Updates and fixes to CoreLibs

- fixed all DEFINE to define in config* files
- Updates Login class with missing strict declarations
- some fixes in Login class for possible errors
- Basic class return array layout updates for all rgb sets plus correct
  static update
- Basic class timestamp method fix for not full set (eg missing seconds)
- Basic class add method for getting linecount from a file
- DB IO class gets a get settings return value method

www/admin/class_test.php

@@ -224,6 +224,13 @@ if (round($timestamp, 4) == $basic->stringToTime($time_string)) {
 } else {
 	print "REVERSE TRIME STRING DO NOT MATCH<br>";
 }
+print "ZERO TIME STRING: ".$basic->timeStringFormat(0, true)."<br>";
+print "ZERO TIME STRING: ".$basic->timeStringFormat(0.0, true)."<br>";
+print "ZERO TIME STRING: ".$basic->timeStringFormat(1.005, true)."<br>";
+
+echo "HTML ENT INT: ".$basic->htmlent(5)."<br>";
+echo "HTML ENT STRING: ".$basic->htmlent('5<<>')."<br>";
+echo "HTML ENT NULL: ".$basic->htmlent(null)."<br>";
 
 // magic links test
 print $basic->magicLinks('user@bubu.at').'<br>';

www/configs/config.master.php

@@ -9,146 +9,146 @@
 
 /************* PATHS *********************/
 // directory seperator
-DEFINE('DS', DIRECTORY_SEPARATOR);
+define('DS', DIRECTORY_SEPARATOR);
 // ** NEW/BETTER DIR DECLARATIONS **
 // path to original file (if symlink)
-DEFINE('DIR', __DIR__.DS);
+define('DIR', __DIR__.DS);
 // base dir root folder level
-DEFINE('BASE', str_replace('/configs', '', __DIR__).DS);
+define('BASE', str_replace('/configs', '', __DIR__).DS);
 
 // ** OLD DIR DECLARATIONS **
 // path to document root of file called
-DEFINE('ROOT', getcwd().DS);
+define('ROOT', getcwd().DS);
 // libs path
-DEFINE('LIB', 'lib'.DS);
+define('LIB', 'lib'.DS);
-DEFINE('LIBS', 'lib'.DS);
+define('LIBS', 'lib'.DS);
 // configs folder
-DEFINE('CONFIGS', 'configs'.DS);
+define('CONFIGS', 'configs'.DS);
 // includes (strings, arrays for static, etc)
-DEFINE('INCLUDES', 'includes'.DS);
+define('INCLUDES', 'includes'.DS);
 // data folder (mostly in includes)
-DEFINE('DATA', 'data'.DS);
+define('DATA', 'data'.DS);
 // layout base path
-DEFINE('LAYOUT', 'layout'.DS);
+define('LAYOUT', 'layout'.DS);
 // pic-root (compatible to CMS)
-DEFINE('PICTURES', 'images'.DS);
+define('PICTURES', 'images'.DS);
 // images
-DEFINE('IMAGES', 'images'.DS);
+define('IMAGES', 'images'.DS);
 // icons (below the images/ folder)
-DEFINE('ICONS', 'icons'.DS);
+define('ICONS', 'icons'.DS);
 // media
-DEFINE('MEDIA', 'media'.DS);
+define('MEDIA', 'media'.DS);
 // flash-root (below media)
-DEFINE('FLASH', 'flash'.DS);
+define('FLASH', 'flash'.DS);
 // uploads (anything to keep)
-DEFINE('UPLOADS', 'uploads'.DS);
+define('UPLOADS', 'uploads'.DS);
 // files (binaries) (below media)
-DEFINE('BINARIES', 'binaries'.DS);
+define('BINARIES', 'binaries'.DS);
 // files (videos) (below media)
-DEFINE('VIDEOS', 'videos'.DS);
+define('VIDEOS', 'videos'.DS);
 // files (documents) (below media)
-DEFINE('DOCUMENTS', 'documents'.DS);
+define('DOCUMENTS', 'documents'.DS);
 // files (pdfs) (below media)
-DEFINE('PDFS', 'documents'.DS);
+define('PDFS', 'documents'.DS);
 // CSV
-DEFINE('CSV', 'csv'.DS);
+define('CSV', 'csv'.DS);
 // css
-DEFINE('CSS', 'css'.DS);
+define('CSS', 'css'.DS);
 // font (web)
-DEFINE('FONT', 'font'.DS);
+define('FONT', 'font'.DS);
 // js
-DEFINE('JS', 'javascript'.DS);
+define('JS', 'javascript'.DS);
 // table arrays
-DEFINE('TABLE_ARRAYS', 'table_arrays'.DS);
+define('TABLE_ARRAYS', 'table_arrays'.DS);
 // smarty libs path
-DEFINE('SMARTY', 'Smarty'.DS);
+define('SMARTY', 'Smarty'.DS);
 // po langs
-DEFINE('LANG', 'lang'.DS);
+define('LANG', 'lang'.DS);
 // cache path
-DEFINE('CACHE', 'cache'.DS);
+define('CACHE', 'cache'.DS);
 // temp path
-DEFINE('TMP', 'tmp'.DS);
+define('TMP', 'tmp'.DS);
 // log files
-DEFINE('LOG', 'log'.DS);
+define('LOG', 'log'.DS);
 // compiled template folder
-DEFINE('TEMPLATES_C', 'templates_c'.DS);
+define('TEMPLATES_C', 'templates_c'.DS);
 // template base
-DEFINE('TEMPLATES', 'templates'.DS);
+define('TEMPLATES', 'templates'.DS);
 
 /************* HASH / ACL DEFAULT / ERROR SETTINGS / SMARTY *************/
 // default hash type
-DEFINE('DEFAULT_HASH', 'sha256');
+define('DEFAULT_HASH', 'sha256');
 // default acl level
-DEFINE('DEFAULT_ACL_LEVEL', 80);
+define('DEFAULT_ACL_LEVEL', 80);
 // SSL host name
-// DEFINE('SSL_HOST', 'ssl.host.name');
+// define('SSL_HOST', 'ssl.host.name');
 // error page strictness, Default is 3
 // 1: only show error page as the last mesure if really no mid & aid can be loaded and found at all
 // 2: if template not found, do not search, show error template
 // 3: if default template is not found, show error template, do not fall back to default tree
 // 4: very strict, even on normal fixable errors through error
-// DEFINE('ERROR_STRICT', 3);
+// define('ERROR_STRICT', 3);
 // allow page caching in general, set to 'FALSE' if you do debugging or development!
-// DEFINE('ALLOW_SMARTY_CACHE', false);
+// define('ALLOW_SMARTY_CACHE', false);
 // cache life time, in second', default here is 2 days (172800s)
 // -1 is never expire cache
-// DEFINE('SMARTY_CACHE_LIFETIME', -1);
+// define('SMARTY_CACHE_LIFETIME', -1);
 
 /************* LOGOUT ********************/
 // logout target
-DEFINE('LOGOUT_TARGET', '');
+define('LOGOUT_TARGET', '');
 // password change allowed
-DEFINE('PASSWORD_CHANGE', false);
+define('PASSWORD_CHANGE', false);
-DEFINE('PASSWORD_FORGOT', false);
+define('PASSWORD_FORGOT', false);
 // min/max password length
-DEFINE('PASSWORD_MIN_LENGTH', 8);
+define('PASSWORD_MIN_LENGTH', 8);
-DEFINE('PASSWORD_MAX_LENGTH', 255);
+define('PASSWORD_MAX_LENGTH', 255);
 
 /************* AJAX / ACCESS *************/
 // ajax request type
-DEFINE('AJAX_REQUEST_TYPE', 'POST');
+define('AJAX_REQUEST_TYPE', 'POST');
 // what AJAX type to use
-DEFINE('USE_PROTOTYPE', false);
+define('USE_PROTOTYPE', false);
-DEFINE('USE_SCRIPTACULOUS', false);
+define('USE_SCRIPTACULOUS', false);
-DEFINE('USE_JQUERY', true);
+define('USE_JQUERY', true);
 
 /************* LAYOUT WIDTHS *************/
-DEFINE('PAGE_WIDTH', 800);
+define('PAGE_WIDTH', 800);
-DEFINE('CONTENT_WIDTH', 800);
+define('CONTENT_WIDTH', 800);
 // the default template name
-DEFINE('MASTER_TEMPLATE_NAME', 'main_body.tpl');
+define('MASTER_TEMPLATE_NAME', 'main_body.tpl');
 
 /************* OVERALL CONTROL NAMES *************/
 // BELOW has HAS to be changed
 // base name for all session and log names
-DEFINE('BASE_NAME', 'CoreLibs');
+define('BASE_NAME', 'CoreLibs');
 
 /************* SESSION NAMES *************/
 // server name HASH
-DEFINE('SERVER_NAME_HASH', hash('crc32b', $_SERVER['HTTP_HOST']));
+define('SERVER_NAME_HASH', hash('crc32b', $_SERVER['HTTP_HOST']));
-DEFINE('SERVER_PATH_HASH', hash('crc32b', BASE));
+define('SERVER_PATH_HASH', hash('crc32b', BASE));
 // backend
-DEFINE('EDIT_SESSION_NAME', BASE_NAME.'Admin'.SERVER_NAME_HASH.SERVER_PATH_HASH);
+define('EDIT_SESSION_NAME', BASE_NAME.'Admin'.SERVER_NAME_HASH.SERVER_PATH_HASH);
 // frontend
-DEFINE('SESSION_NAME', BASE_NAME.SERVER_NAME_HASH.SERVER_PATH_HASH);
+define('SESSION_NAME', BASE_NAME.SERVER_NAME_HASH.SERVER_PATH_HASH);
 // SET_SESSION_NAME should be set in the header if a special session name is needed
-DEFINE('SET_SESSION_NAME', SESSION_NAME);
+define('SET_SESSION_NAME', SESSION_NAME);
 
 /************* CACHE/COMPILE IDS *************/
-DEFINE('CACHE_ID', 'CACHE_'.BASE_NAME.'_'.SERVER_NAME_HASH);
+define('CACHE_ID', 'CACHE_'.BASE_NAME.'_'.SERVER_NAME_HASH);
-DEFINE('COMPILE_ID', 'COMPILE_'.BASE_NAME.'_'.SERVER_NAME_HASH);
+define('COMPILE_ID', 'COMPILE_'.BASE_NAME.'_'.SERVER_NAME_HASH);
 
 /************* LANGUAGE / ENCODING *******/
-DEFINE('DEFAULT_LANG', 'en_utf8');
+define('DEFAULT_LANG', 'en_utf8');
 // default web page encoding setting
-DEFINE('DEFAULT_ENCODING', 'UTF-8');
+define('DEFAULT_ENCODING', 'UTF-8');
 
 /************* LOGGING *******************/
 // below two can be defined here, but they should be
 // defined in either the header file or the file itself
 // as $LOG_FILE_ID which takes presence over LOG_FILE_ID
 // see Basic class constructor
-DEFINE('LOG_FILE_ID', BASE_NAME);
+define('LOG_FILE_ID', BASE_NAME);
 
 /************* CLASS ERRORS *******************/
 // 0 = default all OFF
@@ -161,14 +161,14 @@ define('CLASS_VARIABLE_ERROR_MODE', 3);
 // if we have a dev/live system
 // set_live is a per page/per item
 // live_queue is a global queue system
-// DEFINE('QUEUE', 'live_queue');
+// define('QUEUE', 'live_queue');
 
 /************* DB PATHS (PostgreSQL) *****************/
 // schema names, can also be defined per <DB INFO>
-DEFINE('PUBLIC_SCHEMA', 'public');
+define('PUBLIC_SCHEMA', 'public');
-DEFINE('DEV_SCHEMA', 'public');
+define('DEV_SCHEMA', 'public');
-DEFINE('TEST_SCHEMA', 'public');
+define('TEST_SCHEMA', 'public');
-DEFINE('LIVE_SCHEMA', 'public');
+define('LIVE_SCHEMA', 'public');
 
 /************* CORE HOST SETTINGS *****************/
 if (file_exists(BASE.CONFIGS.'config.host.php')) {
@@ -195,7 +195,7 @@ if (file_exists(BASE.CONFIGS.'config.path.php')) {
 // get the name without the port
 list($HOST_NAME) = array_pad(explode(':', $_SERVER['HTTP_HOST'], 2), 2, null);
 // set HOST name
-DEFINE('HOST_NAME', $HOST_NAME);
+define('HOST_NAME', $HOST_NAME);
 // BAIL ON MISSING MASTER SITE CONFIG
 if (!isset($SITE_CONFIG[HOST_NAME]['location'])) {
 	echo 'Missing SITE_CONFIG entry for: "'.HOST_NAME.'". Contact Administrator';
@@ -220,41 +220,41 @@ if ((!isset($SITE_CONFIG[HOST_NAME]['db_host']) && count($DB_CONFIG)) ||
 // set SSL on
 if ((array_key_exists('HTTPS', $_SERVER) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ||
 	$_SERVER['SERVER_PORT'] == 443) {
-	DEFINE('HOST_SSL', true);
+	define('HOST_SSL', true);
-	DEFINE('HOST_PROTOCOL', 'https://');
+	define('HOST_PROTOCOL', 'https://');
 } else {
-	DEFINE('HOST_SSL', false);
+	define('HOST_SSL', false);
-	DEFINE('HOST_PROTOCOL', 'http://');
+	define('HOST_PROTOCOL', 'http://');
 }
 // define the db config set name, the db config and the db schema
-DEFINE('DB_CONFIG_NAME', $SITE_CONFIG[HOST_NAME]['db_host']);
+define('DB_CONFIG_NAME', $SITE_CONFIG[HOST_NAME]['db_host']);
-DEFINE('DB_CONFIG', isset($DB_CONFIG[DB_CONFIG_NAME]) ? $DB_CONFIG[DB_CONFIG_NAME] : array());
+define('DB_CONFIG', isset($DB_CONFIG[DB_CONFIG_NAME]) ? $DB_CONFIG[DB_CONFIG_NAME] : array());
-// DEFINE('DB_CONFIG_TARGET', SITE_CONFIG[$HOST_NAME]['db_host_target']);
+// define('DB_CONFIG_TARGET', SITE_CONFIG[$HOST_NAME]['db_host_target']);
-// DEFINE('DB_CONFIG_OTHER', SITE_CONFIG[$HOST_NAME]['db_host_other']);
+// define('DB_CONFIG_OTHER', SITE_CONFIG[$HOST_NAME]['db_host_other']);
 // override for login and global schemas
-// DEFINE('LOGIN_DB_SCHEMA', PUBLIC_SCHEMA); // where the edit* tables are
+// define('LOGIN_DB_SCHEMA', PUBLIC_SCHEMA); // where the edit* tables are
-// DEFINE('GLOBAL_DB_SCHEMA', PUBLIC_SCHEMA); // where global tables are that are used by all schemas (eg queue tables for online, etc)
+// define('GLOBAL_DB_SCHEMA', PUBLIC_SCHEMA); // where global tables are that are used by all schemas (eg queue tables for online, etc)
 // debug settings, site lang, etc
-DEFINE('TARGET', $SITE_CONFIG[HOST_NAME]['location']);
+define('TARGET', $SITE_CONFIG[HOST_NAME]['location']);
-DEFINE('DEBUG', $SITE_CONFIG[HOST_NAME]['debug_flag']);
+define('DEBUG', $SITE_CONFIG[HOST_NAME]['debug_flag']);
-DEFINE('SITE_LANG', $SITE_CONFIG[HOST_NAME]['site_lang']);
+define('SITE_LANG', $SITE_CONFIG[HOST_NAME]['site_lang']);
-DEFINE('LOGIN_ENABLED', $SITE_CONFIG[HOST_NAME]['login_enabled']);
+define('LOGIN_ENABLED', $SITE_CONFIG[HOST_NAME]['login_enabled']);
 // paths
-// DEFINE('CSV_PATH', $PATHS[TARGET]['csv_path']);
+// define('CSV_PATH', $PATHS[TARGET]['csv_path']);
-// DEFINE('EXPORT_SCRIPT', $PATHS[TARGET]['perl_bin']);
+// define('EXPORT_SCRIPT', $PATHS[TARGET]['perl_bin']);
-// DEFINE('REDIRECT_URL', $PATHS[TARGET]['redirect_url']);
+// define('REDIRECT_URL', $PATHS[TARGET]['redirect_url']);
 
 // show all errors if debug_all & show_error_handling are enabled
-DEFINE('SHOW_ALL_ERRORS', true);
+define('SHOW_ALL_ERRORS', true);
 
 /************* GENERAL PAGE TITLE ********/
-DEFINE('G_TITLE', '<OVERALL FALLBACK PAGE TITLE>');
+define('G_TITLE', '<OVERALL FALLBACK PAGE TITLE>');
 
 /************ STYLE SHEETS / JS **********/
-DEFINE('ADMIN_STYLESHEET', 'edit.css');
+define('ADMIN_STYLESHEET', 'edit.css');
-DEFINE('ADMIN_JAVASCRIPT', 'edit.js');
+define('ADMIN_JAVASCRIPT', 'edit.js');
-DEFINE('STYLESHEET', 'frontend.css');
+define('STYLESHEET', 'frontend.css');
-DEFINE('JAVASCRIPT', 'frontend.js');
+define('JAVASCRIPT', 'frontend.js');
 
 // anything optional
 /************* INTERNAL ******************/

www/layout/admin/javascript/firebug.js

@@ -3,8 +3,9 @@
  * firebug 1.2+ and the webkit console */
 
 var ConsoleSetup = function() {
-	if (!window.console)
+	if (!window.console) {
 		window.console = {};
+	}
 
 	var names = ['log', 'debug', 'info', 'warn', 'error', 'assert', 'dir', 'dirxml', 'group', 'groupEnd', 'time', 'timeEnd', 'count', 'trace', 'profile', 'profileEnd'];
 

www/lib/CoreLibs/ACL/Login.php

@@ -345,7 +345,7 @@ class Login extends \CoreLibs\DB\IO
 	 * if user pressed login button this script is called, but only if there is no preview euid set]
 	 * @return void has not return
 	 */
-	private function loginLoginUser()
+	private function loginLoginUser(): void
 	{
 		// have to get the global stuff here for setting it later
 		if (!$this->euid && $this->login) {
@@ -587,7 +587,7 @@ class Login extends \CoreLibs\DB\IO
 	 * for every page the user access this script checks if he is allowed to do so
 	 * @return bool permission okay as true/false
 	 */
-	public function loginCheckPermissions()
+	public function loginCheckPermissions(): bool
 	{
 		if ($this->euid && $this->login_error != 103) {
 			$q = "SELECT filename ";
@@ -613,7 +613,7 @@ class Login extends \CoreLibs\DB\IO
 	 * if a user pressed on logout, destroyes session and unsets all global vars
 	 * @return void has no return
 	 */
-	public function loginLogoutUser()
+	public function loginLogoutUser(): void
 	{
 		if ($this->logout || $this->login_error) {
 			// unregister and destroy session vars
@@ -673,7 +673,7 @@ class Login extends \CoreLibs\DB\IO
 	 * set all base ACL levels as a list keyword -> ACL number
 	 * @return void has no return
 	 */
-	private function loginSetAcl()
+	private function loginSetAcl(): void
 	{
 		// only set acl if we have permission okay
 		if ($this->permission_okay) {
@@ -766,8 +766,8 @@ class Login extends \CoreLibs\DB\IO
 
 	/**
 	 * checks if this edit access id is valid
-	 * @param  int $edit_access_id access id pk to check
+	 * @param  int|null $edit_access_id access id pk to check
-	 * @return bool                true/false: if the edit access is not in the valid list: false
+	 * @return bool                     true/false: if the edit access is not in the valid list: false
 	 */
 	public function loginCheckEditAccess($edit_access_id): bool
 	{
@@ -783,7 +783,7 @@ class Login extends \CoreLibs\DB\IO
 	 * @param  string $password the new password
 	 * @return bool             true or false if valid password or not
 	 */
-	private function loginPasswordChangeValidPassword($password)
+	private function loginPasswordChangeValidPassword($password): bool
 	{
 		$is_valid_password = true;
 		// check for valid in regex arrays in list
@@ -805,7 +805,7 @@ class Login extends \CoreLibs\DB\IO
 	 * dummy declare for password forget
 	 * @return void has no return
 	 */
-	private function loginPasswordForgot()
+	private function loginPasswordForgot(): void
 	{
 		// will do some password recovert, eg send email
 	}
@@ -831,7 +831,7 @@ class Login extends \CoreLibs\DB\IO
 	 * changes a user password
 	 * @return void has no return
 	 */
-	private function loginPasswordChange()
+	private function loginPasswordChange(): void
 	{
 		if ($this->change_password) {
 			$event = 'Password Change';
@@ -1013,7 +1013,7 @@ class Login extends \CoreLibs\DB\IO
 	 * checks if there are external templates, if not uses internal fallback ones
 	 * @return void has no return
 	 */
-	private function loginSetTemplates()
+	private function loginSetTemplates(): void
 	{
 		$strings = array(
 			'HTML_TITLE' => $this->l->__('LOGIN'),
@@ -1172,7 +1172,7 @@ EOM;
 	 * @param  string     $username login user username
 	 * @return void                 has no return
 	 */
-	private function writeLog(string $event, string $data, $error = '', string $username = '')
+	private function writeLog(string $event, string $data, $error = '', string $username = ''): void
 	{
 		if ($this->login) {
 				$this->action = 'Login';
@@ -1217,28 +1217,33 @@ EOM;
 	}
 
 	/**
-	 *checks that the given edit access id is valid for this user
+	 * checks that the given edit access id is valid for this user
-	 * @param  int $edit_access_id edit access id to check
+	 * @param  int|null $edit_access_id edit access id to check
-	 * @return int                 same edit access id if ok, or the default edit access id if given one is not valid
+	 * @return int|null                 same edit access id if ok
+	 *                                  or the default edit access id if given one is not valid
 	 */
-	public function loginCheckEditAccessId(int $edit_access_id)
+	public function loginCheckEditAccessId(?int $edit_access_id): ?int
 	{
-		if (!array_key_exists($edit_access_id, $_SESSION["UNIT"])) {
+		if (isset($_SESSION['UNIT']) &&
-			return $_SESSION["UNIT_DEFAULT"];
+			is_array($_SESSION['UNIT']) &&
+			!array_key_exists($edit_access_id, $_SESSION['UNIT'])
+		) {
+			return $_SESSION['UNIT_DEFAULT'];
 		} else {
 			return $edit_access_id;
 		}
 	}
 
 	/**
-	 * [loginSetEditAccessData description]
+	 * retunrn a set entry from the UNIT session for an edit access_id
+	 * if not found return false
 	 * @param  int        $edit_access_id edit access id
 	 * @param  string|int $data_key       key value to search for
 	 * @return bool|string                false for not found or string for found data
 	 */
 	public function loginSetEditAccessData(int $edit_access_id, $data_key)
 	{
-		if (!$_SESSION['UNIT'][$edit_access_id]['data'][$data_key]) {
+		if (!isset($_SESSION['UNIT'][$edit_access_id]['data'][$data_key])) {
 			return false;
 		} else {
 			return $_SESSION['UNIT'][$edit_access_id]['data'][$data_key];

www/lib/CoreLibs/Basic.php

@@ -1562,6 +1562,31 @@ class Basic
 		return $array;
 	}
 
+	/**
+	 * get lines in a file
+	 * @param  string $file file for line count read
+	 * @return int          number of lines or -1 for non readable file
+	 */
+	public static function getLinesFromFile(string $file): int
+	{
+		if (is_file($file) &&
+			file_exists($file) &&
+			is_readable($file)
+		) {
+			$f = fopen($file, 'rb');
+			$lines = 0;
+			while (!feof($f)) {
+				$lines += substr_count(fread($f, 8192), "\n");
+			}
+			fclose($f);
+		} else {
+			// if file does not exist or is not readable, return -1
+			$lines = -1;
+		}
+		// return lines in file
+		return $lines;
+	}
+
 	/**
 	 * wrapper function for mb mime convert, for correct conversion with long strings
 	 * @param  string $string   string to encode
@@ -1793,26 +1818,33 @@ class Basic
 	{
 		// check if the timestamp has any h/m/s/ms inside, if yes skip
 		if (!preg_match("/(h|m|s|ms)/", (string)$timestamp)) {
-			$ms = 0;
+			list ($timestamp, $ms) = array_pad(explode('.', (string)round($timestamp, 4)), 2, null);
-			list ($timestamp, $ms) = explode('.', (string)round($timestamp, 4));
 			$timegroups = array(86400, 3600, 60, 1);
 			$labels = array('d', 'h', 'm', 's');
 			$time_string = '';
-			for ($i = 0, $iMax = count($timegroups); $i < $iMax; $i ++) {
+			// if timestamp is zero, return zero string
-				$output = floor((float)$timestamp / $timegroups[$i]);
+			if ($timestamp == 0) {
-				$timestamp = (float)$timestamp % $timegroups[$i];
+				$time_string = '0s';
-				// output has days|hours|min|sec
+			} else {
-				if ($output || $time_string) {
+				for ($i = 0, $iMax = count($timegroups); $i < $iMax; $i ++) {
-					$time_string .= $output.$labels[$i].(($i + 1) != count($timegroups) ? ' ' : '');
+					$output = floor((float)$timestamp / $timegroups[$i]);
+					$timestamp = (float)$timestamp % $timegroups[$i];
+					// output has days|hours|min|sec
+					if ($output || $time_string) {
+						$time_string .= $output.$labels[$i].(($i + 1) != count($timegroups) ? ' ' : '');
+					}
 				}
 			}
-			// if we have ms and it has leading zeros, remove them
+			// only add ms if we have an ms value
-			$ms = preg_replace("/^0+/", '', $ms);
+			if ($ms !== null) {
-			// add ms if there
+				// if we have ms and it has leading zeros, remove them, but only if it is nut just 0
-			if ($show_micro) {
+				$ms = preg_replace("/^0+(\d+)$/", '${1}', $ms);
-				$time_string .= ' '.(!$ms ? 0 : $ms).'ms';
+				// add ms if there
-			} elseif (!$time_string) {
+				if ($show_micro) {
-				$time_string .= (!$ms ? 0 : $ms).'ms';
+					$time_string .= ' '.(!$ms ? 0 : $ms).'ms';
+				} elseif (!$time_string) {
+					$time_string .= (!$ms ? 0 : $ms).'ms';
+				}
 			}
 		} else {
 			$time_string = $timestamp;
@@ -1881,7 +1913,7 @@ class Basic
 		if (!$datetime) {
 			return false;
 		}
-		list ($year, $month, $day, $hour, $min, $sec) = preg_split("/[\/\- :]/", $datetime);
+		list ($year, $month, $day, $hour, $min, $sec) = array_pad(preg_split("/[\/\- :]/", $datetime), 6, null);
 		if (!$year || !$month || !$day) {
 			return false;
 		}
@@ -2921,7 +2953,11 @@ class Basic
 			$HUE += 360;
 		}
 
-		return array(round($HUE), round((($MAX - $MIN) / $MAX) * 100), round($MAX * 100));
+		return array(
+			(int)round($HUE),
+			(int)round((($MAX - $MIN) / $MAX) * 100),
+			(int)round($MAX * 100)
+		);
 	}
 
 	/**
@@ -2992,7 +3028,11 @@ class Basic
 				$blue = 0;
 		}
 
-		return array(round($red * 255), round($green * 255), round($blue * 255));
+		return array(
+			(int)round($red * 255),
+			(int)round($green * 255),
+			(int)round($blue * 255)
+		);
 	}
 
 	/**
@@ -3039,7 +3079,11 @@ class Basic
 
 			// H, S, L
 			// S= L <= 0.5 ? C/2L : C/2 - 2L
-			return array(round($HUE), round((($MAX - $MIN) / (($L <= 0.5) ? ($MAX + $MIN) : (2 - $MAX - $MIN))) * 100), $L);
+			return array(
+				(int)round($HUE),
+				(int)round((($MAX - $MIN) / (($L <= 0.5) ? ($MAX + $MIN) : (2 - $MAX - $MIN))) * 100),
+				(int)$L
+			);
 		}
 	}
 
@@ -3077,7 +3121,11 @@ class Basic
 				return $m1;
 			};
 
-			return array(round(255 * $hue($h + (1 / 3))), round(255 * $hue($h)), round(255 * $hue($h - (1 / 3))));
+			return array(
+				(int)round(255 * $hue($h + (1 / 3))),
+				(int)round(255 * $hue($h)),
+				(int)round(255 * $hue($h - (1 / 3)))
+			);
 		}
 	}
 
@@ -3232,10 +3280,10 @@ class Basic
 
 	/**
 	 * full wrapper for html entities
-	 * @param  string $string string to html encode
+	 * @param  mixed $string string to html encode
-	 * @return mixed  if string, encoded, else as is
+	 * @return mixed         if string, encoded, else as is (eg null)
 	 */
-	public function htmlent(string $string)
+	public function htmlent($string)
 	{
 		if (is_string($string)) {
 			return htmlentities($string, ENT_COMPAT|ENT_HTML401, 'UTF-8', false);

www/lib/CoreLibs/DB/IO.php

@@ -957,6 +957,28 @@ class IO extends \CoreLibs\Basic
 		return $this->dbReturnRow('SHOW client_encoding')['client_encoding'];
 	}
 
+	/**
+	 * get certain settings like username, db name
+	 * @param  string $name what setting to query
+	 * @return mixed        setting value, if not allowed name return false
+	 */
+	public function dbGetSetting(string $name)
+	{
+		$setting = '';
+		switch ($name) {
+			case 'name':
+				$setting = $this->db_name;
+				break;
+			case 'user':
+				$setting = $this->db_user;
+				break;
+			default:
+				$setting = false;
+				break;
+		}
+		return $setting;
+	}
+
 	/**
 	 * prints out status info from the connected DB (might be usefull for debug stuff)
 	 * @param  bool|boolean $show show db connection info, default true
@@ -1462,7 +1484,7 @@ class IO extends \CoreLibs\Basic
 					if (!$pk_name) {
 						// read the primary key from the table, if we do not have one, we get nothing in return
 						list($schema, $table) = $this->__dbReturnTable($query);
-						if (!$this->pk_name_table[$table]) {
+						if (empty($this->pk_name_table[$table])) {
 							$this->pk_name_table[$table] = $this->db_functions->__dbPrimaryKey($table, $schema);
 						}
 						$pk_name = $this->pk_name_table[$table];

www/lib/CoreLibs/Output/Progressbar.php

@@ -110,7 +110,8 @@ class ProgressBar
 			$clear_buffer_size = $this->clear_buffer_size;
 		}
 		echo str_repeat(' ', $clear_buffer_size);
-		ob_flush();
+		// a small hack to avoid warnings about no buffer to flush
+		@ob_flush();
 		flush();
 	}
 
@@ -541,6 +542,7 @@ class ProgressBar
 		$html = '';
 		$js = '';
 		$html_button = '';
+		$html_percent = '';
 
 		$this->__setStep($this->step);
 		$this->position = $this->__calculatePosition($this->step);
@@ -636,7 +638,7 @@ class ProgressBar
 					case 'percent':
 						// only one inner percent
 						// print "STYLE[$name]: ".$style_lbl."<br>";
-						if (!isset($html_percent)) {
+						if (empty($html_percent)) {
 							$html_percent = '<div id="plbl'.$name.$this->code.'" style="'.$style_lbl.'width:'.$data['width'].'px;line-height:1;text-shadow: 0 0 .2em white, 0 0 .5em white;">'.$this->__calculatePercent($this->step).'%</div>'."\n";
 						}
 						break;

www/lib/CoreLibs/Template/SmartyExtend.php

@@ -46,6 +46,7 @@ class SmartyExtend extends SmartyBC
 	public $USE_TINY_MCE = false;
 	public $JS_DATEPICKR = false;
 	public $JS_FLATPICKR = false;
+	public $JS_FILE_UPLOADER = false;
 	public $DEBUG_TMPL = false;
 	public $USE_INCLUDE_TEMPLATE = false;
 	// cache & compile
@@ -383,6 +384,7 @@ class SmartyExtend extends SmartyBC
 		// include flags
 		$this->DATA['JS_DATEPICKR'] = $this->JS_DATEPICKR;
 		$this->DATA['JS_FLATPICKR'] = $this->JS_FLATPICKR;
+		$this->DATA['JS_FILE_UPLOADER'] = $this->JS_FILE_UPLOADER;
 		// user name
 		$this->DATA['USER_NAME'] = !empty($_SESSION['USER_NAME']) ? $_SESSION['USER_NAME'] : '';
 		// the template part to include into the body

www/lib/FileUpload/Core/qqUploadedFileXhr.php

@@ -35,8 +35,8 @@ class qqUploadedFileXhr
 	}
 	public function getSize()
 	{
-		if (isset($_SERVER["CONTENT_LENGTH"])) {
+		if (isset($_SERVER['CONTENT_LENGTH'])) {
-			return (int)$_SERVER["CONTENT_LENGTH"];
+			return (int)$_SERVER['CONTENT_LENGTH'];
 		} else {
 			throw new \Exception('Getting content length is not supported.');
 		}