTO edit_log ";
-	$q .= "(euid, event_date, ip, event, data, page) ";
-	$q .= "VALUES (".$_SESSION['EUID'].", NOW(), '".$_SERVER["REMOTE_ADDR"]."', '".$GLOBALS['form']->dbEscapeString($event)."', '".$GLOBALS['form']->dbEscapeString($data)."', '".$GLOBALS['form']->getPageName()."')";
-}
-
-// log backend data
-// data part creation
-$data = array (
-	'_SESSION' => $_SESSION,
-	'_GET' => $_GET,
-	'_POST' => $_POST,
-	'_FILES' => $_FILES
-);
-// log action
-EditLog('Edit Submit', serialize($data));
+// set table width
+$table_width = '100%';
 
 // define all needed smarty stuff for the general HTML/page building
 $HEADER['CSS'] = CSS;
@@ -118,20 +98,22 @@ if ($form->my_page_name == 'edit_order') {
 	// order name is _always_ order_number for the edit interface
 
 	// follwing arrays do exist here:
-	// $position ... has the positions of the array (0..max), cause in a <select>
+	// $position ... has the positions of the array(0..max), cause in a <select>
 	//               I can't put an number into the array field, in this array,
 	//               there are the POSITION stored, that should CHANGE there order (up/down)
 	// $row_data_id ... has ALL ids from the sorting part
 	// $row_data_order ... has ALL order positions from the soirting part
-	if (!is_array($position)) {
-		$position = array ();
+	if (!isset($position)) {
+		$position = array();
 	}
+	$row_data_id = $_POST['row_data_id'];
+	$original_id = $row_data_id;
 	if (count($position)) {
-		$original_id = $row_data_id;
+		$row_data_order = $_POST['row_data_order'];
 
 		// FIRST u have to put right sort, then read again ...
 		// hast to be >0 or the first one is selected and then there is no move
-		if ($up && $position[0] > 0) {
+		if (isset($up) && isset($position[0]) && $position[0] > 0) {
 			for ($i = 0; $i < count($position); $i++) {
 				// change position order
 				// this gets temp, id before that, gets actual (moves one "down")
@@ -139,14 +121,14 @@ if ($form->my_page_name == 'edit_order') {
 				// is done for every element in row
 				// echo "A: ".$row_data_id[$position[$i]]." (".$row_data_order[$position[$i]].") -- ".$row_data_id[$position[$i]-1]." (".$row_data_order[$position[$i]-1].")<br>";
 				$temp_id = $row_data_id[$position[$i]];
-				$row_data_id[$position[$i]] = $row_data_id[$position[$i]-1];
-				$row_data_id[$position[$i]-1] = $temp_id;
+				$row_data_id[$position[$i]] = $row_data_id[$position[$i] - 1];
+				$row_data_id[$position[$i] - 1] = $temp_id;
 				// echo "A: ".$row_data_id[$position[$i]]." (".$row_data_order[$position[$i]].") -- ".$row_data_id[$position[$i]-1]." (".$row_data_order[$position[$i]-1].")<br>";
 			} // for
 		} // if up
 
 		// the last position id from position array is not to be the count-1 of row_data_id array, or it is the last element
-		if ($down && ($position[count($position) - 1] != (count($row_data_id) - 1))) {
+		if (isset($down) && ($position[count($position) - 1] != (count($row_data_id) - 1))) {
 			for ($i = count($position) - 1; $i >= 0; $i --)	{
 				// same as up, just up in other way, starts from bottom (last element) and moves "up"
 				// element before actuel gets temp, this element, becomes element after this,
@@ -158,7 +140,9 @@ if ($form->my_page_name == 'edit_order') {
 		} // if down
 
 		// write data ... (which has to be abstrackt ...)
-		if (($up && $position[0] > 0) || ($down && ($position[count($position) - 1]!=(count($row_data_id) - 1)))) {
+		if ((isset($up) && $position[0] > 0) ||
+			(isset($down) && ($position[count($position) - 1] != (count($row_data_id) - 1)))
+		) {
 			for ($i = 0; $i < count($row_data_id); $i ++) {
 				$q = "UPDATE ".$table_name." SET order_number = ".$row_data_order[$i]." WHERE ".$table_name."_id = ".$row_data_id[$i];
 				$q = $form->dbExec($q);
@@ -168,13 +152,19 @@ if ($form->my_page_name == 'edit_order') {
 
 	// get ...
 	$q = "SELECT ".$table_name."_id, name, order_number FROM ".$table_name." ";
-	if ($where_string) {
+	if (!empty($where_string)) {
 		$q .= "WHERE $where_string ";
 	}
 	$q .= "ORDER BY order_number";
 
+	// init arrays
+	$row_data = array();
+	$options_id = array();
+	$options_name = array();
+	$options_selected = array();
+	// DB read data for menu
 	while ($res = $form->dbReturn($q)) {
-		$row_data[] = array (
+		$row_data[] = array(
 			"id" => $res[$table_name."_id"],
 			"name" => $res["name"],
 			"order" => $res["order_number"]
@@ -184,26 +174,24 @@ if ($form->my_page_name == 'edit_order') {
 	// html title
 	$HEADER['HTML_TITLE'] = $form->l->__('Edit Order');
 
+	$messages = array();
 	// error msg
-	if ($error) {
-		$messages[] = array ('msg' => $msg, 'class' => 'error', 'width' => '100%');
+	if (isset($error)) {
+		if (!isset($msg)) {
+			$msg = array();
+		}
+		$messages[] = array('msg' => $msg, 'class' => 'error', 'width' => '100%');
 	}
 	$DATA['form_error_msg'] = $messages;
 
 	// all the row data
-	$options_id = array ();
-	$options_name = array ();
-	$options_selected = array ();
-	if (!is_array($row_data)) {
-		$row_data = array ();
-	}
 	for ($i = 0; $i < count($row_data); $i ++) {
 		$options_id[] = $i;
-		$options_name[] = $row_data[$i]["name"];
+		$options_name[] = $row_data[$i]['name'];
 		// list of points to order
 		for ($j = 0; $j < count($position); $j++) {
 			// if matches, put into select array
-			if ($original_id[$position[$j]] == $row_data[$i]["id"]) {
+			if ($original_id[$position[$j]] == $row_data[$i]['id']) {
 				$options_selected[] = $i;
 			}
 		}
@@ -213,55 +201,63 @@ if ($form->my_page_name == 'edit_order') {
 	$DATA['options_selected'] = $options_selected;
 
 	// hidden list for the data (id, order number)
-	$row_data_id = array ();
-	$row_data_order = array ();
+	$row_data_id = array();
+	$row_data_order = array();
 	for ($i = 0; $i < count($row_data); $i++) {
-		$row_data_id[] = $row_data[$i]["id"];
-		$row_data_order[] = $row_data[$i]["order"];
+		$row_data_id[] = $row_data[$i]['id'];
+		$row_data_order[] = $row_data[$i]['order'];
 	}
 	$DATA['row_data_id'] = $row_data_id;
 	$DATA['row_data_order'] = $row_data_order;
 
 	// hidden names for the table & where string
 	$DATA['table_name'] = $table_name;
-	$DATA['where_string'] = $where_string;
+	$DATA['where_string'] = isset($where_string) ? $where_string : '';
 
 	$EDIT_TEMPLATE = 'edit_order.tpl';
 } else {
-	$form->formProcedureLoad(${$form->archive_pk_name});
+	// load call only if id is set
+	if (isset(${$form->archive_pk_name})) {
+		$form->formProcedureLoad(${$form->archive_pk_name});
+	}
 	$form->formProcedureNew();
 	$form->formProcedureSave();
 	$form->formProcedureDelete();
-	$form->formProcedureDeleteFromElementList($element_list, $remove_name);
+	// delete call only if those two are set
+	if (isset($element_list) && isset($remove_name)) {
+		$form->formProcedureDeleteFromElementList($element_list, $remove_name);
+	}
 
 	$DATA['table_width'] = $table_width;
 
+	$messages = array();
 	// write out error / status messages
 	$messages[] = $form->formPrintMsg();
 	$DATA['form_error_msg'] = $messages;
 
 	// MENU START
 	// request some session vars
-	if (!$HEADER_COLOR) {
-		$DATA['HEADER_COLOR'] = "#E0E2FF";
+	if (!isset($HEADER_COLOR)) {
+		$DATA['HEADER_COLOR'] = '#E0E2FF';
 	} else {
 		$DATA['HEADER_COLOR'] = $_SESSION['HEADER_COLOR'];
 	}
-	$DATA['USER_NAME'] = $_SESSION["USER_NAME"];
-	$DATA['EUID'] = $_SESSION["EUID"];
-	$DATA['GROUP_NAME'] = $_SESSION["GROUP_NAME"];
-	$DATA['GROUP_LEVEL'] = $_SESSION["GROUP_LEVEL"];
-	$PAGES = $_SESSION["PAGES"];
+	$DATA['USER_NAME'] = $_SESSION['USER_NAME'];
+	$DATA['EUID'] = $_SESSION['EUID'];
+	$DATA['GROUP_NAME'] = $_SESSION['GROUP_NAME'];
+	$DATA['GROUP_LEVEL'] = $_SESSION['GROUP_ACL_LEVEL'];
+	$PAGES = $_SESSION['PAGES'];
 
 	//$form->debug('menu', $form->printAr($PAGES));
 
 	// build nav from $PAGES ...
-	if (!is_array($PAGES)) {
-		$PAGES = array ();
+	if (!isset($PAGES) || !is_array($PAGES)) {
+		$PAGES = array();
 	}
-	for ($i = 0, $i_max = count($PAGES); $i < $i_max; $i ++) {
-		if ($PAGES[$i]["menu"] && $PAGES[$i]["online"]) {
-			$menuarray[] = $PAGES[$i];
+	$menuarray = array();
+	foreach ($PAGES as $PAGE_CUID => $PAGE_DATA) {
+		if ($PAGE_DATA['menu'] && $PAGE_DATA['online']) {
+			$menuarray[] = $PAGE_DATA;
 		}
 	}
 
@@ -276,34 +272,45 @@ if ($form->my_page_name == 'edit_order') {
 		}
 	}
 
+	$position = 0;
+	$menu_data = array();
 	for ($i = 1; $i <= count($menuarray); $i ++) {
 		// do that for new array
 		$j = $i - 1;
-		$menu_data[$j]['pagename'] = htmlentities($menuarray[($i-1)]["page_name"]);
-		$menu_data[$j]['filename'] = $menuarray[($i-1)]["filename"].$menuarray[($i-1)]["query_string"];
-		if ($i == 1 || !(($i - 1) % $SPLIT_FACTOR)) {
+		$menu_data[$j]['pagename'] = htmlentities($menuarray[($i-1)]['page_name']);
+		$menu_data[$j]['filename'] = $menuarray[($i-1)]['filename'].(isset($menuarray[$j]['query_string']) ? $menuarray[$j]['query_string'] : '');
+		if ($i == 1 || !($j % $SPLIT_FACTOR)) {
 			$menu_data[$j]['splitfactor_in'] = 1;
+		} else {
+			$menu_data[$j]['splitfactor_in'] = 0;
 		}
-		if ($menuarray[($i - 1)]["filename"] == $form->getPageName()) {
-			$position = $i - 1;
+		if ($menuarray[$j]['filename'] == $form->getPageName()) {
+			$position = $j;
 			$menu_data[$j]['position'] = 1;
+			$menu_data[$j]['popup'] = 0;
 		} else {
 			// add query stuff
 			// HAS TO DONE LATER ... set urlencode, etc ...
 			// check if popup needed
-			if ($menuarray[($i - 1)]["popup"]) {
+			if (isset($menuarray[$j]['popup']) && $menuarray[$j]['popup'] == 1) {
 				$menu_data[$j]['popup'] = 1;
-				$menu_data[$j]['rand'] = uniqid(rand());
-				$menu_data[$j]['width'] = $menuarray[($i-1)]["popup_x"];
-				$menu_data[$j]['height'] = $menuarray[($i-1)]["popup_y"];
-			} // popup or not
+				$menu_data[$j]['rand'] = uniqid((string)rand());
+				$menu_data[$j]['width'] = $menuarray[$j]['popup_x'];
+				$menu_data[$j]['height'] = $menuarray[$j]['popup_y'];
+			} else {
+				$menu_data[$j]['popup'] = 0;
+			}
+			$menu_data[$j]['position'] = 0;
 		} // highlight or not
 		if (!($i % $SPLIT_FACTOR) || (($i + 1) > count($menuarray))) {
 			$menu_data[$j]['splitfactor_out'] = 1;
-		} // split
+		} else {
+			$menu_data[$j]['splitfactor_out'] = 0;
+		}
 	} // for
+	// $form->debug('MENU ARRAY', $form->printAr($menu_data));
 	$DATA['menu_data'] = $menu_data;
-	$DATA['page_name'] = $menuarray[$position]["page_name"];
+	$DATA['page_name'] = $menuarray[$position]['page_name'];
 	$L_TITLE = $DATA['page_name'];
 	// html title
 	$HEADER['HTML_TITLE'] = $form->l->__($L_TITLE);
@@ -315,115 +322,124 @@ if ($form->my_page_name == 'edit_order') {
 	if ($form->yes) {
 		$DATA['form_yes'] = $form->yes;
 		$DATA['form_my_page_name'] = $form->my_page_name;
-
+		$DATA['filename_exist'] = 0;
+		$DATA['drop_down_input'] = 0;
+		$elements = array();
 		// depending on the "getPageName()" I show different stuff
 		switch ($form->my_page_name) {
-			case "edit_users":
-				$elements[] = $form->formCreateElement("login_error_count");
-				$elements[] = $form->formCreateElement("login_error_date_last");
-				$elements[] = $form->formCreateElement("login_error_date_first");
-				$elements[] = $form->formCreateElement("enabled");
-				$elements[] = $form->formCreateElement("protected");
-				$elements[] = $form->formCreateElement("username");
-				$elements[] = $form->formCreateElement("password");
-				$elements[] = $form->formCreateElement("password_change_interval");
-				$elements[] = $form->formCreateElement("email");
-				$elements[] = $form->formCreateElement("last_name");
-				$elements[] = $form->formCreateElement("first_name");
-				$elements[] = $form->formCreateElement("edit_group_id");
-				$elements[] = $form->formCreateElement("edit_access_right_id");
-				$elements[] = $form->formCreateElement("strict");
-				$elements[] = $form->formCreateElement("locked");
-				$elements[] = $form->formCreateElement("admin");
-				$elements[] = $form->formCreateElement("debug");
-				$elements[] = $form->formCreateElement("db_debug");
-				$elements[] = $form->formCreateElement("edit_language_id");
-				$elements[] = $form->formCreateElement("edit_scheme_id");
-				$elements[] = $form->formCreateElementListTable("edit_access_user");
+			case 'edit_users':
+				$elements[] = $form->formCreateElement('login_error_count');
+				$elements[] = $form->formCreateElement('login_error_date_last');
+				$elements[] = $form->formCreateElement('login_error_date_first');
+				$elements[] = $form->formCreateElement('enabled');
+				$elements[] = $form->formCreateElement('protected');
+				$elements[] = $form->formCreateElement('username');
+				$elements[] = $form->formCreateElement('password');
+				$elements[] = $form->formCreateElement('password_change_interval');
+				$elements[] = $form->formCreateElement('email');
+				$elements[] = $form->formCreateElement('last_name');
+				$elements[] = $form->formCreateElement('first_name');
+				$elements[] = $form->formCreateElement('edit_group_id');
+				$elements[] = $form->formCreateElement('edit_access_right_id');
+				$elements[] = $form->formCreateElement('strict');
+				$elements[] = $form->formCreateElement('locked');
+				$elements[] = $form->formCreateElement('admin');
+				$elements[] = $form->formCreateElement('debug');
+				$elements[] = $form->formCreateElement('db_debug');
+				$elements[] = $form->formCreateElement('edit_language_id');
+				$elements[] = $form->formCreateElement('edit_scheme_id');
+				$elements[] = $form->formCreateElementListTable('edit_access_user');
+				$elements[] = $form->formCreateElement('additional_acl');
 				break;
-			case "edit_schemes":
-				$elements[] = $form->formCreateElement("enabled");
-				$elements[] = $form->formCreateElement("name");
-				$elements[] = $form->formCreateElement("header_color");
-				$elements[] = $form->formCreateElement("template");
+			case 'edit_schemes':
+				$elements[] = $form->formCreateElement('enabled');
+				$elements[] = $form->formCreateElement('name');
+				$elements[] = $form->formCreateElement('header_color');
+				$elements[] = $form->formCreateElement('template');
 				break;
-			case "edit_pages":
-				if (!$form->table_array["edit_page_id"]["value"]) {
+			case 'edit_pages':
+				if (!isset($form->table_array['edit_page_id']['value'])) {
 					$q = "DELETE FROM temp_files";
 					$form->dbExec($q);
 					// gets all files in the current dir ending with .php
-					$crap = exec("ls *.php", $output, $status);
+					$crap = exec('ls *.php', $output, $status);
 					// now get all that are NOT in de DB
 					$q = "INSERT INTO temp_files VALUES ";
 					for ($i = 0; $i < count($output); $i ++) {
 						$t_q = "('".$form->dbEscapeString($output[$i])."')";
 						$form->dbExec($q.$t_q, 'NULL');
 					}
-					$elements[] = $form->formCreateElement("filename");
+					$elements[] = $form->formCreateElement('filename');
 				} else {
 					// show file menu
 					// just show name of file ...
 					$DATA['filename_exist'] = 1;
-					$DATA['filename'] = $form->table_array["filename"]["value"];
+					$DATA['filename'] = $form->table_array['filename']['value'];
 				} // File Name View IF
-				$elements[] = $form->formCreateElement("name");
-				// $elements[] = $form->formCreateElement("tag");
-				// $elements[] = $form->formCreateElement("min_acl");
-				$elements[] = $form->formCreateElement("order_number");
-				$elements[] = $form->formCreateElement("online");
-				$elements[] = $form->formCreateElement("menu");
-				$elements[] = $form->formCreateElementListTable("edit_query_string");
-				$elements[] = $form->formCreateElement("popup");
-				$elements[] = $form->formCreateElement("popup_x");
-				$elements[] = $form->formCreateElement("popup_y");
-				$elements[] = $form->formCreateElementReferenceTable("edit_visible_group");
-				$elements[] = $form->formCreateElementReferenceTable("edit_menu_group");
+				$elements[] = $form->formCreateElement('name');
+				// $elements[] = $form->formCreateElement('tag');
+				// $elements[] = $form->formCreateElement('min_acl');
+				$elements[] = $form->formCreateElement('order_number');
+				$elements[] = $form->formCreateElement('online');
+				$elements[] = $form->formCreateElement('menu');
+				$elements[] = $form->formCreateElementListTable('edit_query_string');
+				$elements[] = $form->formCreateElement('content_alias_edit_page_id');
+				$elements[] = $form->formCreateElementListTable('edit_page_content');
+				$elements[] = $form->formCreateElement('popup');
+				$elements[] = $form->formCreateElement('popup_x');
+				$elements[] = $form->formCreateElement('popup_y');
+				$elements[] = $form->formCreateElementReferenceTable('edit_visible_group');
+				$elements[] = $form->formCreateElementReferenceTable('edit_menu_group');
 				break;
-			case "edit_languages":
-				$elements[] = $form->formCreateElement("enabled");
-				$elements[] = $form->formCreateElement("short_name");
-				$elements[] = $form->formCreateElement("long_name");
-				$elements[] = $form->formCreateElement("iso_name");
+			case 'edit_languages':
+				$elements[] = $form->formCreateElement('enabled');
+				$elements[] = $form->formCreateElement('short_name');
+				$elements[] = $form->formCreateElement('long_name');
+				$elements[] = $form->formCreateElement('iso_name');
 				break;
-			case "edit_groups":
-				$elements[] = $form->formCreateElement("enabled");
-				$elements[] = $form->formCreateElement("name");
-				$elements[] = $form->formCreateElement("edit_access_right_id");
-				$elements[] = $form->formCreateElement("edit_scheme_id");
-				$elements[] = $form->formCreateElementListTable("edit_page_access");
+			case 'edit_groups':
+				$elements[] = $form->formCreateElement('enabled');
+				$elements[] = $form->formCreateElement('name');
+				$elements[] = $form->formCreateElement('edit_access_right_id');
+				$elements[] = $form->formCreateElement('edit_scheme_id');
+				$elements[] = $form->formCreateElementListTable('edit_page_access');
+				$elements[] = $form->formCreateElement('additional_acl');
 				break;
-			case "edit_visible_group":
-				$elements[] = $form->formCreateElement("name");
-				$elements[] = $form->formCreateElement("flag");
+			case 'edit_visible_group':
+				$elements[] = $form->formCreateElement('name');
+				$elements[] = $form->formCreateElement('flag');
 				break;
-			case "edit_menu_group":
-				$elements[] = $form->formCreateElement("name");
-				$elements[] = $form->formCreateElement("flag");
-				$elements[] = $form->formCreateElement("order_number");
+			case 'edit_menu_group':
+				$elements[] = $form->formCreateElement('name');
+				$elements[] = $form->formCreateElement('flag');
+				$elements[] = $form->formCreateElement('order_number');
 				break;
-			case "edit_access":
-				$elements[] = $form->formCreateElement("name");
-				$elements[] = $form->formCreateElement("enabled");
-				$elements[] = $form->formCreateElement("protected");
-				$elements[] = $form->formCreateElement("color");
-				$elements[] = $form->formCreateElement("description");
+			case 'edit_access':
+				$elements[] = $form->formCreateElement('name');
+				$elements[] = $form->formCreateElement('enabled');
+				$elements[] = $form->formCreateElement('protected');
+				$elements[] = $form->formCreateElement('color');
+				$elements[] = $form->formCreateElement('description');
 				// add name/value list here
-				$elements[] = $form->formCreateElementListTable("edit_access_data");
+				$elements[] = $form->formCreateElementListTable('edit_access_data');
+				$elements[] = $form->formCreateElement('additional_acl');
 				break;
 			default:
-				print "[No valid page definition given]";
+				print '[No valid page definition given]';
 				break;
 		}
 		// $form->debug('edit', "Elements: <pre>".$form->printAr($elements));
 		$DATA['elements'] = $elements;
 		$DATA['hidden'] = $form->formCreateHiddenFields();
 		$DATA['save_delete'] = $form->formCreateSaveDelete();
+	} else {
+		$DATA['form_yes'] = 0;
 	}
 	$EDIT_TEMPLATE = 'edit_body.tpl';
 }
 
 // debug data, if DEBUG flag is on, this data is print out
-$DEBUG_DATA['DEBUG'] = $DEBUG_TMPL;
+$DEBUG_DATA['DEBUG'] = isset($DEBUG_TMPL) ? $DEBUG_TMPL : '';
 
 // create main data array
 $CONTENT_DATA = array_merge($HEADER, $DATA, $DEBUG_DATA);

www/includes/table_arrays/array_edit_access.inc

@@ -1,99 +0,0 @@
-<?php
-
-$edit_access = array (
-	"table_array" => array (
-		"edit_access_id" => array (
-			"value" => $GLOBALS["edit_access_id"],
-			"type" => "hidden",
-			"pk" => 1
-		),
-		"name" => array (
-			"value" => $GLOBALS["name"],
-			"output_name" => $this->l->__("Access Group Name"),
-			"mandatory" => 1,
-			"type" => "text",
-			"error_check" => "alphanumericspace|unique"
-		),
-		"description" => array (
-			"value" => $GLOBALS["description"],
-			"output_name" => $this->l->__("Description"),
-			"type" => "textarea"
-		),
-		"color" => array (
-			"value" => $GLOBALS["color"],
-			"output_name" => $this->l->__("Color"),
-			"mandatory" => 0,
-			"type" => "text",
-			"size" => 6,
-			"length" => 6,
-			"error_check" => "custom",
-			"error_regex" => "/[\dA-Fa-f]{6}/",
-			"error_example" => "F6A544"
-		),
-		"enabled" => array (
-			"value" => $GLOBALS["enabled"],
-			"output_name" => "Enabled",
-			"type" => "binary",
-			"int" => 1, // OR "bool" => 1
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		),
-		"protected" => array (
-			"value" => $GLOBALS["protected"],
-			"output_name" => "Protected",
-			"type" => "binary",
-			"int" => 1,
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		)
-	),
-	"table_name" => "edit_access",
-	"load_query" => "SELECT edit_access_id, name FROM edit_access ORDER BY name",
-	"show_fields" => array (
-		array (
-			"name" => "name"
-		)
-	),
-	"element_list" => array (
-		"edit_access_data" => array (
-			"output_name" => "Edit Access Data",
-			"type" => "reference_data", # is not a sub table read and connect, but only a sub table with data
-			"max_empty" => 5, # maxium visible if no data is set, if filled add this number to visible
-			"prefix" => "ead",
-			"elements" => array (
-				"edit_access_data_id" => array (
-					"output_name" => "Activate",
-					"type" => "hidden",
-					"int" => 1,
-					"pk_id" => 1
-				),
-				"name" => array (
-					"type" => "text",
-					"error_check" => "alphanumeric|unique",
-					"output_name" => "Name"
-				),
-				"value" => array (
-					"type" => "text",
-					"output_name" => "Value"
-				),
-				"enabled" => array (
-					"type" => "checkbox",
-					"output_name" => "Activate",
-					"int" => 1,
-					"element_list" => array(1)
-				),
-				"edit_access_id" => array (
-					"int" => 1,
-					"type" => "hidden",
-					"fk_id" => 1 # reference main key from master table above
-				)
-			)
-		)
-	)
-);
-
-// __END__

www/includes/table_arrays/array_edit_access.php

@@ -0,0 +1,108 @@
+<?php declare(strict_types=1);
+
+$edit_access = array(
+	'table_array' => array(
+		'edit_access_id' => array(
+			'value' => isset($GLOBALS['edit_access_id']) ? $GLOBALS['edit_access_id'] : '',
+			'type' => 'hidden',
+			'pk' => 1
+		),
+		'name' => array(
+			'value' => isset($GLOBALS['name']) ? $GLOBALS['name'] : '',
+			'output_name' => 'Access Group Name',
+			'mandatory' => 1,
+			'type' => 'text',
+			'error_check' => 'alphanumericspace|unique'
+		),
+		'description' => array(
+			'value' => isset($GLOBALS['description']) ? $GLOBALS['description'] : '',
+			'output_name' => 'Description',
+			'type' => 'textarea'
+		),
+		'color' => array(
+			'value' => isset($GLOBALS['color']) ? $GLOBALS['color'] : '',
+			'output_name' => 'Color',
+			'mandatory' => 0,
+			'type' => 'text',
+			'size' => 6,
+			'length' => 6,
+			'error_check' => 'custom',
+			'error_regex' => "/[\dA-Fa-f]{6}/",
+			'error_example' => 'F6A544'
+		),
+		'enabled' => array(
+			'value' => isset($GLOBALS['enabled']) ? $GLOBALS['enabled'] : 0,
+			'output_name' => 'Enabled',
+			'type' => 'binary',
+			'int' => 1, // OR 'bool' => 1
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'protected' => array(
+			'value' => isset($GLOBALS['protected']) ? $GLOBALS['protected'] : 0,
+			'output_name' => 'Protected',
+			'type' => 'binary',
+			'int' => 1,
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'additional_acl' => array(
+			'value' => isset($GLOBALS['additional_acl']) ? $GLOBALS['additional_acl'] : '',
+			'output_name' => 'Additional ACL (as JSON)',
+			'type' => 'textarea',
+			'error_check' => 'json',
+			'rows' => 10,
+			'cols' => 60
+		),
+	),
+	'table_name' => 'edit_access',
+	"load_query" => "SELECT edit_access_id, name FROM edit_access ORDER BY name",
+	'show_fields' => array(
+		array(
+			'name' => 'name'
+		)
+	),
+	'element_list' => array(
+		'edit_access_data' => array(
+			'output_name' => 'Edit Access Data',
+			'delete_name' => 'remove_edit_access_data',
+			// 'type' => 'reference_data', # is not a sub table read and connect, but only a sub table with data
+			'max_empty' => 5, # maxium visible if no data is set, if filled add this number to visible
+			'prefix' => 'ead',
+			'elements' => array(
+				'name' => array(
+					'type' => 'text',
+					'error_check' => 'alphanumeric|unique',
+					'output_name' => 'Name',
+					'mandatory' => 1
+				),
+				'value' => array(
+					'type' => 'text',
+					'output_name' => 'Value'
+				),
+				'enabled' => array(
+					'type' => 'checkbox',
+					'output_name' => 'Activate',
+					'int' => 1,
+					'element_list' => array(1)
+				),
+				/*'edit_access_id' => array(
+					'int' => 1,
+					'type' => 'hidden',
+					'fk_id' => 1 # reference main key from master table above
+				),*/
+				'edit_access_data_id' => array(
+					'type' => 'hidden',
+					'int' => 1,
+					'pk_id' => 1
+				)
+			)
+		)
+	)
+);
+
+// __END__

www/includes/table_arrays/array_edit_groups.inc

@@ -1,102 +0,0 @@
-<?php
-
-$edit_groups = array (
-	"table_array" => array (
-		"edit_group_id" => array (
-			"value" => $GLOBALS["edit_group_id"],
-			"pk" => 1,
-			"type" => "hidden"
-		),
-		"enabled" => array (
-			"value" => $GLOBALS["enabled"],
-			"output_name" => "Enabled",
-			"int" => 1,
-			"type" => "binary",
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		),
-		"name" => array (
-			"value" => $GLOBALS["name"],
-			"output_name" => "Group Name",
-			"type" => "text",
-			"mandatory" => 1
-		),
-		"edit_access_right_id" => array (
-			"value" => $GLOBALS["edit_access_right_id"],
-			"output_name" => "Group Level",
-			"mandatory" => 1,
-			"int" => 1,
-			"type" => "drop_down_db",
-			"query" => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level"
-		),
-		"edit_scheme_id" => array (
-			"value" => $GLOBALS["edit_scheme_id"],
-			"output_name" => "Group Scheme",
-			"int_null" => 1,
-			"type" => "drop_down_db",
-			"query" => "SELECT edit_scheme_id, name FROM edit_scheme WHERE enabled = 1 ORDER BY name"
-		)
-	),
-	"load_query" => "SELECT edit_group_id, name, enabled FROM edit_group ORDER BY name",
-	"table_name" => "edit_group",
-	"show_fields" => array (
-		array (
-			"name" => "name"
-		),
-		array (
-			"name" => "enabled",
-			"binary" => array ("Yes", "No"),
-			"before_value" => "Enabled: "
-		)
-	),
-	"element_list" => array (
-		"edit_page_access" => array (
-			"output_name" => "Pages",
-			"mandatory" => 1,
-			"delete" => 0, // set then reference entries are deleted, else the "enable" flag is only set
-			"enable_name" => "enable_page_access",
-			"prefix" => "epa",
-			"read_data" => array (
-				"table_name" => "edit_page",
-				"pk_id" => "edit_page_id",
-				"name" => "name",
-				"order" => "order_number"
-			),
-			"elements" => array (
-				"edit_page_access_id" => array (
-					"output_name" => "Activate",
-					"type" => "hidden",
-					"int" => 1,
-					"pk_id" => 1
-				),
-				"enabled" => array (
-					"type" => "checkbox",
-					"output_name" => "Activate",
-					"int" => 1,
-					"element_list" => array(1)
-				),
-				"edit_access_right_id" => array (
-					"type" => "drop_down_db",
-					"output_name" => "Access Level",
-					"int" => 1,
-					"preset" => 1, // first of the select
-					"query" => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level"
-				),
-				"edit_page_id" => array (
-					"int" => 1,
-					"type" => "hidden"
-				)
-				/*,
-				"edit_default" => array (
-					"output_name" => "Default",
-					"type" => "radio",
-					"mandatory" => 1
-				)*/
-			)
-		) // edit pages ggroup
-	)
-);
-
-// __END__

www/includes/table_arrays/array_edit_groups.php

@@ -0,0 +1,109 @@
+<?php declare(strict_types=1);
+
+$edit_groups = array(
+	'table_array' => array(
+		'edit_group_id' => array(
+			'value' => isset($GLOBALS['edit_group_id']) ? $GLOBALS['edit_group_id'] : '',
+			'pk' => 1,
+			'type' => 'hidden'
+		),
+		'enabled' => array(
+			'value' => isset($GLOBALS['enabled']) ? $GLOBALS['enabled'] : '',
+			'output_name' => 'Enabled',
+			'int' => 1,
+			'type' => 'binary',
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'name' => array(
+			'value' => isset($GLOBALS['name']) ? $GLOBALS['name'] : '',
+			'output_name' => 'Group Name',
+			'type' => 'text',
+			'mandatory' => 1
+		),
+		'edit_access_right_id' => array(
+			'value' => isset($GLOBALS['edit_access_right_id']) ? $GLOBALS['edit_access_right_id'] : '',
+			'output_name' => 'Group Level',
+			'mandatory' => 1,
+			'int' => 1,
+			'type' => 'drop_down_db',
+			'query' => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level"
+		),
+		'edit_scheme_id' => array(
+			'value' => isset($GLOBALS['edit_scheme_id']) ? $GLOBALS['edit_scheme_id'] : '',
+			'output_name' => 'Group Scheme',
+			'int_null' => 1,
+			'type' => 'drop_down_db',
+			'query' => "SELECT edit_scheme_id, name FROM edit_scheme WHERE enabled = 1 ORDER BY name"
+		),
+		'additional_acl' => array(
+			'value' => isset($GLOBALS['additional_acl']) ? $GLOBALS['additional_acl'] : '',
+			'output_name' => 'Additional ACL (as JSON)',
+			'type' => 'textarea',
+			'error_check' => 'json',
+			'rows' => 10,
+			'cols' => 60
+		),
+	),
+	'load_query' => "SELECT edit_group_id, name, enabled FROM edit_group ORDER BY name",
+	'table_name' => 'edit_group',
+	'show_fields' => array(
+		array(
+			'name' => 'name'
+		),
+		array(
+			'name' => 'enabled',
+			'binary' => array('Yes', 'No'),
+			'before_value' => 'Enabled: '
+		)
+	),
+	'element_list' => array(
+		'edit_page_access' => array(
+			'output_name' => 'Pages',
+			'mandatory' => 1,
+			'delete' => 0, // set then reference entries are deleted, else the 'enable' flag is only set
+			'enable_name' => 'enable_page_access',
+			'prefix' => 'epa',
+			'read_data' => array(
+				'table_name' => 'edit_page',
+				'pk_id' => 'edit_page_id',
+				'name' => 'name',
+				'order' => 'order_number'
+			),
+			'elements' => array(
+				'edit_page_access_id' => array(
+					'type' => 'hidden',
+					'int' => 1,
+					'pk_id' => 1
+				),
+				'enabled' => array(
+					'type' => 'checkbox',
+					'output_name' => 'Activate',
+					'int' => 1,
+					'element_list' => array(1)
+				),
+				'edit_access_right_id' => array(
+					'type' => 'drop_down_db',
+					'output_name' => 'Access Level',
+					'int' => 1,
+					'preset' => 1, // first of the select
+					'query' => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level"
+				),
+				'edit_page_id' => array(
+					'int' => 1,
+					'type' => 'hidden'
+				)
+				/*,
+				'edit_default' => array(
+					'output_name' => 'Default',
+					'type' => 'radio',
+					'mandatory' => 1
+				)*/
+			)
+		) // edit pages ggroup
+	)
+);
+
+// __END__

www/includes/table_arrays/array_edit_languages.inc

@@ -1,75 +0,0 @@
-<?php
-
-$edit_languages=array (
-	"table_array" => array (
-		"edit_language_id" => array (
-			"value" => $GLOBALS["edit_language_id"],
-			"type" => "hidden",
-			"pk" => 1
-		),
-		"short_name" => array (
-			"value" => $GLOBALS["short_name"],
-			"output_name" => "Language (short)",
-			"mandatory" => 1,
-			"type" => "text",
-			"size" => 2,
-			"length" => 2
-		),
-		"long_name" => array (
-			"value" => $GLOBALS["long_name"],
-			"output_name" => "Language (long)",
-			"mandatory" => 1,
-			"type" => "text",
-			"size" => 40
-		),
-		"iso_name" => array (
-			"value" => $GLOBALS["iso_name"],
-			"output_name" => "ISO Code",
-			"mandatory" => 1,
-			"type" => "text"
-		),
-		"order_number" => array (
-			"value" => $GLOBALS["order_number"],
-			"int" => 1,
-			"order" => 1
-		),
-		"enabled" => array (
-			"value" => $GLOBALS["enabled"],
-			"output_name" => "Enabled",
-			"int" => 1,
-			"type" => "binary",
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		),
-		"lang_default" => array (
-			"value" => $GLOBALS["lang_default"],
-			"output_name" => "Default Language",
-			"int" => 1,
-			"type" => "binary",
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		)
-	),
-	"load_query" => "SELECT edit_language_id, long_name, iso_name, enabled FROM edit_language ORDER BY long_name",
-	"show_fields" => array (
-		array (
-			"name" => "long_name"
-		),
-		array (
-			"name" => "iso_name",
-			"before_value" => "ISO: "
-		),
-		array (
-			"name" => "enabled",
-			"before_value" => "Enabled: ",
-			"binary" => array ("Yes","No")
-		)
-	),
-	"table_name" => "edit_language"
-);
-
-// __END__

www/includes/table_arrays/array_edit_languages.php

@@ -0,0 +1,75 @@
+<?php declare(strict_types=1);
+
+$edit_languages=array(
+	'table_array' => array(
+		'edit_language_id' => array(
+			'value' => isset($GLOBALS['edit_language_id']) ? $GLOBALS['edit_language_id'] : '',
+			'type' => 'hidden',
+			'pk' => 1
+		),
+		'short_name' => array(
+			'value' => isset($GLOBALS['short_name']) ? $GLOBALS['short_name'] : '',
+			'output_name' => 'Language (short)',
+			'mandatory' => 1,
+			'type' => 'text',
+			'size' => 2,
+			'length' => 2
+		),
+		'long_name' => array(
+			'value' => isset($GLOBALS['long_name']) ? $GLOBALS['long_name'] : '',
+			'output_name' => 'Language (long)',
+			'mandatory' => 1,
+			'type' => 'text',
+			'size' => 40
+		),
+		'iso_name' => array(
+			'value' => isset($GLOBALS['iso_name']) ? $GLOBALS['iso_name'] : '',
+			'output_name' => 'ISO Code',
+			'mandatory' => 1,
+			'type' => 'text'
+		),
+		'order_number' => array(
+			'value' => isset($GLOBALS['order_number']) ? $GLOBALS['order_number'] : '',
+			'int' => 1,
+			'order' => 1
+		),
+		'enabled' => array(
+			'value' => isset($GLOBALS['enabled']) ? $GLOBALS['enabled'] : '',
+			'output_name' => 'Enabled',
+			'int' => 1,
+			'type' => 'binary',
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'lang_default' => array(
+			'value' => isset($GLOBALS['lang_default']) ? $GLOBALS['lang_default'] : '',
+			'output_name' => 'Default Language',
+			'int' => 1,
+			'type' => 'binary',
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		)
+	),
+	'load_query' => "SELECT edit_language_id, long_name, iso_name, enabled FROM edit_language ORDER BY long_name",
+	'show_fields' => array(
+		array(
+			'name' => 'long_name'
+		),
+		array(
+			'name' => 'iso_name',
+			'before_value' => 'ISO: '
+		),
+		array(
+			'name' => 'enabled',
+			'before_value' => 'Enabled: ',
+			'binary' => array('Yes','No')
+		)
+	),
+	'table_name' => 'edit_language'
+);
+
+// __END__

www/includes/table_arrays/array_edit_menu_group.inc

@@ -1,40 +0,0 @@
-<?php
-
-$edit_menu_group = array (
-	"table_array" => array (
-		"edit_menu_group_id" => array (
-			"value" => $GLOBALS["edit_menu_group_id"],
-			"type" => "hidden",
-			"pk" => 1
-		),
-		"name" => array (
-			"value" => $GLOBALS["name"],
-			"output_name" => $this->l->__("Group name"),
-			"mandatory" => 1,
-			"type" => "text"
-		),
-		"flag" => array (
-			"value" => $GLOBALS["flag"],
-			"output_name" => $this->l->__("Flag"),
-			"mandatory" => 1,
-			"type" => "text",
-			"error_check" => "alphanumeric|unique"
-		),
-		"order_number" => array (
-			"value" => $GLOBALS["order_number"],
-			"output_name" => "Group order",
-			"type" => "order",
-			"int" => 1,
-			"order" => 1
-		)
-	),
-	"table_name" => "edit_menu_group",
-	"load_query" => "SELECT edit_menu_group_id, name FROM edit_menu_group ORDER BY name",
-	"show_fields" => array (
-		array (
-			"name" => "name"
-		)
-	)
-);
-
-// __END__

www/includes/table_arrays/array_edit_menu_group.php

@@ -0,0 +1,40 @@
+<?php declare(strict_types=1);
+
+$edit_menu_group = array(
+	'table_array' => array(
+		'edit_menu_group_id' => array(
+			'value' => isset($GLOBALS['edit_menu_group_id']) ? $GLOBALS['edit_menu_group_id'] : '',
+			'type' => 'hidden',
+			'pk' => 1
+		),
+		'name' => array(
+			'value' => isset($GLOBALS['name']) ? $GLOBALS['name'] : '',
+			'output_name' => 'Group name',
+			'mandatory' => 1,
+			'type' => 'text'
+		),
+		'flag' => array(
+			'value' => isset($GLOBALS['flag']) ? $GLOBALS['flag'] : '',
+			'output_name' => 'Flag',
+			'mandatory' => 1,
+			'type' => 'text',
+			'error_check' => 'alphanumeric|unique'
+		),
+		'order_number' => array(
+			'value' => isset($GLOBALS['order_number']) ? $GLOBALS['order_number'] : '',
+			'output_name' => 'Group order',
+			'type' => 'order',
+			'int' => 1,
+			'order' => 1
+		)
+	),
+	'table_name' => 'edit_menu_group',
+	'load_query' => "SELECT edit_menu_group_id, name FROM edit_menu_group ORDER BY name",
+	'show_fields' => array(
+		array(
+			'name' => 'name'
+		)
+	)
+);
+
+// __END__

www/includes/table_arrays/array_edit_pages.inc

@@ -1,180 +0,0 @@
-<?php
-
-$edit_pages = array (
-	"table_array" => array (
-		"edit_page_id" => array (
-			"value" => $GLOBALS["edit_page_id"],
-			"type" => "hidden",
-			"pk" => 1
-		),
-		"filename" => array (
-			"value" => $GLOBALS["filename"],
-			"output_name" => "Add File ...",
-			"mandatory" => 1,
-			"type" => "drop_down_db",
-			"query" => "SELECT DISTINCT temp_files.filename AS id, temp_files.filename AS name FROM temp_files LEFT JOIN edit_page ep ON temp_files.filename = ep.filename WHERE ep.filename IS NULL"
-		),
-		"name" => array (
-			"value" => $GLOBALS["name"],
-			"output_name" => "Page name",
-			"mandatory" => 1,
-			"type" => "text"
-		),
-		"order_number" => array (
-			"value" => $GLOBALS["order_number"],
-			"output_name" => "Page order",
-			"type" => "order",
-			"int" => 1,
-			"order" => 1
-		),
-		/* "flag" => array (
-			"value" => $GLOBALS["flag"],
-			"output_name" => "Page Flag",
-			"type" => "drop_down_array",
-			"query" => array (
-				"0" => "0",
-				"1" => "1",
-				"2" => "2",
-				"3" => "3",
-				"4" => "4",
-				"5" => "5"
-			)
-		),*/
-		"online" => array (
-			"value" => $GLOBALS["online"],
-			"output_name" => "Online",
-			"int" => 1,
-			"type" => "binary",
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		),
-		"menu" => array (
-			"value" => $GLOBALS["menu"],
-			"output_name" => "Menu",
-			"int" => 1,
-			"type" => "binary",
-			"element_list" => array (
-				 "1" => "Yes",
-				 "0" => "No"
-			)
-		),
-		"popup" => array (
-			"value" => $GLOBALS["popup"],
-			"output_name" => "Popup",
-			"int" => 1,
-			"type" => "binary",
-			"element_list" => array (
-				 "1" => "Yes",
-				 "0" => "No"
-			)
-		),
-		"popup_x" => array (
-			"value" => $GLOBALS["popup_x"],
-			"output_name" => "Popup Width",
-			"int_null" => 1,
-			"type" => "text",
-			"size" => 4,
-			"length" => 4
-		),
-		"popup_y" => array (
-			"value" => $GLOBALS["popup_y"],
-			"output_name" => "Popup Height",
-			"int_null" => 1,
-			"type" => "text",
-			"size" => 4,
-			"length" => 4
-		)/*,
-		"query_string" => array (
-			"value" => $GLOBALS["query_string"],
-			"output_name" => "Query String for Link",
-			"type" => "text",
-			"size" => "50"
-		)*/
-	),
-	"load_query" => "SELECT edit_page_id, filename, name, online, menu, popup FROM edit_page ORDER BY order_number",
-	"table_name" => "edit_page",
-	"show_fields" => array (
-		array (
-			"name" => "name"
-		),
-		array (
-			"name" => "filename",
-			"before_value" => "Filename: "
-		),
-		 array (
-		   "name" => "online",
-		   "binary" => array ("Yes","No"),
-		   "before_value" => "Online: "
-		 ),
-		 array (
-			"name" => "menu",
-			"binary" => array ("Yes","No"),
-			"before_value" => "Menu: "
-		),
-		array (
-			"name" => "popup",
-			"binary" => array ("Yes","No"),
-			"before_value" => "Popup: "
-		)
-	),
-	"reference_arrays" => array (
-		"edit_visible_group" => array (
-			"table_name" => "edit_page_visible_group",
-			"other_table_pk" => "edit_visible_group_id",
-			"output_name" => "Visible Groups (access)",
-			"mandatory" => 1,
-			"select_size" => 10,
-			"selected" => $GLOBALS["edit_visible_group_id"],
-			"query" => 'SELECT edit_visible_group_id, \'Name: \' || name || \', \' || \'Flag: \' || flag FROM edit_visible_group ORDER BY name'
-		),
-		"edit_menu_group" => array (
-			"table_name" => "edit_page_menu_group",
-			"other_table_pk" => "edit_menu_group_id",
-			"output_name" => "Menu Groups (grouping)",
-			"mandatory" => 1,
-			"select_size" => 10,
-			"selected" => $GLOBALS["edit_menu_group_id"],
-			"query" => 'SELECT edit_menu_group_id, \'Name: \' || name || \', \' || \'Flag: \' || flag FROM edit_menu_group ORDER BY order_number'
-		)
-
-	),
-	"element_list" => array (
-		"edit_query_string" => array (
-			"output_name" => "Query Strings",
-			"delete_name" => "remove_query_string",
-			"prefix" => "eqs",
-			"elements" => array (
-				"name" => array (
-					"output_name" => "Name",
-					"type" => "text",
-					"error_check" => "unique|alphanumeric",
-					"mandatory" => 1
-				),
-				"value" => array (
-					"output_name" => "Value",
-					"type" => "text"
-				),
-				"enabled" => array (
-					"output_name" => "Enabled",
-					"int" => 1,
-					"type" => "checkbox",
-					"element_list" => array (1)
-				),
-				"dynamic" => array (
-					"output_name" => "Dynamic",
-					"int" => 1,
-					"type" => "checkbox",
-					"element_list" => array (1)
-				),
-				"edit_query_string_id" => array (
-					"type" => "hidden",
-					"pk_id" => 1
-				)
-			) // elements
-		) // query_string element list
-	) // element list
-);
-
-// __END__

www/includes/table_arrays/array_edit_pages.php

@@ -0,0 +1,236 @@
+<?php declare(strict_types=1);
+
+$edit_pages = array(
+	'table_array' => array(
+		'edit_page_id' => array(
+			'value' => isset($GLOBALS['edit_page_id']) ? $GLOBALS['edit_page_id'] : '',
+			'type' => 'hidden',
+			'pk' => 1
+		),
+		'filename' => array(
+			'value' => isset($GLOBALS['filename']) ? $GLOBALS['filename'] : '',
+			'output_name' => 'Add File ...',
+			'mandatory' => 1,
+			'type' => 'drop_down_db',
+			'query' => "SELECT DISTINCT temp_files.filename AS id, temp_files.filename AS name ".
+				"FROM temp_files ".
+				"LEFT JOIN edit_page ep ON temp_files.filename = ep.filename ".
+				"WHERE ep.filename IS NULL"
+		),
+		'name' => array(
+			'value' => isset($GLOBALS['name']) ? $GLOBALS['name'] : '',
+			'output_name' => 'Page name',
+			'mandatory' => 1,
+			'type' => 'text'
+		),
+		'order_number' => array(
+			'value' => isset($GLOBALS['order_number']) ? $GLOBALS['order_number'] : '',
+			'output_name' => 'Page order',
+			'type' => 'order',
+			'int' => 1,
+			'order' => 1
+		),
+		/* 'flag' => array(
+			'value' => isset($GLOBALS['flag']) ? $GLOBALS['flag'] : '',
+			'output_name' => 'Page Flag',
+			'type' => 'drop_down_array',
+			'query' => array(
+				'0' => '0',
+				'1' => '1',
+				'2' => '2',
+				'3' => '3',
+				'4' => '4',
+				'5' => '5'
+			)
+		),*/
+		'online' => array(
+			'value' => isset($GLOBALS['online']) ? $GLOBALS['online'] : '',
+			'output_name' => 'Online',
+			'int' => 1,
+			'type' => 'binary',
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'menu' => array(
+			'value' => isset($GLOBALS['menu']) ? $GLOBALS['menu'] : '',
+			'output_name' => 'Menu',
+			'int' => 1,
+			'type' => 'binary',
+			'element_list' => array(
+				 '1' => 'Yes',
+				 '0' => 'No'
+			)
+		),
+		'popup' => array(
+			'value' => isset($GLOBALS['popup']) ? $GLOBALS['popup'] : '',
+			'output_name' => 'Popup',
+			'int' => 1,
+			'type' => 'binary',
+			'element_list' => array(
+				 '1' => 'Yes',
+				 '0' => 'No'
+			)
+		),
+		'popup_x' => array(
+			'value' => isset($GLOBALS['popup_x']) ? $GLOBALS['popup_x'] : '',
+			'output_name' => 'Popup Width',
+			'int_null' => 1,
+			'type' => 'text',
+			'size' => 4,
+			'length' => 4
+		),
+		'popup_y' => array(
+			'value' => isset($GLOBALS['popup_y']) ? $GLOBALS['popup_y'] : '',
+			'output_name' => 'Popup Height',
+			'int_null' =>  1,
+			'type' => 'text',
+			'size' => 4,
+			'length' => 4
+		),
+		'content_alias_edit_page_id' => array(
+			'value' => isset($GLOBALS['content_alias_edit_page_id']) ? $GLOBALS['content_alias_edit_page_id'] : '',
+			'output_name' => 'Content Alias Source',
+			'int_null' => 1,
+			'type' => 'drop_down_db',
+			// query creation
+			'select_distinct' => 0,
+			'pk_name' => 'edit_page_id AS content_alias_edit_page_id',
+			'input_name' => 'name',
+			'table_name' => 'edit_page',
+			'where_not_self' => 1,
+			'order_by' => 'order_number'
+			// 'query' => "SELECT edit_page_id AS content_alias_edit_page_id, name ".
+				// "FROM edit_page ".
+				// (isset($GLOBALS['edit_page_id']) ? " WHERE edit_page_id <> ".$GLOBALS['edit_page_id'] : "")." ".
+				// "ORDER BY order_number"
+		)
+	),
+	'load_query' => "SELECT edit_page_id, filename, name, online, menu, popup FROM edit_page ORDER BY order_number",
+	'table_name' => 'edit_page',
+	'show_fields' => array(
+		array(
+			'name' => 'name'
+		),
+		array(
+			'name' => 'filename',
+			'before_value' => 'Filename: '
+		),
+		 array(
+		   'name' => 'online',
+		   'binary' => array('Yes','No'),
+		   'before_value' => 'Online: '
+		 ),
+		 array(
+			'name' => 'menu',
+			'binary' => array('Yes','No'),
+			'before_value' => 'Menu: '
+		),
+		array(
+			'name' => 'popup',
+			'binary' => array('Yes','No'),
+			'before_value' => 'Popup: '
+		)
+	),
+	'reference_arrays' => array(
+		'edit_visible_group' => array(
+			'table_name' => 'edit_page_visible_group',
+			'other_table_pk' => 'edit_visible_group_id',
+			'output_name' => 'Visible Groups (access)',
+			'mandatory' => 1,
+			'select_size' => 10,
+			'selected' => isset($GLOBALS['edit_visible_group_id']) ? $GLOBALS['edit_visible_group_id'] : '',
+			'query' => "SELECT edit_visible_group_id, 'Name: ' || name || ', ' || 'Flag: ' || flag FROM edit_visible_group ORDER BY name"
+		),
+		'edit_menu_group' => array(
+			'table_name' => 'edit_page_menu_group',
+			'other_table_pk' => 'edit_menu_group_id',
+			'output_name' => 'Menu Groups (grouping)',
+			'mandatory' => 1,
+			'select_size' => 10,
+			'selected' => isset($GLOBALS['edit_menu_group_id']) ? $GLOBALS['edit_menu_group_id'] : '',
+			'query' => "SELECT edit_menu_group_id, 'Name: ' || name || ', ' || 'Flag: ' || flag FROM edit_menu_group ORDER BY order_number"
+		)
+
+	),
+	'element_list' => array(
+		'edit_query_string' => array(
+			'output_name' => 'Query Strings',
+			'delete_name' => 'remove_query_string',
+			'prefix' => 'eqs',
+			'elements' => array(
+				'name' => array(
+					'output_name' => 'Name',
+					'type' => 'text',
+					'error_check' => 'unique|alphanumeric',
+					'mandatory' => 1
+				),
+				'value' => array(
+					'output_name' => 'Value',
+					'type' => 'text'
+				),
+				'enabled' => array(
+					'output_name' => 'Enabled',
+					'int' => 1,
+					'type' => 'checkbox',
+					'element_list' => array(1)
+				),
+				'dynamic' => array(
+					'output_name' => 'Dynamic',
+					'int' => 1,
+					'type' => 'checkbox',
+					'element_list' => array(1)
+				),
+				'edit_query_string_id' => array(
+					'type' => 'hidden',
+					'pk_id' => 1
+				)
+			) // elements
+		), // query_string element list
+		'edit_page_content' => array(
+			'output_name' => 'Page Content',
+			'delete_name' => 'remove_page_content',
+			'prefix' => 'epc',
+			'elements' => array(
+				'name' => array(
+					'output_name' => 'Content',
+					'type' => 'text',
+					'error_check' => 'alphanumeric',
+					'mandatory' => 1
+				),
+				'uid' => array(
+					'output_name' => 'UID',
+					'type' => 'text',
+					'error_check' => 'unique|alphanumeric',
+					'mandatory' => 1
+				),
+				'order_number' => array(
+					'output_name' => 'Order',
+					'type' => 'text',
+					'error_check' => 'int',
+					'mandatory' => 1
+				),
+				'online' => array(
+					'output_name' => 'Online',
+					'int' => 1,
+					'type' => 'checkbox',
+					'element_list' => array(1)
+				),
+				'edit_access_right_id' => array(
+					'type' => 'drop_down_db',
+					'output_name' => 'Access Level',
+					'int' => 1,
+					'preset' => 1, // first of the select
+					'query' => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level"
+				),
+				'edit_page_content_id' => array(
+					'type' => 'hidden',
+					'pk_id' => 1
+				)
+			)
+		)
+	) // element list
+);
+
+// __END__

www/includes/table_arrays/array_edit_schemes.inc

@@ -1,57 +0,0 @@
-<?php
-
-$edit_schemes = array (
-	"table_array" => array (
-		"edit_scheme_id" => array (
-			"value" => $GLOBALS["edit_scheme_id"],
-			"type" => "hidden",
-			"pk" => 1
-		),
-		"name" => array (
-			"value" => $GLOBALS["name"],
-			"output_name" => "Scheme Name",
-			"mandatory" => 1,
-			"type" => "text"
-		),
-		"header_color" => array (
-			"value" => $GLOBALS["header_color"],
-			"output_name" => "Header Color",
-			"mandatory" => 1,
-			"type" => "text",
-			"size" => 6,
-			"length" => 6,
-			"error_check" => "custom",
-			"error_regex" => "/[\dA-Fa-f]{6}/",
-			"error_example" => "F6A544"
-		),
-		"enabled" => array (
-			"value" => $GLOBALS["enabled"],
-			"output_name" => "Enabled",
-			"int" => 1,
-			"type" => "binary",
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		),
-		"template" => array (
-			"value" => $GLOBALS["template"],
-			"output_name" => "Template",
-			"type" => "text"
-		)
-	),
-	"table_name" => "edit_scheme",
-	"load_query" => "SELECT edit_scheme_id, name, enabled FROM edit_scheme ORDER BY name",
-	"show_fields" => array (
-		array (
-			"name" => "name"
-		),
-		array (
-			"name" => "enabled",
-			"binary" => array ("Yes", "No"),
-			"before_value" => "Enabled: "
-		)
-	)
-); // main array
-
-// __END__

www/includes/table_arrays/array_edit_schemes.php

@@ -0,0 +1,57 @@
+<?php declare(strict_types=1);
+
+$edit_schemes = array(
+	'table_array' => array(
+		'edit_scheme_id' => array(
+			'value' => isset($GLOBALS['edit_scheme_id']) ? $GLOBALS['edit_scheme_id'] : '',
+			'type' => 'hidden',
+			'pk' => 1
+		),
+		'name' => array(
+			'value' => isset($GLOBALS['name']) ? $GLOBALS['name'] : '',
+			'output_name' => 'Scheme Name',
+			'mandatory' => 1,
+			'type' => 'text'
+		),
+		'header_color' => array(
+			'value' => isset($GLOBALS['header_color']) ? $GLOBALS['header_color'] : '',
+			'output_name' => 'Header Color',
+			'mandatory' => 1,
+			'type' => 'text',
+			'size' => 6,
+			'length' => 6,
+			'error_check' => 'custom',
+			'error_regex' => '/[\dA-Fa-f]{6}/',
+			'error_example' => 'F6A544'
+		),
+		'enabled' => array(
+			'value' => isset($GLOBALS['enabled']) ? $GLOBALS['enabled'] : '',
+			'output_name' => 'Enabled',
+			'int' => 1,
+			'type' => 'binary',
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'template' => array(
+			'value' => isset($GLOBALS['template']) ? $GLOBALS['template'] : '',
+			'output_name' => 'Template',
+			'type' => 'text'
+		)
+	),
+	'table_name' => 'edit_scheme',
+	'load_query' => "SELECT edit_scheme_id, name, enabled FROM edit_scheme ORDER BY name",
+	'show_fields' => array(
+		array(
+			'name' => 'name'
+		),
+		array(
+			'name' => 'enabled',
+			'binary' => array('Yes', 'No'),
+			'before_value' => 'Enabled: '
+		)
+	)
+); // main array
+
+// __END__

www/includes/table_arrays/array_edit_users.inc

@@ -1,261 +0,0 @@
-<?php
-
-$edit_users = array (
-	"table_array" => array (
-		"edit_user_id" => array (
-			"value" => $GLOBALS["edit_user_id"],
-			"type" => "hidden",
-			"pk" => 1,
-			"int" => 1
-		),
-		"username" => array (
-			"value" => $GLOBALS["username"],
-			"output_name" => "Username",
-			"mandatory" => 1,
-			"error_check" => "unique|alphanumericextended",
-			"type" => "text"
-		),
-		"password" => array (
-			"value" => $GLOBALS["password"],
-			"HIDDEN_value" => $GLOBALS["HIDDEN_password"],
-			"CONFIRM_value" => $GLOBALS["CONFIRM_password"],
-			"output_name" => "Password",
-			"mandatory" => 1,
-			"type" => "password", // later has to be password for encryption in database
-			'update' => array ( // connected field updates, and update data
-				'password_change_date' => array ( // db row to update
-					'type' => 'date', // type of field (int/text/date/etc)
-					'value' => 'NOW()' // value [todo: complex reference
-				)
-			)
-		),
-		// password date when first insert and password is set, needs special field with connection to password
-		// password reset force interval, if set, user needs to reset password after X time period
-		'password_change_interval' => array (
-			'value' => $GLOBALS['password_change_interval'],
-			'output_name' => 'Password change interval',
-			'error_check' => 'intervalshort', // can be any date length format. n Y/M/D [not H/M/S], only one set, no combination
-			'type' => 'text',
-			'interval' => 1, // interval needs NULL write for empty
-			'size' => 5, // make it 5 chars long
-			'length' => 5
-		),
-		"enabled" => array (
-			"value" => $GLOBALS["enabled"],
-			"output_name" => "Enabled",
-			"type" => "binary",
-			"int" => 1,
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		),
-		"strict" => array (
-			"value" => $GLOBALS["strict"],
-			"output_name" => "Strict (Lock after errors)",
-			"type" => "binary",
-			"int" => 1,
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		),
-		"locked" => array (
-			"value" => $GLOBALS["locked"],
-			"output_name" => "Locked (auto set if strict with errors)",
-			"type" => "binary",
-			"int" => 1,
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		),
-		"admin" => array (
-			"value" => $GLOBALS["admin"],
-			"output_name" => "Admin",
-			"type" => "binary",
-			"int" => 1,
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		),
-		"debug" => array (
-			"value" => $GLOBALS["debug"],
-			"output_name" => "Debug",
-			"type" => "binary",
-			"int" => 1,
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		),
-		"db_debug" => array (
-			"value" => $GLOBALS["db_debug"],
-			"output_name" => "DB Debug",
-			"type" => "binary",
-			"int" => 1,
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		),
-		"email" => array (
-			"value" => $GLOBALS["email"],
-			"output_name" => "E-Mail",
-			"type" => "text"
-		),
-		"last_name" => array (
-			"value" => $GLOBALS["last_name"],
-			"output_name" => "Last Name",
-			"type" => "text"
-		),
-		"first_name" => array (
-			"value" => $GLOBALS["first_name"],
-			"output_name" => "First Name",
-			"type" => "text"
-		),
-		"edit_language_id" => array (
-			"value" => $GLOBALS["edit_language_id"],
-			"output_name" => "Language",
-			"mandatory" => 1,
-			"int" => 1,
-			"type" => "drop_down_db",
-			"query" => "SELECT edit_language_id, long_name FROM edit_language WHERE enabled = 1 ORDER BY order_number"
-		),
-		"edit_scheme_id" => array (
-			"value" => $GLOBALS["edit_scheme_id"],
-			"output_name" => "Scheme",
-			"int_null" => 1,
-			"type" => "drop_down_db",
-			"query" => "SELECT edit_scheme_id, name FROM edit_scheme WHERE enabled = 1 ORDER BY name"
-		),
-		"edit_group_id" => array (
-			"value" => $GLOBALS["edit_group_id"],
-			"output_name" => "Group",
-			"int" => 1,
-			"type" => "drop_down_db",
-			"query" => "SELECT edit_group_id, name FROM edit_group WHERE enabled = 1 ORDER BY name",
-			"mandatory" => 1
-		),
-		"edit_access_right_id" => array (
-			"value" => $GLOBALS["edit_access_right_id"],
-			"output_name" => "User Level",
-			"mandatory" => 1,
-			"int" => 1,
-			"type" => "drop_down_db",
-			"query" => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level"
-		),
-		"login_error_count" => array (
-			"output_name" => "Login error count",
-			"value" => $GLOBALS['login_error_count'],
-			"type" => "view",
-			"empty" => "0"
-		),
-		"login_error_date_last" => array (
-			"output_name" => "Last login error",
-			"value" => $GLOBALS['login_error_date_liast'],
-			"type" => "view",
-			"empty" => "-"
-		),
-		"login_error_date_first" => array (
-			"output_name" => "First login error",
-			"value" => $GLOBALS['login_error_date_first'],
-			"type" => "view",
-			"empty" => "-"
-		),
-		"protected" => array (
-			"value" => $GLOBALS["protected"],
-			"output_name" => "Protected",
-			"type" => "binary",
-			"int" => 1,
-			"element_list" => array (
-				"1" => "Yes",
-				"0" => "No"
-			)
-		)
-	),
-	"load_query" => "SELECT edit_user_id, username, enabled, debug, db_debug, strict, locked, login_error_count FROM edit_user ORDER BY username",
-	"table_name" => "edit_user",
-	"show_fields" => array (
-		array (
-			"name" => "username"
-		),
-		array (
-			"name" => "enabled",
-			"binary" => array ("Yes", "No"),
-			"before_value" => "Enabled: "
-		),
-		array (
-			"name" => "debug",
-			"binary" => array ("Yes", "No"),
-			"before_value" => "Debug: "
-		),
-		array (
-			"name" => "db_debug",
-			"binary" => array ("Yes", "No"),
-			"before_value" => "DB Debug: "
-		),
-		array (
-			"name" => "strict",
-			"binary" => array ("Yes", "No"),
-			"before_value" => "Strict: "
-		),
-		array (
-			"name" => "locked",
-			"binary" => array ("Yes", "No"),
-			"before_value" => "Locked: "
-		),
-		array (
-			"name" => "login_error_count",
-			"before_value" => "Errors: "
-		)
-	),
-	"element_list" => array (
-		"edit_access_user" => array (
-			"output_name" => "Accounts",
-			"mandatory" => 1,
-			"delete" => 0, // set then reference entries are deleted, else the "enable" flag is only set
-			"prefix" => "ecu",
-			"read_data" => array (
-				"table_name" => "edit_access",
-				"pk_id" => "edit_access_id",
-				"name" => "name",
-				"order" => "name"
-			),
-			"elements" => array (
-				"edit_access_user_id" => array (
-					"output_name" => "Activate",
-					"type" => "hidden",
-					"int" => 1,
-					"pk_id" => 1
-				),
-				"enabled" => array (
-					"type" => "checkbox",
-					"output_name" => "Activate",
-					"int" => 1,
-					"element_list" => array (1)
-				),
-				"edit_access_right_id" => array (
-					"type" => "drop_down_db",
-					"output_name" => "Access Level",
-					"preset" => 1, // first of the select
-					"int" => 1,
-					"query" => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level"
-				),
-				"edit_default" => array (
-					"type" => "radio_group",
-					"output_name" => "Default",
-					"int" => 1,
-					"element_list" => "radio_group"
-				),
-				"edit_access_id" => array (
-					"type" => "hidden",
-					"int" => 1
-				)
-			)
-		) // edit pages ggroup
-	)
-);
-
-// __END__

www/includes/table_arrays/array_edit_users.php

@@ -0,0 +1,270 @@
+<?php declare(strict_types=1);
+
+$edit_users = array(
+	'table_array' => array(
+		'edit_user_id' => array(
+			'value' => isset($GLOBALS['edit_user_id']) ? $GLOBALS['edit_user_id'] : '',
+			'type' => 'hidden',
+			'pk' => 1,
+			'int' => 1
+		),
+		'username' => array(
+			'value' => isset($GLOBALS['username']) ? $GLOBALS['username'] : '',
+			'output_name' => 'Username',
+			'mandatory' => 1,
+			'error_check' => 'unique|alphanumericextended',
+			'type' => 'text'
+		),
+		'password' => array(
+			'value' => isset($GLOBALS['password']) ? $GLOBALS['password'] : '',
+			'HIDDEN_value' => isset($GLOBALS['HIDDEN_password']) ? $GLOBALS['HIDDEN_password'] : '',
+			'CONFIRM_value' => isset($GLOBALS['CONFIRM_password']) ? $GLOBALS['CONFIRM_password'] : '',
+			'output_name' => 'Password',
+			'mandatory' => 1,
+			'type' => 'password', // later has to be password for encryption in database
+			'update' => array( // connected field updates, and update data
+				'password_change_date' => array( // db row to update
+					'type' => 'date', // type of field (int/text/date/etc)
+					'value' => 'NOW()' // value [todo: complex reference
+				)
+			)
+		),
+		// password date when first insert and password is set, needs special field with connection to password
+		// password reset force interval, if set, user needs to reset password after X time period
+		'password_change_interval' => array(
+			'value' => isset($GLOBALS['password_change_interval']) ? $GLOBALS['password_change_interval'] : '',
+			'output_name' => 'Password change interval',
+			'error_check' => 'intervalshort', // can be any date length format. n Y/M/D [not H/M/S], only one set, no combination
+			'type' => 'text',
+			'interval' => 1, // interval needs NULL write for empty
+			'size' => 5, // make it 5 chars long
+			'length' => 5
+		),
+		'enabled' => array(
+			'value' => isset($GLOBALS['enabled']) ? $GLOBALS['enabled'] : '',
+			'output_name' => 'Enabled',
+			'type' => 'binary',
+			'int' => 1,
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'strict' => array(
+			'value' => isset($GLOBALS['strict']) ? $GLOBALS['strict'] : '',
+			'output_name' => 'Strict (Lock after errors)',
+			'type' => 'binary',
+			'int' => 1,
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'locked' => array(
+			'value' => isset($GLOBALS['locked']) ? $GLOBALS['locked'] : '',
+			'output_name' => 'Locked (auto set if strict with errors)',
+			'type' => 'binary',
+			'int' => 1,
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'admin' => array(
+			'value' => isset($GLOBALS['admin']) ? $GLOBALS['admin'] : '',
+			'output_name' => 'Admin',
+			'type' => 'binary',
+			'int' => 1,
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'debug' => array(
+			'value' => isset($GLOBALS['debug']) ? $GLOBALS['debug'] : '',
+			'output_name' => 'Debug',
+			'type' => 'binary',
+			'int' => 1,
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'db_debug' => array(
+			'value' => isset($GLOBALS['db_debug']) ? $GLOBALS['db_debug'] : '',
+			'output_name' => 'DB Debug',
+			'type' => 'binary',
+			'int' => 1,
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'email' => array(
+			'value' => isset($GLOBALS['email']) ? $GLOBALS['email'] : '',
+			'output_name' => 'E-Mail',
+			'type' => 'text',
+			'error_check' => 'email'
+		),
+		'last_name' => array(
+			'value' => isset($GLOBALS['last_name']) ? $GLOBALS['last_name'] : '',
+			'output_name' => 'Last Name',
+			'type' => 'text'
+		),
+		'first_name' => array(
+			'value' => isset($GLOBALS['first_name']) ? $GLOBALS['first_name'] : '',
+			'output_name' => 'First Name',
+			'type' => 'text'
+		),
+		'edit_language_id' => array(
+			'value' => isset($GLOBALS['edit_language_id']) ? $GLOBALS['edit_language_id'] : '',
+			'output_name' => 'Language',
+			'mandatory' => 1,
+			'int' => 1,
+			'type' => 'drop_down_db',
+			'query' => "SELECT edit_language_id, long_name FROM edit_language WHERE enabled = 1 ORDER BY order_number"
+		),
+		'edit_scheme_id' => array(
+			'value' => isset($GLOBALS['edit_scheme_id']) ? $GLOBALS['edit_scheme_id'] : '',
+			'output_name' => 'Scheme',
+			'int_null' => 1,
+			'type' => 'drop_down_db',
+			'query' => "SELECT edit_scheme_id, name FROM edit_scheme WHERE enabled = 1 ORDER BY name"
+		),
+		'edit_group_id' => array(
+			'value' => isset($GLOBALS['edit_group_id']) ? $GLOBALS['edit_group_id'] : '',
+			'output_name' => 'Group',
+			'int' => 1,
+			'type' => 'drop_down_db',
+			'query' => "SELECT edit_group_id, name FROM edit_group WHERE enabled = 1 ORDER BY name",
+			'mandatory' => 1
+		),
+		'edit_access_right_id' => array(
+			'value' => isset($GLOBALS['edit_access_right_id']) ? $GLOBALS['edit_access_right_id'] : '',
+			'output_name' => 'User Level',
+			'mandatory' => 1,
+			'int' => 1,
+			'type' => 'drop_down_db',
+			'query' => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level"
+		),
+		'login_error_count' => array(
+			'output_name' => 'Login error count',
+			'value' => isset($GLOBALS['login_error_count']) ? $GLOBALS['login_error_count'] : '',
+			'type' => 'view',
+			'empty' => '0'
+		),
+		'login_error_date_last' => array(
+			'output_name' => 'Last login error',
+			'value' => isset($GLOBALS['login_error_date_liast']) ? $GLOBALS['login_error_date_liast'] : '',
+			'type' => 'view',
+			'empty' => '-'
+		),
+		'login_error_date_first' => array(
+			'output_name' => 'First login error',
+			'value' => isset($GLOBALS['login_error_date_first']) ? $GLOBALS['login_error_date_first'] : '',
+			'type' => 'view',
+			'empty' => '-'
+		),
+		'protected' => array(
+			'value' => isset($GLOBALS['protected']) ? $GLOBALS['protected'] : '',
+			'output_name' => 'Protected',
+			'type' => 'binary',
+			'int' => 1,
+			'element_list' => array(
+				'1' => 'Yes',
+				'0' => 'No'
+			)
+		),
+		'additional_acl' => array(
+			'value' => isset($GLOBALS['additional_acl']) ? $GLOBALS['additional_acl'] : '',
+			'output_name' => 'Additional ACL (as JSON)',
+			'type' => 'textarea',
+			'error_check' => 'json',
+			'rows' => 10,
+			'cols' => 60
+		),
+	),
+	'load_query' => "SELECT edit_user_id, username, enabled, debug, db_debug, strict, locked, login_error_count FROM edit_user ORDER BY username",
+	'table_name' => 'edit_user',
+	'show_fields' => array(
+		array(
+			'name' => 'username'
+		),
+		array(
+			'name' => 'enabled',
+			'binary' => array('Yes', 'No'),
+			'before_value' => 'Enabled: '
+		),
+		array(
+			'name' => 'debug',
+			'binary' => array('Yes', 'No'),
+			'before_value' => 'Debug: '
+		),
+		array(
+			'name' => 'db_debug',
+			'binary' => array('Yes', 'No'),
+			'before_value' => 'DB Debug: '
+		),
+		array(
+			'name' => 'strict',
+			'binary' => array('Yes', 'No'),
+			'before_value' => 'Strict: '
+		),
+		array(
+			'name' => 'locked',
+			'binary' => array('Yes', 'No'),
+			'before_value' => 'Locked: '
+		),
+		array(
+			'name' => 'login_error_count',
+			'before_value' => 'Errors: '
+		)
+	),
+	'element_list' => array(
+		'edit_access_user' => array(
+			'output_name' => 'Accounts',
+			'mandatory' => 1,
+			'delete' => 0, // set then reference entries are deleted, else the 'enable' flag is only set
+			'prefix' => 'ecu',
+			'read_data' => array(
+				'table_name' => 'edit_access',
+				'pk_id' => 'edit_access_id',
+				'name' => 'name',
+				'order' => 'name'
+			),
+			'elements' => array(
+				'edit_access_user_id' => array(
+					'output_name' => 'Activate',
+					'type' => 'hidden',
+					'int' => 1,
+					'pk_id' => 1
+				),
+				'enabled' => array(
+					'type' => 'checkbox',
+					'output_name' => 'Activate',
+					'int' => 1,
+					'element_list' => array(1)
+				),
+				'edit_access_right_id' => array(
+					'type' => 'drop_down_db',
+					'output_name' => 'Access Level',
+					'preset' => 1, // first of the select
+					'int' => 1,
+					'query' => "SELECT edit_access_right_id, name FROM edit_access_right ORDER BY level"
+				),
+				'edit_default' => array(
+					'type' => 'radio_group',
+					'output_name' => 'Default',
+					'int' => 1,
+					'element_list' => 'radio_group'
+				),
+				'edit_access_id' => array(
+					'type' => 'hidden',
+					'int' => 1
+				)
+			)
+		) // edit pages ggroup
+	)
+);
+
+// __END__

www/includes/table_arrays/array_edit_visible_group.inc

@@ -1,33 +0,0 @@
-<?php
-
-$edit_visible_group = array (
-	"table_array" => array (
-		"edit_visible_group_id" => array (
-			"value" => $GLOBALS["edit_visible_group_id"],
-			"type" => "hidden",
-			"pk" => 1
-		),
-		"name" => array (
-			"value" => $GLOBALS["name"],
-			"output_name" => $this->l->__("Group name"),
-			"mandatory" => 1,
-			"type" => "text"
-		),
-		"flag" => array (
-			"value" => $GLOBALS["flag"],
-			"output_name" => $this->l->__("Flag"),
-			"mandatory" => 1,
-			"type" => "text",
-			"error_check" => "alphanumeric|unique"
-		)
-	),
-	"table_name" => "edit_visible_group",
-	"load_query" => "SELECT edit_visible_group_id, name FROM edit_visible_group ORDER BY name",
-	"show_fields" => array (
-		array (
-			"name" => "name"
-		)
-	)
-);
-
-// __END__

www/includes/table_arrays/array_edit_visible_group.php

@@ -0,0 +1,33 @@
+<?php declare(strict_types=1);
+
+$edit_visible_group = array(
+	'table_array' => array(
+		'edit_visible_group_id' => array(
+			'value' => isset($GLOBALS['edit_visible_group_id']) ? $GLOBALS['edit_visible_group_id'] : '',
+			'type' => 'hidden',
+			'pk' => 1
+		),
+		'name' => array(
+			'value' => isset($GLOBALS['name']) ? $GLOBALS['name'] : '',
+			'output_name' => 'Group name',
+			'mandatory' => 1,
+			'type' => 'text'
+		),
+		'flag' => array(
+			'value' => isset($GLOBALS['flag']) ? $GLOBALS['flag'] : '',
+			'output_name' => 'Flag',
+			'mandatory' => 1,
+			'type' => 'text',
+			'error_check' => 'alphanumeric|unique'
+		)
+	),
+	'table_name' => 'edit_visible_group',
+	'load_query' => "SELECT edit_visible_group_id, name FROM edit_visible_group ORDER BY name",
+	'show_fields' => array(
+		array(
+			'name' => 'name'
+		)
+	)
+);
+
+// __END__

www/includes/templates/admin/edit_elements.tpl

@@ -114,8 +114,8 @@
 			{/foreach}
 			</table>
 			{if $element.data.delete_name}
-			<input type="hidden" value="" name="{$element.data.delete_name}">
-			<input type="hidden" value="" name="{$element.data.delete_name}_flag">
+			<input type="hidden" value="" id="{$element.data.delete_name}" name="{$element.data.delete_name}">
+			<input type="hidden" value="" id="{$element.data.delete_name}_flag" name="{$element.data.delete_name}_flag">
 			<input type="hidden" name="remove_name[]" value="{$element.data.delete_name}">
 			{/if}
 			{if $element.data.enable_name}

www/includes/templates/admin/edit_order.tpl

@@ -15,12 +15,6 @@
 	{if $STYLESHEET}
 	<link rel=stylesheet type="text/css" href="{$css}{$STYLESHEET}">
 	{/if}
-	{if $JAVASCRIPT}
-	<script language="JavaScript" src="{$JS}{$JAVASCRIPT}"></script>
-	{/if}
-	{if $DATE_JAVASCRIPT}
-	<script language="JavaScript" src="{$JS}{$DATE_JAVASCRIPT}"></script>
-	{/if}
 </head>
 <body>
 <table width="100%" border="0" cellpadding="0" cellspacing="1">

www/layout/admin/javascript/edit.jq.js

@@ -1,4 +1,5 @@
 /* general edit javascript */
+/* jquery version */
 
 /* jshint esversion: 6 */
 
@@ -11,19 +12,21 @@ if (!DEBUG) {
 	});
 }*/
 
-// METHOD: pop
-// PARAMS: url, window name, features
-// RETURN: none
-// DESC  : opens a popup window with winNAme and given features (string)
+/**
+ * opens a popup window with winName and given features (string)
+ * @param {String} theURL   the url
+ * @param {String} winName  window name
+ * @param {Object} features popup features
+ */
 function pop(theURL, winName, features) {
 	winName = window.open(theURL, winName, features);
 	winName.focus();
 }
 
-// METHOD: expandTA
-// PARAMS: id
-// RETURN: none
-// DESC  : automatically resize a text area based on the amount of lines in it
+/**
+ * automatically resize a text area based on the amount of lines in it
+ * @param {[string} ta_id element id
+ */
 function expandTA(ta_id) {
 	var ta;
 	// if a string comes, its a get by id, else use it as an element pass on
@@ -44,10 +47,10 @@ function expandTA(ta_id) {
 	ta.rows = numNewRows + theRows.length;
 }
 
-// METHOD: getWindowSize
-// PARAMS: none
-// RETURN: array with width/height
-// DESC  : wrapper to get the real window size for the current browser window
+/**
+ * wrapper to get the real window size for the current browser window
+ * @return {Object} object with width/height
+ */
 function getWindowSize()
 {
 	var width, height;
@@ -59,10 +62,10 @@ function getWindowSize()
 	};
 }
 
-// METHOD: getScrollOffset
-// PARAMS: none
-// RETURN: array with x/y px
-// DESC  : wrapper to get the correct scroll offset
+/**
+ * wrapper to get the correct scroll offset
+ * @return {Object} object with x/y px
+ */
 function getScrollOffset()
 {
 	var left, top;
@@ -74,10 +77,12 @@ function getScrollOffset()
 	};
 }
 
-// METHOD: setCenter
-// PARAMS: id to set center
-// RETURN: none
-// DESC  : centers div to current window size middle
+/**
+ * centers div to current window size middle
+ * @param {String}  id   element to center
+ * @param {Boolean} left if true centers to the middle from the left
+ * @param {Boolean} top  if true centers to the middle from the top
+ */
 function setCenter(id, left, top)
 {
 	// get size of id
@@ -107,10 +112,11 @@ function setCenter(id, left, top)
 	}
 }
 
-// METHOD: goToPos()
-// PARAMS: element, offset (default 0)
-// RETURN: none
-// DESC:   goes to an element id position
+/**
+ * goes to an element id position
+ * @param {String} element    element id to move to
+ * @param {Number} [offset=0] offset from top, default is 0 (px)
+ */
 function goToPos(element, offset = 0)
 {
 	try {
@@ -125,10 +131,12 @@ function goToPos(element, offset = 0)
 	}
 }
 
-// METHOD: __
-// PARAMS: text
-// RETURN: translated text (based on PHP selected language)
-// DESC  : uses the i18n array created in the translation template, that is filled from gettext in PHP (Smarty)
+/**
+ * uses the i18n object created in the translation template
+ * that is filled from gettext in PHP
+ * @param  {String} string text to translate
+ * @return {String}        translated text (based on PHP selected language)
+ */
 function __(string)
 {
 	if (typeof i18n !== 'undefined' && isObject(i18n) && i18n[string]) {
@@ -138,12 +146,13 @@ function __(string)
 	}
 }
 
-// METHOD: string.format
-// PARAMS: any, for string format
-// RETURN: formatted string
-// DESC  : simple sprintf formater for replace
-//         "{0} is cool, {1} is not".format("Alpha", "Beta");
-// First, checks if it isn't implemented yet.
+/**
+ * simple sprintf formater for replace
+ * usage: "{0} is cool, {1} is not".format("Alpha", "Beta");
+ * First, checks if it isn't implemented yet.
+ * @param  {String} !String.prototype.format string with elements to be replaced
+ * @return {String}                          Formated string
+ */
 if (!String.prototype.format) {
 	String.prototype.format = function()
 	{
@@ -158,25 +167,32 @@ if (!String.prototype.format) {
 	};
 }
 
-// METHOD: numberWithCommas
-// PARAMS: number
-// RETURN: formatted with , in thousands
-// DESC  : formats flat number 123456 to 123,456
+/**
+ * formats flat number 123456 to 123,456
+ * @param  {Number} x number to be formated
+ * @return {String}   formatted with , in thousands
+ */
 const numberWithCommas = (x) => {
 	var parts = x.toString().split(".");
 	parts[0] = parts[0].replace(/\B(?=(\d{3})+(?!\d))/g, ",");
 	return parts.join(".");
 };
 
-// METHOD:
-// PARAMS: string
-// RETURN: string with <br>
-// DESC  : converts line breaks to br
+/**
+ * converts line breaks to br
+ * @param  {String} string any string
+ * @return {String}        string with <br>
+ */
 function convertLBtoBR(string)
 {
 	return string.replace(/(?:\r\n|\r|\n)/g, '<br>');
 }
 
+/**
+ * escape HTML string
+ * @param  {String} !String.prototype.escapeHTML HTML data string to be escaped
+ * @return {String}                              escaped string
+ */
 if (!String.prototype.escapeHTML) {
 	String.prototype.escapeHTML = function() {
 		return this.replace(/[&<>"'\/]/g, function (s) {
@@ -194,6 +210,11 @@ if (!String.prototype.escapeHTML) {
 	};
 }
 
+/**
+ * unescape a HTML encoded string
+ * @param  {String} !String.prototype.unescapeHTML data with escaped entries
+ * @return {String}                                HTML formated string
+ */
 if (!String.prototype.unescapeHTML) {
 	String.prototype.unescapeHTML = function() {
 		return this.replace(/&[#\w]+;/g, function (s) {
@@ -211,31 +232,33 @@ if (!String.prototype.unescapeHTML) {
 	};
 }
 
-// METHOD: getTimestamp
-// PARAMS: none
-// RETURN: timestamp (in milliseconds)
-// DESC  : returns current timestamp (unix timestamp)
+/**
+ * returns current timestamp (unix timestamp)
+ * @return {Number} timestamp (in milliseconds)
+ */
 function getTimestamp()
 {
 	var date = new Date();
 	return date.getTime();
 }
 
-// METHOD: dec2hex
-// PARAMS: decimal string
-// RETURN: string
-// DESC  : dec2hex :: Integer -> String
-//         i.e. 0-255 -> '00'-'ff'
+/**
+ * dec2hex :: Integer -> String
+ * i.e. 0-255 -> '00'-'ff'
+ * @param  {Number} dec decimal string
+ * @return {String}     hex encdoded number
+ */
 function dec2hex(dec)
 {
 	return ('0' + dec.toString(16)).substr(-2);
 }
 
-// METHOD: generateId
-// PARAMS: lenght in int
-// RETURN: random string
-// DESC  : generateId :: Integer -> String
-//         only works on mondern browsers
+/**
+ * generateId :: Integer -> String
+ * only works on mondern browsers
+ * @param  {Number} len length of unique id string
+ * @return {String}     random string in length of len
+ */
 function generateId(len)
 {
 	var arr = new Uint8Array((len || 40) / 2);
@@ -243,20 +266,22 @@ function generateId(len)
 	return Array.from(arr, dec2hex).join('');
 }
 
-// METHOD: randomIdF()
-// PARAMS: none
-// RETURN: not true random string
-// DESC  : creates a pseudo random string of 10 characters
-//         after many runs it will create duplicates
+/**
+ * creates a pseudo random string of 10 characters
+ * works on all browsers
+ * after many runs it will create duplicates
+ * @return {String} not true random string
+ */
 function randomIdF()
 {
 	return Math.random().toString(36).substring(2);
 }
 
-// METHOD: isObject
-// PARAMS: possible object
-// RETURN: true/false if it is an object or not
-// DESC  : checks if a variable is an object
+/**
+ * checks if a variable is an object
+ * @param  {Mixed}   val possible object
+ * @return {Boolean}     true/false if it is an object or not
+ */
 function isObject(val) {
 	if (val === null) {
 		return false;
@@ -264,31 +289,55 @@ function isObject(val) {
 	return ((typeof val === 'function') || (typeof val === 'object'));
 }
 
-// METHOD: keyInObject
-// PARAMS: key name, object
-// RETURN: true/false if key exists in object
-// DESC  : checks if a key exists in a given object
+/**
+ * checks if a key exists in a given object
+ * @param  {String}  key    key name
+ * @param  {Object}  object object to search key in
+ * @return {Boolean}        true/false if key exists in object
+ */
 const keyInObject = (key, object) => (key in object) ? true : false;
 /*function keyInObject(key, object)
 {
 	return (key in object) ? true : false;
 }*/
 
-// METHOD: exists
-// PARAMS: uid
-// RETURN: true/false
-// DESC  : checks if a DOM element actually exists
+/**
+ * returns matching key of value
+ * @param  {Object} obj   object to search value in
+ * @param  {Mixed}  value any value (String, Number, etc)
+ * @return {String}       the key found for the first matching value
+ */
+const getKeyByValue = (obj, value) => Object.keys(obj).find(key => obj[key] === value);
+// function getKeyByValue(object, value)
+// {
+// 	return Object.keys(object).find(key => object[key] === value);
+// }
+
+/**
+ * returns true if value is found in object with a key
+ * @param  {Object}  obj   object to search value in
+ * @param  {Mixed}   value any value (String, Number, etc)
+ * @return {Boolean}       true on value found, false on not found
+ */
+const valueInObject = (obj, value) => (Object.keys(obj).find(key => obj[key] === value)) ? true : false;
+
+/**
+ * checks if a DOM element actually exists
+ * @param  {String}  id Element id to check for
+ * @return {Boolean}    true if element exists, false on failure
+ */
 const exists = (id) => $('#' + id).length > 0 ? true : false;
 /*function exists(id)
 {
 	return $('#' + id).length > 0 ? true : false;
 }*/
 
-// METHOD: formatBytes
-// PARAMS: bytes in int
-// RETURN: string in GB/MB/KB
-// DESC  : converts a int number into bytes with prefix in two decimals precision
-//         currently precision is fixed, if dynamic needs check for max/min precision
+/**
+ * converts a int number into bytes with prefix in two decimals precision
+ * currently precision is fixed, if dynamic needs check for max/min precision
+ * @param  {Number} bytes bytes in int
+ * @return {String}       string in GB/MB/KB
+ */
 function formatBytes(bytes)
 {
 	var i = -1;
@@ -300,10 +349,10 @@ function formatBytes(bytes)
 	return parseFloat(Math.round(bytes * Math.pow(10, 2)) / Math.pow(10, 2)) + ['kB', 'MB', 'GB', 'TB', 'PB', 'EB'][i];
 }
 
-// METHOD: errorCatch
-// PARAMS: err (error from try/catch
-// RETURN: none
-// DESC  : prints out error messages based on data available from the browser
+/**
+ * prints out error messages based on data available from the browser
+ * @param {Object} err error from try/catch block
+ */
 function errorCatch(err)
 {
 	// for FF & Chrome
@@ -329,10 +378,10 @@ function errorCatch(err)
 	}
 }
 
-// METHOD: actionIndicator
-// PARAMS: none
-// RETURN: none
-// DESC   : show or hide the "do" overlay
+/**
+ * show or hide the "do" overlay
+ * @param {String} [loc=''] location name for action indicator, default empty. for console.log
+ */
 function actionIndicator(loc = '')
 {
 	if ($('#overlayBox').is(':visible')) {
@@ -342,12 +391,11 @@ function actionIndicator(loc = '')
 	}
 }
 
-// METHOD: actionIndicatorShow/actionIndicatorHide
-// PARAMS: loc for console log info
-// RETURN: none
-// DESC  : explicit show/hide for action Indicator
-//         instead of automatically show or hide, do
-//         on command
+/**
+ * explicit show for action Indicator
+ * instead of automatically show or hide, do on command show
+ * @param {String} [loc=''] optional location name, empty if not set. for console.log
+ */
 function actionIndicatorShow(loc = '')
 {
 	console.log('Indicator: SHOW [%s]', loc);
@@ -356,6 +404,12 @@ function actionIndicatorShow(loc = '')
 	$('#indicator').show();
 	overlayBoxShow();
 }
+
+/**
+ * explicit hide for action Indicator
+ * instead of automatically show or hide, do on command hide
+ * @param {String} [loc=''] optional location name, empty if not set. for console.log
+ */
 function actionIndicatorHide(loc = '')
 {
 	console.log('Indicator: HIDE [%s]', loc);
@@ -364,10 +418,9 @@ function actionIndicatorHide(loc = '')
 	overlayBoxHide();
 }
 
-// METHOD: overlayBoxView
-// PARAMS: none
-// RETURN: none
-// DESC  : shows or hides the overlay box
+/**
+ * shows the overlay box
+ */
 function overlayBoxShow()
 {
 	// check if overlay box exists and if yes set the z-index to 100
@@ -377,6 +430,10 @@ function overlayBoxShow()
 		$('#overlayBox').show();
 	}
 }
+
+/**
+ * hides the overlay box
+ */
 function overlayBoxHide()
 {
 	// if the overlay box z-index is 100, do no hide, but set to 98
@@ -387,10 +444,9 @@ function overlayBoxHide()
 	}
 }
 
-// METHOD: setOverlayBox
-// PARAMS: none
-// RETURN: none
-// DESC   : position the overlay block box and shows it
+/**
+ * position the overlay block box and shows it
+ */
 function setOverlayBox()
 {
 	var viewport = document.viewport.getDimensions();
@@ -401,10 +457,9 @@ function setOverlayBox()
 	$('#overlayBox').show();
 }
 
-// METHOD: ClearCall
-// PARAMS: none
-// RETURN: none
-// DESC  : the abort call, clears the action box and hides it and the overlay box
+/**
+ * the abort call, clears the action box and hides it and the overlay box
+ */
 function ClearCall()
 {
 	$('#actionBox').innerHTML = '';
@@ -413,14 +468,15 @@ function ClearCall()
 }
 
 // *** DOM MANAGEMENT FUNCTIONS
-// METHOD: cel [create element]
-// PARAMS: tag: must set tag (div, span, etc)
-//         id: optional set for id, if input, select will be used for name
-//         content: text content inside, is skipped if sub elements exist
-//         css: array for css tags
-//         options: anything else (value, placeholder, OnClick, style)
-// RETURN: object
-// DESC  : creates object for DOM element creation flow
+/**
+ * reates object for DOM element creation flow
+ * @param  {String} tag          must set tag (div, span, etc)
+ * @param  {String} [id='']      optional set for id, if input, select will be used for name
+ * @param  {String} [content=''] text content inside, is skipped if sub elements exist
+ * @param  {Array}  [css=[]]     array for css tags
+ * @param  {Object} [options={}] anything else (value, placeholder, OnClick, style)
+ * @return {Object}              created element as an object
+ */
 const cel = (tag, id = '', content = '', css = [], options = {}) =>
 	_element = {
 		tag: tag,
@@ -432,12 +488,13 @@ const cel = (tag, id = '', content = '', css = [], options = {}) =>
 		sub: []
 	};
 
-// METHOD: ael [attach element]
-// PARAMS: base: object where to attach/search
-//         attach: the object to be attached
-//         id: optional id, if given search in base for this id and attach there
-// RETURN: "none", technically there is no return needed
-// DESC  : attach a cel created object to another to create a basic DOM tree
+/**
+ * attach a cel created object to another to create a basic DOM tree
+ * @param  {Object} base    object where to attach/search
+ * @param  {Object} attach  the object to be attached
+ * @param  {String} [id=''] optional id, if given search in base for this id and attach there
+ * @return {Object}         "none", technically there is no return needed as it is global attach
+ */
 function ael(base, attach, id = '')
 {
 	if (id) {
@@ -459,12 +516,13 @@ function ael(base, attach, id = '')
 	return base;
 }
 
-// METHOD: aelx [attach n elements]
-// PARAMS: base: object to where we attach the elements
-//         attach 1..n: attach directly to the base element those attachments
-// RETURN: "none", technically there is no return needed
-// DESC  : directly attach n elements to one master base element
-//         this type does not support attach with optional id
+/**
+ * directly attach n elements to one master base element
+ * this type does not support attach with optional id
+ * @param  {Object}    base   object to where we attach the elements
+ * @param  {...Object} attach attach 1..n: attach directly to the base element those attachments
+ * @return {Object}           "none", technically there is no return needed, global attach
+ */
 function aelx(base, ...attach)
 {
 	for (var i = 0; i < attach.length; i ++) {
@@ -473,19 +531,22 @@ function aelx(base, ...attach)
 	return base;
 }
 
-// METHOD: rel [reset element]
-// PARAMS: cel created element
-// RETURN: returns sub reset base element
-// DESC  : resets the sub elements of the base element given
+/**
+ * resets the sub elements of the base element given
+ * @param  {Object} base cel created element
+ * @return {Object}      returns reset base element
+ */
 const rel = (base) => {
 	base.sub = [];
 	return base;
 };
 
-// METHOD: rcssel [remove a css from the element]
-// PARAMS: element, style sheet to remove
-// RETURN: "none", in place because of reference
-// DESC  : searches and removes style from css array
+/**
+ * searches and removes style from css array
+ * @param  {Object} _element element to work one
+ * @param  {String css      style sheet to remove (name)
+ * @return {Object}          returns full element
+ */
 function rcssel(_element, css)
 {
 	var css_index = _element.css.indexOf(css);
@@ -495,10 +556,12 @@ function rcssel(_element, css)
 	return _element;
 }
 
-// METHOD: acssel [add css element]
-// PARAMS: element, style sheet to add
-// RETURN: "none", in place add because of reference
-// DESC  : adds a new style sheet to the element given
+/**
+ * adds a new style sheet to the element given
+ * @param  {Object} _element element to work on
+ * @param  {String} css      style sheet to add (name)
+ * @return {Object}         returns full element
+ */
 function acssel(_element, css)
 {
 	var css_index = _element.css.indexOf(css);
@@ -508,23 +571,26 @@ function acssel(_element, css)
 	return _element;
 }
 
-// METHOD: scssel
-// PARAMS: element, style to remove, style to add
-// RETURN: "none", in place add because of reference
-// DESC  : removes one css and adds another
-//         is a wrapper around rcssel/acssel
+/**
+ * removes one css and adds another
+ * is a wrapper around rcssel/acssel
+ * @param  {Object} _element element to work on
+ * @param  {String} rcss     style to remove (name)
+ * @param  {String} acss     style to add (name)
+ * @return {Object}          returns full element
+ */
 function scssel(_element, rcss, acss)
 {
 	rcssel(_element, rcss);
 	acssel(_element, acss);
 }
 
-// METHOD: phfo [produce html from object]
-// PARAMS: object tree with dom element declarations
-// RETURN: HTML string that can be used as innerHTML
-// DESC  : parses the object tree created with cel/ael
-//         and converts it into an HTML string that can
-//         be inserted into the page
+/**
+ * parses the object tree created with cel/ael and converts it into an HTML string
+ * that can be inserted into the page
+ * @param  {Object} tree object tree with dom element declarations
+ * @return {String}      HTML string that can be used as innerHTML
+ */
 function phfo(tree)
 {
 	// holds the elements
@@ -587,33 +653,45 @@ function phfo(tree)
 
 // BLOCK: html wrappers for quickly creating html data blocks
 
-// NOTE  : OLD FORMAT which misses multiple block set
-// METHOD: html_options
-// PARAMS: name/id, array for the options, selected item uid
-//         options_only [def false] if this is true, it will not print the select part
-//         return_string [def false]: return as string and not as element
-//         sort [def '']: if empty as is, else allowed 'keys', 'values' all others are ignored
-// RETURN: html with build options block
-// DESC  : creates an select/options drop down block.
-//         the array needs to be key -> value format. key is for the option id and value is for the data output
+/**
+ * NOTE: OLD FORMAT which misses multiple block set
+ * creates an select/options drop down block.
+ * the array needs to be key -> value format.
+ * key is for the option id and value is for the data output
+ * @param  {String}  name                  name/id
+ * @param  {Object}  data                  array for the options
+ * @param  {String}  [selected='']         selected item uid
+ * @param  {Boolean} [options_only=false]  if this is true, it will not print the select part
+ * @param  {Boolean} [return_string=false] return as string and not as element
+ * @param  {String}  [sort='']             if empty as is, else allowed 'keys',
+ *                                         'values' all others are ignored
+ * @return {String}                        html with build options block
+ */
 function html_options(name, data, selected = '', options_only = false, return_string = false, sort = '')
 {
 	// wrapper to new call
 	return html_options_block(name, data, selected, false, options_only, return_string, sort);
 }
 
-// NOTE  : USE THIS CALL, the above one is deprecated
-// METHOD: html_options
-// PARAMS: name/id, array for the options,
-//         selected item uid
-//         multiple [def false] if this is true, the drop down will be turned into multiple select
-//         options_only [def false] if this is true, it will not print the select part
-//         return_string [def false]: return as string and not as element
-//         sort [def '']: if empty as is, else allowed 'keys', 'values' all others are ignored
-// RETURN: html with build options block
-// DESC  : creates an select/options drop down block.
-//         the array needs to be key -> value format. key is for the option id and value is for the data output
-function html_options_block(name, data, selected = '', multiple = false, options_only = false, return_string = false, sort = '')
+/**
+ * NOTE: USE THIS CALL, the above one is deprecated
+ * creates an select/options drop down block.
+ * the array needs to be key -> value format.
+ * key is for the option id and value is for the data output
+ * @param  {String}  name                  name/id
+ * @param  {Object}  data                  array for the options
+ * @param  {String}  [selected='']         selected item uid
+ * @param  {Number}  [multiple=0]          if this is 1 or larger, the drop down
+ *                                         will be turned into multiple select
+ *                                         the number sets the size value unless it is 1,
+ *                                         then it is default
+ * @param  {Boolean} [options_only=false]  if this is true, it will not print the select part
+ * @param  {Boolean} [return_string=false] return as string and not as element
+ * @param  {String}  [sort='']             if empty as is, else allowed 'keys',
+ *                                         'values' all others are ignored
+ * @return {String}                        html with build options block
+ */
+function html_options_block(name, data, selected = '', multiple = 0, options_only = false, return_string = false, sort = '')
 {
 	var content = [];
 	var element_select;
@@ -622,8 +700,11 @@ function html_options_block(name, data, selected = '', multiple = false, options
 	var data_list = []; // for sorted output
 	var value;
 	var option;
-	if (multiple === true) {
+	if (multiple > 0) {
 		select_options.multiple = '';
+		if (multiple > 1) {
+			select_options.size = multiple;
+		}
 	}
 	// set outside select, gets stripped on return if options only is true
 	element_select = cel('select', name, '', [], select_options);
@@ -640,14 +721,18 @@ function html_options_block(name, data, selected = '', multiple = false, options
 	// for (const [key, value] of Object.entries(data)) {
 	for (const key of data_list) {
 		value = data[key];
-		console.log('create [%s] options: key: %s, value: %s', name, key, value);
+		// console.log('create [%s] options: key: %s, value: %s', name, key, value);
 		// basic options init
 		options = {
 			'label': value,
 			'value': key
 		};
 		// add selected if matching
-		if (selected == key) {
+		if (multiple == 0 && !Array.isArray(selected) && selected == key) {
+			options.selected = '';
+		}
+		// for multiple, we match selected as array
+		if (multiple == 1 && Array.isArray(selected) && selected.indexOf(key) != -1) {
 			options.selected = '';
 		}
 		// create the element option
@@ -676,11 +761,13 @@ function html_options_block(name, data, selected = '', multiple = false, options
 	}
 }
 
-// METHOD: html_options_refill
-// PARAMS: name/id, array of options, sort = ''
-//         sort [def '']: if empty as is, else allowed 'keys', 'values' all others are ignored
-// RETURN: none
-// DESC  : refills a select box with options and keeps the selected
+/**
+ *  refills a select box with options and keeps the selected
+ * @param {String} name      name/id
+ * @param {Object} data      array of options
+ * @param {String} [sort=''] if empty as is, else allowed 'keys', 'values'
+ *                            all others are ignored
+ */
 function html_options_refill(name, data, sort = '')
 {
 	var element_option;
@@ -715,10 +802,9 @@ function html_options_refill(name, data, sort = '')
 }
 
 // *** MASTER logout call
-// METHOD: loginLogout
-// PARAMS: none
-// RETURN: none
-// DESC  : submits basic data for form logout
+/**
+ * submits basic data for form logout
+ */
 function loginLogout()
 {
 	const form = document.createElement('form');

www/layout/admin/javascript/edit.pt.js

@@ -1,4 +1,5 @@
 /* general edit javascript */
+/* prototype version */
 
 /* jshint esversion: 6 */
 
@@ -11,19 +12,21 @@ if (!DEBUG) {
 	});
 }*/
 
-// METHOD: pop
-// PARAMS: url, window name, features
-// RETURN: none
-// DESC  : opens a popup window with winName and given features (string)
+/**
+ * opens a popup window with winName and given features (string)
+ * @param {String} theURL   the url
+ * @param {String} winName  window name
+ * @param {Object} features popup features
+ */
 function pop(theURL, winName, features) {
 	winName = window.open(theURL, winName, features);
 	winName.focus();
 }
 
-// METHOD: expandTA
-// PARAMS: id
-// RETURN: none
-// DESC  : automatically resize a text area based on the amount of lines in it
+/**
+ * automatically resize a text area based on the amount of lines in it
+ * @param {[string} ta_id element id
+ */
 function expandTA(ta_id) {
 	var ta;
 	// if a string comes, its a get by id, else use it as an element pass on
@@ -44,12 +47,12 @@ function expandTA(ta_id) {
 	ta.rows = numNewRows + theRows.length;
 }
 
-// METHOD: ShowHideMenu
-// PARAMS: status -> show or hide
-//         id -> id to work on
-// RETURN: none
-// DESC:   shows or hides the menu
-//         this is used in some old menu templates
+/**
+ * shows or hides the menu
+ * this is used in some old menu templates
+ * @param {String} status show or hide
+ * @param {String} id     element id to work on
+ */
 function ShowHideMenu(status, id)
 {
 	if (status == 'show') {
@@ -65,8 +68,12 @@ function ShowHideMenu(status, id)
 	}
 }
 
-// used in old templates
-// move element action
+/**
+ * used in old templates
+ * move element action
+ * @param {String} id        element id to move
+ * @param {String} direction move direction
+ */
 function mv(id, direction)
 {
 	document.forms[form_name].action.value = 'move';
@@ -75,7 +82,11 @@ function mv(id, direction)
 	document.forms[form_name].submit();
 }
 
-// load element action
+/**
+ * used in old templates
+ * load element action
+ * @param {String} id the element id to load
+ */
 function le(id)
 {
 	document.forms[form_name].action.value = 'load';
@@ -91,13 +102,14 @@ function le(id)
 	}
 }
 
-// METHOD: sh
-// PARAMS: id -> element to hide
-//         showText -> text for the element if shown
-//         hideText -> text for the element if hidden
-// RETURN: returns true if hidden, or false if not
-// DESC  : hides an element, additional writes 1 (show) or 0 (hide) into <id>Flag field
-//         this needs scriptacolous installed for BlindUp/BlindDown
+/**
+ * hides an element, additional writes 1 (show) or 0 (hide) into <id>Flag field
+ * this needs scriptacolous installed for BlindUp/BlindDown
+ * @param  {String}  id       element id to hide
+ * @param  {String}  showText text for the element if shown
+ * @param  {String}  hideText text for the element if hidden
+ * @return {Boolean}          returns true if hidden, or false if not
+ */
 function sh(id, showText, hideText)
 {
 	flag = id + 'Flag';
@@ -120,10 +132,10 @@ function sh(id, showText, hideText)
 	return divStatus;
 }
 
-// METHOD: getWindowSize
-// PARAMS: none
-// RETURN: array with width/height
-// DESC  : wrapper to get the real window size for the current browser window
+/**
+ * wrapper to get the real window size for the current browser window
+ * @return {Object} object with width/height
+ */
 function getWindowSize()
 {
 	var width, height;
@@ -135,10 +147,10 @@ function getWindowSize()
 	};
 }
 
-// METHOD: getScrollOffset
-// PARAMS: none
-// RETURN: array with x/y px
-// DESC  : wrapper to get the correct scroll offset
+/**
+ * wrapper to get the correct scroll offset
+ * @return {Object} object with x/y px
+ */
 function getScrollOffset()
 {
 	var left, top;
@@ -150,10 +162,12 @@ function getScrollOffset()
 	};
 }
 
-// METHOD: setCenter
-// PARAMS: id to set center
-// RETURN: none
-// DESC  : centers div to current window size middle
+/**
+ * centers div to current window size middle
+ * @param {String}  id   element to center
+ * @param {Boolean} left if true centers to the middle from the left
+ * @param {Boolean} top  if true centers to the middle from the top
+ */
 function setCenter(id, left, top)
 {
 	// get size of id
@@ -179,10 +193,11 @@ function setCenter(id, left, top)
 	}
 }
 
-// METHOD: goToPos()
-// PARAMS: element, offset (default 0)
-// RETURN: none
-// DESC:   goes to an element id position
+/**
+ * goes to an element id position
+ * @param {String} element    element id to move to
+ * @param {Number} [offset=0] offset from top, default is 0 (px)
+ */
 function goToPos(element, offset = 0)
 {
 	try {
@@ -203,10 +218,12 @@ function goToPos(element, offset = 0)
 	}
 }
 
-// METHOD: __
-// PARAMS: text
-// RETURN: translated text (based on PHP selected language)
-// DESC  : uses the i18n array created in the translation template, that is filled from gettext in PHP (Smarty)
+/**
+ * uses the i18n object created in the translation template
+ * that is filled from gettext in PHP
+ * @param  {String} string text to translate
+ * @return {String}        translated text (based on PHP selected language)
+ */
 function __(string)
 {
 	if (typeof i18n !== 'undefined' && isObject(i18n) && i18n[string]) {
@@ -216,12 +233,13 @@ function __(string)
 	}
 }
 
-// METHOD: string.format
-// PARAMS: any, for string format
-// RETURN: formatted string
-// DESC  : simple sprintf formater for replace
-//         "{0} is cool, {1} is not".format("Alpha", "Beta");
-// First, checks if it isn't implemented yet.
+/**
+ * simple sprintf formater for replace
+ * usage: "{0} is cool, {1} is not".format("Alpha", "Beta");
+ * First, checks if it isn't implemented yet.
+ * @param  {String} !String.prototype.format string with elements to be replaced
+ * @return {String}                          Formated string
+ */
 if (!String.prototype.format) {
 	String.prototype.format = function()
 	{
@@ -236,25 +254,32 @@ if (!String.prototype.format) {
 	};
 }
 
-// METHOD: numberWithCommas
-// PARAMS: number
-// RETURN: formatted with , in thousands
-// DESC  : formats flat number 123456 to 123,456
+/**
+ * formats flat number 123456 to 123,456
+ * @param  {Number} x number to be formated
+ * @return {String}   formatted with , in thousands
+ */
 const numberWithCommas = (x) => {
 	var parts = x.toString().split(".");
 	parts[0] = parts[0].replace(/\B(?=(\d{3})+(?!\d))/g, ",");
 	return parts.join(".");
 };
 
-// METHOD:
-// PARAMS: string
-// RETURN: string with <br>
-// DESC  : converts line breaks to br
+/**
+ * converts line breaks to br
+ * @param  {String} string any string
+ * @return {String}        string with <br>
+ */
 function convertLBtoBR(string)
 {
 	return string.replace(/(?:\r\n|\r|\n)/g, '<br>');
 }
 
+/**
+ * escape HTML string
+ * @param  {String} !String.prototype.escapeHTML HTML data string to be escaped
+ * @return {String}                              escaped string
+ */
 if (!String.prototype.escapeHTML) {
 	String.prototype.escapeHTML = function() {
 		return this.replace(/[&<>"'\/]/g, function (s) {
@@ -272,6 +297,11 @@ if (!String.prototype.escapeHTML) {
 	};
 }
 
+/**
+ * unescape a HTML encoded string
+ * @param  {String} !String.prototype.unescapeHTML data with escaped entries
+ * @return {String}                                HTML formated string
+ */
 if (!String.prototype.unescapeHTML) {
 	String.prototype.unescapeHTML = function() {
 		return this.replace(/&[#\w]+;/g, function (s) {
@@ -289,31 +319,33 @@ if (!String.prototype.unescapeHTML) {
 	};
 }
 
-// METHOD: getTimestamp
-// PARAMS: none
-// RETURN: timestamp (in milliseconds)
-// DESC  : returns current timestamp (unix timestamp)
+/**
+ * returns current timestamp (unix timestamp)
+ * @return {Number} timestamp (in milliseconds)
+ */
 function getTimestamp()
 {
 	var date = new Date();
 	return date.getTime();
 }
 
-// METHOD: dec2hex
-// PARAMS: decimal string
-// RETURN: string
-// DESC  : dec2hex :: Integer -> String
-//         i.e. 0-255 -> '00'-'ff'
+/**
+ * dec2hex :: Integer -> String
+ * i.e. 0-255 -> '00'-'ff'
+ * @param  {Number} dec decimal string
+ * @return {String}     hex encdoded number
+ */
 function dec2hex(dec)
 {
 	return ('0' + dec.toString(16)).substr(-2);
 }
 
-// METHOD: generateId
-// PARAMS: lenght in int
-// RETURN: random string
-// DESC  : generateId :: Integer -> String
-//         only works on mondern browsers
+/**
+ * generateId :: Integer -> String
+ * only works on mondern browsers
+ * @param  {Number} len length of unique id string
+ * @return {String}     random string in length of len
+ */
 function generateId(len)
 {
 	var arr = new Uint8Array((len || 40) / 2);
@@ -321,20 +353,22 @@ function generateId(len)
 	return Array.from(arr, dec2hex).join('');
 }
 
-// METHOD: randomIdF()
-// PARAMS: none
-// RETURN: not true random string
-// DESC  : creates a pseudo random string of 10 characters
-//         after many runs it will create duplicates
+/**
+ * creates a pseudo random string of 10 characters
+ * works on all browsers
+ * after many runs it will create duplicates
+ * @return {String} not true random string
+ */
 function randomIdF()
 {
 	return Math.random().toString(36).substring(2);
 }
 
-// METHOD: isObject
-// PARAMS: possible object
-// RETURN: true/false if it is an object or not
-// DESC  : checks if a variable is an object
+/**
+ * checks if a variable is an object
+ * @param  {Mixed}   val possible object
+ * @return {Boolean}     true/false if it is an object or not
+ */
 function isObject(val) {
 	if (val === null) {
 		return false;
@@ -342,31 +376,55 @@ function isObject(val) {
 	return ((typeof val === 'function') || (typeof val === 'object'));
 }
 
-// METHOD: keyInObject
-// PARAMS: key name, object
-// RETURN: true/false if key exists in object
-// DESC  : checks if a key exists in a given object
+/**
+ * checks if a key exists in a given object
+ * @param  {String}  key    key name
+ * @param  {Object}  object object to search key in
+ * @return {Boolean}        true/false if key exists in object
+ */
 const keyInObject = (key, object) => (key in object) ? true : false;
 /*function keyInObject(key, object)
 {
 	return (key in object) ? true : false;
 }*/
 
-// METHOD: exists
-// PARAMS: uid
-// RETURN: true/false
-// DESC  : checks if a DOM element actually exists
-const exists = (id) => $('#' + id).length > 0 ? true : false;
+/**
+ * returns matching key of value
+ * @param  {Object} obj   object to search value in
+ * @param  {Mixed}  value any value (String, Number, etc)
+ * @return {String}       the key found for the first matching value
+ */
+const getKeyByValue = (obj, value) => Object.keys(obj).find(key => obj[key] === value);
+// function getKeyByValue(object, value)
+// {
+// 	return Object.keys(object).find(key => object[key] === value);
+// }
+
+/**
+ * returns true if value is found in object with a key
+ * @param  {Object}  obj   object to search value in
+ * @param  {Mixed}   value any value (String, Number, etc)
+ * @return {Boolean}       true on value found, false on not found
+ */
+const valueInObject = (obj, value) => (Object.keys(obj).find(key => obj[key] === value)) ? true : false;
+
+/**
+ * checks if a DOM element actually exists
+ * @param  {String}  id Element id to check for
+ * @return {Boolean}    true if element exists, false on failure
+ */
+const exists = (id) => $(id).length > 0 ? true : false;
 /*function exists(id)
 {
-	return $('#' + id).length > 0 ? true : false;
+	return $(id).length > 0 ? true : false;
 }*/
 
-// METHOD: formatBytes
-// PARAMS: bytes in int
-// RETURN: string in GB/MB/KB
-// DESC  : converts a int number into bytes with prefix in two decimals precision
-//         currently precision is fixed, if dynamic needs check for max/min precision
+/**
+ * converts a int number into bytes with prefix in two decimals precision
+ * currently precision is fixed, if dynamic needs check for max/min precision
+ * @param  {Number} bytes bytes in int
+ * @return {String}       string in GB/MB/KB
+ */
 function formatBytes(bytes)
 {
 	var i = -1;
@@ -378,10 +436,10 @@ function formatBytes(bytes)
 	return parseFloat(Math.round(bytes * Math.pow(10, 2)) / Math.pow(10, 2)) + ['kB', 'MB', 'GB', 'TB', 'PB', 'EB'][i];
 }
 
-// METHOD: errorCatch
-// PARAMS: err (error from try/catch
-// RETURN: none
-// DESC  : prints out error messages based on data available from the browser
+/**
+ * prints out error messages based on data available from the browser
+ * @param {Object} err error from try/catch block
+ */
 function errorCatch(err)
 {
 	// for FF & Chrome
@@ -407,10 +465,10 @@ function errorCatch(err)
 	}
 }
 
-// METHOD: actionIndicator
-// PARAMS: none
-// RETURN: none
-// DESC   : show or hide the "do" overlay
+/**
+ * show or hide the "do" overlay
+ * @param {String} [loc=''] location name for action indicator, default empty. for console.log
+ */
 function actionIndicator(loc = '')
 {
 	if ($('overlayBox').visible()) {
@@ -420,12 +478,11 @@ function actionIndicator(loc = '')
 	}
 }
 
-// METHOD: actionIndicatorShow/actionIndicatorHide
-// PARAMS: loc for console log info
-// RETURN: none
-// DESC  : explicit show/hide for action Indicator
-//         instead of automatically show or hide, do
-//         on command
+/**
+ * explicit show for action Indicator
+ * instead of automatically show or hide, do on command show
+ * @param {String} [loc=''] optional location name, empty if not set. for console.log
+ */
 function actionIndicatorShow(loc = '')
 {
 	console.log('Indicator: SHOW [%s]', loc);
@@ -434,6 +491,12 @@ function actionIndicatorShow(loc = '')
 	$('indicator').show();
 	overlayBoxShow();
 }
+
+/**
+ * explicit hide for action Indicator
+ * instead of automatically show or hide, do on command hide
+ * @param {String} [loc=''] optional location name, empty if not set. for console.log
+ */
 function actionIndicatorHide(loc = '')
 {
 	console.log('Indicator: HIDE [%s]', loc);
@@ -442,10 +505,9 @@ function actionIndicatorHide(loc = '')
 	overlayBoxHide();
 }
 
-// METHOD: overlayBoxView
-// PARAMS: none
-// RETURN: none
-// DESC  : shows or hides the overlay box
+/**
+ * shows the overlay box
+ */
 function overlayBoxShow()
 {
 	// check if overlay box exists and if yes set the z-index to 100
@@ -455,6 +517,10 @@ function overlayBoxShow()
 		$('overlayBox').show();
 	}
 }
+
+/**
+ * hides the overlay box
+ */
 function overlayBoxHide()
 {
 	// if the overlay box z-index is 100, do no hide, but set to 98
@@ -465,10 +531,9 @@ function overlayBoxHide()
 	}
 }
 
-// METHOD: setOverlayBox
-// PARAMS: none
-// RETURN: none
-// DESC   : position the overlay block box and shows it
+/**
+ * position the overlay block box and shows it
+ */
 function setOverlayBox()
 {
 	var viewport = document.viewport.getDimensions();
@@ -479,10 +544,9 @@ function setOverlayBox()
 	$('overlayBox').show();
 }
 
-// METHOD: ClearCall
-// PARAMS: none
-// RETURN: none
-// DESC  : the abort call, clears the action box and hides it and the overlay box
+/**
+ * the abort call, clears the action box and hides it and the overlay box
+ */
 function ClearCall()
 {
 	$('actionBox').innerHTML = '';
@@ -491,14 +555,15 @@ function ClearCall()
 }
 
 // *** DOM MANAGEMENT FUNCTIONS
-// METHOD: cel [create element]
-// PARAMS: tag: must set tag (div, span, etc)
-//         id: optional set for id, if input, select will be used for name
-//         content: text content inside, is skipped if sub elements exist
-//         css: array for css tags
-//         options: anything else (value, placeholder, OnClick, style)
-// RETURN: object
-// DESC  : creates object for DOM element creation flow
+/**
+ * reates object for DOM element creation flow
+ * @param  {String} tag          must set tag (div, span, etc)
+ * @param  {String} [id='']      optional set for id, if input, select will be used for name
+ * @param  {String} [content=''] text content inside, is skipped if sub elements exist
+ * @param  {Array}  [css=[]]     array for css tags
+ * @param  {Object} [options={}] anything else (value, placeholder, OnClick, style)
+ * @return {Object}              created element as an object
+ */
 const cel = (tag, id = '', content = '', css = [], options = {}) =>
 	_element = {
 		tag: tag,
@@ -510,12 +575,13 @@ const cel = (tag, id = '', content = '', css = [], options = {}) =>
 		sub: []
 	};
 
-// METHOD: ael [attach element]
-// PARAMS: base: object where to attach/search
-//         attach: the object to be attached
-//         id: optional id, if given search in base for this id and attach there
-// RETURN: "none", technically there is no return needed
-// DESC  : attach a cel created object to another to create a basic DOM tree
+/**
+ * attach a cel created object to another to create a basic DOM tree
+ * @param  {Object} base    object where to attach/search
+ * @param  {Object} attach  the object to be attached
+ * @param  {String} [id=''] optional id, if given search in base for this id and attach there
+ * @return {Object}         "none", technically there is no return needed as it is global attach
+ */
 function ael(base, attach, id = '')
 {
 	if (id) {
@@ -537,12 +603,13 @@ function ael(base, attach, id = '')
 	return base;
 }
 
-// METHOD: aelx [attach n elements]
-// PARAMS: base: object to where we attach the elements
-//         attach 1..n: attach directly to the base element those attachments
-// RETURN: "none", technically there is no return needed
-// DESC  : directly attach n elements to one master base element
-//         this type does not support attach with optional id
+/**
+ * directly attach n elements to one master base element
+ * this type does not support attach with optional id
+ * @param  {Object}    base   object to where we attach the elements
+ * @param  {...Object} attach attach 1..n: attach directly to the base element those attachments
+ * @return {Object}           "none", technically there is no return needed, global attach
+ */
 function aelx(base, ...attach)
 {
 	attach.each(function(t) {
@@ -551,19 +618,22 @@ function aelx(base, ...attach)
 	return base;
 }
 
-// METHOD: rel [reset element]
-// PARAMS: cel created element
-// RETURN: returns reset base element
-// DESC  : resets the sub elements of the base element given
+/**
+ * resets the sub elements of the base element given
+ * @param  {Object} base cel created element
+ * @return {Object}      returns reset base element
+ */
 const rel = (base) => {
 	base.sub = [];
 	return base;
 };
 
-// METHOD: rcssel [remove a css from the element]
-// PARAMS: element, style sheet to remove
-// RETURN: returns full element
-// DESC  : searches and removes style from css array
+/**
+ * searches and removes style from css array
+ * @param  {Object} _element element to work one
+ * @param  {String css      style sheet to remove (name)
+ * @return {Object}          returns full element
+ */
 function rcssel(_element, css)
 {
 	var css_index = _element.css.indexOf(css);
@@ -573,10 +643,12 @@ function rcssel(_element, css)
 	return _element;
 }
 
-// METHOD: acssel [add css element]
-// PARAMS: element, style sheet to add
-// RETURN: returns full element
-// DESC  : adds a new style sheet to the element given
+/**
+ * adds a new style sheet to the element given
+ * @param  {Object} _element element to work on
+ * @param  {String} css      style sheet to add (name)
+ * @return {Object}         returns full element
+ */
 function acssel(_element, css)
 {
 	var css_index = _element.css.indexOf(css);
@@ -586,11 +658,14 @@ function acssel(_element, css)
 	return _element;
 }
 
-// METHOD: scssel
-// PARAMS: element, style to remove, style to add
-// RETURN: returns full element
-// DESC  : removes one css and adds another
-//         is a wrapper around rcssel/acssel
+/**
+ * removes one css and adds another
+ * is a wrapper around rcssel/acssel
+ * @param  {Object} _element element to work on
+ * @param  {String} rcss     style to remove (name)
+ * @param  {String} acss     style to add (name)
+ * @return {Object}          returns full element
+ */
 function scssel(_element, rcss, acss)
 {
 	rcssel(_element, rcss);
@@ -598,12 +673,12 @@ function scssel(_element, rcss, acss)
 	return _element;
 }
 
-// METHOD: phfo [produce html from object]
-// PARAMS: object tree with dom element declarations
-// RETURN: HTML string that can be used as innerHTML
-// DESC  : parses the object tree created with cel/ael
-//         and converts it into an HTML string that can
-//         be inserted into the page
+/**
+ * parses the object tree created with cel/ael and converts it into an HTML string
+ * that can be inserted into the page
+ * @param  {Object} tree object tree with dom element declarations
+ * @return {String}      HTML string that can be used as innerHTML
+ */
 function phfo(tree)
 {
 	// holds the elements
@@ -665,33 +740,45 @@ function phfo(tree)
 
 // BLOCK: html wrappers for quickly creating html data blocks
 
-// NOTE  : OLD FORMAT which misses multiple block set
-// METHOD: html_options
-// PARAMS: name/id, array for the options, selected item uid
-//         options_only [def false] if this is true, it will not print the select part
-//         return_string [def false]: return as string and not as element
-//         sort [def '']: if empty as is, else allowed 'keys', 'values' all others are ignored
-// RETURN: html with build options block
-// DESC  : creates an select/options drop down block.
-//         the array needs to be key -> value format. key is for the option id and value is for the data output
+/**
+ * NOTE: OLD FORMAT which misses multiple block set
+ * creates an select/options drop down block.
+ * the array needs to be key -> value format.
+ * key is for the option id and value is for the data output
+ * @param  {String}  name                  name/id
+ * @param  {Object}  data                  array for the options
+ * @param  {String}  [selected='']         selected item uid
+ * @param  {Boolean} [options_only=false]  if this is true, it will not print the select part
+ * @param  {Boolean} [return_string=false] return as string and not as element
+ * @param  {String}  [sort='']             if empty as is, else allowed 'keys',
+ *                                         'values' all others are ignored
+ * @return {String}                        html with build options block
+ */
 function html_options(name, data, selected = '', options_only = false, return_string = false, sort = '')
 {
 	// wrapper to new call
 	return html_options_block(name, data, selected, false, options_only, return_string, sort);
 }
 
-// NOTE  : USE THIS CALL, the above one is deprecated
-// METHOD: html_options
-// PARAMS: name/id, array for the options,
-//         selected item uid
-//         multiple [def false] if this is true, the drop down will be turned into multiple select
-//         options_only [def false] if this is true, it will not print the select part
-//         return_string [def false]: return as string and not as element
-//         sort [def '']: if empty as is, else allowed 'keys', 'values' all others are ignored
-// RETURN: html with build options block
-// DESC  : creates an select/options drop down block.
-//         the array needs to be key -> value format. key is for the option id and value is for the data output
-function html_options_block(name, data, selected = '', multiple = false, options_only = false, return_string = false, sort = '')
+/**
+ * NOTE: USE THIS CALL, the above one is deprecated
+ * creates an select/options drop down block.
+ * the array needs to be key -> value format.
+ * key is for the option id and value is for the data output
+ * @param  {String}  name                  name/id
+ * @param  {Object}  data                  array for the options
+ * @param  {String}  [selected='']         selected item uid
+ * @param  {Number}  [multiple=0]          if this is 1 or larger, the drop down
+ *                                         will be turned into multiple select
+ *                                         the number sets the size value unless it is 1,
+ *                                         then it is default
+ * @param  {Boolean} [options_only=false]  if this is true, it will not print the select part
+ * @param  {Boolean} [return_string=false] return as string and not as element
+ * @param  {String}  [sort='']             if empty as is, else allowed 'keys',
+ *                                         'values' all others are ignored
+ * @return {String}                        html with build options block
+ */
+function html_options_block(name, data, selected = '', multiple = 0, options_only = false, return_string = false, sort = '')
 {
 	var content = [];
 	var element_select;
@@ -700,8 +787,11 @@ function html_options_block(name, data, selected = '', multiple = false, options
 	var data_list = []; // for sorted output
 	var value;
 	var option;
-	if (multiple === true) {
+	if (multiple > 0) {
 		select_options.multiple = '';
+		if (multiple > 1) {
+			select_options.size = multiple;
+		}
 	}
 	// set outside select, gets stripped on return if options only is true
 	element_select = cel('select', name, '', [], select_options);
@@ -718,14 +808,18 @@ function html_options_block(name, data, selected = '', multiple = false, options
 	// for (const [key, value] of Object.entries(data)) {
 	for (const key of data_list) {
 		value = data[key];
-		console.log('create [%s] options: key: %s, value: %s', name, key, value);
+		// console.log('create [%s] options: key: %s, value: %s', name, key, value);
 		// basic options init
 		options = {
 			'label': value,
 			'value': key
 		};
 		// add selected if matching
-		if (selected == key) {
+		if (multiple == 0 && !Array.isArray(selected) && selected == key) {
+			options.selected = '';
+		}
+		// for multiple, we match selected as array
+		if (multiple == 1 && Array.isArray(selected) && selected.indexOf(key) != -1) {
 			options.selected = '';
 		}
 		// create the element option
@@ -754,11 +848,13 @@ function html_options_block(name, data, selected = '', multiple = false, options
 	}
 }
 
-// METHOD: html_options_refill
-// PARAMS: name/id, array of options, sort = ''
-//         sort [def '']: if empty as is, else allowed 'keys', 'values' all others are ignored
-// RETURN: none
-// DESC  : refills a select box with options and keeps the selected
+/**
+ *  refills a select box with options and keeps the selected
+ * @param {String} name      name/id
+ * @param {Object} data      array of options
+ * @param {String} [sort=''] if empty as is, else allowed 'keys', 'values'
+ *                            all others are ignored
+ */
 function html_options_refill(name, data, sort = '')
 {
 	var element_option;
@@ -793,10 +889,9 @@ function html_options_refill(name, data, sort = '')
 }
 
 // *** MASTER logout call
-// METHOD: loginLogout
-// PARAMS: none
-// RETURN: none
-// DESC  : submits basic data for form logout
+/**
+ * submits basic data for form logout
+ */
 function loginLogout()
 {
 	const form = document.createElement('form');

www/layout/admin/javascript/jquery-3.4.1.js

@@ -1,5 +1,5 @@
 /*!
- * jQuery JavaScript Library v3.4.0
+ * jQuery JavaScript Library v3.4.1
  * https://jquery.com/
  *
  * Includes Sizzle.js
@@ -9,7 +9,7 @@
  * Released under the MIT license
  * https://jquery.org/license
  *
- * Date: 2019-04-10T19:48Z
+ * Date: 2019-05-01T21:04Z
  */
 ( function( global, factory ) {
 
@@ -142,7 +142,7 @@ function toType( obj ) {
 
 
 var
-	version = "3.4.0",
+	version = "3.4.1",
 
 	// Define a local copy of jQuery
 	jQuery = function( selector, context ) {
@@ -4498,8 +4498,12 @@ var documentElement = document.documentElement;
 		},
 		composed = { composed: true };
 
+	// Support: IE 9 - 11+, Edge 12 - 18+, iOS 10.0 - 10.2 only
 	// Check attachment across shadow DOM boundaries when possible (gh-3504)
-	if ( documentElement.attachShadow ) {
+	// Support: iOS 10.0-10.2 only
+	// Early iOS 10 versions support `attachShadow` but not `getRootNode`,
+	// leading to errors. We need to check for `getRootNode`.
+	if ( documentElement.getRootNode ) {
 		isAttached = function( elem ) {
 			return jQuery.contains( elem.ownerDocument, elem ) ||
 				elem.getRootNode( composed ) === elem.ownerDocument;
@@ -5359,8 +5363,7 @@ jQuery.event = {
 
 				// Claim the first handler
 				if ( rcheckableType.test( el.type ) &&
-					el.click && nodeName( el, "input" ) &&
-					dataPriv.get( el, "click" ) === undefined ) {
+					el.click && nodeName( el, "input" ) ) {
 
 					// dataPriv.set( el, "click", ... )
 					leverageNative( el, "click", returnTrue );
@@ -5377,8 +5380,7 @@ jQuery.event = {
 
 				// Force setup before triggering a click
 				if ( rcheckableType.test( el.type ) &&
-					el.click && nodeName( el, "input" ) &&
-					dataPriv.get( el, "click" ) === undefined ) {
+					el.click && nodeName( el, "input" ) ) {
 
 					leverageNative( el, "click" );
 				}
@@ -5419,7 +5421,9 @@ function leverageNative( el, type, expectSync ) {
 
 	// Missing expectSync indicates a trigger call, which must force setup through jQuery.event.add
 	if ( !expectSync ) {
-		jQuery.event.add( el, type, returnTrue );
+		if ( dataPriv.get( el, type ) === undefined ) {
+			jQuery.event.add( el, type, returnTrue );
+		}
 		return;
 	}
 
@@ -5434,9 +5438,13 @@ function leverageNative( el, type, expectSync ) {
 			if ( ( event.isTrigger & 1 ) && this[ type ] ) {
 
 				// Interrupt processing of the outer synthetic .trigger()ed event
-				if ( !saved ) {
+				// Saved data should be false in such cases, but might be a leftover capture object
+				// from an async native handler (gh-4350)
+				if ( !saved.length ) {
 
 					// Store arguments for use when handling the inner native event
+					// There will always be at least one argument (an event object), so this array
+					// will not be confused with a leftover capture object.
 					saved = slice.call( arguments );
 					dataPriv.set( this, type, saved );
 
@@ -5449,14 +5457,14 @@ function leverageNative( el, type, expectSync ) {
 					if ( saved !== result || notAsync ) {
 						dataPriv.set( this, type, false );
 					} else {
-						result = undefined;
+						result = {};
 					}
 					if ( saved !== result ) {
 
 						// Cancel the outer synthetic event
 						event.stopImmediatePropagation();
 						event.preventDefault();
-						return result;
+						return result.value;
 					}
 
 				// If this is an inner synthetic event for an event with a bubbling surrogate
@@ -5471,17 +5479,19 @@ function leverageNative( el, type, expectSync ) {
 
 			// If this is a native event triggered above, everything is now in order
 			// Fire an inner synthetic event with the original arguments
-			} else if ( saved ) {
+			} else if ( saved.length ) {
 
 				// ...and capture the result
-				dataPriv.set( this, type, jQuery.event.trigger(
+				dataPriv.set( this, type, {
+					value: jQuery.event.trigger(
 
-					// Support: IE <=9 - 11+
-					// Extend with the prototype to reset the above stopImmediatePropagation()
-					jQuery.extend( saved.shift(), jQuery.Event.prototype ),
-					saved,
-					this
-				) );
+						// Support: IE <=9 - 11+
+						// Extend with the prototype to reset the above stopImmediatePropagation()
+						jQuery.extend( saved[ 0 ], jQuery.Event.prototype ),
+						saved.slice( 1 ),
+						this
+					)
+				} );
 
 				// Abort handling of the native event
 				event.stopImmediatePropagation();

www/layout/admin/javascript/jquery.js

@@ -1 +1 @@
-jquery-3.4.0.js
+jquery-3.4.1.js

www/layout/admin/javascript/jquery.min.js

@@ -1 +1 @@
-jquery-3.4.0.min.js
+jquery-3.4.1.min.js

www/layout/frontend/javascript/debug.js

@@ -1 +1 @@
-../../../admin/default/javascript/debug.js
+../../admin/javascript/debug.js

www/layout/frontend/javascript/fineuploader

@@ -1 +1 @@
-../../../admin/default/javascript/fineuploader/
+../../admin/javascript/fineuploader/

www/layout/frontend/javascript/firebug.js

@@ -1 +1 @@
-../../../admin/default/javascript/firebug.js
+../../admin/javascript/firebug.js

www/lib/CoreLibs/ACL/Login.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /*********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2000/06/01
@@ -62,12 +62,13 @@ namespace CoreLibs\ACL;
 class Login extends \CoreLibs\DB\IO
 {
 	private $euid; // the user id var
-	private $permission_okay = 0; // is set to one if login okay, or EUID is set and user is okay to access this page
+	private $permission_okay = false; // is set to one if login okay, or EUID is set and user is okay to access this page
 	public $login; // pressed login
+	private $action; // master action command
 	private $username; // login name
 	private $password; // login password
 	private $logout; // logout button
-	private $login_error; // login error code, can be matched to the array login_error_msg, which holds the string
+	private $login_error = 0; // login error code, can be matched to the array login_error_msg, which holds the string
 	private $password_change = false; // if this is set to true, the user can change passwords
 	private $password_change_ok = false; // password change was successful
 	private $password_forgot = false; // can we reset password and mail to user with new password set screen
@@ -77,43 +78,54 @@ class Login extends \CoreLibs\DB\IO
 	private $pw_old_password;
 	private $pw_new_password;
 	private $pw_new_password_confirm;
-	private $pw_change_deny_users = array (); // array of users for which the password change is forbidden
+	private $pw_change_deny_users = array(); // array of users for which the password change is forbidden
+	private $logout_target;
+	private $max_login_error_count = -1;
+	private $lock_deny_users = array();
 
 	// if we have password change we need to define some rules
 	private $password_min_length = PASSWORD_MIN_LENGTH;
 	// max length is fixed as 255 (for input type max), if set highter, it will be set back to 255
 	private $password_max_length = PASSWORD_MAX_LENGTH;
 	// can have several regexes, if nothing set, all is ok
-	private $password_valid_chars = array (
+	private $password_valid_chars = array(
 		// '^(?=.*\d)(?=.*[A-Za-z])[0-9A-Za-z!@#$%]{8,}$',
 		// '^(?.*(\pL)u)(?=.*(\pN)u)(?=.*([^\pL\pN])u).{8,}',
 	);
 
 	// all possible login error conditions
-	private $login_error_msg = array ();
+	private $login_error_msg = array();
 	// this is an array holding all strings & templates passed from the outside (translation)
-	private $login_template = array (
-		'strings' => array (),
+	private $login_template = array(
+		'strings' => array(),
 		'password_change' => '',
 		'template' => ''
 	);
 
 	// acl vars
-	public $acl = array ();
-	public $default_acl_list = array ();
+	public $acl = array();
+	public $default_acl_list = array();
+	// login html, if we are on an ajax page
+	private $login_html = '';
+	private $login_is_ajax_page = false;
 
-	// METHOD: login
-	// PARAMS: db_config -> array for logging in to DB where edit_users tables are
-	//        db_debug -> sets debug output for db_io (can be overruled with DB_DEBUG)
-	// RETURN: none
-	// DESC  : cunstroctuor, does ALL, opens db, works through connection checks, closes itself
-	public function __construct($db_config, $lang = 'en_utf8', $debug = 0, $db_debug = 0, $echo = 1, $print = 0)
+	// language
+	public $l;
+
+	/**
+	 * constructor, does ALL, opens db, works through connection checks, closes itself
+	 * @param array  $db_config        db config array
+	 * @param string $lang             language string (default en_utf8)
+	 * @param int    $set_control_flag class variable check flags
+	 */
+	public function __construct(array $db_config, string $lang = 'en_utf8', int $set_control_flag = 0)
 	{
 		// log login data for this class only
 		$this->log_per_class = 1;
 
 		// create db connection and init base class
-		if (!parent::__construct($db_config, $debug, $db_debug, $echo, $print)) {
+		parent::__construct($db_config, $set_control_flag);
+		if ($this->db_init_error === true) {
 			echo 'Could not connect to DB<br>';
 			// if I can't connect to the DB to auth exit hard. No access allowed
 			exit;
@@ -136,16 +148,21 @@ class Login extends \CoreLibs\DB\IO
 			exit;
 		}
 
+		// set global is ajax page for if we show the data directly, or need to pass it back
+		// to the continue AJAX class for output back to the user
+		$this->login_is_ajax_page = $this->ajax_page_flag;
+
 		$this->l = new \CoreLibs\Language\L10n($lang);
 
 		// if we have a search path we need to set it, to use the correct DB to login
 		// check what schema to use. if there is a login schema use this, else check if there is a schema set in the config, or fall back to DB_SCHEMA if this exists, if this also does not exists use public schema
 		if (defined('LOGIN_DB_SCHEMA')) {
+			/** @phan-suppress-next-line PhanUndeclaredConstant */
 			$SCHEMA = LOGIN_DB_SCHEMA;
-		} elseif ($db_config['db_schema']) {
+		} elseif (isset($db_config['db_schema']) && $db_config['db_schema']) {
 			$SCHEMA = $db_config['db_schema'];
-		} elseif (defined('DB_SCHEMA')) {
-			$SCHEMA = DB_SCHEMA;
+		} elseif (defined('PUBLIC_SCHEMA')) {
+			$SCHEMA = PUBLIC_SCHEMA;
 		} else {
 			$SCHEMA = 'public';
 		}
@@ -197,7 +214,7 @@ class Login extends \CoreLibs\DB\IO
 		// logout target (from config)
 		$this->logout_target = LOGOUT_TARGET;
 		// disallow user list for password change
-		$this->pw_change_deny_users = array ('admin');
+		$this->pw_change_deny_users = array('admin');
 		// set flag if password change is okay
 		if (defined('PASSWORD_CHANGE')) {
 			$this->password_change = PASSWORD_CHANGE;
@@ -209,23 +226,15 @@ class Login extends \CoreLibs\DB\IO
 		// max login counts before error reporting
 		$this->max_login_error_count = 10;
 		// users that never get locked, even if they are set strict
-		$this->lock_deny_users = array ('admin');
-
-		// internal
-		$this->class_info['login'] = array(
-			'class_name' => 'Login',
-			'class_version' => '5.0.0',
-			'class_created' => '2000-06-01',
-			'class_author' => 'Clemens Schwaighofer'
-		);
+		$this->lock_deny_users = array('admin');
 
 		// init default ACL list array
-		$_SESSION['DEFAULT_ACL_LIST'] = array ();
+		$_SESSION['DEFAULT_ACL_LIST'] = array();
 		// read the current edit_access_right list into an array
 		$q = "SELECT level, type, name FROM edit_access_right WHERE level >= 0 ORDER BY level";
 		while ($res = $this->dbReturn($q)) {
 			// level to description format (numeric)
-			$this->default_acl_list[$res['level']] = array (
+			$this->default_acl_list[$res['level']] = array(
 				'type' => $res['type'],
 				'name' => $res['name']
 			);
@@ -248,41 +257,61 @@ class Login extends \CoreLibs\DB\IO
 			$this->loginPasswordForgot();
 		}
 		// if !$euid || permission not okay, print login screan
-		echo $this->loginPrintLogin();
+		$this->login_html = $this->loginPrintLogin();
 		// closing all connections, depending on error status, exit
 		if (!$this->loginCloseClass()) {
-			// do not go anywhere, quit processing here
-			// do something with possible debug data?
-			if (TARGET == 'live' || TARGET == 'remote')	{
-				// login
-				$this->debug_output_all = DEBUG ? 1 : 0;
-				$this->echo_output_all = 0;
-				$this->print_output_all = DEBUG ? 1 : 0;
+			// if variable AJAX flag is not set, show output, else pass through for ajax work
+			if ($this->login_is_ajax_page !== true) {
+				// the login screen if we hav no login permission & login screen html data
+				if ($this->login_html !== null) {
+					echo $this->login_html;
+				}
+				// do not go anywhere, quit processing here
+				// do something with possible debug data?
+				if (TARGET == 'live' || TARGET == 'remote')	{
+					// login
+					$this->debug_output_all = DEBUG ? 1 : 0;
+					$this->echo_output_all = 0;
+					$this->print_output_all = DEBUG ? 1 : 0;
+				}
+				$status_msg = $this->printErrorMsg();
+				if ($this->echo_output_all) {
+					echo $status_msg;
+				}
+				// exit so we don't process anything further, at all
+				exit;
+			} else {
+				// if we are on an ajax page reset any POST/GET array data to avoid
+				// any accidentical processing going on
+				$_POST = array();
+				$_GET = array();
+				// set the action to login so we can trigger special login html return
+				$_POST['action'] = 'login';
+				$_POST['login_html'] = $this->login_html;
+				// NOTE: this part needs to be catched by the frontend AJAX
+				// and some function needs to then set something like this
+				// document.getElementsByTagName('html')[0].innerHTML  = data.content.login_html;
 			}
-			$status_msg = $this->printErrorMsg();
-			if ($this->echo_output_all) {
-				echo $status_msg;
-			}
-			exit;
 		}
 		// set acls for this user/group and this page
 		$this->loginSetAcl();
 	}
 
-	// METHOD: _login
-	// PARAMS: none
-	// RETURN: none
-	// DESC  : deconstructory, called with the last function to close DB connection
+	/**
+	 * deconstructory, called with the last function to close DB connection
+	 */
 	public function __destruct()
 	{
 		parent::__destruct();
 	}
 
-	// METHOD: loginPasswordCheck
-	// PARAMS: hash, optional password, to override
-	// RETURN: true or false
-	// DESC  : checks if password is valid, sets internal error login variable
-	private function loginPasswordCheck($hash, $password = '')
+	/**
+	 * checks if password is valid, sets internal error login variable
+	 * @param  string $hash     password hash
+	 * @param  string $password submitted password
+	 * @return bool             true or false on password ok or not
+	 */
+	private function loginPasswordCheck(string $hash, string $password = ''): bool
 	{
 		// check with what kind of prefix the password begins:
 		// $2a$ or $2y$: BLOWFISCH
@@ -306,6 +335,7 @@ class Login extends \CoreLibs\DB\IO
 			(preg_match("/^\\$2(y)\\$/", $hash) && preg_match("/\\$07\\$/", $hash)) ||
 			preg_match("/^\\$1\\$/", $hash) ||
 			preg_match("/^\\$[0-9A-Za-z.]{12}$/", $hash)) &&
+			/** @phan-suppress-next-line PhanDeprecatedFunction */
 			!$this->verifyCryptString($password, $hash)
 		) {
 			// check passwword as crypted, $2a$ or $2y$ is blowfish start, $1$ is MD5 start, $\w{12} is standard DES
@@ -333,11 +363,10 @@ class Login extends \CoreLibs\DB\IO
 		return $password_ok;
 	}
 
-	// METHOD: loginLoginUser
-	// WAS   : login_login_user
-	// PARAMS: none
-	// RETURN: none
-	// DESC  : if user pressed login button this script is called, but only if there is no preview euid set
+	/**
+	 * if user pressed login button this script is called, but only if there is no preview euid set]
+	 * @return void has not return
+	 */
 	private function loginLoginUser()
 	{
 		// have to get the global stuff here for setting it later
@@ -366,7 +395,7 @@ class Login extends \CoreLibs\DB\IO
 				$q .= "(LOWER(username) = '".$this->dbEscapeString(strtolower($this->username))."') ";
 				$res = $this->dbReturn($q);
 				// username is wrong, but we throw for wrong username and wrong password the same error
-				if (!$this->cursor_ext[md5($q)]["num_rows"]) {
+				if (!$this->cursor_ext[md5($q)]['num_rows']) {
 					$this->login_error = 1010;
 				} else {
 					// if login errors is half of max errors and the last login error was less than 10s ago, forbid any new login try
@@ -423,21 +452,26 @@ class Login extends \CoreLibs\DB\IO
 								$q .= "WHERE edit_user_id = ".$res['edit_user_id'];
 								$this->dbExec($q);
 							}
-							$pages = array();
 							$edit_page_ids = array();
+							$pages = array();
+							$pages_acl = array();
 							// set pages access
-							$q = "SELECT ep.edit_page_id, filename, ep.name AS edit_page_name, ep.order_number AS edit_page_order, menu, ";
-							$q .= "popup, popup_x, popup_y, online, ear.level, ear.type ";
-							$q .= "FROM edit_page ep, edit_page_access epa, edit_access_right ear ";
+							$q = "SELECT ep.edit_page_id, ep.cuid, epca.cuid AS content_alias_uid, ep.filename, ep.name AS edit_page_name, ep.order_number AS edit_page_order, ep.menu, ";
+							$q .= "ep.popup, ep.popup_x, ep.popup_y, ep.online, ear.level, ear.type ";
+							$q .= "FROM edit_page ep ";
+							$q .= "LEFT JOIN edit_page epca ON (epca.edit_page_id = ep.content_alias_edit_page_id)";
+							$q .= ", edit_page_access epa, edit_access_right ear ";
 							$q .= "WHERE ep.edit_page_id = epa.edit_page_id AND ear.edit_access_right_id = epa.edit_access_right_id ";
 							$q .= "AND epa.enabled = 1 AND epa.edit_group_id = ".$res["edit_group_id"]." ";
 							$q .= "ORDER BY ep.order_number";
 							while ($res = $this->dbReturn($q)) {
 								// page id array for sub data readout
-								$edit_page_ids[] = $res['edit_page_id'];
+								$edit_page_ids[$res['edit_page_id']] = $res['cuid'];
 								// create the array for pages
-								array_push($pages, array (
+								$pages[$res['cuid']] = array(
 									'edit_page_id' => $res['edit_page_id'],
+									'cuid' => $res['cuid'],
+									'content_alias_uid' => $res['content_alias_uid'], // for reference of content data on a differen page
 									'filename' => $res['filename'],
 									'page_name' => $res['edit_page_name'],
 									'order' => $res['edit_page_order'],
@@ -448,9 +482,9 @@ class Login extends \CoreLibs\DB\IO
 									'online' => $res['online'],
 									'acl_level' => $res['level'],
 									'acl_type' => $res['type'],
-									'query' => array (),
-									'visible' => array ()
-								));
+									'query' => array(),
+									'visible' => array()
+								);
 								// make reference filename -> level
 								$pages_acl[$res['filename']] = $res['level'];
 							} // for each page
@@ -458,33 +492,42 @@ class Login extends \CoreLibs\DB\IO
 							$_edit_page_id = 0;
 							$q = "SELECT epvg.edit_page_id, name, flag ";
 							$q .= "FROM edit_visible_group evp, edit_page_visible_group epvg ";
-							$q .= "WHERE evp.edit_visible_group_id = epvg.edit_visible_group_id AND epvg.edit_page_id IN (".join(', ', $edit_page_ids).") ";
+							$q .= "WHERE evp.edit_visible_group_id = epvg.edit_visible_group_id AND epvg.edit_page_id IN (".join(', ', array_keys($edit_page_ids)).") ";
 							$q .= "ORDER BY epvg.edit_page_id";
 							while ($res = $this->dbReturn($q)) {
-								if ($res['edit_page_id'] != $_edit_page_id) {
-									// search the pos in the array push
-									$pos = $this->arraySearchRecursive($res['edit_page_id'], $pages, 'edit_page_id');
-									$_edit_page_id = $res['edit_page_id'];
-								}
-								$pages[$pos[0]]['visible'][$res['name']] = $res['flag'];
+								$pages[$edit_page_ids[$res['edit_page_id']]]['visible'][$res['name']] = $res['flag'];
 							}
 							// get the same for the query strings
 							$_edit_page_id = 0;
 							$q = "SELECT eqs.edit_page_id, name, value, dynamic FROM edit_query_string eqs ";
-							$q .= "WHERE enabled = 1 AND edit_page_id IN (".join(', ', $edit_page_ids).") ORDER BY eqs.edit_page_id";
+							$q .= "WHERE enabled = 1 AND edit_page_id IN (".join(', ', array_keys($edit_page_ids)).") ";
+							$q .= "ORDER BY eqs.edit_page_id";
 							while ($res = $this->dbReturn($q)) {
-								if ($res['edit_page_id'] != $_edit_page_id)	{
-									// search the pos in the array push
-									$pos = $this->arraySearchRecursive($res['edit_page_id'], $pages, 'edit_page_id');
-									$_edit_page_id = $res['edit_page_id'];
-								}
-								$pages[$pos[0]]['query'][] = array (
+								$pages[$edit_page_ids[$res['edit_page_id']]]['query'][] = array(
 									'name' => $res['name'],
 									'value' => $res['value'],
 									'dynamic' => $res['dynamic']
 								);
 							}
-
+							// get the page content and add them to the page
+							$_edit_page_id = 0;
+							$q = "SELECT epc.edit_page_id, epc.name, epc.uid, epc.order_number, epc.online, ear.level, ear.type ";
+							$q .= "FROM edit_page_content epc, edit_access_right ear ";
+							$q .= "WHERE epc.edit_access_right_id = ear.edit_access_right_id AND ";
+							$q .= "epc.edit_page_id IN (".join(', ', array_keys($edit_page_ids)).") ";
+							$q .= "ORDER BY epc.order_number";
+							while ($res = $this->dbReturn($q)) {
+								$pages[$edit_page_ids[$res['edit_page_id']]]['content'][$res['uid']] = array(
+									'name' => $res['name'],
+									'uid' => $res['uid'],
+									'online' => $res['online'],
+									'order' => $res['order_number'],
+									// access name and level
+									'acl_type' => $res['type'],
+									'acl_level' => $res['level']
+								);
+							}
+							// write back the pages data to the output array
 							$_SESSION['PAGES'] = $pages;
 							$_SESSION['PAGES_ACL_LEVEL'] = $pages_acl;
 							// load the edit_access user rights
@@ -499,12 +542,12 @@ class Login extends \CoreLibs\DB\IO
 							while ($res = $this->dbReturn($q)) {
 								// read edit access data fields and drop them into the unit access array
 								$q_sub ="SELECT name, value FROM edit_access_data WHERE enabled = 1 AND edit_access_id = ".$res['edit_access_id'];
-								$ea_data = array ();
+								$ea_data = array();
 								while ($res_sub = $this->dbReturn($q_sub)) {
 									$ea_data[$res_sub['name']] = $res_sub['value'];
 								}
 								// build master unit array
-								$unit_access[$res['edit_access_id']] = array (
+								$unit_access[$res['edit_access_id']] = array(
 									'id' => $res['edit_access_id'],
 									'acl_level' => $res['level'],
 									'acl_type' => $res['type'],
@@ -528,16 +571,19 @@ class Login extends \CoreLibs\DB\IO
 						} // user has permission to THIS page
 					} // user was not enabled or other login error
 					if ($this->login_error) {
+						$login_error_date_first = '';
 						if ($res['login_error_count'] == 0) {
-							$login_error_date_first = ', login_error_date_first = NOW()';
+							$login_error_date_first = ", login_error_date_first = NOW()";
 						}
 						// update login error count for this user
 						$q = "UPDATE edit_user ";
-						$q .= "SET login_error_count = login_error_count + 1, login_error_date_last = NOW() $login_error_date_first ";
+						$q .= "SET login_error_count = login_error_count + 1, login_error_date_last = NOW() ".$login_error_date_first." ";
 						$q .= "WHERE edit_user_id = ".$res['edit_user_id'];
 						$this->dbExec($q);
 						// totally lock the user if error max is reached
-						if ($res['login_error_count'] + 1 > $this->max_login_error_count) {
+						if ($this->max_login_error_count != -1 &&
+							$res['login_error_count'] + 1 > $this->max_login_error_count
+						) {
 							// do some alert reporting in case this error is too big
 							// if strict is set, lock this user
 							// this needs manual unlocking by an admin user
@@ -551,16 +597,15 @@ class Login extends \CoreLibs\DB\IO
 			// if there was an login error, show login screen
 			if ($this->login_error) {
 				// reset the perm var, to confirm logout
-				$this->permission_okay = 0;
+				$this->permission_okay = false;
 			}
 		} // if he pressed login at least and is not yet loggined in
 	}
 
-	// METHOD: loginCheckPermissions
-	// WAS   : login_check_permission
-	// PARAMS: none
-	// RETUNR none
-	// DESC  : for every page the user access this script checks if he is allowed to do so
+	/**
+	 * for every page the user access this script checks if he is allowed to do so
+	 * @return bool permission okay as true/false
+	 */
 	public function loginCheckPermissions()
 	{
 		if ($this->euid && $this->login_error != 103) {
@@ -573,27 +618,27 @@ class Login extends \CoreLibs\DB\IO
 			// if (($GLOBALS["DEBUG_ALL"] || $GLOBALS["DB_DEBUG"] || $_SESSION["DEBUG_ALL"] || $_SESSION["DB_DEBUG"]) && ini_get('memory_limit') != -1)
 			// 	ini_set('memory_limit', -1);
 			if ($res['filename'] == $this->page_name) {
-				$this->permission_okay = 1;
+				$this->permission_okay = true;
 			} else {
 				$this->login_error = 103;
-				$this->permission_okay = 0;
+				$this->permission_okay = false;
 			}
 		}
 		// if called from public, so we can check if the permissions are ok
 		return $this->permission_okay;
 	}
 
-	// METHOD: loginLogoutUser
-	// WAS   : login_logout_user
-	// PARAMS: none
-	// RETURN: none
-	// DESC  : if a user pressed on logout, destroyes session and unsets all global vars
+	/**
+	 * if a user pressed on logout, destroyes session and unsets all global vars
+	 * @return void has no return
+	 */
 	public function loginLogoutUser()
 	{
 		if ($this->logout || $this->login_error) {
 			// unregister and destroy session vars
 			unset($_SESSION['EUID']);
-			unset($_SESSION['GROUP_LEVEL']);
+			unset($_SESSION['GROUP_ACL_LEVEL']);
+			unset($_SESSION['USER_ACL_LEVEL']);
 			unset($_SESSION['PAGES']);
 			unset($_SESSION['USER_NAME']);
 			unset($_SESSION['UNIT']);
@@ -608,7 +653,7 @@ class Login extends \CoreLibs\DB\IO
 			unset($_SESSION['HEADER_COLOR']);
 			session_destroy();
 			// then prints the login screen again
-			$this->permission_okay = 0;
+			$this->permission_okay = false;
 		}
 	}
 
@@ -630,6 +675,23 @@ class Login extends \CoreLibs\DB\IO
 	//         * if an account ACL is set, set this parallel, account ACL overrides user ACL if it applies
 	//         * if edit access ACL level is set, use this, else use page
 	//         set all base ACL levels as a list keyword -> ACL number
+	/**
+	 * sets all the basic ACLs
+	 * init set the basic acl the user has, based on the following rules
+	 * - init set from config DEFAULT ACL
+	 * - if page ACL is set, it overrides the default ACL
+	 * - if group ACL is set, it overrides the page ACL
+	 * - if user ACL is set, it overrides the group ACL
+	 * set the page ACL
+	 * - default ACL set
+	 * - set group ACL if not default overrides default ACL
+	 * - set page ACL if not default overrides group ACL
+	 * set edit access ACL and set default edit access group
+	 * - if an account ACL is set, set this parallel, account ACL overrides user ACL if it applies
+	 * - if edit access ACL level is set, use this, else use page
+	 * set all base ACL levels as a list keyword -> ACL number
+	 * @return void has no return
+	 */
 	private function loginSetAcl()
 	{
 		// only set acl if we have permission okay
@@ -658,6 +720,7 @@ class Login extends \CoreLibs\DB\IO
 					$this->acl['base'] = $_SESSION['USER_ACL_LEVEL'];
 				}
 			}
+			$_SESSION['BASE_ACL_LEVEL'] = $this->acl['base'];
 
 			// set the current page acl
 			// start with default acl
@@ -684,7 +747,7 @@ class Login extends \CoreLibs\DB\IO
 					}
 				}
 				// detail name/level set
-				$this->acl['unit_detail'][$ea_id] = array (
+				$this->acl['unit_detail'][$ea_id] = array(
 					'name' => $unit['name'],
 					'uid' => $unit['uid'],
 					'level' => $this->default_acl_list[$this->acl['unit'][$ea_id]]['name'],
@@ -700,9 +763,9 @@ class Login extends \CoreLibs\DB\IO
 			}
 			// flag if to show extra edit access drop downs (because user has multiple groups assigned)
 			if (count($_SESSION['UNIT']) > 1) {
-				$this->acl['show_ea_extra'] = 1;
+				$this->acl['show_ea_extra'] = true;
 			} else {
-				$this->acl['show_ea_extra'] = 0;
+				$this->acl['show_ea_extra'] = false;
 			}
 			// set the default edit access
 			$this->acl['default_edit_access'] = $_SESSION['UNIT_DEFAULT'];
@@ -717,12 +780,12 @@ class Login extends \CoreLibs\DB\IO
 		}
 	}
 
-	// METHOD: loginCheckEditAccess
-	// WAS   : login_check_edit_access
-	// PARAMS: edit_access_id to check
-	// RETURN: true/false: if the edit access is not in the valid list: false
-	// DESC  : checks if this edit access id is valid
-	public function loginCheckEditAccess($edit_access_id)
+	/**
+	 * checks if this edit access id is valid
+	 * @param  int $edit_access_id access id pk to check
+	 * @return bool                true/false: if the edit access is not in the valid list: false
+	 */
+	public function loginCheckEditAccess($edit_access_id): bool
 	{
 		if (array_key_exists($edit_access_id, $this->acl['unit'])) {
 			return true;
@@ -731,10 +794,11 @@ class Login extends \CoreLibs\DB\IO
 		}
 	}
 
-	// METHOD: loginPasswordChangeValidPassword
-	// PARAMS: the new password
-	// RETURN: true or false
-	// DESC  : checks if the password is in a valid format
+	/**
+	 * checks if the password is in a valid format
+	 * @param  string $password the new password
+	 * @return bool             true or false if valid password or not
+	 */
 	private function loginPasswordChangeValidPassword($password)
 	{
 		$is_valid_password = true;
@@ -753,11 +817,21 @@ class Login extends \CoreLibs\DB\IO
 		return $is_valid_password;
 	}
 
-	// METHOD: loginSetPasswordMinLength
-	// PARAMS: set the minimum length
-	// RETURN: true/false on success
-	// DESC  : sets the minium length and checks on valid
-	public function loginSetPasswordMinLength($length)
+	/**
+	 * dummy declare for password forget
+	 * @return void has no return
+	 */
+	private function loginPasswordForgot()
+	{
+		// will do some password recovert, eg send email
+	}
+
+	/**
+	 * sets the minium length and checks on valid
+	 * @param  int  $length set the minimum length
+	 * @return bool         true/false on success
+	 */
+	public function loginSetPasswordMinLength(int $length): bool
 	{
 		// check that numeric, positive numeric, not longer than max input string lenght
 		// and not short than min password length
@@ -769,17 +843,20 @@ class Login extends \CoreLibs\DB\IO
 		}
 	}
 
-	// METHOD: loginPasswordChange
-	// WAS   : login_password_change
-	// PARAMS: none
-	// RETURN: none
-	// DESC  : changes a user password
+	/**
+	 * changes a user password
+	 * @return void has no return
+	 */
 	private function loginPasswordChange()
 	{
 		if ($this->change_password) {
 			$event = 'Password Change';
+			$data = '';
 			// check that given username is NOT in the deny list, else silent skip (with error log)
 			if (!in_array($this->pw_username, $this->pw_change_deny_users)) {
+				// init the edit user id variable
+				$edit_user_id = '';
+				// cehck if either username or old password is not set
 				if (!$this->pw_username || !$this->pw_old_password) {
 					$this->login_error = 200;
 					$data = 'Missing username or old password.';
@@ -826,7 +903,7 @@ class Login extends \CoreLibs\DB\IO
 					}
 				}
 				// no error change this users password
-				if (!$this->login_error) {
+				if (!$this->login_error && $edit_user_id) {
 					// update the user (edit_user_id) with the new password
 					$q = "UPDATE edit_user SET password = '".$this->dbEscapeString($this->passwordSet($this->pw_new_password))."' WHERE edit_user_id = ".$edit_user_id;
 					$this->dbExec($q);
@@ -835,7 +912,7 @@ class Login extends \CoreLibs\DB\IO
 				}
 			} else {
 				// illegal user error
-				$this->login_error = '220';
+				$this->login_error = 220;
 				$data = 'Illegal user for password change: '.$this->pw_username;
 			}
 			// log this password change attempt
@@ -843,96 +920,81 @@ class Login extends \CoreLibs\DB\IO
 		} // button pressed
 	}
 
-	// METHOD: loginPrintLogin
-	// WAS   : login_print_login
-	// PARAMS: none
-	// RETURN: html data for login page
-	// DESC  : prints out login html part if no permission (error) is set
+	/**
+	 * prints out login html part if no permission (error) is set
+	 * @return ?string html data for login page, or null for nothing
+	 */
 	private function loginPrintLogin()
 	{
+		$html_string = null;
 		if (!$this->permission_okay) {
-			// get global AJAX page trigger
-			// if true, return error ajax
-			global $AJAX_PAGE;
-			if ($AJAX_PAGE === true) {
-				$data = array (
-					'status' => 'error',
-					'error_code' => $this->loging_error,
-					'msg' =>  array (
-						'level' => 'error',
-						'str' => $this->l->__('Login necessary')
-					)
-				);
-				$html_string = json_encode($data);
+			// set the templates now
+			$this->loginSetTemplates();
+			// if there is a global logout target ...
+			if (file_exists($this->logout_target) && $this->logout_target) {
+				$LOGOUT_TARGET = $this->logout_target;
 			} else {
-				// set the templates now
-				$this->loginSetTemplates();
-				// if there is a global logout target ...
-				if (file_exists($this->logout_target) && $this->logout_target) {
-					$LOGOUT_TARGET = $this->logout_target;
-				} else {
-					$LOGOUT_TARGET = "";
-				}
+				$LOGOUT_TARGET = "";
+			}
 
-				$html_string = $this->login_template['template'];
+			$html_string = $this->login_template['template'];
 
-				// if password change is okay
-				if ($this->password_change) {
-					$html_string_password_change = $this->login_template['password_change'];
+			// if password change is okay
+			if ($this->password_change) {
+				$html_string_password_change = $this->login_template['password_change'];
 
-					// pre change the data in the PASSWORD_CHANGE_DIV first
-					foreach ($this->login_template['strings'] as $string => $data) {
-						if ($data) {
-							$html_string_password_change = str_replace('{'.$string.'}', $data, $html_string_password_change);
-						}
+				// pre change the data in the PASSWORD_CHANGE_DIV first
+				foreach ($this->login_template['strings'] as $string => $data) {
+					if ($data) {
+						$html_string_password_change = str_replace('{'.$string.'}', $data, $html_string_password_change);
 					}
-					// print error messagae
-					if ($this->login_error) {
-						$html_string_password_change = str_replace('{ERROR_MSG}', $this->login_error_msg[$this->login_error].'<br>', $html_string_password_change);
-					} else {
-						$html_string_password_change = str_replace('{ERROR_MSG}', '<br>', $html_string_password_change);
-					}
-					// if pw change action, show the float again
-					if ($this->change_password && !$this->password_change_ok) {
-						$html_string_password_change = str_replace('{PASSWORD_CHANGE_SHOW}', '<script language="JavaScript">ShowHideDiv(\'pw_change_div\');</script>', $html_string_password_change);
-					} else {
-						$html_string_password_change = str_replace('{PASSWORD_CHANGE_SHOW}', '', $html_string_password_change);
-					}
-					$this->login_template['strings']['PASSWORD_CHANGE_DIV'] = $html_string_password_change;
 				}
-
-				// put in the logout redirect string
-				if ($this->logout && $LOGOUT_TARGET) {
-					$html_string = str_replace('{LOGOUT_TARGET}', '<meta http-equiv="refresh" content="0; URL='.$LOGOUT_TARGET.'">', $html_string);
-				} else {
-					$html_string = str_replace('{LOGOUT_TARGET}', '', $html_string);
-				}
-
 				// print error messagae
 				if ($this->login_error) {
-					$html_string = str_replace('{ERROR_MSG}', $this->login_error_msg[$this->login_error].'<br>', $html_string);
-				} elseif ($this->password_change_ok && $this->password_change) {
-					$html_string = str_replace('{ERROR_MSG}', $this->login_error_msg[300].'<br>', $html_string);
+					$html_string_password_change = str_replace('{ERROR_MSG}', $this->login_error_msg[$this->login_error].'<br>', $html_string_password_change);
 				} else {
-					$html_string = str_replace('{ERROR_MSG}', '<br>', $html_string);
+					$html_string_password_change = str_replace('{ERROR_MSG}', '<br>', $html_string_password_change);
 				}
-
-				// create the replace array context
-				foreach ($this->login_template['strings'] as $string => $data) {
-					$html_string = str_replace('{'.$string.'}', $data, $html_string);
+				// if pw change action, show the float again
+				if ($this->change_password && !$this->password_change_ok) {
+					$html_string_password_change = str_replace('{PASSWORD_CHANGE_SHOW}', '<script language="JavaScript">ShowHideDiv(\'pw_change_div\');</script>', $html_string_password_change);
+				} else {
+					$html_string_password_change = str_replace('{PASSWORD_CHANGE_SHOW}', '', $html_string_password_change);
 				}
+				$this->login_template['strings']['PASSWORD_CHANGE_DIV'] = $html_string_password_change;
+			}
+
+			// put in the logout redirect string
+			if ($this->logout && $LOGOUT_TARGET) {
+				$html_string = str_replace('{LOGOUT_TARGET}', '<meta http-equiv="refresh" content="0; URL='.$LOGOUT_TARGET.'">', $html_string);
+			} else {
+				$html_string = str_replace('{LOGOUT_TARGET}', '', $html_string);
+			}
+
+			// print error messagae
+			if ($this->login_error) {
+				$html_string = str_replace('{ERROR_MSG}', $this->login_error_msg[$this->login_error].'<br>', $html_string);
+			} elseif ($this->password_change_ok && $this->password_change) {
+				$html_string = str_replace('{ERROR_MSG}', $this->login_error_msg[300].'<br>', $html_string);
+			} else {
+				$html_string = str_replace('{ERROR_MSG}', '<br>', $html_string);
+			}
+
+			// create the replace array context
+			foreach ($this->login_template['strings'] as $string => $data) {
+				$html_string = str_replace('{'.$string.'}', $data, $html_string);
 			}
-			// return the created HTML here
-			return $html_string;
 		} // if permission is 0 then print out login
+		// return the created HTML here or null for nothing
+		return $html_string;
 	}
 
-	// METHOD: loginCloseClass
-	// WAS   : login_close_class
-	// PARAMS: none
-	// RETURN: true on permission ok, false on permission wrong
-	// DESC  : last function called, writes log and prints out error msg and exists script if permission 0
-	private function loginCloseClass()
+	/**
+	 * last function called, writes log and prints out error msg and
+	 * exists script if permission 0
+	 * @return bool true on permission ok, false on permission wrong
+	 */
+	private function loginCloseClass(): bool
 	{
 		// write to LOG table ...
 		if ($this->login_error || $this->login || $this->logout) {
@@ -963,14 +1025,13 @@ class Login extends \CoreLibs\DB\IO
 		}
 	}
 
-	// METHOD: loginSetTemplates
-	// WAS   : login_set_templates
-	// PARAMS: none
-	// RETURN: none
-	// DESC  : checks if there are external templates, if not uses internal fallback ones
+	/**
+	 * checks if there are external templates, if not uses internal fallback ones
+	 * @return void has no return
+	 */
 	private function loginSetTemplates()
 	{
-		$strings = array (
+		$strings = array(
 			'HTML_TITLE' => $this->l->__('LOGIN'),
 			'TITLE' => $this->l->__('LOGIN'),
 			'USERNAME' => $this->l->__('Username'),
@@ -981,7 +1042,7 @@ class Login extends \CoreLibs\DB\IO
 			'PASSWORD_CHANGE_BUTTON_VALUE' => $this->l->__('Change Password')
 		);
 
-		$error_msgs = array (
+		$error_msgs = array(
 			'100' => $this->l->__('Fatal Error: <b>[EUID] came in as GET/POST!</b>'), // actually obsolete
 			'1010' => $this->l->__('Fatal Error: <b>Login Failed - Wrong Username or Password</b>'), // user not found
 			'1011' => $this->l->__('Fatal Error: <b>Login Failed - Wrong Username or Password</b>'), // blowfish password wrong
@@ -1004,7 +1065,7 @@ class Login extends \CoreLibs\DB\IO
 
 		// if password change is okay
 		if ($this->password_change) {
-			$strings = array_merge($strings, array (
+			$strings = array_merge($strings, array(
 				'TITLE_PASSWORD_CHANGE' => 'Change Password for User',
 				'OLD_PASSWORD' => $this->l->__('Old Password'),
 				'NEW_PASSWORD' => $this->l->__('New Password'),
@@ -1031,7 +1092,7 @@ EOM;
 		if ($this->password_forgot) {
 		}
 		if (!$this->password_change && !$this->password_forgot) {
-			$strings = array_merge($strings, array (
+			$strings = array_merge($strings, array(
 				'JS_SHOW_HIDE' => '',
 				'PASSWORD_CHANGE_BUTTON' => '',
 				'PASSWORD_CHANGE_DIV' => ''
@@ -1119,14 +1180,15 @@ EOM;
 		}
 	}
 
-	// METHOD: writeLog
-	// WAS   : write_log
-	// PARAMS: event -> string of what has been done
-	//        data -> data information (id, etc)
-	//        error -> if error, write error string (not enougth data, etc)
-	// RETURN: none
-	// DESC  : writes detailed data into the edit user log table (keep log what user does)
-	private function writeLog($event, $data, $error = '', $username = '')
+	/**
+	 * writes detailed data into the edit user log table (keep log what user does)
+	 * @param  string     $event    string of what has been done
+	 * @param  string     $data     data information (id, etc)
+	 * @param  string|int $error    error id (mostly an int)
+	 * @param  string     $username login user username
+	 * @return void                 has no return
+	 */
+	private function writeLog(string $event, string $data, $error = '', string $username = '')
 	{
 		if ($this->login) {
 				$this->action = 'Login';
@@ -1135,7 +1197,7 @@ EOM;
 		} else {
 			$this->action = '';
 		}
-		$_data_binary = array (
+		$_data_binary = array(
 				'_SESSION' => $_SESSION,
 				'_GET' => $_GET,
 				'_POST' => $_POST,
@@ -1149,7 +1211,7 @@ EOM;
 		$q .= "ip, user_agent, referer, script_name, query_string, server_name, http_host, http_accept, http_accept_charset, http_accept_encoding, session_id, ";
 		$q .= "action, action_id, action_yes, action_flag, action_menu, action_loaded, action_value, action_error) ";
 		$q .= "VALUES ('".$this->dbEscapeString($username)."', 'PASSWORD', ".(($this->euid) ? $this->euid : 'NULL').", ";
-		$q .= "NOW(), '".$this->dbEscapeString($event)."', '".$this->dbEscapeString($error)."', '".$this->dbEscapeString($data)."', '".$data_binary."', '".$this->page_name."', ";
+		$q .= "NOW(), '".$this->dbEscapeString($event)."', '".$this->dbEscapeString((string)$error)."', '".$this->dbEscapeString($data)."', '".$data_binary."', '".$this->page_name."', ";
 		foreach (array(
 			'REMOTE_ADDR', 'HTTP_USER_AGENT', 'HTTP_REFERER', 'SCRIPT_FILENAME', 'QUERY_STRING', 'SERVER_NAME', 'HTTP_HOST', 'HTTP_ACCEPT', 'HTTP_ACCEPT_CHARSET', 'HTTP_ACCEPT_ENCODING'
 		) as $server_code) {
@@ -1160,16 +1222,22 @@ EOM;
 			}
 		}
 		$q .= "'".session_id()."', ";
-		$q .= "'".$this->dbEscapeString($this->action)."', '".$this->dbEscapeString($this->username)."', NULL, '".$this->dbEscapeString($this->login_error)."', NULL, NULL, '".$this->dbEscapeString($this->permission_okay)."', NULL)";
+		$q .= "'".$this->dbEscapeString($this->action)."', ";
+		$q .= "'".$this->dbEscapeString($this->username)."', ";
+		$q .= "NULL, ";
+		$q .= "'".$this->dbEscapeString((string)$this->login_error)."', ";
+		$q .= "NULL, NULL, ";
+		$q .= "'".$this->dbEscapeString((string)$this->permission_okay)."', ";
+		$q .= "NULL)";
 		$this->dbExec($q, 'NULL');
 	}
 
-	// METHOD: loginCheckEditAccessId
-	// WAS   : login_check_edit_access_id
-	// PARAMS: edit access id to check
-	// RETURN: same edit access id if ok, or the default edit access id if given one is not valud
-	// DESC  : checks that the given edit access id is valid for this user
-	public function loginCheckEditAccessId($edit_access_id)
+	/**
+	 *checks that the given edit access id is valid for this user
+	 * @param  int $edit_access_id edit access id to check
+	 * @return int                 same edit access id if ok, or the default edit access id if given one is not valid
+	 */
+	public function loginCheckEditAccessId(int $edit_access_id)
 	{
 		if (!array_key_exists($edit_access_id, $_SESSION["UNIT"])) {
 			return $_SESSION["UNIT_DEFAULT"];
@@ -1178,12 +1246,13 @@ EOM;
 		}
 	}
 
-	// METHOD: loginSetEditAccessData
-	// WAS   : login_set_edit_access_data
-	// PARAMS: edit access id, key value to search for
-	// RETURN: false for not found or string for found data
-	// DESC  : searchs in the data set for the unit for the data key and returns the value asociated with it
-	public function loginSetEditAccessData($edit_access_id, $data_key)
+	/**
+	 * [loginSetEditAccessData description]
+	 * @param  int        $edit_access_id edit access id
+	 * @param  string|int $data_key       key value to search for
+	 * @return bool|string                false for not found or string for found data
+	 */
+	public function loginSetEditAccessData(int $edit_access_id, $data_key)
 	{
 		if (!$_SESSION['UNIT'][$edit_access_id]['data'][$data_key]) {
 			return false;

www/lib/CoreLibs/Admin/Backend.inc

@@ -1,362 +0,0 @@
-<?php
-/*********************************************************************
-* AUTHOR: Clemens Schwaighofer
-* CREATED: 2006/08/15
-* VERSION: 1.0.0
-* RELEASED LICENSE: GNU GPL 3
-* DESCRIPTION
-* Basic Admin interface backend
-* - sets action flags
-* - menu creation
-* - array vars for smarty
-*
-* PUBLIC VARIABLES
-*
-* PRIVATE VARIABLES
-*
-* PUBLIC METHODS
-*
-* PRIVATE METHODS
-*
-* HISTORY:
-*
-*********************************************************************/
-
-namespace CoreLibs\Admin;
-
-class Backend extends \CoreLibs\DB\IO
-{
-	// page name
-	public $page_name; // the name of the current page
-	public $menu = array();
-	public $menu_show_flag = 0; // top menu flag (mostly string)
-	// action ids
-	public $action_list = array ('action', 'action_id', 'action_sub_id', 'action_yes', 'action_flag', 'action_menu', 'action_value', 'action_error', 'action_loaded');
-	public $action;
-	public $action_id;
-	public $action_sub_id;
-	public $action_yes;
-	public $action_flag;
-	public $action_menu;
-	public $action_loaded;
-	public $action_value;
-	public $action_error;
-	// ACL array variable if we want to set acl data from outisde
-	public $acl = array ();
-	// the current active edit access id
-	public $edit_access_id;
-	// error/warning/info messages
-	public $messages = array ();
-	public $error = 0;
-	public $warning = 0;
-	public $info = 0;
-	// smarty publics
-	public $DATA;
-	public $HEADER;
-	public $DEBUG_DATA;
-	public $CONTENT_DATA;
-
-	// CONSTRUCTOR / DECONSTRUCTOR |====================================>
-	public function __construct($db_config, $lang, $debug = 0, $db_debug = 0, $echo = 1, $print = 0)
-	{
-		// get the language sub class & init it
-		$this->l = new \CoreLibs\Language\L10n($lang);
-
-		// init the database class
-		parent::__construct($db_config, $debug, $db_debug, $echo, $print);
-
-		// internal
-		$this->class_info["adbBackend"] = array(
-			"class_name" => "Admin Interface Backend",
-			"class_version" => "1.0.0",
-			"class_created" => "2006/08/15",
-			"class_author" => "Clemens Schwaighofer"
-		);
-
-		// set page name
-		$this->page_name = $this->getPageName();
-
-		// set the action ids
-		foreach ($this->action_list as $_action) {
-			$this->$_action = (isset($_POST[$_action])) ? $_POST[$_action] : '';
-		}
-
-		$this->default_acl = DEFAULT_ACL_LEVEL;
-
-		// random key generation
-		$this->key_range = array_merge(range('A', 'Z'), range('a', 'z'), range('0', '9'));
-		$GLOBALS["_KEY_RANGE"] = $this->key_range;
-		$this->one_key_length = count($this->key_range);
-		$this->key_length = 4; // pow($this->one_key_length, 4); // hardcoded, should be more than enought (62*62*62*62)
-
-		// queue key
-		if (preg_match("/^(add|save|delete|remove|move|up|down|push_live)$/", $this->action)) {
-			$this->queue_key = join(
-				'',
-				array_map(
-					function () {
-						$range = $GLOBALS['_KEY_RANGE'];
-						return $range[rand(0, (count($range) - 1))];
-					},
-					range(1, 3)
-				)
-			);
-		}
-	}
-
-	// deconstructor
-	public function __destruct()
-	{
-		parent::__destruct();
-	}
-
-	// INTERNAL METHODS |===============================================>
-
-
-	// PUBLIC METHODS |=================================================>
-
-	// METHOD: adbEditLog()
-	// PARAMS: event -> any kind of event description, data -> any kind of data related to that event
-	// RETURN: none
-	// DESC  : writes all action vars plus other info into edit_log table
-	public function adbEditLog($event = '', $data = '', $write_type = 'STRING')
-	{
-		if ($write_type == 'BINARY') {
-			$data_binary = $this->dbEscapeBytea(bzcompress(serialize($data)));
-			$data = 'see bzip compressed data_binary field';
-		}
-		if ($write_type == 'STRING') {
-			$data = $this->dbEscapeString(serialize($data));
-		}
-
-		$q = "INSERT INTO ".LOGIN_DB_SCHEMA.".edit_log ";
-		$q .= "(euid, event_date, event, data, data_binary, page, ";
-		$q .= "ip, user_agent, referer, script_name, query_string, server_name, http_host, http_accept, http_accept_charset, http_accept_encoding, session_id, ";
-		$q .= "action, action_id, action_yes, action_flag, action_menu, action_loaded, action_value, action_error) ";
-		$q .= "VALUES ";
-		$q .= "(".@$_SESSION['EUID'].", NOW(), '".$this->dbEscapeString($event)."', '".$data."', '".$data_binary."', '".$this->page_name."', ";
-		$q .= "'".@$_SERVER["REMOTE_ADDR"]."', '".$this->dbEscapeString(@$_SERVER['HTTP_USER_AGENT'])."', ";
-		$q .= "'".$this->dbEscapeString(@$_SERVER['HTTP_REFERER'])."', '".$this->dbEscapeString(@$_SERVER['SCRIPT_FILENAME'])."', ";
-		$q .= "'".$this->dbEscapeString(@$_SERVER['QUERY_STRING'])."', '".$this->dbEscapeString(@$_SERVER['SERVER_NAME'])."', ";
-		$q .= "'".$this->dbEscapeString(@$_SERVER['HTTP_HOST'])."', '".$this->dbEscapeString(@$_SERVER['HTTP_ACCEPT'])."', ";
-		$q .= "'".$this->dbEscapeString(@$_SERVER['HTTP_ACCEPT_CHARSET'])."', '".$this->dbEscapeString(@$_SERVER['HTTP_ACCEPT_ENCODING'])."', ";
-		$q .= "'".session_id()."', ";
-		$q .= "'".$this->dbEscapeString($this->action)."', '".$this->dbEscapeString($this->action_id)."', ";
-		$q .= "'".$this->dbEscapeString($this->action_yes)."', '".$this->dbEscapeString($this->action_flag)."', ";
-		$q .= "'".$this->dbEscapeString($this->action_menu)."', '".$this->dbEscapeString($this->action_loaded)."', ";
-		$q .= "'".$this->dbEscapeString($this->action_value)."', '".$this->dbEscapeString($this->action_error)."')";
-		$this->dbExec($q, 'NULL');
-	}
-
-	// METHOD: adbTopMenu
-	// PARAMS: level
-	// RETURN: returns an array for the top menu with all correct settings
-	// DESC  : menu creater
-	public function adbTopMenu($flag = 0)
-	{
-		if ($this->menu_show_flag) {
-			$flag = $this->menu_show_flag;
-		}
-
-		// get the session pages array
-		$pages = $_SESSION["PAGES"];
-		if (!is_array($pages)) {
-			$pages = array ();
-		}
-		// $this->debug('pages', $this->print_ar($pages));
-		// if flag is 0, then we show all, else, we show only the matching flagges array points
-		// array is already sorted after correct order
-		reset($pages);
-		for ($i = 0, $iMax = count($pages); $i < $iMax; $i ++) {
-			$show = 0;
-			// is it visible in the menu & is it online
-			if ($pages[$i]["menu"] && $pages[$i]["online"]) {
-				// check if it falls into our flag if we have a flag
-				if ($flag) {
-					foreach ($pages[$i]["visible"] as $name => $key) {
-						if ($key == $flag) {
-							$show = 1;
-						}
-					}
-				} else {
-					// if no flag given, show all menu points
-					$show = 1;
-				}
-
-				if ($show) {
-					// if it is popup, write popup arrayound
-					if ($pages[$i]["popup"]) {
-						$type = "popup";
-					} else {
-						$type = "normal";
-					}
-					$query_string = '';
-					if (count($pages[$i]["query"])) {
-						for ($j = 0, $jMax = count($pages[$i]["query"]); $j < $jMax; $j ++) {
-							if (strlen($query_string)) {
-								$query_string .= "&";
-							}
-							$query_string .= $pages[$i]["query"][$j]["name"]."=";
-							if (!$pages[$i]["query"][$j]["dynamic"]) {
-								$query_string .= urlencode($pages[$i]["query"][$j]["value"]);
-							} else {
-								$query_string .= $_GET[$pages[$i]["query"][$j]["value"]] ? urlencode($_GET[$pages[$i]["query"][$j]["value"]]) : urlencode($_POST[$pages[$i]["query"][$j]["value"]]);
-							}
-						}
-					}
-					$url = $pages[$i]["filename"];
-					if (strlen($query_string)) {
-						$url .= "?".$query_string;
-					}
-					$name = $pages[$i]["page_name"];
-					// if page name matchs -> set selected flag
-					$selected = 0;
-					if ($this->getPageName() == $pages[$i]["filename"]) {
-						$selected = 1;
-						$this->page_name = $name;
-					}
-					// last check, is this menu point okay to show
-					$enabled = 0;
-					if ($this->adbShowMenuPoint($pages[$i]["filename"])) {
-						$enabled = 1;
-					}
-					// write in to view menu array
-					array_push($this->menu, array("name" => $this->l->__($name), "url" => $url, "selected" => $selected, "enabled" => $enabled, "type" => $type));
-				} // show page
-			} // online and in menu
-		} // for each page
-		return $this->menu;
-	}
-
-	// METHOD: adbShowMenuPoint
-	// PARAMS: filename
-	// RETURN: returns boolean true/false
-	// DESC  : checks if this filename is in the current situation (user id, etc) available
-	public function adbShowMenuPoint($filename)
-	{
-		$enabled = 0;
-		switch ($filename) {
-			default:
-				$enabled = 1;
-				break;
-		};
-		return $enabled;
-	}
-
-	// REMARK: below function has moved to "Class.Basic"
-	// METHOD: adbAssocArray
-	// PARAMS: db array, key, value part
-	// RETURN: returns and associative array
-	// DESC  : creates out of a normal db_return array an assoc array
-	public function adbAssocArray($db_array, $key, $value)
-	{
-		return $this->genAssocArray($db_array, $key, $value);
-	}
-
-	// REMARK: below function has moved to "Class.Basic"
-	// METHOD: adbByteStringFormat
-	// PARAMS: int
-	// RETURN: string
-	// DESC  : converts bytes into formated string with KB, MB, etc
-	public function adbByteStringFormat($number)
-	{
-		return $this->byteStringFormat($number);
-	}
-
-	// REMARK: below function has moved to "Class.Basic"
-	// METHOD: adbCreateThumbnail
-	// PARAMS: id from picture where from we create a thumbnail
-	//         x -> max x size of thumbnail
-	//         y -> max y size of thumbnail
-	//         dummy -> if set to true, then if no images was found we show a dummy image
-	//         path -> if source start is not ROOT path, if empty ROOT is choosen
-	//         cache -> cache path, if not given TMP is used
-	// RETURN: thumbnail name
-	// DESC  : converts picture to a thumbnail with max x and max y size
-	public function adbCreateThumbnail($pic, $size_x, $size_y, $dummy = false, $path = "", $cache = "")
-	{
-		return $this->createThumbnail($pic, $size_x, $size_y, $dummy, $path, $cache);
-	}
-
-	// METHOD: adbMsg
-	// PARAMS: level -> info/warning/error
-	//         msg -> string, can be printf formated
-	//         var array -> optional data for a possible printf formated msg
-	// RETURN: none
-	// DESC  : wrapper function to fill up the mssages array
-	public function adbMsg($level, $msg, $vars = array ())
-	{
-		if (!preg_match("/^info|warning|error$/", $level)) {
-			$level = "info";
-		}
-		$this->messages[] = array (
-			'msg' => sprintf($this->l->__($msg), $vars),
-			'class' => $level
-		);
-		switch ($level) {
-			case 'info':
-				$this->info = 1;
-				break;
-			case 'warning':
-				$this->warning = 1;
-				break;
-			case 'error':
-				$this->error = 1;
-				break;
-		}
-	}
-
-	// METHOD: adbLiveQueue
-	// PARAMS: queue_key -> string to identfy the queue
-	//         type      -> INSERT/UPDATE/DELETE
-	//         target    -> target table to write to
-	//         data      -> SQL part to write, this can include #KEY_VALUE#, #KEY_NAME# for delete sub queries
-	//         key_name  -> key name, mostly used for update search
-	//         key_value -> data for the key
-	//         associate -> NULL for free, LOCK for first insert, group key for reference to first entry
-	//         file      -> string for special file copy actions; mostyle "test#live;..."
-	// RETURN: none
-	// DESC  : writes live queue
-	public function adbLiveQueue($queue_key, $type, $target, $data, $key_name, $key_value, $associate = null, $file = null)
-	{
-		$q = "INSERT INTO ".GLOBAL_DB_SCHEMA.".live_queue (";
-		$q .= "queue_key, key_value, key_name, type, target, data, group_key, action, associate, file";
-		$q .= ") VALUES (";
-		$q .= "'".$this->dbEscapeString($queue_key)."', '".$this->dbEscapeString($key_value)."', ";
-		$q .= "'".$this->dbEscapeString($key_name)."', '".$this->dbEscapeString($type)."', ";
-		$q .= "'".$this->dbEscapeString($target)."', '".$this->dbEscapeString($data)."', ";
-		$q .= "'".$this->queue_key."', '".$this->action."', '".$this->dbEscapeString($associate)."', ";
-		$q .= "'".$this->dbEscapeString($file)."')";
-		$this->db_exec($q);
-	}
-
-	// METHOD: adbPrintDateTime
-	// PARAMS: year, month, day, hour, min: the date and time values
-	//         suffix: additional info printed after the date time variable in the drop down,
-	//         also used for ID in the on change JS call
-	//         minute steps: can be 1 (default), 5, 10, etc, if invalid (outside 1h range,
-	//         it falls back to 1min)
-	//         name pos back: default false, if set to true, the name will be printend
-	//                        after the drop down and not before the drop down
-	// RETURN: HTML formated strings for drop down lists of date and time
-	// DESC  : print the date/time drop downs, used in any queue/send/insert at date/time place
-	// NOTE  : Basic class holds exact the same, except the Year/Month/Day/etc strings
-	//         are translated in this call
-	public function adbPrintDateTime($year, $month, $day, $hour, $min, $suffix = '', $min_steps = 1, $name_pos_back = false)
-	{
-		// get the build layout
-		$html_time = $this->printDateTime($year, $month, $day, $hour, $min, $suffix, $min_steps, $name_pos_back);
-		// translate the strings inside
-		foreach (array('Year ', 'Month ', 'Day ', 'Hour ', 'Minute ') as $_time) {
-			$html_time = str_replace($_time, $this->l->__(str_replace(' ', '', $_time)).' ', $html_time);
-		}
-		// replace week days in short
-		foreach (array('Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat', 'Sun') as $_date) {
-			$html_time = str_replace('('.$_date.')', '('.$this->l->__($_date).')', $html_time);
-		}
-		// return the datetime select string with strings translated
-		return $html_time;
-	}
-}
-
-// __END__

www/lib/CoreLibs/Admin/Backend.php

@@ -0,0 +1,447 @@
+<?php declare(strict_types=1);
+/*********************************************************************
+* AUTHOR: Clemens Schwaighofer
+* CREATED: 2006/08/15
+* VERSION: 1.0.0
+* RELEASED LICENSE: GNU GPL 3
+* DESCRIPTION
+* Basic Admin interface backend
+* - sets action flags
+* - menu creation
+* - array vars for smarty
+*
+* PUBLIC VARIABLES
+*
+* PRIVATE VARIABLES
+*
+* PUBLIC METHODS
+*
+* PRIVATE METHODS
+*
+* HISTORY:
+*
+*********************************************************************/
+
+namespace CoreLibs\Admin;
+
+class Backend extends \CoreLibs\DB\IO
+{
+	// page name
+	public $menu = array();
+	public $menu_show_flag = 0; // top menu flag (mostly string)
+	// action ids
+	public $action_list = array('action', 'action_id', 'action_sub_id', 'action_yes', 'action_flag', 'action_menu', 'action_value', 'action_error', 'action_loaded');
+	public $action;
+	public $action_id;
+	public $action_sub_id;
+	public $action_yes;
+	public $action_flag;
+	public $action_menu;
+	public $action_loaded;
+	public $action_value;
+	public $action_error;
+	// ACL array variable if we want to set acl data from outisde
+	public $acl = array();
+	public $default_acl;
+	// queue key
+	public $queue_key;
+	// the current active edit access id
+	public $edit_access_id;
+	// error/warning/info messages
+	public $messages = array();
+	public $error = 0;
+	public $warning = 0;
+	public $info = 0;
+	// smarty publics
+	public $DATA;
+	public $HEADER;
+	public $DEBUG_DATA;
+	public $CONTENT_DATA;
+	// smarty include/set var
+	public $INC_TEMPLATE_NAME;
+	public $JS_TEMPLATE_NAME;
+	public $CSS_TEMPLATE_NAME;
+	public $CSS_SPECIAL_TEMPLATE_NAME;
+	public $JS_SPECIAL_TEMPLATE_NAME;
+	public $CACHE_ID;
+	public $COMPILE_ID;
+	public $includes;
+	public $template_path;
+	public $lang_dir = '';
+	public $javascript;
+	public $css;
+	public $pictures;
+	public $cache_pictures;
+	public $cache_pictures_root;
+	public $JS_INCLUDE;
+	public $JS_SPECIAL_INCLUDE;
+	public $CSS_INCLUDE;
+	public $CSS_SPECIAL_INCLUDE;
+	// language
+	public $l;
+
+	// CONSTRUCTOR / DECONSTRUCTOR |====================================>
+	/**
+	 * main class constructor
+	 * @param array       $db_config        db config array
+	 * @param string      $lang             language string
+	 * @param int|integer $set_control_flag class variable check flag
+	 */
+	public function __construct(array $db_config, string $lang, int $set_control_flag = 0)
+	{
+		// get the language sub class & init it
+		$this->l = new \CoreLibs\Language\L10n($lang);
+
+		// init the database class
+		parent::__construct($db_config, $set_control_flag);
+
+		// set the action ids
+		foreach ($this->action_list as $_action) {
+			$this->$_action = (isset($_POST[$_action])) ? $_POST[$_action] : '';
+		}
+
+		$this->default_acl = DEFAULT_ACL_LEVEL;
+
+		// queue key
+		if (preg_match("/^(add|save|delete|remove|move|up|down|push_live)$/", $this->action)) {
+			$this->queue_key = $this->randomKeyGen(3);
+		}
+	}
+
+	/**
+	 * class deconstructor
+	 */
+	public function __destruct()
+	{
+		parent::__destruct();
+	}
+
+	// INTERNAL METHODS |===============================================>
+
+
+	// PUBLIC METHODS |=================================================>
+
+	/**
+	 * writes all action vars plus other info into edit_log tabl
+	 * @param  string       $event      any kind of event description,
+	 * @param  string|array $data       any kind of data related to that event
+	 * @param  string       $write_type write type can bei STRING or BINARY
+	 * @return void                     has no return
+	 */
+	public function adbEditLog(string $event = '', $data = '', string $write_type = 'STRING'): void
+	{
+		$data_binary = '';
+		if ($write_type == 'BINARY') {
+			$data_binary = $this->dbEscapeBytea(bzcompress(serialize($data)));
+			$data = 'see bzip compressed data_binary field';
+		}
+		if ($write_type == 'STRING') {
+			$data_binary = '';
+			$data = $this->dbEscapeString(serialize($data));
+		}
+
+		// check schema
+		if (defined('LOGIN_DB_SCHEMA')) {
+			/** @phan-suppress-next-line PhanUndeclaredConstant */
+			$SCHEMA = LOGIN_DB_SCHEMA;
+		} elseif ($this->dbGetSchema()) {
+			$SCHEMA = $this->dbGetSchema();
+		} elseif (defined('PUBLIC_SCHEMA')) {
+			$SCHEMA = PUBLIC_SCHEMA;
+		} else {
+			$SCHEMA = 'public';
+		}
+
+		$q = "INSERT INTO ".$SCHEMA.".edit_log ";
+		$q .= "(euid, event_date, event, data, data_binary, page, ";
+		$q .= "ip, user_agent, referer, script_name, query_string, server_name, http_host, http_accept, http_accept_charset, http_accept_encoding, session_id, ";
+		$q .= "action, action_id, action_yes, action_flag, action_menu, action_loaded, action_value, action_error) ";
+		$q .= "VALUES ";
+		$q .= "(".$this->dbEscapeString(isset($_SESSION['EUID']) ? $_SESSION['EUID'] : '').", ";
+		$q .= "NOW(), ";
+		$q .= "'".$this->dbEscapeString((string)$event)."', '".$data."', '".$data_binary."', '".$this->dbEscapeString($this->page_name)."', ";
+		$q .= "'".@$_SERVER["REMOTE_ADDR"]."', '".$this->dbEscapeString(@$_SERVER['HTTP_USER_AGENT'])."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['SCRIPT_FILENAME']) ? $_SERVER['SCRIPT_FILENAME'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['HTTP_ACCEPT']) ? $_SERVER['HTTP_ACCEPT'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['HTTP_ACCEPT_CHARSET']) ? $_SERVER['HTTP_ACCEPT_CHARSET'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['HTTP_ACCEPT_ENCODING']) ? $_SERVER['HTTP_ACCEPT_ENCODING'] : '')."', ";
+		$q .= "'".session_id()."', ";
+		$q .= "'".$this->dbEscapeString($this->action)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_id)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_yes)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_flag)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_menu)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_loaded)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_value)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_error)."')";
+		$this->dbExec($q, 'NULL');
+	}
+
+	/**
+	 * menu creater (from login menu session pages)
+	 * @param  int $flag visible flag trigger
+	 * @return array     menu array for output on page (smarty)
+	 */
+	public function adbTopMenu(int $flag = 0): array
+	{
+		if ($this->menu_show_flag) {
+			$flag = $this->menu_show_flag;
+		}
+
+		// get the session pages array
+		$PAGES = isset($_SESSION['PAGES']) ? $_SESSION['PAGES'] : null;
+		if (!isset($PAGES) || !is_array($PAGES)) {
+			$PAGES = array();
+		}
+		$pages = array();
+		foreach ($PAGES as $PAGE_CUID => $PAGE_DATA) {
+			$pages[] = $PAGE_DATA;
+		}
+		// $this->debug('pages', $this->print_ar($pages));
+		// if flag is 0, then we show all, else, we show only the matching flagges array points
+		// array is already sorted after correct order
+		reset($pages);
+		for ($i = 0, $iMax = count($pages); $i < $iMax; $i ++) {
+			$show = 0;
+			// is it visible in the menu & is it online
+			if ($pages[$i]['menu'] && $pages[$i]['online']) {
+				// check if it falls into our flag if we have a flag
+				if ($flag) {
+					foreach ($pages[$i]['visible'] as $name => $key) {
+						if ($key == $flag) {
+							$show = 1;
+						}
+					}
+				} else {
+					// if no flag given, show all menu points
+					$show = 1;
+				}
+
+				if ($show) {
+					// if it is popup, write popup arrayound
+					if (isset($pages[$i]['popup']) && $pages[$i]['popup']) {
+						$type = 'popup';
+					} else {
+						$type = 'normal';
+						$pages[$i]['popup'] = 0;
+					}
+					$query_string = '';
+					if (isset($pages[$i]['query']) && count($pages[$i]['query'])) {
+						for ($j = 0, $jMax = count($pages[$i]['query']); $j < $jMax; $j ++) {
+							if (strlen($query_string)) {
+								$query_string .= '&';
+							}
+							$query_string .= $pages[$i]['query'][$j]['name'].'=';
+							if (!$pages[$i]['query'][$j]['dynamic']) {
+								$query_string .= urlencode($pages[$i]['query'][$j]['value']);
+							} else {
+								$query_string .= $_GET[$pages[$i]['query'][$j]['value']] ? urlencode($_GET[$pages[$i]['query'][$j]['value']]) : urlencode($_POST[$pages[$i]['query'][$j]['value']]);
+							}
+						}
+					}
+					$url = $pages[$i]['filename'];
+					if (strlen($query_string)) {
+						$url .= '?'.$query_string;
+					}
+					$name = $pages[$i]['page_name'];
+					// if page name matchs -> set selected flag
+					$selected = 0;
+					if ($this->getPageName() == $pages[$i]['filename']) {
+						$selected = 1;
+						$this->page_name = $name;
+					}
+					// last check, is this menu point okay to show
+					$enabled = 0;
+					if ($this->adbShowMenuPoint($pages[$i]['filename'])) {
+						$enabled = 1;
+					}
+					// write in to view menu array
+					array_push($this->menu, array(
+						'name' => $this->l->__($name),
+						'url' => $url,
+						'selected' => $selected,
+						'enabled' => $enabled,
+						'popup' => $type == 'popup' ? 1 : 0,
+						'type' => $type
+					));
+				} // show page
+			} // online and in menu
+		} // for each page
+		return $this->menu;
+	}
+
+	/**
+	 * checks if this filename is in the current situation (user id, etc) available
+	 * @param  string $filename filename
+	 * @return bool             true for visible/accessable menu point, false for not
+	 */
+	public function adbShowMenuPoint(string $filename): bool
+	{
+		$enabled = false;
+		switch ($filename) {
+			default:
+				$enabled = true;
+				break;
+		};
+		return $enabled;
+	}
+
+	/**
+	 * @deprecated
+	 * creates out of a normal db_return array an assoc array
+	 * @param  array           $db_array input array
+	 * @param  string|int|bool $key      key
+	 * @param  string|int|bool $value    value
+	 * @return array                     associative array
+	 */
+	public function adbAssocArray(array $db_array, $key, $value): array
+	{
+		trigger_error('Method '.__METHOD__.' is deprecated', E_USER_DEPRECATED);
+		return $this->genAssocArray($db_array, $key, $value);
+	}
+
+	/**
+	 * @deprecated
+	 * converts bytes into formated string with KB, MB, etc
+	 * @param  string|int|float $number string or int or number
+	 * @return string                   formatted string
+	 */
+	public function adbByteStringFormat($number): string
+	{
+		trigger_error('Method '.__METHOD__.' is deprecated', E_USER_DEPRECATED);
+		return $this->byteStringFormat($number);
+	}
+
+	/**
+	 * @deprecated
+	 * converts picture to a thumbnail with max x and max y size
+	 * @param  string      $pic          source image file with or without path
+	 * @param  int         $size_x       maximum size width
+	 * @param  int         $size_y       maximum size height
+	 * @param  string      $dummy        empty, or file_type to show an icon instead of nothing if file is not found
+	 * @param  string      $path         if source start is not ROOT path, if empty ROOT is choosen
+	 * @return string|bool               thumbnail name, or false for error
+	 */
+	public function adbCreateThumbnail($pic, $size_x, $size_y, $dummy = '', $path = "", $cache = "")
+	{
+		trigger_error('Method '.__METHOD__.' is deprecated', E_USER_DEPRECATED);
+		return $this->createThumbnail($pic, $size_x, $size_y, $dummy, $path, $cache);
+	}
+
+	/**
+	 * wrapper function to fill up the mssages array
+	 * @param  string $level info/warning/error
+	 * @param  string $msg   string, can be printf formated
+	 * @param  array  $vars  optional data for a possible printf formated msg
+	 * @return void          has no return
+	 */
+	public function adbMsg(string $level, string $msg, array $vars = array()): void
+	{
+		if (!preg_match("/^info|warning|error$/", $level)) {
+			$level = "info";
+		}
+		$this->messages[] = array(
+			'msg' => vsprintf($this->l->__($msg), $vars),
+			'class' => $level
+		);
+		switch ($level) {
+			case 'info':
+				$this->info = 1;
+				break;
+			case 'warning':
+				$this->warning = 1;
+				break;
+			case 'error':
+				$this->error = 1;
+				break;
+		}
+	}
+
+	/**
+	 * writes live queue
+	 * @param  string  $queue_key string to identfy the queue
+	 * @param  string  $type      [description]
+	 * @param  string  $target    [description]
+	 * @param  string  $data      [description]
+	 * @param  string  $key_name  [description]
+	 * @param  string  $key_value [description]
+	 * @param  ?string $associate [description]
+	 * @param  ?string $file      [description]
+	 * @return void               has no return
+	 */
+	public function adbLiveQueue(
+		string $queue_key,
+		string $type,
+		string $target,
+		string $data,
+		string $key_name,
+		string $key_value,
+		string $associate = null,
+		string $file = null
+	): void {
+		if (defined('GLOBAL_DB_SCHEMA')) {
+			/** @phan-suppress-next-line PhanUndeclaredConstant */
+			$SCHEMA = GLOBAL_DB_SCHEMA;
+		} elseif ($this->dbGetSchema()) {
+			$SCHEMA = $this->dbGetSchema();
+		} elseif (defined('PUBLIC_SCHEMA')) {
+			$SCHEMA = PUBLIC_SCHEMA;
+		} else {
+			$SCHEMA = 'public';
+		}
+		$q = "INSERT INTO ".$SCHEMA.".live_queue (";
+		$q .= "queue_key, key_value, key_name, type, target, data, group_key, action, associate, file";
+		$q .= ") VALUES (";
+		$q .= "'".$this->dbEscapeString($queue_key)."', '".$this->dbEscapeString($key_value)."', ";
+		$q .= "'".$this->dbEscapeString($key_name)."', '".$this->dbEscapeString($type)."', ";
+		$q .= "'".$this->dbEscapeString($target)."', '".$this->dbEscapeString($data)."', ";
+		$q .= "'".$this->queue_key."', '".$this->action."', '".$this->dbEscapeString((string)$associate)."', ";
+		$q .= "'".$this->dbEscapeString((string)$file)."')";
+		$this->dbExec($q);
+	}
+
+	/**
+	 * Basic class holds exact the same, except the Year/Month/Day/etc strings
+	 * are translated in this call
+	 * @param  int    $year          year YYYY
+	 * @param  int    $month         month m
+	 * @param  int    $day           day d
+	 * @param  int    $hour          hour H
+	 * @param  int    $min           min i
+	 * @param  string $suffix        additional info printed after the date time variable in the drop down
+	 *                               also used for ID in the on change JS call
+	 * @param  int    $min_steps     default is 1 (minute), can set to anything, is used as sum up from 0
+	 * @param  bool   $name_pos_back default false, if set to true, the name will be printend
+	 *                               after the drop down and not before the drop down
+	 * @return string                HTML formated strings for drop down lists of date and time
+	 */
+	public function adbPrintDateTime(
+		$year,
+		$month,
+		$day,
+		$hour,
+		$min,
+		string $suffix = '',
+		int $min_steps = 1,
+		bool $name_pos_back = false
+	) {
+		// get the build layout
+		$html_time = $this->printDateTime($year, $month, $day, $hour, $min, $suffix, $min_steps, $name_pos_back);
+		// translate the strings inside
+		foreach (array('Year ', 'Month ', 'Day ', 'Hour ', 'Minute ') as $_time) {
+			$html_time = str_replace($_time, $this->l->__(str_replace(' ', '', $_time)).' ', $html_time);
+		}
+		// replace week days in short
+		foreach (array('Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat', 'Sun') as $_date) {
+			$html_time = str_replace('('.$_date.')', '('.$this->l->__($_date).')', $html_time);
+		}
+		// return the datetime select string with strings translated
+		return $html_time;
+	}
+}
+
+// __END__

www/lib/CoreLibs/DB/Extended/ArrayIO.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /*********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2002/12/17
@@ -6,7 +6,7 @@
 * RELEASED LICENSE: GNU GPL 3
 * SHORT DESC  :RIPTION:
 *   DB Array IO Class:
-*   writes, reads or deletes a complete array (one data set) in/out a
+*   writes, reads or deletes a complete array(one data set) in/out a
 *   table from the connected DB.
 *   you don't have to write any SQL queries, worry over update/insert
 *
@@ -19,6 +19,7 @@
 *   PRIVATE METHOD:S
 *
 * HISTORY:
+* 2019/9/11 (cs) error string 21->91, 22->92 for not overlapping with IO
 * 2005/07/07 (cs) updated array class for postgres: set 0 & NULL if int field given, insert uses () values () syntax
 * 2005/03/31 (cs) fixed the class call with all debug vars
 * 2003-03-10: error_ids where still wrong chagned 11->21 and 12->22
@@ -47,21 +48,21 @@ class ArrayIO extends \CoreLibs\DB\IO
 	public $pk_name; // the primary key from this table
 	public $pk_id; // the PK id
 
-	// METHOD: db_array_io
-	// PARAMS: db_config -> db_io class init vars
-	//         table_array -> the array from the table
-	//         table_name -> name of the table (for the array)
-	//         db_debug -> turn on db_io debug output (DB_DEBUG as global var does the same)
-	// RETURN: none
-	// DESC  : constructor for the array io class, set the
-	//         primary key name automatically (from array)
-	public function __construct($db_config, $table_array, $table_name, $debug = 0, $db_debug = 0, $echo = 1, $print = 0)
+	/**
+	 * constructor for the array io class, set the
+	 * primary key name automatically (from array)
+	 * @param array       $db_config        db connection config
+	 * @param array       $table_array      table array config
+	 * @param string      $table_name       table name string
+	 * @param int|integer $set_control_flag set basic class set/get variable error flags
+	 */
+	public function __construct(array $db_config, array $table_array, string $table_name, int $set_control_flag = 0)
 	{
 		// instance db_io class
-		parent::__construct($db_config, $debug, $db_debug, $echo, $print);
+		parent::__construct($db_config, $set_control_flag);
 		// more error vars for this class
-		$this->error_string['21'] = 'No Primary Key given';
-		$this->error_string['22'] = 'Could not run Array Query';
+		$this->error_string['91'] = 'No Primary Key given';
+		$this->error_string['92'] = 'Could not run Array Query';
 
 		$this->table_array = $table_array;
 		$this->table_name = $table_name;
@@ -69,35 +70,30 @@ class ArrayIO extends \CoreLibs\DB\IO
 		// set primary key for given table_array
 		if (is_array($this->table_array)) {
 			foreach ($this->table_array as $key => $value) {
-				if ($value['pk']) {
+				if (isset($value['pk'])) {
 					$this->pk_name = $key;
 				}
 			}
 		} // set pk_name IF table_array was given
-		// internal
-		$this->class_info['db_array_io'] = array(
-			'class_name' => 'DB Array IO',
-			'class_version' => '1.0.0',
-			'class_created' => '2002/12/17',
-			'class_author' => 'Clemens Schwaighofer'
-		);
 	}
 
-	// deconstruktor
+	/**
+	 * class deconstructor
+	 */
 	public function __destruct()
 	{
 		parent::__destruct();
 	}
 
-	// METHOD: convertData
-	// WAS   : convert_data
-	// PARAMS: string -> the string that should be changed
-	// RETURN: string -> the altered string
-	// DESC  : changes all previously alterd HTML code into visible one,
-	//         works for <b>,<i>, and <a> (thought <a> can be / or should
-	//         be handled with the magic links functions
-	//         used with the read function
-	public function convertData($text)
+	/**
+	 * changes all previously alterd HTML code into visible one,
+	 * works for <b>,<i>, and <a> (thought <a> can be / or should
+	 * be handled with the magic links functions
+	 * used with the read function
+	 * @param  string $text any html encoded string
+	 * @return string       decoded html string
+	 */
+	public function convertData($text): string
 	{
 		$text = str_replace('&lt;b&gt;', '<b>', $text);
 		$text = str_replace('&lt;/b&gt;', '</b>', $text);
@@ -115,7 +111,12 @@ class ArrayIO extends \CoreLibs\DB\IO
 	// PARAMS: string -> string to be changed
 	// RETURN: string -> altered string
 	// DESC  : changeds all HTML entities into non HTML ones
-	public function convertEntities($text)
+	/**
+	 * changeds all HTML entities into non HTML ones
+	 * @param  string $text encoded html string
+	 * @return string       decoded html string
+	 */
+	public function convertEntities($text): string
 	{
 		$text = str_replace('&lt;', '<', $text);
 		$text = str_replace('&gt;', '>', $text);
@@ -125,12 +126,12 @@ class ArrayIO extends \CoreLibs\DB\IO
 		return $text;
 	}
 
-	// METHOD: dbDumpArray
-	// WAS   : db_dump_array
-	// PARAMS: none
-	// RETURN: returns the current array
-	// DESC  : dumps the current data
-	public function dbDumpArray($write = 0)
+	/**
+	 * dumps the current data
+	 * @param  bool   $write write to error message, default false
+	 * @return string        the array data as html string entry
+	 */
+	public function dbDumpArray($write = false): string
 	{
 		reset($this->table_array);
 		$string = '';
@@ -138,17 +139,16 @@ class ArrayIO extends \CoreLibs\DB\IO
 			$string .= '<b>'.$column.'</b> -> '.$data_array['value'].'<br>';
 		}
 		// add output to internal error_msg
-		if ($write) {
+		if ($write === true) {
 			$this->error_msg['db'] .= $string;
 		}
 		return $string;
 	}
 
-	// METHOD: dbCheckPkSet
-	// WAS   : db_check_pk_set
-	// PARAMS: none
-	// RETURN: none
-	// DESC  : checks if pk is set and if not, set from pk_id and if this also not set return 0
+	/**
+	 * checks if pk is set and if not, set from pk_id and if this also not set return 0
+	 * @return bool true if pk value is set, else false
+	 */
 	public function dbCheckPkSet()
 	{
 		// if pk_id is set, overrule ...
@@ -158,20 +158,20 @@ class ArrayIO extends \CoreLibs\DB\IO
 		// if not set ... produce error
 		if (!$this->table_array[$this->pk_name]['value']) {
 			// if no PK found, error ...
-			$this->error_id = 21;
+			$this->error_id = 91;
 			$this->__dbError();
-			return 0;
+			return false;
 		} else {
-			return 1;
+			return true;
 		}
 	}
 
-	// METHOD: dbResetArray
-	// WAS   : db_reset_array
-	// PARAMS: reset_pk -> if set reset the pk too
-	// RETURN: none
-	// DESC  : resets the whole array
-	public function dbResetArray($reset_pk = 0)
+	/**
+	 * resets the whole array values
+	 * @param  boolean $reset_pk true if we want to reset the pk too
+	 * @return void              has no return
+	 */
+	public function dbResetArray($reset_pk = false): void
 	{
 		reset($this->table_array);
 		foreach ($this->table_array as $column => $data_array) {
@@ -183,14 +183,16 @@ class ArrayIO extends \CoreLibs\DB\IO
 		}
 	}
 
-	// METHOD: dbDelete
-	// WAS   : db_delete
-	// PARAMS: optional the table_array, if not given uses class var
-	// RETURN: 1 for successfull delete or 0 for error
-	// DESC  : deletes one dataset
-	public function dbDelete($table_array = 0)
+	/**
+	 * deletes one dataset
+	 * @param  array  $table_array optional override for table array set
+	 *                             set this as new table array too
+	 * @return array               returns the table array that was deleted
+	 */
+	public function dbDelete($table_array = array())
 	{
-		if (is_array($table_array)) {
+		// is array and has values, override set and set new
+		if (is_array($table_array) && count($table_array)) {
 			$this->table_array = $table_array;
 		}
 		if (!$this->dbCheckPkSet()) {
@@ -204,7 +206,9 @@ class ArrayIO extends \CoreLibs\DB\IO
 		$q_where = '';
 		foreach ($this->table_array as $column => $data_array) {
 			// suchen nach bildern und lschen ...
-			if ($this->table_array[$column]['file'] && file_exists($this->table_array[$column]['url'].$this->table_array[$column]['value'])) {
+			if (!empty($this->table_array[$column]['file']) &&
+				file_exists($this->table_array[$column]['url'].$this->table_array[$column]['value'])
+			) {
 				if (file_exists($this->table_array[$column]['path'].$this->table_array[$column]['value'])) {
 					unlink($this->table_array[$column]['path'].$this->table_array[$column]['value']);
 				}
@@ -214,7 +218,7 @@ class ArrayIO extends \CoreLibs\DB\IO
 				}
 			}
 			// if we have a foreign key
-			if ($this->table_array[$column]['fk']) {
+			if (!empty($this->table_array[$column]['fk'])) {
 				// create FK constraint checks
 				if ($q_where) {
 					$q_where .= ' AND ';
@@ -230,23 +234,24 @@ class ArrayIO extends \CoreLibs\DB\IO
 			$q .= ' AND '.$q_where;
 		}
 		// if 0, error
-		unset($this->pk_id);
+		$this->pk_id = null;
 		if (!$this->dbExec($q)) {
-			$this->error_id=22;
+			$this->error_id = 92;
 			$this->__dbError();
 		}
 		return $this->table_array;
 	}
 
-	// METHOD: dbRead
-	// WAS   : db_read
-	// PARAMS: edit -> if 1 data will not be altered for output, optional the table_array, if not given uses class var
-	// RETURN: true or false for reading
-	// DESC  : reads one row into the array
-	public function dbRead($edit = 0, $table_array = 0)
+	/**
+	 * reads one row into the array
+	 * @param  boolean $edit        on true convert data, else as is
+	 * @param  array   $table_array optional table array, overwrites internal set array
+	 * @return array                set table array with values
+	 */
+	public function dbRead($edit = false, $table_array = array())
 	{
 		// if array give, overrules internal array
-		if (is_array($table_array)) {
+		if (is_array($table_array) && count($table_array)) {
 			$this->table_array = $table_array;
 		}
 		if (!$this->dbCheckPkSet()) {
@@ -263,7 +268,7 @@ class ArrayIO extends \CoreLibs\DB\IO
 			$q_select .= $column;
 
 			// check FK ...
-			if ($this->table_array[$column]['fk'] && $this->table_array[$column]['value']) {
+			if (isset($this->table_array[$column]['fk']) && isset($this->table_array[$column]['value'])) {
 				if ($q_where) {
 					$q_where .= ' AND ';
 				}
@@ -284,13 +289,15 @@ class ArrayIO extends \CoreLibs\DB\IO
 			if ($res = $this->dbFetchArray()) {
 				reset($this->table_array);
 				foreach ($this->table_array as $column => $data_array) {
-					// wenn "edit" dann gib daten wie in DB zurck, ansonten aufbereiten fr ausgabe
+					// wenn "edit" dann gib daten wie in DB zurück, ansonten aufbereiten fr ausgabe
 					// ?? sollte das nicht drauen ??? man weis ja net was da drin steht --> is noch zu berlegen
 					// echo 'EDIT: $edit | Spalte: $column | type: '.$this->table_array[$column]['type'].' | Res: '.$res[$column].'<br>';
 					if ($edit) {
 						$this->table_array[$column]['value'] = $res[$column];
 						// if password, also write to hidden
-						if ($this->table_array[$column]['type'] == 'password') {
+						if (isset($this->table_array[$column]['type']) &&
+							$this->table_array[$column]['type'] == 'password'
+						) {
 							$this->table_array[$column]['HIDDEN_value'] = $res[$column];
 						}
 					} else {
@@ -302,20 +309,21 @@ class ArrayIO extends \CoreLibs\DB\IO
 			// possible dbFetchArray errors ...
 			$this->pk_id = $this->table_array[$this->pk_name]['value'];
 		} else {
-			$this->error_id = 22;
+			$this->error_id = 92;
 			$this->__dbError();
 		}
 		return $this->table_array;
 	}
 
-	// METHOD: dbWrite
-	// WAS   : db_write
-	// PARAMS: addslashes -> if 1 will make an addslashes for each array field, optional the table_array, if not given uses class var
-	// RETURN: true or false on write
-	// DESC  : writes on set into DB or updates one set (if PK exists)
-	public function dbWrite($addslashes = 0, $table_array = 0)
+	/**
+	 * writes one set into DB or updates one set (if PK exists)
+	 * @param  boolean $addslashes  old convert entities and set set escape
+	 * @param  array   $table_array optional table array, overwrites internal one
+	 * @return array                table array or null
+	 */
+	public function dbWrite($addslashes = false, $table_array = array())
 	{
-		if (is_array($table_array)) {
+		if (is_array($table_array) && count($table_array)) {
 			$this->table_array = $table_array;
 		}
 		// PK ID check
@@ -334,9 +342,9 @@ class ArrayIO extends \CoreLibs\DB\IO
 		$q_vars = '';
 		$q_where = '';
 		foreach ($this->table_array as $column => $data_array) {
-/********************************* START FILE *************************************/
+			/********************************* START FILE *************************************/
 			// file upload
-			if ($this->table_array[$column]['file']) {
+			if (isset($this->table_array[$column]['file'])) {
 				// falls was im tmp drinnen, sprich ein upload, datei kopieren, Dateinamen in db schreiben
 				// falls datei schon am server (physischer pfad), dann einfach url in db schreiben (update)
 				// falls in 'delete' 'ja' dann loeschen (und gibts eh nur beim update)
@@ -381,12 +389,19 @@ class ArrayIO extends \CoreLibs\DB\IO
 					}
 				} // delete or upload
 			} // file IF
-/********************************* END FILE **************************************/
+			/********************************* END FILE **************************************/
 
 			// do not write 'pk' (primary key) or 'view' values
-			if (!$this->table_array[$column]['pk'] && $this->table_array[$column]['type'] != 'view' && strlen($column) > 0) {
+			if (!isset($this->table_array[$column]['pk']) &&
+				isset($this->table_array[$column]['type']) &&
+				$this->table_array[$column]['type'] != 'view' &&
+				strlen($column) > 0
+			) {
 				// for password use hidden value if main is not set
-				if ($this->table_array[$column]['type'] == 'password' && !$this->table_array[$column]['value']) {
+				if (isset($this->table_array[$column]['type']) &&
+					$this->table_array[$column]['type'] == 'password' &&
+					empty($this->table_array[$column]['value'])
+				) {
 					$this->table_array[$column]['value'] = $this->table_array[$column]['HIDDEN_value'];
 				}
 				if (!$insert) {
@@ -399,41 +414,64 @@ class ArrayIO extends \CoreLibs\DB\IO
 					if (strlen($q_data)) {
 						$q_data .= ', ';
 					}
-					if ($q_vars) {
+					if (strlen($q_vars)) {
 						$q_vars .= ', ';
 					}
 					$q_vars .= $column;
 				}
 				// integer is different
-				if ($this->table_array[$column]['int'] || $this->table_array[$column]['int_null']) {
-					$this->debug('write_check', '[$column]['.$this->table_array[$column]['value'].'] Foo: '.isset($this->table_array[$column]['value']).' | '.$this->table_array[$column]['int_null']);
-					if (!$this->table_array[$column]['value'] && $this->table_array[$column]['int_null']) {
+				if (isset($this->table_array[$column]['int']) || isset($this->table_array[$column]['int_null'])) {
+					$this->debug('write_check', '['.$column.']['.$this->table_array[$column]['value'].']['.$this->table_array[$column]['type'].'] '.
+						'VALUE SET: '.(string)isset($this->table_array[$column]['value']).
+						' | INT NULL: '.(string)isset($this->table_array[$column]['int_null']));
+					if (isset($this->table_array[$column]['value']) &&
+						!$this->table_array[$column]['value'] &&
+						isset($this->table_array[$column]['int_null'])
+					) {
 						$_value = 'NULL';
-					} elseif (!isset($this->table_array[$column]['value'])) {
+					} elseif (!isset($this->table_array[$column]['value']) ||
+						(isset($this->table_array[$column]['value']) && !$this->table_array[$column]['value'])
+					) {
 						$_value = 0;
 					} else {
 						$_value = $this->table_array[$column]['value'];
 					}
 					$q_data .= $_value;
-				} elseif ($this->table_array[$column]['bool']) {
+				} elseif (isset($this->table_array[$column]['bool'])) {
 					// boolean storeage (reverse check on ifset)
 					$q_data .= "'".$this->dbBoolean($this->table_array[$column]['value'], true)."'";
-				} elseif ($this->table_array[$column]["interval"]) {
+				} elseif (isset($this->table_array[$column]['interval'])) {
 					// for interval we check if no value, then we set null
-					if (!$this->table_array[$column]['value']) {
+					if (!isset($this->table_array[$column]['value']) ||
+						(isset($this->table_array[$column]['value']) && !$this->table_array[$column]['value'])
+					) {
+						$_value = 'NULL';
+					} elseif (isset($this->table_array[$column]['value'])) {
+						$_value = $this->table_array[$column]['value'];
+					} else {
+						// fallback
 						$_value = 'NULL';
 					}
 					$q_data .= $_value;
 				} else {
-					// normal string
-					$q_data .= "'";
-					// if add slashes do convert & add slashes else write AS is
-					if ($addslashes) {
-						$q_data .= $this->dbEscapeString($this->convertEntities($this->table_array[$column]['value']));
+					// if the error check is json, we set field to null if NOT set
+					// else normal string write
+					if (isset($this->table_array[$column]['error_check']) &&
+						$this->table_array[$column]['error_check'] == 'json' &&
+						(!isset($this->table_array[$column]['value']) || (isset($this->table_array[$column]['value']) && !$this->table_array[$column]['value']))
+					) {
+						$q_data .= 'NULL';
 					} else {
-						$q_data .= $this->dbEscapeString($this->table_array[$column]['value']);
+						// normal string
+						$q_data .= "'";
+						// if add slashes do convert & add slashes else write AS is
+						if ($addslashes) {
+							$q_data .= $this->dbEscapeString($this->convertEntities($this->table_array[$column]['value']));
+						} else {
+							$q_data .= $this->dbEscapeString($this->table_array[$column]['value']);
+						}
+						$q_data .= "'";
 					}
-					$q_data .= "'";
 				}
 			}
 		} // while ...
@@ -444,8 +482,8 @@ class ArrayIO extends \CoreLibs\DB\IO
 		// create select part & addition FK part
 		foreach ($this->table_array as $column => $data_array) {
 			// check FK ...
-			if ($this->table_array[$column]['fk'] && $this->table_array[$column]['value']) {
-				if ($q_where) {
+			if (isset($this->table_array[$column]['fk']) && isset($this->table_array[$column]['value'])) {
+				if (!empty($q_where)) {
 					$q_where .= ' AND ';
 				}
 				$q_where .= $column .= ' = '.$this->table_array[$column]['value'];
@@ -453,11 +491,11 @@ class ArrayIO extends \CoreLibs\DB\IO
 		}
 
 		// if no PK set, then get max ID from DB
-		if (!$this->table_array[$this->pk_name]["value"]) {
+		if (!$this->table_array[$this->pk_name]['value']) {
 			// max id, falls INSERT
 			$q = 'SELECT MAX('.$this->pk_name.') + 1 AS pk_id FROM '.$this->table_name;
 			$res = $this->dbReturnRow($q);
-			if (!$res['pk_id']) {
+			if (!isset($res['pk_id'])) {
 				$res['pk_id'] = 1;
 			}
 			$this->table_array[$this->pk_name]['value'] = $res['pk_id'];
@@ -468,7 +506,7 @@ class ArrayIO extends \CoreLibs\DB\IO
 			$q .= $q_data;
 			$q .= ' WHERE ';
 			$q .= $this->pk_name.' = '.$this->table_array[$this->pk_name]['value'].' ';
-			if ($q_where) {
+			if (!empty($q_where)) {
 				$q .= ' AND '.$q_where;
 			}
 			// set pk_id ... if it has changed or so
@@ -480,76 +518,22 @@ class ArrayIO extends \CoreLibs\DB\IO
 			// write primary key too
 			// if ($q_data)
 			//	$q .= ", ";
-			// $q .= $this->pk_name." = ".$this->table_array[$this->pk_name]["value"]." ";
-			// $this->pk_id = $this->table_array[$this->pk_name]["value"];
+			// $q .= $this->pk_name." = ".$this->table_array[$this->pk_name]['value']." ";
+			// $this->pk_id = $this->table_array[$this->pk_name]['value'];
 		}
 		// return success or not
 		if (!$this->dbExec($q)) {
-			$this->error_id = 22;
+			$this->error_id = 92;
 			$this->__dbError();
 		}
 		// set primary key
 		if ($insert) {
 			$this->table_array[$this->pk_name]['value'] = $this->insert_id;
-			$this->ok = $this->insert_id;
+			$this->pk_id = $this->insert_id;
 		}
 		// return the table if needed
 		return $this->table_array;
 	}
-
-	// *************************************************************
-	// COMPATIBILITY METHODS
-	// those methods are deprecated function call names
-	// they exist for backwards compatibility only
-	// *************************************************************
-
-	public function convert_data($text)
-	{
-		error_log('DEPRECATED CALL: '.__METHOD__.', '.__FILE__.':'.__LINE__.', '.debug_backtrace()[0]['file'].':'.debug_backtrace()[0]['line']);
-		return $this->convertData($text);
-	}
-
-	public function convert_entities($text)
-	{
-		error_log('DEPRECATED CALL: '.__METHOD__.', '.__FILE__.':'.__LINE__.', '.debug_backtrace()[0]['file'].':'.debug_backtrace()[0]['line']);
-		return $this->convertEntities($text);
-	}
-
-	public function db_dump_array($write = 0)
-	{
-		error_log('DEPRECATED CALL: '.__METHOD__.', '.__FILE__.':'.__LINE__.', '.debug_backtrace()[0]['file'].':'.debug_backtrace()[0]['line']);
-		return $this->dbDumpArray($write);
-	}
-
-	public function db_check_pk_set()
-	{
-		error_log('DEPRECATED CALL: '.__METHOD__.', '.__FILE__.':'.__LINE__.', '.debug_backtrace()[0]['file'].':'.debug_backtrace()[0]['line']);
-		return $this->dbCheckPkSet();
-	}
-
-	public function db_reset_array($reset_pk = 0)
-	{
-		error_log('DEPRECATED CALL: '.__METHOD__.', '.__FILE__.':'.__LINE__.', '.debug_backtrace()[0]['file'].':'.debug_backtrace()[0]['line']);
-		return $this->dbResetArray($reset_pk);
-	}
-
-	public function db_delete($table_array = 0)
-	{
-		error_log('DEPRECATED CALL: '.__METHOD__.', '.__FILE__.':'.__LINE__.', '.debug_backtrace()[0]['file'].':'.debug_backtrace()[0]['line']);
-		return $this->dbDelete($table_array);
-	}
-
-	public function db_read($edit = 0, $table_array = 0)
-	{
-		error_log('DEPRECATED CALL: '.__METHOD__.', '.__FILE__.':'.__LINE__.', '.debug_backtrace()[0]['file'].':'.debug_backtrace()[0]['line']);
-		return $this->dbRead($edit, $table_array);
-	}
-
-	public function db_write($addslashes = 0, $table_array = 0)
-	{
-		error_log('DEPRECATED CALL: '.__METHOD__.', '.__FILE__.':'.__LINE__.', '.debug_backtrace()[0]['file'].':'.debug_backtrace()[0]['line']);
-		return $this->dbWrite($addslashes, $table_array);
-	}
 } // end of class
 
 // __END__

www/lib/CoreLibs/DB/SQL/PgSQL.inc

@@ -1,431 +0,0 @@
-<?php
-/*********************************************************************
-* AUTHOR: Clemens Schwaighofer
-* CREATED: 2003/04/09
-* SHORT DESCRIPTION:
-*   2018/3/23, the whole class system is transformed to namespaces
-*   also all internal class calls are converted to camel case
-*
-* pgsql wrapper calls
-*
-*  HISTORY:
-* 2008/04/16 (cs) wrapper for pg escape string
-* 2007/01/11 (cs) add prepare/execute for postgres
-* 2006/09/12 (cs) in case db_query retuns false, save the query and run the query through the send/get procedure to get correct error data from the db
-* 2006/06/26 (cs) added port for db connection
-* 2006/04/03 (cs) added meta data for table
-* 2005/07/25 (cs) removed the plural s remove, not needed and not 100% working
-* 2005/07/07 (cs) the default it is table_name _ id
-* 2005/01/19 (cs) changed the pgsql connect, so it dies if it can't connect to the DB
-* 2004/09/30 (cs) layout cleanup
-* /
-
-* collection of PostgreSQL wrappers
-* REQUIRES 5.x PHP!!!
-*
-* pg_prepare
-* pg_execute
-* pg_num_rows
-* pg_num_fields
-* pg_field_name
-* pg_affected_rows (*)
-* pg_fetch_array
-* pg_query
-* pg_send_query
-* pg_get_result
-* pg_connection_busy
-* pg_close
-* pg_connect (*)
-* pg_meta_data
-* pg_escape_string
-*
-*/
-
-namespace CoreLibs\DB\SQL;
-
-class PgSQL
-{
-	private $last_error_query;
-	private $dbh;
-
-	// METHOD: __construct
-	// PARAMS: none
-	// RETURN: none
-	// DESC  : class constructor
-	public function __construct()
-	{
-	}
-
-	// METHOD: __dbLastErrorQuery
-	// WAS   : _db_last_error_query
-	// PARAMS: none
-	// RETURN: true/false if last error is set
-	// DESC  : queries last error query and returns true or false if error was set
-	public function __dbLastErrorQuery()
-	{
-		if ($this->last_error_query) {
-			return true;
-		} else {
-			return false;
-		}
-	}
-
-	// METHOD: __dbQuery
-	// WAS   : _db_query
-	// PARAMS: query
-	// RETURN: query result
-	// DESC  : wrapper for gp_query, catches error and stores it in class var
-	public function __dbQuery($query)
-	{
-		$this->last_error_query = '';
-		// read out the query status and save the query if needed
-		$result = pg_query($this->dbh, $query);
-		if (!$result) {
-			$this->last_error_query = $query;
-		}
-		return $result;
-	}
-
-	// METHOD: __dbSendQuery
-	// WAS   : _db_send_query
-	// PARAMS: query
-	// RETURN: true/false if query was sent successful
-	// DESC  : sends an async query to the server
-	public function __dbSendQuery($query)
-	{
-		return pg_send_query($this->dbh, $query);
-	}
-
-	// METHOD: __dbGetResult
-	// WAS   : _db_get_result
-	// PARAMS: none
-	// RETURN: resource handler
-	// DESC  : wrapper for pg_get_result
-	public function __dbGetResult()
-	{
-		$this->last_error_query = '';
-		$result = pg_get_result($this->dbh);
-		if ($error = pg_result_error($result)) {
-			$this->last_error_query = $error;
-		}
-		return $result;
-	}
-
-	// METHOD: __dbClose
-	// WAS   : _db_close
-	// PARAMS: none
-	// RETURN: none
-	// DESC  : wrapper for pg_close
-	public function __dbClose()
-	{
-		if (is_resource($this->dbh)) {
-			if (pg_connection_status($this->dbh) === PGSQL_CONNECTION_OK) {
-				pg_close($this->dbh);
-			}
-		}
-	}
-
-	// METHOD: __dbPrepare
-	// WAS   : _db_prepare
-	// PARAMS: prepare name, query
-	// RETURN: prepared statement handler
-	// DESC  : wrapper for pg_prepare
-	public function __dbPrepare($name, $query)
-	{
-		$result = pg_prepare($this->dbh, $name, $query);
-		if (!$result) {
-			$this->last_error_query = $query;
-		}
-		return $result;
-	}
-
-	// METHOD: __dbExecute
-	// WAS   : _db_execute
-	// PARAMS: prepare name, data for query
-	// RETURN: returns status
-	// DESC  : wrapper for pg_execute for running a prepared statement
-	public function __dbExecute($name, $data)
-	{
-		$result = pg_execute($this->dbh, $name, $data);
-		if (!$result) {
-			$this->last_error_query = $name;
-		}
-		return $result;
-	}
-
-	// METHOD: __dbNumRows
-	// WAS   : _db_num_rows
-	// PARAMS: cursor
-	// RETURN: rows
-	// DESC  : wrapper for pg_num_rows
-	public function __dbNumRows($cursor)
-	{
-		return pg_num_rows($cursor);
-	}
-
-	// METHOD: __dbNumFields
-	// WAS   : _db_num_fields
-	// PARAMS: cursor
-	// RETURN: number for fields in query
-	// DESC  : wrapper for pg_num_fields
-	public function __dbNumFields($cursor)
-	{
-		return pg_num_fields($cursor);
-	}
-
-	// METHOD: __dbFieldName
-	// WAS   : _db_field_name
-	// PARAMS: cursor, field position
-	// RETURN: name of field
-	// DESC  : wrapper for pg_field_name
-	public function __dbFieldName($cursor, $i)
-	{
-		return pg_field_name($cursor, $i);
-	}
-
-	// METHOD: __dbFetchArray
-	// WAS   : _db_fetch_array
-	// PARAMS: cursor, opt result type
-	// RETURN: row
-	// DESC  : wrapper for pg_fetch_array
-	public function __dbFetchArray($cursor, $result_type = '')
-	{
-		// result type is passed on as is [should be checked]
-		if ($result_type) {
-			return pg_fetch_array($cursor, null, $result_type);
-		} else {
-			return pg_fetch_array($cursor);
-		}
-	}
-
-	// METHOD: __dbFetchAll
-	// WAS   : _db_fetch_all
-	// PARAMS: cursor
-	// RETURN: all rows as array
-	// DESC  : wrapper for pg_fetch_array
-	public function __dbFetchAll($cursor)
-	{
-		return pg_fetch_all($cursor);
-	}
-
-	// METHOD: __dbAffectedRows
-	// WAS   : _db_affected_rows
-	// PARAMS: cursor
-	// RETURN: number for rows
-	// DESC  : wrapper for pg_affected_rows
-	public function __dbAffectedRows($cursor)
-	{
-		return pg_affected_rows($cursor);
-	}
-
-	// METHOD: __dbInsertId
-	// WAS   : _db_insert_id
-	// PARAMS: query, primary key name
-	// RETURN: last insert primary key
-	// DESC  : reads the last inserted primary key for the query
-	//         if ther is no pk_name tries to auto built it from the table name
-	//         this only works if db schema is after "no plural names. and pk name is table name + _id
-	//         detects schema prefix in table name
-	public function __dbInsertId($query, $pk_name)
-	{
-		// only if an insert has been done
-		if (preg_match("/^insert /i", $query)) {
-			$schema = '';
-			// get table name from insert
-			$array = explode(' ', $query);
-			$_table = $array[2];
-			// if there is a dot inside, we need to split
-			if (strstr($_table, '.')) {
-				list($schema, $table) = explode('.', $_table);
-			} else {
-				$table = $_table;
-			}
-			// no PK name given at all
-			if (!$pk_name) {
-				// if name is plurar, make it singular
-				// if (preg_match("/.*s$/i", $table))
-				// 	$table = substr($table, 0, -1);
-				// set pk_name to "id"
-				$pk_name = $table."_id";
-			}
-			$seq = (($schema) ? $schema.'.' : '').$table."_".$pk_name."_seq";
-			$q = "SELECT CURRVAL('$seq') AS insert_id";
-			// I have to do manually or I overwrite the original insert internal vars ...
-			if ($q = $this->__dbQuery($q)) {
-				list($id) = $this->__dbFetchArray($q);
-			} else {
-				$id = array(-1, $q);
-			}
-			return $id;
-		}
-	}
-
-	// METHOD: __dbPrimaryKey
-	// WAS   : _db_primary_key
-	// PARAMS: table and optional schema
-	// RETURN: primary key name OR false if not possible
-	// DESC  : queries database for the primary key name to this table in the selected schema
-	public function __dbPrimaryKey($table, $schema = '')
-	{
-		if ($table) {
-			// check if schema set is different from schema given, only needed if schema is not empty
-			$table_prefix = '';
-			if ($schema) {
-				$q = "SHOW search_path";
-				$cursor = $this->__dbQuery($q);
-				$search_path = $this->__dbFetchArray($cursor)['search_path'];
-				if ($search_path != $schema) {
-					$table_prefix = $schema.'.';
-				}
-			}
-			// read from table the PK name
-			// faster primary key get
-			$q = "SELECT pg_attribute.attname AS column_name, format_type(pg_attribute.atttypid, pg_attribute.atttypmod) AS type ";
-			$q .= "FROM pg_index, pg_class, pg_attribute ";
-			if ($schema) {
-				$q .= ", pg_namespace ";
-			}
-			$q .= "WHERE ";
-			// regclass translates the OID to the name
-			$q .= "pg_class.oid = '".$table_prefix.$table."'::regclass AND ";
-				$q .= "indrelid = pg_class.oid AND ";
-			if ($schema) {
-				$q .= "nspname = '".$schema."' AND ";
-				$q .= "pg_class.relnamespace = pg_namespace.oid AND ";
-			}
-			$q .= "pg_attribute.attrelid = pg_class.oid AND ";
-			$q .= "pg_attribute.attnum = any(pg_index.indkey) ";
-			$q .= "AND indisprimary";
-			$cursor = $this->__dbQuery($q);
-			if ($cursor) {
-				return $this->__dbFetchArray($cursor)['column_name'];
-			} else {
-				return false;
-			}
-		} else {
-			return false;
-		}
-	}
-
-	// METHOD: __dbConnect
-	// WAS   : _db_connect
-	// PARAMS: host name, user name, password, database name, optional port (defaults to default postgres port), optional ssl (default allow)
-	// RETURN: database handler
-	// DESC  : wrapper for pg_connect, writes out failure to screen if error occurs (hidden var)
-	public function __dbConnect($db_host, $db_user, $db_pass, $db_name, $db_port = 5432, $db_ssl = 'allow')
-	{
-		// to avoid empty db_port
-		if (!$db_port) {
-			$db_port = 5432;
-		}
-		$this->dbh = pg_connect("host=".$db_host." port=".$db_port." user=".$db_user." password=".$db_pass." dbname=".$db_name." sslmode=".$db_ssl);
-		if (!$this->dbh) {
-			die("<!-- Can't connect [host=".$db_host." port=".$db_port." user=".$db_user." password=XXXX dbname=".$db_name." sslmode=".$db_ssl."] //-->");
-		}
-		return $this->dbh;
-	}
-
-	// METHOD: __dbPrintError
-	// WAS   : _db_print_error
-	// PARAMS: database handler, cursor
-	// RETURN: error string (HTML)
-	// DESC  : reads the last error for this cursor
-	public function __dbPrintError($cursor = '')
-	{
-		// run the query again for the error result here
-		if (!$cursor && $this->last_error_query) {
-			pg_send_query($this->dbh, $this->last_error_query);
-			$this->last_error_query = '';
-			$cursor = pg_get_result($this->dbh);
-		}
-		if (pg_result_error($cursor)) {
-			return "<span style=\"color: red;\"><b>-PostgreSQL-Error-></b> ".pg_result_error($cursor)."</span><br>";
-		}
-	}
-
-	// METHOD: __dbMetaData
-	// WAS   : _db_meta_data
-	// PARAMS: table name
-	// RETURN: array with table data
-	// DESC  : wrapper for pg_emta_data
-	public function __dbMetaData($table)
-	{
-		// needs to prefixed with @ or it throws a warning on not existing table
-		return @pg_meta_data($this->dbh, $table);
-	}
-
-	// METHOD: __dbEscapeString
-	// WAS   : _db_escape_string
-	// PARAMS: string
-	// RETURN: escaped string for postgres
-	// DESC  : wrapper for pg_escape_string
-	public function __dbEscapeString($string)
-	{
-		return pg_escape_string($this->dbh, $string);
-	}
-
-	// METHOD: __dbEscapeBytea
-	// WAS   : _db_escape_bytea
-	// PARAMS: string
-	// RETURN: escape bytes for postgres
-	// DESC  : wrapper for pg_escape_bytea
-	public function __dbEscapeBytea($bytea)
-	{
-		return pg_escape_bytea($this->dbh, $bytea);
-	}
-
-	// METHOD: __dbConnectionBusy
-	// WAS   : _db_connection_busy
-	// PARAMS: none
-	// RETURN: true/false for busy connection
-	// DESC  : wrapper for pg_connection_busy
-	public function __dbConnectionBusy()
-	{
-		return pg_connection_busy($this->dbh);
-	}
-
-	// METHOD: __dbVersion
-	// WAS   : _db_version
-	// PARAMS: none
-	// RETURN: databse version
-	// DESC  : wrapper for pg_version
-	public function __dbVersion()
-	{
-		// array has client, protocol, server
-		// we just need the server
-		$v = pg_version($this->dbh);
-		return $v['server'];
-	}
-
-	// METHOD: __dbArrayParse
-	// WAS   : _db_array_parse
-	// PARAMS: input text, output array [needed]
-	//         [internal] limit: are we at the end of the parse
-	//         [internal] offset: shift for {}
-	// RETURN: array with the elements
-	// DESC  : postgresql array to php array
-	public function __dbArrayParse($text, &$output, $limit = false, $offset = 1)
-	{
-		if (false === $limit) {
-			$limit = strlen($text) - 1;
-			$output = array();
-		}
-		if ('{}' != $text) {
-			do {
-				if ('{' != $text{$offset}) {
-					preg_match("/(\\{?\"([^\"\\\\]|\\\\.)*\"|[^,{}]+)+([,}]+)/", $text, $match, 0, $offset);
-					$offset += strlen($match[0]);
-					$output[] = ('"' != $match[1]{0} ? $match[1] : stripcslashes(substr($match[1], 1, -1)));
-					if ('},' == $match[3]) {
-						return $offset;
-					}
-				} else {
-					$offset = pg_array_parse($text, $output[], $limit, $offset + 1);
-				}
-			} while ($limit > $offset);
-		}
-		return $output;
-	}
-}
-
-// __END__

www/lib/CoreLibs/DB/SQL/PgSQL.php

@@ -0,0 +1,467 @@
+<?php declare(strict_types=1);
+/*********************************************************************
+* AUTHOR: Clemens Schwaighofer
+* CREATED: 2003/04/09
+* SHORT DESCRIPTION:
+*   2018/3/23, the whole class system is transformed to namespaces
+*   also all internal class calls are converted to camel case
+*
+* pgsql wrapper calls
+*
+*  HISTORY:
+* 2008/04/16 (cs) wrapper for pg escape string
+* 2007/01/11 (cs) add prepare/execute for postgres
+* 2006/09/12 (cs) in case db_query retuns false, save the query and run the query through the send/get procedure to get correct error data from the db
+* 2006/06/26 (cs) added port for db connection
+* 2006/04/03 (cs) added meta data for table
+* 2005/07/25 (cs) removed the plural s remove, not needed and not 100% working
+* 2005/07/07 (cs) the default it is table_name _ id
+* 2005/01/19 (cs) changed the pgsql connect, so it dies if it can't connect to the DB
+* 2004/09/30 (cs) layout cleanup
+* /
+
+* collection of PostgreSQL wrappers
+* REQUIRES 5.x PHP!!!
+*
+* pg_prepare
+* pg_execute
+* pg_num_rows
+* pg_num_fields
+* pg_field_name
+* pg_affected_rows (*)
+* pg_fetch_array
+* pg_query
+* pg_send_query
+* pg_get_result
+* pg_connection_busy
+* pg_close
+* pg_connect (*)
+* pg_meta_data
+* pg_escape_string
+*
+*/
+
+namespace CoreLibs\DB\SQL;
+
+class PgSQL
+{
+	private $last_error_query;
+	private $dbh;
+
+	/**
+	 * class constructor, empty does nothing
+	 */
+	public function __construct()
+	{
+	}
+
+	/**
+	 * queries last error query and returns true or false if error was set
+	 * @return bool true/false if last error is set
+	 */
+	public function __dbLastErrorQuery()
+	{
+		if ($this->last_error_query) {
+			return true;
+		} else {
+			return false;
+		}
+	}
+
+	/**
+	 * wrapper for gp_query, catches error and stores it in class var
+	 * @param  string      $query query string
+	 * @return resource|bool      query result
+	 */
+	public function __dbQuery(string $query)
+	{
+		$this->last_error_query = '';
+		// read out the query status and save the query if needed
+		$result = pg_query($this->dbh, $query);
+		if (!$result) {
+			$this->last_error_query = $query;
+		}
+		return $result;
+	}
+
+	/**
+	 * sends an async query to the server
+	 * @param  string $query query string
+	 * @return bool          true/false if query was sent successful
+	 */
+	public function __dbSendQuery(string $query): bool
+	{
+		return pg_send_query($this->dbh, $query);
+	}
+
+	/**
+	 * wrapper for pg_get_result
+	 * @return resource|bool resource handler or false for error
+	 */
+	public function __dbGetResult()
+	{
+		$this->last_error_query = '';
+		$result = pg_get_result($this->dbh);
+		if ($error = pg_result_error($result)) {
+			$this->last_error_query = $error;
+		}
+		return $result;
+	}
+
+	/**
+	 * wrapper for pg_close
+	 * @return void has no return
+	 */
+	public function __dbClose(): void
+	{
+		if (is_resource($this->dbh)) {
+			if (pg_connection_status($this->dbh) === PGSQL_CONNECTION_OK) {
+				pg_close($this->dbh);
+			}
+		}
+	}
+
+	/**
+	 * wrapper for pg_prepare
+	 * @param  string $name  statement name
+	 * @param  string $query query string
+	 * @return resource|bool prepare statement handler or false for error
+	 */
+	public function __dbPrepare(string $name, string $query)
+	{
+		$result = pg_prepare($this->dbh, $name, $query);
+		if (!$result) {
+			$this->last_error_query = $query;
+		}
+		return $result;
+	}
+
+	/**
+	 * wrapper for pg_execute for running a prepared statement
+	 * @param  string        $name statement name
+	 * @param  array         $data data array
+	 * @return resource|bool returns status or false for error
+	 */
+	public function __dbExecute(string $name, array $data)
+	{
+		$result = pg_execute($this->dbh, $name, $data);
+		if (!$result) {
+			$this->last_error_query = $name;
+		}
+		return $result;
+	}
+
+	/**
+	 * wrapper for pg_num_rows
+	 * @param  resource $cursor cursor resource
+	 * @return int              number of rows, -1 on error
+	 */
+	public function __dbNumRows($cursor): int
+	{
+		return pg_num_rows($cursor);
+	}
+
+	/**
+	 * wrapper for pg_num_fields
+	 * @param  resource $cursor cursor resource
+	 * @return int              number for fields in result, -1 on error
+	 */
+	public function __dbNumFields($cursor): int
+	{
+		return pg_num_fields($cursor);
+	}
+
+	/**
+	 * wrapper for pg_field_name
+	 * @param  resource    $cursor cursor resource
+	 * @param  int         $i      field position
+	 * @return string|bool         name or false on error
+	 */
+	public function __dbFieldName($cursor, $i)
+	{
+		return pg_field_name($cursor, $i);
+	}
+
+	/**
+	 * wrapper for pg_fetch_array
+	 * if through/true false, use __dbResultType(true)
+	 * @param  resource $cursor      cursor resource
+	 * @param  int      $result_type result type as int number
+	 * @return array|bool            array result data or false on end/error
+	 */
+	public function __dbFetchArray($cursor, int $result_type = PGSQL_BOTH)
+	{
+		// result type is passed on as is [should be checked]
+		return pg_fetch_array($cursor, null, $result_type);
+	}
+
+	/**
+	 * simple match up between assoc true/false
+	 * @param  bool $assoc_type true (default) for PGSQL_ASSOC, false for PGSQL_BOTH
+	 * @return int              valid result type for fetch array
+	 */
+	public function __dbResultType(bool $assoc_type = true): int
+	{
+		if ($assoc_type == true) {
+			return PGSQL_ASSOC;
+		}
+		// fallback to default
+		return PGSQL_BOTH;
+	}
+
+	/**
+	 * wrapper for pg_fetch_all
+	 * @param  resource   $cursor cursor resource
+	 * @return array|bool         data array or false for end/error
+	 */
+	public function __dbFetchAll($cursor)
+	{
+		return pg_fetch_all($cursor);
+	}
+
+	/**
+	 * wrapper for pg_affected_rows
+	 * @param  resource $cursor cursor resource
+	 * @return int              affected rows, 0 for none
+	 */
+	public function __dbAffectedRows($cursor): int
+	{
+		return pg_affected_rows($cursor);
+	}
+
+	/**
+	 * reads the last inserted primary key for the query
+	 * if there is no pk_name tries to auto built it from the table name
+	 * this only works if db schema is after "no plural names. and pk name is table name + _id
+	 * detects schema prefix in table name
+	 * @param  string     $query   query string
+	 * @param  string     $pk_name primary key name, if '' then auto detect
+	 * @return string|int          primary key value
+	 */
+	public function __dbInsertId(string $query, string $pk_name)
+	{
+		// only if an insert has been done
+		if (preg_match("/^insert /i", $query)) {
+			$schema = '';
+			// get table name from insert
+			$array = explode(' ', $query);
+			$_table = $array[2];
+			// if there is a dot inside, we need to split
+			if (strstr($_table, '.')) {
+				list($schema, $table) = explode('.', $_table);
+			} else {
+				$table = $_table;
+			}
+			// no PK name given at all
+			if (!$pk_name) {
+				// if name is plurar, make it singular
+				// if (preg_match("/.*s$/i", $table))
+				// 	$table = substr($table, 0, -1);
+				// set pk_name to "id"
+				$pk_name = $table."_id";
+			}
+			$seq = (($schema) ? $schema.'.' : '').$table."_".$pk_name."_seq";
+			$q = "SELECT CURRVAL('$seq') AS insert_id";
+			// I have to do manually or I overwrite the original insert internal vars ...
+			if ($q = $this->__dbQuery($q)) {
+				list($id) = $this->__dbFetchArray($q);
+			} else {
+				$id = array(-1, $q);
+			}
+			return $id;
+		}
+	}
+
+	/**
+	 * queries database for the primary key name to this table in the selected schema
+	 * @param  string      $table  table name
+	 * @param  string      $schema optional schema name, '' for default
+	 * @return string|bool         primary key name or false if not found
+	 */
+	public function __dbPrimaryKey(string $table, string $schema = '')
+	{
+		if ($table) {
+			// check if schema set is different from schema given, only needed if schema is not empty
+			$table_prefix = '';
+			if ($schema) {
+				$q = "SHOW search_path";
+				$cursor = $this->__dbQuery($q);
+				$search_path = $this->__dbFetchArray($cursor)['search_path'];
+				if ($search_path != $schema) {
+					$table_prefix = $schema.'.';
+				}
+			}
+			// read from table the PK name
+			// faster primary key get
+			$q = "SELECT pg_attribute.attname AS column_name, format_type(pg_attribute.atttypid, pg_attribute.atttypmod) AS type ";
+			$q .= "FROM pg_index, pg_class, pg_attribute ";
+			if ($schema) {
+				$q .= ", pg_namespace ";
+			}
+			$q .= "WHERE ";
+			// regclass translates the OID to the name
+			$q .= "pg_class.oid = '".$table_prefix.$table."'::regclass AND ";
+				$q .= "indrelid = pg_class.oid AND ";
+			if ($schema) {
+				$q .= "nspname = '".$schema."' AND ";
+				$q .= "pg_class.relnamespace = pg_namespace.oid AND ";
+			}
+			$q .= "pg_attribute.attrelid = pg_class.oid AND ";
+			$q .= "pg_attribute.attnum = any(pg_index.indkey) ";
+			$q .= "AND indisprimary";
+			$cursor = $this->__dbQuery($q);
+			if ($cursor) {
+				return $this->__dbFetchArray($cursor)['column_name'];
+			} else {
+				return false;
+			}
+		} else {
+			return false;
+		}
+	}
+
+	/**
+	 * wrapper for pg_connect, writes out failure to screen if error occurs (hidden var)
+	 * @param  string    $db_host host name
+	 * @param  string    $db_user user name
+	 * @param  string    $db_pass password
+	 * @param  string    $db_name databse name
+	 * @param  integer   $db_port port (int, 5432 is default)
+	 * @param  string    $db_ssl  SSL (allow is default)
+	 * @return ?resource          db handler resource or null on error
+	 */
+	public function __dbConnect(string $db_host, string $db_user, string $db_pass, string $db_name, int $db_port = 5432, string $db_ssl = 'allow')
+	{
+		// to avoid empty db_port
+		if (!$db_port) {
+			$db_port = 5432;
+		}
+		$this->dbh = pg_connect("host=".$db_host." port=".$db_port." user=".$db_user." password=".$db_pass." dbname=".$db_name." sslmode=".$db_ssl);
+		if (!$this->dbh) {
+			die("<!-- Can't connect [host=".$db_host." port=".$db_port." user=".$db_user." password=XXXX dbname=".$db_name." sslmode=".$db_ssl."] //-->");
+			return null;
+		}
+		return $this->dbh;
+	}
+
+	/**
+	 * reads the last error for this cursor and returns
+	 * html formatted string with error name
+	 * @param  ?resource $cursor cursor resource or null
+	 * @return string            error string
+	 */
+	public function __dbPrintError($cursor = null): string
+	{
+		// run the query again for the error result here
+		if (!$cursor && $this->last_error_query) {
+			pg_send_query($this->dbh, $this->last_error_query);
+			$this->last_error_query = '';
+			$cursor = pg_get_result($this->dbh);
+		}
+		if ($cursor && pg_result_error($cursor)) {
+			return "<span style=\"color: red;\"><b>-PostgreSQL-Error-></b> ".pg_result_error($cursor)."</span><br>";
+		} else {
+			return '';
+		}
+	}
+
+	/**
+	 * wrapper for pg_meta_data
+	 * @param  string $table    table name
+	 * @param  bool   $extended show extended info (default false)
+	 * @return array|bool       array data for the table info or false on error
+	 */
+	public function __dbMetaData(string $table, $extended = false)
+	{
+		// needs to prefixed with @ or it throws a warning on not existing table
+		return @pg_meta_data($this->dbh, $table, $extended);
+	}
+
+	/**
+	 * wrapper for pg_escape_string
+	 * @param  string|int|float|bool $string any string/int/float/bool
+	 * @return string                        excaped string
+	 */
+	public function __dbEscapeString($string): string
+	{
+		return pg_escape_string($this->dbh, (string)$string);
+	}
+
+	/**
+	 * wrapper for pg_escape_literal
+	 * difference to escape string is that this one adds quotes ('') around
+	 * the string too
+	 * @param  string|int|float|bool $string any string/int/float/bool
+	 * @return string                        excaped string including quites
+	 */
+	public function __dbEscapeLiteral($string): string
+	{
+		return pg_escape_string($this->dbh, (string)$string);
+	}
+
+	/**
+	 * wrapper for pg_escape_byte
+	 * @param  string $bytea bytea data stream
+	 * @return string        escaped bytea string
+	 */
+	public function __dbEscapeBytea($bytea): string
+	{
+		return pg_escape_bytea($this->dbh, $bytea);
+	}
+
+	/**
+	 * wrapper for pg_connection_busy
+	 * @return bool true/false for busy connection
+	 */
+	public function __dbConnectionBusy(): bool
+	{
+		return pg_connection_busy($this->dbh);
+	}
+
+	/**
+	 * wrapper for pg_version
+	 * Note: this only returns server version
+	 * not connection version OR client version
+	 * @return string version string
+	 */
+	public function __dbVersion(): string
+	{
+		// array has client, protocol, server
+		// we just need the server
+		$v = pg_version($this->dbh);
+		return $v['server'];
+	}
+
+	/**
+	 * postgresql array to php array
+	 * @param  string   $text    array text from PostgreSQL
+	 * @param  array    $output  (internal) recursive pass on for nested arrays
+	 * @param  bool|int $limit   (internal) max limit to not overshoot the end, start with false
+	 * @param  integer  $offset  (internal) shift offset for {}
+	 * @return array|int         converted PHP array, interal recusrive int position
+	 */
+	public function __dbArrayParse($text, &$output, $limit = false, $offset = 1)
+	{
+		if (false === $limit) {
+			$limit = strlen($text) - 1;
+			$output = array();
+		}
+		if ('{}' != $text) {
+			do {
+				if ('{' != $text{$offset}) {
+					preg_match("/(\\{?\"([^\"\\\\]|\\\\.)*\"|[^,{}]+)+([,}]+)/", $text, $match, 0, $offset);
+					$offset += strlen($match[0]);
+					$output[] = ('"' != $match[1]{0} ? $match[1] : stripcslashes(substr($match[1], 1, -1)));
+					if ('},' == $match[3]) {
+						return $offset;
+					}
+				} else {
+					$offset = $this->__dbArrayParse($text, $output, $limit, $offset + 1);
+				}
+			} while ($limit > $offset);
+		}
+		return $output;
+	}
+}
+
+// __END__

www/lib/CoreLibs/Language/Core/CachedFileReader.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 
 /*
 	Copyright (c) 2003, 2005, 2006, 2009 Danilo Segan <danilo@kvota.net>.
@@ -24,23 +24,25 @@ namespace CoreLibs\Language\Core;
 
 // Preloads entire file in memory first, then creates a StringReader
 // over it (it assumes knowledge of StringReader internals)
-class CachedFileReader extends CoreLibs\Language\Core\StringReader
+class CachedFileReader extends \CoreLibs\Language\Core\StringReader
 {
+	public $error = 0;
+	public $_str = '';
+
 	public function __construct($filename)
 	{
+		parent::__construct();
 		if (file_exists($filename)) {
 			$length = filesize($filename);
 			$fd = fopen($filename, 'rb');
 
 			if (!$fd) {
 				$this->error = 3; // Cannot read file, probably permissions
-				return false;
 			}
 			$this->_str = fread($fd, $length);
 			fclose($fd);
 		} else {
 			$this->error = 2; // File doesn't exist
-			return false;
 		}
 	}
 }

www/lib/CoreLibs/Language/Core/FileReader.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 
 /*
 	Copyright (c) 2003, 2005, 2006, 2009 Danilo Segan <danilo@kvota.net>.
@@ -27,7 +27,12 @@ class FileReader
 	public $fr_pos;
 	public $fr_fd;
 	public $fr_length;
+	public $error = 0;
 
+	/**
+	 * file read constructor
+	 * @param string $filename file name to load
+	 */
 	public function __construct($filename)
 	{
 		if (file_exists($filename)) {
@@ -36,14 +41,17 @@ class FileReader
 			$this->fr_fd = fopen($filename, 'rb');
 			if (!$this->fr_fd) {
 				$this->error = 3; // Cannot read file, probably permissions
-				return false;
 			}
 		} else {
 			$this->error = 2; // File doesn't exist
-			return false;
 		}
 	}
 
+	/**
+	 * read byte data length
+	 * @param  int $bytes how many bytes to read
+	 * @return string     read data as string
+	 */
 	public function read($bytes)
 	{
 		if ($bytes) {
@@ -65,6 +73,11 @@ class FileReader
 		}
 	}
 
+	/**
+	 * seek to a position in the file
+	 * @param  int $pos position where to go to
+	 * @return int      file position after seek done
+	 */
 	public function seekto($pos)
 	{
 		fseek($this->fr_fd, $pos);
@@ -72,17 +85,29 @@ class FileReader
 		return $this->fr_pos;
 	}
 
+	/**
+	 * get current position in file
+	 * @return int current position in bytes
+	 */
 	public function currentpos()
 	{
 		return $this->fr_pos;
 	}
 
+	/**
+	 * file length/size
+	 * @return int file size in bytes
+	 */
 	public function length()
 	{
 		return $this->fr_length;
 	}
 
-	public function close()
+	/**
+	 * close open file handler
+	 * @return void has no return
+	 */
+	public function close(): void
 	{
 		fclose($this->fr_fd);
 	}

www/lib/CoreLibs/Language/Core/GetTextReader.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /*
 	Copyright (c) 2003, 2009 Danilo Segan <danilo@kvota.net>.
 	Copyright (c) 2005 Nico Kaiser <nico@siriux.net>
@@ -39,7 +39,7 @@ class GetTextReader
 	// public:
 	public $error = 0; // public variable that holds error code (0 if no error)
 
-   //private:
+	// private:
 	private $BYTEORDER = 0;        // 0: low endian, 1: big endian
 	private $STREAM = null;
 	private $short_circuit = false;
@@ -50,7 +50,7 @@ class GetTextReader
 	private $total = 0;          // total string count
 	private $table_originals = null;  // table for original strings (offsets)
 	private $table_translations = null;  // table for translated strings (offsets)
-	private $cache_translations = null;  // original -> translation mapping
+	private $cache_translations = array();  // original -> translation mapping
 
 
 	/* Methods */
@@ -60,7 +60,7 @@ class GetTextReader
 	* Reads a 32bit Integer from the Stream
 	*
 	* @access private
-	* @return Integer from the Stream
+	* @return int Integer from the Stream
 	*/
 	private function readint()
 	{
@@ -75,6 +75,11 @@ class GetTextReader
 		}
 	}
 
+	/**
+	 * read bytes
+	 * @param  int    $bytes byte length to read
+	 * @return string        return data, possible string
+	 */
 	public function read($bytes)
 	{
 		return $this->STREAM->read($bytes);
@@ -83,8 +88,8 @@ class GetTextReader
 	/**
 	* Reads an array of Integers from the Stream
 	*
-	* @param int count How many elements should be read
-	* @return Array of Integers
+	* @param  int   $count How many elements should be read
+	* @return array        Array of Integers
 	*/
 	public function readintarray($count)
 	{
@@ -100,13 +105,13 @@ class GetTextReader
 	/**
 	* Constructor
 	*
-	* @param object Reader the StreamReader object
-	* @param boolean enable_cache Enable or disable caching of strings (default on)
+	* @param object $Reader       the StreamReader object
+	* @param bool   $enable_cache Enable or disable caching of strings (default on)
 	*/
 	public function __construct($Reader, $enable_cache = true)
 	{
 		// If there isn't a StreamReader, turn on short circuit mode.
-		if (!$Reader || isset($Reader->error)) {
+		if (!$Reader || $Reader->error) {
 			$this->short_circuit = true;
 			return;
 		}
@@ -125,7 +130,6 @@ class GetTextReader
 			$this->BYTEORDER = 0;
 		} else {
 			$this->error = 1; // not MO file
-			return false;
 		}
 
 		// FIXME: Do we care about revision? We should.
@@ -162,7 +166,7 @@ class GetTextReader
 		}
 
 		if ($this->enable_cache) {
-			$this->cache_translations = array ();
+			$this->cache_translations = array();
 			/* read all strings in the cache */
 			for ($i = 0; $i < $this->total; $i++) {
 				$this->STREAM->seekto($this->table_originals[$i * 2 + 2]);
@@ -178,8 +182,8 @@ class GetTextReader
 	* Returns a string from the "originals" table
 	*
 	* @access private
-	* @param int num Offset number of original string
-	* @return string Requested string if found, otherwise ''
+	* @param  int    $num Offset number of original string
+	* @return string      Requested string if found, otherwise ''
 	*/
 	private function get_original_string($num)
 	{
@@ -197,8 +201,8 @@ class GetTextReader
 	* Returns a string from the "translations" table
 	*
 	* @access private
-	* @param int num Offset number of original string
-	* @return string Requested string if found, otherwise ''
+	* @param  int    $num Offset number of original string
+	* @return string      Requested string if found, otherwise ''
 	*/
 	private function get_translation_string($num)
 	{
@@ -216,10 +220,10 @@ class GetTextReader
 	* Binary search for string
 	*
 	* @access private
-	* @param string string
-	* @param int start (internally used in recursive function)
-	* @param int end (internally used in recursive function)
-	* @return int string number (offset in originals table)
+	* @param  string           $string string to find
+	* @param  int              $start  (internally used in recursive function)
+	* @param  int              $end    (internally used in recursive function)
+	* @return int|string|float         (offset in originals table)
 	*/
 	private function find_string($string, $start = -1, $end = -1)
 	{
@@ -260,8 +264,8 @@ class GetTextReader
 	* Translates a string
 	*
 	* @access public
-	* @param string string to be translated
-	* @return string translated string (or original, if not found)
+	* @param  string $string to be translated
+	* @return string         translated string (or original, if not found)
 	*/
 	public function translate($string)
 	{
@@ -272,7 +276,7 @@ class GetTextReader
 
 		if ($this->enable_cache) {
 			// Caching enabled, get translated string from cache
-			if (array_key_exists($string, $this->cache_translations)) {
+			if (is_array($this->cache_translations) && array_key_exists($string, $this->cache_translations)) {
 				return $this->cache_translations[$string];
 			} else {
 				return $string;
@@ -292,7 +296,8 @@ class GetTextReader
 	* Sanitize plural form expression for use in PHP eval call.
 	*
 	* @access private
-	* @return string sanitized plural form expression
+	* @param  string $expr an expression to match
+	* @return string       sanitized plural form expression
 	*/
 	private function sanitize_plural_expression($expr)
 	{
@@ -328,7 +333,8 @@ class GetTextReader
 	* Parse full PO header and extract only plural forms line.
 	*
 	* @access private
-	* @return string verbatim plural form header field
+	* @param  string $header header search in plurals
+	* @return string         verbatim plural form header field
 	*/
 	private function extract_plural_forms_header_from_po_header($header)
 	{
@@ -355,7 +361,7 @@ class GetTextReader
 		// cache header field for plural forms
 		if (! is_string($this->pluralheader)) {
 			if ($this->enable_cache) {
-				$header = $this->cache_translations[""];
+				$header = $this->cache_translations[''];
 			} else {
 				$header = $this->get_translation_string(0);
 			}
@@ -369,8 +375,8 @@ class GetTextReader
 	* Detects which plural form to take
 	*
 	* @access private
-	* @param n count
-	* @return int array index of the right plural form
+	* @param  string $n count
+	* @return int       array index of the right plural form
 	*/
 	private function select_string($n)
 	{
@@ -393,10 +399,10 @@ class GetTextReader
 	* Plural version of gettext
 	*
 	* @access public
-	* @param string single
-	* @param string plural
-	* @param string number
-	* @return translated plural form
+	* @param  string $single
+	* @param  string $plural
+	* @param  string $number
+	* @return string plural form
 	*/
 	public function ngettext($single, $plural, $number)
 	{
@@ -415,7 +421,7 @@ class GetTextReader
 		$key = $single . chr(0) . $plural;
 
 		if ($this->enable_cache) {
-			if (! array_key_exists($key, $this->cache_translations)) {
+			if (is_array($this->cache_translations) && !array_key_exists($key, $this->cache_translations)) {
 				return ($number != 1) ? $plural : $single;
 			} else {
 				$result = $this->cache_translations[$key];
@@ -434,6 +440,12 @@ class GetTextReader
 		}
 	}
 
+	/**
+	 * p get text
+	 * @param  string $context [description]
+	 * @param  string $msgid   [description]
+	 * @return string          [description]
+	 */
 	public function pgettext($context, $msgid)
 	{
 		$key = $context.chr(4).$msgid;
@@ -445,6 +457,14 @@ class GetTextReader
 		}
 	}
 
+	/**
+	 * np get text
+	 * @param  string $context  [description]
+	 * @param  string $singular [description]
+	 * @param  string $plural   [description]
+	 * @param  string $number   [description]
+	 * @return string           [description]
+	 */
 	public function npgettext($context, $singular, $plural, $number)
 	{
 		$key = $context.chr(4).$singular;

www/lib/CoreLibs/Language/Core/StreamReader.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 
 /*
 	Copyright (c) 2003, 2005, 2006, 2009 Danilo Segan <danilo@kvota.net>.
@@ -26,25 +26,47 @@ namespace CoreLibs\Language\Core;
 // seek is essential, and it should be byte stream
 class StreamReader
 {
-	// should return a string [FIXME: perhaps return array of bytes?]
+	/**
+	 * constructor, empty
+	 */
+	public function __construct()
+	{
+		// empty
+	}
+
+	/**
+	 * should return a string [FIXME: perhaps return array of bytes?]
+	 * @param  int $bytes bytes to read
+	 * @return bool       dummy false
+	 */
 	public function read($bytes)
 	{
 		return false;
 	}
 
-	// should return new position
+	/**
+	 * should return new position
+	 * @param  int $position seek to position
+	 * @return bool          dummy false
+	 */
 	public function seekto($position)
 	{
 		return false;
 	}
 
-	// returns current position
+	/**
+	 * returns current position
+	 * @return bool dummy false
+	 */
 	public function currentpos()
 	{
 		return false;
 	}
 
-	// returns length of entire stream (limit for seekto()s)
+	/**
+	 * returns length of entire stream (limit for seekto()s)
+	 * @return bool dummy false
+	 */
 	public function length()
 	{
 		return false;

www/lib/CoreLibs/Language/Core/StringReader.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 
 /*
 	Copyright (c) 2003, 2005, 2006, 2009 Danilo Segan <danilo@kvota.net>.
@@ -27,12 +27,21 @@ class StringReader
 	public $sr_pos;
 	public $sr_str;
 
+	/**
+	 * constructor for string reader
+	 * @param string $str basic string
+	 */
 	public function __construct($str = '')
 	{
 		$this->sr_str = $str;
 		$this->sr_pos = 0;
 	}
 
+	/**
+	 * read bytes in string
+	 * @param  int $bytes bytes to read in string
+	 * @return string     data read in length of bytes as string
+	 */
 	public function read($bytes)
 	{
 		$data = substr($this->sr_str, $this->sr_pos, $bytes);
@@ -44,6 +53,11 @@ class StringReader
 		return $data;
 	}
 
+	/**
+	 * go to position in string
+	 * @param  int $pos position in string
+	 * @return int      new position in string after seek
+	 */
 	public function seekto($pos)
 	{
 		$this->sr_pos = $pos;
@@ -53,11 +67,19 @@ class StringReader
 		return $this->sr_pos;
 	}
 
+	/**
+	 * get current position in string
+	 * @return int position in string
+	 */
 	public function currentpos()
 	{
 		return $this->sr_pos;
 	}
 
+	/**
+	 * get length of string
+	 * @return int return length of assigned string
+	 */
 	public function length()
 	{
 		return strlen($this->sr_str);

www/lib/CoreLibs/Language/L10n.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /*********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2004/11/18
@@ -35,8 +35,15 @@ class L10n extends \CoreLibs\Basic
 	private $input;
 	private $l10n;
 
-	public function __construct($lang = '', $path = '')
+	/**
+	 * class constructor call for language getstring
+	 * @param string      $lang             language name (optional), fallback is en
+	 * @param string      $path             path, if empty fallback on default internal path
+	 * @param int|integer $set_control_flag control flags for Basic class set/get checks
+	 */
+	public function __construct(string $lang = '', string $path = '', int $set_control_flag = 0)
 	{
+		parent::__construct($set_control_flag);
 		if (!$lang) {
 			$this->lang = 'en';
 		} else {
@@ -59,8 +66,13 @@ class L10n extends \CoreLibs\Basic
 		$this->l10n = new GetTextReader($this->input);
 	}
 
-	// reloads the mofile, if the location of the lang file changes
-	public function l10nReloadMOfile($lang, $path = '')
+	/**
+	 * reloads the mofile, if the location of the lang file changes
+	 * @param  string $lang language to reload data
+	 * @param  string $path optional path, if not set fallback on internal
+	 * @return bool         successfull reload true/false
+	 */
+	public function l10nReloadMOfile(string $lang, string $path = ''): bool
 	{
 		$success = false;
 		$old_mofile = $this->mofile;
@@ -89,27 +101,52 @@ class L10n extends \CoreLibs\Basic
 		return $success;
 	}
 
-	public function __($text)
+	/**
+	 * translates a string and returns translated text
+	 * @param  string $text text to translate
+	 * @return string       translated text
+	 */
+	public function __($text): string
 	{
 		return $this->l10n->translate($text);
 	}
 
-	public function __e($text)
+	/**
+	 * prints translated string out to the screen
+	 * @param  string $text text to translate
+	 * @return void         has no return
+	 */
+	public function __e($text): void
 	{
 		echo $this->l10n->translate($text);
 	}
 
 	// Return the plural form.
+	/**
+	 * Return the plural form.
+	 * @param  string $single string for single word
+	 * @param  string $plural string for plural word
+	 * @param  string $number number value
+	 * @return string translated plural string
+	 */
 	public function __ngettext($single, $plural, $number)
 	{
 		return $this->l10n->ngettext($single, $plural, $number);
 	}
 
+	/**
+	 * get current set language
+	 * @return string current set language string
+	 */
 	public function __getLang()
 	{
 		return $this->lang;
 	}
 
+	/**
+	 * get current set mo file
+	 * @return string current set mo language file
+	 */
 	public function __getMoFile()
 	{
 		return $this->mofile;

www/lib/CoreLibs/Output/Progressbar.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /*
 *	Class ProgressBar
 *
@@ -22,7 +22,12 @@ class ProgressBar
 	public $code;	// unique code
 	public $status = 'new';	// current status (new,show,hide)
 	public $step = 0;	// current step
-	public $position = array(); // current bar position
+	public $position = array( // current bar position
+		'left' => null,
+		'top' => null,
+		'width' => null,
+		'height' => null,
+	);
 
 	public $clear_buffer_size = 1; // we need to send this before the lfush to get browser output
 	public $clear_buffer_size_init = 1024*1024; // if I don't send that junk, it won't send anything
@@ -73,8 +78,12 @@ class ProgressBar
 		)
 	*/
 
-	// constructor
-	public function __construct($width = 0, $height = 0)
+	/**
+	 * progress bar constructor
+	 * @param integer $width  progress bar width, default 0
+	 * @param integer $height progress bar height, default 0
+	 */
+	public function __construct(int $width = 0, int $height = 0)
 	{
 		$this->code = substr(md5(microtime()), 0, 6);
 		if ($width > 0) {
@@ -90,7 +99,12 @@ class ProgressBar
 
 	// private functions
 
-	private function __flushCache($clear_buffer_size = 0)
+	/**
+	 * flush cache hack for IE and others
+	 * @param  integer $clear_buffer_size buffer size override
+	 * @return void                       has not return
+	 */
+	private function __flushCache(int $clear_buffer_size = 0): void
 	{
 		if (!$clear_buffer_size) {
 			$clear_buffer_size = $this->clear_buffer_size;
@@ -100,7 +114,12 @@ class ProgressBar
 		flush();
 	}
 
-	private function __calculatePercent($step)
+	/**
+	 * [__calculatePercent description]
+	 * @param  float $step percent step to do
+	 * @return float       percent step done
+	 */
+	private function __calculatePercent(float $step): float
 	{
 		// avoid divison through 0
 		if ($this->max - $this->min == 0) {
@@ -113,8 +132,14 @@ class ProgressBar
 		return $percent;
 	}
 
-	private function __calculatePosition($step)
+	/**
+	 * calculate position in bar step
+	 * @param  float $step percent step to do
+	 * @return array       bar position as array
+	 */
+	private function __calculatePosition(float $step): array
 	{
+		$bar = 0;
 		switch ($this->direction) {
 			case 'right':
 			case 'left':
@@ -137,6 +162,7 @@ class ProgressBar
 			$pixel = $bar - ($this->pedding * 2);
 		}
 
+		$position = array();
 		switch ($this->direction) {
 			case 'right':
 				$position['left'] = $this->pedding;
@@ -166,7 +192,12 @@ class ProgressBar
 		return $position;
 	}
 
-	private function __setStep($step)
+	/**
+	 * set the step
+	 * @param  float  $step percent step to do
+	 * @return void         has no return
+	 */
+	private function __setStep(float $step): void
 	{
 		if ($step > $this->max) {
 			$step = $this->max;
@@ -178,9 +209,15 @@ class ProgressBar
 	}
 
 	// public functions
-	public function setFrame($width = 0, $height = 0)
+	/**
+	 * set frame layout
+	 * @param  integer $width  bar width
+	 * @param  integer $height bar height
+	 * @return void            has no return
+	 */
+	public function setFrame(int $width = 0, int $height = 0): void
 	{
-		$this->frame = array (
+		$this->frame = array(
 			'show' => true,
 			'left' => 20,
 			'top' => 35,
@@ -199,7 +236,15 @@ class ProgressBar
 		}
 	}
 
-	public function addLabel($type, $name, $value = '&nbsp;')
+	/**
+	 * set bar label text
+	 * allowed types are: text, button, step, percent, percentlbl, crossbar
+	 * @param  string $type  label type
+	 * @param  string $name  label name (internal)
+	 * @param  string $value label output name (optional)
+	 * @return void          has no return
+	 */
+	public function addLabel(string $type, string $name, string $value = '&nbsp;'): void
 	{
 		switch ($type) {
 			case 'text':
@@ -274,7 +319,6 @@ class ProgressBar
 					'color' => '#000000',
 					'bgr_color' => ''
 				);
-//				print "THIS[$name]: ".$this->label[$name]['left']." | ".$this->label[$name]['width']."<br>";
 				break;
 			case 'crossbar':
 				$this->label[$name] = array(
@@ -295,14 +339,32 @@ class ProgressBar
 		}
 	}
 
-	public function addButton($name, $value, $action, $target = 'self')
+	/**
+	 * add a button to the progress bar
+	 * @param  string $name   button name (internal)
+	 * @param  string $value  button text (output)
+	 * @param  string $action button action (link)
+	 * @param  string $target button action target (default self)
+	 * @return void           has no return
+	 */
+	public function addButton(string $name, string $value, string $action, string $target = 'self'): void
 	{
 		$this->addLabel('button', $name, $value);
 		$this->label[$name]['action'] = $action;
 		$this->label[$name]['target'] = $target;
 	}
 
-	public function setLabelPosition($name, $left, $top, $width, $height, $align = '')
+	/**
+	 * set the label position
+	 * @param  string $name   label name to set
+	 * @param  int    $left   left px
+	 * @param  int    $top    top px
+	 * @param  int    $width  width px
+	 * @param  int    $height height px
+	 * @param  string $align  alignment (left/right/etc), default empty
+	 * @return void           has no return
+	 */
+	public function setLabelPosition(string $name, int $left, int $top, int $width, int $height, string $align = ''): void
 	{
 		// print "SET POSITION[$name]: $left<br>";
 		// if this is percent, we ignore anything, it is auto positioned
@@ -331,7 +393,13 @@ class ProgressBar
 		}
 	}
 
-	public function setLabelColor($name, $color)
+	/**
+	 * set label color
+	 * @param  string $name  label name to set
+	 * @param  string $color color value in rgb html hex
+	 * @return void          has no return
+	 */
+	public function setLabelColor(string $name, string $color): void
 	{
 		$this->label[$name]['color'] = $color;
 		if ($this->status != 'new') {
@@ -340,7 +408,13 @@ class ProgressBar
 		}
 	}
 
-	public function setLabelBackground($name, $color)
+	/**
+	 * set the label background color
+	 * @param  string $name  label name to set
+	 * @param  string $color background color to set in rgb html hex
+	 * @return void          has no return
+	 */
+	public function setLabelBackground(string $name, string $color): void
 	{
 		$this->label[$name]['bgr_color'] = $color;
 		if ($this->status != 'new') {
@@ -349,7 +423,15 @@ class ProgressBar
 		}
 	}
 
-	public function setLabelFont($name, $size, $family = '', $weight = '')
+	/**
+	 * [setLabelFont description]
+	 * @param  string $name   label name to set
+	 * @param  int    $size   font size in px
+	 * @param  string $family font family (default empty)
+	 * @param  string $weight font weight (default empty)
+	 * @return void           has no return
+	 */
+	public function setLabelFont(string $name, int $size, string $family = '', string $weight = ''): void
 	{
 		// just in case if it is too small
 		if (intval($size) < 0) {
@@ -384,7 +466,13 @@ class ProgressBar
 		}
 	}
 
-	public function setLabelValue($name, $value)
+	/**
+	 * set the label valeu
+	 * @param  string $name  label name to set
+	 * @param  string $value label value (output)
+	 * @return void          has no return
+	 */
+	public function setLabelValue(string $name, string $value): void
 	{
 		$this->label[$name]['value'] = $value;
 		// print "NAME[$name], Status: ".$this->status.": ".$value."<Br>";
@@ -394,7 +482,12 @@ class ProgressBar
 		}
 	}
 
-	public function setBarColor($color)
+	/**
+	 * set the bar color
+	 * @param  string $color color for the progress bar in rgb html hex
+	 * @return void          has no return
+	 */
+	public function setBarColor(string $color): void
 	{
 		$this->color = $color;
 		if ($this->status != 'new') {
@@ -403,7 +496,12 @@ class ProgressBar
 		}
 	}
 
-	public function setBarBackground($color)
+	/**
+	 * set the progress bar background color
+	 * @param  string $color background color in rgb html hex
+	 * @return void          has no return
+	 */
+	public function setBarBackground(string $color): void
 	{
 		$this->bgr_color = $color;
 		if ($this->status != 'new') {
@@ -412,7 +510,12 @@ class ProgressBar
 		}
 	}
 
-	public function setBarDirection($direction)
+	/**
+	 * progress bar direct (left/right)
+	 * @param  string $direction set direction as left/right
+	 * @return void              has no return
+	 */
+	public function setBarDirection(string $direction): void
 	{
 		$this->direction = $direction;
 
@@ -429,7 +532,11 @@ class ProgressBar
 		}
 	}
 
-	public function getHtml()
+	/**
+	 * get the progress bar base HTML
+	 * @return string progress bar HTML code
+	 */
+	public function getHtml(): string
 	{
 		$html = '';
 		$js = '';
@@ -438,6 +545,7 @@ class ProgressBar
 		$this->__setStep($this->step);
 		$this->position = $this->__calculatePosition($this->step);
 
+		$style_master = '';
 		if ($this->top || $this->left) {
 			$style_master = 'position:relative;top:'.$this->top.'px;left:'.$this->left.'px;width:'.($this->width + 10).'px;';
 		}
@@ -459,6 +567,7 @@ class ProgressBar
 		}
 
 		if ($this->frame['show'] == true) {
+			$border = '';
 			if ($this->frame['border'] > 0) {
 				$border = 'border:'.$this->frame['border'].'px solid;border-color:'.$this->frame['brd_color'].';margin-top:2px;-webkit-border-radius: 5px 5px 5px 5px; border-radius: 5px 5px 5px 5px;';
 			}
@@ -481,7 +590,7 @@ class ProgressBar
 		$js .= ' }'."\n";
 		$js .= '}'."\n";
 
-		// print "DUMP LABEL: <br><pre>".print_r($this->label, 1)."</pre><br>";
+		// print "DUMP LABEL: <br><pre>".print_r($this->label, true)."</pre><br>";
 		foreach ($this->label as $name => $data) {
 			// set what type of move we do
 			$move_prefix = $data['type'] == 'button' ? 'margin' : 'padding';
@@ -578,14 +687,24 @@ class ProgressBar
 		return $html;
 	}
 
-	public function show()
+	/**
+	 * show the progress bar after initialize
+	 * @return void has no return
+	 */
+	public function show(): void
 	{
 		$this->status = 'show';
 		echo $this->getHtml();
 		$this->__flushCache();
 	}
 
-	public function moveStep($step)
+	/**
+	 * move the progress bar by one step
+	 * prints out javascript to move progress bar
+	 * @param  float  $step percent step
+	 * @return void         has no return
+	 */
+	public function moveStep(float $step): void
 	{
 		$last_step = $this->step;
 		$this->__setStep($step);
@@ -632,17 +751,29 @@ class ProgressBar
 		}
 	}
 
-	public function moveNext()
+	/**
+	 * moves progress bar by one step (1)
+	 * @return void has no return
+	 */
+	public function moveNext(): void
 	{
 		$this->moveStep($this->step + 1);
 	}
 
-	public function moveMin()
+	/**
+	 * moves the progress bar back to the beginning
+	 * @return void has no return
+	 */
+	public function moveMin(): void
 	{
 		$this->moveStep($this->min);
 	}
 
-	public function hide()
+	/**
+	 * hide the progress bar if it is visible
+	 * @return void has no return
+	 */
+	public function hide(): void
 	{
 		if ($this->status == 'show') {
 			$this->status = 'hide';
@@ -655,7 +786,11 @@ class ProgressBar
 		}
 	}
 
-	public function unhide()
+	/**
+	 * show progress bar again after it was hidden with hide()
+	 * @return void has no return
+	 */
+	public function unhide(): void
 	{
 		if ($this->status == 'hide') {
 			$this->status = 'show';

www/lib/CoreLibs/Template/SmartyExtend.php

@@ -1,4 +1,9 @@
-<?php
+<?php declare(strict_types=1);
+// because smarty is symlinked folder
+/**
+ * @phan-file-suppress PhanRedefinedExtendedClass
+ */
+
 /********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2004/12/21
@@ -20,12 +25,19 @@ class SmartyExtend extends SmartyBC
 	public $l10n;
 
 	// constructor class, just sets the language stuff
-	public function __construct($lang)
+	/**
+	 * constructor class, just sets the language stuff
+	 * calls L10 for pass on internaly in smarty
+	 * also registers the getvar caller pliugin
+	 * @param string $lang language string to set
+	 */
+	public function __construct(string $lang)
 	{
-		SmartyBC::__construct();
+		parent::__construct();
 		$this->l10n = new \CoreLibs\Language\L10n($lang);
 		// variable variable register
-		$this->register_modifier('getvar', array(&$this, 'get_template_vars'));
+		// $this->register_modifier('getvar', array(&$this, 'get_template_vars'));
+		$this->registerPlugin('modifier', 'getvar', array(&$this, 'get_template_vars'));
 	}
 }
 

www/lib/Error.Handling.php

@@ -1,4 +1,4 @@
-<?php
+<?php declare(strict_types=1);
 /*********************************************************************
 * AUTHOR: Clemens Schwaighofer
 * CREATED: 2011/2/8
@@ -32,7 +32,7 @@ function MyErrorHandler($type, $message, $file, $line, $context)
 		return;
 	}
 	// ERROR LEVEL
-	$error_level = array (
+	$error_level = array(
 		1 => 'E_ERROR',
 		2 => 'E_WARNING',
 		4 => 'E_PARSE',
@@ -60,7 +60,7 @@ function MyErrorHandler($type, $message, $file, $line, $context)
 	// <> the line number in this file
 	// [|] error name and error number
 	// : the php error message
-	$output = '['.date("Y-m-d H:i:s").'] {'.array_pop($page_temp).'} ['.$file.'] <'.$line.'> ['.$error_level[$type].'|'.$type.']: '.$message;
+	$output = '{'.array_pop($page_temp).'} ['.$file.'] <'.$line.'> ['.$error_level[$type].'|'.$type.']: '.$message;
 	# try to open file
 	$ROOT = CURRENT_WORKING_DIR;
 	$LOG = 'log/';
@@ -76,7 +76,7 @@ function MyErrorHandler($type, $message, $file, $line, $context)
 		$fp = @fopen($fn, 'a');
 		// write if we have a file pointer, else set error flag
 		if ($fp) {
-			fwrite($fp, $output."\n");
+			fwrite($fp, '['.date("Y-m-d H:i:s").'] '.$output."\n");
 			fclose($fp);
 		} else {
 			$error = 1;
@@ -92,13 +92,13 @@ function MyErrorHandler($type, $message, $file, $line, $context)
 		if (ini_get("display_errors")) {
 			echo "<div style='border: 1px dotted red; background-color: #ffffe5; color: #000000; padding: 5px; margin-bottom: 2px;'>";
 			echo "<div style='color: orange; font-weight: bold;'>".$error_level[$type].":</div>";
-			echo "<b>$message</b> on line <b>$line</b> in <b>$file</b>";
+			echo "<b>".$message."</b> on line <b>".$line."</b> in <b>".$file."</b>";
 			echo "</div>";
 		}
 		// if write to log is on
 		// simplified, remove datetime for log file
 		if (ini_get('log_errors')) {
-			error_log('{'.$page_temp.'} ['.$file.'] <'.$line.'> ['.$error_level[$type].'|'.$type.']: '.$message);
+			error_log($output);
 		}
 	}
 	// return true, to avoid that php calls its own error stuff

www/lib/FileUpload/Core/qqUploadedFileXhr.php

@@ -38,7 +38,7 @@ class qqUploadedFileXhr
 		if (isset($_SERVER["CONTENT_LENGTH"])) {
 			return (int)$_SERVER["CONTENT_LENGTH"];
 		} else {
-			throw new Exception('Getting content length is not supported.');
+			throw new \Exception('Getting content length is not supported.');
 		}
 	}
 }

www/lib/FileUpload/qqFileUploader.php

@@ -2,14 +2,15 @@
 
 namespace FileUpload;
 
-use \FileUpload\Core\qqUploadedFileForm;
-use \FileUpload\Core\qqUploadedFileXhr;
+use \FileUpload\Core;
 
 class qqFileUploader
 {
 	private $allowedExtensions = array();
 	private $sizeLimit = 10485760;
 	private $file;
+	public $uploadFileName;
+	public $uploadFileExt;
 
 	public function __construct(array $allowedExtensions = array(), $sizeLimit = 10485760)
 	{
@@ -21,9 +22,9 @@ class qqFileUploader
 		$this->checkServerSettings();
 
 		if (isset($_GET['qqfile'])) {
-			$this->file = new qqUploadedFileXhr();
+			$this->file = new \FileUpload\Core\qqUploadedFileXhr();
 		} elseif (isset($_FILES['qqfile'])) {
-			$this->file = new qqUploadedFileForm();
+			$this->file = new \FileUpload\Core\qqUploadedFileForm();
 		} else {
 			$this->file = false;
 		}
@@ -42,7 +43,7 @@ class qqFileUploader
 
 	private function toBytes($str)
 	{
-		$val = trim($str);
+		$val = (int)trim($str);
 		$last = strtolower($str[strlen($str)-1]);
 		switch ($last) {
 			case 'g':