Fix regex for $$ PostgresSQL string in convert placeholder

* Correct wrong comment lookup
* simplify regex by excluding comment and string blocks before
* simpler lookup for each type
* update checks for more tests for various special cases

In DB IO
* add a function to return all placeholders found in a query
* only numbered parameters are looked up

.eslintrc.js

@@ -1,43 +0,0 @@
-module.exports = {
-	'env': {
-		'browser': true,
-		'es6': true,
-		'commonjs': true,
-		'jquery': true
-	},
-	'extends': 'eslint:recommended',
-	'parserOptions': {
-		'ecmaVersion': 6
-	},
-	'rules': {
-		'indent': [
-			'error',
-			'tab',
-			{
-				'SwitchCase': 1
-			}
-		],
-		'linebreak-style': [
-			'error',
-			'unix'
-		],
-		'quotes': [
-			'error',
-			'single'
-		],
-		'semi': [
-			'error',
-			'always'
-		],
-		'no-console': 'off',
-		'no-unused-vars': [
-			'error', {
-				'vars': 'all',
-				'args': 'after-used',
-				'ignoreRestSiblings': false
-			}
-		],
-		// Requires eslint >= v8.14.0
-		'no-constant-binary-expression': 'error'
-	}
-};

.gitignore

@@ -5,3 +5,5 @@ vendor/
 tools/
 www/composer.lock
 www/vendor
+**/.env
+**/.target

4dev/tests/AAASetupData/requests/http_requests.php

@@ -48,7 +48,7 @@ header("Content-Type: application/json; charset=UTF-8");
 if (!empty($http_headers['HTTP_AUTHORIZATION']) && !empty($http_headers['HTTP_RUNAUTHTEST'])) {
 	header("HTTP/1.1 401 Unauthorized");
 	print buildContent($http_headers, '{"code": 401, "content": {"Error": "Not Authorized"}}');
-	exit;
+	exit(1);
 }
 
 // if server request type is get set file_get to null -> no body
@@ -57,7 +57,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
 } elseif (($file_get = file_get_contents('php://input')) === false) {
 	header("HTTP/1.1 404 Not Found");
 	print buildContent($http_headers, '{"code": 404, "content": {"Error": "file_get_contents failed"}}');
-	exit;
+	exit(1);
 }
 
 print buildContent($http_headers, $file_get);

4dev/tests/ACL/CoreLibsACLLoginTest.php

@@ -152,7 +152,6 @@ final class CoreLibsACLLoginTest extends TestCase
 		// TARGET
 		define('TARGET', 'test');
 		// LOGIN DB SCHEMA
-		// define('LOGIN_DB_SCHEMA', '');
 
 		// SHOULD SET
 		// DEFAULT_ACL_LEVEL (d80)

4dev/tests/Combined/CoreLibsCombinedDateTimeTest.php

@@ -926,48 +926,114 @@ final class CoreLibsCombinedDateTimeTest extends TestCase
 	public function daysIntervalProvider(): array
 	{
 		return [
-			'valid interval /, not named array' => [
-				'2020/1/1',
-				'2020/1/30',
-				false,
-				[29, 22, 8],
+			// normal and format tests
+			'valid interval / not named array' => [
+				'input_a' => '2020/1/1',
+				'input_b' => '2020/1/30',
+				'return_named' => false, // return_named
+				'include_end_date' => true, // include_end_date
+				'exclude_start_date' => false, // exclude_start_date
+				'expected' => [30, 22, 8, false],
 			],
-			'valid interval /, named array' => [
-				'2020/1/1',
-				'2020/1/30',
-				true,
-				['overall' => 29, 'weekday' => 22, 'weekend' => 8],
+			'valid interval / named array' => [
+				'input_a' => '2020/1/1',
+				'input_b' => '2020/1/30',
+				'return_named' => true,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => ['overall' => 30, 'weekday' => 22, 'weekend' => 8, 'reverse' => false],
 			],
-			'valid interval -' => [
-				'2020-1-1',
-				'2020-1-30',
-				false,
-				[29, 22, 8],
-			],
-			'valid interval switched' => [
-				'2020/1/30',
-				'2020/1/1',
-				false,
-				[28, 0, 0],
+			'valid interval with "-"' => [
+				'input_a' => '2020-1-1',
+				'input_b' => '2020-1-30',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => [30, 22, 8, false],
 			],
 			'valid interval with time' => [
-				'2020/1/1 12:12:12',
-				'2020/1/30 13:13:13',
-				false,
-				[28, 21, 8],
+				'input_a' => '2020/1/1 12:12:12',
+				'input_b' => '2020/1/30 13:13:13',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => [30, 22, 8, false],
 			],
+			// invalid
 			'invalid dates' => [
-				'abc',
-				'xyz',
-				false,
-				[0, 0, 0]
+				'input_a' => 'abc',
+				'input_b' => 'xyz',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => [0, 0, 0, false]
 			],
-			// this test will take a long imte
+			// this test will take a long time
 			'out of bound dates' => [
-				'1900-1-1',
-				'9999-12-31',
-				false,
-				[2958463,2113189,845274],
+				'input_a' => '1900-1-1',
+				'input_b' => '9999-12-31',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => [2958463, 2113189, 845274, false],
+			],
+			// tests for include/exclude
+			'exclude end date' => [
+				'input_b' => '2020/1/1',
+				'input_a' => '2020/1/30',
+				'return_named' => false,
+				'include_end_date' => false,
+				'exclude_start_date' => false,
+				'expected' => [29, 21, 8, false],
+			],
+			'exclude start date' => [
+				'input_b' => '2020/1/1',
+				'input_a' => '2020/1/30',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => true,
+				'expected' => [29, 21, 8, false],
+			],
+			'exclude start and end date' => [
+				'input_b' => '2020/1/1',
+				'input_a' => '2020/1/30',
+				'return_named' => false,
+				'include_end_date' => false,
+				'exclude_start_date' => true,
+				'expected' => [28, 20, 8, false],
+			],
+			// reverse
+			'reverse: valid interval' => [
+				'input_a' => '2020/1/30',
+				'input_b' => '2020/1/1',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => false,
+				'expected' => [30, 22, 8, true],
+			],
+			'reverse: exclude end date' => [
+				'input_a' => '2020/1/30',
+				'input_b' => '2020/1/1',
+				'return_named' => false,
+				'include_end_date' => false,
+				'exclude_start_date' => false,
+				'expected' => [29, 21, 8, true],
+			],
+			'reverse: exclude start date' => [
+				'input_a' => '2020/1/30',
+				'input_b' => '2020/1/1',
+				'return_named' => false,
+				'include_end_date' => true,
+				'exclude_start_date' => true,
+				'expected' => [29, 21, 8, true],
+			],
+			'reverse: exclude start and end date' => [
+				'input_a' => '2020/1/30',
+				'input_b' => '2020/1/1',
+				'return_named' => false,
+				'include_end_date' => false,
+				'exclude_start_date' => true,
+				'expected' => [28, 20, 8, true],
 			],
 		];
 	}
@@ -982,20 +1048,52 @@ final class CoreLibsCombinedDateTimeTest extends TestCase
 	 *
 	 * @param string $input_a
 	 * @param string $input_b
-	 * @param bool   $flag
-	 * @param array $expected
+	 * @param bool   $return_named
+	 * @param array  $expected
 	 * @return void
 	 */
 	public function testCalcDaysInterval(
 		string $input_a,
 		string $input_b,
-		bool $flag,
+		bool $return_named,
+		bool $include_end_date,
+		bool $exclude_start_date,
 		$expected
 	): void {
 		$this->assertEquals(
 			$expected,
-			\CoreLibs\Combined\DateTime::calcDaysInterval($input_a, $input_b, $flag)
+			\CoreLibs\Combined\DateTime::calcDaysInterval(
+				$input_a,
+				$input_b,
+				return_named:$return_named,
+				include_end_date:$include_end_date,
+				exclude_start_date:$exclude_start_date
+			),
+			'call calcDaysInterval'
 		);
+		if ($return_named) {
+			$this->assertEquals(
+				$expected,
+				\CoreLibs\Combined\DateTime::calcDaysIntervalNamedIndex(
+					$input_a,
+					$input_b,
+					include_end_date:$include_end_date,
+					exclude_start_date:$exclude_start_date
+				),
+				'call calcDaysIntervalNamedIndex'
+			);
+		} else {
+			$this->assertEquals(
+				$expected,
+				\CoreLibs\Combined\DateTime::calcDaysIntervalNumIndex(
+					$input_a,
+					$input_b,
+					include_end_date:$include_end_date,
+					exclude_start_date:$exclude_start_date
+				),
+				'call calcDaysIntervalNamedIndex'
+			);
+		}
 	}
 
 	/**
@@ -1187,7 +1285,38 @@ final class CoreLibsCombinedDateTimeTest extends TestCase
 				'2023-07-03',
 				'2023-07-27',
 				true
-			]
+			],
+			// reverse
+			'reverse: no weekend' => [
+				'2023-07-04',
+				'2023-07-03',
+				false
+			],
+			'reverse: start weekend sat' => [
+				'2023-07-04',
+				'2023-07-01',
+				true
+			],
+			'reverse: start weekend sun' => [
+				'2023-07-04',
+				'2023-07-02',
+				true
+			],
+			'reverse: end weekend sat' => [
+				'2023-07-08',
+				'2023-07-03',
+				true
+			],
+			'reverse: end weekend sun' => [
+				'2023-07-09',
+				'2023-07-03',
+				true
+			],
+			'reverse: long period > 6 days' => [
+				'2023-07-27',
+				'2023-07-03',
+				true
+			],
 		];
 	}
 

4dev/tests/Convert/CoreLibsConvertByteTest.php

@@ -40,7 +40,7 @@ final class CoreLibsConvertByteTest extends TestCase
 				4 => '1.00 KB',
 				5 => '1.02KiB',
 			],
-			'invalud string number' => [
+			'invalid string number' => [
 				0 => '1024 MB',
 				1 => '1024 MB',
 				2 => '1024 MB',

4dev/tests/Create/CoreLibsCreateHashTest.php

@@ -21,8 +21,10 @@ final class CoreLibsCreateHashTest extends TestCase
 	public function hashData(): array
 	{
 		return [
-			'any string' => [
+			'hash tests' => [
+				// this is the string
 				'text' => 'Some String Text',
+				// hash list special
 				'crc32b_reverse' => 'c5c21d91', // crc32b (in revere)
 				'sha1Short' => '4d2bc9ba0', // sha1Short
 				// via hash
@@ -31,6 +33,8 @@ final class CoreLibsCreateHashTest extends TestCase
 				'fnv132' => '9df444f9', // hash: fnv132
 				'fnv1a32' => '2c5f91b9', // hash: fnv1a32
 				'joaat' => '50dab846', // hash: joaat
+				'ripemd160' => 'aeae3f041b20136451519edd9361570909300342', // hash: ripemd160,
+				'sha256' => '9055080e022f224fa835929b80582b3c71c672206fa3a49a87412c25d9d42ceb', // hash: sha256
 			]
 		];
 	}
@@ -81,7 +85,7 @@ final class CoreLibsCreateHashTest extends TestCase
 	{
 		$list = [];
 		foreach ($this->hashData() as $name => $values) {
-			foreach ([null, 'crc32b', 'adler32', 'fnv132', 'fnv1a32', 'joaat'] as $_hash_type) {
+			foreach ([null, 'crc32b', 'adler32', 'fnv132', 'fnv1a32', 'joaat', 'ripemd160', 'sha256'] as $_hash_type) {
 				// default value test
 				if ($_hash_type === null) {
 					$hash_type = \CoreLibs\Create\Hash::STANDARD_HASH_SHORT;
@@ -114,6 +118,22 @@ final class CoreLibsCreateHashTest extends TestCase
 		];
 	}
 
+	/**
+	 * Undocumented function
+	 *
+	 * @return array
+	 */
+	public function hashStandardProvider(): array
+	{
+		$hash_source = 'Some String Text';
+		return [
+			'Long Hash check: ' . \CoreLibs\Create\Hash::STANDARD_HASH => [
+				$hash_source,
+				hash(\CoreLibs\Create\Hash::STANDARD_HASH, $hash_source)
+			],
+		];
+	}
+
 	/**
 	 * Undocumented function
 	 *
@@ -136,9 +156,13 @@ final class CoreLibsCreateHashTest extends TestCase
 	/**
 	 * Undocumented function
 	 *
+	 * phpcs:disable Generic.Files.LineLength
 	 * @covers ::__sha1Short
+	 * @covers ::__crc32b
+	 * @covers ::sha1Short
 	 * @dataProvider sha1ShortProvider
-	 * @testdox __sha1Short $input will be $expected (crc32b) and $expected_sha1 (sha1 short) [$_dataName]
+	 * @testdox __sha1Short/__crc32b/sha1short $input will be $expected (crc32b) and $expected_sha1 (sha1 short) [$_dataName]
+	 * phpcs:enable Generic.Files.LineLength
 	 *
 	 * @param string $input
 	 * @param string $expected
@@ -149,16 +173,29 @@ final class CoreLibsCreateHashTest extends TestCase
 		// uses crc32b
 		$this->assertEquals(
 			$expected,
-			\CoreLibs\Create\Hash::__sha1Short($input)
+			\CoreLibs\Create\Hash::__sha1Short($input),
+			'__sha1Short depreacted'
 		);
 		$this->assertEquals(
 			$expected,
-			\CoreLibs\Create\Hash::__sha1Short($input, false)
+			\CoreLibs\Create\Hash::__sha1Short($input, false),
+			'__sha1Short (false) depreacted'
+		);
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::__crc32b($input),
+			'__crc32b'
 		);
 		// sha1 type
 		$this->assertEquals(
 			$expected_sha1,
-			\CoreLibs\Create\Hash::__sha1Short($input, true)
+			\CoreLibs\Create\Hash::__sha1Short($input, true),
+			'__sha1Short (true) depreacted'
+		);
+		$this->assertEquals(
+			$expected_sha1,
+			\CoreLibs\Create\Hash::sha1Short($input),
+			'sha1Short'
 		);
 	}
 
@@ -166,8 +203,10 @@ final class CoreLibsCreateHashTest extends TestCase
 	 * Undocumented function
 	 *
 	 * @covers ::__hash
+	 * @covers ::hashShort
+	 * @covers ::hashShort
 	 * @dataProvider hashProvider
-	 * @testdox __hash $input with $hash_type will be $expected [$_dataName]
+	 * @testdox __hash/hashShort/hash $input with $hash_type will be $expected [$_dataName]
 	 *
 	 * @param string $input
 	 * @param string|null $hash_type
@@ -179,12 +218,24 @@ final class CoreLibsCreateHashTest extends TestCase
 		if ($hash_type === null) {
 			$this->assertEquals(
 				$expected,
-				\CoreLibs\Create\Hash::__hash($input)
+				\CoreLibs\Create\Hash::__hash($input),
+				'__hash'
+			);
+			$this->assertEquals(
+				$expected,
+				\CoreLibs\Create\Hash::hashShort($input),
+				'hashShort'
 			);
 		} else {
 			$this->assertEquals(
 				$expected,
-				\CoreLibs\Create\Hash::__hash($input, $hash_type)
+				\CoreLibs\Create\Hash::__hash($input, $hash_type),
+				'__hash with hash type'
+			);
+			$this->assertEquals(
+				$expected,
+				\CoreLibs\Create\Hash::hash($input, $hash_type),
+				'hash with hash type'
 			);
 		}
 	}
@@ -193,8 +244,9 @@ final class CoreLibsCreateHashTest extends TestCase
 	 * Undocumented function
 	 *
 	 * @covers ::__hashLong
+	 * @covers ::hashLong
 	 * @dataProvider hashLongProvider
-	 * @testdox __hashLong $input will be $expected [$_dataName]
+	 * @testdox __hashLong/hashLong $input will be $expected [$_dataName]
 	 *
 	 * @param string $input
 	 * @param string $expected
@@ -206,6 +258,168 @@ final class CoreLibsCreateHashTest extends TestCase
 			$expected,
 			\CoreLibs\Create\Hash::__hashLong($input)
 		);
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hashLong($input)
+		);
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @covers ::hash
+	 * @covers ::hashStd
+	 * @dataProvider hashStandardProvider
+	 * @testdox hash/hashStd $input will be $expected [$_dataName]
+	 *
+	 * @param string $input
+	 * @param string $expected
+	 * @return void
+	 */
+	public function testHashStandard(string $input, string $expected): void
+	{
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hashStd($input)
+		);
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hash($input)
+		);
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @covers ::hash
+	 * @testdox hash with invalid type
+	 *
+	 * @return void
+	 */
+	public function testInvalidHashType(): void
+	{
+		$hash_source = 'Some String Text';
+		$expected = hash(\CoreLibs\Create\Hash::STANDARD_HASH, $hash_source);
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hash($hash_source, 'DOES_NOT_EXIST')
+		);
+	}
+
+	/**
+	 * Note: this only tests default sha256
+	 *
+	 * @covers ::hashHmac
+	 * @testdox hash hmac test
+	 *
+	 * @return void
+	 */
+	public function testHashMac(): void
+	{
+		$hash_key = 'FIX KEY';
+		$hash_source = 'Some String Text';
+		$expected = '16479b3ef6fa44e1cdd8b2dcfaadf314d1a7763635e8738f1e7996d714d9b6bf';
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hashHmac($hash_source, $hash_key)
+		);
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @covers ::hashHmac
+	 * @testdox hash hmac with invalid type
+	 *
+	 * @return void
+	 */
+	public function testInvalidHashMacType(): void
+	{
+		$hash_key = 'FIX KEY';
+		$hash_source = 'Some String Text';
+		$expected = hash_hmac(\CoreLibs\Create\Hash::STANDARD_HASH, $hash_source, $hash_key);
+		$this->assertEquals(
+			$expected,
+			\CoreLibs\Create\Hash::hashHmac($hash_source, $hash_key, 'DOES_NOT_EXIST')
+		);
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @return array<mixed>
+	 */
+	public function providerHashTypes(): array
+	{
+		return [
+			'Hash crc32b' => [
+				'crc32b',
+				true,
+				false,
+			],
+			'Hash adler32' => [
+				'adler32',
+				true,
+				false,
+			],
+			'HAsh fnv132' => [
+				'fnv132',
+				true,
+				false,
+			],
+			'Hash fnv1a32' => [
+				'fnv1a32',
+				true,
+				false,
+			],
+			'Hash: joaat' => [
+				'joaat',
+				true,
+				false,
+			],
+			'Hash: ripemd160' => [
+				'ripemd160',
+				true,
+				true,
+			],
+			'Hash: sha256' => [
+				'sha256',
+				true,
+				true,
+			],
+			'Hash: invalid' => [
+				'invalid',
+				false,
+				false
+			]
+		];
+	}
+
+	/**
+	 * Undocumented function
+	 *
+	 * @covers ::isValidHashType
+	 * @covers ::isValidHashHmacType
+	 * @dataProvider providerHashTypes
+	 * @testdox check if $hash_type is valid for hash $hash_ok and hash hmac $hash_hmac_ok [$_dataName]
+	 *
+	 * @param  string $hash_type
+	 * @param  bool   $hash_ok
+	 * @param  bool   $hash_hmac_ok
+	 * @return void
+	 */
+	public function testIsValidHashAndHashHmacTypes(string $hash_type, bool $hash_ok, bool $hash_hmac_ok): void
+	{
+		$this->assertEquals(
+			$hash_ok,
+			\CoreLibs\Create\Hash::isValidHashType($hash_type),
+			'hash valid'
+		);
+		$this->assertEquals(
+			$hash_hmac_ok,
+			\CoreLibs\Create\Hash::isValidHashHmacType($hash_type),
+			'hash hmac valid'
+		);
 	}
 }
 

4dev/tests/DB/CoreLibsDBIOTest.php

@@ -135,6 +135,7 @@ final class CoreLibsDBIOTest extends TestCase
 		}
 		// check if they already exist, drop them
 		if ($db->dbShowTableMetaData('table_with_primary_key') !== false) {
+			$db->dbExec("CREATE EXTENSION IF NOT EXISTS pgcrypto");
 			$db->dbExec("DROP TABLE table_with_primary_key");
 			$db->dbExec("DROP TABLE table_without_primary_key");
 			$db->dbExec("DROP TABLE test_meta");
@@ -4744,7 +4745,7 @@ final class CoreLibsDBIOTest extends TestCase
 		$res = $db->dbReturnRowParams($query_select, ['CONVERT_TYPE_TEST']);
 		// all hast to be string
 		foreach ($res as $key => $value) {
-			$this->assertIsString($value, 'Aseert string for column: ' . $key);
+			$this->assertIsString($value, 'Assert string for column: ' . $key);
 		}
 		// convert base only
 		$db->dbSetConvertFlag(Convert::on);
@@ -4757,10 +4758,10 @@ final class CoreLibsDBIOTest extends TestCase
 			}
 			switch ($type_layout[$name]) {
 				case 'int':
-					$this->assertIsInt($value, 'Aseert int for column: ' . $key . '/' . $name);
+					$this->assertIsInt($value, 'Assert int for column: ' . $key . '/' . $name);
 					break;
 				default:
-					$this->assertIsString($value, 'Aseert string for column: ' . $key  . '/' . $name);
+					$this->assertIsString($value, 'Assert string for column: ' . $key  . '/' . $name);
 					break;
 			}
 		}
@@ -4774,13 +4775,13 @@ final class CoreLibsDBIOTest extends TestCase
 			}
 			switch ($type_layout[$name]) {
 				case 'int':
-					$this->assertIsInt($value, 'Aseert int for column: ' . $key . '/' . $name);
+					$this->assertIsInt($value, 'Assert int for column: ' . $key . '/' . $name);
 					break;
 				case 'float':
-					$this->assertIsFloat($value, 'Aseert float for column: ' . $key . '/' . $name);
+					$this->assertIsFloat($value, 'Assert float for column: ' . $key . '/' . $name);
 					break;
 				default:
-					$this->assertIsString($value, 'Aseert string for column: ' . $key  . '/' . $name);
+					$this->assertIsString($value, 'Assert string for column: ' . $key  . '/' . $name);
 					break;
 			}
 		}
@@ -4794,17 +4795,17 @@ final class CoreLibsDBIOTest extends TestCase
 			}
 			switch ($type_layout[$name]) {
 				case 'int':
-					$this->assertIsInt($value, 'Aseert int for column: ' . $key . '/' . $name);
+					$this->assertIsInt($value, 'Assert int for column: ' . $key . '/' . $name);
 					break;
 				case 'float':
-					$this->assertIsFloat($value, 'Aseert float for column: ' . $key . '/' . $name);
+					$this->assertIsFloat($value, 'Assert float for column: ' . $key . '/' . $name);
 					break;
 				case 'json':
 				case 'jsonb':
-					$this->assertIsArray($value, 'Aseert array for column: ' . $key . '/' . $name);
+					$this->assertIsArray($value, 'Assert array for column: ' . $key . '/' . $name);
 					break;
 				default:
-					$this->assertIsString($value, 'Aseert string for column: ' . $key  . '/' . $name);
+					$this->assertIsString($value, 'Assert string for column: ' . $key  . '/' . $name);
 					break;
 			}
 		}
@@ -4818,25 +4819,25 @@ final class CoreLibsDBIOTest extends TestCase
 			}
 			switch ($type_layout[$name]) {
 				case 'int':
-					$this->assertIsInt($value, 'Aseert int for column: ' . $key . '/' . $name);
+					$this->assertIsInt($value, 'Assert int for column: ' . $key . '/' . $name);
 					break;
 				case 'float':
-					$this->assertIsFloat($value, 'Aseert float for column: ' . $key . '/' . $name);
+					$this->assertIsFloat($value, 'Assert float for column: ' . $key . '/' . $name);
 					break;
 				case 'json':
 				case 'jsonb':
-					$this->assertIsArray($value, 'Aseert array for column: ' . $key . '/' . $name);
+					$this->assertIsArray($value, 'Assert array for column: ' . $key . '/' . $name);
 					break;
 				case 'bytea':
 					// for hex types it must not start with \x
 					$this->assertStringStartsNotWith(
 						'\x',
 						$value,
-						'Aseert bytes not starts with \x for column: ' . $key . '/' . $name
+						'Assert bytes not starts with \x for column: ' . $key . '/' . $name
 					);
 					break;
 				default:
-					$this->assertIsString($value, 'Aseert string for column: ' . $key  . '/' . $name);
+					$this->assertIsString($value, 'Assert string for column: ' . $key  . '/' . $name);
 					break;
 			}
 		}
@@ -5235,6 +5236,9 @@ final class CoreLibsDBIOTest extends TestCase
 					$3
 					-- comment 3
 					, $4
+					-- ignore $5, $6
+					-- $7, $8
+					-- digest($9, 10)
 				)
 				SQL,
 				'count' => 4,
@@ -5305,8 +5309,57 @@ final class CoreLibsDBIOTest extends TestCase
 				SQL,
 				'count' => 2,
 				'convert' => false,
+			],
+			// special $$ string case
+			'text string, with $ placehoders that could be seen as $$ string' => [
+				'query' => <<<SQL
+				SELECT row_int
+				FROM table_with_primary_key
+				WHERE
+					row_bytea = digest($3::VARCHAR, $4) OR
+					row_varchar = encode(digest($3, $4), 'hex') OR
+					row_bytea = hmac($3, $5, $4) OR
+					row_varchar = encode(hmac($3, $5, $4), 'hex') OR
+					row_bytea = pgp_sym_encrypt($3, $6) OR
+					row_varchar = encode(pgp_sym_encrypt($1, $6), 'hex') OR
+					row_varchar = CASE WHEN row_int = 1 THEN $1 ELSE $2 END
+				SQL,
+				'count' => 6,
+				'convert' => false,
+			],
+			// NOTE, in SQL heredoc we cannot write $$ strings parts
+			'text string, with $ placehoders are in $$ strings' => [
+				'query' => '
+				SELECT row_int
+				FROM table_with_primary_key
+				WHERE
+					row_varchar = $$some string$$ OR
+					row_varchar = $tag$some string$tag$ OR
+					row_varchar = $btag$some $1 string$btag$ OR
+					row_varchar = $btag$some $1 $subtag$ something $subtag$string$btag$ OR
+					row_varchar = $1
+				',
+				'count' => 1,
+				'convert' => false,
+			],
+			// a text string with escaped quite
+			'text string, with escaped quote' => [
+				'query' => <<<SQL
+				SELECT row_int
+				FROM table_with_primary_key
+				WHERE
+					row_varchar = 'foo bar bar baz $5' OR
+					row_varchar = 'foo bar '' barbar $6' OR
+					row_varchar = E'foo bar \' barbar $7' OR
+					row_varchar = CASE WHEN row_int = 1 THEN $1 ELSE $2 END
+				SQL,
+				'count' => 2,
+				'convert' => false,
 			]
 		];
+		$string = <<<SQL
+		'''
+		SQL;
 	}
 
 	/**

4dev/tests/UrlRequests/CoreLibsUrlRequestsCurlTest.php

@@ -969,44 +969,76 @@ final class CoreLibsUrlRequestsCurlTest extends TestCase
 			"query" => ["foo-get" => "bar"]
 		]);
 		$this->assertEquals("200", $response["code"], "multi call: get response code not matching");
-		$this->assertEquals(
-			'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
-			. '"HTTP_FIRST_CALL":"get","HTTP_ACCEPT":"*\/*",'
-			. '"HTTP_HOST":"soba.egplusww.jp"},'
-			. '"REQUEST_TYPE":"GET",'
-			. '"PARAMS":{"foo-get":"bar"},"BODY":null}',
-			$response['content'],
-			'multi call: get content not matching'
-		);
+		if (PHP_VERSION_ID >= 80400) {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_HOST":"soba.egplusww.jp",'
+				. '"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1","HTTP_FIRST_CALL":"get",'
+				. '"HTTP_ACCEPT":"*\/*"},"REQUEST_TYPE":"GET","PARAMS":{"foo-get":"bar"},"BODY":null}',
+				$response['content'],
+				'multi call: get content not matching'
+			);
+		} else {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
+				. '"HTTP_FIRST_CALL":"get","HTTP_ACCEPT":"*\/*",'
+				. '"HTTP_HOST":"soba.egplusww.jp"},'
+				. '"REQUEST_TYPE":"GET",'
+				. '"PARAMS":{"foo-get":"bar"},"BODY":null}',
+				$response['content'],
+				'multi call: get content not matching'
+			);
+		}
 		// post
 		$response = $curl->post($this->url_basic, [
 			"headers" => ["second-call" => "post"],
 			"body" => ["foo-post" => "baz"]
 		]);
 		$this->assertEquals("200", $response["code"], "multi call: post response code not matching");
-		$this->assertEquals(
-			'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
-			. '"HTTP_SECOND_CALL":"post","HTTP_ACCEPT":"*\/*",'
-			. '"HTTP_HOST":"soba.egplusww.jp"},'
-			. '"REQUEST_TYPE":"POST",'
-			. '"PARAMS":[],"BODY":{"foo-post":"baz"}}',
-			$response['content'],
-			'multi call: post content not matching'
-		);
+		if (PHP_VERSION_ID >= 80400) {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_HOST":"soba.egplusww.jp",'
+				. '"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
+				. '"HTTP_SECOND_CALL":"post","HTTP_ACCEPT":"*\/*"},'
+				. '"REQUEST_TYPE":"POST","PARAMS":[],"BODY":{"foo-post":"baz"}}',
+				$response['content'],
+				'multi call: post content not matching'
+			);
+		} else {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
+				. '"HTTP_SECOND_CALL":"post","HTTP_ACCEPT":"*\/*",'
+				. '"HTTP_HOST":"soba.egplusww.jp"},'
+				. '"REQUEST_TYPE":"POST",'
+				. '"PARAMS":[],"BODY":{"foo-post":"baz"}}',
+				$response['content'],
+				'multi call: post content not matching'
+			);
+		}
 		// delete
 		$response = $curl->delete($this->url_basic, [
 			"headers" => ["third-call" => "delete"],
 		]);
 		$this->assertEquals("200", $response["code"], "multi call: delete response code not matching");
-		$this->assertEquals(
-			'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
-			. '"HTTP_THIRD_CALL":"delete","HTTP_ACCEPT":"*\/*",'
-			. '"HTTP_HOST":"soba.egplusww.jp"},'
-			. '"REQUEST_TYPE":"DELETE",'
-			. '"PARAMS":[],"BODY":[]}',
-			$response['content'],
-			'multi call: delete content not matching'
-		);
+		if (PHP_VERSION_ID >= 80400) {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_HOST":"soba.egplusww.jp",'
+				. '"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
+				. '"HTTP_THIRD_CALL":"delete","HTTP_ACCEPT":"*\/*"},'
+				. '"REQUEST_TYPE":"DELETE","PARAMS":[],"BODY":[]}',
+				$response['content'],
+				'multi call: delete content not matching'
+			);
+		} else {
+			$this->assertEquals(
+				'{"HEADERS":{"HTTP_USER_AGENT":"CoreLibsUrlRequestCurl\/1",'
+				. '"HTTP_THIRD_CALL":"delete","HTTP_ACCEPT":"*\/*",'
+				. '"HTTP_HOST":"soba.egplusww.jp"},'
+				. '"REQUEST_TYPE":"DELETE",'
+				. '"PARAMS":[],"BODY":[]}',
+				$response['content'],
+				'multi call: delete content not matching'
+			);
+		}
 	}
 
 	// MARK: auth header set via config

README.md

@@ -114,3 +114,11 @@ Add `.libs` to the master .gitingore
 ### Update phpunit
 
 On a version update the old phpunit folder in .libs has to be removed and the new version extracted again
+
+## Javascript
+
+The original edit.js javascript functions are now in utils.js or utils.min.js.
+
+The development for thos files is located in a different repository
+
+https://[service]/CodeBlocks/javascript-utils

eslint.config.mjs

@@ -0,0 +1,59 @@
+import globals from 'globals';
+import pluginJs from '@eslint/js';
+
+/*
+module.exports = {
+	// in globals block
+	'extends': 'eslint:recommended',
+	'parserOptions': {
+		'ecmaVersion': 6
+	},
+	// rules copied
+};
+*/
+
+/** @type {import('eslint').Linter.Config[]} */
+export default [
+	{languageOptions: {
+		globals: {
+			...globals.browser,
+			...globals.jquery
+		}
+	}},
+	pluginJs.configs.recommended,
+	{
+		'rules': {
+			'indent': [
+				'error',
+				'tab',
+				{
+					'SwitchCase': 1
+				}
+			],
+			'linebreak-style': [
+				'error',
+				'unix'
+			],
+			// 'quotes': [
+			// 	'error',
+			// 	'single'
+			// ],
+			'semi': [
+				'error',
+				'always'
+			],
+			'no-console': 'off',
+			'no-unused-vars': [
+				'error', {
+					'vars': 'all',
+					'args': 'after-used',
+					'ignoreRestSiblings': false
+				}
+			],
+			// Requires eslint >= v8.14.0
+			'no-constant-binary-expression': 'error'
+		}
+	}
+];
+
+// __END__

jsconfig.json

@@ -1,9 +1,11 @@
+// https://www.typescriptlang.org/tsconfig/#compilerOptions
 {
 	"compilerOptions": {
 		"module": "ESNext",
 		"moduleResolution": "Node",
 		"target": "ES2020",
 		"jsx": "react",
+		"checkJs": true,
 		"allowImportingTsExtensions": true,
 		"strictNullChecks": true,
 		"strictFunctionTypes": true

package.json

@@ -0,0 +1,17 @@
+{
+	"name": "core-libraries",
+	"version": "9.26.8",
+	"main": "",
+	"scripts": {
+		"test": "echo \"Error: no test specified\" && exit 1"
+	},
+	"author": "Clemens Schwaighofer",
+	"license": "",
+	"description": "Core Libraries",
+	"devDependencies": {
+		"@eslint/js": "^9.20.0",
+		"esbuild": "^0.25.0",
+		"eslint": "^9.20.1",
+		"globals": "^15.15.0"
+	}
+}

phpstan-bootstrap.php

@@ -10,5 +10,6 @@ $_SERVER['HTTP_HOST'] = 'soba.tokyo.tequila.jp';
 define('BASE_NAME', '');
 define('SITE_DOMAIN', '');
 define('HOST_NAME', 'soba.tokyo.tequila.jp');
+define('DEFAULT_ENCODING', 'en_US.UTF-8');
 
 // __END__

www/admin/UrlRequests.target.php

@@ -52,7 +52,7 @@ header("Content-Type: application/json; charset=UTF-8");
 if (!empty($http_headers['HTTP_AUTHORIZATION']) && !empty($http_headers['HTTP_RUNAUTHTEST'])) {
 	header("HTTP/1.1 401 Unauthorized");
 	print buildContent($http_headers, '{"code": 401, "content": {"Error": "Not Authorized"}}');
-	exit;
+	exit(1);
 }
 
 // if server request type is get set file_get to null -> no body
@@ -61,7 +61,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
 } elseif (($file_get = file_get_contents('php://input')) === false) {
 	header("HTTP/1.1 404 Not Found");
 	print buildContent($http_headers, '{"code": 404, "content": {"Error": "file_get_contents failed"}}');
-	exit;
+	exit(1);
 }
 // str_replace('\"', '"', trim($file_get, '"'));
 

www/admin/class_test.datetime.php

@@ -268,7 +268,9 @@ foreach ($compare_datetimes as $compare_datetime) {
 	print "COMPAREDATE: $compare_datetime[0] = $compare_datetime[1]: "
 		. (string)DateTime::compareDateTime($compare_datetime[0], $compare_datetime[1]) . "<br>";
 }
+
 print "<hr>";
+print "<h2>calcDaysInterval</h2>";
 $compare_dates = [
 	[ '2021-05-01', '2021-05-10', ],
 	[ '2021-05-10', '2021-05-01', ],
@@ -279,9 +281,21 @@ foreach ($compare_dates as $compare_date) {
 	print "CALCDAYSINTERVAL: $compare_date[0] = $compare_date[1]: "
 		. DgS::printAr(DateTime::calcDaysInterval($compare_date[0], $compare_date[1])) . "<br>";
 	print "CALCDAYSINTERVAL(named): $compare_date[0] = $compare_date[1]: "
-		. DgS::printAr(DateTime::calcDaysInterval($compare_date[0], $compare_date[1], true)) . "<br>";
+		. DgS::printAr(DateTime::calcDaysInterval($compare_date[0], $compare_date[1], return_named:true)) . "<br>";
+	print "CALCDAYSINTERVAL(EXCLUDE END): $compare_date[0] = $compare_date[1]: "
+		. Dgs::printAr(DateTime::calcDaysInterval($compare_date[0], $compare_date[1], include_end_date:false));
+	print "CALCDAYSINTERVAL(EXCLUDE START): $compare_date[0] = $compare_date[1]: "
+		. Dgs::printAr(DateTime::calcDaysInterval($compare_date[0], $compare_date[1], exclude_start_date:true));
+	print "CALCDAYSINTERVAL(EXCLUDE END, EXCLUDE START): $compare_date[0] = $compare_date[1]: "
+		. Dgs::printAr(DateTime::calcDaysInterval(
+			$compare_date[0],
+			$compare_date[1],
+			include_end_date:false,
+			exclude_start_date:true
+		));
 }
 print "<hr>";
+print "<h2>setWeekdayNameFromIsoDow</h2>";
 // test date conversion
 $dow = 2;
 print "DOW[$dow]: " . DateTime::setWeekdayNameFromIsoDow($dow) . "<br>";
@@ -297,26 +311,25 @@ $date = '2022-70-242';
 print "DATE-dow[$date];invalid: " . DateTime::setWeekdayNameFromDate($date) . "<br>";
 print "DATE-dow[$date],long;invalid: " . DateTime::setWeekdayNameFromDate($date, true) . "<br>";
 print "DOW-date[$date];invalid: " . DateTime::setWeekdayNumberFromDate($date) . "<br>";
-print "<hr>";
-// check date range includes a weekend
-// does not:
-$start_date = '2023-07-03';
-$end_date = '2023-07-05';
-print "Has Weekend: " . $start_date . " ~ " . $end_date . ": "
-	. Dgs::prBl(DateTime::dateRangeHasWeekend($start_date, $end_date)) . "<br>";
-$start_date = '2023-07-03';
-$end_date = '2023-07-10';
-print "Has Weekend: " . $start_date . " ~ " . $end_date . ": "
-	. Dgs::prBl(DateTime::dateRangeHasWeekend($start_date, $end_date)) . "<br>";
-$start_date = '2023-07-03';
-$end_date = '2023-07-31';
-print "Has Weekend: " . $start_date . " ~ " . $end_date . ": "
-	. Dgs::prBl(DateTime::dateRangeHasWeekend($start_date, $end_date)) . "<br>";
-$start_date = '2023-07-01';
-$end_date = '2023-07-03';
-print "Has Weekend: " . $start_date . " ~ " . $end_date . ": "
-	. Dgs::prBl(DateTime::dateRangeHasWeekend($start_date, $end_date)) . "<br>";
 
+print "<hr>";
+print "<h2>dateRangeHasWeekend</h2>";
+// check date range includes a weekend
+$has_weekend_list = [
+	['2023-07-03', '2023-07-05'],
+	['2023-07-03', '2023-07-10'],
+	['2023-07-03', '2023-07-31'],
+	['2023-07-01', '2023-07-03'],
+	['2023-07-01', '2023-07-01'],
+	['2023-07-01', '2023-07-02'],
+	['2023-06-30', '2023-07-01'],
+	['2023-06-30', '2023-06-30'],
+	['2023-07-01', '2023-06-30'],
+];
+foreach ($has_weekend_list as $days) {
+	print "Has Weekend: " . $days[0] . " ~ " . $days[1] . ": "
+		. Dgs::prBl(DateTime::dateRangeHasWeekend($days[0], $days[1])) . "<br>";
+}
 
 print "</body></html>";
 
@@ -460,7 +473,10 @@ function intervalStringFormatDeprecated(
 		// print "-> V: $value | $part, $time_name | I: " . is_int($value) . " | F: " . is_float($value)
 		// 	. " | " . ($value != 0 ? 'Not zero' : 'ZERO') . "<br>";
 		// var_dump($skip_last_zero);
-		if ($value != 0 || $skip_zero === false || $skip_last_zero === false) {
+		if (
+			is_numeric($value) &&
+			($value != 0 || $skip_zero === false || $skip_last_zero === false)
+		) {
 			if ($part == 'f') {
 				if ($truncate_nanoseconds === true) {
 					$value = round($value, 3);

www/admin/class_test.db.convert-placeholder.php

@@ -21,6 +21,7 @@ ob_end_flush();
 
 use CoreLibs\Debug\Support;
 use CoreLibs\DB\Support\ConvertPlaceholder;
+use CoreLibs\Convert\Html;
 
 $log = new CoreLibs\Logging\Logging([
 	'log_folder' => BASE . LOG,
@@ -38,10 +39,12 @@ print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 print "LOGFILE NAME: " . $log->getLogFile() . "<br>";
 print "LOGFILE ID: " . $log->getLogFileId() . "<br>";
 
-print "Lookup Regex: <pre>" . ConvertPlaceholder::REGEX_LOOKUP_PLACEHOLDERS . "</pre>";
-print "Replace Named Regex: <pre>" . ConvertPlaceholder::REGEX_REPLACE_NAMED . "</pre>";
-print "Replace Named Regex: <pre>" . ConvertPlaceholder::REGEX_REPLACE_QUESTION_MARK . "</pre>";
-print "Replace Named Regex: <pre>" . ConvertPlaceholder::REGEX_REPLACE_NUMBERED . "</pre>";
+print "Lookup Regex: <pre>" . Html::htmlent(ConvertPlaceholder::REGEX_LOOKUP_PLACEHOLDERS) . "</pre>";
+print "Lookup Numbered Regex: <pre>" . Html::htmlent(ConvertPlaceholder::REGEX_LOOKUP_NUMBERED) . "</pre>";
+print "Replace Named Regex: <pre>" . Html::htmlent(ConvertPlaceholder::REGEX_REPLACE_NAMED) . "</pre>";
+print "Replace Question Mark Regex: <pre>"
+	. Html::htmlent(ConvertPlaceholder::REGEX_REPLACE_QUESTION_MARK) . "</pre>";
+print "Replace Numbered Regex: <pre>" . Html::htmlent(ConvertPlaceholder::REGEX_REPLACE_NUMBERED) . "</pre>";
 
 $uniqid = \CoreLibs\Create\Uids::uniqIdShort();
 // $binary_data = $db->dbEscapeBytea(file_get_contents('class_test.db.php') ?: '');
@@ -91,40 +94,63 @@ RETURNING
 	some_binary
 SQL;
 
-print "[ALL] Convert: "
+print "<b>[ALL] Convert</b>: "
 	. Support::printAr(ConvertPlaceholder::convertPlaceholderInQuery($query, $params))
 	. "<br>";
 echo "<hr>";
 
 $query = "SELECT foo FROM bar WHERE baz = :baz AND buz = :baz AND biz = :biz AND boz = :bez";
 $params = [':baz' => 'SETBAZ', ':bez' => 'SETBEZ', ':biz' => 'SETBIZ'];
-print "[NO PARAMS] Convert: "
+print "<b>[NO PARAMS] Convert</b>: "
 	. Support::printAr(ConvertPlaceholder::convertPlaceholderInQuery($query, $params))
 	. "<br>";
 echo "<hr>";
 
 $query = "SELECT foo FROM bar WHERE baz = :baz AND buz = :baz AND biz = :biz AND boz = :bez";
 $params = null;
-print "[NO PARAMS] Convert: "
+print "<b>[NO PARAMS] Convert</b>: "
 	. Support::printAr(ConvertPlaceholder::convertPlaceholderInQuery($query, $params))
 	. "<br>";
 echo "<hr>";
 
 $query = "SELECT row_varchar FROM table_with_primary_key WHERE row_varchar <> :row_varchar";
 $params = null;
-print "[NO PARAMS] Convert: "
+print "<b>[NO PARAMS] Convert</b>: "
 	. Support::printAr(ConvertPlaceholder::convertPlaceholderInQuery($query, $params))
 	. "<br>";
 echo "<hr>";
 
 $query = "SELECT row_varchar, row_varchar_literal, row_int, row_date FROM table_with_primary_key";
 $params = null;
-print "[NO PARAMS] TEST: "
+print "<b>[NO PARAMS] TEST</b>: "
 	. Support::printAr(ConvertPlaceholder::convertPlaceholderInQuery($query, $params))
 	. "<br>";
 echo "<hr>";
 
-print "[P-CONV]: "
+$query = <<<SQL
+UPDATE table_with_primary_key SET
+	row_int = $1::INT, row_numeric = $1::NUMERIC, row_varchar = $1
+WHERE
+	row_varchar = $1
+SQL;
+$params = [1];
+print "<b>[All the same params] TEST</b>: "
+	. Support::printAr(ConvertPlaceholder::convertPlaceholderInQuery($query, $params))
+	. "<br>";
+echo "<hr>";
+
+$query = <<<SQL
+SELECT row_varchar, row_varchar_literal, row_int, row_date
+FROM table_with_primary_key
+WHERE row_varchar = :row_varchar
+SQL;
+$params = [':row_varchar' => 1];
+print "<b>[: param] TEST</b>: "
+	. Support::printAr(ConvertPlaceholder::convertPlaceholderInQuery($query, $params))
+	. "<br>";
+echo "<hr>";
+
+print "<b>[P-CONV]</b>: "
 	. Support::printAr(
 		ConvertPlaceholder::updateParamList([
 			'original' => [
@@ -186,6 +212,13 @@ SQL,
 		'params' => [\CoreLibs\Create\Uids::uniqIdShort(), 'string A-1', 1234],
 		'direction' => 'pg',
 	],
+	'b?' => [
+		'query' => <<<SQL
+SELECT test FROM test_foo = ?
+SQL,
+		'params' => [1234],
+		'direction' => 'pg',
+	],
 	'b:' => [
 		'query' => <<<SQL
 INSERT INTO test_foo (
@@ -220,7 +253,7 @@ foreach ($test_queries as $info => $data) {
 	$query = $data['query'];
 	$params = $data['params'];
 	$direction = $data['direction'];
-	print "[$info] Convert: "
+	print "<b>[$info] Convert</b>: "
 		. Support::printAr(ConvertPlaceholder::convertPlaceholderInQuery($query, $params, $direction))
 		. "<br>";
 	echo "<hr>";

www/admin/class_test.db.encryption.php

@@ -0,0 +1,125 @@
+<?php // phpcs:ignore warning
+
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
+
+declare(strict_types=1);
+
+// turn on all error reporting
+error_reporting(E_ALL | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', true);
+// sample config
+require 'config.php';
+// define log file id
+$LOG_FILE_ID = 'classTest-db-query-encryption';
+ob_end_flush();
+
+// use CoreLibs\Debug\Support;
+use CoreLibs\Security\SymmetricEncryption;
+use CoreLibs\Security\CreateKey;
+use CoreLibs\Create\Hash;
+use CoreLibs\Debug\Support;
+
+$log = new CoreLibs\Logging\Logging([
+	'log_folder' => BASE . LOG,
+	'log_file_id' => $LOG_FILE_ID,
+	'log_per_date' => true,
+]);
+// db connection and attach logger
+$db = new CoreLibs\DB\IO(DB_CONFIG, $log);
+$db->log->debug('START', '=============================>');
+
+$PAGE_NAME = 'TEST CLASS: DB QUERY ENCRYPTION';
+print "<!DOCTYPE html>";
+print "<html><head><title>" . $PAGE_NAME . "</title></head>";
+print "<body>";
+print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><h1>' . $PAGE_NAME . '</h1></div>';
+
+// encryption key
+$key = CreateKey::generateRandomKey();
+print "Secret Key: " . $key . "<br>";
+
+// test text
+$text_string = "I a some deep secret";
+//
+$crypt = new SymmetricEncryption($key);
+$encrypted = $crypt->encrypt($text_string);
+$string_hashed = Hash::hashStd($text_string);
+$string_hmac = Hash::hashHmac($text_string, $key);
+$decrypted = $crypt->decrypt($encrypted);
+
+print "String: " . $text_string . "<br>";
+print "Encrypted: " . $encrypted . "<br>";
+print "Hashed: " . $string_hashed . "<br>";
+print "Hmac: " . $string_hmac . "<br>";
+
+$db->dbExecParams(
+	<<<SQL
+	INSERT INTO test_encryption (
+		-- for compare
+		plain_text,
+		-- via php encryption
+		hash_text, hmac_text, crypt_text,
+		-- -- in DB encryption
+		pg_digest_bytea, pg_digest_text,
+		pg_hmac_bytea, pg_hmac_text,
+		pg_crypt_bytea, pg_crypt_text
+	) VALUES (
+		$1,
+		$2, $3, $4,
+		digest($1::VARCHAR, $5),
+		encode(digest($1, $5), 'hex'),
+		hmac($1, $6, $5),
+		encode(hmac($1, $6, $5), 'hex'),
+		pgp_sym_encrypt($1, $7),
+		encode(pgp_sym_encrypt($1, $7), 'hex')
+	) RETURNING cuuid
+	SQL,
+	[
+		// 1: original string
+		$text_string,
+		// 2: hashed, 3: hmac, 4: encrypted
+		$string_hashed, $string_hmac, $encrypted,
+		// 5: hash type, 6: hmac secret, 7: pgp secret
+		'sha256', $key, $key
+	]
+);
+$cuuid = $db->dbGetReturningExt('cuuid');
+print "INSERTED: " . print_r($cuuid, true) . "<br>";
+print "LAST ERROR: " . $db->dbGetLastError(true) . "<br>";
+
+// read back
+$res = $db->dbReturnRowParams(
+	<<<SQL
+	SELECT
+		-- for compare
+		plain_text,
+		-- via php encryption
+		hash_text, hmac_text, crypt_text,
+		-- in DB encryption
+		pg_digest_bytea, pg_digest_text,
+		pg_hmac_bytea, pg_hmac_text,
+		pg_crypt_bytea, pg_crypt_text
+	FROM
+		test_encryption
+	WHERE
+		cuuid = $1
+	SQL,
+	[
+		$cuuid
+	]
+);
+
+print "RES: <pre>" . Support::prAr($res) . "</pre><br>";
+
+// do compare
+
+print "</body></html>";
+
+// __END__

www/admin/class_test.db.php

@@ -76,41 +76,41 @@ $db->dbResetEncoding();
 
 // empty calls, none of the below should fail
 //
-$db->dbGetCursor();
+$foo = $db->dbGetCursor();
 //
-$db->dbGetCursorExt();
+$foo = $db->dbGetCursorExt();
 //
-$db->dbGetCursorPos('SELECT foo', ['bar']);
+$foo = $db->dbGetCursorPos('SELECT foo', ['bar']);
 //
-$db->dbGetCursorNumRows('SELECT foo', ['bar']);
+$foo = $db->dbGetCursorNumRows('SELECT foo', ['bar']);
 //
-$db->dbGetInsertPKName();
+$foo = $db->dbGetInsertPKName();
 //
-$db->dbGetInsertPK();
+$foo = $db->dbGetInsertPK();
 //
-$db->dbGetReturningExt();
-$db->dbGetReturningExt('foo');
-$db->dbGetReturningExt('foo', 0);
-$db->dbGetReturningExt(pos:0);
+$foo = $db->dbGetReturningExt();
+$foo = $db->dbGetReturningExt('foo');
+$foo = $db->dbGetReturningExt('foo', 0);
+$foo = $db->dbGetReturningExt(pos:0);
 //
-$db->dbGetReturningArray();
+$foo = $db->dbGetReturningArray();
 //
-$db->dbGetNumRows();
+$foo = $db->dbGetNumRows();
 //
-$db->dbGetNumFields();
+$foo = $db->dbGetNumFields();
 //
-$db->dbGetFieldNames();
+$foo = $db->dbGetFieldNames();
 //
-$db->dbGetFieldTypes();
+$foo = $db->dbGetFieldTypes();
 //
-$db->dbGetFieldNameTypes();
+$foo = $db->dbGetFieldNameTypes();
 //
-$db->dbGetFieldName(0);
+$foo = $db->dbGetFieldName(0);
 //
-$db->dbGetFieldType(0);
-$db->dbGetFieldType('foo');
+$foo = $db->dbGetFieldType(0);
+$foo = $db->dbGetFieldType('foo');
 //
-$db->dbGetPrepareCursorValue('foo', 'bar');
+$foo = $db->dbGetPrepareCursorValue('foo', 'bar');
 
 // TEST CACHE READS
 

www/admin/class_test.db.query-placeholder.php

@@ -54,7 +54,7 @@ if (($dbh = $db->dbGetDbh()) instanceof \PgSql\Connection) {
 	print "NO DB HANDLER<br>";
 }
 // REGEX for placeholder count
-print "Placeholder regex: <pre>" . CoreLibs\DB\Support\ConvertPlaceholder::REGEX_LOOKUP_PLACEHOLDERS . "</pre>";
+print "Placeholder lookup regex: <pre>" . CoreLibs\DB\Support\ConvertPlaceholder::REGEX_LOOKUP_NUMBERED . "</pre>";
 
 // turn on debug replace for placeholders
 $db->dbSetDebugReplacePlaceholder(true);
@@ -148,6 +148,7 @@ RETURNING
 	bigint_a, number_real, number_double, numeric_3,
 	uuid_var
 SQL;
+print "Placeholders: <pre>" . print_r($db->dbGetQueryParamPlaceholders($query_insert), true) . "<pre>";
 $status = $db->dbExecParams($query_insert, $query_params);
 echo "<b>*</b><br>";
 echo "INSERT ALL COLUMN TYPES: "
@@ -326,6 +327,7 @@ SQL,
 ) {
 	print "RES: " . Support::prAr($res) . "<br>";
 }
+print "PL: " . Support::PrAr($db->dbGetPlaceholderConverted()) . "<br>";
 print "ERROR: " . $db->dbGetLastError(true) . "<br>";
 
 print "</body></html>";

www/admin/class_test.hash.php

@@ -19,6 +19,7 @@ $LOG_FILE_ID = 'classTest-hash';
 ob_end_flush();
 
 use CoreLibs\Create\Hash;
+use CoreLibs\Security\CreateKey;
 
 $log = new CoreLibs\Logging\Logging([
 	'log_folder' => BASE . LOG,
@@ -38,28 +39,66 @@ print '<div><h1>' . $PAGE_NAME . '</h1></div>';
 
 $to_crc = 'Some text block';
 // static
-print "S::__CRC32B: $to_crc: " . $hash_class::__crc32b($to_crc) . "<br>";
-print "S::__SHA1SHORT(off): $to_crc: " . $hash_class::__sha1short($to_crc) . "<br>";
-print "S::__SHA1SHORT(on): $to_crc: " . $hash_class::__sha1short($to_crc, true) . "<br>";
-print "S::__hash(d): " . $to_crc . "/"
-	. Hash::STANDARD_HASH_SHORT . ": " . $hash_class::__hash($to_crc) . "<br>";
-foreach (['adler32', 'fnv132', 'fnv1a32', 'joaat', 'sha512'] as $__hash_c) {
-	print "S::__hash($__hash_c): $to_crc: " . $hash_class::__hash($to_crc, $__hash_c) . "<br>";
+print "S::__CRC32B: $to_crc: " . Hash::__crc32b($to_crc) . "<br>";
+// print "S::__SHA1SHORT(off): $to_crc: " . Hash::__sha1short($to_crc) . "<br>";
+print "S::hashShort(__sha1Short replace): $to_crc: " . Hash::hashShort($to_crc) . "<br>";
+// print "S::__SHA1SHORT(on): $to_crc: " . Hash::__sha1short($to_crc, true) . "<br>";
+print "S::sha1Short(__sha1Short replace): $to_crc: " . Hash::sha1Short($to_crc) . "<br>";
+// print "S::__hash(d): " . $to_crc . "/"
+// 	. Hash::STANDARD_HASH_SHORT . ": " . $hash_class::__hash($to_crc) . "<br>";
+$to_crc_list = [
+	'Some text block',
+	'Some String Text',
+	'any string',
+];
+foreach ($to_crc_list as $__to_crc) {
+	foreach (['adler32', 'fnv132', 'fnv1a32', 'joaat', 'ripemd160', 'sha256', 'sha512'] as $__hash_c) {
+		print "Hash::hash($__hash_c): $__to_crc: " . Hash::hash($to_crc, $__hash_c) . "<br>";
+	}
 }
 // static use
 print "U-S::__CRC32B: $to_crc: " . Hash::__crc32b($to_crc) . "<br>";
 
 echo "<hr>";
 $text = 'Some String Text';
+// $text = 'any string';
 $type = 'crc32b';
 print "Hash: " . $type . ": " . hash($type, $text) . "<br>";
-print "Class: " . $type . ": " . Hash::__hash($text, $type) . "<br>";
+// print "Class (old): " . $type . ": " . Hash::__hash($text, $type) . "<br>";
+print "Class (new): " . $type . ": " . Hash::hash($text, $type) . "<br>";
 
 echo "<hr>";
-print "<br>CURRENT STANDARD_HASH_SHORT: " . Hash::STANDARD_HASH_SHORT . "<br>";
-print "<br>CURRENT STANDARD_HASH_LONG: " . Hash::STANDARD_HASH_LONG . "<br>";
-print "HASH SHORT: " . $to_crc . ": " . Hash::__hash($to_crc) . "<br>";
-print "HASH LONG: " . $to_crc . ": " . Hash::__hashLong($to_crc) . "<br>";
+print "CURRENT STANDARD_HASH_SHORT: " . Hash::STANDARD_HASH_SHORT . "<br>";
+print "CURRENT STANDARD_HASH_LONG: " . Hash::STANDARD_HASH_LONG . "<br>";
+print "CURRENT STANDARD_HASH: " . Hash::STANDARD_HASH . "<br>";
+print "HASH SHORT: " . $to_crc . ": " . Hash::hashShort($to_crc) . "<br>";
+print "HASH LONG: " . $to_crc . ": " . Hash::hashLong($to_crc) . "<br>";
+print "HASH DEFAULT: " . $to_crc . ": " . Hash::hashStd($to_crc) . "<br>";
+
+echo "<hr>";
+$key = CreateKey::generateRandomKey();
+$key = "FIX KEY";
+print "Secret Key: " . $key . "<br>";
+print "HASHMAC DEFAULT (fix): " . $to_crc . ": " . Hash::hashHmac($to_crc, $key) . "<br>";
+$key = CreateKey::generateRandomKey();
+print "Secret Key: " . $key . "<br>";
+print "HASHMAC DEFAULT (random): " . $to_crc . ": " . Hash::hashHmac($to_crc, $key) . "<br>";
+
+echo "<hr>";
+$hash_types = ['crc32b', 'sha256', 'invalid'];
+foreach ($hash_types as $hash_type) {
+	echo "<b>Checking $hash_type:</b><br>";
+	if (Hash::isValidHashType($hash_type)) {
+		echo "hash type: $hash_type is valid<br>";
+	} else {
+		echo "hash type: $hash_type is INVALID<br>";
+	}
+	if (Hash::isValidHashHmacType($hash_type)) {
+		echo "hash hmac type: $hash_type is valid<br>";
+	} else {
+		echo "hash hmac type: $hash_type is INVALID<br>";
+	}
+}
 
 // print "UNIQU ID SHORT : " . Hash::__uniqId() . "<br>";
 // print "UNIQU ID LONG : " . Hash::__uniqIdLong() . "<br>";

www/admin/class_test.php

@@ -95,6 +95,7 @@ $test_files = [
 	'class_test.db.dbReturn.php' => 'Class Test: DB dbReturn',
 	'class_test.db.single.php' => 'Class Test: DB single query tests',
 	'class_test.db.convert-placeholder.php' => 'Class Test: DB convert placeholder',
+	'class_test.db.encryption.php' => 'Class Test: DB pgcrypto',
 	'class_test.convert.colors.php' => 'Class Test: CONVERT COLORS',
 	'class_test.check.colors.php' => 'Class Test: CHECK COLORS',
 	'class_test.mime.php' => 'Class Test: MIME',

www/admin/class_test.session.php

@@ -86,8 +86,10 @@ if (!isset($_SESSION['counter'])) {
 $_SESSION['counter']++;
 print "[READ] A " . $var . ": " . ($_SESSION[$var] ?? '{UNSET}') . "<br>";
 $_SESSION[$var] = $value;
+/** @phpstan-ignore-next-line nullCoalesce.offset */
 print "[READ] B " . $var . ": " . ($_SESSION[$var] ?? '{UNSET}') . "<br>";
 print "[READ] Confirm " . $var . " is " . $value . ": "
+/** @phpstan-ignore-next-line equal.alwaysTrue, nullCoalesce.offset */
 	. (($_SESSION[$var] ?? '') == $value ? 'Matching' : 'Not matching') . "<br>";
 
 // test set wrappers methods

www/admin/layout/javascript/edit.jq.js

@@ -1,7 +1,9 @@
-/* general edit javascript */
-/* jquery version */
+/*
+general edit javascript
+jquery version
+*/
 
-/* jshint esversion: 11 */
+/** @deprecated Do not use this anymore, use utils.js or utils.min.js */
 
 /* global i18n */
 
@@ -18,11 +20,28 @@ if (!DEBUG) {
 var GL_OB_S = 100;
 var GL_OB_BASE = 100;
 
+/**
+ * Gets html element or throws an error
+ * @param {string} el_id Element ID to get
+ * @returns {HTMLElement}
+ * @throws Error
+ * @deprecated use utils.js
+ */
+function loadEl(el_id)
+{
+	let el = document.getElementById(el_id);
+	if (el === null) {
+		throw new Error('Cannot find: ' + el_id);
+	}
+	return el;
+}
+
 /**
  * opens a popup window with winName and given features (string)
  * @param {String} theURL   the url
  * @param {String} winName  window name
  * @param {Object} features popup features
+ * @deprecated use utils.js
  */
 function pop(theURL, winName, features) // eslint-disable-line no-unused-vars
 {
@@ -33,6 +52,7 @@ function pop(theURL, winName, features) // eslint-disable-line no-unused-vars
 /**
  * automatically resize a text area based on the amount of lines in it
  * @param {string} ta_id element id
+ * @deprecated use utils.js
  */
 function expandTA(ta_id) // eslint-disable-line no-unused-vars
 {
@@ -58,6 +78,7 @@ function expandTA(ta_id) // eslint-disable-line no-unused-vars
 /**
  * wrapper to get the real window size for the current browser window
  * @return {Object} object with width/height
+ * @deprecated use utils.js
  */
 function getWindowSize()
 {
@@ -73,6 +94,7 @@ function getWindowSize()
 /**
  * wrapper to get the correct scroll offset
  * @return {Object} object with x/y px
+ * @deprecated use utils.js
  */
 function getScrollOffset()
 {
@@ -88,6 +110,7 @@ function getScrollOffset()
 /**
  * wrapper to get the correct scroll offset for opener page (from popup)
  * @return {Object} object with x/y px
+ * @deprecated use utils.js
  */
 function getScrollOffsetOpener() // eslint-disable-line no-unused-vars
 {
@@ -105,6 +128,7 @@ function getScrollOffsetOpener() // eslint-disable-line no-unused-vars
  * @param {String}  id   element to center
  * @param {Boolean} left if true centers to the middle from the left
  * @param {Boolean} top  if true centers to the middle from the top
+ * @deprecated use utils.js
  */
 function setCenter(id, left, top)
 {
@@ -142,6 +166,7 @@ function setCenter(id, left, top)
  * @param {Number} [offset=0]         offset from top, default is 0 (px)
  * @param {Number} [duration=500]     animation time, default 500ms
  * @param {String} [base='body,html'] base element for offset scroll
+ * @deprecated use utils.js
  */
 function goToPos(element, offset = 0, duration = 500, base = 'body,html') // eslint-disable-line no-unused-vars
 {
@@ -156,11 +181,25 @@ function goToPos(element, offset = 0, duration = 500, base = 'body,html') // esl
 	}
 }
 
+/**
+ * go to element, scroll
+ * non jquery
+ * @param {string} target
+ * @deprecated use utils.js
+*/
+function goTo(target) // eslint-disable-line no-unused-vars
+{
+	loadEl(target).scrollIntoView({
+		behavior: 'smooth'
+	});
+}
+
 /**
  * uses the i18n object created in the translation template
  * that is filled from gettext in PHP
  * @param  {String} string text to translate
  * @return {String}        translated text (based on PHP selected language)
+ * @deprecated use utils.js
  */
 function __(string)
 {
@@ -177,37 +216,70 @@ function __(string)
  * First, checks if it isn't implemented yet.
  * @param  {String} String.prototype.format string with elements to be replaced
  * @return {String}                         Formated string
+ * @deprecated use utils.js
  */
 if (!String.prototype.format) {
 	String.prototype.format = function()
 	{
-		var args = arguments;
-		return this.replace(/{(\d+)}/g, function(match, number)
-		{
-			return typeof args[number] != 'undefined' ?
-				args[number] :
-				match
-			;
-		});
+		console.error('[DEPRECATED] use formatString');
+		return formatString(this, arguments);
+	};
+}
+
+/**
+ * simple sprintf formater for replace
+ * usage: "{0} is cool, {1} is not".format("Alpha", "Beta");
+ * First, checks if it isn't implemented yet.
+ * @param  {String} string String with {..} entries
+ * @param  {...any} args   List of replacement
+ * @returns {String}       Escaped string
+ * @deprecated use utils.js
+ */
+function formatString(string, ...args)
+{
+	return string.replace(/{(\d+)}/g, function(match, number)
+	{
+		return typeof args[number] != 'undefined' ?
+			args[number] :
+			match
+		;
+	});
+}
+
+/**
+ * round to digits (float)
+ * @param  {Number}  Number.prototype.round Float type number to round
+ * @param  {Number} prec                   Precision to round to
+ * @return {Float}                         Rounded number
+ * @deprecated use utils.js
+ */
+if (Number.prototype.round) {
+	Number.prototype.round = function (prec) {
+		console.error('[DEPRECATED] use roundPrecision');
+		return roundPrecision(this, prec);
 	};
 }
 
 /**
  * round to digits (float)
- * @param  {Float}  Number.prototype.round Float type number to round
- * @param  {Number} prec                   Precision to round to
- * @return {Float}                         Rounded number
+ * @param  {Number} number    Float type number to round
+ * @param  {Number} precision Precision to round to
+ * @return {Number}           Rounded number
+ * @deprecated use utils.js
  */
-if (Number.prototype.round) {
-	Number.prototype.round = function (prec) {
-		return Math.round(this * Math.pow(10, prec)) / Math.pow(10, prec);
-	};
+function roundPrecision(number, precision)
+{
+	if (!isNaN(number) || !isNaN(precision)) {
+		return number;
+	}
+	return Math.round(number * Math.pow(10, precision)) / Math.pow(10, precision);
 }
 
 /**
  * formats flat number 123456 to 123,456
  * @param  {Number} x number to be formated
  * @return {String}   formatted with , in thousands
+ * @deprecated use utils.js
  */
 function numberWithCommas(x) // eslint-disable-line no-unused-vars
 {
@@ -220,6 +292,7 @@ function numberWithCommas(x) // eslint-disable-line no-unused-vars
  * converts line breaks to br
  * @param  {String} string any string
  * @return {String}        string with <br>
+ * @deprecated use utils.js
  */
 function convertLBtoBR(string) // eslint-disable-line no-unused-vars
 {
@@ -228,51 +301,78 @@ function convertLBtoBR(string) // eslint-disable-line no-unused-vars
 
 /**
  * escape HTML string
- * @param  {String} !String.prototype.escapeHTML HTML data string to be escaped
- * @return {String}                              escaped string
+ * @param  {String} String.prototype.escapeHTML HTML data string to be escaped
+ * @return {String}                             escaped string
+ * @deprecated use utils.js
  */
 if (!String.prototype.escapeHTML) {
 	String.prototype.escapeHTML = function() {
-		return this.replace(/[&<>"'/]/g, function (s) {
-			var entityMap = {
-				'&': '&amp;',
-				'<': '&lt;',
-				'>': '&gt;',
-				'"': '&quot;',
-				'\'': '&#39;',
-				'/': '&#x2F;'
-			};
-
-			return entityMap[s];
-		});
+		console.error('[DEPRECATED] use escapeHtml');
+		return escapeHtml(this);
 	};
 }
 
 /**
  * unescape a HTML encoded string
- * @param  {String} !String.prototype.unescapeHTML data with escaped entries
- * @return {String}                                HTML formated string
+ * @param  {String} String.prototype.unescapeHTML data with escaped entries
+ * @return {String}                               HTML formated string
+ * @deprecated use utils.js
  */
 if (!String.prototype.unescapeHTML) {
 	String.prototype.unescapeHTML = function() {
-		return this.replace(/&[#\w]+;/g, function (s) {
-			var entityMap = {
-				'&amp;': '&',
-				'&lt;': '<',
-				'&gt;': '>',
-				'&quot;': '"',
-				'&#39;': '\'',
-				'&#x2F;': '/'
-			};
-
-			return entityMap[s];
-		});
+		console.error('[DEPRECATED] use unescapeHtml');
+		return unescapeHtml(this);
 	};
 }
 
+/**
+ * Escapes HTML in string
+ * @param {String} string Text to escape HTML in
+ * @returns {String}
+ * @deprecated use utils.js
+ */
+function escapeHtml(string)
+{
+	return string.replace(/[&<>"'/]/g, function (s) {
+		var entityMap = {
+			'&': '&amp;',
+			'<': '&lt;',
+			'>': '&gt;',
+			'"': '&quot;',
+			'\'': '&#39;',
+			'/': '&#x2F;'
+		};
+
+		return entityMap[s];
+	});
+}
+
+/**
+ * Unescape a HTML encoded string
+ * @param {String} string Text to unescape HTML in
+ * @returns {String}
+ * @deprecated use utils.js
+ */
+function unescapeHtml(string)
+{
+	return string.replace(/&[#\w]+;/g, function (s) {
+		var entityMap = {
+			'&amp;': '&',
+			'&lt;': '<',
+			'&gt;': '>',
+			'&quot;': '"',
+			'&#39;': '\'',
+			'&#x2F;': '/'
+		};
+
+		return entityMap[s];
+	});
+}
+
 /**
  * returns current timestamp (unix timestamp)
  * @return {Number} timestamp (in milliseconds)
+ * @deprecated use utils.js
  */
 function getTimestamp() // eslint-disable-line no-unused-vars
 {
@@ -285,6 +385,7 @@ function getTimestamp() // eslint-disable-line no-unused-vars
  * i.e. 0-255 -> '00'-'ff'
  * @param  {Number} dec decimal string
  * @return {String}     hex encdoded number
+ * @deprecated use utils.js
  */
 function dec2hex(dec)
 {
@@ -296,6 +397,7 @@ function dec2hex(dec)
  * only works on mondern browsers
  * @param  {Number} len length of unique id string
  * @return {String}     random string in length of len
+ * @deprecated use utils.js
  */
 function generateId(len) // eslint-disable-line no-unused-vars
 {
@@ -309,6 +411,7 @@ function generateId(len) // eslint-disable-line no-unused-vars
  * works on all browsers
  * after many runs it will create duplicates
  * @return {String} not true random string
+ * @deprecated use utils.js
  */
 function randomIdF() // eslint-disable-line no-unused-vars
 {
@@ -322,6 +425,7 @@ function randomIdF() // eslint-disable-line no-unused-vars
  * @param  {Number} min minimum int number inclusive
  * @param  {Number} max maximumg int number inclusive
  * @return {Number}     Random number
+ * @deprecated use utils.js
  */
 function getRandomIntInclusive(min, max) // eslint-disable-line no-unused-vars
 {
@@ -335,6 +439,7 @@ function getRandomIntInclusive(min, max) // eslint-disable-line no-unused-vars
  * check if name is a function
  * @param  {string}  name Name of function to check if exists
  * @return {Boolean}      true/false
+ * @deprecated use utils.js
  */
 function isFunction(name) // eslint-disable-line no-unused-vars
 {
@@ -354,6 +459,7 @@ function isFunction(name) // eslint-disable-line no-unused-vars
  * @param  {mixed}  context      context (window or first namespace)
  *                               hidden next are all the arguments
  * @return {mixed}               Return values from functon
+ * @deprecated use utils.js
  */
 function executeFunctionByName(functionName, context /*, args */) // eslint-disable-line no-unused-vars
 {
@@ -370,6 +476,7 @@ function executeFunctionByName(functionName, context /*, args */) // eslint-disa
  * checks if a variable is an object
  * @param  {Mixed}   val possible object
  * @return {Boolean}     true/false if it is an object or not
+ * @deprecated use utils.js
  */
 function isObject(val)
 {
@@ -383,6 +490,7 @@ function isObject(val)
  * get the length of an object (entries)
  * @param  {Object} object object to check
  * @return {Number} number of entry
+ * @deprecated use utils.js
  */
 function getObjectCount(object)
 {
@@ -394,6 +502,7 @@ function getObjectCount(object)
  * @param  {String}  key    key name
  * @param  {Object}  object object to search key in
  * @return {Boolean}        true/false if key exists in object
+ * @deprecated use utils.js
  */
 function keyInObject(key, object)
 {
@@ -402,9 +511,10 @@ function keyInObject(key, object)
 
 /**
  * returns matching key of value
- * @param  {Object} obj   object to search value in
- * @param  {Mixed}  value any value (String, Number, etc)
- * @return {String}       the key found for the first matching value
+ * @param  {Object} object object to search value in
+ * @param  {Mixed}  value  any value (String, Number, etc)
+ * @return {String}        the key found for the first matching value
+ * @deprecated use utils.js
  */
 function getKeyByValue(object, value) // eslint-disable-line no-unused-vars
 {
@@ -416,9 +526,10 @@ function getKeyByValue(object, value) // eslint-disable-line no-unused-vars
 
 /**
  * returns true if value is found in object with a key
- * @param  {Object}  obj   object to search value in
- * @param  {Mixed}   value any value (String, Number, etc)
- * @return {Boolean}       true on value found, false on not found
+ * @param  {Object}  object object to search value in
+ * @param  {Mixed}   value  any value (String, Number, etc)
+ * @return {Boolean}        true on value found, false on not found
+ * @deprecated use utils.js
  */
 function valueInObject(object, value) // eslint-disable-line no-unused-vars
 {
@@ -434,6 +545,7 @@ function valueInObject(object, value) // eslint-disable-line no-unused-vars
  * or if JSON.parse(JSON.stringify(obj)) is failing
  * @param  {Object} inObject Object to copy
  * @return {Object}          Copied Object
+ * @deprecated use utils.js
  */
 function deepCopyFunction(inObject)
 {
@@ -457,6 +569,7 @@ function deepCopyFunction(inObject)
  * checks if a DOM element actually exists
  * @param  {String}  id Element id to check for
  * @return {Boolean}    true if element exists, false on failure
+ * @deprecated use utils.js
  */
 function exists(id)
 {
@@ -468,6 +581,7 @@ function exists(id)
  * currently precision is fixed, if dynamic needs check for max/min precision
  * @param  {Number} bytes bytes in int
  * @return {String}       string in GB/MB/KB
+ * @deprecated use utils.js
  */
 function formatBytes(bytes) // eslint-disable-line no-unused-vars
 {
@@ -484,6 +598,7 @@ function formatBytes(bytes) // eslint-disable-line no-unused-vars
  * like formatBytes, but returns bytes for <1KB and not 0.n KB
  * @param  {Number} bytes bytes in int
  * @return {String}       string in GB/MB/KB
+ * @deprecated use utils.js
  */
 function formatBytesLong(bytes) // eslint-disable-line no-unused-vars
 {
@@ -496,6 +611,7 @@ function formatBytesLong(bytes) // eslint-disable-line no-unused-vars
  * Convert a string with B/K/M/etc into a byte number
  * @param  {String|Number} bytes Any string with B/K/M/etc
  * @return {String|Number}       A byte number, or original string as is
+ * @deprecated use utils.js
  */
 function stringByteFormat(bytes) // eslint-disable-line no-unused-vars
 {
@@ -526,6 +642,7 @@ function stringByteFormat(bytes) // eslint-disable-line no-unused-vars
 /**
  * prints out error messages based on data available from the browser
  * @param {Object} err error from try/catch block
+ * @deprecated use utils.js
  */
 function errorCatch(err)
 {
@@ -533,22 +650,20 @@ function errorCatch(err)
 	if (err.stack) {
 		// only FF
 		if (err.lineNumber) {
-			console.log('ERROR[%s:%s] %s', err.name, err.lineNumber, err.message);
+			console.error('ERROR[%s:%s] ', err.name, err.lineNumber, err);
 		} else if (err.line) {
 			// only Safari
-			console.log('ERROR[%s:%s] %s', err.name, err.line, err.message);
+			console.error('ERROR[%s:%s] ', err.name, err.line, err);
 		} else {
-			console.log('ERROR[%s] %s', err.name, err.message);
+			console.error('ERROR[%s] ', err.name, err);
 		}
-		// stack trace
-		console.log('ERROR[stack] %s', err.stack);
 	} else if (err.number) {
 		// IE
-		console.log('ERROR[%s:%s] %s', err.name, err.number, err.message);
-		console.log('ERROR[description] %s', err.description);
+		console.error('ERROR[%s:%s] %s', err.name, err.number, err.message);
+		console.error('ERROR[description] %s', err.description);
 	} else {
 		// the rest
-		console.log('ERROR[%s] %s', err.name, err.message);
+		console.error('ERROR[%s] %s', err.name, err.message);
 	}
 }
 
@@ -571,6 +686,7 @@ function errorCatch(err)
  * @param {String}  loc            location name for action indicator
  *                                 default empty. for console.log
  * @param {Boolean} [overlay=true] override the auto hide/show over the overlay div block
+ * @deprecated use utils.js
  */
 function actionIndicator(loc, overlay = true) // eslint-disable-line no-unused-vars
 {
@@ -587,6 +703,7 @@ function actionIndicator(loc, overlay = true) // eslint-disable-line no-unused-v
  * @param {String}  loc            location name for action indicator
  *                                 default empty. for console.log
  * @param {Boolean} [overlay=true] override the auto hide/show over the overlay div block
+ * @deprecated use utils.js
  */
 function actionIndicatorShow(loc, overlay = true)
 {
@@ -609,6 +726,7 @@ function actionIndicatorShow(loc, overlay = true)
  * @param {String}  loc            location name for action indicator
  *                                 default empty. for console.log
  * @param {Boolean} [overlay=true] override the auto hide/show over the overlay div block
+ * @deprecated use utils.js
  */
 function actionIndicatorHide(loc, overlay = true)
 {
@@ -621,6 +739,7 @@ function actionIndicatorHide(loc, overlay = true)
 
 /**
  * shows the overlay box or if already visible, bumps the zIndex to 100
+ * @deprecated use utils.js
  */
 function overlayBoxShow()
 {
@@ -635,6 +754,7 @@ function overlayBoxShow()
 
 /**
  * hides the overlay box or if zIndex is 100 bumps it down to previous level
+ * @deprecated use utils.js
  */
 function overlayBoxHide()
 {
@@ -648,6 +768,7 @@ function overlayBoxHide()
 
 /**
  * position the overlay block box and shows it
+ * @deprecated use utils.js
  */
 function setOverlayBox() // eslint-disable-line no-unused-vars
 {
@@ -658,6 +779,7 @@ function setOverlayBox() // eslint-disable-line no-unused-vars
 
 /**
  * opposite of set, always hides overlay box
+ * @deprecated use utils.js
  */
 function hideOverlayBox() // eslint-disable-line no-unused-vars
 {
@@ -668,6 +790,7 @@ function hideOverlayBox() // eslint-disable-line no-unused-vars
 
 /**
  * the abort call, clears the action box and hides it and the overlay box
+ * @deprecated use utils.js
  */
 function ClearCall() // eslint-disable-line no-unused-vars
 {
@@ -689,6 +812,7 @@ function ClearCall() // eslint-disable-line no-unused-vars
  *   zIndex of 1000
  * - indicator is page centered
  * @param {String} loc ID string, only used for console log
+ * @deprecated use utils.js
  */
 function showActionIndicator(loc) // eslint-disable-line no-unused-vars
 {
@@ -727,6 +851,7 @@ function showActionIndicator(loc) // eslint-disable-line no-unused-vars
  * the overlayBox is not hidden but the zIndex
  * is set to this value
  * @param {String} loc ID string, only used for console log
+ * @deprecated use utils.js
  */
 function hideActionIndicator(loc) // eslint-disable-line no-unused-vars
 {
@@ -750,6 +875,7 @@ function hideActionIndicator(loc) // eslint-disable-line no-unused-vars
 /**
  * checks if overlayBox exists, if not it is
  * added as hidden item at the body end
+ * @deprecated use utils.js
  */
 function checkOverlayExists()
 {
@@ -767,6 +893,7 @@ function checkOverlayExists()
  * if not visible show and set zIndex to 10 (GL_OB_BASE)
  * if visible, add +1 to the GL_OB_S variable and
  * up zIndex by this value
+ * @deprecated use utils.js
  */
 function showOverlayBoxLayers(el_id) // eslint-disable-line no-unused-vars
 {
@@ -799,8 +926,9 @@ function showOverlayBoxLayers(el_id) // eslint-disable-line no-unused-vars
  * and set zIndex and GL_OB_S to 0
  * else just set zIndex to the new GL_OB_S value
  * @param {String} el_id Target to hide layer
+ * @deprecated use utils.js
  */
-function hideOverlayBoxLayers(el_id)
+function hideOverlayBoxLayers(el_id='')
 {
 	// console.log('HIDE overlaybox: %s', GL_OB_S);
 	// remove on layer
@@ -824,6 +952,7 @@ function hideOverlayBoxLayers(el_id)
 
 /**
  * only for single action box
+ * @deprecated use utils.js
  */
 function clearCallActionBox() // eslint-disable-line no-unused-vars
 {
@@ -841,6 +970,7 @@ function clearCallActionBox() // eslint-disable-line no-unused-vars
  * @param  {Array}  [css=[]]     array for css tags
  * @param  {Object} [options={}] anything else (value, placeholder, OnClick, style)
  * @return {Object}              created element as an object
+ * @deprecated use utils.js
  */
 function cel(tag, id = '', content = '', css = [], options = {})
 {
@@ -861,6 +991,7 @@ function cel(tag, id = '', content = '', css = [], options = {})
  * @param  {Object} attach  the object to be attached
  * @param  {String} [id=''] optional id, if given search in base for this id and attach there
  * @return {Object}         "none", technically there is no return needed as it is global attach
+ * @deprecated use utils.js
  */
 function ael(base, attach, id = '')
 {
@@ -891,6 +1022,7 @@ function ael(base, attach, id = '')
  * @param  {Object}    base   object to where we attach the elements
  * @param  {...Object} attach attach 1..n: attach directly to the base element those attachments
  * @return {Object}           "none", technically there is no return needed, global attach
+ * @deprecated use utils.js
  */
 function aelx(base, ...attach)
 {
@@ -907,6 +1039,7 @@ function aelx(base, ...attach)
  * @param  {Object} base   object to where we attach the elements
  * @param  {Array}  attach array of objects to attach
  * @return {Object}        "none", technically there is no return needed, global attach
+ * @deprecated use utils.js
  */
 function aelxar(base, attach) // eslint-disable-line no-unused-vars
 {
@@ -921,6 +1054,7 @@ function aelxar(base, attach) // eslint-disable-line no-unused-vars
  * resets the sub elements of the base element given
  * @param  {Object} base cel created element
  * @return {Object}      returns reset base element
+ * @deprecated use utils.js
  */
 function rel(base) // eslint-disable-line no-unused-vars
 {
@@ -933,6 +1067,7 @@ function rel(base) // eslint-disable-line no-unused-vars
  * @param  {Object} _element element to work one
  * @param  {String} css      style sheet to remove (name)
  * @return {Object}          returns full element
+ * @deprecated use utils.js
  */
 function rcssel(_element, css)
 {
@@ -948,6 +1083,7 @@ function rcssel(_element, css)
  * @param  {Object} _element element to work on
  * @param  {String} css      style sheet to add (name)
  * @return {Object}         returns full element
+ * @deprecated use utils.js
  */
 function acssel(_element, css)
 {
@@ -965,6 +1101,7 @@ function acssel(_element, css)
  * @param  {String} rcss     style to remove (name)
  * @param  {String} acss     style to add (name)
  * @return {Object}          returns full element
+ * @deprecated use utils.js
  */
 function scssel(_element, rcss, acss) // eslint-disable-line no-unused-vars
 {
@@ -977,6 +1114,7 @@ function scssel(_element, rcss, acss) // eslint-disable-line no-unused-vars
  * that can be inserted into the page
  * @param  {Object} tree object tree with dom element declarations
  * @return {String}      HTML string that can be used as innerHTML
+ * @deprecated use utils.js
  */
 function phfo(tree)
 {
@@ -1083,6 +1221,7 @@ function phfo(tree)
  * Is like tree.sub call
  * @param  {Array}  list Array of cel created objects
  * @return {String}      HTML String
+ * @deprecated use utils.js
  */
 function phfa(list) // eslint-disable-line no-unused-vars
 {
@@ -1109,11 +1248,14 @@ function phfa(list) // eslint-disable-line no-unused-vars
  * @param  {String}  [sort='']             if empty as is, else allowed 'keys',
  *                                         'values' all others are ignored
  * @return {String}                        html with build options block
+ * @deprecated use utils.js
  */
 function html_options(name, data, selected = '', options_only = false, return_string = false, sort = '') // eslint-disable-line no-unused-vars
 {
 	// wrapper to new call
-	return html_options_block(name, data, selected, false, options_only, return_string, sort);
+	return html_options_block(
+		name, data, selected, 0, options_only, return_string, sort
+	);
 }
 
 /**
@@ -1134,9 +1276,11 @@ function html_options(name, data, selected = '', options_only = false, return_st
  *                                         'values' all others are ignored
  * @param  {String}  [onchange='']         onchange trigger call, default unset
  * @return {String}                        html with build options block
+ * @deprecated use utils.js
  */
-function html_options_block(name, data, selected = '', multiple = 0, options_only = false, return_string = false, sort = '', onchange = '')
-{
+function html_options_block(
+	name, data, selected = '', multiple = 0, options_only = false, return_string = false, sort = '', onchange = ''
+) {
 	var content = [];
 	var element_select;
 	var select_options = {};
@@ -1173,7 +1317,8 @@ function html_options_block(name, data, selected = '', multiple = 0, options_onl
 		// basic options init
 		options = {
 			'label': value,
-			'value': key
+			'value': key,
+			'selected': ''
 		};
 		// add selected if matching
 		if (multiple == 0 && !Array.isArray(selected) && selected == key) {
@@ -1184,7 +1329,7 @@ function html_options_block(name, data, selected = '', multiple = 0, options_onl
 			options.selected = '';
 		}
 		// create the element option
-		element_option = cel('option', '', value, '', options);
+		element_option = cel('option', '', value, [], options);
 		// attach it to the select element
 		ael(element_select, element_option);
 	}
@@ -1214,6 +1359,7 @@ function html_options_block(name, data, selected = '', multiple = 0, options_onl
  * @param {String} name      name/id
  * @param {Object} data      array of options
  * @param {String} [sort=''] if empty as is, else allowed 'keys', 'values'
+ * @deprecated use utils.js
  *                            all others are ignored
  */
 function html_options_refill(name, data, sort = '') // eslint-disable-line no-unused-vars
@@ -1236,7 +1382,7 @@ function html_options_refill(name, data, sort = '') // eslint-disable-line no-un
 		[].forEach.call(document.querySelectorAll('#' + name + ' :checked'), function(elm) {
 			option_selected = elm.value;
 		});
-		document.getElementById(name).innerHTML = '';
+		loadEl(name).innerHTML = '';
 		for (const key of data_list) {
 			value = data[key];
 			// console.log('add [%s]  options: key: %s, value: %s', name, key, value);
@@ -1247,7 +1393,7 @@ function html_options_refill(name, data, sort = '') // eslint-disable-line no-un
 			if (key == option_selected) {
 				element_option.selected = true;
 			}
-			document.getElementById(name).appendChild(element_option);
+			loadEl(name).appendChild(element_option);
 		}
 	}
 }
@@ -1262,6 +1408,7 @@ function html_options_refill(name, data, sort = '') // eslint-disable-line no-un
  * @param  {String}        [return_key=''] if set only returns this key entry
  *                                         or empty for none
  * @return {Object|String}                 parameter entry list
+ * @deprecated use utils.js
  */
 function parseQueryString(query = '', return_key = '') // eslint-disable-line no-unused-vars
 {
@@ -1311,11 +1458,12 @@ function parseQueryString(query = '', return_key = '') // eslint-disable-line no
  *                                        all parameters are returned
  * @param  {String}        [query='']     different query string to parse, if not
  *                                        set (default) the current window href is used
- * @param  {Bool}          [single=false] if set to true then only the first found
+ * @param  {Boolean}       [single=false] if set to true then only the first found
  *                                        will be returned
  * @return {Object|Array|String}          if search is empty, object, if search is set
  *                                        and only one entry, then string, else array
  *                                        unless single is true
+ * @deprecated use utils.js
  */
 function getQueryStringParam(search = '', query = '', single = false) // eslint-disable-line no-unused-vars
 {
@@ -1323,7 +1471,7 @@ function getQueryStringParam(search = '', query = '', single = false) // eslint-
 		query = window.location.href;
 	}
 	const url = new URL(query);
-	let param = '';
+	let param = null;
 	if (search) {
 		let _params = url.searchParams.getAll(search);
 		if (_params.length == 1 || single === true) {
@@ -1353,6 +1501,7 @@ function getQueryStringParam(search = '', query = '', single = false) // eslint-
 // *** MASTER logout call
 /**
  * submits basic data for form logout
+ * @deprecated use utils.js
  */
 function loginLogout() // eslint-disable-line no-unused-vars
 {
@@ -1373,6 +1522,7 @@ function loginLogout() // eslint-disable-line no-unused-vars
  * @param {String} [header_id='mainHeader'] the target for the main element block
  *                                          if not set mainHeader is assumed
  *                                          this is the target div for the "loginRow"
+ * @deprecated use utils.js
  */
 function createLoginRow(login_string, header_id = 'mainHeader') // eslint-disable-line no-unused-vars
 {
@@ -1408,6 +1558,7 @@ function createLoginRow(login_string, header_id = 'mainHeader') // eslint-disabl
  * @param {String} [header_id='mainHeader'] the target for the main element block
  *                                          if not set mainHeader is assumed
  *                                          this is the target div for the "menuRow"
+ * @deprecated use utils.js
  */
 function createNavMenu(nav_menu, header_id = 'mainHeader') // eslint-disable-line no-unused-vars
 {

www/admin/layout/javascript/edit.pt.js

@@ -1,5 +1,11 @@
-/* general edit javascript */
-/* prototype version */
+/*
+general edit javascript
+prototype version
+*/
+
+/** @deprecated Do not use this anymore, use utils.js */
+
+throw new Error("Prototype Support is deprected, please switch to jquery and utils.js/utils.min.js");
 
 /* jshint esversion: 6 */
 
@@ -25,7 +31,7 @@ function pop(theURL, winName, features) {
 
 /**
  * automatically resize a text area based on the amount of lines in it
- * @param {[string} ta_id element id
+ * @param {string} ta_id element id
  */
 function expandTA(ta_id) {
 	var ta;

www/admin/layout/javascript/translateTest-ja_JP.UTF-8.js

@@ -0,0 +1,5 @@
+var i18n = {
+	"Original": "Translated"
+};
+
+// __END__

www/admin/test.javascript.html

@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<head>
+	<title>JavaScript Test</title>
+	<script type="text/javascript" src="layout/javascript/jquery.min.js"></script>
+	<script type="text/javascript" src="layout/javascript/translateTest-ja_JP.UTF-8.js"></script>
+	<script type="text/javascript" src="layout/javascript/utils.min.js"></script>
+</head>
+<body>
+<div>
+	<h1>JavaScript tests</h1>
+	<div id="test-div">
+	</div>
+</div>
+</body>
+<script languagae="JavaScript">
+document.addEventListener('DOMContentLoaded', function() {
+	console.log('MAIN PAGE LOADED');
+	// console.log('Random: %o', mh.randomIdF());
+	console.log('Random: %o', randomIdF());
+	console.log("GW: %o", getWindowSize());
+	let bytes = 1021152;
+	console.log('FB: %o', formatBytes(bytes));
+	console.log('FBL: %o', formatBytesLong(bytes));
+	console.log('TR: %s', l10n.__('Original'));
+	console.log('TR: %s', l10n.__('Not exists'));
+
+	setCenter('test-div', true, true);
+	ClearCall();
+	overlayBoxShow();
+	actionIndicatorShow('testSmarty');
+	setTimeout(function() {
+		console.log('Waiting dummy ...');
+		actionIndicatorHide('testSmarty');
+		ClearCall();
+	}, 2000);
+});
+</script>

www/configs/.target.example

@@ -0,0 +1,3 @@
+# target can be live, stage, test, dev
+# this overrides the SITE set "location" entry
+TARGET=

www/configs/config.master.php

@@ -78,42 +78,11 @@ define('TEMPLATES_C', 'templates_c' . DIRECTORY_SEPARATOR);
 // template base
 define('TEMPLATES', 'templates' . DIRECTORY_SEPARATOR);
 
-/************* HASH / ACL DEFAULT / ERROR SETTINGS / SMARTY *************/
+/************* HASH / ACL DEFAULT *************/
 // default hash type
 define('DEFAULT_HASH', 'sha256');
 // default acl level
-define('DEFAULT_ACL_LEVEL', 80);
-// SSL host name
-// define('SSL_HOST', $_ENV['SSL_HOST'] ?? '');
-// error page strictness, Default is 3
-// 1: only show error page as the last mesure if really no mid & aid can be loaded and found at all
-// 2: if template not found, do not search, show error template
-// 3: if default template is not found, show error template, do not fall back to default tree
-// 4: very strict, even on normal fixable errors through error
-// define('ERROR_STRICT', 3);
-// allow page caching in general, set to 'false' if you do debugging or development!
-// define('ALLOW_SMARTY_CACHE', false);
-// cache life time, in second', default here is 2 days (172800s)
-// -1 is never expire cache
-// define('SMARTY_CACHE_LIFETIME', -1);
-
-/************* LOGOUT ********************/
-// logout target
-define('LOGOUT_TARGET', '');
-
-/************* AJAX / ACCESS *************/
-// ajax request type
-define('AJAX_REQUEST_TYPE', 'POST');
-// what AJAX type to use
-define('USE_PROTOTYPE', false);
-define('USE_SCRIPTACULOUS', false);
-define('USE_JQUERY', true);
-
-/************* LAYOUT WIDTHS *************/
-define('PAGE_WIDTH', '100%');
-define('CONTENT_WIDTH', '100%');
-// the default template name
-define('MASTER_TEMPLATE_NAME', 'main_body.tpl');
+define('DEFAULT_ACL_LEVEL', $ENV['DEFAULT_ACL_LEVEL'] ?? 80);
 
 /************* OVERALL CONTROL NAMES *************/
 // BELOW has HAS to be changed
@@ -136,24 +105,15 @@ define('COMPILE_ID', 'COMPILE_' . BASE_NAME . '_' . SERVER_NAME_HASH);
 
 /************* LANGUAGE / ENCODING *******/
 // default lang + encoding
-define('DEFAULT_LOCALE', 'en_US.UTF-8');
+define('DEFAULT_LOCALE', $_ENV['LOCALE'] ?? 'en_US.UTF-8');
 // default web page encoding setting
-define('DEFAULT_ENCODING', 'UTF-8');
+define('DEFAULT_ENCODING', (string)array_pad(explode('.', DEFAULT_LOCALE, 2), 2, 'UTF-8')[1]);
 
-/************* QUEUE TABLE *************/
-// if we have a dev/live system
-// set_live is a per page/per item
-// live_queue is a global queue system
-// define('QUEUE', 'live_queue');
-
-/************* DB PATHS (PostgreSQL) *****************/
-// schema names, can also be defined per <DB INFO>
-define('PUBLIC_SCHEMA', 'public');
-define('DEV_SCHEMA', 'public');
-define('TEST_SCHEMA', 'public');
-define('LIVE_SCHEMA', 'public');
-define('GLOBAL_DB_SCHEMA', '');
-define('LOGIN_DB_SCHEMA', '');
+/************* HOST NAME *****************/
+// get the name without the port
+list($HOST_NAME) = array_pad(explode(':', $_SERVER['HTTP_HOST'], 2), 2, null);
+// set HOST name
+define('HOST_NAME', $HOST_NAME);
 
 /************* CORE HOST SETTINGS *****************/
 if (file_exists(BASE . CONFIGS . 'config.host.php')) {
@@ -162,6 +122,14 @@ if (file_exists(BASE . CONFIGS . 'config.host.php')) {
 if (!isset($SITE_CONFIG)) {
 	$SITE_CONFIG = [];
 }
+// BAIL ON MISSING MASTER SITE CONFIG
+if (!isset($SITE_CONFIG[HOST_NAME]['location'])) {
+	throw new \InvalidArgumentException(
+		'Missing SITE_CONFIG entry for: "' . HOST_NAME . '". Contact Administrator'
+	);
+}
+// set target first
+define('TARGET', $_ENV['TARGET'] ?? $SITE_CONFIG[HOST_NAME]['location'] ?? 'test');
 /************* DB ACCESS *****************/
 if (file_exists(BASE . CONFIGS . 'config.db.php')) {
 	require BASE . CONFIGS . 'config.db.php';
@@ -175,17 +143,6 @@ if (file_exists(BASE . CONFIGS . 'config.path.php')) {
 }
 
 /************* MASTER INIT *****************/
-// live frontend pages
-// ** missing live domains **
-// get the name without the port
-[$HOST_NAME] = array_pad(explode(':', $_SERVER['HTTP_HOST'], 2), 2, null);
-// set HOST name
-define('HOST_NAME', $HOST_NAME);
-// BAIL ON MISSING MASTER SITE CONFIG
-if (!isset($SITE_CONFIG[HOST_NAME]['location'])) {
-	echo 'Missing SITE_CONFIG entry for: "' . HOST_NAME . '". Contact Administrator';
-	exit;
-}
 // BAIL ON MISSING DB CONFIG:
 // we have either no db selction for this host but have db config entries
 // or we have a db selection but no db config as array or empty
@@ -200,8 +157,9 @@ if (
 		empty($DB_CONFIG[$SITE_CONFIG[HOST_NAME]['db_host']]))
 	)
 ) {
-	echo 'No matching DB config found for: "' . HOST_NAME . '". Contact Administrator';
-	exit;
+	throw new \InvalidArgumentException(
+		'No matching DB config found for: "' . HOST_NAME . '". Contact Administrator'
+	);
 }
 // set SSL on
 $is_secure = false;
@@ -235,35 +193,31 @@ define('DB_CONFIG', $DB_CONFIG[DB_CONFIG_NAME] ?? [
 ]);
 // because we can't change constant, but we want to for db debug flag
 $GLOBALS['DB_CONFIG_SET'] = DB_CONFIG;
-// define('DB_CONFIG_TARGET', SITE_CONFIG[$HOST_NAME]['db_host_target']);
-// define('DB_CONFIG_OTHER', SITE_CONFIG[$HOST_NAME]['db_host_other']);
-// override for login and global schemas
-// where the edit* tables are
-// define('LOGIN_DB_SCHEMA', PUBLIC_SCHEMA);
-// where global tables are that are used by all schemas (eg queue tables for online, etc)
-// define('GLOBAL_DB_SCHEMA', PUBLIC_SCHEMA);
 // debug settings, site lang, etc
-define('TARGET', $SITE_CONFIG[HOST_NAME]['location'] ?? 'test');
 define('DEBUG_LEVEL', $SITE_CONFIG[HOST_NAME]['debug_level'] ?? 'debug');
 define('SITE_LOCALE', $SITE_CONFIG[HOST_NAME]['site_locale'] ?? DEFAULT_LOCALE);
 define('SITE_DOMAIN', str_replace(DIRECTORY_SEPARATOR, '', CONTENT_PATH));
 define('SITE_ENCODING', $SITE_CONFIG[HOST_NAME]['site_encoding'] ?? DEFAULT_ENCODING);
 define('LOGIN_ENABLED', $SITE_CONFIG[HOST_NAME]['login_enabled'] ?? false);
 define('AUTH', $SITE_CONFIG[HOST_NAME]['auth'] ?? false);
-// paths
-// define('CSV_PATH', $PATHS[TARGET]['csv_path'] ?? '');
-// define('EXPORT_SCRIPT', $PATHS[TARGET]['perl_bin'] ?? '');
-// define('REDIRECT_URL', $PATHS[TARGET]['redirect_url'] ?? '');
 
+// NOTE: everything below is smarty related and should be removed from here
 /************* GENERAL PAGE TITLE ********/
 define('G_TITLE', $_ENV['G_TITLE'] ?? '');
-
+/************* LAYOUT WIDTHS *************/
+define('PAGE_WIDTH', $_ENV['SMARTY.PAGE_WIDTH'] ?? '100%');
+define('CONTENT_WIDTH', $_ENV['SMARTY.CONTENT_WIDTH'] ?? '100%');
+// the default template name
+define('MASTER_TEMPLATE_NAME', $_ENV['MASTER_TEMPLATE_NAME'] ?? 'main_body.tpl');
+/************* JS LIBRARIES *************/
+define('USE_PROTOTYPE', false);
+define('USE_SCRIPTACULOUS', false);
+define('USE_JQUERY', true);
 /************ STYLE SHEETS / JS **********/
-define('ADMIN_STYLESHEET', 'edit.css');
-define('ADMIN_JAVASCRIPT', 'edit.js');
+define('ADMIN_STYLESHEET', $_ENV['ADMIN.STYLESHEET'] ?? 'edit.css');
+define('ADMIN_JAVASCRIPT', $_ENV['ADMIN.JAVASCRIPT'] ?? 'edit.js');
 define('STYLESHEET', $_ENV['STYLESHEET'] ?? 'frontend.css');
 define('JAVASCRIPT', $_ENV['JAVASCRIPT'] ?? 'frontend.js');
-
 // anything optional
 /************* INTERNAL ******************/
 // any other global definitons in the config.other.php

www/configs/config.other.php

@@ -15,6 +15,12 @@ define('EDIT_BASE_STYLESHEET', 'edit.css');
 
 // define('SOME_ID', <SOME VALUE>);
 
+/************* QUEUE TABLE *************/
+// if we have a dev/live system
+// set_live is a per page/per item
+// live_queue is a global queue system
+// define('QUEUE', 'live_queue');
+
 /************* CONVERT *******************/
 // this only needed if the external thumbnail create is used
 $paths = [

www/configs/config.path.php

@@ -35,4 +35,9 @@ define('CONTENT_PATH', $folder . DIRECTORY_SEPARATOR);
 	],
 ];*/
 
+// paths
+// define('CSV_PATH', $PATHS[TARGET]['csv_path'] ?? '');
+// define('EXPORT_SCRIPT', $PATHS[TARGET]['perl_bin'] ?? '');
+// define('REDIRECT_URL', $PATHS[TARGET]['redirect_url'] ?? '');
+
 // __END__

www/configs/config.php

@@ -53,6 +53,11 @@ for (
 		\gullevek\dotEnv\DotEnv::readEnvFile(
 			$__DIR__PATH . $CONFIG_PATH_PREFIX . CONFIG_PATH
 		);
+		// load target file if it exists
+		\gullevek\dotEnv\DotEnv::readEnvFile(
+			$__DIR__PATH . $CONFIG_PATH_PREFIX . CONFIG_PATH,
+			'.target'
+		);
 		// load master config file that loads all other config files
 		require $__DIR__PATH . $CONFIG_PATH_PREFIX . CONFIG_PATH . 'config.master.php';
 		break;

www/lib/CoreLibs/ACL/Login.php

@@ -423,14 +423,9 @@ class Login
 
 		// LOGOUT TARGET
 		if (!isset($options['logout_target'])) {
-			if (defined('LOGOUT_TARGET')) {
-				trigger_error(
-					'loginMainCall: LOGOUT_TARGET should not be used',
-					E_USER_DEPRECATED
-				);
-				$options['logout_target'] = LOGOUT_TARGET;
-				$this->logout_target = $options['logout_target'];
-			}
+			// defaults to ''
+			$options['logout_target'] = '';
+			$this->logout_target = $options['logout_target'];
 		}
 
 		// *** PASSWORD SETTINGS
@@ -1560,6 +1555,7 @@ class Login
 				'uid' => $unit['uid'],
 				'cuuid' => $unit['cuuid'],
 				'level' => $this->default_acl_list[$this->acl['unit'][$ea_cuid]]['name'] ?? -1,
+				'level_number' => $this->acl['unit'][$ea_cuid],
 				'default' => $unit['default'],
 				'data' => $unit['data'],
 				'additional_acl' => $unit['additional_acl']
@@ -2538,7 +2534,7 @@ HTML;
 				$this->login_user_id,
 				-1,
 				$login_user_id_changed
-			);
+			) ?? '';
 			// flag unclean input data
 			if ($login_user_id_changed > 0) {
 				$this->login_user_id_unclear = true;

www/lib/CoreLibs/Admin/EditBase.php

@@ -76,7 +76,7 @@ class EditBase
 		);
 		if ($this->form->mobile_phone) {
 			echo "I am sorry, but this page cannot be viewed by a mobile phone";
-			exit;
+			exit(1);
 		}
 		// $this->log->debug('POST', $this->log->prAr($_POST));
 	}

www/lib/CoreLibs/Basic.php

@@ -103,11 +103,7 @@ class Basic
 				'VIDEOS', 'DOCUMENTS', 'PDFS', 'BINARIES', 'ICONS', 'UPLOADS', 'CSV', 'JS',
 				'CSS', 'TABLE_ARRAYS', 'SMARTY', 'LANG', 'CACHE', 'TMP', 'LOG', 'TEMPLATES',
 				'TEMPLATES_C', 'DEFAULT_LANG', 'DEFAULT_ENCODING', 'DEFAULT_HASH',
-				'DEFAULT_ACL_LEVEL', 'LOGOUT_TARGET', 'PASSWORD_CHANGE', 'AJAX_REQUEST_TYPE',
-				'USE_PROTOTYPE', 'USE_SCRIPTACULOUS', 'USE_JQUERY', 'PAGE_WIDTH',
-				'MASTER_TEMPLATE_NAME', 'PUBLIC_SCHEMA', 'TEST_SCHEMA', 'DEV_SCHEMA',
-				'LIVE_SCHEMA', 'DB_CONFIG_NAME', 'DB_CONFIG', 'TARGET', 'DEBUG',
-				'SHOW_ALL_ERRORS'
+				'DB_CONFIG_NAME', 'DB_CONFIG', 'TARGET'
 			] as $constant
 		) {
 			if (!defined($constant)) {
@@ -1028,8 +1024,12 @@ class Basic
 	 */
 	public function __sha1Short(string $string, bool $use_sha = false): string
 	{
-		trigger_error('Method ' . __METHOD__ . ' is deprecated, use \CoreLibs\Create\Hash::__sha1Short()', E_USER_DEPRECATED);
-		return \CoreLibs\Create\Hash::__sha1Short($string, $use_sha);
+		trigger_error('Method ' . __METHOD__ . ' is deprecated, use \CoreLibs\Create\Hash::sha1Short() or ::__crc32b()', E_USER_DEPRECATED);
+		if ($use_sha) {
+			return \CoreLibs\Create\Hash::sha1Short($string);
+		} else {
+			return \CoreLibs\Create\Hash::__crc32b($string);
+		}
 	}
 
 	/**
@@ -1044,8 +1044,8 @@ class Basic
 	 */
 	public function __hash(string $string, string $hash_type = 'adler32'): string
 	{
-		trigger_error('Method ' . __METHOD__ . ' is deprecated, use \CoreLibs\Create\Hash::__hash()', E_USER_DEPRECATED);
-		return \CoreLibs\Create\Hash::__hash($string, $hash_type);
+		trigger_error('Method ' . __METHOD__ . ' is deprecated, use \CoreLibs\Create\Hash::hash()', E_USER_DEPRECATED);
+		return \CoreLibs\Create\Hash::hash($string, $hash_type);
 	}
 
 	// *** HASH FUNCTIONS END

www/lib/CoreLibs/Combined/DateTime.php

@@ -639,16 +639,26 @@ class DateTime
 	 *
 	 * @param  string $start_date   valid start date (y/m/d)
 	 * @param  string $end_date     valid end date (y/m/d)
-	 * @param  bool   $return_named return array type, false (default), true for named
-	 * @return array<mixed>         0/overall, 1/weekday, 2/weekend
+	 * @param  bool   $return_named [default=false] return array type, false (default), true for named
+	 * @param  bool   $include_end_date [default=true] include end date in calc
+	 * @param  bool   $exclude_start_date [default=false] include end date in calc
+	 * @return array{0:int,1:int,2:int,3:bool}|array{overall:int,weekday:int,weekend:int,reverse:bool}
+	 *                0/overall, 1/weekday, 2/weekend, 3/reverse
 	 */
 	public static function calcDaysInterval(
 		string $start_date,
 		string $end_date,
-		bool $return_named = false
+		bool $return_named = false,
+		bool $include_end_date = true,
+		bool $exclude_start_date = false
 	): array {
 		// pos 0 all, pos 1 weekday, pos 2 weekend
-		$days = [];
+		$days = [
+			0 => 0,
+			1 => 0,
+			2 => 0,
+			3 => false,
+		];
 		// if anything invalid, return 0,0,0
 		try {
 			$start = new \DateTime($start_date);
@@ -659,19 +669,30 @@ class DateTime
 					'overall' => 0,
 					'weekday' => 0,
 					'weekend' => 0,
+					'reverse' => false
 				];
 			} else {
-				return [0, 0, 0];
+				return $days;
 			}
 		}
 		// so we include the last day too, we need to add +1 second in the time
-		$end->setTime(0, 0, 1);
-		// if end date before start date, only this will be filled
-		$days[0] = $end->diff($start)->days;
-		$days[1] = 0;
-		$days[2] = 0;
+		// if start is before end, switch dates and flag
+		$days[3] = false;
+		if ($start > $end) {
+			$new_start = $end;
+			$end = $start;
+			$start = $new_start;
+			$days[3] = true;
+		}
 		// get period for weekends/weekdays
-		$period = new \DatePeriod($start, new \DateInterval('P1D'), $end);
+		$options = 0;
+		if ($include_end_date) {
+			$options |= \DatePeriod::INCLUDE_END_DATE;
+		}
+		if ($exclude_start_date) {
+			$options |= \DatePeriod::EXCLUDE_START_DATE;
+		}
+		$period = new \DatePeriod($start, new \DateInterval('P1D'), $end, $options);
 		foreach ($period as $dt) {
 			$curr = $dt->format('D');
 			if ($curr == 'Sat' || $curr == 'Sun') {
@@ -679,18 +700,80 @@ class DateTime
 			} else {
 				$days[1]++;
 			}
+			$days[0]++;
 		}
 		if ($return_named === true) {
 			return [
 				'overall' => $days[0],
 				'weekday' => $days[1],
 				'weekend' => $days[2],
+				'reverse' => $days[3],
 			];
 		} else {
 			return $days;
 		}
 	}
 
+	/**
+	 * wrapper for calcDaysInterval with numeric return only
+	 *
+	 * @param  string $start_date   valid start date (y/m/d)
+	 * @param  string $end_date     valid end date (y/m/d)
+	 * @param  bool   $include_end_date [default=true] include end date in calc
+	 * @param  bool   $exclude_start_date [default=false] include end date in calc
+	 * @return array{0:int,1:int,2:int,3:bool}
+	 */
+	public static function calcDaysIntervalNumIndex(
+		string $start_date,
+		string $end_date,
+		bool $include_end_date = true,
+		bool $exclude_start_date = false
+	): array {
+		$values = self::calcDaysInterval(
+			$start_date,
+			$end_date,
+			false,
+			$include_end_date,
+			$exclude_start_date
+		);
+		return [
+			$values[0] ?? 0,
+			$values[1] ?? 0,
+			$values[2] ?? 0,
+			$values[3] ?? false,
+		];
+	}
+
+	/**
+	 * wrapper for calcDaysInterval with named return only
+	 *
+	 * @param  string $start_date   valid start date (y/m/d)
+	 * @param  string $end_date     valid end date (y/m/d)
+	 * @param  bool   $include_end_date [default=true] include end date in calc
+	 * @param  bool   $exclude_start_date [default=false] include end date in calc
+	 * @return array{overall:int,weekday:int,weekend:int,reverse:bool}
+	 */
+	public static function calcDaysIntervalNamedIndex(
+		string $start_date,
+		string $end_date,
+		bool $include_end_date = true,
+		bool $exclude_start_date = false
+	): array {
+		$values = self::calcDaysInterval(
+			$start_date,
+			$end_date,
+			true,
+			$include_end_date,
+			$exclude_start_date
+		);
+		return [
+			'overall' => $values['overall'] ?? 0,
+			'weekday' => $values['weekday'] ?? 0,
+			'weekend' => $values['weekend'] ?? 0,
+			'reverse' => $values['reverse'] ?? false,
+		];
+	}
+
 	/**
 	 * check if a weekend day (sat/sun) is in the given date range
 	 * Can have time too, but is not needed
@@ -705,6 +788,13 @@ class DateTime
 	): bool {
 		$dd_start = new \DateTime($start_date);
 		$dd_end = new \DateTime($end_date);
+		// flip if start is after end
+		if ($dd_start > $dd_end) {
+			$new_start = $dd_end;
+			$dd_end = $dd_start;
+			$dd_start = $new_start;
+		}
+		// if start > end, flip
 		if (
 			// starts with a weekend
 			$dd_start->format('N') >= 6 ||

www/lib/CoreLibs/Convert/Html.php

@@ -10,9 +10,16 @@ namespace CoreLibs\Convert;
 
 class Html
 {
+	/** @var int */
 	public const SELECTED = 0;
+	/** @var int */
 	public const CHECKED = 1;
 
+	// TODO: check for not valid htmlentites encoding
+	// as of PHP 8.4: https://www.php.net/manual/en/function.htmlentities.php
+	/** @#var array<string> */
+	// public const VALID_HTMLENT_ENCODINGS = [];
+
 	/**
 	 * full wrapper for html entities
 	 *
@@ -22,14 +29,19 @@ class Html
 	 * encodes in UTF-8
 	 * does not double encode
 	 *
-	 * @param  mixed $string string to html encode
-	 * @param  int   $flags [default: ENT_QUOTES | ENT_HTML5]
+	 * @param  mixed  $string string to html encode
+	 * @param  int    $flags [default=ENT_QUOTES | ENT_HTML5]
+	 * @param  string $encoding [default=UTF-8]
 	 * @return mixed         if string, encoded, else as is (eg null)
 	 */
-	public static function htmlent(mixed $string, int $flags = ENT_QUOTES | ENT_HTML5): mixed
-	{
+	public static function htmlent(
+		mixed $string,
+		int $flags = ENT_QUOTES | ENT_HTML5,
+		string $encoding = 'UTF-8'
+	): mixed {
 		if (is_string($string)) {
-			return htmlentities($string, $flags, 'UTF-8', false);
+			// if not a valid encoding this will throw a warning and use UTF-8
+			return htmlentities($string, $flags, $encoding, false);
 		}
 		return $string;
 	}
@@ -37,7 +49,7 @@ class Html
 	/**
 	 * strips out all line breaks or replaced with given string
 	 * @param  string $string  string
-	 * @param  string $replace replace character, default ' '
+	 * @param  string $replace [default=' '] replace character
 	 * @return string          cleaned string without any line breaks
 	 */
 	public static function removeLB(string $string, string $replace = ' '): string

www/lib/CoreLibs/Create/Hash.php

@@ -10,9 +10,14 @@ namespace CoreLibs\Create;
 
 class Hash
 {
+	/** @var string default short hash -> deprecated use STANDARD_HASH_SHORT */
 	public const DEFAULT_HASH = 'adler32';
+	/** @var string default long hash (40 chars) */
 	public const STANDARD_HASH_LONG = 'ripemd160';
+	/** @var string default short hash (8 chars) */
 	public const STANDARD_HASH_SHORT = 'adler32';
+	/** @var string this is the standard hash to use hashStd and hash (64 chars) */
+	public const STANDARD_HASH = 'sha256';
 
 	/**
 	 * checks php version and if >=5.2.7 it will flip the string
@@ -20,6 +25,7 @@ class Hash
 	 * hash returns false
 	 * preg_replace fails for older php version
 	 * Use __hash with crc32b or hash('crc32b', ...) for correct output
+	 * For future short hashes use hashShort() instead
 	 *
 	 * @param  string $string string to crc
 	 * @return string         crc32b hash (old type)
@@ -43,19 +49,31 @@ class Hash
 	 * replacement for __crc32b call
 	 *
 	 * @param  string $string  string to hash
-	 * @param  bool   $use_sha use sha instead of crc32b (default false)
+	 * @param  bool   $use_sha [default=false] use sha1 instead of crc32b
 	 * @return string          hash of the string
+	 * @deprecated use __crc32b() for drop in replacement with default, or sha1Short() for use sha true
 	 */
 	public static function __sha1Short(string $string, bool $use_sha = false): string
 	{
 		if ($use_sha) {
-			// return only the first 9 characters
-			return substr(hash('sha1', $string), 0, 9);
+			return self::sha1Short($string);
 		} else {
 			return self::__crc32b($string);
 		}
 	}
 
+	/**
+	 * returns a short sha1
+	 *
+	 * @param  string $string  string to hash
+	 * @return string          hash of the string
+	 */
+	public static function sha1Short(string $string): string
+	{
+		// return only the first 9 characters
+		return substr(hash('sha1', $string), 0, 9);
+	}
+
 	/**
 	 * replacemend for __crc32b call (alternate)
 	 * defaults to adler 32
@@ -63,34 +81,135 @@ class Hash
 	 * all that create 8 char long hashes
 	 *
 	 * @param  string $string    string to hash
-	 * @param  string $hash_type hash type (default adler32)
+	 * @param  string $hash_type [default=STANDARD_HASH_SHORT] hash type (default adler32)
 	 * @return string            hash of the string
+	 * @deprecated use hashShort() of short hashes with adler 32 or hash() for other hash types
 	 */
 	public static function __hash(
 		string $string,
-		string $hash_type = self::DEFAULT_HASH
+		string $hash_type = self::STANDARD_HASH_SHORT
+	): string {
+		return self::hash($string, $hash_type);
+	}
+
+	/**
+	 * check if hash type is valid, returns false if not
+	 *
+	 * @param  string $hash_type
+	 * @return bool
+	 */
+	public static function isValidHashType(string $hash_type): bool
+	{
+		if (!in_array($hash_type, hash_algos())) {
+			return false;
+		}
+		return true;
+	}
+
+	/**
+	 * check if hash hmac type is valid, returns false if not
+	 *
+	 * @param  string $hash_hmac_type
+	 * @return bool
+	 */
+	public static function isValidHashHmacType(string $hash_hmac_type): bool
+	{
+		if (!in_array($hash_hmac_type, hash_hmac_algos())) {
+			return false;
+		}
+		return true;
+	}
+
+	/**
+	 * creates a hash over string if any valid hash given.
+	 * if no hash type set use sha256
+	 *
+	 * @param  string $string    string to hash
+	 * @param  string $hash_type [default=STANDARD_HASH] hash type (default sha256)
+	 * @return string            hash of the string
+	 */
+	public static function hash(
+		string $string,
+		string $hash_type = self::STANDARD_HASH
 	): string {
-		// if not empty, check if in valid list
 		if (
 			empty($hash_type) ||
 			!in_array($hash_type, hash_algos())
 		) {
-			// fallback to default hash type if none set or invalid
-			$hash_type = self::DEFAULT_HASH;
+			// fallback to default hash type if empty or invalid
+			$hash_type = self::STANDARD_HASH;
 		}
 		return hash($hash_type, $string);
 	}
 
 	/**
-	 * Wrapper function for standard long hashd
+	 * creates a hash mac key
+	 *
+	 * @param  string $string    string to hash mac
+	 * @param  string $key       key to use
+	 * @param  string $hash_type [default=STANDARD_HASH]
+	 * @return string            hash mac string
+	 */
+	public static function hashHmac(
+		string $string,
+		#[\SensitiveParameter]
+		string $key,
+		string $hash_type = self::STANDARD_HASH
+	): string {
+		if (
+			empty($hash_type) ||
+			!in_array($hash_type, hash_hmac_algos())
+		) {
+			// fallback to default hash type if e or invalid
+			$hash_type = self::STANDARD_HASH;
+		}
+		return hash_hmac($hash_type, $string, $key);
+	}
+
+	/**
+	 * short hash with max length of 8, uses adler32
+	 *
+	 * @param  string $string string to hash
+	 * @return string         hash of the string
+	 */
+	public static function hashShort(string $string): string
+	{
+		return hash(self::STANDARD_HASH_SHORT, $string);
+	}
+
+	/**
+	 * Wrapper function for standard long hash
+	 *
+	 * @param string $string String to be hashed
+	 * @return string        Hashed string
+	 * @deprecated use hashLong()
+	 */
+	public static function __hashLong(string $string): string
+	{
+		return self::hashLong($string);
+	}
+
+	/**
+	 * Wrapper function for standard long hash, uses ripmd160
 	 *
 	 * @param string $string String to be hashed
 	 * @return string        Hashed string
 	 */
-	public static function __hashLong(string $string): string
+	public static function hashLong(string $string): string
 	{
 		return hash(self::STANDARD_HASH_LONG, $string);
 	}
+
+	/**
+	 * create standard hash basd on STANDAR_HASH, currently sha256
+	 *
+	 * @param  string $string string in
+	 * @return string         hash of the string
+	 */
+	public static function hashStd(string $string): string
+	{
+		return self::hash($string, self::STANDARD_HASH);
+	}
 }
 
 // __END__

www/lib/CoreLibs/DB/IO.php

@@ -500,7 +500,7 @@ class IO
 			die('<!-- Cannot load db functions class for: ' . $this->db_type . ' -->');
 		}
 		// write to internal one, once OK
-		$this->db_functions = $db_functions;
+		$this->db_functions = $db_functions; /** @phan-suppress-current-line PhanPossiblyNullTypeMismatchProperty */
 
 		// connect to DB
 		if (!$this->__connectToDB()) {
@@ -1413,10 +1413,7 @@ class IO
 						$this->pk_name_table[$table] ?
 							$this->pk_name_table[$table] : 'NULL';
 				}
-				if (
-					!preg_match(self::REGEX_RETURNING, $this->query) &&
-					$this->pk_name && $this->pk_name != 'NULL'
-				) {
+				if (!preg_match(self::REGEX_RETURNING, $this->query) && $this->pk_name != 'NULL') {
 					// check if this query has a ; at the end and remove it
 					$__query = preg_replace("/(;\s*)$/", '', $this->query);
 					// must be query, if preg replace failed, use query as before
@@ -1426,7 +1423,7 @@ class IO
 				} elseif (
 					preg_match(self::REGEX_RETURNING, $this->query, $matches)
 				) {
-					if ($this->pk_name && $this->pk_name != 'NULL') {
+					if ($this->pk_name != 'NULL') {
 						// add the primary key if it is not in the returning set
 						if (!preg_match("/$this->pk_name/", $matches[1])) {
 							$this->query .= " , " . $this->pk_name;
@@ -2946,7 +2943,7 @@ class IO
 		$query_hash = $this->dbGetQueryHash($query, $params);
 		// clears cache for this query
 		if (empty($this->cursor_ext[$query_hash]['query'])) {
-			$this->__dbError(18, context: [
+			$this->__dbWarning(18, context: [
 				'query' => $query,
 				'params' => $params,
 				'hash' => $query_hash,
@@ -4059,7 +4056,7 @@ class IO
 	 */
 	public function dbGetQueryHash(string $query, array $params = []): string
 	{
-		return Hash::__hashLong(
+		return Hash::hashLong(
 			$query . (
 				$params !== [] ?
 					'#' . json_encode($params) : ''
@@ -4286,6 +4283,17 @@ class IO
 		return $this->field_names[$pos] ?? false;
 	}
 
+	/**
+	 * get all the $ placeholders
+	 *
+	 * @param  string $query
+	 * @return array<string>
+	 */
+	public function dbGetQueryParamPlaceholders(string $query): array
+	{
+		return $this->db_functions->__dbGetQueryParams($query);
+	}
+
 	/**
 	 * Return a field type for a field name or pos,
 	 * will return false if field is not found in list

www/lib/CoreLibs/DB/SQL/PgSQL.php

@@ -978,12 +978,12 @@ class PgSQL implements Interface\SqlFunctions
 	}
 
 	/**
-	 * Count placeholder queries. $ only
+	 * Get the all the $ params, unique list
 	 *
 	 * @param  string $query
-	 * @return int
+	 * @return array<string>
 	 */
-	public function __dbCountQueryParams(string $query): int
+	public function __dbGetQueryParams(string $query): array
 	{
 		$matches = [];
 		// regex for params: only stand alone $number allowed
@@ -998,11 +998,22 @@ class PgSQL implements Interface\SqlFunctions
 		// Matches in 1:, must be array_filtered to remove empty, count with array_unique
 		// Regex located in the ConvertPlaceholder class
 		preg_match_all(
-			ConvertPlaceholder::REGEX_LOOKUP_PLACEHOLDERS,
+			ConvertPlaceholder::REGEX_LOOKUP_NUMBERED,
 			$query,
 			$matches
 		);
-		return count(array_unique(array_filter($matches[3])));
+		return array_unique(array_filter($matches[ConvertPlaceholder::MATCHING_POS]));
+	}
+
+	/**
+	 * Count placeholder queries. $ only
+	 *
+	 * @param  string $query
+	 * @return int
+	 */
+	public function __dbCountQueryParams(string $query): int
+	{
+		return count($this->__dbGetQueryParams($query));
 	}
 }
 

www/lib/CoreLibs/DB/Support/ConvertPlaceholder.php

@@ -14,76 +14,57 @@ namespace CoreLibs\DB\Support;
 
 class ConvertPlaceholder
 {
-	// NOTE for missing: range */+ are not iplemented in the regex below, but - is for now
-	// NOTE some combinations are allowed, but the query will fail before this
-	/** @var string split regex, entries before $ group */
-	private const PATTERN_QUERY_SPLIT =
-		'\?\?|' // UNKNOWN: double ??, is this to avoid something?
-		. '[\(,]|' // for ',' and '(' mostly in INSERT or ANY()
-		. '[<>=]|' // general set for <, >, = in any query with any combination
-		. '\^@|' // text search for start from text with ^@
-		. '\|\||' // concats two elements
-		. '&&|' // array overlap
-		. '\-\|\-|' // range overlap for array
-		. '[^-]-{1}|' // single -, used in JSON too
-		. '->|->>|#>|#>>|@>|<@|@@|@\?|\?{1}|\?\||\?&|#-|' // JSON searches, Array searchs, etc
-		. 'THEN|ELSE' // command parts (CASE)
-	;
-	/** @var string the main regex including  the pattern query split */
-	private const PATTERN_ELEMENT = '(?:\'.*?\')?\s*(?:' . self::PATTERN_QUERY_SPLIT . ')\s*';
+	/** @var string text block in SQL, single quited
+	 * Note that does not include $$..$$ strings or anything with token name or nested ones
+	*/
+	private const PATTERN_TEXT_BLOCK_SINGLE_QUOTE = '(?:\'(?:[^\'\\\\]|\\\\.)*\')';
+	/** @var string text block in SQL, dollar quoted
+	 * NOTE: if this is added everything shifts by one lookup number
+	*/
+	private const PATTERN_TEXT_BLOCK_DOLLAR = '(?:\$(\w*)\$.*?\$\1\$)';
 	/** @var string comment regex
-	 * anything that starts with -- and ends with a line break but any character that is not line break inbetween */
-	private const PATTERN_COMMENT = '(?:\-\-[^\r\n]*?\r?\n)*\s*';
-	/** @var string parts to ignore in the SQL */
-	private const PATTERN_IGNORE =
-		// digit -> ignore
-		'\d+|'
-		// other string -> ignore
-		. '(?:\'.*?\')|';
-	/** @var string named parameters */
-	private const PATTERN_NAMED = '(:\w+)';
-	/** @var string question mark parameters */
-	private const PATTERN_QUESTION_MARK = '(?:(?:\?\?)?\s*(\?{1}))';
-	/** @var string numbered parameters */
+	 * anything that starts with -- and ends with a line break but any character that is not line break inbetween
+	 * this is the FIRST thing in the line and will skip any further lookups */
+	private const PATTERN_COMMENT = '(?:\-\-[^\r\n]*?\r?\n)';
+	// below are the params lookups
+	/** @var string named parameters, must start with single : */
+	private const PATTERN_NAMED = '((?<!:):(?:\w+))';
+	/** @var string question mark parameters, will catch any */
+	private const PATTERN_QUESTION_MARK = '(\?{1})';
+	/** @var string numbered parameters, can only start 1 to 9, second and further digits can be 0-9
+	 * This ignores the $$ ... $$ escape syntax. If we find something like this will fail
+	 * It is recommended to use proper string escape quiting for writing data to the DB
+	*/
 	private const PATTERN_NUMBERED = '(\$[1-9]{1}(?:[0-9]{1,})?)';
 	// below here are full regex that will be used
 	/** @var string replace regex for named (:...) entries */
 	public const REGEX_REPLACE_NAMED = '/'
-		. '(' . self::PATTERN_ELEMENT . ')'
-		. self::PATTERN_COMMENT
-		. '('
-		. self::PATTERN_IGNORE
+		. self::PATTERN_COMMENT . '|'
+		. self::PATTERN_TEXT_BLOCK_SINGLE_QUOTE . '|'
+		. self::PATTERN_TEXT_BLOCK_DOLLAR . '|'
 		. self::PATTERN_NAMED
-		. ')'
 		. '/s';
 	/** @var string replace regex for question mark (?) entries */
 	public const REGEX_REPLACE_QUESTION_MARK = '/'
-		. '(' . self::PATTERN_ELEMENT . ')'
-		. self::PATTERN_COMMENT
-		. '('
-		. self::PATTERN_IGNORE
+		. self::PATTERN_COMMENT . '|'
+		. self::PATTERN_TEXT_BLOCK_SINGLE_QUOTE . '|'
+		. self::PATTERN_TEXT_BLOCK_DOLLAR . '|'
 		. self::PATTERN_QUESTION_MARK
-		. ')'
 		. '/s';
 	/** @var string replace regex for numbered ($n) entries */
 	public const REGEX_REPLACE_NUMBERED = '/'
-		. '(' . self::PATTERN_ELEMENT . ')'
-		. self::PATTERN_COMMENT
-		. '('
-		. self::PATTERN_IGNORE
+		. self::PATTERN_COMMENT . '|'
+		. self::PATTERN_TEXT_BLOCK_SINGLE_QUOTE . '|'
+		. self::PATTERN_TEXT_BLOCK_DOLLAR . '|'
 		. self::PATTERN_NUMBERED
-		. ')'
 		. '/s';
 	/** @var string the main lookup query for all placeholders */
 	public const REGEX_LOOKUP_PLACEHOLDERS = '/'
-		// prefix string part, must match towards
-		// seperator for ( = , ? - [and json/jsonb in pg doc section 9.15]
-		. self::PATTERN_ELEMENT
-		. self::PATTERN_COMMENT
+		. self::PATTERN_COMMENT . '|'
+		. self::PATTERN_TEXT_BLOCK_SINGLE_QUOTE . '|'
+		. self::PATTERN_TEXT_BLOCK_DOLLAR . '|'
 		// match for replace part
 		. '(?:'
-		// ignore parts
-		. self::PATTERN_IGNORE
 		// :name named part (PDO) [1]
 		. self::PATTERN_NAMED . '|'
 		// ? question mark part (PDO) [2]
@@ -94,6 +75,26 @@ class ConvertPlaceholder
 		. ')'
 		// single line -> add line break to matches in "."
 		. '/s';
+	/** @var string lookup for only numbered placeholders */
+	public const REGEX_LOOKUP_NUMBERED = '/'
+		. self::PATTERN_COMMENT . '|'
+		. self::PATTERN_TEXT_BLOCK_SINGLE_QUOTE . '|'
+		. self::PATTERN_TEXT_BLOCK_DOLLAR . '|'
+		// match for replace part
+		. '(?:'
+		// $n numbered part (\PG php) [1]
+		. self::PATTERN_NUMBERED
+		// end match
+		. ')'
+		. '/s';
+	/** @var int position for regex in full placeholder lookup: named */
+	public const LOOOKUP_NAMED_POS = 2;
+	/** @var int position for regex in full placeholder lookup: question mark */
+	public const LOOOKUP_QUESTION_MARK_POS = 3;
+	/** @var int position for regex in full placeholder lookup: numbered */
+	public const LOOOKUP_NUMBERED_POS = 4;
+	/** @var int matches position for replacement and single lookup */
+	public const MATCHING_POS = 2;
 
 	/**
 	 * Convert PDO type query with placeholders to \PG style and vica versa
@@ -132,11 +133,12 @@ class ConvertPlaceholder
 			$found = -1;
 		}
 		/** @var array<string> 1: named */
-		$named_matches = array_filter($matches[1]);
+		$named_matches = array_filter($matches[self::LOOOKUP_NAMED_POS]);
 		/** @var array<string> 2: open ? */
-		$qmark_matches = array_filter($matches[2]);
+		$qmark_matches = array_filter($matches[self::LOOOKUP_QUESTION_MARK_POS]);
 		/** @var array<string> 3: $n matches */
-		$numbered_matches = array_filter($matches[3]);
+		$numbered_matches = array_filter($matches[self::LOOOKUP_NUMBERED_POS]);
+		// print "**MATCHES**: <pre>" . print_r($matches, true) . "</pre>";
 		// count matches
 		$count_named = count(array_unique($named_matches));
 		$count_qmark = count($qmark_matches);
@@ -235,38 +237,37 @@ class ConvertPlaceholder
 		$empty_params = $converted_placeholders['original']['empty_params'];
 		switch ($converted_placeholders['type']) {
 			case 'named':
-				// 0: full
-				// 0: full
-				// 1: pre part
-				// 2: keep part UNLESS '3' is set
-				// 3: replace part :named
+				// 1: replace part :named
 				$pos = 0;
 				$query_new = preg_replace_callback(
 					self::REGEX_REPLACE_NAMED,
 					function ($matches) use (&$pos, &$params_new, &$params_lookup, $params, $empty_params) {
-						// only count up if $match[3] is not yet in lookup table
-						if (!empty($matches[3]) && empty($params_lookup[$matches[3]])) {
+						if (!isset($matches[self::MATCHING_POS])) {
+							throw new \RuntimeException(
+								'Cannot lookup ' . self::MATCHING_POS . ' in matches list',
+								209
+							);
+						}
+						$match = $matches[self::MATCHING_POS];
+						// only count up if $match[1] is not yet in lookup table
+						if (empty($params_lookup[$match])) {
 							$pos++;
-							$params_lookup[$matches[3]] = '$' . $pos;
+							$params_lookup[$match] = '$' . $pos;
 							// skip params setup if param list is empty
 							if (!$empty_params) {
-								$params_new[] = $params[$matches[3]] ??
+								$params_new[] = $params[$match] ??
 									throw new \RuntimeException(
-										'Cannot lookup ' . $matches[3] . ' in params list',
+										'Cannot lookup ' . $match . ' in params list',
 										210
 									);
 							}
 						}
 						// add the connectors back (1), and the data sets only if no replacement will be done
-						return $matches[1] . (
-							empty($matches[3]) ?
-								$matches[2] :
-								$params_lookup[$matches[3]] ??
-									throw new \RuntimeException(
-										'Cannot lookup ' . $matches[3] . ' in params lookup list',
-										211
-									)
-						);
+						return $params_lookup[$match] ??
+							throw new \RuntimeException(
+								'Cannot lookup ' . $match . ' in params lookup list',
+								211
+							);
 					},
 					$converted_placeholders['original']['query']
 				);
@@ -276,61 +277,61 @@ class ConvertPlaceholder
 					// order and data stays the same
 					$params_new = $params ?? [];
 				}
-				// 0: full
-				// 1: pre part
-				// 2: keep part UNLESS '3' is set
-				// 3: replace part ?
+				// 1: replace part ?
 				$pos = 0;
 				$query_new = preg_replace_callback(
 					self::REGEX_REPLACE_QUESTION_MARK,
 					function ($matches) use (&$pos, &$params_lookup) {
+						if (!isset($matches[self::MATCHING_POS])) {
+							throw new \RuntimeException(
+								'Cannot lookup ' . self::MATCHING_POS . ' in matches list',
+								229
+							);
+						}
+						$match = $matches[self::MATCHING_POS];
 						// only count pos up for actual replacements we will do
-						if (!empty($matches[3])) {
+						if (!empty($match)) {
 							$pos++;
 							$params_lookup[] = '$' . $pos;
 						}
 						// add the connectors back (1), and the data sets only if no replacement will be done
-						return $matches[1] . (
-							empty($matches[3]) ?
-								$matches[2] :
-								'$' . $pos
-						);
+						return '$' . $pos;
 					},
 					$converted_placeholders['original']['query']
 				);
 				break;
 			case 'numbered':
-				// 0: full
-				// 1: pre part
-				// 2: keep part UNLESS '3' is set
-				// 3: replace part $numbered
+				// 1: replace part $numbered
 				$pos = 0;
 				$query_new = preg_replace_callback(
 					self::REGEX_REPLACE_NUMBERED,
 					function ($matches) use (&$pos, &$params_new, &$params_lookup, $params, $empty_params) {
-						// only count up if $match[3] is not yet in lookup table
-						if (!empty($matches[3]) && empty($params_lookup[$matches[3]])) {
+						if (!isset($matches[self::MATCHING_POS])) {
+							throw new \RuntimeException(
+								'Cannot lookup ' . self::MATCHING_POS . ' in matches list',
+								239
+							);
+						}
+						$match = $matches[self::MATCHING_POS];
+						// only count up if $match[1] is not yet in lookup table
+						if (empty($params_lookup[$match])) {
 							$pos++;
-							$params_lookup[$matches[3]] = ':' . $pos . '_named';
+							$params_lookup[$match] = ':' . $pos . '_named';
 							// skip params setup if param list is empty
 							if (!$empty_params) {
 								$params_new[] = $params[($pos - 1)] ??
 									throw new \RuntimeException(
 										'Cannot lookup ' . ($pos - 1) . ' in params list',
-										220
+										230
 									);
 							}
 						}
 						// add the connectors back (1), and the data sets only if no replacement will be done
-						return $matches[1] . (
-							empty($matches[3]) ?
-								$matches[2] :
-								$params_lookup[$matches[3]] ??
-								throw new \RuntimeException(
-									'Cannot lookup ' . $matches[3] . ' in params lookup list',
-									221
-								)
-						);
+						return $params_lookup[$match]  ??
+							throw new \RuntimeException(
+								'Cannot lookup ' . $match . ' in params lookup list',
+								231
+							);
 					},
 					$converted_placeholders['original']['query']
 				);

www/lib/CoreLibs/Language/GetLocale.php

@@ -50,7 +50,6 @@ class GetLocale
 				$locale = defined('SITE_LOCALE') && !empty(SITE_LOCALE) ?
 					SITE_LOCALE :
 					// else parse from default, if not 'en'
-					/** @phpstan-ignore-next-line DEFAULT_LOCALE could be empty */
 					(defined('DEFAULT_LOCALE') && !empty(DEFAULT_LOCALE) ?
 						DEFAULT_LOCALE : 'en');
 			}
@@ -97,8 +96,7 @@ class GetLocale
 				$encoding = defined('SITE_ENCODING') && !empty(SITE_ENCODING) ?
 					SITE_ENCODING :
 					// or default encoding, if not 'UTF-8'
-					/** @phpstan-ignore-next-line DEFAULT_LOCALE could be empty */
-					(defined('DEFAULT_ENCODING') && !empty(DEFAULT_ENCODING) ?
+					(defined('DEFAULT_ENCODING') ?
 						DEFAULT_ENCODING : 'UTF-8');
 			}
 		}

www/lib/CoreLibs/Output/ProgressBar.php

@@ -418,9 +418,7 @@ class ProgressBar
 		// if this is percent, we ignore anything, it is auto positioned
 		if ($this->label[$name]['type'] != 'percent') {
 			foreach (['top', 'left', 'width', 'height'] as $pos_name) {
-				if ($$pos_name !== false) {
-					$this->label[$name][$pos_name] = intval($$pos_name);
-				}
+				$this->label[$name][$pos_name] = intval($$pos_name);
 			}
 
 			if ($align != '') {