gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -27,199 +27,215 @@
			NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
			EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
			*/
			require_once('aps_base.inc.php');
			require_once 'aps_base.inc.php';

			class ApsGUIController extends ApsBase
			{
			/**
			* Constructor
			*
			* @param $app the application instance (db handle)
			*/
			public function __construct($app)
			{
			parent::__construct($app);
			}

			/**
			* Reads in a package metadata file and registers it's namespaces
			*
			* @param $filename the file to read
			* @return $sxe a SimpleXMLElement handle
			*/
			private function readInMetaFile($filename)
			{
			$metadata = file_get_contents($filename);
			$metadata = str_replace("xmlns=", "ns=", $metadata);
			$sxe = new SimpleXMLElement($metadata);
			$namespaces = $sxe->getDocNamespaces(true);
			foreach($namespaces as $ns => $url) $sxe->registerXPathNamespace($ns, $url);

			return $sxe;
			}

			/**
			* Applies a RegEx pattern onto a location path in order to secure it against
			* code injections and invalid input
			*
			* @param $location_unfiltered the file path to secure
			* @return $location
			*/
			private function secureLocation($location_unfiltered)
			{
			// Filter invalid slashes from string
			$location = preg_replace(array('#/+#', '#\.+#', '#\0+#', '#\\\\+#'),
			array('/', '', '', '/'),
			$location_unfiltered);
			/**
			* Constructor
			*
			* @param $app the application instance (db handle)
			*/

			// Remove a beginning or trailing slash
			if(substr($location, -1) == '/') $location = substr($location, 0, strlen($location) - 1);
			if(substr($location, 0, 1) == '/') $location = substr($location, 1);

			return $location;
			}

			/**
			* Gets the CustomerID (ClientID) which belongs to a specific domain
			*
			* @param $domain the domain
			* @return $customerid
			*/
			private function getCustomerIDFromDomain($domain)
			{
			global $app;
			$customerid = 0;

			$customerdata = $app->db->queryOneRecord("SELECT client_id FROM sys_group, web_domain
			WHERE web_domain.sys_groupid = sys_group.groupid

			public function __construct($app)
			{
			parent::__construct($app);
			}



			/**
			* Reads in a package metadata file and registers it's namespaces
			*
			* @param $filename the file to read
			* @return $sxe a SimpleXMLElement handle
			*/
			private function readInMetaFile($filename)
			{
			$metadata = file_get_contents($filename);
			$metadata = str_replace("xmlns=", "ns=", $metadata);
			$sxe = new SimpleXMLElement($metadata);
			$namespaces = $sxe->getDocNamespaces(true);
			foreach($namespaces as $ns => $url) $sxe->registerXPathNamespace($ns, $url);

			return $sxe;
			}



			/**
			* Applies a RegEx pattern onto a location path in order to secure it against
			* code injections and invalid input
			*
			* @param $location_unfiltered the file path to secure
			* @return $location
			*/
			private function secureLocation($location_unfiltered)
			{
			// Filter invalid slashes from string
			$location = preg_replace(array('#/+#', '#\.+#', '#\0+#', '#\\\\+#'),
			array('/', '', '', '/'),
			$location_unfiltered);

			// Remove a beginning or trailing slash
			if(substr($location, -1) == '/') $location = substr($location, 0, strlen($location) - 1);
			if(substr($location, 0, 1) == '/') $location = substr($location, 1);

			return $location;
			}



			/**
			* Gets the CustomerID (ClientID) which belongs to a specific domain
			*
			* @param $domain the domain
			* @return $customerid
			*/
			private function getCustomerIDFromDomain($domain)
			{
			global $app;
			$customerid = 0;

			$customerdata = $app->db->queryOneRecord("SELECT client_id FROM sys_group, web_domain
			WHERE web_domain.sys_groupid = sys_group.groupid
			AND web_domain.domain = '".$app->db->quote($domain)."';");
			if(!empty($customerdata)) $customerid = $customerdata['client_id'];

			return $customerid;
			}

			/**
			* Returns the server_id for an already installed instance. Is actually
			* just a little helper method to avoid redundant code
			*
			* @param $instanceid the instance to process
			* @return $webserver_id the server_id
			*/
			private function getInstanceDataForDatalog($instanceid)
			{
			global $app;
			$webserver_id = '';

			$websrv = $app->db->queryOneRecord("SELECT server_id FROM web_domain
			WHERE domain = (SELECT value FROM aps_instances_settings
			if(!empty($customerdata)) $customerid = $customerdata['client_id'];

			return $customerid;
			}



			/**
			* Returns the server_id for an already installed instance. Is actually
			* just a little helper method to avoid redundant code
			*
			* @param $instanceid the instance to process
			* @return $webserver_id the server_id
			*/
			private function getInstanceDataForDatalog($instanceid)
			{
			global $app;
			$webserver_id = '';

			$websrv = $app->db->queryOneRecord("SELECT server_id FROM web_domain
			WHERE domain = (SELECT value FROM aps_instances_settings
			WHERE name = 'main_domain' AND instance_id = ".$app->db->quote($instanceid).");");

			// If $websrv is empty, an error has occured. Domain no longer existing? Settings table damaged?
			// Anyhow, remove this instance record because it's not useful at all
			if(empty($websrv))
			{
			$app->db->query("DELETE FROM aps_instances WHERE id = ".$app->db->quote($instanceid).";");
			$app->db->query("DELETE FROM aps_instances_settings WHERE instance_id = ".$app->db->quote($instanceid).";");
			}
			else $webserver_id = $websrv['server_id'];

			return $webserver_id;
			}

			/**
			* Finds out if there is a newer package version for
			* a given (possibly valid) package ID
			*
			* @param $id the ID to check
			* @return $newer_pkg_id the newer package ID
			*/
			public function getNewestPackageID($id)
			{
			global $app;

			if(preg_match('/^[0-9]+$/', $id) != 1) return 0;

			$result = $app->db->queryOneRecord("SELECT id, name,
			CONCAT(version, '-', CAST(`release` AS CHAR)) AS current_version
			FROM aps_packages
			WHERE name = (SELECT name FROM aps_packages WHERE id = ".$app->db->quote($id).")
			ORDER BY REPLACE(version, '.', '')+0 DESC, `release` DESC");

			if(!empty($result) && ($id != $result['id'])) return $result['id'];

			return 0;
			}
			// If $websrv is empty, an error has occured. Domain no longer existing? Settings table damaged?
			// Anyhow, remove this instance record because it's not useful at all
			if(empty($websrv))
			{
			$app->db->query("DELETE FROM aps_instances WHERE id = ".$app->db->quote($instanceid).";");
			$app->db->query("DELETE FROM aps_instances_settings WHERE instance_id = ".$app->db->quote($instanceid).";");
			}
			else $webserver_id = $websrv['server_id'];

			/**
			* Validates a given package ID
			*
			* @param $id the ID to check
			* @param $is_admin a flag to allow locked IDs too (for admin calls)
			* @return boolean
			*/
			public function isValidPackageID($id, $is_admin = false)
			{
			global $app;

			if(preg_match('/^[0-9]+$/', $id) != 1) return false;

			$sql_ext = (!$is_admin) ?
			'package_status = '.PACKAGE_ENABLED.' AND' :
			'(package_status = '.PACKAGE_ENABLED.' OR package_status = '.PACKAGE_LOCKED.') AND';
			return $webserver_id;
			}

			$result = $app->db->queryOneRecord("SELECT id FROM aps_packages WHERE ".$sql_ext." id = ".$app->db->quote($id).";");
			if(!$result) return false;

			return true;
			}

			/**
			* Validates a given instance ID
			*
			* @param $id the ID to check
			* @param $client_id the calling client ID
			* @param $is_admin a flag to ignore the client ID check for admins
			* @return boolean
			*/
			public function isValidInstanceID($id, $client_id, $is_admin = false)
			{
			global $app;

			if(preg_match('/^[0-9]+$/', $id) != 1) return false;

			// Only filter if not admin
			$sql_ext = (!$is_admin) ? 'customer_id = '.$app->db->quote($client_id).' AND' : '';

			$result = $app->db->queryOneRecord('SELECT id FROM aps_instances WHERE '.$sql_ext.' id = '.$app->db->quote($id).';');
			if(!$result) return false;

			return true;
			}

			/**
			* Creates a new database record for the package instance and
			* an install task
			*
			* @param $settings the settings to enter into the DB
			* @param $packageid the PackageID
			*/
			public function createPackageInstance($settings, $packageid)
			{

			/**
			* Finds out if there is a newer package version for
			* a given (possibly valid) package ID
			*
			* @param $id the ID to check
			* @return $newer_pkg_id the newer package ID
			*/
			public function getNewestPackageID($id)
			{
			global $app;


			if(preg_match('/^[0-9]+$/', $id) != 1) return 0;

			$result = $app->db->queryOneRecord("SELECT id, name,
			CONCAT(version, '-', CAST(`release` AS CHAR)) AS current_version
			FROM aps_packages
			WHERE name = (SELECT name FROM aps_packages WHERE id = ".$app->db->quote($id).")
			ORDER BY REPLACE(version, '.', '')+0 DESC, `release` DESC");

			if(!empty($result) && ($id != $result['id'])) return $result['id'];

			return 0;
			}

			/**
			* Validates a given package ID
			*
			* @param $id the ID to check
			* @param $is_admin a flag to allow locked IDs too (for admin calls)
			* @return boolean
			*/
			public function isValidPackageID($id, $is_admin = false)
			{
			global $app;

			if(preg_match('/^[0-9]+$/', $id) != 1) return false;

			$sql_ext = (!$is_admin) ?
			'package_status = '.PACKAGE_ENABLED.' AND' :
			'(package_status = '.PACKAGE_ENABLED.' OR package_status = '.PACKAGE_LOCKED.') AND';

			$result = $app->db->queryOneRecord("SELECT id FROM aps_packages WHERE ".$sql_ext." id = ".$app->db->quote($id).";");
			if(!$result) return false;

			return true;
			}



			/**
			* Validates a given instance ID
			*
			* @param $id the ID to check
			* @param $client_id the calling client ID
			* @param $is_admin a flag to ignore the client ID check for admins
			* @return boolean
			*/
			public function isValidInstanceID($id, $client_id, $is_admin = false)
			{
			global $app;

			if(preg_match('/^[0-9]+$/', $id) != 1) return false;

			// Only filter if not admin
			$sql_ext = (!$is_admin) ? 'customer_id = '.$app->db->quote($client_id).' AND' : '';

			$result = $app->db->queryOneRecord('SELECT id FROM aps_instances WHERE '.$sql_ext.' id = '.$app->db->quote($id).';');
			if(!$result) return false;

			return true;
			}



			/**
			* Creates a new database record for the package instance and
			* an install task
			*
			* @param $settings the settings to enter into the DB
			* @param $packageid the PackageID
			*/
			public function createPackageInstance($settings, $packageid)
			{
			global $app;

			$app->uses('tools_sites');


			$webserver_id = 0;
			$websrv = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain = '".$app->db->quote($settings['main_domain'])."';");
			if(!empty($websrv)) $webserver_id = $websrv['server_id'];
			$customerid = $this->getCustomerIDFromDomain($settings['main_domain']);

			if(empty($settings) \|\| empty($webserver_id)) return false;

			$websrv = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain = '".$app->db->quote($settings['main_domain'])."';");
			if(!empty($websrv)) $webserver_id = $websrv['server_id'];
			$customerid = $this->getCustomerIDFromDomain($settings['main_domain']);

			if(empty($settings) \|\| empty($webserver_id)) return false;

			//* Get server config of the web server
			$app->uses("getconf");
			$web_config = $app->getconf->get_server_config($app->functions->intval($websrv["server_id"]),'web');

			$web_config = $app->getconf->get_server_config($app->functions->intval($websrv["server_id"]), 'web');

			//* Set PHP mode to php-fcgi and enable suexec in website on apache servers / set PHP mode to PHP-FPM on nginx servers
			if($web_config['server_type'] == 'apache') {
			if(($websrv['php'] != 'fast-cgi' \|\| $websrv['suexec'] != 'y') && $websrv['php'] != 'php-fpm') {
			@@ -231,59 +247,59 @@
			$app->db->datalogUpdate('web_domain', "php = 'php-fpm'", 'domain_id', $websrv['domain_id']);
			}
			}




			//* Create the MySQL database for the application
			$pkg = $app->db->queryOneRecord('SELECT * FROM aps_packages WHERE id = '.$app->db->quote($packageid).';');
			$metafile = $this->interface_pkg_dir.'/'.$pkg['path'].'/APP-META.xml';
			$sxe = $this->readInMetaFile($metafile);


			$db_id = parent::getXPathValue($sxe, '//db:id');
			if (!empty($db_id)) {
			$global_config = $app->getconf->get_global_config('sites');


			$tmp = array();
			$tmp['parent_domain_id'] = $websrv['domain_id'];
			$tmp['sys_groupid'] = $websrv['sys_groupid'];
			$dbname_prefix = $app->tools_sites->replacePrefix($global_config['dbname_prefix'], $tmp);
			$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $tmp);
			unset($tmp);

			// get information if the webserver is a db server, too
			$web_server = $app->db->queryOneRecord("SELECT server_id,server_name,db_server FROM server WHERE server_id = ".$websrv['server_id']);
			if($web_server['db_server'] == 1) {
			// create database on "localhost" (webserver)

			// get information if the webserver is a db server, too
			$web_server = $app->db->queryOneRecord("SELECT server_id,server_name,db_server FROM server WHERE server_id = ".$websrv['server_id']);
			if($web_server['db_server'] == 1) {
			// create database on "localhost" (webserver)
			$mysql_db_server_id = $websrv['server_id'];
			$mysql_db_host = 'localhost';
			$mysql_db_remote_access = 'n';
			$mysql_db_remote_ips = '';
			} else {
			//* get the default database server of the client
			$client = $app->db->queryOneRecord("SELECT default_dbserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ".$websrv['sys_groupid']);
			if(is_array($client) && $client['default_dbserver'] > 0 && $client['default_dbserver'] != $websrv['server_id']) {
			$mysql_db_server_id = $client['default_dbserver'];
			$dbserver_config = $web_config = $app->getconf->get_server_config($app->functions->intval($mysql_db_server_id),'server');
			$mysql_db_host = $dbserver_config['ip_address'];
			$mysql_db_remote_access = 'y';
			$webserver_config = $app->getconf->get_server_config($app->functions->intval($websrv['server_id']),'server');
			$mysql_db_remote_ips = $webserver_config['ip_address'];
			} else {
			/* I left this in place for a fallback that should NEVER! happen.
			} else {
			//* get the default database server of the client
			$client = $app->db->queryOneRecord("SELECT default_dbserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ".$websrv['sys_groupid']);
			if(is_array($client) && $client['default_dbserver'] > 0 && $client['default_dbserver'] != $websrv['server_id']) {
			$mysql_db_server_id = $client['default_dbserver'];
			$dbserver_config = $web_config = $app->getconf->get_server_config($app->functions->intval($mysql_db_server_id), 'server');
			$mysql_db_host = $dbserver_config['ip_address'];
			$mysql_db_remote_access = 'y';
			$webserver_config = $app->getconf->get_server_config($app->functions->intval($websrv['server_id']), 'server');
			$mysql_db_remote_ips = $webserver_config['ip_address'];
			} else {
			/* I left this in place for a fallback that should NEVER! happen.
			* if we reach this point it means that there is NO default db server for the client
			* AND the webserver has NO db service enabled.
			* We have to abort the aps installation here... so I added a return false
			* although this does not present any error message to the user.
			*/
			return false;

			/*$mysql_db_server_id = $websrv['server_id'];
			return false;

			/*$mysql_db_server_id = $websrv['server_id'];
			$mysql_db_host = 'localhost';
			$mysql_db_remote_access = 'n';
			$mysql_db_remote_ips = '';*/
			}
			}

			//* Find a free db name for the app
			}
			}

			//* Find a free db name for the app
			for($n = 1; $n <= 1000; $n++) {
			$mysql_db_name = ($dbname_prefix != '' ? $dbname_prefix.'aps'.$n : uniqid('aps'));
			$tmp = $app->db->queryOneRecord("SELECT count(database_id) as number FROM web_database WHERE database_name = '".$app->db->quote($mysql_db_name)."'");
			@@ -295,30 +311,30 @@
			$tmp = $app->db->queryOneRecord("SELECT count(database_user_id) as number FROM web_database_user WHERE database_user = '".$app->db->quote($mysql_db_user)."'");
			if($tmp['number'] == 0) break;
			}


			$mysql_db_password = $settings['main_database_password'];


			//* Create the mysql database user
			$insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `database_user`, `database_user_prefix`, `database_password`)
			$insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `database_user`, `database_user_prefix`, `database_password`)
			VALUES( ".$websrv['sys_userid'].", ".$websrv['sys_groupid'].", 'riud', '".$websrv['sys_perm_group']."', '', 0, '$mysql_db_user', '".$app->db->quote($dbuser_prefix) . "', PASSWORD('$mysql_db_password'))";
			$mysql_db_user_id = $app->db->datalogInsert('web_database_user', $insert_data, 'database_user_id');


			//* Create the mysql database
			$insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `parent_domain_id`, `type`, `database_name`, `database_name_prefix`, `database_user_id`, `database_ro_user_id`, `database_charset`, `remote_access`, `remote_ips`, `backup_copies`, `active`, `backup_interval`)
			$insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `parent_domain_id`, `type`, `database_name`, `database_name_prefix`, `database_user_id`, `database_ro_user_id`, `database_charset`, `remote_access`, `remote_ips`, `backup_copies`, `active`, `backup_interval`)
			VALUES( ".$websrv['sys_userid'].", ".$websrv['sys_groupid'].", 'riud', '".$websrv['sys_perm_group']."', '', $mysql_db_server_id, ".$websrv['domain_id'].", 'mysql', '$mysql_db_name', '" . $app->db->quote($dbname_prefix) . "', '$mysql_db_user_id', 0, '', '$mysql_db_remote_access', '$mysql_db_remote_ips', ".$websrv['backup_copies'].", 'y', '".$websrv['backup_interval']."')";
			$app->db->datalogInsert('web_database', $insert_data, 'database_id');


			//* Add db details to package settings
			$settings['main_database_host'] = $mysql_db_host;
			$settings['main_database_name'] = $mysql_db_name;
			$settings['main_database_login'] = $mysql_db_user;


			}


			//* Insert new package instance
			$insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `customer_id`, `package_id`, `instance_status`) VALUES (".$websrv['sys_userid'].", ".$websrv['sys_groupid'].", 'riud', '".$websrv['sys_perm_group']."', '', ".$app->db->quote($webserver_id).",".$app->db->quote($customerid).", ".$app->db->quote($packageid).", ".INSTANCE_PENDING.")";
			$InstanceID = $app->db->datalogInsert('aps_instances', $insert_data, 'id');


			//* Insert all package settings
			if(is_array($settings)) {
			foreach($settings as $key => $value) {
			@@ -326,520 +342,530 @@
			$app->db->datalogInsert('aps_instances_settings', $insert_data, 'id');
			}
			}


			//* Set package status to install afetr we inserted the settings
			$app->db->datalogUpdate('aps_instances', "instance_status = ".INSTANCE_INSTALL, 'id', $InstanceID);
			}

			/**
			* Sets the status of an instance to "should be removed" and creates a
			* datalog entry to give the ISPConfig server a real removal advice
			*
			* @param $instanceid the instance to delete
			*/
			public function deleteInstance($instanceid)
			{
			global $app;
			}



			/**
			* Sets the status of an instance to "should be removed" and creates a
			* datalog entry to give the ISPConfig server a real removal advice
			*
			* @param $instanceid the instance to delete
			*/
			public function deleteInstance($instanceid)
			{
			global $app;
			/*
			$app->db->query("UPDATE aps_instances SET instance_status = ".INSTANCE_REMOVE." WHERE id = ".$instanceid.";");


			$webserver_id = $this->getInstanceDataForDatalog($instanceid);
			if($webserver_id == '') return;


			// Create a sys_datalog entry for deletion
			$datalog = array('Instance_id' => $instanceid, 'server_id' => $webserver_id);
			$app->db->datalogSave('aps', 'DELETE', 'id', $instanceid, array(), $datalog);
			*/


			$sql = "SELECT web_database.database_id as database_id, web_database.database_user_id as `database_user_id` FROM aps_instances_settings, web_database WHERE aps_instances_settings.value = web_database.database_name AND aps_instances_settings.name = 'main_database_name' AND aps_instances_settings.instance_id = ".$instanceid." LIMIT 0,1";
			$tmp = $app->db->queryOneRecord($sql);
			if($tmp['database_id'] > 0) $app->db->datalogDelete('web_database', 'database_id', $tmp['database_id']);

			$database_user = $tmp['database_user_id'];
			$tmp = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `database_user_id` = '" . $app->functions->intval($database_user) . "' OR `database_ro_user_id` = '" . $app->functions->intval($database_user) . "'");
			if($tmp['cnt'] < 1) $app->db->datalogDelete('web_database_user', 'database_user_id', $database_user);


			$database_user = $tmp['database_user_id'];
			$tmp = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `database_user_id` = '" . $app->functions->intval($database_user) . "' OR `database_ro_user_id` = '" . $app->functions->intval($database_user) . "'");
			if($tmp['cnt'] < 1) $app->db->datalogDelete('web_database_user', 'database_user_id', $database_user);

			$app->db->datalogUpdate('aps_instances', "instance_status = ".INSTANCE_REMOVE, 'id', $instanceid);

			}

			/**
			* Sets the status of an instance to "installation planned" and creates a
			* datalog entry to re-install the package. The existing package is simply overwritten.
			*
			* @param $instanceid the instance to delete
			*/
			public function reinstallInstance($instanceid)
			{
			global $app;

			/*
			}



			/**
			* Sets the status of an instance to "installation planned" and creates a
			* datalog entry to re-install the package. The existing package is simply overwritten.
			*
			* @param $instanceid the instance to delete
			*/
			public function reinstallInstance($instanceid)
			{
			global $app;

			/*
			$app->db->query("UPDATE aps_instances SET instance_status = ".INSTANCE_INSTALL." WHERE id = ".$instanceid.";");


			$webserver_id = $this->getInstanceDataForDatalog($instanceid);
			if($webserver_id == '') return;


			// Create a sys_datalog entry for re-installation
			$datalog = array('instance_id' => $instanceid, 'server_id' => $webserver_id);
			$app->db->datalogSave('aps', 'INSERT', 'id', $instanceid, array(), $datalog);
			*/


			$sql = "SELECT web_database.database_id as database_id FROM aps_instances_settings, web_database WHERE aps_instances_settings.value = web_database.database_name AND aps_instances_settings.value = aps_instances_settings.name = 'main_database_name' AND aps_instances_settings.instance_id = ".$instanceid." LIMIT 0,1";
			$tmp = $app->db->queryOneRecord($sql);
			if($tmp['database_id'] > 0) $app->db->datalogDelete('web_database', 'database_id', $tmp['database_id']);


			$app->db->datalogUpdate('aps_instances', "instance_status = ".INSTANCE_INSTALL, 'id', $instanceid);
			}
			}

			/**
			* Read the settings to be filled when installing
			*
			* @param $id the internal ID of the package
			* @return array
			*/
			public function getPackageSettings($id)
			{
			global $app;

			$pkg = $app->db->queryOneRecord('SELECT * FROM aps_packages WHERE id = '.$app->db->quote($id).';');

			// Load in meta file if existing and register its namespaces
			$metafile = $this->interface_pkg_dir.'/'.$pkg['path'].'/APP-META.xml';
			if(!file_exists($metafile))
			return array('error' => 'The metafile for '.$settings['Name'].' couldn\'t be found');

			$sxe = $this->readInMetaFile($metafile);

			$groupsettings = parent::getXPathValue($sxe, '//settings/group/setting', true);
			if(empty($groupsettings)) return array();

			$settings = array();
			foreach($groupsettings as $setting)
			{
			$setting_id = strval($setting['id']);

			if($setting['type'] == 'string' \|\| $setting['type'] == 'email' \|\| $setting['type'] == 'integer'
			\|\| $setting['type'] == 'float' \|\| $setting['type'] == 'domain-name')
			{
			$settings[] = array('SettingID' => $setting_id,
			'SettingName' => $setting->name,
			'SettingDescription' => $setting->description,
			'SettingType' => $setting['type'],
			'SettingInputType' => 'string',
			'SettingDefaultValue' => strval($setting['default-value']),
			'SettingRegex' => $setting['regex'],
			'SettingMinLength' => $setting['min-length'],
			'SettingMaxLength' => $setting['max-length']);
			}
			else if($setting['type'] == 'password')
			{
			$settings[] = array('SettingID' => $setting_id,
			'SettingName' => $setting->name,
			'SettingDescription' => $setting->description,
			'SettingType' => 'password',
			'SettingInputType' => 'password',
			'SettingDefaultValue' => '',
			'SettingRegex' => $setting['regex'],
			'SettingMinLength' => $setting['min-length'],
			'SettingMaxLength' => $setting['max-length']);
			}
			else if($setting['type'] == 'boolean')
			{
			$settings[] = array('SettingID' => $setting_id,
			'SettingName' => $setting->name,
			'SettingDescription' => $setting->description,
			'SettingType' => 'boolean',
			'SettingInputType' => 'checkbox',
			'SettingDefaultValue' => strval($setting['default-value']));
			}
			else if($setting['type'] == 'enum')
			{
			$choices = array();
			foreach($setting->choice as $choice)
			{
			$choices[] = array('EnumID' => strval($choice['id']),
			'EnumName' => $choice->name);
			}
			$settings[] = array('SettingID' => $setting_id,
			'SettingName' => $setting->name,
			'SettingDescription' => $setting->description,
			'SettingType' => 'enum',
			'SettingInputType' => 'select',
			'SettingDefaultValue' => strval($setting['default-value']),
			'SettingChoices' => $choices);
			}
			}
			/**
			* Read the settings to be filled when installing
			*
			* @param $id the internal ID of the package
			* @return array
			*/
			public function getPackageSettings($id)
			{
			global $app;

			return $settings;
			}

			/**
			* Validates the user input according to the settings array and
			* delivers errors if occurring
			*
			* @param $input the user $_POST array
			* @param $pkg_details the package details
			* @param $settings the package settings array
			* @return array in this structure:
			* array(2) {
			* ["input"]=> ...
			* ["errors"]=> ...
			* }
			*/
			public function validateInstallerInput($postinput, $pkg_details, $domains, $settings = array())
			{
			global $app;

			$ret = array();
			$input = array();
			$error = array();

			// Main domain (obligatory)
			if(isset($postinput['main_domain']))
			{
			if(!in_array($postinput['main_domain'], $domains)) $error[] = $app->lng('error_main_domain');
			else $input['main_domain'] = $postinput['main_domain'];
			}
			else $error[] = $app->lng('error_main_domain');

			// Main location (not obligatory but must be supplied)
			if(isset($postinput['main_location']))
			{
			$temp_errstr = '';
			// It can be empty but if the user did write something, check it
			$userinput = false;
			if(strlen($postinput['main_location']) > 0) $userinput = true;

			// Filter invalid input slashes (twice!)
			$main_location = $this->secureLocation($postinput['main_location']);
			$main_location = $this->secureLocation($main_location);
			// Only allow digits, words, / and -
			$main_location = preg_replace("/[^\d\w\/\-]/i", "", $main_location);
			if($userinput && (strlen($main_location) == 0)) $temp_errstr = $app->lng('error_inv_main_location');

			// Find out document_root and make sure no apps are installed twice to one location
			if(in_array($postinput['main_domain'], $domains))
			{
			$docroot = $app->db->queryOneRecord("SELECT document_root FROM web_domain
			$pkg = $app->db->queryOneRecord('SELECT * FROM aps_packages WHERE id = '.$app->db->quote($id).';');

			// Load in meta file if existing and register its namespaces
			$metafile = $this->interface_pkg_dir.'/'.$pkg['path'].'/APP-META.xml';
			if(!file_exists($metafile))
			return array('error' => 'The metafile for '.$settings['Name'].' couldn\'t be found');

			$sxe = $this->readInMetaFile($metafile);

			$groupsettings = parent::getXPathValue($sxe, '//settings/group/setting', true);
			if(empty($groupsettings)) return array();

			$settings = array();
			foreach($groupsettings as $setting)
			{
			$setting_id = strval($setting['id']);

			if($setting['type'] == 'string' \|\| $setting['type'] == 'email' \|\| $setting['type'] == 'integer'
			\|\| $setting['type'] == 'float' \|\| $setting['type'] == 'domain-name')
			{
			$settings[] = array('SettingID' => $setting_id,
			'SettingName' => $setting->name,
			'SettingDescription' => $setting->description,
			'SettingType' => $setting['type'],
			'SettingInputType' => 'string',
			'SettingDefaultValue' => strval($setting['default-value']),
			'SettingRegex' => $setting['regex'],
			'SettingMinLength' => $setting['min-length'],
			'SettingMaxLength' => $setting['max-length']);
			}
			else if($setting['type'] == 'password')
			{
			$settings[] = array('SettingID' => $setting_id,
			'SettingName' => $setting->name,
			'SettingDescription' => $setting->description,
			'SettingType' => 'password',
			'SettingInputType' => 'password',
			'SettingDefaultValue' => '',
			'SettingRegex' => $setting['regex'],
			'SettingMinLength' => $setting['min-length'],
			'SettingMaxLength' => $setting['max-length']);
			}
			else if($setting['type'] == 'boolean')
			{
			$settings[] = array('SettingID' => $setting_id,
			'SettingName' => $setting->name,
			'SettingDescription' => $setting->description,
			'SettingType' => 'boolean',
			'SettingInputType' => 'checkbox',
			'SettingDefaultValue' => strval($setting['default-value']));
			}
			else if($setting['type'] == 'enum')
			{
			$choices = array();
			foreach($setting->choice as $choice)
			{
			$choices[] = array('EnumID' => strval($choice['id']),
			'EnumName' => $choice->name);
			}
			$settings[] = array('SettingID' => $setting_id,
			'SettingName' => $setting->name,
			'SettingDescription' => $setting->description,
			'SettingType' => 'enum',
			'SettingInputType' => 'select',
			'SettingDefaultValue' => strval($setting['default-value']),
			'SettingChoices' => $choices);
			}
			}

			return $settings;
			}



			/**
			* Validates the user input according to the settings array and
			* delivers errors if occurring
			*
			* @param $input the user $_POST array
			* @param $pkg_details the package details
			* @param $settings the package settings array
			* @return array in this structure:
			* array(2) {
			* ["input"]=> ...
			* ["errors"]=> ...
			* }
			*/
			public function validateInstallerInput($postinput, $pkg_details, $domains, $settings = array())
			{
			global $app;

			$ret = array();
			$input = array();
			$error = array();

			// Main domain (obligatory)
			if(isset($postinput['main_domain']))
			{
			if(!in_array($postinput['main_domain'], $domains)) $error[] = $app->lng('error_main_domain');
			else $input['main_domain'] = $postinput['main_domain'];
			}
			else $error[] = $app->lng('error_main_domain');

			// Main location (not obligatory but must be supplied)
			if(isset($postinput['main_location']))
			{
			$temp_errstr = '';
			// It can be empty but if the user did write something, check it
			$userinput = false;
			if(strlen($postinput['main_location']) > 0) $userinput = true;

			// Filter invalid input slashes (twice!)
			$main_location = $this->secureLocation($postinput['main_location']);
			$main_location = $this->secureLocation($main_location);
			// Only allow digits, words, / and -
			$main_location = preg_replace("/[^\d\w\/\-]/i", "", $main_location);
			if($userinput && (strlen($main_location) == 0)) $temp_errstr = $app->lng('error_inv_main_location');

			// Find out document_root and make sure no apps are installed twice to one location
			if(in_array($postinput['main_domain'], $domains))
			{
			$docroot = $app->db->queryOneRecord("SELECT document_root FROM web_domain
			WHERE domain = '".$app->db->quote($postinput['main_domain'])."';");
			$new_path = $docroot['document_root'];
			if(substr($new_path, -1) != '/') $new_path .= '/';
			$new_path .= $main_location;

			// Get the $customerid which belongs to the selected domain
			$customerid = $this->getCustomerIDFromDomain($postinput['main_domain']);

			// First get all domains used for an install, then their loop them
			// and get the corresponding document roots as well as the defined
			// locations. If an existing doc_root + location matches with the
			// new one -> error
			$instance_domains = $app->db->queryAllRecords("SELECT instance_id, s.value AS domain
			FROM aps_instances AS i, aps_instances_settings AS s
			WHERE i.id = s.instance_id AND s.name = 'main_domain'
			$new_path = $docroot['document_root'];
			if(substr($new_path, -1) != '/') $new_path .= '/';
			$new_path .= $main_location;

			// Get the $customerid which belongs to the selected domain
			$customerid = $this->getCustomerIDFromDomain($postinput['main_domain']);

			// First get all domains used for an install, then their loop them
			// and get the corresponding document roots as well as the defined
			// locations. If an existing doc_root + location matches with the
			// new one -> error
			$instance_domains = $app->db->queryAllRecords("SELECT instance_id, s.value AS domain
			FROM aps_instances AS i, aps_instances_settings AS s
			WHERE i.id = s.instance_id AND s.name = 'main_domain'
			AND i.customer_id = '".$app->db->quote($customerid)."';");
			for($i = 0; $i < count($instance_domains); $i++)
			{
			$used_path = '';

			$doc_root = $app->db->queryOneRecord("SELECT document_root FROM web_domain
			for($i = 0; $i < count($instance_domains); $i++)
			{
			$used_path = '';

			$doc_root = $app->db->queryOneRecord("SELECT document_root FROM web_domain
			WHERE domain = '".$app->db->quote($instance_domains[$i]['domain'])."';");

			// Probably the domain settings were changed later, so make sure the doc_root
			// is not empty for further validation
			if(!empty($doc_root))
			{
			$used_path = $doc_root['document_root'];
			if(substr($used_path, -1) != '/') $used_path .= '/';

			$location_for_domain = $app->db->queryOneRecord("SELECT value
			FROM aps_instances_settings WHERE name = 'main_location'
			// Probably the domain settings were changed later, so make sure the doc_root
			// is not empty for further validation
			if(!empty($doc_root))
			{
			$used_path = $doc_root['document_root'];
			if(substr($used_path, -1) != '/') $used_path .= '/';

			$location_for_domain = $app->db->queryOneRecord("SELECT value
			FROM aps_instances_settings WHERE name = 'main_location'
			AND instance_id = '".$app->db->quote($instance_domains[$i]['instance_id'])."';");

			// The location might be empty but the DB return must not be false!
			if($location_for_domain) $used_path .= $location_for_domain['value'];

			if($new_path == $used_path)
			{
			$temp_errstr = $app->lng('error_used_location');
			break;
			}
			}
			}
			}
			else $temp_errstr = $app->lng('error_main_domain');

			if($temp_errstr == '') $input['main_location'] = htmlspecialchars($main_location);
			else $error[] = $temp_errstr;
			}
			else $error[] = $app->lng('error_no_main_location');

			// License (the checkbox must be set)
			if(isset($pkg_details['License need agree'])
			&& $pkg_details['License need agree'] == 'true')
			{
			if(isset($postinput['license']) && $postinput['license'] == 'on') $input['license'] = 'true';
			else $error[] = $app->lng('error_license_agreement');
			}

			// Database
			if(isset($pkg_details['Requirements Database'])
			&& $pkg_details['Requirements Database'] != '')
			{
			if(isset($postinput['main_database_password']))
			{
			if($postinput['main_database_password'] == '') $error[] = $app->lng('error_no_database_pw');
			else if(strlen($postinput['main_database_password']) > 8)
			$input['main_database_password'] = htmlspecialchars($postinput['main_database_password']);
			else $error[] = $app->lng('error_short_database_pw');
			}
			else $error[] = $app->lng('error_no_database_pw');
			}

			// Validate the package settings
			foreach($settings as $setting)
			{
			$temp_errstr = '';
			$setting_id = strval($setting['SettingID']);

			// We assume that every setting must be set
			if((isset($postinput[$setting_id]) && ($postinput[$setting_id] != ''))
			\|\| ($setting['SettingType'] == 'boolean'))
			{
			if($setting['SettingType'] == 'string' \|\| $setting['SettingType'] == 'password')
			{
			if($app->functions->intval($setting['SettingMinLength'], true) != 0
			&& strlen($postinput[$setting_id]) < $app->functions->intval($setting['SettingMinLength'], true))
			$temp_errstr = sprintf($app->lng('error_short_value_for'), $setting['setting_name']);

			if($app->functions->intval($setting['SettingMaxLength'], true) != 0
			&& strlen($postinput[$setting_id]) > $app->functions->intval($setting['SettingMaxLength'], true))
			$temp_errstr = sprintf($app->lng('error_long_value_for'), $setting['setting_name']);
			// The location might be empty but the DB return must not be false!
			if($location_for_domain) $used_path .= $location_for_domain['value'];

			if(isset($setting['SettingRegex'])
			&& !preg_match("/".$setting['SettingRegex']."/", $postinput[$setting_id]))
			$temp_errstr = sprintf($app->lng('error_inv_value_for'), $setting['setting_name']);
			}
			else if($setting['SettingType'] == 'email')
			{
			if(filter_var(strtolower($postinput[$setting_id]), FILTER_VALIDATE_EMAIL) === false)
			$temp_errstr = sprintf($app->lng('error_inv_email_for'), $setting['setting_name']);
			}
			else if($setting['SettingType'] == 'domain-name')
			{
			if(!preg_match("^(http\|https)\://([a-zA-Z0-9\.\-]+(\:[a-zA-Z0-9\.&%\$\-]+)@)((25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[1-9])\.(25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[1-9]\|0)\.(25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[1-9]\|0)\.(25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[0-9])\|localhost\|([a-zA-Z0-9\-]+\.)[a-zA-Z0-9\-]+\.(com\|edu\|gov\|int\|mil\|net\|org\|biz\|arpa\|info\|name\|pro\|aero\|coop\|museum\|[a-zA-Z]{2}))(\:[0-9]+)(/($\|[a-zA-Z0-9\.\,\?\'\\\+&%\$#\=~_\-]+))*$",
			$postinput[$setting_id]))
			$temp_errstr = sprintf($app->lng('error_inv_domain_for'), $setting['setting_name']);
			}
			else if($setting['SettingType'] == 'integer')
			{
			if(filter_var($postinput[$setting_id], FILTER_VALIDATE_INT) === false)
			$temp_errstr = sprintf($app->lng('error_inv_integer_for'), $setting['setting_name']);
			}
			else if($setting['SettingType'] == 'float')
			{
			if(filter_var($postinput[$setting_id], FILTER_VALIDATE_FLOAT) === false)
			$temp_errstr = sprintf($app->lng('error_inv_float_for'), $setting['setting_name']);
			}
			else if($setting['SettingType'] == 'boolean')
			{
			// If we have a boolean value set, it must be either true or false
			if(!isset($postinput[$setting_id])) $postinput[$setting_id] = 'false';
			else if(isset($postinput[$setting_id]) && $postinput[$setting_id] != 'true')
			$postinput[$setting_id] = 'true';
			}
			else if($setting['SettingType'] == 'enum')
			{
			$found = false;
			for($i = 0; $i < count($setting['SettingChoices']); $i++)
			{
			if($setting['SettingChoices'][$i]['EnumID'] == $postinput[$setting_id])
			$found = true;
			}
			if(!$found) $temp_errstr = sprintf($app->lng('error_inv_value_for'), $setting['SettingName']);
			}

			if($temp_errstr == '') $input[$setting_id] = $postinput[$setting_id];
			else $error[] = $temp_errstr;
			}
			else $error[] = sprintf($app->lng('error_no_value_for'), $setting['SettingName']);
			}

			$ret['input'] = $input;
			$ret['error'] = array_unique($error);

			return $ret;
			}

			/**
			* Read the metadata of a package and returns some content
			*
			* @param $id the internal ID of the package
			* @return array
			*/
			public function getPackageDetails($id)
			{
			global $app;

			$pkg = $app->db->queryOneRecord('SELECT * FROM aps_packages WHERE id = '.$app->db->quote($id).';');

			// Load in meta file if existing and register its namespaces
			$metafile = $this->interface_pkg_dir.'/'.$pkg['path'].'/APP-META.xml';
			if(!file_exists($metafile))
			return array('error' => 'The metafile for '.$pkg['name'].' couldn\'t be found');

			$metadata = file_get_contents($metafile);
			$metadata = str_replace("xmlns=", "ns=", $metadata);
			$sxe = new SimpleXMLElement($metadata);
			$namespaces = $sxe->getDocNamespaces(true);
			foreach($namespaces as $ns => $url) $sxe->registerXPathNamespace($ns, $url);
			if($new_path == $used_path)
			{
			$temp_errstr = $app->lng('error_used_location');
			break;
			}
			}
			}
			}
			else $temp_errstr = $app->lng('error_main_domain');

			$pkg['Summary'] = htmlspecialchars(parent::getXPathValue($sxe, '//summary'));
			$pkg['Homepage'] = parent::getXPathValue($sxe, '//homepage');
			$pkg['Description'] = nl2br(htmlspecialchars(trim(parent::getXPathValue($sxe, '//description'))));
			$pkg['Config script'] = strtoupper(parent::getXPathValue($sxe, '//configuration-script-language'));
			$installed_size = parent::getXPathValue($sxe, '//installed-size');
			$pkg['Installed Size'] = (!empty($installed_size)) ? parent::convertSize((int)$installed_size) : '';

			// License
			$pkg['License need agree'] = parent::getXPathValue($sxe, '//license/@must-accept');
			$pkg['License name'] = parent::getXPathValue($sxe, '//license/text/name'); // might be empty
			$pkg['License type'] = 'file'; // default type
			$pkg['License content'] = ''; // default license filename on local system
			$license_url = parent::getXPathValue($sxe, '//license/text/url');
			if(!empty($license_url))
			{
			$pkg['License type'] = 'url';
			$pkg['License content'] = htmlspecialchars($license_url);
			}
			else
			{
			$lic = @file_get_contents($this->interface_pkg_dir.'/'.$pkg['path'].'/LICENSE');
			$pkg['License content'] = htmlentities($lic, ENT_QUOTES, 'ISO-8859-1');
			}

			// Languages
			$languages = parent::getXPathValue($sxe, '//languages/language', true);
			$pkg['Languages'] = (is_array($languages)) ? implode(' ', $languages) : '';

			// Icon
			$icon = parent::getXPathValue($sxe, '//icon/@path');
			if(!empty($icon))
			{
			// Using parse_url() to filter malformed URLs
			$path = dirname(parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH)).'/'.
			basename($this->interface_pkg_dir).'/'.$pkg['path'].'/'.basename((string)$icon);
			if($temp_errstr == '') $input['main_location'] = htmlspecialchars($main_location);
			else $error[] = $temp_errstr;
			}
			else $error[] = $app->lng('error_no_main_location');

			// License (the checkbox must be set)
			if(isset($pkg_details['License need agree'])
			&& $pkg_details['License need agree'] == 'true')
			{
			if(isset($postinput['license']) && $postinput['license'] == 'on') $input['license'] = 'true';
			else $error[] = $app->lng('error_license_agreement');
			}

			// Database
			if(isset($pkg_details['Requirements Database'])
			&& $pkg_details['Requirements Database'] != '')
			{
			if(isset($postinput['main_database_password']))
			{
			if($postinput['main_database_password'] == '') $error[] = $app->lng('error_no_database_pw');
			else if(strlen($postinput['main_database_password']) > 8)
			$input['main_database_password'] = htmlspecialchars($postinput['main_database_password']);
			else $error[] = $app->lng('error_short_database_pw');
			}
			else $error[] = $app->lng('error_no_database_pw');
			}

			// Validate the package settings
			foreach($settings as $setting)
			{
			$temp_errstr = '';
			$setting_id = strval($setting['SettingID']);

			// We assume that every setting must be set
			if((isset($postinput[$setting_id]) && ($postinput[$setting_id] != ''))
			\|\| ($setting['SettingType'] == 'boolean'))
			{
			if($setting['SettingType'] == 'string' \|\| $setting['SettingType'] == 'password')
			{
			if($app->functions->intval($setting['SettingMinLength'], true) != 0
			&& strlen($postinput[$setting_id]) < $app->functions->intval($setting['SettingMinLength'], true))
			$temp_errstr = sprintf($app->lng('error_short_value_for'), $setting['setting_name']);

			if($app->functions->intval($setting['SettingMaxLength'], true) != 0
			&& strlen($postinput[$setting_id]) > $app->functions->intval($setting['SettingMaxLength'], true))
			$temp_errstr = sprintf($app->lng('error_long_value_for'), $setting['setting_name']);

			if(isset($setting['SettingRegex'])
			&& !preg_match("/".$setting['SettingRegex']."/", $postinput[$setting_id]))
			$temp_errstr = sprintf($app->lng('error_inv_value_for'), $setting['setting_name']);
			}
			else if($setting['SettingType'] == 'email')
			{
			if(filter_var(strtolower($postinput[$setting_id]), FILTER_VALIDATE_EMAIL) === false)
			$temp_errstr = sprintf($app->lng('error_inv_email_for'), $setting['setting_name']);
			}
			else if($setting['SettingType'] == 'domain-name')
			{
			if(!preg_match("^(http\|https)\://([a-zA-Z0-9\.\-]+(\:[a-zA-Z0-9\.&%\$\-]+)@)((25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[1-9])\.(25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[1-9]\|0)\.(25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[1-9]\|0)\.(25[0-5]\|2[0-4][0-9]\|[0-1]{1}[0-9]{2}\|[1-9]{1}[0-9]{1}\|[0-9])\|localhost\|([a-zA-Z0-9\-]+\.)[a-zA-Z0-9\-]+\.(com\|edu\|gov\|int\|mil\|net\|org\|biz\|arpa\|info\|name\|pro\|aero\|coop\|museum\|[a-zA-Z]{2}))(\:[0-9]+)(/($\|[a-zA-Z0-9\.\,\?\'\\\+&%\$#\=~_\-]+))*$",
			$postinput[$setting_id]))
			$temp_errstr = sprintf($app->lng('error_inv_domain_for'), $setting['setting_name']);
			}
			else if($setting['SettingType'] == 'integer')
			{
			if(filter_var($postinput[$setting_id], FILTER_VALIDATE_INT) === false)
			$temp_errstr = sprintf($app->lng('error_inv_integer_for'), $setting['setting_name']);
			}
			else if($setting['SettingType'] == 'float')
			{
			if(filter_var($postinput[$setting_id], FILTER_VALIDATE_FLOAT) === false)
			$temp_errstr = sprintf($app->lng('error_inv_float_for'), $setting['setting_name']);
			}
			else if($setting['SettingType'] == 'boolean')
			{
			// If we have a boolean value set, it must be either true or false
			if(!isset($postinput[$setting_id])) $postinput[$setting_id] = 'false';
			else if(isset($postinput[$setting_id]) && $postinput[$setting_id] != 'true')
			$postinput[$setting_id] = 'true';
			}
			else if($setting['SettingType'] == 'enum')
			{
			$found = false;
			for($i = 0; $i < count($setting['SettingChoices']); $i++)
			{
			if($setting['SettingChoices'][$i]['EnumID'] == $postinput[$setting_id])
			$found = true;
			}
			if(!$found) $temp_errstr = sprintf($app->lng('error_inv_value_for'), $setting['SettingName']);
			}

			if($temp_errstr == '') $input[$setting_id] = $postinput[$setting_id];
			else $error[] = $temp_errstr;
			}
			else $error[] = sprintf($app->lng('error_no_value_for'), $setting['SettingName']);
			}

			$ret['input'] = $input;
			$ret['error'] = array_unique($error);

			return $ret;
			}



			/**
			* Read the metadata of a package and returns some content
			*
			* @param $id the internal ID of the package
			* @return array
			*/
			public function getPackageDetails($id)
			{
			global $app;

			$pkg = $app->db->queryOneRecord('SELECT * FROM aps_packages WHERE id = '.$app->db->quote($id).';');

			// Load in meta file if existing and register its namespaces
			$metafile = $this->interface_pkg_dir.'/'.$pkg['path'].'/APP-META.xml';
			if(!file_exists($metafile))
			return array('error' => 'The metafile for '.$pkg['name'].' couldn\'t be found');

			$metadata = file_get_contents($metafile);
			$metadata = str_replace("xmlns=", "ns=", $metadata);
			$sxe = new SimpleXMLElement($metadata);
			$namespaces = $sxe->getDocNamespaces(true);
			foreach($namespaces as $ns => $url) $sxe->registerXPathNamespace($ns, $url);

			$pkg['Summary'] = htmlspecialchars(parent::getXPathValue($sxe, '//summary'));
			$pkg['Homepage'] = parent::getXPathValue($sxe, '//homepage');
			$pkg['Description'] = nl2br(htmlspecialchars(trim(parent::getXPathValue($sxe, '//description'))));
			$pkg['Config script'] = strtoupper(parent::getXPathValue($sxe, '//configuration-script-language'));
			$installed_size = parent::getXPathValue($sxe, '//installed-size');
			$pkg['Installed Size'] = (!empty($installed_size)) ? parent::convertSize((int)$installed_size) : '';

			// License
			$pkg['License need agree'] = parent::getXPathValue($sxe, '//license/@must-accept');
			$pkg['License name'] = parent::getXPathValue($sxe, '//license/text/name'); // might be empty
			$pkg['License type'] = 'file'; // default type
			$pkg['License content'] = ''; // default license filename on local system
			$license_url = parent::getXPathValue($sxe, '//license/text/url');
			if(!empty($license_url))
			{
			$pkg['License type'] = 'url';
			$pkg['License content'] = htmlspecialchars($license_url);
			}
			else
			{
			$lic = @file_get_contents($this->interface_pkg_dir.'/'.$pkg['path'].'/LICENSE');
			$pkg['License content'] = htmlentities($lic, ENT_QUOTES, 'ISO-8859-1');
			}

			// Languages
			$languages = parent::getXPathValue($sxe, '//languages/language', true);
			$pkg['Languages'] = (is_array($languages)) ? implode(' ', $languages) : '';

			// Icon
			$icon = parent::getXPathValue($sxe, '//icon/@path');
			if(!empty($icon))
			{
			// Using parse_url() to filter malformed URLs
			$path = dirname(parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH)).'/'.
			basename($this->interface_pkg_dir).'/'.$pkg['path'].'/'.basename((string)$icon);
			// nginx: if $_SERVER['PHP_SELF'] is doubled, remove /sites/aps_packagedetails_show.php from beginning of path
			$path = preg_replace('@^/sites/aps_packagedetails_show.php(.*)@', '$1', $path);
			$pkg['Icon'] = $path;
			}
			else $pkg['Icon'] = '';

			// Screenshots
			$screenshots = parent::getXPathValue($sxe, '//screenshot', true);
			if(!empty($screenshots))
			{
			foreach($screenshots as $screen)
			{
			// Using parse_url() to filter malformed URLs
			$path = dirname(parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH)).'/'.
			basename($this->interface_pkg_dir).'/'.$pkg['path'].'/'.basename((string)$screen['path']);
			// nginx: if $_SERVER['PHP_SELF'] is doubled, remove /sites/aps_packagedetails_show.php from beginning of path
			$pkg['Icon'] = $path;
			}
			else $pkg['Icon'] = '';

			// Screenshots
			$screenshots = parent::getXPathValue($sxe, '//screenshot', true);
			if(!empty($screenshots))
			{
			foreach($screenshots as $screen)
			{
			// Using parse_url() to filter malformed URLs
			$path = dirname(parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH)).'/'.
			basename($this->interface_pkg_dir).'/'.$pkg['path'].'/'.basename((string)$screen['path']);
			// nginx: if $_SERVER['PHP_SELF'] is doubled, remove /sites/aps_packagedetails_show.php from beginning of path
			$path = preg_replace('@^/sites/aps_packagedetails_show.php(.*)@', '$1', $path);

			$pkg['Screenshots'][] = array('ScreenPath' => $path,
			'ScreenDescription' => htmlspecialchars(trim((string)$screen->description)));
			}
			}
			else $pkg['Screenshots'] = ''; // if no screenshots are available, set the variable though

			// Changelog
			$changelog = parent::getXPathValue($sxe, '//changelog/version', true);
			if(!empty($changelog))
			{
			foreach($changelog as $change)
			{
			$entries = array();
			foreach($change->entry as $entry) $entries[] = htmlspecialchars(trim((string)$entry));
			$pkg['Screenshots'][] = array('ScreenPath' => $path,
			'ScreenDescription' => htmlspecialchars(trim((string)$screen->description)));
			}
			}
			else $pkg['Screenshots'] = ''; // if no screenshots are available, set the variable though

			$pkg['Changelog'][] = array('ChangelogVersion' => (string)$change['version'],
			'ChangelogDescription' => implode('<br />', $entries));
			}
			}

			else $pkg['Changelog'] = '';

			// PHP extensions
			$php_extensions = parent::getXPathValue($sxe, '//php:extension', true);
			$php_ext = '';
			if(!empty($php_extensions))
			{
			foreach($php_extensions as $extension)
			{
			if(strtolower($extension) == 'php') continue;
			$php_ext .= $extension.' ';
			}
			}
			$pkg['Requirements PHP extensions'] = trim($php_ext);

			// PHP bool options
			$pkg['Requirements PHP settings'] = '';
			$php_bool_options = array('allow-url-fopen', 'file-uploads', 'magic-quotes-gpc',
			'register-globals', 'safe-mode', 'short-open-tag');
			foreach($php_bool_options as $option)
			{
			$value = parent::getXPathValue($sxe, '//php:'.$option);
			if(!empty($value))
			{
			$option = str_replace('-', '_', $option);
			$value = str_replace(array('false', 'true'), array('off', 'on'), $value);
			$pkg['Requirements PHP settings'][] = array('PHPSettingName' => $option,
			'PHPSettingValue' => $value);
			}
			}

			// PHP integer value settings
			$memory_limit = parent::getXPathValue($sxe, '//php:memory-limit');
			if(!empty($memory_limit))
			$pkg['Requirements PHP settings'][] = array('PHPSettingName' => 'memory_limit',
			'PHPSettingValue' => parent::convertSize((int)$memory_limit));
			// Changelog
			$changelog = parent::getXPathValue($sxe, '//changelog/version', true);
			if(!empty($changelog))
			{
			foreach($changelog as $change)
			{
			$entries = array();
			foreach($change->entry as $entry) $entries[] = htmlspecialchars(trim((string)$entry));

			$max_exec_time = parent::getXPathValue($sxe, '//php:max-execution-time');
			if(!empty($max_exec_time))
			$pkg['Requirements PHP settings'][] = array('PHPSettingName' => 'max-execution-time',
			'PHPSettingValue' => $max_exec_time);

			$post_max_size = parent::getXPathValue($sxe, '//php:post-max-size');
			if(!empty($post_max_size))
			$pkg['Requirements PHP settings'][] = array('PHPSettingName' => 'post_max_size',
			'PHPSettingValue' => parent::convertSize((int)$post_max_size));

			// Get supported PHP versions
			$pkg['Requirements Supported PHP versions'] = '';
			$php_min_version = parent::getXPathValue($sxe, '//php:version/@min');
			$php_max_not_including = parent::getXPathValue($sxe, '//php:version/@max-not-including');
			if(!empty($php_min_version) && !empty($php_max_not_including))
			$pkg['Requirements Supported PHP versions'] = $php_min_version.' - '.$php_max_not_including;
			else if(!empty($php_min_version))
			$pkg['Requirements Supported PHP versions'] = '> '.$php_min_version;
			else if(!empty($php_max_not_including))
			$pkg['Requirements Supported PHP versions'] = '< '.$php_min_version;

			// Database
			$db_id = parent::getXPathValue($sxe, '//db:id');
			$db_server_type = parent::getXPathValue($sxe, '//db:server-type');
			$db_min_version = parent::getXPathValue($sxe, '//db:server-min-version');
			if(!empty($db_id))
			{
			$db_server_type = str_replace('postgresql', 'PostgreSQL', $db_server_type);
			$db_server_type = str_replace('microsoft:sqlserver', 'MSSQL', $db_server_type);
			$db_server_type = str_replace('mysql', 'MySQL', $db_server_type);

			$pkg['Requirements Database'] = $db_server_type;
			if(!empty($db_min_version)) $pkg['Requirements Database'] .= ' > '.$db_min_version;
			}
			else $pkg['Requirements Database'] = '';

			return $pkg;
			}
			$pkg['Changelog'][] = array('ChangelogVersion' => (string)$change['version'],
			'ChangelogDescription' => implode('<br />', $entries));
			}
			}

			else $pkg['Changelog'] = '';

			// PHP extensions
			$php_extensions = parent::getXPathValue($sxe, '//php:extension', true);
			$php_ext = '';
			if(!empty($php_extensions))
			{
			foreach($php_extensions as $extension)
			{
			if(strtolower($extension) == 'php') continue;
			$php_ext .= $extension.' ';
			}
			}
			$pkg['Requirements PHP extensions'] = trim($php_ext);

			// PHP bool options
			$pkg['Requirements PHP settings'] = '';
			$php_bool_options = array('allow-url-fopen', 'file-uploads', 'magic-quotes-gpc',
			'register-globals', 'safe-mode', 'short-open-tag');
			foreach($php_bool_options as $option)
			{
			$value = parent::getXPathValue($sxe, '//php:'.$option);
			if(!empty($value))
			{
			$option = str_replace('-', '_', $option);
			$value = str_replace(array('false', 'true'), array('off', 'on'), $value);
			$pkg['Requirements PHP settings'][] = array('PHPSettingName' => $option,
			'PHPSettingValue' => $value);
			}
			}

			// PHP integer value settings
			$memory_limit = parent::getXPathValue($sxe, '//php:memory-limit');
			if(!empty($memory_limit))
			$pkg['Requirements PHP settings'][] = array('PHPSettingName' => 'memory_limit',
			'PHPSettingValue' => parent::convertSize((int)$memory_limit));

			$max_exec_time = parent::getXPathValue($sxe, '//php:max-execution-time');
			if(!empty($max_exec_time))
			$pkg['Requirements PHP settings'][] = array('PHPSettingName' => 'max-execution-time',
			'PHPSettingValue' => $max_exec_time);

			$post_max_size = parent::getXPathValue($sxe, '//php:post-max-size');
			if(!empty($post_max_size))
			$pkg['Requirements PHP settings'][] = array('PHPSettingName' => 'post_max_size',
			'PHPSettingValue' => parent::convertSize((int)$post_max_size));

			// Get supported PHP versions
			$pkg['Requirements Supported PHP versions'] = '';
			$php_min_version = parent::getXPathValue($sxe, '//php:version/@min');
			$php_max_not_including = parent::getXPathValue($sxe, '//php:version/@max-not-including');
			if(!empty($php_min_version) && !empty($php_max_not_including))
			$pkg['Requirements Supported PHP versions'] = $php_min_version.' - '.$php_max_not_including;
			else if(!empty($php_min_version))
			$pkg['Requirements Supported PHP versions'] = '> '.$php_min_version;
			else if(!empty($php_max_not_including))
			$pkg['Requirements Supported PHP versions'] = '< '.$php_min_version;

			// Database
			$db_id = parent::getXPathValue($sxe, '//db:id');
			$db_server_type = parent::getXPathValue($sxe, '//db:server-type');
			$db_min_version = parent::getXPathValue($sxe, '//db:server-min-version');
			if(!empty($db_id))
			{
			$db_server_type = str_replace('postgresql', 'PostgreSQL', $db_server_type);
			$db_server_type = str_replace('microsoft:sqlserver', 'MSSQL', $db_server_type);
			$db_server_type = str_replace('mysql', 'MySQL', $db_server_type);

			$pkg['Requirements Database'] = $db_server_type;
			if(!empty($db_min_version)) $pkg['Requirements Database'] .= ' > '.$db_min_version;
			}
			else $pkg['Requirements Database'] = '';

			return $pkg;
			}

			}

			?>