Merge pull request #268 from mailcow/dev

Dev
2017-05-13 23:06:19 +02:00 · 2017-05-13 23:06:19 +02:00 · 0cfd0b55bd
parent 8daee3656e 2291b4e121
commit 0cfd0b55bd
120 changed files with 9644 additions and 2162 deletions
--- a/data/Dockerfiles/clamav/Dockerfile
+++ b/data/Dockerfiles/clamav/Dockerfile
@ -1,36 +1,44 @@
 FROM debian:stretch-slim
-MAINTAINER https://m-ko.de Markus Kosmal <code@cnfg.io>
+LABEL maintainer "https://m-ko.de Markus Kosmal <code@cnfg.io>"
 # Debian Base to use
 ENV DEBIAN_VERSION stretch
 ARG DEBIAN_FRONTEND=noninteractive
 # initial install of av daemon
 RUN echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION main contrib non-free" > /etc/apt/sources.list && \
-    echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION-updates main contrib non-free" >> /etc/apt/sources.list && \
+	echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION-updates main contrib non-free" >> /etc/apt/sources.list && \
-    echo "deb http://security.debian.org/ $DEBIAN_VERSION/updates main contrib non-free" >> /etc/apt/sources.list && \
+	echo "deb http://security.debian.org/ $DEBIAN_VERSION/updates main contrib non-free" >> /etc/apt/sources.list && \
-    apt-get update && \
+	apt-get update && apt-get install -y -qq --no-install-recommends \
-    DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y -qq \
+		clamav-daemon \
-        clamav-daemon \
+		clamav-freshclam \
-        clamav-freshclam \
+		libclamunrar7 \
-        libclamunrar7 \
+	&& rm -rf /var/lib/apt/lists/*
        curl && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*
 # initial update of av databases
 COPY dl_files.sh /dl_files.sh
 RUN chmod +x /dl_files.sh
-RUN /dl_files.sh
+
 RUN set -ex; \
 	\
 	fetchDeps=' \
 		curl \
 	'; \
 	apt-get update; \
 	apt-get install -y --no-install-recommends $fetchDeps; \
 	rm -rf /var/lib/apt/lists/*; \
 	/dl_files.sh \
 	apt-get purge -y --auto-remove $fetchDeps
 # permission juggling
 RUN mkdir /var/run/clamav && \
-    chown clamav:clamav /var/run/clamav && \
+	chown clamav:clamav /var/run/clamav && \
-    chmod 750 /var/run/clamav
+	chmod 750 /var/run/clamav
 # av configuration update
 RUN sed -i 's/^Foreground .*$/Foreground true/g' /etc/clamav/clamd.conf && \
-    echo "TCPSocket 3310" >> /etc/clamav/clamd.conf && \
+	echo "TCPSocket 3310" >> /etc/clamav/clamd.conf && \
-    sed -i 's/^Foreground .*$/Foreground true/g' /etc/clamav/freshclam.conf
+	sed -i 's/^Foreground .*$/Foreground true/g' /etc/clamav/freshclam.conf
 # port provision
 EXPOSE 3310
--- a/data/Dockerfiles/dovecot/Dockerfile
+++ b/data/Dockerfiles/dovecot/Dockerfile
@ -1,83 +1,86 @@
 FROM debian:stretch-slim
 #ubuntu:xenial
-MAINTAINER Andre Peters <andre.peters@servercow.de>
+LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
-ENV DEBIAN_FRONTEND noninteractive
+ARG DEBIAN_FRONTEND=noninteractive
 ENV LC_ALL C
 ENV DOVECOT_VERSION 2.2.29.1
 ENV PIGEONHOLE_VERSION 0.4.18
-RUN apt-get update \
+RUN apt-get update && apt-get -y install \
 	&& apt-get -y install libpam-dev \
 	default-libmysqlclient-dev \
 	lzma-dev \
 	liblz-dev \
 	libbz2-dev \
 	liblz4-dev \
 	liblzma-dev \
 	build-essential \
 	autotools-dev \
 	automake \
-	syslog-ng \
+	autotools-dev \
-	syslog-ng-core \
+	build-essential \
 	ca-certificates \
-	supervisor \
+	cpanminus \
 	wget \
 	curl \
-	libssl-dev \
+	default-libmysqlclient-dev \
 	libauthen-ntlm-perl \
 	libbz2-dev \
 	libcrypt-ssleay-perl \
 	libdbd-mysql-perl \
 	libdbi-perl \
 	libdigest-hmac-perl \
 	libfile-copy-recursive-perl \
 	libio-compress-perl \
 	libio-socket-inet6-perl \
 	libio-socket-ssl-perl \
 	libio-tee-perl \
 	libipc-run-perl \
 	liblockfile-simple-perl \
 	liblz-dev \
 	liblz4-dev \
 	liblzma-dev \
 	libmodule-scandeps-perl \
 	libnet-ssleay-perl \
 	libpam-dev \
 	libpar-packer-perl \
 	libreadonly-perl \
 	libssl-dev \
 	libterm-readkey-perl \
 	libtest-pod-perl \
 	libtest-simple-perl \
 	libunicode-string-perl \
 	liburi-perl \
-	libdbi-perl \
+	lzma-dev \
 	liblockfile-simple-perl \
 	libdbd-mysql-perl \
 	libipc-run-perl \
 	make \
-	cpanminus
+	supervisor \
 	syslog-ng \
 	syslog-ng-core \
 	syslog-ng-mod-redis \
 	&& rm -rf /var/lib/apt/lists/*
-RUN wget https://www.dovecot.org/releases/2.2/dovecot-$DOVECOT_VERSION.tar.gz -O - | tar xvz  \
+RUN curl https://www.dovecot.org/releases/2.2/dovecot-$DOVECOT_VERSION.tar.gz | tar xvz  \
 	&& cd dovecot-$DOVECOT_VERSION \
 	&& ./configure --with-mysql --with-lzma --with-lz4 --with-ssl=openssl --with-notify=inotify --with-storages=mdbox,sdbox,maildir,mbox,imapc,pop3c --with-bzlib --with-zlib \
 	&& make -j3 \
 	&& make install \
-	&& make clean
+	&& make clean \
 	&& cd .. && rm -rf dovecot-$DOVECOT_VERSION
-RUN wget https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION.tar.gz -O - | tar xvz  \
+RUN curl https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION.tar.gz | tar xvz  \
 	&& cd dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION \
 	&& ./configure \
 	&& make -j3 \
 	&& make install \
-	&& make clean
+	&& make clean \
 	&& cd .. && rm -rf dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION
 RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf
 RUN cpanm Data::Uniqid Mail::IMAPClient String::Util
 RUN echo '* * * * *   root   /usr/local/bin/imapsync_cron.pl' > /etc/cron.d/imapsync
 RUN echo '30 3 * * *   vmail  /usr/bin/doveadm quota recalc -A' > /etc/cron.d/dovecot-sync
-COPY ./imapsync /usr/local/bin/imapsync
+COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
-COPY ./postlogin.sh /usr/local/bin/postlogin.sh
+COPY imapsync /usr/local/bin/imapsync
-COPY ./imapsync_cron.pl /usr/local/bin/imapsync_cron.pl
+COPY postlogin.sh /usr/local/bin/postlogin.sh
-COPY ./report-spam.sieve /usr/local/lib/dovecot/sieve/report-spam.sieve
+COPY imapsync_cron.pl /usr/local/bin/imapsync_cron.pl
-COPY ./report-ham.sieve /usr/local/lib/dovecot/sieve/report-ham.sieve
+COPY report-spam.sieve /usr/local/lib/dovecot/sieve/report-spam.sieve
-COPY ./rspamd-pipe-ham /usr/local/lib/dovecot/sieve/rspamd-pipe-ham
+COPY report-ham.sieve /usr/local/lib/dovecot/sieve/report-ham.sieve
-COPY ./rspamd-pipe-spam /usr/local/lib/dovecot/sieve/rspamd-pipe-spam
+COPY rspamd-pipe-ham /usr/local/lib/dovecot/sieve/rspamd-pipe-ham
-COPY ./docker-entrypoint.sh /
+COPY rspamd-pipe-spam /usr/local/lib/dovecot/sieve/rspamd-pipe-spam
-COPY ./supervisord.conf /etc/supervisor/supervisord.conf
+COPY docker-entrypoint.sh /
 COPY supervisord.conf /etc/supervisor/supervisord.conf
 RUN chmod +x /usr/local/lib/dovecot/sieve/rspamd-pipe-ham \
 	/usr/local/lib/dovecot/sieve/rspamd-pipe-spam \
@ -87,19 +90,18 @@ RUN chmod +x /usr/local/lib/dovecot/sieve/rspamd-pipe-ham \
 RUN groupadd -g 5000 vmail \
 	&& groupadd -g 401 dovecot \
-    && groupadd -g 402 dovenull \
+	&& groupadd -g 402 dovenull \
 	&& useradd -g vmail -u 5000 vmail -d /var/vmail \
 	&& useradd -c "Dovecot unprivileged user" -d /dev/null -u 401 -g dovecot -s /bin/false dovecot \
 	&& useradd -c "Dovecot login user" -d /dev/null -u 402 -g dovenull -s /bin/false dovenull
 RUN touch /etc/default/locale
 EXPOSE 24 10001
 ENTRYPOINT ["/docker-entrypoint.sh"]
 CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
-RUN apt-get clean \
+RUN rm -rf \
 	&& rm -rf /var/lib/apt/lists/* \
 	/tmp/* \
-	/var/tmp/* \
+	/var/tmp/*
 	/dovecot-2.2-pigeonhole-$PIGEONHOLE_VERSION \
 	/dovecot-$DOVECOT_VERSION
--- a/data/Dockerfiles/dovecot/docker-entrypoint.sh
+++ b/data/Dockerfiles/dovecot/docker-entrypoint.sh
@ -71,5 +71,7 @@ sievec /usr/local/lib/dovecot/sieve/report-ham.sieve
 # Fix permissions
 chown -R vmail:vmail /var/vmail/sieve
 # Fix more than 1 hardlink issue
 touch /etc/crontab /etc/cron.*/*
 exec "$@"
--- a/data/Dockerfiles/dovecot/supervisord.conf
+++ b/data/Dockerfiles/dovecot/supervisord.conf
@ -12,7 +12,7 @@ command=/usr/local/sbin/dovecot -F
 autorestart=true
 [program:logfiles]
-command=/usr/bin/tail -f /var/log/mail.log /var/log/syslog
+command=/usr/bin/tail -f /var/log/combined.log
 stdout_logfile=/dev/fd/1
 stdout_logfile_maxbytes=0
--- a/data/Dockerfiles/dovecot/syslog-ng.conf
+++ b/data/Dockerfiles/dovecot/syslog-ng.conf
@ -0,0 +1,31 @@
@version: 3.8
@include "scl.conf"
 options {
  chain_hostnames(off);
  flush_lines(0);
  use_dns(no);
  use_fqdn(no);
  owner("root"); group("adm"); perm(0640);
  stats_freq(0);
  bad_hostname("^gconfd$");
 };
 source s_src {
  unix-stream("/dev/log");
  internal();
 };
 destination d_combined { file("/var/log/combined.log"); };
 destination d_redis {
  redis(
    host("redis-mailcow")
    port(6379)
    command("LPUSH" "DOVECOT_MAILLOG" "$(format-json time=\"$S_UNIXTIME\" priority=\"$PRIORITY\" program=\"$PROGRAM\" message=\"$MESSAGE\")\n")
  );
 };
 filter f_mail { facility(mail) and not filter(f_debug); };
 log {
  source(s_src);
  destination(d_combined);
  filter(f_mail);
  destination(d_redis);
 };
--- a/data/Dockerfiles/php-fpm/Dockerfile
+++ b/data/Dockerfiles/php-fpm/Dockerfile
@ -1,14 +1,24 @@
 FROM php:7.1-fpm
-MAINTAINER Andre Peters <andre.peters@servercow.de>
+LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
-ENV DEBIAN_FRONTEND noninteractive
+ARG DEBIAN_FRONTEND=noninteractive
-RUN apt-get update \
+RUN apt-get update && apt-get install -y \
-        && apt-get install -y zlib1g-dev libicu-dev g++ libidn11-dev libxml2-dev
+	g++ \
 	libicu-dev \
 	libidn11-dev \
 	libxml2-dev \
 	mysql-client \
 	redis-tools \
 	zlib1g-dev \
 	&& rm -rf /var/lib/apt/lists/*
 RUN docker-php-ext-configure intl
 RUN docker-php-ext-install intl pdo pdo_mysql xmlrpc
 RUN pear install channel://pear.php.net/Net_IDNA2-0.1.1 Auth_SASL Net_IMAP NET_SMTP Net_IDNA2 Mail_mime
 RUN pecl install -o -f redis \
 	&& rm -rf /tmp/pear \
 	&& docker-php-ext-enable redis
 COPY ./docker-entrypoint.sh /
--- a/data/Dockerfiles/php-fpm/docker-entrypoint.sh
+++ b/data/Dockerfiles/php-fpm/docker-entrypoint.sh
@ -4,4 +4,57 @@ set -e
 if [[ ! -d "/data/dkim/txt" || ! -d "/data/dkim/keys" ]] ; then	mkdir -p /data/dkim/{txt,keys} ; chown -R www-data:www-data /data/dkim; fi
 if [[ $(stat -c %U /data/dkim/) != "www-data" ]] ; then chown -R www-data:www-data /data/dkim ; fi
 # Wait for containers
 while ! mysqladmin ping --host mysql --silent; do
  sleep 2
 done
 until [ $(redis-cli -h redis-mailcow PING) == "PONG" ]; do
  sleep 2
 done
 # Migrate domain map
 declare -a DOMAIN_ARR
 redis-cli -h redis-mailcow DEL DOMAIN_MAP
 while read line
 do
  DOMAIN_ARR+=("$line")
 done < <(mysql -h mysql-mailcow -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT domain FROM domain" -Bs)
 if [[ ! -z ${DOMAIN_ARR} ]]; then
 for domain in "${DOMAIN_ARR[@]}"; do
  redis-cli -h redis-mailcow HSET DOMAIN_MAP ${domain} 1
 done
 fi
 # Migrate tag settings map
 declare -a SUBJ_TAG_ARR
 redis-cli -h redis-mailcow DEL SUBJ_TAG_ARR
 while read line
 do
  SUBJ_TAG_ARR+=("$line")
 done < <(mysql -h mysql-mailcow -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "SELECT username FROM mailbox WHERE wants_tagged_subject='1'" -Bs)
 if [[ ! -z ${SUBJ_TAG_ARR} ]]; then
 for user in "${SUBJ_TAG_ARR[@]}"; do
  redis-cli -h redis-mailcow HSET RCPT_WANTS_SUBJECT_TAG ${user} 1
  mysql -h mysql-mailcow -u ${DBUSER} -p${DBPASS} ${DBNAME} -e "UPDATE mailbox SET wants_tagged_subject='2' WHERE username = '${user}'"
 done
 fi
 # Migrate DKIM keys
 for file in $(ls /data/dkim/keys/); do
  domain=${file%.dkim}
  if [[ -f /data/dkim/txt/${file} ]]; then
    redis-cli -h redis-mailcow HSET DKIM_PUB_KEYS "${domain}" "$(cat /data/dkim/keys/${domain})"
    redis-cli -h redis-mailcow HSET DKIM_PRIV_KEYS "${domain}" "$(cat /data/dkim/keys/${file})"
    redis-cli -h redis-mailcow HSET DKIM_SELECTORS "${domain}" "dkim.${domain}"
  fi
  rm /data/dkim/{keys,txt}/${file}
 done
 exec "$@"
--- a/data/Dockerfiles/postfix/Dockerfile
+++ b/data/Dockerfiles/postfix/Dockerfile
@ -1,7 +1,7 @@
 FROM debian:stretch-slim
-MAINTAINER Andre Peters <andre.peters@servercow.de>
+LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
-ENV DEBIAN_FRONTEND noninteractive
+ARG DEBIAN_FRONTEND=noninteractive
 ENV LC_ALL C
 RUN dpkg-divert --local --rename --add /sbin/initctl \
@ -9,31 +9,35 @@ RUN dpkg-divert --local --rename --add /sbin/initctl \
 	&& dpkg-divert --local --rename --add /usr/bin/ischroot \
 	&& ln -sf /bin/true /usr/bin/ischroot
-RUN apt-get update
+RUN apt-get update && apt-get install -y --no-install-recommends \
-RUN apt-get install -y --no-install-recommends supervisor \
+	ca-certificates \
-	postfix \
+	curl \
-	sasl2-bin \
+	dirmngr \
 	gnupg \
 	libsasl2-modules \
 	postfix \
 	postfix \
 	postfix-mysql \
 	postfix-pcre \
 	python-gpgme \
 	sasl2-bin \
 	sudo \
 	supervisor \
 	syslog-ng \
 	syslog-ng-core \
-	ca-certificates \
+	syslog-ng-mod-redis \
-	gnupg \
+	&& rm -rf /var/lib/apt/lists/*
 	python-gpgme \
 	sudo \
 	curl \
 	dirmngr
 RUN addgroup --system --gid 600 zeyple
 RUN adduser --system --home /var/lib/zeyple --no-create-home --uid 600 --gid 600 --disabled-login zeyple
 RUN touch /var/log/zeyple.log && chown zeyple: /var/log/zeyple.log
-RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf
+
 RUN touch /etc/default/locale
 COPY zeyple.py /usr/local/bin/zeyple.py
 COPY zeyple.conf /etc/zeyple.conf
 COPY supervisord.conf /etc/supervisor/supervisord.conf
 COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
 COPY postfix.sh /opt/postfix.sh
 COPY whitelist_forwardinghosts.sh /usr/local/bin/whitelist_forwardinghosts.sh
@ -41,4 +45,4 @@ EXPOSE 588
 CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
-RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+RUN rm -rf /tmp/* /var/tmp/*
--- a/data/Dockerfiles/postfix/supervisord.conf
+++ b/data/Dockerfiles/postfix/supervisord.conf
@ -12,7 +12,7 @@ command=/opt/postfix.sh
 autorestart=true
 [program:postfix-maillog]
-command=/bin/tail -f /var/log/zeyple.log /var/log/mail.log
+command=/bin/tail -f /var/log/zeyple.log /var/log/combined.log
 stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
--- a/data/Dockerfiles/postfix/syslog-ng.conf
+++ b/data/Dockerfiles/postfix/syslog-ng.conf
@ -0,0 +1,31 @@
@version: 3.8
@include "scl.conf"
 options {
  chain_hostnames(off);
  flush_lines(0);
  use_dns(no);
  use_fqdn(no);
  owner("root"); group("adm"); perm(0640);
  stats_freq(0);
  bad_hostname("^gconfd$");
 };
 source s_src {
  unix-stream("/dev/log");
  internal();
 };
 destination d_combined { file("/var/log/combined.log"); };
 destination d_redis {
  redis(
    host("redis-mailcow")
    port(6379)
    command("LPUSH" "POSTFIX_MAILLOG" "$(format-json time=\"$S_UNIXTIME\" priority=\"$PRIORITY\" program=\"$PROGRAM\" message=\"$MESSAGE\")\n")
  );
 };
 filter f_mail { facility(mail) and not filter(f_debug); };
 log {
  source(s_src);
  destination(d_combined);
  filter(f_mail);
  destination(d_redis);
 };
--- a/data/Dockerfiles/rmilter/Dockerfile
+++ b/data/Dockerfiles/rmilter/Dockerfile
@ -1,13 +1,18 @@
 FROM debian:jessie-slim
-MAINTAINER Andre Peters <andre.peters@servercow.de>
+LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
-ENV DEBIAN_FRONTEND noninteractive
+ARG DEBIAN_FRONTEND=noninteractive
 ENV LC_ALL C
 RUN apt-key adv --fetch-keys http://rspamd.com/apt-stable/gpg.key \
 	&& echo "deb http://rspamd.com/apt-stable/ jessie main" > /etc/apt/sources.list.d/rspamd.list \
-	&& apt-get update \
+	&& apt-get update && apt-get install -y --force-yes --no-install-recommends \
-	&& apt-get --no-install-recommends -y --force-yes install rmilter cron syslog-ng syslog-ng-core supervisor
+		cron \
 		rmilter \
 		supervisor \
 		syslog-ng \
 		syslog-ng-core \
 	&& rm -rf /var/lib/apt/lists/*
 COPY supervisord.conf /etc/supervisor/supervisord.conf
@ -18,4 +23,4 @@ RUN touch /var/log/mail.log && chmod 640 /var/log/mail.log && chown root:adm /va
 CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
-RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+RUN rm -rf /tmp/* /var/tmp/*
--- a/data/Dockerfiles/rspamd/Dockerfile
+++ b/data/Dockerfiles/rspamd/Dockerfile
@ -1,24 +1,27 @@
 FROM debian:jessie-slim
-MAINTAINER Andre Peters <andre.peters@servercow.de>
+LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
-ENV DEBIAN_FRONTEND noninteractive
+ARG DEBIAN_FRONTEND=noninteractive
 ENV LC_ALL C
 RUN apt-key adv --fetch-keys http://rspamd.com/apt-stable/gpg.key \
-    && echo "deb http://rspamd.com/apt-stable/ jessie main" > /etc/apt/sources.list.d/rspamd.list \
+	&& echo "deb http://rspamd.com/apt-stable/ jessie main" > /etc/apt/sources.list.d/rspamd.list \
-    && apt-get update \
+	&& apt-get update && apt-get install -y \
-    && apt-get -y install rspamd ca-certificates python-pip
+		ca-certificates \
 		python-pip \
 		rspamd \
 	&& rm -rf /var/lib/apt/lists/*
 RUN echo '.include $LOCAL_CONFDIR/local.d/rspamd.conf.local' > /etc/rspamd/rspamd.conf.local
 COPY settings.conf /etc/rspamd/modules.d/settings.conf
 COPY antivirus.conf /etc/rspamd/modules.d/antivirus.conf
-
+COPY dkim_signing.lua /usr/share/rspamd/lua/dkim_signing.lua
 RUN pip install -U oletools
 CMD /usr/bin/rspamd -f -u _rspamd -g _rspamd
-RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+RUN rm -rf /tmp/* /var/tmp/*
 USER _rspamd
--- a/data/Dockerfiles/rspamd/dkim_signing.lua
+++ b/data/Dockerfiles/rspamd/dkim_signing.lua
@ -0,0 +1,286 @@
 --[[
 Copyright (c) 2016, Andrew Lewis <nerf@judo.za.org>
 Copyright (c) 2016, Vsevolod Stakhov <vsevolod@highsecure.ru>
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 ]]--
 local rspamd_logger = require "rspamd_logger"
 local rspamd_util = require "rspamd_util"
 if confighelp then
  return
 end
 local settings = {
  allow_envfrom_empty = true,
  allow_hdrfrom_mismatch = false,
  allow_hdrfrom_mismatch_local = false,
  allow_hdrfrom_mismatch_sign_networks = false,
  allow_hdrfrom_multiple = false,
  allow_username_mismatch = false,
  auth_only = true,
  domain = {},
  path = string.format('%s/%s/%s', rspamd_paths['DBDIR'], 'dkim', '$domain.$selector.key'),
  sign_local = true,
  selector = 'dkim',
  symbol = 'DKIM_SIGNED',
  try_fallback = true,
  use_domain = 'header',
  use_esld = true,
  use_redis = false,
  key_prefix = 'dkim_keys', -- default hash name
 }
 local E = {}
 local N = 'dkim_signing'
 local redis_params
 local function simple_template(tmpl, keys)
  local lpeg = require "lpeg"
  local var_lit = lpeg.P { lpeg.R("az") + lpeg.R("AZ") + lpeg.R("09") + "_" }
  local var = lpeg.P { (lpeg.P("$") / "") * ((var_lit^1) / keys) }
  local var_braced = lpeg.P { (lpeg.P("${") / "") * ((var_lit^1) / keys) * (lpeg.P("}") / "") }
  local template_grammar = lpeg.Cs((var + var_braced + 1)^0)
  return lpeg.match(template_grammar, tmpl)
 end
 local function dkim_signing_cb(task)
  local is_local, is_sign_networks
  local auser = task:get_user()
  local ip = task:get_from_ip()
  if ip and ip:is_local() then
    is_local = true
  end
  if settings.auth_only and not auser then
    if (settings.sign_networks and settings.sign_networks:get_key(ip)) then
      is_sign_networks = true
      rspamd_logger.debugm(N, task, 'mail is from address in sign_networks')
    elseif settings.sign_local and is_local then
      rspamd_logger.debugm(N, task, 'mail is from local address')
    else
      rspamd_logger.debugm(N, task, 'ignoring unauthenticated mail')
      return
    end
  end
  local efrom = task:get_from('smtp')
  if not settings.allow_envfrom_empty and
      #(((efrom or E)[1] or E).addr or '') == 0 then
    rspamd_logger.debugm(N, task, 'empty envelope from not allowed')
    return false
  end
  local hfrom = task:get_from('mime')
  if not settings.allow_hdrfrom_multiple and (hfrom or E)[2] then
    rspamd_logger.debugm(N, task, 'multiple header from not allowed')
    return false
  end
  local dkim_domain
  local hdom = ((hfrom or E)[1] or E).domain
  local edom = ((efrom or E)[1] or E).domain
  if hdom then
    hdom = hdom:lower()
  end
  if edom then
    edom = edom:lower()
  end
  if settings.use_domain_sign_networks and is_sign_networks then
    if settings.use_domain_sign_networks == 'header' then
      dkim_domain = hdom
    else
      dkim_domain = edom
    end
  elseif settings.use_domain_local and is_local then
    if settings.use_domain_local == 'header' then
      dkim_domain = hdom
    else
      dkim_domain = edom
    end
  else
    if settings.use_domain == 'header' then
      dkim_domain = hdom
    else
      dkim_domain = edom
    end
  end
  if not dkim_domain then
    rspamd_logger.debugm(N, task, 'could not extract dkim domain')
    return false
  end
  if settings.use_esld then
    dkim_domain = rspamd_util.get_tld(dkim_domain)
    if settings.use_domain == 'envelope' and hdom then
      hdom = rspamd_util.get_tld(hdom)
    elseif settings.use_domain == 'header' and edom then
      edom = rspamd_util.get_tld(edom)
    end
  end
  if edom and hdom and not settings.allow_hdrfrom_mismatch and hdom ~= edom then
    if settings.allow_hdrfrom_mismatch_local and is_local then
      rspamd_logger.debugm(N, task, 'domain mismatch allowed for local IP: %1 != %2', hdom, edom)
    elseif settings.allow_hdrfrom_mismatch_sign_networks and is_sign_networks then
      rspamd_logger.debugm(N, task, 'domain mismatch allowed for sign_networks: %1 != %2', hdom, edom)
    else
      rspamd_logger.debugm(N, task, 'domain mismatch not allowed: %1 != %2', hdom, edom)
      return false
    end
  end
  if auser and not settings.allow_username_mismatch then
    local udom = string.match(auser, '.*@(.*)')
    if not udom then
      rspamd_logger.debugm(N, task, 'couldnt find domain in username')
      return false
    end
    if settings.use_esld then
      udom = rspamd_util.get_tld(udom)
    end
    if udom ~= dkim_domain then
      rspamd_logger.debugm(N, task, 'user domain mismatch')
      return false
    end
  end
  local p = {}
  if settings.domain[dkim_domain] then
    p.selector = settings.domain[dkim_domain].selector
    p.key = settings.domain[dkim_domain].path
  end
  if not (p.key and p.selector) and not
    (settings.try_fallback or settings.use_redis or settings.selector_map or settings.path_map) then
    rspamd_logger.debugm(N, task, 'dkim unconfigured and fallback disabled')
    return false
  end
  if not p.key then
    if not settings.use_redis then
      p.key = settings.path
    end
  end
  if not p.selector then
    p.selector = settings.selector
  end
  p.domain = dkim_domain
  if settings.selector_map then
    local data = settings.selector_map:get_key(dkim_domain)
    if data then
      p.selector = data
    end
  end
  if settings.path_map then
    local data = settings.path_map:get_key(dkim_domain)
    if data then
      p.key = data
    end
  end
  if settings.use_redis then
    local function try_redis_key(selector)
      p.key = nil
      p.selector = selector
      local rk = string.format('%s.%s', p.selector, p.domain)
      local function redis_key_cb(err, data)
        if err or type(data) ~= 'string' then
          rspamd_logger.infox(rspamd_config, "cannot make request to load DKIM key for %s: %s",
            rk, err)
        else
          p.rawkey = data
          if rspamd_plugins.dkim.sign(task, p) then
            task:insert_result(settings.symbol, 1.0)
          end
        end
      end
      local ret = rspamd_redis_make_request(task,
        redis_params, -- connect params
        rk, -- hash key
        false, -- is write
        redis_key_cb, --callback
        'HGET', -- command
        {settings.key_prefix, rk} -- arguments
      )
      if not ret then
        rspamd_logger.infox(rspamd_config, "cannot make request to load DKIM key for %s", rk)
      end
    end
    if settings.selector_prefix then
      rspamd_logger.infox(rspamd_config, "Using selector prefix %s for domain %s", settings.selector_prefix, p.domain);
      local function redis_selector_cb(err, data)
        if err or type(data) ~= 'string' then
          rspamd_logger.infox(rspamd_config, "cannot make request to load DKIM selector for domain %s: %s", p.domain, err)
        else
          try_redis_key(data)
        end
      end
      local ret = rspamd_redis_make_request(task,
        redis_params, -- connect params
        p.domain, -- hash key
        false, -- is write
        redis_selector_cb, --callback
        'HGET', -- command
        {settings.selector_prefix, p.domain} -- arguments
      )
      if not ret then
        rspamd_logger.infox(rspamd_config, "cannot make request to load DKIM selector for %s", p.domain)
      end
    else
      if not p.selector then
        rspamd_logger.errx(task, 'No selector specified')
        return false
      end
      try_redis_key(p.selector)
    end
  else
    if (p.key and p.selector) then
      p.key = simple_template(p.key, {domain = p.domain, selector = p.selector})
      return rspamd_plugins.dkim.sign(task, p)
    else
      rspamd_logger.infox(task, 'key path or dkim selector unconfigured; no signing')
      return false
    end
  end
 end
 local opts =  rspamd_config:get_all_opt('dkim_signing')
 if not opts then return end
 for k,v in pairs(opts) do
  if k == 'sign_networks' then
    settings[k] = rspamd_map_add(N, k, 'radix', 'DKIM signing networks')
  elseif k == 'path_map' then
    settings[k] = rspamd_map_add(N, k, 'map', 'Paths to DKIM signing keys')
  elseif k == 'selector_map' then
    settings[k] = rspamd_map_add(N, k, 'map', 'DKIM selectors')
  else
    settings[k] = v
  end
 end
 if not (settings.use_redis or settings.path or settings.domain or settings.path_map or settings.selector_map) then
  rspamd_logger.infox(rspamd_config, 'mandatory parameters missing, disable dkim signing')
  return
 end
 if settings.use_redis then
  redis_params = rspamd_parse_redis_server('dkim_signing')
  if not redis_params then
    rspamd_logger.errx(rspamd_config, 'no servers are specified, but module is configured to load keys from redis, disable dkim signing')
    return
  end
 end
 if settings.use_domain ~= 'header' and settings.use_domain ~= 'envelope' then
  rspamd_logger.errx(rspamd_config, "Value for 'use_domain' is invalid")
  settings.use_domain = 'header'
 end
 rspamd_config:register_symbol({
  name = settings['symbol'],
  callback = dkim_signing_cb
 })
--- a/data/Dockerfiles/rspamd/docker-entrypoint.sh
+++ b/data/Dockerfiles/rspamd/docker-entrypoint.sh
@ -0,0 +1,10 @@
 #!/bin/bash
 set -e
 if [[ ! -d "/data/dkim/txt" || ! -d "/data/dkim/keys" ]] ; then	mkdir -p /data/dkim/{txt,keys} ; chown -R www-data:www-data /data/dkim; fi
 if [[ $(stat -c %U /data/dkim/) != "www-data" ]] ; then chown -R www-data:www-data /data/dkim ; fi
 # Migrate domain table to redis
 exec "$@"
--- a/data/Dockerfiles/sogo/Dockerfile
+++ b/data/Dockerfiles/sogo/Dockerfile
@ -1,45 +1,52 @@
 FROM debian:jessie-slim
-MAINTAINER Andre Peters <andre.peters@servercow.de>
+LABEL maintainer "Andre Peters <andre.peters@servercow.de>"
-ENV DEBIAN_FRONTEND noninteractive
+ARG DEBIAN_FRONTEND=noninteractive
 ENV LC_ALL C
 ENV GOSU_VERSION 1.9
-RUN apt-get update \
+RUN apt-get update && apt-get install -y --no-install-recommends \
-	&& apt-get install -y --no-install-recommends apt-transport-https gnupg \
+		apt-transport-https \
 		ca-certificates \
-		wget \
+		cron \
 		gnupg \
 		mysql-client \
 		supervisor \
 		syslog-ng \
 		syslog-ng-core \
-		supervisor \
+		syslog-ng-mod-redis \
-		mysql-client \
+		wget \
-		cron \
+	&& rm -rf /var/lib/apt/lists/* \
-    && dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
+	&& dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
-    && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
+	&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
-    && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \
+	&& wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \
-    && export GNUPGHOME="$(mktemp -d)" \
+	&& export GNUPGHOME="$(mktemp -d)" \
-    && gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
+	&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
-    && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
+	&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
-    && rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \
+	&& rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \
-    && chmod +x /usr/local/bin/gosu \
+	&& chmod +x /usr/local/bin/gosu \
-    && gosu nobody true
+	&& gosu nobody true
 RUN mkdir /usr/share/doc/sogo
 RUN touch /usr/share/doc/sogo/empty.sh
 RUN apt-key adv --keyserver keys.gnupg.net --recv-key 0x810273C4 \
 	&& echo "deb http://packages.inverse.ca/SOGo/nightly/3/debian/ jessie jessie" > /etc/apt/sources.list.d/sogo.list \
-	&& apt-get update \
+	&& apt-get update && apt-get install -y --force-yes \
-	&& apt-get -y --force-yes install sogo sogo-activesync 
+		sogo \
 		sogo-activesync \
 	&& rm -rf /var/lib/apt/lists/*
-RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf
+RUN echo '* * * * *   sogo   /usr/sbin/sogo-ealarms-notify 2>/dev/null' > /etc/cron.d/sogo
 RUN echo '* * * * *   sogo   /usr/sbin/sogo-ealarms-notify' > /etc/cron.d/sogo
 RUN echo '* * * * *   sogo   /usr/sbin/sogo-tool expire-sessions 60' >> /etc/cron.d/sogo
 RUN echo '0 0 * * *   sogo   /usr/sbin/sogo-tool update-autoreply -p /etc/sogo/sieve.creds' >> /etc/cron.d/sogo
 RUN touch /etc/default/locale
 COPY ./reconf-domains.sh /
 COPY syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
 COPY supervisord.conf /etc/supervisor/supervisord.conf
 CMD exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf
-RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+RUN rm -rf /tmp/* /var/tmp/*
--- a/data/Dockerfiles/sogo/supervisord.conf
+++ b/data/Dockerfiles/sogo/supervisord.conf
@ -19,7 +19,7 @@ autorestart=true
 priority=10
 [program:sogo-syslog]
-command=/usr/bin/tail -f /var/log/syslog -f /var/log/sogo/sogo.log
+command=/usr/bin/tail -f /var/log/combined.log
 stdout_logfile=/dev/fd/1
 stdout_logfile_maxbytes=0
--- a/data/Dockerfiles/sogo/syslog-ng.conf
+++ b/data/Dockerfiles/sogo/syslog-ng.conf
@ -0,0 +1,37 @@
@version: 3.5
@include "scl.conf"
 options {
  chain_hostnames(off);
  flush_lines(0);
  use_dns(no);
  use_fqdn(no);
  owner("root"); group("adm"); perm(0640);
  stats_freq(0);
  bad_hostname("^gconfd$");
 };
 source s_src {
  unix-stream("/dev/log");
  internal();
 };
 source s_sogo {
  file("/var/log/sogo/sogo.log");
 };
 destination d_combined {
  file("/var/log/combined.log");
 };
 destination d_redis {
  redis(
    host("redis-mailcow")
    port(6379)
    command("LPUSH" "SOGO_LOG" "$(format-json time=\"$S_UNIXTIME\" priority=\"$PRIORITY\" program=\"$PROGRAM\" message=\"$MESSAGE\")\n")
  );
 };
 log {
  source(s_sogo);
  source(s_src);
  destination(d_combined);
 };
 log {
  source(s_sogo);
  destination(d_redis);
 };
--- a/data/conf/dovecot/dovecot.conf
+++ b/data/conf/dovecot/dovecot.conf
@ -1,6 +1,6 @@
 auth_mechanisms = plain login
 #mail_debug = yes
-log_path = /var/log/mail.log
+log_path = syslog
 disable_plaintext_auth = yes
 # Uncomment on NFS share
 #mmap_disable = yes
--- a/data/conf/dovecot/sieve_after
+++ b/data/conf/dovecot/sieve_after
@ -9,16 +9,13 @@ if header :contains "X-Spam-Flag" "YES" {
 }
 if allof (
  envelope :detail :matches "to" "*",
  header :contains "X-Moo-Tag" "YES",
  mailboxexists "INBOX/${s}"
  ) {
    fileinto "INBOX/${s}";
 }
 elsif allof (
  envelope :detail :matches "to" "*",
  header :contains "X-Moo-Tag" "YES"
  ) {
-    set :lower "s" "${1}";
+  set :lower :upperfirst "tag" "${1}";
-    fileinto :create "INBOX/${s}";
+  if mailboxexists "INBOX/${1}" {
    fileinto "INBOX/${1}";
  } else {
    fileinto :create "INBOX/${tag}";
  }
 }
--- a/data/conf/rspamd/dynmaps/authoritative.php
+++ b/data/conf/rspamd/dynmaps/authoritative.php
@ -1,34 +0,0 @@
 <?php
 require_once "vars.inc.php";
 ini_set('error_reporting', 0);
 $has_object = 0;
 header('Content-Type: text/plain');
 $dsn = $database_type . ':host=' . $database_host . ';dbname=' . $database_name;
 $opt = [
    PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
    PDO::ATTR_EMULATE_PREPARES   => false,
 ];
 try {
  $pdo = new PDO($dsn, $database_user, $database_pass, $opt);
  $stmt = $pdo->query("SELECT `domain` FROM `domain`");
  $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
  while ($row = array_shift($rows)) {
    $has_object = 1;
    echo strtolower(trim($row['domain'])) . PHP_EOL;
  }
  $stmt = $pdo->query("SELECT `alias_domain` FROM `alias_domain`");
  $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
  while ($row = array_shift($rows)) {
    $has_object = 1;
    echo strtolower(trim($row['alias_domain'])) . PHP_EOL;
  }
  if ($has_object == 0) {
    echo "dummy@domain.local";
  }
 }
 catch (PDOException $e) {
  echo "dummy@domain.local";
  exit;
 }
 ?>
--- a/data/conf/rspamd/dynmaps/forwardinghosts.php
+++ b/data/conf/rspamd/dynmaps/forwardinghosts.php
@ -1,56 +1,44 @@
 <?php
 header('Content-Type: text/plain');
 require_once "vars.inc.php";
 ini_set('error_reporting', 0);
-function in_net($addr, $net)
+$redis = new Redis();
-{
+$redis->connect('redis-mailcow', 6379);
 	$net = explode('/', $net);
 	if (count($net) > 1)
 		$mask = $net[1];
 	$net = inet_pton($net[0]);
 	$addr = inet_pton($addr);
-	$length = strlen($net); // 4 for IPv4, 16 for IPv6
+function in_net($addr, $net) {
-	if (strlen($net) != strlen($addr))
+  $net = explode('/', $net);
-		return FALSE;
+  if (count($net) > 1) {
-	if (!isset($mask))
+    $mask = $net[1];
-		$mask = $length * 8;
+  }
-
+  $net = inet_pton($net[0]);
-	$addr_bin = '';
+  $addr = inet_pton($addr);
-	$net_bin = '';
+  $length = strlen($net); // 4 for IPv4, 16 for IPv6
-	for ($i = 0; $i < $length; ++$i)
+  if (strlen($net) != strlen($addr)) {
-	{
+    return false;
-		$addr_bin .= str_pad(decbin(ord(substr($addr, $i, $i+1))), 8, '0', STR_PAD_LEFT);
+  }
-		$net_bin .= str_pad(decbin(ord(substr($net, $i, $i+1))), 8, '0', STR_PAD_LEFT);
+  if (!isset($mask)) {
-	}
+    $mask = $length * 8;
-
+  }
-	return substr($addr_bin, 0, $mask) == substr($net_bin, 0, $mask);
+  $addr_bin = '';
  $net_bin = '';
  for ($i = 0; $i < $length; ++$i) {
    $addr_bin .= str_pad(decbin(ord(substr($addr, $i, $i+1))), 8, '0', STR_PAD_LEFT);
    $net_bin .= str_pad(decbin(ord(substr($net, $i, $i+1))), 8, '0', STR_PAD_LEFT);
  }
  return substr($addr_bin, 0, $mask) == substr($net_bin, 0, $mask);
 }
 $dsn = $database_type . ':host=' . $database_host . ';dbname=' . $database_name;
 $opt = [
    PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
    PDO::ATTR_EMULATE_PREPARES   => false,
 ];
 try {
-  $pdo = new PDO($dsn, $database_user, $database_pass, $opt);
+  foreach ($redis->hGetAll('WHITELISTED_FWD_HOST') as $host => $source) {
-  $stmt = $pdo->query("SELECT host FROM `forwarding_hosts`");
+    if (in_net($_GET['host'], $host)) {
-  $networks = $stmt->fetchAll(PDO::FETCH_COLUMN);
+      echo '200 PERMIT';
  foreach ($networks as $network)
  {
    if (in_net($_GET['host'], $network))
    {
      echo '200 permit';
      exit;
    }
  }
-  echo '200 dunno';
+  echo '200 DUNNO';
 }
-catch (PDOException $e) {
+catch (RedisException $e) {
-  echo '200 dunno';
+  echo '200 DUNNO';
  exit;
 }
 ?>
--- a/data/conf/rspamd/dynmaps/settings.php
+++ b/data/conf/rspamd/dynmaps/settings.php
@ -32,35 +32,11 @@ catch (PDOException $e) {
 ?>
 settings {
 <?php
 try {
 	$stmt = $pdo->query("SELECT `host` FROM `forwarding_hosts`");
 	$rows = $stmt->fetchAll(PDO::FETCH_COLUMN);
 }
 catch (PDOException $e) {
 	$rows = array();
 }
-if ($rows)
+/*
-{
+// Start custom scores for users
-?>
+*/
-	whitelist_forwarding_hosts {
+
 		priority = high;
 <?php
 foreach ($rows as $host) {
 	echo "\t\t" . 'ip = "' . $host . '";' . "\n";
 }
 ?>
 		apply "default" {
 			actions {
 				reject = 999.9;
 			}
 		}
 		symbols [
 			"WHITELIST_FORWARDING_HOST"
 		]
 	}
 <?php
 }
 $stmt = $pdo->query("SELECT DISTINCT `object` FROM `filterconf` WHERE `option` = 'highspamlevel' OR `option` = 'lowspamlevel'");
 $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
@ -343,4 +319,4 @@ while ($row = array_shift($rows)) {
 <?php
 }
 ?>
-}
+}
--- a/data/conf/rspamd/dynmaps/tags.php
+++ b/data/conf/rspamd/dynmaps/tags.php
@ -1,41 +0,0 @@
 <?php
 require_once "vars.inc.php";
 ini_set('error_reporting', 0);
 $has_object = 0;
 header('Content-Type: text/plain');
 $dsn = $database_type . ':host=' . $database_host . ';dbname=' . $database_name;
 $opt = [
    PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
    PDO::ATTR_EMULATE_PREPARES   => false,
 ];
 try {
  $pdo = new PDO($dsn, $database_user, $database_pass, $opt);
  $stmt = $pdo->query("SELECT `username` FROM `mailbox` WHERE `wants_tagged_subject` = '1'");
  $rows_a = $stmt->fetchAll(PDO::FETCH_ASSOC);
  while ($row_a = array_shift($rows_a)) {
    $stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE `goto` REGEXP :username AND goto != `address` AND `address` NOT LIKE '@%'");
    $stmt->execute(array(':username' => '(^|,)'.$row_a['username'].'($|,)'));
    $rows_a_a = $stmt->fetchAll(PDO::FETCH_ASSOC);
    while ($row_a_a = array_shift($rows_a_a)) {
      echo strtolower(trim($row_a_a['address'])) . PHP_EOL;
    }
    $has_object = 1;
    echo strtolower(trim($row_a['username'])) . PHP_EOL;
  }
  $stmt = $pdo->query("SELECT CONCAT(`mailbox`.`local_part`, '@', `alias_domain`.`alias_domain`) AS `tag_ad` FROM `mailbox`
    INNER JOIN `alias_domain` ON `mailbox`.`domain` = `alias_domain`.`target_domain` WHERE `mailbox`.`wants_tagged_subject` = '1';");
  $rows_b = $stmt->fetchAll(PDO::FETCH_ASSOC);
  while ($row_b = array_shift($rows_b)) {
    $has_object = 1;
    echo strtolower(trim($row_b['tag_ad'])) . PHP_EOL;
  }
  if ($has_object == 0) {
    echo "dummy@domain.local";
  }
 }
 catch (PDOException $e) {
  echo "dummy@domain.local";
  exit;
 }
 ?>
--- a/data/conf/rspamd/local.d/dkim_signing.conf
+++ b/data/conf/rspamd/local.d/dkim_signing.conf
@ -23,6 +23,8 @@ use_domain = "envelope";
 # Whether to normalise domains to eSLD
 use_esld = false;
 # Whether to get keys from Redis
-use_redis = false;
+use_redis = true;
 # Hash for DKIM keys in Redis
-hash_key = "DKIM_KEYS";
+key_prefix = "DKIM_PRIV_KEYS";
 # Selector map
 selector_prefix = "DKIM_SELECTORS";
--- a/data/conf/rspamd/local.d/force_actions.conf
+++ b/data/conf/rspamd/local.d/force_actions.conf
@ -9,4 +9,14 @@ rules {
    expression = "CLAM_VIRUS & !MAILCOW_WHITE";
    honor_action = ["reject"];
  }
  WHITELIST_FORWARDING_HOST_NO_REJECT {
    action = "add header";
    expression = "WHITELISTED_FWD_HOST";
    require_action = ["soft reject", "reject"];
  }
  WHITELIST_FORWARDING_HOST_NO_GREYLIST {
    action = "no action";
    expression = "WHITELISTED_FWD_HOST";
    require_action = ["greylist"];
  }
 }
--- a/data/conf/rspamd/local.d/multimap.conf
+++ b/data/conf/rspamd/local.d/multimap.conf
@ -0,0 +1,22 @@
 RCPT_MAILCOW_DOMAIN {
  type = "rcpt";
  filter = "email:domain"
  map = "redis://DOMAIN_MAP"
 }
 RCPT_WANTS_SUBJECT_TAG {
  type = "rcpt";
  filter = "email:addr"
  map = "redis://RCPT_WANTS_SUBJECT_TAG"
 }
 WHITELISTED_FWD_HOST {
  type = "ip";
  map = "redis://WHITELISTED_FWD_HOST"
 }
 KEEP_SPAM {
  type = "ip";
  map = "redis://KEEP_SPAM"
  action = "accept";
 }
--- a/data/conf/rspamd/lua/rspamd.local.lua
+++ b/data/conf/rspamd/lua/rspamd.local.lua
@ -13,12 +13,9 @@ modify_subject_map = rspamd_config:add_map({
  description = 'Map of users to use subject tags for'
 })
-auth_domain_map = rspamd_config:add_map({
+local redis_params
-  url = 'http://172.22.1.251:8081/authoritative.php',
+redis_params = rspamd_parse_redis_server('tag_settings')
-  type = 'map',
+if redis_params then
  description = 'Map of domains we are authoritative for'
 })
 rspamd_config:register_symbol({
  name = 'TAG_MOO',
  type = 'postfilter',
@ -27,12 +24,14 @@ rspamd_config:register_symbol({
    local rspamd_logger = require "rspamd_logger"
    local tagged_rcpt = task:get_symbol("TAGGED_RCPT")
    local mailcow_domain = task:get_symbol("RCPT_MAILCOW_DOMAIN")
    local user = task:get_recipients(0)[1]['user']
    local domain = task:get_recipients(0)[1]['domain']
    local rcpt = user .. '@' .. domain
    local authdomain = auth_domain_map:get_key(domain)
-    if tagged_rcpt then
+
    if tagged_rcpt and mailcow_domain then
      local tag = tagged_rcpt[1].options[1]
      rspamd_logger.infox("found tag: %s", tag)
      local action = task:get_metric_action('default')
@ -44,32 +43,27 @@ rspamd_config:register_symbol({
        return true
      end
-      if authdomain then
+      local wants_subject_tag = task:get_symbol("RCPT_WANTS_SUBJECT_TAG")
        rspamd_logger.infox("found mailcow domain %s", domain)
        rspamd_logger.infox("querying tag settings for user %s", rcpt)
-        if modify_subject_map:get_key(rcpt) then
+      if wants_subject_tag then
-          rspamd_logger.infox("user wants subject modified for tagged mail")
+        rspamd_logger.infox("user wants subject modified for tagged mail")
-          local sbj = task:get_header('Subject')
+        local sbj = task:get_header('Subject')
-          new_sbj = '=?UTF-8?B?' .. tostring(util.encode_base64('[' .. tag .. '] ' .. sbj)) .. '?='
+        new_sbj = '=?UTF-8?B?' .. tostring(util.encode_base64('[' .. tag .. '] ' .. sbj)) .. '?='
-          task:set_rmilter_reply({
+        task:set_rmilter_reply({
-            remove_headers = {['Subject'] = 1},
+          remove_headers = {['Subject'] = 1},
-            add_headers = {['Subject'] = new_sbj}
+          add_headers = {['Subject'] = new_sbj}
-          })
+        })
        else
          rspamd_logger.infox("Add X-Moo-Tag header")
          task:set_rmilter_reply({
            add_headers = {['X-Moo-Tag'] = 'YES'}
          })
        end
      else
-        rspamd_logger.infox("skip delimiter handling for unknown domain")
+        rspamd_logger.infox("Add X-Moo-Tag header")
        task:set_rmilter_reply({
          add_headers = {['X-Moo-Tag'] = 'YES'}
        })
      end
      return false
    end
  end,
  priority = 10
 })
 end
 rspamd_config.MRAPTOR = {
  callback = function(task)
--- a/data/web/add.php
+++ b/data/web/add.php
@ -21,6 +21,9 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 ?>
 				<h4><?=$lang['add']['domain'];?></h4>
 				<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
 					<input type="hidden" value="0" name="active">
 					<input type="hidden" value="0" name="backupmx">
 					<input type="hidden" value="0" name="relay_all_recipients">
 					<div class="form-group">
 						<label class="control-label col-sm-2" for="domain"><?=$lang['add']['domain'];?>:</label>
 						<div class="col-sm-10">
@ -61,9 +64,9 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 						<label class="control-label col-sm-2"><?=$lang['add']['backup_mx_options'];?></label>
 						<div class="col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="backupmx"> <?=$lang['add']['relay_domain'];?></label>
+							<label><input type="checkbox" value="1" name="backupmx"> <?=$lang['add']['relay_domain'];?></label>
 							<br />
-							<label><input type="checkbox" name="relay_all_recipients"> <?=$lang['add']['relay_all'];?></label>
+							<label><input type="checkbox" value="1" name="relay_all_recipients"> <?=$lang['add']['relay_all'];?></label>
 							<p><?=$lang['add']['relay_all_info'];?></p>
 							</div>
 						</div>
@ -71,7 +74,7 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
+							<label><input type="checkbox" value="1" name="active" checked> <?=$lang['add']['active'];?></label>
 							</div>
 						</div>
 					</div>
@ -89,6 +92,7 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 				<h4><?=$lang['add']['alias'];?></h4>
 				<p><?=$lang['add']['alias_spf_fail'];?></p>
 				<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
 					<input type="hidden" value="0" name="active">
 					<div class="form-group">
 						<label class="control-label col-sm-2" for="address"><?=$lang['add']['alias_address'];?></label>
 						<div class="col-sm-10">
@ -106,7 +110,7 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
+							<label><input type="checkbox" value="1" name="active" checked> <?=$lang['add']['active'];?></label>
 							</div>
 						</div>
 					</div>
@ -122,6 +126,7 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 	?>
 				<h4><?=$lang['add']['alias_domain'];?></h4>
 				<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
 					<input type="hidden" value="0" name="active">
 					<div class="form-group">
 						<label class="control-label col-sm-2" for="alias_domain"><?=$lang['add']['alias_domain'];?></label>
 						<div class="col-sm-10">
@ -144,7 +149,7 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
+							<label><input type="checkbox" value="1" name="active" checked> <?=$lang['add']['active'];?></label>
 							</div>
 						</div>
 					</div>
@ -160,6 +165,7 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 	?>
 				<h4><?=$lang['add']['mailbox'];?></h4>
 				<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
 					<input type="hidden" value="0" name="active">
 					<div class="form-group">
 						<label class="control-label col-sm-2" for="local_part"><?=$lang['add']['mailbox_username'];?></label>
 						<div class="col-sm-10">
@ -169,7 +175,7 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 					<div class="form-group">
 						<label class="control-label col-sm-2" for="domain"><?=$lang['add']['domain'];?>:</label>
 						<div class="col-sm-10">
-							<select id="addSelectDomain" name="domain" id="domain" title="<?=$lang['add']['select'];?>" required>
+							<select id="addSelectDomain" name="domain" id="domain" required>
 							<?php
              foreach (mailbox_get_domains() as $domain) {
 								echo "<option>".htmlspecialchars($domain)."</option>";
@ -207,7 +213,7 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
+							<label><input type="checkbox" value="1" name="active" checked> <?=$lang['add']['active'];?></label>
 							</div>
 						</div>
 					</div>
@ -223,6 +229,8 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 	?>
 				<h4><?=$lang['add']['resource'];?></h4>
 				<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
 					<input type="hidden" value="0" name="active">
 					<input type="hidden" value="0" name="multiple_bookings">
 					<div class="form-group">
 						<label class="control-label col-sm-2" for="description"><?=$lang['add']['description'];?></label>
 						<div class="col-sm-10">
@ -254,14 +262,14 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
+							<label><input type="checkbox" value="1" name="active" checked> <?=$lang['add']['active'];?></label>
 							</div>
 						</div>
 					</div>
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="multiple_bookings" checked> <?=$lang['add']['multiple_bookings'];?></label>
+							<label><input type="checkbox" value="1" name="multiple_bookings" checked> <?=$lang['add']['multiple_bookings'];?></label>
 							</div>
 						</div>
 					</div>
@ -285,6 +293,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] ==
 				<h4><?=$lang['add']['syncjob'];?></h4>
 				<p><?=$lang['add']['syncjob_hint'];?></p>
 				<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
 					<input type="hidden" value="0" name="active">
 					<input type="hidden" value="0" name="delete1">
 					<input type="hidden" value="0" name="delete2duplicates">
 					<div class="form-group">
 						<label class="control-label col-sm-2" for="host1"><?=$lang['add']['hostname'];?></label>
 						<div class="col-sm-10">
@ -346,27 +357,27 @@ elseif (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] ==
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="delete2duplicates" checked> <?=$lang['add']['delete2duplicates'];?></label>
+							<label><input type="checkbox" value="1" name="delete2duplicates" checked> <?=$lang['add']['delete2duplicates'];?></label>
 							</div>
 						</div>
 					</div>
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="delete1"> <?=$lang['add']['delete1'];?></label>
+							<label><input type="checkbox" value="1" name="delete1"> <?=$lang['add']['delete1'];?></label>
 							</div>
 						</div>
 					</div>
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="active" checked> <?=$lang['add']['active'];?></label>
+							<label><input type="checkbox" value="1" name="active" checked> <?=$lang['add']['active'];?></label>
 							</div>
 						</div>
 					</div>
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
-							<button type="submit" name="add_syncjob" value="1" class="btn btn-success "><?=$lang['add']['save'];?></button>
+							<button type="submit" name="add_syncjob" class="btn btn-success "><?=$lang['add']['save'];?></button>
 						</div>
 					</div>
 				</form>
--- a/data/web/admin.php
+++ b/data/web/admin.php
@ -7,9 +7,21 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
 $tfa_data = get_tfa();
 ?>
 <div class="container">
  <h4><span class="glyphicon glyphicon-user" aria-hidden="true"></span> <?=$lang['admin']['access'];?></h4>
-  <div class="panel-group" id="accordion_access">
+  <ul class="nav nav-tabs" role="tablist">
    <li role="presentation" class="active">
      <a href="#tab-access" aria-controls="tab-access" role="tab" data-toggle="tab"><?=$lang['admin']['access'];?></a>
    </li>
    <li role="presentation">
      <a href="#tab-config" aria-controls="tab-config" role="tab" data-toggle="tab"><?=$lang['admin']['configuration'];?></a>
    </li>
    <li role="presentation">
      <a href="#tab-logs" aria-controls="tab-logs" role="tab" data-toggle="tab"><?=$lang['admin']['logs'];?></a>
    </li>
  </ul>
  <div class="tab-content" style="padding-top:20px">
  <div role="tabpanel" class="tab-pane active" id="tab-access">
    <div class="panel panel-danger">
      <div class="panel-heading"><?=$lang['admin']['admin_details'];?></div>
      <div class="panel-body">
@ -82,57 +94,13 @@ $tfa_data = get_tfa();
        <div class="panel-body">
          <form method="post">
            <div class="table-responsive">
-            <table class="table table-striped" id="domainadminstable">
+            <table class="table table-striped" id="domainadminstable"></table>
              <thead>
              <tr>
                <th style="min-width: 100px;"><?=$lang['admin']['username'];?></th>
                <th style="min-width: 166px;"><?=$lang['admin']['admin_domains'];?></th>
                <th style="min-width: 76px;"><?=$lang['admin']['active'];?></th>
                <th style="min-width: 76px;"><?=$lang['tfa']['tfa'];?></th>
                <th style="text-align: right; min-width: 200px;"><?=$lang['admin']['action'];?></th>
              </tr>
              </thead>
              <tbody>
                <?php
                foreach (get_domain_admins() as $domain_admin) {
                  $da_data = get_domain_admin_details($domain_admin); 
                  if (!empty($da_data)):
                ?>
                <tr id="data">
                  <td><?=htmlspecialchars(strtolower($domain_admin));?></td>
                  <td>
                  <?php
                  foreach ($da_data['selected_domains'] as $domain) {
                    echo htmlspecialchars($domain).'<br />';
                  }
                  ?>
                  </td>
                  <td><?=$da_data['active'];?></td>
                  <td><?=empty($da_data['tfa_active_int']) ? "✘" : "✔";?></td>
                  <td style="text-align: right;">
                    <div class="btn-group">
                      <a href="edit.php?domainadmin=<?=$domain_admin;?>" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> <?=$lang['admin']['edit'];?></a>
                      <a href="delete.php?domainadmin=<?=$domain_admin;?>" class="btn btn-xs btn-danger"><span class="glyphicon glyphicon-trash"></span> <?=$lang['admin']['remove'];?></a>
                    </div>
                  </td>
                  </td>
                </tr>
                <?php
                else:
                ?>
                  <tr id="no-data"><td colspan="4" style="text-align: center; font-style: italic;"><?=$lang['admin']['no_record'];?></td></tr>
                <?php
                endif;
                }
                ?>
              </tbody>
            </table>
            </div>
          </form>
          <small>
          <legend><?=$lang['admin']['add_domain_admin'];?></legend>
          <form class="form-horizontal" role="form" method="post">
            <input type="hidden" value="0" name="active">
            <div class="form-group">
              <label class="control-label col-sm-2" for="username"><?=$lang['admin']['username'];?>:</label>
              <div class="col-sm-10">
@ -167,7 +135,7 @@ $tfa_data = get_tfa();
            <div class="form-group">
              <div class="col-sm-offset-2 col-sm-10">
                <div class="checkbox">
-                <label><input type="checkbox" name="active" checked> <?=$lang['admin']['active'];?></label>
+                <label><input type="checkbox" value="1" name="active" checked> <?=$lang['admin']['active'];?></label>
                </div>
              </div>
            </div>
@ -183,189 +151,201 @@ $tfa_data = get_tfa();
    </div>
  </div>
  <h4><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span> <?=$lang['admin']['configuration'];?></h4>
-  <div class="panel-group" id="accordion_access">
+  <div role="tabpanel" class="tab-pane" id="tab-config">
-
+    <div class="panel panel-default">
-  <div class="panel panel-default">
+      <div class="panel-heading"><?=$lang['admin']['dkim_keys'];?></div>
-  <div class="panel-heading"><?=$lang['admin']['dkim_keys'];?></div>
+      <div class="panel-body">
-  <div class="panel-body">
+        <div class="mass-actions-admin">
-    <p style="margin-bottom:40px"><?=$lang['admin']['dkim_key_hint'];?></p>
+          <div class="btn-group btn-group-sm">
-    <?php
+            <button type="button" id="toggle_multi_select_all" data-id="dkim" class="btn btn-default"><?=$lang['mailbox']['toggle_all'];?></button>
-    foreach(mailbox_get_domains() as $domain) {
+            <button type="button" id="delete_selected" name="delete_selected" data-id="dkim" data-api-url="delete/dkim" class="btn btn-danger"><?=$lang['admin']['remove'];?></button>
        if (!empty($dkim = dkim_get_key_details($domain))) {
      ?>
        <div class="row">
          <div class="col-xs-3">
            <p>Domain: <strong><?=htmlspecialchars($domain);?></strong><br />
              <span class="label label-success"><?=$lang['admin']['dkim_key_valid'];?></span>
              <span class="label label-info"><?=$dkim['length'];?> bit</span>
            </p>
          </div>
          <div class="col-xs-8">
              <pre><?=$dkim['dkim_txt'];?></pre>
          </div>
          <div class="col-xs-1">
            <form class="form-inline" method="post">
              <input type="hidden" name="domain" value="<?=$domain;?>">
              <input type="hidden" name="dkim_delete_key" value="1">
                <a href="#" onclick="$(this).closest('form').submit()" data-toggle="tooltip" data-placement="top" title="<?=$lang['user']['delete_now'];?>"><span class="glyphicon glyphicon-remove"></span></a>
            </form>
          </div>
        </div>
-      <?php
+        <?php
-      }
+        foreach(mailbox_get_domains() as $domain) {
-      else {
+            if (!empty($dkim = dkim_get_key_details($domain))) {
-      ?>
+          ?>
-      <div class="row">
+            <div class="row">
-        <div class="col-xs-3">
+              <div class="col-xs-1"><input type="checkbox" data-id="dkim" name="multi_select" value="<?=$domain;?>" /></div>
-          <p>Domain: <strong><?=htmlspecialchars($domain);?></strong><br /><span class="label label-danger"><?=$lang['admin']['dkim_key_missing'];?></span></p>
+              <div class="col-xs-2">
-        </div>
+                <p>Domain: <strong><?=htmlspecialchars($domain);?></strong><br />
-        <div class="col-xs-8"><pre>-</pre></div>
+                  <span class="label label-success"><?=$lang['admin']['dkim_key_valid'];?></span>
-        <div class="col-xs-1">&nbsp;</div>
+                  <span class="label label-primary">Selector '<?=$dkim['dkim_selector'];?>'</span>
-      </div>
+                  <span class="label label-info"><?=$dkim['length'];?> bit</span>
-      <?php
+                </p>
-      }
+              </div>
-      foreach(mailbox_get_alias_domains($domain) as $alias_domain) {
+              <div class="col-xs-9">
-        if (!empty($dkim = dkim_get_key_details($alias_domain))) {
+                  <pre><?=$dkim['dkim_txt'];?></pre>
-        ?>
+              </div>
            </div>
          <?php
          }
          else {
          ?>
          <div class="row">
-            <div class="col-xs-offset-1 col-xs-2">
+              <div class="col-xs-1"><input type="checkbox" data-id="dkim" name="multi_select" value="<?=$domain;?>" disabled /></div>
-              <p><small>↳ Alias-Domain: <strong><?=htmlspecialchars($alias_domain);?></strong><br /></small>
+            <div class="col-xs-2">
-                <span class="label label-success"><?=$lang['admin']['dkim_key_valid'];?></span>
+              <p>Domain: <strong><?=htmlspecialchars($domain);?></strong><br /><span class="label label-danger"><?=$lang['admin']['dkim_key_missing'];?></span></p>
                <span class="label label-info"><?=$dkim['length'];?> bit</span>
            </p>
            </div>
            <div class="col-xs-8">
              <pre><?=$dkim['dkim_txt'];?></pre>
            </div>
            <div class="col-xs-1">
              <form class="form-inline" method="post">
                <input type="hidden" name="domain" value="<?=$alias_domain;?>">
                <input type="hidden" name="dkim_delete_key" value="1">
                <a href="#" onclick="$(this).closest('form').submit()" data-toggle="tooltip" data-placement="top" title="<?=$lang['user']['delete_now'];?>"><span class="glyphicon glyphicon-remove"></span></a>
              </form>
            </div>
            <div class="col-xs-9"><pre>-</pre></div>
          </div>
-        <?php
+          <?php
-        }
+          }
-        else {
+          foreach(mailbox_get_alias_domains($domain) as $alias_domain) {
-        ?>
+            if (!empty($dkim = dkim_get_key_details($alias_domain))) {
        <div class="row">
          <div class="col-xs-2 col-xs-offset-1">
            <p><small>↳ Alias-Domain: <strong><?=htmlspecialchars($alias_domain);?></strong><br /></small><span class="label label-danger"><?=$lang['admin']['dkim_key_missing'];?></span></p>
          </div>
        <div class="col-xs-8"><pre>-</pre></div>
        <div class="col-xs-1">&nbsp;</div>
        </div>
        <?php
        }
      }
    }
    foreach(dkim_get_blind_keys() as $blind) {
      if (!empty($dkim = dkim_get_key_details($blind))) {
      ?>
        <div class="row">
          <div class="col-xs-3">
            <p>Domain: <strong><?=htmlspecialchars($blind);?></strong><br /><span class="label label-warning"><?=$lang['admin']['dkim_key_unused'];?></span></p>
          </div>
            <div class="col-xs-8">
              <pre><?=$dkim['dkim_txt'];?></pre>
            </div>
            <div class="col-xs-1">
              <form class="form-inline" method="post">
                <input type="hidden" name="domain" value="<?=$blind;?>">
                <input type="hidden" name="dkim_delete_key" value="1">
                <a href="#" onclick="$(this).closest('form').submit()" data-toggle="tooltip" data-placement="top" title="<?=$lang['user']['delete_now'];?>"><span class="glyphicon glyphicon-remove"></span></a>
              </form>
            </div>
        </div>
      <?php
      }
    }
    ?>
    <legend style="margin-top:40px"><?=$lang['admin']['dkim_add_key'];?></legend>
    <form class="form-inline" role="form" method="post">
      <div class="form-group">
        <label for="domain">Domain</label>
        <input class="form-control" id="domain" name="domain" placeholder="example.org" required>
      </div>
      <div class="form-group">
        <select data-width="200px" class="form-control" id="key_size" name="key_size" title="<?=$lang['admin']['dkim_key_length'];?>" required>
          <option data-subtext="bits">1024</option>
          <option data-subtext="bits">2048</option>
        </select>
      </div>
      <button type="submit" name="dkim_add_key" class="btn btn-default"><span class="glyphicon glyphicon-plus"></span> <?=$lang['admin']['add'];?></button>
    </form>
  </div>
  </div>
  <div class="panel panel-default">
    <div class="panel-heading"><?=$lang['admin']['forwarding_hosts'];?></div>
    <div class="panel-body">
      <p style="margin-bottom:40px"><?=$lang['admin']['forwarding_hosts_hint'];?></p>
      <form method="post">
        <div class="table-responsive">
        <table class="table table-striped" id="forwardinghoststable">
          <thead>
          <tr>
            <th style="min-width: 100px;"><?=$lang['edit']['host'];?></th>
            <th style="min-width: 100px;"><?=$lang['edit']['source'];?></th>
            <th style="text-align: right; min-width: 200px;"><?=$lang['admin']['action'];?></th>
          </tr>
          </thead>
          <tbody>
            <?php
            $forwarding_hosts = get_forwarding_hosts();
            if ($forwarding_hosts) {
              foreach ($forwarding_hosts as $host) {
                $source = $host->source;
                $host = $host->host;
              ?>
              <tr id="data">
                <td><?=htmlspecialchars(strtolower($host));?></td>
                <td><?=htmlspecialchars(strtolower($source));?></td>
                <td style="text-align: right;">
                  <div class="btn-group">
                    <a href="delete.php?forwardinghost=<?=$host;?>" class="btn btn-xs btn-danger"><span class="glyphicon glyphicon-trash"></span> <?=$lang['admin']['remove'];?></a>
                  </div>
                </td>
                </td>
              </tr>
              <?php
              }
            } else {
            ?>
-              <tr id="no-data"><td colspan="4" style="text-align: center; font-style: italic;"><?=$lang['admin']['no_record'];?></td></tr>
+              <div class="row">
              <div class="col-xs-1"><input type="checkbox" data-id="dkim" name="multi_select" value="<?=$alias_domain;?>" /></div>
                <div class="col-xs-1 col-xs-offset-1">
                  <p><small>↳ Alias-Domain: <strong><?=htmlspecialchars($alias_domain);?></strong><br /></small>
                    <span class="label label-success"><?=$lang['admin']['dkim_key_valid'];?></span>
                    <span class="label label-primary">Selector '<?=$dkim['dkim_selector'];?>'</span>
                    <span class="label label-info"><?=$dkim['length'];?> bit</span>
                </p>
                </div>
                <div class="col-xs-9">
                  <pre><?=$dkim['dkim_txt'];?></pre>
                </div>
              </div>
            <?php
            }
            else {
            ?>
-          </tbody>
+            <div class="row">
-        </table>
+              <div class="col-xs-1"><input type="checkbox" data-id="dkim" name="multi_select" value="<?=$domain;?>" disabled /></div>
-        </div>
+              <div class="col-xs-1 col-xs-offset-1">
-      </form>
+                <p><small>↳ Alias-Domain: <strong><?=htmlspecialchars($alias_domain);?></strong><br /></small><span class="label label-danger"><?=$lang['admin']['dkim_key_missing'];?></span></p>
-      <legend><?=$lang['admin']['add_forwarding_host'];?></legend>
+              </div>
-      <p class="help-block"><?=$lang['admin']['forwarding_hosts_add_hint'];?></p>
+            <div class="col-xs-9"><pre>-</pre></div>
-      <form class="form-horizontal" role="form" method="post">
+            </div>
-        <div class="form-group">
+            <?php
-          <label class="control-label col-sm-2" for="hostname"><?=$lang['edit']['host'];?>:</label>
+            }
-          <div class="col-sm-10">
+          }
-            <input type="text" class="form-control" name="hostname" id="hostname" required>
+        }
        foreach(dkim_get_blind_keys() as $blind) {
          if (!empty($dkim = dkim_get_key_details($blind))) {
          ?>
            <div class="row">
              <div class="col-xs-1"><input type="checkbox" data-id="dkim" name="multi_select" value="<?=$blind;?>" /></div>
              <div class="col-xs-2">
                <p>Domain: <strong><?=htmlspecialchars($blind);?></strong><br />
                  <span class="label label-warning"><?=$lang['admin']['dkim_key_unused'];?></span>
                  <span class="label label-primary">Selector '<?=$dkim['dkim_selector'];?>'</span>
                  <span class="label label-info"><?=$dkim['length'];?> bit</span>
                </p>
                </div>
                <div class="col-xs-9">
                  <pre><?=$dkim['dkim_txt'];?></pre>
                </div>
            </div>
          <?php
          }
        }
        ?>
        <legend style="margin-top:40px"><?=$lang['admin']['dkim_add_key'];?></legend>
        <form class="form-inline" role="form" method="post">
          <div class="form-group">
            <label for="domain">Domain</label>
            <input class="form-control" id="domain" name="domain" placeholder="example.org" required>
          </div>
          <div class="form-group">
            <label for="domain">Selector</label>
            <input class="form-control" id="dkim_selector" name="dkim_selector" value="dkim" required>
          </div>
          <div class="form-group">
            <select data-width="200px" class="form-control" id="key_size" name="key_size" title="<?=$lang['admin']['dkim_key_length'];?>" required>
              <option data-subtext="bits">1024</option>
              <option data-subtext="bits">2048</option>
            </select>
          </div>
          <button type="submit" name="dkim_add_key" class="btn btn-default"><span class="glyphicon glyphicon-plus"></span> <?=$lang['admin']['add'];?></button>
        </form>
      </div>
    </div>
    <div class="panel panel-default">
      <div class="panel-heading"><?=$lang['admin']['forwarding_hosts'];?></div>
      <div class="panel-body">
        <p style="margin-bottom:40px"><?=$lang['admin']['forwarding_hosts_hint'];?></p>
        <div class="mass-actions-admin">
          <div class="btn-group btn-group-sm">
            <button type="button" id="toggle_multi_select_all" data-id="fwdhosts" class="btn btn-default"><?=$lang['mailbox']['toggle_all'];?></button>
            <button type="button" id="delete_selected" name="delete_selected" data-id="fwdhosts" data-api-url="delete/fwdhost" class="btn btn-danger"><?=$lang['admin']['remove'];?></button>
          </div>
        </div>
-        <div class="form-group">
+        <div class="table-responsive">
-          <div class="col-sm-offset-2 col-sm-10">
+          <table class="table table-striped" id="forwardinghoststable"></table>
            <button type="submit" name="add_forwarding_host" class="btn btn-default"><?=$lang['admin']['add'];?></button>
          </div>
        </div>
-      </form>
+        <legend><?=$lang['admin']['add_forwarding_host'];?></legend>
        <p class="help-block"><?=$lang['admin']['forwarding_hosts_add_hint'];?></p>
        <form class="form-inline" role="form" method="post">
          <div class="form-group">
            <label for="hostname"><?=$lang['admin']['host'];?></label>
            <input class="form-control" id="hostname" name="hostname" placeholder="example.org" required>
          </div>
          <div class="form-group">
            <select data-width="200px" class="form-control" id="filter_spam" name="filter_spam" title="<?=$lang['user']['spamfilter'];?>" required>
              <option value="1"><?=$lang['admin']['active'];?></option>
              <option value="0"><?=$lang['admin']['inactive'];?></option>
            </select>
          </div>
          <button type="submit" name="add_forwarding_host" class="btn btn-default"><span class="glyphicon glyphicon-plus"></span> <?=$lang['admin']['add'];?></button>
        </form>
      </div>
    </div>
  </div>
  <div role="tabpanel" class="tab-pane" id="tab-logs">
    <div class="panel panel-default">
      <div class="panel-heading">Dovecot
        <div class="btn-group pull-right">
          <a class="btn btn-xs btn-default dropdown-toggle" data-toggle="dropdown" href="#"><?=$lang['admin']['action'];?> <span class="caret"></span></a>
          <ul class="dropdown-menu">
            <li><a href="#" id="refresh_dovecot_log"><?=$lang['admin']['refresh'];?></a></li>
          </ul>
        </div>
      </div>
      <div class="panel-body">
        <div class="table-responsive">
          <table class="table table-striped" id="dovecot_log"></table>
        </div>
      </div>
    </div>
    <div class="panel panel-default">
      <div class="panel-heading">Postfix
        <div class="btn-group pull-right">
          <a class="btn btn-xs btn-default dropdown-toggle" data-toggle="dropdown" href="#"><?=$lang['admin']['action'];?> <span class="caret"></span></a>
          <ul class="dropdown-menu">
            <li><a href="#" id="refresh_postfix_log"><?=$lang['admin']['refresh'];?></a></li>
          </ul>
        </div>
      </div>
      <div class="panel-body">
        <div class="table-responsive">
          <table class="table table-striped" id="postfix_log"></table>
        </div>
      </div>
    </div>
    <div class="panel panel-default">
      <div class="panel-heading">SOGo
        <div class="btn-group pull-right">
          <a class="btn btn-xs btn-default dropdown-toggle" data-toggle="dropdown" href="#"><?=$lang['admin']['action'];?> <span class="caret"></span></a>
          <ul class="dropdown-menu">
            <li><a href="#" id="refresh_sogo_log"><?=$lang['admin']['refresh'];?></a></li>
          </ul>
        </div>
      </div>
      <div class="panel-body">
        <div class="table-responsive">
          <table class="table table-striped" id="sogo_log"></table>
        </div>
      </div>
    </div>
  </div>
  </div>
 </div> <!-- /container -->
 <script type='text/javascript'>
 <?php
--- a/data/web/css/admin.css
+++ b/data/web/css/admin.css
@ -10,4 +10,12 @@ table.footable>tbody>tr.footable-empty>td {
 }
 .table-responsive {
  overflow: visible !important;
 }
 body {
  overflow-y:scroll;
 }
 /* Fix modal moving content left */
 body.modal-open {
  overflow-y:scroll;
  padding-right: inherit !important;
 }
--- a/data/web/css/animate.min.css
+++ b/data/web/css/animate.min.css
--- a/data/web/css/mailbox.css
+++ b/data/web/css/mailbox.css
@ -13,21 +13,12 @@ table.footable>tbody>tr.footable-empty>td {
 }
 .footer-add-item {
  display:block;
  text-align: center;
  font-style: italic;
  padding: 10px;
  background: #F5F5F5;
 }
-.mass-each-action {
+
  padding: 0 3px 0 3px;
  user-select: none;
 }
 .mass-actions {
  user-select: none;
  padding:10px;
 }
 .mass-select-all {
  cursor:pointer;
  color:#555;
 }
 #alias_table {
  cursor:pointer;
 }
@ -38,4 +29,4 @@ table.footable>tbody>tr.footable-empty>td {
  .container {
      width: 80%;
  }
-}
+}
--- a/data/web/css/mailcow.css
+++ b/data/web/css/mailcow.css
@ -55,4 +55,19 @@ body.modal-open {
  overflow: inherit;
  padding-right: inherit !important;
 }
-
+#mailcow-alert {
  position: fixed;
  bottom: 8px;
  right: 25px;
  min-width: 350px;
  max-width: 550px;
  z-index: 2000;
 }
 .mass-actions-mailbox {
  user-select: none;
  padding:10px 0 10px 10px;
 }
 .mass-actions-admin {
  user-select: none;
  padding:10px 0 10px 0;
 }
--- a/data/web/edit.php
+++ b/data/web/edit.php
@ -26,7 +26,8 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 					<h4><?=$lang['edit']['alias'];?></h4>
 					<br />
 					<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
-					<input type="hidden" name="address" value="<?=htmlspecialchars($alias);?>">
+						<input type="hidden" value="0" name="active">
 						<input type="hidden" name="address" value="<?=htmlspecialchars($alias);?>">
 						<div class="form-group">
 							<label class="control-label col-sm-2" for="goto"><?=$lang['edit']['target_address'];?></label>
 							<div class="col-sm-10">
@ -36,7 +37,7 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 						<div class="form-group">
 							<div class="col-sm-offset-2 col-sm-10">
 								<div class="checkbox">
-								<label><input type="checkbox" name="active" <?php if (isset($result['active_int']) && $result['active_int']=="1") { echo "checked"; }; ?>> <?=$lang['edit']['active'];?></label>
+								<label><input type="checkbox" value="1" name="active" <?php if (isset($result['active_int']) && $result['active_int']=="1") { echo "checked"; }; ?>> <?=$lang['edit']['active'];?></label>
 								</div>
 							</div>
 						</div>
@ -66,7 +67,8 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 				<h4><?=$lang['edit']['domain_admin'];?></h4>
 				<br />
 				<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
-				<input type="hidden" name="username_now" value="<?=htmlspecialchars($domain_admin);?>">
+					<input type="hidden" value="0" name="active">
 					<input type="hidden" name="username_now" value="<?=htmlspecialchars($domain_admin);?>">
 					<div class="form-group">
 						<label class="control-label col-sm-2" for="username"><?=$lang['edit']['username'];?></label>
 						<div class="col-sm-10">
@ -107,14 +109,14 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="active" <?php if (isset($result['active_int']) && $result['active_int']=="1") { echo "checked"; }; ?>> <?=$lang['edit']['active'];?></label>
+							<label><input type="checkbox" value="1" name="active" <?php if (isset($result['active_int']) && $result['active_int']=="1") { echo "checked"; }; ?>> <?=$lang['edit']['active'];?></label>
 							</div>
 						</div>
 					</div>
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="disable_tfa"> <?=$lang['tfa']['disable_tfa'];?></label>
+							<label><input type="checkbox" value="1" name="disable_tfa"> <?=$lang['tfa']['disable_tfa'];?></label>
 							</div>
 						</div>
 					</div>
@ -141,7 +143,10 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 			?>
 				<h4><?=$lang['edit']['domain'];?></h4>
 				<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
-				<input type="hidden" name="domain" value="<?=htmlspecialchars($domain);?>">
+					<input type="hidden" value="0" name="active">
 					<input type="hidden" value="0" name="backupmx">
 					<input type="hidden" value="0" name="relay_all_recipients">
 					<input type="hidden" name="domain" value="<?=htmlspecialchars($domain);?>">
 					<div class="form-group">
 						<label class="control-label col-sm-2" for="description"><?=$lang['edit']['description'];?></label>
 						<div class="col-sm-10">
@ -179,9 +184,9 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 						<label class="control-label col-sm-2"><?=$lang['edit']['backup_mx_options'];?></label>
 						<div class="col-sm-10">
 							<div class="checkbox">
-								<label><input type="checkbox" name="backupmx" <?=(isset($result['backupmx_int']) && $result['backupmx_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['relay_domain'];?></label>
+								<label><input type="checkbox" value="1" name="backupmx" <?=(isset($result['backupmx_int']) && $result['backupmx_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['relay_domain'];?></label>
 								<br />
-								<label><input type="checkbox" name="relay_all_recipients" <?=(isset($result['relay_all_recipients_int']) && $result['relay_all_recipients_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['relay_all'];?></label>
+								<label><input type="checkbox" value="1" name="relay_all_recipients" <?=(isset($result['relay_all_recipients_int']) && $result['relay_all_recipients_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['relay_all'];?></label>
 								<p><?=$lang['edit']['relay_all_info'];?></p>
 							</div>
 						</div>
@ -192,7 +197,7 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-								<label><input type="checkbox" name="active" <?=(isset($result['active_int']) && $result['active_int']=="1") ? "checked" : null;?> <?=($_SESSION['mailcow_cc_role'] == "admin") ? null : "disabled";?>> <?=$lang['edit']['active'];?></label>
+								<label><input type="checkbox" value="1" name="active" <?=(isset($result['active_int']) && $result['active_int']=="1") ? "checked" : null;?> <?=($_SESSION['mailcow_cc_role'] == "admin") ? null : "disabled";?>> <?=$lang['edit']['active'];?></label>
 							</div>
 						</div>
 					</div>
@ -244,9 +249,9 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
              <?php
              if ($wl['object'] == $domain):
              ?>
-                <input type="hidden" name="delete_prefid" value="<?=$wl['prefid'];?>">
+							<input type="hidden" name="delete_prefid" value="<?=$wl['prefid'];?>">
-                <input type="hidden" name="delete_policy_list_item">
+							<input type="hidden" name="delete_policy_list_item">
-                <input type="hidden" name="domain" value="<?=$domain;?>">
+							<input type="hidden" name="domain" value="<?=$domain;?>">
                <a href="#" onclick="$(this).closest('form').submit()" data-toggle="tooltip" data-placement="left" title="<?=$lang['user']['delete_now'];?>"><span class="glyphicon glyphicon-remove"></span></a>
              <?php
              else:
@ -297,12 +302,12 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
            <form class="form-inline" method="post">
            <div class="col-xs-6"><code><?=$bl['value'];?></code></div>
            <div class="col-xs-6">
-              <input type="hidden" name="delete_prefid" value="<?=$bl['prefid'];?>">
+							<input type="hidden" name="delete_prefid" value="<?=$bl['prefid'];?>">
              <?php
              if ($bl['object'] == $domain):
              ?>
-                <input type="hidden" name="delete_policy_list_item">
+								<input type="hidden" name="delete_policy_list_item">
-                <input type="hidden" name="domain" value="<?=$domain;?>">
+								<input type="hidden" name="domain" value="<?=$domain;?>">
                <a href="#" onclick="$(this).closest('form').submit()" data-toggle="tooltip" data-placement="left" title="<?=$lang['user']['delete_now'];?>"><span class="glyphicon glyphicon-remove"></span></a>
              <?php
              else:
@ -350,17 +355,18 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 			?>
 				<h4><?=$lang['edit']['edit_alias_domain'];?></h4>
 				<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
-					<input type="hidden" name="alias_domain_now" value="<?=htmlspecialchars($alias_domain);?>">
+					<input type="hidden" value="0" name="active">
 					<input type="hidden" value="<?=$result['alias_domain'];?>" name="alias_domain">
 					<div class="form-group">
-						<label class="control-label col-sm-2" for="alias_domain"><?=$lang['edit']['alias_domain'];?></label>
+						<label class="control-label col-sm-2" for="target_domain"><?=$lang['edit']['target_domain'];?></label>
 						<div class="col-sm-10">
-							<input type="text" class="form-control" name="alias_domain" id="alias_domain" value="<?=htmlspecialchars($result['alias_domain']);?>">
+							<input type="text" class="form-control" name="target_domain" id="target_domain" value="<?=htmlspecialchars($result['target_domain']);?>">
 						</div>
 					</div>
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-								<label><input type="checkbox" name="active" <?=(isset($result['active_int']) && $result['active_int']=="1") ?  "checked" : null ?>> <?=$lang['edit']['active'];?></label>
+								<label><input type="checkbox" value="1" name="active" <?=(isset($result['active_int']) && $result['active_int']=="1") ?  "checked" : null ?>> <?=$lang['edit']['active'];?></label>
 							</div>
 						</div>
 					</div>
@ -398,7 +404,9 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
      ?>
      <h4><?=$lang['edit']['mailbox'];?></h4>
      <form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
-      <input type="hidden" name="username" value="<?=htmlspecialchars($result['username']);?>">
+				<input type="hidden" value="0" name="sender_acl">
 				<input type="hidden" value="0" name="active">
 				<input type="hidden" name="username" value="<?=htmlspecialchars($result['username']);?>">
        <div class="form-group">
          <label class="control-label col-sm-2" for="name"><?=$lang['edit']['full_name'];?>:</label>
          <div class="col-sm-10">
@ -481,7 +489,7 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
        <div class="form-group">
          <div class="col-sm-offset-2 col-sm-10">
            <div class="checkbox">
-            <label><input type="checkbox" name="active" <?=($result['active_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['active'];?></label>
+            <label><input type="checkbox" value="1" name="active" <?=($result['active_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['active'];?></label>
            </div>
          </div>
        </div>
@ -501,6 +509,8 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
        ?>
 				<h4><?=$lang['edit']['resource'];?></h4>
 				<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
          <input type="hidden" value="0" name="active">
          <input type="hidden" value="0" name="multiple_bookings">
          <input type="hidden" name="name" value="<?=htmlspecialchars($result['name']);?>">
 					<div class="form-group">
 						<label class="control-label col-sm-2" for="description"><?=$lang['add']['description'];?></label>
@ -521,14 +531,14 @@ if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "adm
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="active" <?=($result['active_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['active'];?></label>
+							<label><input type="checkbox" value="1" name="active" <?=($result['active_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['active'];?></label>
 							</div>
 						</div>
 					</div>
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="multiple_bookings" <?=($result['multiple_bookings_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['multiple_bookings'];?></label>
+							<label><input type="checkbox" value="1" name="multiple_bookings" <?=($result['multiple_bookings_int']=="1") ? "checked" : null;?>> <?=$lang['edit']['multiple_bookings'];?></label>
 							</div>
 						</div>
 					</div>
@ -561,7 +571,10 @@ elseif (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] ==
 			?>
 				<h4><?=$lang['edit']['syncjob'];?></h4>
 				<form class="form-horizontal" role="form" method="post" action="<?=($FORM_ACTION == "previous") ? $_SESSION['return_to'] : null;?>">
-				<input type="hidden" name="id" value="<?=htmlspecialchars($result['id']);?>">
+          <input type="hidden" value="0" name="delete2duplicates">
          <input type="hidden" value="0" name="delete1">
          <input type="hidden" value="0" name="active">
          <input type="hidden" name="id" value="<?=htmlspecialchars($result['id']);?>">
 					<div class="form-group">
 						<label class="control-label col-sm-2" for="host1"><?=$lang['edit']['hostname'];?></label>
 						<div class="col-sm-10">
@ -623,21 +636,21 @@ elseif (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] ==
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="delete2duplicates" <?=($result['delete2duplicates']=="1") ? "checked" : "";?>> <?=$lang['edit']['delete2duplicates'];?></label>
+							<label><input type="checkbox" value="1" name="delete2duplicates" <?=($result['delete2duplicates']=="1") ? "checked" : "";?>> <?=$lang['edit']['delete2duplicates'];?></label>
 							</div>
 						</div>
 					</div>
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="delete1" <?=($result['delete1']=="1") ? "checked" : "";?>> <?=$lang['edit']['delete1'];?></label>
+							<label><input type="checkbox" value="1" name="delete1" <?=($result['delete1']=="1") ? "checked" : "";?>> <?=$lang['edit']['delete1'];?></label>
 							</div>
 						</div>
 					</div>
 					<div class="form-group">
 						<div class="col-sm-offset-2 col-sm-10">
 							<div class="checkbox">
-							<label><input type="checkbox" name="active" <?=($result['active']=="1") ? "checked" : "";?>> <?=$lang['edit']['active'];?></label>
+							<label><input type="checkbox" value="1" name="active" <?=($result['active']=="1") ? "checked" : "";?>> <?=$lang['edit']['active'];?></label>
 							</div>
 						</div>
 					</div>
--- a/data/web/inc/footer.inc.php
+++ b/data/web/inc/footer.inc.php
@ -19,6 +19,9 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admi
 		</div>
 	</div>
 </div>
 <?php
 endif;
 ?>
 <div id="ConfirmDeleteModal" class="modal fade" role="dialog">
 	<div class="modal-dialog">
 		<div class="modal-content">
@ -36,14 +39,12 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admi
 		</div>
 	</div>
 </div>
 <?php
 endif;
 ?>
 <div style="margin-bottom:100px"></div>
 <script src="//cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.6/js/bootstrap.min.js"></script>
 <script src="/js/bootstrap-switch.min.js"></script>
 <script src="/js/bootstrap-slider.min.js"></script>
 <script src="/js/bootstrap-select.min.js"></script>
 <script src="/js/notifications.min.js"></script>
 <script src="/js/u2f-api.js"></script>
 <script>
 // Select language and reopen active URL without POST
@ -53,6 +54,12 @@ function setLang(sel) {
 }
 $(document).ready(function() {
  function mailcow_alert_box(message, type) {
    $.notify({message: message},{type: type,placement: {from: "bottom",align: "right"},animate: {enter: 'animated fadeInUp',exit: 'animated fadeOutDown'}});
  }
  <?php if (isset($_SESSION['return'])): ?>
  mailcow_alert_box("<?=$_SESSION['return']['msg'];?>",  "<?=$_SESSION['return']['type'];?>");
  <?php endif; unset($_SESSION['return']); ?>
  // Confirm TFA modal
  <?php if (isset($_SESSION['pending_tfa_method'])):?>
  $('#ConfirmTFAModal').modal({
@ -220,21 +227,7 @@ $(document).ready(function() {
 	});
 });
 </script>
-<?php
+
 if (isset($_SESSION['return'])):
 ?>
 <div class="container">
 	<div style="position:fixed;bottom:8px;right:25px;min-width:300px;max-width:350px;z-index:2000">
 		<div <?=($_SESSION['return']['type'] == 'danger') ? null : 'id="alert-fade"'?> class="alert alert-<?=$_SESSION['return']['type'];?>" role="alert">
 		<a href="#" class="close" data-dismiss="alert"> &times;</a>
 		<?=htmlspecialchars($_SESSION['return']['msg']);?>
 		</div>
 	</div>
 </div>
 <?php
 unset($_SESSION['return']);
 endif;
 ?>
 </body>
 </html>
 <?php $stmt = null; $pdo = null; ?>
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
--- a/data/web/inc/header.inc.php
+++ b/data/web/inc/header.inc.php
@ -18,6 +18,7 @@
 <link rel="stylesheet" href="/css/footable.bootstrap.min.css">
 <link rel="stylesheet" href="/inc/languages.min.css">
 <link rel="stylesheet" href="/css/mailcow.css">
 <link rel="stylesheet" href="/css/animate.min.css">
 <?=(preg_match("/mailbox.php/i", $_SERVER['REQUEST_URI'])) ? '<link rel="stylesheet" href="/css/mailbox.css">' : null;?>
 <?=(preg_match("/admin.php/i", $_SERVER['REQUEST_URI'])) ? '<link rel="stylesheet" href="/css/admin.css">' : null;?>
 <link rel="shortcut icon" href="/favicon.png" type="image/png">
--- a/data/web/inc/init_db.inc.php
+++ b/data/web/inc/init_db.inc.php
@ -3,7 +3,7 @@ function init_db_schema() {
  try {
    global $pdo;
-    $db_version = "01052017_1702";
+    $db_version = "07052017_0824";
    $stmt = $pdo->query("SHOW TABLES LIKE 'versions'"); 
    $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@ -268,7 +268,8 @@ function init_db_schema() {
      "forwarding_hosts" => array(
        "cols" => array(
          "host" => "VARCHAR(255) NOT NULL",
-          "source" => "VARCHAR(255) NOT NULL"
+          "source" => "VARCHAR(255) NOT NULL",
          "filter_spam" => "TINYINT(1) NOT NULL DEFAULT '0'"
        ),
        "keys" => array(
          "primary" => array(
--- a/data/web/inc/lib/composer.json
+++ b/data/web/inc/lib/composer.json
@ -1,6 +1,7 @@
 {
    "require": {
        "robthree/twofactorauth": "^1.6",
-        "yubico/u2flib-server": "^1.0"
+        "yubico/u2flib-server": "^1.0",
        "owasp/csrf-protector-php": "dev-master"
    }
 }
--- a/data/web/inc/lib/composer.lock
+++ b/data/web/inc/lib/composer.lock
@ -4,8 +4,44 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
        "This file is @generated automatically"
    ],
-    "content-hash": "5652a086b6d277d72d7ae0341e517b1e",
+    "content-hash": "413fc63dc6c7815f0a175217bccb490a",
    "packages": [
        {
            "name": "owasp/csrf-protector-php",
            "version": "dev-master",
            "source": {
                "type": "git",
                "url": "https://github.com/mebjas/CSRF-Protector-PHP.git",
                "reference": "aec0d6966992363a7192b2ae9fb0a9643e8fa26b"
            },
            "dist": {
                "type": "zip",
                "url": "https://api.github.com/repos/mebjas/CSRF-Protector-PHP/zipball/aec0d6966992363a7192b2ae9fb0a9643e8fa26b",
                "reference": "aec0d6966992363a7192b2ae9fb0a9643e8fa26b",
                "shasum": ""
            },
            "require-dev": {
                "satooshi/php-coveralls": "~1.0"
            },
            "type": "library",
            "autoload": {
                "classmap": [
                    "libs/csrf/"
                ]
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
                "APACHE"
            ],
            "description": "CSRF protector php, a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app.",
            "homepage": "https://github.com/mebjas/CSRF-Protector-PHP",
            "keywords": [
                "csrf",
                "owasp",
                "security"
            ],
            "time": "2017-04-12T05:47:07+00:00"
        },
        {
            "name": "robthree/twofactorauth",
            "version": "1.6",
@ -59,20 +95,24 @@
        },
        {
            "name": "yubico/u2flib-server",
-            "version": "1.0.0",
+            "version": "1.0.1",
            "source": {
                "type": "git",
                "url": "https://github.com/Yubico/php-u2flib-server.git",
-                "reference": "407eb21da24150aad30bcd8cc0ee72963eac5e9d"
+                "reference": "dc318c80b59e62921c210f31b014def26ceebbab"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/Yubico/php-u2flib-server/zipball/407eb21da24150aad30bcd8cc0ee72963eac5e9d",
+                "url": "https://api.github.com/repos/Yubico/php-u2flib-server/zipball/dc318c80b59e62921c210f31b014def26ceebbab",
-                "reference": "407eb21da24150aad30bcd8cc0ee72963eac5e9d",
+                "reference": "dc318c80b59e62921c210f31b014def26ceebbab",
                "shasum": ""
            },
            "require": {
-                "ext-openssl": "*"
+                "ext-openssl": "*",
                "php": ">=5.6"
            },
            "require-dev": {
                "phpunit/phpunit": "~5.7"
            },
            "type": "library",
            "autoload": {
@ -86,13 +126,15 @@
            ],
            "description": "Library for U2F implementation",
            "homepage": "https://developers.yubico.com/php-u2flib-server",
-            "time": "2016-02-19T09:47:51+00:00"
+            "time": "2017-05-09T07:33:58+00:00"
        }
    ],
    "packages-dev": [],
    "aliases": [],
    "minimum-stability": "stable",
-    "stability-flags": [],
+    "stability-flags": {
        "owasp/csrf-protector-php": 20
    },
    "prefer-stable": false,
    "prefer-lowest": false,
    "platform": [],
--- a/data/web/inc/lib/vendor/composer/autoload_classmap.php
+++ b/data/web/inc/lib/vendor/composer/autoload_classmap.php
@ -6,6 +6,14 @@ $vendorDir = dirname(dirname(__FILE__));
 $baseDir = dirname($vendorDir);
 return array(
    'alreadyInitializedException' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
    'baseJSFileNotFoundExceptio' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
    'configFileNotFoundException' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
    'csrfProtector' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
    'incompleteConfigurationException' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
    'jsFileNotFoundException' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
    'logDirectoryNotFoundException' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
    'logFileWriteError' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
    'u2flib_server\\Error' => $vendorDir . '/yubico/u2flib-server/src/u2flib_server/U2F.php',
    'u2flib_server\\RegisterRequest' => $vendorDir . '/yubico/u2flib-server/src/u2flib_server/U2F.php',
    'u2flib_server\\Registration' => $vendorDir . '/yubico/u2flib-server/src/u2flib_server/U2F.php',
--- a/data/web/inc/lib/vendor/composer/autoload_static.php
+++ b/data/web/inc/lib/vendor/composer/autoload_static.php
@ -21,6 +21,14 @@ class ComposerStaticInit873464e4bd965a3168f133248b1b218b
    );
    public static $classMap = array (
        'alreadyInitializedException' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
        'baseJSFileNotFoundExceptio' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
        'configFileNotFoundException' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
        'csrfProtector' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
        'incompleteConfigurationException' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
        'jsFileNotFoundException' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
        'logDirectoryNotFoundException' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
        'logFileWriteError' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php',
        'u2flib_server\\Error' => __DIR__ . '/..' . '/yubico/u2flib-server/src/u2flib_server/U2F.php',
        'u2flib_server\\RegisterRequest' => __DIR__ . '/..' . '/yubico/u2flib-server/src/u2flib_server/U2F.php',
        'u2flib_server\\Registration' => __DIR__ . '/..' . '/yubico/u2flib-server/src/u2flib_server/U2F.php',
--- a/data/web/inc/lib/vendor/composer/installed.json
+++ b/data/web/inc/lib/vendor/composer/installed.json
@ -53,24 +53,66 @@
        ]
    },
    {
-        "name": "yubico/u2flib-server",
+        "name": "owasp/csrf-protector-php",
-        "version": "1.0.0",
+        "version": "dev-master",
-        "version_normalized": "1.0.0.0",
+        "version_normalized": "9999999-dev",
        "source": {
            "type": "git",
-            "url": "https://github.com/Yubico/php-u2flib-server.git",
+            "url": "https://github.com/mebjas/CSRF-Protector-PHP.git",
-            "reference": "407eb21da24150aad30bcd8cc0ee72963eac5e9d"
+            "reference": "aec0d6966992363a7192b2ae9fb0a9643e8fa26b"
        },
        "dist": {
            "type": "zip",
-            "url": "https://api.github.com/repos/Yubico/php-u2flib-server/zipball/407eb21da24150aad30bcd8cc0ee72963eac5e9d",
+            "url": "https://api.github.com/repos/mebjas/CSRF-Protector-PHP/zipball/aec0d6966992363a7192b2ae9fb0a9643e8fa26b",
-            "reference": "407eb21da24150aad30bcd8cc0ee72963eac5e9d",
+            "reference": "aec0d6966992363a7192b2ae9fb0a9643e8fa26b",
            "shasum": ""
        },
        "require-dev": {
            "satooshi/php-coveralls": "~1.0"
        },
        "time": "2017-04-12T05:47:07+00:00",
        "type": "library",
        "installation-source": "source",
        "autoload": {
            "classmap": [
                "libs/csrf/"
            ]
        },
        "notification-url": "https://packagist.org/downloads/",
        "license": [
            "APACHE"
        ],
        "description": "CSRF protector php, a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app.",
        "homepage": "https://github.com/mebjas/CSRF-Protector-PHP",
        "keywords": [
            "csrf",
            "owasp",
            "security"
        ]
    },
    {
        "name": "yubico/u2flib-server",
        "version": "1.0.1",
        "version_normalized": "1.0.1.0",
        "source": {
            "type": "git",
            "url": "https://github.com/Yubico/php-u2flib-server.git",
            "reference": "dc318c80b59e62921c210f31b014def26ceebbab"
        },
        "dist": {
            "type": "zip",
            "url": "https://api.github.com/repos/Yubico/php-u2flib-server/zipball/dc318c80b59e62921c210f31b014def26ceebbab",
            "reference": "dc318c80b59e62921c210f31b014def26ceebbab",
            "shasum": ""
        },
        "require": {
-            "ext-openssl": "*"
+            "ext-openssl": "*",
            "php": ">=5.6"
        },
-        "time": "2016-02-19T09:47:51+00:00",
+        "require-dev": {
            "phpunit/phpunit": "~5.7"
        },
        "time": "2017-05-09T07:33:58+00:00",
        "type": "library",
        "installation-source": "dist",
        "autoload": {
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/.coveralls.yml
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/.coveralls.yml
@ -0,0 +1,4 @@
 service_name: travis-ci
 src_dir: ./libs/
 coverage_clover: build/logs/clover.xml
 json_path: build/logs/coveralls-upload.json
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/.travis.yml
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/.travis.yml
@ -0,0 +1,46 @@
 language: php
 php:
  - "5.6"
  - "5.5"
  - "5.4"
  - "5.3"
  - "7.0"
  - "7.1"
  - hhvm
  - nightly
 matrix:
    allow_failures:
    - php: nightly
    - php: hhvm
 os:
  - linux
 install:
  # Install composer packages, will also trigger dump-autoload
  - composer install --no-interaction
  # Install coveralls.phar
  - wget -c -nc --retry-connrefused --tries=0 https://github.com/satooshi/php-coveralls/releases/download/v1.0.1/coveralls.phar
  - chmod +x coveralls.phar
  - php coveralls.phar --version
 before_script:
    - mkdir -p build/logs
    - ls -al
 script:
 - mkdir -p build/logs
 - if [ $(phpenv version-name) = 'hhvm' ]; then echo 'xdebug.enable=1' >> /etc/hhvm/php.ini; fi
 - phpunit --stderr --coverage-clover build/logs/clover.xml
 after_script:
 - php vendor/bin/coveralls -v
 after_success:
 - travis_retry php coveralls.phar -v
 cache:
  directories:
  - vendor
  - $HOME/.cache/composer
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/composer.json
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/composer.json
@ -0,0 +1,14 @@
 {   
    "name": "owasp/csrf-protector-php",
    "type": "library",
    "description": "CSRF protector php, a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app.",
    "keywords": ["security","csrf", "owasp"],
    "homepage": "https://github.com/mebjas/CSRF-Protector-PHP",
    "license": "APACHE",
    "require-dev": {
        "satooshi/php-coveralls": "~1.0"
    },
    "autoload": {
        "classmap": ["libs/csrf/"]
    }
 }
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/files/libs/csrf/csrfprotector-php.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/files/libs/csrf/csrfprotector-php.html
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index.html
@ -0,0 +1 @@
 <html><head><meta http-equiv="Refresh" CONTENT="0; URL=files/libs/csrf/csrfprotector-php.html"></head></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Files.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Files.html
@ -0,0 +1,33 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>File Index</title><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script><script language=JavaScript src="../javascript/searchdata.js"></script></head><body class="IndexPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=IPageTitle>File Index</div><div class=INavigationBar>$#! &middot; 0-9 &middot; A &middot; B &middot; <a href="#C">C</a> &middot; D &middot; E &middot; F &middot; G &middot; H &middot; I &middot; J &middot; K &middot; L &middot; M &middot; N &middot; O &middot; P &middot; Q &middot; R &middot; S &middot; T &middot; U &middot; V &middot; W &middot; X &middot; Y &middot; Z</div><table border=0 cellspacing=0 cellpadding=0><tr><td class=IHeading id=IFirstHeading><a name="C"></a>C</td><td></td></tr><tr><td class=ISymbolPrefix id=IOnlySymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#csrfprotector.php"  class=ISymbol>csrfprotector.php</a></td></tr></table>
 <!--START_ND_TOOLTIPS-->
 <!--END_ND_TOOLTIPS-->
 </div><!--Index-->
 <div id=Footer><a href="http://www.naturaldocs.org">Generated by Natural Docs</a></div><!--Footer-->
 <div id=Menu><div class=MEntry><div class=MFile><a href="../files/libs/csrf/csrfprotector-php.html">csrfprotector.php</a></div></div><div class=MEntry><div class=MGroup><a href="javascript:ToggleMenu('MGroupContent1')">Index</a><div class=MGroupContent id=MGroupContent1><div class=MEntry><div class=MIndex><a href="General.html">Everything</a></div></div><div class=MEntry><div class=MIndex id=MSelected>Files</div></div><div class=MEntry><div class=MIndex><a href="Functions.html">Functions</a></div></div><div class=MEntry><div class=MIndex><a href="Variables.html">Variables</a></div></div></div></div></div><script type="text/javascript"><!--
 var searchPanel = new SearchPanel("searchPanel", "HTML", "../search");
 --></script><div id=MSearchPanel class=MSearchPanelInactive><input type=text id=MSearchField value=Search onFocus="searchPanel.OnSearchFieldFocus(true)" onBlur="searchPanel.OnSearchFieldFocus(false)" onKeyUp="searchPanel.OnSearchFieldChange()"><select id=MSearchType onFocus="searchPanel.OnSearchTypeFocus(true)" onBlur="searchPanel.OnSearchTypeFocus(false)" onChange="searchPanel.OnSearchTypeChange()"><option  id=MSearchEverything selected value="General">Everything</option><option value="Files">Files</option><option value="Functions">Functions</option><option value="Variables">Variables</option></select></div></div><!--Menu-->
 <div id=MSearchResultsWindow><iframe src="" frameborder=0 name=MSearchResults id=MSearchResults></iframe><a href="javascript:searchPanel.CloseResultsWindow()" id=MSearchResultsWindowClose>Close</a></div>
 <script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Functions.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Functions.html
@ -0,0 +1,65 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Function Index</title><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script><script language=JavaScript src="../javascript/searchdata.js"></script></head><body class="IndexPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=IPageTitle>Function Index</div><div class=INavigationBar>$#! &middot; 0-9 &middot; <a href="#A">A</a> &middot; B &middot; <a href="#C">C</a> &middot; D &middot; E &middot; <a href="#F">F</a> &middot; <a href="#G">G</a> &middot; H &middot; <a href="#I">I</a> &middot; J &middot; K &middot; <a href="#L">L</a> &middot; M &middot; N &middot; <a href="#O">O</a> &middot; P &middot; Q &middot; <a href="#R">R</a> &middot; S &middot; T &middot; <a href="#U">U</a> &middot; V &middot; W &middot; X &middot; Y &middot; Z</div><table border=0 cellspacing=0 cellpadding=0><tr><td class=IHeading id=IFirstHeading><a name="A"></a>A</td><td></td></tr><tr><td class=ISymbolPrefix id=IOnlySymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#authorisePost" id=link1 onMouseOver="ShowTip(event, 'tt1', 'link1')" onMouseOut="HideTip('tt1')" class=ISymbol>authorisePost</a></td></tr><tr><td class=IHeading><a name="C"></a>C</td><td></td></tr><tr><td class=ISymbolPrefix id=IOnlySymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#createNewJsCache" id=link2 onMouseOver="ShowTip(event, 'tt2', 'link2')" onMouseOut="HideTip('tt2')" class=ISymbol>createNewJsCache</a></td></tr><tr><td class=IHeading><a name="F"></a>F</td><td></td></tr><tr><td class=ISymbolPrefix id=IOnlySymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#failedValidationAction" id=link3 onMouseOver="ShowTip(event, 'tt3', 'link3')" onMouseOut="HideTip('tt3')" class=ISymbol>failedValidationAction</a></td></tr><tr><td class=IHeading><a name="G"></a>G</td><td></td></tr><tr><td class=ISymbolPrefix id=IFirstSymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#generateAuthToken" id=link4 onMouseOver="ShowTip(event, 'tt4', 'link4')" onMouseOut="HideTip('tt4')" class=ISymbol>generateAuthToken</a></td></tr><tr><td class=ISymbolPrefix id=ILastSymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#getCurrentUrl" id=link5 onMouseOver="ShowTip(event, 'tt5', 'link5')" onMouseOut="HideTip('tt5')" class=ISymbol>getCurrentUrl</a></td></tr><tr><td class=IHeading><a name="I"></a>I</td><td></td></tr><tr><td class=ISymbolPrefix id=IFirstSymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#init" id=link6 onMouseOver="ShowTip(event, 'tt6', 'link6')" onMouseOut="HideTip('tt6')" class=ISymbol>init</a></td></tr><tr><td class=ISymbolPrefix id=ILastSymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#isURLallowed" id=link7 onMouseOver="ShowTip(event, 'tt7', 'link7')" onMouseOut="HideTip('tt7')" class=ISymbol>isURLallowed</a></td></tr><tr><td class=IHeading><a name="L"></a>L</td><td></td></tr><tr><td class=ISymbolPrefix id=IOnlySymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#logCSRFattack" id=link8 onMouseOver="ShowTip(event, 'tt8', 'link8')" onMouseOut="HideTip('tt8')" class=ISymbol>logCSRFattack</a></td></tr><tr><td class=IHeading><a name="O"></a>O</td><td></td></tr><tr><td class=ISymbolPrefix id=IOnlySymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#ob_handler" id=link9 onMouseOver="ShowTip(event, 'tt9', 'link9')" onMouseOut="HideTip('tt9')" class=ISymbol>ob_handler</a></td></tr><tr><td class=IHeading><a name="R"></a>R</td><td></td></tr><tr><td class=ISymbolPrefix id=IOnlySymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#refreshToken" id=link10 onMouseOver="ShowTip(event, 'tt10', 'link10')" onMouseOut="HideTip('tt10')" class=ISymbol>refreshToken</a></td></tr><tr><td class=IHeading><a name="U"></a>U</td><td></td></tr><tr><td class=ISymbolPrefix id=IOnlySymbolPrefix>&nbsp;</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#useCachedVersion" id=link11 onMouseOver="ShowTip(event, 'tt11', 'link11')" onMouseOut="HideTip('tt11')" class=ISymbol>useCachedVersion</a></td></tr></table>
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt1"><div class=CFunction><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">public static function authorisePost()</td></tr></table></blockquote>function to authorise incoming post requests</div></div><!--END_ND_TOOLTIPS-->
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt2"><div class=CFunction><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">public static function createNewJsCache()</td></tr></table></blockquote>Function to create new cache version of js</div></div><!--END_ND_TOOLTIPS-->
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt3"><div class=CFunction><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">private static function failedValidationAction()</td></tr></table></blockquote>function to be called in case of failed validation performs logging and take appropriate action</div></div><!--END_ND_TOOLTIPS-->
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt4"><div class=CFunction><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">public static function generateAuthToken()</td></tr></table></blockquote>function to generate random hash of length as given in parameter max length = 128</div></div><div class=CToolTip id="tt5"><div class=CFunction><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">private static function getCurrentUrl()</td></tr></table></blockquote>Function to return current url of executing page</div></div><!--END_ND_TOOLTIPS-->
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt6"><div class=CFunction><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td><table border=0 cellspacing=0 cellpadding=0><tr><td class="PBeforeParameters  prettyprint "nowrap>public static function init(</td><td class="PParameter  prettyprint " nowrap>$length</td><td class="PDefaultValuePrefix  prettyprint ">&nbsp;=&nbsp;</td><td class="PDefaultValue  prettyprint " width=100%> null,</td></tr><tr><td></td><td class="PParameter  prettyprint " nowrap>$action</td><td class="PDefaultValuePrefix  prettyprint ">&nbsp;=&nbsp;</td><td class="PDefaultValue  prettyprint " width=100%> null</td><td class="PAfterParameters  prettyprint "nowrap>)</td></tr></table></td></tr></table></blockquote>function to initialise the csrfProtector work flow</div></div><div class=CToolTip id="tt7"><div class=CFunction><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">public static function isURLallowed()</td></tr></table></blockquote>Function to check if a url mataches for any urls Listed in config file</div></div><!--END_ND_TOOLTIPS-->
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt8"><div class=CFunction><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">private static function logCSRFattack()</td></tr></table></blockquote>Functio to log CSRF Attack</div></div><!--END_ND_TOOLTIPS-->
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt9"><div class=CFunction><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td><table border=0 cellspacing=0 cellpadding=0><tr><td class="PBeforeParameters  prettyprint "nowrap>public static function ob_handler(</td><td class="PParameter  prettyprint " nowrap>$buffer,</td></tr><tr><td></td><td class="PParameter  prettyprint " nowrap>$flags</td><td class="PAfterParameters  prettyprint "nowrap>)</td></tr></table></td></tr></table></blockquote>Rewrites form on the fly to add CSRF tokens to them. </div></div><!--END_ND_TOOLTIPS-->
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt10"><div class=CFunction><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">public static function refreshToken()</td></tr></table></blockquote>Function to set auth cookie</div></div><!--END_ND_TOOLTIPS-->
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt11"><div class=CFunction><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">public static function useCachedVersion()</td></tr></table></blockquote>function to check weather to use cached version of js file or not</div></div><!--END_ND_TOOLTIPS-->
 </div><!--Index-->
 <div id=Footer><a href="http://www.naturaldocs.org">Generated by Natural Docs</a></div><!--Footer-->
 <div id=Menu><div class=MEntry><div class=MFile><a href="../files/libs/csrf/csrfprotector-php.html">csrfprotector.php</a></div></div><div class=MEntry><div class=MGroup><a href="javascript:ToggleMenu('MGroupContent1')">Index</a><div class=MGroupContent id=MGroupContent1><div class=MEntry><div class=MIndex><a href="General.html">Everything</a></div></div><div class=MEntry><div class=MIndex><a href="Files.html">Files</a></div></div><div class=MEntry><div class=MIndex id=MSelected>Functions</div></div><div class=MEntry><div class=MIndex><a href="Variables.html">Variables</a></div></div></div></div></div><script type="text/javascript"><!--
 var searchPanel = new SearchPanel("searchPanel", "HTML", "../search");
 --></script><div id=MSearchPanel class=MSearchPanelInactive><input type=text id=MSearchField value=Search onFocus="searchPanel.OnSearchFieldFocus(true)" onBlur="searchPanel.OnSearchFieldFocus(false)" onKeyUp="searchPanel.OnSearchFieldChange()"><select id=MSearchType onFocus="searchPanel.OnSearchTypeFocus(true)" onBlur="searchPanel.OnSearchTypeFocus(false)" onChange="searchPanel.OnSearchTypeChange()"><option  id=MSearchEverything selected value="General">Everything</option><option value="Files">Files</option><option value="Functions">Functions</option><option value="Variables">Variables</option></select></div></div><!--Menu-->
 <div id=MSearchResultsWindow><iframe src="" frameborder=0 name=MSearchResults id=MSearchResults></iframe><a href="javascript:searchPanel.CloseResultsWindow()" id=MSearchResultsWindowClose>Close</a></div>
 <script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/General.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/General.html
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Variables.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Variables.html
@ -0,0 +1,41 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Variable Index</title><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script><script language=JavaScript src="../javascript/searchdata.js"></script></head><body class="IndexPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=IPageTitle>Variable Index</div><div class=INavigationBar>$#! &middot; 0-9 &middot; A &middot; B &middot; <a href="#C">C</a> &middot; D &middot; E &middot; F &middot; G &middot; H &middot; <a href="#I">I</a> &middot; J &middot; K &middot; L &middot; M &middot; N &middot; O &middot; P &middot; Q &middot; <a href="#R">R</a> &middot; S &middot; T &middot; U &middot; V &middot; W &middot; X &middot; Y &middot; Z</div><table border=0 cellspacing=0 cellpadding=0><tr><td class=IHeading id=IFirstHeading><a name="C"></a>C</td><td></td></tr><tr><td class=ISymbolPrefix id=IFirstSymbolPrefix>$</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#$config" id=link1 onMouseOver="ShowTip(event, 'tt1', 'link1')" onMouseOut="HideTip('tt1')" class=ISymbol>config</a></td></tr><tr><td class=ISymbolPrefix id=ILastSymbolPrefix>$</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#$cookieExpiryTime" id=link2 onMouseOver="ShowTip(event, 'tt2', 'link2')" onMouseOut="HideTip('tt2')" class=ISymbol>cookieExpiryTime</a></td></tr><tr><td class=IHeading><a name="I"></a>I</td><td></td></tr><tr><td class=ISymbolPrefix id=IFirstSymbolPrefix>$</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#$isSameOrigin" id=link3 onMouseOver="ShowTip(event, 'tt3', 'link3')" onMouseOut="HideTip('tt3')" class=ISymbol>isSameOrigin</a></td></tr><tr><td class=ISymbolPrefix id=ILastSymbolPrefix>$</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#$isValidHTML" id=link4 onMouseOver="ShowTip(event, 'tt4', 'link4')" onMouseOut="HideTip('tt4')" class=ISymbol>isValidHTML</a></td></tr><tr><td class=IHeading><a name="R"></a>R</td><td></td></tr><tr><td class=ISymbolPrefix id=IOnlySymbolPrefix>$</td><td class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#$requestType" id=link5 onMouseOver="ShowTip(event, 'tt5', 'link5')" onMouseOut="HideTip('tt5')" class=ISymbol>requestType</a></td></tr></table>
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt1"><div class=CVariable><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">public static $config</td></tr></table></blockquote>config file for CSRFProtector @var int Array, length = 6 Property: #1: failedAuthAction (int) =&gt; action to be taken in case autherisation fails Property: #2: logDirectory (string) =&gt; directory in which log will be saved Property: #3: customErrorMessage (string) =&gt; custom error message to be sent in case of failed authentication Property: #4: jsFile (string) =&gt; location of the CSRFProtector js file Property: #5: tokenLength (int) =&gt; default length of hash Property: #6: disabledJavascriptMessage (string) =&gt; error message if client&rsquo;s js is disabled</div></div><div class=CToolTip id="tt2"><div class=CVariable><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">public static $cookieExpiryTime</td></tr></table></blockquote>expiry time for cookie @var int</div></div><!--END_ND_TOOLTIPS-->
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt3"><div class=CVariable><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">private static $isSameOrigin</td></tr></table></blockquote>flag for cross origin/same origin request @var bool</div></div><div class=CToolTip id="tt4"><div class=CVariable><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">private static $isValidHTML</td></tr></table></blockquote>flag to check if output file is a valid HTML or not @var bool</div></div><!--END_ND_TOOLTIPS-->
 <!--START_ND_TOOLTIPS-->
 <div class=CToolTip id="tt5"><div class=CVariable><blockquote><table border=0 cellspacing=0 cellpadding=0 class="Prototype"><tr><td class="prettyprint">protected static $requestType</td></tr></table></blockquote>Varaible to store weather request type is post or get @var string</div></div><!--END_ND_TOOLTIPS-->
 </div><!--Index-->
 <div id=Footer><a href="http://www.naturaldocs.org">Generated by Natural Docs</a></div><!--Footer-->
 <div id=Menu><div class=MEntry><div class=MFile><a href="../files/libs/csrf/csrfprotector-php.html">csrfprotector.php</a></div></div><div class=MEntry><div class=MGroup><a href="javascript:ToggleMenu('MGroupContent1')">Index</a><div class=MGroupContent id=MGroupContent1><div class=MEntry><div class=MIndex><a href="General.html">Everything</a></div></div><div class=MEntry><div class=MIndex><a href="Files.html">Files</a></div></div><div class=MEntry><div class=MIndex><a href="Functions.html">Functions</a></div></div><div class=MEntry><div class=MIndex id=MSelected>Variables</div></div></div></div></div><script type="text/javascript"><!--
 var searchPanel = new SearchPanel("searchPanel", "HTML", "../search");
 --></script><div id=MSearchPanel class=MSearchPanelInactive><input type=text id=MSearchField value=Search onFocus="searchPanel.OnSearchFieldFocus(true)" onBlur="searchPanel.OnSearchFieldFocus(false)" onKeyUp="searchPanel.OnSearchFieldChange()"><select id=MSearchType onFocus="searchPanel.OnSearchTypeFocus(true)" onBlur="searchPanel.OnSearchTypeFocus(false)" onChange="searchPanel.OnSearchTypeChange()"><option  id=MSearchEverything selected value="General">Everything</option><option value="Files">Files</option><option value="Functions">Functions</option><option value="Variables">Variables</option></select></div></div><!--Menu-->
 <div id=MSearchResultsWindow><iframe src="" frameborder=0 name=MSearchResults id=MSearchResults></iframe><a href="javascript:searchPanel.CloseResultsWindow()" id=MSearchResultsWindowClose>Close</a></div>
 <script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/main.js
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/main.js
@ -0,0 +1,841 @@
 // This file is part of Natural Docs, which is Copyright © 2003-2010 Greg Valure
 // Natural Docs is licensed under version 3 of the GNU Affero General Public License (AGPL)
 // Refer to License.txt for the complete details
 // This file may be distributed with documentation files generated by Natural Docs.
 // Such documentation is not covered by Natural Docs' copyright and licensing,
 // and may have its own copyright and distribution terms as decided by its author.
 //
 //  Browser Styles
 // ____________________________________________________________________________
 var agt=navigator.userAgent.toLowerCase();
 var browserType;
 var browserVer;
 if (agt.indexOf("opera") != -1)
    {
    browserType = "Opera";
    if (agt.indexOf("opera 7") != -1 || agt.indexOf("opera/7") != -1)
        {  browserVer = "Opera7";  }
    else if (agt.indexOf("opera 8") != -1 || agt.indexOf("opera/8") != -1)
        {  browserVer = "Opera8";  }
    else if (agt.indexOf("opera 9") != -1 || agt.indexOf("opera/9") != -1)
        {  browserVer = "Opera9";  }
    }
 else if (agt.indexOf("applewebkit") != -1)
    {
    browserType = "Safari";
    if (agt.indexOf("version/3") != -1)
        {  browserVer = "Safari3";  }
    else if (agt.indexOf("safari/4") != -1)
        {  browserVer = "Safari2";  }
    }
 else if (agt.indexOf("khtml") != -1)
    {
    browserType = "Konqueror";
    }
 else if (agt.indexOf("msie") != -1)
    {
    browserType = "IE";
    if (agt.indexOf("msie 6") != -1)
        {  browserVer = "IE6";  }
    else if (agt.indexOf("msie 7") != -1)
        {  browserVer = "IE7";  }
    }
 else if (agt.indexOf("gecko") != -1)
    {
    browserType = "Firefox";
    if (agt.indexOf("rv:1.7") != -1)
        {  browserVer = "Firefox1";  }
    else if (agt.indexOf("rv:1.8)") != -1 || agt.indexOf("rv:1.8.0") != -1)
        {  browserVer = "Firefox15";  }
    else if (agt.indexOf("rv:1.8.1") != -1)
        {  browserVer = "Firefox2";  }
    }
 //
 //  Support Functions
 // ____________________________________________________________________________
 function GetXPosition(item)
    {
    var position = 0;
    if (item.offsetWidth != null)
        {
        while (item != document.body && item != null)
            {
            position += item.offsetLeft;
            item = item.offsetParent;
            };
        };
    return position;
    };
 function GetYPosition(item)
    {
    var position = 0;
    if (item.offsetWidth != null)
        {
        while (item != document.body && item != null)
            {
            position += item.offsetTop;
            item = item.offsetParent;
            };
        };
    return position;
    };
 function MoveToPosition(item, x, y)
    {
    // Opera 5 chokes on the px extension, so it can use the Microsoft one instead.
    if (item.style.left != null)
        {
        item.style.left = x + "px";
        item.style.top = y + "px";
        }
    else if (item.style.pixelLeft != null)
        {
        item.style.pixelLeft = x;
        item.style.pixelTop = y;
        };
    };
 //
 //  Menu
 // ____________________________________________________________________________
 function ToggleMenu(id)
    {
    if (!window.document.getElementById)
        {  return;  };
    var display = window.document.getElementById(id).style.display;
    if (display == "none")
        {  display = "block";  }
    else
        {  display = "none";  }
    window.document.getElementById(id).style.display = display;
    }
 function HideAllBut(ids, max)
    {
    if (document.getElementById)
        {
        ids.sort( function(a,b) { return a - b; } );
        var number = 1;
        while (number < max)
            {
            if (ids.length > 0 && number == ids[0])
                {  ids.shift();  }
            else
                {
                document.getElementById("MGroupContent" + number).style.display = "none";
                };
            number++;
            };
        };
    }
 //
 //  Tooltips
 // ____________________________________________________________________________
 var tooltipTimer = 0;
 function ShowTip(event, tooltipID, linkID)
    {
    if (tooltipTimer)
        {  clearTimeout(tooltipTimer);  };
    var docX = event.clientX + window.pageXOffset;
    var docY = event.clientY + window.pageYOffset;
    var showCommand = "ReallyShowTip('" + tooltipID + "', '" + linkID + "', " + docX + ", " + docY + ")";
    tooltipTimer = setTimeout(showCommand, 1000);
    }
 function ReallyShowTip(tooltipID, linkID, docX, docY)
    {
    tooltipTimer = 0;
    var tooltip;
    var link;
    if (document.getElementById)
        {
        tooltip = document.getElementById(tooltipID);
        link = document.getElementById(linkID);
        }
 /*    else if (document.all)
        {
        tooltip = eval("document.all['" + tooltipID + "']");
        link = eval("document.all['" + linkID + "']");
        }
 */
    if (tooltip)
        {
        var left = GetXPosition(link);
        var top = GetYPosition(link);
        top += link.offsetHeight;
        // The fallback method is to use the mouse X and Y relative to the document.  We use a separate if and test if its a number
        // in case some browser snuck through the above if statement but didn't support everything.
        if (!isFinite(top) || top == 0)
            {
            left = docX;
            top = docY;
            }
        // Some spacing to get it out from under the cursor.
        top += 10;
        // Make sure the tooltip doesnt get smushed by being too close to the edge, or in some browsers, go off the edge of the
        // page.  We do it here because Konqueror does get offsetWidth right even if it doesnt get the positioning right.
        if (tooltip.offsetWidth != null)
            {
            var width = tooltip.offsetWidth;
            var docWidth = document.body.clientWidth;
            if (left + width > docWidth)
                {  left = docWidth - width - 1;  }
            // If there's a horizontal scroll bar we could go past zero because it's using the page width, not the window width.
            if (left < 0)
                {  left = 0;  };
            }
        MoveToPosition(tooltip, left, top);
        tooltip.style.visibility = "visible";
        }
    }
 function HideTip(tooltipID)
    {
    if (tooltipTimer)
        {
        clearTimeout(tooltipTimer);
        tooltipTimer = 0;
        }
    var tooltip;
    if (document.getElementById)
        {  tooltip = document.getElementById(tooltipID); }
    else if (document.all)
        {  tooltip = eval("document.all['" + tooltipID + "']");  }
    if (tooltip)
        {  tooltip.style.visibility = "hidden";  }
    }
 //
 //  Blockquote fix for IE
 // ____________________________________________________________________________
 function NDOnLoad()
    {
    if (browserVer == "IE6")
        {
        var scrollboxes = document.getElementsByTagName('blockquote');
        if (scrollboxes.item(0))
            {
            NDDoResize();
            window.onresize=NDOnResize;
            };
        };
    };
 var resizeTimer = 0;
 function NDOnResize()
    {
    if (resizeTimer != 0)
        {  clearTimeout(resizeTimer);  };
    resizeTimer = setTimeout(NDDoResize, 250);
    };
 function NDDoResize()
    {
    var scrollboxes = document.getElementsByTagName('blockquote');
    var i;
    var item;
    i = 0;
    while (item = scrollboxes.item(i))
        {
        item.style.width = 100;
        i++;
        };
    i = 0;
    while (item = scrollboxes.item(i))
        {
        item.style.width = item.parentNode.offsetWidth;
        i++;
        };
    clearTimeout(resizeTimer);
    resizeTimer = 0;
    }
 /* ________________________________________________________________________________________________________
    Class: SearchPanel
    ________________________________________________________________________________________________________
    A class handling everything associated with the search panel.
    Parameters:
        name - The name of the global variable that will be storing this instance.  Is needed to be able to set timeouts.
        mode - The mode the search is going to work in.  Pass <NaturalDocs::Builder::Base->CommandLineOption()>, so the
                   value will be something like "HTML" or "FramedHTML".
    ________________________________________________________________________________________________________
 */
 function SearchPanel(name, mode, resultsPath)
    {
    if (!name || !mode || !resultsPath)
        {  alert("Incorrect parameters to SearchPanel.");  };
    // Group: Variables
    // ________________________________________________________________________
    /*
        var: name
        The name of the global variable that will be storing this instance of the class.
    */
    this.name = name;
    /*
        var: mode
        The mode the search is going to work in, such as "HTML" or "FramedHTML".
    */
    this.mode = mode;
    /*
        var: resultsPath
        The relative path from the current HTML page to the results page directory.
    */
    this.resultsPath = resultsPath;
    /*
        var: keyTimeout
        The timeout used between a keystroke and when a search is performed.
    */
    this.keyTimeout = 0;
    /*
        var: keyTimeoutLength
        The length of <keyTimeout> in thousandths of a second.
    */
    this.keyTimeoutLength = 500;
    /*
        var: lastSearchValue
        The last search string executed, or an empty string if none.
    */
    this.lastSearchValue = "";
    /*
        var: lastResultsPage
        The last results page.  The value is only relevant if <lastSearchValue> is set.
    */
    this.lastResultsPage = "";
    /*
        var: deactivateTimeout
        The timeout used between when a control is deactivated and when the entire panel is deactivated.  Is necessary
        because a control may be deactivated in favor of another control in the same panel, in which case it should stay
        active.
    */
    this.deactivateTimout = 0;
    /*
        var: deactivateTimeoutLength
        The length of <deactivateTimeout> in thousandths of a second.
    */
    this.deactivateTimeoutLength = 200;
    // Group: DOM Elements
    // ________________________________________________________________________
    // Function: DOMSearchField
    this.DOMSearchField = function()
        {  return document.getElementById("MSearchField");  };
    // Function: DOMSearchType
    this.DOMSearchType = function()
        {  return document.getElementById("MSearchType");  };
    // Function: DOMPopupSearchResults
    this.DOMPopupSearchResults = function()
        {  return document.getElementById("MSearchResults");  };
    // Function: DOMPopupSearchResultsWindow
    this.DOMPopupSearchResultsWindow = function()
        {  return document.getElementById("MSearchResultsWindow");  };
    // Function: DOMSearchPanel
    this.DOMSearchPanel = function()
        {  return document.getElementById("MSearchPanel");  };
    // Group: Event Handlers
    // ________________________________________________________________________
    /*
        Function: OnSearchFieldFocus
        Called when focus is added or removed from the search field.
    */
    this.OnSearchFieldFocus = function(isActive)
        {
        this.Activate(isActive);
        };
    /*
        Function: OnSearchFieldChange
        Called when the content of the search field is changed.
    */
    this.OnSearchFieldChange = function()
        {
        if (this.keyTimeout)
            {
            clearTimeout(this.keyTimeout);
            this.keyTimeout = 0;
            };
        var searchValue = this.DOMSearchField().value.replace(/ +/g, "");
        if (searchValue != this.lastSearchValue)
            {
            if (searchValue != "")
                {
                this.keyTimeout = setTimeout(this.name + ".Search()", this.keyTimeoutLength);
                }
            else
                {
                if (this.mode == "HTML")
                    {  this.DOMPopupSearchResultsWindow().style.display = "none";  };
                this.lastSearchValue = "";
                };
            };
        };
    /*
        Function: OnSearchTypeFocus
        Called when focus is added or removed from the search type.
    */
    this.OnSearchTypeFocus = function(isActive)
        {
        this.Activate(isActive);
        };
    /*
        Function: OnSearchTypeChange
        Called when the search type is changed.
    */
    this.OnSearchTypeChange = function()
        {
        var searchValue = this.DOMSearchField().value.replace(/ +/g, "");
        if (searchValue != "")
            {
            this.Search();
            };
        };
    // Group: Action Functions
    // ________________________________________________________________________
    /*
        Function: CloseResultsWindow
        Closes the results window.
    */
    this.CloseResultsWindow = function()
        {
        this.DOMPopupSearchResultsWindow().style.display = "none";
        this.Activate(false, true);
        };
    /*
        Function: Search
        Performs a search.
    */
    this.Search = function()
        {
        this.keyTimeout = 0;
        var searchValue = this.DOMSearchField().value.replace(/^ +/, "");
        var searchTopic = this.DOMSearchType().value;
        var pageExtension = searchValue.substr(0,1);
        if (pageExtension.match(/^[a-z]/i))
            {  pageExtension = pageExtension.toUpperCase();  }
        else if (pageExtension.match(/^[0-9]/))
            {  pageExtension = 'Numbers';  }
        else
            {  pageExtension = "Symbols";  };
        var resultsPage;
        var resultsPageWithSearch;
        var hasResultsPage;
        // indexSectionsWithContent is defined in searchdata.js
        if (indexSectionsWithContent[searchTopic][pageExtension] == true)
            {
            resultsPage = this.resultsPath + '/' + searchTopic + pageExtension + '.html';
            resultsPageWithSearch = resultsPage+'?'+escape(searchValue);
            hasResultsPage = true;
            }
        else
            {
            resultsPage = this.resultsPath + '/NoResults.html';
            resultsPageWithSearch = resultsPage;
            hasResultsPage = false;
            };
        var resultsFrame;
        if (this.mode == "HTML")
            {  resultsFrame = window.frames.MSearchResults;  }
        else if (this.mode == "FramedHTML")
            {  resultsFrame = window.top.frames['Content'];  };
        if (resultsPage != this.lastResultsPage ||
            // Bug in IE.  If everything becomes hidden in a run, none of them will be able to be reshown in the next for some
            // reason.  It counts the right number of results, and you can even read the display as "block" after setting it, but it
            // just doesn't work in IE 6 or IE 7.  So if we're on the right page but the previous search had no results, reload the
            // page anyway to get around the bug.
            (browserType == "IE" && hasResultsPage &&
            	(!resultsFrame.searchResults || resultsFrame.searchResults.lastMatchCount == 0)) )
            {
            resultsFrame.location.href = resultsPageWithSearch;
            }
        // So if the results page is right and there's no IE bug, reperform the search on the existing page.  We have to check if there
        // are results because NoResults.html doesn't have any JavaScript, and it would be useless to do anything on that page even
        // if it did.
        else if (hasResultsPage)
            {
            // We need to check if this exists in case the frame is present but didn't finish loading.
            if (resultsFrame.searchResults)
                {  resultsFrame.searchResults.Search(searchValue);  }
            // Otherwise just reload instead of waiting.
            else
                {  resultsFrame.location.href = resultsPageWithSearch;  };
            };
        var domPopupSearchResultsWindow = this.DOMPopupSearchResultsWindow();
        if (this.mode == "HTML" && domPopupSearchResultsWindow.style.display != "block")
            {
            var domSearchType = this.DOMSearchType();
            var left = GetXPosition(domSearchType);
            var top = GetYPosition(domSearchType) + domSearchType.offsetHeight;
            MoveToPosition(domPopupSearchResultsWindow, left, top);
            domPopupSearchResultsWindow.style.display = 'block';
            };
        this.lastSearchValue = searchValue;
        this.lastResultsPage = resultsPage;
        };
    // Group: Activation Functions
    // Functions that handle whether the entire panel is active or not.
    // ________________________________________________________________________
    /*
        Function: Activate
        Activates or deactivates the search panel, resetting things to their default values if necessary.  You can call this on every
        control's OnBlur() and it will handle not deactivating the entire panel when focus is just switching between them transparently.
        Parameters:
            isActive - Whether you're activating or deactivating the panel.
            ignoreDeactivateDelay - Set if you're positive the action will deactivate the panel and thus want to skip the delay.
    */
    this.Activate = function(isActive, ignoreDeactivateDelay)
        {
        // We want to ignore isActive being false while the results window is open.
        if (isActive || (this.mode == "HTML" && this.DOMPopupSearchResultsWindow().style.display == "block"))
            {
            if (this.inactivateTimeout)
                {
                clearTimeout(this.inactivateTimeout);
                this.inactivateTimeout = 0;
                };
            this.DOMSearchPanel().className = 'MSearchPanelActive';
            var searchField = this.DOMSearchField();
            if (searchField.value == 'Search')
                 {  searchField.value = "";  }
            }
        else if (!ignoreDeactivateDelay)
            {
            this.inactivateTimeout = setTimeout(this.name + ".InactivateAfterTimeout()", this.inactivateTimeoutLength);
            }
        else
            {
            this.InactivateAfterTimeout();
            };
        };
    /*
        Function: InactivateAfterTimeout
        Called by <inactivateTimeout>, which is set by <Activate()>.  Inactivation occurs on a timeout because a control may
        receive OnBlur() when focus is really transferring to another control in the search panel.  In this case we don't want to
        actually deactivate the panel because not only would that cause a visible flicker but it could also reset the search value.
        So by doing it on a timeout instead, there's a short period where the second control's OnFocus() can cancel the deactivation.
    */
    this.InactivateAfterTimeout = function()
        {
        this.inactivateTimeout = 0;
        this.DOMSearchPanel().className = 'MSearchPanelInactive';
        this.DOMSearchField().value = "Search";
 	    this.lastSearchValue = "";
 	    this.lastResultsPage = "";
        };
    };
 /* ________________________________________________________________________________________________________
   Class: SearchResults
   _________________________________________________________________________________________________________
   The class that handles everything on the search results page.
   _________________________________________________________________________________________________________
 */
 function SearchResults(name, mode)
    {
    /*
        var: mode
        The mode the search is going to work in, such as "HTML" or "FramedHTML".
    */
    this.mode = mode;
    /*
        var: lastMatchCount
        The number of matches from the last run of <Search()>.
    */
    this.lastMatchCount = 0;
    /*
        Function: Toggle
        Toggles the visibility of the passed element ID.
    */
    this.Toggle = function(id)
        {
        if (this.mode == "FramedHTML")
            {  return;  };
        var parentElement = document.getElementById(id);
        var element = parentElement.firstChild;
        while (element && element != parentElement)
            {
            if (element.nodeName == 'DIV' && element.className == 'ISubIndex')
                {
                if (element.style.display == 'block')
                    {  element.style.display = "none";  }
                else
                    {  element.style.display = 'block';  }
                };
            if (element.nodeName == 'DIV' && element.hasChildNodes())
                {  element = element.firstChild;  }
            else if (element.nextSibling)
                {  element = element.nextSibling;  }
            else
                {
                do
                    {
                    element = element.parentNode;
                    }
                while (element && element != parentElement && !element.nextSibling);
                if (element && element != parentElement)
                    {  element = element.nextSibling;  };
                };
            };
        };
    /*
        Function: Search
        Searches for the passed string.  If there is no parameter, it takes it from the URL query.
        Always returns true, since other documents may try to call it and that may or may not be possible.
    */
    this.Search = function(search)
        {
        if (!search)
            {
            search = window.location.search;
            search = search.substring(1);  // Remove the leading ?
            search = unescape(search);
            };
        search = search.replace(/^ +/, "");
        search = search.replace(/ +$/, "");
        search = search.toLowerCase();
        if (search.match(/[^a-z0-9]/)) // Just a little speedup so it doesn't have to go through the below unnecessarily.
            {
            search = search.replace(/\_/g, "_und");
            search = search.replace(/\ +/gi, "_spc");
            search = search.replace(/\~/g, "_til");
            search = search.replace(/\!/g, "_exc");
            search = search.replace(/\@/g, "_att");
            search = search.replace(/\#/g, "_num");
            search = search.replace(/\$/g, "_dol");
            search = search.replace(/\%/g, "_pct");
            search = search.replace(/\^/g, "_car");
            search = search.replace(/\&/g, "_amp");
            search = search.replace(/\*/g, "_ast");
            search = search.replace(/\(/g, "_lpa");
            search = search.replace(/\)/g, "_rpa");
            search = search.replace(/\-/g, "_min");
            search = search.replace(/\+/g, "_plu");
            search = search.replace(/\=/g, "_equ");
            search = search.replace(/\{/g, "_lbc");
            search = search.replace(/\}/g, "_rbc");
            search = search.replace(/\[/g, "_lbk");
            search = search.replace(/\]/g, "_rbk");
            search = search.replace(/\:/g, "_col");
            search = search.replace(/\;/g, "_sco");
            search = search.replace(/\"/g, "_quo");
            search = search.replace(/\'/g, "_apo");
            search = search.replace(/\</g, "_lan");
            search = search.replace(/\>/g, "_ran");
            search = search.replace(/\,/g, "_com");
            search = search.replace(/\./g, "_per");
            search = search.replace(/\?/g, "_que");
            search = search.replace(/\//g, "_sla");
            search = search.replace(/[^a-z0-9\_]i/gi, "_zzz");
            };
        var resultRows = document.getElementsByTagName("div");
        var matches = 0;
        var i = 0;
        while (i < resultRows.length)
            {
            var row = resultRows.item(i);
            if (row.className == "SRResult")
                {
                var rowMatchName = row.id.toLowerCase();
                rowMatchName = rowMatchName.replace(/^sr\d*_/, '');
                if (search.length <= rowMatchName.length && rowMatchName.substr(0, search.length) == search)
                    {
                    row.style.display = "block";
                    matches++;
                    }
                else
                    {  row.style.display = "none";  };
                };
            i++;
            };
        document.getElementById("Searching").style.display="none";
        if (matches == 0)
            {  document.getElementById("NoMatches").style.display="block";  }
        else
            {  document.getElementById("NoMatches").style.display="none";  }
        this.lastMatchCount = matches;
        return true;
        };
    };
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/prettify.js
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/prettify.js
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/searchdata.js
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/searchdata.js
@ -0,0 +1,122 @@
 var indexSectionsWithContent = {
   "General": {
      "Symbols": false,
      "Numbers": false,
      "A": true,
      "B": false,
      "C": true,
      "D": false,
      "E": false,
      "F": true,
      "G": true,
      "H": false,
      "I": true,
      "J": false,
      "K": false,
      "L": true,
      "M": false,
      "N": false,
      "O": true,
      "P": false,
      "Q": false,
      "R": true,
      "S": false,
      "T": false,
      "U": true,
      "V": true,
      "W": false,
      "X": false,
      "Y": false,
      "Z": false
      },
   "Variables": {
      "Symbols": false,
      "Numbers": false,
      "A": false,
      "B": false,
      "C": true,
      "D": false,
      "E": false,
      "F": false,
      "G": false,
      "H": false,
      "I": true,
      "J": false,
      "K": false,
      "L": false,
      "M": false,
      "N": false,
      "O": false,
      "P": false,
      "Q": false,
      "R": true,
      "S": false,
      "T": false,
      "U": false,
      "V": false,
      "W": false,
      "X": false,
      "Y": false,
      "Z": false
      },
   "Functions": {
      "Symbols": false,
      "Numbers": false,
      "A": true,
      "B": false,
      "C": true,
      "D": false,
      "E": false,
      "F": true,
      "G": true,
      "H": false,
      "I": true,
      "J": false,
      "K": false,
      "L": true,
      "M": false,
      "N": false,
      "O": true,
      "P": false,
      "Q": false,
      "R": true,
      "S": false,
      "T": false,
      "U": true,
      "V": false,
      "W": false,
      "X": false,
      "Y": false,
      "Z": false
      },
   "Files": {
      "Symbols": false,
      "Numbers": false,
      "A": false,
      "B": false,
      "C": true,
      "D": false,
      "E": false,
      "F": false,
      "G": false,
      "H": false,
      "I": false,
      "J": false,
      "K": false,
      "L": false,
      "M": false,
      "N": false,
      "O": false,
      "P": false,
      "Q": false,
      "R": false,
      "S": false,
      "T": false,
      "U": false,
      "V": false,
      "W": false,
      "X": false,
      "Y": false,
      "Z": false
      }
   }
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FilesC.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FilesC.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_csrfprotector_perphp><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#csrfprotector.php" target=_parent class=ISymbol>csrfprotector.php</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsA.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsA.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_authorisePost><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#authorisePost" target=_parent class=ISymbol>authorisePost</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsC.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsC.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_createNewJsCache><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#createNewJsCache" target=_parent class=ISymbol>createNewJsCache</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsF.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsF.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_failedValidationAction><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#failedValidationAction" target=_parent class=ISymbol>failedValidationAction</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsG.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsG.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_generateAuthToken><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#generateAuthToken" target=_parent class=ISymbol>generateAuthToken</a></div></div><div class=SRResult id=SR_getCurrentUrl><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#getCurrentUrl" target=_parent class=ISymbol>getCurrentUrl</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsI.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsI.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_init><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#init" target=_parent class=ISymbol>init</a></div></div><div class=SRResult id=SR_isURLallowed><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#isURLallowed" target=_parent class=ISymbol>isURLallowed</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsL.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsL.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_logCSRFattack><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#logCSRFattack" target=_parent class=ISymbol>logCSRFattack</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsO.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsO.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_ob_undhandler><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#ob_handler" target=_parent class=ISymbol>ob_handler</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsR.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsR.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_refreshToken><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#refreshToken" target=_parent class=ISymbol>refreshToken</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsU.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsU.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_useCachedVersion><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#useCachedVersion" target=_parent class=ISymbol>useCachedVersion</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralA.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralA.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_authorisePost><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#authorisePost" target=_parent class=ISymbol>authorisePost</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralC.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralC.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_config><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$config" target=_parent class=ISymbol>config</a></div></div><div class=SRResult id=SR_cookieExpiryTime><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$cookieExpiryTime" target=_parent class=ISymbol>cookieExpiryTime</a></div></div><div class=SRResult id=SR_createNewJsCache><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#createNewJsCache" target=_parent class=ISymbol>createNewJsCache</a></div></div><div class=SRResult id=SR_csrfprotector_perphp><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#csrfprotector.php" target=_parent class=ISymbol>csrfprotector.php</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralF.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralF.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_failedValidationAction><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#failedValidationAction" target=_parent class=ISymbol>failedValidationAction</a></div></div><div class=SRResult id=SR_Functions><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#Functions" target=_parent class=ISymbol>Functions</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralG.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralG.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_generateAuthToken><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#generateAuthToken" target=_parent class=ISymbol>generateAuthToken</a></div></div><div class=SRResult id=SR_getCurrentUrl><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#getCurrentUrl" target=_parent class=ISymbol>getCurrentUrl</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralI.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralI.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_init><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#init" target=_parent class=ISymbol>init</a></div></div><div class=SRResult id=SR_isSameOrigin><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$isSameOrigin" target=_parent class=ISymbol>isSameOrigin</a></div></div><div class=SRResult id=SR_isURLallowed><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#isURLallowed" target=_parent class=ISymbol>isURLallowed</a></div></div><div class=SRResult id=SR_isValidHTML><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$isValidHTML" target=_parent class=ISymbol>isValidHTML</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralL.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralL.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_logCSRFattack><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#logCSRFattack" target=_parent class=ISymbol>logCSRFattack</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralO.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralO.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_ob_undhandler><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#ob_handler" target=_parent class=ISymbol>ob_handler</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralR.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralR.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_refreshToken><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#refreshToken" target=_parent class=ISymbol>refreshToken</a></div></div><div class=SRResult id=SR_requestType><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$requestType" target=_parent class=ISymbol>requestType</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralU.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralU.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_useCachedVersion><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#useCachedVersion" target=_parent class=ISymbol>useCachedVersion</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralV.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralV.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_Variables><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#Variables" target=_parent class=ISymbol>Variables</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/NoResults.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/NoResults.html
@ -0,0 +1,15 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=NoMatches>No Matches</div></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesC.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesC.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_config><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$config" target=_parent class=ISymbol>config</a></div></div><div class=SRResult id=SR_cookieExpiryTime><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$cookieExpiryTime" target=_parent class=ISymbol>cookieExpiryTime</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesI.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesI.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_isSameOrigin><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$isSameOrigin" target=_parent class=ISymbol>isSameOrigin</a></div></div><div class=SRResult id=SR_isValidHTML><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$isValidHTML" target=_parent class=ISymbol>isValidHTML</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesR.html
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesR.html
@ -0,0 +1,20 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
 if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
 <!--  Generated by Natural Docs, version 1.52 -->
 <!--  http://www.naturaldocs.org  -->
 <!-- saved from url=(0026)http://www.naturaldocs.org -->
 <div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_requestType><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$requestType" target=_parent class=ISymbol>requestType</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
 document.getElementById("Loading").style.display="none";
 document.getElementById("NoMatches").style.display="none";
 var searchResults = new SearchResults("searchResults", "HTML");
 searchResults.Search();
 --></script></div><script language=JavaScript><!--
 if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/styles/main.css
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/styles/main.css
@ -0,0 +1,824 @@
 /*
   IMPORTANT: If you're editing this file in the output directory of one of
   your projects, your changes will be overwritten the next time you run
   Natural Docs.  Instead, copy this file to your project directory, make your
   changes, and you can use it with -s.  Even better would be to make a CSS
   file in your project directory with only your changes, which you can then
   use with -s [original style] [your changes].
   On the other hand, if you're editing this file in the Natural Docs styles
   directory, the changes will automatically be applied to all your projects
   that use this style the next time Natural Docs is run on them.
   This file is part of Natural Docs, which is Copyright © 2003-2010 Greg Valure.
   Natural Docs is licensed under version 3 of the GNU Affero General Public
   License (AGPL).  Refer to License.txt for the complete details.
   This file may be distributed with documentation files generated by Natural Docs.
   Such documentation is not covered by Natural Docs' copyright and licensing,
   and may have its own copyright and distribution terms as decided by its author.
 */
 body {
    font: 8pt Verdana, Arial, sans-serif;
    color: #000000;
    margin: 0; padding: 0;
    }
 .ContentPage,
 .IndexPage,
 .FramedMenuPage {
    background-color: #E8E8E8;
    }
 .FramedContentPage,
 .FramedIndexPage,
 .FramedSearchResultsPage,
 .PopupSearchResultsPage {
    background-color: #FFFFFF;
    }
 a:link,
 a:visited { color: #900000; text-decoration: none }
 a:hover { color: #900000; text-decoration: underline }
 a:active { color: #FF0000; text-decoration: underline }
 td {
    vertical-align: top }
 img { border: 0;  }
 /*
    Comment out this line to use web-style paragraphs (blank line between
    paragraphs, no indent) instead of print-style paragraphs (no blank line,
    indented.)
 */
 p {
    text-indent: 5ex; margin: 0 }
 /*  Opera doesn't break with just wbr, but will if you add this.  */
 .Opera wbr:after {
 	content: "\00200B";
 	}
 /*  Blockquotes are used as containers for things that may need to scroll.  */
 blockquote {
    padding: 0;
    margin: 0;
    overflow: auto;
    }
 .Firefox1 blockquote {
    padding-bottom: .5em;
    }
 /*  Turn off scrolling when printing.  */
@media print {
    blockquote {
        overflow: visible;
        }
    .IE blockquote {
        width: auto;
        }
    }
 #Menu {
    font-size: 8pt;
    padding: 10px 0 0 0;
    }
 .ContentPage #Menu,
 .IndexPage #Menu {
    position: absolute;
    top: 0;
    left: 0;
    width: 31ex;
    overflow: hidden;
    }
 .ContentPage .Firefox #Menu,
 .IndexPage .Firefox #Menu {
    width: 27ex;
    }
    .MTitle {
        font-size: 16pt; font-weight: bold; font-variant: small-caps;
        text-align: center;
        padding: 5px 10px 15px 10px;
        border-bottom: 1px dotted #000000;
        margin-bottom: 15px }
    .MSubTitle {
        font-size: 9pt; font-weight: normal; font-variant: normal;
        margin-top: 1ex; margin-bottom: 5px }
    .MEntry a:link,
    .MEntry a:hover,
    .MEntry a:visited { color: #606060; margin-right: 0 }
    .MEntry a:active { color: #A00000; margin-right: 0 }
    .MGroup {
        font-variant: small-caps; font-weight: bold;
        margin: 1em 0 1em 10px;
        }
    .MGroupContent {
        font-variant: normal; font-weight: normal }
    .MGroup a:link,
    .MGroup a:hover,
    .MGroup a:visited { color: #545454; margin-right: 10px }
    .MGroup a:active { color: #A00000; margin-right: 10px }
    .MFile,
    .MText,
    .MLink,
    .MIndex {
        padding: 1px 17px 2px 10px;
        margin: .25em 0 .25em 0;
        }
    .MText {
        font-size: 8pt; font-style: italic }
    .MLink {
        font-style: italic }
    #MSelected {
        color: #000000; background-color: #FFFFFF;
        /*  Replace padding with border.  */
        padding: 0 10px 0 10px;
        border-width: 1px 2px 2px 0; border-style: solid; border-color: #000000;
        margin-right: 5px;
        }
    /*  Close off the left side when its in a group.  */
    .MGroup #MSelected {
        padding-left: 9px; border-left-width: 1px }
    /*  A treat for Mozilla users.  Blatantly non-standard.  Will be replaced with CSS 3 attributes when finalized/supported.  */
    .Firefox #MSelected {
        -moz-border-radius-topright: 10px;
        -moz-border-radius-bottomright: 10px }
    .Firefox .MGroup #MSelected {
        -moz-border-radius-topleft: 10px;
        -moz-border-radius-bottomleft: 10px }
    #MSearchPanel {
        padding: 0px 6px;
        margin: .25em 0;
        }
    #MSearchField {
        font: italic 8pt Verdana, sans-serif;
        color: #606060;
        background-color: #E8E8E8;
        border: none;
        padding: 2px 4px;
        width: 100%;
        }
    /* Only Opera gets it right. */
    .Firefox #MSearchField,
    .IE #MSearchField,
    .Safari #MSearchField {
        width: 94%;
        }
    .Opera9 #MSearchField,
    .Konqueror #MSearchField {
        width: 97%;
        }
    .FramedMenuPage .Firefox #MSearchField,
    .FramedMenuPage .Safari #MSearchField,
    .FramedMenuPage .Konqueror #MSearchField {
        width: 98%;
        }
    /* Firefox doesn't do this right in frames without #MSearchPanel added on.
        It's presence doesn't hurt anything other browsers. */
    #MSearchPanel.MSearchPanelInactive:hover #MSearchField {
        background-color: #FFFFFF;
        border: 1px solid #C0C0C0;
        padding: 1px 3px;
        }
    .MSearchPanelActive #MSearchField {
        background-color: #FFFFFF;
        border: 1px solid #C0C0C0;
        font-style: normal;
        padding: 1px 3px;
        }
    #MSearchType {
        visibility: hidden;
        font: 8pt Verdana, sans-serif;
        width: 98%;
        padding: 0;
        border: 1px solid #C0C0C0;
        }
    .MSearchPanelActive #MSearchType,
    /*  As mentioned above, Firefox doesn't do this right in frames without #MSearchPanel added on. */
    #MSearchPanel.MSearchPanelInactive:hover #MSearchType,
    #MSearchType:focus {
        visibility: visible;
        color: #606060;
        }
    #MSearchType option#MSearchEverything {
        font-weight: bold;
        }
    .Opera8 .MSearchPanelInactive:hover,
    .Opera8 .MSearchPanelActive {
        margin-left: -1px;
        }
    iframe#MSearchResults {
        width: 60ex;
        height: 15em;
        }
    #MSearchResultsWindow {
        display: none;
        position: absolute;
        left: 0; top: 0;
        border: 1px solid #000000;
        background-color: #E8E8E8;
        }
    #MSearchResultsWindowClose {
        font-weight: bold;
        font-size: 8pt;
        display: block;
        padding: 2px 5px;
        }
    #MSearchResultsWindowClose:link,
    #MSearchResultsWindowClose:visited {
        color: #000000;
        text-decoration: none;
        }
    #MSearchResultsWindowClose:active,
    #MSearchResultsWindowClose:hover {
        color: #800000;
        text-decoration: none;
        background-color: #F4F4F4;
        }
 #Content {
    padding-bottom: 15px;
    }
 .ContentPage #Content {
    border-width: 0 0 1px 1px;
    border-style: solid;
    border-color: #000000;
    background-color: #FFFFFF;
    font-size: 8pt;  /* To make 31ex match the menu's 31ex. */
    margin-left: 31ex;
    }
 .ContentPage .Firefox #Content {
    margin-left: 27ex;
    }
    .CTopic {
        font-size: 8pt;
        margin-bottom: 3em;
        }
    .CTitle {
        font-size: 11pt; font-weight: bold;
        border-width: 0 0 1px 0; border-style: solid; border-color: #A0A0A0;
        margin: 0 15px .5em 15px }
    .CGroup .CTitle {
        font-size: 16pt; font-variant: small-caps;
        padding-left: 15px; padding-right: 15px;
        border-width: 0 0 2px 0; border-color: #000000;
        margin-left: 0; margin-right: 0 }
    .CClass .CTitle,
    .CInterface .CTitle,
    .CDatabase .CTitle,
    .CDatabaseTable .CTitle,
    .CSection .CTitle {
        font-size: 18pt;
        color: #FFFFFF; background-color: #A0A0A0;
        padding: 10px 15px 10px 15px;
        border-width: 2px 0; border-color: #000000;
        margin-left: 0; margin-right: 0 }
    #MainTopic .CTitle {
        font-size: 20pt;
        color: #FFFFFF; background-color: #7070C0;
        padding: 10px 15px 10px 15px;
        border-width: 0 0 3px 0; border-color: #000000;
        margin-left: 0; margin-right: 0 }
    .CBody {
        margin-left: 15px; margin-right: 15px }
    .CToolTip {
        position: absolute; visibility: hidden;
        left: 0; top: 0;
        background-color: #FFFFE0;
        padding: 5px;
        border-width: 1px 2px 2px 1px; border-style: solid; border-color: #000000;
        font-size: 8pt;
        }
    .Opera .CToolTip {
        max-width: 98%;
        }
    /*  Scrollbars would be useless.  */
    .CToolTip blockquote {
        overflow: hidden;
        }
    .IE6 .CToolTip blockquote {
        overflow: visible;
        }
    .CHeading {
        font-weight: bold; font-size: 9pt;
        margin: 1.5em 0 .5em 0;
        }
    .CBody pre {
        font: 8pt "Courier New", Courier, monospace;
 	    background-color: #FCFCFC;
 	    margin: 1em 35px;
 	    padding: 10px 15px 10px 10px;
 	    border-color: #E0E0E0 #E0E0E0 #E0E0E0 #E4E4E4;
 	    border-width: 1px 1px 1px 6px;
 	    border-style: dashed dashed dashed solid;
        }
    .CBody ul {
        /*  I don't know why CBody's margin doesn't apply, but it's consistent across browsers so whatever.
             Reapply it here as padding.  */
        padding-left: 15px; padding-right: 15px;
        margin: .5em 5ex .5em 5ex;
        }
    .CDescriptionList {
        margin: .5em 5ex 0 5ex }
        .CDLEntry {
            font: 8pt "Courier New", Courier, monospace; color: #808080;
            padding-bottom: .25em;
            white-space: nowrap }
        .CDLDescription {
            font-size: 8pt;  /*  For browsers that don't inherit correctly, like Opera 5.  */
            padding-bottom: .5em; padding-left: 5ex }
    .CTopic img {
        text-align: center;
        display: block;
        margin: 1em auto;
        }
    .CImageCaption {
        font-variant: small-caps;
        font-size: 8pt;
        color: #808080;
        text-align: center;
        position: relative;
        top: 1em;
        }
    .CImageLink {
        color: #808080;
        font-style: italic;
        }
    a.CImageLink:link,
    a.CImageLink:visited,
    a.CImageLink:hover { color: #808080 }
 .Prototype {
    font: 8pt "Courier New", Courier, monospace;
    padding: 5px 3ex;
    border-width: 1px; border-style: solid;
    margin: 0 5ex 1.5em 5ex;
    }
    .Prototype td {
        font-size: 8pt;
        }
    .PDefaultValue,
    .PDefaultValuePrefix,
    .PTypePrefix {
        color: #8F8F8F;
        }
    .PTypePrefix {
        text-align: right;
        }
    .PAfterParameters {
        vertical-align: bottom;
        }
    .IE .Prototype table {
        padding: 0;
        }
    .CFunction .Prototype {
        background-color: #F4F4F4; border-color: #D0D0D0 }
    .CProperty .Prototype {
        background-color: #F4F4FF; border-color: #C0C0E8 }
    .CVariable .Prototype {
        background-color: #FFFFF0; border-color: #E0E0A0 }
    .CClass .Prototype {
        border-width: 1px 2px 2px 1px; border-style: solid; border-color: #A0A0A0;
        background-color: #F4F4F4;
        }
    .CInterface .Prototype {
        border-width: 1px 2px 2px 1px; border-style: solid; border-color: #A0A0D0;
        background-color: #F4F4FF;
        }
    .CDatabaseIndex .Prototype,
    .CConstant .Prototype {
        background-color: #D0D0D0; border-color: #000000 }
    .CType .Prototype,
    .CEnumeration .Prototype {
        background-color: #FAF0F0; border-color: #E0B0B0;
        }
    .CDatabaseTrigger .Prototype,
    .CEvent .Prototype,
    .CDelegate .Prototype {
        background-color: #F0FCF0; border-color: #B8E4B8 }
    .CToolTip .Prototype {
        margin: 0 0 .5em 0;
        white-space: nowrap;
        }
 .Summary {
    margin: 1.5em 5ex 0 5ex }
    .STitle {
        font-size: 11pt; font-weight: bold;
        margin-bottom: .5em }
    .SBorder {
        background-color: #FFFFF0;
        padding: 15px;
        border: 1px solid #C0C060 }
    /* In a frame IE 6 will make them too long unless you set the width to 100%.  Without frames it will be correct without a width
        or slightly too long (but not enough to scroll) with a width.  This arbitrary weirdness simply astounds me.  IE 7 has the same
        problem with frames, haven't tested it without.  */
    .FramedContentPage .IE .SBorder {
        width: 100% }
    /*  A treat for Mozilla users.  Blatantly non-standard.  Will be replaced with CSS 3 attributes when finalized/supported.  */
    .Firefox .SBorder {
        -moz-border-radius: 20px }
    .STable {
        font-size: 8pt; width: 100% }
    .SEntry {
        width: 30% }
    .SDescription {
        width: 70% }
    .SMarked {
        background-color: #F8F8D8 }
    .SDescription { padding-left: 2ex }
    .SIndent1 .SEntry { padding-left: 1.5ex }   .SIndent1 .SDescription { padding-left: 3.5ex }
    .SIndent2 .SEntry { padding-left: 3.0ex }   .SIndent2 .SDescription { padding-left: 5.0ex }
    .SIndent3 .SEntry { padding-left: 4.5ex }   .SIndent3 .SDescription { padding-left: 6.5ex }
    .SIndent4 .SEntry { padding-left: 6.0ex }   .SIndent4 .SDescription { padding-left: 8.0ex }
    .SIndent5 .SEntry { padding-left: 7.5ex }   .SIndent5 .SDescription { padding-left: 9.5ex }
    .SDescription a { color: #800000}
    .SDescription a:active { color: #A00000 }
    .SGroup td {
        padding-top: .5em; padding-bottom: .25em }
    .SGroup .SEntry {
        font-weight: bold; font-variant: small-caps }
    .SGroup .SEntry a { color: #800000 }
    .SGroup .SEntry a:active { color: #F00000 }
    .SMain td,
    .SClass td,
    .SDatabase td,
    .SDatabaseTable td,
    .SSection td {
        font-size: 10pt;
        padding-bottom: .25em }
    .SClass td,
    .SDatabase td,
    .SDatabaseTable td,
    .SSection td {
        padding-top: 1em }
    .SMain .SEntry,
    .SClass .SEntry,
    .SDatabase .SEntry,
    .SDatabaseTable .SEntry,
    .SSection .SEntry {
        font-weight: bold;
        }
    .SMain .SEntry a,
    .SClass .SEntry a,
    .SDatabase .SEntry a,
    .SDatabaseTable .SEntry a,
    .SSection .SEntry a { color: #000000 }
    .SMain .SEntry a:active,
    .SClass .SEntry a:active,
    .SDatabase .SEntry a:active,
    .SDatabaseTable .SEntry a:active,
    .SSection .SEntry a:active { color: #A00000 }
 .ClassHierarchy {
    margin: 0 15px 1em 15px }
    .CHEntry {
        border-width: 1px 2px 2px 1px; border-style: solid; border-color: #A0A0A0;
        margin-bottom: 3px;
        padding: 2px 2ex;
        font-size: 8pt;
        background-color: #F4F4F4; color: #606060;
        }
    .Firefox .CHEntry {
        -moz-border-radius: 4px;
        }
    .CHCurrent .CHEntry {
        font-weight: bold;
        border-color: #000000;
        color: #000000;
        }
    .CHChildNote .CHEntry {
        font-style: italic;
        font-size: 8pt;
        }
    .CHIndent {
        margin-left: 3ex;
        }
    .CHEntry a:link,
    .CHEntry a:visited,
    .CHEntry a:hover {
        color: #606060;
        }
    .CHEntry a:active {
        color: #800000;
        }
 #Index {
    background-color: #FFFFFF;
    }
 /*  As opposed to .PopupSearchResultsPage #Index  */
 .IndexPage #Index,
 .FramedIndexPage #Index,
 .FramedSearchResultsPage #Index {
    padding: 15px;
    }
 .IndexPage #Index {
    border-width: 0 0 1px 1px;
    border-style: solid;
    border-color: #000000;
    font-size: 8pt;  /* To make 27ex match the menu's 27ex. */
    margin-left: 27ex;
    }
    .IPageTitle {
        font-size: 20pt; font-weight: bold;
        color: #FFFFFF; background-color: #7070C0;
        padding: 10px 15px 10px 15px;
        border-width: 0 0 3px 0; border-color: #000000; border-style: solid;
        margin: -15px -15px 0 -15px }
    .FramedSearchResultsPage .IPageTitle {
        margin-bottom: 15px;
        }
    .INavigationBar {
        text-align: center;
        background-color: #FFFFF0;
        padding: 5px;
        border-bottom: solid 1px black;
        margin: 0 -15px 15px -15px;
        }
    .INavigationBar a {
        font-weight: bold }
    .IHeading {
        font-size: 14pt; font-weight: bold;
        padding: 2.5em 0 .5em 0;
        text-align: center;
        width: 3.5ex;
        }
    #IFirstHeading {
        padding-top: 0;
        }
    .IEntry {
        padding-left: 1ex;
        }
    .PopupSearchResultsPage .IEntry {
        font-size: 8pt;
        padding: 1px 5px;
        }
    .PopupSearchResultsPage .Opera9 .IEntry,
    .FramedSearchResultsPage .Opera9 .IEntry {
        text-align: left;
        }
    .FramedSearchResultsPage .IEntry {
        padding: 0;
        }
    .ISubIndex {
        padding-left: 3ex; padding-bottom: .5em }
    .PopupSearchResultsPage .ISubIndex {
        display: none;
        }
    /*  While it may cause some entries to look like links when they aren't, I found it's much easier to read the
         index if everything's the same color.  */
    .ISymbol {
        font-weight: bold; color: #900000  }
    .IndexPage .ISymbolPrefix,
    .FramedIndexPage .ISymbolPrefix {
        text-align: right;
        color: #C47C7C;
        background-color: #F8F8F8;
        border-right: 3px solid #E0E0E0;
        border-left: 1px solid #E0E0E0;
        padding: 0 1px 0 2px;
        }
    .PopupSearchResultsPage .ISymbolPrefix,
    .FramedSearchResultsPage .ISymbolPrefix {
        color: #900000;
        }
    .PopupSearchResultsPage .ISymbolPrefix {
        font-size: 8pt;
        }
    .IndexPage #IFirstSymbolPrefix,
    .FramedIndexPage #IFirstSymbolPrefix {
        border-top: 1px solid #E0E0E0;
        }
    .IndexPage #ILastSymbolPrefix,
    .FramedIndexPage #ILastSymbolPrefix {
        border-bottom: 1px solid #E0E0E0;
        }
    .IndexPage #IOnlySymbolPrefix,
    .FramedIndexPage #IOnlySymbolPrefix {
        border-top: 1px solid #E0E0E0;
        border-bottom: 1px solid #E0E0E0;
        }
    a.IParent,
    a.IFile {
        display: block;
        }
    .PopupSearchResultsPage .SRStatus {
        padding: 2px 5px;
        font-size: 8pt;
        font-style: italic;
        }
    .FramedSearchResultsPage .SRStatus {
        font-size: 8pt;
        font-style: italic;
        }
    .SRResult {
        display: none;
        }
 #Footer {
    font-size: 8pt;
    color: #989898;
    text-align: right;
    }
 #Footer p {
    text-indent: 0;
    margin-bottom: .5em;
    }
 .ContentPage #Footer,
 .IndexPage #Footer {
    text-align: right;
    margin: 2px;
    }
 .FramedMenuPage #Footer {
    text-align: center;
    margin: 5em 10px 10px 10px;
    padding-top: 1em;
    border-top: 1px solid #C8C8C8;
    }
    #Footer a:link,
    #Footer a:hover,
    #Footer a:visited { color: #989898 }
    #Footer a:active { color: #A00000 }
 .prettyprint .kwd { color: #800000; }  /* keywords */
    .prettyprint.PDefaultValue .kwd,
    .prettyprint.PDefaultValuePrefix .kwd,
    .prettyprint.PTypePrefix .kwd {
        color: #C88F8F;
        }
 .prettyprint .com { color: #008000; }  /* comments */
    .prettyprint.PDefaultValue .com,
    .prettyprint.PDefaultValuePrefix .com,
    .prettyprint.PTypePrefix .com {
        color: #8FC88F;
        }
 .prettyprint .str { color: #0000B0; }  /* strings */
 .prettyprint .lit { color: #0000B0; }  /* literals */
    .prettyprint.PDefaultValue .str,
    .prettyprint.PDefaultValuePrefix .str,
    .prettyprint.PTypePrefix .str,
    .prettyprint.PDefaultValue .lit,
    .prettyprint.PDefaultValuePrefix .lit,
    .prettyprint.PTypePrefix .lit {
        color: #8F8FC0;
        }
 .prettyprint .typ { color: #000000; }  /* types */
 .prettyprint .pun { color: #000000; }  /* punctuation */
 .prettyprint .pln { color: #000000; }  /* punctuation */
    .prettyprint.PDefaultValue .typ,
    .prettyprint.PDefaultValuePrefix .typ,
    .prettyprint.PTypePrefix .typ,
    .prettyprint.PDefaultValue .pun,
    .prettyprint.PDefaultValuePrefix .pun,
    .prettyprint.PTypePrefix .pun,
    .prettyprint.PDefaultValue .pln,
    .prettyprint.PDefaultValuePrefix .pln,
    .prettyprint.PTypePrefix .pln {
        color: #8F8F8F;
        }
 .prettyprint .tag { color: #008; }
 .prettyprint .atn { color: #606; }
 .prettyprint .atv { color: #080; }
 .prettyprint .dec { color: #606; }
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/README.md
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/README.md
@ -0,0 +1,15 @@
 Compatiblity with different browsers
 ===================================
 **OS: `windows`**<br>
 Cases               | IE (Win)   | Opera | Chrome | Mozilla | Safari 
 ------------------  | ------- | ----- | ------ | ------- | ------ 
 XHR wrapping        | ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)     | ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)      |     ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |    ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)     | ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)
 HTML dom-0 wrapping |   ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |    ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |    ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)    |     ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)    | ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)
 HTML dom-2 wrapping |   ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)    |    ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |   ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)     |      ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   | ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png) 
 URL rewriting       |   ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |   ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)    |     ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |    ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)     |![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)
 <pre>Note: Missing tick means, this has not yet been implemented or tested</pre>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/csrfprotector.js
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/csrfprotector.js
@ -0,0 +1,366 @@
 /** 
 * =================================================================
 * Javascript code for OWASP CSRF Protector
 * Task it does: Fetch csrftoken from cookie, and attach it to every
 * 		POST request
 *		Allowed GET url
 *			-- XHR
 *			-- Static Forms
 *			-- URLS (GET only)
 *			-- dynamic forms
 * =================================================================
 */
 var CSRFP_FIELD_TOKEN_NAME = 'csrfp_hidden_data_token';
 var CSRFP_FIELD_URLS = 'csrfp_hidden_data_urls';
 var CSRFP = {
 	CSRFP_TOKEN: 'csrfp_token',
 	/**
 	 * Array of patterns of url, for which csrftoken need to be added
 	 * In case of GET request also, provided from server
 	 *
 	 * @var string array
 	 */
 	checkForUrls: [],
 	/**
 	 * Function to check if a certain url is allowed to perform the request
 	 * With or without csrf token
 	 *
 	 * @param: string, url
 	 *
 	 * @return: boolean, 	true if csrftoken is not needed
 	 * 						false if csrftoken is needed
 	 */
 	_isValidGetRequest: function(url) {
 		for (var i = 0; i < CSRFP.checkForUrls.length; i++) {
 			var match = CSRFP.checkForUrls[i].exec(url);
 			if (match !== null && match.length > 0) {
 				return false;
 			}
 		}
 		return true;
 	},
 	/** 
 	 * function to get Auth key from cookie Andreturn it to requesting function
 	 *
 	 * @param: void
 	 *
 	 * @return: string, csrftoken retrieved from cookie
 	 */
 	_getAuthKey: function() {
 		var re = new RegExp(CSRFP.CSRFP_TOKEN +"=([^;]+)(;|$)");
 		var RegExpArray = re.exec(document.cookie);
 		if (RegExpArray === null) {
 			return false;
 		}
 		return RegExpArray[1];
 	},
 	/** 
 	 * Function to get domain of any url
 	 *
 	 * @param: string, url
 	 *
 	 * @return: string, domain of url
 	 */
 	_getDomain: function(url) {
 		if (url.indexOf("http://") !== 0 
 			&& url.indexOf("https://") !== 0)
 			return document.domain;
 		return /http(s)?:\/\/([^\/]+)/.exec(url)[2];
 	},
 	/**
 	 * Function to create and return a hidden input element
 	 * For stroing the CSRFP_TOKEN
 	 *
 	 * @param void
 	 *
 	 * @return input element
 	 */
 	_getInputElt: function() {
 		var hiddenObj = document.createElement("input");
 		hiddenObj.setAttribute('name', CSRFP.CSRFP_TOKEN);
 		hiddenObj.setAttribute('class', CSRFP.CSRFP_TOKEN);
 		hiddenObj.type = 'hidden';
 		hiddenObj.value = CSRFP._getAuthKey();
 		return hiddenObj;
 	},
 	/**
 	 * Returns absolute path for relative path
 	 * 
 	 * @param base, base url
 	 * @param relative, relative url
 	 *
 	 * @return absolute path (string)
 	 */
 	_getAbsolutePath: function(base, relative) {
 		var stack = base.split("/");
 		var parts = relative.split("/");
 		// remove current file name (or empty string)
 		// (omit if "base" is the current folder without trailing slash)
 		stack.pop(); 
 		for (var i = 0; i < parts.length; i++) {
 			if (parts[i] == ".")
 				continue;
 			if (parts[i] == "..")
 				stack.pop();
 			else
 				stack.push(parts[i]);
 		}
 		return stack.join("/");
 	},
 	/** 
 	 * Remove jcsrfp-token run fun and then put them back 
 	 *
 	 * @param function
 	 * @param reference form obj
 	 *
 	 * @retrun function
 	 */
 	_csrfpWrap: function(fun, obj) {
 		return function(event) {
 			// Remove CSRf token if exists
 			if (typeof obj[CSRFP.CSRFP_TOKEN] !== 'undefined') {
 				var target = obj[CSRFP.CSRFP_TOKEN];
 				target.parentNode.removeChild(target);
 			}
 			// Trigger the functions
 			var result = fun.apply(this, [event]);
 			// Now append the csrfp_token back
 			obj.appendChild(CSRFP._getInputElt());
 			return result;
 		};
 	},
 	/**
 	 * Initialises the CSRFProtector js script
 	 *
 	 * @param void
 	 *
 	 * @return void
 	 */
 	_init: function() {
 		CSRFP.CSRFP_TOKEN = document.getElementById(CSRFP_FIELD_TOKEN_NAME).value;
 		try {
 			CSRFP.checkForUrls = JSON.parse(document.getElementById(CSRFP_FIELD_URLS).value);
 		} catch (err) {
 			console.error(err);
 			console.error('[ERROR] [CSRF Protector] unable to parse blacklisted url fields.');
 		}
 		//convert these rules received from php lib to regex objects
 		for (var i = 0; i < CSRFP.checkForUrls.length; i++) {
 			CSRFP.checkForUrls[i] = CSRFP.checkForUrls[i].replace(/\*/g, '(.*)')
 								.replace(/\//g, "\\/");
 			CSRFP.checkForUrls[i] = new RegExp(CSRFP.checkForUrls[i]);
 		}
 	}
 }; 
 //==========================================================
 // Adding tokens, wrappers on window onload
 //==========================================================
 function csrfprotector_init() {
 	// Call the init funcion
 	CSRFP._init();
 	// definition of basic FORM submit event handler to intercept the form request
 	// and attach a CSRFP TOKEN if it's not already available
 	var BasicSubmitInterceptor = function(event) {
 		if (typeof event.target[CSRFP.CSRFP_TOKEN] === 'undefined') {
 			event.target.appendChild(CSRFP._getInputElt());
 		} else {
 			//modify token to latest value
 			event.target[CSRFP.CSRFP_TOKEN].value = CSRFP._getAuthKey();
 		}
 	}
 	//==================================================================
 	// Adding csrftoken to request resulting from <form> submissions
 	// Add for each POST, while for mentioned GET request
 	// TODO - check for method
 	//==================================================================
 	// run time binding
 	document.querySelector('body').addEventListener('submit', function(event) {
 		if (event.target.tagName.toLowerCase() === 'form') {
 			BasicSubmitInterceptor(event);
 		};
 	});
 	// intial binding
 	// for(var i = 0; i < document.forms.length; i++) {
 	// 	document.forms[i].addEventListener("submit", BasicSubmitInterceptor);
 	// }
 	//==================================================================
 	// Adding csrftoken to request resulting from direct form.submit() call
 	// Add for each POST, while for mentioned GET request
 	// TODO - check for form method
 	//==================================================================
 	HTMLFormElement.prototype.submit_ = HTMLFormElement.prototype.submit;
 	HTMLFormElement.prototype.submit = function() {
 		// check if the FORM already contains the token element
 		if (!this.getElementsByClassName(CSRFP.CSRFP_TOKEN).length)
 			this.appendChild(CSRFP._getInputElt());
 		this.submit_();
 	}
 	/**
 	 * Add wrapper for HTMLFormElements addEventListener so that any further 
 	 * addEventListens won't have trouble with CSRF token
 	 * todo - check for method
 	 */
 	HTMLFormElement.prototype.addEventListener_ = HTMLFormElement.prototype.addEventListener;
 	HTMLFormElement.prototype.addEventListener = function(eventType, fun, bubble) {
 		if (eventType === 'submit') {
 			var wrapped = CSRFP._csrfpWrap(fun, this);
 			this.addEventListener_(eventType, wrapped, bubble);
 		} else {
 			this.addEventListener_(eventType, fun, bubble);
 		}	
 	}
 	/**
 	 * Add wrapper for IE's attachEvent
 	 * todo - check for method
 	 * todo - typeof is now obselete for IE 11, use some other method.
 	 */
 	if (typeof HTMLFormElement.prototype.attachEvent !== 'undefined') {
 		HTMLFormElement.prototype.attachEvent_ = HTMLFormElement.prototype.attachEvent;
 		HTMLFormElement.prototype.attachEvent = function(eventType, fun) {
 			if (eventType === 'onsubmit') {
 				var wrapped = CSRFP._csrfpWrap(fun, this);
 				this.attachEvent_(eventType, wrapped);
 			} else {
 				this.attachEvent_(eventType, fun);
 			}
 		}
 	}
 	//==================================================================
 	// Wrapper for XMLHttpRequest & ActiveXObject (for IE 6 & below)
 	// Set X-No-CSRF to true before sending if request method is 
 	//==================================================================
 	/** 
 	 * Wrapper to XHR open method
 	 * Add a property method to XMLHttpRequst class
 	 * @param: all parameters to XHR open method
 	 * @return: object returned by default, XHR open method
 	 */
 	function new_open(method, url, async, username, password) {
 		this.method = method;
 		var isAbsolute = (url.indexOf("./") === -1) ? true : false;
 		if (!isAbsolute) {
 			var base = location.protocol +'//' +location.host 
 							+ location.pathname;
 			url = CSRFP._getAbsolutePath(base, url);
 		}
 		if (method.toLowerCase() === 'get' 
 			&& !CSRFP._isValidGetRequest(url)) {
 			//modify the url
 			if (url.indexOf('?') === -1) {
 				url += "?" +CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey();
 			} else {
 				url += "&" +CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey();
 			}
 		}
 		return this.old_open(method, url, async, username, password);
 	}
 	/** 
 	 * Wrapper to XHR send method
 	 * Add query paramter to XHR object
 	 *
 	 * @param: all parameters to XHR send method
 	 *
 	 * @return: object returned by default, XHR send method
 	 */
 	function new_send(data) {
 		if (this.method.toLowerCase() === 'post') {
 			if (data !== null && typeof data === 'object') {
 				data.append(CSRFP.CSRFP_TOKEN, CSRFP._getAuthKey());
 			} else {
 				if (typeof data != "undefined") {
 					data += "&";
 				} else {
 					data = "";
 				}
 				data += CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey();
 			}
 		}
 		return this.old_send(data);
 	}
 	if (window.XMLHttpRequest) {
 		// Wrapping
 		XMLHttpRequest.prototype.old_send = XMLHttpRequest.prototype.send;
 		XMLHttpRequest.prototype.old_open = XMLHttpRequest.prototype.open;
 		XMLHttpRequest.prototype.open = new_open;
 		XMLHttpRequest.prototype.send = new_send;
 	}
 	if (typeof ActiveXObject !== 'undefined') {
 		ActiveXObject.prototype.old_send = ActiveXObject.prototype.send;
 		ActiveXObject.prototype.old_open = ActiveXObject.prototype.open;
 		ActiveXObject.prototype.open = new_open;
 		ActiveXObject.prototype.send = new_send;	
 	}
 	//==================================================================
 	// Rewrite existing urls ( Attach CSRF token )
 	// Rules:
 	// Rewrite those urls which matches the regex sent by Server
 	// Ignore cross origin urls & internal links (one with hashtags)
 	// Append the token to those url already containig GET query parameter(s)
 	// Add the token to those which does not contain GET query parameter(s)
 	//==================================================================
 	for (var i = 0; i < document.links.length; i++) {
 		document.links[i].addEventListener("mousedown", function(event) {
 			var href = event.target.href;
 			if(typeof href === "string")
 			{
 				var urlDisect = href.split('#');
 				var url = urlDisect[0];
 				var hash = urlDisect[1];
 				if(CSRFP._getDomain(url).indexOf(document.domain) === -1
 					|| CSRFP._isValidGetRequest(url)) {
 					//cross origin or not to be protected by rules -- ignore
 					return;
 				}
 				if (url.indexOf('?') !== -1) {
 					if(url.indexOf(CSRFP.CSRFP_TOKEN) === -1) {
 						url += "&" +CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey();
 					} else {
 						url = url.replace(new RegExp(CSRFP.CSRFP_TOKEN +"=.*?(&|$)", 'g'),
 							CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey() + "$1");
 					}
 				} else {
 					url += "?" +CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey();
 				}
 				event.target.href = url;
 				if (typeof hash !== 'undefined') {
 					event.target.href += '#' +hash;
 				}
 			}
 		});
 	}
 }
 window.addEventListener("DOMContentLoaded", function() {
 	csrfprotector_init();
 }, false);
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/index.php
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/index.php
@ -0,0 +1,7 @@
 <?php
 /**
 * OWASP CSRF Protector Project
 * Code to redirect the user to previosus directory
 * In case a user try to access this directory directly
 */
 header('location: ../index.php');
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/README.md
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/README.md
@ -0,0 +1,21 @@
 CSRFProtector configuration
 ==========================================
 - `CSRFP_TOKEN`: name of the csrf nonce, used for cookie or posting as argument. default: `csrfp_token` (if left blank)
 - `logDirectory`: location of the directory at which log files will be saved **relative** to `config.php` file. This is required for file based logging (default), Not needed, in case you override logging function to implement your logging logic. (View [Overriding logging function](https://github.com/mebjas/CSRF-Protector-PHP/wiki/Overriding-logging-function))
 <br>**Default value:** `../log/`
 - `failedAuthAction`: Action code (integer) for action to be taken in case of failed validation. Has two different values for bot `GET` and `POST`. Different action codes are specified as follows, (<br>**Default:** `0` for both `GET` & `POST`):
 *  `0` Send **403, Forbidden** Header
 *  `1` **Strip the POST/GET query** and forward the request! unset($_POST)
 *  `2` **Redirect to custom error page** mentioned in `errorRedirectionPage` 
 *  `3` **Show custom error message** to user, mentioned in `customErrorMessage` 
 *  `4` Send **500, Internal Server Error** header
 - `errorRedirectionPage`: **Absolute url** of the file to which user should be redirected. <br>**Default: null**
 - `customErrorMessage`: **Error Message** to be shown to user. Only this text will be shown!<br>**Default: null**
 - `jsPath`: location of the js file **relative** to `config.php`. <br>**Default:** `../js/csrfprotector.js`
 - `jsUrl`: **Absolute url** of the js file. (See [Setting up](https://github.com/mebjas/CSRF-Protector-PHP/wiki/Setting-up-CSRF-Protector-PHP-in-your-web-application) for more information)
 - `tokenLength`: length of csrfp token, Default `10`
 - `secureCookie`: sets the "secure" HTTPS flag on the cookie. <br>**Default: `false`**
 - `disabledJavascriptMessage`: messaged to be shown if js is disabled (string)
 - `verifyGetFor`: regex rules for those urls for which csrfp validation should be enabled for `GET` requests also. (View [verifyGetFor rules](https://github.com/mebjas/CSRF-Protector-PHP/wiki/verifyGetFor-rules) for more information)
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php
@ -0,0 +1,47 @@
 <?php
 /**
 * Configuration file for CSRF Protector
 * Necessary configurations are (library would throw exception otherwise)
 * ---- logDirectory
 * ---- failedAuthAction
 * ---- jsPath
 * ---- jsUrl
 * ---- tokenLength
 */
 function get_trusted_hostname() {
  $js_path = "/inc/lib/vendor/owasp/csrf-protector-php/js/csrfprotector.js";
  if ((isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == "https") || isset($_SERVER['HTTPS'])) {
    $is_scheme = "https://";
  }
  else {
    $is_scheme = "http://";
  }
  if (isset(explode(':', $_SERVER['HTTP_HOST'])[1])) {
    $is_port = intval(explode(':', $_SERVER['HTTP_HOST'])[1]);
    if (filter_var($is_port, FILTER_VALIDATE_INT, array("options" => array("min_range" =>1, "max_range" => 65535))) === false) {
      return false;
    }
  }
  if (!isset($is_port) || $is_port == 0) {
    $is_port = ($is_scheme == "https://") ? 443 : 80;
  }
  return $is_scheme . $GLOBALS['mailcow_hostname'] . ':' . $is_port . $js_path;
 }
 return array(
 	"CSRFP_TOKEN" => "MAILCOW_CSRF",
 	"logDirectory" => "../log",
 	"failedAuthAction" => array(
 		"GET" => 1,
 		"POST" => 1),
 	"errorRedirectionPage" => "",
 	"customErrorMessage" => "",
 	"jsPath" => "../js/csrfprotector.js",
  // Fetching IS_HTTPS from sessions handler
 	"jsUrl" => get_trusted_hostname(),
 	"tokenLength" => 10,
 	"secureCookie" => false,
 	"disabledJavascriptMessage" => "",
 	 "verifyGetFor" => array()
 );
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/README.md
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/README.md
@ -0,0 +1,6 @@
 Placeholder for **CSRF Protector - php library**
 =====================================================
 **Dependency:** `None`<br>
 **Configuration-File:** `../config.php`<br>
 **Configuration-Format:** `PHP ARRAY`<br>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/csrfprotector.php
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/csrfprotector.php
@ -0,0 +1,536 @@
 <?php
 if (!defined('__CSRF_PROTECTOR__')) {
 	define('__CSRF_PROTECTOR__', true); 	// to avoid multiple declaration errors
 	// name of HTTP POST variable for authentication
 	define("CSRFP_TOKEN","csrfp_token");
 	// We insert token name and list of url patterns for which
 	// GET requests are validated against CSRF as hidden input fields
 	// these are the names of the input fields
 	define("CSRFP_FIELD_TOKEN_NAME", "csrfp_hidden_data_token");
 	define("CSRFP_FIELD_URLS", "csrfp_hidden_data_urls");
 	/**
 	 * child exception classes
 	 */
 	class configFileNotFoundException extends \exception {};
 	class logDirectoryNotFoundException extends \exception {};
 	class jsFileNotFoundException extends \exception {};
 	class logFileWriteError extends \exception {};
 	class baseJSFileNotFoundExceptio extends \exception {};
 	class incompleteConfigurationException extends \exception {};
 	class alreadyInitializedException extends \exception {};
 	class csrfProtector
 	{
 		/*
 		 * Variable: $cookieExpiryTime
 		 * expiry time for cookie
 		 * @var int
 		 */
 		public static $cookieExpiryTime = 1800;	//30 minutes
 		/*
 		 * Variable: $isSameOrigin
 		 * flag for cross origin/same origin request
 		 * @var bool
 		 */
 		private static $isSameOrigin = true;
 		/*
 		 * Variable: $isValidHTML
 		 * flag to check if output file is a valid HTML or not
 		 * @var bool
 		 */
 		private static $isValidHTML = false;
 		/*
 		 * Variable: $requestType
 		 * Varaible to store weather request type is post or get
 		 * @var string
 		 */
 		protected static $requestType = "GET";
 		/*
 		 * Variable: $config
 		 * config file for CSRFProtector
 		 * @var int Array, length = 6
 		 * Property: #1: failedAuthAction (int) => action to be taken in case autherisation fails
 		 * Property: #2: logDirectory (string) => directory in which log will be saved
 		 * Property: #3: customErrorMessage (string) => custom error message to be sent in case
 		 *						of failed authentication
 		 * Property: #4: jsFile (string) => location of the CSRFProtector js file
 		 * Property: #5: tokenLength (int) => default length of hash
 		 * Property: #6: disabledJavascriptMessage (string) => error message if client's js is disabled
 		 */
 		public static $config = array();
 		/*
 		 * Variable: $requiredConfigurations
 		 * Contains list of those parameters that are required to be there
 		 * 	in config file for csrfp to work
 		 */
 		public static $requiredConfigurations  = array('logDirectory', 'failedAuthAction', 'jsPath', 'jsUrl', 'tokenLength');
 		/*
 		 *	Function: init
 	 	 *
 		 *	function to initialise the csrfProtector work flow
 		 *
 		 *	Parameters:
 		 *	$length - length of CSRF_AUTH_TOKEN to be generated
 		 *	$action - int array, for different actions to be taken in case of failed validation
 		 *
 		 *	Returns:
 		 *		void
 		 *
 		 *	Throws:
 		 *		configFileNotFoundException - when configuration file is not found
 		 * 		incompleteConfigurationException - when all required fields in config
 		 *											file are not available
 		 *
 		 */
 		public static function init($length = null, $action = null)
 		{
 			/*
 			 * Check if init has already been called.
 			 */
 			 if (count(self::$config) > 0) {
 				 throw new alreadyInitializedException("OWASP CSRFProtector: library was already initialized.");
 			 }
 			/*
 			 * if mod_csrfp already enabled, no verification, no filtering
 			 * Already done by mod_csrfp
 			 */
 			if (getenv('mod_csrfp_enabled'))
 				return;
 			//start session in case its not
 			if (session_id() == '')
 			    session_start();
 			/*
 			 * load configuration file and properties
 			 * Check locally for a config.php then check for 
 			 * a config/csrf_config.php file in the root folder
 			 * for composer installations
 			 */
 			$standard_config_location = __DIR__ ."/../config.php";
 			$composer_config_location = __DIR__ ."/../../../../../config/csrf_config.php";
 			if (file_exists($standard_config_location)) {
 				self::$config = include($standard_config_location);
 			} elseif(file_exists($composer_config_location)) {
 				self::$config = include($composer_config_location);
 			} else {
 				throw new configFileNotFoundException("OWASP CSRFProtector: configuration file not found for CSRFProtector!");
 			}
 			//overriding length property if passed in parameters
 			if ($length != null)
 				self::$config['tokenLength'] = intval($length);
 			//action that is needed to be taken in case of failed authorisation
 			if ($action != null)
 				self::$config['failedAuthAction'] = $action;
 			if (self::$config['CSRFP_TOKEN'] == '')
 				self::$config['CSRFP_TOKEN'] = CSRFP_TOKEN;
 			// Validate the config if everythings filled out
 			// TODO: collect all missing values and throw exception together
 			foreach (self::$requiredConfigurations as $value) {
 				if (!isset(self::$config[$value]) || self::$config[$value] == '') {
 					throw new incompleteConfigurationException(
 						sprintf(
 							"OWASP CSRFProtector: Incomplete configuration file, Value: %s missing ",
 							$value
 						)
 					);
 					exit;
 				}
 			}
 			// Authorise the incoming request
 			self::authorizePost();
 			// Initialize output buffering handler
 			if (!defined('__TESTING_CSRFP__'))
 				ob_start('csrfProtector::ob_handler');
 			if (!isset($_COOKIE[self::$config['CSRFP_TOKEN']])
 				|| !isset($_SESSION[self::$config['CSRFP_TOKEN']])
 				|| !is_array($_SESSION[self::$config['CSRFP_TOKEN']])
 				|| !in_array($_COOKIE[self::$config['CSRFP_TOKEN']],
 					$_SESSION[self::$config['CSRFP_TOKEN']]))
 				self::refreshToken();
 			// Set protected by CSRF Protector header
 			header('X-CSRF-Protection: OWASP CSRFP 1.0.0');
 		}
 		/*
 		 * Function: authorizePost
 		 * function to authorise incoming post requests
 		 *
 		 * Parameters: 
 		 * void
 		 *
 		 * Returns: 
 		 * void
 		 *
 		 * Throws: 
 		 * logDirectoryNotFoundException - if log directory is not found
 		 */
 		public static function authorizePost()
 		{
 			//#todo this method is valid for same origin request only, 
 			//enable it for cross origin also sometime
 			//for cross origin the functionality is different
 			if ($_SERVER['REQUEST_METHOD'] === 'POST') {
 				//set request type to POST
 				self::$requestType = "POST";
 				//currently for same origin only
 				if (!(isset($_POST[self::$config['CSRFP_TOKEN']]) 
 					&& isset($_SESSION[self::$config['CSRFP_TOKEN']])
 					&& (self::isValidToken($_POST[self::$config['CSRFP_TOKEN']]))
 					)) {
 					//action in case of failed validation
 					self::failedValidationAction();			
 				} else {
 					self::refreshToken();	//refresh token for successfull validation
 				}
 			} else if (!static::isURLallowed()) {
 				//currently for same origin only
 				if (!(isset($_GET[self::$config['CSRFP_TOKEN']]) 
 					&& isset($_SESSION[self::$config['CSRFP_TOKEN']])
 					&& (self::isValidToken($_GET[self::$config['CSRFP_TOKEN']]))
 					)) {
 					//action in case of failed validation
 					self::failedValidationAction();			
 				} else {
 					self::refreshToken();	//refresh token for successfull validation
 				}
 			}	
 		}
 		/*
 		 * Function: isValidToken
 		 * function to check the validity of token in session array
 		 * Function also clears all tokens older than latest one
 		 *
 		 * Parameters: 
 		 * $token - the token sent with GET or POST payload
 		 *
 		 * Returns: 
 		 * bool - true if its valid else false
 		 */
 		private static function isValidToken($token) {
 			if (!isset($_SESSION[self::$config['CSRFP_TOKEN']])) return false;
 			if (!is_array($_SESSION[self::$config['CSRFP_TOKEN']])) return false;
 			foreach ($_SESSION[self::$config['CSRFP_TOKEN']] as $key => $value) {
 				if ($value == $token) {
 					// Clear all older tokens assuming they have been consumed
 					foreach ($_SESSION[self::$config['CSRFP_TOKEN']] as $_key => $_value) {
 						if ($_value == $token) break;
 						array_shift($_SESSION[self::$config['CSRFP_TOKEN']]);
 					}
 					return true;
 				}
 			}
 			return false;
 		}
 		/*
 		 * Function: failedValidationAction
 		 * function to be called in case of failed validation
 		 * performs logging and take appropriate action
 		 *
 		 * Parameters: 
 		 * void
 		 *
 		 * Returns: 
 		 * void
 		 */
 		private static function failedValidationAction()
 		{
 			if (!file_exists(__DIR__ ."/../" .self::$config['logDirectory']))
 				throw new logDirectoryNotFoundException("OWASP CSRFProtector: Log Directory Not Found!");
 			//call the logging function
 			static::logCSRFattack();
 			//#todo: ask mentors if $failedAuthAction is better as an int or string
 			//default case is case 0
 			switch (self::$config['failedAuthAction'][self::$requestType]) {
 				case 0:
 					//send 403 header
 					header('HTTP/1.0 403 Forbidden');
 					exit("<h2>403 Access Forbidden by CSRFProtector!</h2>");
 					break;
 				case 1:
 					//unset the query parameters and forward
 					if (self::$requestType === 'GET') {
 						$_GET = array();
 					} else {
 						$_POST = array();
 					}
 					break;
 				case 2:
 					//redirect to custom error page
 					$location  = self::$config['errorRedirectionPage'];
 					header("location: $location");
 				case 3:
 					//send custom error message
 					exit(self::$config['customErrorMessage']);
 					break;
 				case 4:
 					//send 500 header -- internal server error
 					header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error', true, 500);
 					exit("<h2>500 Internal Server Error!</h2>");
 					break;
 				default:
 					//unset the query parameters and forward
 					if (self::$requestType === 'GET') {
 						$_GET = array();
 					} else {
 						$_POST = array();
 					}
 					break;
 			}		
 		}
 		/*
 		 * Function: refreshToken
 		 * Function to set auth cookie
 		 *
 		 * Parameters: 
 		 * void
 		 *
 		 * Returns: 
 		 * void
 		 */
 		public static function refreshToken()
 		{
 			$token = self::generateAuthToken();
 			if (!isset($_SESSION[self::$config['CSRFP_TOKEN']])
 				|| !is_array($_SESSION[self::$config['CSRFP_TOKEN']]))
 				$_SESSION[self::$config['CSRFP_TOKEN']] = array();
 			//set token to session for server side validation
 			array_push($_SESSION[self::$config['CSRFP_TOKEN']], $token);
 			//set token to cookie for client side processing
 			setcookie(self::$config['CSRFP_TOKEN'], 
 				$token, 
 				time() + self::$cookieExpiryTime,
 				'',
 				'',
 				(array_key_exists('secureCookie', self::$config) ? (bool)self::$config['secureCookie'] : false));
 		}
 		/*
 		 * Function: generateAuthToken
 		 * function to generate random hash of length as given in parameter
 		 * max length = 128
 		 *
 		 * Parameters: 
 		 * length to hash required, int
 		 *
 		 * Returns:
 		 * string, token
 		 */
 		public static function generateAuthToken()
 		{
 			// todo - make this a member method / configurable
 			$randLength = 64;
 			//if config tokenLength value is 0 or some non int
 			if (intval(self::$config['tokenLength']) == 0) {
 				self::$config['tokenLength'] = 32;	//set as default
 			}
 			//#todo - if $length > 128 throw exception 
 			if (function_exists("random_bytes")) {
 				$token = bin2hex(random_bytes($randLength));
 			} elseif (function_exists("openssl_random_pseudo_bytes")) {
 				$token = bin2hex(openssl_random_pseudo_bytes($randLength));
 			} else {
 				$token = '';
 				for ($i = 0; $i < 128; ++$i) {
 					$r = mt_rand (0, 35);
 					if ($r < 26) {
 						$c = chr(ord('a') + $r);
 					} else { 
 						$c = chr(ord('0') + $r - 26);
 					}
 					$token .= $c;
 				}
 			}
 			return substr($token, 0, self::$config['tokenLength']);
 		}
 		/*
 		 * Function: ob_handler
 		 * Rewrites <form> on the fly to add CSRF tokens to them. This can also
 		 * inject our JavaScript library.
 		 *
 		 * Parameters: 
 		 * $buffer - output buffer to which all output are stored
 		 * $flag - INT
 		 *
 		 * Return:
 		 * string, complete output buffer
 		 */
 		public static function ob_handler($buffer, $flags)
 		{
 			// Even though the user told us to rewrite, we should do a quick heuristic
 		    // to check if the page is *actually* HTML. We don't begin rewriting until
 		    // we hit the first <html tag.
 		    if (!self::$isValidHTML) {
 		        // not HTML until proven otherwise
 		        if (stripos($buffer, '<html') !== false) {
 		            self::$isValidHTML = true; 
 		        } else {
 		            return $buffer;
 		        }
 		    }
 		    // TODO: statically rewrite all forms as well so that if a form is submitted
 		    // before the js has worked on, it will still have token to send
 		    // @priority: medium @labels: important @assign: mebjas
 		    // @deadline: 1 week
 		    //add a <noscript> message to outgoing HTML output,
 		    //informing the user to enable js for CSRFProtector to work
 		    //best section to add, after <body> tag
 		    $buffer = preg_replace("/<body[^>]*>/", "$0 <noscript>" .self::$config['disabledJavascriptMessage'] .
 		    	"</noscript>", $buffer);
 		    $hiddenInput = '<input type="hidden" id="' . CSRFP_FIELD_TOKEN_NAME.'" value="' 
 		    				.self::$config['CSRFP_TOKEN'] .'">' .PHP_EOL;
 		    $hiddenInput .= '<input type="hidden" id="' .CSRFP_FIELD_URLS .'" value=\''
 		    				.json_encode(self::$config['verifyGetFor']) .'\'>';
 		    //implant hidden fields with check url information for reading in javascript
 	        $buffer = str_ireplace('</body>', $hiddenInput . '</body>', $buffer);
 		    //implant the CSRFGuard js file to outgoing script
 		    $script = '<script type="text/javascript" src="' . self::$config['jsUrl'] . '"></script>' . PHP_EOL;
 		    $buffer = str_ireplace('</body>', $script . '</body>', $buffer, $count);
 		    if (!$count)
 		        $buffer .= $script;
 		    return $buffer;
 		}
 		/*
 		 * Function: logCSRFattack
 		 * Function to log CSRF Attack
 		 * 
 		 * Parameters: 
 		 * void
 		 *
 		 * Retruns: 
 		 * void
 		 *
 		 * Throws: 
 		 * logFileWriteError - if unable to log an attack
 		 */
 		protected static function logCSRFattack()
 		{
 			//if file doesnot exist for, create it
 			$logFile = fopen(__DIR__ ."/../" .self::$config['logDirectory']
 			."/" .date("m-20y") .".log", "a+");
 			//throw exception if above fopen fails
 			if (!$logFile)
 				throw new logFileWriteError("OWASP CSRFProtector: Unable to write to the log file");	
 			//miniature version of the log
 			$log = array();
 			$log['timestamp'] = time();
 			$log['HOST'] = $_SERVER['HTTP_HOST'];
 			$log['REQUEST_URI'] = $_SERVER['REQUEST_URI'];
 			$log['requestType'] = self::$requestType;
 			if (self::$requestType === "GET")
 				$log['query'] = $_GET;
 			else
 				$log['query'] = $_POST;
 			$log['cookie'] = $_COOKIE;
 			//convert log array to JSON format to be logged
 			$log = json_encode($log) .PHP_EOL;
 			//append log to the file
 			fwrite($logFile, $log);
 			//close the file handler
 			fclose($logFile);
 		}
 		/*
 		 * Function: getCurrentUrl
 		 * Function to return current url of executing page
 		 * 
 		 * Parameters: 
 		 * void
 		 *
 		 * Returns: 
 		 * string - current url
 		 */
 		private static function getCurrentUrl()
 		{
 			$request_scheme = 'https';
 			if (isset($_SERVER['REQUEST_SCHEME'])) {
 				$request_scheme = $_SERVER['REQUEST_SCHEME'];
 			} else {
 				if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') {
 					$request_scheme = 'https';
 				} else {
 					$request_scheme = 'http';
 				}
 			}
 			return $request_scheme . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
 		}
 		/*
 		 * Function: isURLallowed
 		 * Function to check if a url mataches for any urls
 		 * Listed in config file
 		 *
 		 * Parameters: 
 		 * void
 		 *
 		 * Returns: 
 		 * boolean - true is url need no validation, false if validation needed
 		 */  
 		public static function isURLallowed() {
 			foreach (self::$config['verifyGetFor'] as $key => $value) {
 				$value = str_replace(array('/','*'), array('\/','(.*)'), $value);
 				preg_match('/' .$value .'/', self::getCurrentUrl(), $output);
 				if (count($output) > 0)
 					return false;
 			}
 			return true;
 		}
 	};
 }
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/index.php
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/index.php
@ -0,0 +1,7 @@
 <?php
 /**
 * OWASP CSRF Protector Project
 * Code to redirect the user to previosus directory
 * In case a user try to access this directory directly
 */
 header('location: ../index.php');
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/index.php
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/index.php
@ -0,0 +1,7 @@
 <?php
 /**
 * OWASP CSRF Protector Project
 * Code to redirect the user to previosus directory
 * In case a user try to access this directory directly
 */
 header('location: ../index.php');
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/licence.md
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/licence.md
@ -0,0 +1,13 @@
 Copyright 2014 OWASP Foundation
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/log/.htaccess
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/log/.htaccess
@ -0,0 +1 @@
 deny from all
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/log/index.php
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/log/index.php
@ -0,0 +1,7 @@
 <?php
 /**
 * OWASP CSRF Protector Project
 * Code to redirect the user to previosus directory
 * In case a user try to access this directory directly
 */
 header('location: ../index.php');
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/phpunit.xml.dist
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/phpunit.xml.dist
@ -0,0 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phpunit verbose="true">
    <php>
        <ini name="memory_limit" value="1024M" />
        <ini name="error_reporting" value="E_ALL"/>
    </php>
    <testsuite name="OWASP CSRF Protector php">
        <directory>./test/csrfprotector_test.php</directory>
    </testsuite>
    <filter>
        <whitelist processUncoveredFilesFromWhitelist="true">
        <file>libs/csrf/csrfprotector.php</file>
        </whitelist>
    </filter>
 </phpunit>
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/readme.md
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/readme.md
@ -0,0 +1,65 @@
 CSRF Protector
 ==========================
 [![Todo Status](http://todofy.org/b/mebjas/CSRF-Protector-PHP)](http://todofy.org/r/mebjas/CSRF-Protector-PHP) [![Build Status](https://travis-ci.org/mebjas/CSRF-Protector-PHP.svg?branch=master)](https://travis-ci.org/mebjas/CSRF-Protector-PHP)  [![codecov](https://codecov.io/gh/mebjas/CSRF-Protector-PHP/branch/master/graph/badge.svg)](https://codecov.io/gh/mebjas/CSRF-Protector-PHP)
 <br>CSRF protector php, a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app. 
 Add to your project using packagist
 ==========
 Add a `composer.json` file to your project directory
 ```json
 {
    "require": {
        "owasp/csrf-protector-php": "dev-master"
    }
 }
 ```
 Then open terminal (or command prompt), move to project directory and run
 ```shell
 composer install
 ```
 OR
 ```
 php composer.phar install
 ```
 This will add CSRFP (library will be downloaded at ./vendor/owasp/csrf-protector-php) to your project directory. View [packagist.org](https://packagist.org/) for more help with composer!
 Configuration
 ==========
 For composer installations: Copy the config.sample.php file into your root folder at config/csrf_config.php
 For non-composer installations: Copy the libs/csrf/config.sample.php file into libs/csrc/config.php
 Edit config accordingly. See Detailed Information link below.
 How to use
 ==========
 ```php
 <?php
 include_once __DIR__ .'/vendor/owasp/csrf-protector-php/libs/csrf/csrfprotector.php';
 //Initialise CSRFGuard library
 csrfProtector::init();
 ```
 simply include the library and call the `init()` function!
 ### Detailed information @[Project wiki on github](https://github.com/mebjas/CSRF-Protector-PHP/wiki)
 ### More information @[OWASP wiki](https://www.owasp.org/index.php/CSRFProtector_Project)
 ### Contribute
 * Fork the repo
 * Create your branch
 * Commit your changes
 * Create a pull request
 ### Note
 This version (`master`) requires the clients to have Javascript enabled. However if your application can work without javascript & you require a nojs version of this library, check our [nojs version](https://github.com/mebjas/CSRF-Protector-PHP/tree/nojs-support)
 ## Discussion
 Join Discussions on the [mailing list](https://lists.owasp.org/mailman/listinfo/owasp-csrfprotector)
 For any other queries contact me at: **minhaz@owasp.org**
 ### FAQ:
 1. What happens if token expires? - https://github.com/mebjas/CSRF-Protector-PHP/wiki/what-if-token-expires
 2. Secure flag in cookie? - https://github.com/mebjas/CSRF-Protector-PHP/issues/54
 3. NoJS support? - https://github.com/mebjas/CSRF-Protector-PHP/tree/nojs-support
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/test/config.test.php
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/test/config.test.php
@ -0,0 +1,27 @@
 <?php
 /**
 * Configuration file for CSRF Protector
 * Necessary configurations are (library would throw exception otherwise)
 * ---- logDirectory
 * ---- failedAuthAction
 * ---- jsPath
 * ---- jsUrl
 * ---- tokenLength
 */
 return array(
 	"CSRFP_TOKEN" => "csrfp_token",
 	"logDirectory" => "../log",
 	"failedAuthAction" => array(
 		"GET" => 0,
 		"POST" => 0),
 	"errorRedirectionPage" => "",
 	"customErrorMessage" => "",
 	"jsPath" => "../js/csrfprotector.js",
 	"jsUrl" => "http://localhost/csrfp/js/csrfprotector.js",
 	"tokenLength" => 10,
 	"secureCookie" => false,
 	"disabledJavascriptMessage" => "This site attempts to protect users against <a href=\"https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29\">
 	Cross-Site Request Forgeries </a> attacks. In order to do so, you must have JavaScript enabled in your web browser otherwise this site will fail to work correctly for you.
 	 See details of your web browser for how to enable JavaScript.",
 	 "verifyGetFor" => array()
 );
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/test/csrfprotector_test.php
+++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/test/csrfprotector_test.php
@ -0,0 +1,534 @@
 <?php
 date_default_timezone_set('UTC');
 require_once __DIR__ .'/../libs/csrf/csrfprotector.php';
 if (intval(phpversion('tidy')) >= 7 && !class_exists('\PHPUnit_Framework_TestCase', true)) {
    class_alias('\PHPUnit\Framework\TestCase', '\PHPUnit_Framework_TestCase');
 }
 /**
 * Wrapper class for testing purpose
 */
 class csrfp_wrapper extends csrfprotector
 {
    /**
     * Function to provide wrapper methode to set the protected var, requestType
     */
    public static function changeRequestType($type)
    {
        self::$requestType = $type;
    }
    /**
     * Function to check for a string value anywhere within HTTP response headers
     * Returns true on first match of $needle in header names or values
     */
    public static function checkHeader($needle)
    {
        $haystack = xdebug_get_headers();
        foreach ($haystack as $key => $value) {
            if (strpos($value, $needle) !== false)
                return true;
        }
        return false;
    }
    /**
     * Function to return the string value of the last response header
     * identified by name $needle
     */
    public static function getHeaderValue($needle)
    {
        $haystack = xdebug_get_headers();
        foreach ($haystack as $key => $value) {
            if (strpos($value, $needle) === 0) {
                // Deliberately overwrite to accept the last rather than first match
                // as xdebug_get_headers() will accumulate all set headers
                list(,$hvalue) = explode(':', $value, 2);
            }
        }
        return $hvalue;
    } 
 }
 /**
 * helper methods
 */
 class Helper {
    /**
     * Function to recusively delete a dir
     */
    public static function delTree($dir) { 
        $files = array_diff(scandir($dir), array('.','..')); 
        foreach ($files as $file) { 
            (is_dir("$dir/$file")) ? delTree("$dir/$file") : unlink("$dir/$file"); 
        } 
        return rmdir($dir); 
    }
 }
 /**
 * main test class
 */
 class csrfp_test extends PHPUnit_Framework_TestCase
 {
    /**
     * @var to hold current configurations
     */
    protected $config = array();
    /**
     * @var log directory for testing
     */
    private $logDir;
    /**
     * Function to be run before every test*() functions.
     */
    public function setUp()
    {
        $this->logDir = __DIR__ .'/logs';
        csrfprotector::$config['jsPath'] = '../js/csrfprotector.js';
        csrfprotector::$config['CSRFP_TOKEN'] = 'csrfp_token';
        csrfprotector::$config['secureCookie'] = false;
        csrfprotector::$config['logDirectory'] = '../test/logs';
        $_SERVER['REQUEST_URI'] = 'temp';       // For logging
        $_SERVER['REQUEST_SCHEME'] = 'http';    // For authorizePost
        $_SERVER['HTTP_HOST'] = 'test';         // For isUrlAllowed
        $_SERVER['PHP_SELF'] = '/index.php';     // For authorizePost
        $_POST[csrfprotector::$config['CSRFP_TOKEN']]
          = $_GET[csrfprotector::$config['CSRFP_TOKEN']] = '123';
        //token mismatch - leading to failed validation
        $_SESSION[csrfprotector::$config['CSRFP_TOKEN']] = array('abc');
        $_SERVER['SERVER_PROTOCOL'] = 'HTTP/1.1';
        $_SERVER['HTTPS'] = null;
        $this->config = include(__DIR__ .'/config.test.php');
        // Create an instance of config file -- for testing
        $data = file_get_contents(__DIR__ .'/config.test.php');
        file_put_contents(__DIR__ .'/../libs/config.php', $data);
        if (!defined('__TESTING_CSRFP__')) define('__TESTING_CSRFP__', true);
    }
    /**
     * tearDown()
     */
    public function tearDown()
    {
        unlink(__DIR__ .'/../libs/config.php');
        if (is_dir(__DIR__ .'/logs'))
            Helper::delTree(__DIR__ .'/logs');
    }
    /**
     * Function to check refreshToken() functionality
     */
    public function testRefreshToken()
    {
        $val = $_COOKIE[csrfprotector::$config['CSRFP_TOKEN']] = '123abcd';
        $_SESSION[csrfprotector::$config['CSRFP_TOKEN']] = array('123abcd');
        csrfProtector::$config['tokenLength'] = 20;
        csrfProtector::refreshToken();
        $this->assertTrue(strcmp($val, $_SESSION[csrfprotector::$config['CSRFP_TOKEN']][1]) != 0);
        $this->assertTrue(csrfP_wrapper::checkHeader('Set-Cookie'));
        $this->assertTrue(csrfP_wrapper::checkHeader('csrfp_token'));
        $this->assertTrue(csrfp_wrapper::checkHeader($_SESSION[csrfprotector::$config['CSRFP_TOKEN']][1]));
    }
    /**
     * test secure flag is set in the token cookie when requested
     */
    public function testSecureCookie()
    {
        $_SERVER['REQUEST_METHOD'] = 'POST';
        $_SESSION[csrfprotector::$config['CSRFP_TOKEN']] = array('123abcd');
        csrfprotector::$config['secureCookie'] = false;
        csrfprotector::refreshToken();
        $this->assertNotRegExp('/; secure/', csrfp_wrapper::getHeaderValue('Set-Cookie'));
        csrfprotector::$config['secureCookie'] = true;
        csrfprotector::refreshToken();
        $this->assertRegExp('/; secure/', csrfp_wrapper::getHeaderValue('Set-Cookie'));
    }
    /**
     * test authorise post -> log directory exception
     */
    public function testAuthorisePost_logdirException()
    {
        $_SERVER['REQUEST_METHOD'] = 'POST';
        csrfprotector::$config['logDirectory'] = 'unknown_location';
        try {
            csrfprotector::authorizePost();
        } catch (logDirectoryNotFoundException $ex) {
            $this->assertTrue(true);
            return;;
        }
        $this->fail('logDirectoryNotFoundException has not been raised.');
    }
    /**
     * test authorise post -> action = 403, forbidden
     */
    public function testAuthorisePost_failedAction_1()
    {
        $_SERVER['REQUEST_METHOD'] = 'POST';
        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
        csrfprotector::$config['logDirectory'] = '../log';
        csrfprotector::$config['failedAuthAction']['POST'] = 0;
        csrfprotector::$config['failedAuthAction']['GET'] = 0;
        //csrfprotector::authorizePost();
        $this->markTestSkipped('Cannot add tests as code exit here');
        $_SERVER['REQUEST_METHOD'] = 'GET';
        csrfp_wrapper::changeRequestType('GET');
        //csrfprotector::authorizePost();
        $this->markTestSkipped('Cannot add tests as code exit here');
    }
    /**
     * test authorise post -> strip $_GET, $_POST
     */
    public function testAuthorisePost_failedAction_2()
    {
        $_SERVER['REQUEST_METHOD'] = 'POST';
        csrfprotector::$config['logDirectory'] = '../log';
        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
        csrfprotector::$config['failedAuthAction']['POST'] = 1;
        csrfprotector::$config['failedAuthAction']['GET'] = 1;
        $_POST = array('param1' => 1, 'param2' => 2);
        csrfprotector::authorizePost();
        $this->assertEmpty($_POST);
        $_SERVER['REQUEST_METHOD'] = 'GET';
        csrfp_wrapper::changeRequestType('GET');
        $_GET = array('param1' => 1, 'param2' => 2);
        csrfprotector::authorizePost();
        $this->assertEmpty($_GET);
    }
    /**
     * test authorise post -> redirect
     */
    public function testAuthorisePost_failedAction_3()
    {
        $_SERVER['REQUEST_METHOD'] = 'POST';
        csrfprotector::$config['logDirectory'] = '../log';
        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
        csrfprotector::$config['errorRedirectionPage'] = 'http://test';
        csrfprotector::$config['failedAuthAction']['POST'] = 2;
        csrfprotector::$config['failedAuthAction']['GET'] = 2;
        //csrfprotector::authorizePost();
        $this->markTestSkipped('Cannot add tests as code exit here');
        $_SERVER['REQUEST_METHOD'] = 'GET';
        csrfp_wrapper::changeRequestType('GET');
        //csrfprotector::authorizePost();
        $this->markTestSkipped('Cannot add tests as code exit here');
    }
    /**
     * test authorise post -> error message & exit
     */
    public function testAuthorisePost_failedAction_4()
    {
        $_SERVER['REQUEST_METHOD'] = 'POST';
        csrfprotector::$config['logDirectory'] = '../log';
        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
        csrfprotector::$config['customErrorMessage'] = 'custom error message';
        csrfprotector::$config['failedAuthAction']['POST'] = 3;
        csrfprotector::$config['failedAuthAction']['POST'] = 3;
        //csrfprotector::authorizePost();
        $this->markTestSkipped('Cannot add tests as code exit here');
        $_SERVER['REQUEST_METHOD'] = 'GET';
        csrfp_wrapper::changeRequestType('GET');
        //csrfprotector::authorizePost();
        $this->markTestSkipped('Cannot add tests as code exit here');
    }
    /**
     * test authorise post -> 500 internal server error
     */
    public function testAuthorisePost_failedAction_5()
    {
        $_SERVER['REQUEST_METHOD'] = 'POST';
        csrfprotector::$config['logDirectory'] = '../log';
        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
        csrfprotector::$config['failedAuthAction']['POST'] = 4;
        csrfprotector::$config['failedAuthAction']['GET'] = 4;
        //csrfprotector::authorizePost();
        //$this->markTestSkipped('Cannot add tests as code exit here');
        $_SERVER['REQUEST_METHOD'] = 'GET';
        csrfp_wrapper::changeRequestType('GET');
        //csrfprotector::authorizePost();
        //csrfp_wrapper::checkHeader('500');
        //$this->markTestSkipped('Cannot add tests as code exit here');
    }
    /**
     * test authorise post -> default action: strip $_GET, $_POST
     */
    public function testAuthorisePost_failedAction_6()
    {
        $_SERVER['REQUEST_METHOD'] = 'POST';
        csrfprotector::$config['logDirectory'] = '../log';
        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
        csrfprotector::$config['failedAuthAction']['POST'] = 10;
        csrfprotector::$config['failedAuthAction']['GET'] = 10;
        $_POST = array('param1' => 1, 'param2' => 2);
        csrfprotector::authorizePost();
        $this->assertEmpty($_POST);
        $_SERVER['REQUEST_METHOD'] = 'GET';
        csrfp_wrapper::changeRequestType('GET');
        $_GET = array('param1' => 1, 'param2' => 2);
        csrfprotector::authorizePost();
        $this->assertEmpty($_GET);
    }
    /**
     * test authorise success
     */
    public function testAuthorisePost_success()
    {
        $_SERVER['REQUEST_METHOD'] = 'POST';
        $_POST[csrfprotector::$config['CSRFP_TOKEN']]
            = $_GET[csrfprotector::$config['CSRFP_TOKEN']]
            = $_SESSION[csrfprotector::$config['CSRFP_TOKEN']][0];
        $temp = $_SESSION[csrfprotector::$config['CSRFP_TOKEN']];
        csrfprotector::authorizePost(); //will create new session and cookies
        $this->assertFalse($temp == $_SESSION[csrfprotector::$config['CSRFP_TOKEN']][0]);
        $this->assertTrue(csrfp_wrapper::checkHeader('Set-Cookie'));
        $this->assertTrue(csrfp_wrapper::checkHeader('csrfp_token'));
        // $this->assertTrue(csrfp_wrapper::checkHeader($_SESSION[csrfprotector::$config['CSRFP_TOKEN']][0]));  // Combine these 3 later
        // For get method
        $_SERVER['REQUEST_METHOD'] = 'GET';
        csrfp_wrapper::changeRequestType('GET');
        $_POST[csrfprotector::$config['CSRFP_TOKEN']]
            = $_GET[csrfprotector::$config['CSRFP_TOKEN']]
            = $_SESSION[csrfprotector::$config['CSRFP_TOKEN']][0];
        $temp = $_SESSION[csrfprotector::$config['CSRFP_TOKEN']];
        csrfprotector::authorizePost(); //will create new session and cookies
        $this->assertFalse($temp == $_SESSION[csrfprotector::$config['CSRFP_TOKEN']]);
        $this->assertTrue(csrfp_wrapper::checkHeader('Set-Cookie'));
        $this->assertTrue(csrfp_wrapper::checkHeader('csrfp_token'));
        // $this->assertTrue(csrfp_wrapper::checkHeader($_SESSION[csrfprotector::$config['CSRFP_TOKEN']][0]));  // Combine these 3 later
    }
    /**
     * test for generateAuthToken()
     */
    public function testGenerateAuthToken()
    {
        csrfprotector::$config['tokenLength'] = 20;
        $token1 = csrfprotector::generateAuthToken();
        $token2 = csrfprotector::generateAuthToken();
        $this->assertFalse($token1 == $token2);
        $this->assertEquals(strlen($token1), 20);
        $this->assertRegExp('/^[a-z0-9]{20}$/', $token1);
        csrfprotector::$config['tokenLength'] = 128;
        $token = csrfprotector::generateAuthToken();
        $this->assertEquals(strlen($token), 128);
        $this->assertRegExp('/^[a-z0-9]{128}$/', $token);
    }
    /**
     * test ob_handler_function
     */
    public function testob_handler()
    {
        csrfprotector::$config['disabledJavascriptMessage'] = 'test message';
        csrfprotector::$config['jsUrl'] = 'http://localhost/test/csrf/js/csrfprotector.js';
        $testHTML = '<html>';
        $testHTML .= '<head><title>1</title>';
        $testHTML .= '<body onload="test()">';
        $testHTML .= '-- some static content --';
        $testHTML .= '-- some static content --';
        $testHTML .= '</body>';
        $testHTML .= '</head></html>';
        $modifiedHTML = csrfprotector::ob_handler($testHTML, 0);
        $inpLength = strlen($testHTML);
        $outLength = strlen($modifiedHTML);
        //Check if file has been modified
        $this->assertFalse($outLength == $inpLength);
        $this->assertTrue(strpos($modifiedHTML, '<noscript>') !== false);
        $this->assertTrue(strpos($modifiedHTML, '<script') !== false);
    }
    /**
     * test ob_handler_function for output filter
     */
    public function testob_handler_positioning()
    {
        csrfprotector::$config['disabledJavascriptMessage'] = 'test message';
        csrfprotector::$config['jsUrl'] = 'http://localhost/test/csrf/js/csrfprotector.js';
        $testHTML = '<html>';
        $testHTML .= '<head><title>1</title>';
        $testHTML .= '<body onload="test()">';
        $testHTML .= '-- some static content --';
        $testHTML .= '-- some static content --';
        $testHTML .= '</body>';
        $testHTML .= '</head></html>';
        $modifiedHTML = csrfprotector::ob_handler($testHTML, 0);
        $this->assertEquals(strpos($modifiedHTML, '<body') + 23, strpos($modifiedHTML, '<noscript'));
        // Check if content before </body> is </script> #todo
        //$this->markTestSkipped('todo, add appropriate test here');
    }
    /**
     * testing exception in logging function
     */
    public function testgetCurrentUrl()
    {
        $stub = new ReflectionClass('csrfprotector');
        $method = $stub->getMethod('getCurrentUrl');
        $method->setAccessible(true);
        $this->assertEquals($method->invoke(null, array()), "http://test/index.php");
        $tmp_request_scheme = $_SERVER['REQUEST_SCHEME'];
        unset($_SERVER['REQUEST_SCHEME']);
        // server-https is not set
        $this->assertEquals($method->invoke(null, array()), "http://test/index.php");
        $_SERVER['HTTPS'] = 'on';
        $this->assertEquals($method->invoke(null, array()), "https://test/index.php");
        unset($_SERVER['HTTPS']);
        $_SERVER['REQUEST_SCHEME'] = "https";
        $this->assertEquals($method->invoke(null, array()), "https://test/index.php");
        $_SERVER['REQUEST_SCHEME'] = $tmp_request_scheme;
    }
    /**
     * testing exception in logging function
     */
    public function testLoggingException()
    {
        $stub = new ReflectionClass('csrfprotector');
        $method = $stub->getMethod('logCSRFattack');
        $method->setAccessible(true);
        try {
            $method->invoke(null, array());
            $this->fail("logFileWriteError was not caught");
        } catch (Exception $ex) {
            // pass
            $this->assertTrue(true);
        }
        if (!is_dir($this->logDir))
            mkdir($this->logDir);
        $method->invoke(null, array());
        $this->assertTrue(file_exists($this->logDir ."/" .date("m-20y") .".log"));
    }
    /**
     * Tests isUrlAllowed() function for various urls and configuration
     */
    public function testisURLallowed()
    {
        csrfprotector::$config['verifyGetFor'] = array('http://test/delete*', 'https://test/*');
        $_SERVER['PHP_SELF'] = '/nodelete.php';
        $this->assertTrue(csrfprotector::isURLallowed());
        $_SERVER['PHP_SELF'] = '/index.php';
        $this->assertTrue(csrfprotector::isURLallowed('http://test/index.php'));
        $_SERVER['PHP_SELF'] = '/delete.php';
        $this->assertFalse(csrfprotector::isURLallowed('http://test/delete.php'));
        $_SERVER['PHP_SELF'] = '/delete_user.php';
        $this->assertFalse(csrfprotector::isURLallowed('http://test/delete_users.php'));
        $_SERVER['REQUEST_SCHEME'] = 'https';
        $_SERVER['PHP_SELF'] = '/index.php';
        $this->assertFalse(csrfprotector::isURLallowed('https://test/index.php'));
        $_SERVER['PHP_SELF'] = '/delete_user.php';
        $this->assertFalse(csrfprotector::isURLallowed('https://test/delete_users.php'));
    }
    /**
     * Test for exception thrown when env variable is set by mod_csrfprotector
     */
    public function testModCSRFPEnabledException()
    {
        putenv('mod_csrfp_enabled=true');
        $temp = $_COOKIE[csrfprotector::$config['CSRFP_TOKEN']] = 'abc';
        $_SESSION[csrfprotector::$config['CSRFP_TOKEN']] = array('abc');
        csrfProtector::$config = array();
        csrfProtector::init();
        // Assuming no config was added
        $this->assertTrue(count(csrfProtector::$config) == 0);
        // unset the env variable
        putenv('mod_csrfp_enabled');
    }
    /**
     * Test for exception thrown when init() method is called multiple times
     */
    public function testMultipleInitializeException()
    {
        csrfProtector::$config = array();
        $this->assertTrue(count(csrfProtector::$config) == 0);
        $_SERVER['REQUEST_METHOD'] = 'GET';
        csrfProtector::init();
        $this->assertTrue(count(csrfProtector::$config) == 11);
        try {
            csrfProtector::init();
            $this->fail("alreadyInitializedException not raised");
        }  catch (alreadyInitializedException $ex) {
            // pass
            $this->assertTrue(true);
        } catch (Exception $ex) {
            $this->fail("exception other than alreadyInitializedException failed");            
        }
    }
 }
--- a/data/web/inc/lib/vendor/yubico/u2flib-server/.travis.yml
+++ b/data/web/inc/lib/vendor/yubico/u2flib-server/.travis.yml
@ -1,19 +1,21 @@
 language: php
 sudo: false
 php:
  - 5.3
  - 5.4
  - 5.5
  - 5.6
  - 7.0
  - 7.1
  - hhvm
  - hhvm-nightly
 after_success:
  - test -z $COVERALLS || (composer require satooshi/php-coveralls && vendor/bin/coveralls -v)
 matrix:
  include:
    - php: 5.6
      env: COVERALLS=true
  allow_failures:
    - php: hhvm
-    - php: hhvm-nightly
+
 before_script:
  - composer install
 script:
  - ./vendor/phpunit/phpunit/phpunit -c phpunit.xml
 after_success:
  - test -z $COVERALLS || (composer require satooshi/php-coveralls && vendor/bin/coveralls -v)
--- a/data/web/inc/lib/vendor/yubico/u2flib-server/NEWS
+++ b/data/web/inc/lib/vendor/yubico/u2flib-server/NEWS
@ -1,5 +1,9 @@
 php-u2flib-server NEWS -- History of user-visible changes.
 * Version 1.0.1 (released 2017-05-09)
 ** Move examples to phps so they don't execute by default
 ** Use common challenge for multiple registrations
 * Version 1.0.0 (released 2016-02-19)
 ** Give an early error on openssl < 1.0
 ** Support devices with initial counter 0
--- a/data/web/inc/lib/vendor/yubico/u2flib-server/apigen.neon
+++ b/data/web/inc/lib/vendor/yubico/u2flib-server/apigen.neon
@ -3,7 +3,8 @@ destination: apidocs
 source:
  - src/u2flib_server
-exclude: "*/tests/*"
+exclude:
  - "*/tests/*"
 groups: none
--- a/data/web/inc/lib/vendor/yubico/u2flib-server/composer.json
+++ b/data/web/inc/lib/vendor/yubico/u2flib-server/composer.json
@ -4,10 +4,13 @@
  "homepage":"https://developers.yubico.com/php-u2flib-server",
  "license":"BSD-2-Clause",
  "require": {
-    "ext-openssl":"*"
+    "ext-openssl":"*",
    "php": ">=5.6"
  },
  "autoload": {
    "classmap": ["src/"]
  },
  "require-dev": {
    "phpunit/phpunit": "~5.7"
  }
 }
--- a/Show More
+++ b/Show More
		`@ -0,0 +1 @@`
							`<html><head><meta http-equiv="Refresh" CONTENT="0; URL=files/libs/csrf/csrfprotector-php.html"></head></html>`