Merge branch 'master' of github.com:e107inc/e107

2025-10-19 08:46:20 +02:00 · 2014-08-17 15:57:07 +03:00
parent ad52e0a673 734a954228
commit ccf4dd7412
27 changed files with 1012 additions and 502 deletions
--- a/e107_admin/cache.php
+++ b/e107_admin/cache.php
@@ -45,7 +45,8 @@ if (e107::getPref('cachestatus') == '2')
 if(!is_writable(e_CACHE_CONTENT))
 {
-	e107::getRender()->tablerender(CACLAN_3, CACLAN_10."<br />(".$CACHE_DIRECTORY.")");
+	$mes->addError(CACLAN_10." (".e_CACHE.")");
 	e107::getRender()->tablerender(CACLAN_3, $mes->render());
 	require_once("footer.php");
 	exit;
 }
--- a/e107_admin/prefs.php
+++ b/e107_admin/prefs.php
@@ -217,13 +217,33 @@ function sendTest()
 	else
 	{
 		$mailheader_e107id = USERID;
-		require_once(e_HANDLER.'mail.php');
+	//	require_once(e_HANDLER.'mail.php');
 		$add = ($pref['mailer']) ? " (".strtoupper($pref['mailer']).")" : ' (PHP)';
 		$sendto = trim($_POST['testaddress']);
-		if (!sendemail($sendto, LAN_MAILOUT_113." ".SITENAME.$add, str_replace("[br]", "\n", LAN_MAILOUT_114),LAN_MAILOUT_189)) 
+		
 		$eml = array(); 
 		$eml['email_subject']		= LAN_MAILOUT_113." ".SITENAME.$add;
 		$eml['email_sender_email']	= null; 
 		$eml['email_sender_name']	= null;
 		$eml['email_replyto']		= null;
 		$eml['email_replytonames']	= null; 
 		$eml['send_html']			= true; 
 		$eml['add_html_header'] 	= null; 
 		$eml['email_body']			= str_replace("[br]", "<br>", LAN_MAILOUT_114);
 		$eml['email_attach']		= null;
 		$eml['template']			= 'default';
 		$eml['e107_header']			= USERID;
 		if (!e107::getEmail()->sendEmail($sendto, LAN_MAILOUT_189, $eml)) 
 		{
 			$mes->addError(($pref['mailer'] == 'smtp')  ? LAN_MAILOUT_67 : LAN_MAILOUT_106);
 		} 
 	//	if (!sendemail($sendto, LAN_MAILOUT_113." ".SITENAME.$add, str_replace("[br]", "\n", LAN_MAILOUT_114),LAN_MAILOUT_189)) 
 	//	{
 	//		$mes->addError(($pref['mailer'] == 'smtp')  ? LAN_MAILOUT_67 : LAN_MAILOUT_106);
 	//	} 
 		else 
 		{
 			$mes->addSuccess(LAN_MAILOUT_81. ' ('.$sendto.')');
--- a/e107_core/templates/email_template.php
+++ b/e107_core/templates/email_template.php
@@ -2,25 +2,14 @@
 /*
 * e107 website system
 *
- * Copyright (C) 2008-2013 e107 Inc (e107.org)
+ * Copyright (C) 2008-2014 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
 * Templates for all emails
 *
 * $URL: $
 * $Revision: 11315 $
 * $Id: $
 */
 /**
 * 
 *	@package     e107
 *	@subpackage	e107_templates
 *	@version 	$Id: mail_manager_class.php 11315 2010-02-10 18:18:01Z secretr $;
 *
 */
 /**
 *	This file defines the default templates for each type of email which may be sent.
@@ -318,13 +307,7 @@ $MONTHLYUPDATE_TEMPLATE = array(
 	);
-/*
+
 * QUICK ADD USER EMAIL TEMPLATE - BODY. 	
 * This is the email that is sent when an admin creates a user account in admin. "Quick Add User"
 	USRLAN_185 = A user account has been created for you at {SITEURL} with the following login:<br />Login Name: {LOGIN}<br />Password: {PASSWORD}<br/><br />
 	USRLAN_186 = Please go to the site as soon as possible and log in, then change your password using the \'Settings\' option.<br /><br />
 						You can also change other settings at the same time.<br /><br />Note that your password cannot be recovered if you lose it.
 */
 $QUICKADDUSER_TEMPLATE = array(
 	'template_name' => 'Quick-Add-User',
@@ -334,7 +317,102 @@ $QUICKADDUSER_TEMPLATE = array(
 	'email_body' => USRLAN_185.USRLAN_186,
 //	'email_footer' => 'footer'
 	);
-	
+
 /** Standardized v2 template rewrite 
 * Format for individual emails sent by e107 (not bulk emails for now) - a work in progress - bulk could be ported later.
 * @see e107Email::sendEmail(); 
 * Aim: to make email templates follow the same spec. as other templates while remaining as intuitive as other v2 templates in e107. 
 */
 // Default - test email and when no template specified. 
 $EMAIL_TEMPLATE['default']['name']	 		= 'Default';
 $EMAIL_TEMPLATE['default']['header']		= "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">
 												<html xmlns='http://www.w3.org/1999/xhtml' >
 												<head>
 												<meta http-equiv='content-type' content='text/html; charset=utf-8' />
 												<style>
 													body { padding:10px; background-color: #E1E1E1 } 
 													 div#body { padding:10px; width: 800px; background-color: #FFFFFF; border-radius: 5px }
 												</style>
 												</head>
 												<body>
 												<div id='body'>
 												";
 $EMAIL_TEMPLATE['default']['body']			= "{BODY}";											
 $EMAIL_TEMPLATE['default']['footer']		= "<br /><br />
 												{SITENAME=link}
 												</div>
 												</body>
 												</html>";
 // Signup Template. 
 $EMAIL_TEMPLATE['signup']['subject']		= LAN_SIGNUP_96.' {SITENAME}';
 $EMAIL_TEMPLATE['signup']['header']			= $EMAIL_TEMPLATE['default']['header'];
 $EMAIL_TEMPLATE['signup']['body'] 			= "											
 												<div style='text-align:left'>
 												".LAN_EMAIL_01." {USERNAME},<br />
 												<br />".
 												LAN_SIGNUP_97." {SITENAME}<br />
 												".LAN_SIGNUP_21."<br />
 												<br />
 												{ACTIVATION_LINK}<br />
 												<br />
 												<small>".LAN_SIGNUP_59."</small><br />
 												<br />
 												".LAN_SIGNUP_18."<br />
 												<br />
 												".LAN_LOGINNAME.": <b> {LOGINNAME} </b><br />
 												".LAN_PASSWORD.": <b> {PASSWORD} </b><br />
 												<br />
 												".LAN_EMAIL_04."<br />
 												".LAN_EMAIL_05."<br />
 												<br />
 												".LAN_EMAIL_06."<br />
 												<br />
 												{SITENAME=link}<br />
 												{SITEURL}
 												<br /><br />".($includeSiteButton ? "<a href='".SITEURL."' title=''><img src='".e_IMAGE_ABS.str_replace('{e_IMAGE}', '', $includeSiteButton)."' alt='' /></a>" : '')."
 												</div>
 												";
 $EMAIL_TEMPLATE['signup']['footer']			= "</div>
 												</body>
 												</html>";
 $EMAIL_TEMPLATE['signup']['cc']				= "";
 $EMAIL_TEMPLATE['signup']['bcc']			= "";
 $EMAIL_TEMPLATE['signup']['attachments']	= "";
 /*
 * QUICK ADD USER EMAIL TEMPLATE - BODY. 	
 * This is the email that is sent when an admin creates a user account in admin. "Quick Add User"
 	USRLAN_185 = A user account has been created for you at {SITEURL} with the following login:<br />Login Name: {LOGIN}<br />Password: {PASSWORD}<br/><br />
 	USRLAN_186 = Please go to the site as soon as possible and log in, then change your password using the \'Settings\' option.<br /><br />
 						You can also change other settings at the same time.<br /><br />Note that your password cannot be recovered if you lose it.
 */
 $EMAIL_TEMPLATE['quickadd']['header']		= $EMAIL_TEMPLATE['default']['header']; // will use default header above. 												
 $EMAIL_TEMPLATE['quickadd']['body']			= USRLAN_185.USRLAN_186;											
 $EMAIL_TEMPLATE['quickadd']['footer']		= $EMAIL_TEMPLATE['default']['footer']; // will use default footer above. 		
 // Notify (@see admin-> notify) // TODO
 $EMAIL_TEMPLATE['notify']['header']			= $EMAIL_TEMPLATE['default']['header']; // will use default header above. 	
 $EMAIL_TEMPLATE['notify']['body']			= $EMAIL_TEMPLATE['default']['body']; // will use default header above. 	
 $EMAIL_TEMPLATE['notify']['footer']			= $EMAIL_TEMPLATE['default']['footer']; // will use default header above. 	
 ?>
--- a/e107_core/templates/fpw_template.php
+++ b/e107_core/templates/fpw_template.php
@@ -81,16 +81,17 @@ if(!isset($FPW_TABLE_FOOTER))
 $FPW_TEMPLATE['form'] = '
 					<div class="row">
-					<div class="col-sm-12 col-md-8">
+						<div class="col-sm-12 col-md-8">
-					<p>{FPW_TEXT}</p>
+						<p>{FPW_TEXT}</p>
-					<div class="form-group">{FPW_USEREMAIL}</div>
+						<div class="form-group">{FPW_USEREMAIL}</div>
-					<div class="row">
+						<div class="form-group">{FPW_CAPTCHA_IMG}{FPW_CAPTCHA_INPUT}</div>
-						<div class="col-xs-12 col-sm-4 col-sm-offset-8">
+							<div class="row">	
-						{FPW_SUBMIT}
+								<div class="col-xs-12 col-sm-4 col-sm-offset-8">
 								{FPW_SUBMIT}
 								</div>
 							</div>		
 						</div>
 					</div>
 					</div>
 					</div>
 					';
 $FPW_TEMPLATE['header'] = '';
 $FPW_TEMPLATE['footer'] = '';
--- a/e107_core/xml/default_install.xml
+++ b/e107_core/xml/default_install.xml
@@ -120,6 +120,8 @@
 		<core name="mail_pause">3</core>
 		<core name="mail_bounce">none</core>
 		<core name="mail_pausetime">4</core>
 		<core name="mail_sendstyle">texthtml</core>		
 		<core name="mail_workpertick">5</core>
 		<core name="mailer">php</core>
 		<core name="main_wordwrap"></core>
 		<core name="maintainance_flag">0</core>
--- a/e107_handlers/chart_class.php
+++ b/e107_handlers/chart_class.php
@@ -337,8 +337,44 @@ class e_chart
 			        var data = google.visualization.arrayToDataTable(".$this->getData().");
 			        var options = ".$this->getOptions()." ;
 					";
-			        var chart = new google.visualization.AreaChart(document.getElementById('".$id."'));
+			
 				switch ($this->type) 
 				{
 					case 'bar':					
 						//
 					break;
 					case 'column':
 						$js .= "var chart = new google.visualization.ColumnChart(document.getElementById('".$id."'));	";
 					break;
 					case 'polar':
 						//TODO
 					break;
 					case 'doughnut':
 						//
 					break;
 					case 'pie':
 						$js .= "var chart = new google.visualization.PieChart(document.getElementById('".$id."'));	";
 					break;
 					default:
 					case 'line':
 					case 'area':
 						$js .= "var chart = new google.visualization.AreaChart(document.getElementById('".$id."'));	";
 					break;
 				}
 				$js .= "
 			        chart.draw(data, options);
 			      }
--- a/e107_handlers/form_handler.php
+++ b/e107_handlers/form_handler.php
@@ -109,8 +109,6 @@ class e_form
 		parse_str($options,$options);
 		$target = str_replace("&", "&amp;", $target);
 		if(vartrue($options['class']))
 		{
 			$class = "class='".$options['class']."'";
@@ -125,11 +123,11 @@ class e_form
 			$autoComplete = " autocomplete='".($options['autocomplete'] ? 'on' : 'off')."'";	
 		}
 		$text = "\n<form {$class} action='{$target}' id='".$this->name2id($name)."' method = '{$method}'{$autoComplete}>\n";
 		if($method == 'get' && strpos($target,'='))
 		{
 			list($url,$qry) = explode("?",$target);
 			$text = "\n<form {$class} action='{$url}' id='".$this->name2id($name)."' method = '{$method}'{$autoComplete}>\n";
 			parse_str($qry,$m);
 			foreach($m as $k=>$v)
@@ -138,7 +136,11 @@ class e_form
 			}
 		}	
-		
+		else 
 		{
 			$target = str_replace("&", "&amp;", $target);
 			$text = "\n<form {$class} action='{$target}' id='".$this->name2id($name)."' method = '{$method}'{$autoComplete}>\n";
 		}
 		return $text;	
 	}
@@ -180,6 +182,11 @@ class e_form
 		$options['size'] = 7;
 		return $this->text($name, $value, $maxlength, $options);	
 	}
 	/**
 	 * Render Bootstrap Tabs
@@ -226,8 +233,100 @@ class e_form
 		return $text;
 	}
-	
+	/**
 	 * Render Bootstrap Carousel 
 	 * @param $name : A unique name 
 	 * @param $array
 	 * @param $options : placeholder for any future options. (currently not in use) 
 	 * @example
 	 * $array = array(
 	 * 		'slide1' => array('caption' => 'Slide 1', 'text' => 'first slide content' ),
 	 * 		'slide2' => array('caption' => 'Slide 2', 'text' => 'second slide content' ),
 	 * 		'slide3' => array('caption' => 'Slide 3', 'text' => 'third slide content' )
 	 * 	);
 	 */
 	function carousel($name="e-carousel", $array, $options = null)
 	{
 		$interval = null;
 		$wrap = null;
 		$pause = null;
 		if(isset($options['wrap']))
 		{
 			$wrap = 'data-wrap="'.$options['wrap'].'"';	
 		}
 		if(isset($options['interval']))
 		{
 			$interval = 'data-interval="'.$options['interval'].'"';	
 		}
 		if(isset($options['pause']))
 		{
 			$interval = 'data-pause="'.$options['pause'].'"';	
 		}
 		$text  ='
 		<!-- Carousel -->
 		<div id="'.$name.'" class="carousel slide" data-ride="carousel" '.$interval.' '.$wrap.' '.$pause.'>
  		<!-- Indicators -->
  		<ol class="carousel-indicators">
 		';
 		$c = 0;
 		foreach($array as $key=>$tab)
 		{
 			$active = ($c == 0) ? ' class="active"' : '';
 			$text .=  '<li data-target="#'.$name.'" data-slide-to="'.$c.'" '.$active.'></li>';
 			$c++;
 		}
 		$text .= '
 		</ol>
 		<div class="carousel-inner">
 		';
 		$c=0;
 		foreach($array as $key=>$tab)
 		{
 			$active = ($c == 0) ? ' active' : '';
 			$text .= '<div class="item'.$active.'" id="'.$key.'">';
 			$text .= $tab['text'];
 			if(!empty($tab['caption']))
 			{
 				$text .= '<div class="carousel-caption">'.$tab['caption'].'</div>';	
 			}
 			$text .= '</div>';
 			$c++;
 		}
 		$text .= '
 		</div>';
 		$text .= '
 		<a class="left carousel-control" href="#'.$name.'" role="button" data-slide="prev">
    	<span class="glyphicon glyphicon-chevron-left"></span>
 		</a>
 		<a class="right carousel-control" href="#'.$name.'" role="button" data-slide="next">
 		<span class="glyphicon glyphicon-chevron-right"></span>
 		</a>';
 		$text .= '</div><!-- End Carousel -->';
 		return $text;
 	}	
 	/**
@@ -4354,6 +4453,7 @@ class e_form
 	}
 }
 // DEPRECATED - use above methods instead ($frm)
 class form 
 {
 	function form_open($form_method, $form_action, $form_name = "", $form_target = "", $form_enctype = "", $form_js = "") 
--- a/e107_handlers/mail.php
+++ b/e107_handlers/mail.php
@@ -137,24 +137,25 @@ define('MAIL_LOG_PATH',e_LOG);
 class e107Email extends PHPMailer
 {
-	private $general_opts = array();
+	private $general_opts 		= array();
-	private $logEnable = 0;				// 0 = log disabled, 1 = 'dry run' (debug and log, no send). 2 = 'log all' (send, and log result)
+	private $logEnable 			= 0;		// 0 = log disabled, 1 = 'dry run' (debug and log, no send). 2 = 'log all' (send, and log result)
-	private $logHandle = FALSE;			// Save handle of log file if opened
+	private $logHandle 			= FALSE;	// Save handle of log file if opened
-	private $localUseVerp = FALSE;		// Use our own variable - PHPMailer one doesn't work with all mailers
+	private $localUseVerp 		= FALSE;	// Use our own variable - PHPMailer one doesn't work with all mailers
-	private $save_bouncepath = '';		// Used with VERP
+	private $save_bouncepath 	= '';		// Used with VERP
-	private $add_email = 0;				// 1 includes email detail in log (if logging enabled, of course)
+	private $add_email 			= 0;		// 1 includes email detail in log (if logging enabled, of course)
-	private $allow_html = 1;			// Flag for HTML conversion - '1' = default, FALSE = disable, TRUE = force.
+	private $allow_html 		= 1;		// Flag for HTML conversion - '1' = default, FALSE = disable, TRUE = force.
-	private $add_HTML_header = FALSE;	// If TRUE, inserts a standard HTML header at the front of the HTML part of the email (set FALSE for BC)
+	private $add_HTML_header 	= FALSE;	// If TRUE, inserts a standard HTML header at the front of the HTML part of the email (set FALSE for BC)
-	private $SendCount = 0;				// Keep track of how many emails sent since last SMTP open/connect (used for SMTP KeepAlive)
+	private $SendCount 			= 0;		// Keep track of how many emails sent since last SMTP open/connect (used for SMTP KeepAlive)
-	private $TotalSent = 0;				// Info might be of interest
+	private $TotalSent 			= 0;		// Info might be of interest
-	private $TotalErrors = 0;			// Count errors in sending emails
+	private $TotalErrors 		= 0;		// Count errors in sending emails
-	private $pause_amount = 10;			// Number of emails to send before pausing/resetting (or closing if SMTPkeepAlive set)
+	private $pause_amount 		= 10;		// Number of emails to send before pausing/resetting (or closing if SMTPkeepAlive set)
-	private $pause_time = 1;			// Time to pause after sending a block of emails
+	private $pause_time 		= 1;		// Time to pause after sending a block of emails
 	public	$legacyBody = FALSE;		// TRUE enables legacy conversion of plain text body to HTML in HTML emails
 	public	$legacyBody 		= false;	// TRUE enables legacy conversion of plain text body to HTML in HTML emails
 	private $debug 				= false;	// echos various debug info when set to true. 
 	/**
 	 * Constructor sets up all the global options, and sensible defaults - it should be the only place the prefs are accessed
 	 * 
@@ -169,6 +170,11 @@ class e107Email extends PHPMailer
 		$e107 = e107::getInstance();
 		$pref = e107::pref('core');
 		$tp = e107::getParser();
 		if(defined('MAIL_DEBUG'))
 		{
 			$this->debug = true;
 		}
 		$this->CharSet = 'utf-8';
 		$this->SetLanguage(CORE_LC);
@@ -184,9 +190,10 @@ class e107Email extends PHPMailer
 		}
 		$this->pause_amount = varset($pref['mail_pause'], 10);
 		$this->pause_time =  varset($pref['mail_pausetime'], 1);
 		$this->allow_html = varset($pref['mail_sendstyle'],'textonly') == 'texthtml' ? true : 1;
 		if (varsettrue($pref['mail_options'])) $this->general_opts = explode(',',$pref['mail_options'],'');
-		if (defined('MAIL_DEBUG')) echo 'Mail_options: '.$pref['mail_options'].' Count: '.count($this->general_opts).'<br />';
+		if ($this->debug) echo 'Mail_options: '.$pref['mail_options'].' Count: '.count($this->general_opts).'<br />';
 		foreach ($this->general_opts as $k => $v) 
 		{
 			$v = trim($v);
@@ -194,7 +201,7 @@ class e107Email extends PHPMailer
 			if (strpos($v,'hostname') === 0)
 			{
 				list(,$this->HostName) = explode('=',$v);
-				if (defined('MAIL_DEBUG')) echo "Host name set to: {$this->HostName}<br />";
+				if ($this->debug) echo "Host name set to: {$this->HostName}<br />";
 			}
 		}
@@ -246,7 +253,7 @@ class e107Email extends PHPMailer
 							$this->Port = 465;
 							break;
 						default :
-							if (defined('MAIL_DEBUG')) echo "Invalid option: {$smtp_options['secure']}<br />";
+							if ($this->debug) echo "Invalid option: {$smtp_options['secure']}<br />";
 					}
 				}
 				$this->SMTPKeepAlive = varset($smtp_options['keepalive'],FALSE);									// ***** Control this
@@ -482,10 +489,12 @@ class e107Email extends PHPMailer
 			$want_HTML = FALSE;
 			break;
 		}
-	
+		
 		$message = str_replace("\t", "", $message); // filter out tabs from templates; 
 		if ($want_HTML !== FALSE)
 		{
-			if (defined('MAIL_DEBUG')) echo "Generating multipart email<br />";
+			if ($this->debug) echo "Generating multipart email<br />";
 			if ($add_HTML_header)
 			{
 				$message = 	"<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n
@@ -493,6 +502,12 @@ class e107Email extends PHPMailer
 			}
 			if ($this->legacyBody && !preg_match('/<(font|br|a|img|b)/i', $message)) // Assume html if it includes one of these tags
 			{	// Otherwise assume its a plain text message which needs some conversion to render in HTML
 				if($this->debug == true)
 				{
 					echo 'Running legacyBody mode<br />';	
 				}
 				$message = htmlspecialchars($message,ENT_QUOTES,$this->CharSet);
 				$message = preg_replace('%(http|ftp|https)(://\S+)%', '<a href="\1\2">\1\2</a>', $message);
 				$message = preg_replace('/([[:space:]()[{}])(www.[-a-zA-Z0-9@:%_\+.~#?&\/\/=]+)/i', '\\1<a href="http://\\2">\\2</a>', $message);
@@ -506,7 +521,7 @@ class e107Email extends PHPMailer
 		}
 		else
 		{	// generate the plain text as the sole part of the email
-			if (defined('MAIL_DEBUG')) echo "Generating plain text email<br />";
+			if ($this->debug) echo "Generating plain text email<br />";
 			if (strpos($message,'</style>') !== FALSE)
 			{
 				$text = strstr($message,'</style>');
@@ -577,49 +592,80 @@ class e107Email extends PHPMailer
 	 *	Where parameter not present, doesn't change it - so can repeatedly call this function for bulk mailing, or to build up the list
 	 *	(Note that there is no requirement to use this method for everything; parameters can be set by mixing this method with individual setting)
 	 *
-	 *	@param array $paramlist - list of parameters to set/change. Key is parameter name. @see{sendEmail()} for list of parameters
+	 *	@param array $eml - list of parameters to set/change. Key is parameter name. @see{sendEmail()} for list of parameters
 	 *
 	 *	@return int zero if no errors detected
 	 */
-	public function arraySet($paramlist)
+	public function arraySet($eml)
 	{
-		if (isset($paramlist['SMTPDebug'])) $this->SMTPDebug = $paramlist['SMTPDebug'];			// 'FALSE' is a valid value!
+		
-		if (varsettrue($paramlist['email_subject'])) $this->Subject = $paramlist['email_subject'];
+		if($this->debug)
 		if (varsettrue($paramlist['email_sender_email'])) $this->From = $paramlist['email_sender_email'];
 		if (varsettrue($paramlist['email_sender_name'])) $this->FromName = $paramlist['email_sender_name'];
 		if (varsettrue($paramlist['email_replyto'])) $this->AddAddressList('replyto',$paramlist['email_replyto'],varsettrue($paramlist['email_replytonames'],''));	
 		if (isset($paramlist['send_html'])) $this->allow_html = $paramlist['send_html'];							// 'FALSE' is a valid value!
 		if (isset($paramlist['add_html_header'])) $this->add_HTML_header = $paramlist['add_html_header'];			// 'FALSE' is a valid value!
 		if (varsettrue($paramlist['email_body'])) $this->makeBody($paramlist['email_body'], $this->allow_html, $this->add_HTML_header);
 		if (varsettrue($paramlist['email_attach'])) $this->attach($paramlist['email_attach']);
 		if (varsettrue($paramlist['email_copy_to'])) $this->AddAddressList('cc',$paramlist['email_copy_to'],varsettrue($paramlist['email_cc_names'],''));
 		if (varsettrue($paramlist['email_bcopy_to'])) $this->AddAddressList('bcc',$paramlist['email_bcopy_to'],varsettrue($paramlist['email_bcc_names'],''));
 		if (varsettrue($paramlist['bouncepath'])) 
 		{
-			$this->Sender = $paramlist['bouncepath'];				// Bounce path
+			print_a($eml);
 			$this->save_bouncepath = $paramlist['bouncepath'];		// Bounce path
 		}
-		if (varsettrue($paramlist['returnreceipt'])) $this->ConfirmReadingTo = $paramlist['returnreceipt'];
+		
-		if (varsettrue($paramlist['email_inline_images'])) $this->addInlineImages($paramlist['email_inline_images']);
+		
-		if (varsettrue($paramlist['email_priority'])) $this->Priority = $paramlist['email_priority'];
+		if(vartrue($eml['template'])) // @see e107_core/templates/email_template.php
 		if (varsettrue($paramlist['e107_header'])) $this->AddCustomHeader("X-e107-id: {$paramlist['e107_header']}");
 		if (varsettrue($paramlist['extra_header'])) 
 		{
-			if (is_array($paramlist['extra_header']))
+			$tp = e107::getParser();
 			if($tmpl = e107::getCoreTemplate('email',$eml['template'], true, true))  // $EMAIL_TEMPLATE['default']	
 			{
-				foreach($paramlist['extra_header'] as $eh)
+				$filter = array("\n", "\t");
 				$tmpl['header'] = str_replace($filter,'', $tmpl['header']);
 				$tmpl['footer'] = str_replace($filter,'', $tmpl['footer']);
 				$eml['email_body'] = ($tp->toEmail($tmpl['header']). str_replace('{BODY}', $eml['email_body'], $tmpl['body']). $tp->toEmail($tmpl['footer']));
 				unset($eml['add_html_header']); // disable other headers when template is used. 
 			}
 		}
 		if (isset($eml['SMTPDebug'])) $this->SMTPDebug = $eml['SMTPDebug'];			// 'FALSE' is a valid value!
 		if (vartrue($eml['email_subject'])) $this->Subject = $eml['email_subject'];
 		if (vartrue($eml['email_sender_email'])) $this->From = $eml['email_sender_email'];
 		if (vartrue($eml['email_sender_name'])) $this->FromName = $eml['email_sender_name'];
 		if (vartrue($eml['email_replyto'])) $this->AddAddressList('replyto',$eml['email_replyto'],vartrue($eml['email_replytonames'],''));	
 		if (isset($eml['send_html'])) $this->allow_html = $eml['send_html'];							// 'FALSE' is a valid value!
 		if (isset($eml['add_html_header'])) $this->add_HTML_header = $eml['add_html_header'];			// 'FALSE' is a valid value!
 		if (vartrue($eml['email_body'])) $this->makeBody($eml['email_body'], $this->allow_html, $this->add_HTML_header);
 		if (vartrue($eml['email_attach'])) $this->attach($eml['email_attach']);
 		if (vartrue($eml['email_copy_to'])) $this->AddAddressList('cc',$eml['email_copy_to'],vartrue($eml['email_cc_names'],''));
 		if (vartrue($eml['email_bcopy_to'])) $this->AddAddressList('bcc',$eml['email_bcopy_to'],vartrue($eml['email_bcc_names'],''));
 		if (vartrue($eml['bouncepath'])) 
 		{
 			$this->Sender = $eml['bouncepath'];				// Bounce path
 			$this->save_bouncepath = $eml['bouncepath'];		// Bounce path
 		}
 		if (vartrue($eml['returnreceipt'])) $this->ConfirmReadingTo = $eml['returnreceipt'];
 		if (vartrue($eml['email_inline_images'])) $this->addInlineImages($eml['email_inline_images']);
 		if (vartrue($eml['email_priority'])) $this->Priority = $eml['email_priority'];
 		if (vartrue($eml['e107_header'])) $this->AddCustomHeader("X-e107-id: {$eml['e107_header']}");
 		if (vartrue($eml['extra_header'])) 
 		{
 			if (is_array($eml['extra_header']))
 			{
 				foreach($eml['extra_header'] as $eh)
 				{
 					$this->addCustomHeader($eh);
 				}
 			}
 			else
 			{
-				$this->addCustomHeader($paramlist['extra_header']);
+				$this->addCustomHeader($eml['extra_header']);
 			}
 		}
-		if (varset($paramlist['wordwrap'])) $this->WordWrap = $paramlist['wordwrap'];
+		if (varset($eml['wordwrap'])) $this->WordWrap = $eml['wordwrap'];
-		if (varsettrue($paramlist['split'])) $this->SingleTo = ($paramlist['split'] != FALSE);
+		if (vartrue($eml['split'])) $this->SingleTo = ($eml['split'] != FALSE);
 		return 0;				// No error
 	}
@@ -654,6 +700,7 @@ class e107Email extends PHPMailer
 		$eml['extra_header']	- additional headers (format is name: value
 		$eml['wordwrap']		- Set wordwrap value
 		$eml['split']			- If true, sends an individual email to each recipient
 	    $eml['template']		- template to use. 'default'
 	 *	@param string $send_to - recipient email address
 	 *	@param string $to_name - recipient name
@@ -762,6 +809,12 @@ class e107Email extends PHPMailer
 		preg_match_all("/(src|background)=([\"\'])(.*)\\2/Ui", $message, $images);			// Modified to accept single quotes as well
 		if(isset($images[3])) 
 		{
 			if($this->debug)
 			{
 				print_a($images[3]);	
 			}
 			foreach($images[3] as $i => $url) 
 			{
 				// do not change urls for absolute images (thanks to corvuscorax)
@@ -790,7 +843,7 @@ class e107Email extends PHPMailer
 					}
 					else
 					{
-						if (defined('MAIL_DEBUG')) echo "Add embedded image {$url} failed<br />";
+						if ($this->debug) echo "Add embedded image {$url} failed<br />";
 					}
 				}
 			}
--- a/e107_handlers/redirection_class.php
+++ b/e107_handlers/redirection_class.php
@@ -335,6 +335,8 @@ class redirection
 	 */
 	public function go($url, $replace = TRUE, $http_response_code = NULL, $preventCache = true)
 	{
 		$url = str_replace("&amp;", "&", $url); // cleanup when using e_QUERY in $url; 
 		if(session_id())
 		{
 			e107::getSession()->end();
--- a/e107_handlers/secure_img_handler.php
+++ b/e107_handlers/secure_img_handler.php
@@ -2,19 +2,14 @@
 /*
 * e107 website system
 *
- * Copyright (C) 2008-2009 e107 Inc (e107.org)
+ * Copyright (C) 2008-2014 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
 *
 * $URL$
 * $Id$
 */
 if (!defined('e107_INIT')) { exit; }
 class secure_image
 {
 	public $random_number;
@@ -154,7 +149,7 @@ class secure_image
 		}
 		$code = $this->create_code();
-		return "<img src='".e_HTTP.$this->IMAGES_DIRECTORY."secimg.php?id={$code}&clr={$color}' class='icon secure-image' alt='Missing Code' style='max-width:100%' />";
+		return "<img src='".e_HTTP.$this->IMAGES_DIRECTORY."secimg.php?id={$code}&amp;clr={$color}' class='icon secure-image' alt='Missing Code' style='max-width:100%' />";
 	}
--- a/e107_handlers/theme_handler.php
+++ b/e107_handlers/theme_handler.php
@@ -954,7 +954,8 @@ class themeHandler
 			foreach ($var as $val)
 			{
-				$text .= "<tr><td><b>".$val['caption']."</b>:</td><td colspan='2'>".$val['html']."</td></tr>";
+				$text .= "<tr><td><b>".$val['caption']."</b>:</td><td colspan='2'>".$val['html']."<div class='field-help'>".$val['help']."</div>
 </td></tr>";
 			}
 			return $text;
@@ -1134,17 +1135,16 @@ class themeHandler
        <ul class='nav nav-tabs'>
        <li class='active'><a data-toggle='tab' href='#core-thememanager-configure'>".LAN_CONFIGURE."</a></li>";
 		if($this->themeConfigObj && call_user_func(array(&$this->themeConfigObj, 'help')))
 		{
 			$text .= "<li><a data-toggle='tab' href='#core-thememanager-help'>".LAN_HELP."</a></li>\n";
 		}
 		if($this->themeConfigObj && call_user_func(array(&$this->themeConfigObj, 'config')) && $mode == 1)
 		{
 			$text .= "<li><a data-toggle='tab' href='#core-thememanager-customconfig'>".LAN_CUSTOM."</a></li>\n";
 		}
 		if($this->themeConfigObj && call_user_func(array(&$this->themeConfigObj, 'help')))
 		{
 			$text .= "<li><a data-toggle='tab' href='#core-thememanager-help'>".LAN_HELP."</a></li>\n";
 		}
 		$text .= "</ul>
 		<div class='tab-content'>
@@ -1432,6 +1432,26 @@ class themeHandler
 					".$this->renderThemeConfig()."
 				</table>
 				<div class='center buttons-bar'>";
 				if($mode == 2) // admin
 				{
 					$mainid = "selectmain[".$theme['id']."]";
 					$text .= $this->frm->admin_button('submit_adminstyle', TPVLAN_35, 'update');
 					//$text .= $this->frm->admin_button($mainid, TPVLAN_10, 'other');
 				}
 				else // main
 				{
 					$adminid = "selectadmin[".$theme['id']."]";
 					$text .= $this->frm->admin_button('submit_style', TPVLAN_35, 'update');
 					//$text .= $this->frm->admin_button($adminid, TPVLAN_32, 'other');
 				}
 				$text .= "<input type='hidden' name='curTheme' value='".$theme['path']."' />";
 				$text .= "</div>
 			</div>
        </div>
 		\n";
--- a/e107_handlers/user_model.php
+++ b/e107_handlers/user_model.php
@@ -995,6 +995,7 @@ class e_user_model extends e_admin_model
 // TODO - add some more useful methods, sc_* methods support
 class e_system_user extends e_user_model
 {
 	public $debug = false;
 	/**
 	 * Constructor
 	 *
@@ -1047,17 +1048,36 @@ class e_system_user extends e_user_model
 		}
 		$eml = $this->renderEmail($type, $userInfo);
-		if(empty($eml)) return false;
+		
 		if(empty($eml))
 		{
 			if($this->debug)
 			{
 				echo '$eml returned nothing';
 			}
 			 return false;
 		}
 		else
 		{
 			if($this->debug)
 			{
 				echo '<h3>$eml array</h3>';
 				print_a($eml);
 			}	
 		}
 		$mailer = e107::getEmail();
 		$mailer->template = $eml['template'];
-		unset($eml['template']);
+
 		// Custom e107 Header
 		if($userInfo['user_id'])
 		{
-			$mailer->AddCustomHeader("X-e107-id: {$userInfo['user_id']}");
+			$eml['e107_header'] = $userInfo['user_id']; 
 		//	$mailer->AddCustomHeader("X-e107-id: {$userInfo['user_id']}");
 		}
 		return $mailer->sendEmail($userInfo['user_email'], $userInfo['user_name'], $eml, false);
@@ -1082,7 +1102,9 @@ class e_system_user extends e_user_model
 	{	
 		$pref = e107::getPref();
 		$ret = array();
 		$tp = e107::getParser();
 		// mailer options
 		if(isset($userInfo['mail_options']) && is_array($userInfo['mail_options']))
 		{
@@ -1092,41 +1114,58 @@ class e_system_user extends e_user_model
 		// required for signup and quickadd email type
 		e107::coreLan('signup');
-		// FIXME convert to the new template to avoid include on every call
+
-		// BC
+		
-		if (file_exists(THEME.'email_template.php'))
+		$EMAIL_TEMPLATE = e107::getCoreTemplate('email');
 		if(!is_array($EMAIL_TEMPLATE)) //BC Fixes. pre v2 alpha3. 
 		{
-			include(THEME.'email_template.php');
+			// load from old location. (root of theme folder if it exists)
-		}
+			if (file_exists(THEME.'email_template.php'))
-		else
+			{
-		{
+				include(THEME.'email_template.php');
-			// new standards
+			}
-			include(e107::coreTemplatePath('email'));
+			else
 			{
 				// include core default. 
 				include(e107::coreTemplatePath('email'));
 			}
 			// BC Fixes. 
 			$EMAIL_TEMPLATE['signup']['subject'] 	= $SIGNUPEMAIL_SUBJECT;
 			$EMAIL_TEMPLATE['signup']['cc']			= $SIGNUPEMAIL_CC;
 			$EMAIL_TEMPLATE['signup']['bcc']		= $SIGNUPEMAIL_BCC;
 			$EMAIL_TEMPLATE['signup']['attachments']= $SIGNUPEMAIL_ATTACHMENTS;
 			$EMAIL_TEMPLATE['signup']['body']		= $SIGNUPEMAIL_TEMPLATE;
 			$EMAIL_TEMPLATE['quickadd']['body']		= $QUICKADDUSER_TEMPLATE['email_body'];
 			$EMAIL_TEMPLATE['notify']['body']		= $NOTIFY_TEMPLATE['email_body'];
 		}
 		// FIXME by SecretR - email template mess - there are changes to emails and templates that need to be implemented here
 		$template = '';
 		switch ($type) 
 		{
 			case 'signup':
-				if(vartrue($SIGNUPPROVIDEREMAIL_TEMPLATE)) $template = $SIGNUPPROVIDEREMAIL_TEMPLATE; 
+				$template = (vartrue($SIGNUPPROVIDEREMAIL_TEMPLATE)) ? $SIGNUPPROVIDEREMAIL_TEMPLATE :  $EMAIL_TEMPLATE['signup']['body'];
-				else $template = $SIGNUPEMAIL_TEMPLATE;
+				$ret['template'] = false;// 'signup'; // false; // Don't allow additional headers (mailer) ??
 				$ret['template'] = false; // Don't allow additional headers (mailer)
 			break;
 			case 'quickadd':
-				$template = $QUICKADDUSER_TEMPLATE['email_body']; // XXX quick fix - add the email templating engine
+				$template = $EMAIL_TEMPLATE['quickadd']['body']; 
-				$ret['template'] = 'email'; // Don't allow additional headers (mailer)
+				$ret['template'] = 'quickadd'; // Don't allow additional headers (mailer)
 			break;
-			case 'notify': //emailer changes
+			case 'notify': 
-				if(vartrue($userInfo['mail_body'])) $template = $userInfo['mail_body'];//$NOTIFY_HEADER.$userInfo['mail_body'].$NOTIFY_FOOTER; 
+				if(vartrue($userInfo['mail_body'])) $template = $userInfo['mail_body']; //$NOTIFY_HEADER.$userInfo['mail_body'].$NOTIFY_FOOTER; 
 				$ret['template'] = 'notify';
 			break;
-			case 'email'://emailer changes
+			case 'email':
 			case 'default':
 				if(vartrue($userInfo['mail_body'])) $template = $userInfo['mail_body']; //$EMAIL_HEADER.$userInfo['mail_body'].$EMAIL_FOOTER; 
-				$ret['template'] = 'email';
+				$ret['template'] = 'default';
 			break;
 		}
@@ -1137,11 +1176,15 @@ class e_system_user extends e_user_model
 		// signup email only
 		if($type == 'signup')
 		{
 			$HEAD = '';
 			$FOOT = '';
 			$ret['e107_header'] = $userInfo['user_id'];
-			if (vartrue($SIGNUPEMAIL_CC)) { $ret['email_copy_to'] = $SIGNUPEMAIL_CC; }
+			if (vartrue($EMAIL_TEMPLATE['signup']['cc'])) { $ret['email_copy_to'] = $EMAIL_TEMPLATE['signup']['cc']; }
-			if (vartrue($SIGNUPEMAIL_BCC)) { $ret['email_bcopy_to'] = $SIGNUPEMAIL_BCC; }
+			if (vartrue($EMAIL_TEMPLATE['signup']['bcc'])) { $ret['email_bcopy_to'] = $EMAIL_TEMPLATE['signup']['bcc']; }
 			if (vartrue($userInfo['email_attach'])) { $ret['email_attach'] = $userInfo['mail_attach']; }
-			elseif (vartrue($SIGNUPEMAIL_ATTACHMENTS)) { $ret['email_attach'] = $SIGNUPEMAIL_ATTACHMENTS; }
+			elseif (vartrue($EMAIL_TEMPLATE['signup']['attachments'])) { $ret['email_attach'] = $EMAIL_TEMPLATE['signup']['attachments']; }
 			$style = vartrue($SIGNUPEMAIL_LINKSTYLE) ? "style='{$SIGNUPEMAIL_LINKSTYLE}'" : "";
@@ -1164,7 +1207,7 @@ class e_system_user extends e_user_model
 			$replace[5] = $userInfo['user_name'];
 			$search[6] = '{USERURL}';
-			$replace[6] = varsettrue($userInfo['user_website']) ? $userInfo['user_website'] : "";
+			$replace[6] = vartrue($userInfo['user_website']) ? $userInfo['user_website'] : "";
 			$search[7] = '{DISPLAYNAME}';
 			$replace[7] = $userInfo['user_login'] ? $userInfo['user_login'] : $userInfo['user_name'];
@@ -1175,32 +1218,50 @@ class e_system_user extends e_user_model
 			$search[9] = '{ACTIVATION_URL}';
 			$replace[9] = $userInfo['activation_url'];
-			$subject = str_replace($search, $replace, $SIGNUPEMAIL_SUBJECT);
+			$subject = str_replace($search, $replace, $EMAIL_TEMPLATE['signup']['subject']);
 			$ret['email_subject'] =  $subject;
 			$ret['send_html'] = TRUE;
-			$HEAD = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n";
+			if(!varset($EMAIL_TEMPLATE['signup']['header']))
 			$HEAD .= "<html xmlns='http://www.w3.org/1999/xhtml' >\n";
 			$HEAD .= "<head><meta http-equiv='content-type' content='text/html; charset=utf-8' />\n";
 			$HEAD .= ($SIGNUPEMAIL_USETHEME == 1) ? "<link rel=\"stylesheet\" href=\"".SITEURLBASE.THEME_ABS."style.css\" type=\"text/css\" />\n" : "";
 		    $HEAD .= "<title>".LAN_SIGNUP_58."</title>\n";
 			if($SIGNUPEMAIL_USETHEME == 2)
 			{
 				$CSS = file_get_contents(THEME."style.css");
 				$HEAD .= "<style>\n".$CSS."\n</style>";
 			}
-			$HEAD .= "</head>\n";
+				$HEAD = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n";
-			if(vartrue($SIGNUPEMAIL_BACKGROUNDIMAGE))
+				$HEAD .= "<html xmlns='http://www.w3.org/1999/xhtml' >\n";
-			{
+				$HEAD .= "<head><meta http-equiv='content-type' content='text/html; charset=utf-8' />\n";
-				$HEAD .= "<body background=\"".$SIGNUPEMAIL_BACKGROUNDIMAGE."\" >\n";
+				$HEAD .= ($SIGNUPEMAIL_USETHEME == 1) ? "<link rel=\"stylesheet\" href=\"".SITEURLBASE.THEME_ABS."style.css\" type=\"text/css\" />\n" : "";
 			    $HEAD .= "<title>".LAN_SIGNUP_58."</title>\n";
 				if($SIGNUPEMAIL_USETHEME == 2) // @deprecated in favor of {STYLESHEET}
 				{ 
 					$CSS = file_get_contents(THEME."style.css");
 					$HEAD .= "<style>\n".$CSS."\n</style>";
 				}
 				$HEAD .= "</head>\n";
 				if(vartrue($SIGNUPEMAIL_BACKGROUNDIMAGE)) // @deprecated. 
 				{
 					$HEAD .= "<body background=\"".$SIGNUPEMAIL_BACKGROUNDIMAGE."\" >\n";
 				}
 				else
 				{
 					$HEAD .= "<body>\n";
 				}
 			}
 			else
 			{
-				$HEAD .= "<body>\n";
+				$HEAD = $tp->parseTemplate($EMAIL_TEMPLATE['signup']['header'], true);	
 			}
 			if(!varset($EMAIL_TEMPLATE['signup']['footer']))
 			{
 				$FOOT = "\n</body>\n</html>\n";
 			}
 			else
 			{
 				$FOOT = $tp->parseTemplate($EMAIL_TEMPLATE['signup']['footer'], true);
 			}
 			$FOOT = "\n</body>\n</html>\n";
 			$ret['send_html'] = TRUE;
 			$ret['email_body'] = e107::getParser()->parseTemplate(str_replace($search,$replace,$HEAD.$template.$FOOT), true);
--- a/e107_languages/English/lan_fpw.php
+++ b/e107_languages/English/lan_fpw.php
@@ -1,14 +1,11 @@
 <?php
 /*
-+ ----------------------------------------------------------------------------+
+ * Copyright e107 Inc e107.org, Licensed under GNU GPL (http://www.gnu.org/licenses/gpl.txt)
-|     e107 website system - Language File.
+ *
-|
+ * Forgotten password language file - Password reset
-|     $Source: /cvs_backup/e107_0.8/e107_languages/English/lan_fpw.php,v $
+ *
 |     $Revision$
 |     $Date$
 |     $Author$
 +----------------------------------------------------------------------------+
 */
 define("PAGE_NAME", "Password Reset");
 define("LAN_02", "Sorry, unable to send email - please contact the main site administrator.");
--- a/e107_plugins/banner/banner.php
+++ b/e107_plugins/banner/banner.php
@@ -2,20 +2,12 @@
 /*
 * e107 website system
 *
- * Copyright (C) 2009-2013 e107 Inc (e107.org)
+ * Copyright (C) 2009-2014 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
 */
 /**
 *	e107 Banner management plugin
 *
 *	Handles the display and sequencing of banners on web pages, including counting impressions
 *
 *	@package	e107_plugins
 *	@subpackage	banner
 */
 if (!defined('e107_INIT'))
 { 
@@ -28,18 +20,19 @@ if (!e107::isInstalled('banner'))
 	exit;
 }
-e107::includeLan(e_PLUGIN."banner/languages/".e_LANGUAGE."_banner.php");
+e107::includeLan(e_PLUGIN."banner/languages/".e_LANGUAGE."_banner.php"); // TODO
-require_once(e_HANDLER."form_handler.php"); // FIXME
+$mes = e107::getMessage();
-$rs = new form; // FIXME
+$frm = e107::getForm();
-	
+
-if (e_QUERY) {
+// When a banner is clicked 
 if(e_QUERY) 
 {
 	$query_string = intval(e_QUERY);
-	$sql->db_Select("banner", "*", "banner_id = '{$query_string}' ");
+	$row = $sql->retrieve("banner", "*", "banner_id = '{$query_string}'"); // select the banner
 	$row = $sql->db_Fetch();
 	$ip = e107::getIPHandler()->getIP(FALSE);
-	$newip = (strpos($row['banner_ip'], "{$ip}^") !== FALSE) ? $row['banner_ip'] : "{$row['banner_ip']}{$ip}^";
+	$newip = (strpos($row['banner_ip'], "{$ip}^") !== FALSE) ? $row['banner_ip'] : "{$row['banner_ip']}{$ip}^"; // what does this do?
-	$sql->db_Update("banner", "banner_clicks = banner_clicks + 1, `banner_ip` = '{$newip}' WHERE `banner_id` = '{$query_string}'");
+	$sql->update("banner", "banner_clicks = banner_clicks + 1, `banner_ip` = '{$newip}' WHERE `banner_id` = '{$query_string}'");
 	header("Location: {$row['banner_clickurl']}");
 	exit;
 }
@@ -48,48 +41,58 @@ require_once(HEADERF);
 if (isset($_POST['clientsubmit'])) {
-	$clean_login = $tp -> toDB($_POST['clientlogin']);
+	$clean_login 	= $tp->toDB($_POST['clientlogin']);
-	$clean_password = $tp -> toDB($_POST['clientpassword']);
+	$clean_password = $tp->toDB($_POST['clientpassword']);
-	if (!$sql->db_Select("banner", "*", "`banner_clientlogin` = '{$clean_login}' AND `banner_clientpassword` = '{$clean_password}'")) {
+	// check login 
-		$ns->tablerender(LAN_ERROR, "<br /><div style='text-align:center'>".BANNERLAN_20."</div><br />");
+	// TODO: massive clean-up (integrate e107 users, proper login handling, password encryption for new and existing records)
 	if (!$sql->select("banner", "*", "`banner_clientlogin` = '{$clean_login}' AND `banner_clientpassword` = '{$clean_password}'")) {
 		$mes->addError(BANNERLAN_20);
 		$ns->tablerender(PAGE_NAME, $mes->render());
 		require_once(FOOTERF);
 		exit;
 	}
-	$row = $sql->db_Fetch();
+	$row = $sql->fetch();
-	$banner_total = $sql->db_Select("banner", "*", "`banner_clientname` = '{$row['banner_clientname']}'");
+	$banner_total = $sql->select("banner", "*", "`banner_clientname` = '{$row['banner_clientname']}'");
-	 
+	
-	if (!$banner_total) {
+	// check 
-		$ns->tablerender(LAN_ERROR, "<br /><div style='text-align:center'>".BANNERLAN_29."</div><br />");
+	if(!$banner_total) 
 	{	
 		$mes->addInfo(BANNERLAN_29); 
 		$ns->tablerender(PAGE_NAME, $mes->render());
 		require_once(FOOTERF);
 		exit;
-	} else {
+	} 
-		while ($row = $sql->db_Fetch()) {
+	else 
-			 
+	{
 		while ($row = $sql->fetch()) 
 		{			 
 			$start_date = ($row['banner_startdate'] ? strftime("%d %B %Y", $row['banner_startdate']) : BANNERLAN_31);
-			$end_date = ($row['banner_enddate'] ? strftime("%d %B %Y", $row['banner_enddate']) : BANNERLAN_31);
+			$end_date 	= ($row['banner_enddate'] ? strftime("%d %B %Y", $row['banner_enddate']) : BANNERLAN_31);
-			$BANNER_TABLE_CLICKPERCENTAGE = ($row['banner_clicks'] && $row['banner_impressions'] ? round(($row['banner_clicks'] / $row['banner_impressions']) * 100)."%" : "-");
+			$BANNER_TABLE_CLICKPERCENTAGE 		= ($row['banner_clicks'] && $row['banner_impressions'] ? round(($row['banner_clicks'] / $row['banner_impressions']) * 100)."%" : "-");
-			$BANNER_TABLE_IMPRESSIONS_LEFT = ($row['banner_impurchased'] ? $row['banner_impurchased'] - $row['banner_impressions'] : BANNERLAN_30);
+			$BANNER_TABLE_IMPRESSIONS_LEFT 		= ($row['banner_impurchased'] ? $row['banner_impurchased'] - $row['banner_impressions'] : BANNERLAN_30);
 			$BANNER_TABLE_IMPRESSIONS_PURCHASED = ($row['banner_impurchased'] ? $row['banner_impurchased'] : BANNERLAN_30);
-			$BANNER_TABLE_CLIENTNAME = $row['banner_clientname'];
+			$BANNER_TABLE_CLIENTNAME 			= $row['banner_clientname'];
-			$BANNER_TABLE_BANNER_ID = $row['banner_id'];
+			$BANNER_TABLE_BANNER_ID 			= $row['banner_id'];
-			$BANNER_TABLE_BANNER_CLICKS = $row['banner_clicks'];
+			$BANNER_TABLE_BANNER_CLICKS 		= $row['banner_clicks'];
-			$BANNER_TABLE_BANNER_IMPRESSIONS = $row['banner_impressions'];
+			$BANNER_TABLE_BANNER_IMPRESSIONS 	= $row['banner_impressions'];
-			$BANNER_TABLE_ACTIVE = BANNERLAN_36.($row['banner_active'] != "255" ? LAN_YES : "<b>".LAN_NO."</b>");
+			$BANNER_TABLE_ACTIVE 				= BANNERLAN_36.($row['banner_active'] != "255" ? LAN_YES : "<b>".LAN_NO."</b>");
-			$BANNER_TABLE_STARTDATE = BANNERLAN_37." ".$start_date;
+			$BANNER_TABLE_STARTDATE 			= BANNERLAN_37." ".$start_date;
-			$BANNER_TABLE_ENDDATE = BANNERLAN_34." ".$end_date;
+			$BANNER_TABLE_ENDDATE 				= BANNERLAN_34." ".$end_date;
 			if ($row['banner_ip']) 
 			{
 				$tmp = explode("^", $row['banner_ip']);
 				$BANNER_TABLE_IP_LAN = (count($tmp)-1);
 				for($a = 0; $a <= (count($tmp)-2); $a++) {
 					$BANNER_TABLE_IP .= $tmp[$a]."<br />";
 				}
 			}
-			 
+
 			// FIXME template loading
 			if (!$BANNER_TABLE) 
 			{
 				if (file_exists(THEME."templates/banner/banner_template.php")) 
@@ -105,10 +108,12 @@ if (isset($_POST['clientsubmit'])) {
 					require(e_PLUGIN."banner/banner_template.php");
 				}
 			}
 			$textstring .= preg_replace("/\{(.*?)\}/e", '$\1', $BANNER_TABLE);
 		}
 	}
-	 
+	
 	// FIXME template loading
 	if (!$BANNER_TABLE) 
 	{
 		if (file_exists(THEME."banner_template.php")) 
@@ -120,31 +125,36 @@ if (isset($_POST['clientsubmit'])) {
 			require(e_PLUGIN."banner/banner_template.php");
 		}
 	}
 	$textstart = preg_replace("/\{(.*?)\}/e", '$\1', $BANNER_TABLE_START);
 	$textend = preg_replace("/\{(.*?)\}/e", '$\1', $BANNER_TABLE_END);
 	$text = $textstart.$textstring.$textend;
-	echo $text;
+	$ns->tablerender(PAGE_NAME, $text);
 	require_once(FOOTERF);
 	exit;
 }
 $BANNER_LOGIN_TABLE_LOGIN 	= $frm->text("clientlogin", $id);
 $BANNER_LOGIN_TABLE_PASSW 	= $frm->password("clientpassword", $pw);
 $BANNER_LOGIN_TABLE_SUBMIT 	= $frm->button("clientsubmit", LAN_CONTINUE, "submit");
-$BANNER_LOGIN_TABLE_LOGIN = $rs->form_text("clientlogin", 30, $id, 20, "tbox");
+if (!$BANNER_LOGIN_TABLE) 
-$BANNER_LOGIN_TABLE_PASSW = $rs->form_password("clientpassword", 30, "", 20, "tbox");
+{
-$BANNER_LOGIN_TABLE_SUBMIT = $rs->form_button("submit", "clientsubmit", LAN_CONTINUE);
+	if(file_exists(THEME."banner_template.php")) 
-	
+	{
 if (!$BANNER_LOGIN_TABLE) {
 	if (file_exists(THEME."banner_template.php")) {
 		require_once(THEME."banner_template.php");
-	} else {
+	} 
-		require_once(e_BASE.$THEMES_DIRECTORY."templates/banner_template.php");
+	else 
 	{
 		require_once("banner_template.php");
 	}
 }
 $text = preg_replace("/\{(.*?)\}/e", '$\1', $BANNER_LOGIN_TABLE);
 $ns->tablerender(BANNERLAN_19, $text);
 require_once(FOOTERF);
-	
+?>
--- a/e107_plugins/banner/languages/English_banner.php
+++ b/e107_plugins/banner/languages/English_banner.php
@@ -2,7 +2,7 @@
 /*
 * e107 website system
 *
- * Copyright (C) 2008-2013 e107 Inc (e107.org)
+ * Copyright (C) 2008-2014 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
--- a/e107_plugins/forum/forum_admin.php
+++ b/e107_plugins/forum/forum_admin.php
@@ -519,8 +519,10 @@ class forumAdmin
 		show_admin_menu(FORLAN_7, $action, $var);
 	}
 	// Initial delete function. Determines which delete routine should be applied. 
 	function delete_item($id)
 	{
 		// If a delete routine is cancelled, redirect back to forum listing
 		if($_POST['cancel'])
 		{
 			$this->show_existing_forums(vartrue($sub_action), vartrue($id));
@@ -529,44 +531,44 @@ class forumAdmin
 		$sql = e107::getDb();
 		$id = (int)$id;
 		$confirm = isset($_POST['confirm']) ? true : false;
 		if($confirm)
 		{
 			e107::getRender()->tablerender('Forums', e107::getMessage()->render().$txt);
 		}
 		else
 		{
 			$this->delete_show_confirm($txt);
 		}
-		if($sql->select('forum', 'forum_parent, forum_sub', "forum_id = {$id}"))
+		if($row = $sql->retrieve('forum', 'forum_parent, forum_sub', "forum_id = {$id}"))
 		{
 			$txt = "";
-			$row = $sql->fetch();
+
-			
+			// is parent
 			if($row['forum_parent'] == 0)
 			{
 				$txt .= $this->delete_parent($id, $confirm);
 			}
 			// is subforum
 			elseif($row['forum_sub'] > 0)
 			{
 				$txt .= $this->delete_sub($id, $confirm);
 			}
 			// is forum
 			else
 			{
 				$txt .= $this->delete_forum($id, $confirm);
 			}
 			if($confirm)
 			{
 				e107::getRender()->tablerender('', e107::getMessage()->render().$txt);
 			}
 			else
 			{
 				$this->delete_show_confirm($txt);
 			}
 		}
 		// forum_id not found, should not happen. 
 		else
 		{
 			// forum_id not found, should not happen. 
 			$this->show_existing_forums(vartrue($sub_action), vartrue($id));
 			return;
 		}
 	}
 	function delete_parent($id, $confirm = false)
@@ -575,10 +577,10 @@ class forumAdmin
 		$mes = e107::getMessage();
 		$ns = e107::getRender();
-
+		// check if parent contains forums and delete them if needed
-		if($sql->select('forum', 'forum_id', "forum_parent = {$id} AND forum_sub = 0"))
+		if($sql->select('forum', 'forum_id', 'forum_parent = '.$id))
 		{
-			$fList = $sql->db_getList();
+			$fList = $sql->rows();
 			foreach($fList as $f)
 			{
 				$this->delete_forum($f['forum_id'], $confirm);
@@ -589,42 +591,43 @@ class forumAdmin
 		{
 			if($sql->delete('forum', "forum_id = {$id}"))
 			{
-				return LAN_DELETED;
+				$mes->addSuccess(LAN_DELETED);
 			}
 			else
 			{
-				return LAN_DELETED_FAILED; 
+				$mes->addError(LAN_DELETED_FAILED); 
 			}
 		}
 	}
-	function deleteForum($forumId)
+	// function deleteForum($forumId)
-	{
+	// {
-		$sql = e107::getDb();
+	// 	$sql = e107::getDb();
-		$forumId = (int)$forumId;
+	// 	$forumId = (int)$forumId;
-		// Check for any sub forums
+	// 	// Check for any sub forums
-		if($sql->select('forum', 'forum_id', "forum_sub = {$forumId}"))
+	// 	if($sql->select('forum', 'forum_id', "forum_sub = {$forumId}"))
-		{
+	// 	{
-			$list = $sql->db_getList();
+	// 		$list = $sql->rows();
-			foreach($list as $f)
+	// 		foreach($list as $f)
-			{
+	// 		{
-				$ret .= $this->deleteForum($f['forum_id']);
+	// 			$ret .= $this->deleteForum($f['forum_id']);
-			}
+	// 		}
-		}
+	// 	}
-		require_once(e_PLUGIN.'forum/forum_class.php');
+	// 	require_once(e_PLUGIN.'forum/forum_class.php');
-		$f = new e107Forum;
+	// 	$f = new e107Forum;
-		if($sql->delete('forum_thread', 'thread_id','thread_forum_id='.$forumId))
+	// 	if($sql->delete('forum_thread', 'thread_id','thread_forum_id='.$forumId))
-		{
+	// 	{
-			$list = $sql->db_getList();
+	// 		$list = $sql->rows();
-			foreach($list as $t)
+	// 		foreach($list as $t)
-			{
+	// 		{
-				$f->threadDelete($t['thread_id'], false);
+	// 			$f->threadDelete($t['thread_id'], false);
-			}
+	// 		}
-		}
+	// 	}
-		return $sql->delete('forum', 'forum_id = '.$forumId);
+	// 	return $sql->delete('forum', 'forum_id = '.$forumId);
-	}
+	// }
 	// delete forum 
 	function delete_forum($id, $confirm = false)
 	{
 		$sql = e107::getDb();
@@ -632,10 +635,10 @@ class forumAdmin
 		$ns = e107::getRender();
 		$mes = e107::getMessage();
-	
+		// check if forum contains subforums
 		if($sql->select('forum', 'forum_id', 'forum_sub = '.$id))
 		{
-			$fList = $sql->db_getList();
+			$fList = $sql->rows();
 			foreach($fList as $f)
 			{
 				$this->delete_sub($f['forum_id'], $confirm);
@@ -1492,6 +1495,7 @@ class forumAdmin
 			$ns->tablerender(FORLAN_33, $txt);  // FIX: LAN button update was WMGLAN_4." ".FORLAN_33)
 		}
 		// TODO: check media category on $frm->bbarea()
 		function show_rules()
 		{
 			$pref 	= e107::getPref();
@@ -1524,9 +1528,9 @@ class forumAdmin
 				$admin_rules = $sql->fetch();
 			}
-			$guesttext 	= $tp->toFORM(vartrue($guest_rules['gen_chardata']));
+			$guesttext 	= $tp->toForm(vartrue($guest_rules['gen_chardata']));
-			$membertext = $tp->toFORM(vartrue($member_rules['gen_chardata']));
+			$membertext = $tp->toForm(vartrue($member_rules['gen_chardata']));
-			$admintext 	= $tp->toFORM(vartrue($admin_rules['gen_chardata']));
+			$admintext 	= $tp->toForm(vartrue($admin_rules['gen_chardata']));
 			$text = "
 			<form method='post' action='".e_SELF."?rules'  id='wmform'>
@@ -1539,7 +1543,7 @@ class forumAdmin
 				<td>".WMGLAN_1.": <br />
 				".WMGLAN_6.":";
 				if (vartrue($guest_rules['gen_intdata']))
-				{
+				{ 
 					$text .= "<input type='checkbox' name='guest_active' value='1'  checked='checked' />";
 				}
 				else
@@ -1549,11 +1553,7 @@ class forumAdmin
 				$text .= "</td>
 				<td>
-					<textarea class='tbox input-xxlarge' name='guestrules' cols='70' rows='8'>$guesttext</textarea>
+					".$frm->bbarea('guestrules', $guesttext)." 
 					<br />
 					<input class='helpbox' type='text' name='helpguest' size='100' />
 					<br />
 					".display_help('helpb', 1, 'addtext1', 'help1')."
 				</td>
 			</tr>
@@ -1571,11 +1571,7 @@ class forumAdmin
 				$text .= "</td>
 				<td>
-					<textarea class='tbox input-xxlarge' name='memberrules' cols='70' rows='8'>$membertext</textarea>
+					".$frm->bbarea('memberrules', $membertext)."
 					<br />
 					<input class='helpbox' type='text' name='helpmember' size='100' /> 
 					<br />
 					".display_help('helpb', 1, 'addtext2', 'help2')."
 				</td>
 			</tr>
@@ -1594,11 +1590,7 @@ class forumAdmin
 				$text .= "</td>
 				<td>
-					<textarea class='tbox input-xxlarge' name='adminrules' cols='70' rows='8'>$admintext</textarea>
+					".$frm->bbarea('adminrules', $admintext)." 
 					<br />
 					<input class='helpbox' type='text' name='helpadmin' size='100' />
 					<br />
 					".display_help('helpb', 1, 'addtext3', 'help3')."
 				</td>
 			</tr>
 			</table>
--- a/e107_plugins/forum/forum_class.php
+++ b/e107_plugins/forum/forum_class.php
@@ -2,7 +2,7 @@
 /*
 * e107 website system
 *
-* Copyright (c) 2008-2013 e107 Inc (e107.org)
+* Copyright (c) 2008-2014 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
@@ -209,18 +209,35 @@ class e107forum
 		return $baseDir;
 	}
    function sendFile($data)
    {
        $sql 		= e107::getDb();
        $post_id  	= intval($data['id']); // forum (post) id
        $file_id 	= intval($data['dl']); // file id
        $forum_id 	= $sql->retrieve('forum_post','post_forum','post_id='.$post_id);
-	function sendFile($data)
+        // Check if user is allowed to download this file (has 'view' permissions to forum)
-	{
+    	if(!$this->checkPerm($forum_id, 'view'))
-		$sql 	= e107::getDb();
+		{
-		$fid 	= intval($data['dl']);
+			header('Location:'.e107::getUrl()->create('forum/forum/main')); // FIXME needs proper redirect and 403 header 
-		
+			exit;
-		$array 	= $sql->retrieve('forum_post','post_user,post_attachments','post_id='.intval($data['id']));
+		}
 		$attach = e107::serialize($array['post_attachments']);
 		$file 	= $this->getAttachmentPath($array['post_user']).varset($attach['file'][$fid]);
-		e107::getFile()->send($file);	
+        $array 	= $sql->retrieve('forum_post','post_user,post_attachments','post_id='.$post_id);
-	}
+        $attach = e107::unserialize($array['post_attachments']);
        $file 	= $this->getAttachmentPath($array['post_user']).varset($attach['file'][$file_id]);
        // Check if file exists. Send file for download if it does, return 404 error code when file does not exist. 
 		if(file_exists($file))
 		{
 		   e107::getFile()->send($file);
 		}
 		else
 		{
 			header('Location:'.e107::getUrl()->create('forum/forum/main', TRUE, 404)); // FIXME needs proper redirect and 404 header
 			exit;
 		}
    }
 	/**
@@ -317,20 +334,20 @@ class e107forum
 		//	print_r($_POST);
-			$ret = array('hide'=>false,'msg'=>'','status'=>null); 
+			$ret = array('hide' => false, 'msg' => '', 'status' => null); 
 			switch ($_POST['action']) 
 			{
 				case 'delete':
 					if($this->threadDelete($id))
 					{
-						$ret['msg'] 	= 'Deleted Thread #'.$id;
+						$ret['msg'] 	= 'Deleted topic #'.$id;
 						$ret['hide'] 	= true; 
 						$ret['status'] 	= 'ok';	
 					}
 					else
 					{
-						$ret['msg'] 	= "Couldn't Delete the Thread";
+						$ret['msg'] 	= "Couldn't delete the topic";
 						$ret['status'] 	= 'error';	
 					}
 				break;
@@ -338,19 +355,21 @@ class e107forum
 				case 'deletepost':
 					if(!$postId = vartrue($_POST['post']))
 					{
-						echo "No Post";
+						// echo "No Post";
-						exit;	
+						// exit;
 						$ret['msg'] 	= 'Post not found';
 						$ret['status'] 	= 'error';		
 					}
 					if($this->postDelete($postId))
 					{
-						$ret['msg'] 	= 'Deleted Post #'.$postId;
+						$ret['msg'] 	= 'Deleted post #'.$postId;
 						$ret['hide'] 	= true; 
 						$ret['status'] 	= 'ok';	
 					}
 					else
 					{
-						$ret['msg'] 	= "Couldn't Delete the Post #".$postId;
+						$ret['msg'] 	= "Couldn't delete post #".$postId;
 						$ret['status'] 	= 'error';	
 					}
 				break;
@@ -358,12 +377,12 @@ class e107forum
 				case 'lock':
 					if(e107::getDb()->update('forum_thread', 'thread_active=0 WHERE thread_id='.$id))
 					{
-						$ret['msg'] = FORLAN_CLOSE;
+						$ret['msg'] 	= FORLAN_CLOSE;
 						$ret['status'] 	= 'ok';	
 					}
 					else
 					{
-						$ret['msg'] = "failed to close thread";
+						$ret['msg'] 	= "Failed to close thread";
 						$ret['status'] 	= 'error';	
 					}
 				break;
@@ -824,6 +843,37 @@ class e107forum
 		return $ret;
 	}
 	/**
 	* Checks if post is the initial post which started the topic. 
 	* Retrieves list of post_id's belonging to one post_thread. When lowest value is equal to input param, return true. 
 	* Used to prevent deleting of the initial post (so topic shows empty does not get hidden accidently while posts remain in database)
    *
 	* @param int id of the post
 	* @return boolean true if post is the initial post of the topic (false, if not) 
    *
 	*/
 	function threadDetermineInitialPost($postId)
 	{
 		$sql = e107::getDb();
 		$postId = (int)$postId;
 		$threadId = $sql->retrieve('forum_post', 'post_thread', 'post_id = '.$postId);
 		if($rows = $sql->retrieve('forum_post', 'post_id', 'post_thread = '.$threadId, TRUE))
 		{	
 			$postids = array();
 			foreach($rows as $row)
 			{
 				$postids[] = $row['post_id'];
 			}
 			if($postId == min($postids))
 			{
 				return true;
 			}			 
 		}
 		return false;
 	}
 	function threadGetUserPostcount($threadId)
 	{
@@ -864,37 +914,97 @@ class e107forum
 	}
-	function postDeleteAttachments($type = 'post', $id='', $f='')
+	function postDeleteAttachments($type = 'post', $id = '') // postDeleteAttachments($type = 'post', $id='', $f='')
 	{
 		$e107 = e107::getInstance();
-		$sql = e107::getDb();
+		$sql  = e107::getDb();
 		$log  = e107::getAdminLog(); 
 		$id = (int)$id;
 		if(!$id) { return; }
 		// Moc: Is the code below used at all? When deleting a thread, threadDelete() loops through each post separately to delete attachments (type=post)
 		/*
 		if($type == 'thread')
 		{
 			if(!$sql->select('forum_post', 'post_id', 'post_attachments IS NOT NULL'))
 			{
 				return true;
 			}
 			$postList = array();
 			while($row = $sql->Fetch(MYSQL_ASSOC))
 			{
 				$postList[] = $row['post_id'];
 			}
 			foreach($postList as $postId)
 			{
 				$this->postDeleteAttachment('post', $postId);
 			}
 		}
 		*/
 		// if we are deleting just a single post
 		if($type == 'post')
 		{
-			if(!$sql->select('forum_post', 'post_attachments', 'post_id = '.$id))
+			if(!$sql->select('forum_post', 'post_user, post_attachments', 'post_id = '.$id))
 			{
 				return true;
 			}
 			$tmp = $sql->fetch(MYSQL_ASSOC);
-			$attachments = explode(',', $tmp['post_attachments']);
+
 			$attachment_array = e107::unserialize($tmp['post_attachments']);
 	   		$files = $attachment_array['file'];
 	   		$imgs  = $attachment_array['img']; 
 	   		// TODO see if files/images check can be written more efficiently 
 	   		// check if there are files to be deleted 
 	   		if(is_array($files))
 	   		{
 		   		// loop through each file and delete it
 		   		foreach ($files as $file) 
 		   		{
 		   			$file = $this->getAttachmentPath($tmp['post_user']).$file;
 		   			@unlink($file);
 	   				// Confirm that file has been deleted. Add warning to log file when file could not be deleted.
 		   			if(file_exists($file))
 		   			{
 		   				$log->addWarning("Could not delete file: ".$file.". Please delete manually as this file is now no longer in use (orphaned).");
 		   			}
 		   		} 
 	   		}
 	   		// check if there are images to be deleted
 	   		if(is_array($imgs))
 	   		{
 	   			// loop through each image and delete it
 		   		foreach ($imgs as $img) 
 		   		{
 		   			$img = $this->getAttachmentPath($tmp['post_user']).$img;
 		   			@unlink($img);
 	   				// Confirm that file has been deleted. Add warning to log file when file could not be deleted.
 		   			if(file_exists($img))
 		   			{
 		   				$log->addWarning("Could not delete image: ".$img.". Please delete manually as this file is now no longer in use (orphaned).");
 		   			}
 		   		} 	
 	   		}
 	   		// At this point we assume that all attachments have been deleted from the post. The log file may prove otherwise (see above). 
 	   		$log->toFile('forum_delete_attachments', 'Forum plugin - Delete attachments', TRUE);
 	   		// Empty the post_attachments field for this post in the database (prevents loop when deleting entire thread)
 	   		$sql->update("forum_post", "post_attachments = NULL WHERE post_id = ".$id);
 			/* Old code when attachments were still stored in plugin folder. 
 			Left for review but may be deleted in future.  
 			foreach($attachments as $k => $a)
 			{
 				$info = explode('*', $a);
@@ -912,6 +1022,7 @@ class e107forum
 				}
 				unset($attachments[$k]);
 			}
 			$tmp = array();
 			if(count($attachments))
 			{
@@ -921,11 +1032,14 @@ class e107forum
 			{
 				$tmp['post_attachments'] = '_NULL_';
 			}
 			$info = array();
 			$info['data'] = $tmp;
 			$info['_FILE_TYPES']['post_attachments'] = 'array';
 			$info['WHERE'] = 'post_id = '.$id;
 			$sql->update('forum_post', $info);
 			*/
 		}
 	}
@@ -1739,9 +1853,12 @@ class e107forum
 		if ($threadInfo = $this->threadGet($threadId))
 		{
 			// delete poll if there is one
-			$sql->delete('poll', 'poll_datestamp='.$threadId);
+			if($sql->select('polls', '*', 'poll_datestamp='.$threadId))
-
+			{
-			//decrement user post counts
+				$sql->delete('polls', 'poll_datestamp='.$threadId);
 			} 
 			// decrement user post counts
 			if ($postCount = $this->threadGetUserPostcount($threadId))
 			{
 				foreach ($postCount as $k => $v)
@@ -1751,14 +1868,14 @@ class e107forum
 			}
 			// delete all posts
-			$qry = 'SELECT post_id FROM `#forum_post` WHERE post_thread = '.$threadId;
+			if($sql->select('forum_post', 'post_id', 'post_thread = '.$threadId))
 			if($sql->gen($qry))
 			{
 				$postList = array();
 				while($row = $sql->fetch(MYSQL_ASSOC))
 				{
 					$postList[] = $row['post_id'];
 				}
 				foreach($postList as $postId)
 				{
 					$this->postDelete($postId, false);
@@ -1772,8 +1889,11 @@ class e107forum
 			}
 			//Delete any thread tracking
-			$sql->delete('forum_track', 'track_thread='.$threadId);
+			if($sql->select('forum_track', '*', 'track_thread='.$threadId))
-
+			{	
 				$sql->delete('forum_track', 'track_thread='.$threadId);
 			}
 			// update forum with correct thread/reply counts
 			$sql->update('forum', "forum_threads=GREATEST(forum_threads-1,0), forum_replies=GREATEST(forum_replies-{$threadInfo['thread_total_replies']},0) WHERE forum_id=".$threadInfo['thread_forum_id']);
@@ -1786,7 +1906,6 @@ class e107forum
 		}
 	}
 	/**
 	 * Delete a Post
 	 * @param $postId integer
@@ -1805,6 +1924,7 @@ class e107forum
 			echo 'NOT FOUND!'; return;
 		}
 		$row = $sql->fetch(MYSQL_ASSOC);
 		//delete attachments if they exist
@@ -1813,15 +1933,16 @@ class e107forum
 			$this->postDeleteAttachments('post', $postId);
 		}
-		// delete post
+		// delete post from database
 		if($sql->delete('forum_post', 'post_id='.$postId))
 		{
 			$deleted = true; 
 		}
 		// update statistics
 		if($updateCounts)
 		{
-			//decrement user post counts
+			// decrement user post counts
 			if ($row['post_user'])
 			{
 				$sql->update('user_extended', 'user_plugin_forum_posts=GREATEST(user_plugin_forum_posts-1,0) WHERE user_extended_id='.$row['post_user']);
--- a/e107_plugins/forum/forum_post.php
+++ b/e107_plugins/forum/forum_post.php
@@ -362,7 +362,8 @@ if (isset($_POST['newthread']) || isset($_POST['reply']))
-			echo (isset($_POST['newthread']) ? $FORUMTHREADPOSTED : $FORUMREPLYPOSTED);
+			$txt = (isset($_POST['newthread']) ? $FORUMTHREADPOSTED : $FORUMREPLYPOSTED);
 			e107::getRender()->tablerender('Forums', e107::getMessage()->render().$txt); 
 			require_once(FOOTERF);
 			exit;
 		}
@@ -576,6 +577,7 @@ function process_upload()
 		{			
 			foreach($uploaded as $upload)
 			{
 			  //print_a($upload); exit; 
 			  if ($upload['error'] == 0)
 			  {
 				$_txt = '';
@@ -649,18 +651,19 @@ function process_upload()
 				}
 			  }
 			  else
-			  {  // Error in uploaded file
+			  {  
-			    echo 'Error in uploaded file: '.(isset($upload['rawname']) ? $upload['rawname'] : $upload['name']).'<br />';
+			  	// Error in uploaded file, proceed but add error message.
 			    //echo 'Error in uploaded file: '.(isset($upload['rawname']) ? $upload['rawname'] : $upload['name']).'<br />';
 			    e107::getMessage()->addError('Error in uploading attachment: '.vartrue($upload['message'])); 
 			  }
 			}
 			return $ret;
 		}
 	}
 	else
 	{
-		// error message?
+		e107::getMessage()->addError('Something went wrong during the attachment uploading process.'); 
 	}
 }
--- a/e107_plugins/forum/forum_viewtopic.php
+++ b/e107_plugins/forum/forum_viewtopic.php
@@ -2,7 +2,7 @@
 /*
 * e107 website system
 *
- * Copyright (C) 2008-2013 e107 Inc (e107.org)
+ * Copyright (C) 2008-2014 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
@@ -12,6 +12,7 @@
 require_once ('../../class2.php');
 define('NAVIGATION_ACTIVE','forum');
 $e107 = e107::getInstance();
 $tp = e107::getParser();
 $ns = e107::getRender();
@@ -27,6 +28,7 @@ if (isset($_POST['fjsubmit']))
 	header('location:' . e107::getUrl()->create('forum/forum/view', array('id'=>(int) $_POST['forumjump']), 'full=1&encode=0'));
 	exit;
 }
 $highlight_search = isset($_POST['highlight_search']);
 if (!e_QUERY)
@@ -36,23 +38,18 @@ if (!e_QUERY)
 	exit;
 }
-
+include_once(e_PLUGIN.'forum/forum_class.php');
 include_once (e_PLUGIN . 'forum/forum_class.php');
 $forum = new e107forum();
 $thread = new e107ForumThread();
 // check if user wants to download a file 
 if(vartrue($_GET['id']) && isset($_GET['dl']))
 {
 	$forum->sendFile($_GET);
 	exit;
 }
 if(e_AJAX_REQUEST && varset($_POST['action']) == 'quickreply')
 {
 	$forum->ajaxQuickReply();
@@ -63,8 +60,6 @@ if(e_AJAX_REQUEST && MODERATOR) // see javascript above.
 	$forum->ajaxModerate();
 }
 if (isset($_GET['last']))
 {
 	$_GET['f'] = 'last';
@@ -114,8 +109,7 @@ e107::getScBatch('view', 'forum')->setScVar('forum', $forum);
 //var_dump(e107::getScBatch('forum', 'forum'));
-
+if(MODERATOR && isset($_POST['mod']))
 if (MODERATOR && isset($_POST['mod']))
 {
 	require_once(e_PLUGIN."forum/forum_mod.php");
 	$thread->message = forum_thread_moderate($_POST);
@@ -135,7 +129,7 @@ if(count($postList))
 }
 $gen = new convert;
-if ($thread->message)
+if($thread->message)
 {
 	//$ns->tablerender('', $thread->message, array('forum_viewtopic', 'msg'));
 	e107::getMessage()->add($thread->message);
@@ -159,25 +153,31 @@ if(e107::isInstalled('poll'))
 	}
 }
 //}
 //Load forum templates
 // FIXME - new template paths!
-if (file_exists(THEME . 'forum_design.php'))
+if(file_exists(THEME.'forum_design.php')) // legacy file
 {
-	include_once (THEME . 'forum_design.php');
+	include_once (THEME.'forum_design.php');
 }
 if (!vartrue($FORUMSTART))
 {
-	if (file_exists(THEME . 'forum_viewtopic_template.php'))
+	if(file_exists(THEME.'forum_viewtopic_template.php'))
 	{
-		require_once (THEME . 'forum_viewtopic_template.php');
+		require_once(THEME.'forum_viewtopic_template.php');
 	}
-	elseif (file_exists(THEME . 'forum_template.php'))
+	elseif(file_exists(THEME.'templates/forum/forum_viewtopic_template.php'))
 	{
-		require_once (THEME . 'forum_template.php');
+		require_once(THEME.'templates/forum/forum_viewtopic_template.php'); 
 	}
 	elseif(file_exists(THEME.'forum_template.php'))
 	{
 		require_once(THEME.'forum_template.php');
 	}
 	else
 	{
-		require_once (e_PLUGIN . 'forum/templates/forum_viewtopic_template.php');
+		require_once(e_PLUGIN.'forum/templates/forum_viewtopic_template.php');
 	}
 }
@@ -193,7 +193,6 @@ if(is_array($FORUM_VIEWTOPIC_TEMPLATE) && deftrue('BOOTSTRAP',false))
 // get info for main thread -------------------------------------------------------------------------------------------------------------------------------------------------------------------
 $tVars = new e_vars;
 $forum->set_crumb(true, '', $tVars); // Set $BREADCRUMB (and BACKLINK)
--- a/e107_plugins/forum/shortcodes/batch/view_shortcodes.php
+++ b/e107_plugins/forum/shortcodes/batch/view_shortcodes.php
@@ -99,22 +99,23 @@ class plugin_forum_view_shortcodes extends e_shortcode
 			$baseDir = $this->forum->getAttachmentPath($this->postInfo['post_user']);
 			$images = array();
-
+			$txt = '';
 			$attachArray = e107::unserialize($this->postInfo['post_attachments']);
 			$attachArray = e107::unserialize($this->postInfo['post_attachments']);
 			//print_a($attachArray); 
 			foreach($attachArray as $type=>$vals)
 			{
 				foreach($vals as $key=>$file)
 				{
-					list($date,$user,$tmp,$name) = explode("_",$file,4);
+					list($date,$user, $name) = explode("_", $file, 3); 
 					switch($type)
 					{
 						case 'file':
-						
+					
 							$url = e_SELF."?id=".$this->postInfo['post_id']."&amp;dl=".$key;
 							$txt .= IMAGE_attachment." <a href='".$url."'>{$name}</a><br />";
-							
+
 						break;
 						case 'img': //Always use thumb to hide the hash. 
@@ -142,15 +143,20 @@ class plugin_forum_view_shortcodes extends e_shortcode
 			}
-			if(count($images) )
+			if(count($images))
 			{
-				return (deftrue('BOOTSTRAP')) ? "<ul class='thumbnails'><li>".implode("</li><li>",$images)."</li></ul>" : implode("<br />",$images);	
+				if(deftrue('BOOTSTRAP')) 
 				{
 					return "<ul class='thumbnails list-unstyled list-inline'><li>".implode("</li><li>",$images)."</li></ul>".vartrue($txt); 
 				}
 				else
 				{
 					return implode("<br />",$images)."<br />".vartrue($txt);	
 				}
 			}
-			
+						
 			return $txt;
 		}
 	}
@@ -441,9 +447,9 @@ class plugin_forum_view_shortcodes extends e_shortcode
 	$text .= "<li class='divider'></li>";
-	if(plugInstalled('pm') && ($this->postInfo['post_user'] > 0))
+	if(e107::isInstalled('pm') && ($this->postInfo['post_user'] > 0))
 	{
-		$text .= "<li><a href='".e_PLUGIN_ABS."pm/pm.php?send.{$this->postInfo['post_user']}'>".LAN_FORUM_2036."</a></li>";
+		$text .= "<li><a href='".e_PLUGIN_ABS."pm/pm.php?send.{$this->postInfo['post_user']}'>".$tp->toGlyph('envelope')." ".LAN_FORUM_2036." </a></li>";
 	}
 	if($website = $this->sc_website())
@@ -506,8 +512,12 @@ class plugin_forum_view_shortcodes extends e_shortcode
 				$text .= "<li><a href='".e107::getUrl()->create('forum/thread/edit', array('id' => $this->postInfo['post_id']))."'>".LAN_FORUM_2039." ".$tp->toGlyph('edit')."</a></li>";
 			}
-			$text .= "<li><a href='".e_REQUEST_URI."' data-forum-action='deletepost' data-forum-post='".$this->postInfo['post_id']."'>".LAN_FORUM_2040." ".$tp->toGlyph('trash')."</a></li>"; 
+			// only show delete button when post is not the initial post of the topic
-
+			if(!$this->forum->threadDetermineInitialPost($this->postInfo['post_id'])) 
 			{
 				$text .= "<li><a href='".e_REQUEST_URI."' data-forum-action='deletepost' data-forum-post='".$this->postInfo['post_id']."'>".LAN_FORUM_2040." ".$tp->toGlyph('trash')."</a></li>"; 
 			}
 			if ($type == 'thread')
 			{
 				$text .= "<li><a href='" . e107::getUrl()->create('forum/thread/move', array('id' => $this->postInfo['post_id']))."'>".LAN_FORUM_2042." ".$tp->toGlyph('move')."</a></a></li>"; 
--- a/e107_plugins/pm/pm_class.php
+++ b/e107_plugins/pm/pm_class.php
@@ -2,7 +2,7 @@
 /*
 * e107 website system
 *
- * Copyright (C) 2008-2013 e107 Inc (e107.org)
+ * Copyright (C) 2008-2014 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
@@ -11,12 +11,6 @@
 */
 /**
 *	e107 Private messenger plugin
 *
 *	@package	e107_plugins
 *	@subpackage	pm
 */
 if (!defined('e107_INIT')) { exit; }
@@ -162,7 +156,7 @@ class private_message
 				'pm_read' => 0,							/* Date read */
 				'pm_subject' => $pm_subject,
 				'pm_text' => $pm_message,
-				'pm_sent_del' => 1,						/* Set when can delete */
+				'pm_sent_del' => 0,						/* Set when can delete */
 				'pm_read_del' => 0,						/* set when can delete */
 				'pm_attachments' => $attachlist,
 				'pm_option' => $pm_options,				/* Options associated with PM - '+rr' for read receipt */
@@ -279,18 +273,22 @@ class private_message
 		if($sql->select('private_msg', '*', 'pm_id = '.$pmid.' AND (pm_from = '.USERID.' OR pm_to = '.USERID.')'))
 		{
 			$row = $sql->fetch();
 			// if user is the receiver of the PM
 			if (!$force && ($row['pm_to'] == USERID))
 			{
 				$newvals = 'pm_read_del = 1';
 				$ret .= LAN_PM_42.'<br />';
-				if($row['pm_sent_del'] == 1) { $force = TRUE; }
+				if($row['pm_sent_del'] == 1) { $force = TRUE; } // sender has deleted as well, set force to true so the DB record can be deleted
 			}
 			// if user is the sender of the PM
 			if (!$force && ($row['pm_from'] == USERID))
 			{
 				if($newvals != '') { $force = TRUE; }
 				$newvals = 'pm_sent_del = 1';
 				$ret .= LAN_PM_43."<br />";
-				if($row['pm_read_del'] == 1) { $force = TRUE; }
+				if($row['pm_read_del'] == 1) { $force = TRUE; } // receiver has deleted as well, set force to true so the DB record can be deleted
 			}
 			if($force == TRUE)
@@ -620,7 +618,7 @@ class private_message
 		$qry = "
 		SELECT SQL_CALC_FOUND_ROWS pm.*, u.user_image, u.user_name FROM #private_msg AS pm
 		LEFT JOIN #user AS u ON u.user_id = pm.pm_to
-		WHERE pm.pm_from='{$uid}' AND pm.pm_read_del=0
+		WHERE pm.pm_from='{$uid}' AND pm.pm_sent_del = '0'
 		ORDER BY pm.pm_sent DESC
 		LIMIT ".$from.', '.$limit;
@@ -716,9 +714,9 @@ class private_message
 		'FORM_TOUSER'		=> 'PM_FORM_TOUSER',
 		'FORM_TOCLASS'		=> 'PM_FORM_TOCLASS',
 		'FORM_SUBJECT'		=> 'PM_FORM_SUBJECT',
-		'FORM_MESSAGE '		=> 'PM_FORM_MESSAGE ',
+		'FORM_MESSAGE'		=> 'PM_FORM_MESSAGE',
-		'EMOTES'				=> 'PM_EMOTES',
+		'EMOTES'			=> 'PM_EMOTES',
-		'ATTACHMENT'			=> 'PM_ATTACHMENT',
+		'ATTACHMENT'		=> 'PM_ATTACHMENT',
 		'RECEIPT'			=> 'PM_RECEIPT',
 		'INBOX_TOTAL'		=> 'PM_INBOX_TOTAL',
 		'INBOX_UNREAD'		=> 'PM_INBOX_UNREAD',
@@ -727,13 +725,10 @@ class private_message
 		'OUTBOX_UNREAD'		=> 'PM_OUTBOX_UNREAD',
 		'OUTBOX_FILLED'		=> 'PM_OUTBOX_FILLED',
 		'SEND_PM_LINK'		=> 'PM_SEND_PM_LINK',
 		'NEWPM_ANIMATE'		=> 'PM_NEWPM_ANIMATE',
 		'BLOCKED_SENDERS_MANAGE'		=> 'PM_BLOCKED_SENDERS_MANAGE',
 		'DELETE_BLOCKED_SELECTED'		=> 'DELETE_BLOCKED_SELECTED'
 		);	
--- a/e107_plugins/pm/pm_func.php
+++ b/e107_plugins/pm/pm_func.php
@@ -2,31 +2,16 @@
 /*
 * e107 website system
 *
- * Copyright (C) 2008-2009 e107 Inc (e107.org)
+ * Copyright (C) 2008-2014 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
 *	Private messenger plugin - utility functions
 *
 * $Source: /cvs_backup/e107_0.8/e107_plugins/pm/pm_func.php,v $
 * $Revision$
 * $Date$
 * $Author$
 */
 /**
 *	e107 Private messenger plugin
 *
 *	@package	e107_plugins
 *	@subpackage	pm
 *	@version 	$Id$;
 */
 if (!defined('e107_INIT')) { exit; }
 class pmbox_manager
 {
 	protected	$pmPrefs = array();
@@ -67,13 +52,13 @@ class pmbox_manager
 		}
 		else
 		{
-			$qry = "SELECT count(pm.pm_from) AS total, SUM(pm.pm_size)/1024 size, SUM(pm.pm_read = 0) as unread FROM `#private_msg` as pm WHERE pm.pm_from = ".USERID." AND pm.pm_read_del = 0";
+			$qry = "SELECT count(pm.pm_from) AS total, SUM(pm.pm_size)/1024 size, SUM(pm.pm_read = 0) as unread FROM `#private_msg` as pm WHERE pm.pm_from = ".USERID." AND pm.pm_sent_del = 0";
 		}
 		if(!isset($pm_info[$which]['total']))
 		{
-			$this->pmDB->db_Select_gen($qry);
+			$this->pmDB->gen($qry);
-			$pm_info[$which] = $this->pmDB->db_Fetch();
+			$pm_info[$which] = $this->pmDB->fetch();
 			if ($which == 'inbox' && ($this->pmPrefs['animate'] == 1 || $this->pmPrefs['popup'] == 1))
 			{
 				if($new = $this->pmDB->db_Count('private_msg', '(*)', "WHERE pm_sent > '".USERLV."' AND pm_read = 0 AND pm_to = '".USERID."' AND pm_read_del != 1"))
@@ -99,9 +84,9 @@ class pmbox_manager
 				{
 					$qry = "SELECT MAX(gen_intdata) AS inbox_limit, MAX(gen_chardata) as outbox_limit FROM `#generic` WHERE gen_type='pm_limit' AND gen_datestamp IN (".USERCLASS_LIST.")";
 				}
-				if($this->pmDB->db_Select_gen($qry))
+				if($this->pmDB->gen($qry))
 				{
-					$row = $this->pmDB->db_Fetch();
+					$row = $this->pmDB->fetch();
 					$pm_info['inbox']['limit'] =  $row['inbox_limit'];
 					$pm_info['outbox']['limit'] =  $row['outbox_limit'];
 				}
--- a/e107_plugins/pm/pm_template.php
+++ b/e107_plugins/pm/pm_template.php
@@ -106,10 +106,10 @@ $PM_INBOX_HEADER = "
 	<th class='fcaption' style='width:8%'>&nbsp;</th>
 </tr>
 </thead>
 	<tbody>
 ";
 $PM_INBOX_TABLE = "
 <tbody>
 <tr>
 	<td class='forumheader3'>{PM_SELECT}</td>
 	<td class='forumheader3'>{PM_READ_ICON}</td>
--- a/e107_plugins/social/e_shortcode.php
+++ b/e107_plugins/social/e_shortcode.php
@@ -22,13 +22,14 @@ class social_shortcodes extends e_shortcode
 	{
 		$social = array(
 			'rss'			=> array('href'=> (e107::isInstalled('rss_menu') ? e_PLUGIN_ABS."rss_menu/rss.php?news.2" : ''), 'title'=>'Feed'),
 			'facebook'		=> array('href'=> deftrue('XURL_FACEBOOK'), 	'title'=>'Facebook'),
 			'twitter'		=> array('href'=> deftrue('XURL_TWITTER'),		'title'=>'Twitter'),
 			'google-plus'	=> array('href'=> deftrue('XURL_GOOGLE'),		'title'=>'Google Plus'),
 			'linkedin'		=> array('href'=> deftrue('XURL_LINKEDIN'),		'title'=>'LinkedIn'),
 			'github'		=> array('href'=> deftrue('XURL_GITHUB'),		'title'=>'Github'),
 			'pinterest'		=> array('href'=> deftrue('XURL_PINTEREST'),	'title'=>'Pinterest'),
 			'flickr'		=> array('href'=> deftrue('XURL_FLICKR'),		'title'=>'Flickr'),
 			'instagram'		=> array('href'=> deftrue('XURL_INSTAGRAM'),	'title'=>'Instagram'),
 			'youtube'		=> array('href'=> deftrue('XURL_YOUTUBE'),		'title'=>'YouTube'),
 			'vimeo'			=> array('href'=> deftrue('XURL_VIMEO'),		'title'=>'Vimeo')
--- a/e107_plugins/tagwords/tagwords_class.php
+++ b/e107_plugins/tagwords/tagwords_class.php
@@ -2,10 +2,10 @@
 /*
 * e107 website system
 *
- * Copyright (C) 2008-2013 e107 Inc (e107.org)
+ * Copyright (C) 2008-2014 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
- *
+ * 
 * Tagwords Class
 *
 */
@@ -312,8 +312,8 @@ class tagwords
 		//insert the differences (insert what has been added)
 		$insert_diff = array_diff($new, $existing);
 		$count = 0;
-	//	print_a($insert_diff);
+		//print_a($insert_diff);
-		return ("Tagword Insert: ".print_a($new,true)); // FIXME
+		//return ("Tagword Insert: ".print_a($new,true)); // debug info
 		foreach($insert_diff as $word)
 		{
@@ -325,10 +325,10 @@ class tagwords
 			$args['tag_itemid'] = $tag_itemid;
 			$args['tag_word'] = $word;
 			$count += $sql->insert($this->table, $args) ? 1 : 0;
-			return "a Diff was made";
+			//return "a Diff was made";
 		}
-		return "<br />".LAN_TAG_3.": ".$count." words."; // FIXME
+		return "<br />".LAN_TAG_3.": ".$count." words."; 
 	}
 	/*
--- a/e107_themes/_blank/_blank_config.php
+++ b/e107_themes/_blank/_blank_config.php
@@ -8,10 +8,11 @@ class theme__blank implements e_theme_config
 	function process() // Save posted values from config() fields. 
 	{
 		$pref = e107::getConfig();
 		$tp = e107::getParser();
 		$theme_pref 					= array();
-		$theme_pref['example']			= $_POST['_blank_example'];
+		$theme_pref['example']			= $tp->toDb($_POST['_blank_example']);
-		$theme_pref['example2'] 		= intval($_POST['_blank_example2']);
+		$theme_pref['example2'] 		= $tp->toDb($_POST['_blank_example2']);
 		$pref->set('sitetheme_pref', $theme_pref);
 		return $pref->dataHasChanged();
@@ -21,11 +22,12 @@ class theme__blank implements e_theme_config
 	{
 		$frm = e107::getForm();
-		$var[0]['caption'] = "Sample configuration field";
+		$var[0]['caption'] 	= "Sample configuration field";
-		$var[0]['html'] = $frm->text('_blank_example', e107::getThemePref('example', 'default'));
+		$var[0]['html'] 	= $frm->text('_blank_example', e107::getThemePref('example', 'default'));
 		$var[0]['help']		= "Example help text for this input field"; 
-		$var[1]['caption'] = "Sample configuration field2";
+		$var[1]['caption'] 	= "Sample configuration field 2";
-		$var[1]['html'] = $frm->text('_blank_example2', e107::getThemePref('example2', 'default'));
+		$var[1]['html'] 	= $frm->text('_blank_example2', e107::getThemePref('example2', 'default'));
 		return $var;
 	}
--- a/fpw.php
+++ b/fpw.php
@@ -2,18 +2,18 @@
 /*
 * e107 website system
 *
-* Copyright 2008-2010 e107 Inc (e107.org)
+* Copyright 2008-2014 e107 Inc (e107.org)
 * Released under the terms and conditions of the
 * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
 *
 * Interface for users who have forgotten their password
 *
 * $URL$
 * $Id$
 *
 */
 require_once('class2.php');
-include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);
+
 e107::coreLan('fpw'); 
 $tp = e107::getParser();
 if (USER && !getperms('0'))
@@ -24,19 +24,18 @@ if (USER && !getperms('0'))
 if($pref['fpwcode'] && extension_loaded('gd'))
 {
-	define('USE_IMAGECODE',TRUE);
+	define('USE_IMAGECODE', TRUE);
 	require_once(e_HANDLER.'secure_img_handler.php');
 	$sec_img = new secure_image;
 }
 else
 {
-	define('USE_IMAGECODE',FALSE);
+	define('USE_IMAGECODE', FALSE);
 }
 class fpw_shortcodes extends e_shortcode
-{
+{	
 	private $secImg;
 	function __construct()
@@ -45,23 +44,25 @@ class fpw_shortcodes extends e_shortcode
 		$this->secImg = $sec_img;	
 	}
-	function sc_fpw_username($parm='') //TODO Use $frm
+	function sc_fpw_username($parm='') // used when email login is disabled
 	{
-		return "<input class='tbox' type='text' name='username' size='40' value='' maxlength='100' />";	
+		// return "<input class='tbox' type='text' name='username' size='40' value='' maxlength='100' />";	
 		return e107::getForm()->text('username'); // $frm->userpicker()?
 	}
-	function sc_fpw_useremail($parm='') //TODO Use $frm
+	function sc_fpw_useremail($parm='') 
 	{
-		return '<input class="tbox form-control" type="text" name="email" size="40" value="" maxlength="100" placeholder="Email" required="required" type="email">';
+		// return '<input class="tbox form-control" type="text" name="email" size="40" value="" maxlength="100" placeholder="Email" required="required" type="email">';
-	//	return "<input class='tbox' type='text' name='email' size='40' value='' maxlength='100' />";	
+		// return "<input class='tbox' type='text' name='email' size='40' value='' maxlength='100' />";	
 		return e107::getForm()->email('email', '', 200, array('placeholder' => 'Email', 'required' => 'required')); 
 	}
-	function sc_fpw_submit($parm='') //TODO Use $frm
+	function sc_fpw_submit($parm='') 
 	{
-		$label = deftrue('LAN_FPW_102', LAN_156);
+		// return '<button type="submit" name="pwsubmit" class="button btn btn-primary btn-block reset">'.$label.'</button>';
 		return '<button type="submit" name="pwsubmit" class="button btn btn-primary btn-block reset">'.$label.'</button>';
 		// return "<input class='button btn btn-primary btn-block' type='submit' name='pwsubmit' value='".$label."' />";	
 		$label = deftrue('LAN_FPW_102', LAN_156);
 		return e107::getForm()->button('pwsubmit', $label); 
 	}
 	function sc_fpw_captcha_lan($parm='')
@@ -93,20 +94,9 @@ class fpw_shortcodes extends e_shortcode
 	{
 		return deftrue('LAN_FPW_101',"Not to worry. Just enter your email address below and we'll send you an instruction email for recovery.");	
 	}
 }
 if ($pref['membersonly_enabled'])
 {
 	$sc = array (
@@ -134,43 +124,59 @@ require_once(HEADERF);
 function fpw_error($txt)
 {
-	global $ns;
+	if(deftrue('BOOTSTRAP'))
-	$ns->tablerender(LAN_03, "<div class='fpw-page'>".$txt."</div>", 'fpw');
+	{
 		e107::getMessage()->addError($txt);
 		e107::getRender()->tablerender(LAN_03, e107::getMessage()->render());
 		require_once(FOOTERF);
 		exit;
 	}
 	e107::getRender()->tablerender(LAN_03, "<div class='fpw-page'>".$txt."</div>", 'fpw');
 	require_once(FOOTERF);
 	exit;
 }
 //the separator character used
 define('FPW_SEPARATOR', '#');
 //$fpw_sep = '#';
-
+// User has clicked on the emailed link
-if (e_QUERY)
+if(e_QUERY)
-{	// User has clicked on the emailed link
+{	
 	// Make sure login menu is not giving any troubles
 	define('FPW_ACTIVE','TRUE');
 	// Verify the password reset code syntax
 	$tmpinfo = preg_replace("#[\W_]#", "", e107::getParser()->toDB(e_QUERY, true));			// query part is a 'random' number
 	if ($tmpinfo != e_QUERY)
 	{
-		die();			// Shouldn't be any characters that toDB() changes
+		// Shouldn't be any characters that toDB() changes
 		//die();			
 		e107::getRedirect()->redirect(SITEURL);
 	}
-	if ($sql->db_Select('tmp', '*', "`tmp_ip`='pwreset' AND `tmp_info` LIKE '%".FPW_SEPARATOR.$tmpinfo."' "))
+
 	// Verify the password reset code
 	if ($sql->select('tmp', '*', "`tmp_ip`='pwreset' AND `tmp_info` LIKE '%".FPW_SEPARATOR.$tmpinfo."' "))
 	{
-		$row = $sql->db_Fetch();
+		$row = $sql->fetch();
-		$sql->db_Delete('tmp', "`tmp_time` = ".$row['tmp_time']." AND `tmp_info` = '".$row['tmp_info']."' ");
+
 		// Delete the record 
 		$sql->delete('tmp', "`tmp_time` = ".$row['tmp_time']." AND `tmp_info` = '".$row['tmp_info']."' ");
 		list($loginName, $md5) = explode(FPW_SEPARATOR, $row['tmp_info']);
-		$loginName = $tp -> toDB($loginName, true);
+		$loginName = $tp->toDB($loginName, true);
-		if ($md5 != $tmpinfo)
+		// This should never happen! 
 		if($md5 != $tmpinfo)
 		{
-			die('Random mismatch!');			// This should never happen!
+			e107::getRedirect()->redirect(SITEURL);	
 		}
-		$newpw = $user_info->generateRandomString(str_repeat('*', rand(8, 12)));		// Generate new temporary password
+		// Generate new temporary password
-		$mdnewpw = $user_info->HashPassword($newpw,$loginName);
+		$newpw 		= $user_info->generateRandomString(str_repeat('*', rand(8, 12)));		
 		$mdnewpw 	= $user_info->HashPassword($newpw, $loginName);
 		// Details for admin log
 		$do_log['password_action'] = LAN_FPW21;
@@ -180,43 +186,49 @@ if (e_QUERY)
 		$do_log['user_password'] = $mdnewpw;
 		$admin_log->user_audit(USER_AUDIT_PW_RES,$do_log,0,$do_log['user_name']);
-		$sql->db_Update('user', "`user_password`='{$mdnewpw}' WHERE `user_loginname`='".$loginName."' ");
+		// Update password in database
 		$sql->update('user', "`user_password`='{$mdnewpw}' WHERE `user_loginname`='".$loginName."' ");
 		// Prepare new information to display to user
 		if((integer) e107::getPref('allowEmailLogin') > 0)
 		{
 			// always show email when possible
-			$sql->db_Select('user', 'user_email', "user_loginname='{$loginName}'");
+			$sql->select('user', 'user_email', "user_loginname='{$loginName}'");
-			$tmp = $sql->db_Fetch();
+			$tmp = $sql->fetch();
 			$loginName = $tmp['user_email'];
 			unset($tmp);
 		}
 		// Reset login cookie/session (?)
 		cookie($pref['cookie_name'], '', (time()-2592000));
 		$_SESSION[$pref['cookie_name']] = '';
 		// Display success message containing new login information
 		$txt = "<div class='fpw-message'>".LAN_FPW8."</div>
 		<table class='fpw-info'>
 		<tr><td>".LAN_218."</td><td style='font-weight:bold'>{$loginName}</td></tr>
 		<tr><td>".LAN_FPW9."</td><td style='font-weight:bold'>{$newpw}</td></tr>
 		</table>
 		<br /><br />".LAN_FPW10." <a href='".e_LOGIN."'>".LAN_FPW11."</a> ".LAN_FPW12;
-		fpw_error($txt);
+		
-
+		e107::getMessage()->addSuccess($txt);
 		e107::getRender()->tablerender(LAN_03, e107::getMessage()->render());
 		require_once(FOOTERF);
 		exit;
 	}
 	// The password reset code was not found
 	else
 	{
-		fpw_error(LAN_FPW7);		// No 'forgot password' entry found
+		fpw_error(LAN_FPW7);		
 	}
 }
 // Request to reset password
 //--------------------------
 if (isset($_POST['pwsubmit']))
-{	// Request for password reset submitted
+{	
 	require_once(e_HANDLER.'mail.php');
-	$email = $_POST['email'];
+	
 	if ($pref['fpwcode'] && extension_loaded('gd'))
 	{
 		if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify']))
@@ -224,86 +236,102 @@ if (isset($_POST['pwsubmit']))
 			fpw_error(LAN_FPW3);
 		}
 	}
-
+	
-	$clean_email = check_email($tp -> toDB($_POST['email']));
+	$email 			= $_POST['email'];
-	$clean_username = $tp -> toDB(varset($_POST['username'], ''));
+	$clean_email 	= check_email($tp->toDB($_POST['email']));
 	$clean_username = $tp->toDB(varset($_POST['username'], ''));
 	$query = "`user_email`='{$clean_email}' ";
 	// Allow admins to remove 'username' from fpw_template.php if they wish.
 	$query .= (isset($_POST['username'])) ? " AND `user_loginname`='{$clean_username}'" : "";
-	if ($sql->db_Select('user', '*', $query))
+	if($sql->select('user', '*', $query))
-	{	// Found user in DB
+	{	
-		$row = $sql->db_Fetch();
+		// Found user in DB
 		$row = $sql->fetch();
 		// Main admin expected to be competent enough to never forget password! (And its a security check - so warn them)
 		// Sending email to admin alerting them of attempted admin password reset, and redirect user to homepage. 
 		if (($row['user_admin'] == 1) && (($row['user_perms'] == '0')  OR ($row['user_perms'] == '0.')))
-		{	// Main admin expected to be competent enough to never forget password! (And its a security check - so warn them)
+		{	
 			sendemail($pref['siteadminemail'], LAN_06, LAN_07.' ['.e107::getIPHandler()->getIP(FALSE).'] '.e107::getIPHandler()->getIP(TRUE).' '.LAN_08);
-			echo "<script type='text/javascript'>document.location.href='index.php'</script>\n";
+			e107::getRedirect()->redirect(SITEURL);
 			die();
 		}
-		switch ($row['user_ban'])
+		// Banned user, or not validated
-		{	// Banned user, or not validated
+		switch($row['user_ban'])
-			case USER_BANNED :
+		{	
-				die();
+			case USER_BANNED:
-			case USER_VALIDATED :
+				e107::getRedirect()->redirect(SITEURL);
 			case USER_VALIDATED:
 				break;
-			default :
+			default:
-				fpw_error(LAN_FPW22.':'.$row['user_ban']);		// Intentionally rather a vague message
+				fpw_error(LAN_02.':'.$row['user_ban']);		// Intentionally rather a vague message
 				exit;
 		}
-		if ($result = $sql->db_Select('tmp', '*', "`tmp_ip` = 'pwreset' AND `tmp_info` LIKE '".$row['user_loginname'].FPW_SEPARATOR."%'"))
+		// Check if password reset was already requested
 		if ($result = $sql->select('tmp', '*', "`tmp_ip` = 'pwreset' AND `tmp_info` LIKE '".$row['user_loginname'].FPW_SEPARATOR."%'"))
 		{
-			fpw_error(LAN_FPW4);		// Password reset already requested
+			fpw_error(LAN_FPW4);		
 			exit;
 		}
 		// Set unique reset code
 		mt_srand ((double)microtime() * 1000000);
-		$maxran = 1000000;
+		$maxran 	= 1000000;
-		$rand_num = mt_rand(0, $maxran);
+		$rand_num 	= mt_rand(0, $maxran);
-		$datekey = date('r');
+		$datekey 	= date('r');
-		$rcode = md5($_SERVER['HTTP_USER_AGENT'] . serialize($pref). $rand_num . $datekey);
+		$rcode 		= md5($_SERVER['HTTP_USER_AGENT'] . serialize($pref). $rand_num . $datekey);
-		$link = SITEURL.'fpw.php?'.$rcode;
+		// Prepare email
-		$message = LAN_FPW5.' '.SITENAME.' '.LAN_FPW14.': '.e107::getIPHandler()->getIP(TRUE).".\n\n".LAN_FPW15."\n\n".LAN_FPW16."\n\n".LAN_FPW17."\n\n{$link}";
+		$link 		= SITEURL.'fpw.php?'.$rcode;
 		$message 	= LAN_FPW5.' '.SITENAME.' '.LAN_FPW14.': '.e107::getIPHandler()->getIP(TRUE).".\n\n".LAN_FPW15."\n\n".LAN_FPW16."\n\n".LAN_FPW17."\n\n{$link}";
-		$deltime = time()+86400 * 2;			//Set timestamp two days ahead so it doesn't get auto-deleted
+		// Set timestamp two days ahead so it doesn't get auto-deleted
-		$sql->db_Insert('tmp', "'pwreset',{$deltime},'".$row['user_loginname'].FPW_SEPARATOR.$rcode."'");
+		$deltime = time()+86400 * 2;			
 		// Insert the password reset request into the database 
 		$sql->insert('tmp', "'pwreset',{$deltime},'".$row['user_loginname'].FPW_SEPARATOR.$rcode."'");
-		$do_log['password_action'] = LAN_FPW18;
+		// Setup the information to log
-		$do_log['user_id'] = $row['user_id'];
+		$do_log['password_action'] 	= LAN_FPW18;
-		$do_log['user_name'] = $row['user_name'];
+		$do_log['user_id'] 			= $row['user_id'];
-		$do_log['user_loginname'] = $row['user_loginname'];
+		$do_log['user_name'] 		= $row['user_name'];
-		$do_log['activation_code'] = $rcode;
+		$do_log['user_loginname'] 	= $row['user_loginname'];
 		$do_log['activation_code'] 	= $rcode;
-		if (sendemail($_POST['email'], "".LAN_09."".SITENAME, $message))
+		// Try to send the email 
 		if(sendemail($_POST['email'], "".LAN_09."".SITENAME, $message))
 		{
-		  $text = "<div style='text-align:center'>".LAN_FPW6."</div>";
+			e107::getMessage()->addInfo(LAN_FPW6);
-		  $do_log['password_result'] = LAN_FPW20;
+			$do_log['password_result'] = LAN_FPW20;
 		}
 		else
 		{
-		  $text = "<div style='text-align:center'>".LAN_02."</div>";
+			//$text = "<div style='text-align:center'>".LAN_02."</div>";
-		  $do_log['password_result'] = LAN_FPW19;
+			$do_log['password_result'] = LAN_FPW19;
 		  	fpw_error(LAN_02); 
 		}
 		$admin_log->user_audit(USER_AUDIT_PW_RES,$do_log,$row['user_id'],$row['user_name']);
-		$ns->tablerender(LAN_03, $text);
+		// Log to user audit log
 		e107::getAdminLog()->user_audit(USER_AUDIT_PW_RES, $do_log, $row['user_id'], $row['user_name']);
 		$ns->tablerender(LAN_03, $text.e107::getMessage()->render());
 		require_once(FOOTERF);
 		exit;
 	}
 	else
 	{
-		$text = LAN_213;
+		//$text = LAN_213;
-		$ns->tablerender(LAN_214, "<div style='text-align:center'>".$text."</div>");
+		//$ns->tablerender(LAN_214, "<div style='text-align:center'>".$text."</div>");
 		e107::getMessage()->addError(LAN_213); 
 		$ns->tablerender(LAN_214, e107::getMessage()->render()); 
 	}
 }
-$sc = array();
+$sc = array(); // needed?
 /*
@@ -320,10 +348,13 @@ if (USE_IMAGECODE)
 if(deftrue('BOOTSTRAP'))
 {
-	$FPW_TABLE = e107::getCoreTemplate('fpw','form');	
+	// TODO do we want the <form> element outside the template?
 	$FPW_TABLE = "<form method='post' action='".SITEURL."fpw.php' autocomplete='off'>";
 	$FPW_TABLE .= e107::getCoreTemplate('fpw','form');	
 	$FPW_TABLE .= "</form>"; 
 	$caption = deftrue('LAN_FPW_100',"Forgot your password?");	
 }	
-elseif (!$FPW_TABLE)
+elseif(!$FPW_TABLE)
 {
 	require_once (e107::coreTemplatePath('fpw')); //correct way to load a core template.
 	$caption = LAN_03;
@@ -343,9 +374,4 @@ $text = $tp->parseTemplate($FPW_TABLE, true, $sc);
 $ns->tablerender($caption, $text);
 require_once(FOOTERF);
 ?>