Clean up for move to .php files an phan checks

Because .inc style is deprecated and also dangerious as often not setup
correctly on the server all .inc files have been renamed to .php files.

All internall calls have been udpated.

.htaccess

@@ -1,3 +1,14 @@
+# PHP XDEBUG SETTINGS
+# php_value xdebug.profiler_output_dir xdebug/
+# php_value xdebug.profiler_output_name timestamp
+# php_value xdebug.profiler_enable 1
+php_value xdebug.collect_params 2
+php_value xdebug.collect_vars 0
+php_value xdebug.show_local_vars 0
+#php_value xdebug.dump_globals 0
+# allowed COOKIE, FILES, GET, POST, REQUEST, SERVER, SESSION
+#php_value xdebug.dump.GET *
+# PHP ERROR SETTINGS
 php_flag display_startup_errors on
 php_flag display_errors on
 php_flag html_errors on

.phan/config.php

@@ -0,0 +1,81 @@
+<?php
+
+use Phan\Config;
+
+/**
+ * This configuration will be read and overlaid on top of the
+ * default configuration. Command line arguments will be applied
+ * after this file is read.
+ *
+ * @see src/Phan/Config.php
+ * See Config for all configurable options.
+ *
+ * A Note About Paths
+ * ==================
+ *
+ * Files referenced from this file should be defined as
+ *
+ * ```
+ *   Config::projectPath('relative_path/to/file')
+ * ```
+ *
+ * where the relative path is relative to the root of the
+ * project which is defined as either the working directory
+ * of the phan executable or a path passed in via the CLI
+ * '-d' flag.
+ */
+return [
+    // If true, missing properties will be created when
+    // they are first seen. If false, we'll report an
+    // error message.
+    "allow_missing_properties" => true,
+
+    // Allow null to be cast as any type and for any
+    // type to be cast to null.
+    "null_casts_as_any_type" => true,
+
+    // Backwards Compatibility Checking
+    'backward_compatibility_checks' => false,
+
+    // Run a quick version of checks that takes less
+    // time
+    "quick_mode" => false,
+
+    // Only emit critical issues to start with
+    // (0 is low severity, 5 is normal severity, 10 is critical)
+    "minimum_severity" => 10,
+
+    // A list of directories that should be parsed for class and
+    // method information. After excluding the directories
+    // defined in exclude_analysis_directory_list, the remaining
+    // files will be statically analyzed for errors.
+    //
+    // Thus, both first-party and third-party code being used by
+    // your application should be included in this list.
+    'directory_list' => [
+         // Change this to include the folders you wish to analyze
+         // (and the folders of their dependencies)
+         'www',
+         // To speed up analysis, we recommend going back later and
+         // limiting this to only the vendor/ subdirectories your
+         // project depends on.
+         // `phan --init` will generate a list of folders for you
+         //'www/vendor',
+    ],
+
+    // A list of directories holding code that we want
+    // to parse, but not analyze
+    "exclude_analysis_directory_list" => [
+         'www/vendor',
+		 'www/lib/FileUpload',
+		 'www/lib/pChart',
+		 'www/lib/pChart2.1.4',
+		 'www/lib/Smarty',
+		 'www/lib/smarty-3.1.30',
+		 'www/templates_c',
+		 'www/log',
+		 'www/tmp',
+		 'www/cache',
+		 'www/media',
+    ],
+];

4dev/database/update/edit_update_missing_cuid.sql

@@ -0,0 +1,17 @@
+-- 2019/9/10 UPDATE missing cuid in edit_* tables
+
+UPDATE edit_access SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_access_data SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_access_right SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_access_user SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_group SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_language SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_log SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_menu_group SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_page SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_page_access SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_page_content SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_query_string SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_scheme SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_user SET cuid = random_string(12) WHERE cuid IS NULL;
+UPDATE edit_visible_group SET cuid = random_string(12) WHERE cuid IS NULL;

www/admin/class_test.php

@@ -14,7 +14,6 @@ ob_start();
 // basic class test file
 define('USE_DATABASE', true);
 // sample config
-// require("config.inc");
 require 'config.php';
 // set session name
 if (!defined('SET_SESSION_NAME')) {
@@ -30,6 +29,15 @@ $basic = new CoreLibs\Admin\Backend($DB_CONFIG[MAIN_DB], $lang);
 $basic->dbInfo(1);
 ob_end_flush();
 
+$basic->hrRunningTime();
+$basic->runningTime();
+echo "RANDOM KEY [50]: ".$basic->randomKeyGen(50)."<br>";
+echo "TIMED [hr]: ".$basic->hrRunningTime()."<br>";
+echo "TIMED [def]: ".$basic->runningTime()."<br>";
+$basic->hrRunningTime();
+echo "RANDOM KEY [default]: ".$basic->randomKeyGen()."<br>";
+echo "TIMED: ".$basic->hrRunningTime()."<br>";
+
 // set + check edit access id
 $edit_access_id = 3;
 if (isset($login) && is_object($login) && isset($login->acl['unit'])) {

www/admin/edit_access.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_groups.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_languages.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_menu_group.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_order.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_pages.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_schemes.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_users.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/edit_visible_group.php

@@ -1 +1 @@
-../includes/edit_base.inc
+../includes/edit_base.php

www/admin/error_test.php

@@ -11,8 +11,8 @@ if ($DEBUG_ALL) {
 
 // sample config
 require 'config.php';
-echo "FILE: ".BASE.LIB."Error.Handling.inc<br>";
-require(BASE.LIB."Error.Handling.inc");
+echo "FILE: ".BASE.LIB."Error.Handling.php<br>";
+require(BASE.LIB."Error.Handling.php");
 
 if ($var) {
 	echo "OUT<br>";

www/admin/namespace_test.php

@@ -1,7 +1,5 @@
 <?php declare(strict_types=1);
 
-declare(strict_types=1);
-
 $DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
 $DEBUG_ALL = 1;
 $PRINT_ALL = 1;

www/admin/qq_file_upload_ajax.php

@@ -16,7 +16,7 @@ $MAX_UPLOAD_SIZE = $base->StringByteFormat(ini_get('upload_max_filesize'));
 $allowedExtensions = array ('csv', 'zip', 'jpg', 'pdf', 'bz2');
 $sizeLimit = $MAX_UPLOAD_SIZE; // as set in php ini
 $base->debug('AJAX UPLOAD', 'Size: '.$sizeLimit.', Memory Limit: '.ini_get('memory_limit'));
-$uploader = new CoreLibs\Upload\qqFileUploader($allowedExtensions, $sizeLimit);
+$uploader = new FileUpload\qqFileUploader($allowedExtensions, $sizeLimit);
 // either in post or get
 $_action= $_POST['action'] ? $_POST['action'] : $_GET['action'];
 $_task_uid = $_POST['task_uid'] ? $_POST['task_uid'] : $_GET['task_uid'];

www/admin/smarty_test.php

@@ -9,12 +9,13 @@ $LOG_PER_RUN = 1;
 define('USE_DATABASE', true);
 define('USE_HEADER', true);
 require 'config.php';
-require BASE.INCLUDES.'admin_header.inc';
+require BASE.INCLUDES.'admin_header.php';
 $MASTER_TEMPLATE_NAME = 'main_body.tpl';
 $TEMPLATE_NAME = 'smarty_test.tpl';
 $CSS_NAME = 'smart_test.css';
 $USE_PROTOTYPE = false;
 $USE_JQUERY = true;
+$JS_DATEPICKR = false;
 if ($USE_PROTOTYPE) {
 	$ADMIN_JAVASCRIPT = 'edit.pt.js';
 	$JS_NAME = 'prototype.test.js';
@@ -23,7 +24,7 @@ if ($USE_PROTOTYPE) {
 	$JS_NAME = 'jquery.test.js';
 }
 $PAGE_WIDTH = "100%";
-require BASE.INCLUDES.'admin_set_paths.inc';
+require BASE.INCLUDES.'admin_set_paths.php';
 
 // smarty test
 $cms->DATA['SMARTY_TEST'] = 'Test Data';
@@ -47,5 +48,5 @@ $options = array (
 
 $cms->DATA['drop_down_test'] = $options;
 
-require BASE.INCLUDES.'admin_smarty.inc';
-require BASE.INCLUDES.'admin_footer.inc';
+require BASE.INCLUDES.'admin_smarty.php';
+require BASE.INCLUDES.'admin_footer.php';

www/admin/various_class_test.php

@@ -6,7 +6,6 @@ $PRINT_ALL = 1;
 $DB_DEBUG = 1;
 
 // admin class tests
-// require 'config.inc';
 require 'config.php';
 DEFINE('SET_SESSION_NAME', EDIT_SESSION_NAME);
 $base = new CoreLibs\Basic();
@@ -43,7 +42,7 @@ print "LB remove: ".$base->removeLB($text, '##BR##')."<br>";
 // 	)
 // );
 
-$base->debug('ARRAY', $base->printAr($test));
+// $base->debug('ARRAY', $base->printAr($test));
 
 function rec($pre, $cur, $node = array ())
 {
@@ -82,6 +81,7 @@ function flattenArrayKey(array $array, array $return = array ())
 	return $return;
 }
 
+$test = array ();
 // core
 $test = rec('', 'A', $test);
 $test = rec('', '1', $test);

www/configs/config.master.php

@@ -146,6 +146,13 @@ DEFINE('DEFAULT_ENCODING', 'UTF-8');
 /************* LOGGING *******************/
 // DEFINE('LOG_FILE_ID', '');
 
+/************* CLASS ERRORS *******************/
+// 0 = default all OFF
+// 1 = throw notice on unset class var
+// 2 = no notice on unset class var, but do not set undefined class var
+// 3 = throw error and do not set class var
+define('CLASS_VARIABLE_ERROR_MODE', 3);
+
 /************* QUEUE TABLE *************/
 // if we have a dev/live system
 // set_live is a per page/per item
@@ -160,16 +167,16 @@ DEFINE('TEST_SCHEMA', 'public');
 DEFINE('LIVE_SCHEMA', 'public');
 
 /************* DB ACCESS *****************/
-if (file_exists(BASE.CONFIGS.'config.db.inc')) {
-	require BASE.CONFIGS.'config.db.inc';
+if (file_exists(BASE.CONFIGS.'config.db.php')) {
+	require BASE.CONFIGS.'config.db.php';
 }
 /************* CORE HOST SETTINGS *****************/
-if (file_exists(BASE.CONFIGS.'config.host.inc')) {
-	require BASE.CONFIGS.'config.host.inc';
+if (file_exists(BASE.CONFIGS.'config.host.php')) {
+	require BASE.CONFIGS.'config.host.php';
 }
 /************* OTHER PATHS *****************/
-if (file_exists(BASE.CONFIGS.'config.path.inc')) {
-	require BASE.CONFIGS.'config.path.inc';
+if (file_exists(BASE.CONFIGS.'config.path.php')) {
+	require BASE.CONFIGS.'config.path.php';
 }
 
 // set the USE_DATABASE var, if there is nothing set, we assume TRUE
@@ -255,6 +262,7 @@ if (defined('DEBUG') && DEBUG == false) {
 	$DEBUG_ALL = 1;
 	$PRINT_ALL = 1;
 	$DB_DEBUG = 1;
+	$ENABLE_ERROR_HANDLING = 0;
 }
 
 // read auto loader

www/configs/config.php

@@ -12,8 +12,8 @@ define('CONFIG_PATH', 'configs'.DIRECTORY_SEPARATOR);
 $CONFIG_PATH_PREFIX = '';
 for ($dir_pos = 0, $dir_max = count(explode(DIRECTORY_SEPARATOR, __DIR__)); $dir_pos <= $dir_max; $dir_pos ++) {
 	$CONFIG_PATH_PREFIX .= '..'.DIRECTORY_SEPARATOR;
-	if (file_exists($CONFIG_PATH_PREFIX.CONFIG_PATH.'config.inc')) {
-		require $CONFIG_PATH_PREFIX.CONFIG_PATH.'config.inc';
+	if (file_exists($CONFIG_PATH_PREFIX.CONFIG_PATH.'config.master.php')) {
+		require $CONFIG_PATH_PREFIX.CONFIG_PATH.'config.master.php';
 		break;
 	}
 }

www/includes/admin_header.php

@@ -10,7 +10,7 @@
 //------------------------------ variable init start
 // for dev test we set full error reporting; writes everything, except E_ERROR into logs/php_error-<day>.log
 if ($DEBUG_ALL && $ENABLE_ERROR_HANDLING) {
-	include BASE.LIBS."Error.Handling.inc";
+	include BASE.LIBS."Error.Handling.php";
 }
 // predefine vars
 $lang = '';
@@ -22,6 +22,8 @@ extract($_POST, EXTR_SKIP);
 //------------------------------ library include start
 // set output to quiet for load of classes & session settings
 ob_start();
+// set the session name
+define('SET_SESSION_NAME', EDIT_SESSION_NAME);
 //------------------------------ library include end
 
 //------------------------------ basic variable settings start
@@ -39,7 +41,7 @@ if (session_id() && $_SESSION['DEFAULT_LANG']) {
 if (array_key_exists('action', $_POST) && $_POST['action'] != 'download_csv') {
 	header("Content-type: text/html; charset=".$encoding);
 }
-if ($AJAX_PAGE && !$ZIP_STREAM) {
+if (isset($AJAX_PAGE) && isset($ZIP_STREAM) && $AJAX_PAGE && !$ZIP_STREAM) {
 	header("Content-Type: application/json; charset=UTF-8");
 }
 //------------------------------ basic variable settings start
@@ -84,7 +86,7 @@ if (!$login->login) {
 //------------------------------ page rights start
 // flag if to show the edit access id drop down list
 // check if we have more than one EA ID
-$cms->DATA['show_ea_extra'] = $login->acl['acl']['show_ea_extra'];
+$cms->DATA['show_ea_extra'] = $login->acl['show_ea_extra'];
 //------------------------------ page rights ned
 
 // automatic hide for DEBUG messages on live server

www/includes/admin_set_paths.php

@@ -36,10 +36,10 @@ if (!isset($CONTENT_INCLUDE)) {
 }
 $FORM_NAME = !isset($FORM_NAME) || !$FORM_NAME ? str_replace(".php", "", $cms->page_name) : $FORM_NAME;
 // set local page title
-$L_TITLE = ucfirst(str_replace('_', ' ', $cms->getPageName(1))).' - '.$G_TITLE;
+$L_TITLE = ucfirst(str_replace('_', ' ', $cms->getPageName(1))).(defined(G_TITLE) ? ' - '.G_TITLE : '');
 // strip tpl and replace it with inc
 // php include file per page
-$cms->INC_TEMPLATE_NAME = str_replace(".tpl", ".inc", $CONTENT_INCLUDE);
+$cms->INC_TEMPLATE_NAME = str_replace(".tpl", ".php", $CONTENT_INCLUDE);
 // javascript include per page
 $cms->JS_TEMPLATE_NAME = str_replace(".tpl", ".js", $CONTENT_INCLUDE);
 // css per page
@@ -78,7 +78,7 @@ if (file_exists($cms->includes.$cms->INC_TEMPLATE_NAME) &&
 	include($cms->includes.$cms->INC_TEMPLATE_NAME);
 }
 // only CSS/JS/etc include stuff if we have non AJAX page
-if (!$AJAX_PAGE) {
+if (isset($AJAX_PAGE) && !$AJAX_PAGE) {
 	// check for template include
 	if (isset($USE_INCLUDE_TEMPLATE) && $USE_INCLUDE_TEMPLATE === true && !isset($TEMPLATE_NAME)) {
 		$TEMPLATE_NAME = $CONTENT_INCLUDE;
@@ -135,9 +135,9 @@ if (false === strstr(BASE.INCLUDES.LANG.CONTENT_PATH, $cms->lang_dir) ||
 	}
 }
 
-if (!$AJAX_PAGE) {
+if (isset($AJAX_PAGE) && !$AJAX_PAGE) {
 	// javascript translate data as template for auto translate
-	if (!$TEMPLATE_TRANSLATE) {
+	if (empty($TEMPLATE_TRANSLATE)) {
 		$TEMPLATE_TRANSLATE = 'jsTranslate_'.$lang.'.tpl';
 		$cms->debug('LANG', 'Load lang: '.$lang.', for page file '.$TEMPLATE_TRANSLATE);
 	} else {

www/includes/admin_smarty.php

@@ -16,6 +16,31 @@ if ($cms->HEADER['USE_PROTOTYPE']) {
 // jquery and prototype should not be used together
 $cms->HEADER['USE_JQUERY'] = isset($USE_JQUERY) ? $USE_JQUERY : USE_JQUERY; // don't use either of those two together
 
+// check if we have an external file with the template name
+if (file_exists($cms->includes.$cms->INC_TEMPLATE_NAME) && is_file($cms->includes.$cms->INC_TEMPLATE_NAME)) {
+	include($cms->includes.$cms->INC_TEMPLATE_NAME);
+}
+// additional per page Javascript include
+$cms->JS_INCLUDE = '';
+if (file_exists($cms->javascript.$cms->JS_TEMPLATE_NAME) && is_file($cms->javascript.$cms->JS_TEMPLATE_NAME)) {
+	$cms->JS_INCLUDE = $cms->javascript.$cms->JS_TEMPLATE_NAME;
+}
+// per page css file
+$cms->CSS_INCLUDE = '';
+if (file_exists($cms->css.$cms->CSS_TEMPLATE_NAME) && is_file($cms->css.$cms->CSS_TEMPLATE_NAME)) {
+	$cms->CSS_INCLUDE = $cms->css.$cms->CSS_TEMPLATE_NAME;
+}
+// optional CSS file
+$cms->CSS_SPECIAL_INCLUDE = '';
+if (file_exists($cms->css.$cms->CSS_SPECIAL_TEMPLATE_NAME) && is_file($cms->css.$cms->CSS_SPECIAL_TEMPLATE_NAME)) {
+	$cms->CSS_SPECIAL_INCLUDE = $cms->css.$cms->CSS_SPECIAL_TEMPLATE_NAME;
+}
+// optional JS file
+$cms->JS_SPECIAL_INCLUDE = '';
+if (file_exists($cms->javascript.$cms->JS_SPECIAL_TEMPLATE_NAME) && is_file($cms->javascript.$cms->JS_SPECIAL_TEMPLATE_NAME)) {
+	$cms->JS_SPECIAL_INCLUDE = $cms->javascript.$cms->JS_SPECIAL_TEMPLATE_NAME;
+}
+
 // the actual include files for javascript (per page)
 $cms->HEADER['JS_INCLUDE'] = $cms->JS_INCLUDE;
 $cms->HEADER['CSS_INCLUDE'] = $cms->CSS_INCLUDE;
@@ -54,6 +79,9 @@ $cms->DATA['CONTENT_INCLUDE'] = $CONTENT_INCLUDE;
 // LANG
 $cms->DATA['LANG'] = $lang;
 $cms->DATA['TINYMCE_LANG'] = $lang_short;
+$cms->DATA['USE_TINY_MCE'] = isset($USE_TINY_MCE) ? $USE_TINY_MCE : false;
+$cms->DATA['JS_DATEPICKR'] = isset($JS_DATEPICKR) ? $JS_DATEPICKR : false;
+$cms->DATA['JS_FLATPICKR'] = isset($JS_FLATPICKR) ? $JS_FLATPICKR : false;
 
 // debug data, if DEBUG flag is on, this data is print out
 $cms->DEBUG_DATA['debug_error_msg'] = $cms->runningTime();

www/includes/edit_base.php

@@ -58,7 +58,7 @@ if ($form->mobile_phone) {
 // smarty template engine (extended Translation version)
 $smarty = new CoreLibs\Template\SmartyExtend($lang);
 
-$form->debug('POST', $form->printAr($_POST));
+// $form->debug('POST', $form->printAr($_POST));
 
 if (TARGET == 'live' || TARGET == 'remote') {
 	// login

www/includes/table_arrays/array_edit_access.php

@@ -9,19 +9,19 @@ $edit_access = array (
 		),
 		'name' => array (
 			'value' => isset($GLOBALS['name']) ? $GLOBALS['name'] : '',
-			'output_name' => $this->l->__('Access Group Name'),
+			'output_name' => 'Access Group Name',
 			'mandatory' => 1,
 			'type' => 'text',
 			'error_check' => 'alphanumericspace|unique'
 		),
 		'description' => array (
 			'value' => isset($GLOBALS['description']) ? $GLOBALS['description'] : '',
-			'output_name' => $this->l->__('Description'),
+			'output_name' => 'Description',
 			'type' => 'textarea'
 		),
 		'color' => array (
 			'value' => isset($GLOBALS['color']) ? $GLOBALS['color'] : '',
-			'output_name' => $this->l->__('Color'),
+			'output_name' => 'Color',
 			'mandatory' => 0,
 			'type' => 'text',
 			'size' => 6,

www/includes/table_arrays/array_edit_menu_group.php

@@ -9,13 +9,13 @@ $edit_menu_group = array (
 		),
 		'name' => array (
 			'value' => isset($GLOBALS['name']) ? $GLOBALS['name'] : '',
-			'output_name' => $this->l->__('Group name'),
+			'output_name' => 'Group name',
 			'mandatory' => 1,
 			'type' => 'text'
 		),
 		'flag' => array (
 			'value' => isset($GLOBALS['flag']) ? $GLOBALS['flag'] : '',
-			'output_name' => $this->l->__('Flag'),
+			'output_name' => 'Flag',
 			'mandatory' => 1,
 			'type' => 'text',
 			'error_check' => 'alphanumeric|unique'

www/includes/table_arrays/array_edit_pages.php

@@ -92,7 +92,7 @@ $edit_pages = array (
 		'content_alias_edit_page_id' => array (
 			'value' => isset($GLOBALS['content_alias_edit_page_id']) ? $GLOBALS['content_alias_edit_page_id'] : '',
 			'output_name' => 'Content Alias Source',
-			'int' => 1,
+			'int_null' => 1,
 			'type' => 'drop_down_db',
 			// query creation
 			'select_distinct' => 0,

www/includes/table_arrays/array_edit_visible_group.php

@@ -9,13 +9,13 @@ $edit_visible_group = array (
 		),
 		'name' => array (
 			'value' => isset($GLOBALS['name']) ? $GLOBALS['name'] : '',
-			'output_name' => $this->l->__('Group name'),
+			'output_name' => 'Group name',
 			'mandatory' => 1,
 			'type' => 'text'
 		),
 		'flag' => array (
 			'value' => isset($GLOBALS['flag']) ? $GLOBALS['flag'] : '',
-			'output_name' => $this->l->__('Flag'),
+			'output_name' => 'Flag',
 			'mandatory' => 1,
 			'type' => 'text',
 			'error_check' => 'alphanumeric|unique'

www/lib/CoreLibs/ACL/Login.php

@@ -64,6 +64,7 @@ class Login extends \CoreLibs\DB\IO
 	private $euid; // the user id var
 	private $permission_okay = 0; // is set to one if login okay, or EUID is set and user is okay to access this page
 	public $login; // pressed login
+	private $action; // master action command
 	private $username; // login name
 	private $password; // login password
 	private $logout; // logout button
@@ -78,6 +79,9 @@ class Login extends \CoreLibs\DB\IO
 	private $pw_new_password;
 	private $pw_new_password_confirm;
 	private $pw_change_deny_users = array (); // array of users for which the password change is forbidden
+	private $logout_target;
+	private $max_login_error_count = -1;
+	private $lock_deny_users = array ();
 
 	// if we have password change we need to define some rules
 	private $password_min_length = PASSWORD_MIN_LENGTH;
@@ -102,18 +106,21 @@ class Login extends \CoreLibs\DB\IO
 	public $acl = array ();
 	public $default_acl_list = array ();
 
+	// language
+	public $l;
+
 	// METHOD: login
 	// PARAMS: db_config -> array for logging in to DB where edit_users tables are
 	//        db_debug -> sets debug output for db_io (can be overruled with DB_DEBUG)
 	// RETURN: none
 	// DESC  : cunstroctuor, does ALL, opens db, works through connection checks, closes itself
-	public function __construct($db_config, $lang = 'en_utf8', $debug = 0, $db_debug = 0, $echo = 1, $print = 0)
+	public function __construct(array $db_config, string $lang = 'en_utf8', int $set_control_flag = 0)
 	{
 		// log login data for this class only
 		$this->log_per_class = 1;
 
 		// create db connection and init base class
-		if (!parent::__construct($db_config, $debug, $db_debug, $echo, $print)) {
+		if (!parent::__construct($db_config, $set_control_flag)) {
 			echo 'Could not connect to DB<br>';
 			// if I can't connect to the DB to auth exit hard. No access allowed
 			exit;
@@ -211,14 +218,6 @@ class Login extends \CoreLibs\DB\IO
 		// users that never get locked, even if they are set strict
 		$this->lock_deny_users = array ('admin');
 
-		// internal
-		$this->class_info['login'] = array(
-			'class_name' => 'Login',
-			'class_version' => '5.0.0',
-			'class_created' => '2000-06-01',
-			'class_author' => 'Clemens Schwaighofer'
-		);
-
 		// init default ACL list array
 		$_SESSION['DEFAULT_ACL_LIST'] = array ();
 		// read the current edit_access_right list into an array
@@ -282,7 +281,7 @@ class Login extends \CoreLibs\DB\IO
 	// PARAMS: hash, optional password, to override
 	// RETURN: true or false
 	// DESC  : checks if password is valid, sets internal error login variable
-	private function loginPasswordCheck($hash, $password = '')
+	private function loginPasswordCheck(string $hash, string $password = ''): bool
 	{
 		// check with what kind of prefix the password begins:
 		// $2a$ or $2y$: BLOWFISCH
@@ -541,16 +540,19 @@ class Login extends \CoreLibs\DB\IO
 						} // user has permission to THIS page
 					} // user was not enabled or other login error
 					if ($this->login_error) {
+						$login_error_date_first = '';
 						if ($res['login_error_count'] == 0) {
-							$login_error_date_first = ', login_error_date_first = NOW()';
+							$login_error_date_first = ", login_error_date_first = NOW()";
 						}
 						// update login error count for this user
 						$q = "UPDATE edit_user ";
-						$q .= "SET login_error_count = login_error_count + 1, login_error_date_last = NOW() $login_error_date_first ";
+						$q .= "SET login_error_count = login_error_count + 1, login_error_date_last = NOW() ".$login_error_date_first." ";
 						$q .= "WHERE edit_user_id = ".$res['edit_user_id'];
 						$this->dbExec($q);
 						// totally lock the user if error max is reached
-						if ($res['login_error_count'] + 1 > $this->max_login_error_count) {
+						if ($this->max_login_error_count != -1 &&
+							$res['login_error_count'] + 1 > $this->max_login_error_count
+						) {
 							// do some alert reporting in case this error is too big
 							// if strict is set, lock this user
 							// this needs manual unlocking by an admin user
@@ -737,7 +739,7 @@ class Login extends \CoreLibs\DB\IO
 	// PARAMS: edit_access_id to check
 	// RETURN: true/false: if the edit access is not in the valid list: false
 	// DESC  : checks if this edit access id is valid
-	public function loginCheckEditAccess($edit_access_id)
+	public function loginCheckEditAccess($edit_access_id): bool
 	{
 		if (array_key_exists($edit_access_id, $this->acl['unit'])) {
 			return true;
@@ -768,11 +770,20 @@ class Login extends \CoreLibs\DB\IO
 		return $is_valid_password;
 	}
 
+	// METHOD: loginPasswordForgot
+	// PARAMS: none
+	// RETURN: none
+	// DESC  : dummy declare for password forget
+	private function loginPasswordForgot()
+	{
+		// will do some password recovert, eg send email
+	}
+
 	// METHOD: loginSetPasswordMinLength
 	// PARAMS: set the minimum length
 	// RETURN: true/false on success
 	// DESC  : sets the minium length and checks on valid
-	public function loginSetPasswordMinLength($length)
+	public function loginSetPasswordMinLength(int $length): bool
 	{
 		// check that numeric, positive numeric, not longer than max input string lenght
 		// and not short than min password length
@@ -1164,7 +1175,7 @@ EOM;
 		$q .= "ip, user_agent, referer, script_name, query_string, server_name, http_host, http_accept, http_accept_charset, http_accept_encoding, session_id, ";
 		$q .= "action, action_id, action_yes, action_flag, action_menu, action_loaded, action_value, action_error) ";
 		$q .= "VALUES ('".$this->dbEscapeString($username)."', 'PASSWORD', ".(($this->euid) ? $this->euid : 'NULL').", ";
-		$q .= "NOW(), '".$this->dbEscapeString($event)."', '".$this->dbEscapeString($error)."', '".$this->dbEscapeString($data)."', '".$data_binary."', '".$this->page_name."', ";
+		$q .= "NOW(), '".$this->dbEscapeString($event)."', '".$this->dbEscapeString((string)$error)."', '".$this->dbEscapeString($data)."', '".$data_binary."', '".$this->page_name."', ";
 		foreach (array(
 			'REMOTE_ADDR', 'HTTP_USER_AGENT', 'HTTP_REFERER', 'SCRIPT_FILENAME', 'QUERY_STRING', 'SERVER_NAME', 'HTTP_HOST', 'HTTP_ACCEPT', 'HTTP_ACCEPT_CHARSET', 'HTTP_ACCEPT_ENCODING'
 		) as $server_code) {
@@ -1175,7 +1186,13 @@ EOM;
 			}
 		}
 		$q .= "'".session_id()."', ";
-		$q .= "'".$this->dbEscapeString($this->action)."', '".$this->dbEscapeString($this->username)."', NULL, '".$this->dbEscapeString($this->login_error)."', NULL, NULL, '".$this->dbEscapeString($this->permission_okay)."', NULL)";
+		$q .= "'".$this->dbEscapeString($this->action)."', ";
+		$q .= "'".$this->dbEscapeString($this->username)."', ";
+		$q .= "NULL, ";
+		$q .= "'".$this->dbEscapeString((string)$this->login_error)."', ";
+		$q .= "NULL, NULL, ";
+		$q .= "'".$this->dbEscapeString((string)$this->permission_okay)."', ";
+		$q .= "NULL)";
 		$this->dbExec($q, 'NULL');
 	}
 

www/lib/CoreLibs/Admin/Backend.php

@@ -27,7 +27,6 @@ namespace CoreLibs\Admin;
 class Backend extends \CoreLibs\DB\IO
 {
 	// page name
-	public $page_name; // the name of the current page
 	public $menu = array();
 	public $menu_show_flag = 0; // top menu flag (mostly string)
 	// action ids
@@ -43,6 +42,9 @@ class Backend extends \CoreLibs\DB\IO
 	public $action_error;
 	// ACL array variable if we want to set acl data from outisde
 	public $acl = array ();
+	public $default_acl;
+	// queue key
+	public $queue_key;
 	// the current active edit access id
 	public $edit_access_id;
 	// error/warning/info messages
@@ -55,26 +57,41 @@ class Backend extends \CoreLibs\DB\IO
 	public $HEADER;
 	public $DEBUG_DATA;
 	public $CONTENT_DATA;
+	// smarty include/set var
+	public $INC_TEMPLATE_NAME;
+	public $JS_TEMPLATE_NAME;
+	public $CSS_TEMPLATE_NAME;
+	public $CSS_SPECIAL_TEMPLATE_NAME;
+	public $JS_SPECIAL_TEMPLATE_NAME;
+	public $CACHE_ID;
+	public $COMPILE_ID;
+	public $includes;
+	public $template_path;
+	public $lang_dir;
+	public $javascript;
+	public $css;
+	public $pictures;
+	public $cache_pictures;
+	public $cache_pictures_root;
+	public $JS_INCLUDE;
+	public $JS_SPECIAL_INCLUDE;
+	public $CSS_INCLUDE;
+	public $CSS_SPECIAL_INCLUDE;
+	// language
+	public $l;
 
 	// CONSTRUCTOR / DECONSTRUCTOR |====================================>
-	public function __construct($db_config, $lang, $debug = 0, $db_debug = 0, $echo = 1, $print = 0)
+	// METHOD: __construct
+	// PARAMS: array db config
+	//         string for language set
+	//         int set control flag (for core basic set/get var error control)
+	public function __construct(array $db_config, string $lang, int $set_control_flag = 0)
 	{
 		// get the language sub class & init it
 		$this->l = new \CoreLibs\Language\L10n($lang);
 
 		// init the database class
-		parent::__construct($db_config, $debug, $db_debug, $echo, $print);
-
-		// internal
-		$this->class_info["adbBackend"] = array(
-			"class_name" => "Admin Interface Backend",
-			"class_version" => "1.0.0",
-			"class_created" => "2006/08/15",
-			"class_author" => "Clemens Schwaighofer"
-		);
-
-		// set page name
-		$this->page_name = $this->getPageName();
+		parent::__construct($db_config, $set_control_flag);
 
 		// set the action ids
 		foreach ($this->action_list as $_action) {
@@ -83,24 +100,9 @@ class Backend extends \CoreLibs\DB\IO
 
 		$this->default_acl = DEFAULT_ACL_LEVEL;
 
-		// random key generation
-		$this->key_range = array_merge(range('A', 'Z'), range('a', 'z'), range('0', '9'));
-		$GLOBALS["_KEY_RANGE"] = $this->key_range;
-		$this->one_key_length = count($this->key_range);
-		$this->key_length = 4; // pow($this->one_key_length, 4); // hardcoded, should be more than enought (62*62*62*62)
-
 		// queue key
 		if (preg_match("/^(add|save|delete|remove|move|up|down|push_live)$/", $this->action)) {
-			$this->queue_key = join(
-				'',
-				array_map(
-					function () {
-						$range = $GLOBALS['_KEY_RANGE'];
-						return $range[rand(0, (count($range) - 1))];
-					},
-					range(1, 3)
-				)
-			);
+			$this->queue_key = $this->randomKeyGen(3);
 		}
 	}
 
@@ -116,16 +118,18 @@ class Backend extends \CoreLibs\DB\IO
 	// PUBLIC METHODS |=================================================>
 
 	// METHOD: adbEditLog()
-	// PARAMS: event -> any kind of event description, data -> any kind of data related to that event
+	// PARAMS: event -> any kind of event description,
+	//         data -> any kind of data related to that event
 	// RETURN: none
 	// DESC  : writes all action vars plus other info into edit_log table
-	public function adbEditLog($event = '', $data = '', $write_type = 'STRING')
+	public function adbEditLog(string $event = '', $data = '', string $write_type = 'STRING')
 	{
 		if ($write_type == 'BINARY') {
 			$data_binary = $this->dbEscapeBytea(bzcompress(serialize($data)));
 			$data = 'see bzip compressed data_binary field';
 		}
 		if ($write_type == 'STRING') {
+			$data_binary = '';
 			$data = $this->dbEscapeString(serialize($data));
 		}
 
@@ -134,17 +138,27 @@ class Backend extends \CoreLibs\DB\IO
 		$q .= "ip, user_agent, referer, script_name, query_string, server_name, http_host, http_accept, http_accept_charset, http_accept_encoding, session_id, ";
 		$q .= "action, action_id, action_yes, action_flag, action_menu, action_loaded, action_value, action_error) ";
 		$q .= "VALUES ";
-		$q .= "(".@$_SESSION['EUID'].", NOW(), '".$this->dbEscapeString($event)."', '".$data."', '".$data_binary."', '".$this->page_name."', ";
+		$q .= "(".$this->dbEscapeString(isset($_SESSION['EUID']) ? $_SESSION['EUID'] : '').", ";
+		$q .= "NOW(), ";
+		$q .= "'".$this->dbEscapeString($event)."', '".$data."', '".$data_binary."', '".$this->dbEscapeString($this->page_name)."', ";
 		$q .= "'".@$_SERVER["REMOTE_ADDR"]."', '".$this->dbEscapeString(@$_SERVER['HTTP_USER_AGENT'])."', ";
-		$q .= "'".$this->dbEscapeString(@$_SERVER['HTTP_REFERER'])."', '".$this->dbEscapeString(@$_SERVER['SCRIPT_FILENAME'])."', ";
-		$q .= "'".$this->dbEscapeString(@$_SERVER['QUERY_STRING'])."', '".$this->dbEscapeString(@$_SERVER['SERVER_NAME'])."', ";
-		$q .= "'".$this->dbEscapeString(@$_SERVER['HTTP_HOST'])."', '".$this->dbEscapeString(@$_SERVER['HTTP_ACCEPT'])."', ";
-		$q .= "'".$this->dbEscapeString(@$_SERVER['HTTP_ACCEPT_CHARSET'])."', '".$this->dbEscapeString(@$_SERVER['HTTP_ACCEPT_ENCODING'])."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['SCRIPT_FILENAME']) ? $_SERVER['SCRIPT_FILENAME'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['HTTP_ACCEPT']) ? $_SERVER['HTTP_ACCEPT'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['HTTP_ACCEPT_CHARSET']) ? $_SERVER['HTTP_ACCEPT_CHARSET'] : '')."', ";
+		$q .= "'".$this->dbEscapeString(isset($_SERVER['HTTP_ACCEPT_ENCODING']) ? $_SERVER['HTTP_ACCEPT_ENCODING'] : '')."', ";
 		$q .= "'".session_id()."', ";
-		$q .= "'".$this->dbEscapeString($this->action)."', '".$this->dbEscapeString($this->action_id)."', ";
-		$q .= "'".$this->dbEscapeString($this->action_yes)."', '".$this->dbEscapeString($this->action_flag)."', ";
-		$q .= "'".$this->dbEscapeString($this->action_menu)."', '".$this->dbEscapeString($this->action_loaded)."', ";
-		$q .= "'".$this->dbEscapeString($this->action_value)."', '".$this->dbEscapeString($this->action_error)."')";
+		$q .= "'".$this->dbEscapeString($this->action)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_id)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_yes)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_flag)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_menu)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_loaded)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_value)."', ";
+		$q .= "'".$this->dbEscapeString($this->action_error)."')";
 		$this->dbExec($q, 'NULL');
 	}
 
@@ -152,16 +166,19 @@ class Backend extends \CoreLibs\DB\IO
 	// PARAMS: level
 	// RETURN: returns an array for the top menu with all correct settings
 	// DESC  : menu creater
-	public function adbTopMenu($flag = 0)
+	public function adbTopMenu(int $flag = 0): array
 	{
 		if ($this->menu_show_flag) {
 			$flag = $this->menu_show_flag;
 		}
 
 		// get the session pages array
-		$pages = $_SESSION["PAGES"];
-		if (!is_array($pages)) {
-			$pages = array ();
+		$PAGES = $_SESSION['PAGES'];
+		if (!isset($PAGES) || !is_array($PAGES)) {
+			$PAGES = array ();
+		}
+		foreach ($PAGES as $PAGE_CUID => $PAGE_DATA) {
+			$pages[] = $PAGE_DATA;
 		}
 		// $this->debug('pages', $this->print_ar($pages));
 		// if flag is 0, then we show all, else, we show only the matching flagges array points
@@ -170,10 +187,10 @@ class Backend extends \CoreLibs\DB\IO
 		for ($i = 0, $iMax = count($pages); $i < $iMax; $i ++) {
 			$show = 0;
 			// is it visible in the menu & is it online
-			if ($pages[$i]["menu"] && $pages[$i]["online"]) {
+			if ($pages[$i]['menu'] && $pages[$i]['online']) {
 				// check if it falls into our flag if we have a flag
 				if ($flag) {
-					foreach ($pages[$i]["visible"] as $name => $key) {
+					foreach ($pages[$i]['visible'] as $name => $key) {
 						if ($key == $flag) {
 							$show = 1;
 						}
@@ -185,43 +202,51 @@ class Backend extends \CoreLibs\DB\IO
 
 				if ($show) {
 					// if it is popup, write popup arrayound
-					if ($pages[$i]["popup"]) {
-						$type = "popup";
+					if (isset($pages[$i]['popup']) && $pages[$i]['popup']) {
+						$type = 'popup';
 					} else {
-						$type = "normal";
+						$type = 'normal';
+						$pages[$i]['popup'] = 0;
 					}
 					$query_string = '';
-					if (count($pages[$i]["query"])) {
-						for ($j = 0, $jMax = count($pages[$i]["query"]); $j < $jMax; $j ++) {
+					if (count($pages[$i]['query'])) {
+						for ($j = 0, $jMax = count($pages[$i]['query']); $j < $jMax; $j ++) {
 							if (strlen($query_string)) {
-								$query_string .= "&";
+								$query_string .= '&';
 							}
-							$query_string .= $pages[$i]["query"][$j]["name"]."=";
-							if (!$pages[$i]["query"][$j]["dynamic"]) {
-								$query_string .= urlencode($pages[$i]["query"][$j]["value"]);
+							$query_string .= $pages[$i]['query'][$j]['name'].'=';
+							if (!$pages[$i]['query'][$j]['dynamic']) {
+								$query_string .= urlencode($pages[$i]['query'][$j]['value']);
 							} else {
-								$query_string .= $_GET[$pages[$i]["query"][$j]["value"]] ? urlencode($_GET[$pages[$i]["query"][$j]["value"]]) : urlencode($_POST[$pages[$i]["query"][$j]["value"]]);
+								$query_string .= $_GET[$pages[$i]['query'][$j]['value']] ? urlencode($_GET[$pages[$i]['query'][$j]['value']]) : urlencode($_POST[$pages[$i]['query'][$j]['value']]);
 							}
 						}
 					}
-					$url = $pages[$i]["filename"];
+					$url = $pages[$i]['filename'];
 					if (strlen($query_string)) {
-						$url .= "?".$query_string;
+						$url .= '?'.$query_string;
 					}
-					$name = $pages[$i]["page_name"];
+					$name = $pages[$i]['page_name'];
 					// if page name matchs -> set selected flag
 					$selected = 0;
-					if ($this->getPageName() == $pages[$i]["filename"]) {
+					if ($this->getPageName() == $pages[$i]['filename']) {
 						$selected = 1;
 						$this->page_name = $name;
 					}
 					// last check, is this menu point okay to show
 					$enabled = 0;
-					if ($this->adbShowMenuPoint($pages[$i]["filename"])) {
+					if ($this->adbShowMenuPoint($pages[$i]['filename'])) {
 						$enabled = 1;
 					}
 					// write in to view menu array
-					array_push($this->menu, array("name" => $this->l->__($name), "url" => $url, "selected" => $selected, "enabled" => $enabled, "type" => $type));
+					array_push($this->menu, array(
+						'name' => $this->l->__($name),
+						'url' => $url,
+						'selected' => $selected,
+						'enabled' => $enabled,
+						'popup' => $type == 'popup' ? 1 : 0,
+						'type' => $type
+					));
 				} // show page
 			} // online and in menu
 		} // for each page
@@ -232,12 +257,12 @@ class Backend extends \CoreLibs\DB\IO
 	// PARAMS: filename
 	// RETURN: returns boolean true/false
 	// DESC  : checks if this filename is in the current situation (user id, etc) available
-	public function adbShowMenuPoint($filename)
+	public function adbShowMenuPoint(string $filename): bool
 	{
-		$enabled = 0;
+		$enabled = false;
 		switch ($filename) {
 			default:
-				$enabled = 1;
+				$enabled = true;
 				break;
 		};
 		return $enabled;
@@ -248,8 +273,9 @@ class Backend extends \CoreLibs\DB\IO
 	// PARAMS: db array, key, value part
 	// RETURN: returns and associative array
 	// DESC  : creates out of a normal db_return array an assoc array
-	public function adbAssocArray($db_array, $key, $value)
+	public function adbAssocArray(array $db_array, $key, $value): array
 	{
+		trigger_error('Method '.__METHOD__.' is deprecated', E_USER_DEPRECATED);
 		return $this->genAssocArray($db_array, $key, $value);
 	}
 
@@ -258,8 +284,9 @@ class Backend extends \CoreLibs\DB\IO
 	// PARAMS: int
 	// RETURN: string
 	// DESC  : converts bytes into formated string with KB, MB, etc
-	public function adbByteStringFormat($number)
+	public function adbByteStringFormat($number): string
 	{
+		trigger_error('Method '.__METHOD__.' is deprecated', E_USER_DEPRECATED);
 		return $this->byteStringFormat($number);
 	}
 
@@ -275,6 +302,7 @@ class Backend extends \CoreLibs\DB\IO
 	// DESC  : converts picture to a thumbnail with max x and max y size
 	public function adbCreateThumbnail($pic, $size_x, $size_y, $dummy = false, $path = "", $cache = "")
 	{
+		trigger_error('Method '.__METHOD__.' is deprecated', E_USER_DEPRECATED);
 		return $this->createThumbnail($pic, $size_x, $size_y, $dummy, $path, $cache);
 	}
 
@@ -284,7 +312,7 @@ class Backend extends \CoreLibs\DB\IO
 	//         var array -> optional data for a possible printf formated msg
 	// RETURN: none
 	// DESC  : wrapper function to fill up the mssages array
-	public function adbMsg($level, $msg, $vars = array ())
+	public function adbMsg(string $level, string $msg, array $vars = array ()): void
 	{
 		if (!preg_match("/^info|warning|error$/", $level)) {
 			$level = "info";
@@ -317,8 +345,16 @@ class Backend extends \CoreLibs\DB\IO
 	//         file      -> string for special file copy actions; mostyle "test#live;..."
 	// RETURN: none
 	// DESC  : writes live queue
-	public function adbLiveQueue($queue_key, $type, $target, $data, $key_name, $key_value, $associate = null, $file = null)
-	{
+	public function adbLiveQueue(
+		$queue_key,
+		$type,
+		$target,
+		$data,
+		$key_name,
+		$key_value,
+		$associate = null,
+		$file = null
+	) {
 		$q = "INSERT INTO ".GLOBAL_DB_SCHEMA.".live_queue (";
 		$q .= "queue_key, key_value, key_name, type, target, data, group_key, action, associate, file";
 		$q .= ") VALUES (";
@@ -342,8 +378,16 @@ class Backend extends \CoreLibs\DB\IO
 	// DESC  : print the date/time drop downs, used in any queue/send/insert at date/time place
 	// NOTE  : Basic class holds exact the same, except the Year/Month/Day/etc strings
 	//         are translated in this call
-	public function adbPrintDateTime($year, $month, $day, $hour, $min, $suffix = '', $min_steps = 1, $name_pos_back = false)
-	{
+	public function adbPrintDateTime(
+		$year,
+		$month,
+		$day,
+		$hour,
+		$min,
+		string $suffix = '',
+		int $min_steps = 1,
+		bool $name_pos_back = false
+	) {
 		// get the build layout
 		$html_time = $this->printDateTime($year, $month, $day, $hour, $min, $suffix, $min_steps, $name_pos_back);
 		// translate the strings inside

www/lib/CoreLibs/DB/Extended/ArrayIO.php

@@ -19,6 +19,7 @@
 *   PRIVATE METHOD:S
 *
 * HISTORY:
+* 2019/9/11 (cs) error string 21->91, 22->92 for not overlapping with IO
 * 2005/07/07 (cs) updated array class for postgres: set 0 & NULL if int field given, insert uses () values () syntax
 * 2005/03/31 (cs) fixed the class call with all debug vars
 * 2003-03-10: error_ids where still wrong chagned 11->21 and 12->22
@@ -51,17 +52,17 @@ class ArrayIO extends \CoreLibs\DB\IO
 	// PARAMS: db_config -> db_io class init vars
 	//         table_array -> the array from the table
 	//         table_name -> name of the table (for the array)
-	//         db_debug -> turn on db_io debug output (DB_DEBUG as global var does the same)
+	//         set_control_flag -> set basic class set/get variable error flags
 	// RETURN: none
 	// DESC  : constructor for the array io class, set the
 	//         primary key name automatically (from array)
-	public function __construct($db_config, $table_array, $table_name, $debug = 0, $db_debug = 0, $echo = 1, $print = 0)
+	public function __construct(array $db_config, array $table_array, string $table_name, int $set_control_flag = 0)
 	{
 		// instance db_io class
-		parent::__construct($db_config, $debug, $db_debug, $echo, $print);
+		parent::__construct($db_config, $set_control_flag);
 		// more error vars for this class
-		$this->error_string['21'] = 'No Primary Key given';
-		$this->error_string['22'] = 'Could not run Array Query';
+		$this->error_string['91'] = 'No Primary Key given';
+		$this->error_string['92'] = 'Could not run Array Query';
 
 		$this->table_array = $table_array;
 		$this->table_name = $table_name;
@@ -74,13 +75,6 @@ class ArrayIO extends \CoreLibs\DB\IO
 				}
 			}
 		} // set pk_name IF table_array was given
-		// internal
-		$this->class_info['db_array_io'] = array(
-			'class_name' => 'DB Array IO',
-			'class_version' => '1.0.0',
-			'class_created' => '2002/12/17',
-			'class_author' => 'Clemens Schwaighofer'
-		);
 	}
 
 	// deconstruktor
@@ -158,7 +152,7 @@ class ArrayIO extends \CoreLibs\DB\IO
 		// if not set ... produce error
 		if (!$this->table_array[$this->pk_name]['value']) {
 			// if no PK found, error ...
-			$this->error_id = 21;
+			$this->error_id = 91;
 			$this->__dbError();
 			return 0;
 		} else {
@@ -234,7 +228,7 @@ class ArrayIO extends \CoreLibs\DB\IO
 		// if 0, error
 		unset($this->pk_id);
 		if (!$this->dbExec($q)) {
-			$this->error_id=22;
+			$this->error_id = 92;
 			$this->__dbError();
 		}
 		return $this->table_array;
@@ -306,7 +300,7 @@ class ArrayIO extends \CoreLibs\DB\IO
 			// possible dbFetchArray errors ...
 			$this->pk_id = $this->table_array[$this->pk_name]['value'];
 		} else {
-			$this->error_id = 22;
+			$this->error_id = 92;
 			$this->__dbError();
 		}
 		return $this->table_array;
@@ -514,7 +508,7 @@ class ArrayIO extends \CoreLibs\DB\IO
 		}
 		// return success or not
 		if (!$this->dbExec($q)) {
-			$this->error_id = 22;
+			$this->error_id = 92;
 			$this->__dbError();
 		}
 		// set primary key

www/lib/CoreLibs/DB/IO.php

@@ -270,14 +270,16 @@ class IO extends \CoreLibs\Basic
 	public $cursor; // actual cursor (DBH)
 	public $num_rows; // how many rows have been found
 	public $num_fields; // how many fields has the query
-	public $field_names; // array with the field names of the current query
+	public $field_names = array (); // array with the field names of the current query
 	public $insert_id; // last inserted ID
 	public $insert_id_ext; // extended insert ID (for data outside only primary key)
+	private $temp_sql;
 	// other vars
 	private $nbsp = ''; // used by print_array recursion function
 	// error & warning id
 	private $error_id;
 	private $warning_id;
+	private $had_warning;
 	// sub include with the database functions
 	private $db_functions;
 
@@ -285,7 +287,7 @@ class IO extends \CoreLibs\Basic
 	private $MAX_QUERY_CALL;
 	private $query_called = array ();
 	// error string
-	private $error_string = array ();
+	protected $error_string = array ();
 	// prepared list
 	public $prepare_cursor = array ();
 	// primary key per table list
@@ -300,14 +302,13 @@ class IO extends \CoreLibs\Basic
 
 	// METHOD __construct
 	// PARAMS db_config -> array with db, user, password & host
-	//        debug -> turns debugging output on or of (default 0),
-	//        debugging can also be triggerd via DB_DEBUG var on global level
+	//        set_control_flag -> flags for core class get/set variable error handling
 	// RETURN nothing
 	// DESC   constructor for db_clss
-	public function __construct($db_config, $debug = 0, $db_debug = 0, $echo = 1, $print = 0)
+	public function __construct(array $db_config, int $set_control_flag = 0)
 	{
 		// start basic class
-		parent::__construct($debug, $echo, $print);
+		parent::__construct($set_control_flag);
 		// dummy init array for db config if not array
 		if (!is_array($db_config)) {
 			$db_config = array ();
@@ -355,7 +356,7 @@ class IO extends \CoreLibs\Basic
 		$this->error_string['42'] = 'Cannot check for async query, none has been started yet.';
 
 		// set debug, either via global var, or debug var during call
-		$this->db_debug = $db_debug;
+		$this->db_debug = false;
 		// global overrules local
 		if (isset($GLOBALS['DB_DEBUG'])) {
 			$this->db_debug = $GLOBALS['DB_DEBUG'];
@@ -382,14 +383,7 @@ class IO extends \CoreLibs\Basic
 			return false;
 		}
 
-		$this->class_info['db_io']=array(
-			'class_name' => 'DB IO',
-			'class_version' => '5.0.0',
-			'class_created' => '2000-11-23',
-			'class_author' => 'Clemens Schwaighofer'
-		);
-
-		// all ok return true
+		// so we can check that we have a successful DB connection created
 		return true;
 	}
 
@@ -414,7 +408,7 @@ class IO extends \CoreLibs\Basic
 	// DESC  :
 	// internal connection function. Used to connect to the DB if there is no connection done yet.
 	// Called before any execute
-	private function __connectToDB()
+	private function __connectToDB(): bool
 	{
 		// generate connect string
 		$this->dbh = $this->db_functions->__dbConnect($this->db_host, $this->db_user, $this->db_pwd, $this->db_name, $this->db_port, $this->db_ssl);
@@ -449,7 +443,7 @@ class IO extends \CoreLibs\Basic
 	// RETURN: none
 	// DESC  : close db connection
 	//         only used by the deconstructor
-	private function __closeDB()
+	private function __closeDB(): void
 	{
 		if (isset($this->dbh) && $this->dbh) {
 			$this->db_functions->__dbClose();
@@ -463,7 +457,7 @@ class IO extends \CoreLibs\Basic
 	// RETURN: true if matching, false if not
 	// DESC  : checks if query is a SELECT, SHOW or WITH, if not error, 0 return
 	// NOTE  : Query needs to start with SELECT, SHOW or WITH. if starts with "with" it is ignored
-	private function __checkQueryForSelect($query)
+	private function __checkQueryForSelect(string $query): bool
 	{
 		// perhaps allow spaces before select ?!?
 		if (preg_match("/^(select|show|with) /i", $query)) {
@@ -479,7 +473,7 @@ class IO extends \CoreLibs\Basic
 	// DESC  : check for DELETE, INSERT, UPDATE
 	//       : if pure is set to true, only when INSERT is set will return true
 	// NOTE  : Queries need to start with INSERT, UPDATE, DELETE. Anything else is ignored
-	private function __checkQueryForInsert($query, $pure = false)
+	private function __checkQueryForInsert(string $query, bool $pure = false): bool
 	{
 		if ($pure && preg_match("/^insert /i", $query)) {
 			return true;
@@ -495,7 +489,7 @@ class IO extends \CoreLibs\Basic
 	// RETURN: true if UPDATE, else false
 	// DESC  : returns true if the query starts with UPDATE
 	// NOTE  : query NEEDS to start with UPDATE
-	private function __checkQueryForUpdate($query)
+	private function __checkQueryForUpdate(string $query): bool
 	{
 		if (preg_match("/^update /i", $query)) {
 			return true;
@@ -509,9 +503,12 @@ class IO extends \CoreLibs\Basic
 	// RETURN: string with printed and formated array
 	// DESC  : internal funktion that creates the array
 	// NOTE  : used in db_dump_data only
-	private function __printArray($array)
+	private function __printArray(array $array): string
 	{
 		$string = '';
+		if (!is_array($array)) {
+			$array = array ();
+		}
 		foreach ($array as $key => $value) {
 			$string .= $this->nbsp.'<b>'.$key.'</b> => ';
 			if (is_array($value)) {
@@ -534,7 +531,7 @@ class IO extends \CoreLibs\Basic
 	//         type -> query identifiery (Q, I, etc)
 	// RETURN: none
 	// DESC  : calls the basic class debug with strip command
-	private function __dbDebug($debug_id, $error_string, $id = '', $type = '')
+	private function __dbDebug(string $debug_id, string $error_string, string $id = '', string $type = ''): void
 	{
 		$prefix = '';
 		if ($id) {
@@ -557,7 +554,7 @@ class IO extends \CoreLibs\Basic
 	// RETURN: none
 	// DESC  : if error_id set, writes long error string into error_msg
 	// NOTE  : needed to make public so it can be called from DB.Array.IO too
-	public function __dbError($cursor = '', $msg = '')
+	public function __dbError($cursor = '', string $msg = ''): void
 	{
 		$pg_error_string = '';
 		$where_called = $this->getCallerMethod();
@@ -593,13 +590,16 @@ class IO extends \CoreLibs\Basic
 	// DESC  : if there is the 'to_encoding' var set, and the field is in the wrong encoding converts it to the target
 	private function __dbConvertEncoding($row)
 	{
-		if ($this->to_encoding && $this->db_encoding) {
-			// go through each row and convert the encoding if needed
-			for ($i = 0; $i < $this->num_fields; $i ++) {
-				$from_encoding = mb_detect_encoding($row[$i]);
-				// convert only if encoding doesn't match and source is not pure ASCII
-				if ($from_encoding != $this->to_encoding && $from_encoding != 'ASCII') {
-					$row[$i] = mb_convert_encoding($row[$i], $this->to_encoding, $from_encoding);
+		// only do if array, else pass through row (can be false)
+		if (is_array($row)) {
+			if ($this->to_encoding && $this->db_encoding) {
+				// go through each row and convert the encoding if needed
+				foreach ($row as $key => $value) {
+					$from_encoding = mb_detect_encoding($value);
+					// convert only if encoding doesn't match and source is not pure ASCII
+					if ($from_encoding != $this->to_encoding && $from_encoding != 'ASCII') {
+						$row[$key] = mb_convert_encoding($value, $this->to_encoding, $from_encoding);
+					}
 				}
 			}
 		}
@@ -611,7 +611,7 @@ class IO extends \CoreLibs\Basic
 	// PARAMS: $stm_name, data array
 	// RETURN: query in prepared form
 	// DESC  : for debug purpose replaces $1, $2, etc with actual data
-	private function __dbDebugPrepare($stm_name, $data = array())
+	private function __dbDebugPrepare(string $stm_name, array $data = array()): string
 	{
 		// get the keys from data array
 		$keys = array_keys($data);
@@ -628,7 +628,7 @@ class IO extends \CoreLibs\Basic
 	// PARAMS: insert/select/update/delete query
 	// RETURN: array with schema and table
 	// DESC  : extracts schema and table from the query, if no schema returns just empty string
-	private function __dbReturnTable($query)
+	private function __dbReturnTable(string $query): array
 	{
 		if (preg_match("/^SELECT /i", $query)) {
 			preg_match("/ (FROM) (([\w_]+)\.)?([\w_]+) /i", $query, $matches);
@@ -649,7 +649,7 @@ class IO extends \CoreLibs\Basic
 	//         * checks for insert if returning is set/pk name
 	//         * sets internal md5 for query
 	//         * checks multiple call count
-	private function __dbPrepareExec($query, $pk_name)
+	private function __dbPrepareExec(string $query, string $pk_name)
 	{
 		// to either use the returning method or the guess method for getting primary keys
 		$this->returning_id = false;
@@ -741,7 +741,7 @@ class IO extends \CoreLibs\Basic
 	// PARAMS: none
 	// RETURN: true on success or false if an error occured
 	// DESC  : runs post execute for rows affected, field names, inserted primary key, etc
-	private function __dbPostExec()
+	private function __dbPostExec(): bool
 	{
 		// if FALSE returned, set error stuff
 		// if either the cursor is false
@@ -762,7 +762,7 @@ class IO extends \CoreLibs\Basic
 				// count the fields
 				$this->num_fields = $this->db_functions->__dbNumFields($this->cursor);
 				// set field names
-				unset($this->field_names);
+				$this->field_names = array ();
 				for ($i = 0; $i < $this->num_fields; $i ++) {
 					$this->field_names[] = $this->db_functions->__dbFieldName($this->cursor, $i);
 				}
@@ -1177,7 +1177,7 @@ class IO extends \CoreLibs\Basic
 	//         like num_rows, num_fields, etc depending on query
 	//         for INSERT INTO queries it is highly recommended to set the pk_name to avoid an additional
 	//         read from the database for the PK NAME
-	public function dbExec($query = 0, $pk_name = '')
+	public function dbExec(string $query = '', string $pk_name = '')
 	{
 		// prepare and check if we can actually run it
 		if (($md5 = $this->__dbPrepareExec($query, $pk_name)) === false) {
@@ -1204,7 +1204,7 @@ class IO extends \CoreLibs\Basic
 	//         for INSERT INTO queries it is highly recommended to set the pk_name to avoid an additional
 	//         read from the database for the PK NAME
 	// NEEDS : dbCheckAsync
-	public function dbExecAsync($query, $pk_name = '')
+	public function dbExecAsync(string $query, string $pk_name = ''): bool
 	{
 		// prepare and check if we can actually run the query
 		if (($md5 = $this->__dbPrepareExec($query, $pk_name)) === false) {
@@ -1262,7 +1262,7 @@ class IO extends \CoreLibs\Basic
 	//         assoc_only -> false is default, if true only assoc rows
 	// RETURN: a mixed row
 	// DESC  : executes a cursor and returns the data, if no more data 0 will be returned
-	public function dbFetchArray($cursor = 0, $assoc_only = false)
+	public function dbFetchArray($cursor = 0, bool $assoc_only = false)
 	{
 		// return false if no query or cursor set ...
 		if (!$cursor) {
@@ -1287,7 +1287,7 @@ class IO extends \CoreLibs\Basic
 	//         assoc_only -> if true, only return assoc entry, else both (pgsql)
 	// RETURN: mixed db result
 	// DESC  : returns the FIRST row of the given query
-	public function dbReturnRow($query, $assoc_only = false)
+	public function dbReturnRow(string $query, bool $assoc_only = false)
 	{
 		if (!$query) {
 			$this->error_id = 11;
@@ -1311,7 +1311,7 @@ class IO extends \CoreLibs\Basic
 	//         assoc_only -> if true, only name ref are returned
 	// RETURN: array of hashes (row -> fields)
 	// DESC  : createds an array of hashes of the query (all data)
-	public function dbReturnArray($query, $assoc_only = false)
+	public function dbReturnArray(string $query, bool $assoc_only = false)
 	{
 		if (!$query) {
 			$this->error_id = 11;
@@ -1339,7 +1339,7 @@ class IO extends \CoreLibs\Basic
 	// PARAMS: $query -> query to find in cursor_ext
 	// RETURN: position (int)
 	// DESC  : returns the current position the read out
-	public function dbCursorPos($query)
+	public function dbCursorPos(string $query)
 	{
 		if (!$query) {
 			$this->error_id = 11;
@@ -1355,7 +1355,7 @@ class IO extends \CoreLibs\Basic
 	// PARAMS: $query -> query to find in cursor_ext
 	// RETURN: row count (int)
 	// DESC  : returns the number of rows for the current select query
-	public function dbCursorNumRows($query)
+	public function dbCursorNumRows(string $query)
 	{
 		if (!$query) {
 			$this->error_id = 11;
@@ -1370,9 +1370,9 @@ class IO extends \CoreLibs\Basic
 	// WAS   : db_show_table_meta_data
 	// PARAMS: $table -> table name
 	//         $schema -> optional schema name
-	// RETURN: array of table data
+	// RETURN: array of table data, false on error (table not found)
 	// DESC  : returns an array of the table with columns and values. FALSE on no table found
-	public function dbShowTableMetaData($table, $schema = '')
+	public function dbShowTableMetaData(string $table, string $schema = '')
 	{
 		$table = ($schema ? $schema.'.' : '').$table;
 
@@ -1386,11 +1386,11 @@ class IO extends \CoreLibs\Basic
 	// METHOD: dbPrepare
 	// WAS   : db_prepare
 	// PARAMS: $stm_name, $query, $pk_name: optional
-	// RETURN: false on error
+	// RETURN: false on error, true on warning or result on full ok
 	// DESC  : prepares a query
 	//         for INSERT INTO queries it is highly recommended to set the pk_name to avoid an additional
 	//         read from the database for the PK NAME
-	public function dbPrepare($stm_name, $query, $pk_name = '')
+	public function dbPrepare(string $stm_name, string $query, string $pk_name = '')
 	{
 		if (!$query) {
 			$this->error_id = 11;
@@ -1469,9 +1469,9 @@ class IO extends \CoreLibs\Basic
 	// METHOD: dbExecute
 	// WAS   : db_execute
 	// PARAMS: $stm_name, data array
-	// RETURN: false on error
+	// RETURN: false on error, result on OK
 	// DESC  : runs a prepare query
-	public function dbExecute($stm_name, $data = array())
+	public function dbExecute(string $stm_name, array $data = array())
 	{
 		// if we do not have no prepare cursor array entry for this statement name, abort
 		if (!is_array($this->prepare_cursor[$stm_name])) {
@@ -1492,22 +1492,25 @@ class IO extends \CoreLibs\Basic
 			if ($this->db_debug) {
 				$this->__dbDebug('db', $this->__dbDebugPrepare($stm_name, $data), 'dbExecPrep', 'Q');
 			}
-			$code = $this->db_functions->__dbExecute($stm_name, $data);
-			if (!$code) {
+			$result = $this->db_functions->__dbExecute($stm_name, $data);
+			if (!$result) {
 				$this->debug('ExecuteData', 'ERROR in STM['.$stm_name.'|'.$this->prepare_cursor[$stm_name]['result'].']: '.$this->print_ar($data));
 				$this->error_id = 22;
 				$this->__dbError($this->prepare_cursor[$stm_name]['result']);
 				$this->__dbDebug('db', '<span style="color: red;"><b>DB-Error</b> '.$stm_name.': Execution failed</span>', 'DB_ERROR');
+				return false;
 			}
-			if ($this->__checkQueryForInsert($this->prepare_cursor[$stm_name]['query'], true) && $this->prepare_cursor[$stm_name]['pk_name'] != 'NULL') {
+			if ($this->__checkQueryForInsert($this->prepare_cursor[$stm_name]['query'], true) &&
+				$this->prepare_cursor[$stm_name]['pk_name'] != 'NULL'
+			) {
 				if (!$this->prepare_cursor[$stm_name]['returning_id']) {
 					$this->insert_id = $this->db_functions->__dbInsertId($this->prepare_cursor[$stm_name]['query'], $this->prepare_cursor[$stm_name]['pk_name']);
-				} elseif ($code) {
+				} elseif ($result) {
 					$this->insert_id = array ();
 					$this->insert_id_ext = array ();
 					// we have returning, now we need to check if we get one or many returned
 					// we'll need to loop this, if we have multiple insert_id returns
-					while ($_insert_id = $this->db_functions->__dbFetchArray($code, PGSQL_ASSOC)) {
+					while ($_insert_id = $this->db_functions->__dbFetchArray($result, PGSQL_ASSOC)) {
 						$this->insert_id[] = $_insert_id;
 					}
 					// if we have only one, revert from arry to single
@@ -1517,7 +1520,9 @@ class IO extends \CoreLibs\Basic
 						// if this has only the pk_name, then only return this, else array of all data (but without the position)
 						// example if insert_id[0]['foo'] && insert_id[0]['bar'] it will become insert_id['foo'] & insert_id['bar']
 						// if only ['foo_id'] and it is the PK then the PK is directly written to the insert_id
-						if (count($this->insert_id[0]) > 1 || !array_key_exists($this->prepare_cursor[$stm_name]['pk_name'], $this->insert_id[0])) {
+						if (count($this->insert_id[0]) > 1 ||
+							!array_key_exists($this->prepare_cursor[$stm_name]['pk_name'], $this->insert_id[0])
+						) {
 							$this->insert_id_ext = $this->insert_id[0];
 							$this->insert_id = $this->insert_id[0][$this->prepare_cursor[$stm_name]['pk_name']];
 						} elseif ($this->insert_id[0][$this->prepare_cursor[$stm_name]['pk_name']]) {
@@ -1543,7 +1548,7 @@ class IO extends \CoreLibs\Basic
 					$this->__dbDebug('db', '<span style="color: orange;"><b>DB-Warning</b> '.$stm_name.': Could not get insert id</span>', 'DB_WARNING');
 				}
 			}
-			return $code;
+			return $result;
 		}
 	}
 
@@ -1552,7 +1557,7 @@ class IO extends \CoreLibs\Basic
 	// PARAMS: $string -> string to escape
 	// RETURN: escaped string
 	// DESC  : neutral function to escape a string for DB writing
-	public function dbEscapeString($string)
+	public function dbEscapeString(string $string): string
 	{
 		return $this->db_functions->__dbEscapeString($string);
 	}
@@ -1572,7 +1577,7 @@ class IO extends \CoreLibs\Basic
 	// PARAMS: none
 	// RETURN: database version as string
 	// DESC  : return current database version
-	public function dbVersion()
+	public function dbVersion(): string
 	{
 		return $this->db_functions->__dbVersion();
 	}
@@ -1583,7 +1588,7 @@ class IO extends \CoreLibs\Basic
 	//        =X.Y, >X.Y, <X.Y
 	// RETURN: true/false
 	// DESC  : returns boolean true or false if the string matches the database version
-	public function dbCompareVersion($compare)
+	public function dbCompareVersion(string $compare): bool
 	{
 		// compare has =, >, < prefix, and gets stripped, if the rest is not X.Y format then error
 		preg_match("/^([<>=]{1,})(\d{1,})\.(\d{1,})/", $compare, $matches);
@@ -1700,6 +1705,7 @@ class IO extends \CoreLibs\Basic
 	//                     -> alternate the primary key can be an array with
 	//                        'row' => 'row name', 'value' => 'data' to use a
 	//                        different column as the primary key
+	//                     !!! primary key can be an array or a number/string
 	//         table -> name for the target table
 	// (optional)
 	//         not_write_array -> list of elements not to write
@@ -1707,13 +1713,21 @@ class IO extends \CoreLibs\Basic
 	//         data -> optional array with data, if not _POST vars are used
 	// RETURN: primary key id
 	// DESC  : writes into one table based on array of table columns
-	public function dbWriteDataExt($write_array, $primary_key, $table, $not_write_array = array (), $not_write_update_array = array (), $data = array ())
-	{
+	public function dbWriteDataExt(
+		array $write_array,
+		$primary_key,
+		string $table,
+		array $not_write_array = array (),
+		array $not_write_update_array = array (),
+		array $data = array ()
+	) {
 		if (!is_array($primary_key)) {
 			$primary_key = array (
 				'row' => $table.'_id',
 				'value' => $primary_key
 			);
+		} elseif (!isset($primary_key['value'])) {
+			$primary_key['value'] = '';
 		}
 		// var set for strings
 		$q_sub_value = '';
@@ -1799,7 +1813,7 @@ class IO extends \CoreLibs\Basic
 	//         micro on off (default false)
 	// RETURN: Y/M/D/h/m/s formatted string (like TimeStringFormat
 	// DESC  :   only for postgres. pretty formats an age or datetime difference string
-	public function dbTimeFormat($age, $show_micro = false)
+	public function dbTimeFormat(string $age, bool $show_micro = false): string
 	{
 		// in string (datetime diff): 1786 days 22:11:52.87418
 		// or (age): 4 years 10 mons 21 days 12:31:11.87418
@@ -1821,7 +1835,7 @@ class IO extends \CoreLibs\Basic
 	// PARAMS: text: input text to parse to an array
 	// RETURN: PHP array of the parsed data
 	// DESC  : this is only needed for Postgresql. Converts postgresql arrays to PHP
-	public function dbArrayParse($text)
+	public function dbArrayParse(string $text): array
 	{
 		$output = array ();
 		return $this->db_functions->__dbArrayParse($text, $output);
@@ -1833,23 +1847,23 @@ class IO extends \CoreLibs\Basic
 	//          kbn -> escape trigger type
 	// RETURN: escaped value
 	// DESC  : clear up any data for valid DB insert
-	public function dbSqlEscape($value, $kbn = "")
+	public function dbSqlEscape($value, string $kbn = '')
 	{
 		switch ($kbn) {
-			case "i":
-				$value = (!isset($value) || $value === "") ? "NULL" : intval($value);
+			case 'i':
+				$value = (!isset($value) || $value === '') ? "NULL" : intval($value);
 				break;
-			case "f":
-				$value = (!isset($value) || $value === "") ? "NULL" : floatval($value);
+			case 'f':
+				$value = (!isset($value) || $value === '') ? "NULL" : floatval($value);
 				break;
-			case "t":
-				$value = (!isset($value) || $value === "") ? "NULL" : "'".$this->dbEscapeString($value)."'";
+			case 't':
+				$value = (!isset($value) || $value === '') ? "NULL" : "'".$this->dbEscapeString($value)."'";
 				break;
-			case "d":
-				$value = (!isset($value) || $value === "") ? "NULL" : "'".$this->dbEscapeString($value)."'";
+			case 'd':
+				$value = (!isset($value) || $value === '') ? "NULL" : "'".$this->dbEscapeString($value)."'";
 				break;
-			case "i2":
-				$value = (!isset($value) || $value === "") ? 0 : intval($value);
+			case 'i2':
+				$value = (!isset($value) || $value === '') ? 0 : intval($value);
 				break;
 		}
 		return $value;
@@ -2022,7 +2036,7 @@ class IO extends \CoreLibs\Basic
 		return $this->dbCacheReset($query);
 	}
 
-	public function db_exec($query = 0, $pk_name = '')
+	public function db_exec($query = '', $pk_name = '')
 	{
 		error_log('DEPRECATED CALL: '.__METHOD__.', '.__FILE__.':'.__LINE__.', '.debug_backtrace()[0]['file'].':'.debug_backtrace()[0]['line']);
 		trigger_error('Method '.__METHOD__.' is deprecated', E_USER_DEPRECATED);
@@ -2057,7 +2071,7 @@ class IO extends \CoreLibs\Basic
 		return $this->dbReturnRow($query);
 	}
 
-	public function db_return_array($query, $named_only = 0)
+	public function db_return_array($query, $named_only = false)
 	{
 		error_log('DEPRECATED CALL: '.__METHOD__.', '.__FILE__.':'.__LINE__.', '.debug_backtrace()[0]['file'].':'.debug_backtrace()[0]['line']);
 		trigger_error('Method '.__METHOD__.' is deprecated', E_USER_DEPRECATED);

www/lib/CoreLibs/DB/SQL/PgSQL.php

@@ -435,7 +435,7 @@ class PgSQL
 						return $offset;
 					}
 				} else {
-					$offset = pg_array_parse($text, $output[], $limit, $offset + 1);
+					$offset = $this->__dbArrayParse($text, $output[], $limit, $offset + 1);
 				}
 			} while ($limit > $offset);
 		}

www/lib/CoreLibs/Language/Core/CachedFileReader.php

@@ -24,7 +24,7 @@ namespace CoreLibs\Language\Core;
 
 // Preloads entire file in memory first, then creates a StringReader
 // over it (it assumes knowledge of StringReader internals)
-class CachedFileReader extends CoreLibs\Language\Core\StringReader
+class CachedFileReader extends \CoreLibs\Language\Core\StringReader
 {
 	public function __construct($filename)
 	{

www/lib/CoreLibs/Language/Core/GetTextReader.php

@@ -50,7 +50,7 @@ class GetTextReader
 	private $total = 0;          // total string count
 	private $table_originals = null;  // table for original strings (offsets)
 	private $table_translations = null;  // table for translated strings (offsets)
-	private $cache_translations = null;  // original -> translation mapping
+	private $cache_translations = array ();  // original -> translation mapping
 
 
 	/* Methods */
@@ -272,7 +272,7 @@ class GetTextReader
 
 		if ($this->enable_cache) {
 			// Caching enabled, get translated string from cache
-			if (array_key_exists($string, $this->cache_translations)) {
+			if (is_array($this->cache_translations) && array_key_exists($string, $this->cache_translations)) {
 				return $this->cache_translations[$string];
 			} else {
 				return $string;
@@ -355,7 +355,7 @@ class GetTextReader
 		// cache header field for plural forms
 		if (! is_string($this->pluralheader)) {
 			if ($this->enable_cache) {
-				$header = $this->cache_translations[""];
+				$header = $this->cache_translations[''];
 			} else {
 				$header = $this->get_translation_string(0);
 			}
@@ -369,7 +369,7 @@ class GetTextReader
 	* Detects which plural form to take
 	*
 	* @access private
-	* @param n count
+	* @param string count
 	* @return int array index of the right plural form
 	*/
 	private function select_string($n)
@@ -415,7 +415,7 @@ class GetTextReader
 		$key = $single . chr(0) . $plural;
 
 		if ($this->enable_cache) {
-			if (! array_key_exists($key, $this->cache_translations)) {
+			if (is_array($this->cache_translations) && !array_key_exists($key, $this->cache_translations)) {
 				return ($number != 1) ? $plural : $single;
 			} else {
 				$result = $this->cache_translations[$key];

www/lib/CoreLibs/Language/L10n.php

@@ -35,7 +35,7 @@ class L10n extends \CoreLibs\Basic
 	private $input;
 	private $l10n;
 
-	public function __construct($lang = '', $path = '')
+	public function __construct(string $lang = '', string $path = '')
 	{
 		if (!$lang) {
 			$this->lang = 'en';
@@ -60,7 +60,7 @@ class L10n extends \CoreLibs\Basic
 	}
 
 	// reloads the mofile, if the location of the lang file changes
-	public function l10nReloadMOfile($lang, $path = '')
+	public function l10nReloadMOfile(string $lang, string $path = ''): bool
 	{
 		$success = false;
 		$old_mofile = $this->mofile;

www/lib/CoreLibs/Output/Form/Generate.php

@@ -173,7 +173,7 @@
 *               only a certain field list. If where is filled out and used in combination with insert (not same_db)
 *               then this key will be SET when inserted into the DB !!!
 *   2003-04-09: added open_dir for download of file (URL), save_dir is only for upload (absolute path)
-*               added require once for class_db_array_io.inc
+*               added require once for class_db_array_io.php
 *   2003-03-31: added a file upload module (type==file)
 *   2003-03-20: added form_procedure_new, etc functions so for default calls it is easier to write
 *               also added security levels to all functions where it is needed
@@ -235,9 +235,10 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 	public $delete;
 	public $really_delete;
 	public $save;
+	public $remove_button;
 	// security publics
 	public $base_acl_level;
-	public $security_levels;
+	public $security_level;
 	// layout publics
 	public $table_width;
 
@@ -248,8 +249,8 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 	// PARAMS: $db_config -> connect to DB
 	//         $lang -> language code ('en', 'ja', etc)
 	//         $table_width -> width of table
-	//         $db_debug -> turns db_io debug on/off (DB_DEBUG as global var does the same)
-	public function __construct($db_config, $lang, $table_width = 750, $debug = 0, $db_debug = 0, $echo = 1, $print = 0)
+	//         $set_control_flag -> basic class set/get variable error flags
+	public function __construct(array $db_config, string $lang, int $table_width = 750, int $set_control_flag = 0)
 	{
 		$this->my_page_name = $this->getPageName(1);
 		// init the language class
@@ -259,12 +260,12 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		// WARNING: auto spl load does not work with this as it is an array and not a function/object
 		// check if this is the old path or the new path
 		if (is_dir(TABLE_ARRAYS)) {
-			if (is_file(TABLE_ARRAYS.'array_'.$this->my_page_name.'.inc')) {
-				include(TABLE_ARRAYS.'array_'.$this->my_page_name.'.inc');
+			if (is_file(TABLE_ARRAYS.'array_'.$this->my_page_name.'.php')) {
+				include(TABLE_ARRAYS.'array_'.$this->my_page_name.'.php');
 			}
 		} else {
-			if (is_file(BASE.INCLUDES.TABLE_ARRAYS.'array_'.$this->my_page_name.'.inc')) {
-				include(BASE.INCLUDES.TABLE_ARRAYS.'array_'.$this->my_page_name.'.inc');
+			if (is_file(BASE.INCLUDES.TABLE_ARRAYS.'array_'.$this->my_page_name.'.php')) {
+				include(BASE.INCLUDES.TABLE_ARRAYS.'array_'.$this->my_page_name.'.php');
 			}
 		}
 		if (isset(${$this->my_page_name}) && is_array(${$this->my_page_name})) {
@@ -278,7 +279,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		}
 
 		// start the array_io class which will start db_io ...
-		parent::__construct($db_config, $config_array['table_array'], $config_array['table_name'], $debug, $db_debug, $echo, $print);
+		parent::__construct($db_config, $config_array['table_array'], $config_array['table_name'], $set_control_flag);
 		// here should be a check if the config_array is correct ...
 		if (isset($config_array['show_fields']) && is_array($config_array['show_fields'])) {
 			$this->field_array = $config_array['show_fields'];
@@ -329,14 +330,6 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 		}
 		// write array to class var
 		$this->security_level = $config_array['security_level'];
-
-		// internal
-		$this->class_info['form'] = array(
-			'class_name' => 'Form create',
-			'class_version' => '3.0.0',
-			'class_created' => '2002-10-22',
-			'class_author' => 'Clemens Schwaighofer'
-		);
 	}
 
 	// dumps all values into output (for error msg)
@@ -804,7 +797,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 					$query .= " WHERE ".$this->table_array[$element_name]['where'];
 				}
 				// not self where
-				if (!empty($this->table_array[$element_name]['where_not_self'])) {
+				if (!empty($this->table_array[$element_name]['where_not_self']) && isset($this->table_array[$this->int_pk_name]['value']) && $this->table_array[$this->int_pk_name]['value']) {
 					// check if query has where already
 					if (strstr($query, 'WHERE') === false) {
 						$query .= " WHERE ";
@@ -930,12 +923,12 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 							}
 							break;
 						case 'date': // YYYY-MM-DD
-							if (!check_date($this->table_array[$key]['value'], 1)) {
+							if (!$this->checkDate($this->table_array[$key]['value'], 1)) {
 								$this->msg .= sprintf($this->l->__('Please enter a vailid date (YYYY-MM-DD) for the <b>%s</b> Field!<br>'), $this->table_array[$key]['output_name']);
 							}
 							break;
 						case 'time': // HH:MM[:SS]
-							if (!check_time($this->table_array[$key]['value'])) {
+							if (!$this->checkDateTime($this->table_array[$key]['value'])) {
 								$this->msg .= sprintf($this->l->__('Please enter a vailid time (HH:MM[:SS]) for the <b>%s</b> Field!<br>'), $this->table_array[$key]['output_name']);
 							}
 							break;
@@ -1447,14 +1440,14 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 							$no_write[$i] = 1;
 						}
 						// $this->debug('REF ELEMENT', "[$i] [".$prfx.$el_name."]: MANDATORY: ".isset($data_array['mandatory'])." SET: ".isset($_POST[$prfx.$el_name][$i]).", EMPTY: ".empty($_POST[$prfx.$el_name][$i])." | DO ACTION ".((!isset($_POST[$prfx.$el_name][$i]) || (isset($_POST[$prfx.$el_name][$i]) && empty($_POST[$prfx.$el_name][$i]))) ? 'YES' : 'NO')." => NO WRITE: ".$no_write[$i]);
-						if (isset($reference_array['enable_name']) &&
-							isset($reference_array['delete']) &&
-							!isset($_POST[$reference_array['enable_name']][$i])
+						if (!empty($reference_array['enable_name']) &&
+							isset($reference_array['delete']) && $reference_array['delete'] &&
+							(!isset($_POST[$reference_array['enable_name']][$i]) || empty($_POST[$reference_array['enable_name']][$i]))
 						) {
 							$no_write[$i] = 1;
 						}
 						// $this->debug('REF ELEMENT', "[$i] [".$prfx.$el_name."]: ENABLED NAME: ".isset($reference_array['enable_name']).", DELETE: ".isset($reference_array['delete']).", NOT ENABLED FOR POS: ".(isset($reference_array['enable_name']) ? isset($_POST[$reference_array['enable_name']][$i]) : '-'));
-						// $this->debug('REF ELEMENT', "[$i] [".$prfx.$el_name."]: WRITE: ".$no_write[$i]);
+						$this->debug('REF ELEMENT', "[$i] [".$prfx.$el_name."]: WRITE: ".$no_write[$i]);
 						// flag if data is in the text field and we are in a reference data set
 						if (isset($reference_array['type']) && $reference_array['type'] == 'reference_data') {
 							if ($data_array['type'] == 'text' && isset($_POST[$prfx.$el_name][$i])) {
@@ -1472,7 +1465,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 							$q_begin[$i] = 'UPDATE '.$table_name.' SET ';
 							$q_end[$i] = ' WHERE '.$el_name.' = '.$_POST[$prfx.$el_name][$i];
 							$type[$i] = 'update';
-							// $this->debug('REF ELEMENT', 'SET UPDATE');
+							$this->debug('REF ELEMENT', 'SET UPDATE');
 						} elseif (isset($data_array['pk_id']) &&
 							!empty($data_array['pk_id']) &&
 							empty($_POST[$prfx.$el_name][$i])
@@ -1481,7 +1474,7 @@ class Generate extends \CoreLibs\DB\Extended\ArrayIO
 							$q_middle[$i] = ') VALUES (';
 							$q_end[$i] = ')';
 							$type[$i] = 'insert';
-							// $this->debug('REF ELEMENT', 'SET INSERT');
+							$this->debug('REF ELEMENT', 'SET INSERT');
 						}
 						// $this->debug('REF ELEMENT', "[$i] [".$prfx.$el_name."] PK SET: ".isset($data_array['pk_id']).'/'.empty($data_array['pk_id']).', KEY SET: '.empty($_POST[$prfx.$el_name][$i])." -> TYPE: ".(isset($type[$i]) ? $type[$i] : '-'));
 						// write all data (insert/update) because I don't know until all are processed if it is insert or update

www/lib/CoreLibs/Template/SmartyExtend.php

@@ -20,12 +20,13 @@ class SmartyExtend extends SmartyBC
 	public $l10n;
 
 	// constructor class, just sets the language stuff
-	public function __construct($lang)
+	public function __construct(string $lang)
 	{
 		SmartyBC::__construct();
 		$this->l10n = new \CoreLibs\Language\L10n($lang);
 		// variable variable register
-		$this->register_modifier('getvar', array(&$this, 'get_template_vars'));
+		// $this->register_modifier('getvar', array(&$this, 'get_template_vars'));
+		$this->registerPlugin('modifier', 'getvar', array(&$this, 'get_template_vars'));
 	}
 }
 

www/lib/FileUpload/qqFileUploader.php

@@ -2,8 +2,7 @@
 
 namespace FileUpload;
 
-use \FileUpload\Core\qqUploadedFileForm;
-use \FileUpload\Core\qqUploadedFileXhr;
+use \FileUpload\Core;
 
 class qqFileUploader
 {
@@ -21,9 +20,9 @@ class qqFileUploader
 		$this->checkServerSettings();
 
 		if (isset($_GET['qqfile'])) {
-			$this->file = new qqUploadedFileXhr();
+			$this->file = new \FileUpload\Core\qqUploadedFileXhr();
 		} elseif (isset($_FILES['qqfile'])) {
-			$this->file = new qqUploadedFileForm();
+			$this->file = new \FileUpload\Core\qqUploadedFileForm();
 		} else {
 			$this->file = false;
 		}

www/lib/autoloader.php

@@ -33,7 +33,7 @@ if (class_exists('Autoload', false) === false) {
 				$len = strlen(__NAMESPACE__);
 			}
 			// set default extension
-			$extension = '.inc';
+			$extension = '.php';
 			// set full include path
 			$path = __DIR__.$ds.$LIB.substr($class, $len);
 			// replace namespace \ with dir sepeator

www/media/video/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore