Convert static Session class to normal session class

All static Session:: calls (except for checking valid session name) are
converted to object type. This Object is passed on to Login, Admin
Backend and any other class that needs basic session checking

4dev/checking/phpunit.sh

@@ -10,14 +10,16 @@ if [ "${1}" = "t" ] || [ "${2}" = "t" ]; then
 	opt_testdox="--testdox";
 fi;
 php_bin="";
-case "${1}" in
-	# "7.3") php_bin="/usr/bin/php7.3 "; ;;
-	"7.4") php_bin="/usr/bin/php7.4 "; ;;
-	"8.0") php_bin="/usr/bin/php8.0 "; ;;
-	"8.1") php_bin="/usr/bin/php8.1 "; ;;
-	*) echo "Not support PHP: ${1}"; exit; ;;
-esac;
-if [ -z "${php_bin}" ]; then
+if [ ! -z "${1}" ]; then
+	case "${1}" in
+		# "7.3") php_bin="/usr/bin/php7.3 "; ;;
+		"7.4") php_bin="/usr/bin/php7.4 "; ;;
+		"8.0") php_bin="/usr/bin/php8.0 "; ;;
+		"8.1") php_bin="/usr/bin/php8.1 "; ;;
+		*) echo "Not support PHP: ${1}"; exit; ;;
+	esac;
+fi;
+if [ ! -z "${2}" ] && [ -z "${php_bin}" ]; then
 	case "${2}" in
 		# "7.3") php_bin="/usr/bin/php7.3 "; ;;
 		"7.4") php_bin="/usr/bin/php7.4 "; ;;

4dev/database/table/edit_access_data.sql

@@ -14,3 +14,7 @@ CREATE TABLE edit_access_data (
 	name	VARCHAR,
 	value	VARCHAR
 ) INHERITS (edit_generic) WITHOUT OIDS;
+
+-- create a unique index for each attached data block for each edit access can
+-- only have ONE value;
+CREATE UNIQUE INDEX edit_access_data_edit_access_id_name_ukey ON edit_access_data (edit_access_id, name);

4dev/tests/CoreLibsACLLoginTest.php

@@ -15,6 +15,7 @@ final class CoreLibsACLLoginTest extends TestCase
 {
 	private static $db;
 	private static $log;
+	private static $session;
 
 	/**
 	 * start DB conneciton, setup DB, etc
@@ -28,6 +29,8 @@ final class CoreLibsACLLoginTest extends TestCase
 				'The PgSQL extension is not available.'
 			);
 		}
+		// init session
+		self::$session = new \CoreLibs\Create\Session('ACLLoginTest');
 		// logger is always needed
 		// define basic connection set valid and one invalid
 		self::$log = new \CoreLibs\Debug\Logging([
@@ -95,6 +98,8 @@ final class CoreLibsACLLoginTest extends TestCase
 		$this->markTestIncomplete(
 			'ACL\Login Tests have not yet been implemented'
 		);
+
+		$login = new \CoreLibs\ACL\Login(self::$db, self::$log, self::$session);
 	}
 }
 

4dev/tests/CoreLibsConvertJsonTest.php

@@ -13,7 +13,6 @@ use PHPUnit\Framework\TestCase;
  */
 final class CoreLibsConvertJsonTest extends TestCase
 {
-
 	/**
 	 * test list for json convert tests
 	 *

4dev/tests/CoreLibsCreateSessionTest.php

@@ -20,6 +20,10 @@ final class CoreLibsCreateSessionTest extends TestCase
 	 */
 	public function sessionProvider(): array
 	{
+		// 0: session name as parameter
+		// 1: type p (param), g: global, c: constant
+		// 2: exepcted name (session)
+		// 3: regex check
 		return [
 			'session parameter' => [
 				'sessionNameParameter',
@@ -33,32 +37,20 @@ final class CoreLibsCreateSessionTest extends TestCase
 				'sessionNameGlobals',
 				'/^\w+$/'
 			],
-			'session constant' => [
-				'sessionNameConstant',
-				'c',
-				'sessionNameConstant',
+			'session name default' => [
+				'',
+				'd',
+				'',
 				'/^\w+$/'
 			],
 		];
 	}
 
-	/**
-	 * Undocumented function
-	 *
-	 * @return void
-	 */
-	protected function setUp(): void
-	{
-		if (session_id()) {
-			session_destroy();
-		}
-	}
-
 	/**
 	 * Undocumented function
 	 *
 	 * @dataProvider sessionProvider
-	 * @testdox  startSession $input name for $type will be $expected_n with $expected_i [$_dataName]
+	 * @testdox startSession $input name for $type will be $expected_n with $expected_i [$_dataName]
 	 *
 	 * @param string $input
 	 * @param string $type
@@ -66,21 +58,28 @@ final class CoreLibsCreateSessionTest extends TestCase
 	 * @param string|bool $expected_i
 	 * @return void
 	 */
-	public function testStartSession(string $input, string $type, $expected_n, $expected_i): void
-	{
-		// NEEDS MOCKING
-		/* $session_id = '';
+	public function testStartSession(
+		string $input,
+		string $type,
+		$expected_n,
+		$expected_i
+	): void {
+		/*
+		// MOCK class for dummy call
+		$session = new \CoreLibs\Create\Session();
+		$session_id = '';
+		unset($GLOBALS['SET_SESSION_NAME']);
 		switch ($type) {
 			case 'p':
-				$session_id = \CoreLibs\Create\Session::startSession($input);
+				$session_id = $session->startSession($input);
 				break;
 			case 'g':
 				$GLOBALS['SET_SESSION_NAME'] = $input;
-				$session_id = \CoreLibs\Create\Session::startSession();
+				$session_id = $session->startSession();
 				break;
-			case 'c':
-				define('SET_SESSION_NAME', $input);
-				$session_id = \CoreLibs\Create\Session::startSession();
+			case 'd':
+				$expected_n = ini_get('session.name');
+				$session_id = \$session->startSession();
 				break;
 		}
 		$this->assertMatchesRegularExpression(
@@ -89,11 +88,11 @@ final class CoreLibsCreateSessionTest extends TestCase
 		);
 		$this->assertMatchesRegularExpression(
 			$expected_i,
-			(string)\CoreLibs\Create\Session::getSessionId()
+			(string)$session->getSessionId()
 		);
 		$this->assertEquals(
 			$expected_n,
-			\CoreLibs\Create\Session::getSessionName()
+			$session->getSessionName()
 		);
 		if ($type == 'g') {
 			unset($GLOBALS['SET_SESSION_NAME']);
@@ -101,6 +100,64 @@ final class CoreLibsCreateSessionTest extends TestCase
 		$this->markTestSkipped('[CoreLibsCreateSessionTest] No implementation '
 			. 'for Create\Session. Cannot run session_start in CLI');
 	}
+
+	/**
+	 * provider for session name check
+	 *
+	 * @return array
+	 */
+	public function sessionNameProvider(): array
+	{
+		// 0: string for session
+		// 1: expected return
+		return [
+			'valid name' => [
+				'abc',
+				true
+			],
+			'valid name longer' => [
+				'something-abc-123',
+				true
+			],
+			'invalid name' => [
+				'abc#abc',
+				false
+			],
+			'only numbers' => [
+				'123',
+				false
+			],
+			'longer than 128 chars' => [
+				'abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz'
+					. 'abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz'
+					. 'abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz',
+				false
+			],
+			'too short' => [
+				'',
+				false
+			],
+		];
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @covers ::checkValidSessionName
+	 * @dataProvider sessionNameProvider
+	 * @testdox checkValidSessionName $input seessionn name is $expected [$_dataName]
+	 *
+	 * @param  string $input
+	 * @param  bool   $expected
+	 * @return void
+	 */
+	public function testCheckValidSessionName(string $input, bool $expected): void
+	{
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Session::checkValidSessionName($input)
+		);
+	}
 }
 
 // __END__

4dev/tests/CoreLibsDebugLoggingTest.php

@@ -6,6 +6,8 @@ namespace tests;
 
 use PHPUnit\Framework\TestCase;
 
+// TODO: setLogPer test log file written matches pattern
+
 /**
  * Test class for Debug\Logging
  * @coversDefaultClass \CoreLibs\Debug\Logging

phpstan-baseline.neon

@@ -1,7 +1,72 @@
 parameters:
 	ignoreErrors:
 		-
-			message: "#^Parameter \\#1 \\$result of function pg_result_error expects resource, object\\|resource\\|true given\\.$#"
+			message: "#^Parameter \\#1 \\$connection of function pg_connection_busy expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 3
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_connection_status expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_get_result expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 2
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_meta_data expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_send_query expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 2
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_socket expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_version expects PgSql\\\\Connection\\|null, object\\|resource given\\.$#"
+			count: 2
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_affected_rows expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_fetch_all expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_fetch_array expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_field_name expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_num_fields expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_num_rows expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_result_error expects PgSql\\\\Result, object\\|resource given\\.$#"
 			count: 1
 			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
 

phpstan.neon

@@ -24,7 +24,9 @@ parameters:
 		# do not check old qq file uploader tests
 		- www/admin/qq_file_upload_*.php
 		# ignore all test files
-		- www/admin/class_test*php
+		- www/admin/class_test*.php
+		# extra in sub folder
+		- www/admin/subfolder/class_test*.php
 		- www/admin/error_test.php
 		# admin synlink files
 		- www/admin/edit_*.php
@@ -47,9 +49,12 @@ parameters:
 		- www/vendor
 	# ignore errores with
 	ignoreErrors:
-		- # this error is ignore because of the PHP 8.0 to 8.1 change for pg_*
+		- # this error is ignore because of the PHP 8.0 to 8.1 change for pg_*, only for 8.0 or lower
 			message: "#^Parameter \\#1 \\$(result|connection) of function pg_\\w+ expects resource(\\|null)?, object\\|resource(\\|bool)? given\\.$#"
 			path: %currentWorkingDirectory%/www/lib/CoreLibs/DB/SQL/PgSQL.php
+		- # this is for 8.1 or newer
+			message: "#^Parameter \\#1 \\$(result|connection) of function pg_\\w+ expects PgSql\\\\(Result|Connection(\\|null)?), object\\|resource given\\.$#"
+			path: %currentWorkingDirectory%/www/lib/CoreLibs/DB/SQL/PgSQL.php
 		# this is ignored for now
 		# - '#Expression in empty\(\) is always falsy.#'
 		# -

www/admin/class_test.admin.backend.php

@@ -23,14 +23,12 @@ define('USE_DATABASE', true);
 require 'config.php';
 // override ECHO ALL FALSE
 $ECHO_ALL = true;
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-admin';
+$SET_SESSION_NAME = EDIT_SESSION_NAME;
 ob_end_flush();
 
+$session = new CoreLibs\Create\Session($SET_SESSION_NAME);
 $log = new CoreLibs\Debug\Logging([
 	'log_folder' => BASE . LOG,
 	'file_id' => $LOG_FILE_ID,
@@ -49,12 +47,14 @@ $l10n = new \CoreLibs\Language\L10n(
 	$locale['domain'],
 	$locale['path'],
 );
-$backend = new CoreLibs\Admin\Backend($db, $log, $l10n, $locale);
+$backend = new CoreLibs\Admin\Backend($db, $log, $session, $l10n, $locale);
 
+$PAGE_NAME = 'TEST CLASS: ADMIN BACKEND';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: ADMIN BACKEND</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 // set acl, from eg login acl
 print "SETACL[]: " . $backend->setACL(['EMPTY' => 'EMPTY']) . "<br>";

www/admin/class_test.array.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-array';
 ob_end_flush();
@@ -45,10 +41,12 @@ $log = new CoreLibs\Debug\Logging([
 // $_array = new CoreLibs\Combined\ArrayHandler();
 // $array_class = 'CoreLibs\Combination\ArrayHandler';
 
+$PAGE_NAME = 'TEST CLASS: ARRAY HANDLER';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: ARRAY HANDLER</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 // recursive array search
 $test_array = [

www/admin/class_test.autoloader.php

@@ -20,10 +20,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-autoloader';
 ob_end_flush();
@@ -32,10 +28,12 @@ ob_end_flush();
 
 use CoreLibs\Convert\Byte;
 
+$PAGE_NAME = 'TEST CLASS: AUTOLOADER';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: AUTOLOADER</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $bytes = 10242424;
 $_bytes = Byte::humanReadableByteFormat($bytes);

www/admin/class_test.byte.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-byte';
 ob_end_flush();
@@ -43,10 +39,12 @@ $log = new CoreLibs\Debug\Logging([
 ]);
 $byte_class = 'CoreLibs\Convert\Byte';
 
+$PAGE_NAME = 'TEST CLASS: BYTE CONVERT';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: BYTE CONVERT</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 // class
 $byte = 254779258;

www/admin/class_test.colors.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-colors';
 ob_end_flush();
@@ -44,10 +40,12 @@ $log = new CoreLibs\Debug\Logging([
 ]);
 $color_class = 'CoreLibs\Convert\Colors';
 
+$PAGE_NAME = 'TEST CLASS: COLORS';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: COLORS</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 // define a list of from to color sets for conversion test
 

www/admin/class_test.config.direct.php

@@ -0,0 +1,59 @@
+<?php // phpcs:ignore warning
+
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
+
+declare(strict_types=1);
+
+$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+$DEBUG_ALL = 1;
+$PRINT_ALL = 1;
+$DB_DEBUG = 1;
+
+if ($DEBUG_ALL) {
+	error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+}
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', false);
+// sample config
+require '../configs/config.php';
+// define log file id
+$LOG_FILE_ID = 'classTest-config-direct';
+ob_end_flush();
+
+$log = new CoreLibs\Debug\Logging([
+	'log_folder' => BASE . LOG,
+	'file_id' => $LOG_FILE_ID,
+	// add file date
+	'print_file_date' => true,
+	// set debug and print flags
+	'debug_all' => $DEBUG_ALL ?? false,
+	'echo_all' => $ECHO_ALL ?? false,
+	'print_all' => $PRINT_ALL ?? false,
+]);
+
+$PAGE_NAME = 'TEST CLASS: CONFIG DIRECT';
+print "<!DOCTYPE html>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
+print "<body>";
+print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
+
+print "DIR: " . DIR . "<br>";
+print "BASE: " . BASE . "<br>";
+print "ROOT: " . ROOT . "<br>";
+print "BASE NAME: " . BASE_NAME . "<br>";
+echo "Config path prefix: " . $CONFIG_PATH_PREFIX . "<br>";
+print "DB Name: " . DB_CONFIG_NAME . "<br>";
+print "DB Config: " . \CoreLibs\Debug\Support::printAr(DB_CONFIG) . "<br>";
+
+// error message
+print $log->printErrorMsg();
+
+print "</body></html>";
+
+// __END__

www/admin/class_test.config.link.php

@@ -0,0 +1,59 @@
+<?php // phpcs:ignore warning
+
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
+
+declare(strict_types=1);
+
+$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+$DEBUG_ALL = 1;
+$PRINT_ALL = 1;
+$DB_DEBUG = 1;
+
+if ($DEBUG_ALL) {
+	error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+}
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', false);
+// sample config
+require 'config.php';
+// define log file id
+$LOG_FILE_ID = 'classTest-config-link';
+ob_end_flush();
+
+$log = new CoreLibs\Debug\Logging([
+	'log_folder' => BASE . LOG,
+	'file_id' => $LOG_FILE_ID,
+	// add file date
+	'print_file_date' => true,
+	// set debug and print flags
+	'debug_all' => $DEBUG_ALL ?? false,
+	'echo_all' => $ECHO_ALL ?? false,
+	'print_all' => $PRINT_ALL ?? false,
+]);
+
+$PAGE_NAME = 'TEST CLASS: CONFIG LINK';
+print "<!DOCTYPE html>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
+print "<body>";
+print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
+
+print "DIR: " . DIR . "<br>";
+print "BASE: " . BASE . "<br>";
+print "ROOT: " . ROOT . "<br>";
+print "BASE NAME: " . BASE_NAME . "<br>";
+echo "Config path prefix: " . $CONFIG_PATH_PREFIX . "<br>";
+print "DB Name: " . DB_CONFIG_NAME . "<br>";
+print "DB Config: " . \CoreLibs\Debug\Support::printAr(DB_CONFIG) . "<br>";
+
+// error message
+print $log->printErrorMsg();
+
+print "</body></html>";
+
+// __END__

www/admin/class_test.datetime.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-datetime';
 ob_end_flush();
@@ -44,10 +40,12 @@ $log = new CoreLibs\Debug\Logging([
 ]);
 $datetime_class = 'CoreLibs\Combined\DateTime';
 
+$PAGE_NAME = 'TEST CLASS: DATE/TIME';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: DATE/TIME</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 // class
 $timestamp = 1622788315.123456;

www/admin/class_test.db.php

@@ -39,10 +39,12 @@ $log = new CoreLibs\Debug\Logging([
 $db = new CoreLibs\DB\IO(DB_CONFIG, $log);
 $db->log->debug('START', '=============================>');
 
+$PAGE_NAME = 'TEST CLASS: DB';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: DB</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 print "LOGFILE NAME: " . $db->log->getSetting('log_file_name') . "<br>";
 print "LOGFILE ID: " . $db->log->getSetting('log_file_id') . "<br>";

www/admin/class_test.debug.php

@@ -44,10 +44,12 @@ $debug = new CoreLibs\Debug\Logging([
 $debug_support_class = 'CoreLibs\Debug\Support';
 $debug_logging_class = 'CoreLibs\Debug\Logging';
 
+$PAGE_NAME = 'TEST CLASS: DEBUG';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: DEBUG</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 function test()
 {
@@ -173,6 +175,12 @@ print "GETCALLERCLASS(NON CLASS): " . \CoreLibs\Debug\Support::getCallerClass()
 print "S::FSETFILENAME: " . FileWriter::fsetFilename('class_test_debug_file.log') . "<br>";
 print "S::FDEBUG: " . FileWriter::fdebug('CLASS TEST DEBUG FILE: ' . date('Y-m-d H:i:s')) . "<br>";
 
+// test per level
+$debug->setLogPer('level', true);
+$debug->debug('TEST PER LEVEL', 'Per level test');
+$debug->debug('()', 'Per level test: invalid chars');
+$debug->setLogPer('level', false);
+
 // error message
 // future DEPRECATED
 // $debug->debug('BASIC CLASS', 'Debug test');

www/admin/class_test.email.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-email';
 ob_end_flush();
@@ -43,10 +39,12 @@ $log = new CoreLibs\Debug\Logging([
 	'print_all' => $PRINT_ALL ?? false,
 ]);
 
+$PAGE_NAME = 'TEST CLASS: HTML/ELEMENTS';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: HTML/ELEMENTS</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 // regex get
 print "S::GETEMAILREGEX(0): " . Email::getEmailRegex(0) . "<br>";

www/admin/class_test.encoding.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-encoding';
 ob_end_flush();
@@ -48,10 +44,12 @@ $_chk_enc = new CoreLibs\Check\Encoding();
 $_con_enc = new CoreLibs\Convert\Encoding();
 $chk_enc = 'CoreLibs\Check\Encoding';
 
+$PAGE_NAME = 'TEST CLASS: ENCODING (CHECK/CONVERT/MIME)';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: ENCODING (CHECK/CONVERT/MIME)</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 // print "Valid encoding: ".$log->printAr(mb_list_encodings())."<br>";
 

www/admin/class_test.file.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-datetime';
 ob_end_flush();
@@ -42,10 +38,12 @@ $log = new CoreLibs\Debug\Logging([
 	'print_all' => $PRINT_ALL ?? false,
 ]);
 
+$PAGE_NAME = 'TEST CLASS: FILE';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: FILE</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $file = '/some/path/to/some/file.txt';
 print "GETFILENAMEENDING: $file: " . File::getFilenameEnding($file) . "<br>";

www/admin/class_test.hash.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-hash';
 ob_end_flush();
@@ -45,10 +41,12 @@ $hash_class = 'CoreLibs\Create\Hash';
 
 // define a list of from to color sets for conversion test
 
+$PAGE_NAME = 'TEST CLASS: HASH';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: HASH</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $to_crc = 'Some text block';
 // static

www/admin/class_test.html.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-html';
 ob_end_flush();
@@ -49,10 +45,12 @@ $elements_class = 'CoreLibs\Output\Form\Elements';
 
 // define a list of from to color sets for conversion test
 
+$PAGE_NAME = 'TEST CLASS: HTML/ELEMENTS';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: HTML/ELEMENTS</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $string = "Something < = > Other <br> Next line";
 print "HTMLENT: " . Html::htmlent($string) . ": " . $_html->htmlent($string) . "<br>";

www/admin/class_test.image.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-image';
 ob_end_flush();
@@ -46,10 +42,12 @@ $image_class = 'CoreLibs\Output\Image';
 
 // define a list of from to color sets for conversion test
 
+$PAGE_NAME = 'TEST CLASS: IMAGE';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: IMAGE</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 // thumb sizes
 $thumb_width = 250;

www/admin/class_test.json.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-json';
 ob_end_flush();
@@ -46,10 +42,12 @@ $json_class = 'CoreLibs\Convert\Json';
 
 // define a list of from to color sets for conversion test
 
+$PAGE_NAME = 'TEST CLASS: JSON';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: JSON</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $json = '{"foo": "bar"}';
 $output = Json::jsonConvertToArray($json);

www/admin/class_test.lang.php

@@ -21,18 +21,16 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-lang';
 ob_end_flush();
 
+$PAGE_NAME = 'TEST CLASS: LANG';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: LANG</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 use CoreLibs\Language\L10n;
 use CoreLibs\Debug\Support;

www/admin/class_test.login.php

@@ -0,0 +1,61 @@
+<?php // phpcs:ignore warning
+
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
+
+declare(strict_types=1);
+
+$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+$DEBUG_ALL = 1;
+$PRINT_ALL = 1;
+$DB_DEBUG = 1;
+
+if ($DEBUG_ALL) {
+	error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+}
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', false);
+// sample config
+require 'config.php';
+// define log file id
+$LOG_FILE_ID = 'classTest-login';
+$SET_SESSION_NAME = EDIT_SESSION_NAME;
+// init login & backend class
+$session = new CoreLibs\Create\Session($SET_SESSION_NAME);
+$log = new CoreLibs\Debug\Logging([
+	'log_folder' => BASE . LOG,
+	'file_id' => $LOG_FILE_ID,
+	// add file date
+	'print_file_date' => true,
+	// set debug and print flags
+	'debug_all' => $DEBUG_ALL ?? false,
+	'echo_all' => $ECHO_ALL ?? false,
+	'print_all' => $PRINT_ALL ?? false,
+]);
+$db = new CoreLibs\DB\IO(DB_CONFIG, $log);
+$login = new CoreLibs\ACL\Login($db, $log, $session);
+ob_end_flush();
+
+$PAGE_NAME = 'TEST CLASS: LOGIN';
+print "<!DOCTYPE html>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
+print "<body>";
+print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
+
+echo "CHECK PERMISSION: " . ($login->loginCheckPermissions() ? 'OK' : 'BAD') . "<br>";
+echo "IS ADMIN: " . ($login->loginIsAdmin() ? 'OK' : 'BAD') . "<br>";
+echo "MIN ACCESS BASE: " . ($login->loginCheckAccessBase('admin') ? 'OK' : 'BAD') . "<br>";
+echo "MIN ACCESS PAGE: " . ($login->loginCheckAccessPage('admin') ? 'OK' : 'BAD') . "<br>";
+
+echo "ACL: " . \CoreLibs\Debug\Support::printAr($login->loginGetAcl()) . "<br>";
+echo "ACL (MIN): " . \CoreLibs\Debug\Support::printAr($login->loginGetAcl()['min']) . "<br>";
+
+// error message
+print $log->printErrorMsg();
+
+print "</body></html>";

www/admin/class_test.math.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-math';
 ob_end_flush();
@@ -44,10 +40,12 @@ $math_class = 'CoreLibs\Convert\Math';
 
 // define a list of from to color sets for conversion test
 
+$PAGE_NAME = 'TEST CLASS: MATH';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: MATH</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 print "FCEIL: " . $_math->fceil(5.1234567890, 5) . "<br>";
 print "FLOORP: " . $_math->floorp(5123456, -3) . "<br>";

www/admin/class_test.mime.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-mime';
 ob_end_flush();
@@ -41,10 +37,12 @@ $log = new CoreLibs\Debug\Logging([
 ]);
 $_mime = new CoreLibs\Convert\MimeAppName();
 
+$PAGE_NAME = 'TEST CLASS: MIME';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: MIME</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $mime = 'application/illustrator';
 print "MIME $mime: " . $_mime->mimeGetAppName($mime) . "<br>";

www/admin/class_test.output.form.php

@@ -23,10 +23,6 @@ define('USE_DATABASE', true);
 require 'config.php';
 // override ECHO ALL FALSE
 $ECHO_ALL = true;
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-form';
 ob_end_flush();
@@ -69,10 +65,12 @@ $log = new CoreLibs\Debug\Logging([
 ]);
 $form = new CoreLibs\Output\Form\Generate(DB_CONFIG, $log);
 
+$PAGE_NAME = 'TEST CLASS: FORM GENERATE';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: FORM GENERATE</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 print "MOBILE PHONE: " . $form->mobile_phone . "<br>";
 // sets table array to include

www/admin/class_test.password.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-pass';
 ob_end_flush();
@@ -46,10 +42,12 @@ $password_class = 'CoreLibs\Check\Password';
 
 // define a list of from to color sets for conversion test
 
+$PAGE_NAME = 'TEST CLASS: PASSWORD';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: PASSWORD</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $password = 'something1234';
 $enc_password = $_password->passwordSet($password);

www/admin/class_test.php

@@ -21,14 +21,12 @@ ob_start();
 define('USE_DATABASE', true);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest';
+$SET_SESSION_NAME = EDIT_SESSION_NAME;
 
 // init login & backend class
+$session = new CoreLibs\Create\Session($SET_SESSION_NAME);
 $log = new CoreLibs\Debug\Logging([
 	'log_folder' => BASE . LOG,
 	'file_id' => $LOG_FILE_ID,
@@ -40,14 +38,14 @@ $log = new CoreLibs\Debug\Logging([
 	'print_all' => $PRINT_ALL ?? false,
 ]);
 $db = new CoreLibs\DB\IO(DB_CONFIG, $log);
-$login = new CoreLibs\ACL\Login($db, $log);
+$login = new CoreLibs\ACL\Login($db, $log, $session);
 $locale = \CoreLibs\Language\GetLocale::setLocale();
 $l10n = new \CoreLibs\Language\L10n(
 	$locale['locale'],
 	$locale['domain'],
 	$locale['path'],
 );
-$backend = new CoreLibs\Admin\Backend($db, $log, $l10n, $locale);
+$backend = new CoreLibs\Admin\Backend($db, $log, $session, $l10n, $locale);
 $backend->db->dbInfo(true);
 ob_end_flush();
 
@@ -81,8 +79,13 @@ print '<div><a href="class_test.debug.php">Class Test: DEBUG</a></div>';
 print '<div><a href="class_test.output.form.php">Class Test: OUTPUT FORM</a></div>';
 print '<div><a href="class_test.admin.backend.php">Class Test: BACKEND ADMIN CLASS</a></div>';
 print '<div><a href="class_test.lang.php">Class Test: LANG/L10n</a></div>';
+print '<div><a href="class_test.session.php">Class Test: SESSION</a></div>';
 print '<div><a href="class_test.smarty.php">Class Test: SMARTY</a></div>';
+print '<div><a href="class_test.login.php">Class Test: LOGIN</a></div>';
 print '<div><a href="class_test.autoloader.php">Class Test: AUTOLOADER</a></div>';
+print '<div><a href="class_test.config.link.php">Class Test: CONFIG LINK</a></div>';
+print '<div><a href="class_test.config.direct.php">Class Test: CONFIG DIRECT</a></div>';
+print '<div><a href="subfolder/class_test.config.direct.php">Class Test: CONFIG DIRECT SUB</a></div>';
 
 print "<hr>";
 print "L: " . CoreLibs\Debug\Support::printAr($locale) . "<br>";

www/admin/class_test.phpv.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-phpv';
 ob_end_flush();
@@ -46,10 +42,12 @@ $phpv_class = 'CoreLibs\Check\PhpVersion';
 
 // define a list of from to color sets for conversion test
 
+$PAGE_NAME = 'TEST CLASS: PHP VERSION';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: PHP VERSION</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $min_version_s = '7';
 $min_version_ss = '7.1';

www/admin/class_test.randomkey.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-randomkey';
 ob_end_flush();
@@ -43,10 +39,12 @@ $log = new CoreLibs\Debug\Logging([
 ]);
 $array_class = 'CoreLibs\Create\RandomKey';
 
+$PAGE_NAME = 'TEST CLASS: RANDOM KEY';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: RANDOM KEY</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $key_length = 10;
 $key_length_b = 5;

www/admin/class_test.readenvfile.php

@@ -14,10 +14,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-readEnvFile';
 ob_end_flush();
@@ -34,10 +30,12 @@ $log = new CoreLibs\Debug\Logging([
 ]);
 $ref_class = 'CoreLibs\Get\ReadEnvFile';
 
+$PAGE_NAME = 'TEST CLASS: READ ENV FILE';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: READ ENV FILE</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 print "ALREADY from config.php: " . \CoreLibs\Debug\Support::printAr($_ENV) . "<br>";
 

www/admin/class_test.runningtime.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-runningtime';
 ob_end_flush();
@@ -42,10 +38,12 @@ $log = new CoreLibs\Debug\Logging([
 	'print_all' => $PRINT_ALL ?? false,
 ]);
 
+$PAGE_NAME = 'TEST CLASS: RUNNING TIME';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: RUNNING IMTE</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 RunningTime::hrRunningTime();
 RunningTime::runningTime();

www/admin/class_test.session.php

@@ -0,0 +1,168 @@
+<?php // phpcs:ignore warning
+
+declare(strict_types=1);
+
+$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+$DEBUG_ALL = 1;
+$PRINT_ALL = 1;
+$DB_DEBUG = 1;
+
+if ($DEBUG_ALL) {
+	error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+}
+
+/**
+ * Undocumented function
+ *
+ * @param  int    $status
+ * @return string
+ */
+/** @phan-suppress-next-line PhanRedefineFunction */
+function getSessionStatusString(int $status): string
+{
+	switch ($status) {
+		case PHP_SESSION_DISABLED:
+			$status = 'PHP_SESSION_DISABLED';
+			break;
+		case PHP_SESSION_NONE:
+			$status = 'PHP_SESSION_NONE';
+			break;
+		case PHP_SESSION_ACTIVE:
+			$status = 'PHP_SESSION_ACTIVE';
+			break;
+		default:
+			$status = '[!] UNDEFINED';
+			break;
+	}
+	return $status;
+}
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', false);
+// sample config
+require 'config.php';
+// define log file id
+$LOG_FILE_ID = 'classTest-session';
+ob_end_flush();
+
+$log = new CoreLibs\Debug\Logging([
+	'log_folder' => BASE . LOG,
+	'file_id' => $LOG_FILE_ID,
+	// add file date
+	'print_file_date' => true,
+	// set debug and print flags
+	'debug_all' => $DEBUG_ALL ?? false,
+	'echo_all' => $ECHO_ALL ?? false,
+	'print_all' => $PRINT_ALL ?? false,
+]);
+use CoreLibs\Create\Session;
+$session = new Session();
+
+$PAGE_NAME = 'TEST CLASS: SESSION';
+print "<!DOCTYPE html>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
+print "<body>";
+print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
+
+$session_name = 'class-test-session';
+$var = 'foo';
+$value = 'bar';
+
+foreach (['123', '123-123', '123abc'] as $_session_name) {
+	print "[UNSET] Session Name valid for " . $_session_name . ": "
+		. ($session->checkValidSessionName($_session_name) ? 'Valid' : 'Invalid') . "<br>";
+}
+
+echo "Global session name: " . ($GLOBALS['SET_SESSION_NAME'] ?? '-') . "<br>";
+
+print "[UNSET] Current session id: " . $session->getSessionId() . "<br>";
+print "[UNSET] Current session name: " . $session->getSessionName() . "<br>";
+print "[UNSET] Current session active: " . ($session->checkActiveSession() ? 'Yes' : 'No') . "<br>";
+print "[UNSET] Current session status: " . getSessionStatusString($session->getSessionStatus()) . "<br>";
+if (isset($_SESSION)) {
+	print "[UNSET] _SESSION is: set<br>";
+} else {
+	print "[UNSET] _SESSION is: not set<br>";
+}
+#
+print "[UNSET] To set session name valid: "
+	. ($session->checkValidSessionName($session_name) ? 'Valid' : 'Invalid') . "<br>";
+if (false === ($session_id = $session->startSession($session_name))) {
+	print "[FAILED] Session start failed: " . $session->getErrorStr() . "<br>";
+} else {
+	print "[SET] Current session id: " . $session_id . "<br>";
+}
+// set again
+if (false === ($session_id = $session->startSession($session_name))) {
+	print "[2 FAILED] Session start failed: " . $session->getErrorStr() . "<br>";
+} else {
+	print "[2 SET] Current session id: " . $session_id . "<br>";
+}
+print "[SET] Current session id: " . $session->getSessionId() . "<br>";
+print "[SET] Current session name: " . $session->getSessionName() . "<br>";
+print "[SET] Current session active: " . ($session->checkActiveSession() ? 'Yes' : 'No') . "<br>";
+print "[SET] Current session status: " . getSessionStatusString($session->getSessionStatus()) . "<br>";
+if (isset($_SESSION)) {
+	print "[SET] _SESSION is: set<br>";
+} else {
+	print "[SET] _SESSION is: not set<br>";
+}
+if (!isset($_SESSION['counter'])) {
+	$_SESSION['counter'] = 0;
+}
+$_SESSION['counter']++;
+print "[READ] A " . $var . ": " . ($_SESSION[$var] ?? '{UNSET}') . "<br>";
+$_SESSION[$var] = $value;
+print "[READ] B " . $var . ": " . ($_SESSION[$var] ?? '{UNSET}') . "<br>";
+print "[READ] Confirm " . $var . " is " . $value . ": "
+	. (($_SESSION[$var] ?? '') == $value ? 'Matching' : 'Not matching') . "<br>";
+
+// differnt session name
+$session_name = 'class-test-session-ALT';
+if (false === ($session_id = $session->startSession($session_name))) {
+	print "[3 FAILED] Session start failed: " . $session->getErrorStr() . "<br>";
+} else {
+	print "[3 SET] Current session id: " . $session_id . "<br>";
+}
+print "[SET AGAIN] Current session id: " . $session->getSessionId() . "<br>";
+
+print "[ALL SESSION]: " . \CoreLibs\Debug\Support::printAr($_SESSION) . "<br>";
+
+// close session
+$session->writeClose();
+// will never be written
+$_SESSION['will_never_be_written'] = 'empty';
+
+// open again
+$session_name = 'class-test-session';
+if (false === ($session_id = $session->startSession($session_name))) {
+	print "[4 FAILED] Session start failed: " . $session->getErrorStr() . "<br>";
+} else {
+	print "[4 SET] Current session id: " . $session_id . "<br>";
+}
+print "[START AGAIN] Current session id: " . $session->getSessionId() . "<br>";
+$_SESSION['will_be_written_again'] = 'Full';
+
+// close session
+$session->writeClose();
+// invalid
+$session_name = '123';
+if (false === ($session_id = $session->startSession($session_name))) {
+	print "[5 FAILED] Session start failed: " . $session->getErrorStr() . "<br>";
+} else {
+	print "[5 SET] Current session id: " . $session_id . "<br>";
+}
+print "[BAD NAME] Current session id: " . $session->getSessionId() . "<br>";
+print "[BAD NAME] Current session name: " . $session->getSessionName() . "<br>";
+print "[BAD NAME] Current session active: " . ($session->checkActiveSession() ? 'Yes' : 'No') . "<br>";
+print "[BAD NAME] Current session status: " . getSessionStatusString($session->getSessionStatus()) . "<br>";
+
+// error message
+print $log->printErrorMsg();
+
+print "</body></html>";
+
+// __END__

www/admin/class_test.session.read.php

@@ -0,0 +1,110 @@
+<?php // phpcs:ignore warning
+
+declare(strict_types=1);
+
+$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+$DEBUG_ALL = 1;
+$PRINT_ALL = 1;
+$DB_DEBUG = 1;
+
+if ($DEBUG_ALL) {
+	error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+}
+
+/**
+ * Undocumented function
+ *
+ * @param  int    $status
+ * @return string
+ */
+/** @phan-suppress-next-line PhanRedefineFunction */
+function getSessionStatusString(int $status): string
+{
+	switch ($status) {
+		case PHP_SESSION_DISABLED:
+			$status = 'PHP_SESSION_DISABLED';
+			break;
+		case PHP_SESSION_NONE:
+			$status = 'PHP_SESSION_NONE';
+			break;
+		case PHP_SESSION_ACTIVE:
+			$status = 'PHP_SESSION_ACTIVE';
+			break;
+		default:
+			$status = '[!] UNDEFINED';
+			break;
+	}
+	return $status;
+}
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', false);
+// sample config
+require 'config.php';
+// define log file id
+$LOG_FILE_ID = 'classTest-session.read';
+ob_end_flush();
+
+$log = new CoreLibs\Debug\Logging([
+	'log_folder' => BASE . LOG,
+	'file_id' => $LOG_FILE_ID,
+	// add file date
+	'print_file_date' => true,
+	// set debug and print flags
+	'debug_all' => $DEBUG_ALL ?? false,
+	'echo_all' => $ECHO_ALL ?? false,
+	'print_all' => $PRINT_ALL ?? false,
+]);
+use CoreLibs\Create\Session;
+$session = new Session();
+
+$PAGE_NAME = 'TEST CLASS: SESSION (READ)';
+print "<!DOCTYPE html>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
+print "<body>";
+print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
+
+$session_name = 'class-test-session';
+// $session_name = '';
+$var = 'foo';
+$value = 'bar';
+
+echo "Global session name: " . ($GLOBALS['SET_SESSION_NAME'] ?? '-') . "<br>";
+
+print "[UNSET] Current session id: " . $session->getSessionId() . "<br>";
+print "[UNSET] Current session name: " . $session->getSessionName() . "<br>";
+print "[UNSET] Current session active: " . ($session->checkActiveSession() ? 'Yes' : 'No') . "<br>";
+print "[UNSET] Current session status: " . getSessionStatusString($session->getSessionStatus()) . "<br>";
+
+print "[READ] " . $var . ": " . ($_SESSION[$var] ?? '{UNSET}') . "<br>";
+// start
+if (false === ($session_id = $session->startSession($session_name))) {
+	print "Session start failed: " . $session->getErrorStr() . "<br>";
+} else {
+	print "Current session id: " . $session_id . "<br>";
+}
+// set again
+if (false === ($session_id = $session->startSession($session_name))) {
+	print "[2] Session start failed<br>";
+} else {
+	print "[2] Current session id: " . $session_id . "<br>";
+}
+print "[SET] Current session id: " . $session->getSessionId() . "<br>";
+print "[SET] Current session name: " . $session->getSessionName() . "<br>";
+print "[SET] Current session active: " . ($session->checkActiveSession() ? 'Yes' : 'No') . "<br>";
+print "[SET] Current session status: " . getSessionStatusString($session->getSessionStatus()) . "<br>";
+print "[READ] " . $var . ": " . ($_SESSION[$var] ?? '{UNSET}') . "<br>";
+print "[READ] Confirm " . $var . " is " . $value . ": "
+	. (($_SESSION[$var] ?? '') == $value ? 'Matching' : 'Not matching') . "<br>";
+
+print "[ALL SESSION]: " . \CoreLibs\Debug\Support::printAr($_SESSION) . "<br>";
+
+// error message
+print $log->printErrorMsg();
+
+print "</body></html>";
+
+// __END__

www/admin/class_test.smarty.php

@@ -23,10 +23,6 @@ define('USE_DATABASE', true);
 require 'config.php';
 // override ECHO ALL FALSE
 $ECHO_ALL = true;
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-smarty';
 ob_end_flush();
@@ -49,10 +45,12 @@ $l10n = new \CoreLibs\Language\L10n(
 );
 $smarty = new CoreLibs\Template\SmartyExtend($l10n, $locale);
 
+$PAGE_NAME = 'TEST CLASS: SMARTY';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: SMARTY</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $smarty->DATA['JS_DEBUG'] = DEBUG;
 $smarty->MASTER_TEMPLATE_NAME = 'main_body.tpl';

www/admin/class_test.system.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-system';
 ob_end_flush();
@@ -42,23 +38,31 @@ $log = new CoreLibs\Debug\Logging([
 	'echo_all' => $ECHO_ALL ?? false,
 	'print_all' => $PRINT_ALL ?? false,
 ]);
-$basic = new CoreLibs\Basic($log);
 
+$PAGE_NAME = 'TEST CLASS: SYSTEM';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: SYSTEM</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
+print "System::getHostName():<br>";
 print "GETHOSTNAME: " . DgS::printAr(System::getHostName()) . "<br>";
+print "System::getPageName():<br>";
 print "GETPAGENAME(0): " . System::getPageName() . "<br>";
 print "GETPAGENAME(1): " . System::getPageName(System::NO_EXTENSION) . "<br>";
 print "GETPAGENAME(2): " . System::getPageName(System::FULL_PATH) . "<br>";
+print "System::getPageNameArray():<br>";
 print "GETPAGENAMEARRAY: " . \CoreLibs\Debug\Support::printAr(System::getPageNameArray()) . "<br>";
 // seting errro codes file upload
+print "System::fileUploadErrorMessage():<br>";
 print "FILEUPLOADERRORMESSAGE(): " . System::fileUploadErrorMessage(-1) . "<br>";
 print "FILEUPLOADERRORMESSAGE(UPLOAD_ERR_CANT_WRITE): "
 	. System::fileUploadErrorMessage(UPLOAD_ERR_CANT_WRITE) . "<br>";
 
+print "System::checkCLI():<br>";
+print "Are we in an CLI: " . (System::checkCLI() ? 'Yes' : 'No') . "<br>";
+
 // error message
 print $log->printErrorMsg();
 

www/admin/class_test.token.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-token';
 ob_end_flush();
@@ -42,10 +38,12 @@ $log = new CoreLibs\Debug\Logging([
 $_token = new CoreLibs\Output\Form\Token();
 $token_class = 'CoreLibs\Output\Form\Token';
 
+$PAGE_NAME = 'TEST CLASS: FORM TOKEN';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: FORM TOKEN</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $token = 'test_form_token';
 $token_id = $_token->setFormToken($token);

www/admin/class_test.uids.php

@@ -21,10 +21,6 @@ ob_start();
 define('USE_DATABASE', false);
 // sample config
 require 'config.php';
-// set session name
-if (!defined('SET_SESSION_NAME')) {
-	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
-}
 // define log file id
 $LOG_FILE_ID = 'classTest-uids';
 ob_end_flush();
@@ -43,10 +39,12 @@ $_uids = new CoreLibs\Create\Uids();
 use CoreLibs\Create\Uids;
 $uids_class = 'CoreLibs\Create\Uids';
 
+$PAGE_NAME = 'TEST CLASS: UIDS';
 print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS: UIDS</title><head>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
 print "<body>";
 print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 // class
 print "UUIDV4: " . $_uids->uuidv4() . "<br>";

www/admin/subfolder/class_test.config.direct.php

@@ -0,0 +1,59 @@
+<?php // phpcs:ignore warning
+
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
+
+declare(strict_types=1);
+
+$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+$DEBUG_ALL = 1;
+$PRINT_ALL = 1;
+$DB_DEBUG = 1;
+
+if ($DEBUG_ALL) {
+	error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+}
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', false);
+// sample config
+require '../../configs/config.php';
+// define log file id
+$LOG_FILE_ID = 'classTest-config-direct';
+ob_end_flush();
+
+$log = new CoreLibs\Debug\Logging([
+	'log_folder' => BASE . LOG,
+	'file_id' => $LOG_FILE_ID,
+	// add file date
+	'print_file_date' => true,
+	// set debug and print flags
+	'debug_all' => $DEBUG_ALL ?? false,
+	'echo_all' => $ECHO_ALL ?? false,
+	'print_all' => $PRINT_ALL ?? false,
+]);
+
+$PAGE_NAME = 'TEST CLASS: CONFIG DIRECT SUB';
+print "<!DOCTYPE html>";
+print "<html><head><title>" . $PAGE_NAME . "</title><head>";
+print "<body>";
+print '<div><a href="../class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
+
+print "DIR: " . DIR . "<br>";
+print "BASE: " . BASE . "<br>";
+print "ROOT: " . ROOT . "<br>";
+print "BASE NAME: " . BASE_NAME . "<br>";
+echo "Config path prefix: " . $CONFIG_PATH_PREFIX . "<br>";
+print "DB Name: " . DB_CONFIG_NAME . "<br>";
+print "DB Config: " . \CoreLibs\Debug\Support::printAr(DB_CONFIG) . "<br>";
+
+// error message
+print $log->printErrorMsg();
+
+print "</body></html>";
+
+// __END__

www/configs/config.host.php

@@ -53,7 +53,10 @@ $SITE_CONFIG = [
 		'login_enabled' => true
 	],
 	// 'other.host.com' => $__LOCAL_CONFIG
-	'soba-dev.tequila.jp' => $__LOCAL_CONFIG
+	'soba-dev.tequila.jp' => $__LOCAL_CONFIG,
+	'soba.tequila.jp' => $__LOCAL_CONFIG,
+	'soba.teq.jp' => $__LOCAL_CONFIG,
+	'soba-local.tokyo.tequila.jp' => $__LOCAL_CONFIG,
 ];
 
 // __END__

www/configs/config.master.php

@@ -150,8 +150,6 @@ define('SERVER_PATH_HASH', hash('crc32b', BASE));
 define('EDIT_SESSION_NAME', BASE_NAME . 'Admin' . SERVER_NAME_HASH . SERVER_PATH_HASH);
 // frontend
 define('SESSION_NAME', BASE_NAME . SERVER_NAME_HASH . SERVER_PATH_HASH);
-// SET_SESSION_NAME should be set in the header if a special session name is needed
-define('SET_SESSION_NAME', SESSION_NAME);
 
 /************* CACHE/COMPILE IDS *************/
 define('CACHE_ID', 'CACHE_' . BASE_NAME . '_' . SERVER_NAME_HASH);

www/configs/config.php

@@ -11,44 +11,56 @@
 declare(strict_types=1);
 
 define('CONFIG_PATH', 'configs' . DIRECTORY_SEPARATOR);
-// config path prefix search, start with 0, got down each level __DIR__ has, if nothing found -> bail
+// config path prefix search, start with 0, got down each level __DIR__ has,
+// if nothing found -> bail
 $CONFIG_PATH_PREFIX = '';
+// base path for loads
+$__DIR__PATH = __DIR__ . DIRECTORY_SEPARATOR;
+// don't load autoloader twice
 $end_autoload = false;
-for ($dir_pos = 0, $dir_max = count(explode(DIRECTORY_SEPARATOR, __DIR__)); $dir_pos <= $dir_max; $dir_pos++) {
+for (
+	$dir_pos = 0, $dir_max = count(explode(DIRECTORY_SEPARATOR, __DIR__));
+	$dir_pos <= $dir_max;
+	$dir_pos++
+) {
 	$CONFIG_PATH_PREFIX .= '..' . DIRECTORY_SEPARATOR;
 	if ($end_autoload === false) {
 		/************* AUTO LOADER *******************/
-		// read auto loader for lib only
-		// It is recommended to setup basic composer and use just one auto loader
-		// if (is_file($CONFIG_PATH_PREFIX . 'lib' . DIRECTORY_SEPARATOR . 'autoloader.php')) {
-		// 	require $CONFIG_PATH_PREFIX . 'lib' . DIRECTORY_SEPARATOR . 'autoloader.php';
-		//	$end_autoload = true;
-		// }
-		// composer auto loader, IF composer.json file includes classmap for lib/:
+		// composer auto loader, in composer.json file add classmap for lib/:
 		// "autoload": {
 		// 	"classmap": [
 		// 		"lib/"
 		// 	]
 		// },
-		// NOTE: MUST RUN composer dump-autoload if file/class names are changed or added
-		// load auto loader
-		if (is_file($CONFIG_PATH_PREFIX . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php')) {
-			require $CONFIG_PATH_PREFIX . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
+		// NOTE: MUST RUN composer dump-autoload if file/class names are
+		// changed or new ones are added
+		if (
+			is_file(
+				$__DIR__PATH . $CONFIG_PATH_PREFIX
+					. 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php'
+			)
+		) {
+			require $__DIR__PATH . $CONFIG_PATH_PREFIX
+				. 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
 			$end_autoload = true;
 		}
-		// load enviorment file if it exists
-		\CoreLibs\Get\ReadEnvFile::readEnvFile($CONFIG_PATH_PREFIX . CONFIG_PATH);
 	}
 	/************* MASTER CONFIG *******************/
-	if (is_file($CONFIG_PATH_PREFIX . CONFIG_PATH . 'config.master.php')) {
+	if (
+		is_file($__DIR__PATH . $CONFIG_PATH_PREFIX . CONFIG_PATH . 'config.master.php')
+	) {
+		// load enviorment file if it exists
+		\CoreLibs\Get\ReadEnvFile::readEnvFile(
+			$__DIR__PATH . $CONFIG_PATH_PREFIX . CONFIG_PATH
+		);
 		// load master config file that loads all other config files
-		require $CONFIG_PATH_PREFIX . CONFIG_PATH . 'config.master.php';
+		require $__DIR__PATH . $CONFIG_PATH_PREFIX . CONFIG_PATH . 'config.master.php';
 		break;
 	}
 }
 // fail if no base DIR is not set
 if (!defined('DIR')) {
-	exit('Base config unloadable');
+	exit('Base config could not be loaded');
 }
 // find trigger name "admin/" or "frontend/" in the getcwd() folder
 foreach (['admin', 'frontend'] as $folder) {

www/includes/admin_header.php

@@ -42,11 +42,11 @@ if (isset($_POST['action']) && $_POST['action'] != 'download_csv' && !$AJAX_PAGE
 if ($AJAX_PAGE && !$ZIP_STREAM) {
 	header("Content-Type: application/json; charset=UTF-8");
 }
-// start session
-CoreLibs\Create\Session::startSession();
 //------------------------------ basic variable settings start
 
 //------------------------------ class init start
+// start session
+$session = new \CoreLibs\Create\Session($SET_SESSION_NAME);
 // create logger
 $log = new CoreLibs\Debug\Logging([
 	'log_folder' => BASE . LOG,
@@ -71,7 +71,7 @@ if (
 // db config with logger
 $db = new CoreLibs\DB\IO(DB_CONFIG, $log);
 // login & page access check
-$login = new CoreLibs\ACL\Login($db, $log);
+$login = new CoreLibs\ACL\Login($db, $log, $session);
 // lang, path, domain
 // pre auto detect language after login
 $locale = \CoreLibs\Language\GetLocale::setLocale();
@@ -84,7 +84,7 @@ $l10n = new \CoreLibs\Language\L10n(
 // create smarty object
 $smarty = new CoreLibs\Template\SmartyExtend($l10n, $locale);
 // create new Backend class with db and loger attached
-$cms = new CoreLibs\Admin\Backend($db, $log, $l10n, $locale);
+$cms = new CoreLibs\Admin\Backend($db, $log, $session, $l10n, $locale);
 // the menu show flag (what menu to show)
 $cms->menu_show_flag = 'main';
 // db info

www/includes/edit_base.php

@@ -33,8 +33,6 @@ extract($_POST, EXTR_SKIP);
 
 ob_start();
 require 'config.php';
-// set session name here
-// $SET_SESSION_NAME = EDIT_SESSION_NAME;
 // overrride debug flags
 if (!DEBUG)	{
 	$DEBUG_ALL = false;
@@ -45,8 +43,8 @@ if (!DEBUG)	{
 
 // should be utf8
 header("Content-type: text/html; charset=" . DEFAULT_ENCODING);
-// set session
-\CoreLibs\Create\Session::startSession(EDIT_SESSION_NAME);
+// start session
+$session = new \CoreLibs\Create\Session(EDIT_SESSION_NAME);
 // init logger
 $log = new CoreLibs\Debug\Logging([
 	'log_folder' => BASE . LOG,
@@ -60,7 +58,7 @@ $log = new CoreLibs\Debug\Logging([
 // db connection
 $db = new CoreLibs\DB\IO(DB_CONFIG, $log);
 // login page
-$login = new CoreLibs\ACL\Login($db, $log);
+$login = new CoreLibs\ACL\Login($db, $log, $session);
 // lang, path, domain
 // pre auto detect language after login
 $locale = \CoreLibs\Language\GetLocale::setLocale();
@@ -446,16 +444,15 @@ if ($form->my_page_name == 'edit_order') {
 					$t_q = '';
 					foreach ($output as $output_file) {
 						// split the ouput into folder and file
-						// eg ../admin/test.php is ../admin/ and test.php
-						preg_match("/([\.\/\w]+\/)+(\w+\.\w{1,})$/", $output_file, $matches);
-						// if named config.php, skip
-						if ($matches[2] != 'config.php') {
-							if ($t_q) {
-								$t_q .= ', ';
-							}
-							$t_q .= "('" . $form->dbEscapeString($matches[1]) . "', '"
-								. $form->dbEscapeString($matches[2]) . "')";
+						$pathinfo = pathinfo($output_file);
+						if (!empty($pathinfo['dirname'])) {
+							$pathinfo['dirname'] .= DIRECTORY_SEPARATOR;
 						}
+						if ($t_q) {
+							$t_q .= ', ';
+						}
+						$t_q .= "('" . $form->dbEscapeString($pathinfo['dirname']) . "', '"
+							. $form->dbEscapeString($pathinfo['basename']) . "')";
 					}
 					$form->dbExec($q . $t_q, 'NULL');
 					$elements[] = $form->formCreateElement('filename');

www/lib/CoreLibs/ACL/Login.php

@@ -69,7 +69,6 @@ declare(strict_types=1);
 namespace CoreLibs\ACL;
 
 use CoreLibs\Check\Password;
-use CoreLibs\Create\Session;
 
 class Login
 {
@@ -162,22 +161,30 @@ class Login
 	public $db;
 	/** @var \CoreLibs\Language\L10n language */
 	public $l;
+	/** @var \CoreLibs\Create\Session session class */
+	public $session;
 
 	/**
-	 * constructor, does ALL, opens db, works through connection checks, closes itself
-	 * @param \CoreLibs\DB\IO              $db   Database connection class
-	 * @param \CoreLibs\Debug\Logging      $log  Logging class
+	 * constructor, does ALL, opens db, works through connection checks,
+	 * finishes itself
+	 *
+	 * @param \CoreLibs\DB\IO          $db      Database connection class
+	 * @param \CoreLibs\Debug\Logging  $log     Logging class
+	 * @param \CoreLibs\Create\Session $session Session interface class
 	 */
 	public function __construct(
 		\CoreLibs\DB\IO $db,
-		\CoreLibs\Debug\Logging $log
+		\CoreLibs\Debug\Logging $log,
+		\CoreLibs\Create\Session $session
 	) {
+		// attach db class
+		$this->db = $db;
 		// log login data for this class only
 		$log->setLogPer('class', true);
 		// attach logger
 		$this->log = $log;
-		// attach db class
-		$this->db = $db;
+		// attach session class
+		$this->session = $session;
 		// set internal page name
 		$this->page_name = \CoreLibs\Get\System::getPageName();
 		// set db special errors
@@ -190,22 +197,18 @@ class Login
 		// initial the session if there is no session running already
 		// check if session exists and could be created
 		// TODO: move session creation and check to outside?
-		if (Session::startSession() === false) {
-			echo '<b>Session not started or could not be started!</b><br>'
-				. 'Use \'\CoreLibs\Create\Session::startSession();\'.<br>'
-				. 'For less problems with other session, you can set a '
-				. 'session name with \'\CoreLibs\Create\Session::startSession(\'name\');\'.<br>';
+		if ($this->session->checkActiveSession() === false) {
+			$this->login_error = 1;
+			echo '<b>No active session found</b>';
 			exit;
 		}
 
 		// pre-check that password min/max lengths are inbetween 1 and 255;
 		if ($this->password_max_length > 255) {
-			echo '<b>Settings problem</b> PMaL<br>';
-			exit;
+			$this->password_max_length = 255;
 		}
 		if ($this->password_min_length < 1) {
-			echo '<b>Settings problem</b> PMiL<br>';
-			exit;
+			$this->password_min_length = 1;
 		}
 
 		// set global is ajax page for if we show the data directly,
@@ -267,7 +270,8 @@ class Login
 		// init default ACL list array
 		$_SESSION['DEFAULT_ACL_LIST'] = [];
 		// read the current edit_access_right list into an array
-		$q = "SELECT level, type, name FROM edit_access_right WHERE level >= 0 ORDER BY level";
+		$q = "SELECT level, type, name FROM edit_access_right "
+			. "WHERE level >= 0 ORDER BY level";
 		while (is_array($res = $this->db->dbReturn($q))) {
 			// level to description format (numeric)
 			$this->default_acl_list[$res['level']] = [
@@ -286,7 +290,10 @@ class Login
 		$this->loginLogoutUser();
 		// ** LANGUAGE SET AFTER LOGIN **
 		// set the locale
-		if (Session::getSessionId() !== false && !empty($_SESSION['DEFAULT_LANG'])) {
+		if (
+			$this->session->checkActiveSession() === true &&
+			!empty($_SESSION['DEFAULT_LANG'])
+		) {
 			$locale = $_SESSION['DEFAULT_LOCALE'] ?? '';
 		} else {
 			$locale = defined('SITE_LOCALE') && !empty(SITE_LOCALE) ?
@@ -314,7 +321,8 @@ class Login
 		$this->login_html = $this->loginPrintLogin();
 		// closing all connections, depending on error status, exit
 		if (!$this->loginCloseClass()) {
-			// if variable AJAX flag is not set, show output, else pass through for ajax work
+			// if variable AJAX flag is not set, show output
+			// else pass through for ajax work
 			if ($this->login_is_ajax_page !== true) {
 				// the login screen if we hav no login permission & login screen html data
 				if ($this->login_html !== null) {
@@ -360,8 +368,13 @@ class Login
 		// NO OP
 	}
 
+	// *************************************************************************
+	// **** PRIVATE INTERNAL
+	// *************************************************************************
+
 	/**
 	 * checks if password is valid, sets internal error login variable
+	 *
 	 * @param  string $hash     password hash
 	 * @param  string $password submitted password
 	 * @return bool             true or false on password ok or not
@@ -418,7 +431,9 @@ class Login
 	}
 
 	/**
-	 * if user pressed login button this script is called, but only if there is no preview euid set]
+	 * if user pressed login button this script is called,
+	 * but only if there is no preview euid set
+	 *
 	 * @return void has not return
 	 */
 	private function loginLoginUser(): void
@@ -702,88 +717,6 @@ class Login
 		}
 	}
 
-	/**
-	 * for every page the user access this script checks if he is allowed to do so
-	 * @return bool permission okay as true/false
-	 */
-	public function loginCheckPermissions(): bool
-	{
-		if ($this->euid && $this->login_error != 103) {
-			$q = "SELECT filename "
-				. "FROM edit_page ep, edit_page_access epa, edit_group eg, edit_user eu "
-				. "WHERE ep.edit_page_id = epa.edit_page_id "
-				. "AND eg.edit_group_id = epa.edit_group_id "
-				. "AND eg.edit_group_id = eu.edit_group_id "
-				. "AND eu.edit_user_id = " . $this->euid . " "
-				. "AND filename = '" . $this->page_name . "' "
-				. "AND eg.enabled = 1 AND epa.enabled = 1";
-			$res = $this->db->dbReturnRow($q);
-			if (!is_array($res)) {
-				$this->login_error = 109;
-				$this->permission_okay = false;
-				return $this->permission_okay;
-			}
-			if (isset($res['filename']) && $res['filename'] == $this->page_name) {
-				$this->permission_okay = true;
-			} else {
-				$this->login_error = 103;
-				$this->permission_okay = false;
-			}
-		}
-		// if called from public, so we can check if the permissions are ok
-		return $this->permission_okay;
-	}
-
-	/**
-	 * if a user pressed on logout, destroyes session and unsets all global vars
-	 * @return void has no return
-	 */
-	public function loginLogoutUser(): void
-	{
-		// must be either logout or error
-		if (!$this->logout && !$this->login_error) {
-			return;
-		}
-		// unregister and destroy session vars
-		foreach (
-			// TODO move this into some global array for easier update
-			[
-				'ADMIN',
-				'BASE_ACL_LEVEL',
-				'DB_DEBUG',
-				'DEBUG_ALL',
-				'DEFAULT_ACL_LIST',
-				'DEFAULT_CHARSET',
-				'DEFAULT_LANG',
-				'DEFAULT_LOCALE',
-				'EAID',
-				'EUID',
-				'GROUP_ACL_LEVEL',
-				'GROUP_ACL_TYPE',
-				'GROUP_NAME',
-				'HEADER_COLOR',
-				'LANG',
-				'PAGES_ACL_LEVEL',
-				'PAGES',
-				'TEMPLATE',
-				'UNIT_ACL_LEVEL',
-				'UNIT_DEFAULT',
-				'UNIT',
-				'USER_ACL_LEVEL',
-				'USER_ACL_TYPE',
-				'USER_NAME',
-			] as $session_var
-		) {
-			unset($_SESSION[$session_var]);
-		}
-		// final unset all
-		session_unset();
-		// final destroy session
-		session_destroy();
-		// then prints the login screen again
-		$this->permission_okay = false;
-	}
-
 	/**
 	 * sets all the basic ACLs
 	 * init set the basic acl the user has, based on the following rules
@@ -799,6 +732,7 @@ class Login
 	 * - if an account ACL is set, set this parallel, account ACL overrides user ACL if it applies
 	 * - if edit access ACL level is set, use this, else use page
 	 * set all base ACL levels as a list keyword -> ACL number
+	 *
 	 * @return void has no return
 	 */
 	private function loginSetAcl(): void
@@ -837,10 +771,10 @@ class Login
 		$_SESSION['BASE_ACL_LEVEL'] = $this->acl['base'];
 
 		// set the current page acl
-		// start with default acl
+		// start with base acl
 		// set group if not -1, overrides default
 		// set page if not -1, overrides group set
-		$this->acl['page'] = DEFAULT_ACL_LEVEL;
+		$this->acl['page'] = $this->acl['base'];
 		if ($_SESSION['GROUP_ACL_LEVEL'] != -1) {
 			$this->acl['page'] = $_SESSION['GROUP_ACL_LEVEL'];
 		}
@@ -886,6 +820,7 @@ class Login
 		}
 		// set the default edit access
 		$this->acl['default_edit_access'] = $_SESSION['UNIT_DEFAULT'] ?? null;
+		$this->acl['min'] = [];
 		// integrate the type acl list, but only for the keyword -> level
 		foreach ($this->default_acl_list as $level => $data) {
 			$this->acl['min'][$data['type']] = $level;
@@ -897,25 +832,34 @@ class Login
 	}
 
 	/**
-	 * checks if this edit access id is valid
-	 * @param  int|null $edit_access_id access id pk to check
-	 * @return bool                     true/false: if the edit access is not
-	 *                                  in the valid list: false
+	 * Check if source (page, base) is matching to the given min access string
+	 * min access string must be valid access level string (eg read, mod, write)
+	 * This does not take in account admin flag set
+	 *
+	 * @param  string $source     a valid base level string eg base, page
+	 * @param  string $min_access a valid min level string, eg read, mod, siteadmin
+	 * @return bool               True for valid access, False for invalid
 	 */
-	public function loginCheckEditAccess($edit_access_id): bool
+	public function loginCheckAccess(string $source, string $min_access): bool
 	{
-		if ($edit_access_id === null) {
+		$source = 'base';
+		if (
+			empty($this->acl['min'][$min_access]) ||
+			empty($this->acl[$source])
+		) {
 			return false;
 		}
-		if (array_key_exists($edit_access_id, $this->acl['unit'])) {
+		// phan claims $this->acl['min'] can be null, but above should skip
+		/** @phan-suppress-next-line PhanTypeArraySuspiciousNullable */
+		if ($this->acl[$source] >= $this->acl['min'][$min_access]) {
 			return true;
-		} else {
-			return false;
 		}
+		return false;
 	}
 
 	/**
 	 * checks if the password is in a valid format
+	 *
 	 * @param  string $password the new password
 	 * @return bool             true or false if valid password or not
 	 */
@@ -939,6 +883,7 @@ class Login
 
 	/**
 	 * dummy declare for password forget
+	 *
 	 * @return void has no return
 	 */
 	private function loginPasswordForgot(): void
@@ -946,25 +891,9 @@ class Login
 		// will do some password recovert, eg send email
 	}
 
-	/**
-	 * sets the minium length and checks on valid
-	 * @param  int  $length set the minimum length
-	 * @return bool         true/false on success
-	 */
-	public function loginSetPasswordMinLength(int $length): bool
-	{
-		// check that numeric, positive numeric, not longer than max input string lenght
-		// and not short than min password length
-		if (is_numeric($length) && $length >= PASSWORD_MIN_LENGTH && $length <= $this->password_max_length) {
-			$this->password_min_length = $length;
-			return true;
-		} else {
-			return false;
-		}
-	}
-
 	/**
 	 * changes a user password
+	 *
 	 * @return void has no return
 	 */
 	private function loginPasswordChange(): void
@@ -1065,6 +994,7 @@ class Login
 
 	/**
 	 * prints out login html part if no permission (error) is set
+	 *
 	 * @return string|null html data for login page, or null for nothing
 	 */
 	private function loginPrintLogin()
@@ -1170,6 +1100,7 @@ class Login
 	/**
 	 * last function called, writes log and prints out error msg and
 	 * exists script if permission 0
+	 *
 	 * @return bool true on permission ok, false on permission wrong
 	 */
 	private function loginCloseClass(): bool
@@ -1208,6 +1139,7 @@ class Login
 
 	/**
 	 * checks if there are external templates, if not uses internal fallback ones
+	 *
 	 * @return void has no return
 	 */
 	private function loginSetTemplates(): void
@@ -1389,6 +1321,7 @@ EOM;
 
 	/**
 	 * writes detailed data into the edit user log table (keep log what user does)
+	 *
 	 * @param  string     $event    string of what has been done
 	 * @param  string     $data     data information (id, etc)
 	 * @param  string|int $error    error id (mostly an int)
@@ -1438,7 +1371,7 @@ EOM;
 				$q .= "NULL, ";
 			}
 		}
-		$q .= "'" . Session::getSessionId() . "', ";
+		$q .= "'" . $this->session->getSessionId() . "', ";
 		$q .= "'" . $this->db->dbEscapeString($this->action) . "', ";
 		$q .= "'" . $this->db->dbEscapeString($this->username) . "', ";
 		$q .= "NULL, ";
@@ -1449,8 +1382,186 @@ EOM;
 		$this->db->dbExec($q, 'NULL');
 	}
 
+	// *************************************************************************
+	// **** PUBLIC INTERNAL
+	// *************************************************************************
+
+	/**
+	 * sets the minium length and checks on valid
+	 *
+	 * @param  int  $length set the minimum length
+	 * @return bool         true/false on success
+	 */
+	public function loginSetPasswordMinLength(int $length): bool
+	{
+		// check that numeric, positive numeric, not longer than max input string lenght
+		// and not short than min password length
+		if (is_numeric($length) && $length >= PASSWORD_MIN_LENGTH && $length <= $this->password_max_length) {
+			$this->password_min_length = $length;
+			return true;
+		}
+		return false;
+	}
+
+	/**
+	 * if a user pressed on logout, destroyes session and unsets all global vars
+	 *
+	 * @return void has no return
+	 */
+	public function loginLogoutUser(): void
+	{
+		// must be either logout or error
+		if (!$this->logout && !$this->login_error) {
+			return;
+		}
+		// unregister and destroy session vars
+		foreach (
+			// TODO move this into some global array for easier update
+			[
+				'ADMIN',
+				'BASE_ACL_LEVEL',
+				'DB_DEBUG',
+				'DEBUG_ALL',
+				'DEFAULT_ACL_LIST',
+				'DEFAULT_CHARSET',
+				'DEFAULT_LANG',
+				'DEFAULT_LOCALE',
+				'EAID',
+				'EUID',
+				'GROUP_ACL_LEVEL',
+				'GROUP_ACL_TYPE',
+				'GROUP_NAME',
+				'HEADER_COLOR',
+				'LANG',
+				'PAGES_ACL_LEVEL',
+				'PAGES',
+				'TEMPLATE',
+				'UNIT_ACL_LEVEL',
+				'UNIT_DEFAULT',
+				'UNIT',
+				'USER_ACL_LEVEL',
+				'USER_ACL_TYPE',
+				'USER_NAME',
+			] as $session_var
+		) {
+			unset($_SESSION[$session_var]);
+		}
+		// final unset all
+		session_unset();
+		// final destroy session
+		session_destroy();
+		// then prints the login screen again
+		$this->permission_okay = false;
+	}
+
+	/**
+	 * for every page the user access this script checks if he is allowed to do so
+	 *
+	 * @return bool permission okay as true/false
+	 */
+	public function loginCheckPermissions(): bool
+	{
+		// start with not allowed
+		$this->permission_okay = false;
+		// bail for no euid (no login)
+		if (!$this->euid) {
+			return $this->permission_okay;
+		}
+		// bail for previous wrong page match, eg if method is called twice
+		if ($this->login_error == 103) {
+			return $this->permission_okay;
+		}
+		// if ($this->euid && $this->login_error != 103) {
+		$q = "SELECT filename "
+			. "FROM edit_page ep, edit_page_access epa, edit_group eg, edit_user eu "
+			. "WHERE ep.edit_page_id = epa.edit_page_id "
+			. "AND eg.edit_group_id = epa.edit_group_id "
+			. "AND eg.edit_group_id = eu.edit_group_id "
+			. "AND eu.edit_user_id = " . $this->euid . " "
+			. "AND filename = '" . $this->page_name . "' "
+			. "AND eg.enabled = 1 AND epa.enabled = 1";
+		$res = $this->db->dbReturnRow($q);
+		if (!is_array($res)) {
+			$this->login_error = 109;
+			return $this->permission_okay;
+		}
+		if (isset($res['filename']) && $res['filename'] == $this->page_name) {
+			$this->permission_okay = true;
+		} else {
+			$this->login_error = 103;
+		}
+		// if called from public, so we can check if the permissions are ok
+		return $this->permission_okay;
+	}
+
+	/**
+	 * Return ACL array as is
+	 *
+	 * @return array<mixed>
+	 */
+	public function loginGetAcl(): array
+	{
+		return $this->acl;
+	}
+
+	/**
+	 * checks if this edit access id is valid
+	 *
+	 * @param  int|null $edit_access_id access id pk to check
+	 * @return bool                     true/false: if the edit access is not
+	 *                                  in the valid list: false
+	 */
+	public function loginCheckEditAccess($edit_access_id): bool
+	{
+		if ($edit_access_id === null) {
+			return false;
+		}
+		if (array_key_exists($edit_access_id, $this->acl['unit'])) {
+			return true;
+		}
+		return false;
+	}
+
+	/**
+	 * Check if admin flag is set
+	 *
+	 * @return bool True if admin flag set
+	 */
+	public function loginIsAdmin(): bool
+	{
+		if (!empty($this->acl['admin'])) {
+			return true;
+		}
+		return false;
+	}
+
+	/**
+	 * check if min accesss string (eg, read, mod, etc) is matchable
+	 * EQUAL to BASE set right
+	 *
+	 * @param  string $min_access
+	 * @return bool
+	 */
+	public function loginCheckAccessBase(string $min_access): bool
+	{
+		return $this->loginCheckAccess('base', $min_access);
+	}
+
+	/**
+	 * check if min accesss string (eg, read, mod, etc) is matchable
+	 * EQUAL to PAGE set right
+	 *
+	 * @param  string $min_access
+	 * @return bool
+	 */
+	public function loginCheckAccessPage(string $min_access): bool
+	{
+		return $this->loginCheckAccess('page', $min_access);
+	}
+
 	/**
 	 * checks that the given edit access id is valid for this user
+	 *
 	 * @param  int|null $edit_access_id edit access id to check
 	 * @return int|null                 same edit access id if ok
 	 *                                  or the default edit access id
@@ -1465,14 +1576,14 @@ EOM;
 			!array_key_exists($edit_access_id, $_SESSION['UNIT'])
 		) {
 			return $_SESSION['UNIT_DEFAULT'] ?? null;
-		} else {
-			return $edit_access_id;
 		}
+		return $edit_access_id;
 	}
 
 	/**
 	 * retunrn a set entry from the UNIT session for an edit access_id
 	 * if not found return false
+	 *
 	 * @param  int        $edit_access_id edit access id
 	 * @param  string|int $data_key       key value to search for
 	 * @return bool|string                false for not found or string for found data
@@ -1481,9 +1592,8 @@ EOM;
 	{
 		if (!isset($_SESSION['UNIT'][$edit_access_id]['data'][$data_key])) {
 			return false;
-		} else {
-			return $_SESSION['UNIT'][$edit_access_id]['data'][$data_key];
 		}
+		return $_SESSION['UNIT'][$edit_access_id]['data'][$data_key];
 	}
 	// close class
 }

www/lib/CoreLibs/Admin/Backend.php

@@ -101,6 +101,8 @@ class Backend
 	public $db;
 	/** @var \CoreLibs\Language\L10n language */
 	public $l;
+	/** @var \CoreLibs\Create\Session session class */
+	public $session;
 	// smarty publics [end processing in smarty class]
 	/** @var array<mixed> */
 	public $DATA;
@@ -114,23 +116,27 @@ class Backend
 	// CONSTRUCTOR / DECONSTRUCTOR |====================================>
 	/**
 	 * main class constructor
-	 * @param \CoreLibs\DB\IO         $db     Database connection class
-	 * @param \CoreLibs\Debug\Logging $log    Logging class
-	 * @param \CoreLibs\Language\L10n $l10n   l10n language class
-	 * @param array<string,string>    $locale locale data read from setLocale
+	 * @param \CoreLibs\DB\IO          $db      Database connection class
+	 * @param \CoreLibs\Debug\Logging  $log     Logging class
+	 * @param \CoreLibs\Create\Session $session Session interface class
+	 * @param \CoreLibs\Language\L10n  $l10n    l10n language class
+	 * @param array<string,string>     $locale  locale data read from setLocale
 	 */
 	public function __construct(
 		\CoreLibs\DB\IO $db,
 		\CoreLibs\Debug\Logging $log,
+		\CoreLibs\Create\Session $session,
 		\CoreLibs\Language\L10n $l10n,
 		array $locale
 	) {
+		// attach db class
+		$this->db = $db;
 		// set to log not per class
 		$log->setLogPer('class', false);
 		// attach logger
 		$this->log = $log;
-		// attach db class
-		$this->db = $db;
+		// attach session class
+		$this->session = $session;
 		// get the language sub class & init it
 		$this->l = $l10n;
 		// parse and read, legacy stuff
@@ -232,9 +238,9 @@ class Backend
 			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT'] ?? '') . "', "
 			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT_CHARSET'] ?? '') . "', "
 			. "'" . $this->db->dbEscapeString($_SERVER['HTTP_ACCEPT_ENCODING'] ?? '') . "', "
-			. (\CoreLibs\Create\Session::getSessionId() === false ?
+			. ($this->session->getSessionId() === false ?
 				"NULL" :
-				"'" . \CoreLibs\Create\Session::getSessionId() . "'")
+				"'" . $this->session->getSessionId() . "'")
 			. ", "
 			. "'" . $this->db->dbEscapeString($this->action) . "', "
 			. "'" . $this->db->dbEscapeString($this->action_id) . "', "

www/lib/CoreLibs/Basic.php

@@ -66,6 +66,8 @@ class Basic
 	// logging interface, Debug\Logging class
 	/** @var \CoreLibs\Debug\Logging */
 	public $log;
+	/** @var\CoreLibs\Create\Session */
+	public $session;
 
 	// email valid checks
 	/** @var array<mixed> */
@@ -85,11 +87,13 @@ class Basic
 	 * main Basic constructor to init and check base settings
 	 * @param \CoreLibs\Debug\Logging|null $log Logging class
 	 * @param string|null $session_name Set session name
+	 * @deprecated DO NOT USE Class\Basic anymore. Use dedicated logger and sub classes
 	 */
 	public function __construct(
 		\CoreLibs\Debug\Logging $log = null,
 		?string $session_name = null
 	) {
+		trigger_error('Class \CoreLibs\Basic is deprected', E_USER_DEPRECATED);
 		// TODO make check dynamic for entries we MUST have depending on load type
 		// before we start any work, we should check that all MUST constants are defined
 		$abort = false;
@@ -146,7 +150,7 @@ class Basic
 		$this->email_regex_check = \CoreLibs\Check\Email::getEmailRegexCheck();
 
 		// initial the session if there is no session running already
-		\CoreLibs\Create\Session::startSession($session_name);
+		$this->session = new \CoreLibs\Create\Session($session_name ?? '');
 	}
 
 	/**

www/lib/CoreLibs/Create/Session.php

@@ -6,10 +6,7 @@
  * start a php sesseion
  * name can be given via startSession parameter
  * if not set tries to read $SET_SESSION_NAME from global
- * if this is not set tries to read SET_SESSION_NAME constant
- *
- * TODO: add _SESSION write unset
- * TODO: add session close down with all _SESSION vars unset
+ * else will use default set in php.ini
  */
 
 declare(strict_types=1);
@@ -18,57 +15,113 @@ namespace CoreLibs\Create;
 
 class Session
 {
+	/** @var string list for errors*/
+	private $error_str = '';
+
 	/**
-	 * init a session
+	 * init a session, if array is empty or array does not have session_name set
+	 * then no auto init is run
+	 *
+	 * @param string $session_name if set and not empty, will start session
 	 */
-	public function __construct()
+	public function __construct(string $session_name = '')
 	{
+		if (!empty($session_name)) {
+			$this->startSession($session_name);
+		}
 	}
 
 	/**
-	 * Undocumented function
+	 * check if we are in CLI, we set this, so we can mock this too
+	 *
+	 * @return bool
+	 */
+	private function checkCLI(): bool
+	{
+		return \CoreLibs\Get\System::checkCLI();
+	}
+
+	/**
+	 * Return set error string, empty if none set
+	 *
+	 * @return string Last error string
+	 */
+	public function getErrorStr(): string
+	{
+		return $this->error_str;
+	}
+
+	/**
+	 * check if session name is valid
+	 *
+	 * As from PHP 8.1/8.0/7.4 error
+	 * INVALID CHARS: =,; \t\r\n\013\014
+	 * NOTE: using . will fail even thought valid
+	 * we allow only alphanumeric with - (dash) and 1 to 128 characters
+	 *
+	 * @param  string $session_name any string, not null
+	 * @return bool                 True for valid, False for invalid
+	 */
+	public static function checkValidSessionName(string $session_name): bool
+	{
+		// check
+		if (
+			// must only have those
+			!preg_match('/^[-a-zA-Z0-9]{1,128}$/', $session_name) ||
+			// cannot be only numbers
+			preg_match('/^[0-9]+$/', $session_name)
+		) {
+			return false;
+		}
+		return true;
+	}
+
+	/**
+	 * start session with given session name if set
+	 * aborts on command line or if sessions are not enabled
+	 * also aborts if session cannot be started
+	 * On sucess returns the session id
 	 *
 	 * @param string|null $session_name
 	 * @return string|bool
 	 */
-	public static function startSession(?string $session_name = null)
+	public function startSession(?string $session_name = null)
 	{
 		// we can't start sessions on command line
-		if (php_sapi_name() === 'cli') {
+		if ($this->checkCLI()) {
+			$this->error_str = '[SESSION] No sessions in php cli';
 			return false;
 		}
 		// if session are OFF
-		if (self::getSessionStatus() === PHP_SESSION_DISABLED) {
+		if ($this->getSessionStatus() === PHP_SESSION_DISABLED) {
+			$this->error_str = '[SESSION] Sessions are disabled';
 			return false;
 		}
 		// session_status
 		// initial the session if there is no session running already
-		if (!self::checkActiveSession()) {
+		if (!$this->checkActiveSession()) {
 			// if session name is emtpy, check if there is a global set
 			// this is a deprecated fallback
 			$session_name = $session_name ?? $GLOBALS['SET_SESSION_NAME'] ?? '';
-			// check if we have an external session name given, else skip this step
-			// this is a deprecated fallback
-			if (
-				empty($session_name) &&
-				defined('SET_SESSION_NAME') &&
-				!empty(SET_SESSION_NAME)
-			) {
-				// set the session name for possible later check
-				$session_name = SET_SESSION_NAME;
-			}
+			// DEPRECTED: constant SET_SESSION_NAME is no longer used
 			// if set, set special session name
 			if (!empty($session_name)) {
+				// invalid session name, abort
+				if (!$this->checkValidSessionName($session_name)) {
+					$this->error_str = '[SESSION] Invalid session name: ' . $session_name;
+					return false;
+				}
 				session_name($session_name);
 			}
 			// start session
 			session_start();
 		}
 		// if we still have no active session
-		if (!self::checkActiveSession()) {
+		if (!$this->checkActiveSession()) {
+			$this->error_str = '[SESSION] Failed to activate session';
 			return false;
 		}
-		return self::getSessionId();
+		return $this->getSessionId();
 	}
 
 	/**
@@ -76,7 +129,7 @@ class Session
 	 *
 	 * @return string|bool
 	 */
-	public static function getSessionId()
+	public function getSessionId()
 	{
 		return session_id();
 	}
@@ -86,7 +139,7 @@ class Session
 	 *
 	 * @return string|bool
 	 */
-	public static function getSessionName()
+	public function getSessionName()
 	{
 		return session_name();
 	}
@@ -95,17 +148,30 @@ class Session
 	 * Checks if there is an active session.
 	 * Does not check if we can have a session
 	 *
-	 * @return boolean True if there is an active session, else false
+	 * @return bool True if there is an active session, else false
 	 */
-	public static function checkActiveSession(): bool
+	public function checkActiveSession(): bool
 	{
-		if (self::getSessionStatus() === PHP_SESSION_ACTIVE) {
+		if ($this->getSessionStatus() === PHP_SESSION_ACTIVE) {
 			return true;
 		} else {
 			return false;
 		}
 	}
 
+	/**
+	 * unlock the session file, so concurrent AJAX requests can be done
+	 * NOTE: after this has been called, no changes in _SESSION will be stored
+	 * NOTE: a new session with a different name can be started after this one is called
+	 * if problem, run ob_flush() and flush() too
+	 *
+	 * @return bool True und sucess, false on failure
+	 */
+	public function writeClose(): bool
+	{
+		return session_write_close();
+	}
+
 	/**
 	 * get session status
 	 * PHP_SESSION_DISABLED if sessions are disabled.
@@ -116,7 +182,7 @@ class Session
 	 *
 	 * @return int
 	 */
-	public static function getSessionStatus(): int
+	public function getSessionStatus(): int
 	{
 		return session_status();
 	}

www/lib/CoreLibs/DB/Extended/ArrayIO.php

@@ -43,7 +43,7 @@ class ArrayIO extends \CoreLibs\DB\IO
 	/** @var string */
 	public $table_name; // the table_name
 	/** @var string */
-	public $pk_name; // the primary key from this table
+	public $pk_name = ''; // the primary key from this table
 	/** @var int|string|null */
 	public $pk_id; // the PK id
 

www/lib/CoreLibs/DB/SQL/PgSQL.php

@@ -604,7 +604,7 @@ class PgSQL implements \CoreLibs\DB\SQL\SqlInterface\SqlFunctions
 			return '';
 		}
 		// extract element
-		$return_string = pg_version($this->dbh)[$parameter] ?? '';
+		$return_string = (string)(pg_version($this->dbh)[$parameter] ?? '');
 		// for version, strip if requested
 		if (
 			in_array($parameter, ['server']) &&

www/lib/CoreLibs/Debug/Logging.php

@@ -365,7 +365,18 @@ class Logging
 		}
 		$fn = str_replace('##DATE##', $rpl_string, $fn); // create output filename
 
-		$rpl_string = !$this->log_per_level ? '' : '_' . $level; // if request to write to one file
+		// write per level
+		$rpl_string = !$this->log_per_level ? '' :
+			// normalize level, replace all non alphanumeric characters with -
+			'_' . (
+				// if return is only - then set error string
+				preg_match(
+					"/^-+$/",
+					$level_string = preg_replace("/[^A-Za-z0-9-_]/", '-', $level) ?? ''
+				) ?
+					'INVALID-LEVEL-STRING' :
+					$level_string
+			);
 		$fn = str_replace('##LEVEL##', $rpl_string, $fn); // create output filename
 		// set per class, but don't use get_class as we will only get self
 		$rpl_string = !$this->log_per_class ? '' : '_'

www/lib/CoreLibs/Get/System.php

@@ -94,6 +94,24 @@ class System
 	{
 		return pathinfo($_SERVER['PHP_SELF']);
 	}
+
+	/**
+	 * Check if the php sapi interface has cli inside
+	 *
+	 * @return bool True for CLI type PHP, else false
+	 */
+	public static function checkCLI(): bool
+	{
+		return substr(
+			// if return is false, use empty string
+			(($sapi_name = php_sapi_name()) === false ?
+				'' :
+				$sapi_name
+			),
+			0,
+			3
+		) === 'cli' ? true : false;
+	}
 }
 
 // __END__

www/lib/Error.Handling.php

@@ -32,7 +32,8 @@ function MyErrorHandler(
 	int $line,
 	array $context = []
 ): bool {
-	if (!(error_reporting() & $type) && SHOW_ALL_ERRORS == false) {
+	/** @phpstan-ignore-next-line cannot check show all errors constant */
+	if (!(error_reporting() & $type) && SHOW_ALL_ERRORS === false) {
 		// This error code is not included in error_reporting
 		return false;
 	}