phan/phpstan fixes

Add testsuits for default run
Fix wording in testdox
add a fallback in the Debugging Support test suit

.phan/config.php

@@ -27,7 +27,7 @@ use Phan\Config;
 
 return [
 	// "target_php_version" => "8.2",
-	"minimum_target_php_version" => "8.1",
+	"minimum_target_php_version" => "8.2",
 	// turn color on (-C)
 	"color_issue_messages_if_supported" => true,
 	// If true, missing properties will be created when

4dev/composer/sync-to-composer-all-folder.sh

@@ -13,7 +13,7 @@ if [ "${GO}" != "go" ]; then
 fi;
 
 BASE="/storage/var/www/html/developers/clemens/core_data/";
-SOURCE="${BASE}php_libraries/trunk/"
+SOURCE="${BASE}php_libraries/master/"
 TARGET="${BASE}composer-packages/CoreLibs-Composer-All/"
 
 rsync ${DRY_RUN}-Plzvrupt --stats --delete ${SOURCE}4dev/tests/ ${TARGET}test/phpunit/

4dev/database/function/set_date.sql

@@ -5,9 +5,9 @@ RETURNS TRIGGER AS
 $$
 BEGIN
     IF TG_OP = 'INSERT' THEN
-        NEW.date_created := 'now';
+        NEW.date_created := clock_timestamp();
     ELSIF TG_OP = 'UPDATE' THEN
-        NEW.date_updated := 'now';
+        NEW.date_updated := clock_timestamp();
     END IF;
     RETURN NEW;
 END;

4dev/database/function/set_edit_generic.sql

@@ -7,10 +7,11 @@ DECLARE
     random_length INT = 25; -- that should be long enough
 BEGIN
     IF TG_OP = 'INSERT' THEN
-        NEW.date_created := 'now';
+        NEW.date_created := clock_timestamp();
         NEW.cuid := random_string(random_length);
+        NEW.cuuid := gen_random_uuid();
     ELSIF TG_OP = 'UPDATE' THEN
-        NEW.date_updated := 'now';
+        NEW.date_updated := clock_timestamp();
     END IF;
     RETURN NEW;
 END;

4dev/database/function/set_generic_uid.sql

@@ -8,12 +8,12 @@ DECLARE
     random_length INT = 32; -- long for massive data
 BEGIN
     IF TG_OP = 'INSERT' THEN
-        NEW.date_created := 'now';
+        NEW.date_created := clock_timestamp();
         IF NEW.uid IS NULL THEN
             NEW.uid := random_string(random_length);
         END IF;
     ELSIF TG_OP = 'UPDATE' THEN
-        NEW.date_updated := 'now';
+        NEW.date_updated := clock_timestamp();
     END IF;
     RETURN NEW;
 END;

4dev/database/function/update_function.sql

@@ -1,19 +0,0 @@
--- adds the created or updated date tags
-
--- OLD, DEPRECATED, use set_generic.sql
-
--- CREATE OR REPLACE FUNCTION set_generic()
--- RETURNS TRIGGER AS
--- $$
--- BEGIN
---     IF TG_OP = 'INSERT' THEN
---         NEW.date_created := clock_timestamp();
---         NEW.user_created := current_user;
---     ELSIF TG_OP = 'UPDATE' THEN
---         NEW.date_updated := clock_timestamp();
---         NEW.user_updated := current_user;
---     END IF;
---     RETURN NEW;
--- END;
--- $$
--- LANGUAGE 'plpgsql';

4dev/database/function/upgrade_serial_to_identity.sql

@@ -0,0 +1,110 @@
+-- Upgrade serial to identity type
+--
+-- Original: https://www.enterprisedb.com/blog/postgresql-10-identity-columns-explained#section-6
+--
+-- @param reclass tbl The table where the column is located, prefix with 'schema.' if different schema
+-- @param name col The column to be changed
+-- @param varchar identity_type [default=a] Allowed a, d, assigned, default
+-- @param varchar col_type [default=''] Allowed smallint, int, bigint, int2, int4, int8
+-- @returns varchar status tring
+-- @raises EXCEPTON on column not found, no linked sequence, more than one linked sequence found, invalid col type
+--
+CREATE OR REPLACE FUNCTION upgrade_serial_to_identity(
+    tbl regclass,
+    col name,
+    identity_type varchar = 'a',
+    col_type varchar = ''
+)
+RETURNS varchar
+LANGUAGE plpgsql
+AS $$
+DECLARE
+    colnum SMALLINT;
+    seqid OID;
+    count INT;
+    col_type_oid INT;
+    col_type_len INT;
+    current_col_atttypid OID;
+    current_col_attlen INT;
+    status_string VARCHAR;
+BEGIN
+    -- switch between always (default) or default identiy type
+    IF identity_type NOT IN ('a', 'd', 'assigned', 'default') THEN
+        identity_type := 'a';
+    ELSE
+        IF identity_type = 'default' THEN
+            identity_type := 'd';
+        ELSIF identity_type = 'assigned' THEN
+            identity_type := 'a';
+        END IF;
+    END IF;
+    -- find column number, attribute oid and attribute len
+    SELECT attnum, atttypid, attlen
+        INTO colnum, current_col_atttypid, current_col_attlen
+        FROM pg_attribute
+        WHERE attrelid = tbl AND attname = col;
+    IF NOT FOUND THEN
+        RAISE EXCEPTION 'column does not exist';
+    END IF;
+
+    -- find sequence
+    SELECT INTO seqid objid
+        FROM pg_depend
+        WHERE (refclassid, refobjid, refobjsubid) = ('pg_class'::regclass, tbl, colnum)
+            AND classid = 'pg_class'::regclass AND objsubid = 0
+            AND deptype = 'a';
+
+    GET DIAGNOSTICS count = ROW_COUNT;
+    IF count < 1 THEN
+        RAISE EXCEPTION 'no linked sequence found';
+    ELSIF count > 1 THEN
+        RAISE EXCEPTION 'more than one linked sequence found';
+    END IF;
+
+    IF col_type <> '' AND col_type NOT IN ('smallint', 'int', 'bigint', 'int2', 'int4', 'int8') THEN
+        RAISE EXCEPTION 'Invalid col type: %', col_type;
+    END IF;
+
+    -- drop the default
+    EXECUTE 'ALTER TABLE ' || tbl || ' ALTER COLUMN ' || quote_ident(col) || ' DROP DEFAULT';
+
+    -- change the dependency between column and sequence to internal
+    UPDATE pg_depend
+        SET deptype = 'i'
+        WHERE (classid, objid, objsubid) = ('pg_class'::regclass, seqid, 0)
+            AND deptype = 'a';
+
+    -- mark the column as identity column
+    UPDATE pg_attribute
+        -- set to 'd' for default
+        SET attidentity = identity_type
+        WHERE attrelid = tbl
+            AND attname = col;
+    status_string := 'Updated to identity for table "' || tbl || '" and columen "' || col || '" with type "' || identity_type || '"';
+
+    -- set type if requested and not empty
+    IF col_type <> '' THEN
+        -- rewrite smallint, int, bigint
+        IF col_type = 'smallint' THEN
+            col_type := 'int2';
+        ELSIF col_type = 'int' THEN
+            col_type := 'int4';
+        ELSIF col_type = 'bigint' THEN
+            col_type := 'int8';
+        END IF;
+        -- get the length and oid for selected
+        SELECT oid, typlen INTO col_type_oid, col_type_len FROM pg_type WHERE typname = col_type;
+        -- set only if diff or hight
+        IF current_col_atttypid <> col_type_oid AND col_type_len > current_col_attlen THEN
+            status_string := status_string || '. Change col type: ' || col_type;
+            -- update type
+            UPDATE pg_attribute
+                SET
+                    atttypid = col_type_oid, attlen = col_type_len
+                WHERE attrelid = tbl
+                    AND attname = col;
+        END IF;
+    END IF;
+    RETURN status_string;
+END;
+$$;

4dev/database/table/edit_access.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_access;
 CREATE TABLE edit_access (
-    edit_access_id SERIAL PRIMARY KEY,
+    edit_access_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     enabled SMALLINT NOT NULL DEFAULT 0,
     protected SMALLINT DEFAULT 0,
     deleted SMALLINT DEFAULT 0,

4dev/database/table/edit_access_data.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_access_data;
 CREATE TABLE edit_access_data (
-    edit_access_data_id SERIAL PRIMARY KEY,
+    edit_access_data_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     edit_access_id INT NOT NULL,
     FOREIGN KEY (edit_access_id) REFERENCES edit_access (edit_access_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
     enabled SMALLINT NOT NULL DEFAULT 0,

4dev/database/table/edit_access_right.sql

@@ -8,7 +8,7 @@
 
 -- DROP TABLE edit_access_right;
 CREATE TABLE edit_access_right (
-    edit_access_right_id SERIAL PRIMARY KEY,
+    edit_access_right_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     name VARCHAR,
     level SMALLINT,
     type VARCHAR,

4dev/database/table/edit_access_user.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_access_user;
 CREATE TABLE edit_access_user (
-    edit_access_user_id SERIAL PRIMARY KEY,
+    edit_access_user_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     edit_access_id INT NOT NULL,
     FOREIGN KEY (edit_access_id) REFERENCES edit_access (edit_access_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
     edit_user_id INT NOT NULL,

4dev/database/table/edit_generic.sql

@@ -8,6 +8,7 @@
 -- DROP TABLE edit_generic;
 CREATE TABLE edit_generic (
     cuid VARCHAR,
+    cuuid UUID DEFAULT gen_random_uuid(),
     date_created TIMESTAMP WITHOUT TIME ZONE DEFAULT clock_timestamp(),
     date_updated TIMESTAMP WITHOUT TIME ZONE
 );

4dev/database/table/edit_group.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_group;
 CREATE TABLE edit_group (
-    edit_group_id SERIAL PRIMARY KEY,
+    edit_group_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     edit_scheme_id INT,
     FOREIGN KEY (edit_scheme_id) REFERENCES edit_scheme (edit_scheme_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
     edit_access_right_id INT NOT NULL,

4dev/database/table/edit_language.sql

@@ -8,7 +8,7 @@
 
 -- DROP TABLE edit_language;
 CREATE TABLE edit_language (
-    edit_language_id SERIAL PRIMARY KEY,
+    edit_language_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     enabled SMALLINT NOT NULL DEFAULT 0,
     lang_default SMALLINT NOT NULL DEFAULT 0,
     long_name VARCHAR,

4dev/database/table/edit_log.sql

@@ -7,35 +7,54 @@
 
 -- DROP TABLE edit_log;
 CREATE TABLE edit_log (
-    edit_log_id SERIAL PRIMARY KEY,
+    edit_log_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     euid INT, -- this is a foreign key, but I don't nedd to reference to it
     FOREIGN KEY (euid) REFERENCES edit_user (edit_user_id) MATCH FULL ON UPDATE CASCADE ON DELETE SET NULL,
-    username VARCHAR,
-    password VARCHAR,
+    ecuid VARCHAR,
+    ecuuid UUID, -- this is the one we want to use, full UUIDv4 from the edit user table
+    -- date_created equal, but can be overridden
     event_date TIMESTAMP WITHOUT TIME ZONE DEFAULT CURRENT_TIMESTAMP,
-    ip VARCHAR,
+    -- session ID if set
+    session_id VARCHAR,
+    -- username
+    username VARCHAR,
+    -- DEPRECATED [password]
+    password VARCHAR,
+    ip_address JSONB, -- REMOTE_IP and all other IPs (X_FORWARD, etc) as JSON block
+    -- DEPRECATED [ip]
+    ip VARCHAR, -- just the REMOTE_IP, full set see ip_address
+    -- string blocks, general
     error TEXT,
     event TEXT,
+    -- bytea or string type storage of any data
     data_binary BYTEA,
     data TEXT,
+    -- set page name only
     page VARCHAR,
-    action VARCHAR,
-    action_id VARCHAR,
-    action_yes VARCHAR,
-    action_flag VARCHAR,
-    action_menu VARCHAR,
-    action_loaded VARCHAR,
-    action_value VARCHAR,
-    action_type VARCHAR,
-    action_error VARCHAR,
+    -- various info data sets
     user_agent VARCHAR,
     referer VARCHAR,
     script_name VARCHAR,
     query_string VARCHAR,
+    request_scheme VARCHAR, -- http or https
     server_name VARCHAR,
     http_host VARCHAR,
-    http_accept VARCHAR,
-    http_accept_charset VARCHAR,
-    http_accept_encoding VARCHAR,
-    session_id VARCHAR
+    http_data JSONB,
+    -- DEPRECATED [http*]
+    http_accept VARCHAR, -- in http_data
+    http_accept_charset VARCHAR, -- in http_data
+    http_accept_encoding VARCHAR, -- in http_data
+    -- any action var, -> same set in action_data as JSON
+    action_data JSONB,
+    -- DEPRECATED [action*]
+    action VARCHAR, -- in action_data
+    action_id VARCHAR, -- in action_data
+    action_sub_id VARCHAR, -- in action_data
+    action_yes VARCHAR, -- in action_data
+    action_flag VARCHAR, -- in action_data
+    action_menu VARCHAR, -- in action_data
+    action_loaded VARCHAR, -- in action_data
+    action_value VARCHAR, -- in action_data
+    action_type VARCHAR, -- in action_data
+    action_error VARCHAR -- in action_data
 ) INHERITS (edit_generic) WITHOUT OIDS;

4dev/database/table/edit_menu_group.sql

@@ -7,10 +7,8 @@
 
 -- DROP TABLE edit_menu_group;
 CREATE TABLE edit_menu_group (
-    edit_menu_group_id SERIAL PRIMARY KEY,
+    edit_menu_group_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     name VARCHAR,
     flag VARCHAR,
     order_number INT NOT NULL
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-

4dev/database/table/edit_page.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_page;
 CREATE TABLE edit_page (
-    edit_page_id SERIAL PRIMARY KEY,
+    edit_page_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     content_alias_edit_page_id INT, -- alias for page content, if the page content is defined on a different page, ege for ajax backend pages
     FOREIGN KEY (content_alias_edit_page_id) REFERENCES edit_page (edit_page_id) MATCH FULL ON DELETE RESTRICT ON UPDATE CASCADE,
     filename VARCHAR,

4dev/database/table/edit_page_access.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_page_access;
 CREATE TABLE edit_page_access (
-    edit_page_access_id SERIAL PRIMARY KEY,
+    edit_page_access_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     edit_group_id INT NOT NULL,
     FOREIGN KEY (edit_group_id) REFERENCES edit_group (edit_group_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
     edit_page_id INT NOT NULL,
@@ -16,5 +16,3 @@ CREATE TABLE edit_page_access (
     FOREIGN KEY (edit_access_right_id) REFERENCES edit_access_right (edit_access_right_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
     enabled SMALLINT NOT NULL DEFAULT 0
 ) INHERITS (edit_generic) WITHOUT OIDS;
-
-

4dev/database/table/edit_page_content.sql

@@ -8,7 +8,7 @@
 
 -- DROP TABLE edit_page_content;
 CREATE TABLE edit_page_content (
-    edit_page_content_id SERIAL PRIMARY KEY,
+    edit_page_content_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     edit_page_id INT NOT NULL,
     FOREIGN KEY (edit_page_id) REFERENCES edit_page (edit_page_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
     edit_access_right_id INT NOT NULL,

4dev/database/table/edit_query_string.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_query_string;
 CREATE TABLE edit_query_string (
-    edit_query_string_id SERIAL PRIMARY KEY,
+    edit_query_string_id SERIAINT GENERATED ALWAYS AS IDENTITYL PRIMARY KEY,
     edit_page_id INT NOT NULL,
     FOREIGN KEY (edit_page_id) REFERENCES edit_page (edit_page_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
     enabled SMALLINT NOT NULL DEFAULT 0,

4dev/database/table/edit_scheme.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_scheme;
 CREATE TABLE edit_scheme (
-    edit_scheme_id SERIAL PRIMARY KEY,
+    edit_scheme_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     enabled SMALLINT NOT NULL DEFAULT 0,
     name VARCHAR,
     header_color VARCHAR,

4dev/database/table/edit_user.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_user;
 CREATE TABLE edit_user (
-    edit_user_id SERIAL PRIMARY KEY,
+    edit_user_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     connect_edit_user_id INT, -- possible reference to other user
     FOREIGN KEY (connect_edit_user_id) REFERENCES edit_user (edit_user_id) MATCH FULL ON DELETE CASCADE ON UPDATE CASCADE,
     edit_language_id INT NOT NULL,
@@ -35,11 +35,10 @@ CREATE TABLE edit_user (
     strict SMALLINT DEFAULT 0,
     locked SMALLINT DEFAULT 0,
     protected SMALLINT NOT NULL DEFAULT 0,
-    -- legacy, debug flags
-    debug SMALLINT NOT NULL DEFAULT 0,
-    db_debug SMALLINT NOT NULL DEFAULT 0,
     -- is admin user
     admin SMALLINT NOT NULL DEFAULT 0,
+    -- force lgout counter
+    force_logout INT DEFAULT 0,
     -- last login log
     last_login TIMESTAMP WITHOUT TIME ZONE,
     -- login error
@@ -76,9 +75,8 @@ COMMENT ON COLUMN edit_user.deleted IS 'Login is deleted (master switch), overri
 COMMENT ON COLUMN edit_user.strict IS 'If too many failed logins user will be locked, default off';
 COMMENT ON COLUMN edit_user.locked IS 'Locked from too many wrong password logins';
 COMMENT ON COLUMN edit_user.protected IS 'User can only be chnaged by admin user';
-COMMENT ON COLUMN edit_user.debug IS 'Turn debug flag on (legacy)';
-COMMENT ON COLUMN edit_user.db_debug IS 'Turn DB debug flag on (legacy)';
 COMMENT ON COLUMN edit_user.admin IS 'If set, this user is SUPER admin';
+COMMENT ON COLUMN edit_user.force_logout IS 'Counter for forced log out, if this one is higher than the session set one the session gets terminated';
 COMMENT ON COLUMN edit_user.last_login IS 'Last succesfull login tiemstamp';
 COMMENT ON COLUMN edit_user.login_error_count IS 'Number of failed logins, reset on successful login';
 COMMENT ON COLUMN edit_user.login_error_date_last IS 'Last login error date';

4dev/database/table/edit_visible_group.sql

@@ -7,7 +7,7 @@
 
 -- DROP TABLE edit_visible_group;
 CREATE TABLE edit_visible_group (
-    edit_visible_group_id SERIAL PRIMARY KEY,
+    edit_visible_group_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
     name VARCHAR,
     flag VARCHAR
 ) INHERITS (edit_generic) WITHOUT OIDS;

4dev/tests/ACL/CoreLibsACLLoginTest.php

@@ -22,8 +22,12 @@ Not yet covered tests:
  */
 final class CoreLibsACLLoginTest extends TestCase
 {
-	private static $db;
-	private static $log;
+	private static \CoreLibs\DB\IO $db;
+	private static \CoreLibs\Logging\Logging $log;
+
+	private static string $edit_access_cuid;
+	private static string $edit_user_cuid;
+	private static string $edit_user_cuuid;
 
 	/**
 	 * start DB conneciton, setup DB, etc
@@ -108,14 +112,40 @@ final class CoreLibsACLLoginTest extends TestCase
 		self::$db->dbSetMaxQueryCall(-1);
 		// insert additional content for testing (locked user, etc)
 		$queries = [
-			"INSERT INTO edit_access_data "
-				. "(edit_access_id, name, value, enabled) VALUES "
-				. "((SELECT edit_access_id FROM edit_access WHERE uid = 'AdminAccess'), "
-				. "'test', 'value', 1)"
+			<<<SQL
+			INSERT INTO edit_access_data (
+				edit_access_id, name, value, enabled
+			) VALUES (
+				(SELECT edit_access_id FROM edit_access WHERE uid = 'AdminAccess'),
+				'test', 'value', 1
+			)
+			SQL
 		];
 		foreach ($queries as $query) {
 			self::$db->dbExec($query);
 		}
+		// read edit access cuid, edit user cuid and edit user cuuid
+		$row = self::$db->dbReturnRowParams(
+			"SELECT cuid FROM edit_access WHERE uid = $1",
+			["AdminAccess"]
+		);
+		self::$edit_access_cuid = $row['cuid'] ?? '';
+		if (empty(self::$edit_access_cuid)) {
+			self::markTestIncomplete(
+				'Cannot read edit access cuid for "AdminAccess".'
+			);
+		}
+		$row = self::$db->dbReturnRowParams(
+			"SELECT cuid, cuuid FROM edit_user WHERE username = $1",
+			["admin"]
+		);
+		self::$edit_user_cuid = $row['cuid'] ?? '';
+		self::$edit_user_cuuid = $row['cuuid'] ?? '';
+		if (empty(self::$edit_user_cuid) || empty(self::$edit_user_cuuid)) {
+			self::markTestIncomplete(
+				'Cannot read edit user cuid or cuuid for "admin".'
+			);
+		}
 
 		// define mandatory constant
 		// must set
@@ -235,22 +265,25 @@ final class CoreLibsACLLoginTest extends TestCase
 					'ajax_post_action' => 'login',
 				],
 			],
-			'load, session euid set only, php error' => [
+			'load, session eucuuid set only, php error' => [
 				[
 					'page_name' => 'edit_users.php',
 				],
 				[],
 				[],
 				[
-					'EUID' => 1,
+					'LOGIN_EUID' => 1,
+					'LOGIN_EUCUID' => 'abc',
+					'LOGIN_EUCUUID' => '1233456-1234-1234-1234-123456789012',
 				],
 				2,
 				[],
 			],
-			'load, session euid set, all set' => [
+			'load, session eucuuid set, all set' => [
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'edit_access_uid' => 'AdminAccess',
 					'edit_access_data' => 'test',
 					'base_access' => 'list',
@@ -259,20 +292,23 @@ final class CoreLibsACLLoginTest extends TestCase
 				[],
 				[],
 				[
-					'EUID' => 1,
-					'USER_NAME' => '',
-					'GROUP_NAME' => '',
-					'ADMIN' => 1,
-					'GROUP_ACL_LEVEL' => -1,
-					'PAGES_ACL_LEVEL' => [],
-					'USER_ACL_LEVEL' => -1,
-					'USER_ADDITIONAL_ACL' => [],
-					'GROUP_ADDITIONAL_ACL' => [],
-					'UNIT_UID' => [
-						'AdminAccess' => 1,
+					'LOGIN_EUID' => 1,
+					'LOGIN_EUCUID' => 'abc',
+					'LOGIN_EUCUUID' => 'SET_EUCUUID_IN_TEST',
+					'LOGIN_USER_NAME' => '',
+					'LOGIN_GROUP_NAME' => '',
+					'LOGIN_ADMIN' => 1,
+					'LOGIN_GROUP_ACL_LEVEL' => -1,
+					'LOGIN_PAGES_ACL_LEVEL' => [],
+					'LOGIN_USER_ACL_LEVEL' => -1,
+					'LOGIN_USER_ADDITIONAL_ACL' => [],
+					'LOGIN_GROUP_ADDITIONAL_ACL' => [],
+					'LOGIN_UNIT_UID' => [
+						'AdminAccess' => '123456789012',
 					],
-					'UNIT' => [
-						1 => [
+					'LOGIN_UNIT' => [
+						'123456789012' => [
+							'id' => 1,
 							'acl_level' => 80,
 							'name' => 'Admin Access',
 							'uid' => 'AdminAccess',
@@ -284,8 +320,8 @@ final class CoreLibsACLLoginTest extends TestCase
 							'additional_acl' => []
 						],
 					],
-					// 'UNIT_DEFAULT' => '',
-					// 'DEFAULT_ACL_LIST' => [],
+					// 'LOGIN_UNIT_DEFAULT' => '',
+					// 'LOGIN_DEFAULT_ACL_LIST' => [],
 				],
 				0,
 				[
@@ -293,6 +329,7 @@ final class CoreLibsACLLoginTest extends TestCase
 					'admin_flag' => true,
 					'check_access' => true,
 					'check_access_id' => 1,
+					'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'check_access_data' => 'value',
 					'base_access' => true,
 					'page_access' => true,
@@ -412,6 +449,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_deleted' => true
@@ -437,6 +475,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_enabled' => true
@@ -462,6 +501,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_locked' => true
@@ -487,6 +527,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_get_locked' => true,
@@ -511,6 +552,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_locked_period_until' => 'on'
@@ -536,6 +578,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'edit_access_uid' => 'AdminAccess',
 					'edit_access_data' => 'test',
 					'base_access' => 'list',
@@ -555,6 +598,7 @@ final class CoreLibsACLLoginTest extends TestCase
 					'admin_flag' => true,
 					'check_access' => true,
 					'check_access_id' => 1,
+					'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'check_access_data' => 'value',
 					'base_access' => true,
 					'page_access' => true,
@@ -565,6 +609,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_locked_period_after' => 'on'
@@ -590,6 +635,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_locked_period_until' => 'on',
@@ -616,6 +662,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_login_user_id_locked' => true
@@ -641,6 +688,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'edit_access_uid' => 'AdminAccess',
 					'edit_access_data' => 'test',
 					'base_access' => 'list',
@@ -659,6 +707,7 @@ final class CoreLibsACLLoginTest extends TestCase
 					'admin_flag' => true,
 					'check_access' => true,
 					'check_access_id' => 1,
+					'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'check_access_data' => 'value',
 					'base_access' => true,
 					'page_access' => true,
@@ -669,6 +718,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'edit_access_uid' => 'AdminAccess',
 					'edit_access_data' => 'test',
 					'base_access' => 'list',
@@ -688,6 +738,7 @@ final class CoreLibsACLLoginTest extends TestCase
 					'admin_flag' => true,
 					'check_access' => true,
 					'check_access_id' => 1,
+					'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'check_access_data' => 'value',
 					'base_access' => true,
 					'page_access' => true,
@@ -698,6 +749,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'edit_access_uid' => 'AdminAccess',
 					'edit_access_data' => 'test',
 					'base_access' => 'list',
@@ -717,6 +769,7 @@ final class CoreLibsACLLoginTest extends TestCase
 					'admin_flag' => true,
 					'check_access' => true,
 					'check_access_id' => 1,
+					'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'check_access_data' => 'value',
 					'base_access' => true,
 					'page_access' => true,
@@ -727,6 +780,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'edit_access_uid' => 'AdminAccess',
 					'edit_access_data' => 'test',
 					'base_access' => 'list',
@@ -746,6 +800,7 @@ final class CoreLibsACLLoginTest extends TestCase
 					'admin_flag' => true,
 					'check_access' => true,
 					'check_access_id' => 1,
+					'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'check_access_data' => 'value',
 					'base_access' => true,
 					'page_access' => true,
@@ -777,6 +832,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'edit_access_uid' => 'AdminAccess',
 					'edit_access_data' => 'test',
 					'base_access' => 'list',
@@ -800,6 +856,7 @@ final class CoreLibsACLLoginTest extends TestCase
 					'admin_flag' => true,
 					'check_access' => true,
 					'check_access_id' => 1,
+					'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'check_access_data' => 'value',
 					'base_access' => true,
 					'page_access' => true,
@@ -810,6 +867,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'edit_access_uid' => 'AdminAccess',
 					'edit_access_data' => 'test',
 					'base_access' => 'list',
@@ -833,6 +891,7 @@ final class CoreLibsACLLoginTest extends TestCase
 					'admin_flag' => true,
 					'check_access' => true,
 					'check_access_id' => 1,
+					'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'check_access_data' => 'value',
 					'base_access' => true,
 					'page_access' => true,
@@ -843,6 +902,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_login_user_id_revalidate_after' => 'on',
@@ -869,6 +929,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'edit_access_uid' => 'AdminAccess',
 					'edit_access_data' => 'test',
 					'base_access' => 'list',
@@ -889,6 +950,7 @@ final class CoreLibsACLLoginTest extends TestCase
 					'admin_flag' => true,
 					'check_access' => true,
 					'check_access_id' => 1,
+					'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'check_access_data' => 'value',
 					'base_access' => true,
 					'page_access' => true,
@@ -899,6 +961,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_login_user_id_valid_from' => 'on',
@@ -925,6 +988,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'edit_access_uid' => 'AdminAccess',
 					'edit_access_data' => 'test',
 					'base_access' => 'list',
@@ -945,6 +1009,7 @@ final class CoreLibsACLLoginTest extends TestCase
 					'admin_flag' => true,
 					'check_access' => true,
 					'check_access_id' => 1,
+					'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'check_access_data' => 'value',
 					'base_access' => true,
 					'page_access' => true,
@@ -955,6 +1020,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_login_user_id_valid_until' => 'on',
@@ -981,6 +1047,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'base_access' => 'list',
 					'page_access' => 'list',
 					'test_login_user_id_valid_from' => 'on',
@@ -1008,6 +1075,7 @@ final class CoreLibsACLLoginTest extends TestCase
 				[
 					'page_name' => 'edit_users.php',
 					'edit_access_id' => 1,
+					'edit_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'edit_access_uid' => 'AdminAccess',
 					'edit_access_data' => 'test',
 					'base_access' => 'list',
@@ -1038,6 +1106,7 @@ final class CoreLibsACLLoginTest extends TestCase
 					'admin_flag' => true,
 					'check_access' => true,
 					'check_access_id' => 1,
+					'check_access_cuid' => 'SET_EDIT_ACCESS_CUID_IN_TEST',
 					'check_access_data' => 'value',
 					'base_access' => true,
 					'page_access' => true,
@@ -1085,9 +1154,9 @@ final class CoreLibsACLLoginTest extends TestCase
 		/** @var \CoreLibs\Create\Session&MockObject */
 		$session_mock = $this->createPartialMock(
 			\CoreLibs\Create\Session::class,
-			['startSession', 'checkActiveSession', 'sessionDestroy']
+			['getSessionId', 'checkActiveSession', 'sessionDestroy']
 		);
-		$session_mock->method('startSession')->willReturn('ACLLOGINTEST12');
+		$session_mock->method('getSessionId')->willReturn('ACLLOGINTEST12');
 		$session_mock->method('checkActiveSession')->willReturn(true);
 		$session_mock->method('sessionDestroy')->will(
 			$this->returnCallback(function () {
@@ -1107,11 +1176,15 @@ final class CoreLibsACLLoginTest extends TestCase
 			$_POST[$post_var] = $post_value;
 		}
 
+		// set ingoing session cuuid if requested
+		if (isset($session['LOGIN_EUCUUID']) && $session['LOGIN_EUCUUID'] == 'SET_EUCUUID_IN_TEST') {
+			$session['LOGIN_EUCUUID'] = self::$edit_user_cuuid;
+		}
+
 		// set _SESSION data
 		foreach ($session as $session_var => $session_value) {
 			$_SESSION[$session_var] = $session_value;
 		}
-
 		/** @var \CoreLibs\ACL\Login&MockObject */
 		$login_mock = $this->getMockBuilder(\CoreLibs\ACL\Login::class)
 			->setConstructorArgs([
@@ -1130,7 +1203,7 @@ final class CoreLibsACLLoginTest extends TestCase
 						. 'locale' . DIRECTORY_SEPARATOR,
 				]
 			])
-			->onlyMethods(['loginTerminate', 'loginReadPageName', 'loginPrintLogin'])
+			->onlyMethods(['loginTerminate', 'loginReadPageName', 'loginPrintLogin', 'loginEnhanceHttpSecurity'])
 			->getMock();
 		$login_mock->expects($this->any())
 			->method('loginTerminate')
@@ -1148,6 +1221,10 @@ final class CoreLibsACLLoginTest extends TestCase
 			->method('loginPrintLogin')
 			->willReturnCallback(function () {
 			});
+		$login_mock->expects($this->any())
+			->method('loginEnhanceHttpSecurity')
+			->willReturnCallback(function () {
+			});
 
 		// if mock_settings: enabled OFF
 		// run DB update and set off
@@ -1365,6 +1442,19 @@ final class CoreLibsACLLoginTest extends TestCase
 
 		// run test
 		try {
+			// preset, we cannot set that in the provider
+			if (
+				isset($expected['check_access_cuid']) &&
+				$expected['check_access_cuid'] == 'SET_EDIT_ACCESS_CUID_IN_TEST'
+			) {
+				$expected['check_access_cuid'] = self::$edit_access_cuid;
+			}
+			if (
+				isset($mock_settings['edit_access_cuid']) &&
+				$mock_settings['edit_access_cuid'] == 'SET_EDIT_ACCESS_CUID_IN_TEST'
+			) {
+				$mock_settings['edit_access_cuid'] = self::$edit_access_cuid;
+			}
 			// if ajax call
 			// check if parameter, or globals (old type)
 			// else normal call
@@ -1423,6 +1513,25 @@ final class CoreLibsACLLoginTest extends TestCase
 				$login_mock->loginCheckAccessPage($mock_settings['page_access']),
 				'Assert page access'
 			);
+			// - loginCheckEditAccessCuid
+			$this->assertEquals(
+				$expected['check_access'],
+				$login_mock->loginCheckEditAccessCuid($mock_settings['edit_access_cuid']),
+				'Assert check access'
+			);
+			// - loginCheckEditAccessValidCuid
+			$this->assertEquals(
+				$expected['check_access_cuid'],
+				$login_mock->loginCheckEditAccessValidCuid($mock_settings['edit_access_cuid']),
+				'Assert check access cuid valid'
+			);
+			// - loginGetEditAccessCuidFromUid
+			$this->assertEquals(
+				$expected['check_access_cuid'],
+				$login_mock->loginGetEditAccessCuidFromUid($mock_settings['edit_access_uid']),
+				'Assert check access uid to cuid valid'
+			);
+			// Deprecated
 			// - loginCheckEditAccess
 			$this->assertEquals(
 				$expected['check_access'],
@@ -1445,7 +1554,7 @@ final class CoreLibsACLLoginTest extends TestCase
 			$this->assertEquals(
 				$expected['check_access_data'],
 				$login_mock->loginGetEditAccessData(
-					$mock_settings['edit_access_id'],
+					$mock_settings['edit_access_uid'],
 					$mock_settings['edit_access_data']
 				),
 				'Assert check access id data value valid'
@@ -1476,11 +1585,12 @@ final class CoreLibsACLLoginTest extends TestCase
 			// - loginCheckPermissions
 			// - loginGetPermissionOkay
 		} catch (\Exception $e) {
-			// print "[E]: " . $e->getCode() . ", ERROR: " . $login_mock->loginGetLastErrorCode() . "/"
-			// 	. ($expected['login_error'] ?? 0) . "\n";
-			// print "AJAX: " . $login_mock->loginGetAjaxFlag() . "\n";
-			// print "AJAX GLOBAL: " . ($GLOBALS['AJAX_PAGE'] ?? '{f}') . "\n";
-			// print "Login error expext: " . ($expected['login_error'] ?? '{0}') . "\n";
+			/* print "[E]: " . $e->getCode() . ", ERROR: " . $login_mock->loginGetLastErrorCode() . "/"
+				. ($expected['login_error'] ?? 0) . "\n";
+			print "AJAX: " . $login_mock->loginGetAjaxFlag() . "\n";
+			print "AJAX GLOBAL: " . ($GLOBALS['AJAX_PAGE'] ?? '{f}') . "\n";
+			print "Login error expext: " . ($expected['login_error'] ?? '{0}') . "\n";
+			print "POST exit: " . ($_POST['login_exit'] ?? '{0}') . "\n"; */
 			// if this is 100, then we do further error checks
 			if (
 				$e->getCode() == 100 ||
@@ -1788,9 +1898,9 @@ final class CoreLibsACLLoginTest extends TestCase
 		/** @var \CoreLibs\Create\Session&MockObject */
 		$session_mock = $this->createPartialMock(
 			\CoreLibs\Create\Session::class,
-			['startSession', 'checkActiveSession', 'sessionDestroy']
+			['getSessionId', 'checkActiveSession', 'sessionDestroy']
 		);
-		$session_mock->method('startSession')->willReturn('ACLLOGINTEST34');
+		$session_mock->method('getSessionId')->willReturn('ACLLOGINTEST34');
 		$session_mock->method('checkActiveSession')->willReturn(true);
 		$session_mock->method('sessionDestroy')->will(
 			$this->returnCallback(function () {
@@ -1902,9 +2012,9 @@ final class CoreLibsACLLoginTest extends TestCase
 		/** @var \CoreLibs\Create\Session&MockObject */
 		$session_mock = $this->createPartialMock(
 			\CoreLibs\Create\Session::class,
-			['startSession', 'checkActiveSession', 'sessionDestroy']
+			['getSessionId', 'checkActiveSession', 'sessionDestroy']
 		);
-		$session_mock->method('startSession')->willReturn('ACLLOGINTEST34');
+		$session_mock->method('getSessionId')->willReturn('ACLLOGINTEST34');
 		$session_mock->method('checkActiveSession')->willReturn(true);
 		$session_mock->method('sessionDestroy')->will(
 			$this->returnCallback(function () {
@@ -1990,9 +2100,9 @@ final class CoreLibsACLLoginTest extends TestCase
 		/** @var \CoreLibs\Create\Session&MockObject */
 		$session_mock = $this->createPartialMock(
 			\CoreLibs\Create\Session::class,
-			['startSession', 'checkActiveSession', 'sessionDestroy']
+			['getSessionId', 'checkActiveSession', 'sessionDestroy']
 		);
-		$session_mock->method('startSession')->willReturn('ACLLOGINTEST34');
+		$session_mock->method('getSessionId')->willReturn('ACLLOGINTEST34');
 		$session_mock->method('checkActiveSession')->willReturn(true);
 		$session_mock->method('sessionDestroy')->will(
 			$this->returnCallback(function () {
@@ -2086,9 +2196,9 @@ final class CoreLibsACLLoginTest extends TestCase
 		/** @var \CoreLibs\Create\Session&MockObject */
 		$session_mock = $this->createPartialMock(
 			\CoreLibs\Create\Session::class,
-			['startSession', 'checkActiveSession', 'sessionDestroy']
+			['getSessionId', 'checkActiveSession', 'sessionDestroy']
 		);
-		$session_mock->method('startSession')->willReturn('ACLLOGINTEST34');
+		$session_mock->method('getSessionId')->willReturn('ACLLOGINTEST34');
 		$session_mock->method('checkActiveSession')->willReturn(true);
 		$session_mock->method('sessionDestroy')->will(
 			$this->returnCallback(function () {

4dev/tests/Combined/CoreLibsCombinedArrayHandlerTest.php

@@ -1201,6 +1201,91 @@ final class CoreLibsCombinedArrayHandlerTest extends TestCase
 			'Find next key in array'
 		);
 	}
+
+	public function providerReturnMatchingKeyOnley(): array
+	{
+		return [
+			'limited entries' => [
+				[
+					'a' => 'foo',
+					'b' => 'bar',
+					'c' => 'foobar'
+				],
+				[
+					'a', 'b'
+				],
+				[
+					'a' => 'foo',
+					'b' => 'bar',
+				],
+			],
+			'limited entries, with one wrong key' => [
+				[
+					'a' => 'foo',
+					'b' => 'bar',
+					'c' => 'foobar'
+				],
+				[
+					'a', 'b', 'f'
+				],
+				[
+					'a' => 'foo',
+					'b' => 'bar',
+				],
+			],
+			'wrong keys only' => [
+				[
+					'a' => 'foo',
+					'b' => 'bar',
+					'c' => 'foobar'
+				],
+				[
+					'f', 'f'
+				],
+				[
+				],
+			],
+			'empty keys' => [
+				[
+					'a' => 'foo',
+					'b' => 'bar',
+					'c' => 'foobar'
+				],
+				[],
+				[
+					'a' => 'foo',
+					'b' => 'bar',
+					'c' => 'foobar'
+				],
+			],
+		];
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @covers ::arrayReturnMatchingKeyOnly
+	 * @dataProvider providerReturnMatchingKeyOnley
+	 * @testdox arrayReturnMatchingKeyOnly get only selected key entries from array [$_dataName]
+	 *
+	 * @param  array $input
+	 * @param  array $key_list
+	 * @param  array $expected
+	 * @return void
+	 */
+	public function testArrayReturnMatchingKeyOnly(
+		array $input,
+		array $key_list,
+		array $expected
+	): void {
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Combined\ArrayHandler::arrayReturnMatchingKeyOnly(
+				$input,
+				$key_list
+			)
+		);
+	}
 }
 
 // __END__

4dev/tests/Create/CoreLibsCreateSessionTest.php

@@ -22,7 +22,6 @@ final class CoreLibsCreateSessionTest extends TestCase
 	public function sessionProvider(): array
 	{
 		// 0: session name as parameter or for GLOBAL value
-		// 1: type p: parameter, g: global, d: php.ini default
 		// 2: mock data as array
 		//    checkCliStatus: true/false,
 		//    getSessionStatus: PHP_SESSION_DISABLED for abort,
@@ -31,13 +30,10 @@ final class CoreLibsCreateSessionTest extends TestCase
 		//    checkActiveSession: true/false, [1st call, 2nd call]
 		//    getSessionId: string or false
 		// 3: exepcted name (session)]
-		// 4: Exception thrown on error
-		// 5: exception code, null for none
-		// 6: expected error string
+		// 4: auto write close flag
 		return [
 			'session parameter' => [
 				'sessionNameParameter',
-				'p',
 				[
 					'checkCliStatus' => false,
 					'getSessionStatus' => PHP_SESSION_NONE,
@@ -47,12 +43,9 @@ final class CoreLibsCreateSessionTest extends TestCase
 				],
 				'sessionNameParameter',
 				null,
-				null,
-				'',
 			],
 			'session globals' => [
 				'sessionNameGlobals',
-				'g',
 				[
 					'checkCliStatus' => false,
 					'getSessionStatus' => PHP_SESSION_NONE,
@@ -61,13 +54,12 @@ final class CoreLibsCreateSessionTest extends TestCase
 					'getSessionId' => '1234abcd4567'
 				],
 				'sessionNameGlobals',
-				null,
-				null,
-				'',
+				[
+					'auto_write_close' => false,
+				],
 			],
-			'session name default' => [
-				'',
-				'd',
+			'auto write close' => [
+				'sessionNameAutoWriteClose',
 				[
 					'checkCliStatus' => false,
 					'getSessionStatus' => PHP_SESSION_NONE,
@@ -75,109 +67,10 @@ final class CoreLibsCreateSessionTest extends TestCase
 					'checkActiveSession' => [false, true],
 					'getSessionId' => '1234abcd4567'
 				],
-				'',
-				null,
-				null,
-				'',
-			],
-			// error checks
-			// 1: we are in cli
-			'on cli error' => [
-				'',
-				'd',
+				'sessionNameAutoWriteClose',
 				[
-					'checkCliStatus' => true,
-					'getSessionStatus' => PHP_SESSION_NONE,
-					'setSessionName' => true,
-					'checkActiveSession' => [false, true],
-					'getSessionId' => '1234abcd4567'
+					'auto_write_close' => true,
 				],
-				'',
-				'RuntimeException',
-				1,
-				'[SESSION] No sessions in php cli'
-			],
-			// 2: session disabled
-			'session disabled error' => [
-				'',
-				'd',
-				[
-					'checkCliStatus' => false,
-					'getSessionStatus' => PHP_SESSION_DISABLED,
-					'setSessionName' => true,
-					'checkActiveSession' => [false, true],
-					'getSessionId' => '1234abcd4567'
-				],
-				'',
-				'RuntimeException',
-				2,
-				'[SESSION] Sessions are disabled'
-			],
-			// 3: invalid session name: string
-			'invalid name chars error' => [
-				'1invalid$session#;',
-				'p',
-				[
-					'checkCliStatus' => false,
-					'getSessionStatus' => PHP_SESSION_NONE,
-					'setSessionName' => false,
-					'checkActiveSession' => [false, true],
-					'getSessionId' => '1234abcd4567'
-				],
-				'',
-				'UnexpectedValueException',
-				3,
-				'[SESSION] Invalid session name: 1invalid$session#;'
-			],
-			// 3: invalid session name: only numbers
-			'invalid name numbers only error' => [
-				'123',
-				'p',
-				[
-					'checkCliStatus' => false,
-					'getSessionStatus' => PHP_SESSION_NONE,
-					'setSessionName' => false,
-					'checkActiveSession' => [false, true],
-					'getSessionId' => '1234abcd4567'
-				],
-				'',
-				'UnexpectedValueException',
-				3,
-				'[SESSION] Invalid session name: 123'
-			],
-			// 3: invalid session name: invalid name short
-			// 3: invalid session name: too long (128)
-			// 4: failed to start session (2nd false on check active session)
-			'invalid name numbers only error' => [
-				'',
-				'd',
-				[
-					'checkCliStatus' => false,
-					'getSessionStatus' => PHP_SESSION_NONE,
-					'setSessionName' => true,
-					'checkActiveSession' => [false, false],
-					'getSessionId' => '1234abcd4567'
-				],
-				'',
-				'RuntimeException',
-				4,
-				'[SESSION] Failed to activate session'
-			],
-			// 5: get session id return false
-			'invalid name numbers only error' => [
-				'',
-				'd',
-				[
-					'checkCliStatus' => false,
-					'getSessionStatus' => PHP_SESSION_NONE,
-					'setSessionName' => true,
-					'checkActiveSession' => [false, true],
-					'getSessionId' => false
-				],
-				'',
-				'UnexpectedValueException',
-				5,
-				'[SESSION] getSessionId did not return a session id'
 			],
 		];
 	}
@@ -190,32 +83,24 @@ final class CoreLibsCreateSessionTest extends TestCase
 	 * @testdox startSession $input name for $type will be $expected (error: $expected_error) [$_dataName]
 	 *
 	 * @param string $input
-	 * @param string $type
 	 * @param array<mixed> $mock_data
 	 * @param string $expected
-	 * @param string|null $exception
-	 * @param string $expected_error
+	 * @param array<string,mixed> $options
 	 * @return void
 	 */
 	public function testStartSession(
 		string $input,
-		string $type,
 		array $mock_data,
 		string $expected,
-		?string $exception,
-		?int $exception_code,
-		string $expected_error
+		?array $options,
 	): void {
-		// override expected
-		if ($type == 'd') {
-			$expected = ini_get('session.name');
-		}
 		/** @var \CoreLibs\Create\Session&MockObject $session_mock */
 		$session_mock = $this->createPartialMock(
 			\CoreLibs\Create\Session::class,
 			[
-				'checkCliStatus', 'getSessionStatus', 'checkActiveSession',
-				'setSessionName', 'startSessionCall', 'getSessionId',
+				'checkCliStatus',
+				'getSessionStatus', 'checkActiveSession',
+				'getSessionId',
 				'getSessionName'
 			]
 		);
@@ -234,12 +119,8 @@ final class CoreLibsCreateSessionTest extends TestCase
 				$mock_data['checkActiveSession'][0],
 				$mock_data['checkActiveSession'][1],
 			);
-		// dummy set for session name
-		$session_mock->method('setSessionName')->with($input)->willReturn($mock_data['setSessionName']);
 		// set session name & return bsed on request data
 		$session_mock->method('getSessionName')->willReturn($expected);
-		// will not return anything
-		$session_mock->method('startSessionCall');
 		// in test case only return string
 		// false: will return false
 		$session_mock->method('getSessionId')->willReturn($mock_data['getSessionId']);
@@ -247,25 +128,7 @@ final class CoreLibsCreateSessionTest extends TestCase
 		// regex for session id
 		$ression_id_regex = "/^\w+$/";
 
-		if ($exception !== null) {
-			$this->expectException($exception);
-			$this->expectExceptionCode($exception_code);
-		}
-
-		unset($GLOBALS['SET_SESSION_NAME']);
-		$session_id = '';
-		switch ($type) {
-			case 'p':
-				$session_id = $session_mock->startSession($input);
-				break;
-			case 'g':
-				$GLOBALS['SET_SESSION_NAME'] = $input;
-				$session_id = $session_mock->startSession();
-				break;
-			case 'd':
-				$session_id = $session_mock->startSession();
-				break;
-		}
+		$session_id = $session_mock->getSessionId();
 		// asert checks
 		if (!empty($session_id)) {
 			$this->assertMatchesRegularExpression(
@@ -284,6 +147,79 @@ final class CoreLibsCreateSessionTest extends TestCase
 		}
 	}
 
+	/**
+	 * Undocumented function
+	 *
+	 * @return array
+	 */
+	public function providerSessionException(): array
+	{
+		return [
+			'not cli' => [
+				'TEST_EXCEPTION',
+				\RuntimeException::class,
+				1,
+				'/^\[SESSION\] No sessions in php cli$/',
+			],
+			/* 'session disabled ' => [
+				'TEST_EXCEPTION',
+				\RuntimeException::class,
+				2,
+				'/^\[SESSION\] Sessions are disabled/'
+			],
+			'invalid session name' => [
+				'--#as^-292p-',
+				\UnexpectedValueException::class,
+				3,
+				'/^\[SESSION\] Invalid session name: /'
+			],
+			'failed to activate session' => [
+				'TEST_EXCEPTION',
+				\RuntimeException::class,
+				4,
+				'/^\[SESSION\] Failed to activate session/'
+			],
+			'expired session' => [
+				\RuntimeException::class,
+				5,
+				'/^\[SESSION\] Expired session found/'
+			],
+			'not a valid session id returned' => [
+				\UnexpectedValueException::class,
+				6,
+				'/^\[SESSION\] getSessionId did not return a session id/'
+			], */
+		];
+	}
+
+	/**
+	 * exception checks
+	 *
+	 * @covers ::initSession
+	 * @dataProvider providerSessionException
+	 * @testdox create session $session_name with exception $exception ($exception_code) [$_dataName]
+	 *
+	 * @param  string $session_name
+	 * @param  string $exception
+	 * @param  int    $exception_code
+	 * @param  string $expected_error
+	 * @return void
+	 */
+	public function testSessionException(
+		string $session_name,
+		string $exception,
+		int $exception_code,
+		string $expected_error,
+	): void {
+		//
+		// throws only on new Object creation
+		$this->expectException($exception);
+		$this->expectExceptionCode($exception_code);
+		$this->expectExceptionMessageMatches($expected_error);
+		// cannot set ini after header sent, plus we are on command line there are no headers
+		new \CoreLibs\Create\Session($session_name, ['session_strict' => false]);
+	}
+
 	/**
 	 * provider for session name check
 	 *
@@ -347,109 +283,147 @@ final class CoreLibsCreateSessionTest extends TestCase
 	 *
 	 * @return array
 	 */
-	public function sessionDataProvider(): array
+	public function providerSessionData(): array
 	{
 		return [
 			'test' => [
 				'foo',
 				'bar',
 				'bar',
+				null,
 			],
 			'int key test' => [
 				123,
 				'bar',
 				'bar',
+				\UnexpectedValueException::class
 			],
 			// more complex value tests
 			'array values' => [
 				'array',
 				[1, 2, 3],
 				[1, 2, 3],
+				null,
 			]
 		];
 	}
 
+	// NOTE: with auto start session, we cannot test this in the command line
+
 	/**
 	 * method call test
 	 *
-	 * @covers ::setS
-	 * @covers ::getS
-	 * @covers ::issetS
-	 * @covers ::unsetS
-	 * @dataProvider sessionDataProvider
-	 * @testdox setS/getS/issetS/unsetS $name with $input is $expected [$_dataName]
+	 * @covers ::set
+	 * @covers ::get
+	 * @covers ::isset
+	 * @covers ::unset
+	 * @dataProvider providerSessionData
+	 * @testdox set/get/isset/unset $name with $input is $expected ($exception) [$_dataName]
 	 *
 	 * @param  string|int $name
 	 * @param  mixed $input
 	 * @param  mixed $expected
+	 * @param  ?mixed $exception
 	 * @return void
 	 */
-	public function testMethodSetGet($name, $input, $expected): void
+	public function testMethodSetGet($name, $input, $expected, $exception): void
 	{
-		$session = new \CoreLibs\Create\Session();
-		$session->setS($name, $input);
+		if (\CoreLibs\Get\System::checkCLI()) {
+			$this->markTestSkipped('Cannot run testMethodSetGet in CLI');
+		}
+		$session = new \CoreLibs\Create\Session('TEST_METHOD');
+		if ($expected !== null) {
+			$this->expectException($exception);
+		}
+		$session->set($name, $input);
 		$this->assertEquals(
 			$expected,
-			$session->getS($name),
+			$session->get($name),
 			'method set assert'
 		);
 		// isset true
 		$this->assertTrue(
-			$session->issetS($name),
+			$session->isset($name),
 			'method isset assert ok'
 		);
-		$session->unsetS($name);
+		$session->unset($name);
 		$this->assertEquals(
 			'',
-			$session->getS($name),
+			$session->get($name),
 			'method unset assert'
 		);
-		// iset false
+		// isset false
 		$this->assertFalse(
-			$session->issetS($name),
+			$session->isset($name),
 			'method isset assert false'
 		);
 	}
 
 	/**
-	 * magic call test
+	 * Undocumented function
 	 *
-	 * @covers ::__set
-	 * @covers ::__get
-	 * @covers ::__isset
-	 * @covers ::__unset
-	 * @dataProvider sessionDataProvider
-	 * @testdox __set/__get/__iseet/__unset $name with $input is $expected [$_dataName]
+	 * @return array
+	 */
+	public function providerSessionDataMany(): array
+	{
+		return [
+			'valid set' => [
+				[
+					'foo 1' => 'bar 1',
+					'foo 2' => 'bar 1',
+				],
+				[
+					'foo 1' => 'bar 1',
+					'foo 2' => 'bar 1',
+				],
+				null,
+			],
+			'invalid entry' => [
+				[
+					'foo 1' => 'bar 1',
+					123 => 'bar 1',
+				],
+				[
+					'foo 1' => 'bar 1',
+				],
+				\UnexpectedValueException::class
+			]
+		];
+	}
+
+	/**
+	 * Undocumented function
 	 *
-	 * @param  string|int $name
-	 * @param  mixed $input
-	 * @param  mixed $expected
+	 * @covers ::setMany
+	 * @covers ::getMany
+	 * @dataProvider providerSessionDataMany
+	 * @testdox setMany/getMany/unsetMany $set is $expected ($exception) [$_dataName]
+	 *
+	 * @param  array<string|int,mixed> $set
+	 * @param  array<string,mixed> $expected
+	 * @param  ?mixed $exception
 	 * @return void
 	 */
-	public function testMagicSetGet($name, $input, $expected): void
+	public function testMany($set, $expected, $exception): void
 	{
-		$session = new \CoreLibs\Create\Session();
-		$session->$name = $input;
+		if (\CoreLibs\Get\System::checkCLI()) {
+			$this->markTestSkipped('Cannot run testMethodSetGet in CLI');
+		}
+		$session = new \CoreLibs\Create\Session('TEST_METHOD');
+		if ($expected !== null) {
+			$this->expectException($exception);
+		}
+		$session->setMany($set);
 		$this->assertEquals(
 			$expected,
-			$session->$name,
-			'magic set assert'
+			$session->getMany(array_keys($set)),
+			'set many failed'
 		);
-		// isset true
-		$this->assertTrue(
-			isset($session->$name),
-			'magic isset assert ok'
-		);
-		unset($session->$name);
+		$session->unsetMany(array_keys($set));
 		$this->assertEquals(
-			'',
-			$session->$name,
-			'magic unset assert'
-		);
-		// isset true
-		$this->assertFalse(
-			isset($session->$name),
-			'magic isset assert false'
+			[],
+			$session->getMany(array_keys($set)),
+			'unset many failed'
 		);
 	}
 
@@ -463,27 +437,30 @@ final class CoreLibsCreateSessionTest extends TestCase
 	 */
 	public function testUnsetAll(): void
 	{
+		if (\CoreLibs\Get\System::checkCLI()) {
+			$this->markTestSkipped('Cannot run testUnsetAll in CLI');
+		}
 		$test_values = [
 			'foo' => 'abc',
 			'bar' => '123'
 		];
-		$session = new \CoreLibs\Create\Session();
+		$session = new \CoreLibs\Create\Session('TEST_UNSET');
 		foreach ($test_values as $name => $value) {
-			$session->setS($name, $value);
+			$session->set($name, $value);
 			// confirm set
 			$this->assertEquals(
 				$value,
-				$session->getS($name),
+				$session->get($name),
 				'set assert: ' . $name
 			);
 		}
 		// unset all
-		$session->unsetAllS();
+		$session->clear();
 		// check unset
 		foreach (array_keys($test_values) as $name) {
 			$this->assertEquals(
 				'',
-				$session->getS($name),
+				$session->get($name),
 				'unsert assert: ' . $name
 			);
 		}

4dev/tests/Create/CoreLibsCreateUidsTest.php

@@ -121,6 +121,7 @@ final class CoreLibsCreateUidsTest extends TestCase
 	 * must match 7e78fe0d-59b8-4637-af7f-e88d221a7d1e
 	 *
 	 * @covers ::uuidv4
+	 * @covers ::validateUuidv4
 	 * @testdox uuidv4 check that return is matching regex [$_dataName]
 	 *
 	 * @return void
@@ -129,13 +130,18 @@ final class CoreLibsCreateUidsTest extends TestCase
 	{
 		$uuid = \CoreLibs\Create\Uids::uuidv4();
 		$this->assertMatchesRegularExpression(
-			'/^[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}$/',
-			$uuid
+			'/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/',
+			$uuid,
+			'Failed regex check'
+		);
+		$this->assertTrue(
+			\CoreLibs\Create\Uids::validateUuuidv4($uuid),
+			'Failed validate regex method'
+		);
+		$this->assertFalse(
+			\CoreLibs\Create\Uids::validateUuuidv4('not-a-uuidv4'),
+			'Failed wrong uuid validated as true'
 		);
-		// $this->assertStringMatchesFormat(
-		// 	'%4s%4s-%4s-%4s-%4s-%4s%4s%4s',
-		// 	$uuid
-		// );
 	}
 
 	/**

4dev/tests/DB/CoreLibsDBIOTest.php

@@ -17,7 +17,7 @@ Table with Primary Key: table_with_primary_key
 Table without Primary Key: table_without_primary_key
 
 Table with primary key has additional row:
-row_primary_key	SERIAL PRIMARY KEY,
+row_primary_key	INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
 Each table has the following rows
 row_int INT,
 row_numeric NUMERIC,
@@ -162,13 +162,9 @@ final class CoreLibsDBIOTest extends TestCase
 			// primary key name is table + '_id'
 			<<<SQL
 			CREATE TABLE table_with_primary_key (
-				table_with_primary_key_id SERIAL PRIMARY KEY,
+				table_with_primary_key_id INT GENERATED ALWAYS AS IDENTITY PRIMARY KEY,
 				$base_table
 			SQL
-			/* "CREATE TABLE table_with_primary_key ("
-			// primary key name is table + '_id'
-			. "table_with_primary_key_id SERIAL PRIMARY KEY, "
-			. $base_table */
 		);
 		$db->dbExec(
 			<<<SQL
@@ -5139,6 +5135,67 @@ final class CoreLibsDBIOTest extends TestCase
 				SQL,
 				'count' => 6,
 				'convert' => false,
+			],
+			'comments in insert' => [
+				'query' => <<<SQL
+				INSERT INTO table_with_primary_key (
+					row_int, row_numeric, row_varchar, row_varchar_literal
+				) VALUES (
+					-- comment 1 かな
+					$1, $2,
+					-- comment 2 -
+					$3
+					-- comment 3
+					, $4
+				)
+				SQL,
+				'count' => 4,
+				'convert' => false
+			],
+			'comment in update' => [
+				'query' => <<<SQL
+				UPDATE table_with_primary_key SET
+					row_int =
+					-- COMMENT 1
+					$1,
+					row_numeric =
+					$2 -- COMMENT 2
+					,
+					row_varchar -- COMMENT 3
+					= $3
+				WHERE
+					row_varchar = $4
+				SQL,
+				'count' => 4,
+				'convert' => false,
+			],
+			// Note some are not set
+			'a complete set of possible' => [
+				'query' => <<<SQL
+				UPDATE table_with_primary_key SET
+				-- ROW
+				row_varchar = $1
+				WHERE
+				row_varchar = ANY($2) AND row_varchar <> $3
+				AND row_varchar > $4 AND row_varchar < $5
+				AND row_varchar >= $6 AND row_varchar <=$7
+				AND row_jsonb->'a' = $8 AND row_jsonb->>$9 = 'a'
+				AND row_jsonb<@$10 AND row_jsonb@>$11
+				AND row_varchar ^@ $12
+				SQL,
+				'count' => 12,
+				'convert' => false,
+			],
+			// all the same
+			'all the same numbered' => [
+				'query' => <<<SQL
+				UPDATE table_with_primary_key SET
+					row_int = $1::INT, row_numeric = $1::NUMERIC, row_varchar = $1
+				WHERE
+					row_varchar = $1
+				SQL,
+				'count' => 1,
+				'convert' => false,
 			]
 		];
 	}

4dev/tests/Debug/CoreLibsDebugSupportTest.php

@@ -568,6 +568,9 @@ final class CoreLibsDebugSupportTest extends TestCase
 					'assert expected 12'
 				);
 				break;
+			default:
+				$this->assertTrue(true, 'Default fallback as true');
+				break;
 		}
 	}
 

4dev/tests/Language/CoreLibsLanguageGetLocaleTest.php

@@ -21,341 +21,6 @@ final class CoreLibsLanguageGetLocaleTest extends TestCase
 		. 'includes' . DIRECTORY_SEPARATOR
 		. 'locale' . DIRECTORY_SEPARATOR;
 
-	/**
-	 * set all constant variables that must be set before call
-	 *
-	 * @return void
-	 */
-	public static function setUpBeforeClass(): void
-	{
-		// default web page encoding setting
-		/* if (!defined('DEFAULT_ENCODING')) {
-			define('DEFAULT_ENCODING', 'UTF-8');
-		}
-		if (!defined('DEFAULT_LOCALE')) {
-			// default lang + encoding
-			define('DEFAULT_LOCALE', 'en_US.UTF-8');
-		}
-		// site
-		if (!defined('SITE_ENCODING')) {
-			define('SITE_ENCODING', DEFAULT_ENCODING);
-		}
-		if (!defined('SITE_LOCALE')) {
-			define('SITE_LOCALE', DEFAULT_LOCALE);
-		} */
-		// just set
-		/* if (!defined('BASE')) {
-			define('BASE', str_replace('/configs', '', __DIR__) . DIRECTORY_SEPARATOR);
-		}
-		if (!defined('INCLUDES')) {
-			define('INCLUDES', 'includes' . DIRECTORY_SEPARATOR);
-		}
-		if (!defined('LANG')) {
-			define('LANG', 'lang' . DIRECTORY_SEPARATOR);
-		}
-		if (!defined('LOCALE')) {
-			define('LOCALE', 'locale' . DIRECTORY_SEPARATOR);
-		}
-		if (!defined('CONTENT_PATH')) {
-			define('CONTENT_PATH', 'frontend' . DIRECTORY_SEPARATOR);
-		} */
-		// array session
-		$_SESSION = [];
-		global $_SESSION;
-	}
-
-	/**
-	 * all the test data
-	 *
-	 * @return array<mixed>
-	 */
-	/* public function setLocaleProvider(): array
-	{
-		return [
-			// 0: locale
-			// 1: domain
-			// 2: encoding
-			// 3: path
-			// 4: SESSION: DEFAULT_LOCALE
-			// 5: SESSION: DEFAULT_CHARSET
-			// 6: expected array
-			// 7: deprecation message
-			'no params, all default constants' => [
-				// lang, domain, encoding, path
-				null, null, null, null,
-				// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
-				null, null,
-				// return array
-				[
-					'locale' => 'en_US.UTF-8',
-					'lang' => 'en_US',
-					'domain' => 'frontend',
-					'encoding' => 'UTF-8',
-					'path' => "/^\/(.*\/)?includes\/locale\/$/",
-				],
-				'setLocale: Unset $locale or unset SESSION locale is deprecated',
-			],
-			'no params, session charset and lang' => [
-				// lang, domain, encoding, path
-				null, null, null, null,
-				// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
-				'ja_JP', 'UTF-8',
-				// return array
-				[
-					'locale' => 'ja_JP',
-					'lang' => 'ja_JP',
-					'domain' => 'frontend',
-					'encoding' => 'UTF-8',
-					'path' => "/^\/(.*\/)?includes\/locale\/$/",
-				],
-				'setLocale: Unset $domain is deprecated'
-			],
-			'no params, session charset and lang short' => [
-				// lang, domain, encoding, path
-				null, null, null, null,
-				// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
-				'ja', 'UTF-8',
-				// return array
-				[
-					'locale' => 'ja',
-					'lang' => 'ja',
-					'domain' => 'frontend',
-					'encoding' => 'UTF-8',
-					'path' => "/^\/(.*\/)?includes\/locale\/$/",
-				],
-				'setLocale: Unset $domain is deprecated',
-			],
-			// param lang (no sessions)
-			'locale param only, no sessions' => [
-				// lang, domain, encoding, path
-				'ja.UTF-8', null, null, null,
-				// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
-				null, null,
-				// return array
-				[
-					'locale' => 'ja.UTF-8',
-					'lang' => 'ja',
-					'domain' => 'frontend',
-					'encoding' => 'UTF-8',
-					'path' => "/^\/(.*\/)?includes\/locale\/$/",
-				],
-				'setLocale: Unset $domain is deprecated',
-			],
-			// different locale setting
-			'locale complex param only, no sessions' => [
-				// lang, domain, encoding, path
-				'ja_JP.SJIS', null, null, null,
-				// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
-				null, null,
-				// return array
-				[
-					'locale' => 'ja_JP.SJIS',
-					'lang' => 'ja_JP',
-					'domain' => 'frontend',
-					'encoding' => 'SJIS',
-					'path' => "/^\/(.*\/)?includes\/locale\/$/",
-				],
-				'setLocale: Unset $domain is deprecated',
-			],
-			// param lang and domain (no override)
-			'locale, domain params, no sessions' => [
-				// lang, domain, encoding, path
-				'ja.UTF-8', 'admin', null, null,
-				// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
-				null, null,
-				// return array
-				[
-					'locale' => 'ja.UTF-8',
-					'lang' => 'ja',
-					'domain' => 'admin',
-					'encoding' => 'UTF-8',
-					'path' => "/^\/(.*\/)?includes\/locale\/$/",
-				],
-				'setLocale: Unset $path is deprecated',
-			],
-			// param lang and domain (no override)
-			'locale, domain, encoding params, no sessions' => [
-				// lang, domain, encoding, path
-				'ja.UTF-8', 'admin', 'UTF-8', null,
-				// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
-				null, null,
-				// return array
-				[
-					'locale' => 'ja.UTF-8',
-					'lang' => 'ja',
-					'domain' => 'admin',
-					'encoding' => 'UTF-8',
-					'path' => "/^\/(.*\/)?includes\/locale\/$/",
-				],
-				'setLocale: Unset $path is deprecated'
-			],
-			// lang, domain, path (no override)
-			'locale, domain and path, no sessions' => [
-				// lang, domain, encoding, path
-				'ja.UTF-8', 'admin', '', __DIR__ . '/locale_other/',
-				// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
-				null, null,
-				// return array
-				[
-					'locale' => 'ja.UTF-8',
-					'lang' => 'ja',
-					'domain' => 'admin',
-					'encoding' => 'UTF-8',
-					'path' => "/^\/(.*\/)?locale_other\/$/",
-				],
-				null
-			],
-			// all params set (no override)
-			'all parameter, no sessions' => [
-				// lang, domain, encoding, path
-				'ja', 'admin', 'UTF-8', __DIR__ . '/locale_other/',
-				// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
-				null, null,
-				// return array
-				[
-					'locale' => 'ja',
-					'lang' => 'ja',
-					'domain' => 'admin',
-					'encoding' => 'UTF-8',
-					'path' => "/^\/(.*\/)?locale_other\/$/",
-				],
-				null
-			],
-			// param lang and domain (no override)
-			'long locale, domain, encoding params, no sessions' => [
-				// lang, domain, encoding, path
-				'de_CH.UTF-8@euro', 'admin', 'UTF-8', null,
-				// SESSION DEFAULT_LOCALE, SESSION: DEFAULT_CHARSET
-				null, null,
-				// return array
-				[
-					'locale' => 'de_CH.UTF-8@euro',
-					'lang' => 'de_CH',
-					'domain' => 'admin',
-					'encoding' => 'UTF-8',
-					'path' => "/^\/(.*\/)?includes\/locale\/$/",
-				],
-				'setLocale: Unset $path is deprecated',
-			],
-			// TODO invalid params (bad path) (no override)
-			// TODO param calls, but with override set
-		];
-	} */
-
-	/**
-	  * Undocumented function
-	  *
-	  * @covers ::setLocale
-	  * @dataProvider setLocaleProvider
-	  * @testdox lang settings lang $language, domain $domain, encoding $encoding, path $path; session lang: $SESSION_DEFAULT_LOCALE, session char: $SESSION_DEFAULT_CHARSET [$_dataName]
-	  *
-	  * @param  string|null  $language
-	  * @param  string|null  $domain
-	  * @param  string|null  $encoding
-	  * @param  string|null  $path
-	  * @param  string|null  $SESSION_DEFAULT_LOCALE
-	  * @param  string|null  $SESSION_DEFAULT_CHARSET
-	  * @param  array<mixed> $expected
-	  * @param  string|null  $deprecation_message
-	  * @return void
-	  */
-	/* public function testsetLocale(
-		?string $language,
-		?string $domain,
-		?string $encoding,
-		?string $path,
-		?string $SESSION_DEFAULT_LOCALE,
-		?string $SESSION_DEFAULT_CHARSET,
-		array $expected,
-		?string $deprecation_message
-	): void {
-		$return_lang_settings = [];
-		global $_SESSION;
-		// set override
-		if ($SESSION_DEFAULT_LOCALE !== null) {
-			$_SESSION['DEFAULT_LOCALE'] = $SESSION_DEFAULT_LOCALE;
-		}
-		if ($SESSION_DEFAULT_CHARSET !== null) {
-			$_SESSION['DEFAULT_CHARSET'] = $SESSION_DEFAULT_CHARSET;
-		}
-		if ($deprecation_message !== null) {
-			set_error_handler(
-				static function (int $errno, string $errstr): never {
-					throw new \Exception($errstr, $errno);
-				},
-				E_USER_DEPRECATED
-			);
-			// catch this with the message
-			$this->expectExceptionMessage($deprecation_message);
-		}
-		// function call
-		if (
-			$language === null && $domain === null &&
-			$encoding === null && $path === null
-		) {
-			$return_lang_settings  = \CoreLibs\Language\GetLocale::setLocale();
-		} elseif (
-			$language !== null && $domain === null &&
-			$encoding === null && $path === null
-		) {
-			$return_lang_settings  = \CoreLibs\Language\GetLocale::setLocale(
-				$language
-			);
-		} elseif (
-			$language !== null && $domain !== null &&
-			$encoding === null && $path === null
-		) {
-			$return_lang_settings  = \CoreLibs\Language\GetLocale::setLocale(
-				$language,
-				$domain
-			);
-		} elseif (
-			$language !== null && $domain !== null &&
-			$encoding !== null && $path === null
-		) {
-			$return_lang_settings  = \CoreLibs\Language\GetLocale::setLocale(
-				$language,
-				$domain,
-				$encoding
-			);
-		} else {
-			$return_lang_settings  = \CoreLibs\Language\GetLocale::setLocale(
-				$language,
-				$domain,
-				$encoding,
-				$path
-			);
-		}
-		restore_error_handler();
-		// print "RETURN: " . print_r($return_lang_settings, true) . "\n";
-
-		foreach (
-			[
-				'locale', 'lang', 'domain', 'encoding', 'path'
-			] as $key
-		) {
-			$value = $expected[$key];
-			if (strpos($value, "/") === 0) {
-				// this is regex
-				$this->assertMatchesRegularExpression(
-					$value,
-					$return_lang_settings[$key],
-					'assert regex failed for ' . $key
-				);
-			} else {
-				// assert equal
-				$this->assertEquals(
-					$value,
-					$return_lang_settings[$key],
-					'assert equal failed for ' . $key
-				);
-			}
-		}
-		// unset all vars
-		$_SESSION = [];
-		unset($GLOBALS['OVERRIDE_LANG']);
-	} */
-
 	/**
 	 * all the test data
 	 *

4dev/tests/Language/locale_other/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore

4dev/tests/Logging/CoreLibsLoggingErrorMessagesTest.php

@@ -10,7 +10,7 @@ use CoreLibs\Logging\Logger\Level;
 /**
  * Test class for Logging
  * @coversDefaultClass \CoreLibs\Logging\ErrorMessages
- * @testdox \CoreLibs\Logging\ErrorMEssages method tests
+ * @testdox \CoreLibs\Logging\ErrorMessages method tests
  */
 final class CoreLibsLoggingErrorMessagesTest extends TestCase
 {

4dev/tests/Security/CoreLibsSecuritySymmetricEncryptionTest.php

@@ -56,7 +56,24 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
 			$decrypted,
 			'Class call',
 		);
+	}
 
+	/**
+	 * test encrypt/decrypt produce correct output
+	 *
+	 * @covers ::generateRandomKey
+	 * @covers ::encrypt
+	 * @covers ::decrypt
+	 * @dataProvider providerEncryptDecryptSuccess
+	 * @testdox encrypt/decrypt indirect $input must be $expected [$_dataName]
+	 *
+	 * @param  string $input
+	 * @param  string $expected
+	 * @return void
+	 */
+	public function testEncryptDecryptSuccessIndirect(string $input, string $expected): void
+	{
+		$key = CreateKey::generateRandomKey();
 		// test indirect
 		$encrypted = SymmetricEncryption::getInstance($key)->encrypt($input);
 		$decrypted = SymmetricEncryption::getInstance($key)->decrypt($encrypted);
@@ -65,7 +82,24 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
 			$decrypted,
 			'Class Instance call',
 		);
+	}
 
+	/**
+	 * test encrypt/decrypt produce correct output
+	 *
+	 * @covers ::generateRandomKey
+	 * @covers ::encrypt
+	 * @covers ::decrypt
+	 * @dataProvider providerEncryptDecryptSuccess
+	 * @testdox encrypt/decrypt static $input must be $expected [$_dataName]
+	 *
+	 * @param  string $input
+	 * @param  string $expected
+	 * @return void
+	 */
+	public function testEncryptDecryptSuccessStatic(string $input, string $expected): void
+	{
+		$key = CreateKey::generateRandomKey();
 		// test static
 		$encrypted = SymmetricEncryption::encryptKey($input, $key);
 		$decrypted = SymmetricEncryption::decryptKey($encrypted, $key);
@@ -114,13 +148,51 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
 		$crypt = new SymmetricEncryption($key);
 		$encrypted = $crypt->encrypt($input);
 		$this->expectExceptionMessage($exception_message);
-		$crypt->setKey($key);
+		$crypt->setKey($wrong_key);
 		$crypt->decrypt($encrypted);
+	}
+
+	/**
+	 * Test decryption with wrong key
+	 *
+	 * @covers ::generateRandomKey
+	 * @covers ::encrypt
+	 * @covers ::decrypt
+	 * @dataProvider providerEncryptFailed
+	 * @testdox decrypt indirect with wrong key $input throws $exception_message [$_dataName]
+	 *
+	 * @param  string $input
+	 * @param  string $exception_message
+	 * @return void
+	 */
+	public function testEncryptFailedIndirect(string $input, string $exception_message): void
+	{
+		$key = CreateKey::generateRandomKey();
+		$wrong_key = CreateKey::generateRandomKey();
 
 		// class instance
 		$encrypted = SymmetricEncryption::getInstance($key)->encrypt($input);
 		$this->expectExceptionMessage($exception_message);
 		SymmetricEncryption::getInstance($wrong_key)->decrypt($encrypted);
+	}
+
+	/**
+	 * Test decryption with wrong key
+	 *
+	 * @covers ::generateRandomKey
+	 * @covers ::encrypt
+	 * @covers ::decrypt
+	 * @dataProvider providerEncryptFailed
+	 * @testdox decrypt static with wrong key $input throws $exception_message [$_dataName]
+	 *
+	 * @param  string $input
+	 * @param  string $exception_message
+	 * @return void
+	 */
+	public function testEncryptFailedStatic(string $input, string $exception_message): void
+	{
+		$key = CreateKey::generateRandomKey();
+		$wrong_key = CreateKey::generateRandomKey();
 
 		// class static
 		$encrypted = SymmetricEncryption::encryptKey($input, $key);
@@ -190,6 +262,56 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
 		SymmetricEncryption::decryptKey($encrypted, $key);
 	}
 
+	/**
+	 * test invalid key provided to decrypt or encrypt
+	 *
+	 * @covers ::encrypt
+	 * @covers ::decrypt
+	 * @dataProvider providerWrongKey
+	 * @testdox wrong key indirect $key throws $exception_message [$_dataName]
+	 *
+	 * @param  string $key
+	 * @param  string $exception_message
+	 * @return void
+	 */
+	public function testWrongKeyIndirect(string $key, string $exception_message): void
+	{
+		$enc_key = CreateKey::generateRandomKey();
+
+		// class instance
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::getInstance($key)->encrypt('test');
+		// we must encrypt valid thing first so we can fail with the wrong key
+		$encrypted = SymmetricEncryption::getInstance($enc_key)->encrypt('test');
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::getInstance($key)->decrypt($encrypted);
+	}
+
+		/**
+	 * test invalid key provided to decrypt or encrypt
+	 *
+	 * @covers ::encrypt
+	 * @covers ::decrypt
+	 * @dataProvider providerWrongKey
+	 * @testdox wrong key static $key throws $exception_message [$_dataName]
+	 *
+	 * @param  string $key
+	 * @param  string $exception_message
+	 * @return void
+	 */
+	public function testWrongKeyStatic(string $key, string $exception_message): void
+	{
+		$enc_key = CreateKey::generateRandomKey();
+
+		// class static
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::encryptKey('test', $key);
+		// we must encrypt valid thing first so we can fail with the wrong key
+		$encrypted = SymmetricEncryption::encryptKey('test', $enc_key);
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::decryptKey($encrypted, $key);
+	}
+
 	/**
 	 * Undocumented function
 	 *
@@ -232,6 +354,49 @@ final class CoreLibsSecuritySymmetricEncryptionTest extends TestCase
 		$this->expectExceptionMessage($exception_message);
 		SymmetricEncryption::decryptKey($input, $key);
 	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @covers ::decrypt
+	 * @dataProvider providerWrongCiphertext
+	 * @testdox too short ciphertext indirect $input throws $exception_message [$_dataName]
+	 *
+	 * @param  string $input
+	 * @param  string $exception_message
+	 * @return void
+	 */
+	public function testWrongCiphertextIndirect(string $input, string $exception_message): void
+	{
+		$key = CreateKey::generateRandomKey();
+
+		// class instance
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::getInstance($key)->decrypt($input);
+
+		// class static
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::decryptKey($input, $key);
+	}
+
+		/**
+	 * Undocumented function
+	 *
+	 * @covers ::decrypt
+	 * @dataProvider providerWrongCiphertext
+	 * @testdox too short ciphertext static $input throws $exception_message [$_dataName]
+	 *
+	 * @param  string $input
+	 * @param  string $exception_message
+	 * @return void
+	 */
+	public function testWrongCiphertextStatic(string $input, string $exception_message): void
+	{
+		$key = CreateKey::generateRandomKey();
+		// class static
+		$this->expectExceptionMessage($exception_message);
+		SymmetricEncryption::decryptKey($input, $key);
+	}
 }
 
 // __END__

4dev/update/20241203_update_edit_tables/edit_tables_cuid_cuuid_update_add.sql

@@ -0,0 +1,34 @@
+-- 20241203: update edit tables
+ALTER TABLE edit_generic ADD cuuid UUID DEFAULT gen_random_uuid();
+ALTER TABLE edit_log ADD ecuid VARCHAR;
+ALTER TABLE edit_log ADD ecuuid VARCHAR;
+ALTER TABLE edit_log ADD action_sub_id VARCHAR;
+ALTER TABLE edit_log ADD http_data JSONB;
+ALTER TABLE edit_log ADD ip_address JSONB;
+ALTER TABLE edit_log ADD action_data JSONB;
+ALTER TABLE edit_log ADD request_scheme VARCHAR;
+ALTER TABLE edit_user ADD force_logout INT DEFAULT 0;
+COMMENT ON COLUMN edit_user.force_logout IS 'Counter for forced log out, if this one is higher than the session set one the session gets terminated';
+ALTER TABLE edit_user ADD last_login TIMESTAMP WITHOUT TIME ZONE;
+COMMENT ON COLUMN edit_user.last_login IS 'Last succesfull login tiemstamp';
+
+-- update set_edit_gneric
+-- adds the created or updated date tags
+
+CREATE OR REPLACE FUNCTION set_edit_generic()
+RETURNS TRIGGER AS
+$$
+DECLARE
+    random_length INT = 25; -- that should be long enough
+BEGIN
+    IF TG_OP = 'INSERT' THEN
+        NEW.date_created := clock_timestamp();
+        NEW.cuid := random_string(random_length);
+        NEW.cuuid := gen_random_uuid();
+    ELSIF TG_OP = 'UPDATE' THEN
+        NEW.date_updated := clock_timestamp();
+    END IF;
+    RETURN NEW;
+END;
+$$
+LANGUAGE 'plpgsql';

composer.json

@@ -2,6 +2,7 @@
     "name": "egrajp/development-corelibs-dev",
     "version": "dev-master",
     "description": "CoreLibs: Development package",
+    "keywords": ["corelib", "logging", "database", "templating", "tools"],
     "type": "library",
     "require": {
         "php": ">=8.3"

phpstan.neon

@@ -14,6 +14,9 @@ parameters:
 	# 	allRules: false
 	checkMissingCallableSignature: true
 	treatPhpDocTypesAsCertain: false
+	# phpVersion:
+	# 	min: 80200 # PHP 8.2.0
+	# 	max: 80300 # PHP latest
 	paths:
 		- %currentWorkingDirectory%/www
 	bootstrapFiles:

phpunit.xml

@@ -5,4 +5,9 @@
 	convertDeprecationsToExceptions="true"
 	bootstrap="4dev/tests/bootstrap.php"
 >
+	<testsuites>
+		<testsuite name="deploy">
+			<directory>4dev/tests</directory>
+		</testsuite>
+	</testsuites>
 </phpunit>

www/admin/class_test.admin.backend.php

@@ -42,6 +42,20 @@ $backend = new CoreLibs\Admin\Backend(
 	$l10n,
 	DEFAULT_ACL_LEVEL
 );
+$login = new CoreLibs\ACL\Login(
+	$db,
+	$log,
+	$session,
+	[
+		'auto_login' => false,
+		'default_acl_level' => DEFAULT_ACL_LEVEL,
+		'logout_target' => '',
+		'site_locale' => SITE_LOCALE,
+		'site_domain' => SITE_DOMAIN,
+		'site_encoding' => SITE_ENCODING,
+		'locale_path' => BASE . INCLUDES . LOCALE,
+	]
+);
 use CoreLibs\Debug\Support;
 
 $PAGE_NAME = 'TEST CLASS: ADMIN BACKEND';
@@ -55,10 +69,30 @@ print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 print "SETACL[]: <br>";
 $backend->setACL(['EMPTY' => 'EMPTY']);
 print "ADBEDITLOG: <br>";
-$backend->adbEditLog('CLASSTEST-ADMIN-BINARY', 'Some info string', 'BINARY');
-$backend->adbEditLog('CLASSTEST-ADMIN-ZLIB', 'Some info string', 'ZLIB');
-$backend->adbEditLog('CLASSTEST-ADMIN-SERIAL', 'Some info string', 'SERIAL');
-$backend->adbEditLog('CLASSTEST-ADMIN-INVALID', 'Some info string', 'INVALID');
+$login->writeLog(
+	'CLASSTEST-ADMIN-BINARY',
+	'Some info string',
+	$backend->adbGetActionSet(),
+	write_type:'BINARY'
+);
+$login->writeLog(
+	'CLASSTEST-ADMIN-ZLIB',
+	'Some info string',
+	$backend->adbGetActionSet(),
+	write_type:'ZLIB'
+);
+$login->writeLog(
+	'CLASSTEST-ADMIN-SERIAL',
+	'Some info string',
+	$backend->adbGetActionSet(),
+	write_type:'SERIAL'
+);
+$login->writeLog(
+	'CLASSTEST-ADMIN-INVALID',
+	'Some info string',
+	$backend->adbGetActionSet(),
+	write_type:'INVALID'
+);
 // test with various
 $backend->action = 'TEST ACTION';
 $backend->action_id = 'TEST ACTION ID';
@@ -69,10 +103,10 @@ $backend->action_loaded = 'TEST ACTION LOADED';
 $backend->action_value = 'TEST ACTION VALUE';
 $backend->action_type = 'TEST ACTION TYPE';
 $backend->action_error = 'TEST ACTION ERROR';
-$backend->adbEditLog('CLASSTEST-ADMIN-JSON', [
+$login->writeLog('CLASSTEST-ADMIN-JSON', [
 	"_GET" => $_GET,
 	"_POST" => $_POST,
-], 'JSON');
+], $backend->adbGetActionSet(), write_type:'JSON');
 
 print "ADBTOPMENU(0): " . Support::printAr($backend->adbTopMenu(CONTENT_PATH)) . "<br>";
 print "ADBMSG: <br>";

www/admin/class_test.array.php

@@ -250,6 +250,19 @@ foreach (array_keys($array) as $search) {
 }
 print "Key not exists: " . DgS::printAr(ArrayHandler::arrayGetNextKey($array, 'z')) . "<br>";
 
+print "<hr>";
+$keys = ['b', 'c', 'f'];
+print "Return only: " . DgS::printAr($keys) . ": "
+	. DgS::printAr(ArrayHandler::arrayReturnMatchingKeyOnly($array, $keys)) . "<br>";
+
+$out = array_filter($array, fn($key) => in_array($key, $keys), ARRAY_FILTER_USE_KEY);
+print "array filter: " . DgS::printAr($keys) . ": " . DgS::printAr($out) . "<br>";
+$out = array_intersect_key(
+	$array,
+	array_flip($keys)
+);
+print "array intersect key: " . DgS::printAr($keys) . ": " . DgS::printAr($out) . "<br>";
+
 print "</body></html>";
 
 // __END__

www/admin/class_test.convert.colors.php

@@ -18,7 +18,7 @@ require 'config.php';
 $LOG_FILE_ID = 'classTest-convert-colors';
 ob_end_flush();
 
-use CoreLibs\Convert\Colors;
+// use CoreLibs\Convert\Colors;
 use CoreLibs\Convert\Color\Color;
 use CoreLibs\Convert\Color\Coordinates;
 use CoreLibs\Debug\Support as DgS;
@@ -29,7 +29,6 @@ $log = new CoreLibs\Logging\Logging([
 	'log_file_id' => $LOG_FILE_ID,
 	'log_per_date' => true,
 ]);
-$color_class = 'CoreLibs\Convert\Colors';
 
 /**
  * print out a color block with info
@@ -131,7 +130,8 @@ try {
 } catch (\LengthException $e) {
 	print "*Exception: " . $e->getMessage() . "<br><pre>" . print_r($e, true) . "</pre><br>";
 }
-print "<hr>";
+
+/* print "<hr>";
 print "<h2>LEGACY</h2>";
 // B(valid)
 $rgb = [50, 20, 30];
@@ -173,7 +173,7 @@ $hsb = [0, 0, 5];
 print "S::COLOR hsb->rgb: $hsb[0], $hsb[1], $hsb[2]: "
 	. DgS::printAr(SetVarType::setArray(
 		Colors::hsb2rgb($hsb[0], $hsb[1], $hsb[2])
-	)) . "<br>";
+	)) . "<br>"; */
 
 print "<hr>";
 

www/admin/class_test.db.convert-placeholder.php

@@ -28,7 +28,6 @@ $log = new CoreLibs\Logging\Logging([
 	'log_per_date' => true,
 ]);
 
-
 $PAGE_NAME = 'TEST CLASS: DB CONVERT PLACEHOLDER';
 print "<!DOCTYPE html>";
 print "<html><head><title>" . $PAGE_NAME . "</title></head>";

www/admin/class_test.db.php

@@ -228,7 +228,7 @@ print "RETURN ROW PARAMS: " . print_r(
 $db->dbPrepare("ins_test_foo", "INSERT INTO test_foo (test) VALUES ($1) RETURNING test");
 $status = $db->dbExecute("ins_test_foo", ['BAR TEST ' . time()]);
 print "PREPARE INSERT[ins_test_foo] STATUS: " . Support::printToString($status) . " |<br>"
-	. "QUERY: " . $db->dbGetPrepareCursorValue('ins_test_foo', 'query') . " |<br>"
+	. "QUERY: " . Support::printToString($db->dbGetPrepareCursorValue('ins_test_foo', 'query')) . " |<br>"
 	. "PRIMARY KEY: " . Support::printToString($db->dbGetInsertPK()) . " | "
 	. "RETURNING EXT: " . print_r($db->dbGetReturningExt(), true) . " | "
 	. "RETURNING RETURN: " . print_r($db->dbGetReturningArray(), true) . "<br>";
@@ -239,7 +239,7 @@ print "PREPARE INSERT PREVIOUS INSERTED: "
 
 print "PREPARE CURSOR RETURN:<br>";
 foreach (['pk_name', 'count', 'query', 'returning_id'] as $key) {
-	print "KEY: " . $key . ': ' . $db->dbGetPrepareCursorValue('ins_test_foo', $key) . "<br>";
+	print "KEY: " . $key . ': ' . Support::prAr($db->dbGetPrepareCursorValue('ins_test_foo', $key)) . "<br>";
 }
 
 $query = <<<SQL
@@ -255,7 +255,7 @@ SQL;
 $db->dbPrepare("ins_test_foo_eom", $query);
 $status = $db->dbExecute("ins_test_foo_eom", ['EOM BAR TEST ' . time()]);
 print "EOM STRING PREPARE INSERT[ins_test_foo_eom] STATUS: " . Support::printToString($status) . " |<br>"
-	. "QUERY: " . $db->dbGetPrepareCursorValue('ins_test_foo_eom', 'query') . " |<br>"
+	. "QUERY: " . Support::printToString($db->dbGetPrepareCursorValue('ins_test_foo_eom', 'query')) . " |<br>"
 	. "PRIMARY KEY: " . Support::printToString($db->dbGetInsertPK()) . " | "
 	. "RETURNING EXT: " . print_r($db->dbGetReturningExt(), true) . " | "
 	. "RETURNING RETURN: " . print_r($db->dbGetReturningArray(), true) . "<br>";

www/admin/class_test.db.query-placeholder.php

@@ -53,6 +53,9 @@ if (($dbh = $db->dbGetDbh()) instanceof \PgSql\Connection) {
 } else {
 	print "NO DB HANDLER<br>";
 }
+// REGEX for placeholder count
+print "Placeholder regex: <pre>" . CoreLibs\DB\Support\ConvertPlaceholder::REGEX_LOOKUP_PLACEHOLDERS . "</pre>";
+
 // turn on debug replace for placeholders
 $db->dbSetDebugReplacePlaceholder(true);
 
@@ -62,59 +65,115 @@ $db->dbExec("TRUNCATE test_foo");
 $uniqid = \CoreLibs\Create\Uids::uniqIdShort();
 $binary_data = $db->dbEscapeBytea(file_get_contents('class_test.db.php') ?:  '');
 $query_params = [
-	$uniqid,
-	true,
-	'STRING A',
-	2,
-	2.5,
-	1,
-	date('H:m:s'),
-	date('Y-m-d H:i:s'),
-	json_encode(['a' => 'string', 'b' => 1, 'c' => 1.5, 'f' => true, 'g' => ['a', 1, 1.5]]),
-	null,
-	'{"a", "b"}',
-	'{1,2}',
-	'{"(array Text A, 5, 8.8)","(array Text B, 10, 15.2)"}',
-	'("Text", 4, 6.3)',
-	$binary_data
+	$uniqid, // test
+	true, // some_bool
+	'STRING A', // string_a
+	2, // number_a
+	2.5, // numeric_a
+	1, // smallint
+	date('H:m:s'), // some_internval
+	date('Y-m-d H:i:s'), // some_timestamp
+	json_encode(['a' => 'string', 'b' => 1, 'c' => 1.5, 'f' => true, 'g' => ['a', 1, 1.5]]), // json_string
+	null, // null_var
+	'{"a", "b"}', // array_char_1
+	'{1,2}', // array_int_1
+	'{"(array Text A, 5, 8.8)","(array Text B, 10, 15.2)"}', // array_composite
+	'("Text", 4, 6.3)', // composite_item
+	$binary_data, // some_binary
+	date('Y-m-d'), // some_date
+	date('H:i:s'), // some_time
+	'{"c", "d", "e"}', // array_char_2
+	'{3,4,5}', // array_int_2
+	12345667778818, // bigint
+	1.56, // numbrer_real
+	3.75, // number_double
+	124.5, // numeric_3
+	\CoreLibs\Create\Uids::uuidv4() // uuid_var
 ];
 
 $query_insert = <<<SQL
 INSERT INTO test_foo (
-	test, some_bool, string_a, number_a, number_a_numeric, smallint_a,
-	some_time, some_timestamp, json_string, null_var,
+	-- row 1
+	test, some_bool, string_a, number_a, numeric_a, smallint_a,
+	-- row 2
+	some_internval, some_timestamp, json_string, null_var,
+	-- row 3
 	array_char_1, array_int_1,
+	-- row 4
 	array_composite,
+	-- row 5
 	composite_item,
-	some_binary
+	-- row 6
+	some_binary,
+	-- row 7
+	some_date, some_time,
+	-- row 8
+	array_char_2, array_int_2,
+	-- row 9
+	bigint_a, number_real, number_double, numeric_3,
+	-- row 10
+	uuid_var
 ) VALUES (
+	-- row 1
 	$1, $2, $3, $4, $5, $6,
+	-- row 2
 	$7, $8, $9, $10,
+	-- row 3
 	$11, $12,
+	-- row 4
 	$13,
+	-- row 5
 	$14,
-	$15
+	-- row 6
+	$15,
+	-- row 7
+	$16, $17,
+	-- row 8
+	$18, $19,
+	-- row 9
+	$20, $21, $22, $23,
+	-- row 10
+	$24
 )
 RETURNING
-	test_foo_id,
-	test, some_bool, string_a, number_a, number_a_numeric, smallint_a,
-	some_time, some_timestamp, json_string, null_var,
+	test_foo_id, number_serial, identity_always, identitiy_default, default_uuid,
+	test, some_bool, string_a, number_a, numeric_a, smallint_a,
+	some_internval, some_timestamp, json_string, null_var,
 	array_char_1, array_int_1,
 	array_composite,
 	composite_item,
-	some_binary
+	some_binary,
+	some_date,
+	array_char_2, array_int_2,
+	bigint_a, number_real, number_double, numeric_3,
+	uuid_var
 SQL;
 $status = $db->dbExecParams($query_insert, $query_params);
 echo "<b>*</b><br>";
 echo "INSERT ALL COLUMN TYPES: "
 	. Support::printToString($query_params) . " |<br>"
-	. "QUERY: " . $db->dbGetQuery() . " |<br>"
+	. "QUERY: <pre>" . $db->dbGetQuery() . "</pre> |<br>"
 	. "PRIMARY KEY: " . Support::printToString($db->dbGetInsertPK()) . " |<br>"
 	. "RETURNING EXT: <pre>" . print_r($db->dbGetReturningExt(), true) . "</pre> |<br>"
 	. "RETURNING RETURN: <pre>" . print_r($db->dbGetReturningArray(), true) . "<pre> |<br>"
 	. "ERROR: " . $db->dbGetLastError(true) . "<br>";
 echo "<hr>";
 
+print "<b>ANY call</b><br>";
+$query = <<<SQL
+SELECT test
+FROM test_foo
+WHERE string_a = ANY($1)
+SQL;
+$query_value = '{'
+	. join(',', ['STRING A'])
+. '}';
+while (is_array($res = $db->dbReturnParams($query, [$query_value]))) {
+	print "Result: " . Support::prAr($res) . "<br>";
+}
+
+echo "<hr>";
+
 // test connectors: = , <> () for query detection
 
 // convert placeholder tests
@@ -131,6 +190,16 @@ SQL,
 		'params' => [],
 		'direction' => 'pg',
 	],
+	'numbers' => [
+		'query' => <<<SQL
+SELECT test, string_a, number_a
+FROM test_foo
+WHERE
+	foo = $1 AND bar = $1 AND foobar = $2
+SQL,
+		'params' => [\CoreLibs\Create\Uids::uniqIdShort(), 'string A-1', 1234],
+		'direction' => 'pdo',
+	],
 	'a?' => [
 		'query' => <<<SQL
 INSERT INTO test_foo (
@@ -157,6 +226,18 @@ SQL,
 		],
 		'direction' => 'pg',
 	],
+	'select, compare $' => [
+		'query' => <<<SQL
+		SELECT string_a
+		FROM test_foo
+		WHERE
+			number_a >= $1 OR number_a <= $2 OR
+			number_a > $3 OR number_a < $4
+			OR number_a = $5 OR number_a <> $6
+		SQL,
+		'params' => [1, 2, 3, 4, 5, 6],
+		'direction' => 'pg'
+	]
 ];
 
 $db->dbSetConvertPlaceholder(true);
@@ -169,11 +250,12 @@ foreach ($test_queries as $info => $data) {
 	// 	. "<br>";
 	if ($db->dbCheckQueryForSelect($query)) {
 		$row = $db->dbReturnRowParams($query, $params);
-		print "[$info] SELECT: " . Support::prAr($row) . "<br>";
+		print "<b>[$info]</b> SELECT: " . Support::prAr($row) . "<br>";
 	} else {
 		$db->dbExecParams($query, $params);
 	}
-	print "[$info] " . Support::printAr($db->dbGetPlaceholderConverted()) . "<br>";
+	print "ERROR: " . $db->dbGetLastError(true) . "<br>";
+	print "<b>[$info]</b> " . Support::printAr($db->dbGetPlaceholderConverted()) . "<br>";
 	echo "<hr>";
 }
 
@@ -188,22 +270,29 @@ SQL,
 		['string A-1']
 	))
 ) {
-	print "RES: " . Support::prAr($res) . "<br>";
+	print "<b>RES</b>: " . Support::prAr($res) . "<br>";
 }
+print "ERROR: " . $db->dbGetLastError(true) . "<br>";
+echo "<hr>";
 
 print "CursorExt: " . Support::prAr($db->dbGetCursorExt(<<<SQL
 SELECT test, string_a, number_a
 FROM test_foo
 WHERE string_a = ?
 SQL, ['string A-1']));
+echo "<hr>";
 
+// ERROR BELOW: missing params
 $res = $db->dbReturnRowParams(<<<SQL
 SELECT test, string_a, number_a
 FROM test_foo
 WHERE string_a = $1
 SQL, []);
 print "PL: " . Support::PrAr($db->dbGetPlaceholderConverted()) . "<br>";
+print "ERROR: " . $db->dbGetLastError(true) . "<br>";
+echo "<hr>";
 
+// ERROR BELOW: LIKE cannot have placeholder
 echo "dbReturn read LIKE: <br>";
 while (
 	is_array($res = $db->dbReturnParams(
@@ -217,6 +306,7 @@ SQL,
 ) {
 	print "RES: " . Support::prAr($res) . "<br>";
 }
+print "ERROR: " . $db->dbGetLastError(true) . "<br>";
 
 print "</body></html>";
 $db->log->debug('DEBUGEND', '==================================== [END]');

www/admin/class_test.html_build.element.php

@@ -74,8 +74,8 @@ print "EL_O: <pre>" . print_r($el_o, true) . "</pre>";
 
 echo "<hr>";
 print "buildHtml(): <pre>" . htmlentities($el_o->buildHtml()) . "</pre>";
-echo "<hr>";
-print "phfo(\$el_o): <pre>" . htmlentities($el_o::printHtmlFromObject($el_o, true)) . "</pre>";
+/* echo "<hr>";
+print "phfo(\$el_o): <pre>" . htmlentities($el_o::printHtmlFromObject($el_o, true)) . "</pre>"; */
 echo "<hr>";
 print "phfa(\$el_list): <pre>" . htmlentities($el_o::buildHtmlFromList($el_o_list, true)) . "</pre>";
 

www/admin/class_test.lang.php

@@ -16,6 +16,8 @@ define('USE_DATABASE', false);
 require 'config.php';
 // define log file id
 $LOG_FILE_ID = 'classTest-lang';
+$SET_SESSION_NAME = EDIT_SESSION_NAME;
+$session = new CoreLibs\Create\Session($SET_SESSION_NAME);
 ob_end_flush();
 
 $PAGE_NAME = 'TEST CLASS: LANG';
@@ -32,22 +34,21 @@ use CoreLibs\Debug\Support;
 echo "<br><b>LIST LOCALES</b><br>";
 
 $locale = 'en_US.UTF-8';
-$locales = L10n::listLocales($locale);
+$locales = Language\L10n::listLocales($locale);
 print "[" . $locale . "] LOCALES: " . Support::printAr($locales) . "<br>";
 $locale = 'en.UTF-8';
-$locales = L10n::listLocales($locale);
+$locales = Language\L10n::listLocales($locale);
 print "[" . $locale . "] LOCALES: " . Support::printAr($locales) . "<br>";
 
 echo "<br><b>PARSE LOCAL</b><br>";
 $locale = 'en_US.UTF-8';
-$locale_info = L10n::parseLocale($locale);
+$locale_info = Language\L10n::parseLocale($locale);
 print "[" . $locale . "] INFO: " . Support::printAr($locale_info) . "<br>";
 $locale = 'en.UTF-8';
-$locale_info = L10n::parseLocale($locale);
+$locale_info = Language\L10n::parseLocale($locale);
 print "[" . $locale . "] INFO: " . Support::printAr($locale_info) . "<br>";
 
-echo "<br><b>AUTO DETECT</b><br>";
-
+/* echo "<br><b>AUTO DETECT</b><br>";
 // DEPRECATED
 // $get_locale = Language\GetLocale::setLocale();
 // print "[AUTO, DEPRECATED]: " . Support::printAr($get_locale) . "<br>";
@@ -70,10 +71,12 @@ print "[OVERRIDE]: " . Support::printAr($get_locale) . "<br>";
 // DEFAULT_DOMAIN
 // DEFAULT_CHARSET (should be set from DEFAULT_LOCALE)
 // LOCALE_PATH
-$_SESSION['DEFAULT_LOCALE'] = 'ja_JP.UTF-8';
-$_SESSION['DEFAULT_CHARSET'] = 'UTF-8';
-$_SESSION['DEFAULT_DOMAIN'] = 'admin';
-$_SESSION['LOCALE_PATH'] = BASE . INCLUDES . LOCALE;
+$session->setMany([
+	'DEFAULT_LOCALE' => 'ja_JP.UTF-8',
+	'DEFAULT_CHARSET' => 'UTF-8',
+	'DEFAULT_DOMAIN' => 'admin',
+	'LOCALE_PATH' => BASE . INCLUDES . LOCALE,
+]);
 $get_locale = Language\GetLocale::setLocaleFromSession(
 	SITE_LOCALE,
 	SITE_DOMAIN,
@@ -86,10 +89,12 @@ print "[SESSION SET]: " . Support::printAr($get_locale) . "<br>";
 // DEFAULT_DOMAIN
 // DEFAULT_CHARSET (should be set from DEFAULT_LOCALE)
 // LOCALE_PATH
-$_SESSION['DEFAULT_LOCALE'] = '00000#####';
-$_SESSION['DEFAULT_CHARSET'] = '';
-$_SESSION['DEFAULT_DOMAIN'] = 'admin';
-$_SESSION['LOCALE_PATH'] = BASE . INCLUDES . LOCALE;
+$session->setMany([
+	'DEFAULT_LOCALE' => '00000#####',
+	'DEFAULT_CHARSET' => '',
+	'DEFAULT_DOMAIN' => 'admin',
+	'LOCALE_PATH' => BASE . INCLUDES . LOCALE,
+]);
 $get_locale = Language\GetLocale::setLocaleFromSession(
 	SITE_LOCALE,
 	SITE_DOMAIN,
@@ -97,6 +102,7 @@ $get_locale = Language\GetLocale::setLocaleFromSession(
 	BASE . INCLUDES . LOCALE
 );
 print "[SESSION SET INVALID]: " . Support::printAr($get_locale) . "<br>";
+ */
 
 // try to load non existing
 echo "<br><b>NEW TYPE</b><br>";

www/admin/class_test.login.php

@@ -17,8 +17,14 @@ require 'config.php';
 // define log file id
 $LOG_FILE_ID = 'classTest-login';
 $SET_SESSION_NAME = EDIT_SESSION_NAME;
+
+use CoreLibs\Debug\Support;
+
 // init login & backend class
-$session = new CoreLibs\Create\Session($SET_SESSION_NAME);
+$session = new CoreLibs\Create\Session($SET_SESSION_NAME, [
+	'regenerate' => 'interval',
+	'regenerate_interval' => 10, // every 10 seconds
+]);
 $log = new CoreLibs\Logging\Logging([
 	'log_folder' => BASE . LOG,
 	'log_file_id' => $LOG_FILE_ID,
@@ -43,19 +49,95 @@ ob_end_flush();
 $login->loginMainCall();
 
 $PAGE_NAME = 'TEST CLASS: LOGIN';
-print "<!DOCTYPE html>";
-print "<html><head><title>" . $PAGE_NAME . "</title></head>";
-print "<body>";
-print '<div><a href="class_test.php">Class Test Master</a></div>';
-print '<div><h1>' . $PAGE_NAME . '</h1></div>';
+print str_replace(
+	'{PAGE_NAME}',
+	$PAGE_NAME,
+<<<HTML
+<!DOCTYPE html>
+<html><head>
+<title>{PAGE_NAME}</title>
+</head>
+<body>
+<div><a href="class_test.php">Class Test Master</a></div>
+<div><h1>{PAGE_NAME}</h1></div>
+HTML
+);
+
+// button logout
+print <<<HTML
+<script language="JavaScript">
+function loginLogout()
+{
+	const form = document.createElement('form');
+	form.method = 'post';
+	const hiddenField = document.createElement('input');
+	hiddenField.type = 'hidden';
+	hiddenField.name = 'login_logout';
+	hiddenField.value = 'Logout';
+	form.appendChild(hiddenField);
+	document.body.appendChild(form);
+	form.submit();
+}
+</script>
+<div style="margin: 20px 0;">
+	<button onclick="loginLogout();" type="button">Logout</button>
+</div>
+HTML;
+// string logout
+print <<<HTML
+<div style="margin: 20px 0;">
+<form method="post" name="loginlogout">
+<a href="javascript:document.loginlogout.login_logout.value=Logout;document.loginlogout.submit();">Logout</a>
+<input type="hidden" name="login_logout" value="">
+</form>
+</div>
+HTML;
+
+echo "SESSION ID: " . $session->getSessionIdCall() . "<br>";
 
 echo "CHECK PERMISSION: " . ($login->loginCheckPermissions() ? 'OK' : 'BAD') . "<br>";
 echo "IS ADMIN: " . ($login->loginIsAdmin() ? 'OK' : 'BAD') . "<br>";
 echo "MIN ACCESS BASE: " . ($login->loginCheckAccessBase('admin') ? 'OK' : 'BAD') . "<br>";
 echo "MIN ACCESS PAGE: " . ($login->loginCheckAccessPage('admin') ? 'OK' : 'BAD') . "<br>";
 
-echo "ACL: " . \CoreLibs\Debug\Support::printAr($login->loginGetAcl()) . "<br>";
-echo "ACL (MIN): " . \CoreLibs\Debug\Support::printAr($login->loginGetAcl()['min'] ?? []) . "<br>";
-echo "LOCALE: " . \CoreLibs\Debug\Support::printAr($login->loginGetLocale()) . "<br>";
+echo "ACL: " . Support::printAr($login->loginGetAcl()) . "<br>";
+echo "ACL (MIN): " . Support::printAr($login->loginGetAcl()['min'] ?? []) . "<br>";
+echo "LOCALE: " . Support::printAr($login->loginGetLocale()) . "<br>";
+
+echo "ECUID: " . $login->loginGetEuCuid() . "<br>";
+echo "ECUUID: " . $login->loginGetEuCuuid() . "<br>";
+
+echo "<hr>";
+// set + check edit access id
+$edit_access_cuid = 'buRW8Gu2Lkkf';
+if (isset($login->loginGetAcl()['unit'])) {
+	print "EDIT ACCESS CUID: " . $edit_access_cuid . "<br>";
+	print "ACL UNIT: " . print_r(array_keys($login->loginGetAcl()['unit']), true) . "<br>";
+	print "ACCESS CHECK: " . Support::prBl($login->loginCheckEditAccessCuid($edit_access_cuid)) . "<br>";
+	if ($login->loginCheckEditAccessCuid($edit_access_cuid)) {
+		print "Set new:" . $edit_access_cuid . "<br>";
+	} else {
+		print "Load default unit id: " . $login->loginGetAcl()['unit_id'] . "<br>";
+	}
+} else {
+	print "Something went wrong with the login<br>";
+}
+
+// echo "<hr>";
+// IP check: 'REMOTE_ADDR', 'HTTP_X_FORWARDED_FOR', 'CLIENT_IP' in _SERVER
+// Agent check: 'HTTP_USER_AGENT'
+
+
+echo "<hr>";
+print "SESSION: " . Support::printAr($_SESSION) . "<br>";
+
+$login->writeLog(
+	'TEST LOG',
+	[
+		'test' => 'TEST A'
+	],
+	error:'No Error',
+	write_type:'JSON'
+);
 
 print "</body></html>";

www/admin/class_test.php

@@ -62,15 +62,36 @@ $backend = new CoreLibs\Admin\Backend(
 $backend->db->dbInfo(true);
 ob_end_flush();
 
-print "<!DOCTYPE html>";
-print "<html><head><title>TEST CLASS</title></head>";
-print "<body>";
+print <<<HTML
+<!DOCTYPE html>
+<html><head>
+<title>TEST CLASS</title>
+<script language="JavaScript">
+function loginLogout()
+{
+	const form = document.createElement('form');
+	form.method = 'post';
+	const hiddenField = document.createElement('input');
+	hiddenField.type = 'hidden';
+	hiddenField.name = 'login_logout';
+	hiddenField.value = 'Logout';
+	form.appendChild(hiddenField);
+	document.body.appendChild(form);
+	form.submit();
+}
+</script>
+</head>
+<body>
+<div style="margin: 20px 0;">
+	<button onclick="loginLogout();" type="button">Logout</button>
+</div>
+HTML;
 
 // key: file name, value; name
 $test_files = [
 	'class_test.db.php' => 'Class Test: DB',
 	'class_test.db.types.php' => 'Class Test: DB column type convert',
-	'class_test.db.query-placeholder.php' => 'Class Test: DB query placeholder convert',
+	'class_test.db.query-placeholder.php' => 'Class Test: DB placeholder queries',
 	'class_test.db.dbReturn.php' => 'Class Test: DB dbReturn',
 	'class_test.db.single.php' => 'Class Test: DB single query tests',
 	'class_test.db.convert-placeholder.php' => 'Class Test: DB convert placeholder',
@@ -128,33 +149,20 @@ foreach ($test_files as $file => $name) {
 	print '<div><a href="' . $file . '">' . $name . '</a></div>';
 }
 
+
+print "<br>";
+print "ECUID: " . $session->get('LOGIN_EUCUID') . "<br>";
+print "ECUUID: " . $session->get('LOGIN_EUCUUID') . "<br>";
+
 print "<hr>";
-print "L: " . Support::dumpVar($locale) . "<br>";
+print "LOCALE: " . Support::dumpVar($locale) . "<br>";
 // print all _ENV vars set
 print "<div>READ _ENV ARRAY:</div>";
 print Support::dumpVar(array_map('htmlentities', $_ENV));
-// set + check edit access id
-$edit_access_id = 3;
-if (isset($login->loginGetAcl()['unit'])) {
-	print "ACL UNIT: " . print_r(array_keys($login->loginGetAcl()['unit']), true) . "<br>";
-	print "ACCESS CHECK: " . (string)$login->loginCheckEditAccess($edit_access_id) . "<br>";
-	if ($login->loginCheckEditAccess($edit_access_id)) {
-		$backend->edit_access_id = $edit_access_id;
-	} else {
-		$backend->edit_access_id = $login->loginGetAcl()['unit_id'];
-	}
-} else {
-	print "Something went wrong with the login<br>";
-}
 
 //	$backend->log->debug('SESSION', \CoreLibs\Debug\Support::dumpVar($_SESSION));
 
-print '<form method="post" name="loginlogout">';
-print '<a href="javascript:document.loginlogout.login_logout.value=\'Logou\';'
-	. 'document.loginlogout.submit();">Logout</a>';
-print '<input type="hidden" name="login_logout" value="">';
-print '</form>';
-
+print "<br>";
 print "Log Level: " . $backend->log->getLoggingLevel()->getName() . "<br>";
 print "Log ID: " . $backend->log->getLogFileId() . "<br>";
 print "Log Date: " . $backend->log->getLogDate() . "<br>";
@@ -176,26 +184,7 @@ foreach (
 
 $log->debug('SOME MARK', 'Some error output');
 
-// INTERNAL SET
-print "EDIT ACCESS ID: " . $backend->edit_access_id . "<br>";
-//	print "ACL: <br>".$backend->print_ar($login->loginGetAcl())."<br>";
-// $log->debug('ACL', "ACL: " . \CoreLibs\Debug\Support::dumpVar($login->loginGetAcl()));
-//	print "DEFAULT ACL: <br>".$backend->print_ar($login->default_acl_list)."<br>";
-//	print "DEFAULT ACL: <br>".$backend->print_ar($login->default_acl_list)."<br>";
-// $result = array_flip(
-// 	array_filter(
-// 		array_flip($login->default_acl_list),
-// 		function ($key) {
-// 			if (is_numeric($key)) {
-// 				return $key;
-// 			}
-// 		}
-// 	)
-// );
-//	print "DEFAULT ACL: <br>".$backend->print_ar($result)."<br>";
-// DEPRICATED CALL
-//	$backend->adbSetACL($login->loginGetAcl());
-
+print "<br>";
 print "THIS HOST: " . HOST_NAME . ", with PROTOCOL: " . HOST_PROTOCOL . " is running SSL: " . HOST_SSL . "<br>";
 print "DIR: " . DIR . "<br>";
 print "BASE: " . BASE . "<br>";
@@ -205,6 +194,9 @@ print "HOST: " . HOST_NAME . " => DB HOST: " . DB_CONFIG_NAME . " => " . Support
 print "DS is: " . DIRECTORY_SEPARATOR . "<br>";
 print "SERVER HOST: " . $_SERVER['HTTP_HOST'] . "<br>";
 
+print "<div>READ _SERVER ARRAY:</div>";
+print Support::dumpVar(array_map('htmlentities', $_SERVER));
+
 print "</body></html>";
 
 # __END__

www/admin/class_test.readenvfile.php

@@ -34,10 +34,12 @@ print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 print "ALREADY from config.php: " . \CoreLibs\Debug\Support::printAr($_ENV) . "<br>";
 
+// This is now in \gullevek\dotenv\DotEnv::readEnvFile(...)
+
 // test .env in local
-$status = \CoreLibs\Get\DotEnv::readEnvFile('.', 'test.env');
+/* $status = \CoreLibs\Get\DotEnv::readEnvFile('.', 'test.env');
 print "test.env: STATUS: " . $status . "<br>";
-print "AFTER reading test.env file: " . \CoreLibs\Debug\Support::printAr($_ENV) . "<br>";
+print "AFTER reading test.env file: " . \CoreLibs\Debug\Support::printAr($_ENV) . "<br>"; */
 
 print "</body></html>";
 // ;;

www/admin/class_test.session.php

@@ -45,8 +45,8 @@ $log = new CoreLibs\Logging\Logging([
 	'log_file_id' => $LOG_FILE_ID,
 	'log_per_date' => true,
 ]);
+use CoreLibs\Debug\Support;
 use CoreLibs\Create\Session;
-$session = new Session();
 
 $PAGE_NAME = 'TEST CLASS: SESSION';
 print "<!DOCTYPE html>";
@@ -56,50 +56,30 @@ print '<div><a href="class_test.php">Class Test Master</a></div>';
 print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $session_name = 'class-test-session';
+print "Valid session name static check for '" . $session_name . "': "
+	. Support::prBl(Session::checkValidSessionName($session_name)) . "<br>";
 $var = 'foo';
 $value = 'bar';
+$session = new Session($session_name);
 
 foreach (['123', '123-123', '123abc'] as $_session_name) {
-	print "[UNSET] Session Name valid for " . $_session_name . ": "
+	print "[UNSET] Session Name valid for '" . $_session_name . "': "
 		. ($session->checkValidSessionName($_session_name) ? 'Valid' : 'Invalid') . "<br>";
 }
 
 echo "Global session name: " . ($GLOBALS['SET_SESSION_NAME'] ?? '-') . "<br>";
 
-print "[UNSET] Current session id: " . $session->getSessionId() . "<br>";
-print "[UNSET] Current session name: " . $session->getSessionName() . "<br>";
-print "[UNSET] Current session active: " . ($session->checkActiveSession() ? 'Yes' : 'No') . "<br>";
-print "[UNSET] Current session status: " . getSessionStatusString($session->getSessionStatus()) . "<br>";
-if (isset($_SESSION)) {
-	print "[UNSET] _SESSION is: set<br>";
-} else {
-	print "[UNSET] _SESSION is: not set<br>";
-}
-#
-print "[UNSET] To set session name valid: "
-	. ($session->checkValidSessionName($session_name) ? 'Valid' : 'Invalid') . "<br>";
-try {
-	$session_id = $session->startSession($session_name);
-	print "[SET] Current session id: " . $session_id . "<br>";
-} catch (\Exception $e) {
-	print "[FAILED] Session start failed:<br>" . $e->getMessage() . "<br>" . $e . "<br>";
-}
-// set again
-try {
-	$session_id = $session->startSession($session_name);
-	print "[2 SET] Current session id: " . $session_id . "<br>";
-} catch (\Exception $e) {
-	print "[2 FAILED] Session start failed:<br>" . $e->getMessage() . "<br>" . $e . "<br>";
-}
 print "[SET] Current session id: " . $session->getSessionId() . "<br>";
 print "[SET] Current session name: " . $session->getSessionName() . "<br>";
 print "[SET] Current session active: " . ($session->checkActiveSession() ? 'Yes' : 'No') . "<br>";
+print "[SET] Current session auto write close: " . ($session->checkAutoWriteClose() ? 'Yes' : 'No') . "<br>";
 print "[SET] Current session status: " . getSessionStatusString($session->getSessionStatus()) . "<br>";
 if (isset($_SESSION)) {
 	print "[SET] _SESSION is: set<br>";
 } else {
 	print "[SET] _SESSION is: not set<br>";
 }
+#
 if (!isset($_SESSION['counter'])) {
 	$_SESSION['counter'] = 0;
 }
@@ -111,62 +91,85 @@ print "[READ] Confirm " . $var . " is " . $value . ": "
 	. (($_SESSION[$var] ?? '') == $value ? 'Matching' : 'Not matching') . "<br>";
 
 // test set wrappers methods
-$session->setS('setwrap', 'YES, method set _SESSION var');
-print "[READ WRAP] A setwrap: " . $session->getS('setwrap') . "<br>";
-print "[READ WRAP] Isset: " . ($session->issetS('setwrap') ? 'Yes' : 'No') . "<br>";
-$session->unsetS('setwrap');
-print "[READ WRAP] unset setwrap: " . $session->getS('setwrap') . "<br>";
-print "[READ WRAP] unset Isset: " . ($session->issetS('setwrap') ? 'Yes' : 'No') . "<br>";
-// test __get/__set
-$session->setwrap = 'YES, magic set _SESSION var'; /** @phpstan-ignore-line GET/SETTER */
-print "[READ MAGIC] A setwrap: " . ($session->setwrap ?? '') . "<br>";
-print "[READ MAGIC] Isset: " . (isset($session->setwrap) ? 'Yes' : 'No') . "<br>";
-unset($session->setwrap);
-print "[READ MAGIC] unset setwrap: " . ($session->setwrap ?? '') . "<br>";
-print "[READ MAGIC] unset Isset: " . (isset($session->setwrap) ? 'Yes' : 'No') . "<br>";
+$session->set('setwrap', 'YES, method set _SESSION var');
+print "[READ WRAP] A setwrap: " . $session->get('setwrap') . "<br>";
+print "[READ WRAP] Isset: " . ($session->isset('setwrap') ? 'Yes' : 'No') . "<br>";
+$session->unset('setwrap');
+print "[READ WRAP] unset setwrap: " . $session->get('setwrap') . "<br>";
+print "[READ WRAP] unset Isset: " . ($session->isset('setwrap') ? 'Yes' : 'No') . "<br>";
+$session->set('foo 3', 'brause');
+// set many
+$session->setMany([
+	'foo 1' => 'bar',
+	'foo 2' => 'kamel',
+]);
+print "[READ MANY]: " . Support::printAr($session->getMany(['foo 1', 'foo 2'])) . "<br>";
+try {
+	$session->setMany([ /** @phpstan-ignore-line deliberate error */
+		'ok' => 'ok',
+		'a123' => 'bar',
+		1 => 'bar',
+	]);
+} catch (\Exception $e) {
+	print "FAILED] Session manySet failed:<br>" . $e->getMessage() . "<br><pre>" . $e . "</pre><br>";
+}
+try {
+	$session->set('123', 'illigal');
+} catch (\Exception $e) {
+	print "FAILED] Session set failed:<br>" . $e->getMessage() . "<br><pre>" . $e . "</pre><br>";
+}
 
+print "<hr>";
 // differnt session name
 $session_name = 'class-test-session-ALT';
 try {
-	$session_id = $session->startSession($session_name);
-	print "[3 SET] Current session id: " . $session_id . "<br>";
+	$session_alt = new Session($session_name);
+	print "[3 SET] Current session id: " . $session_alt->getSessionId() . "<br>";
+	print "[SET AGAIN] Current session id: " . $session_alt->getSessionId() . "<br>";
 } catch (\Exception $e) {
-	print "[3 FAILED] Session start failed:<br>" . $e->getMessage() . "<br>" . $e . "<br>";
+	print "[3 FAILED] Session start failed:<br>" . $e->getMessage() . "<br><pre>" . $e . "</pre><br>";
 }
-print "[SET AGAIN] Current session id: " . $session->getSessionId() . "<br>";
 
-print "[ALL SESSION]: " . \CoreLibs\Debug\Support::printAr($_SESSION) . "<br>";
+
+print "[ALL SESSION]: " . Support::printAr($_SESSION) . "<br>";
 
 // close session
 $session->writeClose();
 // will never be written
 $_SESSION['will_never_be_written'] = 'empty';
+// auto open session if closed to write
+$session->set('auto_write_session', 'Some value');
+// restart session
+$session->restartSession();
+$_SESSION['this_will_be_written'] = 'not empty';
 
-// open again
+// open again with same name
 $session_name = 'class-test-session';
 try {
-	$session_id = $session->startSession($session_name);
-	print "[4 SET] Current session id: " . $session_id . "<br>";
+	$session_alt = new Session($session_name, ['auto_write_close' => true]);
+	print "[4 SET] Current session id: " . $session_alt->getSessionId() . "<br>";
+	print "[4 SET] Current session auto write close: " . ($session_alt->checkAutoWriteClose() ? 'Yes' : 'No') . "<br>";
+	print "[START AGAIN] Current session id: " . $session_alt->getSessionId() . "<br>";
+	$session_alt->set('alt_write_auto_close', 'set auto');
+	// below is deprecated
+	// $session_alt->do_not_do_this = 'foo bar auto set';
 } catch (\Exception $e) {
-	print "[4 FAILED] Session start failed:<br>" . $e->getMessage() . "<br>" . $e . "<br>";
+	print "[4 FAILED] Session start failed:<br>" . $e->getMessage() . "<br><pre>" . $e . "</pre><br>";
 }
-print "[START AGAIN] Current session id: " . $session->getSessionId() . "<br>";
 $_SESSION['will_be_written_again'] = 'Full';
 
+print "[ALL SESSION]: " . Support::printAr($_SESSION) . "<br>";
+
 // close session
 $session->writeClose();
 // invalid
 $session_name = '123';
 try {
-	$session_id = $session->startSession($session_name);
-	print "[5 SET] Current session id: " . $session_id . "<br>";
+	$session_bad = new Session($session_name);
+	print "[5 SET] Current session id: " . $session_bad->getSessionId() . "<br>";
 } catch (\Exception $e) {
-	print "[5 FAILED] Session start failed:<br>" . $e->getMessage() . "<br>" . $e . "<br>";
+	print "[5 FAILED] Session start failed:<br>" . $e->getMessage() . "<br><pre>" . $e . "</pre><br>";
 }
-print "[BAD NAME] Current session id: " . $session->getSessionId() . "<br>";
-print "[BAD NAME] Current session name: " . $session->getSessionName() . "<br>";
-print "[BAD NAME] Current session active: " . ($session->checkActiveSession() ? 'Yes' : 'No') . "<br>";
-print "[BAD NAME] Current session status: " . getSessionStatusString($session->getSessionStatus()) . "<br>";
 
 print "</body></html>";
 

www/admin/class_test.session.read.php

@@ -46,7 +46,6 @@ $log = new CoreLibs\Logging\Logging([
 	'log_per_date' => true,
 ]);
 use CoreLibs\Create\Session;
-$session = new Session();
 
 $PAGE_NAME = 'TEST CLASS: SESSION (READ)';
 print "<!DOCTYPE html>";
@@ -56,32 +55,22 @@ print '<div><a href="class_test.php">Class Test Master</a></div>';
 print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $session_name = 'class-test-session';
+$session = new Session($session_name);
 // $session_name = '';
 $var = 'foo';
 $value = 'bar';
 
 echo "Global session name: " . ($GLOBALS['SET_SESSION_NAME'] ?? '-') . "<br>";
 
-print "[UNSET] Current session id: " . $session->getSessionId() . "<br>";
-print "[UNSET] Current session name: " . $session->getSessionName() . "<br>";
-print "[UNSET] Current session active: " . ($session->checkActiveSession() ? 'Yes' : 'No') . "<br>";
-print "[UNSET] Current session status: " . getSessionStatusString($session->getSessionStatus()) . "<br>";
+print "[SET] Current session id: " . $session->getSessionId() . "<br>";
+print "[SET] Current session name: " . $session->getSessionName() . "<br>";
+print "[SET] Current session active: " . ($session->checkActiveSession() ? 'Yes' : 'No') . "<br>";
+print "[SET] Current session status: " . getSessionStatusString($session->getSessionStatus()) . "<br>";
 
 print "[READ] " . $var . ": " . ($_SESSION[$var] ?? '{UNSET}') . "<br>";
-// start
-try {
-	$session_id = $session->startSession($session_name);
-	print "[1] Current session id: " . $session_id . "<br>";
-} catch (\Exception $e) {
-	print "[1] Session start failed:<br>" . $e->getMessage() . "<br>" . $e . "<br>";
-}
+
 // set again
-try {
-	$session_id = $session->startSession($session_name);
-	print "[2] Current session id: " . $session_id . "<br>";
-} catch (\Exception $e) {
-	print "[2] Session start failed:<br>" . $e->getMessage() . "<br>" . $e . "<br>";
-}
+print "[2] Restarted session: " . \CoreLibs\Debug\Support::prBl($session->restartSession()) . "<br>";
 print "[SET] Current session id: " . $session->getSessionId() . "<br>";
 print "[SET] Current session name: " . $session->getSessionName() . "<br>";
 print "[SET] Current session active: " . ($session->checkActiveSession() ? 'Yes' : 'No') . "<br>";

www/admin/class_test.uids.php

@@ -52,6 +52,14 @@ print "S:UNIQID (512): " . Uids::uniqId(512) . "<br>";
 // uniq ids
 print "UNIQU ID SHORT : " . Uids::uniqIdShort() . "<br>";
 print "UNIQU ID LONG : " . Uids::uniqIdLong() . "<br>";
+// validate
+$uuidv4 = Uids::uuidv4();
+if (!Uids::validateUuuidv4($uuidv4)) {
+	print "Invalid UUIDv4: " . $uuidv4 . "<br>";
+}
+if (!Uids::validateUuuidv4("foobar")) {
+	print "Invalid UUIDv4: hard coded<Br>";
+}
 
 // DEPRECATED
 /* print "D/UUIDV4: ".$basic->uuidv4()."<br>";

www/includes/admin_header.php

@@ -116,7 +116,7 @@ $data = [
 // log action
 // no log if login
 if (!$login->loginActionRun()) {
-	$cms->adbEditLog('Submit', $data, 'BINARY');
+	$login->writeLog('Submit', $data, $cms->adbGetActionSet(), 'BINARY');
 }
 //------------------------------ logging end
 

www/lib/CoreLibs/ACL/LoginUserStatus.php

@@ -0,0 +1,68 @@
+<?php
+
+/**
+ * AUTHOR: Clemens Schwaighofer
+ * CREATED: 2024/12/12
+ * DESCRIPTION:
+ * ACL Login user status bitmap list
+*/
+
+declare(strict_types=1);
+
+namespace CoreLibs\ACL;
+
+final class LoginUserStatus
+{
+	// lock status bitmap (smallint, 256)
+	/** @var int enabled flag */
+	public const ENABLED = 1;
+	/** @var int deleted flag */
+	public const DELETED = 2;
+	/** @var int locked flag */
+	public const LOCKED = 4;
+	/** @var int banned/suspened flag [not implemented] */
+	public const BANNED = 8;
+	/** @var int password reset in progress [not implemented] */
+	public const RESET = 16;
+	/** @var int confirm/paending, eg waiting for confirm of email [not implemented] */
+	public const CONFIRM = 32;
+	/** @var int strict, on error lock */
+	public const STRICT = 64;
+	/** @var int proected, cannot delete */
+	public const PROTECTED = 128;
+	/** @var int master admin flag */
+	public const ADMIN = 256;
+
+	/**
+	 * Returns an array mapping the numerical role values to their descriptive names
+	 *
+	 * @return array<int|string,string>
+	 */
+	public static function getMap()
+	{
+		return array_flip((new \ReflectionClass(static::class))->getConstants());
+	}
+
+	/**
+	 * Returns the descriptive role names
+	 *
+	 * @return string[]
+	 */
+	public static function getNames()
+	{
+
+		return array_keys((new \ReflectionClass(static::class))->getConstants());
+	}
+
+	/**
+	 * Returns the numerical role values
+	 *
+	 * @return int[]
+	 */
+	public static function getValues()
+	{
+		return array_values((new \ReflectionClass(static::class))->getConstants());
+	}
+}
+
+// __END__

www/lib/CoreLibs/Admin/Backend.php

@@ -31,6 +31,7 @@ declare(strict_types=1);
 
 namespace CoreLibs\Admin;
 
+use CoreLibs\Create\Uids;
 use CoreLibs\Convert\Json;
 
 class Backend
@@ -258,6 +259,27 @@ class Backend
 		}
 	}
 
+	/**
+	 * return all the action data, if not set, sets entry to null
+	 *
+	 * @return array{action:?string,action_id:null|string|int,action_sub_id:null|string|int,action_yes:null|string|int|bool,action_flag:?string,action_menu:?string,action_loaded:?string,action_value:?string,action_type:?string,action_error:?string}
+	 */
+	public function adbGetActionSet(): array
+	{
+		return [
+			'action' => $this->action ?? null,
+			'action_id' => $this->action_id ?? null,
+			'action_sub_id' => $this->action_sub_id ?? null,
+			'action_yes' => $this->action_yes ?? null,
+			'action_flag' => $this->action_flag ?? null,
+			'action_menu' => $this->action_menu ?? null,
+			'action_loaded' => $this->action_loaded ?? null,
+			'action_value' => $this->action_value ?? null,
+			'action_type' => $this->action_type ?? null,
+			'action_error' => $this->action_error ?? null,
+		];
+	}
+
 	/**
 	 * writes all action vars plus other info into edit_log table
 	 *
@@ -267,6 +289,7 @@ class Backend
 	 *                                                        JSON, STRING/SERIEAL, BINARY/BZIP or ZLIB
 	 * @param  string|null         $db_schema [default=null]  override target schema
 	 * @return void
+	 * @deprecated Use $login->writeLog() and set action_set from ->adbGetActionSet()
 	 */
 	public function adbEditLog(
 		string $event = '',
@@ -335,17 +358,17 @@ class Backend
 		}
 		$q = <<<SQL
 		INSERT INTO {DB_SCHEMA}.edit_log (
-			euid, event_date, event, data, data_binary, page,
+			username, euid, ecuid, ecuuid, event_date, event, error, data, data_binary, page,
 			ip, user_agent, referer, script_name, query_string, server_name, http_host,
 			http_accept, http_accept_charset, http_accept_encoding, session_id,
-			action, action_id, action_yes, action_flag, action_menu, action_loaded,
+			action, action_id, action_sub_id, action_yes, action_flag, action_menu, action_loaded,
 			action_value, action_type, action_error
 		) VALUES (
-			$1, NOW(), $2, $3, $4, $5,
-			$6, $7, $8, $9, $10, $11, $12,
-			$13, $14, $15, $16,
-			$17, $18, $19, $20, $21, $22,
-			$23, $24, $25
+			$1, $2, $3, $4, NOW(), $5, $6, $7, $8, $9,
+			$10, $11, $12, $13, $14, $15, $16,
+			$17, $18, $19, $20,
+			$21, $22, $23, $24, $25, $26, $27,
+			$28, $29, $30
 		)
 		SQL;
 		$this->db->dbExecParams(
@@ -356,9 +379,15 @@ class Backend
 			),
 			[
 				// row 1
-				isset($_SESSION['EUID']) && is_numeric($_SESSION['EUID']) ?
-					$_SESSION['EUID'] : null,
+				'',
+				is_numeric($this->session->get('EUID')) ?
+					$this->session->get('EUID') : null,
+				is_string($this->session->get('ECUID')) ?
+					$this->session->get('ECUID') : null,
+				!empty($this->session->get('ECUUID')) && Uids::validateUuuidv4($this->session->get('ECUID')) ?
+				$this->session->get('ECUID') : null,
 				(string)$event,
+				'',
 				$data_write,
 				$data_binary,
 				(string)$this->page_name,
@@ -374,11 +403,12 @@ class Backend
 				$_SERVER['HTTP_ACCEPT'] ?? '',
 				$_SERVER['HTTP_ACCEPT_CHARSET'] ?? '',
 				$_SERVER['HTTP_ACCEPT_ENCODING'] ?? '',
-				$this->session->getSessionId() !== false ?
+				$this->session->getSessionId() !== '' ?
 					$this->session->getSessionId() : null,
 				// row 4
 				$this->action ?? '',
 				$this->action_id ?? '',
+				$this->action_sub_id ?? '',
 				$this->action_yes ?? '',
 				$this->action_flag ?? '',
 				$this->action_menu ?? '',
@@ -438,7 +468,7 @@ class Backend
 		}
 
 		// get the session pages array
-		$PAGES = $_SESSION['PAGES'] ?? null;
+		$PAGES = $this->session->get('PAGES');
 		if (!isset($PAGES) || !is_array($PAGES)) {
 			$PAGES = [];
 		}

www/lib/CoreLibs/Admin/EditBase.php

@@ -415,8 +415,6 @@ class EditBase
 					$elements[] = $this->form->formCreateElement('lock_until');
 					$elements[] = $this->form->formCreateElement('lock_after');
 					$elements[] = $this->form->formCreateElement('admin');
-					$elements[] = $this->form->formCreateElement('debug');
-					$elements[] = $this->form->formCreateElement('db_debug');
 					$elements[] = $this->form->formCreateElement('edit_language_id');
 					$elements[] = $this->form->formCreateElement('edit_scheme_id');
 					$elements[] = $this->form->formCreateElementListTable('edit_access_user');

www/lib/CoreLibs/Combined/ArrayHandler.php

@@ -525,6 +525,30 @@ class ArrayHandler
 	{
 		return array_diff($array, $remove);
 	}
+
+	/**
+	 * From the array with key -> anything values return only the matching entries from key list
+	 * key list is a list[string]
+	 * if key list is empty, return array as is
+	 *
+	 * @param  array<string,mixed> $array
+	 * @param  array<string>       $key_list
+	 * @return array<string,mixed>
+	 */
+	public static function arrayReturnMatchingKeyOnly(
+		array $array,
+		array $key_list
+	): array {
+		// on empty return as is
+		if (empty($key_list)) {
+			return $array;
+		}
+		return array_filter(
+			$array,
+			fn($key) => in_array($key, $key_list),
+			ARRAY_FILTER_USE_KEY
+		);
+	}
 }
 
 // __END__

www/lib/CoreLibs/Convert/Color/Coordinates/HSB.php

@@ -26,7 +26,7 @@ class HSB implements Interface\CoordinatesInterface
 	private float $B = 0.0;
 
 	/** @var string color space: either ok or cie */
-	private string $colorspace = '';
+	private string $colorspace = ''; /** @phpstan-ignore-line */
 
 	/**
 	 * HSB (HSV) color coordinates

www/lib/CoreLibs/Convert/Color/Coordinates/HSL.php

@@ -25,7 +25,7 @@ class HSL implements Interface\CoordinatesInterface
 	/** @var float lightness (luminance) */
 	private float $L = 0.0;
 
-	/** @var string color space: either ok or cie */
+	/** @var string color space: either sRGB */
 	private string $colorspace = '';
 
 	/**

www/lib/CoreLibs/Create/Session.php

@@ -15,17 +15,111 @@ namespace CoreLibs\Create;
 
 class Session
 {
+	/** @var string current session name */
+	private string $session_name = '';
+	/** @var string current session id */
+	private string $session_id = '';
+	/** @var bool flag auto write close */
+	private bool $auto_write_close = false;
+	/** @var string regenerate option, default never */
+	private string $regenerate = 'never';
+	/** @var int regenerate interval either 1 to 100 for random or 0 to 3600 for interval */
+	private int $regenerate_interval = 0;
+
+	/** @var array<string> allowed session id regenerate (rotate) options */
+	private const ALLOWED_REGENERATE_OPTIONS = ['none', 'random', 'interval'];
+	/** @var int default random interval */
+	public const DEFAULT_REGENERATE_RANDOM = 100;
+	/** @var int default rotate internval in minutes */
+	public const DEFAULT_REGENERATE_INTERVAL = 5 * 60;
+	/** @var int maximum time for regenerate interval is one hour */
+	public const MAX_REGENERATE_INTERAL = 60 * 60;
+
 	/**
 	 * init a session, if array is empty or array does not have session_name set
 	 * then no auto init is run
 	 *
 	 * @param string $session_name if set and not empty, will start session
+	 * @param array{auto_write_close?:bool,session_strict?:bool,regenerate?:string,regenerate_interval?:int} $options
 	 */
-	public function __construct(string $session_name = '')
+	public function __construct(
+		string $session_name,
+		array $options = []
+	) {
+		$this->setOptions($options);
+		$this->initSession($session_name);
+	}
+
+	// MARK: private methods
+
+	/**
+	 * set session class options
+	 *
+	 * @param array{auto_write_close?:bool,session_strict?:bool,regenerate?:string,regenerate_interval?:int} $options
+	 * @return void
+	 */
+	private function setOptions(array $options): void
 	{
-		if (!empty($session_name)) {
-			$this->startSession($session_name);
+		if (
+			!isset($options['auto_write_close']) ||
+			!is_bool($options['auto_write_close'])
+		) {
+			$options['auto_write_close'] = false;
 		}
+		$this->auto_write_close = $options['auto_write_close'];
+		if (
+			!isset($options['session_strict']) ||
+			!is_bool($options['session_strict'])
+		) {
+			$options['session_strict'] = true;
+		}
+		// set strict options, on not started sessiononly
+		if (
+			$options['session_strict'] &&
+			$this->getSessionStatus() === PHP_SESSION_NONE
+		) {
+			// use cookies to store session IDs
+			ini_set('session.use_cookies', 1);
+			// use cookies only (do not send session IDs in URLs)
+			ini_set('session.use_only_cookies', 1);
+			// do not send session IDs in URLs
+			ini_set('session.use_trans_sid', 0);
+		}
+		// session regenerate id options
+		if (
+			empty($options['regenerate']) ||
+			!in_array($options['regenerate'], self::ALLOWED_REGENERATE_OPTIONS)
+		) {
+			$options['regenerate'] = 'never';
+		}
+		$this->regenerate = (string)$options['regenerate'];
+		// for regenerate: 'random' (default 100)
+		// regenerate_interval must be between (1 = always) and 100 (1 in 100)
+		// for regenerate: 'interval' (default 5min)
+		// regenerate_interval must be 0 = always, to 3600 (every hour)
+		if (
+			$options['regenerate'] == 'random' &&
+			(
+				!isset($options['regenerate_interval']) ||
+				!is_numeric($options['regenerate_interval']) ||
+				$options['regenerate_interval'] < 0 ||
+				$options['regenerate_interval'] > 100
+			)
+		) {
+			$options['regenerate_interval'] = self::DEFAULT_REGENERATE_RANDOM;
+		}
+		if (
+			$options['regenerate'] == 'interval' &&
+			(
+				!isset($options['regenerate_interval']) ||
+				!is_numeric($options['regenerate_interval']) ||
+				$options['regenerate_interval'] < 1 ||
+				$options['regenerate_interval'] > self::MAX_REGENERATE_INTERAL
+			)
+		) {
+			$options['regenerate_interval'] = self::DEFAULT_REGENERATE_INTERVAL;
+		}
+		$this->regenerate_interval = (int)($options['regenerate_interval'] ?? 0);
 	}
 
 	/**
@@ -36,38 +130,100 @@ class Session
 	 *
 	 * @return void
 	 */
-	protected function startSessionCall(): void
+	private function startSessionCall(): void
 	{
 		session_start();
 	}
 
 	/**
-	 * check if we are in CLI, we set this, so we can mock this
-	 * Not this is just a wrapper for the static System::checkCLI call
+	 * get current set session id or false if none started
 	 *
-	 * @return bool True if we are in a CLI enviroment, or false for everything else
+	 * @return string|false
 	 */
-	public function checkCliStatus(): bool
+	public function getSessionIdCall(): string|false
 	{
-		return \CoreLibs\Get\System::checkCLI();
+		return session_id();
 	}
 
 	/**
-	 * Set session name call. If not valid session name, will return false
+	 * automatically closes a session if the auto write close flag is set
 	 *
-	 * @param  string $session_name A valid string for session name
-	 * @return bool                 True if session name is valid,
-	 *                              False if not
+	 * @return bool
 	 */
-	public function setSessionName(string $session_name): bool
+	private function closeSessionCall(): bool
 	{
-		if (!$this->checkValidSessionName($session_name)) {
-			return false;
+		if ($this->auto_write_close) {
+			return $this->writeClose();
 		}
-		session_name($session_name);
-		return true;
+		return false;
 	}
 
+	// MARK: regenerate session
+
+	/**
+	 * auto rotate session id
+	 *
+	 * @return void
+	 * @throws \RuntimeException failure to regenerate session id
+	 * @throws \UnexpectedValueException failed to get new session id
+	 * @throws \RuntimeException failed to set new sesson id
+	 * @throws \UnexpectedValueException new session id generated does not match the new set one
+	 */
+	private function sessionRegenerateSessionId()
+	{
+		// never
+		if ($this->regenerate == 'never') {
+			return;
+		}
+		// regenerate
+		if (
+			!(
+				// is not session obsolete
+				empty($_SESSION['SESSION_REGENERATE_OBSOLETE']) &&
+				(
+					(
+						// random
+						$this->regenerate == 'random' &&
+						mt_rand(1, $this->regenerate_interval) == 1
+					) || (
+						// interval type
+						$this->regenerate == 'interval' &&
+						($_SESSION['SESSION_REGENERATE_TIMESTAMP'] ?? 0) + $this->regenerate_interval < time()
+					)
+				)
+			)
+		) {
+			return;
+		}
+		// Set current session to expire in 1 minute
+		$_SESSION['SESSION_REGENERATE_OBSOLETE'] = true;
+		$_SESSION['SESSION_REGENERATE_EXPIRES'] = time() + 60;
+		$_SESSION['SESSION_REGENERATE_TIMESTAMP'] = time();
+		// Create new session without destroying the old one
+		if (session_regenerate_id(false) === false) {
+			throw new \RuntimeException('[SESSION] Session id regeneration failed', 1);
+		}
+		// Grab current session ID and close both sessions to allow other scripts to use them
+		if (false === ($new_session_id = $this->getSessionIdCall())) {
+			throw new \UnexpectedValueException('[SESSION] getSessionIdCall did not return a session id', 2);
+		}
+		$this->writeClose();
+		// Set session ID to the new one, and start it back up again
+		if (($get_new_session_id = session_id($new_session_id)) === false) {
+			throw new \RuntimeException('[SESSION] set session_id failed', 3);
+		}
+		if ($get_new_session_id != $new_session_id) {
+			throw new \UnexpectedValueException('[SESSION] new session id does not match the new set one', 4);
+		}
+		$this->session_id = $new_session_id;
+		$this->startSessionCall();
+		// Don't want this one to expire
+		unset($_SESSION['SESSION_REGENERATE_OBSOLETE']);
+		unset($_SESSION['SESSION_REGENERATE_EXPIRES']);
+	}
+
+	// MARK: session validation
+
 	/**
 	 * check if session name is valid
 	 *
@@ -94,15 +250,34 @@ class Session
 	}
 
 	/**
-	 * start session with given session name if set
+	 * validate _SESSION key, must be valid variable
+	 *
+	 * @param  int|float|string $key
+	 * @return true
+	 */
+	private function checkValidSessionEntryKey(int|float|string $key): true
+	{
+		if (!is_string($key) || is_numeric($key)) {
+			throw new \UnexpectedValueException(
+				'[SESSION] Given key for _SESSION is not a valid value for a varaible: ' . $key,
+				1
+			);
+		}
+		return true;
+	}
+
+	// MARK: init session (on class start)
+
+	/**
+	 * stinitart session with given session name if set
 	 * aborts on command line or if sessions are not enabled
 	 * also aborts if session cannot be started
 	 * On sucess returns the session id
 	 *
-	 * @param string|null $session_name
-	 * @return string|bool
+	 * @param string $session_name
+	 * @return void
 	 */
-	public function startSession(?string $session_name = null): string|bool
+	private function initSession(string $session_name): void
 	{
 		// we can't start sessions on command line
 		if ($this->checkCliStatus()) {
@@ -115,39 +290,94 @@ class Session
 		// session_status
 		// initial the session if there is no session running already
 		if (!$this->checkActiveSession()) {
-			// if session name is emtpy, check if there is a global set
-			// this is a deprecated fallback
-			$session_name = $session_name ?? $GLOBALS['SET_SESSION_NAME'] ?? '';
-			// DEPRECTED: constant SET_SESSION_NAME is no longer used
-			// if set, set special session name
-			if (!empty($session_name)) {
-				// invalid session name, abort
-				if (!$this->checkValidSessionName($session_name)) {
-					throw new \UnexpectedValueException('[SESSION] Invalid session name: ' . $session_name, 3);
-				}
-				$this->setSessionName($session_name);
+			// invalid session name, abort
+			if (!$this->checkValidSessionName($session_name)) {
+				throw new \UnexpectedValueException('[SESSION] Invalid session name: ' . $this->session_name, 3);
 			}
+			// set session name
+			$this->session_name = $session_name;
+			session_name($this->session_name);
 			// start session
 			$this->startSessionCall();
+			// if we faild to start the session
+			if (!$this->checkActiveSession()) {
+				throw new \RuntimeException('[SESSION] Failed to activate session', 5);
+			}
+			if (
+				!empty($_SESSION['SESSION_REGENERATE_OBSOLETE']) &&
+				!empty($_SESSION['SESSION_REGENERATE_EXPIRES']) && $_SESSION['SESSION_REGENERATE_EXPIRES'] < time()
+			) {
+				$this->sessionDestroy();
+				throw new \RuntimeException('[SESSION] Expired session found', 6);
+			}
+		} elseif ($session_name != $this->getSessionName()) {
+			throw new \UnexpectedValueException(
+				'[SESSION] Another session exists with a different name: ' . $this->getSessionName(),
+				4
+			);
 		}
-		// if we still have no active session
+		// check session id
+		if (false === ($session_id = $this->getSessionIdCall())) {
+			throw new \UnexpectedValueException('[SESSION] getSessionIdCall did not return a session id', 7);
+		}
+		// set session id
+		$this->session_id = $session_id;
+		// run session id re-create from time to time
+		$this->sessionRegenerateSessionId();
+		// if flagged auto close, write close session
+		if ($this->auto_write_close) {
+			$this->writeClose();
+		}
+	}
+
+	// MARK: public set/get status
+
+	/**
+	 * start session, will only run after initSession
+	 *
+	 * @return bool True if started, False if alrady running
+	 */
+	public function restartSession(): bool
+	{
 		if (!$this->checkActiveSession()) {
-			throw new \RuntimeException('[SESSION] Failed to activate session', 4);
+			if (empty($this->session_name)) {
+				throw new \RuntimeException('[SESSION] Cannot restart session without a session name', 1);
+			}
+			$this->startSessionCall();
+			return true;
 		}
-		if (false === ($session_id = $this->getSessionId())) {
-			throw new \UnexpectedValueException('[SESSION] getSessionId did not return a session id', 5);
-		}
-		return $session_id;
+		return false;
 	}
 
 	/**
-	 * get current set session id or false if none started
+	 * current set session id
 	 *
-	 * @return string|bool
+	 * @return string
 	 */
-	public function getSessionId(): string|bool
+	public function getSessionId(): string
 	{
-		return session_id();
+		return $this->session_id;
+	}
+
+	/**
+	 * set the auto write close flag
+	 *
+	 * @param  bool $flag
+	 * @return void
+	 */
+	public function setAutoWriteClose(bool $flag): void
+	{
+		$this->auto_write_close = $flag;
+	}
+
+	/**
+	 * return the auto write close flag
+	 *
+	 * @return bool
+	 */
+	public function checkAutoWriteClose(): bool
+	{
+		return $this->auto_write_close;
 	}
 
 	/**
@@ -175,6 +405,34 @@ class Session
 		}
 	}
 
+	/**
+	 * check if we are in CLI, we set this, so we can mock this
+	 * Not this is just a wrapper for the static System::checkCLI call
+	 *
+	 * @return bool True if we are in a CLI enviroment, or false for everything else
+	 */
+	public function checkCliStatus(): bool
+	{
+		return \CoreLibs\Get\System::checkCLI();
+	}
+
+	/**
+	 * get session status
+	 * PHP_SESSION_DISABLED if sessions are disabled.
+	 * PHP_SESSION_NONE if sessions are enabled, but none exists.
+	 * PHP_SESSION_ACTIVE if sessions are enabled, and one exists.
+	 *
+	 * https://www.php.net/manual/en/function.session-status.php
+	 *
+	 * @return int See possible return int values above
+	 */
+	public function getSessionStatus(): int
+	{
+		return session_status();
+	}
+
+	// MARK: write close session
+
 	/**
 	 * unlock the session file, so concurrent AJAX requests can be done
 	 * NOTE: after this has been called, no changes in _SESSION will be stored
@@ -188,17 +446,24 @@ class Session
 		return session_write_close();
 	}
 
+	// MARK: session close and clean up
+
 	/**
 	 * Proper destroy a session
 	 * - unset the _SESSION array
 	 * - unset cookie if cookie on and we have not strict mode
+	 * - unset session_name and session_id internal vars
 	 * - destroy session
 	 *
-	 * @return bool
+	 * @return bool True on successful session destroy
 	 */
 	public function sessionDestroy(): bool
 	{
-		$_SESSION = [];
+		// abort to false if not unsetable
+		if (!session_unset()) {
+			return false;
+		}
+		$this->clear();
 		if (
 			ini_get('session.use_cookies') &&
 			!ini_get('session.use_strict_mode')
@@ -218,68 +483,92 @@ class Session
 				$params['httponly']
 			);
 		}
+		// unset internal vars
+		$this->session_name = '';
+		$this->session_id = '';
 		return session_destroy();
 	}
 
-	/**
-	 * get session status
-	 * PHP_SESSION_DISABLED if sessions are disabled.
-	 * PHP_SESSION_NONE if sessions are enabled, but none exists.
-	 * PHP_SESSION_ACTIVE if sessions are enabled, and one exists.
-	 *
-	 * https://www.php.net/manual/en/function.session-status.php
-	 *
-	 * @return int See possible return int values above
-	 */
-	public function getSessionStatus(): int
-	{
-		return session_status();
-	}
-
-	// _SESSION set/unset methods
+	// MARK: _SESSION set/unset methods
 
 	/**
 	 * unset all _SESSION entries
 	 *
 	 * @return void
 	 */
-	public function unsetAllS(): void
+	public function clear(): void
 	{
-		foreach (array_keys($_SESSION ?? []) as $name) {
-			unset($_SESSION[$name]);
+		$this->restartSession();
+		if (!session_unset()) {
+			throw new \RuntimeException('[SESSION] Cannot unset session vars', 1);
 		}
+		if (!empty($_SESSION)) {
+			$_SESSION = [];
+		}
+		$this->closeSessionCall();
 	}
 
 	/**
 	 * set _SESSION entry 'name' with any value
 	 *
-	 * @param  string|int $name  array name in _SESSION
-	 * @param  mixed      $value value to set (can be anything)
+	 * @param  string $name  array name in _SESSION
+	 * @param  mixed  $value value to set (can be anything)
 	 * @return void
 	 */
-	public function setS(string|int $name, mixed $value): void
+	public function set(string $name, mixed $value): void
 	{
+		$this->checkValidSessionEntryKey($name);
+		$this->restartSession();
 		$_SESSION[$name] = $value;
+		$this->closeSessionCall();
+	}
+
+	/**
+	 * set many session entries in one set
+	 *
+	 * @param  array<string,mixed> $set key is the key in the _SESSION, value is any data to set
+	 * @return void
+	 */
+	public function setMany(array $set): void
+	{
+		$this->restartSession();
+		// skip any that are not valid
+		foreach ($set as $key => $value) {
+			$this->checkValidSessionEntryKey($key);
+			$_SESSION[$key] = $value;
+		}
+		$this->closeSessionCall();
 	}
 
 	/**
 	 * get _SESSION 'name' entry or empty string if not set
 	 *
-	 * @param  string|int $name value key to get from _SESSION
-	 * @return mixed            value stored in _SESSION
+	 * @param  string $name value key to get from _SESSION
+	 * @return mixed        value stored in _SESSION, if not found set to null
 	 */
-	public function getS(string|int $name): mixed
+	public function get(string $name): mixed
 	{
-		return $_SESSION[$name] ?? '';
+		return $_SESSION[$name] ?? null;
+	}
+
+	/**
+	 * get multiple session entries
+	 *
+	 * @param  array<string> $set
+	 * @return array<string,mixed>
+	 */
+	public function getMany(array $set): array
+	{
+		return array_intersect_key($_SESSION, array_flip($set));
 	}
 
 	/**
 	 * Check if a name is set in the _SESSION array
 	 *
-	 * @param  string|int $name Name to check for
-	 * @return bool             True for set, False fornot set
+	 * @param  string $name Name to check for
+	 * @return bool                   True for set, False fornot set
 	 */
-	public function issetS(string|int $name): bool
+	public function isset(string $name): bool
 	{
 		return isset($_SESSION[$name]);
 	}
@@ -287,67 +576,35 @@ class Session
 	/**
 	 * unset one _SESSION entry 'name' if exists
 	 *
-	 * @param  string|int $name _SESSION key name to remove
+	 * @param  string $name _SESSION key name to remove
 	 * @return void
 	 */
-	public function unsetS(string|int $name): void
+	public function unset(string $name): void
 	{
-		if (isset($_SESSION[$name])) {
-			unset($_SESSION[$name]);
+		if (!isset($_SESSION[$name])) {
+			return;
 		}
+		$this->restartSession();
+		unset($_SESSION[$name]);
+		$this->closeSessionCall();
 	}
 
-	// set/get below
-	// ->var = value;
-
 	/**
-	 * Undocumented function
+	 * reset many session entry
 	 *
-	 * @param  string|int $name
-	 * @param  mixed      $value
+	 * @param  array<string> $set list of session keys to reset
 	 * @return void
 	 */
-	public function __set(string|int $name, mixed $value): void
+	public function unsetMany(array $set): void
 	{
-		$_SESSION[$name] = $value;
-	}
-
-	/**
-	 * Undocumented function
-	 *
-	 * @param  string|int $name
-	 * @return mixed            If name is not found, it will return null
-	 */
-	public function __get(string|int $name): mixed
-	{
-		if (isset($_SESSION[$name])) {
-			return $_SESSION[$name];
-		}
-		return null;
-	}
-
-	/**
-	 * Undocumented function
-	 *
-	 * @param  string|int $name
-	 * @return bool
-	 */
-	public function __isset(string|int $name): bool
-	{
-		return isset($_SESSION[$name]);
-	}
-
-	/**
-	 * Undocumented function
-	 *
-	 * @param  string|int $name
-	 * @return void
-	 */
-	public function __unset(string|int $name): void
-	{
-		if (isset($_SESSION[$name])) {
-			unset($_SESSION[$name]);
+		$this->restartSession();
+		foreach ($set as $key) {
+			if (!isset($_SESSION[$key])) {
+				continue;
+			}
+			unset($_SESSION[$key]);
 		}
+		$this->closeSessionCall();
 	}
 }
 

www/lib/CoreLibs/Create/Uids.php

@@ -56,26 +56,6 @@ class Uids
 	 */
 	public static function uuidv4(): string
 	{
-		/* return sprintf(
-			'%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
-			// 32 bits for "time_low"
-			mt_rand(0, 0xffff),
-			mt_rand(0, 0xffff),
-			// 16 bits for "time_mid"
-			mt_rand(0, 0xffff),
-			// 16 bits for "time_hi_and_version",
-			// four most significant bits holds version number 4
-			mt_rand(0, 0x0fff) | 0x4000,
-			// 16 bits, 8 bits for "clk_seq_hi_res",
-			// 8 bits for "clk_seq_low",
-			// two most significant bits holds zero and one for variant DCE1.1
-			mt_rand(0, 0x3fff) | 0x8000,
-			// 48 bits for "node"
-			mt_rand(0, 0xffff),
-			mt_rand(0, 0xffff),
-			mt_rand(0, 0xffff)
-		); */
-
 		$data = random_bytes(16);
 		assert(strlen($data) == 16);
 
@@ -93,6 +73,20 @@ class Uids
 		return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));
 	}
 
+	/**
+	 * regex validate uuid v4
+	 *
+	 * @param  string $uuidv4
+	 * @return bool
+	 */
+	public static function validateUuuidv4(string $uuidv4): bool
+	{
+		if (!preg_match("/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/", $uuidv4)) {
+			return false;
+		}
+		return true;
+	}
+
 	/**
 	 * creates a uniq id based on lengths
 	 *

www/lib/CoreLibs/DB/SQL/Interface/SqlFunctions.php

@@ -285,6 +285,22 @@ interface SqlFunctions
 	 */
 	public function __dbConnectionBusySocketWait(int $timeout_seconds = 3): bool;
 
+	/**
+	 * Undocumented function
+	 *
+	 * @param  string $parameter
+	 * @param  bool   $strip
+	 * @return string
+	 */
+	public function __dbVersionInfo(string $parameter, bool $strip = true): string;
+
+	/**
+	 * Undocumented function
+	 *
+	 * @return array<mixed>
+	 */
+	public function __dbVersionInfoParameterList(): array;
+
 	/**
 	 * Undocumented function
 	 *
@@ -292,6 +308,13 @@ interface SqlFunctions
 	 */
 	public function __dbVersion(): string;
 
+	/**
+	 * Undocumented function
+	 *
+	 * @return int
+	 */
+	public function __dbVersionNumeric(): int;
+
 	/**
 	 * Undocumented function
 	 *
@@ -306,6 +329,14 @@ interface SqlFunctions
 		?int &$end = null
 	): ?array;
 
+	/**
+	 * Undocumented function
+	 *
+	 * @param  string      $parameter
+	 * @return string|bool
+	 */
+	public function __dbParameter(string $parameter): string|bool;
+
 	/**
 	 * Undocumented function
 	 *
@@ -343,6 +374,14 @@ interface SqlFunctions
 	 * @return string
 	 */
 	public function __dbGetEncoding(): string;
+
+	/**
+	 * Undocumented function
+	 *
+	 * @param  string $query
+	 * @return int
+	 */
+	public function __dbCountQueryParams(string $query): int;
 }
 
 // __END__

www/lib/CoreLibs/DB/SQL/PgSQL.php

@@ -407,17 +407,13 @@ class PgSQL implements Interface\SqlFunctions
 			}
 			// no PK name given at all
 			if (empty($pk_name)) {
-				// if name is plurar, make it singular
-				// if (preg_match("/.*s$/i", $table))
-				// 	$table = substr($table, 0, -1);
 				// set pk_name to "id"
 				$pk_name = $table . "_id";
 			}
-			$seq = ($schema ? $schema . '.' : '') . $table . "_" . $pk_name . "_seq";
-			$q = "SELECT CURRVAL('$seq') AS insert_id";
+			$q = "SELECT CURRVAL(pg_get_serial_sequence($1, $2)) AS insert_id";
 			// I have to do manually or I overwrite the original insert internal vars ...
-			if ($q = $this->__dbQuery($q)) {
-				if (is_array($res = $this->__dbFetchArray($q))) {
+			if ($cursor = $this->__dbQueryParams($q, [$table, $pk_name])) {
+				if (is_array($res = $this->__dbFetchArray($cursor))) {
 					list($id) = $res;
 				} else {
 					return false;
@@ -451,26 +447,36 @@ class PgSQL implements Interface\SqlFunctions
 					$table_prefix = $schema . '.';
 				}
 			}
+			$params = [$table_prefix . $table];
+			$replace = ['', ''];
 			// read from table the PK name
 			// faster primary key get
-			$q = "SELECT pg_attribute.attname AS column_name, "
-				. "format_type(pg_attribute.atttypid, pg_attribute.atttypmod) AS type "
-				. "FROM pg_index, pg_class, pg_attribute ";
+			$q = <<<SQL
+			SELECT
+				pg_attribute.attname AS column_name,
+				format_type(pg_attribute.atttypid, pg_attribute.atttypmod) AS type
+			FROM pg_index, pg_class, pg_attribute{PG_NAMESPACE}
+			WHERE
+				-- regclass translates the OID to the name
+				pg_class.oid = $1::regclass AND
+				indrelid = pg_class.oid AND
+				pg_attribute.attrelid = pg_class.oid AND
+				pg_attribute.attnum = any(pg_index.indkey) AND
+				indisprimary
+				{NSPNAME}
+			SQL;
 			if ($schema) {
-				$q .= ", pg_namespace ";
+				$params[] = $schema;
+				$replace = [
+					", pg_namespace",
+					"AND pg_class.relnamespace = pg_namespace.oid AND nspname = $2"
+				];
 			}
-			$q .= "WHERE "
-				// regclass translates the OID to the name
-				. "pg_class.oid = '" . $table_prefix . $table . "'::regclass AND "
-				. "indrelid = pg_class.oid AND ";
-			if ($schema) {
-				$q .= "nspname = '" . $schema . "' AND "
-					. "pg_class.relnamespace = pg_namespace.oid AND ";
-			}
-			$q .= "pg_attribute.attrelid = pg_class.oid AND "
-				. "pg_attribute.attnum = any(pg_index.indkey) "
-				. "AND indisprimary";
-			$cursor = $this->__dbQuery($q);
+			$cursor = $this->__dbQueryParams(str_replace(
+				['{PG_NAMESPACE}', '{NSPNAME}'],
+				$replace,
+				$q
+			), $params);
 			if ($cursor !== false) {
 				$__db_fetch_array = $this->__dbFetchArray($cursor);
 				if (!is_array($__db_fetch_array)) {
@@ -895,11 +901,13 @@ class PgSQL implements Interface\SqlFunctions
 	public function __dbSetSchema(string $db_schema): int
 	{
 		// check if schema actually exists
-		$query = "SELECT EXISTS("
-			. "SELECT 1 FROM information_schema.schemata "
-			. "WHERE schema_name = " . $this->__dbEscapeLiteral($db_schema)
-			. ")";
-		$cursor = $this->__dbQuery($query);
+		$query = <<<SQL
+		SELECT EXISTS (
+			SELECT 1 FROM information_schema.schemata
+			WHERE schema_name = $1
+		)
+		SQL;
+		$cursor = $this->__dbQueryParams($query, [$db_schema]);
 		// abort if execution fails
 		if ($cursor === false) {
 			return 1;

www/lib/CoreLibs/DB/Support/ConvertPlaceholder.php

@@ -14,10 +14,24 @@ namespace CoreLibs\DB\Support;
 
 class ConvertPlaceholder
 {
-	/** @var string split regex */
-	private const PATTERN_QUERY_SPLIT = '[(<>=,?-]|->|->>|#>|#>>|@>|<@|\?\|\?\&|\|\||#-';
+	// NOTE for missing: range */+ are not iplemented in the regex below, but - is for now
+	// NOTE some combinations are allowed, but the query will fail before this
+	/** @var string split regex, entries before $ group */
+	private const PATTERN_QUERY_SPLIT =
+		'\?\?|' // UNKNOWN: double ??, is this to avoid something?
+		. '[\(,]|' // for ',' and '(' mostly in INSERT or ANY()
+		. '[<>=]|' // general set for <, >, = in any query with any combination
+		. '\^@|' // text search for start from text with ^@
+		. '\|\||' // concats two elements
+		. '&&|' // array overlap
+		. '\-\|\-|' // range overlap for array
+		. '[^-]-{1}|' // single -, used in JSON too
+		. '->|->>|#>|#>>|@>|<@|@@|@\?|\?{1}|\?\||\?&|#-'; //JSON searches, Array searchs, etc
 	/** @var string the main regex including  the pattern query split */
-	private const PATTERN_ELEMENT = '(?:\'.*?\')?\s*(?:\?\?|' . self::PATTERN_QUERY_SPLIT . ')\s*';
+	private const PATTERN_ELEMENT = '(?:\'.*?\')?\s*(?:' . self::PATTERN_QUERY_SPLIT . ')\s*';
+	/** @var string comment regex
+	 * anything that starts with -- and ends with a line break but any character that is not line break inbetween */
+	private const PATTERN_COMMENT = '(?:\-\-[^\r\n]*?\r?\n)*\s*';
 	/** @var string parts to ignore in the SQL */
 	private const PATTERN_IGNORE =
 		// digit -> ignore
@@ -34,6 +48,7 @@ class ConvertPlaceholder
 	/** @var string replace regex for named (:...) entries */
 	public const REGEX_REPLACE_NAMED = '/'
 		. '(' . self::PATTERN_ELEMENT . ')'
+		. self::PATTERN_COMMENT
 		. '('
 		. self::PATTERN_IGNORE
 		. self::PATTERN_NAMED
@@ -42,6 +57,7 @@ class ConvertPlaceholder
 	/** @var string replace regex for question mark (?) entries */
 	public const REGEX_REPLACE_QUESTION_MARK = '/'
 		. '(' . self::PATTERN_ELEMENT . ')'
+		. self::PATTERN_COMMENT
 		. '('
 		. self::PATTERN_IGNORE
 		. self::PATTERN_QUESTION_MARK
@@ -50,6 +66,7 @@ class ConvertPlaceholder
 	/** @var string replace regex for numbered ($n) entries */
 	public const REGEX_REPLACE_NUMBERED = '/'
 		. '(' . self::PATTERN_ELEMENT . ')'
+		. self::PATTERN_COMMENT
 		. '('
 		. self::PATTERN_IGNORE
 		. self::PATTERN_NUMBERED
@@ -60,6 +77,7 @@ class ConvertPlaceholder
 		// prefix string part, must match towards
 		// seperator for ( = , ? - [and json/jsonb in pg doc section 9.15]
 		. self::PATTERN_ELEMENT
+		. self::PATTERN_COMMENT
 		// match for replace part
 		. '(?:'
 		// ignore parts

www/lib/CoreLibs/Output/Form/TableArrays/EditUsers.php

@@ -135,30 +135,6 @@ class EditUsers implements Interface\TableArraysInterface
 					'min_edit_acl' => '100',
 					'min_show_acl' => '100',
 				],
-				'debug' => [
-					'value' => $_POST['debug'] ?? '',
-					'output_name' => 'Debug',
-					'type' => 'binary',
-					'int' => 1,
-					'element_list' => [
-						'1' => 'Yes',
-						'0' => 'No'
-					],
-					'min_edit_acl' => '100',
-					'min_show_acl' => '100',
-				],
-				'db_debug' => [
-					'value' => $_POST['db_debug'] ?? '',
-					'output_name' => 'DB Debug',
-					'type' => 'binary',
-					'int' => 1,
-					'element_list' => [
-						'1' => 'Yes',
-						'0' => 'No'
-					],
-					'min_edit_acl' => '100',
-					'min_show_acl' => '100',
-				],
 				'email' => [
 					'value' => $_POST['email'] ?? '',
 					'output_name' => 'E-Mail',

www/lib/CoreLibs/Output/Form/Token.php

@@ -2,7 +2,7 @@
 
 /*
  * sets a form token in the _SESSION variable
- * session must be started for this to work
+ * session must be started and running for this to work
  */
 
 declare(strict_types=1);

www/lib/CoreLibs/Security/SymmetricEncryption.php

@@ -49,7 +49,11 @@ class SymmetricEncryption
 	 */
 	public static function getInstance(string|null $key = null): self
 	{
-		if (empty(self::$instance)) {
+		// new if no instsance or key is different
+		if (
+			empty(self::$instance) ||
+			self::$instance->key != $key
+		) {
 			self::$instance = new self($key);
 		}
 		return self::$instance;
@@ -130,7 +134,7 @@ class SymmetricEncryption
 	 */
 	private function encryptData(string $message, ?string $key): string
 	{
-		if (empty($this->key) || $key === null) {
+		if ($key === null) {
 			throw new \UnexpectedValueException('Key not set');
 		}
 		$key = $this->createKey($key);