From a9cd6dc4af18e252b09787daeda03a265570795d Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Tue, 15 Aug 2017 02:30:38 +0200
Subject: [PATCH 01/23] Ajout de la classe messages qui remplace la classe
 error

---
 bureau/class/m_messages.php | 262 ++++++++++++++++++++++++++++++++++++
 1 file changed, 262 insertions(+)
 create mode 100644 bureau/class/m_messages.php

diff --git a/bureau/class/m_messages.php b/bureau/class/m_messages.php
new file mode 100644
index 00000000..6c8acd9b
--- /dev/null
+++ b/bureau/class/m_messages.php
@@ -0,0 +1,262 @@
+<?php
+
+/*
+  $Id: m_messages.php,v 1.4 2004/05/19 14:23:06 benjamin Exp $
+  ----------------------------------------------------------------------
+  LICENSE
+
+  This program is free software; you can redistribute it and/or
+  modify it under the terms of the GNU General Public License (GPL)
+  as published by the Free Software Foundation; either version 2
+  of the License, or (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  To read the license please visit http://www.gnu.org/copyleft/gpl.html
+  ----------------------------------------------------------------------
+  Original Author of file: Benjamin Sonntag, Franck Missoum
+  ----------------------------------------------------------------------
+ */
+
+/**
+ * Classe de gestion des messages apparaissant lors d'appels API.
+ *
+ * <p>Cette classe gère les messages qui peuvent apparaitre lors d'appels
+ * à l'API d'AlternC. Ces msgs sont stockées sous la forme d'1 nombre
+ * (Classe ID) ainsi que du msg en associé.
+ * Des messages localisés sont aussi disponibles.</p>
+ * <p>Cette classe se charge aussi d'insérer les appels à l'API d'AlternC
+ * dans les logs du système dans /var/log/alternc/bureau.log
+ * </p>
+ * Copyleft {@link http://alternc.net/ AlternC Team}
+ * 
+ * @copyright    AlternC-Team 2002-11-01 http://alternc.net/
+ */
+class m_messages {
+
+    /** Tableau qui va contenir les messages et leur id */
+    var $arrMessages = array();
+
+    /** Emplacement du fichier de logs d'AlternC */
+    var $logfile = "/var/log/alternc/bureau.log";
+
+    /** Liste of possible type */
+    var $ARRTYPES = array("ERROR", "ALERT", "INFO", "OK");
+
+    /** Associate css classes */
+    var $ARRCSS = array(
+	"ERROR" => "alert-danger",
+	"ALERT" => "alert-warning",
+	"INFO" => "alert-info",
+	"OK" => "alert-success"
+    );
+
+    public function __construct() {
+	$this->init_msgs();
+    }
+
+    /**
+     * Enregistre un message, signale celle-ci dans les logs
+     * 
+     * Cette fonction enregistre un message, l'ajoute dans les logs d'AlternC, 
+     * et la met à disposition pour le bureau virtuel pour affichage ultérieur.
+     *
+     * @param string $cat The category of the msg array to work with
+     * @param integer $clsid Classe qui lève le message
+     * @param mixed $msg Message
+     * @param string $param Paramètre chaine associé au message (facultatif)
+     * @return boolean TRUE si le msg est enregistré, FALSE sinon.
+     *
+     */
+    function raise($cat = "Error", $clsid, $msg, $param = "") {
+	$arrInfos  = array();
+
+	$type = strtoupper($cat);
+	if (! in_array($type, $this->ARRTYPES)) {
+	    return false;
+	}
+
+	$arrInfos['clsid'] = $clsid;
+	$arrInfos['msg'] = $msg;
+	$arrInfos['param'] = is_array($param)?$param:(empty($param)?"":array($param));
+
+	$this->arrMessages[$type][] = $arrInfos;
+
+        $this->logAlternC($cat);
+        return true;
+    }
+
+    function init_msgs() {
+	// Initialisation du tableau des message
+	foreach ($this->ARRTYPES as $v) {
+	    $this->arrMessages[$v] = array();
+	}
+    }
+
+    /**
+     * Indique s'il y a ds msgs enregistrés pour une catégorie si le param $cat contient une catégorie
+     * ou pour toutesl es catégories si $cat est vide
+     *
+     * @param string $cat The category of the msg array to work with
+     * @return boolean True if there is/are msg recorded.
+     *
+     */
+    function has_msgs($cat) {
+	$type = strtoupper($cat);
+	if (in_array($type, $this->ARRTYPES)) {
+	    return (count($this->arrMessages[$type]) > 0);
+	} else {
+	    foreach ($this->arrMessages as $v) {
+		if (count($v) > 0)
+		    return true;
+	    }
+	    return false;
+	}
+    }
+
+    /**
+     * Retourne la chaine de message concaténés de l'ensemble des msgs enregistrés
+     * ou du dernièr message rencontré
+     *
+     * @param string $cat The category of the msg array to work with
+     * @param string $sep The separator used to concatenate msgs
+     * @param boolean $all show all the messages or only the last one
+     *
+     * @return string Message.
+     *
+     */
+    function msg_str($cat = "Error", $sep = "<li>", $all = true) {
+	$str = "";
+
+	$type = strtoupper($cat);
+	if (! in_array($type, $this->ARRTYPES)) {
+	    return false;
+	}
+
+	if (! $this->has_msgs($cat))
+	    return "";
+
+	if ($all) {
+	    foreach ($this->arrMessages[$type] as $k => $arrMsg) {
+		$args = $arrMsg['param'];
+
+		if (is_array($args) && count($args) > 0) {
+		    array_unshift($args, $arrMsg['msg']);
+		    if ($sep == "<li>")
+		        $str .= "<li>" . call_user_func_array("sprintf", $args) . "</li>";
+		    else
+			$str .= call_user_func_array("sprintf", $args) . $sep;
+		} else
+		    if ($sep == "<li>")
+		        $str .= "<li>" . $arrMsg['msg'] . "</li>";
+		    else
+			$str .= $arrMsg['msg'] . $sep;
+            }
+
+	    if ($sep == "<li>") 
+		$str = "<ul>".$str."</ul>";
+
+	} else {
+	    $i = count($this->arrMessages[$type]) - 1;
+	    if ($i > 0) {
+		$arr_msg=$this->arrMessages[$type][$i];
+		$args = $arr_msg['param'];
+		if (is_array($args) && count($args) > 0) {
+		    array_unshift($args, $arr_msg['msg']);
+		    $str = call_user_func_array("sprintf", $args);
+		} else
+		    $str = $arr_msg['msgId'];
+	    }
+	}
+
+	return $str;
+    }
+
+    /**
+     * Retourn le message au format Html avec la class Css associée
+     *
+     * @param string $cat The category of the msg array to work with
+     * @param string $sep The separator used to concatenate msgs
+     * @param boolean $all show all the messages or only the last one
+     *
+     * @return string HTML message
+     */
+    function msg_html($cat = "Error", $sep = "<li>", $all = true) {
+	$type = strtoupper($cat);
+	if (! in_array($type, $this->ARRTYPES)) {
+	    return false;
+	}
+
+	if (count($this->arrMessages[$type]) == 0)
+	    return "";
+
+	$str = $this->msg_str($cat, $sep, $all);
+	$str = "<div class='alert " . $this->ARRCSS[$type] . "'>" . $str . "</div>";
+
+	return $str;
+    }
+
+    /**
+     * Retourn le message de toutes les catégories au format Html avec la class Css associée
+     *
+     * @param string $sep The separator used to concatenate msgs
+     * @param boolean $all show all the messages or only the last one
+     *
+     * @return string HTML message
+     */
+    function msg_html_all($sep = "<li>", $all = true, $init = false) {
+	$msg="";
+
+	$msg.=$this->msg_html("Error", $sep, $all);
+	$msg.=$this->msg_html("Ok", $sep, $all);
+	$msg.=$this->msg_html("Info", $sep, $all);
+	$msg.=$this->msg_html("Alert", $sep, $all);
+
+	if ($init)
+		$this->init_msgs();
+
+	return $msg;
+    }
+
+    /**
+     * Envoi un log dans /var/log/alternc/bureau.log
+     *
+     * Cette fonction Loggue le dernier msg dans /var/log sur la machine,
+     * permettant ainsi aux admins de savoir ce qu'il se passe...
+     * Elle est appelée automatiquement par error
+     * @access private
+     */
+    function logAlternC($cat = "Error") {
+        global $mem;
+
+	$type = strtoupper($cat);
+	if (! in_array($type, $this->ARRTYPES)) {
+	    return false;
+	}
+
+        @file_put_contents($this->logfile, date("d/m/Y H:i:s") . " - " . get_remote_ip() . " - $type - " . $mem->user["login"] . " - " . $this->msg_str($cat, "", false), FILE_APPEND);
+    }
+
+    /**
+     * Envoi un log d'appel d'API dans /var/log/alternc/bureau.log
+     *
+     * Cette fonction loggue dans /var/log l'appel à la fonction de l'API
+     * d'AlternC.
+     *
+     * @param integer $clsid Numéro de la classe dont on a appelé une fonction
+     * @param string $function Nom de la fonction appelée
+     * @param string $param Paramètre (facultatif) passés à la fonction de l'API.
+     * @return boolean TRUE si le log a été ajouté, FALSE sinon
+     *
+     */
+    function log($clsid, $function, $param = "") {
+        global $mem;
+        return @file_put_contents($this->logfile, date("d/m/Y H:i:s") . " - " . get_remote_ip() . " - CALL - " . $mem->user["login"] . " - $clsid - $function - $param\n", FILE_APPEND);
+    }
+
+}
+
+/* Classe m_messages */

From 2f830d7e4f9a13112ef0fdded3d14e2a44f67be7 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Tue, 15 Aug 2017 03:19:52 +0200
Subject: [PATCH 02/23] Modifs dans le classe membre et la section membre
 d'admin

---
 bureau/admin/mem_admin.php   |  14 ++---
 bureau/admin/mem_chgmail.php |  19 +++---
 bureau/admin/mem_cm.php      |  13 +++--
 bureau/admin/mem_cm2.php     |  15 ++---
 bureau/admin/mem_param.php   |  18 +++---
 bureau/admin/mem_passwd.php  |  15 ++---
 bureau/class/m_mem.php       | 110 ++++++++++++++++++-----------------
 7 files changed, 101 insertions(+), 103 deletions(-)

diff --git a/bureau/admin/mem_admin.php b/bureau/admin/mem_admin.php
index f5725ddc..df15205b 100644
--- a/bureau/admin/mem_admin.php
+++ b/bureau/admin/mem_admin.php
@@ -31,10 +31,8 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$mem->adminpref($admlist)) {
-	$error=$err->errstr();
-} else {
-	$error=_("Your administrator preferences has been successfully changed.");
+if ($mem->adminpref($admlist)) {
+	$msg->raise('Ok', "mem", _("Your administrator preferences has been successfully changed."));
 }
 
 include_once("head.php");
@@ -42,8 +40,8 @@ include_once("head.php");
 ?>
 <h3><?php __("Admin preferences"); ?></h3>
 <?php
-	if (isset($error) && $error) {
-		echo "<p class=\"alert alert-danger\">$error</p>";
-	}
+echo $msg->msg_html_all();
+echo "<p><span class='ina'><a href='mem_param.php'>"._("Click here to continue")."</a></span></p>";
+
+include_once("foot.php");
 ?>
-<?php include_once("foot.php"); ?>
diff --git a/bureau/admin/mem_chgmail.php b/bureau/admin/mem_chgmail.php
index 03d28f9c..3fc9a909 100644
--- a/bureau/admin/mem_chgmail.php
+++ b/bureau/admin/mem_chgmail.php
@@ -34,21 +34,24 @@ $fields = array (
 );
 getFields($fields);
 
-if (!($cle=$mem->ChangeMail1($newmail))) {
-	$error=$err->errstr();
+if ($cle=$mem->ChangeMail1($newmail)) {
+	$msg->raise('Ok', "mem", _("The mail was successfully changed"));
 }
 
 include_once("head.php");
-
 ?>
 <h3><?php __("Change the email of the account"); ?></h3>
 <?php
-	if (isset($error) && $error) {
-		echo "<p class=\"alert alert-danger\">$error</p>";
-		include_once("foot.php");
-		exit();
-	}
+echo $msg->msg_html_all();
+if ($msg->has_msgs('Error')) {
+	echo "<p><span class='ina'><a href='mem_param.php'>"._("Click here to continue")."</a></span></p>";
+	include_once("foot.php");
+	exit();
+}
+
 printf(_("help_mem_chgmail %s"),$newmail);
 ?>
 <p class="code"><?php echo $cle; ?></p>
+<p><span class="ina"><a href="mem_param.php"><?php __("Click here to continue"); ?></a></span></p>
+
 <?php include_once("foot.php"); ?>
diff --git a/bureau/admin/mem_cm.php b/bureau/admin/mem_cm.php
index 2dcae0b9..c0425e30 100644
--- a/bureau/admin/mem_cm.php
+++ b/bureau/admin/mem_cm.php
@@ -41,11 +41,12 @@ getFields($fields);
 ?>
 <h3><?php __("Change the email of the account"); ?></h3>
 <?php
-if (isset($error) && $error) {
-		echo "<p class=\"alert alert-danger\">$error</p>";
-		include_once("foot.php");
-		exit();
-	}
+echo $msg->msg_html_all();
+if ($msg->has_msgs('Error')) {
+	echo "<p><span class='ina'><a href='mem_param.php'>"._("Click here to continue")."</a></span></p>";
+	include_once("foot.php");
+	exit();
+}
 ?>
 <form method="post" action="mem_cm2.php">
   <?php csrf_get(); ?>
@@ -57,4 +58,4 @@ if (isset($error) && $error) {
 		<tr><td align="center" colspan="3"><input type="submit" class="inb" name="submit" value="<?php __("OK"); ?>" /></td></tr>
 	</table>
 </form>
-<?php include_once("foot.php"); ?>
\ No newline at end of file
+<?php include_once("foot.php"); ?>
diff --git a/bureau/admin/mem_cm2.php b/bureau/admin/mem_cm2.php
index 22510e0e..17e509e3 100644
--- a/bureau/admin/mem_cm2.php
+++ b/bureau/admin/mem_cm2.php
@@ -37,8 +37,8 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$mem->ChangeMail2($cookie,$cle,$usr)) {
-	$error=$err->errstr();
+if ($mem->ChangeMail2($cookie,$cle,$usr)) {
+	$msg->raise('Ok', "mem", _("The mailbox has been successfully changed."));
 }
 
 include_once("head.php");
@@ -46,14 +46,9 @@ include_once("head.php");
 ?>
 <h3><?php __("Change the email of the account"); ?></h3>
 <?php
-if (isset($error) && $error) {
-		echo "<p class=\"alert alert-danger\">$error</p>";
-		include_once("foot.php");
-		exit();
-	}
+echo $msg->msg_html_all();
 
-__("The mailbox has been successfully changed.");
+echo "<p><span class='ina'><a href='mem_param.php'>"._("Click here to continue")."</a></span></p>";
 
 include_once("foot.php");
-
-?>
\ No newline at end of file
+?>
diff --git a/bureau/admin/mem_param.php b/bureau/admin/mem_param.php
index 6f6be23a..80b2d61f 100755
--- a/bureau/admin/mem_param.php
+++ b/bureau/admin/mem_param.php
@@ -40,17 +40,21 @@ getFields($fields);
 
 if (!empty($help_setting)) {
 	$mem->set_help_param($showhelp);
-	$error=_("Your help setting has been updated.");
+	$msg->raise('Ok', "mem", _("Your help setting has been updated."));
 }
 
 ?>
 <div align="center"><h3><?php __("Settings of your account"); ?></h3></div>
 <?php
-	if (isset($error) && $error) {
-		echo "<font color=red>$error</font>";
-		include_once("foot.php");
-		exit();
-	}
+if ($msg->has_msgs('Error')) {
+	include_once("mem_param.php");
+	exit();
+}
+
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['mem']['classcount'];
+
+echo $msg->msg_html_all();
 ?>
 
 <div id="tabsmem">
@@ -86,7 +90,7 @@ echo "<p>";
 
 <table border="1" cellspacing="0" cellpadding="4" class="tedit" >
 <tr><th><?php __("Old password"); ?></th><td><input type="password" class="int" name="oldpass" value="<?php isset($oldpass) ? : $oldpass=""; ehe($oldpass); ?>" size="20" maxlength="128" /></td></tr>
-<tr><th><?php __("New password"); ?> (1)</th><td><input type="password" class="int" autocomplete="off" id="newpass" name="newpass" value="<?php isset($newpass) ? : $newpass=""; ehe($newpass);  ?>" size="20" maxlength="60" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","#newpass2"); ?></td></tr>
+<tr><th><?php __("New password"); ?> (1)</th><td><input type="password" class="int" autocomplete="off" id="newpass" name="newpass" value="<?php isset($newpass) ? : $newpass=""; ehe($newpass);  ?>" size="20" maxlength="60" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","#newpass2",$passwd_classcount); ?></td></tr>
 <tr><th><?php __("New password"); ?> (2)</th><td><input type="password" class="int" autocomplete="off" id="newpass2" name="newpass2" value="<?php isset($newpass2) ? : $newpass2=""; ehe($newpass2);?>" size="20" maxlength="61" /></td></tr>
 <tr class="trbtn"><td colspan="3"><input type="submit" class="inb ok" name="submit" value="<?php __("Change my password"); ?>" /></td></tr>
 </table>
diff --git a/bureau/admin/mem_passwd.php b/bureau/admin/mem_passwd.php
index 43fc1eb7..adb171e3 100644
--- a/bureau/admin/mem_passwd.php
+++ b/bureau/admin/mem_passwd.php
@@ -38,10 +38,8 @@ getFields($fields);
 
 
 
-if (!$mem->passwd($oldpass,$newpass,$newpass2)) {
-	$error=$err->errstr();
-} else {
-	$error=_("Your password has been successfully changed.");
+if ($mem->passwd($oldpass,$newpass,$newpass2)) {
+	$msg->raise('Ok', "mem", _("Your password has been successfully changed."));
 }
 
 include_once("head.php");
@@ -49,10 +47,7 @@ include_once("head.php");
 ?>
 <div align="center"><h3><?php __("Password change"); ?></h3></div>
 <?php
-	if (isset($error) && $error) {
-		echo "<font color=red>$error</font>";
-		include("foot.php");
-		exit();
-	}
+echo $msg->msg_html_all();
+echo "<p><span class='ina'><a href='mem_param.php'>"._("Click here to continue")."</a></span></p>";
+include_once("foot.php");
 ?>
-<?php include_once("foot.php"); ?>
diff --git a/bureau/class/m_mem.php b/bureau/class/m_mem.php
index 73185567..bd9ab07e 100644
--- a/bureau/class/m_mem.php
+++ b/bureau/class/m_mem.php
@@ -94,30 +94,30 @@ class m_mem {
      * @return boolean TRUE if the user has been successfully connected, or FALSE if an error occured.
      */
     function login($username, $password, $restrictip = 0, $authip_token = false) {
-        global $db, $err, $cuid, $authip;
-        $err->log("mem", "login", $username);
+        global $db, $msg, $cuid, $authip;
+        $msg->log("mem", "login", $username);
         //    $username=addslashes($username);
         //    $password=addslashes($password);
         $db->query("select * from membres where login= ? ;", array($username));
         if ($db->num_rows() == 0) {
-            $err->raise("mem", _("User or password incorrect"));
+            $msg->raise('Error', "mem", _("User or password incorrect"));
             return false;
         }
         $db->next_record();
         if (_md5cr($password, $db->f("pass")) != $db->f("pass")) {
             $db->query("UPDATE membres SET lastfail=lastfail+1 WHERE uid= ? ;", array($db->f("uid")));
-            $err->raise("mem", _("User or password incorrect"));
+            $msg->raise('Error', "mem", _("User or password incorrect"));
             return false;
         }
         if (!$db->f("enabled")) {
-            $err->raise("mem", _("This account is locked, contact the administrator."));
+            $msg->raise('Error', "mem", _("This account is locked, contact the administrator."));
             return false;
         }
         $this->user = $db->Record;
         $cuid = $db->f("uid");
 
         if (panel_islocked() && $cuid != 2000) {
-            $err->raise("mem", _("This website is currently under maintenance, login is currently disabled."));
+            $msg->raise('Alert', "mem", _("This website is currently under maintenance, login is currently disabled."));
             return false;
         }
 
@@ -136,7 +136,7 @@ class m_mem {
 
         // Error if there is rules, the IP is not allowed and it's not in the whitelisted IP
         if (sizeof($aga) > 1 && !$allowed_ip && !$authip->is_wl(get_remote_ip())) {
-            $err->raise("mem", _("Your IP isn't allowed to connect"));
+            $msg->raise('Error', "mem", _("Your IP isn't allowed to connect"));
             return false;
         }
         // End AuthIP
@@ -157,7 +157,7 @@ class m_mem {
         $_REQUEST["session"] = $sess;
         $db->query("insert into sessions (sid,ip,uid) values (?, ?, ?);", array($sess, $ip, $cuid));
         setcookie("session", $sess, 0, "/");
-        $err->error = 0;
+        $msg->error = 0;
         /* Fill in $local */
         $db->query("SELECT * FROM local WHERE uid= ? ;", array($cuid));
         if ($db->num_rows()) {
@@ -179,11 +179,11 @@ class m_mem {
      * @return boolean TRUE if the user has been successfully connected, FALSE else.
      */
     function setid($id) {
-        global $db, $err, $cuid, $mysql, $quota;
-        $err->log("mem", "setid", $id);
+        global $db, $msg, $cuid, $mysql, $quota;
+        $msg->log("mem", "setid", $id);
         $db->query("select * from membres where uid= ? ;", array($id));
         if ($db->num_rows() == 0) {
-            $err->raise("mem", _("User or password incorrect"));
+            $msg->raise('Error', "mem", _("User or password incorrect"));
             return false;
         }
         $db->next_record();
@@ -197,7 +197,7 @@ class m_mem {
         $_REQUEST["session"] = $sess;
         $db->query("insert into sessions (sid,ip,uid) values (?, ?, ?);", array($sess, $ip, $cuid));
         setcookie("session", $sess, 0, "/");
-        $err->error = 0;
+        $msg->error = 0;
         /* Fill in $local */
         $db->query("SELECT * FROM local WHERE uid= ? ;", array($cuid));
         if ($db->num_rows()) {
@@ -262,11 +262,11 @@ class m_mem {
      * @global string $username/password le login/pass de l'utilisateur
      * @return boolean TRUE si la session est correcte, FALSE sinon.
      */
-    function checkid() {
-        global $db, $err, $cuid;
+    function checkid($show_msg = true) {
+        global $db, $msg, $cuid;
         if (isset($_REQUEST["username"])) {
             if (empty($_REQUEST['password'])) {
-                $err->raise("mem", _("Missing password"));
+                $msg->raise('Error', "mem", _("Missing password"));
                 return false;
             }
             if ($_REQUEST["username"] && $_REQUEST["password"]) {
@@ -275,27 +275,29 @@ class m_mem {
         } // end isset
         $_COOKIE["session"] = isset($_COOKIE["session"]) ? $_COOKIE["session"] : "";
         if (strlen($_COOKIE["session"]) != 32) {
-            $err->raise("mem", _("Identity lost or unknown, please login"));
+	    if ($show_msg)
+                $msg->raise('Error', "mem", _("Identity lost or unknown, please login"));
             return false;
         }
         $ip = get_remote_ip();
         $db->query("select uid, ? as me,ip from sessions where sid= ?;", array($ip, $_COOKIE["session"]));
         if ($db->num_rows() == 0) {
-            $err->raise("mem", _("Session unknown, contact the administrator"));
+	    if ($show_msg)
+                $msg->raise('Error', "mem", _("Identity lost or unknown, please login"));
             return false;
         }
         $db->next_record();
         $cuid = $db->f("uid");
 
         if (panel_islocked() && $cuid != 2000) {
-            $err->raise("mem", _("This website is currently under maintenance, login is currently disabled."));
+            $msg->raise('Alert', "mem", _("This website is currently under maintenance, login is currently disabled."));
             return false;
         }
 
         $db->query("select * from membres where uid= ? ;", array($cuid));
         $db->next_record();
         $this->user = $db->Record;
-        $err->error = 0;
+        $msg->error = 0;
         /* Remplissage de $local */
         $db->query("SELECT * FROM local WHERE uid= ? ;", array($cuid));
         if ($db->num_rows()) {
@@ -312,13 +314,13 @@ class m_mem {
      * @return TRUE si la session est correcte, FALSE sinon.
      */
     function su($uid) {
-        global $cuid, $db, $err, $mysql;
+        global $cuid, $db, $msg, $mysql;
         if (!$this->olduid) {
             $this->olduid = $cuid;
         }
         $db->query("select * from membres where uid= ? ;", array($uid));
         if ($db->num_rows() == 0) {
-            $err->raise("mem", _("User or password incorrect"));
+            $msg->raise('Error', "mem", _("User or password incorrect"));
             return false;
         }
         $db->next_record();
@@ -353,32 +355,32 @@ class m_mem {
      * @return boolean TRUE si la session a bien ete detruite, FALSE sinon.
      */
     function del_session() {
-        global $db, $user, $err, $cuid, $hooks;
+        global $db, $user, $msg, $cuid, $hooks;
         $_COOKIE["session"] = isset($_COOKIE["session"]) ? $_COOKIE["session"] : '';
         setcookie("session", "", 0, "/");
         setcookie("oldid", "", 0, "/");
         if ($_COOKIE["session"] == "") {
-            $err->error = 0;
+            $msg->error = 0;
             return true;
         }
         if (strlen($_COOKIE["session"]) != 32) {
-            $err->raise("mem", _("Cookie incorrect, please accept the session cookie"));
+            $msg->raise('Error', "mem", _("Cookie incorrect, please accept the session cookie"));
             return false;
         }
         $ip = get_remote_ip();
         $db->query("select uid, ? as me,ip from sessions where sid= ? ;", array($ip, $_COOKIE["session"]));
         if ($db->num_rows() == 0) {
-            $err->raise("mem", _("Session unknown, contact the administrator"));
+            $msg->raise('Error', "mem", _("Session unknown, contact the administrator"));
             return false;
         }
         $db->next_record();
         if ($db->f("me") != $db->f("ip")) {
-            $err->raise("mem", _("IP address incorrect, please contact the administrator"));
+            $msg->raise('Error', "mem", _("IP address incorrect, please contact the administrator"));
             return false;
         }
         $cuid = $db->f("uid");
         $db->query("delete from sessions where sid= ? ;", array($_COOKIE["session"]));
-        $err->error = 0;
+        $msg->error = 0;
 
         # Invoker le logout dans toutes les autres classes
         /*
@@ -404,18 +406,18 @@ class m_mem {
      * @return boolean TRUE si le mot de passe a ete change, FALSE sinon.
      */
     function passwd($oldpass, $newpass, $newpass2) {
-        global $db, $err, $cuid, $admin;
-        $err->log("mem", "passwd");
+        global $db, $msg, $cuid, $admin;
+        $msg->log("mem", "passwd");
         if (!$this->user["canpass"]) {
-            $err->raise("mem", _("You are not allowed to change your password."));
+            $msg->raise('Error', "mem", _("You are not allowed to change your password."));
             return false;
         }
         if ($this->user["pass"] != _md5cr($oldpass, $this->user["pass"])) {
-            $err->raise("mem", _("The old password is incorrect"));
+            $msg->raise('Error', "mem", _("The old password is incorrect"));
             return false;
         }
         if ($newpass != $newpass2) {
-            $err->raise("mem", _("The new passwords are differents, please retry"));
+            $msg->raise('Error', "mem", _("The new passwords are differents, please retry"));
             return false;
         }
         $db->query("SELECT login FROM membres WHERE uid= ? ;", array($cuid));
@@ -426,7 +428,7 @@ class m_mem {
         }
         $newpass = _md5cr($newpass);
         $db->query("UPDATE membres SET pass= ? WHERE uid= ?;", array($newpass, $cuid));
-        $err->error = 0;
+        $msg->error = 0;
         return true;
     }
 
@@ -437,14 +439,14 @@ class m_mem {
      * @return boolean TRUE si les preferences ont ete changees, FALSE sinon.
      */
     function adminpref($admlist) {
-        global $db, $err, $cuid;
-        $err->log("mem", "admlist");
+        global $db, $msg, $cuid;
+        $msg->log("mem", "admlist");
         if (!$this->user["su"]) {
-            $err->raise("mem", _("You must be a system administrator to do this."));
+            $msg->raise('Error', "mem", _("You must be a system administrator to do this."));
             return false;
         }
         $db->query("UPDATE membres SET admlist= ? WHERE uid= ?;", array($admlist, $cuid));
-        $err->error = 0;
+        $msg->error = 0;
         return true;
     }
 
@@ -457,16 +459,16 @@ class m_mem {
      * @return boolean TRUE si le mot de passe a ete envoye avec succes, FALSE sinon.
      */
     function send_pass($login) {
-        global $err, $db, $L_HOSTING, $L_FQDN;
-        $err->log("mem", "send_pass");
+        global $msg, $db, $L_HOSTING, $L_FQDN;
+        $msg->log("mem", "send_pass");
         $db->query("SELECT * FROM membres WHERE login= ? ;", array($login));
         if (!$db->num_rows()) {
-            $err->raise("mem", _("This account is locked, contact the administrator."));
+            $msg->raise('Error', "mem", _("This account is locked, contact the administrator."));
             return false;
         }
         $db->next_record();
         if (time() - $db->f("lastaskpass") < 86400) {
-            $err->raise("mem", _("The new passwords are differents, please retry"));
+            $msg->raise('Error', "mem", _("The new passwords are differents, please retry"));
             return false;
         }
         $txt = sprintf(_("Hello,
@@ -501,11 +503,11 @@ Cordially.
      * @return string le cookie si le mail a bien ete envoye, FALSE sinon
      */
     function ChangeMail1($newmail) {
-        global $err, $db, $L_HOSTING, $L_FQDN, $cuid;
-        $err->log("mem", "changemail1", $newmail);
+        global $msg, $db, $L_HOSTING, $L_FQDN, $cuid;
+        $msg->log("mem", "changemail1", $newmail);
         $db->query("SELECT * FROM membres WHERE uid= ? ;", array($cuid));
         if (!$db->num_rows()) {
-            $err->raise("mem", _("This account is locked, contact the administrator."));
+            $msg->raise('Error', "mem", _("This account is locked, contact the administrator."));
             return false;
         }
         $db->next_record();
@@ -514,7 +516,7 @@ Cordially.
         $COOKIE = substr(md5(mt_rand().mt_rand()), 0, 20);
         // et de 6 pour la cl� � entrer. ca me semble suffisant...
         $KEY = substr(md5(mt_rand().mt_rand()), 0, 6);
-        $link = "https://$L_FQDN/mem_cm.php?usr=$cuid&cookie=$COOKIE";
+        $link = "https://$L_FQDN/mem_cm.php?usr=$cuid&cookie=$COOKIE&cle=$KEY";
         $txt = sprintf(_("Hello,
 
 Someone (maybe you) requested an email's address modification of the account
@@ -553,11 +555,11 @@ Cordially.
      * @return boolean TRUE si le mail a bien ete modifie, FALSE sinon
      */
     function ChangeMail2($COOKIE, $KEY, $uid) {
-        global $err, $db;
-        $err->log("mem", "changemail2", $uid);
+        global $msg, $db;
+        $msg->log("mem", "changemail2", $uid);
         $db->query("SELECT * FROM chgmail WHERE cookie= ? and ckey= ? and uid= ?;", array($COOKIE, $KEY, $uid));
         if (!$db->num_rows()) {
-            $err->raise("mem", _("The information you entered is incorrect."));
+            $msg->raise('Error', "mem", _("The information you entered is incorrect."));
             return false;
         }
         $db->next_record();
@@ -578,8 +580,8 @@ Cordially.
      * @param integer $show Faut-il (1) ou non (0) afficher l'aide en ligne
      */
     function set_help_param($show) {
-        global $db, $err, $cuid;
-        $err->log("mem", "set_help_param", $show);
+        global $db, $msg, $cuid;
+        $msg->log("mem", "set_help_param", $show);
         $db->query("UPDATE membres SET show_help= ? WHERE uid= ? ;", array($show, $cuid));
     }
 
@@ -617,8 +619,8 @@ Cordially.
      * @param integer $uid
      */
     function get_creator_by_uid($uid) {
-        global $db, $err;
-        $err->log("dom", "get_creator_by_uid");
+        global $db, $msg;
+        $msg->log("dom", "get_creator_by_uid");
         $db->query("select creator from membres where uid = ? ;", array($uid));
         if (!$db->next_record()) {
             return false;
@@ -633,8 +635,8 @@ Cordially.
      * @access private
      */
     function alternc_export_conf() {
-        global $db, $err;
-        $err->log("mem", "export");
+        global $db, $msg;
+        $msg->log("mem", "export");
         $str = "  <member>\n";
         $users = $this->user;
         $str.="   <uid>" . $users["uid"] . "</uid>\n";

From ff154144e5b23ccc3511587bfec14dd9d65d40cd Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Tue, 15 Aug 2017 03:39:37 +0200
Subject: [PATCH 03/23] fonctions + local + db

---
 bureau/class/config.php    |  7 +++----
 bureau/class/db_mysql.php  |  5 ++---
 bureau/class/functions.php | 38 +++++++++++++++++++++++++++++++-------
 3 files changed, 36 insertions(+), 14 deletions(-)

diff --git a/bureau/class/config.php b/bureau/class/config.php
index ff578321..1d937dd6 100755
--- a/bureau/class/config.php
+++ b/bureau/class/config.php
@@ -90,7 +90,8 @@ require_once(dirname(__FILE__) . "/local.php");
 
 // Define constants from vars of /etc/alternc/local.sh
 // The you can't choose where is the AlternC Panel 
-define("DEFAULT_PASS_SIZE", 8);
+
+define("DEFAULT_PASS_SIZE", 10);
 define('ALTERNC_MAIL', "$L_ALTERNC_MAIL");
 define('ALTERNC_HTML', "$L_ALTERNC_HTML");
 if (isset($L_ALTERNC_LOGS_ARCHIVE)) {
@@ -163,9 +164,9 @@ foreach (glob($root . "class/class_system_*.php") as $fcs) {
 include_once("lang_env.php");
 
 $mem = new m_mem();
-$err = new m_err();
 $authip = new m_authip();
 $hooks = new m_hooks();
+$msg = new m_messages();
 
 if (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"]=="https") {
     $_SERVER["HTTPS"]="on";
@@ -186,7 +187,6 @@ if ((variable_get('force_https', '0', "This variable is set to 0 (default) if us
 $fatalcsrf=false;
 if (count($_POST) && !defined("NOCSRF")) {
   if (csrf_check()<=0) {
-    $error=$err->errstr();
     // We will trigger the error LATER in the code => need initialization of classes
     $fatalcsrf=true;
   }
@@ -200,7 +200,6 @@ if (!defined('NOCHECK')) {
             header('HTTP/1.0 401 Unauthorized');
             exit();
         }
-        $error = $err->errstr();
         include("$root/admin/index.php");
         exit();
     }
diff --git a/bureau/class/db_mysql.php b/bureau/class/db_mysql.php
index 1a2b5395..3d6b0a64 100644
--- a/bureau/class/db_mysql.php
+++ b/bureau/class/db_mysql.php
@@ -68,7 +68,6 @@ class DB_Sql {
    * @return the class variable $Link_ID
    */
   function connect($Database = "", $Host = "", $User = "", $Password = "") {
-     global $err;
      $this->halt('Mysql::connect() : This function should no longer be used');
      /* Handle defaults */
      if ("" == $Database)
@@ -348,8 +347,8 @@ class DB_Sql {
 
   /* public: return table metadata */
   function metadata($table='',$full=false) {
-     global $err;
-     $err->raise('Mysql', 'function is no longer implemented (metadata())');
+     global $msg;
+     $msg->raise("Error", 'Mysql', 'function is no longer implemented (metadata())');
      return FALSE;
   }
 
diff --git a/bureau/class/functions.php b/bureau/class/functions.php
index e6e062c6..a4ae63ee 100755
--- a/bureau/class/functions.php
+++ b/bureau/class/functions.php
@@ -848,16 +848,40 @@ function pager($offset, $count, $total, $url, $before = "", $after = "", $echo =
 /**
  * 
  * @param int $length
+ * @param int $classcount
  * @return string
  */
-function create_pass($length = 8) {
-    $chars = "1234567890abcdefghijkmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
-    $i = 0;
-    $password = "";
-    while ($i <= $length) {
-        $password .= @$chars{mt_rand(0, strlen($chars))};
-        $i++;
+function create_pass($length = 10, $classcount = 3) {
+    $sets = array();
+
+    // Si classcount policy est 4 catégories différents, on utilise les 4 cat, sinon, on en utilise 3
+    if ($classcount < 4)
+	$available_sets='lud';
+    else
+	$available_sets='luds';
+
+    if(strpos($available_sets, 'l') !== false)
+	$sets[] = 'abcdefghijklmnopqrstuvwxyz';
+    if(strpos($available_sets, 'u') !== false)
+	$sets[] = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+    if(strpos($available_sets, 'd') !== false)
+	$sets[] = '0123456789';
+    if(strpos($available_sets, 's') !== false)
+	$sets[] = '(!#$%)*+,-./:;<=>?@[\]^_';
+
+    $all = '';
+    $password = '';
+    foreach($sets as $set) {
+	$password .= $set[array_rand(str_split($set))];
+	$all .= $set;
     }
+
+    $all = str_split($all);
+    for($i = 0; $i < $length - count($sets); $i++)
+	$password .= $all[array_rand($all)];
+
+    $password = str_shuffle($password);
+
     return $password;
 }
 

From 0d5caada2f10f7bbd57c8eccc750c7630a9f8cfa Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Tue, 15 Aug 2017 16:11:57 +0200
Subject: [PATCH 04/23] =?UTF-8?q?class=20mail=20&=20roundcube=20+=20fichie?=
 =?UTF-8?q?rs=20admins=20associ=C3=A9s?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/mail_del.php             |  29 ++++-
 bureau/admin/mail_doadd.php           |   2 +-
 bureau/admin/mail_doedit.php          |  45 +++-----
 bureau/admin/mail_edit.php            |  19 +--
 bureau/admin/mail_list.php            |  28 +----
 bureau/admin/mail_manage_catchall.php |  23 ++--
 bureau/admin/mail_undelete.php        |   6 +-
 bureau/class/m_mail.php               | 160 +++++++++++++-------------
 roundcube/class/m_roundcube.php       |   6 +-
 9 files changed, 150 insertions(+), 168 deletions(-)

diff --git a/bureau/admin/mail_del.php b/bureau/admin/mail_del.php
index 75780e73..cd404262 100755
--- a/bureau/admin/mail_del.php
+++ b/bureau/admin/mail_del.php
@@ -41,10 +41,27 @@ reset($d);
 include_once ("head.php");
 
 if ($confirm=="y") {
-  $error="";
   while (list($key,$val)=each($d)) {
-    $mail->delete($val);
-    $error.=$err->errstr()."<br />"; 
+    // Validate that this email is owned by me...
+    if (!($email = $mail->is_it_my_mail($val))) {
+      continue;
+    }
+
+    // Search for that address:
+    $db->query("SELECT a.id, NOT ISNULL(m.id) AS islocal FROM address a LEFT JOIN mailbox m ON m.address_id=a.id WHERE a.id= ? ;", array($val));
+
+    if (!$db->next_record()) {
+      $msg->raise('Error', "mail", _("The email %s does not exist, it can't be deleted"), $email);
+      continue;
+    }
+
+    if ($mail->delete($val)) {
+      if ($db->f("islocal")) {
+	$msg->raise('Ok', "mail", _("The email %s has been marked for deletion"), $email);
+      } else {
+        $msg->raise('Ok', "mail", _("The email %s has been successfully deleted"), $email);
+      }
+    }
   }
   include("mail_list.php");
   exit();
@@ -61,15 +78,15 @@ if ($confirm=="y") {
 <input type="hidden" name="confirm" value="y" />
 <input type="hidden" name="domain_id" value="<?php ehe($domain_id); ?>" />
 
+<ul>
 <?php
-
 while (list($key,$val)=each($d)) {
   $m=$mail->get_details($val);
   echo "<input type=\"hidden\" name=\"d[]\" value=\"".ehe($val,false)."\" />";
-  echo $m["address"]."@".$m["domain"]."<br />";
+  echo "<li><b>".$m["address"]."@".$m["domain"]."</b></li>";
 }
-
 ?>
+</ul>
 </p>
 <p>
 <input type="submit" class="inb" name="submit" value="<?php __("Confirm the deletion"); ?>" /> - <input type="button" name="cancel" id="cancel" onclick="window.history.go(-1);" class="inb" value="<?php __("Don't delete anything and go back to the email list"); ?>"/>
diff --git a/bureau/admin/mail_doadd.php b/bureau/admin/mail_doadd.php
index dbafc1f2..bbc2521d 100644
--- a/bureau/admin/mail_doadd.php
+++ b/bureau/admin/mail_doadd.php
@@ -30,10 +30,10 @@ $fields = array (
 getFields($fields);
 
 if (!($res=$mail->create($domain_id,$mail_arg))) {
-  $error=$err->errstr();
   include("mail_list.php");
 } else {
   $_REQUEST["mail_id"]=$res;
+  $new_account=true;
   include("mail_edit.php"); 
 }
 ?>
diff --git a/bureau/admin/mail_doedit.php b/bureau/admin/mail_doedit.php
index 734429d2..d1f02477 100644
--- a/bureau/admin/mail_doedit.php
+++ b/bureau/admin/mail_doedit.php
@@ -28,6 +28,7 @@ require_once("../class/config.php");
 
 $fields = array (
 		 "mail_id" =>array ("post","integer",""),
+		 "new_account" =>array ("post","integer",""),
 		 "pass" => array ("post","string",""),
 		 "passconf" => array("post","string",""),
 		 "quotamb" => array("post","integer",0),
@@ -39,12 +40,10 @@ $fields = array (
 getFields($fields);
 
 $isedit=true; // if we go back to edit, it will know ;)
-$error="";
 
 // We check that email first ... so that we can compare its status with our ...
 if (!$res=$mail->get_details($mail_id)) {
-  $error=$err->errstr();
-  include("main.php");
+  include("mail_list.php");
   exit();
 } else {
   
@@ -52,21 +51,16 @@ if (!$res=$mail->get_details($mail_id)) {
   /*
    * checking the password
    */
-  if(isset($pass) && $pass != ""){
-    if($pass != $passconf){
-      $error = _("Passwords do not match");
+  if($pass != $passconf){
+    $msg->raise("Error", "mail", _("Passwords do not match"));
+    include ("mail_edit.php");
+    exit();
+  } else {
+    if (!$mail->set_passwd($mail_id,$pass,($islocal == 1?false:true))) { /* SET THE PASSWORD */
       include ("mail_edit.php");
       exit();
-    } else {
-      if (!$mail->set_passwd($mail_id,$pass)) { /* SET THE PASSWORD */
-	$error=$err->errstr();
-	include ("mail_edit.php");
-	exit();
-      } else {
-	$error.=$err->errstr()."<br />";
-      }
-    }	
-  }
+    }
+  }	
 
 
   /* 
@@ -74,20 +68,14 @@ if (!$res=$mail->get_details($mail_id)) {
    */
   if ($res["enabled"] && !$enabled) {
     if (!$mail->disable($mail_id)) { /* DISABLE */
-      $error=$err->errstr();
       include ("mail_edit.php");
       exit();
-    } else {
-      $error.=$err->errstr()."<br />";
     }
   }
   if (!$res["enabled"] && $enabled) {
     if (!$mail->enable($mail_id)) { /* ENABLE */
-      $error=$err->errstr();
       include ("mail_edit.php");
       exit();
-    } else {
-      $error.=$err->errstr()."<br />";
     }
   }
 
@@ -96,11 +84,8 @@ if (!$res=$mail->get_details($mail_id)) {
    * now the islocal + quota + recipients 
    */
   if (!$mail->set_details($mail_id,$islocal,$quotamb,$recipients)) { /* SET OTHERS */
-    $error=$err->errstr();
     include ("mail_edit.php");
     exit();
-  } else {
-    $error.=$err->errstr()."<br />";
   }
 
 
@@ -112,15 +97,15 @@ if (!$res=$mail->get_details($mail_id)) {
     include ("mail_edit.php");
     exit();
   } else {
-    foreach($rh as $h) if ($h) $error.=$h."<br />";
+    foreach($rh as $h) if ($h) $msg->raise("Error", "mail", $h);
   }
 
 } 
 
-if (!$error || !trim($error,"<br />")) {
-	unset($error);
-	$success=_("Your email has been edited successfully");
-}
+if ($new_account)
+  $msg->raise("Ok", "mail", _("Your email has been created successfully")); // à traduire
+else
+  $msg->raise("Ok", "mail", _("Your email has been edited successfully"));
 
 $_REQUEST["domain_id"]=$dom->get_domain_byname($res["domain"]);
 include("mail_list.php");
diff --git a/bureau/admin/mail_edit.php b/bureau/admin/mail_edit.php
index f65f3b2e..a2ea24c4 100755
--- a/bureau/admin/mail_edit.php
+++ b/bureau/admin/mail_edit.php
@@ -37,8 +37,7 @@ $fields = array (
 getFields($fields);
 
 if (!$res=$mail->get_details($mail_id)) {
-  $error=$err->errstr();
-  include("main.php");
+  include("mail_list.php");
   exit();
 } else {
   
@@ -56,9 +55,10 @@ if (!$res=$mail->get_details($mail_id)) {
 
 
 <?php
-if (isset($error)) {
-  	echo "<p class=\"alert alert-danger\">$error</p>";
-}
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['pop']['classcount'];
+
+echo $msg->msg_html_all();
 ?>
 
 <form action="mail_doedit.php" method="post" name="main" id="main" autocomplete="off">
@@ -68,6 +68,7 @@ if (isset($error)) {
 <input type="password" style="display: none" id="fakePassword" name="fakePassword" value="" />
 
 <input type="hidden" name="mail_id" value="<?php ehe($mail_id); ?>" />
+<input type="hidden" name="new_account" value="<?php echo isset($new_account)?$new_account:false;?>" />
 <table class="tedit">
   <tr><th colspan="2"><b><?php __("Is this email enabled?"); ?></b></th></tr>
 
@@ -92,20 +93,20 @@ if (isset($error)) {
 </td>
     <td>
       <p>
-	<input type="radio" name="islocal" id="islocal0" class="inc" value="0"<?php cbox($islocal==0); ?> onclick="popoff()" /><label for="islocal0"><?php __("No"); ?></label>
-	<input type="radio" name="islocal" id="islocal1" class="inc" value="1"<?php cbox($islocal==1); ?> onclick="popon();" /><label for="islocal1"><?php __("Yes"); ?></label>
+	<input type="radio" name="islocal" id="islocal0" class="inc" value="0"<?php !isset($new_account)?cbox($islocal==0):""; ?> onclick="popoff()" /><label for="islocal0"><?php __("No"); ?></label>
+	<input type="radio" name="islocal" id="islocal1" class="inc" value="1"<?php !isset($new_account)?cbox($islocal==1):cbox($islocal==0); ?> onclick="popon();" /><label for="islocal1"><?php __("Yes"); ?></label>
       </p>
       <div id="poptbl">
 	<table class="tedit" >
           <tr id='mail_edit_pass' style='display: none;'><td colspan='2'><a href='javascript:mail_edit_pass();'><?php __("Click here to edit the existing password");?></a></td></tr>
-	  <tr id='mail_edit_pass1'><td><label for="pass"><?php __("Enter a POP/IMAP password"); ?></label></td><td><input type="password" class="int" autocomplete="off" name="pass" id="pass" value="" size="20" maxlength="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td></tr>
+	  <tr id='mail_edit_pass1'><td><label for="pass"><?php __("Enter a POP/IMAP password"); ?></label></td><td><input type="password" class="int" autocomplete="off" name="pass" id="pass" value="" size="20" maxlength="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td></tr>
 	  <tr id='mail_edit_pass2'><td><label for="passconf"><?php __("Confirm password"); ?></label></td><td><input type="password" class="int" autocomplete="off" name="passconf" id="passconf" value="" size="20" maxlength="32" /></td></tr>
 	  <tr><td><label for="quotamb"><?php __("Maximum allowed size of this Mailbox"); ?></label></td><td><input type="text" class="int intleft" style="text-align: right" name="quotamb" id="quotamb" value="<?php ehe($quotamb); ?>" size="7" maxlength="6" /><span class="int intright"><?php __("MB"); ?></span></td></tr>
 	</table>
       </div>
   </td></tr>
   <?php if ($islocal) { ?>
-<tr id="turnoff"><td colspan="2" class="alert alert-warning"><?php __("WARNING: turning POP/IMAP off will DELETE the stored messages in this email address."); ?></td></tr>
+<tr id="turnoff" style="display: none;"><td colspan="2" class="alert alert-warning"><?php __("WARNING: turning POP/IMAP off will DELETE the stored messages in this email address."); ?></td></tr>
 <?php } ?>
   <tr><th colspan="2"><b><?php __("Is it a redirection to other email addresses?"); ?></b></th></tr>
 
diff --git a/bureau/admin/mail_list.php b/bureau/admin/mail_list.php
index e93ffbde..03499bc3 100755
--- a/bureau/admin/mail_list.php
+++ b/bureau/admin/mail_list.php
@@ -44,28 +44,10 @@ if(!$domain_id ) {
   exit();
 }
 
-$fatal=false;
-
 if ($domain=$dom->get_domain_byid($domain_id)) {
-  if(!($mails_list = $mail->enum_domain_mails($domain_id,$search,$offset,$count,$show_systemmails)) && $search) {
-    $error=$err->errstr();
-  }
+  $mails_list = $mail->enum_domain_mails($domain_id,$search,$offset,$count,$show_systemmails);
   $allmails_list = $mail->enum_domain_mails($domain_id,$search,$offset,$count,'true');
-} else {
-  $error=$err->errstr();
-  $fatal=true;
 }
-
-if ($fatal) {
-  echo "<div class=\"alert alert-danger\">$error</div>";
-} else {
-
-  if (isset($error) && !empty($error)) {
-	echo "<p class='alert alert-danger'>$error</p>";
-  } else if (isset($success)) {
-        echo "<p class=\"alert alert-success\">$success</p>";
-}
-
 ?>
 
 <table>
@@ -75,7 +57,10 @@ if ($fatal) {
   echo '<h3>'._("Create a new mail account")."</h3>";
 } else {
   echo '<h3>'._("Manage Catch-all")."</h3>";
-} ?>
+}
+
+echo $msg->msg_html_all();
+?>
     </td>
   </tr>
   <tr>
@@ -188,7 +173,7 @@ if (date("Y-m-d")==substr($val["lastlogin"],0,10)) echo substr($val["lastlogin"]
 </form>
 
 <?php
-    } } // end if no mail for this domain
+    } // end if no mail for this domain
 ?>
 <hr/>
 
@@ -303,7 +288,6 @@ if (date("Y-m-d")==substr($val["lastlogin"],0,10)) echo substr($val["lastlogin"]
 </div><!-- tabs-mailhelp-in -->
 </div><!-- tabs-mailhelp -->
 
-
 <script type="text/javascript">
 
   $(function() {
diff --git a/bureau/admin/mail_manage_catchall.php b/bureau/admin/mail_manage_catchall.php
index 9c502ce9..c6d3410a 100644
--- a/bureau/admin/mail_manage_catchall.php
+++ b/bureau/admin/mail_manage_catchall.php
@@ -34,37 +34,32 @@ $fields = array (
 getFields($fields);
 
 if (is_null($domain_id)) { 
-  echo "<p alert alert-danger\>";
-  __("Problem with the domain");
-  echo"</p>";
-  include_once("foot.php"); 
+  $msg->raise("Error", "mail", _("Problem with the domain"));
+  include_once("mail_list.php"); 
   exit();
 }
 
 if (!is_null($target_type)) {
   switch ($target_type) {
     case "none":
-      $mail->catchall_del($domain_id);
-      $error=_("Catchall successfully deleted");
+      if ($mail->catchall_del($domain_id))
+        $msg->raise("Ok", "mail", _("Catchall successfully deleted"));
+
       require_once("mail_list.php");
       exit();
       break;
     case "domain":
       if ($mail->catchall_set($domain_id, $target_domain)) {
-	$error=_("Catchall successfully updated");
+	$msg->raise("Ok", "mail", _("Catchall successfully updated"));
 	require_once("mail_list.php");
 	exit();
-      } else {
-        $error=$err->errstr();
       }
       break;
     case "mail":
       if ($mail->catchall_set($domain_id, $target_mail)) {
-	$error=_("Catchall successfully updated");
+	$msg->raise("Ok", "mail", _("Catchall successfully updated"));
 	require_once("mail_list.php");
 	exit();
-      } else {
-        $error=$err->errstr();
       }
       break;
     default:
@@ -80,9 +75,7 @@ $catch=$mail->catchall_getinfos($domain_id);
 <br />
 
 <?php
-if (isset($error) && !empty($error) ) {
-  	echo "<p class=\"alert alert-danger\">$error</p>";
-}
+echo $msg->msg_html_all();
 
 __("You can choose what to do with emails sent to unexisting address of this domain");
 ?>
diff --git a/bureau/admin/mail_undelete.php b/bureau/admin/mail_undelete.php
index 54627727..edd483d1 100644
--- a/bureau/admin/mail_undelete.php
+++ b/bureau/admin/mail_undelete.php
@@ -29,8 +29,10 @@ $fields = array (
 );
 getFields($fields);
 
-$mail->undelete($mail_id);
-$error=$err->errstr();
+if ($mail->undelete($mail_id)) {
+  $email = $mail->is_it_my_mail($mail_id)
+  $msg->raise('Ok', "mail", _("The email %s has been undeleted"), $email);
+}
 
 include("mail_list.php");
 
diff --git a/bureau/class/m_mail.php b/bureau/class/m_mail.php
index 9c547563..ccfb9c69 100644
--- a/bureau/class/m_mail.php
+++ b/bureau/class/m_mail.php
@@ -113,7 +113,7 @@ class m_mail {
     function get_total_size_for_domain($domain) {
         global $db;
         if (empty($this->cache_domain_mail_size)) {
-            $db->query("SELECT SUBSTRING_INDEX(user,'@', -1) as domain, SUM(quota_dovecot) AS sum FROM dovecot_view group by domain ;");
+            $db->query("SELECT SUBSTRING_INDEX(user,'@', -1) as domain, SUM(quota_dovecot) AS sum FROM dovecot_quota group by domain ;");
             while ($db->next_record()) {
                 $dd = $db->f('domain');
                 $this->cache_domain_mail_size[$dd] = $db->f('sum');
@@ -173,9 +173,9 @@ class m_mail {
      * @param string $target
      */
     function catchall_set($domain_id, $target) {
-        global $err;
+        global $msg;
         $target = rtrim($target);
-        if (substr_count($target, '@') == 0) { // Pas de @
+        if (strlen($target) > 0 && substr_count($target, '@') == 0) { // Pas de @
             $target = '@' . $target;
         }
 
@@ -183,12 +183,11 @@ class m_mail {
             // FIXME validate domain
         } else { // ca doit être un mail
             if (!filter_var($target, FILTER_VALIDATE_EMAIL)) {
-                $err->raise("mail", _("The email you entered is syntaxically incorrect"));
+                $msg->raise('Error', "mail", _("The email you entered is syntaxically incorrect"));
                 return false;
             }
         }
         $this->catchall_del($domain_id);
-        $err->error = "";
         return $this->create_alias($domain_id, '', $target, "catchall", true);
     }
 
@@ -201,8 +200,8 @@ class m_mail {
      * or false if I'm not the one for the named quota
      */
     function hook_quota_get() {
-        global $db, $err, $cuid;
-        $err->log("mail", "getquota");
+        global $db, $msg, $cuid;
+        $msg->log("mail", "getquota");
         $q = Array("name" => "mail", "description" => _("Email addresses"), "used" => 0);
         $db->query("SELECT COUNT(*) AS cnt FROM address a, domaines d WHERE a.domain_id=d.id AND d.compte= ? AND a.type='';", array($cuid));
         if ($db->next_record()) {
@@ -226,12 +225,12 @@ class m_mail {
      * @return array indexed array of hosted domains
      */
     function enum_domains($uid = -1) {
-        global $db, $err, $cuid;
-        $err->log("mail", "enum_domains");
+        global $db, $msg, $cuid;
+        $msg->log("mail", "enum_domains");
         if ($uid == -1) {
             $uid = $cuid;
         }
-        $db->query("
+	$db->query("
 SELECT
   d.id,
   d.domaine,
@@ -262,8 +261,8 @@ ORDER BY
      * @return boolean true if the email can be installed on the server 
      */
     function available($mail) {
-        global $db, $err, $dom;
-        $err->log("mail", "available");
+        global $db, $msg, $dom;
+        $msg->log("mail", "available");
         list($login, $domain) = explode("@", $mail, 2);
         // Validate the domain ownership & syntax
         if (!($dom_id = $dom->get_domain_byname($domain))) {
@@ -271,7 +270,7 @@ ORDER BY
         }
         // Validate the email syntax:
         if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) {
-            $err->raise("mail", _("The email you entered is syntaxically incorrect"));
+            $msg->raise('Error', "mail", _("The email you entered is syntaxically incorrect"));
             return false;
         }
         // Check the availability
@@ -293,8 +292,8 @@ ORDER BY
      */
 
     function enum_domain_mails($dom_id = null, $search = "", $offset = 0, $count = 30, $show_systemmails = false) {
-        global $db, $err, $hooks;
-        $err->log("mail", "enum_domains_mail");
+        global $db, $msg, $hooks;
+        $msg->log("mail", "enum_domains_mail");
 
         $query_args = array($dom_id);
         $search     = trim($search);
@@ -317,11 +316,11 @@ ORDER BY
         } else {
             $limit = "";
         }
-        $db->query("SELECT a.id, a.address, a.password, a.`enabled`, a.mail_action, d.domaine AS domain, m.quota, m.quota*1024*1024 AS quotabytes, m.bytes AS used, NOT ISNULL(m.id) AS islocal, a.type, r.recipients, m.lastlogin, a.domain_id  
-         FROM (address a LEFT JOIN mailbox m ON m.address_id=a.id) LEFT JOIN recipient r ON r.address_id=a.id, domaines d 
+        $db->query("SELECT a.id, a.address, a.password, a.`enabled`, a.mail_action, d.domaine AS domain, m.quota, m.quota*1024*1024 AS quotabytes, q.quota_dovecot as used, NOT ISNULL(m.id) AS islocal, a.type, r.recipients, m.lastlogin, a.domain_id
+         FROM ((domaines d, address a LEFT JOIN mailbox m ON m.address_id=a.id) LEFT JOIN dovecot_quota q ON CONCAT(a.address,'@',d.domaine)  = q.user) LEFT JOIN recipient r ON r.address_id=a.id
          WHERE " . $where . " AND d.id=a.domain_id " . $limit . " ;", $query_args);
         if (!$db->next_record()) {
-            $err->raise("mail", _("No email found for this query"));
+            $msg->raise('Error', "mail", _("No email found for this query"));
             return array();
         }
         $res = array();
@@ -355,11 +354,11 @@ ORDER BY
      * (will be the part at the right of the @ in the email)
      * @param $mail string the left part of the email to create (something@dom_id)
      * @return an hashtable containing the database id of the newly created mail, 
-     * or false if an error occured ($err is filled accordingly)
+     * or false if an error occured ($msg is filled accordingly)
      */
     function create($dom_id, $mail, $type = "", $dontcheck = false) {
-        global $err, $db, $quota, $dom, $hooks;
-        $err->log("mail", "create", $mail);
+        global $msg, $db, $quota, $dom, $hooks;
+        $msg->log("mail", "create", $mail);
 
         // Validate the domain id
         if (!($domain = $dom->get_domain_byid($dom_id))) {
@@ -369,7 +368,7 @@ ORDER BY
         // Validate the email syntax:
         $m = $mail . "@" . $domain;
         if (!filter_var($m, FILTER_VALIDATE_EMAIL) && !$dontcheck) {
-            $err->raise("mail", _("The email you entered is syntaxically incorrect"));
+            $msg->raise('Error', "mail", _("The email you entered is syntaxically incorrect"));
             return false;
         }
 
@@ -381,19 +380,23 @@ ORDER BY
 
         // Check the quota:
         if (($type=="")&&!$quota->cancreate("mail")) {
-            $err->raise("mail", _("You cannot create email addresses: your quota is over"));
+            $msg->raise('Alert', "mail", _("You cannot create email addresses: your quota is over"));
             return false;
         }
         // Already exists?
         $db->query("SELECT * FROM address WHERE domain_id= ? AND address= ? ;", array($dom_id, $mail));
         if ($db->next_record()) {
-            $err->raise("mail", _("This email address already exists"));
+	    if ($db->f("type") == "mailman")
+	      $msg->raise('Error', "mail", _("This email address already exists in mailman")); // à traduire
+	    else
+              $msg->raise('Error', "mail", _("This email address already exists"));
+
             return false;
         }
         // Create it now
         $db->query("INSERT INTO address (domain_id, address,type) VALUES (?, ?, ?);", array($dom_id, $mail, $type));
         if (!($id = $db->lastid())) {
-            $err->raise("mail", _("An unexpected error occured when creating the email"));
+            $msg->raise('Error', "mail", _("An unexpected error occured when creating the email"));
             return false;
         }
         return $id;
@@ -406,8 +409,8 @@ ORDER BY
      * @return array a hashtable with all the informations for that email
      */
     function get_details($mail_id) {
-        global $db, $err, $hooks;
-        $err->log("mail", "get_details");
+        global $db, $msg, $hooks;
+        $msg->log("mail", "get_details");
 
         $mail_id = intval($mail_id);
         // Validate that this email is owned by me...
@@ -416,7 +419,7 @@ ORDER BY
         }
 
         // We fetch all the informations for that email: these will fill the hastable : 
-        $db->query("SELECT a.id, a.address, a.password, a.enabled, d.domaine AS domain, m.path, m.quota, m.quota*1024*1024 AS quotabytes, m.bytes AS used, NOT ISNULL(m.id) AS islocal, a.type, r.recipients, m.lastlogin, a.mail_action, m.mail_action AS mailbox_action FROM (address a LEFT JOIN mailbox m ON m.address_id=a.id) LEFT JOIN recipient r ON r.address_id=a.id, domaines d WHERE a.id= ? AND d.id=a.domain_id;", array($mail_id));
+        $db->query("SELECT a.id, a.address, a.password, a.enabled, d.domaine AS domain, m.path, m.quota, m.quota*1024*1024 AS quotabytes, q.quota_dovecot AS used, NOT ISNULL(m.id) AS islocal, a.type, r.recipients, m.lastlogin, a.mail_action, m.mail_action AS mailbox_action FROM ((domaines d, address a LEFT JOIN mailbox m ON m.address_id=a.id) LEFT JOIN dovecot_quota q ON CONCAT(a.address,'@',d.domaine)  = q.user) LEFT JOIN recipient r ON r.address_id=a.id WHERE a.id= ? AND d.id=a.domain_id;", array($mail_id));
         if (!$db->next_record()) {
             return false;
         }
@@ -437,10 +440,10 @@ ORDER BY
      *
      * @param $mail_id integer the number of the email to check
      * @return string the complete email address if that's mine, false if not
-     * ($err is filled accordingly)
+     * ($msg is filled accordingly)
      */
     function is_it_my_mail($mail_id) {
-        global $err, $db, $cuid;
+        global $msg, $db, $cuid;
         $mail_id = intval($mail_id);
         // cache it (may be called more than one time in the same page).
         if (isset($this->isitmy_cache[$mail_id])) {
@@ -450,7 +453,7 @@ ORDER BY
         if ($db->next_record()) {
             return $this->isitmy_cache[$mail_id] = $db->f("email");
         } else {
-            $err->raise("mail", _("This email is not yours, you can't change anything on it"));
+            $msg->raise('Error', "mail", _("This email is not yours, you can't change anything on it"));
             return $this->isitmy_cache[$mail_id] = false;
         }
     }
@@ -460,7 +463,7 @@ ORDER BY
     /** Hook called when the DOMAIN class will delete a domain.
      * OR when the DOMAIN class tells us we don't host the emails of this domain anymore.
      * @param $dom the ID of the domain to delete
-     * @return boolean if the email has been properly deleted 
+     * @return boolean if the email has been properly deleted
      * or false if an error occured ($err is filled accordingly)
      */
     function hook_dom_del_mx_domain($dom_id) {
@@ -498,16 +501,16 @@ ORDER BY
      *
      * @param $mail_id integer the number of the email to delete
      * @return boolean if the email has been properly deleted 
-     * or false if an error occured ($err is filled accordingly)
+     * or false if an error occured ($msg is filled accordingly)
      */
     function delete($mail_id) {
-        global $err, $db, $hooks;
-        $err->log("mail", "delete");
+        global $msg, $db, $hooks;
+        $msg->log("mail", "delete");
 
         $mail_id = intval($mail_id);
 
         if (!$mail_id) {
-            $err->raise("mail", _("The email you entered is syntaxically incorrect"));
+            $msg->raise('Error', "mail", _("The email you entered is syntaxically incorrect"));
             return false;
         }
         // Validate that this email is owned by me...
@@ -521,11 +524,11 @@ ORDER BY
         // Search for that address:
         $db->query("SELECT a.id, a.type, a.mail_action, m.mail_action AS mailbox_action, NOT ISNULL(m.id) AS islocal FROM address a LEFT JOIN mailbox m ON m.address_id=a.id WHERE a.id= ? ;", array($mail_id));
         if (!$db->next_record()) {
-            $err->raise("mail", _("The email %s does not exist, it can't be deleted"), $mail);
+            $msg->raise('Error', "mail", _("The email %s does not exist, it can't be deleted"), $mail);
             return false;
         }
         if ($db->f("mail_action") != "OK" || ($db->f("islocal") && $db->f("mailbox_action") != "OK")) { // will be deleted soon ...
-            $err->raise("mail", _("The email %s is already marked for deletion, it can't be deleted"), $mail);
+            $msg->raise('Error', "mail", _("The email %s is already marked for deletion, it can't be deleted"), $mail);
             return false;
         }
         $mail_id = $db->f("id");
@@ -534,13 +537,11 @@ ORDER BY
             // If it's a pop/imap mailbox, mark it for deletion
             $db->query("UPDATE address SET mail_action='DELETE', enabled=0 WHERE id= ?;", array($mail_id));
             $db->query("UPDATE mailbox SET mail_action='DELETE' WHERE address_id= ?;", array($mail_id));
-            $err->raise("mail", _("The email %s has been marked for deletion"), $mail);
         } else {
             // If it's only aliases, delete it NOW.
             $db->query("DELETE FROM address WHERE id= ? ;", array($mail_id));
             $db->query("DELETE FROM mailbox WHERE address_id= ? ;", array($mail_id));
             $db->query("DELETE FROM recipient WHERE address_id= ? ;", array($mail_id));
-            $err->raise("mail", _("The email %s has been successfully deleted"), $mail);
         }
         return true;
     }
@@ -552,16 +553,16 @@ ORDER BY
      *
      * @param $mail_id integer the email id
      * @return boolean if the email has been properly undeleted 
-     * or false if an error occured ($err is filled accordingly)
+     * or false if an error occured ($msg is filled accordingly)
      */
     function undelete($mail_id) {
-        global $err, $db;
-        $err->log("mail", "undelete");
+        global $msg, $db;
+        $msg->log("mail", "undelete");
 
         $mail_id = intval($mail_id);
 
         if (!$mail_id) {
-            $err->raise("mail", _("The email you entered does not exist"));
+            $msg->raise('Error', "mail", _("The email you entered does not exist"));
             return false;
         }
         // Validate that this email is owned by me...
@@ -572,15 +573,15 @@ ORDER BY
         // Search for that address:
         $db->query("SELECT a.id, a.type, a.mail_action, m.mail_action AS mailbox_action, NOT ISNULL(m.id) AS islocal FROM address a LEFT JOIN mailbox m ON m.address_id=a.id WHERE a.id= ? ;", array($mail_id));
         if (!$db->next_record()) {
-            $err->raise("mail", _("The email %s does not exist, it can't be undeleted"), $mail);
+            $msg->raise('Error', "mail", _("The email %s does not exist, it can't be undeleted"), $mail);
             return false;
         }
         if ($db->f("type") != "") { // Technically special : mailman, sympa ... 
-            $err->raise("mail", _("The email %s is special, it can't be undeleted"), $mail);
+            $msg->raise('Error', "mail", _("The email %s is special, it can't be undeleted"), $mail);
             return false;
         }
         if ($db->f("mailbox_action") != "DELETE" || $db->f("mail_action") != "DELETE") { // will be deleted soon ...
-            $err->raise("mail", _("Sorry, deletion of email %s is already in progress, or not marked for deletion, it can't be undeleted"), $mail);
+            $msg->raise('Alert', "mail", _("Sorry, deletion of email %s is already in progress, or not marked for deletion, it can't be undeleted"), $mail);
             return false;
         }
         $mail_id = $db->f("id");
@@ -589,10 +590,9 @@ ORDER BY
             // If it's a pop/imap mailbox, mark it for deletion
             $db->query("UPDATE address SET mail_action='OK', `enabled`=1 WHERE id= ?;", array($mail_id));
             $db->query("UPDATE mailbox SET mail_action='OK' WHERE address_id= ? ;", array($mail_id));
-            $err->raise("mail", _("The email %s has been undeleted"), $mail);
             return true;
         } else {
-            $err->raise("mail", _("-- Program Error -- The email %s can't be undeleted"), $mail);
+            $msg->raise('Error', "mail", _("-- Program Error -- The email %s can't be undeleted"), $mail);
             return false;
         }
     }
@@ -604,14 +604,14 @@ ORDER BY
      * @param $pass string the new password.
      * @return boolean true if the password has been set, false else, raise an error.
      */
-    function set_passwd($mail_id, $pass) {
-        global $db, $err, $admin;
-        $err->log("mail", "setpasswd");
+    function set_passwd($mail_id, $pass, $canbeempty = false) {
+        global $db, $msg, $admin;
+        $msg->log("mail", "setpasswd");
 
         if (!($email = $this->is_it_my_mail($mail_id))) {
             return false;
         }
-        if (!$admin->checkPolicy("pop", $email, $pass)) {
+        if (!$admin->checkPolicy("pop", $email, $pass, $canbeempty)) {
             return false;
         }
         if (!$db->query("UPDATE address SET password= ? where id = ? ;", array(_md5cr($pass), $mail_id ))) {
@@ -627,8 +627,8 @@ ORDER BY
      * @return boolean true if the email has been enabled.
      */
     function enable($mail_id) {
-        global $db, $err;
-        $err->log("mail", "enable");
+        global $db, $msg;
+        $msg->log("mail", "enable");
         if (!($email = $this->is_it_my_mail($mail_id))) {
             return false;
         }
@@ -645,8 +645,8 @@ ORDER BY
      * @return boolean true if the email has been enabled.
      */
     function disable($mail_id) {
-        global $db, $err;
-        $err->log("mail", "disable");
+        global $db, $msg;
+        $msg->log("mail", "disable");
         if (!($email = $this->is_it_my_mail($mail_id))) {
             return false;
         }
@@ -666,11 +666,11 @@ ORDER BY
      * @param integer $quotamb integer if islocal=1, quota in MB
      * @param string $recipients string recipients, one mail per line.
      * @return boolean if the email has been properly edited
-     * or false if an error occured ($err is filled accordingly)
+     * or false if an error occured ($msg is filled accordingly)
      */
     function set_details($mail_id, $islocal, $quotamb, $recipients, $delivery = "dovecot", $dontcheck = false) {
-        global $err, $db;
-        $err->log("mail", "set_details");
+        global $msg, $db;
+        $msg->log("mail", "set_details");
         if (!($me = $this->get_details($mail_id))) {
             return false;
         }
@@ -686,7 +686,7 @@ ORDER BY
             }
             foreach ($this->forbiddenchars as $str) {
                 if (strpos($me["address"], $str) !== false) {
-                    $err->raise("mail", _("There is forbidden characters in your email address. You can't make it a POP/IMAP account, you can only use it as redirection to other emails"));
+                    $msg->raise('Error', "mail", _("There is forbidden characters in your email address. You can't make it a POP/IMAP account, you can only use it as redirection to other emails"));
                     return false;
                 }
             }
@@ -705,7 +705,7 @@ ORDER BY
         if ($islocal) {
             if ($quotamb != 0 && $quotamb < (intval($me["used"] / 1024 / 1024) + 1)) {
                 $quotamb = intval($me["used"] / 1024 / 1024) + 1;
-                $err->raise("mail", _("You set a quota smaller than the current mailbox size. Since it's not allowed, we set the quota to the current mailbox size"));
+                $msg->raise('Alert', "mail", _("You set a quota smaller than the current mailbox size. Since it's not allowed, we set the quota to the current mailbox size"));
             }
             $db->query("UPDATE mailbox SET quota= ? WHERE address_id= ? ;", array($quotamb, $mail_id));
         }
@@ -725,7 +725,7 @@ ORDER BY
             $db->query("INSERT INTO recipient SET address_id= ?, recipients= ? ;", array($mail_id, $red));
         }
 	if (!$islocal && !$red) {
-	  $err->raise("mail", _("Warning: you created an email which is not an alias, and not a POP/IMAP mailbox. This is certainly NOT what you want to do. To fix this, edit the email address and check 'Yes' in POP/IMAP account, or set some recipients in the redirection field."));
+	  $msg->raise('Alert', "mail", _("Warning: you created an email which is not an alias, and not a POP/IMAP mailbox. This is certainly NOT what you want to do. To fix this, edit the email address and check 'Yes' in POP/IMAP account, or set some recipients in the redirection field."));
 	}
         return true;
     }
@@ -738,8 +738,8 @@ ORDER BY
      * @ param : $delivery , the delivery used to deliver the mail
      */
     function add_wrapper($dom_id, $m, $delivery) {
-        global $err, $mail;
-        $err->log("mail", "add_wrapper", "creating $delivery $m address");
+        global $msg, $mail;
+        $msg->log("mail", "add_wrapper", "creating $delivery $m address");
 
         $mail_id = $mail->create($dom_id, $m, $delivery);
         $this->set_details($mail_id, 1, 0, '', $delivery);
@@ -758,8 +758,8 @@ ORDER BY
      * @param string $dom_id
      */
     function create_alias($dom_id, $m, $alias, $type = "", $dontcheck = false) {
-        global $err, $mail;
-        $err->log("mail", "create_alias", "creating $m alias for $alias type $type");
+        global $msg, $mail;
+        $msg->log("mail", "create_alias", "creating $m alias for $alias type $type");
 
         $mail_id = $mail->create($dom_id, $m, $type, $dontcheck);
         if (!$mail_id) {
@@ -776,8 +776,8 @@ ORDER BY
      * of the email for the current acccount.
      */
     function del_wrapper($mail_id) {
-        global $err;
-        $err->log("mail", "del_wrapper");
+        global $msg;
+        $msg->log("mail", "del_wrapper");
         $this->delete($mail_id);
     }
 
@@ -788,8 +788,8 @@ ORDER BY
      * of the email for the current acccount.
      */
     function alternc_export_conf() {
-        global $err;
-        $err->log("mail", "export");
+        global $msg;
+        $msg->log("mail", "export");
         $domain = $this->enum_domains();
         $str = "<mail>\n";
         foreach ($domain as $d) {
@@ -895,10 +895,10 @@ ORDER BY
      * @return boolean TRUE if the account has been created, or FALSE if an error occurred.
      */
     function add_slave_account($login, $pass) {
-        global $db, $err;
+        global $db, $msg;
         $db->query("SELECT * FROM mxaccount WHERE login= ? ;", array($login));
         if ($db->next_record()) {
-            $err->raise("mail", _("The slave MX account was not found"));
+            $msg->raise('Error', "mail", _("The slave MX account was not found"));
             return false;
         }
         $db->query("INSERT INTO mxaccount (login,pass) VALUES (?, ?);", array($login, $pass));
@@ -927,8 +927,8 @@ ORDER BY
      * @access private
      */
     function hook_dom_add_slave_domain($domain_id, $target_domain) {
-        global $err;
-        $err->log("mail", "hook_dom_add_slave_domain", $domain_id);
+        global $msg;
+        $msg->log("mail", "hook_dom_add_slave_domain", $domain_id);
         $this->catchall_set($domain_id, '@' . $target_domain);
         return true;
     }
@@ -943,12 +943,12 @@ ORDER BY
      * @access private
      */
     function hook_dom_add_mx_domain($domain_id) {
-        global $err, $mem, $db;
-        $err->log("mail", "hook_dom_add_mx_domain", $domain_id);
+        global $msg, $mem, $db;
+        $msg->log("mail", "hook_dom_add_mx_domain", $domain_id);
 
         $db->query("SELECT value FROM variable where name='mailname_bounce';");
         if (!$db->next_record()) {
-            $err->raise("mail", _("Problem: can't create default bounce mail"));
+            $msg->raise('Error', "mail", _("Problem: can't create default bounce mail"));
             return false;
         }
         $mailname = $db->f("value");
@@ -971,8 +971,8 @@ ORDER BY
      * @access private
      */
     function hook_variable_set($name, $old, $new) {
-        global $err, $db;
-        $err->log("mail", "hook_variable_set($name,$old,$new)");
+        global $msg, $db;
+        $msg->log("mail", "hook_variable_set($name,$old,$new)");
 
         if ($name == "default_spf_value") {
             $new = trim($new);
diff --git a/roundcube/class/m_roundcube.php b/roundcube/class/m_roundcube.php
index c4f08010..2d17734c 100644
--- a/roundcube/class/m_roundcube.php
+++ b/roundcube/class/m_roundcube.php
@@ -79,8 +79,8 @@ class m_roundcube {
 
     include_once("/etc/roundcube/debian-db.php");
     if (! isset($dbtype)) {
-      global $err;
-      $err->raise("roundcube::hook_mail_delete_for_real",_("Problem: missing var in Debian Roundcube configuration file"));
+      global $msg;
+      $msg->raise('Error', "roundcube::hook_mail_delete_for_real",_("Problem: missing var in Debian Roundcube configuration file"));
       return false;
     }
 
@@ -112,7 +112,7 @@ class m_roundcube {
       $dbh->prepare("DELETE from users where user_id = ? ; ")->execute(array($rcuser_id));
     } //foreach
     }
-    
+
   }
 
 } /* Class Roundcube */

From b16c3ac69a1777913104c62de1dd5c1d8358cbf8 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Tue, 15 Aug 2017 17:03:56 +0200
Subject: [PATCH 05/23] =?UTF-8?q?classe=20admin=20/=20fichiers=20section?=
 =?UTF-8?q?=20admin=20associ=C3=A9s?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/adm_add.php                |  12 +-
 bureau/admin/adm_authip_whitelist.php   |   9 +-
 bureau/admin/adm_db_servers.php         |   3 +-
 bureau/admin/adm_deactivate.php         |  21 ++-
 bureau/admin/adm_defquotas.php          |   7 +-
 bureau/admin/adm_dnsweberror.php        |   8 +-
 bureau/admin/adm_doadd.php              |  10 +-
 bureau/admin/adm_dodefquotas.php        |  15 +-
 bureau/admin/adm_dodel.php              |  13 +-
 bureau/admin/adm_doedit.php             |  11 +-
 bureau/admin/adm_domlock.php            |   9 +-
 bureau/admin/adm_doms.php               |   7 +-
 bureau/admin/adm_doms_def_type.php      |  13 +-
 bureau/admin/adm_domstype.php           |   8 +-
 bureau/admin/adm_domstypedoedit.php     |   9 +-
 bureau/admin/adm_domstypeedit.php       |  15 +-
 bureau/admin/adm_domstyperegenerate.php |  13 +-
 bureau/admin/adm_donosu.php             |  13 +-
 bureau/admin/adm_dorenew.php            |   9 +-
 bureau/admin/adm_dosu.php               |  11 +-
 bureau/admin/adm_edit.php               |  19 +-
 bureau/admin/adm_email.php              |  12 +-
 bureau/admin/adm_list.php               |  13 +-
 bureau/admin/adm_lockpanel.php          |   5 +-
 bureau/admin/adm_login.php              |  20 +-
 bureau/admin/adm_mxaccount.php          |  19 +-
 bureau/admin/adm_panel.php              |   9 +-
 bureau/admin/adm_passpolicy.php         |  23 +--
 bureau/admin/adm_quotadoedit.php        |   8 +-
 bureau/admin/adm_quotaedit.php          |  17 +-
 bureau/admin/adm_slavedns.php           |  20 +-
 bureau/admin/adm_tld.php                |  13 +-
 bureau/admin/adm_tldadd.php             |   9 +-
 bureau/admin/adm_tlddoadd.php           |   6 +-
 bureau/admin/adm_tlddoedit.php          |   6 +-
 bureau/admin/adm_tldedit.php            |   8 +-
 bureau/admin/adm_update_domains.php     |   6 +-
 bureau/admin/adm_variables.php          |   5 +-
 bureau/class/m_admin.php                | 241 ++++++++++++------------
 39 files changed, 333 insertions(+), 342 deletions(-)

diff --git a/bureau/admin/adm_add.php b/bureau/admin/adm_add.php
index f12b8e9f..64db13b9 100755
--- a/bureau/admin/adm_add.php
+++ b/bureau/admin/adm_add.php
@@ -28,7 +28,8 @@ require_once("../class/config.php");
 include_once("head.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -45,14 +46,15 @@ $fields = array (
 );
 getFields($fields);
 
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['adm']['classcount'];
+
 ?>
 <h3><?php __("New AlternC account"); ?></h3>
 <hr id="topbar"/>
 <br />
 <?php
-if (isset($error) && $error) {
-	echo "<p class=\"alert alert-danger\">$error</p>";
-}
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="adm_doadd.php" id="main" name="main" autocomplete="off">
   <?php csrf_get(); ?>
@@ -63,7 +65,7 @@ if (isset($error) && $error) {
 </td></tr>
 <tr>
 	<th><label for="pass"><?php __("Initial password"); ?></label><span class="mandatory">*</span></th>
-	<td><input type="password" id="pass" name="pass" autocomplete="off" class="int" value="<?php ehe($pass); ?>" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td>
+	<td><input type="password" id="pass" name="pass" autocomplete="off" class="int" value="<?php ehe($pass); ?>" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td>
 </tr>
 <tr>
 	<th><label for="passconf"><?php __("Confirm password"); ?></label><span class="mandatory">*</span></th>
diff --git a/bureau/admin/adm_authip_whitelist.php b/bureau/admin/adm_authip_whitelist.php
index 8e36b8fe..700085bc 100755
--- a/bureau/admin/adm_authip_whitelist.php
+++ b/bureau/admin/adm_authip_whitelist.php
@@ -15,13 +15,13 @@ getFields($fields);
 
 if (!empty($delete_id)) {
   if (! $authip->ip_delete($delete_id)) {
-    $error="Error during deletion";
+    $msg->raise('Error', "admin", _("Error during deletion")); // à traduire
   }
 }
 
 if (!empty($ipsub)) {
   if (! $authip->ip_save_whitelist($id, $ipsub, $infos)) {
-    $error="Error during recording";
+    $msg->raise('Error', "admin", _("Error during recording"));
   }
 }
 
@@ -32,9 +32,8 @@ $list_ip = $authip->list_ip_whitelist();
 <hr id="topbar"/>
 <br />
 
-<?php if (isset($error) && $error) { ?>
-  <p class="alert alert-danger"><?php echo $error ?></p>
-<?php } ?>
+<?php echo $msg->msg_html_all(); ?>
+
 <center>
   <p class="alert alert-warning"><?php __("Warning"); echo "<br/>"; __("The IP and subnet you have here are allowed for ALL users and ALL usages"); ?></p>
 </center>
diff --git a/bureau/admin/adm_db_servers.php b/bureau/admin/adm_db_servers.php
index b9285767..1f25c70b 100644
--- a/bureau/admin/adm_db_servers.php
+++ b/bureau/admin/adm_db_servers.php
@@ -27,7 +27,8 @@ require_once("../class/config.php");
 include("head.php");
 
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
 }
 
diff --git a/bureau/admin/adm_deactivate.php b/bureau/admin/adm_deactivate.php
index e678d522..0b8d0cfc 100755
--- a/bureau/admin/adm_deactivate.php
+++ b/bureau/admin/adm_deactivate.php
@@ -32,7 +32,8 @@ require_once("../class/config.php");
 include_once("head.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit;
 }
 $fields = array (
@@ -43,19 +44,22 @@ $fields = array (
 getFields($fields);
 
 if (!$uid) {
-	__("Account not found");
+	$msg->raise('Error', "admin", _("Account not found"));
+	echo $msg->msg_html_all();
 	include_once("foot.php");
 	exit();
 }
 
 if (!$admin->checkcreator($uid)) {
-        __("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	include_once("foot.php");
 	exit();
 }
 
 if (!$r=$admin->get($uid)) {
-	__("User does not exist");
+	$msg->raise('Error', "admin", _("User does not exist"));
+	echo $msg->msg_html_all();
 	include_once("foot.php");
 	exit();
 }
@@ -79,7 +83,8 @@ if (! ($confirmed ) ) {
   print "<h3>" . _("Domains of user: ") . $r["login"] . "</h3>";
 } else {
   if (empty($redirect)) {
-    __("Missing redirect url.");
+    $msg->raise('Error', "admin", _("Missing redirect url."));
+    echo $msg->msg_html_all();
     include_once("foot.php");
     exit();
   } 
@@ -105,9 +110,7 @@ reset($domains);
 foreach ($domains as $key => $domain) {
   if (!$confirmed) print '<h4>' . $domain . '</h4><ul>';
   $dom->lock();
-  if (!$r=$dom->get_domain_all($domain)) {
-          $error=$err->errstr();
-  }
+  $r=$dom->get_domain_all($domain);
   $dom->unlock();
   # 2. for each subdomain
   if (is_array($r['sub'])) {
@@ -132,7 +135,7 @@ foreach ($domains as $key => $domain) {
 # 2.2 change the subdomain to redirect to http://spam.koumbit.org/
 	  $dom->lock();
 	  if (!$dom->set_sub_domain($domain, $sub, $dom->type_url, "edit", $redirect)) {
-	    print "-- error in $sub.$domain: " . $err->errstr() . "\n";
+	    print "-- error in $sub.$domain: " . $msg->msg_str("Error", "") . "\n";
 	  }
 	  $dom->unlock();
 	}
diff --git a/bureau/admin/adm_defquotas.php b/bureau/admin/adm_defquotas.php
index 71881db0..fc4f3ac9 100755
--- a/bureau/admin/adm_defquotas.php
+++ b/bureau/admin/adm_defquotas.php
@@ -32,7 +32,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 $fields = array (
@@ -54,9 +55,7 @@ if ($synchronise==true) {
 
 $quota->create_missing_quota_profile();
 
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="adm_dodefquotas.php">
   <?php csrf_get(); ?>
diff --git a/bureau/admin/adm_dnsweberror.php b/bureau/admin/adm_dnsweberror.php
index 025d565d..7e6669e8 100644
--- a/bureau/admin/adm_dnsweberror.php
+++ b/bureau/admin/adm_dnsweberror.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -41,10 +42,7 @@ include_once("head.php");
 <hr id="topbar" />
  <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	}
-
+echo $msg->msg_html_all();
 ?>
 <br/>
 <h3><?php __("List of the websites having errors in the domain database."); ?></h3>
diff --git a/bureau/admin/adm_doadd.php b/bureau/admin/adm_doadd.php
index abad0a05..e5585a9a 100644
--- a/bureau/admin/adm_doadd.php
+++ b/bureau/admin/adm_doadd.php
@@ -27,7 +27,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit;
 }
 $fields = array (
@@ -54,19 +55,18 @@ if ($create_dom && !empty($create_dom_list) ) {
 }
 
 if ($pass != $passconf) {
-	$error = _("Passwords do not match");
+	$msg->raise("Error", "admin", _("Passwords do not match"));
 	include("adm_add.php");
 	exit();
 }
 
 // Attemp to create, exit if fail
 if (!($u=$admin->add_mem($login, $pass, $nom, $prenom, $nmail, $canpass, $type, 0, $notes, 0, $dom_to_create, $db_server_id))) {
-	$error=$err->errstr();
 	include ("adm_add.php");
 	exit;
 }
- 
-$error=_("The new member has been successfully created");
+
+$msg->raise("Ok", "admin", _("The new member has been successfully created"));
 
 include("adm_list.php");
 exit;
diff --git a/bureau/admin/adm_dodefquotas.php b/bureau/admin/adm_dodefquotas.php
index 8cd0351e..aa6f6455 100755
--- a/bureau/admin/adm_dodefquotas.php
+++ b/bureau/admin/adm_dodefquotas.php
@@ -32,7 +32,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 $fields = array (
@@ -45,18 +46,18 @@ getFields($fields);
 if($action == "add") {
 
   if($quota->addtype($type)) {
-    $error=_("Account type"). " \"".htmlentities($type)."\" "._("added");
+    $msg->raise('Ok', "admin", _("Account type"). " \"".htmlentities($type)."\" "._("added"));
   } else {
-    $error=_("Account type"). " \"".htmlentities($type)."\" "._("could not be added");
+    $msg->raise('Error', "admin", _("Account type"). " \"".htmlentities($type)."\" "._("could not be added"));
   }
   include("adm_defquotas.php");
 } else if($action == "delete") {
   if($del_confirm == "y"){
     if(!empty($type)) {
       if($quota->deltype($type)) {
-        $error=_("Account type"). " \"".htmlentities($type)."\" "._("deleted");
+        $msg->raise('Ok', "admin", _("Account type"). " \"".htmlentities($type)."\" "._("deleted"));
       } else {
-        $error=_("Account type"). " \"".htmlentities($type)."\" "._("could not be deleted");
+        $msg->raise('Error', "admin", _("Account type"). " \"".htmlentities($type)."\" "._("could not be deleted"));
       }
     }
     include("adm_defquotas.php");
@@ -92,9 +93,9 @@ if($action == "add") {
   }
 
   if($quota->setdefaults($c)) {
-    $error=_("Default quotas successfully changed");
+    $msg->raise('Ok', "admin", _("Default quotas successfully changed"));
   } else {
-    $error=_("Default quotas could not be set.");
+    $msg->raise('Error', "admin", _("Default quotas could not be set."));
   }
   include("adm_panel.php");
 }
diff --git a/bureau/admin/adm_dodel.php b/bureau/admin/adm_dodel.php
index 55b9f821..8c7db7cb 100755
--- a/bureau/admin/adm_dodel.php
+++ b/bureau/admin/adm_dodel.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
@@ -41,23 +42,23 @@ $fields = array (
 getFields($fields);
 
 if($del_confirm == "y"){
-  $error = "";
   foreach ($accountList as $key => $val) {
     if (!$admin->checkcreator($val)) {
-      __("This page is restricted to authorized staff");
+      $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+      echo $msg->msg_html_all();
       exit();
     }
     if (!($u=$admin->get($val)) || !$admin->del_mem($val)) {
-      $error .= sprintf(_("Member '%s' does not exist"),$val)."<br />";
+      $msg->raise("Error", "admin", _("Member '%s' does not exist"),$val);
     } else {
-      $error .= sprintf(_("Member %s successfully deleted"),$u["login"])."<br />";
+      $msg->raise("Ok", "admin", _("Member %s successfully deleted"),$u["login"]);
     }
   }
   include("adm_list.php");
   exit();
 } else {
   if (!is_array($accountList) || count($accountList)==0) {
-    $error=_("Please check the accounts you want to delete");
+    $msg->raise("Error", "admin", _("Please check the accounts you want to delete"));
     require("adm_list.php");
     exit();
   } 
diff --git a/bureau/admin/adm_doedit.php b/bureau/admin/adm_doedit.php
index 76a85805..fa1c9920 100644
--- a/bureau/admin/adm_doedit.php
+++ b/bureau/admin/adm_doedit.php
@@ -32,7 +32,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
@@ -56,12 +57,13 @@ getFields($fields);
 
 
 if ($subadmin==0 && !$admin->checkcreator($uid)) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
 if ($pass != $passconf) {
-  $error = _("Passwords do not match");
+  $msg->raise("Error", "admin", _("Passwords do not match"));
   include("adm_edit.php");
   exit();
 }
@@ -71,9 +73,8 @@ if ($uid==$mem->user["uid"]) {
 }
 
 if (!$admin->update_mem($uid, $nmail, $nom, $prenom, $pass, $enabled, $canpass, $type, $duration, $notes, $reset_quotas)){
-  $error=$err->errstr();
   include("adm_edit.php");
 } else {
-  $error=_("The member has been successfully edited");
+  $msg->raise("Ok", "admin", _("The member has been successfully edited"));
   include("adm_list.php");
 }
diff --git a/bureau/admin/adm_domlock.php b/bureau/admin/adm_domlock.php
index 02f8dd65..5627ce77 100644
--- a/bureau/admin/adm_domlock.php
+++ b/bureau/admin/adm_domlock.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -39,11 +40,9 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$admin->dom_lock($domain)) {
-  $error=$err->errstr();
-}
+$admin->dom_lock($domain);
 
 include("adm_doms.php");
 exit;
 
-?>
\ No newline at end of file
+?>
diff --git a/bureau/admin/adm_doms.php b/bureau/admin/adm_doms.php
index 8e395f01..873140c2 100755
--- a/bureau/admin/adm_doms.php
+++ b/bureau/admin/adm_doms.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -39,9 +40,7 @@ include_once ("head.php");
 ?>
 <h3><?php __("Manage installed domains"); ?></h3>
 <?php
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
+echo $msg->msg_html_all();
 
 $fields = array (
 	"force"    		=> array ("get", "integer", "0"),
diff --git a/bureau/admin/adm_doms_def_type.php b/bureau/admin/adm_doms_def_type.php
index 3ca20956..126eb78a 100755
--- a/bureau/admin/adm_doms_def_type.php
+++ b/bureau/admin/adm_doms_def_type.php
@@ -2,7 +2,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
 }
 
@@ -22,11 +23,6 @@ include_once("head.php");
 
 <br />
 <?php
-if (isset($error) && $error) {
-    echo "<p class=\"alert alert-danger\">$error</p>";
-}
-
-
 $fields = array(
     "domup" => array("post", "array", ""),
 );
@@ -34,11 +30,12 @@ getFields($fields);
 
 if (!empty($domup)) {
     if (!$dom->update_default_subdomains($domup)) {
-        $error = _("There was an error during the record.");
+        $msg->raise('Error', "admin", _("There was an error during the record."));
     } else {
-        $error = _("Save done.");
+        $msg->raise('Ok', "admin", _("Save done."));
     }
 }
+echo $msg->msg_html_all();
 
 $tab = $dom->lst_default_subdomains();
 ?>
diff --git a/bureau/admin/adm_domstype.php b/bureau/admin/adm_domstype.php
index 33b69684..ffc417fc 100644
--- a/bureau/admin/adm_domstype.php
+++ b/bureau/admin/adm_domstype.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -43,10 +44,7 @@ include_once("head.php");
 
 <br />
 <?php
-if (!empty($error)) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
-
+echo $msg->msg_html_all();
 ?>
 <p>
 <?php __("Here is the list of domain types."); ?>
diff --git a/bureau/admin/adm_domstypedoedit.php b/bureau/admin/adm_domstypedoedit.php
index 0a24e990..826caca5 100644
--- a/bureau/admin/adm_domstypedoedit.php
+++ b/bureau/admin/adm_domstypedoedit.php
@@ -1,7 +1,8 @@
 <?php
 require_once("../class/config.php");
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
 }
 
@@ -20,12 +21,12 @@ $fields = array (
 );
 getFields($fields);
 
-if ( ! $dom->domains_type_update($name, $description, $target, $entry, $compatibility, $enable, $only_dns, $need_dns, $advanced,$create_tmpdir,$create_targetdir) ) {
-    die($err->errstr());
+if (! $dom->domains_type_update($name, $description, $target, $entry, $compatibility, $enable, $only_dns, $need_dns, $advanced,$create_tmpdir,$create_targetdir) ) {
+    include("adm_domstypedoedit.php");
 } else {
+    $msg->raise('Ok', "admin", _("Domain type is updated"));
     include("adm_domstype.php");
 }
-
 ?>
 
 
diff --git a/bureau/admin/adm_domstypeedit.php b/bureau/admin/adm_domstypeedit.php
index dc39f0c4..308e53a4 100755
--- a/bureau/admin/adm_domstypeedit.php
+++ b/bureau/admin/adm_domstypeedit.php
@@ -29,7 +29,8 @@
 */
 require_once("../class/config.php");
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
 }
 
@@ -51,21 +52,17 @@ $fields = array (
 getFields($fields);
 
 
-if (! $d=$dom->domains_type_get($name)) {
-	$error=$err->errstr();
-	echo $error;
-} else {
+$d=$dom->domains_type_get($name);
 ?>
 
 <h3><?php __("Edit a domain type"); ?> </h3>
 <hr id="topbar"/>
 <br />
 <?php
-if (isset($error_edit) && $error_edit) {
-	echo "<p class=\"alert alert-danger\">$error_edit</p>";
-	$error_edit="";
+echo $msg->msg_html_all();
 
-} ?>
+if (! $msg->has_msgs("Error")) {
+?>
 
 <form action="adm_domstypedoedit.php" method="post" name="main" id="main">
    <?php csrf_get(); ?>
diff --git a/bureau/admin/adm_domstyperegenerate.php b/bureau/admin/adm_domstyperegenerate.php
index baca9b60..434b0efb 100644
--- a/bureau/admin/adm_domstyperegenerate.php
+++ b/bureau/admin/adm_domstyperegenerate.php
@@ -1,7 +1,8 @@
 <?php
 require_once("../class/config.php");
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
 }
 
@@ -11,13 +12,9 @@ $fields = array (
 getFields($fields);
 
 
-if (empty($name) || (! $dom->domains_type_regenerate($name)) ) {
-  die($err->errstr());
-} else {
-  $error="Regenerate pending"; 
-  include("adm_domstype.php");
+if (! empty($name) || ($dom->domains_type_regenerate($name)) ) {
+  $msg->raise('Ok', "admin", _("Regenerate pending"));
 }
 
+include("adm_domstype.php");
 ?>
-
-
diff --git a/bureau/admin/adm_donosu.php b/bureau/admin/adm_donosu.php
index 5c7b8791..71b4ce30 100644
--- a/bureau/admin/adm_donosu.php
+++ b/bureau/admin/adm_donosu.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -39,14 +40,12 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$admin->su2normal($uid)) {
-	$error=$err->errstr();
- } else {
-  $error=_("This account is now a normal account");
- }
+if ($admin->su2normal($uid)) {
+  $msg->raise("Ok", "admin", _("This account is now a normal account"));
+}
 
 include("adm_edit.php");
 
 exit();
 
-?>
\ No newline at end of file
+?>
diff --git a/bureau/admin/adm_dorenew.php b/bureau/admin/adm_dorenew.php
index e8451ca9..eab71ff8 100644
--- a/bureau/admin/adm_dorenew.php
+++ b/bureau/admin/adm_dorenew.php
@@ -31,7 +31,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
@@ -42,15 +43,15 @@ $fields = array (
 getFields($fields);
 
 if (!$admin->checkcreator($uid)) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
 if (!$admin->renew_mem($uid, $periods)){
-  $error=$err->errstr();
   include("adm_edit.php");
 } else {
-  $error=_("The member has been successfully renewed");
+  $msg->raise("Ok", "admin", _("The member has been successfully renewed"));
   include("adm_list.php");
 }
 ?>
diff --git a/bureau/admin/adm_dosu.php b/bureau/admin/adm_dosu.php
index 2357c685..9e81c58a 100644
--- a/bureau/admin/adm_dosu.php
+++ b/bureau/admin/adm_dosu.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -39,14 +40,12 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$admin->normal2su($uid)) {
-	$error=$err->errstr();
- } else {
-  $error=_("This account is now an administrator account");
+if ($admin->normal2su($uid)) {
+  $msg->raise("Ok", "admin", _("This account is now an administrator account"));
  }
 
 include("adm_edit.php");
 
 exit();
 
-?>
\ No newline at end of file
+?>
diff --git a/bureau/admin/adm_edit.php b/bureau/admin/adm_edit.php
index 2829e2ba..fae01896 100755
--- a/bureau/admin/adm_edit.php
+++ b/bureau/admin/adm_edit.php
@@ -33,7 +33,8 @@ require_once("../class/config.php");
 include_once("head.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -45,22 +46,22 @@ getFields($fields);
 $subadmin=variable_get("subadmin_restriction");
 
 if ($subadmin==0 && !$admin->checkcreator($uid)) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
-if (!$r=$admin->get($uid)) {
-	$error=$err->errstr();
-}
+$r=$admin->get($uid);
+
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['adm']['classcount'];
 
 ?>
 <h3><?php __("Member Edition"); ?></h3>
 <hr id="topbar"/>
 <br />
 <?php
-  if (isset($error) && $error) {
-    echo "<p class=\"alert alert-danger\">$error</p>";
-  }
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="adm_doedit.php" name="main" id="main" autocomplete="off">
   <?php csrf_get(); ?>
@@ -88,7 +89,7 @@ if (!$r=$admin->get($uid)) {
 
 <tr>
 	<th><label for="pass"><?php __("Password"); ?></label></th>
-	<td><input type="password" class="int" id="pass" autocomplete="off" name="pass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td>
+	<td><input type="password" class="int" id="pass" autocomplete="off" name="pass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td>
 </tr>
 <tr>
 	<th><label for="passconf"><?php __("Confirm password"); ?></label></th>
diff --git a/bureau/admin/adm_email.php b/bureau/admin/adm_email.php
index 55da9058..3ac4eab9 100755
--- a/bureau/admin/adm_email.php
+++ b/bureau/admin/adm_email.php
@@ -27,7 +27,8 @@ require_once("../class/config.php");
 include("head.php");
 
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
 }
 
@@ -45,16 +46,13 @@ getFields($fields);
 
 if ( !empty($submit) ) {
   if ($admin->mailallmembers($subject,$message,$from)) {
-    $error=_("The email was successfully sent");
+    $msg->raise("Ok", "admin", _("The email was successfully sent"));
   } else {
-    $error=_("There was an error");
+    $msg->raise("Ok", "admin", _("There was an error"));
   }
 }
 
-if (isset($error) && $error) {
-        echo "<p class=\"alert alert-danger\">$error</p>";
-}
-
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="adm_email.php">
   <?php csrf_get(); ?>
diff --git a/bureau/admin/adm_list.php b/bureau/admin/adm_list.php
index a37081fc..22e5b832 100755
--- a/bureau/admin/adm_list.php
+++ b/bureau/admin/adm_list.php
@@ -28,7 +28,8 @@ require_once("../class/config.php");
 include_once("head.php");
 
 if (!$admin->enabled) {
-    __("This page is restricted to authorized staff");
+    $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     include_once('foot.php');
     exit();
 }
@@ -54,7 +55,8 @@ $subadmin = variable_get("subadmin_restriction", 0);
 // If we ask for all account but we aren't "admin" and
 // subadmin var is not 1
 if ($show == "all" && !$subadmin == 1 && $cuid != 2000) {
-    __("This page is restricted to authorized staff");
+    $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     include('foot.php');
     exit();
 }
@@ -130,9 +132,7 @@ if ($mem->user["admlist"] == 0) { // Normal (large) mode
 </fieldset>
 
 <?php
-if (!empty($error)) {
-    echo '<p class="alert alert-danger">', $error, '</p>';
-}
+echo $msg->msg_html_all();
 ?>
 
 <p>
@@ -143,7 +143,8 @@ if (!empty($error)) {
 
 <?php
 if (!is_array($accountList) || empty($accountList)) {
-    echo '<p class="alert alert-danger">' . _("No account defined for now") . '</p>';
+    $msg->raise('Error', "admin", _("No account defined for now"));
+    echo $msg->msg_html_all();
     include('foot.php');
 }
 ?>
diff --git a/bureau/admin/adm_lockpanel.php b/bureau/admin/adm_lockpanel.php
index 8f0d0571..bd72ca60 100644
--- a/bureau/admin/adm_lockpanel.php
+++ b/bureau/admin/adm_lockpanel.php
@@ -30,12 +30,13 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled || $cuid!=2000) {
-    __("This page is restricted to authorized staff");
+    $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     die();
 }
 
 $fields = array (
-		 "action" =>array ("get","string",""),
+     "action" =>array ("get","string",""),
 );
 
 getFields($fields);
diff --git a/bureau/admin/adm_login.php b/bureau/admin/adm_login.php
index 4812c63f..2854c8e6 100644
--- a/bureau/admin/adm_login.php
+++ b/bureau/admin/adm_login.php
@@ -46,14 +46,14 @@ if ( empty($id) && isset($_COOKIE["oldid"]) && !empty($_COOKIE["oldid"])) {
   list($newuid,$passcheck)=explode("/",$_COOKIE["oldid"]);
   $newuid=intval($newuid); 
   if (!$newuid) {
-    $error=_("Your authentication information are incorrect");
+    $msg->raise("Error", "admin", _("Your authentication information are incorrect"));
     include("index.php");
     exit();
   }
   $admin->enabled=true;
   $r=$admin->get($newuid);
   if ($passcheck!=md5($r["pass"])) {
-    $error=_("Your authentication information are incorrect");
+    $msg->raise("Ok", "admin", _("Your authentication information are incorrect"));
     include("index.php");
     exit();
   }
@@ -64,7 +64,6 @@ if ( empty($id) && isset($_COOKIE["oldid"]) && !empty($_COOKIE["oldid"])) {
 
   // And we go back to the former administrator account : 
   if (!$mem->setid($newuid)) {
-    $error=$err->errstr();
     include("index.php");
     exit();
   }
@@ -76,26 +75,25 @@ if ( empty($id) && isset($_COOKIE["oldid"]) && !empty($_COOKIE["oldid"])) {
 
 //  * with a user id to go to (we check the current account is admin and is allowed to connect to this account) 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
 // Depending on subadmin_restriction, a subadmin can (or cannot) connect to account he didn't create
 $subadmin=variable_get("subadmin_restriction");
 if ($subadmin==0 && !$admin->checkcreator($id)) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
-if (!$r=$admin->get($id)) {
-  $error=$err->errstr();
-} else {
+if ($r=$admin->get($id)) {
   $oldid=$cuid."/".md5($mem->user["pass"]);
   setcookie('oldid',$oldid,0,'/');
   $_COOKIE['oldid']=$oldid;
 
   if (!$mem->setid($id)) {
-    $error=$err->errstr();
     include("index.php");
     exit();
   }
@@ -110,9 +108,7 @@ include_once("head.php");
 ?>
 <h3><?php __("Member login"); ?></h3>
 <?php
+echo $msg->msg_html_all();
 
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
 include_once("foot.php"); 
 ?>
diff --git a/bureau/admin/adm_mxaccount.php b/bureau/admin/adm_mxaccount.php
index ff9119aa..66d05db1 100755
--- a/bureau/admin/adm_mxaccount.php
+++ b/bureau/admin/adm_mxaccount.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -44,29 +45,31 @@ getFields($fields);
 if ($delaccount) {
 	// Delete an account
 	if ($mail->del_slave_account($delaccount)) {
-		$error=_("The requested account has been deleted. It is now denied.");
+		$msg->raise('Ok', "admin", _("The requested account has been deleted. It is now denied."));
 	}
 }
 if ($newlogin) {
 	// Add an account
 	if ($mail->add_slave_account($newlogin,$newpass)) { 
-		$error=_("The requested account address has been created. It is now allowed.");
+		$msg->raise('Ok', "admin", _("The requested account address has been created. It is now allowed."));
 		$newlogin='';$newpass='';
 	}
 }
 
 include_once("head.php");
+
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['adm']['classcount'];
+
 ?>
 <h3><?php __("Manage allowed accounts for secondary mx"); ?></h3>
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	}
-
 $c=$mail->enum_slave_account();
 
+echo $msg->msg_html_all();
+
 if (is_array($c)) {
 
 ?>
@@ -100,7 +103,7 @@ for($i=0;$i<count($c);$i++) { ?>
 <tr><th><label for="newlogin"><?php __("Login"); ?></label></th><th><label for="newpass"><?php __("Password"); ?></label></th></tr>
 <tr>
 	<td><input type="text" class="int" value="<?php ehe($newlogin); ?>" id="newlogin" name="newlogin" maxlength="64" size="32" /><br/><br/></td>
-	<td><input type="password" class="int" autocomplete="off" value="<?php ehe($newpass); ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass"); ?></td>
+	<td><input type="password" class="int" autocomplete="off" value="<?php ehe($newpass); ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","",$passwd_classcount); ?></td>
 </tr>
 <tr class="trbtn"><td colspan="2">
 	<input type="submit" value="<?php __("Add this account to the allowed list"); ?>" class="inb" />
diff --git a/bureau/admin/adm_panel.php b/bureau/admin/adm_panel.php
index 980e93df..8dd2098e 100644
--- a/bureau/admin/adm_panel.php
+++ b/bureau/admin/adm_panel.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -41,11 +42,7 @@ include_once("head.php");
 <hr id="topbar"/>
 <br />
 <?php
-if (isset($error) && $error) {
-	echo "<p class=\"alert alert-danger\">$error</p>";
-	include_once("foot.php");
-	exit;
-}
+echo $msg->msg_html_all();
 ?>
 <ul id="adm_panel">
  <li class="lst"><a href="adm_tld.php"><?php __("Manage allowed domains (TLD)"); ?></a></li>
diff --git a/bureau/admin/adm_passpolicy.php b/bureau/admin/adm_passpolicy.php
index 91af1b07..5224d099 100755
--- a/bureau/admin/adm_passpolicy.php
+++ b/bureau/admin/adm_passpolicy.php
@@ -27,7 +27,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -50,38 +51,34 @@ include_once("head.php");
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	}
-
-
 $c=$admin->listPasswordPolicies();
-//echo "<pre>"; print_r($c); echo "</pre>";
 
 if (isset($doedit) && $doedit) {
   if (!$c[$doedit]) {
-    echo "<p class=\"alert alert-danger\">"._("Policy not found")."</p>";
+    $msg->raise('Error', "admin", _("Policy not found"));
   } else {
     // Change it ;) 
     if ($admin->editPolicy($doedit,$minsize,$maxsize,$classcount,$allowlogin)) {
-      echo "<p class=\"info\">"._("Policy changed")."</p>";
+      $msg->raise('Ok', "admin", _("Policy changed"));
       unset($edit);
       $c=$admin->listPasswordPolicies();
     } else {
-      echo "<p class=\"alert alert-danger\">"._("Cannot edit the policy, an error occurred")."</p>";
+      $msg->raise('Error', "admin", _("Cannot edit the policy, an error occurred"));
     }
   }
 }
+echo $msg->msg_html_all("<li>", true, true);
 
 if (!empty($edit)) {
   if (!$c[$edit]) {
-    echo "<p class=\"alert alert-danger\">"._("Policy not found")."</p>";
+    $msg->raise('Error', "admin", _("Policy not found"));
+    echo $msg->msg_html_all();
   } else {
 ?>
 
- <p><?php __("Please choose which policy you want to apply to this password kind:"); ?></p>
+<p><?php __("Please choose which policy you want to apply to this password kind:"); ?></p>
 
-																	     <p><b><?php echo $c[$edit]["description"]; ?></b></p>
+<p><b><?php echo $c[$edit]["description"]; ?></b></p>
 
 <form method="post" action="adm_passpolicy.php">
  <?php csrf_get(); ?>
diff --git a/bureau/admin/adm_quotadoedit.php b/bureau/admin/adm_quotadoedit.php
index 9d7e3506..bd5c764c 100644
--- a/bureau/admin/adm_quotadoedit.php
+++ b/bureau/admin/adm_quotadoedit.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 $fields = array (
@@ -49,7 +50,10 @@ while (list($key,$val)=each($qlist)) {
   $quota->setquota($key,$_REQUEST[$var]);
 }
 $mem->unsu();
-$error=_("The quotas has been successfully edited");
+
+if (!$msg->has_msgs("Error"))
+    $msg->raise("Ok", "admin", _("The quotas has been successfully edited"));
+
 include("adm_list.php");
 exit;
 
diff --git a/bureau/admin/adm_quotaedit.php b/bureau/admin/adm_quotaedit.php
index 51cc345d..40d2a9f3 100755
--- a/bureau/admin/adm_quotaedit.php
+++ b/bureau/admin/adm_quotaedit.php
@@ -31,7 +31,8 @@ require_once("../class/config.php");
 include_once("head.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	include_once("foot.php");
 	exit();
 }
@@ -41,14 +42,10 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$us=$admin->get($uid)) {
-	$error=$err->errstr();
-}
+$us=$admin->get($uid);
 
 $mem->su($uid);
-if (!$r=$quota->getquota()) {
-	$error=$err->errstr();
-}
+$r=$quota->getquota();
 $mem->unsu();
 
 ?>
@@ -56,11 +53,7 @@ $mem->unsu();
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	  include_once("foot.php");
-	  exit();
-	}
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="adm_quotadoedit.php">
   <?php csrf_get(); ?>
diff --git a/bureau/admin/adm_slavedns.php b/bureau/admin/adm_slavedns.php
index 42ed39ec..1a36866f 100755
--- a/bureau/admin/adm_slavedns.php
+++ b/bureau/admin/adm_slavedns.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
@@ -48,13 +49,13 @@ getFields($fields);
 if ($delaccount) {
   // Delete an account
   if ($dom->del_slave_account($delaccount)) {
-    $error=_("The requested account has been deleted. It is now denied.");
+    $msg->raise('Ok', "admin", _("The requested account has been deleted. It is now denied."));
   }
 }
 if ($newlogin) {
   // Add an account
   if ($dom->add_slave_account($newlogin,$newpass)) {
-    $error=_("The requested account address has been created. It is now allowed.");
+    $msg->raise('Ok', "admin", _("The requested account address has been created. It is now allowed."));
     unset($newlogin); unset($newpass);
   }
 }
@@ -62,22 +63,21 @@ if ($newlogin) {
 if ($delip) {
   // Delete an ip address/class
   if ($dom->del_slave_ip($delip)) {
-    $error=_("The requested ip address has been deleted. It will be denied in one hour.");
+    $msg->raise('Ok', "admin", _("The requested ip address has been deleted. It will be denied in one hour."));
   }
 }
 if ($newip) {
   // Add an ip address/class
   if ($dom->add_slave_ip($newip,$newclass)) {
-    $error=_("The requested ip address has been added to the list. It will be allowed in one hour.");
+    $msg->raise('Ok', "admin", _("The requested ip address has been added to the list. It will be allowed in one hour."));
     unset($newip); unset($newclass);
   }
 }
 
 include_once("head.php");
 
-if (!empty($error)) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['adm']['classcount'];
 
 ?>
 <h3><?php __("Manage allowed ip for slave zone transfers"); ?></h3>
@@ -86,6 +86,8 @@ if (!empty($error)) {
 
 $c=$dom->enum_slave_ip();
 
+echo $msg->msg_html_all();
+
 if (is_array($c)) { ?>
   <p>
   <?php __("Here is the list of the allowed ip or ip class for slave dns zone transfer requests (AXFR). You must add the ip address of all the slave DNS you have so that those slaves will be allowed to transfer the zone files. There is also some defaults ip from DNS checks made by some third-party technical offices such as afnic (for .fr domains)"); ?>
@@ -164,7 +166,7 @@ if (is_array($c)) { ?>
     <tr><th><label for="newlogin"><?php __("Login"); ?></label></th><th><label for="newpass"><?php __("Password"); ?></label></th></tr>
     <tr>
       <td><input type="text" class="int" value="<?php ehe(  isset($newlogin)?$newlogin:'') ; ?>" id="newlogin" name="newlogin" maxlength="64" size="32" /><br/><br/></td>
-      <td><input type="password" class="int" autocomplete="off" value="<?php ehe( (isset($newpass)?$newpass:'') ) ; ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass"); ?></td>
+      <td><input type="password" class="int" autocomplete="off" value="<?php ehe( (isset($newpass)?$newpass:'') ) ; ?>" id="newpass" name="newpass" maxlength="64" size="32" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","",$passwd_classcount); ?></td>
     </tr>
     <tr class="trbtn"><td colspan="2"><input type="submit" value="<?php __("Add this account to the allowed list"); ?>" class="inb" /></td></tr>
   </table>
diff --git a/bureau/admin/adm_tld.php b/bureau/admin/adm_tld.php
index 8e9115e9..d7be5651 100755
--- a/bureau/admin/adm_tld.php
+++ b/bureau/admin/adm_tld.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -41,13 +42,13 @@ getFields($fields);
 
 
 if (is_array($sel)) {
-	$error="";
 	for($i=0;$i<count($sel);$i++) {
 		if (!$admin->deltld($sel[$i])) {
-			$error.=_("Some TLD cannot be deleted...")." : ".$sel[$i]."<br />";
+			$msg->raise("Error", "admin", _("Some TLD cannot be deleted...")." : ".$sel[$i]);
 		}
 	}
-	if (!$error) $error=_("The requested TLD has been deleted");
+	if (!$msg->has_msgs("Error"))
+		$msg->raise("Ok", "admin", _("The requested TLD has been deleted"));
 }
 
 include_once("head.php");
@@ -57,9 +58,7 @@ include_once("head.php");
 <hr id="topbar" />
 <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	}
+echo $msg->msg_html_all();
 
 $c=$admin->listtld();
 
diff --git a/bureau/admin/adm_tldadd.php b/bureau/admin/adm_tldadd.php
index 280c360b..79ca165f 100755
--- a/bureau/admin/adm_tldadd.php
+++ b/bureau/admin/adm_tldadd.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 $fields = array (
@@ -47,11 +48,7 @@ include_once ("head.php");
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-	  echo "<p class=\"alert alert-danger\">$error</p>";
-	}
-
-
+echo $msg->msg_html_all();
 ?>
 <h3><?php __("Add a new TLD"); ?></h3>
 <p>
diff --git a/bureau/admin/adm_tlddoadd.php b/bureau/admin/adm_tlddoadd.php
index b1c1f7f5..c624c86b 100644
--- a/bureau/admin/adm_tlddoadd.php
+++ b/bureau/admin/adm_tlddoadd.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -42,11 +43,10 @@ getFields($fields);
 
 
 if (!$admin->addtld($tld,$mode)) {
-	$error=$err->errstr();
 	include("adm_tldadd.php");
 	exit();
 } else {
-	$error=_("The TLD has been successfully added");
+	$msg->raise("Ok", "admin", _("The TLD has been successfully added"));
 	include("adm_tld.php");
 	exit();
 }
diff --git a/bureau/admin/adm_tlddoedit.php b/bureau/admin/adm_tlddoedit.php
index d889263c..53176a56 100644
--- a/bureau/admin/adm_tlddoedit.php
+++ b/bureau/admin/adm_tlddoedit.php
@@ -36,16 +36,16 @@ getFields($fields);
 
 
 if (!$admin->enabled) {
-        __("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
         exit();
 }
 
 if (!$admin->edittld($tld,$mode)) {
-        $error=$err->errstr();
         include("adm_tldedit.php");
         exit();
 } else {
-        $error=_("The TLD has been successfully edited");
+        $msg->raise("Ok", "admin", _("The TLD has been successfully edited"));
         include("adm_tld.php");
         exit();
 }
diff --git a/bureau/admin/adm_tldedit.php b/bureau/admin/adm_tldedit.php
index e5bc3519..2644659d 100755
--- a/bureau/admin/adm_tldedit.php
+++ b/bureau/admin/adm_tldedit.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-        __("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
         exit();
 }
 
@@ -41,7 +42,6 @@ getFields($fields);
 
 $mode=$admin->gettld($tld);
 if ($mode===false) {
-	$error=$err->errstr();
 	include("adm_tld.php");
 	exit();
 }
@@ -53,9 +53,7 @@ include_once("head.php");
 <hr id="topbar"/>
 <br />
 <?php
-        if (isset($error) && $error) {
-                echo "<p class=\"alert alert-danger\">$error</p>";
-        }
+echo $msg->msg_html_all();
 ?>
 <h3><?php __("Edit a TLD"); ?></h3>
 
diff --git a/bureau/admin/adm_update_domains.php b/bureau/admin/adm_update_domains.php
index 6e91e501..b4cf4885 100644
--- a/bureau/admin/adm_update_domains.php
+++ b/bureau/admin/adm_update_domains.php
@@ -31,13 +31,15 @@ require_once("../class/config.php");
 
 if (!$admin->enabled) {
   if ( ! ( $isinvited && isset($oldid) && !empty($oldid) && $oldid==2000) ) { // Allow sub admins
-    __("This page is restricted to authorized staff");
+    $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+    echo $msg->msg_html_all();
     exit();
   }
 }
 
 if (! isset($L_INOTIFY_UPDATE_DOMAIN)) {
-  __("Missing INOTIFY_UPDATE_DOMAIN var in /etc/alternc/local.sh . Fix it!");
+  $msg->raise('Error', "admin", _("Missing INOTIFY_UPDATE_DOMAIN var in /etc/alternc/local.sh . Fix it!"));
+  echo $msg->msg_html_all();
   die();
 }
 
diff --git a/bureau/admin/adm_variables.php b/bureau/admin/adm_variables.php
index f4114d90..eacef624 100755
--- a/bureau/admin/adm_variables.php
+++ b/bureau/admin/adm_variables.php
@@ -30,7 +30,8 @@
 require_once("../class/config.php");
 
 if (!$admin->enabled) {
-	__("This page is restricted to authorized staff");
+	$msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+	echo $msg->msg_html_all();
 	exit();
 }
 
@@ -47,7 +48,7 @@ include_once ("head.php");
 <h3><?php __("Configure AlternC variables"); ?></h3>
 <hr id="topbar"/>
 <br />
-
+<?php echo $msg->msg_html_all(); ?>
 <p>
 <?php __("Here are the internal AlternC variables that are currently being used."); ?>
 </p>
diff --git a/bureau/class/m_admin.php b/bureau/class/m_admin.php
index f2f72330..24bbdac6 100644
--- a/bureau/class/m_admin.php
+++ b/bureau/class/m_admin.php
@@ -140,6 +140,15 @@ class m_admin {
         return $obj;
     }
 
+    /**
+     * Password kind used in this class (hook for admin class)
+     *
+     * @return array
+     */
+    function alternc_password_policy() {
+        return array("adm" => "Administration section");
+    }
+
     /**
      * 
      */
@@ -191,7 +200,7 @@ class m_admin {
      *  <code>membres</code> et <code>local</code>)
      * Ckecks if the account is super-admin
      * 
-     * @global	   type $err
+     * @global	   type $msg
      * @global	   type $db
      * @global	   string     $lst_users_properties
      * @param     int         $uid a unique integer identifying the account
@@ -201,10 +210,10 @@ class m_admin {
      * Returns FALSE if an error occurs.
      */
     function get($uid, $recheck = false) {
-        global $err, $db, $lst_users_properties;
-        //    $err->log("admin","get",$uid);
+        global $msg, $db, $lst_users_properties;
+        //    $msg->log("admin","get",$uid);
         if (!$this->enabled) {
-            $err->raise("admin", _("-- Only administrators can access this page! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
             return false;
         }
 
@@ -238,7 +247,7 @@ class m_admin {
                 // don't exist, but is not a forced check. Do a forced check
                 return $this->get($uid, true);
             }
-            $err->raise("admin", _("Account not found"));
+            $msg->raise('Error', "admin", _("Account not found"));
             return false;
         }
 
@@ -250,16 +259,16 @@ class m_admin {
      * 
      * Similar to get_list() but for creators/resellers.
      * 
-     * @global	   type $err
+     * @global	   type $msg
      * @global	   type $db
      * @param     int     $uid
      * @return    boolean
      */
     function get_creator($uid) {
-        global $err, $db;
-        //    $err->log("admin","get",$uid);
+        global $msg, $db;
+        //    $msg->log("admin","get",$uid);
         if (!$this->enabled) {
-            $err->raise("admin", _("-- Only administrators can access this page! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
             return false;
         }
 
@@ -269,7 +278,7 @@ class m_admin {
             $db->next_record();
             $c = $db->Record;
         } else {
-            $err->raise("admin", _("Account not found"));
+            $msg->raise('Error', "admin", _("Account not found"));
             return false;
         }
 
@@ -317,7 +326,7 @@ class m_admin {
      * @param
      * @return 
      * 
-     * @global	   type $err
+     * @global	   type $msg
      * @global	   type $mem
      * @global	   type $cuid
      * @param     integer $all
@@ -329,10 +338,10 @@ class m_admin {
      * Returns FALSE if an error occurs.
      */
     function get_list($all = 0, $creator = 0, $pattern = FALSE, $pattern_type = FALSE) {
-        global $err, $mem, $cuid;
-        $err->log("admin", "get_list");
+        global $msg, $mem, $cuid;
+        $msg->log("admin", "get_list");
         if (!$this->enabled) {
-            $err->raise("admin", _("-- Only administrators can access this page! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
             return false;
         }
         $db = new DB_System();
@@ -370,7 +379,7 @@ class m_admin {
                 }
                 $request .= ' ORDER BY login;';
             } else {
-                $err->raise("admin", _("Invalid pattern type provided. Are you even performing a legitimate action?"));
+                $msg->raise('Error', "admin", _("Invalid pattern type provided. Are you even performing a legitimate action?"));
                 return FALSE;
             }
         } else {
@@ -400,7 +409,7 @@ class m_admin {
     /**
      * Send an email to all AlternC's accounts
      * 
-     * @global	   type $err
+     * @global	   type $msg
      * @global	   type $mem
      * @global	   type $cuid
      * @global	   type $db
@@ -410,10 +419,10 @@ class m_admin {
      * @return    boolean
      */
     function mailallmembers($subject, $message, $from) {
-        global $err, $db;
-        $err->log("admin", "mailallmembers");
+        global $msg, $db;
+        $msg->log("admin", "mailallmembers");
         if (!$this->enabled) {
-            $err->raise("admin", _("-- Only administrators can access this page! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
             return false;
         }
         $subject = trim($subject);
@@ -421,12 +430,12 @@ class m_admin {
         $from = trim($from);
 
         if (empty($subject) || empty($message) || empty($from)) {
-            $err->raise("admin", _("Subject, message and sender are mandatory"));
+            $msg->raise('Error', "admin", _("Subject, message and sender are mandatory"));
             return false;
         }
         //@todo remove cf functions.php
         if (checkmail($from) != 0) {
-            $err->raise("admin", _("Sender is syntaxically incorrect"));
+            $msg->raise('Error', "admin", _("Sender is syntaxically incorrect"));
             return false;
         }
 
@@ -446,19 +455,19 @@ class m_admin {
      * May only be called by the admin account (2000)
      * If there are no reseller accounts, returns an empty array.
      * 
-     * @global    type $err
+     * @global    type $msg
      * @global    type $mem
      * @global    type $cuid
      * @return    boolean
      */
     function get_creator_list() {
-        global $err, $cuid;
+        global $msg, $cuid;
 
         $creators = array();
 
-        $err->log("admin", "get_reseller_list");
+        $msg->log("admin", "get_reseller_list");
         if (!$this->enabled || $cuid != 2000) {
-            $err->raise("admin", _("-- Only administrators can access this page! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
             return false;
         }
 
@@ -479,7 +488,7 @@ class m_admin {
     /**
      * Check if I am the creator of the member $uid
      * 
-     * @global    type $err
+     * @global    type $msg
      * @global    type $mem
      * @global    type $db
      * @global    type $cuid
@@ -487,14 +496,14 @@ class m_admin {
      * @return    boolean         TRUE if I am the creator of that account. FALSE else.
      */
     function checkcreator($uid) {
-        global $err, $db, $cuid;
+        global $msg, $db, $cuid;
         if ($cuid == 2000) {
             return true;
         }
         $db->query("SELECT creator FROM membres WHERE uid= ?;", array($uid));
         $db->next_record();
         if ($db->Record["creator"] != $cuid) {
-            $err->raise("admin", _("-- Only administrators can access this page! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
             return false;
         }
         return true;
@@ -504,7 +513,7 @@ class m_admin {
      * When the admin want to delegate a subdomain to an account
      * 
      * @global    m_mysql $db
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_dom   $dom
      * @global    m_mem   $mem
      * @global    int     $cuid
@@ -513,18 +522,18 @@ class m_admin {
      * @return boolean
      */
     function add_shared_domain($u, $domain_name) {
-        global $err, $dom, $mem;
-        $err->log("admin", "add_shared_domain", $u . "/" . $domain_name);
+        global $msg, $dom, $mem;
+        $msg->log("admin", "add_shared_domain", $u . "/" . $domain_name);
 
         if (!$mem->checkright()) {
-            $err->raise("admin", _("-- Only administrators can do that! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can do that! --"));
             return false;
         }
 
         // Check if this domain exist on this admin account
         if ((!in_array($domain_name, $dom->enum_domains()))&&($domaine_name!=variable_get("hosting_tld"))) {
-            $err->raise("admin", _("You don't seem to be allowed to delegate this domain"));
-            $err->log("admin", "add_shared_domain", "domain not allowed");
+            $msg->raise('Error', "admin", _("You don't seem to be allowed to delegate this domain"));
+            $msg->log("admin", "add_shared_domain", "domain not allowed");
             return false;
         }
 
@@ -551,7 +560,7 @@ class m_admin {
      * the account $mid is not super-admin.
      *
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_quota $quota
      * @global    array   $classes
      * @global    int     $cuid
@@ -576,46 +585,46 @@ class m_admin {
      * @return boolean Returns FALSE if an error occurs, TRUE if not.
      */
     function add_mem($login, $pass, $nom, $prenom, $mail, $canpass = 1, $type = 'default', $duration = 0, $notes = "", $force = 0, $create_dom = '', $db_server_id) {
-        global $err, $cuid, $mem, $L_MYSQL_DATABASE, $L_MYSQL_LOGIN, $hooks, $action;
-        $err->log("admin", "add_mem", $login . "/" . $mail);
+        global $msg, $cuid, $mem, $L_MYSQL_DATABASE, $L_MYSQL_LOGIN, $hooks, $action;
+        $msg->log("admin", "add_mem", $login . "/" . $mail);
         if (!$this->enabled) {
-            $err->raise("admin", _("-- Only administrators can access this page! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
             return false;
         }
         if (empty($db_server_id)) {
-            $err->raise("admin", _("Missing db_server field"));
+            $msg->raise('Error', "admin", _("Missing db_server field"));
             return false;
         }
         if (($login == "") || ($pass == "")) {
-            $err->raise("admin", _("Please fill all mandatory fields"));
+            $msg->raise('Error', "admin", _("Please fill all mandatory fields"));
             return false;
         }
         if (!$force) {
             if ($mail == "") {
-                $err->raise("admin", _("Please fill all mandatory fields"));
+                $msg->raise('Error', "admin", _("Please fill all mandatory fields"));
                 return false;
             }
             //@todo remove cf functions.php
             if (checkmail($mail) != 0) {
-                $err->raise("admin", _("Please enter a valid email address"));
+                $msg->raise('Error', "admin", _("Please enter a valid email address"));
                 return false;
             }
         }
         $login = strtolower($login);
         if (!preg_match("#^[a-z0-9]+$#", $login)) { //$
-            $err->raise("admin", _("Login can only contains characters a-z and 0-9"));
+            $msg->raise('Error', "admin", _("Login can only contains characters a-z and 0-9"));
             return false;
         }
         if (strlen($login) > 14) {
             // Not an arbitrary value : MySQL user names can be up to 16 characters long
             // If we want to allow people to create a few mysql_user (and we want to!)
             // we have to limit the login lenght
-            $err->raise("admin", _("The login is too long (14 chars max)"));
+            $msg->raise('Error', "admin", _("The login is too long (14 chars max)"));
             return false;
         }
         // Some login are not allowed...
         if ($login == $L_MYSQL_DATABASE || $login == $L_MYSQL_LOGIN || $login == "mysql" || $login == "root") {
-            $err->raise("admin", _("Login can only contains characters a-z, 0-9 and -"));
+            $msg->raise('Error', "admin", _("Login can only contains characters a-z, 0-9 and -"));
             return false;
         }
         $pass = _md5cr($pass);
@@ -654,7 +663,7 @@ class m_admin {
 
             return $uid;
         } else {
-            $err->raise("admin", _("This login already exists"));
+            $msg->raise('Error', "admin", _("This login already exists"));
             return false;
         }
     }
@@ -663,21 +672,21 @@ class m_admin {
      * AlternC's standard function called when a user is created
      * This sends an email if configured through the interface.
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    int     $cuid
      * @global    string     $L_FQDN
      * @global    string     $L_HOSTING
      * @return    boolean
      */
     function hook_admin_add_member() {
-        global $err, $cuid, $L_FQDN, $L_HOSTING;
+        global $msg, $cuid, $L_FQDN, $L_HOSTING;
         $dest = variable_get('new_email', '0', 'An email will be sent to this address when new accounts are created if set.', array('desc' => 'Enabled', 'type' => 'boolean'));
         if (!$dest) {
             return false;
         }
         $db = new DB_System();
         if (!$db->query("SELECT m.*, parent.login as parentlogin FROM membres m LEFT JOIN membres parent ON parent.uid=m.creator WHERE m.uid= ?", array($cuid))) {
-            $err->raise("admin", sprintf(_("query failed: %s "), $db->Error));
+            $msg->raise('Error', "admin", sprintf(_("query failed: %s "), $db->Error));
             return false;
         }
         if ($db->next_record()) {
@@ -709,11 +718,11 @@ EOF;
                 //sprintf(_("Email successfully sent to %s"), $dest);
                 return true;
             } else {
-                $err->raise("admin", sprintf(_("Cannot send email to %s"), $dest));
+                $msg->raise('Error', "admin", sprintf(_("Cannot send email to %s"), $dest));
                 return false;
             }
         } else {
-            $err->raise("admin", sprintf(_("Query failed: %s"), $db->Error));
+            $msg->raise('Error', "admin", sprintf(_("Query failed: %s"), $db->Error));
             return false;
         }
     }
@@ -725,7 +734,7 @@ EOF;
      * and <code>local</code>). Prevents any manipulation of the account if
      * the account $mid is not super-admin.
      *  
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_mysql $db
      * @global    int     $cuid
      * @global    m_quota $quota
@@ -743,12 +752,12 @@ EOF;
      * @return    boolean Returns     FALSE if an error occurs, TRUE if not
      */
     function update_mem($uid, $mail, $nom, $prenom, $pass, $enabled, $canpass, $type = 'default', $duration = 0, $notes = "", $reset_quotas = false) {
-        global $err, $db, $quota;
+        global $msg, $db, $quota;
 
-        $err->log("admin", "update_mem", $uid);
+        $msg->log("admin", "update_mem", $uid);
 
         if (!$this->enabled) {
-            $err->raise("admin", _("-- Only administrators can access this page! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
             return false;
         }
         $db = new DB_System();
@@ -775,7 +784,7 @@ EOF;
             $this->renew_update($uid, $duration);
             return true;
         } else {
-            $err->raise("admin", _("Account not found"));
+            $msg->raise('Error', "admin", _("Account not found"));
             return false;
         }
     }
@@ -785,23 +794,23 @@ EOF;
      * 
      * Lock an account and prevent the user to access its account.
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_mysql $db
      * @param     int     $uid    The uid number of the account 
      * @return    boolean         Returns FALSE if an error occurs, TRUE if not.
      */
     function lock_mem($uid) {
-        global $err, $db;
-        $err->log("admin", "lock_mem", $uid);
+        global $msg, $db;
+        $msg->log("admin", "lock_mem", $uid);
         if (!$this->enabled) {
-            $err->raise("admin", _("-- Only administrators can access this page! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
             return false;
         }
         $db = new DB_System();
         if ($db->query("UPDATE membres SET enabled='0' WHERE uid= ?;", array($uid))) {
             return true;
         } else {
-            $err->raise("admin", _("Account not found"));
+            $msg->raise('Error', "admin", _("Account not found"));
             return false;
         }
     }
@@ -812,23 +821,23 @@ EOF;
      * UnLock an account and prevent the user to access its account.
      * 
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_mysql $db
      * @param     int     $uid    The uid number of the account 
      * @return    boolean         Returns FALSE if an error occurs, TRUE if not.
      */
     function unlock_mem($uid) {
-        global $err, $db;
-        $err->log("admin", "unlock_mem", $uid);
+        global $msg, $db;
+        $msg->log("admin", "unlock_mem", $uid);
         if (!$this->enabled) {
-            $err->raise("admin", _("-- Only administrators can access this page! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
             return false;
         }
         $db = new DB_System();
         if ($db->query("UPDATE membres SET enabled='1' WHERE uid= ?;", array($uid))) {
             return true;
         } else {
-            $err->raise("admin", _("Account not found"));
+            $msg->raise('Error', "admin", _("Account not found"));
             return false;
         }
     }
@@ -839,7 +848,7 @@ EOF;
      * Deletes the specified account. Prevents any manipulation of the account if
      * the account $mid is not super-admin.
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_quota $quota
      * @global    array   $classes
      * @global    int     $cuid
@@ -851,11 +860,11 @@ EOF;
      * @return    boolean         Returns FALSE if an error occurs, TRUE if not.
      */
     function del_mem($uid) {
-        global $err, $mem, $dom, $hooks, $action;
-        $err->log("admin", "del_mem", $uid);
+        global $msg, $mem, $dom, $hooks, $action;
+        $msg->log("admin", "del_mem", $uid);
 
         if (!$this->enabled) {
-            $err->raise("admin", _("-- Only administrators can access this page! --"));
+            $msg->raise('Error', "admin", _("-- Only administrators can access this page! --"));
             return false;
         }
         $db = new DB_System();
@@ -865,7 +874,7 @@ EOF;
         // This script may take a long time on big accounts, let's give us some time ... Fixes 1132
         @set_time_limit(0);
         // WE MUST call m_dom before all others because of conflicts ...
-        $dom->hook_admin_del_member();
+        $dom->admin_del_member();
 
         # New way of deleting or backup delted user html folders using action class
         $path = getuserpath($tt['login']);
@@ -881,7 +890,7 @@ EOF;
             $db->query("UPDATE membres SET creator=2000 WHERE creator= ?;", array($uid));
             return true;
         } else {
-            $err->raise("admin", _("Account not found"));
+            $msg->raise('Error', "admin", _("Account not found"));
             $mem->unsu();
             return false;
         }
@@ -892,14 +901,14 @@ EOF;
      * 
      * Renew an account for its duration
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_mysql $db
      * @param     int     $uid        The uid number of the account 
      * @param     int     $periods    The new duration, in months, of the account
      * @return    boolean             Returns FALSE if an error occurs, TRUE if not.
      */
     function renew_mem($uid, $periods = 1) {
-        global $err, $db;
+        global $msg, $db;
 
         $periods = intval($periods);
         if ($periods == 0) {
@@ -908,7 +917,7 @@ EOF;
         if ($db->query("UPDATE membres SET renewed = renewed + INTERVAL (duration * ?) MONTH WHERE uid= ?;", array($periods, $uid))) {
             return true;
         } else {
-            $err->raise("admin", _("Account not found"));
+            $msg->raise('Error', "admin", _("Account not found"));
             return false;
         }
     }
@@ -916,14 +925,14 @@ EOF;
     /**
      * Update the duration information for an account
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_mysql $db
      * @param     int     $uid        The uid number of the account 
      * @param     int     $duration   The new duration, in months, of the account
      * @return    boolean             Returns FALSE if an error occurs, TRUE if not.
      */
     function renew_update($uid, $duration) {
-        global $err, $db;
+        global $msg, $db;
 
         if ($duration == 0) {
             if ($db->query("UPDATE membres SET duration = NULL, renewed = NULL WHERE uid= ?;", array($uid))) {
@@ -936,7 +945,7 @@ EOF;
             }
         }
 
-        $err->raise("admin", _("Account not found"));
+        $msg->raise('Error', "admin", _("Account not found"));
         return false;
     }
 
@@ -1005,20 +1014,20 @@ EOF;
     /**
      * Turns a common account into a super-admin account
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_mysql $db
      * @param     int     $uid        The uid number of the account 
      * @return    boolean    
      */
     function normal2su($uid) {
-        global $err, $db;
+        global $msg, $db;
         $db->query("SELECT su FROM membres WHERE uid= ?;", array($uid));
         if (!$db->next_record()) {
-            $err->raise("admin", _("Account not found"));
+            $msg->raise('Error', "admin", _("Account not found"));
             return false;
         }
         if ($db->Record["su"] != 0) {
-            $err->raise("admin", _("This account is ALREADY an administrator account"));
+            $msg->raise('Error', "admin", _("This account is ALREADY an administrator account"));
             return false;
         }
         $db->query("UPDATE membres SET su=1 WHERE uid= ?;", array($uid));
@@ -1028,20 +1037,20 @@ EOF;
     /**
      * Turns a super-admin account into a common account
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_mysql $db
      * @param     int     $uid        The uid number of the account 
      * @return boolean                Returns FALSE if an error occurs, TRUE if not.
      */
     function su2normal($uid) {
-        global $err, $db;
+        global $msg, $db;
         $db->query("SELECT su FROM membres WHERE uid= ?;", array($uid));
         if (!$db->next_record()) {
-            $err->raise("admin", _("Account not found"));
+            $msg->raise('Error', "admin", _("Account not found"));
             return false;
         }
         if ($db->Record["su"] != 1) {
-            $err->raise("admin", _("This account is NOT an administrator account!"));
+            $msg->raise('Error', "admin", _("This account is NOT an administrator account!"));
             return false;
         }
         $db->query("UPDATE membres SET su=0 WHERE uid= ?;", array($uid));
@@ -1219,15 +1228,15 @@ EOF;
      * from its account
      * 
      * @global    m_mysql $db
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     string  $domain     Domain name to lock / unlock
      * @return    boolean             TRUE if the domain has been locked/unlocked or FALSE if it does not exist.
      */
     function dom_lock($domain) {
-        global $db, $err;
+        global $db, $msg;
         $db->query("SELECT compte FROM domaines WHERE domaine= ?;", array($domain));
         if (!$db->next_record()) {
-            $err->raise("dom", _("Domain '%s' not found."), $domain);
+            $msg->raise('Error', "dom", _("Domain '%s' not found."), $domain);
             return false;
         }
         $db->query("UPDATE domaines SET noerase=1-noerase WHERE domaine= ?;", array($domain));
@@ -1238,15 +1247,15 @@ EOF;
      * Add a new TLD to the list of the authorized TLDs 
      * 
      * @global    m_mysql $db
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     string      $tld    top-level domain to add (org, com...)
      * @return    boolean             TRUE if the tld has been successfully added, FALSE if not.
      */
     function gettld($tld) {
-        global $db, $err;
+        global $db, $msg;
         $db->query("SELECT mode FROM tld WHERE tld= ?;", array($tld));
         if (!$db->next_record()) {
-            $err->raise("admin", _("This TLD does not exist"));
+            $msg->raise('Error', "admin", _("This TLD does not exist"));
             return false;
         }
         return $db->Record["mode"];
@@ -1273,16 +1282,16 @@ EOF;
      * on this TLD
      * 
      * @global    m_mysql $db
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     string  $tld   The TLD you want to delete
      * @return    boolean         returns true if the TLD has been deleted, or
      * false if an error occured.
      */
     function deltld($tld) {
-        global $db, $err;
+        global $db, $msg;
         $db->query("SELECT tld FROM tld WHERE tld= ?;", array($tld));
         if (!$db->next_record()) {
-            $err->raise("admin", _("This TLD does not exist"));
+            $msg->raise('Error', "admin", _("This TLD does not exist"));
             return false;
         }
         $db->query("DELETE FROM tld WHERE tld= ?;", array($tld));
@@ -1298,23 +1307,23 @@ EOF;
      *  domain!
      * 
      * @global    m_mysql $db
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     string  $tld        string TLD we want to authorize
      * @param     boolean $mode       Controls to make on this TLD.
      * @return    boolean             TRUE if the TLD has been successfully
      *  added. FALSE if not.
      */
     function addtld($tld, $mode) {
-        global $db, $err;
+        global $db, $msg;
         if (!$tld) {
-            $err->raise("admin", _("The TLD name is mandatory"));
+            $msg->raise('Error', "admin", _("The TLD name is mandatory"));
             return false;
         }
         $tld = trim($tld);
 
         $db->query("SELECT tld FROM tld WHERE tld= ?;", array($tld));
         if ($db->next_record()) {
-            $err->raise("admin", _("This TLD already exist"));
+            $msg->raise('Error', "admin", _("This TLD already exist"));
             return false;
         }
         if (substr($tld, 0, 1) == ".") {
@@ -1332,7 +1341,7 @@ EOF;
      * Modify a TLD of the list of the authorized TLDs 
      * 
      * @global    m_mysql $db
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     string  $tld    TLD we want to modify
      * @param     int     $mode   Controls to make on this TLD.
      * @return    boolean         TRUE if the TLD has been successfully
@@ -1340,10 +1349,10 @@ EOF;
 
      */
     function edittld($tld, $mode) {
-        global $db, $err;
+        global $db, $msg;
         $db->query("SELECT tld FROM tld WHERE tld= ?;", array($tld));
         if (!$db->next_record()) {
-            $err->raise("admin", _("This TLD does not exist"));
+            $msg->raise('Error', "admin", _("This TLD does not exist"));
             return false;
         }
         $mode = intval($mode);
@@ -1442,40 +1451,40 @@ EOF;
     /**
      * 
      * @global    m_mysql $db
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     string  $policy     Name of the policy to check for
      * @param     string  $login      The login that will be set
      * @param     string  $password   The password we have to check
      * @return    boolean             TRUE if the password if OK for this login and this policy, FALSE if it is not.
      */
-    function checkPolicy($policy, $login, $password) {
-        global $err;
+    function checkPolicy($policy, $login, $password, $canbeempty = false) {
+        global $msg;
 
         if (empty($login)) {
-            $err->raise("admin", _("Please enter a login"));
+            $msg->raise('alert', "admin", _("Please enter a login"));
             return false;
         }
-        if (empty($password)) {
-            $err->raise("admin", _("Please enter a password"));
+        if (empty($password) && !$canbeempty) {
+            $msg->raise('alert', "admin", _("Please enter a password"));
             return false;
         }
 
         $pol = $this->listPasswordPolicies();
         if (!$pol[$policy]) {
-            $err->raise("admin", _("-- Program error -- The requested password policy does not exist!"));
+            $msg->raise('Error', "admin", _("-- Program error -- The requested password policy does not exist!"));
             return false;
         }
         $pol = $pol[$policy];
         // Ok, now let's check it : 
         $plen = strlen($password);
 
-        if ($plen < $pol["minsize"]) {
-            $err->raise("admin", _("The password length is too short according to the password policy"));
+        if ($plen < $pol["minsize"] && !($canbeempty && empty($password))) {
+            $msg->raise('Error', "admin", _("The password length is too short according to the password policy"));
             return false;
         }
 
-        if ($plen > $pol["maxsize"]) {
-            $err->raise("admin", _("The password is too long according to the password policy"));
+        if ($plen > $pol["maxsize"] && !($canbeempty && empty($password))) {
+            $msg->raise('Error', "admin", _("The password is too long according to the password policy"));
             return false;
         }
 
@@ -1488,13 +1497,13 @@ EOF;
                     continue;
                 }
                 if (strpos($password, $l) !== false || strpos($l, $password) !== false) {
-                    $err->raise("admin", _("The password policy prevents you to use your login name inside your password or the other way around"));
+                    $msg->raise('Error', "admin", _("The password policy prevents you to use your login name inside your password or the other way around"));
                     return false;
                 }
             }
         }
 
-        if ($pol["classcount"] > 0) {
+        if ($pol["classcount"] > 0 && !($canbeempty && empty($password))) {
             $cls = array(0, 0, 0, 0, 0);
             for ($i = 0; $i < strlen($password); $i++) {
                 $p = substr($password, $i, 1);
@@ -1512,7 +1521,7 @@ EOF;
             } // foreach
             $clc = array_sum($cls);
             if ($clc < $pol["classcount"]) {
-                $err->raise("admin", _("Your password contains not enough different classes of character, between low-case, up-case, figures and special characters."));
+                $msg->raise('Error', "admin", _("Your password contains not enough different classes of character, between low-case, up-case, figures and special characters."));
                 return false;
             }
         }

From 6c40d19bbdebe9982e5dd8d68c34ed4af26d700b Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Tue, 15 Aug 2017 19:51:04 +0200
Subject: [PATCH 06/23] =?UTF-8?q?classe=20mysql=20&=20fichiers=20section?=
 =?UTF-8?q?=20admin=20associ=C3=A9s?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/sql_bck.php              |   8 +-
 bureau/admin/sql_del.php              |  14 +-
 bureau/admin/sql_doadd.php            |  12 +-
 bureau/admin/sql_dobck.php            |   7 +-
 bureau/admin/sql_dorestore.php        |  14 +-
 bureau/admin/sql_getparam.php         |  43 +++-
 bureau/admin/sql_list.php             |  14 +-
 bureau/admin/sql_pma_sso.php          |   9 +-
 bureau/admin/sql_restore.php          |   8 +-
 bureau/admin/sql_users_add.php        |  28 ++-
 bureau/admin/sql_users_del.php        |  17 +-
 bureau/admin/sql_users_doadd.php      |  12 +-
 bureau/admin/sql_users_dopassword.php |  11 +-
 bureau/admin/sql_users_dorights.php   |   3 +-
 bureau/admin/sql_users_list.php       |  15 +-
 bureau/admin/sql_users_password.php   |  13 +-
 bureau/admin/sql_users_rights.php     |   9 +-
 bureau/class/m_mysql.php              | 329 ++++++++++++--------------
 18 files changed, 268 insertions(+), 298 deletions(-)

diff --git a/bureau/admin/sql_bck.php b/bureau/admin/sql_bck.php
index e6111532..502eb92b 100755
--- a/bureau/admin/sql_bck.php
+++ b/bureau/admin/sql_bck.php
@@ -52,13 +52,9 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$r=$mysql->get_mysql_details($id)) {
-	$error=$err->errstr();
-}
+$r=$mysql->get_mysql_details($id); 
 
-if (isset($error) && $error) {
-	echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
-}
+echo $msg->msg_html_all();
 
 if (is_array($r)) {
 ?>
diff --git a/bureau/admin/sql_del.php b/bureau/admin/sql_del.php
index 550e1050..5dce21d7 100755
--- a/bureau/admin/sql_del.php
+++ b/bureau/admin/sql_del.php
@@ -35,20 +35,14 @@ $fields = array (
 );
 getFields($fields);
 
-if(!isset($error)){
-	$error="";
-}
-
 if ($confirm=="y" ) {
   reset($_POST);
   while (list($key,$val)=each($_POST)) {
     if (substr($key,0,4)=="del_") {
       // Effacement de la base $val
       $r=$mysql->del_db(substr($key,4));
-      if (!$r) {
-	$error.=$err->errstr()."<br />";
-      } else {
-	$error.=sprintf(_("The database %s has been successfully deleted"),$val)."<br />";
+      if ($r) {
+	$msg->raise("ok", "mysql", _("The database '%s' has been successfully deleted"), $val);
       }
     }
   }
@@ -63,7 +57,7 @@ foreach($_POST as $key=>$val) {
   }
 }
 if (!$found) {
-  $error=_("Please check which databases you want to delete"); 
+  $msg->raise("alert", "mysql", _("Please check which databases you want to delete"));
   include("sql_list.php");
   exit();
  }
@@ -82,7 +76,7 @@ if (!$found) {
 reset($_POST);
 while (list($key,$val)=each($_POST)) {
   if (substr($key,0,4)=="del_") {
-      echo "<input type=\"hidden\" name=\"".ehe($key,false)."\" value=\"".ehe($val,false)."\" />".ehe($val,false)."<br />\n";
+      echo "<input type=\"hidden\" name=\"".ehe($key,false)."\" value=\"".ehe($val,false)."\" /><ul><li><b>".ehe($val,false)."</b></li></ul>\n";
   }
 }
 
diff --git a/bureau/admin/sql_doadd.php b/bureau/admin/sql_doadd.php
index 8add2197..3d644bc1 100644
--- a/bureau/admin/sql_doadd.php
+++ b/bureau/admin/sql_doadd.php
@@ -34,7 +34,7 @@ $fields = array (
 );
 getFields($fields);
 if (!$quota->cancreate("mysql")) {
-  $error=_("Can't create a database: your quota is over");
+  $msg->raise("alert", "mysql", _("Can't create a database: your quota is over"));
   include("sql_list.php");
   exit;
 }
@@ -46,13 +46,11 @@ if($q['u'] > 0){
   $dbname=$mem->user["login"];
 }
 
-if(!$mysql->add_db($dbname)) {
-  $error=$err->errstr();
-  include("sql_list.php");
-  exit;
+if($mysql->add_db($dbname)) {
+  $msg->raise("ok", "mysql", _("La base de données '%s' a bien été créé."),$dbname);
 }
 
-header('Location: sql_getparam.php?dbname='.htmlentities($dbname));
-#include("sql_list.php");
+#header('Location: sql_getparam.php?dbname='.htmlentities($dbname));
+include("sql_list.php");
 
 ?>
diff --git a/bureau/admin/sql_dobck.php b/bureau/admin/sql_dobck.php
index 3472aba6..fa22391c 100644
--- a/bureau/admin/sql_dobck.php
+++ b/bureau/admin/sql_dobck.php
@@ -48,12 +48,13 @@ $fields = array (
 getFields($fields);
 
 
-if (!$mysql->put_mysql_backup($id,$bck_mode,$bck_history,$bck_gzip,$bck_dir)) {
-	$error=$err->errstr();
+$mysql->put_mysql_backup($id,$bck_mode,$bck_history,$bck_gzip,$bck_dir); 
+
+if ($msg->has_msgs("Error")) {
 	include("sql_bck.php");
 	exit();
 } else {
-	$error=_("Your backup parameters has been successfully changed.");
+	$msg->raise("ok", "mysql", _("Your backup parameters has been successfully changed."));
 }
 include("sql_list.php");
 ?>
diff --git a/bureau/admin/sql_dorestore.php b/bureau/admin/sql_dorestore.php
index 400b19cd..a2e2691b 100644
--- a/bureau/admin/sql_dorestore.php
+++ b/bureau/admin/sql_dorestore.php
@@ -43,9 +43,8 @@ getFields($fields);
 
 <?php
 
-if (!$r=$mysql->get_mysql_details($id)) {
-        $error=$err->errstr();
-}
+$r=$mysql->get_mysql_details($id);
+
 if (! $r["enabled"]) { 
   echo "<p class=\"alert alert-danger\">"._("You currently have no database defined")."</p>";
   include_once("foot.php");
@@ -57,14 +56,11 @@ if (! $r["enabled"]) {
 
 <p>
 <?php
-if (!$mysql->restore($restfile,true,$id))  {
-  $error=$err->errstr();
-} else {
-  $error=_("Your database has been restored, check out the previous text for error messages.");
+if ($mysql->restore($restfile,true,$id))  {
+  $msg->raise("ok", "mysql", _("Your database has been restored, check out the previous text for error messages."));
 } // if mysql->restore
 
-echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
-
+echo $msg->msg_html_all();
 ?>
 </p>
 <?php include_once("foot.php"); ?>
diff --git a/bureau/admin/sql_getparam.php b/bureau/admin/sql_getparam.php
index 7d9fda0b..9c19c262 100644
--- a/bureau/admin/sql_getparam.php
+++ b/bureau/admin/sql_getparam.php
@@ -34,30 +34,35 @@ $fields = array (
 	"dbname"    => array ("request", "string", ""),
 );
 getFields($fields);
-if (!$r=$mysql->get_dblist()) {
+if (!$res=$mysql->get_dblist()) {
 	$error=$err->errstr();
 }
 
-$r=$mysql->get_defaultsparam($dbname);
-if (!$r) {
-	$error=$err->errstr();
-}
+$res=$mysql->get_defaultsparam($dbname);
 
 ?>
 <h3><?php __("MySQL Databases"); ?></h3>
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-		echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
-        include_once("foot.php"); 
-        exit();
-    }
+echo $msg->msg_html_all();
+
+if ($msg->has_msgs("error")) {
+    include_once("foot.php"); 
+    exit();
+}
 ?>
 <p><?php __("Your current connection settings are"); ?> : </p>
+
+<?php
+$i = 0;
+foreach ($res as $r) { 
+	$i++;
+	$title = (count($res) > 1)?"Paramètres ".$i:"Paramètres";
+?>
 <table class="tedit">
         <tr>
-	<th colspan="2" style='text-align:center;'><?php echo '<h1>'.$mysql->dbus->HumanHostname.'</h1>'; ?></th>
+	<th colspan="2" style='text-align:center;'><?php echo '<h1>'.$title.'</h1>'; ?></th>
         </tr>
 	<tr>
 		<th><?php __("Mysql Server"); ?></th>
@@ -65,7 +70,7 @@ if (!$r) {
 	</tr>
 	<tr>
 		<th><?php __("Database"); ?></th>
-<td><code><?php ehe($dbname); ?></code></td>
+		<td><code><?php ehe($dbname); ?></code></td>
 	</tr>
 <?php
 if(isset($r['user'])){
@@ -78,6 +83,18 @@ if(isset($r['user'])){
 		<th><?php __("Password"); ?></th>
 		<td><code><?php echo $r['password']; ?></code></td>
 	</tr>
+	<tr>
+		<th>Droits de l'utilisateur</th>
+<?php
+// On teste la valeur de retour 'Rights' afin de savoir si cet utilisateur à tous les droits ou seulement certains et on place le bouton "Gestion des droits"
+if ($r[Rights] == 'All') {
+	$rights = "Tous";
+} else {
+	$rights = "<span style='color:orange;'>Sélectifs</span>";
+}
+?>
+		<td><?php echo $rights; ?>&nbsp;&nbsp;<span class="ina configure"><a href="sql_users_rights.php?id=<?php echo $r["user"] ?>"><?php __("Manage the rights"); ?></a></span></td>
+	</tr>
 	<tr>
 		<td colspan="2" align="center">
                   <a href="/alternc-sql/" target="_blank"><?php __("Web interface PhpMyAdmin"); ?></a>
@@ -95,6 +112,8 @@ if(!isset($r['user'])){
 	echo "<p class=\"alert alert-warning\">";__("You changed the MySQL User base configuration. Please refer to your configuration");echo"</p><p>&nbsp;</p>";
 }
 ?>
+<br>
+<?php } // Fin foreach ?>
 <p><span class="ina back"><a href="sql_list.php"><?php __("Back to the MySQL database list"); ?></a></span></p>
 
 
diff --git a/bureau/admin/sql_list.php b/bureau/admin/sql_list.php
index 05f6913e..7e028572 100755
--- a/bureau/admin/sql_list.php
+++ b/bureau/admin/sql_list.php
@@ -38,12 +38,14 @@ $r=$mysql->get_userslist();
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-		echo "<p class=\"alert alert-danger\">$error</p>";
-	}
-  if(!$r || empty($r)){
-    echo "<p class=\"alert alert-info\">"._("You have no sql user at the moment.")."</p>";  
+  // On regarde d'abord si on a une db existante. Sioui, on regarde si on a des utilisateurs existants
+  if(!$rdb || empty($rdb)){
+	$msg->raise("info", "mysql", _("You have no database at the moment."));
+  } else if(!$r || empty($r)){
+	$msg->raise("info", "mysql", _("You have no sql user at the moment."));
   }
+
+echo $msg->msg_html_all();
 ?>
 
 <?php
@@ -74,7 +76,7 @@ for($i=0;$i<count($rdb);$i++) {
 
  }
 ?>
-<tr><td colspan="5">
+<tr><td colspan="6">
    <input type="submit" name="sub" value="<?php __("Delete the checked databases"); ?>" class="inb delete" />
 </td></tr>
 </table>
diff --git a/bureau/admin/sql_pma_sso.php b/bureau/admin/sql_pma_sso.php
index 5daf9e00..657302a1 100644
--- a/bureau/admin/sql_pma_sso.php
+++ b/bureau/admin/sql_pma_sso.php
@@ -29,9 +29,7 @@
 */
 require_once("../class/config.php");
 
-if (!$r=$mysql->php_myadmin_connect()) {
-	$error=$err->errstr();
-} else {
+if ($r=$mysql->php_myadmin_connect()) {
   // SSO of PhpMyAdmin
   $_SESSION['PMA_single_signon_user'] = $r["login"];
   $_SESSION['PMA_single_signon_password'] = $r["pass"];
@@ -45,9 +43,8 @@ if (!$r=$mysql->php_myadmin_connect()) {
 include_once("head.php");
 echo '<h3>'._("SQL Admin").'</h3>';
 
-if (!empty($error)) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
+echo $msg->msg_html_all();
+
 include_once("foot.php"); 
 
 ?>
diff --git a/bureau/admin/sql_restore.php b/bureau/admin/sql_restore.php
index 7b7d4ba3..1840467c 100755
--- a/bureau/admin/sql_restore.php
+++ b/bureau/admin/sql_restore.php
@@ -36,18 +36,14 @@ $fields = array (
 );
 getFields($fields);
 
-if (!$r=$mysql->get_mysql_details($id)) {
-	$error=$err->errstr();
-}
+$r=$mysql->get_mysql_details($id);
 
 ?>
 <h3><?php __("MySQL Databases"); ?></h3>
 <hr id="topbar"/>
 <br />
 <?php
-if (!empty($error)) {
-	echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
-}
+echo $msg->msg_html_all();
 
 if (!is_array($r)) {
   echo "<p>"._("You currently have no database defined")."</p>";
diff --git a/bureau/admin/sql_users_add.php b/bureau/admin/sql_users_add.php
index 9a1726a6..4873da2a 100755
--- a/bureau/admin/sql_users_add.php
+++ b/bureau/admin/sql_users_add.php
@@ -37,21 +37,20 @@ $fields = array (
 );
 getFields($fields);
 
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['mysql']['classcount'];
+
 ?>
 <h3><?php __("Create a new MySQL user"); ?></h3>
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-		echo "<p class=\"alert alert-danger\">$error</p>";
-		if (isset($fatal) && $fatal) {
-?>
-<?php include_once("foot.php"); ?>
+echo $msg->msg_html_all();
 
-<?php
-			exit();
-		}
-	}
+if (isset($fatal) && $fatal) {
+    include_once("foot.php");
+    exit();
+}
 ?>
 <form method="post" action="sql_users_doadd.php" id="main" name="main" autocomplete="off">
   <?php csrf_get(); ?>
@@ -62,12 +61,17 @@ getFields($fields);
 
 <table class="tedit">
 <tr>
+<?php
+// On récupère la taille max d'un nom d'utilisateur mysql (définit dans les variables globales d'AlternC
+// et on l'utilise pour mettre la propriété maxlength de l'Input du nom
+$len=variable_get('sql_max_username_length', NULL)-strlen($mem->user["login"]."_");
+?>
   <th><label for="usern"><?php __("Username"); ?></label></th>
-  <td><span class="int" id="usernpfx"><?php echo $mem->user["login"]; ?>_</span><input type="text" class="int" name="usern" id="usern" value="<?php ehe($usern); ?>" size="20" maxlength="20" /></td>
+  <td><span class="int" id="usernpfx"><?php echo $mem->user["login"]; ?>_</span><input type="text" class="int" name="usern" id="usern" value="<?php ehe($usern); ?>" size="20" maxlength="<?php echo $len; ?>" /></td>
 </tr>
 <tr>
   <th><label for="password"><?php __("Password"); ?></label></th>
-  <td><input type="password" class="int" autocomplete="off" name="password" id="password" size="26"/><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passconf"); ?></td>
+  <td><input type="password" class="int" autocomplete="off" name="password" id="password" size="26"/><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passconf",$passwd_classcount); ?></td>
 </tr>
 <tr>
   <th><label for="password"><?php __("Confirm password"); ?></label></th>
@@ -81,7 +85,7 @@ getFields($fields);
 </table>
 </form>
 <script type="text/javascript">
-  if (document.forms['main'].usern.text!='') {
+  if (document.forms['main'].usern.value!='') {
     document.forms['main'].password.focus();
   } else {
     document.forms['main'].usern.focus();
diff --git a/bureau/admin/sql_users_del.php b/bureau/admin/sql_users_del.php
index 9e087def..7318d339 100755
--- a/bureau/admin/sql_users_del.php
+++ b/bureau/admin/sql_users_del.php
@@ -33,19 +33,13 @@ $fields = array (
 );
 getFields($fields);
 
-if(!isset($error)){
-	$error="";
-}
 if (isset($confirm) && ($confirm=="y")) {
   reset($_POST);
   while (list($key,$val)=each($_POST)) {
     if (substr($key,0,4)=="del_") {
       // Effacement de la base $val
-      $r=$mysql->del_user($val);
-      if (!$r) {
-	$error.=$err->errstr()."<br />";
-      } else {
-	$error.=sprintf(_("The user %s has been successfully deleted"),$val)."<br />";
+      if($mysql->del_user($val)) {
+	$msg->raise("ok", "mysql", _("The user '%s' has been successfully deleted"), $val);
       }
     }
   }
@@ -58,23 +52,24 @@ include_once("head.php");
 ?>
 <h3><?php __("MySQL users"); ?></h3>
 <hr id="topbar"/>
-<br />
+<BR />
 <p class="alert alert-warning"><?php __("WARNING"); ?></big><br /><?php __("Confirm the deletion of the following MySQL users"); ?><br />
 </p>
 <form method="post" action="sql_users_del.php" id="main">
   <?php csrf_get(); ?>
 <p>
 <input type="hidden" name="confirm" value="y" />
+<ul>
 <?php
 reset($_POST);
 while (list($key,$val)=each($_POST)) {
   if (substr($key,0,4)=="del_") {
-      echo "<input type=\"hidden\" name=\"".ehe($key,false)."\" value=\"".ehe($val,false)."\" />".ehe($val,false)."<br />\n";
+      echo "<li><input type=\"hidden\" name=\"".ehe($key,false)."\" value=\"".ehe($val,false)."\" /><b>".ehe($val,false)."</b></li>\n";
   }
 }
 
 ?>
-<br />
+</ul>
 <input type="submit" class="inb ok" name="sub" value="<?php __("Yes, delete the MySQL user"); ?>" /> <input type="button" class="inb cancel" name="non" value="<?php __("No, don't delete the MySQL user"); ?>" onclick="history.back()" />
 </p>
 </form>
diff --git a/bureau/admin/sql_users_doadd.php b/bureau/admin/sql_users_doadd.php
index bc787abd..b6ed53c0 100755
--- a/bureau/admin/sql_users_doadd.php
+++ b/bureau/admin/sql_users_doadd.php
@@ -36,18 +36,22 @@ $fields = array (
 );
 getFields($fields);
 
-if(!empty($usern)){
+if (!empty($usern)) {
   if (!$mysql->add_user($usern,$password,$passconf)) {
-    $error=$err->errstr();
     include("sql_users_add.php");
     exit;
+  } else {
+    $username=$mem->user["login"]."_".$usern;
+    $msg->raise("ok", "mysql", _("L'utilisateur '%s' a bien été créé."),$username);
   }
-}else{
+} else {
   $usern=$mem->user["login"];
   if (!$mysql->add_user($usern,$password,$passconf)) {
-    $error=$err->errstr();
     include("sql_users_add.php");
     exit;
+  } else {
+    $username=$mem->user["login"];
+    $msg->raise("ok", "mysql", _("L'utilisateur '%s' a bien été créé."),$username);
   }
 }
 
diff --git a/bureau/admin/sql_users_dopassword.php b/bureau/admin/sql_users_dopassword.php
index 9449325d..7a9daa0f 100644
--- a/bureau/admin/sql_users_dopassword.php
+++ b/bureau/admin/sql_users_dopassword.php
@@ -35,11 +35,8 @@ $fields = array (
 );
 getFields($fields);
 
-$mysql->change_user_password($id,$password,$passwordconf);
-$error=$err->errstr();
-if(isset($error) && $error){
-  include("sql_users_password.php");
-}else{
-  include("sql_users_list.php");
-}
+if ($mysql->change_user_password($id,$password,$passwordconf))
+  $msg->raise("ok", "mysql", _("Mot de passe changé pour l'utilisateur '%s'."), $id);
+
+include("sql_users_list.php");
 ?>
diff --git a/bureau/admin/sql_users_dorights.php b/bureau/admin/sql_users_dorights.php
index e0607968..8069da32 100644
--- a/bureau/admin/sql_users_dorights.php
+++ b/bureau/admin/sql_users_dorights.php
@@ -51,7 +51,8 @@ foreach($mysql->get_dblist() as $d){
   $mysql->set_user_rights($id,$d['db'],$rights);
 }
 
-$info=_("The rights has been successfully applied to the user");
+$msg->raise("ok", "mysql", _("The rights has been successfully applied to the user"));
+
 include("sql_users_list.php");
 
 ?>
diff --git a/bureau/admin/sql_users_list.php b/bureau/admin/sql_users_list.php
index b2eadf4a..1f36d9b7 100755
--- a/bureau/admin/sql_users_list.php
+++ b/bureau/admin/sql_users_list.php
@@ -38,13 +38,9 @@ $rdb=$mysql->get_dblist();
 <hr id="topbar"/>
 <br />
 <?php
-if (isset($info) && $info) {
-	echo "<p class=\"alert alert-info\">$info</p><p>&nbsp;</p>";
-}
-if (isset($error) && $error) {
-	echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
-}
-  if($r){ // if there is some userlist
+echo $msg->msg_html_all("<li>", true, true);
+
+if($r){ // if there is some userlist
 ?>
 <form method="post" action="sql_users_del.php">
       <?php csrf_get(); ?>
@@ -78,7 +74,10 @@ for($i=0;$i<count($r);$i++) {
 <br/>
 
 <?php
-  } // if $r
+  } else {
+   $msg->raise('Info', "mysql", _("You have no sql user at the moment."));
+   echo $msg->msg_html_all();
+  }
 ?>
   <span class="ina add"><a href="sql_users_add.php"><?php __("Create a new MySQL user"); ?></a></span>
 <?php include_once("foot.php"); ?>
diff --git a/bureau/admin/sql_users_password.php b/bureau/admin/sql_users_password.php
index 71592ede..80d9fc10 100755
--- a/bureau/admin/sql_users_password.php
+++ b/bureau/admin/sql_users_password.php
@@ -40,16 +40,9 @@ getFields($fields);
 <br />
 <?php
 $r=$mysql->get_user_dblist($id);
-if (!$r) {
-  $error=$err->errstr();
-}
-
-if (! empty($error) ) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-  require_once('foot.php');
-  die();
-}
 
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['mysql']['classcount'];
 ?>
 
 <form method="post" action="sql_users_dopassword.php" autocomplete="off">
@@ -63,7 +56,7 @@ if (! empty($error) ) {
 <table cellspacing="0" cellpadding="4" class="tedit">
   <tr>
     <th><label for="password"><?php __("Password"); ?></label></th>
-    <td><input type="password" class="int" autocomplete="off" name="password" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf"); ?></td>
+    <td><input type="password" class="int" autocomplete="off" name="password" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf",$passwd_classcount); ?></td>
   </tr>
   <tr>
     <th><label for="passwordconf"><?php __("Confirm password"); ?></label></th>
diff --git a/bureau/admin/sql_users_rights.php b/bureau/admin/sql_users_rights.php
index d7608bcc..26ec8a97 100755
--- a/bureau/admin/sql_users_rights.php
+++ b/bureau/admin/sql_users_rights.php
@@ -40,13 +40,10 @@ getFields($fields);
 <br />
 <?php
 $r=$mysql->get_user_dblist($id);
-if (!$r) {
-  $error=$err->errstr();
-}
 
-if (!empty($error)) {
-  echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
-  require_once('foot.php');
+if ($msg->has_msgs("Error")) {
+  require_once('sql_users_list.php');
+  exit();
 }
 
 if ($r) {
diff --git a/bureau/class/m_mysql.php b/bureau/class/m_mysql.php
index e232c2f6..b409e5e6 100644
--- a/bureau/class/m_mysql.php
+++ b/bureau/class/m_mysql.php
@@ -43,11 +43,11 @@ class DB_users extends DB_Sql {
      * Creator
      */
     function __construct() { // Sometimes we need to create this object with empty parameters, but by default we fill them with those of the current user's DB
-      global $cuid, $db, $err;
+      global $cuid, $db, $msg;
       
       $db->query("select db_servers.* from db_servers, membres where membres.uid= ? and membres.db_server_id=db_servers.id;", array($cuid));
       if (!$db->next_record()) {
-	$err->raise('db_user', _("There are no databases in db_servers for this user. Please contact your administrator."));
+	$msg->raise('Error', 'db_user', _("There are no databases in db_servers for this user. Please contact your administrator."));
 	die();
       }
 
@@ -144,8 +144,8 @@ class m_mysql {
      *  Returns an array (empty) if no databases
      */
     function get_dblist() {
-        global $db, $err, $bro, $cuid;
-        $err->log("mysql", "get_dblist");
+        global $db, $msg, $bro, $cuid;
+        $msg->log("mysql", "get_dblist");
         $db->free();
         $db->query("SELECT login,pass,db, bck_mode, bck_dir FROM db WHERE uid= ? ORDER BY db;", array($cuid));
         $c = array();
@@ -163,11 +163,11 @@ class m_mysql {
      *  Returns FALSE if error
      */
     function php_myadmin_connect() {
-        global $db, $cuid, $err;
-        $err->log("mysql", "php_myadmin_connect");
+        global $db, $cuid, $msg;
+        $msg->log("mysql", "php_myadmin_connect");
         $db->query("SELECT dbu.name,dbu.password, dbs.host FROM dbusers dbu, db_servers dbs, membres m WHERE dbu.uid= ? and enable='ADMIN' and dbs.id=m.db_server_id and m.uid= ? ;", array($cuid, $cuid));
         if (!$db->num_rows()) {
-            $err->raise("mysql", _("Cannot connect to PhpMyAdmin"));
+            $msg->raise('Error', "mysql", _("Cannot connect to PhpMyAdmin"));
             return false;
         }
         $db->next_record();
@@ -194,9 +194,9 @@ class m_mysql {
      *  Returns FALSE if the user has no database of if the database does not exist.
      */
     function get_mysql_details($dbn) {
-        global $db, $err, $cuid;
+        global $db, $msg, $cuid;
         $root = getuserpath();
-        $err->log("mysql", "get_mysql_details");
+        $msg->log("mysql", "get_mysql_details");
         $pos = strpos($dbn, '_');
         if ($pos === false) {
             $dbname = $dbn;
@@ -208,7 +208,7 @@ class m_mysql {
         $size = $this->get_db_size($dbname);
         $db->query("SELECT login,pass,db, bck_mode, bck_gzip, bck_dir, bck_history FROM db WHERE uid= ? AND db= ?;", array($cuid, $dbname));
         if (!$db->num_rows()) {
-            $err->raise("mysql", _("Database %s not found"), $dbn);
+            $msg->raise('Error', "mysql", _("Database %s not found"), $dbn);
             return array("enabled" => false);
         }
         $db->next_record();
@@ -224,11 +224,11 @@ class m_mysql {
      * an error occured, such as over quota user.
      */
     function add_db($dbn) {
-        global $db, $err, $quota, $cuid;
-        $err->log("mysql", "add_db", $dbn);
+        global $db, $msg, $quota, $cuid, $admin;
+        $msg->log("mysql", "add_db", $dbn);
         $password_user = "";
         if (!$quota->cancreate("mysql")) {
-            $err->raise("mysql", _("Your databases quota is over. You cannot create more databases"));
+            $msg->raise('Error', "mysql", _("Your databases quota is over. You cannot create more databases"));
             return false;
         }
         $pos = strpos($dbn, '_');
@@ -239,33 +239,45 @@ class m_mysql {
             $dbname = $dbn;
             $dbn = $dbncomp[1];
             if (empty($dbn)) { // If nothing after the '_'
-                $err->raise("mysql", _("Database can't have empty suffix"));
+                $msg->raise('Error', "mysql", _("Database can't have empty suffix"));
                 return false;
             }
         }
         if (!preg_match("#^[0-9a-z]*$#", $dbn)) {
-            $err->raise("mysql", _("Database name can contain only letters and numbers"));
+            $msg->raise('Error', "mysql", _("Database name can contain only letters and numbers"));
             return false;
         }
 
 	$len=variable_get("sql_max_database_length", 64);
         if (strlen($dbname) > $len) {
-            $err->raise("mysql", _("Database name cannot exceed %d characters"), $len);
+            $msg->raise('Error', "mysql", _("Database name cannot exceed %d characters"), $len);
             return false;
         }
         $db->query("SELECT * FROM db WHERE db= ? ;", array($dbname));
         if ($db->num_rows()) {
-            $err->raise("mysql", _("Database %s already exists"), $dbn);
+            $msg->raise('Error', "mysql", _("Database %s already exists"), $dbn);
             return false;
         }
 
-        $db->query("SELECT name from dbusers where name= ? and enable='ACTIVATED' ;", array($dbname));
-        if (!$db->num_rows()) {
-            $password_user = create_pass(8);
-            if (!$this->add_user($dbn, $password_user, $password_user)) {
-                
+	// On empèche la création auto d'utilisateurs si la taille du nom de la db est plus grand que la taille max du nom d'utilisateur
+	$len=variable_get('sql_max_username_length', NULL);
+	if (strlen($dbname) <= $len) {
+            $db->query("SELECT name from dbusers where name= ? and enable='ACTIVATED' ;", array($dbname));
+            if (!$db->num_rows()) {
+		// On récupère la complexité du mdp qu'on doit générer que l'on va passer en paramètre de la fonction create_pass
+		$c=$admin->listPasswordPolicies();
+		$passwd_classcount = $c['mysql']['classcount'];
+
+                $password_user = create_pass(10, $passwd_classcount);
+                if ($this->add_user($dbn, $password_user, $password_user)) {
+		    $msg->raise('Info', "mysql", "L'utilisateur '$dbname' a été créé et les droits sur cette base de données lui ont été attribué.");
+                } else {
+		    $msg->raise('Alert', "mysql", "L'utilisateur '$dbname' n'a pas pu être créé.<br>Allez à la page 'Utilisateurs Mysql' pour en créer manuellement.<br>Et n'oubliez pas de lui donner les droits sur la base de données.");
+		}
             }
-        }
+	} else {
+	    $msg->raise('Alert', "mysql", "L'utilisateur '$dbname' n'a pas été automatiquement créé car il dépasse la limite de taille pour les utilisateurs qui est à $len<br>Allez à la page 'Utilisateurs Mysql' pour en créer un avec le nom que vous voulez.<br>Et n'oubliez pas de lui donner les droits sur la base de données.");
+	}
 
         //checking for the phpmyadmin user
         $db->query("SELECT * FROM dbusers WHERE uid= ? AND enable='ADMIN';", array($cuid));
@@ -274,13 +286,13 @@ class m_mysql {
             $myadm = $db->f("name");
             $password = $db->f("password");
         } else {
-            $err->raise("mysql", _("There is a problem with the special PhpMyAdmin user. Contact the administrator"));
+            $msg->raise('Error', "mysql", _("There is a problem with the special PhpMyAdmin user. Contact the administrator"));
             return false;
         }
 
         //Grant the special user every rights.
         if ($this->dbus->exec("CREATE DATABASE $dbname;")) { // secured: dbname is checked against ^[0-9a-z]*$
-            $err->log("mysql", "add_db_succes", $dbn);
+            $msg->log("mysql", "add_db_succes", $dbn);
             // Ok, database does not exist, quota is ok and dbname is compliant. Let's proceed
             $db->query("INSERT INTO db (uid,login,pass,db,bck_mode) VALUES (?, ?, ?, ? ,0)", array($cuid, $myadm, $password, $dbname));
             $dbuser = $dbname;
@@ -292,8 +304,8 @@ class m_mysql {
             $this->dbus->query("FLUSH PRIVILEGES;");
             return true;
         } else {
-            $err->log("mysql", "add_db", $dbn);
-            $err->raise("mysql", _("An error occured. The database could not be created"));
+            $msg->log("mysql", "add_db", $dbn);
+            $msg->raise('Error', "mysql", _("An error occured. The database could not be created"));
             return false;
         }
     }
@@ -306,11 +318,11 @@ class m_mysql {
      *  an error occured, such as db does not exist.
      */
     function del_db($dbname) {
-        global $db, $err, $cuid;
-        $err->log("mysql", "del_db", $dbname);
+        global $db, $msg, $cuid;
+        $msg->log("mysql", "del_db", $dbname);
         $db->query("SELECT uid FROM db WHERE db= ?;", array($dbname));
         if (!$db->next_record()) {
-            $err->raise("mysql", _("The database was not found. I can't delete it"));
+            $msg->raise('Error', "mysql", _("The database was not found. I can't delete it"));
             return false;
         }
 
@@ -342,11 +354,11 @@ class m_mysql {
      * @return boolean true if the backup parameters has been successfully changed, false if not.
      */
     function put_mysql_backup($dbn, $bck_mode, $bck_history, $bck_gzip, $bck_dir) {
-        global $db, $err, $bro, $cuid;
-        $err->log("mysql", "put_mysql_backup");
+        global $db, $msg, $bro, $cuid;
+        $msg->log("mysql", "put_mysql_backup");
 
         if (!variable_get('sql_allow_users_backups')) {
-            $err->raise("mysql", _("User aren't allowed to configure their backups"));
+            $msg->raise('Error', "mysql", _("User aren't allowed to configure their backups"));
             return false;
         }
 
@@ -359,12 +371,12 @@ class m_mysql {
             $dbn = $dbncomp[1];
         }
         if (!preg_match("#^[0-9a-z]*$#", $dbn)) {
-            $err->raise("mysql", _("Database name can contain only letters and numbers"));
+            $msg->raise('Error', "mysql", _("Database name can contain only letters and numbers"));
             return false;
         }
         $db->query("SELECT * FROM db WHERE uid= ? AND db= ? ;", array($cuid, $dbname));
         if (!$db->num_rows()) {
-            $err->raise("mysql", _("Database %s not found"), $dbn);
+            $msg->raise('Error', "mysql", _("Database %s not found"), $dbn);
             return false;
         }
         $db->next_record();
@@ -379,11 +391,11 @@ class m_mysql {
             $bck_mode = "0";
         }
         if (!$bck_history) {
-            $err->raise("mysql", _("You have to choose how many backups you want to keep"));
+            $msg->raise('Alert', "mysql", _("You have to choose how many backups you want to keep"));
             return false;
         }
         if (($bck_dir = $bro->convertabsolute($bck_dir, 0)) === false) { // return a full path or FALSE
-            $err->raise("mysql", _("Directory does not exist"));
+            $msg->raise('Error', "mysql", _("Directory does not exist"));
             return false;
         }
         $db->query("UPDATE db SET bck_mode= ? , bck_history= ?, bck_gzip= ?, bck_dir= ? WHERE uid= ? AND db= ? ;", array($bck_mode, $bck_history, $bck_gzip, $bck_dir, $cuid, $dbname));
@@ -397,24 +409,24 @@ class m_mysql {
      * @return boolean TRUE if the password has been successfully changed, FALSE else.
      */
     function put_mysql_details($password) {
-        global $db, $err, $cuid, $admin;
-        $err->log("mysql", "put_mysql_details");
+        global $db, $msg, $cuid, $admin;
+        $msg->log("mysql", "put_mysql_details");
         $db->query("SELECT * FROM db WHERE uid= ?;", array($cuid));
         if (!$db->num_rows()) {
-            $err->raise("mysql", _("Database not found"));
+            $msg->raise('Error', "mysql", _("Database not found"));
             return false;
         }
         $db->next_record();
         $login = $db->f("login");
 
         if (!$password) {
-            $err->raise("mysql", _("The password is mandatory"));
+            $msg->raise('Error', "mysql", _("The password is mandatory"));
             return false;
         }
 
 	$len=variable_get("sql_max_username_length", 16);
         if (strlen($password) > $len) {
-            $err->raise("mysql", _("MySQL password cannot exceed %d characters"), $len);
+            $msg->raise('Error', "mysql", _("MySQL password cannot exceed %d characters"), $len);
             return false;
         }
 
@@ -440,32 +452,32 @@ class m_mysql {
      * @table : sql tables to apply rights
      * */
     function grant($base, $user, $rights = null, $pass = null, $table = '*') {
-        global $err, $db;
-        $err->log("mysql", "grant", $base . "-" . $rights . "-" . $user);
+        global $msg, $db;
+        $msg->log("mysql", "grant", $base . "-" . $rights . "-" . $user);
 
         if (!preg_match("#^[0-9a-z_\\*\\\\]*$#", $base)) {
-            $err->raise("mysql", _("Database name can contain only letters and numbers"));
+            $msg->raise('Error', "mysql", _("Database name can contain only letters and numbers"));
             return false;
         } elseif (!$this->dbus->query("select db from db where db= ?;", array($base))) {
-            $err->raise("mysql", _("Database not found"));
+            $msg->raise('Error', "mysql", _("Database not found"));
             return false;
         }
 
         if ($rights == null) {
             $rights = 'ALL PRIVILEGES';
         } elseif (!preg_match("#^[a-zA-Z,\s]*$#", $rights)) {
-            $err->raise("mysql", _("Databases rights are not correct"));
+            $msg->raise('Error', "mysql", _("Databases rights are not correct"));
             return false;
         }
 
         if (!preg_match("#^[0-9a-z]#", $user)) {
-            $err->raise("mysql", _("The username can contain only letters and numbers."));
+            $msg->raise('Error', "mysql", _("The username can contain only letters and numbers."));
             return false;
         }
         $db->query("select name from dbusers where name= ? ;", array($user));
 
         if (!$db->num_rows()) {
-            $err->raise("mysql", _("Database user not found"));
+            $msg->raise('Error', "mysql", _("Database user not found"));
             return false;
         }
 
@@ -476,8 +488,9 @@ class m_mysql {
         } else {
             $grant .= ";";
         }
+
         if (!$this->dbus->query($grant)) {
-            $err->raise("mysql", _("Could not grant rights"));
+            $msg->raise('Error', "mysql", _("Could not grant rights"));
             return false;
         }
         return true;
@@ -492,20 +505,20 @@ class m_mysql {
      * @return boolean TRUE if the database has been restored, or FALSE if an error occurred
      */
     function restore($file, $stdout, $id) {
-        global $err, $bro;
+        global $msg, $bro;
         if (empty($file)) {
-            $err->raise("mysql", _("No file specified"));
+            $msg->raise('Error', "mysql", _("No file specified"));
             return false;
         }
         if (!$r = $this->get_mysql_details($id)) {
             return false;
         }
         if (!($fi = $bro->convertabsolute($file, 0))) {
-            $err->raise("mysql", _("File not found"));
+            $msg->raise('Error', "mysql", _("File not found"));
             return false;
         }
         if (!file_exists($fi)) {
-            $err->raise("mysql", _("File not found"));
+            $msg->raise('Error', "mysql", _("File not found"));
             return false;
         }
 
@@ -558,8 +571,8 @@ class m_mysql {
      * Returns the list of database users of an account
      * */
     function get_userslist($all = null) {
-        global $db, $err, $cuid;
-        $err->log("mysql", "get_userslist");
+        global $db, $msg, $cuid;
+        $msg->log("mysql", "get_userslist");
         $c = array();
         if (!$all) {
             $db->query("SELECT name FROM dbusers WHERE uid= ? and enable not in ('ADMIN','HIDDEN') ORDER BY name;", array($cuid));
@@ -580,8 +593,8 @@ class m_mysql {
     }
 
     function get_defaultsparam($dbn) {
-        global $db, $err, $cuid;
-        $err->log("mysql", "getdefaults");
+        global $db, $msg, $cuid;
+        $msg->log("mysql", "getdefaults");
 
         $dbu = $dbn;
         $r = array();
@@ -589,86 +602,46 @@ class m_mysql {
         $this->dbus->query("Select * from mysql.db where Db= ? and User!= ? ;", array($dbn, $cuid."_myadm"));
 
         if (!$this->dbus->num_rows()) {
-            $err->raise("mysql",_("Database not found"));
+            $msg->raise('Error', "mysql",_("Database not found"));
             return false;
         }
+
+	$listRights = array('Select', 'Insert', 'Update', 'Delete', 'Create', 'Drop', 'References', 'Index', 'Alter', 'Create_tmp_table', 'Lock_tables', 'Create_view', 'Show_view', 'Create_routine', 'Alter_routine', 'Execute', 'Event', 'Trigger');
         while ($this->dbus->next_record()) {
+	    // rTmp est l'array dans lequel on met les infos recupérées à chaque tour de boucle et est ajouté à l'array $r
+	    $rTmp = array();
             $variable = $this->dbus->Record;
-            if ($variable['User'] == $dbu) {
-                $r['Host'] = $this->dbus->f('Host');
 
-                if ($this->dbus->f('Select_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Insert_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Update_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Delete_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Create_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Drop_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('References_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Index_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Alter_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Create_tmp_table_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Lock_tables_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Create_view_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Show_view_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Create_routine_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Alter_routine_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Execute_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Event_priv') !== "Y") {
-                    return $r;
-                }
-                if ($this->dbus->f('Trigger_priv') !== "Y") {
-                    return $r;
-                }
+	    $dbu = $variable['User'];
+
+            $rTmp['Host'] = $this->dbus->f('Host');
+	    $rTmp['Rights']='All';
+
+	    foreach ($listRights as $v) {
+		$right = $v."_priv";
+		if ($this->dbus->f($right) !== "Y") {
+		    $rTmp['Rights'] = 'NotAll';
+		    break;
+		}
+	    }
+
+            if (!$db->query("SELECT name,password from dbusers where name= ? ;", array($dbu))) {
+                $msg->raise('Error', "mysql",_("Database not found")." (3)");
+                return false;
             }
-        } //endwhile
-        if (!count($r)) {
-            $err->raise("mysql",_("Database not found")." (2)");
-            return false;
-        }
-        if (!$db->query("SELECT name,password from dbusers where name= ? ;", array($dbu))) {
-            $err->raise("mysql",_("Database not found")." (3)");
-            return false;
-        }
 
-        if (!$db->num_rows()) {
-            $err->raise("mysql",_("Database not found")." (4)");
-            return false;
-        }
-        $db->next_record();
-        $r['user'] = $db->f('name');
-        $r['password'] = $db->f('password');
+            if (!$db->num_rows()) {
+                $msg->raise('Error', "mysql",_("Database not found")." (4)");
+                return false;
+            }
+
+            $db->next_record();
+            $rTmp['user'] = $db->f('name');
+            $rTmp['password'] = $db->f('password');
+
+	    $r[] = $rTmp;
+
+        } //endwhile
         return $r;
     }
 
@@ -682,8 +655,8 @@ class m_mysql {
      * @return boolean if the user has been created in MySQL or FALSE if an error occurred
      * */
     function add_user($usern, $password, $passconf) {
-        global $db, $err, $mem, $cuid, $admin;
-        $err->log("mysql", "add_user", $usern);
+        global $db, $msg, $mem, $cuid, $admin;
+        $msg->log("mysql", "add_user", $usern);
 
         $usern = trim($usern);
         $login = $mem->user["login"];
@@ -692,33 +665,32 @@ class m_mysql {
         } else {
             $user = $usern;
         }
-
         if (!$usern) {
-            $err->raise("mysql", _("The username is mandatory"));
+            $msg->raise('Alert', "mysql", _("The username is mandatory"));
             return false;
         }
         if (!$password) {
-            $err->raise("mysql", _("The password is mandatory"));
+            $msg->raise('Alert', "mysql", _("The password is mandatory"));
             return false;
         }
         if (!preg_match("#^[0-9a-z]#", $usern)) {
-            $err->raise("mysql", _("The username can contain only letters and numbers"));
+            $msg->raise('Error', "mysql", _("The username can contain only letters and numbers"));
             return false;
         }
 
         // We check the length of the COMPLETE username, not only the part after _
         $len=variable_get("sql_max_username_length", 16);
         if (strlen($user) > $len) {
-            $err->raise("mysql", _("MySQL username cannot exceed %d characters"), $len);
+            $msg->raise('Error', "mysql", _("MySQL username cannot exceed %d characters"), $len);
             return false;
         }
         $db->query("SELECT * FROM dbusers WHERE name= ? ;", array($user));
         if ($db->num_rows()) {
-            $err->raise("mysql", _("The database user already exists"));
+            $msg->raise('Error', "mysql", _("The database user already exists"));
             return false;
         }
         if ($password != $passconf || !$password) {
-            $err->raise("mysql", _("The passwords do not match"));
+            $msg->raise('Error', "mysql", _("The passwords do not match"));
             return false;
         }
 
@@ -731,8 +703,8 @@ class m_mysql {
 
         // We add him to the user table 
         $db->query("INSERT INTO dbusers (uid,name,password,enable) VALUES( ?, ?, ?, 'ACTIVATED');", array($cuid, $user, $password));
-        
-        $this->grant("*", $user, "USAGE", $pass);
+
+        $this->grant("*", $user, "USAGE", $password);
         return true;
     }
 
@@ -746,12 +718,12 @@ class m_mysql {
      * @return boolean if the password has been changed in MySQL or FALSE if an error occurred
      * */
     function change_user_password($usern, $password, $passconf) {
-        global $db, $err, $cuid, $admin;
-        $err->log("mysql", "change_user_pass", $usern);
+        global $db, $msg, $cuid, $admin;
+        $msg->log("mysql", "change_user_pass", $usern);
 
         $usern = trim($usern);
         if ($password != $passconf || !$password) {
-            $err->raise("mysql", _("The passwords do not match"));
+            $msg->raise('Error', "mysql", _("The passwords do not match"));
             return false;
         }
 
@@ -775,10 +747,10 @@ class m_mysql {
      * @return boolean if the user has been deleted in MySQL or FALSE if an error occurred
      * */
     function del_user($user, $all = false) {
-        global $db, $err, $cuid;
-        $err->log("mysql", "del_user", $user);
+        global $db, $msg, $cuid;
+        $msg->log("mysql", "del_user", $user);
         if (!preg_match("#^[0-9a-z]#", $user)) {
-            $err->raise("mysql", _("The username can contain only letters and numbers"));
+            $msg->raise('Error', "mysql", _("The username can contain only letters and numbers"));
             return false;
         }
         if (!$all) {
@@ -787,9 +759,12 @@ class m_mysql {
             $db->query("SELECT name FROM dbusers WHERE uid= ? ;", array($cuid));
         }
 
+	$backtrace = debug_backtrace();
         if (!$db->num_rows()) {
-            $err->raise("mysql", _("The username was not found"));
-            return false;
+	    if ($backtrace[1]["function"] != "del_db")
+		$msg->raise('Error', "mysql", _("The username was not found"));
+
+	    return false;
         }
         $db->next_record();
         $login = $db->f("name");
@@ -801,6 +776,10 @@ class m_mysql {
         $this->dbus->query("FLUSH PRIVILEGES");
 
         $db->query("DELETE FROM dbusers WHERE uid= ? AND name= ? ;", array($cuid, $user));
+
+	if ($backtrace[1]["function"] == "del_db")
+	    $msg->raise('info', "mysql", _("The user '%s' has been successfully deleted"), $user);
+
         return true;
     }
 
@@ -812,11 +791,11 @@ class m_mysql {
      * @return array An array of database name and rights
      * */
     function get_user_dblist($user) {
-        global $db, $err;
+        global $db, $msg;
 
         $this->dbus->query("SELECT * FROM mysql.user WHERE User= ? AND Host= ? ;", array($user, $this->dbus->Client));
         if (!$this->dbus->next_record()) {
-            $err->raise('mysql', _("This user does not exist in the MySQL/User database"));
+            $msg->raise('Error', 'mysql', _("This user does not exist in the MySQL/User database"));
             return false;
         }
 
@@ -824,7 +803,8 @@ class m_mysql {
         $db->free();
         $dblist = $this->get_dblist();
 	foreach ($dblist as $tab) {
-            $this->dbus->query("SELECT * FROM mysql.db WHERE User= ? AND Host= ? AND Db= ? ;", array($user, $this->dbus->Client, $tab["db"]));
+	    $dbname = str_replace('_', '\_', $tab["db"]);
+            $this->dbus->query("SELECT * FROM mysql.db WHERE User= ? AND Host= ? AND Db= ? ;", array($user, $this->dbus->Client, $dbname));
             if ($this->dbus->next_record()) {
                 $r[] = array("db" => $tab["db"], "select" => $this->dbus->f("Select_priv"), "insert" => $this->dbus->f("Insert_priv"), "update" => $this->dbus->f("Update_priv"), "delete" => $this->dbus->f("Delete_priv"), "create" => $this->dbus->f("Create_priv"), "drop" => $this->dbus->f("Drop_priv"), "references" => $this->dbus->f("References_priv"), "index" => $this->dbus->f("Index_priv"), "alter" => $this->dbus->f("Alter_priv"), "create_tmp" => $this->dbus->f("Create_tmp_table_priv"), "lock" => $this->dbus->f("Lock_tables_priv"),
                     "create_view" => $this->dbus->f("Create_view_priv"),
@@ -853,8 +833,8 @@ class m_mysql {
      * 
      * */
     function set_user_rights($user, $dbn, $rights) {
-        global $err;
-        $err->log("mysql", "set_user_rights");
+        global $msg;
+        $msg->log("mysql", "set_user_rights");
 
         // On genere les droits en fonction du tableau de droits
         $strrights = "";
@@ -918,14 +898,15 @@ class m_mysql {
         }
 
         // We reset all user rights on this DB : 
-        $this->dbus->query("SELECT * FROM mysql.db WHERE User = ? AND Db = ?;", array($user, $dbn));
+	$dbname = str_replace('_', '\_', $dbn);
+        $this->dbus->query("SELECT * FROM mysql.db WHERE User = ? AND Db = ?;", array($user, $dbname));
 
         if ($this->dbus->num_rows()) {
-            $this->dbus->query("REVOKE ALL PRIVILEGES ON ".$dbn.".* FROM ".$this->dbus->quote($user)."@" . $this->dbus->quote($this->dbus->Client) . ";");
+            $this->dbus->query("REVOKE ALL PRIVILEGES ON `".$dbname."`.* FROM ".$this->dbus->quote($user)."@" . $this->dbus->quote($this->dbus->Client) . ";");
         }
         if ($strrights) {
             $strrights = substr($strrights, 0, strlen($strrights) - 1);
-            $this->grant($dbn, $user, $strrights);
+            $this->grant($dbname, $user, $strrights);
         }
         $this->dbus->query("FLUSH PRIVILEGES");
         return TRUE;
@@ -942,8 +923,8 @@ class m_mysql {
      * @access private
      */
     function hook_lxc_params($params) {
-        global $err;
-        $err->log("mysql", "alternc_get_quota");
+        global $msg;
+        $msg->log("mysql", "alternc_get_quota");
         $p = array();
         if (isset($this->dbus["Host"]) && $this->dbus["Host"] != "") {
             $p["mysql_host"] = $this->dbus["Host"];
@@ -961,8 +942,8 @@ class m_mysql {
      * @access private
      */
     function hook_quota_get() {
-        global $err;
-        $err->log("mysql", "alternc_get_quota");
+        global $msg;
+        $msg->log("mysql", "alternc_get_quota");
         $q = Array("name" => "mysql", "description" => _("MySQL Databases"), "used" => 0);
         $c = $this->get_dblist();
         if (is_array($c)) {
@@ -978,8 +959,8 @@ class m_mysql {
      * @access private
      */
     function alternc_add_member() {
-        global $db, $err, $cuid, $mem;
-        $err->log("mysql", "alternc_add_member");
+        global $db, $msg, $cuid, $mem;
+        $msg->log("mysql", "alternc_add_member");
         //checking for the phpmyadmin user
         $db->query("SELECT name,password FROM dbusers WHERE uid= ? AND Type='ADMIN';", array($cuid));
         if ($db->num_rows()) {
@@ -987,7 +968,7 @@ class m_mysql {
             $password = $db->f("password");
         } else {
             $myadm = $cuid . "_myadm";
-            $password = create_pass(8);
+            $password = create_pass();
         }
 
         $db->query("INSERT INTO dbusers (uid,name,password,enable) VALUES (?, ?, ?, 'ADMIN');", array($cuid, $myadm, $password));
@@ -1002,8 +983,8 @@ class m_mysql {
      * @access private
      */
     function alternc_del_member() {
-        global $err;
-        $err->log("mysql", "alternc_del_member");
+        global $msg;
+        $msg->log("mysql", "alternc_del_member");
         $c = $this->get_dblist();
         if (is_array($c)) {
             for ($i = 0; $i < count($c); $i++) {
@@ -1040,8 +1021,8 @@ class m_mysql {
      */
     function alternc_export_conf() {
         //TODO don't work with separated sql server for dbusers
-        global $db, $err, $cuid;
-        $err->log("mysql", "export");
+        global $db, $msg, $cuid;
+        $msg->log("mysql", "export");
         $db->query("SELECT login, pass, db, bck_mode, bck_dir, bck_history, bck_gzip FROM db WHERE uid= ? ;", array($cuid));
         $str = "";
         if ($db->next_record()) {
@@ -1072,13 +1053,13 @@ class m_mysql {
      * EXPERIMENTAL 'sid' function ;) 
      */
     function alternc_export_data($dir) {
-        global $db, $err, $cuid;
-        $err->log("mysql", "export_data");
+        global $db, $msg, $cuid;
+        $msg->log("mysql", "export_data");
         $db->query("SELECT db.login, db.pass, db.db, dbusers.name FROM db,dbusers WHERE db.uid= ?  AND dbusers.uid=db.uid;", array($cuid));
         $dir.="sql/";
         if (!is_dir($dir)) {
             if (!mkdir($dir)) {
-                $err->raise('mysql', _("The directory could not be created"));
+                $msg->raise('Error', 'mysql', _("The directory could not be created"));
             }
         }
         // on exporte toutes les bases utilisateur.
@@ -1100,8 +1081,8 @@ class m_mysql {
      * @return an array associating the name of the databases to their sizes : array(dbname=>size)
      */
     function get_dbus_size($db_name, $db_host, $db_login, $db_password, $db_client) {
-        global $err;
-        $err->log("mysql", "get_dbus_size", $db_host);
+        global $msg;
+        $msg->log("mysql", "get_dbus_size", $db_host);
 
 	$this->dbus = new DB_Sql("mysql",$db_host,$db_login,$db_password);
 

From 8d5953f1c4559fcc2ac3b968ab8ed1f886aafbbe Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Tue, 15 Aug 2017 20:05:02 +0200
Subject: [PATCH 07/23] =?UTF-8?q?classe=20ftp=20+=20fichiers=20section=20a?=
 =?UTF-8?q?dmin=20associ=C3=A9s?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/ftp_del.php           | 11 ++---
 bureau/admin/ftp_doedit.php        | 21 +++-----
 bureau/admin/ftp_edit.php          | 24 +++++----
 bureau/admin/ftp_list.php          | 29 +++++------
 bureau/admin/ftp_switch_enable.php |  7 ++-
 bureau/class/m_ftp.php             | 78 +++++++++++++++---------------
 6 files changed, 78 insertions(+), 92 deletions(-)

diff --git a/bureau/admin/ftp_del.php b/bureau/admin/ftp_del.php
index 7843791a..65253a86 100755
--- a/bureau/admin/ftp_del.php
+++ b/bureau/admin/ftp_del.php
@@ -29,7 +29,6 @@
 */
 require_once("../class/config.php");
 
-$error="";
 // On parcours les POST_VARS et on repere les del_.
 reset($_POST);
 $lst_todel=array();
@@ -54,10 +53,9 @@ getFields($fields);
 if(!empty($confirm_del)) {
   foreach($lst_todel as $v) {
     $r=$ftp->delete_ftp($v);
-    if (!$r) {
-      $error.=$err->errstr()."<br />";
-    } else {
-      $error.=sprintf(_("The ftp account %s has been successfully deleted"),$r)."<br />";
+    if ($r) {
+      $success=true;
+      $msg->raise("Ok", "ftp", _("The ftp account %s has been successfully deleted"),$r);
     }
   }
   include("ftp_list.php");
@@ -71,7 +69,7 @@ if(!empty($confirm_del)) {
   <?php __("Do you really want to delete those accounts?");?>
   <ul>
   <?php foreach($lst_todel as $t) {
-    echo "<li>".$names[$t]."</li>\n";
+    echo "<li><b>".$names[$t]."</b></li>\n";
   } ?>
   </ul>
 
@@ -87,7 +85,6 @@ if(!empty($confirm_del)) {
 <?php
   include_once('foot.php');
   exit();
-
 }
 
 ?>
diff --git a/bureau/admin/ftp_doedit.php b/bureau/admin/ftp_doedit.php
index 4cee5a72..2c270484 100755
--- a/bureau/admin/ftp_doedit.php
+++ b/bureau/admin/ftp_doedit.php
@@ -39,16 +39,8 @@ $fields = array (
 );
 getFields($fields);
 
-if ($pass != $passconf) {
-  $error = _("Passwords do not match");
-  include_once("head.php");
-  echo "<h3>"._("Create a FTP account")."</h3><p class=\"alert alert-danger\">$error</p>";
-  include("foot.php");
-  exit();
-}
-
 if (! $id && !$create) { //not a creation and not an edit
-  $error=_("Error: neither a creation nor an edition");
+  $msg->raise("Error", "ftp", _("Error: neither a creation nor an edition"));
   include("ftp_list.php");
   exit();
 }
@@ -60,7 +52,6 @@ if (! $id ) { //create
 }
 
 if (!$r) {
-  $error=$err->errstr();
   $is_include=true;
   $rr[0]["prefixe"]=$prefixe;
   $rr[0]["login"]=$login;
@@ -68,11 +59,11 @@ if (!$r) {
   include_once("ftp_edit.php");
   exit();
 } else {
-if ($create) {
-  $error=_("The ftp account has been successfully created");
-} else {
-  $error=_("The ftp account has been successfully saved");
-}
+  if ($create)
+    $msg->raise("Ok", "ftp", _("The ftp account has been successfully created"));
+  else
+    $msg->raise("Ok", "ftp", _("The ftp account has been successfully saved"));
+
   include("ftp_list.php");
   exit();
 }
diff --git a/bureau/admin/ftp_edit.php b/bureau/admin/ftp_edit.php
index 8925f45a..d5999827 100755
--- a/bureau/admin/ftp_edit.php
+++ b/bureau/admin/ftp_edit.php
@@ -40,29 +40,27 @@ if ( !isset($is_include) ) {
 }
 
 if (!$id && !$create) {
-  $error=_("Neither a creation nor a edition");
+  $msg->raise("Error", "ftp", _("Neither a creation nor a edition"));
   echo "<h3>"._("Create a FTP account")."</h3>";
-  echo "<p class=\"alert alert-danger\">$error</p>";
+  echo $msg->msg_html_all();
   include_once("foot.php");
   exit();
 }
 
 if (!$id && $create) { //creation
   echo "<h3>"._("Create a FTP account")."</h3>";
-  $rr=false;
+  if ( !isset($is_include) )
+    $rr=false;
 } else {
-   echo "<h3>"._("Editing a FTP account")."</h3>";
+  echo "<h3>"._("Editing a FTP account")."</h3>";
   $rr=$ftp->get_ftp_details($id);
-  if (!$rr) {
-    $error=$err->errstr();
-  }
 }
 
-?>
-<?php
-if (isset($error) && $error) {
-	echo "<p class=\"alert alert-danger\">$error</p>";
-}
+echo $msg->msg_html_all();
+
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['ftp']['classcount'];
+
 ?>
 <form method="post" action="ftp_doedit.php" name="main" id="main" autocomplete="off">
 <?php csrf_get(); ?>
@@ -88,7 +86,7 @@ if (isset($error) && $error) {
     </tr>
     <tr id='ftp_tr_pass1'>
       <th><label for="pass"><?php __("Password"); ?></label></th>
-      <td><input type="password" class="int" name="pass" autocomplete="off" id="pass" size="20" maxlength="64" value=""/><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td>
+      <td><input type="password" class="int" name="pass" autocomplete="off" id="pass" size="20" maxlength="64" value=""/><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td>
     </tr>
     <tr id='ftp_tr_pass2'>
       <th><label for="passconf"><?php __("Confirm password"); ?></label></th>
diff --git a/bureau/admin/ftp_list.php b/bureau/admin/ftp_list.php
index b950ce3d..b4faa115 100755
--- a/bureau/admin/ftp_list.php
+++ b/bureau/admin/ftp_list.php
@@ -38,7 +38,6 @@ getFields($fields);
 $noftp=false;
 if (!$r=$ftp->get_list($domain)) {
 	$noftp=true;
-	$error=$err->errstr();
 }
 
 ?>
@@ -47,24 +46,20 @@ if (!$r=$ftp->get_list($domain)) {
 <br />
  
 <?php
-if (isset($error) && $error && !$noftp) {
-?>
-<p class="alert alert-danger"><?php echo $error ?></p>
-<?php } ?>
+echo $msg->msg_html_all();
 
-<?php if ($quota->cancreate("ftp")) { ?>
-<p>
+if ($quota->cancreate("ftp")) { ?>
+  <p>
    <span class="inb add"><a href="ftp_edit.php?create=1"><?php __("Create a new ftp account"); ?></a></span> 
-</p>
-<?php  	} ?>
+  </p>
+<?php
+}
 
-<?php
-	if ($noftp) {
-?>
-	<?php $mem->show_help("ftp_list_no"); ?>
-<?php
- include_once("foot.php"); 
-    } 
+if ($noftp) {
+  $mem->show_help("ftp_list_no");
+  include_once("foot.php");
+  exit;
+} 
 ?>
 
 <form method="post" action="ftp_del.php">
@@ -80,7 +75,7 @@ while (list($key,$val)=each($r)) { ?>
 		<td align="center"><input type="checkbox" class="inc" id="del_<?php ehe($val["id"]); ?>" name="del_<?php ehe($val["id"]); ?>" value="<?php ehe($val["id"]); ?>" /></td>
 <td><div class="ina edit"><a href="ftp_edit.php?id=<?php eue($val["id"]); ?>"><?php __("Edit"); ?></a></div></td>
 
-		<td><a href='ftp_switch_enable.php?id=<?php eue($val['id'],false); echo '&amp;status='.( ($val['enabled'])?'0':'1' ) ;?>' onClick='return confirm("<?php __("Are you sure you want to change his status?"); ?>");'><?php 
+		<td><a href='ftp_switch_enable.php?id=<?php eue($val['id']); echo '&amp;status='.( ($val['enabled'])?'0':'1' ) ;?>' onClick='return confirm("<?php __("Are you sure you want to change his status?"); ?>");'><?php 
 if ( $val['enabled']) {
   echo "<img src='images/check_ok.png' alt=\""._("Enabled")."\"/>";
   echo "<span style='display:none;'>ENABLED</span>"; // for tablesorter
diff --git a/bureau/admin/ftp_switch_enable.php b/bureau/admin/ftp_switch_enable.php
index a0ba0ef4..5b77d1a0 100644
--- a/bureau/admin/ftp_switch_enable.php
+++ b/bureau/admin/ftp_switch_enable.php
@@ -31,6 +31,11 @@ $fields = array (
 
 getFields($fields);
 
-$ftp->switch_enabled($id,$status);
+if ($ftp->switch_enabled($id,$status)) {
+  if ($status) 
+    $msg->raise("Ok", "ftp", _("The ftp account is enabled"));
+  else
+    $msg->raise("Ok", "ftp", _("The ftp account is disabled"));
+}
 
 require_once('ftp_list.php');
diff --git a/bureau/class/m_ftp.php b/bureau/class/m_ftp.php
index ac7b9337..ed119c67 100644
--- a/bureau/class/m_ftp.php
+++ b/bureau/class/m_ftp.php
@@ -102,9 +102,9 @@ class m_ftp {
 
     // Switch enabled status of an account
     function switch_enabled($id, $status = null) {
-        global $cuid, $db, $err;
+        global $cuid, $db, $msg;
         if (!$jj = $this->get_ftp_details($id)) {
-            $err->raise('ftp', _("This account do not exist or is not of this account"));
+            $msg->raise('Error', 'ftp', _("This account do not exist or is not of this account"));
             return false;
         }
         if ($status == null) {
@@ -116,10 +116,10 @@ class m_ftp {
         }
 
         // Be sure what is in $status, in case of it was a parameter
-        $status = ($status ? 'true' : 'false');
+        $status = ($status ? 1 : 0);
 
         if (!$db->query("UPDATE ftpusers SET enabled = ? WHERE uid = ? AND id = ? ;", array($status, $cuid, $id))) {
-            $err->raise('ftp', _("Error during update"));
+            $msg->raise('Error', 'ftp', _("Error during update"));
             return false;
         } else {
             return true;
@@ -137,8 +137,8 @@ class m_ftp {
      * @return array Retourne le tableau des comptes 
      */
     function get_list() {
-        global $db, $err, $cuid;
-        $err->log("ftp", "get_list");
+        global $db, $msg, $cuid;
+        $msg->log("ftp", "get_list");
         $r = array();
         $db->query("SELECT id, name, homedir, enabled FROM ftpusers WHERE uid= ? ORDER BY name;", array($cuid));
         if ($db->num_rows()) {
@@ -153,7 +153,7 @@ class m_ftp {
             }
             return $r;
         } else {
-            $err->raise("ftp", _("No FTP account found"));
+            $msg->raise('Info', "ftp", _("No FTP account found"));
             return array();
         }
     }
@@ -166,8 +166,8 @@ class m_ftp {
      * @return array Tableau associatif contenant les infos du comptes ftp
      */
     function get_ftp_details($id) {
-        global $db, $err, $cuid;
-        $err->log("ftp", "get_ftp_details", $id);
+        global $db, $msg, $cuid;
+        $msg->log("ftp", "get_ftp_details", $id);
         $r = array();
         $db->query("SELECT id, name, homedir, enabled FROM ftpusers WHERE uid= ? AND id= ?;", array($cuid, $id));
         if ($db->num_rows()) {
@@ -191,7 +191,7 @@ class m_ftp {
             );
             return $r;
         } else {
-            $err->raise("ftp", _("This FTP account does not exist"));
+            $msg->raise('Error', "ftp", _("This FTP account does not exist"));
             return false;
         }
     }
@@ -219,21 +219,21 @@ class m_ftp {
      * @param string $l
      */
     function check_login($l) {
-        global $err;
+        global $msg;
 
         // special chars and the max numbers of them allowed
         // to be able to give a specific error
         $vv = array('_' => '1', ' ' => 0);
         foreach ($vv as $k => $n) {
             if (substr_count($l, $k) > $n) { // if there is more than $n $k
-                $err->raise('ftp', sprintf(_("FTP login is incorrect: too many '%s'"), $k));
+                $msg->raise('Error', 'ftp', sprintf(_("FTP login is incorrect: too many '%s'"), $k));
                 return false;
             }
         }
 
         // Explicitly look for only allowed chars
         if (!preg_match("/^[A-Za-z0-9]+[A-Za-z0-9_\.\-]*$/", $l)) {
-            $err->raise('ftp', _("FTP login is incorrect"));
+            $msg->raise('Error', 'ftp', _("FTP login is incorrect"));
             return false;
         }
         return true;
@@ -272,12 +272,12 @@ class m_ftp {
      * @return boolean TRUE si le compte a �t� modifi�, FALSE si une erreur est survenue.
      */
     function put_ftp_details($id, $prefixe, $login, $pass, $dir) {
-        global $db, $err, $bro, $cuid, $admin;
-        $err->log("ftp", "put_ftp_details", $id);
+        global $db, $msg, $bro, $cuid, $admin;
+        $msg->log("ftp", "put_ftp_details", $id);
         $db->query("SELECT count(*) AS cnt FROM ftpusers WHERE id= ? and uid= ?;", array($id, $cuid));
         $db->next_record();
         if (!$db->f("cnt")) {
-            $err->raise("ftp", _("This FTP account does not exist"));
+            $msg->raise('Error', "ftp", _("This FTP account does not exist"));
             return false;
         }
         $dir = $bro->convertabsolute($dir);
@@ -286,7 +286,7 @@ class m_ftp {
         }
         $r = $this->prefix_list();
         if (!in_array($prefixe, $r)) {
-            $err->raise("ftp", _("The chosen prefix is not allowed"));
+            $msg->raise('Error', "ftp", _("The chosen prefix is not allowed"));
             return false;
         }
 
@@ -300,7 +300,7 @@ class m_ftp {
         $db->query("SELECT COUNT(*) AS cnt FROM ftpusers WHERE id!= ? AND name= ?;", array($id, $full_login));
         $db->next_record();
         if ($db->f("cnt")) {
-            $err->raise("ftp", _("This FTP account already exists"));
+            $msg->raise('Error', "ftp", _("This FTP account already exists"));
             return false;
         }
         $absolute = getuserpath() . "/$dir";
@@ -308,7 +308,7 @@ class m_ftp {
             system("/bin/mkdir -p $absolute");
         }
         if (!is_dir($absolute)) {
-            $err->raise("ftp", _("The directory cannot be created"));
+            $msg->raise('Error', "ftp", _("The directory cannot be created"));
             return false;
         }
         if (trim($pass)) {
@@ -334,13 +334,13 @@ class m_ftp {
      * @return boolean TRUE si le compte a ete efface, FALSE sinon.
      */
     function delete_ftp($id) {
-        global $db, $err, $cuid;
-        $err->log("ftp", "delete_ftp", $id);
+        global $db, $msg, $cuid;
+        $msg->log("ftp", "delete_ftp", $id);
         $db->query("SELECT name FROM ftpusers WHERE id= ? and uid= ? ;", array($id, $cuid));
         $db->next_record();
         $name = $db->f("name");
         if (!$name) {
-            $err->raise("ftp", _("This FTP account does not exist"));
+            $msg->raise('Error', "ftp", _("This FTP account does not exist"));
             return false;
         }
         $db->query("DELETE FROM ftpusers WHERE id= ? ;", array($id));
@@ -358,19 +358,19 @@ class m_ftp {
      *
      */
     function add_ftp($prefixe, $login, $pass, $dir) {
-        global $db, $err, $quota, $bro, $cuid, $admin;
-        $err->log("ftp", "add_ftp", $prefixe . "_" . $login);
+        global $db, $msg, $quota, $bro, $cuid, $admin;
+        $msg->log("ftp", "add_ftp", $prefixe . "_" . $login);
         $dir = $bro->convertabsolute($dir);
         if (substr($dir, 0, 1) == "/") {
             $dir = substr($dir, 1);
         }
         $r = $this->prefix_list();
         if (empty($pass)) {
-            $err->raise("ftp", _("Password can't be empty"));
+            $msg->raise('Error', "ftp", _("Password can't be empty"));
             return false;
         }
         if (!in_array($prefixe, $r) || $prefixe == "") {
-            $err->raise("ftp", _("The chosen prefix is not allowed"));
+            $msg->raise('Error', "ftp", _("The chosen prefix is not allowed"));
             return false;
         }
         $full_login = $prefixe;
@@ -383,7 +383,7 @@ class m_ftp {
         $db->query("SELECT count(*) AS cnt FROM ftpusers WHERE name= ? ;", array($full_login));
         $db->next_record();
         if ($db->f("cnt")) {
-            $err->raise("ftp", _("This FTP account already exists"));
+            $msg->raise('Error', "ftp", _("This FTP account already exists"));
             return false;
         }
         $db->query("SELECT login FROM membres WHERE uid= ? ;", array($cuid));
@@ -393,7 +393,7 @@ class m_ftp {
             system("/bin/mkdir -p $absolute"); // FIXME replace with action
         }
         if (!is_dir($absolute)) {
-            $err->raise("ftp", _("The directory cannot be created"));
+            $msg->raise('Error', "ftp", _("The directory cannot be created"));
             return false;
         }
 
@@ -409,7 +409,7 @@ class m_ftp {
             $db->query("INSERT INTO ftpusers (name,password, encrypted_password,homedir,uid) VALUES ( ?, '', ?, ?, ?)", array($full_login, $encrypted_password, $absolute, $cuid));
             return true;
         } else {
-            $err->raise("ftp", _("Your FTP account quota is over. You cannot create more ftp accounts"));
+            $msg->raise('Error', "ftp", _("Your FTP account quota is over. You cannot create more ftp accounts"));
             return false;
         }
     }
@@ -421,8 +421,8 @@ class m_ftp {
      * @return boolean retourne TRUE si $dir a un compte FTP, FALSE sinon.
      */
     function is_ftp($dir) {
-        global $db, $err;
-        $err->log("ftp", "is_ftp", $dir);
+        global $db, $msg;
+        $msg->log("ftp", "is_ftp", $dir);
         if (substr($dir, 0, 1) == "/") {
             $dir = substr($dir, 1);
         }
@@ -442,8 +442,8 @@ class m_ftp {
      * @access private
      */
     function alternc_del_domain($dom) {
-        global $db, $err, $cuid;
-        $err->log("ftp", "alternc_del_domain", $dom);
+        global $db, $msg, $cuid;
+        $msg->log("ftp", "alternc_del_domain", $dom);
         $db->query("DELETE FROM ftpusers WHERE uid= ? AND ( name LIKE ? OR name LIKE ?) ", array($cuid, $dom."\_%", $dom));
         return true;
     }
@@ -454,8 +454,8 @@ class m_ftp {
      * @access private
      */
     function alternc_del_member() {
-        global $db, $err, $cuid;
-        $err->log("ftp", "alternc_del_member");
+        global $db, $msg, $cuid;
+        $msg->log("ftp", "alternc_del_member");
         $db->query("DELETE FROM ftpusers WHERE uid= ?", array($cuid));
         return true;
     }
@@ -469,8 +469,8 @@ class m_ftp {
      * @access private
      */
     function hook_quota_get() {
-        global $db, $err, $cuid;
-        $err->log("ftp", "getquota");
+        global $db, $msg, $cuid;
+        $msg->log("ftp", "getquota");
         $q = Array("name" => "ftp", "description" => _("FTP accounts"), "used" => 0);
         $db->query("SELECT COUNT(*) AS cnt FROM ftpusers WHERE uid= ? ", array($cuid));
         if ($db->next_record()) {
@@ -487,8 +487,8 @@ class m_ftp {
      * EXPERIMENTAL 'sid' function ;) 
      */
     function alternc_export_conf() {
-        global $db, $err;
-        $err->log("ftp", "export");
+        global $db, $msg;
+        $msg->log("ftp", "export");
         $f = $this->get_list();
         $str = "  <ftp>";
         foreach ($f as $d => $v) {

From 31d024c5a15d9582cad4ef694ac486fb51206e90 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Wed, 16 Aug 2017 02:23:22 +0200
Subject: [PATCH 08/23] =?UTF-8?q?classe=20dom=20&=20fichiers=20section=20a?=
 =?UTF-8?q?dmin=20associ=C3=A9s?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/dom_add.php       |  10 +-
 bureau/admin/dom_doadd.php     |   8 +-
 bureau/admin/dom_dodel.php     |  24 +--
 bureau/admin/dom_edit.inc.php  |  12 +-
 bureau/admin/dom_edit.php      |  13 +-
 bureau/admin/dom_editdns.php   |  32 ++--
 bureau/admin/dom_import.php    |  14 +-
 bureau/admin/dom_subdel.php    |  13 +-
 bureau/admin/dom_subdodel.php  |  28 ++--
 bureau/admin/dom_subdoedit.php |   9 +-
 bureau/admin/dom_subedit.php   |  20 +--
 bureau/admin/dom_substatus.php |   3 +-
 bureau/admin/ftp_del.php       |   1 -
 bureau/class/m_dom.php         | 276 ++++++++++++++++-----------------
 14 files changed, 224 insertions(+), 239 deletions(-)

diff --git a/bureau/admin/dom_add.php b/bureau/admin/dom_add.php
index 162a932b..b2da7afc 100755
--- a/bureau/admin/dom_add.php
+++ b/bureau/admin/dom_add.php
@@ -45,12 +45,12 @@ if (!isset($dns)) $dns="1";
 <h3><?php __("Domain hosting"); ?></h3>
 <hr />
 <?php
-if (!$quota->cancreate("dom")) { ?>
-<p class="alert alert-danger"><?php echo _("You cannot add any new domain, your quota is over.")." "._("Contact your administrator for more information."); ?></p>
-<?php
-exit();
+if (!$quota->cancreate("dom")) {
+  $msg->raise('Alert', "dom", _("You cannot add any new domain, your quota is over.")." "._("Contact your administrator for more information."));
+  echo $msg->msg_html_all();
+  exit();
 }
-if (isset($error) && $error) echo "<p class=\"alert alert-danger\">$error</p>";
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="dom_doadd.php" id="main">
   <?php csrf_get(); ?>
diff --git a/bureau/admin/dom_doadd.php b/bureau/admin/dom_doadd.php
index 4abaaab2..0be7b429 100644
--- a/bureau/admin/dom_doadd.php
+++ b/bureau/admin/dom_doadd.php
@@ -41,17 +41,19 @@ getFields($fields);
 $dom->lock();
 
 if (!$dom->add_domain($newdomain,$dns,0,0,$newisslave,$slavedom)) {
-	$error=$err->errstr();
 	include("dom_add.php");
 	exit();
-}
+} else
+	$msg->raise('Ok', "dom", _("Your new domain %s has been successfully installed"),$newdomain);
 
 $dom->unlock();
 
 ?>
 <h3><?php __("Add a domain"); ?></h3>
 <p>
-<?php printf(_("Your new domain %s has been successfully installed"),$newdomain); ?><br /><br />
+<?php
+echo $msg->msg_html_all();
+?>
 <span class="inb"><a href="dom_edit.php?domain=<?php echo urlencode($newdomain);?>" ><?php __("Click here to continue"); ?></a></span><br />
 <?php $mem->show_help("add_domain"); ?>
 <br />
diff --git a/bureau/admin/dom_dodel.php b/bureau/admin/dom_dodel.php
index 86523181..2cdff615 100755
--- a/bureau/admin/dom_dodel.php
+++ b/bureau/admin/dom_dodel.php
@@ -37,21 +37,22 @@ $fields = array (
 );
 getFields($fields);
 
-$dom->lock();
-if ($del_confirm=="y")
+if ($del_confirm=="y") {
 	if (!$dom->del_domain($domain)) {
-		$error=$err->errstr();
 		include("dom_edit.php");
-		$dom->unlock();
 		exit();
 	}
-
-$dom->unlock();
+}
 
 if (! empty($del_cancel)) {
+  $dom->lock();
   $dom->del_domain_cancel($domain);
+  $dom->unlock();
+
   // The link to this function is disable : the del_domain_cancel function need some modification
-  __("Deletion have been successfully cancelled");?><br/>
+  $msg->raise('Ok', "dom", _("Deletion have been successfully cancelled"));
+  echo $msg->msg_html_all();
+?>
   <p>
   <span class="ina"><a href="main.php" target="_parent"><?php __("Click here to continue"); ?></a></span>
   </p>
@@ -77,13 +78,16 @@ if ($del_confirm!="y") {
 </form>
 <?php include_once("foot.php");
 	exit();
-	}
+}
 ?>
 <h3><?php printf(_("Domain %s deleted"),$domain); ?></h3>
 <hr id="topbar"/>
 <br />
-<p>
-<?php printf(_("The domain %s has been successfully deleted."),$domain); ?><br /><br />
+<?php 
+$msg->raise('Ok', "dom", _("The domain %s has been successfully deleted."),$domain);
+echo $msg->msg_html_all();
+?>
+</p>
 <span class="ina"><a href="main.php" target="_parent"><?php __("Click here to continue"); ?></a></span>
 <?php $mem->show_help("del_domain"); ?>
 </p>
diff --git a/bureau/admin/dom_edit.inc.php b/bureau/admin/dom_edit.inc.php
index 57a74c0e..2d98da96 100755
--- a/bureau/admin/dom_edit.inc.php
+++ b/bureau/admin/dom_edit.inc.php
@@ -6,18 +6,15 @@ include_once("head.php");
 # Take the values of the subdomain in arguments
 
 function sub_domains_edit($domain, $sub_domain_id=false) {
-  global $admin, $err, $oldid, $isedit;
+  global $admin, $msg, $oldid, $isedit;
 
 $dom=new m_dom();
 $dom->lock();
-if (!$r=$dom->get_domain_all($domain)) {
-  $error=$err->errstr();
-}
+
+$r=$dom->get_domain_all($domain);
 /*
 if (! empty($sub)) {
-   if (!$sd=$dom->get_sub_domain_all($domain,$sub,$type,$value)) {
-     $error=$err->errstr();
-   }
+   $sd=$dom->get_sub_domain_all($domain,$sub,$type,$value);
 }
 */
 $sd=$dom->get_sub_domain_all($sub_domain_id);
@@ -26,6 +23,7 @@ $type=$sd['type'];
 $sub=$sd['name'];
 
 $dom->unlock();
+
 ?>
 
 <form action="dom_subdoedit.php" method="post" name="main" id="main">
diff --git a/bureau/admin/dom_edit.php b/bureau/admin/dom_edit.php
index 23d41deb..9b7a64c7 100755
--- a/bureau/admin/dom_edit.php
+++ b/bureau/admin/dom_edit.php
@@ -38,16 +38,17 @@ getFields($fields);
 
 $dom->lock();
 if (!$r=$dom->get_domain_all($domain)) {
-	$error=$err->errstr();
-	echo "<p class=\"alert alert-danger\">$error</p>";
+	$dom->unlock();
+	echo $msg->msg_html_all();
 	include('foot.php');
 	die();
 }
-if (isset($error) && $error ) {
-	echo "<p class=\"alert alert-danger\">$error</p>";
-}
 $dom->unlock();
 
+?>
+<h3><img src="images/dom.png" alt="" />&nbsp;<?php printf(_("Manage %s"),$domain); ?></h3>
+<?php
+echo $msg->msg_html_all();
 ?>
 <script type="text/javascript">
 function dnson() {
@@ -88,8 +89,6 @@ function destruction_alert() {
 }
 </script>
 
-<h3><img src="images/dom.png" alt="" />&nbsp;<?php printf(_("Manage %s"),$domain); ?></h3>
-
 <?php
 
 if ($r['dns_action']=='UPDATE') {?>
diff --git a/bureau/admin/dom_editdns.php b/bureau/admin/dom_editdns.php
index b88d4516..0035ba89 100644
--- a/bureau/admin/dom_editdns.php
+++ b/bureau/admin/dom_editdns.php
@@ -40,25 +40,17 @@ getFields($fields);
 
 $dom->lock();
 
-if (!$dom->edit_domain($domain,$dns,$email,0,$ttl)) {
-  $error=$err->errstr();
-  include("dom_edit.php");
-  $dom->unlock();
-  exit();
- }
-$dom->unlock();
-
-?>
-<h3><?php printf(_("Editing domain %s"),$domain); ?></h3>
-<hr id="topbar"/>
-<br />
-<p>
-<?php
-  printf(_("The domain %s has been changed."),$domain);
+$r = $dom->get_domain_all($domain);
+if ($r["dns"] == $dns && $r["mail"] == $email && $r["zonettl"] == $ttl) {
+  $msg->raise('Ok', "dom", _("No change has been requested..."));
+} else if ($dom->edit_domain($domain,$dns,$email,0,$ttl)) {
+  $msg->raise('Ok', "dom", _("The domain %s has been changed."),$domain);
   $t = time();
 // XXX: we assume the cron job is at every 5 minutes
-  print strtr(_("The modifications will take effect at %time.  Server time is %now."), array('%now' => date('H:i:s', $t), '%time' => date('H:i:s', ($t-($t%300)+300)))); 
-?><br /><br />
-<span class="ina"><a href="dom_edit.php?domain=<?php echo urlencode($domain) ?>" ><?php __("Click here to continue"); ?></a></span>
-</p>
-<?php include_once("foot.php"); ?>
+  $msg->raise('Ok', "dom", _("The modifications will take effect at %s.  Server time is %s."), array(date('H:i:s', ($t-($t%300)+300)), date('H:i:s', $t)));
+}
+$dom->unlock();
+
+include("dom_edit.php");
+exit();
+?>
diff --git a/bureau/admin/dom_import.php b/bureau/admin/dom_import.php
index 12436574..01571c27 100755
--- a/bureau/admin/dom_import.php
+++ b/bureau/admin/dom_import.php
@@ -45,16 +45,16 @@ $domain=trim($domain);
 <br />
 
 <?php
-if (!empty($error)) {
-  echo '<p class="alert alert-danger">'.$error.'</p>';
-} 
+if ( !empty($zone) && empty($domain) ) {
+  $msg->raise('Alert', "dom", _("The domain field seems to be empty"));
+}
+
+echo $msg->msg_html_all();
 ?>
 
 <?php if ( !empty($zone) ) { 
-if ( empty($domain) ) {
-  echo '<p class="alert alert-danger">'._("The domain field seems to be empty").'</p>';
-} else { ?>
-  <?php __("Here is my proposition. Modify your zone until my proposition seems good to you"); ?>
+if ( !empty($domain) ) {
+  __("Here is my proposition. Modify your zone until my proposition seems good to you"); ?>
   <table class="tlist">
   <tr><th colspan=3><h2><?php printf(_("Working on %s"),$domain); ?></h2></th></tr>
   <tr>
diff --git a/bureau/admin/dom_subdel.php b/bureau/admin/dom_subdel.php
index 21c30c72..445ceb72 100755
--- a/bureau/admin/dom_subdel.php
+++ b/bureau/admin/dom_subdel.php
@@ -36,22 +36,21 @@ $fields = array (
 getFields($fields);
 
 $dom->lock();
-if (!$r=$dom->get_sub_domain_all($sub_domain_id)) {
-  $error=$err->errstr();
-}
+$r=$dom->get_sub_domain_all($sub_domain_id);
 $dom->unlock();
 
 $dt=$dom->domains_type_lst();
 if (!$isinvited && $dt[strtolower($r['type'])]["enable"] != "ALL" ) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "dom", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
 ?>
 <h3><?php printf(_("Deleting subdomain %s"),ife($r['name'],$r['name'].".").$r['domain']); ?> : </h3>
 <?php
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
+if ($msg->has_msgs('Error')) {
+  echo $msg->msg_html_all();
   include_once("foot.php");
   exit();
 }
@@ -78,7 +77,7 @@ if (isset($error) && $error) {
     </p>
     <blockquote>
       <input type="submit" class="inb" name="confirm" value="<?php __("Yes"); ?>" />&nbsp;&nbsp;
-      <input type="button" class="inb" name="cancel" value="<?php __("No"); ?>" onclick="history.back();" />
+      <span class="ina"><a href="dom_edit.php?domain=<?php echo urlencode($r['domain']) ?>"><?php __("No"); ?></a></span></p>
     </blockquote>
 </form>
 <?php include_once("foot.php"); ?>
diff --git a/bureau/admin/dom_subdodel.php b/bureau/admin/dom_subdodel.php
index c0895f2f..f6cdb92d 100644
--- a/bureau/admin/dom_subdodel.php
+++ b/bureau/admin/dom_subdodel.php
@@ -36,28 +36,20 @@ $fields = array (
 getFields($fields);
 
 $dom->lock();
-if (!$r=$dom->get_sub_domain_all($sub_domain_id)) {
-        $error=$err->errstr();
-}
+$r=$dom->get_sub_domain_all($sub_domain_id);
+$dt=$dom->domains_type_lst();
 $dom->unlock();
 
-
-$dt=$dom->domains_type_lst();
 if (!$isinvited && $dt[strtolower($r['type'])]["enable"] != "ALL" ) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "dom", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
 
 $dom->lock();
-if (!$r=$dom->get_sub_domain_all($sub_domain_id)) {
-        $error=$err->errstr();
-}
-
-if (!$dom->del_sub_domain($sub_domain_id)) {
-	$error=$err->errstr();
-}
-
+$r=$dom->get_sub_domain_all($sub_domain_id);
+$dom->del_sub_domain($sub_domain_id);
 $dom->unlock();
 
 ?>
@@ -65,15 +57,15 @@ $dom->unlock();
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-		echo "<p class=\"alert alert-danger\">$error</p>";
+	if ($msg->has_msgs('Error')) {
+		echo $msg->msg_html_all();
 		include_once("foot.php");
 		exit();
 	} else {
         $t = time();
 	// XXX: we assume the cron job is at every 5 minutes
-        $error=strtr(_("The modifications will take effect at %time.  Server time is %now."), array('%now' => date('H:i:s', $t), '%time' => date('H:i:s', ($t-($t%300)+300)))); 
-	    echo "<p class=\"alert alert-info\">".$error."</p>";
+        $msg->raise('Ok', "dom", _("The modifications will take effect at %s.  Server time is %s."), array(date('H:i:s', ($t-($t%300)+300)), date('H:i:s', $t))); 
+	echo $msg->msg_html_all();
 	}
 ?>
 <p><span class="ina"><a href="dom_edit.php?domain=<?php echo urlencode($r['domain']) ?>"><?php __("Click here to continue"); ?></a></span></p>
diff --git a/bureau/admin/dom_subdoedit.php b/bureau/admin/dom_subdoedit.php
index db8b7c26..fb2aa4cd 100644
--- a/bureau/admin/dom_subdoedit.php
+++ b/bureau/admin/dom_subdoedit.php
@@ -50,18 +50,17 @@ $dom->lock();
 
 $dt=$dom->domains_type_lst();
 if ( (!isset($isinvited) || !$isinvited) && $dt[strtolower($type)]["enable"] != "ALL" ) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "dom", _("This page is restricted to authorized staff"));
+  include("dom_edit.php");
   exit();
 }
 
-
-
+if (empty($sub_domain_id)) $sub_domain_id=null;
 $r=$dom->set_sub_domain($domain,$sub,$type,$value, $sub_domain_id);
 
 $dom->unlock();
 
 if (!$r) {
-  $error=$err->errstr();
   $noread=true;
   include("dom_subedit.php"); 
   exit();
@@ -69,7 +68,7 @@ if (!$r) {
   $t = time();
   // XXX: we assume the cron job is at every 5 minutes
   $noread=false;
-  $error=strtr(_("The modifications will take effect at %time. Server time is %now."), array('%now' => date('H:i:s', $t), '%time' => date('H:i:s', ($t-($t%300)+300))));
+  $msg->raise('Ok', "dom", _("The modifications will take effect at %s. Server time is %s."), array(date('H:i:s', ($t-($t%300)+300)), date('H:i:s', $t)));
   foreach($fields as $k=>$v) unset($$k);
 }
 include("dom_edit.php");
diff --git a/bureau/admin/dom_subedit.php b/bureau/admin/dom_subedit.php
index b6d33997..c3707b13 100644
--- a/bureau/admin/dom_subedit.php
+++ b/bureau/admin/dom_subedit.php
@@ -41,8 +41,7 @@ $dom->lock();
 $r=true;
 if (!isset($noread) || !$noread) {
   if (!$r=$dom->get_sub_domain_all($sub_domain_id)) {
-    $error=$err->errstr();
-    echo "<p class=\"alert alert-danger\">$error</p>";
+    echo $msg->msg_html_all();
     include_once('foot.php');
     die();
   }
@@ -56,21 +55,24 @@ if (!$r) {
 
 $dt=$dom->domains_type_lst();
 if (!$isinvited && $dt[strtolower($r['type'])]["enable"] != "ALL" ) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "dom", _("This page is restricted to authorized staff"));
+  include("dom_edit.php");
   exit();
 }
 
 $domroot=$dom->get_domain_all($r['domain']);
+$dom->unlock();
+
+if ($msg->has_msgs("Error")) {
+  include_once("dom_edit.php");
+  exit();
+} 
 
 echo "<h3>";
 __("Editing subdomain");
 echo " http://"; ecif($r['name'],$r['name']."."); echo $r['domain']."</h3>";
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-  include_once("foot.php");
-  exit();
-} 
-$dom->unlock();
+
+echo $msg->msg_html_all();
 ?>
 
 <hr id="topbar"/>
diff --git a/bureau/admin/dom_substatus.php b/bureau/admin/dom_substatus.php
index 4596be4e..860c9bee 100644
--- a/bureau/admin/dom_substatus.php
+++ b/bureau/admin/dom_substatus.php
@@ -19,14 +19,13 @@ $sub=$domi['name'];
 $dom->unlock();
 
 if (!$r) {
-  $error=$err->errstr();
   $noread=true;
   include("dom_edit.php"); 
   exit();
 } else {
   $t = time();
   // XXX: we assume the cron job is at every 5 minutes
-  $error=strtr(_("The modifications will take effect at %time. Server time is %now."), array('%now' => date('H:i:s', $t), '%time' => date('H:i:s', ($t-($t%300)+300))));
+  $msg->raise('Ok', "dom", _("The modifications will take effect at %s. Server time is %s."), array(date('H:i:s', ($t-($t%300)+300)), date('H:i:s', $t)));
   foreach($fields as $k=>$v) unset($k);
 }
 include("dom_edit.php");
diff --git a/bureau/admin/ftp_del.php b/bureau/admin/ftp_del.php
index 65253a86..2e5fce43 100755
--- a/bureau/admin/ftp_del.php
+++ b/bureau/admin/ftp_del.php
@@ -54,7 +54,6 @@ if(!empty($confirm_del)) {
   foreach($lst_todel as $v) {
     $r=$ftp->delete_ftp($v);
     if ($r) {
-      $success=true;
       $msg->raise("Ok", "ftp", _("The ftp account %s has been successfully deleted"),$r);
     }
   }
diff --git a/bureau/class/m_dom.php b/bureau/class/m_dom.php
index 5de82d43..ecd5a1b8 100644
--- a/bureau/class/m_dom.php
+++ b/bureau/class/m_dom.php
@@ -91,8 +91,8 @@ class m_dom {
     }
 
     function get_panel_url_list() {
-        global $db, $err;
-        $err->log("dom", "get_panel_url_list");
+        global $db, $msg;
+        $msg->log("dom", "get_panel_url_list");
         $db->query("SELECT sd.id as sub_id, if(length(sd.sub)>0,concat_ws('.',sd.sub,sd.domaine),sd.domaine) as fqdn from sub_domaines sd where type = 'PANEL';");
         $t = array();
         while ($db->next_record()) {
@@ -105,8 +105,8 @@ class m_dom {
      * @param string $fqdn
      */
     public static function get_sub_domain_id_and_member_by_name($fqdn) {
-        global $db, $err;
-        $err->log("dom", "get_sub_domain_by_name");
+        global $db, $msg;
+        $msg->log("dom", "get_sub_domain_by_name");
         $db->query("select sd.* from sub_domaines sd where if(length(sd.sub)>0,concat_ws('.',sd.sub,sd.domaine),sd.domaine) = ?;", array($fqdn));
         if (!$db->next_record()) {
             return false;
@@ -151,8 +151,8 @@ class m_dom {
      *  authorisé. Retourne FALSE si une erreur s'est produite.
      */
     function domains_type_lst() {
-        global $db, $err;
-        $err->log("dom", "domains_type_lst");
+        global $db, $msg;
+        $msg->log("dom", "domains_type_lst");
         if (empty($this->cache_domains_type_lst)) {
             $db->query("select * from domaines_type order by advanced;");
             $this->cache_domains_type_lst = array();
@@ -164,8 +164,8 @@ class m_dom {
     }
 
     function domains_type_enable_values() {
-        global $db, $err, $cuid;
-        $err->log("dom", "domains_type_target_values");
+        global $db, $msg, $cuid;
+        $msg->log("dom", "domains_type_target_values");
         $db->query("desc domaines_type;");
         $r = array();
         while ($db->next_record()) {
@@ -183,8 +183,8 @@ class m_dom {
      * @param integer $type
      */
     function domains_type_target_values($type = null) {
-        global $db, $err;
-        $err->log("dom", "domains_type_target_values");
+        global $db, $msg;
+        $msg->log("dom", "domains_type_target_values");
         if (is_null($type)) {
             $db->query("desc domaines_type;");
             $r = array();
@@ -207,10 +207,10 @@ class m_dom {
     }
 
     function import_manual_dns_zone($zone, $domain, $detect_redirect = true, $save = false) {
-        global $err;
+        global $msg;
         if ($save) {
             if (!$this->import_manual_dns_prep_zone($domain)) {
-                $err->raise('dom', _("Err: failed to prepare the zone"));
+                $msg->raise('Error', 'dom', _("Err: failed to prepare the zone"));
                 return false;
             }
         }
@@ -230,8 +230,8 @@ class m_dom {
      * @param string $zone
      */
     function import_manual_dns_entry($zone, $domain, $detect_redirect = true, $save = false) {
-        global $err;
-        $err->log("dom", "import_manual_dns_entry");
+        global $msg;
+        $msg->log("dom", "import_manual_dns_entry");
         $zone = trim($zone);
         if (empty($zone)) {
             return false;
@@ -239,7 +239,7 @@ class m_dom {
 
         $domain = trim($domain);
         if (empty($domain)) {
-            $err->raise("dom", _("Missing domain name"));
+            $msg->raise('Error', "dom", _("Missing domain name"));
             return false;
         }
 
@@ -446,7 +446,7 @@ class m_dom {
     }
 
     private function import_manual_dns_prep_zone($domain) {
-        global $err;
+        global $msg;
         // Prepare a domain to be importer : 
         // * create the domain
         // * delete all automatic subdomain
@@ -455,7 +455,7 @@ class m_dom {
 
         // function add_domain($domain,$dns,$noerase=0,$force=0,$isslave=0,$slavedom="") 
         if (!$this->add_domain($domain, true, false, true)) {
-            $err->raise('dom', "Error adding domain");
+            $msg->raise('Error', 'dom', "Error adding domain");
             return false;
         }
 
@@ -519,7 +519,7 @@ class m_dom {
     }
 
     function domains_type_regenerate($name) {
-        global $db, $err, $cuid;
+        global $db, $msg, $cuid;
         $db->query("update sub_domaines set web_action='UPDATE' where lower(type) = lower(?) ;", array($name));
         $db->query("update domaines d, sub_domaines sd set d.dns_action = 'UPDATE' where lower(sd.type)=lower(?);", array($name));
         return true;
@@ -539,10 +539,10 @@ class m_dom {
     }
 
     function domains_type_update($name, $description, $target, $entry, $compatibility, $enable, $only_dns, $need_dns, $advanced, $create_tmpdir, $create_targetdir) {
-        global $err, $db;
+        global $msg, $db;
         // The name MUST contain only letter and digits, it's an identifier after all ...
         if (!preg_match("#^[a-z0-9]+$#", $name)) {
-            $err->raise("dom", _("The name MUST contain only letter and digits"));
+            $msg->raise('Error', "dom", _("The name MUST contain only letter and digits"));
             return false;
         }
         $only_dns = intval($only_dns);
@@ -555,8 +555,8 @@ class m_dom {
     }
 
     function sub_domain_change_status($sub_id, $status) {
-        global $db, $err;
-        $err->log("dom", "sub_domain_change_status");
+        global $db, $msg;
+        $msg->log("dom", "sub_domain_change_status");
         $sub_id = intval($sub_id);
         $status = strtoupper($status);
         if (!in_array($status, array('ENABLE', 'DISABLE'))) {
@@ -566,7 +566,7 @@ class m_dom {
         $jh = $this->get_sub_domain_all($sub_id);
         if ($status == 'ENABLE') { // check compatibility with existing sub_domains
             if (!$this->can_create_subdomain($jh['domain'], $jh['name'], $jh['type'], $sub_id)) {
-                $err->raise("dom", _("The parameters for this subdomain and domain type are invalid. Please check for subdomain entries incompatibility"));
+                $msg->raise('Error', "dom", _("The parameters for this subdomain and domain type are invalid. Please check for subdomain entries incompatibility"));
                 return false;
             }
         }
@@ -588,8 +588,8 @@ class m_dom {
      *  erreur s'est produite.
      */
     function enum_domains($uid = -1) {
-        global $db, $err, $cuid;
-        $err->log("dom", "enum_domains");
+        global $db, $msg, $cuid;
+        $msg->log("dom", "enum_domains");
         if ($uid == -1) {
             $uid = $cuid;
         }
@@ -604,8 +604,8 @@ class m_dom {
     }
 
     function del_domain_cancel($dom) {
-        global $db, $err, $classes, $cuid;
-        $err->log("dom", "del_domaini_canl", $dom);
+        global $db, $msg, $classes, $cuid;
+        $msg->log("dom", "del_domain_cancel", $dom);
         $dom = strtolower($dom);
         $db->query("UPDATE sub_domaines SET web_action='UPDATE'  WHERE domaine= ?;", array($dom));
         $this->set_dns_action($dom, 'UPDATE');
@@ -627,8 +627,8 @@ class m_dom {
      * @return boolean Retourne FALSE si une erreur s'est produite, TRUE sinon.
      */
     function del_domain($dom) {
-        global $db, $err, $hooks;
-        $err->log("dom", "del_domain", $dom);
+        global $db, $msg, $hooks;
+        $msg->log("dom", "del_domain", $dom);
         $dom = strtolower($dom);
 
         $this->lock();
@@ -678,54 +678,54 @@ class m_dom {
       $ @return boolean Retourne FALSE si une erreur s'est produite, TRUE sinon.
      */
     function add_domain($domain, $dns, $noerase = false, $force = false, $isslave = false, $slavedom = "") {
-        global $db, $err, $quota, $L_FQDN, $tld, $cuid, $hooks;
-        $err->log("dom", "add_domain", $domain);
+        global $db, $msg, $quota, $L_FQDN, $tld, $cuid, $hooks;
+        $msg->log("dom", "add_domain", $domain);
 
         // Locked ?
         if (!$this->islocked) {
-            $err->raise("dom", _("--- Program error --- No lock on the domains!"));
+            $msg->raise('Error', "dom", _("--- Program error --- No lock on the domains!"));
             return false;
         }
         // Verifie que le domaine est rfc-compliant
         $domain = strtolower($domain);
         $t = checkfqdn($domain);
         if ($t) {
-            $err->raise("dom", _("The domain name is syntaxically incorrect"));
+            $msg->raise('Error', "dom", _("The domain name is syntaxically incorrect"));
             return false;
         }
         // Interdit les domaines clés (table forbidden_domains) sauf en cas FORCE
         $db->query("SELECT domain FROM forbidden_domains WHERE domain= ? ;", array($domain));
         if ($db->num_rows() && !$force) {
-            $err->raise("dom", _("The requested domain is forbidden in this server, please contact the administrator"));
+            $msg->raise('Error', "dom", _("The requested domain is forbidden in this server, please contact the administrator"));
             return false;
         }
         if ($domain == $L_FQDN || $domain == "www.$L_FQDN") {
-            $err->raise("dom", _("This domain is the server's domain! You cannot host it on your account!"));
+            $msg->raise('Error', "dom", _("This domain is the server's domain! You cannot host it on your account!"));
             return false;
         }
         $db->query("SELECT compte FROM domaines WHERE domaine= ?;", array($domain));
         if ($db->num_rows()) {
-            $err->raise("dom", _("The domain already exist"));
+            $msg->raise('Error', "dom", _("The domain already exist"));
             return false;
         }
         $db->query("SELECT compte FROM `sub_domaines` WHERE sub != \"\" AND concat( sub, \".\", domaine )= ? OR domaine= ?;", array($domain, $domain));
         if ($db->num_rows()) {
-            $err->raise("dom", _("The domain already exist"));
+            $msg->raise('Error', "dom", _("The domain already exist"));
             return false;
         }
         $this->dns = $this->whois($domain);
         if (!$force) {
             $v = checkhostallow($domain, $this->dns);
             if ($v == -1) {
-                $err->raise("dom", _("The last member of the domain name is incorrect or cannot be hosted in that server"));
+                $msg->raise('Error', "dom", _("The last member of the domain name is incorrect or cannot be hosted in that server"));
                 return false;
             }
             if ($dns && $v == -2) {
-                $err->raise("dom", _("The domain cannot be found in the whois database"));
+                $msg->raise('Alert', "dom", _("The domain cannot be found in the whois database"));
                 return false;
             }
             if ($dns && $v == -3) {
-                $err->raise("dom", _("The domain cannot be found in the whois database"));
+                $msg->raise('Alert', "dom", _("The domain cannot be found in the whois database"));
                 return false;
             }
 
@@ -742,14 +742,14 @@ class m_dom {
             if (!$dns) {
                 $v = checkhostallow_nodns($domain);
                 if ($v) {
-                    $err->raise("dom", _("The requested domain is forbidden in this server, please contact the administrator"));
+                    $msg->raise('Error', "dom", _("The requested domain is forbidden in this server, please contact the administrator"));
                     return false;
                 }
             }
         }
         // Check the quota :
         if (!$quota->cancreate("dom")) {
-            $err->raise("dom", _("Your domain quota is over, you cannot create more domain names"));
+            $msg->raise('Aler', "dom", _("Your domain quota is over, you cannot create more domain names"));
             return false;
         }
         if ($noerase) {
@@ -764,7 +764,7 @@ class m_dom {
         }
         $db->query("INSERT INTO domaines (compte,domaine,gesdns,gesmx,noerase,dns_action) VALUES (?, ?, ?, ?, ?, 'UPDATE');", array($cuid,$domain,$dns,$gesmx,$noerase));
         if (!($id = $db->lastid())) {
-            $err->raise("dom", _("An unexpected error occured when creating the domain"));
+            $msg->raise('Error', "dom", _("An unexpected error occured when creating the domain"));
             return false;
         }
 
@@ -773,7 +773,7 @@ class m_dom {
             $db->query("SELECT domaine FROM domaines WHERE compte= ? AND domaine= ?;", array($cuid, $slavedom));
             $db->next_record();
             if (!$db->Record["domaine"]) {
-                $err->raise("dom", _("Domain '%s' not found"), $slavedom);
+                $msg->raise('Error', "dom", _("Domain '%s' not found"), $slavedom);
                 $isslave = false;
             }
             // Point to the master domain : 
@@ -803,8 +803,8 @@ class m_dom {
      * @param string $domain
      */
     function create_default_subdomains($domain, $target_domain = "") {
-        global $db, $err;
-        $err->log("dom", "create_default_subdomains", $domain);
+        global $db, $msg;
+        $msg->log("dom", "create_default_subdomains", $domain);
         $query = "SELECT sub, domain_type, domain_type_parameter FROM default_subdomains WHERE (concerned = 'SLAVE' or concerned = 'BOTH') and enabled=1;";
         if (empty($target_domain)) {
             $query = "SELECT sub, domain_type, domain_type_parameter FROM default_subdomains WHERE (concerned = 'MAIN' or concerned = 'BOTH') and enabled=1;";
@@ -837,8 +837,8 @@ class m_dom {
     }
 
     function lst_default_subdomains() {
-        global $db, $err;
-        $err->log("dom", "lst_default_subdomains");
+        global $db, $msg;
+        $msg->log("dom", "lst_default_subdomains");
         $c = array();
         $db->query("select * from default_subdomains;");
 
@@ -856,8 +856,8 @@ class m_dom {
     }
 
     function update_default_subdomains($arr) {
-        global $err;
-        $err->log("dom", "update_default_subdomains");
+        global $msg;
+        $msg->log("dom", "update_default_subdomains");
         $ok = true;
         foreach ($arr as $a) {
             if (!isset($a['id'])) {
@@ -877,8 +877,8 @@ class m_dom {
     }
 
     function update_one_default($domain_type, $sub, $domain_type_parameter, $concerned, $enabled, $id = null) {
-        global $db, $err;
-        $err->log("dom", "update_one_default");
+        global $db, $msg;
+        $msg->log("dom", "update_one_default");
 
         if ($id == null) {
             $db->query("INSERT INTO default_subdomains values ('', ?, ?, ?, ?, ?);", array($sub, $domain_type, $domain_type_parameter, $concerned, $enabled));
@@ -890,11 +890,11 @@ class m_dom {
     }
 
     function del_default_type($id) {
-        global $err, $db;
-        $err->log("dom", "del_default_type");
+        global $msg, $db;
+        $msg->log("dom", "del_default_type");
 
         if (!$db->query("delete from default_subdomains where id= ?;", array($id))) {
-            $err->raise("dom", _("Could not delete default type"));
+            $msg->raise('Error', "dom", _("Could not delete default type"));
             return false;
         }
 
@@ -918,8 +918,8 @@ class m_dom {
      *
      */
     function whois($domain) {
-        global $err;
-        $err->log("dom", "whois", $domain);
+        global $msg;
+        $msg->log("dom", "whois", $domain);
         // pour ajouter un nouveau TLD, utiliser le code ci-dessous.
         //  echo "whois : $domain<br />";
         preg_match("#.*\.([^\.]*)#", $domain, $out);
@@ -1065,14 +1065,14 @@ class m_dom {
             } // while
             fclose($fp);
         } else {
-            $err->raise("dom", _("The Whois database is unavailable, please try again later"));
+            $msg->raise('Alert', "dom", _("The Whois database is unavailable, please try again later"));
             return false;
         }
 
         if ($found) {
             return $serveurList;
         } else {
-            $err->raise("dom", _("The domain cannot be found in the Whois database"));
+            $msg->raise('Alert', "dom", _("The domain cannot be found in the Whois database"));
             return false;
         }
     }
@@ -1149,23 +1149,23 @@ class m_dom {
      *
      */
     function get_domain_all($dom) {
-        global $db, $err, $cuid;
-        $err->log("dom", "get_domain_all", $dom);
+        global $db, $msg, $cuid;
+        $msg->log("dom", "get_domain_all", $dom);
         // Locked ?
         if (!$this->islocked) {
-            $err->raise("dom", _("--- Program error --- No lock on the domains!"));
+            $msg->raise('Error', "dom", _("--- Program error --- No lock on the domains!"));
             return false;
         }
         $t = checkfqdn($dom);
         if ($t) {
-            $err->raise("dom", _("The domain name is syntaxically incorrect"));
+            $msg->raise('Error', "dom", _("The domain name is syntaxically incorrect"));
             return false;
         }
         $r = array();
         $r["name"] = $dom;
         $db->query("SELECT * FROM domaines WHERE compte= ? AND domaine= ?;", array($cuid, $dom));
         if ($db->num_rows() == 0) {
-            $err->raise("dom", sprintf(_("Domain '%s' not found"), $dom));
+            $msg->raise('Error', "dom", sprintf(_("Domain '%s' not found"), $dom));
             return false;
         }
         $db->next_record();
@@ -1221,16 +1221,16 @@ class m_dom {
      *  Retourne FALSE si une erreur s'est produite.
      */
     function get_sub_domain_all($sub_domain_id) {
-        global $db, $err, $cuid;
-        $err->log("dom", "get_sub_domain_all", $sub_domain_id);
+        global $db, $msg, $cuid;
+        $msg->log("dom", "get_sub_domain_all", $sub_domain_id);
         // Locked ?
         if (!$this->islocked) {
-            $err->raise("dom", _("--- Program error --- No lock on the domains!"));
+            $msg->raise('Error', "dom", _("--- Program error --- No lock on the domains!"));
             return false;
         }
         $db->query("select sd.*, dt.description as type_desc, dt.only_dns, dt.advanced from sub_domaines sd, domaines_type dt where compte= ? and sd.id= ?  and upper(dt.name)=upper(sd.type) ORDER BY dt.advanced, sd.sub;", array($cuid, $sub_domain_id));
         if ($db->num_rows() == 0) {
-            $err->raise("dom", _("The sub-domain does not exist"));
+            $msg->raise('Error', "dom", _("The sub-domain does not exist"));
             return false;
         }
         $db->next_record();
@@ -1255,7 +1255,7 @@ class m_dom {
      * @param string $value
      */
     function check_type_value($type, $value) {
-        global $err;
+        global $msg;
 
         // check the type we can have in domaines_type.target
         switch ($this->domains_type_target_values($type)) {
@@ -1269,7 +1269,7 @@ class m_dom {
                     if (filter_var($value, FILTER_VALIDATE_URL)) {
                         return true;
                     } else {
-                        $err->raise("dom", _("invalid url"));
+                        $msg->raise('Error', "dom", _("invalid url"));
                         return false;
                     }
                 }
@@ -1279,7 +1279,7 @@ class m_dom {
                     $value = "/" . $value;
                 }
                 if (!checkuserpath($value)) {
-                    $err->raise("dom", _("The folder you entered is incorrect or does not exist"));
+                    $msg->raise('Error', "dom", _("The folder you entered is incorrect or does not exist"));
                     return false;
                 }
                 return true;
@@ -1287,7 +1287,7 @@ class m_dom {
                 if (checkip($value)) {
                     return true;
                 } else {
-                    $err->raise("dom", _("The ip address is invalid"));
+                    $msg->raise('Error', "dom", _("The ip address is invalid"));
                     return false;
                 }
                 break;
@@ -1295,7 +1295,7 @@ class m_dom {
                 if (checkipv6($value)) {
                     return true;
                 } else {
-                    $err->raise("dom", _("The ip address is invalid"));
+                    $msg->raise('Error', "dom", _("The ip address is invalid"));
                     return false;
                 }
                 break;
@@ -1303,7 +1303,7 @@ class m_dom {
                 if (checkcname($value)) {
                     return true;
                 } else {
-                    $err->raise("dom", _("The name you entered is incorrect or not fully qualified (it must end with a DOT, like example.com<b>.</b>)"));
+                    $msg->raise('Error', "dom", _("The name you entered is incorrect or not fully qualified (it must end with a DOT, like example.com<b>.</b>)"));
                     return false;
                 }
                 break;
@@ -1311,12 +1311,12 @@ class m_dom {
                 if ($value == strval($value)) {
                     return true;
                 } else {
-                    $err->raise("dom", _("The TXT value you entered is incorrect"));
+                    $msg->raise('Error', "dom", _("The TXT value you entered is incorrect"));
                     return false;
                 }
                 break;
             default:
-                $err->raise("dom", _("Invalid domain type selected, please check"));
+                $msg->raise('Error', "dom", _("Invalid domain type selected, please check"));
                 return false;
         }
         return false;
@@ -1333,8 +1333,8 @@ class m_dom {
      * @return boolean tell you if the subdomain can be installed there 
      */
     function can_create_subdomain($dom, $sub, $type, $sub_domain_id = 'null') {
-        global $db, $err;
-        $err->log("dom", "can_create_subdomain", $dom . "/" . $sub);
+        global $db, $msg;
+        $msg->log("dom", "can_create_subdomain", $dom . "/" . $sub);
 
         // Get the compatibility list for this domain type
         $db->query("select upper(compatibility) as compatibility from domaines_type where upper(name)=upper(?);", array($type));
@@ -1377,11 +1377,11 @@ class m_dom {
      * @return boolean Retourne FALSE si une erreur s'est produite, TRUE sinon.
      */
     function set_sub_domain($dom, $sub, $type, $dest, $sub_domain_id = null) {
-        global $db, $err, $cuid, $bro;
-        $err->log("dom", "set_sub_domain", $dom . "/" . $sub . "/" . $type . "/" . $dest);
+        global $db, $msg, $cuid, $bro;
+        $msg->log("dom", "set_sub_domain", $dom . "/" . $sub . "/" . $type . "/" . $dest);
         // Locked ?
         if (!$this->islocked) {
-            $err->raise("dom", _("--- Program error --- No lock on the domains!"));
+            $msg->raise('Error', "dom", _("--- Program error --- No lock on the domains!"));
             return false;
         }
         $dest = trim($dest);
@@ -1393,7 +1393,7 @@ class m_dom {
         $fqdn = checkfqdn($sub);
         // Special cases : * (all subdomains at once) and '' empty subdomain are allowed.
         if (($sub != '*' && $sub != '') && !($fqdn == 0 || $fqdn == 4)) {
-            $err->raise("dom", _("There is some forbidden characters in the sub domain (only A-Z 0-9 and - are allowed)"));
+            $msg->raise('Alert', "dom", _("There is some forbidden characters in the sub domain (only A-Z 0-9 and - are allowed)"));
             return false;
         }
 
@@ -1405,16 +1405,16 @@ class m_dom {
 
         // On a épuré $dir des problémes eventuels ... On est en DESSOUS du dossier de l'utilisateur.
         if (($t = checkfqdn($dom))) {
-            $err->raise("dom", _("The domain name is syntaxically incorrect"));
+            $msg->raise('Error', "dom", _("The domain name is syntaxically incorrect"));
             return false;
         }
 
         if (!$this->can_create_subdomain($dom, $sub, $type, $sub_domain_id)) {
-            $err->raise("dom", _("The parameters for this subdomain and domain type are invalid. Please check for subdomain entries incompatibility"));
+            $msg->raise('Error', "dom", _("The parameters for this subdomain and domain type are invalid. Please check for subdomain entries incompatibility"));
             return false;
         }
 
-        if (!is_null($sub_domain_id)) { // It's not a creation, it's an edit. Delete the old one
+        if (!is_null($sub_domain_id) && !empty($sub_domain_id)) { // It's not a creation, it's an edit. Delete the old one
             $this->del_sub_domain($sub_domain_id);
         }
 
@@ -1432,7 +1432,7 @@ class m_dom {
         if ($db->f('create_tmpdir')) {
             if (!is_dir($dest_root . "/tmp")) {
                 if (!@mkdir($dest_root . "/tmp", 0777, true)) {
-                    $err->raise("dom", _("Cannot write to the destination folder"));
+                    $msg->raise('Error', "dom", _("Cannot write to the destination folder"));
                 }
             }
         }
@@ -1443,7 +1443,7 @@ class m_dom {
             if (!is_dir($dirr)) {
                 $old = umask(0);
                 if (!@mkdir($dirr, 0770, true)) {
-                    $err->raise("dom", _("Cannot write to the destination folder"));
+                    $msg->raise('Error', "dom", _("Cannot write to the destination folder"));
                 }
                 umask($old);
             }
@@ -1464,15 +1464,15 @@ class m_dom {
      *
      */
     function del_sub_domain($sub_domain_id) {
-        global $db, $err;
-        $err->log("dom", "del_sub_domain", $sub_domain_id);
+        global $db, $msg;
+        $msg->log("dom", "del_sub_domain", $sub_domain_id);
         // Locked ?
         if (!$this->islocked) {
-            $err->raise("dom", _("--- Program error --- No lock on the domains!"));
+            $msg->raise('Error', "dom", _("--- Program error --- No lock on the domains!"));
             return false;
         }
         if (!$r = $this->get_sub_domain_all($sub_domain_id)) {
-            $err->raise("dom", _("The sub-domain does not exist"));
+            $msg->raise('Error', "dom", _("The sub-domain does not exist"));
             return false;
         } else {
             $db->query("update sub_domaines set web_action='DELETE' where id= ?; ", array($sub_domain_id));
@@ -1485,8 +1485,8 @@ class m_dom {
      * @param integer $dom_id
      */
     function set_ttl($dom_id, $ttl) {
-        global $err;
-        $err->log("dom", "set_ttl", "$dom_id / $ttl");
+        global $msg;
+        $msg->log("dom", "set_ttl", "$dom_id / $ttl");
         $this->lock();
         $domaine = $this->get_domain_byid($dom_id);
         $d = $this->get_domain_all($domaine);
@@ -1511,26 +1511,26 @@ class m_dom {
      *
      */
     function edit_domain($dom, $dns, $gesmx, $force = false, $ttl = 86400) {
-        global $db, $err, $hooks;
-        $err->log("dom", "edit_domain", $dom . "/" . $dns . "/" . $gesmx);
+        global $db, $msg, $hooks;
+        $msg->log("dom", "edit_domain", $dom . "/" . $dns . "/" . $gesmx);
         // Locked ?
         if (!$this->islocked && !$force) {
-            $err->raise("dom", _("--- Program error --- No lock on the domains!"));
+            $msg->raise('Error', "dom", _("--- Program error --- No lock on the domains!"));
             return false;
         }
         if ($dns == true && !$force) {
             $this->dns = $this->whois($dom);
             $v = checkhostallow($dom, $this->dns);
             if ($v == -1) {
-                $err->raise("dom", _("The last member of the domain name is incorrect or cannot be hosted in that server"));
+                $msg->raise('Error', "dom", _("The last member of the domain name is incorrect or cannot be hosted in that server"));
                 return false;
             }
             if ($dns && $v == -2) {
-                $err->raise("dom", _("The domain cannot be found in the Whois database"));
+                $msg->raise('Alert', "dom", _("The domain cannot be found in the Whois database"));
                 return false;
             }
             if ($dns && $v == -3) {
-                $err->raise("dom", _("The DNS of this domain do not match the server's DNS. Please change your domain's DNS before you install it again"));
+                $msg->raise('Alert', "dom", _("The DNS of this domain do not match the server's DNS. Please change your domain's DNS before you install it again"));
                 return false;
             }
         }
@@ -1542,12 +1542,12 @@ class m_dom {
 
         $t = checkfqdn($dom);
         if ($t) {
-            $err->raise("dom", _("The domain name is syntaxically incorrect"));
+            $msg->raise('Error', "dom", _("The domain name is syntaxically incorrect"));
             return false;
         }
         if (!$r = $this->get_domain_all($dom)) {
             // Le domaine n'existe pas, Failure
-            $err->raise("dom", _("The domain name %s does not exist"), $dom);
+            $msg->raise('Error', "dom", _("The domain name %s does not exist"), $dom);
             return false;
         }
         if ($dns != "1") {
@@ -1555,7 +1555,7 @@ class m_dom {
         }
         // On vérifie que des modifications ont bien eu lieu :)
         if ($r["dns"] == $dns && $r["mail"] == $gesmx && $r["zonettl"] == $ttl) {
-            $err->raise("dom", _("No change has been requested..."));
+            $msg->raise('Info', "dom", _("No change has been requested..."));
             return true;
         }
 
@@ -1563,12 +1563,12 @@ class m_dom {
         if ($dns == "0" && $gesmx == "1" && !$force) {
             $vmx = $this->checkmx($dom);
             if ($vmx == 1) {
-                $err->raise("dom", _("There is no MX record pointing to this server, and you are asking us to host the mail here. Make sure to update your MX entries or no mail will be received"));
+                $msg->raise('Alert', "dom", _("There is no MX record pointing to this server, and you are asking us to host the mail here. Make sure to update your MX entries or no mail will be received"));
             }
 
             if ($vmx == 2) {
                 // Serveur non spécifié parmi les champx mx
-                $err->raise("dom", _("There is no MX record pointing to this server, and you are asking us to host the mail here. Make sure to update your MX entries or no mail will be received"));
+                $msg->raise('Alert', "dom", _("There is no MX record pointing to this server, and you are asking us to host the mail here. Make sure to update your MX entries or no mail will be received"));
             }
         }
 
@@ -1596,7 +1596,7 @@ class m_dom {
      * through AXFR Transfers from the bind server.
      */
     function enum_slave_ip() {
-        global $db, $err;
+        global $db, $msg;
         $db->query("SELECT * FROM slaveip;");
         if (!$db->next_record()) {
             return false;
@@ -1613,9 +1613,9 @@ class m_dom {
     /** Add an ip address (or a ip class) to the list of allowed slave ip access list.
      */
     function add_slave_ip($ip, $class = "32") {
-        global $db, $err;
+        global $db, $msg;
         if (!checkip($ip)) {
-            $err->raise("dom", _("The IP address you entered is incorrect"));
+            $msg->raise('Error', "dom", _("The IP address you entered is incorrect"));
             return false;
         }
         $class = intval($class);
@@ -1624,7 +1624,7 @@ class m_dom {
         }
         $db->query("SELECT * FROM slaveip WHERE ip= ? AND class= ?;", array($ip, $class));
         if ($db->next_record()) {
-            $err->raise("err", _("The requested domain is forbidden in this server, please contact the administrator"));
+            $msg->raise('Error', "err", _("The requested domain is forbidden in this server, please contact the administrator"));
             return false;
         }
         $db->query("INSERT INTO slaveip (ip,class) VALUES (?, ?);", array($ip, $class));
@@ -1639,9 +1639,9 @@ class m_dom {
     /** Remove an ip address (or a ip class) from the list of allowed slave ip access list.
      */
     function del_slave_ip($ip) {
-        global $db, $err;
+        global $db, $msg;
         if (!checkip($ip)) {
-            $err->raise("dom", _("The IP address you entered is incorrect"));
+            $msg->raise('Error', "dom", _("The IP address you entered is incorrect"));
             return false;
         }
         $db->query("DELETE FROM slaveip WHERE ip= ?;", array($ip));
@@ -1733,19 +1733,19 @@ class m_dom {
      * @return string the domain name, or false with an error raised.
      */
     function get_domain_byid($dom_id) {
-        global $db, $err, $cuid;
+        global $db, $msg, $cuid;
         $dom_id = intval($dom_id);
         $db->query("SELECT domaine FROM domaines WHERE id= ? AND compte= ?;", array($dom_id, $cuid));
         if ($db->next_record()) {
             $domain = $db->f("domaine");
             if (!$domain) {
-                $err->raise("dom", _("This domain is not installed in your account"));
+                $msg->raise('Error', "dom", _("This domain is not installed in your account"));
                 return false;
             } else {
                 return $domain;
             }
         } else {
-            $err->raise("dom", _("This domain is not installed in your account"));
+            $msg->raise('Error', "dom", _("This domain is not installed in your account"));
             return false;
         }
     }
@@ -1757,19 +1757,19 @@ class m_dom {
      * @return integer the domain id, or false with an error raised.
      */
     function get_domain_byname($domain) {
-        global $db, $err, $cuid;
+        global $db, $msg, $cuid;
         $domain = trim($domain);
         $db->query("SELECT id FROM domaines WHERE domaine= ? AND compte= ?;", array($domain, $cuid));
         if ($db->next_record()) {
             $id = $db->f("id");
             if (!$id) {
-                $err->raise("dom", _("This domain is not installed in your account"));
+                $msg->raise('Error', "dom", _("This domain is not installed in your account"));
                 return false;
             } else {
                 return $id;
             }
         } else {
-            $err->raise("dom", _("This domain is not installed in your account"));
+            $msg->raise('Error', "dom", _("This domain is not installed in your account"));
             return false;
         }
     }
@@ -1810,10 +1810,10 @@ class m_dom {
     /** Add a slave account that will be allowed to access the domain list
      */
     function add_slave_account($login, $pass) {
-        global $db, $err;
+        global $db, $msg;
         $db->query("SELECT * FROM slaveaccount WHERE login= ?", array($login));
         if ($db->next_record()) {
-            $err->raise("dom", _("The specified slave account already exists"));
+            $msg->raise('Error', "dom", _("The specified slave account already exists"));
             return false;
         }
         $db->query("INSERT INTO slaveaccount (login,pass) VALUES (?, ?)", array($login, $pass));
@@ -1825,7 +1825,7 @@ class m_dom {
     /** Remove a slave account
      */
     function del_slave_account($login) {
-        global $db, $err;
+        global $db, $msg;
         $db->query("DELETE FROM slaveaccount WHERE login= ?", array($login));
         return true;
     }
@@ -1841,10 +1841,10 @@ class m_dom {
      * @access private
      */
     function lock() {
-        global $err;
-        $err->log("dom", "lock");
+        global $msg;
+        $msg->log("dom", "lock");
         if ($this->islocked) {
-            $err->raise("dom", _("--- Program error --- Lock already obtained!"));
+            $msg->raise('Error', "dom", _("--- Program error --- Lock already obtained!"));
         }
         while (file_exists($this->fic_lock_cron)) {
             sleep(2);
@@ -1860,10 +1860,10 @@ class m_dom {
      * @access private
      */
     function unlock() {
-        global $err;
-        $err->log("dom", "unlock");
+        global $msg;
+        $msg->log("dom", "unlock");
         if (!$this->islocked) {
-            $err->raise("dom", _("--- Program error --- No lock on the domains!"));
+            $msg->raise('Error', "dom", _("--- Program error --- No lock on the domains!"));
         }
         $this->islocked = false;
         return true;
@@ -1875,9 +1875,9 @@ class m_dom {
      * This adds 2 MX entries in this domain (if required)
      */
     function hook_dom_add_mx_domain($dom_id) {
-        global $err;
+        global $msg;
         $domain = $this->get_domain_byid($dom_id);
-        $err->log("dom", "hook_dom_add_mx_domain");
+        $msg->log("dom", "hook_dom_add_mx_domain");
         $this->set_sub_domain($domain, '', $this->type_defmx, '');
         if (!empty($GLOBALS['L_DEFAULT_SECONDARY_MX'])) {
             $this->set_sub_domain($domain, '', $this->type_defmx2, '');
@@ -1890,9 +1890,9 @@ class m_dom {
     /**
      * Delete an account (all his domains)
      */
-    function hook_admin_del_member() {
-        global $err;
-        $err->log("dom", "alternc_del_member");
+    function admin_del_member() {
+        global $msg;
+        $msg->log("dom", "alternc_del_member");
         $li = $this->enum_domains();
         foreach ($li as $dom) {
             $this->del_domain($dom);
@@ -1908,8 +1908,8 @@ class m_dom {
      * @access private
      */
     function hook_quota_get() {
-        global $db, $err, $cuid;
-        $err->log("dom", "get_quota");
+        global $db, $msg, $cuid;
+        $msg->log("dom", "get_quota");
         $q = Array("name" => "dom", "description" => _("Domain name"), "used" => 0);
         $db->query("SELECT COUNT(*) AS cnt FROM domaines WHERE compte= ?", array($cuid));
         if ($db->next_record()) {
@@ -1924,8 +1924,8 @@ class m_dom {
      * No parameters needed 
      * */
     function alternc_export_conf() {
-        global $err;
-        $err->log("dom", "export");
+        global $msg;
+        $msg->log("dom", "export");
         $this->enum_domains();
         $str = "";
         foreach ($this->domains as $d) {
@@ -1974,8 +1974,8 @@ class m_dom {
      * Optionnal parameters: id of the sub_domaines
      * */
     function generation_parameters($id = null, $only_apache = true) {
-        global $db, $err;
-        $err->log("dom", "generation_parameters");
+        global $db, $msg;
+        $msg->log("dom", "generation_parameters");
         $params = "";
         /** 2016_05_18 : this comments was here before escaping the request... is there still something to do here ?
          *   // BUG BUG BUG FIXME
@@ -2126,8 +2126,8 @@ class m_dom {
 
     // Return an array with the list of id of sub_domains waiting for an action
     function generation_todo() {
-        global $db, $err;
-        $err->log("dom", "generation_todo");
+        global $db, $msg;
+        $msg->log("dom", "generation_todo");
         $db->query("select id as sub_id, web_action, type from sub_domaines where web_action !='ok';");
         $r = array();
         while ($db->next_record()) {

From b4588c870a5dc22f3b9cc2d38f289155fd2f3491 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Wed, 16 Aug 2017 02:44:54 +0200
Subject: [PATCH 09/23] =?UTF-8?q?classe=20browser=20(m=5Fbro)=20&=20fichie?=
 =?UTF-8?q?rs=20section=20admin=20associ=C3=A9s?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/bro_editor.php |  21 +++--
 bureau/admin/bro_main.php   |  69 +++++++++------
 bureau/admin/bro_pref.php   |   2 +-
 bureau/class/m_bro.php      | 162 ++++++++++++++++++------------------
 4 files changed, 137 insertions(+), 117 deletions(-)

diff --git a/bureau/admin/bro_editor.php b/bureau/admin/bro_editor.php
index a975f355..9a7a4155 100755
--- a/bureau/admin/bro_editor.php
+++ b/bureau/admin/bro_editor.php
@@ -59,26 +59,23 @@ if (isset($saveret) && $saveret) {
 
     // Thanks to this, we bring you back to the EDIT form if the CSRF is invalid.
     // Allows you to re-submit
-    $error="";
+    // FIXME - doesn't work
+/*    $csrf_check=false;
     if (count($_POST) && !defined("NOCSRF")) {
         if (csrf_check()<=0) {
-            $error=$err->errstr();
+            $csrf_check = true;
         }
-    }
+    }*/
     
-    if ($error!="" && $bro->save($editfile,$R,$texte)) {
-        $error=sprintf(_("Your file %s has been saved"),$editfile)." (".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s")).")";
+    if ($bro->save($editfile,$R,$texte)) {
+        $msg->raise("Ok", "bro", _("Your file %s has been saved")." (".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s")).")", $editfile);
         include("bro_main.php");
         exit();
-    } else {
-        $error=$err->errstr();
     }
 }
 if (isset($save) && $save) {
   if ($bro->save($editfile,$R,$texte)) {
-    $error=sprintf(_("Your file %s has been saved"),$editfile)." (".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s")).")";
-  } else {
-    $error=$err->errstr();
+    $msg->raise("Ok", "bro", _("Your file %s has been saved")." (".format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'),date("Y-m-d H:i:s")).")", $editfile);
   }
 }
 
@@ -86,7 +83,9 @@ include_once("head.php");
 
 ?>
 <p>
-<?php if (isset($error) && $error) echo "<p class=\"alert alert-danger\">$error</p>"; ?>
+<?php
+echo $msg->msg_html_all();
+?>
 <h3><?php echo _("File editing")." <code>".ehe($R,false)."/<b>".ehe($editfile,false)."</b></code><br />"; ?></h3>
 </p>
 
diff --git a/bureau/admin/bro_main.php b/bureau/admin/bro_main.php
index f619e655..86924b35 100755
--- a/bureau/admin/bro_main.php
+++ b/bureau/admin/bro_main.php
@@ -67,16 +67,17 @@ if (!$R && $p["golastdir"]) {
 $R=$bro->convertabsolute($R,1);
 // on fait ?
 if (!empty($formu) && $formu) {
+  $absolute = $bro->convertabsolute($R, false);
   switch ($formu) {
     case 1:  // Create the folder $R.$nomfich
-      if (!$bro->CreateDir($R,$nomfich)) {
-        $error = $err->errstr();
+      if ($bro->CreateDir($R,$nomfich)) {
+        $msg->raise("Ok", "bro", _("The folder '%s' was successfully created"), $nomfich); // à traduire
       }
       $p=$bro->GetPrefs();
       break;
     case 6: // Create the file $R.$nomfich
-      if (!$bro->CreateFile($R,$nomfich)) {
-        $error = $err->errstr();
+      if ($bro->CreateFile($R,$nomfich)) {
+        $msg->raise("Ok", "bro", _("The file '%s' was successfully created"), $nomfich); // à traduire
       }
       $p=$bro->GetPrefs();
       if ($p["createfile"]==1) {
@@ -88,8 +89,13 @@ if (!empty($formu) && $formu) {
     case 2:  // act vaut Supprimer Copier ou Renommer.
       if ($actdel) {
         if (!empty($del_confirm) ) { 
-          if (!$bro->DeleteFile($d,$R)) {
-            $error = $err->errstr();
+          if ($bro->DeleteFile($d,$R)) {
+	    foreach ($d as $v) {
+	      if (is_dir($absolute . "/" . $v))
+                $msg->raise("Ok", "bro", _("The folder '%s' was successfully deleted"), $v); // à traduire
+	      else
+                $msg->raise("Ok", "bro", _("The file '%s' was successfully deleted"), $v); // à traduire
+	    }
           }
         } elseif (empty($cancel) && is_array($d)) {
           include_once("head.php");
@@ -104,7 +110,7 @@ if (!empty($formu) && $formu) {
             <h2><?php echo $mem->user["login"].$R."/"; ?></h2>
             <ul>
             <?php foreach($d as $editfile){ ?>
-          <li> <?php ehe($editfile); ?></li>
+          <li><b> <?php ehe($editfile); ?></b></li>
               <input type="hidden" name="d[]" value="<?php ehe($editfile); ?>" />
             <?php } ?>
             </ul>
@@ -119,29 +125,47 @@ if (!empty($formu) && $formu) {
         }
       }
       if ($actcopy) {
-        if (!$bro->CopyFile($d,$R,$actmoveto)) {
-          $error = $err->errstr();
+        if ($bro->CopyFile($d,$R,$actmoveto)) {
+	  if (count($d) == 1) {
+	    if (is_dir($absolute . "/" . $d[0]))
+	      $msg->raise("Ok", "bro", _("The folder '%s' was successfully copied to '%s'"), array($d[0], $actmoveto)); // à traduire
+	    else
+	      $msg->raise("Ok", "bro", _("The file '%s' was successfully copied to '%s'"), array($d[0], $actmoveto)); // à traduire
+	  } else
+            $msg->raise("Ok", "bro", _("The files / folders were successfully copied")); // à traduire
         }
       }
       if ($actmove) {
-        if (!$bro->MoveFile($d,$R,$actmoveto)) {
-          $error = $err->errstr();
+        if ($bro->MoveFile($d,$R,$actmoveto)) {
+	  if (count($d) == 1) {
+	    if (is_dir($absolute . "/" . $d[0]))
+	      $msg->raise("Ok", "bro", _("The folder '%s' was successfully moved to '%s'"), array($d[0], $actmoveto)); // à traduire
+	    else
+	      $msg->raise("Ok", "bro", _("The file '%s' was successfully moved to '%s'"), array($d[0], $actmoveto)); // à traduire
+	  } else
+            $msg->raise("Ok", "bro", _("The files / folders were successfully moved")); // à traduire
         }
       }
       break;
     case 4:  // Renommage Effectif...
-      if (!$bro->RenameFile($R,$o,$d)) { // Rename $R (directory) $o (old) $d (new) names
-        $error = $err->errstr();
+      if ($bro->RenameFile($R,$o,$d)) { // Rename $R (directory) $o (old) $d (new) names
+	if (count($d) == 1) {
+	  if (is_dir($absolute . "/" . $d[0]))
+	    $msg->raise("Ok", "bro", _("The folder '%s' was successfully renamed to '%s'"), array($o[0], $d[0])); // à traduire
+	  else
+	    $msg->raise("Ok", "bro", _("The file '%s' was successfully renamed to '%s'"), array($o[0], $d[0])); // à traduire
+	} else
+          $msg->raise("Ok", "bro", _("The files / folders were successfully renamed")); // à traduire
       } 
       break;
     case 3:  // Upload de fichier...
-      if (!$bro->UploadFile($R)) {
-        $error = $err->errstr();
+      if ($bro->UploadFile($R)) {
+        $msg->raise("Ok", "bro", _("The file '%s' was successfully uploaded"), $_FILES['userfile']['name']); // à traduire
       }
       break;
     case 7:  // Changement de permissions [ML]
-      if (!$bro->ChangePermissions($R, $d, $perm)) {
-        $error = $err->errstr();
+      if ($bro->ChangePermissions($R, $d)) {
+	$msg->raise("Ok", "bro", _("The permissions were successfully set")); // à traduire
       }
       break;
   }
@@ -149,12 +173,7 @@ if (!empty($formu) && $formu) {
 
 if (isset($actextract) && $actextract) {
   if ($bro->ExtractFile($R. '/' . $fileextract, $R)) {
-    echo "<p class=\"alert alert-danger\">";
-    print $err->errstr();
-    print _("failed")."<br />\n";
-    echo "</p>";
-  } else {
-    print _("done")."<br />\n";
+    $msg->raise("Ok", "bro", _("The extraction of the file '%s' was successfull"), $fileextract); // à traduire
   }
 }
 
@@ -173,12 +192,12 @@ if (isset($actextract) && $actextract) {
 /* Creation de la liste des fichiers courants */
 $c=$bro->filelist($R, $showdirsize );
 if ($c===false) {
-  echo "<p class=\"alert alert-danger\">".$err->errstr()."</p>";
+  echo $msg->msg_html_all();
   require_once('foot.php');
   exit;
 }
 
-if (isset($error) && $error) echo "<p class=\"alert alert-danger\">$error</p>"; 
+echo $msg->msg_html_all();
 ?>
 
 <table><tr>
diff --git a/bureau/admin/bro_pref.php b/bureau/admin/bro_pref.php
index d50e9b7a..6dd28c25 100755
--- a/bureau/admin/bro_pref.php
+++ b/bureau/admin/bro_pref.php
@@ -46,7 +46,7 @@ getFields($fields);
 
 if (!empty($submit)) {
 	$bro->SetPrefs($editsizex, $editsizey, $listmode, $showicons, $downfmt, $createfile, $showtype, $editor_font, $editor_size, $golastdir);
-	$error=_("Your preferences have been updated.");
+	$msg->raise("Ok", "bro", _("Your preferences have been updated."));
 	include("bro_main.php");
 	exit;
 }
diff --git a/bureau/class/m_bro.php b/bureau/class/m_bro.php
index ec589ebf..489e3107 100644
--- a/bureau/class/m_bro.php
+++ b/bureau/class/m_bro.php
@@ -189,21 +189,21 @@ class m_bro {
      * 
      * @global m_mysql $db
      * @global int $cuid
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $dir Dossier relatif au dossier racine du compte du membre courant
      * @param boolean $showdirsize
      * @return array Le tableau contenant les fichiers de $dir, et
      */
     function filelist($dir = "", $showdirsize = false) {
-        global $db, $cuid, $err;
+        global $db, $cuid, $msg;
         $db->query("UPDATE browser SET lastdir= ? WHERE uid= ?;", array($dir, $cuid));
         $absolute = $this->convertabsolute($dir, false);
         if (!$absolute || !file_exists($absolute)) {
-            $err->raise('bro', _("This directory does not exist."));
+            $msg->raise('Error', 'bro', _("This directory does not exist."));
             return false;
         }
         if (!is_readable($absolute)) {
-            $err->raise('bro', _("This directory is not readable."));
+            $msg->raise('Error', 'bro', _("This directory is not readable."));
             return false;
         }
         clearstatcache(true);
@@ -387,25 +387,25 @@ class m_bro {
      * 
      * @global m_mysql $db
      * @global int $cuid
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $dir Dossier dans lequel on veut crer un sous-dossier
      * @param string $file Nom du dossier à créer
      * @return boolean TRUE si le dossier a été créé, FALSE si une erreur s'est produite.
      */
     function CreateDir($dir, $file) {
-        global $db, $cuid, $err;
+        global $db, $cuid, $msg;
         $file = ssla($file);
         $absolute = $this->convertabsolute($dir . "/" . $file, false);
         #echo "$absolute";
         if ($absolute && (!file_exists($absolute))) {
             if (!mkdir($absolute, 00777, true)) {
-                $err->raise("bro", _("Cannot create the requested directory. Please check the permissions"));
+                $msg->raise('Error', "bro", _("Cannot create the requested directory. Please check the permissions"));
                 return false;
             }
             $db->query("UPDATE browser SET crff=1 WHERE uid= ?;", array($cuid));
             return true;
         } else {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
     }
@@ -414,23 +414,23 @@ class m_bro {
      * Crée un fichier vide dans un dossier
      * 
      * @global m_mysql $db
-     * @global m_err $err
+     * @global m_messages $msg
      * @global int $cuid
      * @param string $dir Dossier dans lequel on veut crer un sous-dossier
      * @param string $file Nom du dossier à créer
      * @return boolean TRUE si le dossier a été créé, FALSE si une erreur s'est produite.
      */
     function CreateFile($dir, $file) {
-        global $db, $err, $cuid;
+        global $db, $msg, $cuid;
         $file = ssla($file);
         $absolute = $this->convertabsolute($dir . "/" . $file, false);
         if (!$absolute || file_exists($absolute)) {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
         if (!file_exists($absolute)) {
             if (!@touch($absolute)) {
-                $err->raise("bro", _("Cannot create the requested file. Please check the permissions"));
+                $msg->raise('Error', "bro", _("Cannot create the requested file. Please check the permissions"));
                 return false;
             }
         }
@@ -441,18 +441,18 @@ class m_bro {
     /**
      * Efface les fichiers du tableau $file_list dans le dossier $R
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @global m_mem $mem
      * @param array $file_list Liste des fichiers effacer.
      * @param string $R Dossier dans lequel on efface les fichiers
      * @return boolean TRUE si les fichiers ont t effacs, FALSE si une erreur s'est produite.
      */
     function DeleteFile($file_list, $R) {
-        global $err;
+        global $msg;
         $root = realpath(getuserpath());
         $absolute = $this->convertabsolute($R, false);
         if (!$absolute && strpos($root, $absolute) === 0 && strlen($absolute) > (strlen($root) + 1)) {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
         for ($i = 0; $i < count($file_list); $i++) {
@@ -467,17 +467,17 @@ class m_bro {
     /**
      * Renomme les fichier de $old du dossier $R en $new
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $R Dossier dans lequel se trouve les fichiers renommer.
      * @param array $old Ancien nom des fichiers
      * @param array $new Nouveau nom des fichiers
      * @return boolean TRUE si les fichiers ont t renomms, FALSE si une erreur s'est produite.
      */
     function RenameFile($R, $old, $new) {
-        global $err;
+        global $msg;
         $absolute = $this->convertabsolute($R, false);
         if (!$absolute) {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
         $alea = "." . time() . mt_rand(1000, 9999);
@@ -500,17 +500,17 @@ class m_bro {
     /**
      * Déplace les fichier de $d du dossier $old vers $new
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @param array $d Liste des fichiers du dossier $old dplacer
      * @param string $old Dossier dans lequel se trouve les fichiers dplacer.
      * @param string $new Dossier vers lequel seront dplacs les fichiers.
      * @return boolean TRUE si les fichiers ont t renomms, FALSE si une erreur s'est produite.
      */
     function MoveFile($d, $old, $new) {
-        global $err;
+        global $msg;
         $old = $this->convertabsolute($old, false);
         if (!$old) {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
 
@@ -520,18 +520,18 @@ class m_bro {
         $new = $this->convertabsolute($new, false);
 
         if (!$new) {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
         if ($old == $new) {
-            $err->raise("bro", _("You cannot move or copy a file to the same folder"));
+            $msg->raise('Error', "bro", _("You cannot move or copy a file to the same folder"));
             return false;
         }
         for ($i = 0; $i < count($d); $i++) {
             $d[$i] = ssla($d[$i]); // strip slashes if needed
             if (!strpos($d[$i], "/") && file_exists($old . "/" . $d[$i]) && !file_exists($new . "/" . $d[$i])) {
                 if (!rename($old . "/" . $d[$i], $new . "/" . $d[$i])) {
-                    $err->raise("bro", "error renaming $old/$d[$i] -> $new/$d[$i]");
+                    $msg->raise('Error', "bro", "error renaming $old/$d[$i] -> $new/$d[$i]");
                 }
             }
         }
@@ -547,11 +547,11 @@ class m_bro {
      * @param boolean $verbose Shall we 'echo' what we did ?
      * @return boolean TRUE Si les fichiers ont t renomms, FALSE si une erreur s'est produite.
      */
-    function ChangePermissions($R, $d, $perm, $verbose = false) {
-        global $err, $action;
+    function ChangePermissions($R, $d, $perm) {
+        global $msg, $action;
         $absolute = $this->convertabsolute($R, false);
         if (!$absolute) {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
         for ($i = 0; $i < count($d); $i++) {
@@ -567,9 +567,7 @@ class m_bro {
                     $m = $m & (~ 0222); // ugo-w
                 }
                 $action->chmod($absolute . "/" . $d[$i], $m);
-                if ($verbose) {
-                    echo "chmod " . sprintf('%o', $m) . " file, was " . sprintf('%o', fileperms($absolute . "/" . $d[$i])) . " -- " . $perm[$i]['w'];
-                }
+                echo "chmod " . sprintf('%o', $m) . " file, was " . sprintf('%o', fileperms($absolute . "/" . $d[$i])) . " -- " . $perm[$i]['w'];
             }
         }
         // We'd like to *wait* for this to complete, but since this is essentially asynchronous, we can't be sure easily
@@ -585,17 +583,17 @@ class m_bro {
      * 
      * 
      * @global array $_FILES
-     * @global m_err $err
+     * @global m_messages $msg
      * @global int $cuid
      * @global m_action $action
      * @param string $R Dossier dans lequel on upload le fichier
      * @returns string The path where the file resides or false if upload failed
      */
     function UploadFile($R) {
-        global $_FILES, $err, $cuid, $action;
+        global $_FILES, $msg, $cuid, $action;
         $absolute = $this->convertabsolute($R, false);
         if (!$absolute) {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
         if (!strpos($_FILES['userfile']['name'], "/")) {
@@ -607,12 +605,12 @@ class m_bro {
                     $action->fix_file($absolute . "/" . $_FILES['userfile']['name']);
                     return $absolute . "/" . $_FILES['userfile']['name'];
                 } else {
-                    $err->raise("bro", _("Cannot create the requested file. Please check the permissions"));
+                    $msg->raise('Error', "bro", _("Cannot create the requested file. Please check the permissions"));
                     return false;
                 }
             } else {
                 // there was an error, raise it
-                $err->log("bro", "uploadfile", "Problem when uploading a file");
+                $msg->log("bro", "uploadfile", "Problem when uploading a file");
                 switch ($_FILES['userfile']['error']) {
                     case UPLOAD_ERR_INI_SIZE:
                         $erstr = _("The uploaded file exceeds the max file size allowed");
@@ -627,7 +625,7 @@ class m_bro {
                         $erstr = _("Undefined error ") . $_FILES['userfile']['error'];
                         break;
                 }
-                $err->raise("bro", _("Error during the upload of the file: ") . $erstr);
+                $msg->raise('Error', "bro", _("Error during the upload of the file: ") . $erstr);
                 return false;
             }
         }
@@ -637,7 +635,7 @@ class m_bro {
     /**
      * Extract an archive by using GNU and non-GNU tools
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @global int $cuid
      * @global m_mem $mem
      * @global m_action $action
@@ -647,7 +645,7 @@ class m_bro {
      * @return integer|null != 0 on error
      */
     function ExtractFile($file, $dest = null) {
-        global $err, $action;
+        global $msg, $action;
         $file = $this->convertabsolute($file, false);
         if (is_null($dest)) {
             $dest = dirname($file);
@@ -655,7 +653,7 @@ class m_bro {
             $dest = $this->convertabsolute($dest, false);
         }
         if (!$file || !$dest || !is_readable($file)) {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return 1;
         }
         $lfile = strtolower($file);
@@ -682,37 +680,40 @@ class m_bro {
             passthru($cmd, $ret);
         }
         echo "</pre>";
-        if ($ret) {
-            $err->raise("bro", _("I cannot find a way to extract the file %s, it is an unsupported compressed format"), $file);
-        }
+
         // fix the perms of the extracted archive TODO: does it work??? | note: it was using a wrong variable name !
         $action->fix_dir($dest);
-        return $ret;
+
+        if ($ret) {
+            $msg->raise('Error', "bro", _("I cannot find a way to extract the file %s, it is an unsupported compressed format"), $file);
+	    return false;
+        }
+        return true;
     }
 
     /**
      * Copy many files from point A to point B
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @param array $d List of files to move
      * @param string $old 
      * @param string $new 
      * @return boolean
      */
     function CopyFile($d, $old, $new) {
-        global $err;
+        global $msg;
         $old = $this->convertabsolute($old, false);
         if (!$old) {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
         $new = $this->convertabsolute($new, false);
         if (!$new) {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
         if ($old == $new) {
-            $err->raise("bro", _("You cannot move or copy a file to the same folder"));
+            $msg->raise('Error', "bro", _("You cannot move or copy a file to the same folder"));
             return false;
         }
         for ($i = 0; $i < count($d); $i++) {
@@ -731,16 +732,16 @@ class m_bro {
      *
      * Note that we assume that the inputs have been convertabsolute()'d
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $src Path or URL
      * @param string $dest Absolute path inside the users directory
      * @return boolean false on error
      */
     function CopyOneFile($src, $dest) {
-        global $err;
+        global $msg;
         exec("cp -Rpf " . escapeshellarg($src) . " " . escapeshellarg($dest), $void, $ret);
         if ($ret) {
-            $err->raise("bro", "Errors happened while copying the source to destination. cp return value: %d", $ret);
+            $msg->raise('Error', "bro", "Errors happened while copying the source to destination. cp return value: %d", $ret);
             return false;
         }
         return true;
@@ -783,14 +784,14 @@ class m_bro {
      * Affiche le contenu du fichier $file dans le dossier $R. Le contenu
      * du fichier est reformat pour pouvoir entrer dans un champs TextArea
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $R Dossier dans lequel on cherche le fichier
      * @param string $file Fichier dont on souhaite obtenir le contenu.
      * @return string|false TRUE si le fichier a bien été mis sur
      * echo, ou FALSE si une erreur est survenue.
      */
     function content($R, $file) {
-        global $err;
+        global $msg;
         $absolute = $this->convertabsolute($R, false);
         if (!strpos($file, "/")) {
             $absolute.="/" . $file;
@@ -798,11 +799,11 @@ class m_bro {
                 $std = str_replace("<", "&lt;", str_replace("&", "&amp;", file_get_contents($absolute)));
                 return $std;
             } else {
-                $err->raise("bro", _("Cannot read the requested file. Please check the permissions"));
+                $msg->raise('Error', "bro", _("Cannot read the requested file. Please check the permissions"));
                 return false;
             }
         } else {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
     }
@@ -869,17 +870,17 @@ class m_bro {
     /**
      * 
      * @global m_mem $mem
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $dir
      * @param string $name
      * @return null|boolean
      */
     function can_edit($dir, $name) {
-        global $err;
+        global $msg;
         $absolute = "$dir/$name";
         $absolute = $this->convertabsolute($absolute, false);
         if (!$absolute) {
-            $err->raise('bro', _("File not in authorized directory"));
+            $msg->raise('Error', 'bro', _("File not in authorized directory"));
             include('foot.php');
             exit;
         }
@@ -943,13 +944,13 @@ class m_bro {
 
     /**
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $dir
      * @param string $file
      */
     function download_link($dir, $file) {
-        global $err;
-        $err->log("bro", "download_link");
+        global $msg;
+        $msg->log("bro", "download_link");
         header("Content-Disposition: attachment; filename=$file");
         header("Content-Type: application/force-download");
         header("Content-Transfer-Encoding: binary");
@@ -959,13 +960,13 @@ class m_bro {
     /**
      * Echoes the content of the file $file located in directory $R
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $R
      * @param string $file
      * @return null|false
      */
     function content_send($R, $file) {
-        global $err;
+        global $msg;
         $absolute = $this->convertabsolute($R, false);
         if (!strpos($file, "/")) {
             $absolute.="/" . $file;
@@ -973,7 +974,7 @@ class m_bro {
                 readfile($absolute);
             }
         } else {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
     }
@@ -983,7 +984,7 @@ class m_bro {
      * le contenu est issu d'un textarea, et ne DOIT PAS contenir de \ ajouts
      * automatiquement par addslashes
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $file Nom du fichier sauver. S'il existe déjà, il sera
      * écrasé sans confirmation.
      * @param string $R Dossier dans lequel on modifie le fichier
@@ -991,20 +992,21 @@ class m_bro {
      * @return false|null TRUE si tout s'est bien pass, FALSE si une erreur s'est produite.
      */
     function save($file, $R, $texte) {
-        global $err;
+        global $msg;
         $absolute = $this->convertabsolute($R, false);
         if (!strpos($file, "/")) {
             $absolute.="/" . $file;
             if (file_exists($absolute)) {
                 if (!file_put_contents($absolute, $texte)) {
-                    $err->raise("bro", _("Cannot edit the requested file. Please check the permissions"));
+                    $msg->raise('Error', "bro", _("Cannot edit the requested file. Please check the permissions"));
                     return false;
                 }
             }
         } else {
-            $err->raise("bro", _("File or folder name is incorrect"));
+            $msg->raise('Error', "bro", _("File or folder name is incorrect"));
             return false;
         }
+	return true;
     }
 
     /**
@@ -1101,13 +1103,13 @@ class m_bro {
      * @access private
      */
     function _delete($file,$depth=0) {
-        global $err;
+        global $msg;
         // permet d'effacer de nombreux fichiers
         @set_time_limit(0);
         //chmod($file,0777);
-        $err->log("bro", "_delete($file)");
+        $msg->log("bro", "_delete($file)");
         if ($depth>20) {
-            $err->log("bro", "CANCELING _delete($file) TOO DEEP");
+            $msg->log("bro", "CANCELING _delete($file) TOO DEEP");
         }
         if (is_dir($file)) {
             $handle = opendir($file);
@@ -1132,12 +1134,12 @@ class m_bro {
      * Produit en sorti un tableau formatté ( pour le moment) en HTML
      * 
      * @global m_mysql $db
-     * @global m_err $err
+     * @global m_messages $msg
      * @return string
      */
     function alternc_export_conf() {
-        global $err;
-        $err->log("bro", "export_conf");
+        global $msg;
+        $msg->log("bro", "export_conf");
         $str = "<table border=\"1\"><caption> Browser </caption>\n";
         $str.=" <browser>\n";
         $pref = $this->GetPrefs();
@@ -1158,24 +1160,24 @@ class m_bro {
      * Function d'exportation des données appelé par la classe m_export via un hooks
      * 
      * @global m_mem $mem
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $dir Le chemin destination du tarball produit
      * @return boolean|null
      */
     function alternc_export_data($dir) {
-        global $mem, $err;
-        $err->log("bro", "export_data");
+        global $mem, $msg;
+        $msg->log("bro", "export_data");
         $dir.="html/";
         if (!is_dir($dir)) {
             if (!mkdir($dir))
-                $err->raise("bro", _("Cannot create the requested directory. Please check the permissions"));
+                $msg->raise('Error', "bro", _("Cannot create the requested directory. Please check the permissions"));
         }
         $timestamp = date("H:i:s");
 
         if (exec("/bin/tar cvf - " . escapeshellarg(getuserpath() . "/") . "| gzip -9c > " . escapeshellarg($dir . "/" . $mem->user['login'] . "_html_" . $timestamp . ".tar.gz"))) {
-            $err->log("bro", "export_data_succes");
+            $msg->log("bro", "export_data_succes");
         } else {
-            $err->log("bro", "export_data_failed");
+            $msg->log("bro", "export_data_failed");
         }
     }
 

From 6f30c8bac4b9336b226110a32df845a58c41f647 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Wed, 16 Aug 2017 18:29:25 +0200
Subject: [PATCH 10/23] =?UTF-8?q?classe=20piwik=20&=20fichiers=20section?=
 =?UTF-8?q?=20admin=20associ=C3=A9s?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/piwik_addaccount.php |  40 ++------
 bureau/admin/piwik_addsites.php   |   8 +-
 bureau/admin/piwik_site_dodel.php |  11 +--
 bureau/admin/piwik_sitelist.php   | 129 ++++++++++++++++--------
 bureau/admin/piwik_user_dodel.php |  12 +--
 bureau/admin/piwik_useradmin.php  |  19 ++--
 bureau/admin/piwik_userlist.php   |  90 +++++++++++------
 bureau/class/m_piwik.php          | 157 +++++++++++++++++++++++++-----
 8 files changed, 311 insertions(+), 155 deletions(-)

diff --git a/bureau/admin/piwik_addaccount.php b/bureau/admin/piwik_addaccount.php
index b1bd2fde..e8d37fdc 100644
--- a/bureau/admin/piwik_addaccount.php
+++ b/bureau/admin/piwik_addaccount.php
@@ -28,44 +28,22 @@
  ----------------------------------------------------------------------
 */
 require_once("../class/config.php");
-include_once("head.php");
 
-if (!$quota->cancreate("piwik")) {
-	$error=_("You cannot add any new Piwik account, your quota is over.");
-	$fatal=1;
+$userslist = $piwik->users_list();
+$quotapiwik = $quota->getquota('piwik');
+
+if (!($quotapiwik['t'] > 0 && count($userslist) < 3)) {
+	$msg->raise('Error', "piwik", _("You cannot add any new Piwik account, your quota is over.")." ("._("Max. 3 accounts").")");
 }
 
 $fields = array (
 	"account_name" 		=> array ("post", "string", ""),
+	"account_mail" 		=> array ("post", "string", ""),
 );
 getFields($fields);
 
-if (empty($account_name)) {
-  echo "<p class=\"alert alert-danger\">"._("Error : missing arguments.")."</p>";
-  include_once("foot.php");
-  exit;
+if ($piwik->user_add($account_name, $account_mail) ) {
+  $msg->raise('Ok', "piwik", _('Successfully added piwik account')); // à traduire (ou à corriger)
 }
-
-?>
-<h3><?php printf(_("Creation of Piwik account \"%s\""),$account_name); ?></h3>
-<hr id="topbar"/>
-<br />
-<?php
-$infos = $piwik->user_add($account_name);
-if (!$infos)
-{
-    $error = $err->errstr();
-    //if (isset($error) && $error) {
-    echo "<p class=\"alert alert-danger\">$error</p>";
-    if (isset($fatal) && $fatal) {
-      include_once("foot.php");
-      exit();
-    }
-}
-else
-{
-	printf("%s %s\n", _('Successfully added piwik user'), $account_name);
-}
-
-include_once("foot.php"); 
+include_once("piwik_userlist.php");
 ?>
diff --git a/bureau/admin/piwik_addsites.php b/bureau/admin/piwik_addsites.php
index 0d2ab486..e62ca431 100644
--- a/bureau/admin/piwik_addsites.php
+++ b/bureau/admin/piwik_addsites.php
@@ -39,11 +39,9 @@ getFields($fields);
 if(empty($site_name)) $site_name=$site_urls;
 
 if (empty($site_name)) {
-  $error=("Error: missing arguments.");
-} elseif (! $piwik->site_add($site_name, $site_urls) ) {
-  $error=_("Error while adding website.<br/>".$err->errstr());
-} else {
-  $error=_("Website added Successfully");
+  $msg->raise('Error', "piwik", _("All fields are mandatory"));
+} elseif ( $piwik->site_add($site_name, $site_urls) ) {
+  $msg->raise('Ok', "piwik", _("Website added Successfully"));
 }
 include_once("piwik_sitelist.php");
 
diff --git a/bureau/admin/piwik_site_dodel.php b/bureau/admin/piwik_site_dodel.php
index a229f408..2dda7e67 100755
--- a/bureau/admin/piwik_site_dodel.php
+++ b/bureau/admin/piwik_site_dodel.php
@@ -31,23 +31,20 @@ require_once("../class/config.php");
 
 $fields = array (
   "confirm_del"    	=> array ("post", "string", ""),
-  "siteid"    		=> array ("post", "integer", -1),
+  "siteid"    		=> array ("request", "integer", -1),
 );
 getFields($fields);
 
 if ($siteid === -1) {
-    $error=_("Missing site parameters");
+    $msg->raise('Error', "piwik", _("Missing site parameters"));
     include('piwik_sitelist.php'); 
     exit;
 }
 
 if(!empty($confirm_del) ) {
 
-  if (! $piwik->site_delete($siteid) ) {
-    $error=$err->errstr();
-  } else {
-    include_once('head.php');
-    __("Site successfully deleted");
+  if ($piwik->site_delete($siteid) ) {
+    $msg->raise('Ok', "piwik", _("Site successfully deleted"));
   }
 
   include('piwik_sitelist.php'); 
diff --git a/bureau/admin/piwik_sitelist.php b/bureau/admin/piwik_sitelist.php
index 28f18a50..eddd8a4d 100755
--- a/bureau/admin/piwik_sitelist.php
+++ b/bureau/admin/piwik_sitelist.php
@@ -41,46 +41,18 @@ getFields($fields);
 $piwik_alternc_users = $piwik->get_alternc_users();
 $piwik_alternc_sites = $piwik->get_alternc_sites();
 
-/* Form was submitted, need to deal with work to do. */
-if ($right !== FALSE) {
-	// Should this stay here, or in the API?
-	if (!in_array($site_id, $piwik_alternc_sites))
-		$error = _("You don't own this piwik site!");
-	else {
-		/* Foreach row of right, extract user, and selected credential */
-		foreach ($right AS $user => $cred)
-		{
-			/* Ensures that the user is legitimate for that user */
-			/* If not, we just break the loop, and set error message */
-			if (!in_array($user, $piwik_alternc_users)) {
-				$error = sprintf('%s "%s"', _('You dont own user'), $user);
-				break;
-			}
-
-			/* Ok, current user has right to manage this piwik user. Update rights. */
-			printf ("%s -> %s<br />\n", $user, $cred);
-			if (!$piwik->site_set_user_right($site_id, $user, $cred)) {
-				$error = $err->errstr();
-				break;
-			}
-		}
-	}
-}
-
-/* If something went wrong, display error message, but continue with the page rendering */
-if (isset($error) && $error) {
-  	echo "<p class=\"alert alert-danger\">$error</p>";
-}
-
 /* Does current user still has quota ? */
 if ($quota->cancreate("piwik")) {
   $quotapiwik=$quota->getquota('piwik');
 
   /* If quota are still available, display form to let user add a new site */
-  if ($quotapiwik['u']>0) {
+  if ($quotapiwik['t']>0) {
   
 ?>
 <h3><?php __("Add a new website");?></h3>
+<?php
+echo $msg->msg_html_all("<li>", true, true);
+?>
 <form method="post" action="piwik_addsites.php" id="main" name="addsites" >
  <?php csrf_get(); ?>
 	<input type="text" class="int" name="site_urls" size="50" id="site_name" maxlength="255" value="" placeholder="<?php __("URL of the website")?>"/>
@@ -91,6 +63,8 @@ if ($quota->cancreate("piwik")) {
 <hr/>
 <?php
   } // quotapiwik > 0
+} else {
+  $msg->raise('Info', "piwik", _("You cannot add any new Piwik sites, your quota is over."));
 } // cancreate piwik
 
 
@@ -106,9 +80,47 @@ if ($quota->cancreate("piwik")) {
 
 <h3><?php __("Existing Piwik monitored websites"); ?></h3>
 <?php 
-
 /* Get the list of piwik sites for current user */
 $sitelist = $piwik->site_list();
+$infos_urls = $piwik->get_users_url_infos();
+
+/* Form was submitted, need to deal with work to do. */
+if ($right !== FALSE) {
+  // Should this stay here, or in the API?
+  if (!in_array($site_id, $piwik_alternc_sites))
+    $msg->raise('Error', "piwik", _("You don't own this piwik site!"));
+  else {
+    foreach ($sitelist as $site) {
+      if ($site->id == $site_id)
+	$domain = $site->name;
+    }
+
+    /* Foreach row of right, extract user, and selected credential */
+    foreach ($right AS $user => $cred) {
+      /* Ensures that the user is legitimate for that user */
+      /* If not, we just break the loop, and set error message */
+      if (!in_array($user, $piwik_alternc_users)) {
+	$msg->raise('Error', "piwik", _('You dont own user'), $user);
+	break;
+      }
+
+      foreach ($infos_urls[$site_id] as $v) {
+	if ($v['login'] == $user && $v['cred'] != $cred) {
+          /* Ok, current user has right to manage this piwik user. Update rights. */
+          if (!$piwik->site_set_user_right($site_id, $user, $cred)) {
+	    break;
+          } else {
+	    $msg->raise('Ok', "piwik", _("Account '%s' has been given '%s' rights on '%s'"), array($user, $cred, $domain));
+          }
+        }
+      }
+    }
+
+    $infos_urls = $piwik->get_users_url_infos();
+  }
+}
+
+echo $msg->msg_html_all();
 
 /* If user didn't add a website, just do nothing but display there's no site */
 if (empty($sitelist)){
@@ -118,18 +130,47 @@ if (empty($sitelist)){
 ?>
 
 <table class="tlist">
-    <tr><th/><th><?php __("Site name");?></th><th align=center><?php __("Site url"); ?></th><th>Javascript Code</th></tr>
+    <tr><th/><th><?php __("Site name");?></th><th align=center><?php __("Site url"); ?></th><th>Javascript Code</th><th>Interface</th></tr>
 <?php
 
 $col=1;
 foreach ($sitelist as $site ){
 	$col=3-$col;
+
+	$no_user=true;
+	$first_url="";
+	$list_users="<select name='list_users_".$site->id."' id='list_users_".$site->id."' onChange='change_url(".$site->id.", this);'>";
+	foreach ($infos_urls[$site->id] as $v) {
+	  if ($v['cred'] != 'noaccess') {
+	    $list_users .= "<option value='".$piwik->url()."?module=Login&action=logme&login=".$v['login']."&idSite=".$site->id."&password=".$v['password']."'>".$v['login']."</option>";
+	    if ($no_user)
+	      $first_url = $piwik->url()."?module=Login&action=logme&login=".$v['login']."&idSite=".$site->id."&password=".$v['password'];
+
+	    $no_user=false;
+	  }
+	}
+	$list_users .= "</select>";
+
 	?>
 	<tr class="lst_clic<?php echo $col; ?>">
-	   <td><div class="ina"><a href="/piwik_site_dodel.php?siteid=<?php echo $site->id; ?>"><img src="images/delete.png" alt="<?php __("Delete"); ?>" /><?php __("Delete"); ?></a></div></td>
-  	   <td align=right><?php echo $site->name ?></td>
-           <td><?php echo $site->main_url ?></td>
-	   <td><textarea><?php echo $piwik->site_js_tag($site->id); ?></textarea></td>
+	  <td><div class="ina"><a href="/piwik_site_dodel.php?siteid=<?php echo $site->id; ?>"><img src="images/delete.png" alt="<?php __("Delete"); ?>" /><?php __("Delete"); ?></a></div></td>
+  	  <td><?php echo $site->name ?></td>
+          <td><?php echo $site->main_url ?></td>
+	  <td><textarea><?php echo $piwik->site_js_tag($site->id); ?></textarea></td>
+	  <td>
+	    <div class="ina">
+              <?php
+              if (! $no_user) {
+		?>
+                <a id="connect_<?php echo $site->id; ?>" href="<?php echo $first_url; ?>" target="_blank"><?php __('Connect as'); ?></a> <!-- à traduire -->
+		<?php
+	        echo $list_users;
+              } else {
+              ?>
+              <img src="images/warning.png" onmouseover='$("#alert_div_msg").show();' onmouseout='$("#alert_div_msg").hide();'>
+              <?php } ?>
+	    </div>
+          </td>
 	</tr>
 	<?php
 } // foreach sitelist
@@ -144,10 +185,9 @@ foreach ($sitelist as $site ){
 ?>
 </table>
 
-
 <h3><?php __("Credentials management"); ?></h3>
 
-<form method="get">
+<form method="get" action="piwik_sitelist.php">
 <select name="site_id">
 
 <?php
@@ -174,5 +214,14 @@ foreach ($sitelist as $site ){
 	}
 } // empty userlist
 ?>
+<div class="ina" id="alert_div_msg" style="display:none;background-color:yellow;padding:5px;border:2px solid black;margin-top:3em;";>
+  <?php __("No user may access this site") ?>
+</div>
+
+<script type="text/javascript">
+  function change_url(id, elt) {
+    document.getElementById("connect_" + id).href = elt.value;
+  }
+</script>
 
 <?php include_once("foot.php"); ?>
diff --git a/bureau/admin/piwik_user_dodel.php b/bureau/admin/piwik_user_dodel.php
index fe06d65a..e87e0022 100755
--- a/bureau/admin/piwik_user_dodel.php
+++ b/bureau/admin/piwik_user_dodel.php
@@ -36,17 +36,17 @@ $fields = array (
 getFields($fields);
 
 if (empty($login)) {
-  $error=_("Missing login parameters");
+  $msg->raise('Error', "piwik", _("Missing login parameters"));
   include('piwik_userlist.php'); 
   exit;
 } 
 
 if(!empty($confirm_del)) {
-  if (! $piwik->user_delete($login) ) {
-    $error=$err->errstr();
-  } else {
-    include_once('head.php');
-    printf("Utilisateur %s supprimé avec succès\n", $login);
+  // contrôle si ce compte piwik a encore des sites associés avant d'accepter sa suppression
+  if ($piwik->user_has_sites()) {
+    $msg->raise('Alert', "piwik", _("You must first remove all the piwik sites associated with this user before deleting him")); // à traduire
+  } else if ($piwik->user_delete($login) ) {
+    $msg->raise('Ok', "piwik", _("Account %s is successfully deleted"), $login);
   }
 
   include('piwik_userlist.php'); 
diff --git a/bureau/admin/piwik_useradmin.php b/bureau/admin/piwik_useradmin.php
index b3feb4ef..b28a4264 100755
--- a/bureau/admin/piwik_useradmin.php
+++ b/bureau/admin/piwik_useradmin.php
@@ -39,7 +39,7 @@ getFields($fields);
 
 if ($user_name === FALSE)
 {
-	$error = _('No piwik user specified');
+	 $msg->raise('Error', "piwik", _('No piwik user specified'));
 }
 else
 {
@@ -49,7 +49,7 @@ else
 		$db->next_record();
 		if ($db->f('ok')!=1)
 		{
-			$error = _("You don't own this piwik website");
+			$msg->raise('Error', "piwik", _("You don't own this piwik website"));
 		}
 		else
 		{
@@ -57,7 +57,7 @@ else
 			$db->next_record();
 			if ($db->f('ok')!=1)
 			{
-				$error = _("You don't own this piwik user");
+				$msg->raise('Error', "piwik", _("You don't own this piwik user"));
 			}
 			else
 			{
@@ -66,13 +66,13 @@ else
 				{
 					$api_data = $piwik->site_set_user_right($site_id, $user_name, $right);
 					if ($api_data === FALSE)
-						echo $error;
+						$msg->raise('Error', "piwik", $api_data->message)
 					else
-						__('success');
+						$msg->raise('Ok', "piwik", _('success'));
 				}
 				else
 				{
-					$error = _("This right does not exist");
+					$msg->raise('Error', "piwik", _("This right does not exist"));
 				}
 			}
 		}
@@ -96,14 +96,11 @@ else
 	$user_piwik_users = array_flip($user_piwik_users);
 }
 
-
-if (isset($error) && $error) {
-  	echo "<p class=\"alert alert-danger\">$error</p>";
-	exit;
-}
 ?>
 <h3><?php printf('%s "%s"', _("Rights for user"), $user_name); ?></h3>
 <?php
+echo $msg->msg_html_all();
+
 $raw_sites = $piwik->get_site_list();
 $piwik_sites = array();
 foreach ($raw_sites AS $site) {
diff --git a/bureau/admin/piwik_userlist.php b/bureau/admin/piwik_userlist.php
index 620cb07f..4d450ea8 100755
--- a/bureau/admin/piwik_userlist.php
+++ b/bureau/admin/piwik_userlist.php
@@ -30,50 +30,52 @@
 require_once("../class/config.php");
 include_once("head.php");
 
-if (isset($error) && $error) {
-  	echo "<p class=\"alert alert-danger\">$error</p>";
-}
+$userslist = $piwik->users_list();
+$quotapiwik = $quota->getquota('piwik');
 
-//Mail creation.
-if ($quota->cancreate("piwik")) { 
-	$quotapiwik=$quota->getquota('piwik');
+// TODO - Put the limit of piwik users (here at 3) as a variable in alternC
+if ($quotapiwik['t'] > 0 && count($userslist) < 3) {
 ?>
 <h3><?php __("Create a new piwik account");?></h3>
+<?php
+echo $msg->msg_html_all("<li>", true, true);
+?>
 <form method="post" action="piwik_addaccount.php" id="main" name="addaccount" >
  <?php csrf_get(); ?>
-	<input type="text" class="int" name="account_name" size="20" id="account_name" maxlength="32" value="<?php if ($quotapiwik['u']==0) {echo $mem->user["login"];}?>"/>
+	<table class="tedit">
+	<tr>
+	<th><label for="account_name"><?php __("Account Name"); ?></label></th>   <!-- à traduire -->
+	<td><span class="int" id="account_namefx"><?php echo $mem->user["login"]; ?>_</span><input type="text" class="int" name="account_name" size="20" id="account_name" maxlength="32" value=""/>
+	</tr>
+	<tr>
+	<th><label for="account_mail"><?php __("Linked Account Email"); ?></label></th>  <!-- à traduire -->
+	<td><input type="text" class="int" name="account_mail" size="20" id="account_mail" maxlength="32" value="<?php if (count($userslist) == 0) {echo $mem->user["mail"];}?>"/>
+	</tr>
+	<tr class="trbtn"><td colspan="2">
 	<input type="submit" name="submit" class="inb" value="<?php __("Create"); ?>" />
+	</tr>
+	</table>
+	<i>(<?php ehe("Max. 3 accounts"); ?>)</i>
 </form>
-
+<script type="text/javascript">
+    document.forms['main'].account_name.focus();
+</script>
 <br/>
 <hr/>
 <?php
-
-if ($quotapiwik['u']>0) {
-?>
-<h3><?php __("Add a new website");?></h3>
-<form method="post" action="piwik_addsites.php" id="main" name="addsites" >
-<?php csrf_get(); ?>
-	<input type="text" class="int" name="site_urls" size="50" id="site_name" maxlength="255" value="" placeholder="<?php __("URL of the website")?>"/>
-	<input type="submit" name="submit" class="inb" value="<?php __("Create"); ?>" />
-</form>
-
-<br/>
-<hr/>
-<?php
-} // quota > 0
+} else {
+  $msg->raise('Info', "piwik", _("You cannot add any new Piwik account, your quota is over."));
 } // cancreate piwik
 ?>
 
 <h3><?php __("Existing Piwik accounts"); ?></h3>
 <?php 
-
-$userslist = $piwik->users_list();
-
+echo $msg->msg_html_all("<li>", true, true);
 // printVar($piwik->dev());
 
 if (empty($userslist)){
-	__("No existing Piwik users");
+	$msg->raise('Info', "piwik", _("No existing Piwik accounts")); // à traduire (ou à corriger)
+	echo $msg->msg_html_all();
 } else {
 ?>
 
@@ -83,12 +85,39 @@ if (empty($userslist)){
 
 $col=1;
 foreach ($userslist as $user ){
+	unset($piwik_pwd);
+	$form_id="main_".$user->login;
+
+        $db->query("SELECT passwd FROM piwik_users WHERE login = '$user->login'");
+        if ($db->next_record()) {
+          $piwik_pwd = $db->f('passwd');
+        }
+
 	$col=3-$col;
 	?>
 	<tr class="lst_clic<?php echo $col; ?>">
-		<td><div class="ina"><a href="piwik_user_dodel.php?login=<?php echo urlencode($user->login); ?>"><img src="images/delete.png" alt="<?php __("Delete"); ?>" /><?php __("Delete"); ?></a></div></td>
-	<td align=right><?php echo $user->login ?></td>
-	   <td><div class="ina"><a href="<?php printf('%s?module=Login&action=logme&login=%s&password=%s', $piwik->url(), $user->login, $user->password); ?>" target="_blank"><?php __('Connect'); ?></a></td>
+	<td>
+		<div class="ina">
+		  <form method="post" action="piwik_user_dodel.php" name="<?php echo $form_id; ?>" id="<?php echo $form_id; ?>">
+		    <?php csrf_get(); ?>
+		    <input type="hidden" name="login" value="<?php ehe($user->login);?>" />
+		    <input type="button" class="ina" name="delete" value="<?php __("Delete"); ?>" onclick="document.getElementById('<?php echo $form_id; ?>').submit();" style="background: url('/images/delete.png') no-repeat 3px 3px; padding-left: 16px;" />
+		  </form>
+		</div>
+	</td>
+	<td><?php echo $user->login ?></td>
+	  <!--<td><div class="ina"><a href="<?php printf('%s?module=Login&action=logme&login=%s&password=%s', $piwik->url(), $user->login, $user->password); ?>" target="_blank"><?php __('Connect'); ?></a></td>-->
+          <td>
+            <?php
+            if ($piwik_pwd) {
+            ?>
+              <div class="ina"><a href="<?php printf('%s?module=Login&action=logme&login=%s&password=%s', $piwik->url(), $user->login, $piwik_pwd); ?>" target="_blank"><?php __('Connect'); ?></a>
+            <?php
+            } else {
+            ?>
+              <div class="ina"><img src="images/warning.png" onmouseover='$("#alert_div_msg").show();' onmouseout='$("#alert_div_msg").hide();'></div>
+            <?php } ?>
+          </td>
 	</tr>
 	<?php
 } // foreach userlist 
@@ -96,4 +125,7 @@ foreach ($userslist as $user ){
 ?>
 
 </table>
+<div class="ina" id="alert_div_msg" style="display:none;background-color:yellow;padding:5px;border:2px solid black;margin-top:3em;";> <!-- à traduire -->
+  <?php __("An error occurred. It was not possible to retrieve the access information to the Piwik interface") ?>
+</div>
 <?php include_once("foot.php"); ?>
diff --git a/bureau/class/m_piwik.php b/bureau/class/m_piwik.php
index 2ae6edc1..27bd9975 100644
--- a/bureau/class/m_piwik.php
+++ b/bureau/class/m_piwik.php
@@ -77,7 +77,7 @@ class m_piwik {
    */
   function hook_quota_get() {
     global $db, $cuid;
-    $db->query("SELECT COUNT(id) AS nb FROM piwik_users WHERE uid= ? ;", array($cuid));
+    $db->query("SELECT COUNT(id) AS nb FROM piwik_sites WHERE uid= ? ;", array($cuid));
     $q=Array("name"=>"piwik", "description"=>_("Statistics through Piwik accounts"), "used"=>0);
     if ($db->next_record()) {
       $q['used']=$db->f('nb');
@@ -96,13 +96,24 @@ class m_piwik {
   /***********************/
 
 
-  function user_add($user_login, $user_mail = null) {
+  function user_add($user_login, $user_mail) {
+        global $db, $mem, $cuid, $msg;
 
-        global $db, $mem, $cuid, $err;
+	$msg->log("piwik","user_add");
+
+	if (empty($user_login) || is_null($user_login) || empty($user_mail) || is_null($user_mail)) {
+	  $msg->raise('Error', "piwik", _("All fields are mandatory"));
+	  return false;
+	}
+
+	// Validate the email syntax:
+        if (!filter_var($user_mail, FILTER_VALIDATE_EMAIL)) {
+            $msg->raise('Error', "piwik", _("The email you entered is syntaxically incorrect"));
+            return false;
+        }
 
         $user_login = $this->clean_user_name($user_login);
 	$user_pass  = create_pass();
-	$user_mail  = $mem->user['mail'];
 	$user_alias = $user_login;
 
 	$api_data = $this->call_privileged_page('API', 'UsersManager.addUser', array('userLogin' => $user_login, 'password' => $user_pass, 'email' => $user_mail, 'alias' => $user_alias), 'JSON'); 
@@ -110,7 +121,11 @@ class m_piwik {
 	  if ($api_data->result === 'success') {
 	    $user = $this->get_user($user_login);
 	    $user_creation_date = $user->date_registered;
-	    return $db->query("INSERT INTO piwik_users (uid, login, created_date) VALUES ( ?, ?, ?,);", array($cuid, $user_login, $user_creation_date));
+	    $ret_value = $db->query("INSERT INTO piwik_users (uid, passwd, login, created_date) VALUES ( ?, ?, ?);", array($cuid, md5('$user_pass'), $user_login, $user_creation_date));
+	    return $ret_value;
+	  } else {
+	    $msg->raise('Error', "piwik", $api_data->message);
+	    return FALSE;
 	  }
 	} else { // api_data = false -> error is already filled
 	  return FALSE;
@@ -129,14 +144,16 @@ class m_piwik {
   }
 
   function get_users_access_from_site($site_id) {
-	global $err, $cuid;
+	global $msg, $cuid;
+
+	$msg->log("piwik","get_users_access_from_site");
 
 	if (!is_numeric($site_id)) {
-		$err->raise('piwik', 'site_id must be numeric');
+		$msg->raise('Error', 'piwik', 'site_id must be numeric');
 		return FALSE;
 	}
 	if (!in_array($site_id, $this->alternc_sites)) {
-		$err->raise('piwik', "you don't own this piwik website");
+		$msg->raise('Error', 'piwik', "you don't own this piwik website");
 		return FALSE;
 	}
 
@@ -166,7 +183,9 @@ class m_piwik {
   }
 
   function get_alternc_users() {
-	global $db, $cuid;
+	global $db, $cuid, $msg;
+
+	$msg->log("piwik","get_alternc_users");
 
 	static $alternc_users = array();
 	$db->query("SELECT login FROM piwik_users WHERE uid= ?;", array($cuid));
@@ -175,10 +194,52 @@ class m_piwik {
 	
 	return $alternc_users;
   }
+
+  function get_users_url_infos() {
+    global $db,$cuid, $msg;
+    $infos_user = array();
+    $api_calls = array();
+
+
+    $db->query("SELECT login, passwd, s.piwik_id as id FROM piwik_users as u INNER JOIN piwik_sites as s on u.uid = s.uid WHERE u.uid = $cuid");
+    while ($db->next_record()) {
+      $id = $db->f('id');
+      $login = $db->f('login');
+
+      if (!isset($infos_user[$id]))
+	$infos_user[$id] = array();
+
+      if (!isset($api_calls[$id]))
+	$api_calls[$id] = $this->get_users_access_from_site($id);
+
+      foreach ($api_calls[$id] as $l => $cred) {
+	if ($l == $login)
+	  $infos_user[$id][] = array('login' => $login, 'password' => $db->f('passwd'), 'cred' => $cred);
+      }
+    }
+
+    return $infos_user;
+  }
+
+  // Regarde si l'utilisateur a des sites piwik configurés dans AlternC
+  function user_has_sites() {
+    global $db, $cuid, $msg;
+
+    $msg->log("piwik","user_has_sites");
+
+    $db->query("SELECT id FROM piwik_sites WHERE uid='$cuid'");
+    if ($db->num_rows() > 0)
+      return true;
+
+    return false;
+  }
+
   // Supprime l'utilisateur Piwik passé en parametre
   // Ne le supprime pas localement tant que pas supprimé en remote
   function user_delete($piwik_user_login) {
-    global $db, $cuid, $err;
+    global $db, $cuid, $msg;
+
+    $msg->log("piwik","user_delete");
     
     $db->query("SELECT created_date, COUNT(id) AS cnt FROM piwik_users WHERE uid= ? AND login= ? ", array($cuid, $piwik_user_login));
     $db->next_record();
@@ -192,14 +253,17 @@ class m_piwik {
 		return FALSE;
 	}
     } else {
-      $err->raise("piwik", _("You are not allowed to delete the statistics of this website"));
+      $msg->raise('Error', "piwik", _("You are not allowed to delete the statistics of this website"));
       return FALSE;
     }
   }
  
 
   function users_list() { 
-    global $db, $cuid;
+    global $db, $cuid, $msg;
+
+    $msg->log("piwik","users_list");
+
     $db->query("SELECT login FROM piwik_users WHERE uid = ?;", array($cuid));
     if ($db->num_rows() == 0)
       return array();
@@ -239,6 +303,10 @@ class m_piwik {
 
 
   function site_list() {
+    global $msg;
+
+    $msg->log("piwik","site_list");
+
     $api_data = $this->call_privileged_page('API', 'SitesManager.getAllSites');
     $data = array();
 
@@ -274,7 +342,9 @@ class m_piwik {
   }
 
   function get_alternc_sites() {
-        global $db, $cuid;
+        global $db, $cuid, $msg;
+
+	$msg->log("piwik","get_alternc_sites");
 
         static $alternc_sites = array();
         $db->query("SELECT piwik_id AS site_id FROM piwik_sites WHERE uid= ? ;", array($cuid));
@@ -291,18 +361,40 @@ class m_piwik {
   // Ajoute un site à Piwik
   // can't figure out how to pass multiple url through the API
   function site_add($siteName, $urls, $ecommerce = FALSE) {
-    global $db, $cuid;
+    global $db, $cuid, $piwik, $msg;
+
+    $msg->log("piwik","site_add");
+
     $urls = is_array($urls) ? implode(',', $urls) : $urls;
     $api_data = $this->call_privileged_page('API', 'SitesManager.addSite', array('siteName' => $siteName, 'urls' => $urls));
-    $db->query("INSERT INTO piwik_sites set uid= ? , piwik_id= ? ", array($cuid, $api_data->value));
-    return TRUE;
+
+    if ($api_data->value) {
+      $id_site = $api_data->value;
+
+      // Ajout de donner auto les droits de lecture à ce nouvel utilisateur pour le site qu'il a ajouté
+      $userslist = $piwik->users_list();
+      $api_data = $this->call_privileged_page('API', 'UsersManager.setUserAccess', array('userLogin' => $userslist[0]->login, 'idSites' => $id_site, 'access' => 'view'));
+
+      if ($api_data->result == 'success') {
+        // On enregistre le site dans alternC
+	$db->query("INSERT INTO piwik_sites set uid= ? , piwik_id= ? ", array($cuid, $id_site));
+
+        // Permet de prendre en compte le site qu'on vient de créer dans la page quis'affiche
+        $this->alternc_sites = $this->get_alternc_sites();
+        return TRUE;
+      }
+      return TRUE;
+    } else
+      return FALSE;
   }
 
 
   //SitesManager.deleteSite (idSite)
   // Supprime un site de Piwik
   function site_delete($site_id) {
-    global $db, $cuid, $err;
+    global $db, $cuid, $msg;
+
+    $msg->log("piwik","site_delete");
     
     $db->query("SELECT COUNT(id) AS cnt FROM piwik_sites WHERE uid= ? AND piwik_id= ? ;", array($cuid, $site_id));
     $db->next_record();
@@ -315,7 +407,7 @@ class m_piwik {
 		return FALSE;
 	}
     } else {
-	$err->raise("piwik", _("You are not allowed to delete the statistics of this website"));
+	$msg->raise('Error', "piwik", _("You are not allowed to delete the statistics of this website"));
 	return FALSE;
     }
 
@@ -325,14 +417,17 @@ class m_piwik {
 
     function site_set_user_right($site_id, $login, $right)
     {
-	global $err;
+	global $msg;
+
+	$msg->log("piwik","site_set_user_right");
+
 	if (!in_array($right, array('noaccess', 'view', 'admin')))
 		return FALSE;
 	$api_data = $this->call_privileged_page('API', 'UsersManager.setUserAccess', array('userLogin' => $login, 'access' => $right, 'idSites' => $site_id));
 	if ($api_data->result == 'success') {
 		return TRUE;
 	} else {
-		$err->raise('piwik', $api_data->messsage);
+		$msg->raise('Error', 'piwik', $api_data->messsage);
 		return FALSE;
 	}
     }
@@ -346,8 +441,10 @@ class m_piwik {
 
   /* return a clean username with a unique prefix per account */
   function clean_user_name($username) {
-    global $admin, $cuid;
-    return 'alternc_' . $admin->get_login_by_uid($cuid) . '_' . mysql_real_escape_string(trim($username));
+    global $admin, $cuid, $db;
+    $escaped_name=$db->quote(trim($username));
+    $escaped_name=preg_replace("/^'(.*)'/", "\\1", $escaped_name);
+    return 'alternc_' . $admin->get_login_by_uid($cuid) . '_' . $escaped_name;
   }
 
 
@@ -362,26 +459,30 @@ class m_piwik {
    * @param string $method
    */
   function call_page($module, $method, $arguments=array(), $output = 'JSON') {
-    global $err;
+	global $msg;
+
+	$msg->log("piwik","call_page");
+
 	$url = sprintf('%s/?module=%s&method=%s&format=%s', $this->piwik_server_uri, $module, $method, $output);
 	foreach ($arguments AS $k=>$v)
 	  $url .= sprintf('&%s=%s', urlencode($k), $v); //  urlencode($v));
 
 	$page_content = file_get_contents($url);
 	if ($page_content === FALSE) {
-	  $err->raise("piwik", _("Unable to reach the API"));
+	  $msg->raise('Error', "piwik", _("Unable to reach the API"));
 	  return FALSE;
 	}
+
 	if ($output == 'JSON') {
 	  $api_data = json_decode($page_content);
 	  if ($api_data === FALSE) {
-	    $err->raise("piwik", _("Error while decoding response from the API"));
+	    $msg->raise('Error', "piwik", _("Error while decoding response from the API"));
 	    return FALSE;
 	  }
 
 	  return $api_data;
 	} else {
-	  $err->raise("piwik", _("Other format than JSON is not implemented yet"));
+	  $msg->raise('Error', "piwik", _("Other format than JSON is not implemented yet"));
 	  return FALSE;
 	}
   }
@@ -392,6 +493,10 @@ class m_piwik {
    * @param string $method
    */
   function call_privileged_page($module, $method, $arguments=array(), $output = 'JSON') {
+	global $msg;
+
+	$msg->log("piwik","call_privileged_page");
+
 	$arguments['token_auth'] = $this->piwik_admin_token;
 	return $this->call_page($module, $method, $arguments, $output);
   }

From 991b4b48e3e3c608508840d7e792ddb132ecf94b Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Wed, 16 Aug 2017 19:34:32 +0200
Subject: [PATCH 11/23] =?UTF-8?q?classe=20hta=20&=20fichiers=20section=20a?=
 =?UTF-8?q?dmin=20associ=C3=A9s?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/hta_add.php        |  17 +++---
 bureau/admin/hta_adduser.php    |   9 +--
 bureau/admin/hta_del.php        |   8 +--
 bureau/admin/hta_doadd.php      |  17 ++----
 bureau/admin/hta_doadduser.php  |   6 +-
 bureau/admin/hta_dodeluser.php  |  11 ++--
 bureau/admin/hta_doedituser.php |  24 +++-----
 bureau/admin/hta_edit.php       |  22 ++++---
 bureau/admin/hta_edituser.php   |   9 ++-
 bureau/admin/hta_list.php       |  24 ++++----
 bureau/class/m_hta.php          | 101 ++++++++++++++++----------------
 11 files changed, 117 insertions(+), 131 deletions(-)

diff --git a/bureau/admin/hta_add.php b/bureau/admin/hta_add.php
index 27ceb961..b3f6fa54 100755
--- a/bureau/admin/hta_add.php
+++ b/bureau/admin/hta_add.php
@@ -30,10 +30,12 @@
 require_once("../class/config.php");
 include_once("head.php");
 
-$fields = array (
-	"dir"      => array ("request", "string", ""),
-);
-getFields($fields);
+if (!isset($is_include)) {
+  $fields = array (
+    "dir"      => array ("request", "string", ""),
+  );
+  getFields($fields);
+}
 
 ?>
 <h3><?php __("Protect a folder"); ?></h3>
@@ -43,11 +45,8 @@ getFields($fields);
 <?php __("Enter the name of the folder you want to protect. It must already exists."); ?>
 </p>
 <?php
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-  include_once("foot.php");
-  exit;
-} ?>
+echo $msg->msg_html_all();
+?>
 
 <form method="post" action="hta_doadd.php" name="main" id="main">
   <?php csrf_get(); ?>
diff --git a/bureau/admin/hta_adduser.php b/bureau/admin/hta_adduser.php
index e88bccd7..53907b18 100755
--- a/bureau/admin/hta_adduser.php
+++ b/bureau/admin/hta_adduser.php
@@ -39,9 +39,10 @@ getFields($fields);
 ?>
 <h3><?php printf(_("Adding a username in %s"),$dir); ?></h3>
 <?php
-	if (isset($error) && $error) {
-		echo "<p class=\"alert alert-danger\">$error</p>";
-	}
+echo $msg->msg_html_all();
+
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['hta']['classcount'];
 ?>
 
 <form method="post" action="hta_doadduser.php" name="main" id="main" autocomplete="off">
@@ -61,7 +62,7 @@ getFields($fields);
 	</tr>
 	<tr>
 		<th><label for="password"><?php __("Password"); ?></label></th>
-		<td><input type="password" class="int" name="password" autocomplete="off" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf"); ?></td>
+		<td><input type="password" class="int" name="password" autocomplete="off" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf",$passwd_classcount); ?></td>
 	</tr>
 	<tr>
 		<th><label for="passwordconf"><?php __("Confirm password"); ?></label></th>
diff --git a/bureau/admin/hta_del.php b/bureau/admin/hta_del.php
index 48a7e9ea..b5124f02 100644
--- a/bureau/admin/hta_del.php
+++ b/bureau/admin/hta_del.php
@@ -29,18 +29,14 @@
 */
 require_once("../class/config.php");
 
-$error="";
 // On parcours les POST_VARS et on repere les del_.
 reset($_POST);
 while (list($key,$val)=each($_POST)) {
 	if (substr($key,0,4)=="del_") {
 		// Effacement du dossier $val
-//		$r=$hta->DelDir($val);
 		$return = $hta->DelDir($val);
-		if (!$return) {
-			$error.= $err->errstr()."<br />";
-		} else {
-			$error.= sprintf(_("The protected folder %s has been successfully unprotected"),$val)."<br />";
+		if ($return) {
+			$msg->raise("Ok", "hta",_("The protected folder %s has been successfully unprotected"),$val);
 		}
 	}
 }
diff --git a/bureau/admin/hta_doadd.php b/bureau/admin/hta_doadd.php
index 3d6177fc..1789b4f4 100644
--- a/bureau/admin/hta_doadd.php
+++ b/bureau/admin/hta_doadd.php
@@ -36,18 +36,13 @@ $fields = array (
 getFields($fields);
 
 if(empty($dir)) {
-	$error=_("No directory specified");
+	$msg->raise("Error", "hta", _("No directory specified"));
 	include("hta_list.php");
-	exit();
-}
-
-if(!$hta->CreateDir($dir)) {
-	$error=$err->errstr();
+} else if(!$hta->CreateDir($dir)) {
+	$is_include=true;
 	include("hta_add.php");
-	exit();
+} else {
+	$msg->raise("Ok", "hta", _("Folder %s is protected"), $dir);  // à traduire
+	include("hta_list.php");
 }
-
-include("hta_list.php");
-exit();
-
 ?>
diff --git a/bureau/admin/hta_doadduser.php b/bureau/admin/hta_doadduser.php
index e9d347e1..d9b0ef65 100644
--- a/bureau/admin/hta_doadduser.php
+++ b/bureau/admin/hta_doadduser.php
@@ -38,15 +38,15 @@ getFields($fields);
 
 
 if ($password != $passwordconf) {
-	$error = _("Passwords do not match");
+	$msg->raise("Error", "hta", _("Passwords do not match"));
 	include("hta_adduser.php");
 	exit();
 }
 
 if (!$hta->add_user($user, $password, $dir)) {
-	$error=$err->errstr();
 	include ("hta_adduser.php");
-	} else {
+} else {
+	$msg->raise("Ok", "hta", _("The user %s was added to th protected folder %s"), array($user, $dir)); // à traduire
 	include ("hta_edit.php");
 }
 ?>
diff --git a/bureau/admin/hta_dodeluser.php b/bureau/admin/hta_dodeluser.php
index 08086925..3b8d7a33 100755
--- a/bureau/admin/hta_dodeluser.php
+++ b/bureau/admin/hta_dodeluser.php
@@ -38,10 +38,13 @@ getFields($fields);
 
 if (!empty($confirm_del)) {
   reset($d);
-  if (!$hta->del_user($d,$dir)) {
-    $error=$err->errstr();
+  if ($hta->del_user($d,$dir)) {
+    foreach ($d as $v) {
+      $msg->raise("Ok", "hta", _("The user '%s' was successfully deleted"), $v);  // à traduire
+    }
   }
-  header ('Location: /hta_edit.php?dir='.urlencode($dir));
+  $is_include=true;
+  include_once("hta_edit.php");
   exit();
 }
 include_once('head.php');
@@ -52,7 +55,7 @@ include_once('head.php');
   <?php __("Do you really want to delete those users ?");?>
   <ul>
   <?php foreach($d as $t) {
-    echo "<li>".ehe($t,false)."</li>\n";
+    echo "<li><b>".ehe($t,false)."</b></li>\n";
   } ?>
   </ul>
 
diff --git a/bureau/admin/hta_doedituser.php b/bureau/admin/hta_doedituser.php
index 84e08ff6..2fd4a383 100644
--- a/bureau/admin/hta_doedituser.php
+++ b/bureau/admin/hta_doedituser.php
@@ -39,26 +39,16 @@ $fields = array (
 getFields($fields);
 
 if ($newpass != $newpassconf) {
-	$error = _("Passwords do not match");
+	$msg->raise("Error", "hta", _("Passwords do not match"));
 	include("hta_edituser.php");
 	exit();
 }
 
-if (!$hta->change_pass($user,$newpass,$dir)) {
-		$error=$err->errstr();
+if ($hta->change_pass($user,$newpass,$dir)) {
+	$msg->raise("Ok", "hta", _("The password of the user %s has been successfully changed"), $user);
+	$is_include=true;
+	include_once("hta_edit.php");
+} else {
+	include("hta_edituser.php");
 }
-
 ?>
-<h3><?php printf(_("Change the user %s in the protected folder %s"),$user,$dir); ?></h3>
-<hr id="topbar"/>
-<br />
-<?php
-	if (isset($error) && $error) {
-		echo "<p class=\"alert alert-danger\">$error</p>";
-	}
-	else {
-		echo "<p>".sprintf(_("The password of the user %s has been successfully changed"),$user)."</p>";
-	}
-	echo "<p><span class=\"ina\"><a href=\"hta_edit.php?dir=$dir\">"._("Click here to continue")."</a></span></p>";
-?>
-<?php include_once("foot.php"); ?>
diff --git a/bureau/admin/hta_edit.php b/bureau/admin/hta_edit.php
index 2948fa7d..8e1ea12b 100755
--- a/bureau/admin/hta_edit.php
+++ b/bureau/admin/hta_edit.php
@@ -30,10 +30,12 @@
 require_once("../class/config.php");
 include_once("head.php");
 
-$fields = array (
+if (!isset($is_include)) {
+  $fields = array (
 	"dir"      => array ("request", "string", ""),
-);
-getFields($fields);
+  );
+  getFields($fields);
+}
 
 if (!$dir) {
   echo "<p class=\"alert alert-warning\">"._("No folder selected!")."</p>";
@@ -41,20 +43,22 @@ if (!$dir) {
   die();
 } else {
   $r=$hta->get_hta_detail($dir);
-  if (!$r) {
-    $error=$err->errstr();
-  }
 } // if !$dir
 
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['hta']['classcount'];
+
 ?>
 <h3><?php printf(_("List of authorized user in folder %s"),$dir); ?></h3>
 <hr id="topbar"/>
 <br />
 <?php
   if (!count($r)) {
-    echo "<p class=\"alert alert-warning\">".sprintf(_("No authorized user in %s"),$dir)."</p>";
+    $msg->raise("Info", "hta", _("No authorized user in %s"),$dir);
+    echo $msg->msg_html_all();
   } else {
-     reset($r);
+    reset($r);
+    echo $msg->msg_html_all();
 ?>
 <form method="post" action="hta_dodeluser.php">
    <?php csrf_get(); ?>
@@ -108,7 +112,7 @@ for($i=0;$i<count($r);$i++){ ?>
       </tr>
       <tr>
         <th><label for="password"><?php __("Password"); ?></label></th>
-        <td><input type="password" class="int" name="password" autocomplete="off" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf"); ?></td>
+        <td><input type="password" class="int" name="password" autocomplete="off" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf",$passwd_classcount); ?></td>
       </tr>
       <tr>
         <th><label for="passwordconf"><?php __("Confirm password"); ?></label></th>
diff --git a/bureau/admin/hta_edituser.php b/bureau/admin/hta_edituser.php
index 2819ca9e..44dc0852 100755
--- a/bureau/admin/hta_edituser.php
+++ b/bureau/admin/hta_edituser.php
@@ -36,12 +36,17 @@ $fields = array (
 );
 getFields($fields);
 
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['hta']['classcount'];
+
 ?>
 <h3><?php printf(_("Editing user %s in the protected folder %s"),$user,$dir); ?></h3>
 <hr id="topbar"/>
 <br />
 
-<?php if (!empty($error) ) { echo "<p class=\"alert alert-danger\">$error</p>"; } ?>
+<?php
+echo $msg->msg_html_all();
+?>
 
 <form method="post" action="hta_doedituser.php" name="main" id="main" autocomplete="off">
   <?php csrf_get(); ?>
@@ -63,7 +68,7 @@ getFields($fields);
     </tr>
     <tr>
       <th><label for="newpass"><?php __("New password"); ?></label></th>
-      <td><input type="password" class="int" name="newpass" autocomplete="off" id="newpass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","#newpassconf"); ?></td>
+      <td><input type="password" class="int" name="newpass" autocomplete="off" id="newpass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#newpass","#newpassconf",$passwd_classcount); ?></td>
     </tr>
     <tr>
       <th><label for="newpassconf"><?php __("Confirm password"); ?></label></th>
diff --git a/bureau/admin/hta_list.php b/bureau/admin/hta_list.php
index 3a603e35..a5cbf92f 100755
--- a/bureau/admin/hta_list.php
+++ b/bureau/admin/hta_list.php
@@ -30,10 +30,8 @@
 require_once("../class/config.php");
 include_once("head.php");
 
-if (!$r=$hta->ListDir()) {
-	$error=$err->errstr();
-} else {
-	reset($r);
+if ($r=$hta->ListDir()) {
+  reset($r);
 }
 
 ?>
@@ -41,17 +39,15 @@ if (!$r=$hta->ListDir()) {
 <hr id="topbar"/>
 <br />
 <?php
-	if (isset($error) && $error) {
-		echo "<p class=\"alert alert-danger\">$error</p>";
-	}
+echo $msg->msg_html_all();
 
-	if (!is_array($r)) {
-		echo "<p><span class=\"ina\"><a href=\"hta_add.php\">"._("Protect a folder")."</a></span><br />";
-		$mem->show_help("hta_list");
-		echo "</p>";
-		include_once("foot.php");
-		exit();
-	}
+if (!is_array($r)) {
+  echo "<p><span class=\"ina\"><a href=\"hta_add.php\">"._("Protect a folder")."</a></span><br />";
+  $mem->show_help("hta_list");
+  echo "</p>";
+  include_once("foot.php");
+  exit();
+}
 
 ?>
 
diff --git a/bureau/class/m_hta.php b/bureau/class/m_hta.php
index 3b17b07b..0397b56c 100644
--- a/bureau/class/m_hta.php
+++ b/bureau/class/m_hta.php
@@ -78,29 +78,26 @@ class m_hta {
      * 
      * @global    m_mem   $mem
      * @global    m_bro   $bro
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     string  $dir
      * @return    boolean
      */
     function CreateDir($dir) {
-        global $bro, $err;
-        $err->log("hta", "createdir", $dir);
+        global $bro, $msg;
+        $msg->log("hta", "createdir", $dir);
         $absolute = $bro->convertabsolute($dir, 0);
-        if (!$absolute) {
-            $err->raise("hta", printf(_("The folder '%s' does not exist"), $dir));
+        if (!is_dir($absolute)) {
+            $msg->raise('Error', "hta", _("The folder '%s' does not exist"), $dir);
             return false;
         }
-        if (!file_exists($absolute)) {
-            @mkdir($absolute, 00777);
-        }
         if (!file_exists("$absolute/.htaccess")) {
             if (!@touch("$absolute/.htaccess")) {
-                $err->raise("hta", _("File already exist"));
+                $msg->raise('Error', "hta", _("File already exist"));
                 return false;
             }
             $file = @fopen("$absolute/.htaccess", "r+");
             if (!$file) {
-                $err->raise("hta", _("File already exist"));
+                $msg->raise('Error', "hta", _("File already exist"));
                 return false;
             }
             fseek($file, 0);
@@ -110,7 +107,7 @@ class m_hta {
         }
         if (!file_exists("$absolute/.htpasswd")) {
             if (!touch("$absolute/.htpasswd")) {
-                $err->raise("hta", _("File already exist"));
+                $msg->raise('Error', "hta", _("File already exist"));
                 return false;
             }
             return true;
@@ -121,18 +118,18 @@ class m_hta {
     /**
      * Returns the list of all user folder currently protected by a .htpasswd file
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_mem   $mem
      * @return    array           Array containing user folder list
      */
     function ListDir() {
-        global$err, $mem;
-        $err->log("hta", "listdir");
+        global$msg, $mem;
+        $msg->log("hta", "listdir");
         $sortie = array();
         $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"];
         exec("find " . escapeshellarg($absolute) . " -name .htpasswd|sort", $sortie);
         if (!count($sortie)) {
-            $err->raise("hta", _("No protected folder"));
+            $msg->raise('Info', "hta", _("No protected folder"));
             return false;
         }
         $pattern = "/^" . preg_quote(ALTERNC_HTML, "/") . "\/.\/[^\/]*\/(.*)\/\.htpasswd/";
@@ -151,13 +148,13 @@ class m_hta {
      * Tells if a folder is protected.
      * 
      * @global    m_mem   $mem
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     string  $dir    Folder to check
      * @return    boolean         If the folder is protected, or FALSE if it is not
      */
     function is_protected($dir) {
-        global $mem, $err;
-        $err->log("hta", "is_protected", $dir);
+        global $mem, $msg;
+        $msg->log("hta", "is_protected", $dir);
         $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
         if (file_exists("$absolute/.htpasswd")) {
             return true;
@@ -170,13 +167,13 @@ class m_hta {
      * Returns the list of login for a protected folder.
      * 
      * @global    m_mem   $mem
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     string  $dir    The folder to lookup (relative to user root)
      * @return    array           An array containing the list of logins from the .htpasswd file, or FALSE
      */
     function get_hta_detail($dir) {
-        global $mem, $err;
-        $err->log("hta", "get_hta_detail");
+        global $mem, $msg;
+        $msg->log("hta", "get_hta_detail");
         $absolute = ALTERNC_HTML . "/" . substr($mem->user["login"], 0, 1) . "/" . $mem->user["login"] . "/$dir";
         if (file_exists("$absolute/.htaccess")) {
             /* 		if (!_reading_htaccess($absolute)) {
@@ -208,22 +205,22 @@ class m_hta {
      * 
      * @global    m_mem   $mem
      * @global    m_bro   $bro
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     string  $dir    Folder to unprotect, relative to user root
      * @param     boolean $skip   For testing purpose mainly, skips the full user path search
      * @return    boolean         TRUE if the folder has been unprotected, or FALSE if an error occurred
      */
     function DelDir($dir, $skip = false) {
-        global $bro, $err;
-        $err->log("hta", "deldir", $dir);
+        global $bro, $msg;
+        $msg->log("hta", "deldir", $dir);
         $dir = $bro->convertabsolute($dir, $skip);
         if (!$dir) {
-            $err->raise("hta", printf(("The folder '%s' does not exist"), $dir));
+            $msg->raise('Error', "hta", ("The folder '%s' does not exist"), $dir);
             return false;
         }
         $htaccess_file = "$dir/.htaccess";
         if (!is_readable($htaccess_file)) {
-            $err->raise("hta", printf(_("I cannot read the file '%s'"), $htaccess_file));
+            $msg->raise('Error', "hta", _("I cannot read the file '%s'"), $htaccess_file);
         }
         $fileLines = file($htaccess_file);
         $patternList = array(
@@ -243,21 +240,21 @@ class m_hta {
         }
         // If no changes 
         if (!$count_lines) {
-            $err->raise("hta", printf(_("Unexpected: No changes made to '%s'"), $htaccess_file));
+            $msg->raise('Alert', "hta", _("Unexpected: No changes made to '%s'"), $htaccess_file);
         }
         // If file is empty, remove it
         if (!count($fileLines)) {
             if (!unlink($htaccess_file)) {
-                $err->raise("hta", printf(_("I could not delete the file '%s'"), $htaccess_file));
+                $msg->raise('Error', "hta", _("I could not delete the file '%s'"), $htaccess_file);
             }
         } else {
             file_put_contents($htaccess_file, implode("\n", $fileLines));
         }
         $htpasswd_file = "$dir/.htpasswd";
         if (!is_writable($htpasswd_file)) {
-            $err->raise("hta", printf(_("I cannot read the file '%s'"), $htpasswd_file));
+            $msg->raise('Error', "hta", _("I cannot read the file '%s'"), $htpasswd_file);
         } else if (!unlink($htpasswd_file)) {
-            $err->raise("hta", printf(_("I cannot delete the file '%s/.htpasswd'"), $dir));
+            $msg->raise('Error', "hta", _("I cannot delete the file '%s/.htpasswd'"), $dir);
             return false;
         }
 
@@ -267,7 +264,7 @@ class m_hta {
     /**
      * Add a user to a protected folder
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @global    m_bro   $bro
      * @global    m_admin $admin
      * @param     string  $user
@@ -278,19 +275,19 @@ class m_hta {
      * @return    boolean             TRUE if the user has been added, or FALSE if an error occurred
      */
     function add_user($user, $password, $dir) {
-        global $err, $bro, $admin;
-        $err->log("hta", "add_user", $user . "/" . $dir);
+        global $msg, $bro, $admin;
+        $msg->log("hta", "add_user", $user . "/" . $dir);
         if (empty($user)) {
-            $err->raise('hta', _("Please enter a user"));
+            $msg->raise('Error', 'hta', _("Please enter a user"));
             return false;
         }
         if (empty($password)) {
-            $err->raise('hta', _("Please enter a password"));
+            $msg->raise('Error', 'hta', _("Please enter a password"));
             return false;
         }
         $absolute = $bro->convertabsolute($dir, 0);
         if (!file_exists($absolute)) {
-            $err->raise("hta", printf(("The folder '%s' does not exist"), $dir));
+            $msg->raise('Error', "hta", _("The folder '%s' does not exist"), $dir);
             return false;
         }
         // @todo delete cf!. functions.php checkloginemail definition
@@ -304,7 +301,7 @@ class m_hta {
 
             $file = @fopen("$absolute/.htpasswd", "a+");
             if (!$file) {
-                $err->raise("hta", _("File already exist"));
+                $msg->raise('Error', "hta", _("File already exist"));
                 return false;
             }
             fseek($file, 0);
@@ -312,7 +309,7 @@ class m_hta {
                 $s = fgets($file, 1024);
                 $t = explode(":", $s);
                 if ($t[0] == $user) {
-                    $err->raise("hta", _("The user '%s' already exist for this folder"), $user);
+                    $msg->raise('Error', "hta", _("The user '%s' already exist for this folder"), $user);
                     return false;
                 }
             }
@@ -324,7 +321,7 @@ class m_hta {
             fclose($file);
             return true;
         } else {
-            $err->raise("hta", _("Please enter a valid username"));
+            $msg->raise('Error', "hta", _("Please enter a valid username"));
             return false;
         }
     }
@@ -333,24 +330,24 @@ class m_hta {
      * Delete a user from a protected folder.
      * 
      * @global    m_bro   $bro
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     array   $lst    An array with login to delete.
      * @param     string  $dir    The folder, relative to user root, where we want to delete users.
      * @return    boolean         TRUE if users has been deleted, or FALSE if an error occurred.
      */
     function del_user($lst, $dir) {
-        global $bro, $err;
-        $err->log("hta", "del_user", $lst . "/" . $dir);
+        global $bro, $msg;
+        $msg->log("hta", "del_user", $lst . "/" . $dir);
         $absolute = $bro->convertabsolute($dir, 0);
         if (!file_exists($absolute)) {
-            $err->raise("hta", printf(_("The folder '%s' does not exist"), $dir));
+            $msg->raise('Error', "hta", _("The folder '%s' does not exist"), $dir);
             return false;
         }
         touch("$absolute/.htpasswd.new");
         $file = fopen("$absolute/.htpasswd", "r");
         $newf = fopen("$absolute/.htpasswd.new", "a");
         if (!$file || !$newf) {
-            $err->raise("hta", _("File already exist"));
+            $msg->raise('Error', "hta", _("File already exist"));
             return false;
         }
         reset($lst);
@@ -378,11 +375,11 @@ class m_hta {
      * @return boolean TRUE if the password has been changed, or FALSE if an error occurred
      */
     function change_pass($user, $newpass, $dir) {
-        global $bro, $err, $admin;
-        $err->log("hta", "change_pass", $user . "/" . $dir);
+        global $bro, $msg, $admin;
+        $msg->log("hta", "change_pass", $user . "/" . $dir);
         $absolute = $bro->convertabsolute($dir, 0);
         if (!file_exists($absolute)) {
-            $err->raise("hta", printf(_("The folder '%s' does not exist"), $dir));
+            $msg->raise('Error', "hta", _("The folder '%s' does not exist"), $dir);
             return false;
         }
 
@@ -397,7 +394,7 @@ class m_hta {
         $file = fopen("$absolute/.htpasswd", "r");
         $newf = fopen("$absolute/.htpasswd.new", "a");
         if (!$file || !$newf) {
-            $err->raise("hta", _("File already exist"));
+            $msg->raise('Error', "hta", _("File already exist"));
             return false;
         }
         while (!feof($file)) {
@@ -418,14 +415,14 @@ class m_hta {
     /**
      * Check that a .htaccess file is valid (for authentication)
      * 
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     type    $absolute
      * @param     string  $absolute   Folder we want to check (relative to user root)
      * @return    boolean             TRUE is the .htaccess is protecting this folder, or FALSE else
      */
     private function _reading_htaccess($absolute) {
-        global $err;
-        $err->log("hta", "_reading_htaccess", $absolute);
+        global $msg;
+        $msg->log("hta", "_reading_htaccess", $absolute);
         $file = fopen("$absolute/.htaccess", "r+");
         $lignes = array(1, 1, 1);
         $errr = 0;
@@ -452,7 +449,7 @@ class m_hta {
         } // Reading config file
         fclose($file);
         if ($errr || in_array(0, $lignes)) {
-            $err->raise("hta", _("An incompatible .htaccess file exists in this folder"));
+            $msg->raise('Error', "hta", _("An incompatible .htaccess file exists in this folder"));
             return false;
         }
         return true;

From 8479d79bde17003e67d660244c83952fa6bb3d98 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Wed, 16 Aug 2017 19:46:53 +0200
Subject: [PATCH 12/23] =?UTF-8?q?classe=20quota=20&=20fichiers=20section?=
 =?UTF-8?q?=20admin=20associ=C3=A9s?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/quota_show.php     |  6 +--
 bureau/admin/quotas_oneuser.php | 65 ++++++++++++++++++++++++---------
 bureau/admin/quotas_users.php   | 11 +++---
 bureau/class/m_quota.php        | 48 ++++++++++++------------
 4 files changed, 79 insertions(+), 51 deletions(-)

diff --git a/bureau/admin/quota_show.php b/bureau/admin/quota_show.php
index d58b55bc..0d1be01e 100644
--- a/bureau/admin/quota_show.php
+++ b/bureau/admin/quota_show.php
@@ -37,9 +37,9 @@ include_once("head.php");
 <?php
 $q=$quota->getquota();
 if (!is_array($q) || empty($q) ) {
-  echo "<p class=\"alert alert-danger\">"._("No quotas for this account, or quotas currently unavailable!")."</p>";
-  include_once("foot.php");
-  die();
+  $msg->raise('Alert', "quota", _("No quotas for this account, or quotas currently unavailable!"));
+  include_once("main.php");
+  exit();
 } 
 
 echo "<table cellspacing=\"0\" cellpadding=\"4\" class='tlist'>";
diff --git a/bureau/admin/quotas_oneuser.php b/bureau/admin/quotas_oneuser.php
index 90876120..9e5f7de3 100644
--- a/bureau/admin/quotas_oneuser.php
+++ b/bureau/admin/quotas_oneuser.php
@@ -8,10 +8,20 @@ if (!isset($mode)) { # when included from adm_login, mode is not set
   $mode = 0;
 }
 // $mode = 4; // Pour Debuguer le mode "graphique" des quotas
+
+// Si la var $usr existe, c'est qu'on appelle les quotas pour 1 user à partir des quotas généraux de l'admin
+// Sinon, on récupère l'id du user à récupérer via $mem->user["login"]
+if (isset($usr) && is_int($usr)) {
+  $id_usr=$usr;
+  $login=$admin->get_login_by_uid($id_usr);
+} else {
+  $id_usr = $mem->user["uid"];
+  $login = $mem->user["login"];
+}
 ?>
 <center>
 
-<h3 style="text-align:center;"><?php printf(_("<b>%s</b> account"),$mem->user["login"]); ?></h3>
+<h3 style="text-align:center;"><?php printf(_("<b>%s</b> account"),$login); ?></h3>
 
 <div style="width: 600px">
 
@@ -30,6 +40,8 @@ if (!isset($mode)) { # when included from adm_login, mode is not set
 
 <!-- Mails -->
 
+<p style="text-align: left; font-size:16px;"><b><?php __("Emails"); ?></b></p>
+
 <table class="tedit" width="100%">
 <thead>
 <tr>
@@ -41,7 +53,7 @@ if (!isset($mode)) { # when included from adm_login, mode is not set
 <tbody>
 <?php
 
-  $domaines_user = $dom->enum_domains($mem->user["uid"]);
+  $domaines_user = $dom->enum_domains($id_usr);
   $totalmail=0;
   foreach ($domaines_user as $domaine) {
     $mstmp = $quota->get_size_mail_sum_domain($domaine);
@@ -84,10 +96,10 @@ if (!isset($mode)) { # when included from adm_login, mode is not set
       $tpc = 0;
     }
     if (count($alias_sizes) > 0) {
-    echo "<tr><td><i>". _('Total'). " {$domaine}</i></td><td></td>";
+    echo "<tr><td style=\"text-align: right\"><i><b>". _('Total'). " {$domaine}</b></i></td><td></td>";
     echo "<td";
     if ($mode!=2) echo " style=\"text-align: right\"";
-    echo "><i>";
+    echo "><i><b>";
     if ($mode==0) {
       echo sprintf("%.1f", $d['size'])."&nbsp;".$d['unit'];
     } elseif ($mode==1) {
@@ -95,7 +107,7 @@ if (!isset($mode)) { # when included from adm_login, mode is not set
     } else {
       $quota->quota_displaybar($tpc);
     }
-    echo "</i></td></tr>";
+    echo "</b></i></td></tr>";
   }
 }
 ?>
@@ -106,12 +118,12 @@ if (!isset($mode)) { # when included from adm_login, mode is not set
 <!-- Databases -->
 
 <?php
-  $totaldb = $quota->get_size_db_sum_user($mem->user["login"]);
+  $totaldb = $quota->get_size_db_sum_user($login);
 
   $t = $quota->get_size_unit($totaldb);
-  echo "<p>"._("Databases:")." ";
-  echo sprintf("%.1f", $t['size'])."&nbsp;".$t['unit'];
-  echo "</p>";
+
+  echo "<p style=\"text-align: left; font-size:16px;\"><b>"._("Databases:")." ";
+  echo "</b></p>";
 ?>
 
 <table class="tedit" width="100%">
@@ -124,7 +136,7 @@ if (!isset($mode)) { # when included from adm_login, mode is not set
 <tbody>
 <?php
 
-  $db_sizes = $quota->get_size_db_details_user($mem->user["login"]);
+  $db_sizes = $quota->get_size_db_details_user($login);
   foreach ($db_sizes as $d) {
     echo "<tr><td>".$d["db"]."</td><td";
     if ($mode!=2) echo " style=\"text-align: right\"";
@@ -140,10 +152,17 @@ if (!isset($mode)) { # when included from adm_login, mode is not set
     } elseif (isset($mode) &&$mode==1) {
       echo sprintf("%.1f", $pc)."&nbsp;%";
     } else {
-      $quota->quota_displaybar(2*$pc, 0);
+      $quota->quota_displaybar($pc, 0);
     }
     echo "</td></tr>";
   }
+
+  if (count($db_sizes) > 0 && $mode==0) {
+    echo "<tr><td style=\"text-align: right\"><i><b>". _('Total'). " " . _("Databases:")."</b></i></td>";
+    echo "<td style=\"text-align: right\"><i><b>";
+    echo sprintf("%.1f", $t['size'])."&nbsp;".$t['unit'];
+    echo "</b></i></td></tr>";
+  }
 ?>
 </tbody>
 </table>
@@ -151,16 +170,16 @@ if (!isset($mode)) { # when included from adm_login, mode is not set
 <!-- Mailing lists -->
 
 <?php
-  $totallist = $quota->get_size_mailman_sum_user($mem->user["uid"]);
+  $totallist = $quota->get_size_mailman_sum_user($id_usr);
   if ($totallist) {
     // $totalweb is in KB, so we call get_size_unit() with it in Bytes
     $t=$quota->get_size_unit($totallist * 1024);
-    echo "<p>"._("Mailman lists:")." ";
-    echo sprintf("%.1f", $t['size'])."&nbsp;".$t['unit'];
-    echo "</p>";
+
+    echo "<p style=\"text-align: left; font-size:16px;\"><b>"._("Mailman lists:")." ";
+    echo "</b></p>";
 ?>
 
-<table class="tedit" width='60%'>
+<table class="tedit" width='100%'>
 <thead>
 <tr>
   <th><?php __("Lists"); ?></th>
@@ -170,14 +189,14 @@ if (!isset($mode)) { # when included from adm_login, mode is not set
 <tbody>
 <?php
 
-  $mailman_size = $quota->get_size_mailman_details_user($mem->user["uid"]);
+  $mailman_size = $quota->get_size_mailman_details_user($id_usr);
   foreach ($mailman_size as $d) {
     echo "<tr><td>".$d["list"]."</td><td";
     if ($mode!=2) echo " style=\"text-align: right\"";
     echo ">";
     $ds = $quota->get_size_unit($d["size"] * 1024);
     if ($totallist) {
-      $pc=intval(100*$ds['size']/$totallist);
+      $pc=intval(100*$d['size']/$totallist);
     } else {
       $pc=0;
     }
@@ -190,10 +209,20 @@ if (!isset($mode)) { # when included from adm_login, mode is not set
     }
     echo "</td></tr>";
   }
+
+  if (count($db_sizes) > 0 && $mode==0) {
+    echo "<tr><td style=\"text-align: right\"><i><b>". _('Total'). " " . _("Mailman lists:")."</b></i></td>";
+    echo "<td";
+    if ($mode!=2) echo " style=\"text-align: right\"";
+    echo "><i><b>";
+    echo sprintf("%.1f", $t['size'])."&nbsp;".$t['unit'];
+    echo "</b></i></td></tr>";
+  }
 ?>
 </tbody>
 </table>
 
     <?php } /* totallist */ ?>
 </div>
+<p>&nbsp;</p>
 </center>
diff --git a/bureau/admin/quotas_users.php b/bureau/admin/quotas_users.php
index f46b36d0..1a6764e9 100644
--- a/bureau/admin/quotas_users.php
+++ b/bureau/admin/quotas_users.php
@@ -11,7 +11,8 @@ $fields = array (
 getFields($fields);
 
 if (!$admin->enabled) {
-  __("This page is restricted to authorized staff");
+  $msg->raise('Error', "admin", _("This page is restricted to authorized staff"));
+  echo $msg->msg_html_all();
   exit();
 }
 
@@ -22,9 +23,7 @@ include_once ("head.php");
 <hr id="topbar"/>
 <br />
 <?php
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-warning\">$error</p>";
-}
+echo $msg->msg_html_all();
 ?>
 <p>
 <?php __("This page shows the space and service count of your AlternC server and each AlternC accounts.");
@@ -279,7 +278,7 @@ foreach ($membres_list as $c) {
     $mls+=$mlstmp;
   }
   $one["mailsize"]=$ms;
-  $one["mailmainsize"]=$mls;
+  $one["mailmansize"]=$mls;
 
   // Mail Count
   $maildomains_list = $mail->enum_domains($c["uid"]);
@@ -350,7 +349,7 @@ foreach ($all as $c) {
   $mls=$c["mailmansize"];
 
   $mailsize=$quota->get_size_unit($ms);
-  $mailmansize=$quota->get_size_unit($mls);
+  $mailmansize=$quota->get_size_unit($mls * 1024);
 
   // Espace WEB
   $ws = $c["websize"];
diff --git a/bureau/class/m_quota.php b/bureau/class/m_quota.php
index ac0e44e1..e229a46a 100644
--- a/bureau/class/m_quota.php
+++ b/bureau/class/m_quota.php
@@ -137,8 +137,8 @@ class m_quota {
      * the defaults value.
      */
     function synchronise_user_profile() {
-        global $db, $err;
-        $err->log("quota", "synchronise_user_profile");
+        global $db, $msg;
+        $msg->log("quota", "synchronise_user_profile");
         $q = "insert into quotas select m.uid as uid, d.quota as name, d.value as total from membres m, defquotas d left join quotas q on q.name=d.quota  where m.type=d.type  ON DUPLICATE KEY UPDATE total = greatest(d.value, quotas.total);";
         if (!$db->query($q)) {
             return false;
@@ -153,8 +153,8 @@ class m_quota {
      */
 
     function create_missing_quota_profile() {
-        global $db, $quota, $err;
-        $err->log("quota", "create_missing_quota_profile");
+        global $db, $quota, $msg;
+        $msg->log("quota", "create_missing_quota_profile");
         $qt = $quota->getquota('', true);
         $type = $quota->listtype();
         foreach ($type as $t) {
@@ -172,8 +172,8 @@ class m_quota {
      * @Return array the quota used and total for this ressource (or for all ressource if unspecified)
      */
     function getquota($ressource = "", $recheck = false) {
-        global $db, $err, $cuid, $get_quota_cache, $hooks, $mem;
-        $err->log("quota", "getquota", $ressource);
+        global $db, $msg, $cuid, $get_quota_cache, $hooks, $mem;
+        $msg->log("quota", "getquota", $ressource);
         if ($recheck) { // rebuilding quota
             $get_quota_cache = null;
             $this->quotas = array();
@@ -240,8 +240,8 @@ class m_quota {
      * @param integer size of the quota (available or used)
      */
     function setquota($ressource, $size) {
-        global $err, $db, $cuid;
-        $err->log("quota", "setquota", $ressource . "/" . $size);
+        global $msg, $db, $cuid;
+        $msg->log("quota", "setquota", $ressource . "/" . $size);
         if (floatval($size) == 0) {
             $size = "0";
         }
@@ -252,7 +252,7 @@ class m_quota {
             $a = array();
             exec("sudo /usr/lib/alternc/quota_get " . intval($cuid) . " &> /dev/null &", $a);
             if (!isset($a[1]) || $size != $a[1]) {
-                $err->raise("quota", _("Error writing the quota entry!"));
+                $msg->raise('Error', "quota", _("Error writing the quota entry!"));
                 return false;
             }
         }
@@ -272,8 +272,8 @@ class m_quota {
      * Erase all quota information about the user.
      */
     function delquotas() {
-        global $db, $err, $cuid;
-        $err->log("quota", "delquota");
+        global $db, $msg, $cuid;
+        $msg->log("quota", "delquota");
         $db->query("DELETE FROM quotas WHERE uid= ?;", array($cuid));
         return true;
     }
@@ -327,14 +327,14 @@ class m_quota {
      * @return boolean true if all went ok
      */
     function addtype($type) {
-        global $db, $err;
+        global $db, $msg;
         $qlist = $this->qlist();
         if (empty($type)) {
             return false;
         }
         $type = strtolower($type);
         if (!preg_match("#^[a-z0-9]*$#", $type)) {
-            $err->raise("quota", "Type can only contains characters a-z and 0-9");
+            $msg->raise('Error', "quota", _("Type can only contains characters a-z and 0-9")); // à traduire
             return false;
         }
         while (list($key, $val) = each($qlist)) {
@@ -383,8 +383,8 @@ class m_quota {
      * The user we are talking about is in the global $cuid.
      */
     function addquotas() {
-        global $db, $err, $cuid;
-        $err->log("quota", "addquota");
+        global $db, $msg, $cuid;
+        $msg->log("quota", "addquota");
         $ql = $this->qlist();
         reset($ql);
 
@@ -478,7 +478,7 @@ class m_quota {
     /* sum of mailbox sizes from all domains */
 
     function get_size_mail_sum_all() {
-        return $this->_get_sum_sql("SELECT SUM(bytes) AS sum FROM mailbox WHERE delivery = 'dovecot';;");
+        return $this->_get_sum_sql("SELECT SUM(quota_dovecot) AS sum FROM dovecot_quota ;");
     }
 
     /* sum of mailbox sizes for one domain */
@@ -491,19 +491,19 @@ class m_quota {
     /* count of mailbox sizes from all domains */
 
     function get_size_mail_count_all() {
-        return $this->_get_count_sql("SELECT COUNT(*) AS count FROM mailbox WHERE delivery = 'dovecot';");
+        return $this->_get_count_sql("SELECT COUNT(*) AS count FROM dovecot_quota;");
     }
 
     /* count of mailbox for one domain */
 
     function get_size_mail_count_domain($dom) {
-        return $this->_get_count_sql("SELECT COUNT(*) AS count FROM dovecot_view WHERE user LIKE '%@{$dom}'");
+        return $this->_get_count_sql("SELECT COUNT(*) AS count FROM dovecot_quota WHERE user LIKE '%@{$dom}'");
     }
 
     /* get list of mailbox alias and size for one domain */
 
     function get_size_mail_details_domain($dom) {
-        return $this->_get_size_and_record_sql("SELECT user as alias,quota_dovecot as size FROM dovecot_view WHERE user LIKE '%@{$dom}' ORDER BY alias;");
+        return $this->_get_size_and_record_sql("SELECT user as alias,quota_dovecot as size FROM dovecot_quota WHERE user LIKE '%@{$dom}' ORDER BY alias;");
     }
 
     /* sum of mailman lists sizes from all domains */
@@ -515,7 +515,7 @@ class m_quota {
     /* sum of mailman lists sizes for one domain */
 
     function get_size_mailman_sum_domain($dom) {
-        return $this->_get_sum_sql("SELECT SUM(size) AS sum FROM size_mailman WHERE list LIKE '%@{$dom}'");
+        return $this->_get_sum_sql("SELECT SUM(size) AS sum FROM size_mailman s INNER JOIN mailman m ON s.list = m.list AND s.uid = m.uid WHERE m.domain = '$dom'");
     }
 
     /* sum of mailman lists for one user */
@@ -624,8 +624,8 @@ class m_quota {
      * globals $cuid is the appropriate user
      */
     function hook_admin_add_member() {
-        global $err;
-        $err->log("quota", "hook_admin_add_member");
+        global $msg;
+        $msg->log("quota", "hook_admin_add_member");
         $this->addquotas();
         $this->getquota('', true); // actualise quota
     }
@@ -637,8 +637,8 @@ class m_quota {
      * EXPERIMENTAL function ;) 
      */
     function alternc_export_conf() {
-        global $err;
-        $err->log("quota", "export");
+        global $msg;
+        $msg->log("quota", "export");
         $str = "  <quota>";
 
         $q = $this->getquota();

From dec3ac1b9a82ba89371ecd17f9689279de8ea7c8 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Wed, 16 Aug 2017 19:59:33 +0200
Subject: [PATCH 13/23] =?UTF-8?q?classe=20aws=20&=20fichiers=20section=20a?=
 =?UTF-8?q?dmin=20associ=C3=A9s?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 awstats/bureau/admin/aws_add.php     |   6 +-
 awstats/bureau/admin/aws_del.php     |   9 +-
 awstats/bureau/admin/aws_doadd.php   |   4 +-
 awstats/bureau/admin/aws_doedit.php  |   5 +-
 awstats/bureau/admin/aws_edit.php    |   6 +-
 awstats/bureau/admin/aws_list.php    |  27 +++--
 awstats/bureau/admin/aws_pass.php    |  34 +++---
 awstats/bureau/admin/aws_useradd.php |   8 +-
 awstats/bureau/admin/aws_userdel.php |   7 +-
 awstats/bureau/admin/aws_users.php   |  21 ++--
 awstats/bureau/class/m_aws.php       | 154 ++++++++++++++-------------
 11 files changed, 138 insertions(+), 143 deletions(-)

diff --git a/awstats/bureau/admin/aws_add.php b/awstats/bureau/admin/aws_add.php
index 1c79e1de..8f97be82 100644
--- a/awstats/bureau/admin/aws_add.php
+++ b/awstats/bureau/admin/aws_add.php
@@ -30,7 +30,7 @@ $fields = array (
 getFields($fields);
 
 if (!$id && !$quota->cancreate("aws")) {
-	$error=_("You cannot add any new statistics, your quota is over.");
+	$msg->raise('Alert', "aws", _("You cannot add any new statistics, your quota is over."));
 }
 
 include_once("head.php");
@@ -42,9 +42,7 @@ include_once("head.php");
 <br/>
 <br/>
 <?php
-	if (isset($error) && $error) {
-		echo "<p class=\"error\">$error</p></body></html>";
-	}
+echo $msg->msg_html_all();
 ?>
 <form method="post" action="<?php if (!$id) echo "aws_doadd.php"; else echo "aws_doedit.php"; ?>" id="main" name="main">
 <?php csrf_get(); ?>
diff --git a/awstats/bureau/admin/aws_del.php b/awstats/bureau/admin/aws_del.php
index d603ff06..9b59fced 100644
--- a/awstats/bureau/admin/aws_del.php
+++ b/awstats/bureau/admin/aws_del.php
@@ -24,7 +24,6 @@
 */
 require_once("../class/config.php");
 
-$error="";
 // On parcours les POST_VARS et on repere les del_.
 reset($_POST);
 $found=false;
@@ -33,16 +32,14 @@ while (list($key,$val)=each($_POST)) {
     // Effacement du jeu de stats $val
     $r=$aws->delete_stats($val);
     $found=true;
-    if (!$r) {
-      $error.=$err->errstr()."<br />";
-    } else {
-      $error.=sprintf(_("The statistics %s has been successfully deleted"),$r)."<br />";
+    if ($r) {
+      $msg->raise('Ok', "aws", _("The statistics %s has been successfully deleted"),$r);
     }
   }
 }
 
 if (!$found) {
-  $error.=_("Please check the statistics set you want to delete");
+  $msg->raise('Info', "aws", _("Please check the statistics set you want to delete"));
  }
 
 include("aws_list.php");
diff --git a/awstats/bureau/admin/aws_doadd.php b/awstats/bureau/admin/aws_doadd.php
index e3a4777f..740ebe0c 100644
--- a/awstats/bureau/admin/aws_doadd.php
+++ b/awstats/bureau/admin/aws_doadd.php
@@ -34,17 +34,15 @@ getFields($fields);
 if ($aws->check_host_available($hostname)) {
     $r=$aws->add_stats($hostname,$awsusers,$hostaliases,1);
     if (!$r) {
-        $error=$err->errstr();
         include("aws_add.php");
         exit();
     } else {
-        $error=_("The statistics has been successfully created");
+        $msg->raise('Ok', "aws", _("The statistics has been successfully created"));
 	    include("aws_list.php");
 	    exit();
     }
 }
 else {
-    $error=$err->errstr();
     include("aws_add.php");
     exit();
 }
diff --git a/awstats/bureau/admin/aws_doedit.php b/awstats/bureau/admin/aws_doedit.php
index 67b5bcfe..d1a10007 100644
--- a/awstats/bureau/admin/aws_doedit.php
+++ b/awstats/bureau/admin/aws_doedit.php
@@ -33,7 +33,7 @@ $fields = array (
 getFields($fields);
 
 if (!$id) {
-	$error=_("No Statistics selected!");
+	$msg->raise('Error', "aws", _("No Statistics selected!"));
 } else {
   $ha ="";
   foreach($hostaliases as $ho) 
@@ -41,11 +41,10 @@ if (!$id) {
   
   $r=$aws->put_stats_details($id,$awsusers,$ha,$public);
 	if (!$r) {
-		$error=$err->errstr();
 		include("aws_edit.php");
 		exit();
 	} else {
-		$error=_("The Statistics has been successfully changed");
+		$msg->raise('Ok', "aws", _("The Statistics has been successfully changed"));
 		include("aws_list.php");
 		exit();
 	}
diff --git a/awstats/bureau/admin/aws_edit.php b/awstats/bureau/admin/aws_edit.php
index 2fb08579..01bf5c15 100644
--- a/awstats/bureau/admin/aws_edit.php
+++ b/awstats/bureau/admin/aws_edit.php
@@ -30,12 +30,10 @@ $fields = array (
 getFields($fields);
 
 if (!$id) {
-	$error=_("No Statistics selected!");
+	$msg->raise('Error', "aws", _("No Statistics selected!"));
 } else {
 	$r=$aws->get_stats_details($id);
-	if (!$r) {
-		$error=$err->errstr();
-	} else {
+	if ($r) {
 		$id=$r["id"];
 		$hostname=$r["hostname"];
 		$awsusers=$r["users"];
diff --git a/awstats/bureau/admin/aws_list.php b/awstats/bureau/admin/aws_list.php
index 493929b9..9e287ae8 100644
--- a/awstats/bureau/admin/aws_list.php
+++ b/awstats/bureau/admin/aws_list.php
@@ -24,28 +24,35 @@
 */
 require_once("../class/config.php");
 include_once("head.php");
+
+$nosta=false;
+if (!$r=$aws->get_list()) {
+	$msg->raise('Info', "aws", _("No statistics currently defined"));
+	$nosta=true;
+}
+
+$create=true;
+if (!$quota->cancreate("aws")) {
+	$msg->raise('Info', "aws", _("Your stat quota is over..."));
+	$create=false;
+}
 ?>
 
 <h3><?php __("Statistics List"); ?></h3>
 <hr id="topbar"/>
 <br />
-<?php if (!empty($error)) { echo "<p class=\"error\">$error</p>"; $error=''; } ?>
+<?php
+echo $msg->msg_html_all("<li>", true, true);
+?>
 <p>
 <?php
-
-$nosta=false;
-if (!$r=$aws->get_list()) {
-	$error=$err->errstr();
-	$nosta=true;
-}
-
-if (!empty($error)) { echo "<p class=\"error\">$error</p>"; $error=''; } 
+//echo "<pre>";print_r($mem);echo "</pre>";
 ?>
 
 <span class="ina"><a href="aws_users.php"><?php __("Manage allowed users' accounts"); ?></a></span><br /><br />
 
 <?php
-if ($quota->cancreate("aws")) { ?>
+if ($create) { ?>
   <span class="ina"><a href="aws_add.php"><?php __("Create new Statistics"); ?></a></span><br />
 <?php } // cancreate ?>
 </p>
diff --git a/awstats/bureau/admin/aws_pass.php b/awstats/bureau/admin/aws_pass.php
index 927c5d86..ee67c85f 100644
--- a/awstats/bureau/admin/aws_pass.php
+++ b/awstats/bureau/admin/aws_pass.php
@@ -26,28 +26,26 @@ require_once("../class/config.php");
 
 $fields = array (
 	"login" => array ("request", "string", ""),
-	"pass"  => array ("request", "string", ""),
-	"passconf"  => array ("request", "string", ""),
+	"pass"  => array ("post", "string", ""),
+	"passconf"  => array ("post", "string", ""),
+	"confirm"  => array ("post", "string", ""),
 );
 
 getFields($fields);
 
 if (!$aws->login_exists($login)) {
-	$error=$err->errstr();
 	include("aws_users.php");
 	exit();
 }
 
-if ($pass) {
-    if ($pass != $passconf) {
-	$error = _("Passwords do not match");
-	include("aws_users.php");
-        exit();
-    }else{
-	if (!$aws->change_pass($login,$pass)) {
-		$error=$err->errstr();
-	} else {
-		$error = _("Password successfuly updated");
+if ($confirm == 1) {
+    if (empty($pass) || is_null($pass)) {
+	$msg->raise('Error', "aws", _("Please enter a password"));
+    } else if ($pass != $passconf) {
+	$msg->raise('Error', "aws", _("Passwords do not match"));
+    } else {
+	if ($aws->change_pass($login,$pass)) {
+		$msg->raise('Ok', "aws", _("Password successfuly updated"));
 		include("aws_users.php");
 		exit();
 	}
@@ -56,22 +54,24 @@ if ($pass) {
 
 include_once("head.php");
 
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['aws']['classcount'];
+
 ?>
 <h3><?php __("Change a user's password"); ?></h3>
 <?php
-if (isset($error) && $error) {
+echo $msg->msg_html_all();
 ?>
-<p class="error"><?php echo $error ; $error=''; ?></p>
-<?php } ?>
 
 <form method="post" action="aws_pass.php" name="main" id="main">
 <?php csrf_get(); ?>
+<input type="hidden" name="confirm" value="1" />
 <table class="tedit">
 <tr><th>
 <?php __("Username"); ?></th><td>
 	<code><?php echo $login; ?></code> <input type="hidden" name="login" value="<?php echo $login; ?>" />
 </td></tr>
-<tr><th><label for="pass"><?php __("New Password"); ?></label></th><td><input type="password" class="int" name="pass" id="pass" value="<?php echo $pass; ?>" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td></tr>
+<tr><th><label for="pass"><?php __("New Password"); ?></label></th><td><input type="password" class="int" name="pass" id="pass" value="<?php echo $pass; ?>" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td></tr>
 <tr><th><label for="passconf"><?php __("Confirm password"); ?></label></th><td><input type="password" class="int" name="passconf" id="passconf" value="" size="20" maxlength="64" /></td></tr>
 <tr class="trbtn"><td colspan="2">
   <input type="submit" class="inb" name="submit" value="<?php __("Change this user's password"); ?>" />
diff --git a/awstats/bureau/admin/aws_useradd.php b/awstats/bureau/admin/aws_useradd.php
index 497f1bff..53d1401d 100644
--- a/awstats/bureau/admin/aws_useradd.php
+++ b/awstats/bureau/admin/aws_useradd.php
@@ -33,14 +33,12 @@ $fields = array (
 getFields($fields);
 
 if ($pass != $passconf) {
-        $error = _("Passwords do not match");
+        $msg->raise('Error', "aws", _("Passwords do not match"));
 }else{
 	$r=$aws->add_login($prefixe.(($login)?"_":"").$login,$pass);
 
-	if (!$r) {
-		$error=$err->errstr();
-	} else {
-		$error=_("The Awstat account has been successfully created");
+	if ($r) {
+		$msg->raise('Ok', "aws", _("The Awstat account has been successfully created"));
 	}
 }
 
diff --git a/awstats/bureau/admin/aws_userdel.php b/awstats/bureau/admin/aws_userdel.php
index 5efd07f5..9474f228 100644
--- a/awstats/bureau/admin/aws_userdel.php
+++ b/awstats/bureau/admin/aws_userdel.php
@@ -24,17 +24,14 @@
 */
 require_once("../class/config.php");
 
-$error="";
 // On parcours les POST_VARS et on repere les del_.
 reset($_POST);
 while (list($key,$val)=each($_POST)) {
 	if (substr($key,0,4)=="del_") {
 		// Effacement du compte ftp $val
 		$r=$aws->del_login($val);
-		if (!$r) {
-			$error.=$err->errstr()."<br />";
-		} else {
-			$error.=sprintf(_("The awstat account %s has been successfully deleted"),$val)."<br />";
+		if ($r) {
+			$msg->raise('Ok', "aws", _("The awstat account %s has been successfully deleted"),$val);
 		}
 	}
 }
diff --git a/awstats/bureau/admin/aws_users.php b/awstats/bureau/admin/aws_users.php
index cf992da8..1a9a4505 100644
--- a/awstats/bureau/admin/aws_users.php
+++ b/awstats/bureau/admin/aws_users.php
@@ -30,17 +30,16 @@ include_once("head.php");
 <hr id="topbar"/>
 <br />
 <?php
-
-if (isset($error) && $error) { ?>
-<p class="error"><?php echo $error; $error=''; ?></p>
-<?php }
-
 $nologin=false;
 if (!$r=$aws->list_login()) {
 	$nologin=true;
-	$error=$err->errstr();
 }
 
+echo $msg->msg_html_all();
+
+$c=$admin->listPasswordPolicies();
+$passwd_classcount = $c['aws']['classcount'];
+
 	if ($quota->cancreate("aws")) { ?>
 <p><span class="ina"><a href="aws_add.php"><?php __("Create new Statistics"); ?></a></span></p>
 <?php  	} ?>
@@ -52,7 +51,7 @@ if (!$r=$aws->list_login()) {
 <label for="login"><?php __("Username"); ?></label></th><td>
 	<select class="inl" name="prefixe"><?php $aws->select_prefix_list($prefixe); ?></select>&nbsp;<b>_</b>&nbsp;<input type="text" class="int" name="login" id="login" value="" size="20" maxlength="64" />
 </td></tr>
-<tr><th><label for="pass"><?php __("Password"); ?></label></th><td><input type="password" class="int" name="pass" id="pass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf"); ?></td></tr>
+<tr><th><label for="pass"><?php __("Password"); ?></label></th><td><input type="password" class="int" name="pass" id="pass" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#pass","#passconf",$passwd_classcount); ?></td></tr>
 <tr><th><label for="passconf"><?php __("Confirm password"); ?></label></th><td><input type="password" class="int" name="passconf" id="passconf" value="" size="20" maxlength="64" /></td></tr>
 <tr class="trbtn"><td colspan="2">
   <input type="submit" class="inb" name="submit" value="<?php __("Create this new Awstats user"); ?>" />
@@ -62,14 +61,8 @@ if (!$r=$aws->list_login()) {
 </table>
 </form>
 <br />
+
 <?php
-
-
-if (isset($error) && $error) {
-?>
-<p class="error"><?php echo $error ?></p>
-<?php }
-
 if (!$nologin) {
 ?>
 
diff --git a/awstats/bureau/class/m_aws.php b/awstats/bureau/class/m_aws.php
index 932e5f53..199e6b5f 100644
--- a/awstats/bureau/class/m_aws.php
+++ b/awstats/bureau/class/m_aws.php
@@ -94,8 +94,8 @@ class m_aws {
    *  $r[0-n]["users"]= list of allowed users separated with ' '
    */
   function get_list() {
-    global $db,$err,$cuid;
-    $err->log("aws","get_list");
+    global $db,$msg,$cuid;
+    $msg->log("aws","get_list");
     $r=array();
     $db->query("SELECT id, hostname FROM aws WHERE uid='$cuid' ORDER BY hostname;");
     if ($db->num_rows()) {
@@ -120,7 +120,6 @@ class m_aws {
       }
       return $t;
     } else {
-      $err->raise("aws",_("No statistics currently defined"));
       return false;
     }
   }
@@ -137,8 +136,8 @@ class m_aws {
    *  $r["users"] = List of allowed users, separated by ' '
    */
   function get_stats_details($id) {
-    global $db,$err,$cuid;
-    $err->log("aws","get_stats_details",$id);
+    global $db,$msg,$cuid;
+    $msg->log("aws","get_stats_details",$id);
     $db->query("SELECT id, hostname, hostaliases, public FROM aws WHERE uid='$cuid' AND id='$id';");
     if ($db->num_rows()) {
       $db->next_record();
@@ -159,7 +158,7 @@ class m_aws {
                 "public"=>$public
 		   );
     } else {
-      $err->raise("aws",_("This statistic does not exist"));
+      $msg->raise('Error', "aws",_("This statistic does not exist"));
       return false;
     }
   }
@@ -171,7 +170,7 @@ class m_aws {
    * @return array an array of allowed domains / subdomains.
    */
   function host_list() {
-    global $db,$err,$cuid;
+    global $db,$msg,$cuid;
     $r=array();
     $db->query("SELECT sd.domaine, sd.sub, dt.name, dt.description FROM sub_domaines sd, domaines_type dt WHERE compte='$cuid' AND lower(sd.type) = lower(dt.name) AND dt.only_dns = false ORDER BY domaine,sub;");
     while ($db->next_record()) {
@@ -252,14 +251,14 @@ class m_aws {
    * of available for this member.
    */
   function check_host_available($current) {
-    global $err;
-    $err->log("aws","check_host_available",$current);
+    global $msg;
+    $msg->log("aws","check_host_available",$current);
     $r=$this->get_list();
     if(is_array($r)){
         reset($r);
         while (list($key,$val)=each($r)) {
           if ($current==$val["hostname"]) {
-              $err->raise("aws",_("Host already managed by awstats!"));
+              $msg->raise('Alert', "aws",_("Host already managed by awstats!"));
               return false;
           }
         }
@@ -273,7 +272,7 @@ class m_aws {
    * Return the hostaliases list with an id.
    */
   function get_hostaliases($id) {
-    global $db,$err,$cuid;
+    global $db,$msg,$cuid;
     $r=array();
     if ($id == NULL)  
       return $r; 
@@ -293,7 +292,7 @@ class m_aws {
    * @param array $users the list of allowed users
    */
   function put_stats_details($id,$users,$hostaliases,$public) {
-    global $err,$db,$cuid;
+    global $msg,$db,$cuid;
     if ($this->get_stats_details($id)) {
       $this->delete_allowed_login($id, 1);
       if (is_array($users)) {
@@ -318,11 +317,11 @@ class m_aws {
    * @return string the domain name of the deleted statistic set, or FALSE if an error occurred
    */
   function delete_stats($id) {
-    global $db,$err,$cuid,$action;
-    $err->log("aws","delete_stats",$id);
+    global $db,$msg,$cuid,$action;
+    $msg->log("aws","delete_stats",$id);
     $db->query("SELECT hostname FROM aws WHERE id='$id' and uid='$cuid';");
     if (!$db->num_rows()) {
-      $err->raise("aws",_("This statistic does not exist"));
+      $msg->raise('Error', "aws",_("This statistic does not exist"));
       return false;
     }
     $db->next_record();
@@ -346,8 +345,8 @@ class m_aws {
    * @return boolean TRUE if the set has been created
    */
   function add_stats($hostname,$users="", $hostaliases,$public) {
-    global $db,$err,$quota,$mem,$cuid;
-    $err->log("aws","add_stats",$hostname);
+    global $db,$msg,$quota,$mem,$cuid;
+    $msg->log("aws","add_stats",$hostname);
     $ha="";
     $r=$this->host_list();
     $hosts=array();
@@ -356,7 +355,7 @@ class m_aws {
     }
     reset($hosts);
     if (!in_array($hostname,$hosts) || $hostname=="") {
-      $err->raise("aws",_("This hostname does not exist (Domain name)"));
+      $msg->raise('Error', "aws",_("This hostname does not exist (Domain name)"));
       return false;
     }
 
@@ -364,7 +363,7 @@ class m_aws {
 	if (is_array($hostaliases)) {
 		foreach($hostaliases as $ho) {
 			if (!in_array($ho,$hosts) || $hostname=="") {
-				$err->raise("aws",_("This hostname does not exist (Hostaliases)"));
+				$msg->raise('Error', "aws",_("This hostname does not exist (Hostaliases)"));
 				return false;
 			}
 			$ha .= "$ho ";
@@ -384,7 +383,7 @@ class m_aws {
       mkdir($this->CACHEDIR."/".$hostname,0777);
       return true;
     } else {
-      $err->raise("aws",_("Your stat quota is over..."));
+      $msg->raise('Alert', "aws",_("Your stat quota is over..."));
       return false;
     }
   }
@@ -392,12 +391,12 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function list_login() {
-    global $db,$err,$cuid;
-    $err->log("aws","list_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","list_login");
     $db->query("SELECT login FROM aws_users WHERE uid='$cuid';");
     $res=array();
     if (!$db->next_record()) {
-	$err->raise("aws",_("No user currently defined"));
+	$msg->raise('Info', "aws",_("No user currently defined"));
       return false;
     }
     do { 
@@ -409,8 +408,8 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function list_allowed_login($id) {
-    global $db,$err,$cuid;
-    $err->log("aws","list_allowed_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","list_allowed_login");
     $db->query("SELECT u.login,a.id FROM aws_users u LEFT JOIN aws_access a ON a.id='$id' AND a.login=u.login WHERE u.uid='$cuid';");
     $res=array();
     if (!$db->next_record()) {
@@ -424,7 +423,7 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function get_view_public($id) {
-    global $db,$err,$cuid;
+    global $db,$msg,$cuid;
     $db->query("SELECT public FROM aws WHERE id='$id' and uid='$cuid';");
     if ($db->num_rows()) {
       $db->next_record();
@@ -439,8 +438,8 @@ class m_aws {
   /* ----------------------------------------------------------------- */
   /* Check that a login exists ($exists=1) or doesn't exist ($exists=0) */
   function login_exists($login,$exists=1) {
-    global $db,$err,$cuid;
-    $err->log("aws","list_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","list_login");
     $db->query("SELECT login FROM aws_users WHERE uid='$cuid' AND login='$login';");
     if (!$db->next_record()) {
       return ($exists==0);
@@ -452,10 +451,10 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function del_login($login) {
-    global $db,$err,$cuid;
-    $err->log("aws","del_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","del_login");
     if (!$this->login_exists($login,1)) {
-      $err->raise("aws",_("Login does not exist")); 
+      $msg->raise('Error', "aws",_("Login does not exist")); 
       return false;
     }
     $db->query("DELETE FROM aws_users WHERE uid='$cuid' AND login='$login';");
@@ -467,17 +466,22 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function add_login($login,$pass) {
-    global $db,$err,$cuid;
-    $err->log("aws","add_login");
+    global $db,$msg,$cuid,$admin;
+    $msg->log("aws","add_login");
 
     if (!($login=$this->_check($login))) {
-      $err->raise("aws",_("Login incorrect")); 
       return false;
     }
     if ($this->login_exists($login,1)) {
-      $err->raise("aws",_("Login already exist")); 
+      $msg->raise('Error', "aws",_("Login already exist")); 
       return false;
     }
+    // Check this password against the password policy using common API :
+    if (is_callable(array($admin, "checkPolicy"))) {
+      if (!$admin->checkPolicy("aws", $login, $pass)) {
+	return false; // The error has been raised by checkPolicy()
+      }
+    }
     $pass=$this->crypt_apr1_md5($pass);
     // FIXME retourner une erreur l'insert se passe pas bien
     $db->query("INSERT INTO aws_users (uid,login,pass) VALUES ('$cuid','$login','$pass');");
@@ -487,17 +491,23 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function change_pass($login,$pass) {
-    global $db,$err,$cuid;
-    $err->log("aws","change_pass");
+    global $db,$msg,$cuid,$admin;
+    $msg->log("aws","change_pass");
 
     if (!($login=$this->_check($login))) {
-      $err->raise("aws",_("Login incorrect")); // Login incorrect 
+      $msg->raise('Error', "aws",_("Login incorrect")); // Login incorrect 
       return false;
     }
     if (!($this->login_exists($login))) {
-      $err->raise("aws",_("Login does not exists")); // Login does not exists
+      $msg->raise('Error', "aws",_("Login does not exists")); // Login does not exists
       return false;
     }
+    // Check this password against the password policy using common API :
+    if (is_callable(array($admin, "checkPolicy"))) {
+      if (!$admin->checkPolicy("aws", $login, $pass)) {
+        return false; // The error has been raised by checkPolicy()
+      }
+    }
     $pass=$this->crypt_apr1_md5($pass);
     $db->query("UPDATE aws_users SET pass='$pass' WHERE login='$login';");
     return $this->_createhtpasswd();
@@ -506,25 +516,25 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function allow_login($login,$id,$noconf=0) { // allow user $login to access stats $id.
-    global $db,$err,$cuid;
-    $err->log("aws","allow_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","allow_login");
 
     if (!($login=$this->_check($login))) {
-      $err->raise("aws",_("Login incorrect"));
+      $msg->raise('Error', "aws",_("Login incorrect"));
       return false;      
     }
     if (!$this->login_exists($login)) {
-      $err->raise("aws",_("Login does not exist"));
+      $msg->raise('Error', "aws",_("Login does not exist"));
       return false;
     }
     $db->query("SELECT id FROM aws WHERE id='$id' AND uid='$cuid'");
     if (!$db->next_record()) {
-      $err->raise("aws",_("The requested statistic does not exist.")); 
+      $msg->raise('Error', "aws",_("The requested statistic does not exist.")); 
       return false;
     }
     $db->query("SELECT login FROM aws_access WHERE id='$id' AND login='$login'");
     if ($db->next_record()) {
-      $err->raise("aws",_("This login is already allowed for this statistics."));
+      $msg->raise('Error', "aws",_("This login is already allowed for this statistics."));
       return false;
     }
     $db->query("INSERT INTO aws_access (uid,id,login) VALUES ('$cuid','$id','$login');");
@@ -542,12 +552,12 @@ class m_aws {
    * @param integer $id
    */
   function delete_allowed_login($id,$noconf=0) {
-    global $db,$err,$cuid;
-    $err->log("aws","delete_allowed_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","delete_allowed_login");
 
     $db->query("SELECT id FROM aws WHERE id='$id' AND uid='$cuid'");
     if (!$db->next_record()) {
-      $err->raise("aws",_("The requested statistic does not exist.")); 
+      $msg->raise('Error', "aws",_("The requested statistic does not exist.")); 
       return false;
     }
     $db->query("DELETE FROM aws_access WHERE id='$id';");
@@ -561,25 +571,25 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function deny_login($login,$id,$noconf=0) { // deny user $login to access stats $id.
-    global $db,$err,$cuid;
-    $err->log("aws","deny_login");
+    global $db,$msg,$cuid;
+    $msg->log("aws","deny_login");
 
     if (!($login=$this->_check($login))) {
-      $err->raise("aws",_("Login incorrect")); // Login incorrect 
+      $msg->raise('Error', "aws",_("Login incorrect")); // Login incorrect 
       return false;
     }
     if (!$this->login_exists($login,0)) {
-      $err->raise("aws",_("Login does not exists")); // Login does not exists
+      $msg->raise('Error', "aws",_("Login does not exists")); // Login does not exists
       return false;
     }
     $db->query("SELECT id FROM aws WHERE id='$id' AND uid='$cuid'");
     if (!$db->next_record()) {
-      $err->raise("aws",_("The requested statistic does not exist."));
+      $msg->raise('Error', "aws",_("The requested statistic does not exist."));
       return false;
     }
     $db->query("SELECT login FROM aws_access WHERE id='$id' AND login='$login'");
     if (!$db->next_record()) {
-      $err->raise("aws",_("This login is already denied for this statistics."));
+      $msg->raise('Error', "aws",_("This login is already denied for this statistics."));
       return false;
     }
     $db->query("DELETE FROM aws_access WHERE id='$id' AND login='$login';");
@@ -593,8 +603,8 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function alternc_del_member() {
-    global $db,$err,$cuid;
-    $err->log("aws","del_member");
+    global $db,$msg,$cuid;
+    $msg->log("aws","del_member");
     $db->query("SELECT * FROM aws WHERE uid='$cuid';");
     $t=array();
     while ($db->next_record()) {
@@ -616,8 +626,8 @@ class m_aws {
    * @param string $dom the domain to uninstall
    */
   function alternc_del_domain($dom) {
-    global $err,$cuid;
-    $err->log("aws","alternc_del_domain",$dom);
+    global $msg,$cuid;
+    $msg->log("aws","alternc_del_domain",$dom);
     $db=new DB_System();
     $db->query("SELECT id,hostname FROM aws WHERE uid='$cuid' AND (hostname='$dom' OR hostname like '%.$dom')");
     $t=array();
@@ -639,8 +649,8 @@ class m_aws {
    * for a service
    */
   function hook_quota_get() {
-    global $db,$err,$cuid;
-    $err->log("aws","get_quota");
+    global $db,$msg,$cuid;
+    $msg->log("aws","get_quota");
     $db->query("SELECT COUNT(*) AS cnt FROM aws WHERE uid='$cuid'");
     $q=Array("name"=>"aws", "description"=>_("Awstats"), "used"=>0);
     if ($db->next_record()) {
@@ -652,7 +662,7 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function _check($login) {
-    global $err,$mem;
+    global $msg,$mem;
     $login=trim($login); 
     $login=strtolower($login); 
     if ($c=strpos($login,"_")) {
@@ -664,11 +674,11 @@ class m_aws {
     }
     $r=$this->prefix_list();
     if (!in_array($prefix,$r)) { 
-      $err->raise("aws",_("prefix not allowed.")); // prefix not allowed. 
+      $msg->raise('Error', "aws",_("prefix not allowed.")); // prefix not allowed. 
       return false;
     } 
    if (!preg_match('/^[0-9a-z_-]*$/', $postfix)){
-      $err->raise("aws",_("Forbidden caracters in the postfix.")); 
+      $msg->raise('Error', "aws", _("There is some forbidden characters in the login (only A-Z 0-9 _ and - are allowed)"));  // à traduire
       return false;
     }
     return $login;
@@ -680,9 +690,9 @@ class m_aws {
    * @access private
    */
   function _delconf($hostname) {
-    global $err,$action;
+    global $msg,$action;
     if (!preg_match('/^[._a-z0-9-]*$/', $hostname)){
-      $err->raise("aws",_("Hostname is incorrect")); 
+      $msg->raise('Error', "aws",_("Hostname is incorrect")); 
       return false;
     }
     $action->del($this->CONFDIR. DIRECTORY_SEPARATOR . "awstats.".$hostname.".conf");
@@ -695,10 +705,10 @@ class m_aws {
    * @access private
    */
   function _createconf($id,$nochk=0) {
-    global $db,$err,$cuid,$L_ALTERNC_LOGS;
+    global $db,$msg,$cuid,$L_ALTERNC_LOGS;
     $s=@implode("",file($this->TEMPLATEFILE));
     if (!$s) {
-      $err->raise("aws",_("Problem to create the configuration"));
+      $msg->raise('Error', "aws",_("Problem to create the configuration"));
       return false;
     }
     if ($nochk) {
@@ -707,7 +717,7 @@ class m_aws {
         $db->query("SELECT * FROM aws WHERE id='$id' AND uid='$cuid';");
     }
     if (!$db->num_rows()) {
-      $err->raise("aws",_("This statistic does not exist")); 
+      $msg->raise('Error', "aws",_("This statistic does not exist")); 
       return false;
     }
     $db->next_record();
@@ -747,7 +757,7 @@ class m_aws {
 
   /* ----------------------------------------------------------------- */
   function _createhtpasswd() {
-    global $db, $err;
+    global $db, $msg;
     $f=@fopen($this->HTAFILE,"wb");
     if ($f) {
       $db->query("SELECT login,pass FROM aws_users;");
@@ -757,7 +767,7 @@ class m_aws {
       fclose($f);
       return true;
     } else {
-      $err->raise("aws",sprintf(_("Problem to edit file %s"), $this->HTAFILE));
+      $msg->raise('Error', "aws", _("Problem to edit file %s"), $this->HTAFILE);
       return false;
     }
   }
@@ -770,8 +780,8 @@ class m_aws {
    * EXPERIMENTAL 'sid' function ;) 
    */
   function alternc_export() {
-    global $db,$err,$cuid;
-    $err->log("aws","export");
+    global $db,$msg,$cuid;
+    $msg->log("aws","export");
     $str="<aws>\n";
     $db->query("SELECT login,pass FROM aws_users WHERE uid='$cuid';");
     while ($db->next_record()) {

From 6b7d5e7d90bdf95efc0838d08425b666ecd55685 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Thu, 17 Aug 2017 03:32:18 +0200
Subject: [PATCH 14/23] le reste des fichiers & style.css

---
 bureau/admin/cron.php          |  12 ++-
 bureau/admin/favicon.ico       | Bin 1406 -> 1150 bytes
 bureau/admin/index.php         |  12 +--
 bureau/admin/ip_main.php       |  18 ++---
 bureau/admin/logs_download.php |   4 -
 bureau/admin/logs_list.php     |   8 +-
 bureau/admin/logs_tail.php     |  12 +--
 bureau/admin/main.php          |   1 +
 bureau/admin/menu.php          |  10 ++-
 bureau/admin/nowebmail.php     |   2 +-
 bureau/admin/styles/style.css  |   7 +-
 bureau/admin/vm.php            |  12 +--
 bureau/class/m_action.php      |  55 +++++++------
 bureau/class/m_authip.php      |  42 +++++-----
 bureau/class/m_cron.php        |  26 +++---
 bureau/class/m_err.php         | 144 ---------------------------------
 bureau/class/m_log.php         |  20 ++---
 bureau/class/m_lxc.php         |  10 +--
 bureau/class/variables.php     |   4 +-
 19 files changed, 117 insertions(+), 282 deletions(-)
 delete mode 100644 bureau/class/m_err.php

diff --git a/bureau/admin/cron.php b/bureau/admin/cron.php
index 9422cd41..e1912153 100755
--- a/bureau/admin/cron.php
+++ b/bureau/admin/cron.php
@@ -8,10 +8,8 @@ $fields = array (
 getFields($fields);
 
 if (!empty($cronupdate)) {
-  if (! $cron->update($cronupdate)) {
-    $error=$err->errstr();
-  } else {
-    $error=_("Save done.");
+  if ($cron->update($cronupdate)) {
+    $msg->raise("ok", "mysql", _("Save done."));
   }
 }
 
@@ -22,9 +20,9 @@ $lst_cron = $cron->lst_cron();
 <hr id="topbar"/>
 <br />
 
-<?php if (isset($error) && $error) { ?>
-  <p class="alert alert-danger"><?php echo $error ?></p>
-<?php } ?>
+<?php
+echo $msg->msg_html_all()
+?>
 
 <form method="post" action="cron.php" id="main" name="cron" >
   <?php csrf_get(); ?>
diff --git a/bureau/admin/favicon.ico b/bureau/admin/favicon.ico
index 4893b45951c21beaa7e4762a3c75dfa43ed0e66c..c34bfd95f08373d54cb0cba5747fbcebd7939e77 100644
GIT binary patch
literal 1150
zcmbW1-7BS06o<Ei8Aiq#p)@XhmYUp*<iZV-i-~fhrbIqs4#|jdqa+tD<Rdi_`NRA>
z^E}61dYvmxr{~>k?e$xGt-bgAo|NkNmCK1|Z>lt;)Rj^i2Bw&KnP*6e*mLU(RX;!O
zcLr0Yk#PbJ;1rHC+J|6FO;x}BqdW2(J75bo;TyC<Lq^*<V`|ja=2~+KN;R>f&e$ZV
zjWs@C|H|`4ZF<}tdgG%B-#Yf;UWVZ(xZWs?fxWgt=)Yn|J?HGhe9z-!_GcJx!L{6{
zXEqM%*I_Q(vE~T=AE?Xovy8jhR%0Jm;MtkK2&JdJp2+`<e+H3n{ofGrX6#ECgcZ1h
zJ*a^DsfQB?{WSJ|!EeF7hJILvHE4$oQ0Lv6AN8lOkH9lEcOK563Cv%5*sj)E!1le0
z{=Z;<g70tx_UOCj*a!CKS{LB{tm*xT=V#t3SjRi+f-;mK_7<^D<~$dBj{CD;ZTk;>
zb^Kcyc;gr1YRxfMjdksL5{h+e^Np!dYfdq)@0y$7-n@6uShSrprsg%*PZ&S2AKyvW
Nf7kb0{2%xq`yZZ^PaOaN

literal 1406
zcmbW%F>4)15CGs2CRmNZCg9qra%tGoO$tMPf$MaOE4L}5(xuz!WH2uLD_)^0Z0XV>
z0r%#Wh9sJNb5BB&Ax-Yyx3@dDyEnJDQpAz-;ltRDS3g8NR(nc^o^TY$%7~wiw#%Wo
zU60e~U!0yEE=twd?RK&Iyo>$sA7a1XM^;6C%BZ%~v*OvwNjx(2gcrQzSKjcE3%>II
zJH0jdW~QMvNfse6n7m_Abf>{2Srk2RFi93gPd1n&i(-@*UNyY3V{GSCCX1qzc+MnQ
z6rI?3E$*5u3Z3L3PO>Qa1qPF3QS?g<Cds1k08gLWnaV}cFF%+hi=r1~Fi93gFVbL=
zEQ(&Z!6aD}y_kbZvM5X>pUxz=b1Cf<`G_+~7Ddc=@)0Ll6#a1qlVnl!2OCV1MbRH|
zFi94L0rKfp=}gvk*6}C#h%-qRMQ?z?Bv}-_DF%~dQS?R`Op-;RkdHXYqVUzWFC;s;
z*ibguV3I5f1LYx3vM5Xz7Z(?v@7}f{-)uAW))~F8tlhBh_J38pKRfexd}<Ah^OL~g
zqEw}W|9PCBpWocmxZR9fx3*5-we`Id(YW32xeoL7q&@ZF=&7#j*O8m{)g0FWJ+JcX
z$W`@lx!byP>$}Fb4qvRreSSN*{3YV@kBGm2j(B#@|3PDR4<i2jG2)v(|5UHt!N2^p
Bs)zsp

diff --git a/bureau/admin/index.php b/bureau/admin/index.php
index 0763c50d..26f19d0a 100755
--- a/bureau/admin/index.php
+++ b/bureau/admin/index.php
@@ -26,15 +26,12 @@
 
 require_once("../class/config_nochk.php");
 
-if ($mem->checkid()) {
+if ($mem->checkid(false)) {
 	Header("Location: /main.php");
 	exit;
 }
 
-if (!$mem->del_session()) {
-  // No need to draw an error message ...
-  //$error=$err->errstr();
-}
+$mem->del_session();
 
 $H=getenv("HTTP_HOST");
 
@@ -72,11 +69,10 @@ if ( empty($logo) ||  ! $logo ) {
   $logo = 'images/logo.png'; 
 }
 ?>
-
-      <p id="logo">  <img src="<?php echo $logo; ?>" border="0" alt="<?php __("Web Hosting Control Panel"); ?>" title="<?php __("Web Hosting Control Panel"); ?>" />
+      <p id='logo'>  <img src="<?php echo $logo; ?>" border="0" height="100px" alt="<?php __("Web Hosting Control Panel"); ?>" title="<?php __("Web Hosting Control Panel"); ?>" />
       </p>
       <p>&nbsp;</p>
-    <?php if (isset($error) && $error) echo "<div class='alert alert-danger'>$error</div>"; ?>
+    <?php echo $msg->msg_html_all(); ?>
     <br/>
     <?php
     if (isset($_GET['authip_token'])) $authip_token=$_GET['authip_token'];
diff --git a/bureau/admin/ip_main.php b/bureau/admin/ip_main.php
index f2fe82db..6c2e01ed 100755
--- a/bureau/admin/ip_main.php
+++ b/bureau/admin/ip_main.php
@@ -20,25 +20,25 @@ if (!empty($s_protocol)) {
   getFields($fields);
 
   if (! $authip->ip_affected_save($s_ipsub, $s_protocol, $$val) ) {
-    $error="Error during ip_affected_save";
+    $msg->raise('Error', "ftp", _("Error during ip_affected_save")); // à traduire
   }
 }
 
 if (!empty($delete_affected_id)) {
   if (! $authip->ip_affected_delete($delete_affected_id)) {
-    $error="Error during deletion";
+    $msg->raise('Error', "ftp", _("Error during deletion")); // à traduire
   }
 }
 
 if (!empty($delete_id)) {
   if (! $authip->ip_delete($delete_id)) {
-    $error="Error during deletion";
+    $msg->raise('Error', "ftp", _("Error during deletion")); // à traduire
   }
 }
 
 if (!empty($ipsub)) {
   if (! $authip->ip_save($id, $ipsub, $infos)) {
-    $error="Error during recording";
+    $msg->raise('Error', "ftp", _("Error during recording")); // à traduire
   }
 }
 
@@ -51,9 +51,9 @@ $lac = $authip->list_affected();
 <hr id="topbar"/>
 <br />
 
-<?php if (isset($error) && $error) { ?>
-  <p class="alert alert-danger"><?php echo $error ; $error=''; ?></p>
-<?php } ?>
+<?php
+echo $msg->msg_html_all();
+?>
 
 <p><?php __("Here you can add rules to restrict access to AlternC's services, filtered by IP. First, add trusted IPs in the 'Known IP and networks' list. Then, add rules to grant access on services to the chosen IPs from this list.") ?></p>
 
@@ -164,7 +164,7 @@ foreach($list_ip as $i) {
   }
   echo "<tr class='lst' ><td>{$i['infos']}</td><td>{$i['ip_human']}</td><td>$txt</td>";
   ?>
-  <td><div class="ina edit"><a href="javascript:edit_ip(<?php echo "'".htmlentities($i['id'])."','".htmlentities($i['ip_human'])."','".htmlentities($i['infos'])."'"; ?>);"><?php __("Edit"); ?></a></div></td>
+  <td><div class="ina edit"><a href="javascript:edit_ip(<?php echo "'".htmlentities($i['id'])."','".htmlentities($i['ip_human'])."',".htmlentities($i['infos']); ?>);"><?php __("Edit"); ?></a></div></td>
   <td><div class="ina delete"><a href="ip_main.php?delete_id=<?php echo urlencode($i["id"]) ?>"><?php __("Delete"); ?></a></div></td>
   </tr>
 
@@ -174,7 +174,7 @@ foreach($list_ip as $i) {
 <hr/>
 <h3><?php __("Add an IP or a networks");?></h3>
 
-<p><a href="javascript:edit_ip('','<?php ehe(get_remote_ip())."','Home IP'";?>);" ><?php echo __("Add my current IP"); ?></a></p>
+<p><a href="javascript:edit_ip('','<?php ehe(get_remote_ip()."','Home IP'");?>);" ><?php echo __("Add my current IP"); ?></a></p>
 <span id="form_add_ip">
 <form method="post" action="ip_main.php" name="main" >
    <?php csrf_get(); ?>
diff --git a/bureau/admin/logs_download.php b/bureau/admin/logs_download.php
index f8ec3397..23237506 100644
--- a/bureau/admin/logs_download.php
+++ b/bureau/admin/logs_download.php
@@ -34,9 +34,5 @@ $fields = array (
 );
 getFields($fields);
 
-if (empty($file)) {
-$error="";
-}
-
 $log->download_link($file);
 ?>
diff --git a/bureau/admin/logs_list.php b/bureau/admin/logs_list.php
index ab7ffa1b..cc260922 100644
--- a/bureau/admin/logs_list.php
+++ b/bureau/admin/logs_list.php
@@ -36,11 +36,11 @@ $list=$log->list_logs_directory_all($log->get_logs_directory());
 <hr id="topbar"/>
 <br />
 <?php
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
+echo $msg->msg_html_all();
+
 if(!$list || empty($list['dir'])){
-  echo "<p class=\"alert alert-danger\">"._("You have no web logs to list at the moment.")."</p>";  
+  $msg->raise('Info', "logs", _("You have no web logs to list at the moment."));  
+  echo $msg->msg_html_all();
   include_once('foot.php');
   exit;
 }
diff --git a/bureau/admin/logs_tail.php b/bureau/admin/logs_tail.php
index b268ceb4..ad83df2e 100644
--- a/bureau/admin/logs_tail.php
+++ b/bureau/admin/logs_tail.php
@@ -36,10 +36,6 @@ $fields = array (
 );
 getFields($fields);
 
-if (empty($file)) {
-$error="";
-}
-
 include_once("head.php");
 
 $string=$log->tail($file,$lines);
@@ -63,7 +59,7 @@ if (!$string) {
 } ?>
 <select id="lines" name="lines" onchange="document.forms['update'].submit()">
   <?php
-  $alines=array(10=>10, 20=>20, 30=>30, 50=>50, 100=>100, 200=>200, 500=>500, 1000=>1000, 5000=>5000);
+  $alines=array(10=>10, 20=>20, 30=>30, 50=>50, 100=>100, 200=>200, 500=>500, 1000=>1000);
 eoption($alines,$lines);
 ?>
 </select> <?php __("Last lines shown"); ?>  
@@ -73,11 +69,7 @@ eoption($alines,$lines);
 <hr id="topbar"/>
 <br />
 <?php
-if (isset($error) && $error) {
-  echo "<p class=\"alert alert-danger\">$error</p>";
-}
-
-
+echo $msg->msg_html_all();
 ?>
 <pre style="    white-space: pre-wrap;       /* CSS 3 */
     white-space: -moz-pre-wrap;  /* Mozilla, since 1999 */
diff --git a/bureau/admin/main.php b/bureau/admin/main.php
index 0182b18a..54f69297 100644
--- a/bureau/admin/main.php
+++ b/bureau/admin/main.php
@@ -43,6 +43,7 @@ if ($mem->user["lastfail"]) {
 	printf(_("%1\$d login failed since last login")."<br />",$mem->user["lastfail"]);
 }
 
+echo $msg->msg_html_all();
 if (!empty($error) ) { echo "<p class='alert alert-danger'>$error</p>";$error=''; } 
 
 $feed_url = variable_get('rss_feed', '', 'This is an RSS feed that will be displayed on the users homepages when they log in.', array('desc'=>'URL','type'=>'string'));
diff --git a/bureau/admin/menu.php b/bureau/admin/menu.php
index 1c0a4026..bab8291e 100644
--- a/bureau/admin/menu.php
+++ b/bureau/admin/menu.php
@@ -31,12 +31,14 @@ require_once("../class/config.php");
 
 // Getting logo
 $logo = variable_get('logo_menu', '' ,'You can specify a logo for the menu, example /images/my_logo.png .', array('desc'=>'URL','type'=>'string'));
-if ( empty($logo) ||  ! $logo ) { 
-  $logo = 'images/logo3.png'; 
-}
 
+echo '<div class="menutoplogo">';
+if ( ! empty($logo) &&  ! is_null($logo)) {
+  echo "<img src=\"".$logo."\" border='0' alt='AlternC' width='45px' height='46px' />";
+}
+echo "<img src='images/logo3.png' border='0' alt='AlternC' ".(( ! empty($logo) &&  ! is_null($logo))?"width='140px'":"")." height='40px' />";
+echo "</div>";
 ?>
-<img src="<?php echo $logo; ?>" class="menutoplogo" border="0" alt="AlternC" />
 <p class="currentuser"><?php echo sprintf(_("Welcome %s"),$mem->user["login"]); ?></p>
 
 <?php
diff --git a/bureau/admin/nowebmail.php b/bureau/admin/nowebmail.php
index a7a35e6f..e20bfe56 100644
--- a/bureau/admin/nowebmail.php
+++ b/bureau/admin/nowebmail.php
@@ -25,7 +25,7 @@
 
 require_once("../class/config.php");
 require_once("head.php");
-$error=_("There is currently no webmail configured. If you need one, contact your server administrator");
+$msg->raise('Info', "mail", _("There is currently no webmail configured. If you need one, contact your server administrator");
 
 include("index.php"); 
 
diff --git a/bureau/admin/styles/style.css b/bureau/admin/styles/style.css
index 78c3dc62..5dc859c9 100644
--- a/bureau/admin/styles/style.css
+++ b/bureau/admin/styles/style.css
@@ -283,6 +283,7 @@ img {
 }
 .alert > p, .alert > ul {
     margin-bottom: 0;
+    margin-top: 0;
 }
 .alert > p + p {
     margin-top: 5px;
@@ -351,7 +352,7 @@ img {
 
 /* Alert icons */
 #content .alert {
-    background-position: 12px 10px;
+    background-position: 12px center;
     background-repeat: no-repeat;
     padding-left: 48px;
 }
@@ -610,11 +611,11 @@ table.searchtable td {
 
 }
 
-#newdomwww, #sub, #usernpfx, #dbnpfx {
+#newdomwww, #sub, #usernpfx, #dbnpfx, #account_namefx {
   border-right: 0;
   padding-right: 0;
 }
-#newdomain, #newsubname, #usern, #dbn {
+#newdomain, #newsubname, #usern, #dbn, #account_name {
   border-left: 0;
   padding-left: 0;
 }
diff --git a/bureau/admin/vm.php b/bureau/admin/vm.php
index 6c9c3dc9..97088eda 100755
--- a/bureau/admin/vm.php
+++ b/bureau/admin/vm.php
@@ -53,15 +53,9 @@ include_once("head.php");
 <hr/>
 <br/>
 
-<?php if (!empty($error)) { ?>
-<div>
-<span class="alert alert-danger">
-   <?php echo implode(" - ", array_unique($error)); ?>
-
-</span>
-</div>
-<br/>
-<?php } ?>
+<?php
+echo $msg->msg_html_all();
+?>
 
 <div>
 <?php if (empty($infos)) { 
diff --git a/bureau/class/m_action.php b/bureau/class/m_action.php
index 290b6449..15a9ad2f 100644
--- a/bureau/class/m_action.php
+++ b/bureau/class/m_action.php
@@ -43,13 +43,13 @@ class m_action {
     /**
      * Plans the cration of a file 
      * 
-     * @global \m_err $err
+     * @global m_messages $msg
      * @global string $L_INOTIFY_DO_ACTION
      * @return boolean
      */
     function do_action() {
-        global $err, $L_INOTIFY_DO_ACTION;
-        $err->log("action", "do_action");
+        global $msg, $L_INOTIFY_DO_ACTION;
+        $msg->log("action", "do_action");
         if (!@touch($L_INOTIFY_DO_ACTION)) {
             return FALSE;
         }
@@ -152,14 +152,14 @@ class m_action {
      * 
      * @global int $cuid
      * @global m_mysql $db
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $archive Directory to archive within the archive_del_data folder if set in variable sql table
      *                      If archive_del_data is not set we delete the folder
      * @param string $dir  sub_directory of the archive directory
      * @return boolean
      */
     function archive($archive, $dir = "html") {
-        global $cuid, $db, $err;
+        global $cuid, $db, $msg;
 
         $arch = variable_get('archive_del_data');
         if (empty($arch)) {
@@ -170,7 +170,7 @@ class m_action {
         $db->query("select login from membres where uid= ?;", array($cuid));
         $db->next_record();
         if (!$db->Record["login"]) {
-            $err->raise("action", _("Login corresponding to $cuid not found"));
+            $msg->raise('Error', "action", _("Login corresponding to $cuid not found"));
             return false;
         }
         $uidlogin = $cuid . "-" . $db->Record["login"];
@@ -187,15 +187,15 @@ class m_action {
      * function inserting the action in the sql table
      * 
      * @global m_mysql $db
-     * @global m_err $err
+     * @global m_messages $msg
      * @param string $type
      * @param string|integer $user wich user do we impersonate?
      * @param mixed $parameters
      * @return boolean
      */
     function set($type, $user, $parameters) {
-        global $db, $err;
-        $err->log("action", "set", $type);
+        global $db, $msg;
+        $msg->log("action", "set", $type);
         $serialized = serialize($parameters);
 	$type = strtoupper($type);
 	if (in_array($type, array('CHMOD',
@@ -212,7 +212,7 @@ class m_action {
 	}
 
         if (!$db->query($query)) {
-            $err->raise("action", _("Error setting actions"));
+            $msg->raise('Error', "action", _("Error setting actions"));
             return false;
         }
         return $this->do_action();
@@ -221,17 +221,17 @@ class m_action {
     /**
      * This seems to be unused ?
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @global m_mysql $db
      * @return boolean
      */
     function get_old() {
-        global $err, $db;
+        global $msg, $db;
 
         $purge = "select * from actions where TO_DAYS(curdate()) - TO_DAYS(creation) > 2;";
         $result = $db->query($purge);
         if (!$result) {
-            $err->raise("action", _("Error selecting  old actions"));
+            $msg->raise('Error', "action", _("Error selecting  old actions"));
             return false;
         }
         return $db->num_rows($result);
@@ -239,13 +239,13 @@ class m_action {
 
     /**
      * 
-     * @global m_err $err
+     * @global m_messages $msg
      * @global m_mysql $db
      * @param type $all
      * @return boolean
      */
     function purge($all = null) {
-        global $err, $db;
+        global $msg, $db;
         if (is_null($all)) {
             $purge = "delete from actions where TO_DAYS(curdate()) - TO_DAYS(creation) > 2 and status = 0;";
         } else {
@@ -253,7 +253,7 @@ class m_action {
         }
         $result = $db->query($purge);
         if (!$result) {
-            $err->raise("action", _("Error purging old actions"));
+            $msg->raise('Error', "action", _("Error purging old actions"));
             return false;
         }
         return $db->num_rows($result);
@@ -263,11 +263,10 @@ class m_action {
      *  function returning the first not locked line of the action table 
      * 
      * @global m_mysql $db
-     * @global m_err $err
      * @return boolean or array
      */
     function get_action() {
-        global $db, $err;
+        global $db;
 
         $tab = array();
         $db->query('select * from actions where end = 0 and begin = 0 order by id limit 1;');
@@ -283,14 +282,14 @@ class m_action {
      * function locking an entry while it is being executed by the action script
      * 
      * @global m_mysql $db
-     * @global m_err $err
+     * @global m_messages $msg
      * @param int $id
      * @return boolean
      */
     function begin($id) {
-        global $db, $err;
+        global $db, $msg;
         if (!$db->query("update actions set begin=now() where id= ? ;", array($id))) {
-            $err->raise("action", _("Error locking the action : $id"));
+            $msg->raise('Error', "action", _("Error locking the action : $id"));
             return false;
         }
         return true;
@@ -300,15 +299,15 @@ class m_action {
      *  function locking an entry while it is being executed by the action script
      * 
      * @global m_mysql $db
-     * @global m_err $err
+     * @global m_messages $msg
      * @param int $id
      * @param integer $return
      * @return boolean
      */
     function finish($id, $return = 0) {
-        global $db, $err;
+        global $db, $msg;
         if (!$db->query("update actions set end=now(),status=? where id= ?;", array($return, $id))) {
-            $err->raise("action", _("Error unlocking the action : $id"));
+            $msg->raise('Error', "action", _("Error unlocking the action : $id"));
             return false;
         }
         return true;
@@ -317,14 +316,14 @@ class m_action {
     /**
      * 
      * @global m_mysql $db
-     * @global m_err $err
+     * @global m_messages $msg
      * @param int $id
      * @return boolean
      */
     function reset_job($id) {
-        global $db, $err;
+        global $db, $msg;
         if (!$db->query("update actions set end=0,begin=0,status='' where id= ?;", array($id))) {
-            $err->raise("action", _("Error unlocking the action : $id"));
+            $msg->raise('Error', "action", _("Error unlocking the action : $id"));
             return false;
         }
         return true;
@@ -334,7 +333,7 @@ class m_action {
      * Returns a list of actions marked as executable and ready for execution
      * 
      * @global m_mysql $db
-     * @global m_err $err
+     * @global m_messages $msg
      * @return boolean 
      */
     function get_job() {
diff --git a/bureau/class/m_authip.php b/bureau/class/m_authip.php
index 0f8c74bf..c8d77bd0 100644
--- a/bureau/class/m_authip.php
+++ b/bureau/class/m_authip.php
@@ -102,7 +102,7 @@ class m_authip {
      * @return    boolean         Retourne FALSE si erreur, sinon TRUE
      */
     function ip_delete($id) {
-        global $db, $cuid;
+        global $db, $cuid, $msg;
         $id = intval($id);
 
         $db->query("SELECT id FROM authorised_ip_affected where authorised_ip_id = ?;", array($id));
@@ -110,7 +110,7 @@ class m_authip {
             $this->ip_affected_delete($db->f('id'));
         }
         if (!$db->query("delete from authorised_ip where id= ? and ( uid= ? or uid=0) limit 1;", array($id, $cuid))) {
-            echo "query failed: " . $db->Error;
+            $msg->raise('Error', 'authip', _("query failed: " . $db->Error));
             return false;
         }
         return true;
@@ -126,9 +126,9 @@ class m_authip {
      * @return    array
      */
     function get_allowed($s) {
-        global $db, $cuid;
+        global $db, $cuid, $msg;
         if (!$db->query("select ai.ip, ai.subnet, ai.infos, aia.parameters from authorised_ip ai, authorised_ip_affected aia where aia.protocol= ? and aia.authorised_ip_id = ai.id and ai.uid= ?;", array($s, $cuid))) {
-            echo "query failed: " . $db->Error;
+            $msg->raise('Error', 'authip', _("query failed: " . $db->Error));
             return false;
         }
         $r = Array();
@@ -145,9 +145,9 @@ class m_authip {
      * @return    boolean
      */
     function is_wl($ip) {
-        global $db;
+        global $db, $msg;
         if (!$db->query("select ai.ip, ai.subnet from authorised_ip ai where ai.uid='0';")) {
-            echo "query failed: " . $db->Error;
+            $msg->raise('Error', 'authip', _("query failed: " . $db->Error));
             return false;
         }
         while ($db->next_record()) {
@@ -205,7 +205,7 @@ class m_authip {
      * 
      */
     function ip_save($id, $ipsub, $infos, $uid = null) {
-        global $db, $mem;
+        global $db, $mem, $msg;
 
         // If we ask for uid=0, we have to check to be super-user
         // else, juste use global cuid;
@@ -216,7 +216,7 @@ class m_authip {
         }
 
         $id = intval($id);
-        $infos = mysql_real_escape_string($infos);
+	$infos = $db->quote(trim($infos));
 
         // Extract subnet from ipsub
         $tmp = explode('/', $ipsub);
@@ -224,7 +224,7 @@ class m_authip {
 
         // Error if $ip not an IP
         if (!checkip($ip) && !checkipv6($ip)) {
-            echo "Failed : not an IP address";
+            $msg->raise('Error', 'authip', _("Failed : not an IP address")); // à traduire
             return false;
         }
 
@@ -249,8 +249,8 @@ class m_authip {
             foreach ($list_affected as $k => $v) {
                 $this->call_hooks("authip_on_delete", $k);
             }
-            if (!$db->query("update authorised_ip set ip= ?, subnet= ?, infos= ? where id= ? and uid=? ;", array($id, $subnetn, $infos, $id, $cuid))) {
-                echo "query failed: " . $db->Error;
+            if (!$db->query("update authorised_ip set ip= ?, subnet= ?, infos= ? where id= ? and uid=? ;", array($ip, $subnet, $infos, $id, $cuid))) {
+                $msg->raise('Error', 'authip', _("query failed: " . $db->Error));
                 return false;
             }
             foreach ($list_affected as $k => $v) {
@@ -258,7 +258,7 @@ class m_authip {
             }
         } else { // Insert
             if (!$db->query("insert into authorised_ip (uid, ip, subnet, infos) values (?, ?, ?, ?);", array($cuid, $ip, $subnet, $infos))) {
-                echo "query failed: " . $db->Error;
+                $msg->raise('Error', 'authip', _("query failed: " . $db->Error));
                 return false;
             }
         }
@@ -313,20 +313,20 @@ class m_authip {
      * @return    boolean                     Retourne FALSE si erreur, sinon TRUE
      */
     function ip_affected_save($authorised_ip_id, $protocol, $parameters, $id = null) {
-        global $db;
+        global $db, $msg;
         $authorised_ip_id = intval($authorised_ip_id);
 
         if ($id) {
             $id = intval($id);
             $this->call_hooks("authip_on_delete", $id);
             if (!$db->query("update authorised_ip_affected set authorised_ip_id= ?, protocol= ?, parameters= ? where id = ? limit 1;", array($authorised_ip_id, $protocol, $parameters, $id))) {
-                echo "query failed: " . $db->Error;
+                $msg->raise('Error', 'authip', _("query failed: " . $db->Error));
                 return false;
             }
             $this->call_hooks("authip_on_create", $id);
         } else {
             if (!$db->query("insert into authorised_ip_affected (authorised_ip_id, protocol, parameters) values (?, ?, ?);", array($authorised_ip_id, $protocol, $parameters))) {
-                echo "query failed: " . $db->Error;
+                $msg->raise('Error', 'authip', _("query failed: " . $db->Error));
                 return false;
             }
             $this->call_hooks("authip_on_create", $db->lastid()); 
@@ -344,14 +344,14 @@ class m_authip {
      * @return    boolean         Retourne FALSE si erreur, sinon TRUE
      */
     function ip_affected_delete($id) {
-        global $db;
+        global $db, $msg;
         $id = intval($id);
 
         // Call hooks
         $this->call_hooks("authip_on_delete", $id);
 
         if (!$db->query("delete from authorised_ip_affected where id= ? limit 1;", array($id))) {
-            echo "query failed: " . $db->Error;
+            $msg->raise('Error', 'authip', _("query failed: " . $db->Error));
             return false;
         }
         return true;
@@ -362,18 +362,18 @@ class m_authip {
      * affectationt ip<=>ressource dont l'id est en parametre
      *
      * @global    m_hooks $hooks
-     * @global    m_err   $err
+     * @global    m_messages   $msg
      * @param     string  $function       Nom de la fonction a rechercher et appeller dans les classes
      * @param     integer $affectation_id Id de l'affectation correspondante
      * @return    boolean                 Retourne TRUE
      */
     function call_hooks($function, $affectation_id) {
-        global $hooks, $err;
+        global $hooks, $msg;
 
         // On récure l'objet dont on parle
         $d = $this->list_affected();
         if (!isset($d[$affectation_id])) {
-            $err->raise('authip', _("Object not available"));
+            $msg->raise('Error', 'authip', _("Object not available"));
             return false;
         }
 
@@ -382,7 +382,7 @@ class m_authip {
         // On en déduis la classe qui le concerne
         $e = $this->get_auth_class();
         if (!isset($e[$affectation['protocol']])) {
-            $err->raise('authip', sprintf(_("Can't identified class for the protocole %s"), $affectation['protocol']));
+            $msg->raise('Error', 'authip', sprintf(_("Can't identified class for the protocole %s"), $affectation['protocol']));
             return false;
         }
         $c = $e[$affectation['protocol']]['class'];
diff --git a/bureau/class/m_cron.php b/bureau/class/m_cron.php
index b439477b..bba8214d 100644
--- a/bureau/class/m_cron.php
+++ b/bureau/class/m_cron.php
@@ -54,8 +54,8 @@ class m_cron {
      * @return array an hash for each crontab.
      */
     function lst_cron() {
-        global $cuid, $db, $err;
-        $err->log("cron", "lst_cron");
+        global $cuid, $db, $msg;
+        $msg->log("cron", "lst_cron");
         $db->query("SELECT * FROM cron WHERE uid = ? ORDER BY url;", array($cuid));
         $r = Array();
         while ($db->next_record()) {
@@ -112,8 +112,8 @@ class m_cron {
      * @return boolean TRUE if the crontab has been deleted
      */
     function delete_one($id) {
-        global $db, $err, $cuid;
-        $err->log("cron", "delete_one");
+        global $db, $msg, $cuid;
+        $msg->log("cron", "delete_one");
         return $db->query("DELETE FROM cron WHERE id= ? AND uid= ? LIMIT 1;", array(intval($id), $cuid));
     }
 
@@ -123,8 +123,8 @@ class m_cron {
      * @return boolean TRUE if the crontab has been edited
      */
     private function _update_one($url, $user, $password, $email, $schedule, $id = null) {
-        global $db, $err, $quota, $cuid;
-        $err->log("cron", "update_one");
+        global $db, $msg, $quota, $cuid;
+        $msg->log("cron", "update_one");
 
         if (empty($url) && !is_null($id)) {
             return $this->delete_one($id);
@@ -132,7 +132,7 @@ class m_cron {
 
 
         if (filter_var($url, FILTER_VALIDATE_URL) === false) {
-            $err->raise("cron", _("URL not valid"));
+            $msg->raise('Error', "cron", _("URL not valid"));
             return false;
         }
         $url = urlencode($url);
@@ -144,7 +144,7 @@ class m_cron {
 
         //@todo remove checkmail cf functions.php
         if (!empty($email) && !checkmail($email) == 0) {
-            $err->raise("cron", _("Email address is not valid"));
+            $msg->raise('Error', "cron", _("Email address is not valid"));
             return false;
         }
         $email = urlencode($email);
@@ -155,7 +155,7 @@ class m_cron {
         if (is_null($id)) { // if a new insert, quotacheck
             $q = $quota->getquota("cron");
             if ($q["u"] >= $q["t"]) {
-                $err->raise("cron", _("You quota of cron entries is over. You cannot create more cron entries"));
+                $msg->raise('Error', "cron", _("You quota of cron entries is over. You cannot create more cron entries"));
                 return false;
             }
         } else { // if not a new insert, check the $cuid
@@ -163,8 +163,8 @@ class m_cron {
             if (!$db->next_record()) {
                 return "false";
             } // return false if pb
-            if ($db->f('uid') != $cuid) {
-                $err->raise("cron", _("Identity problem"));
+	    if ($db->f('uid') != $cuid) {
+		    $msg->raise('Error', "cron", _("Identity problem"));
                 return false;
             }
         }
@@ -196,8 +196,8 @@ class m_cron {
     /** hook for quota computation
      */
     function hook_quota_get() {
-        global $cuid, $db, $err;
-        $err->log("cron", "alternc_get_quota");
+        global $cuid, $db, $msg;
+        $msg->log("cron", "alternc_get_quota");
         $q = Array("name" => "cron", "description" => _("Scheduled tasks"), "used" => 0);
         $db->query("select count(*) as cnt from cron where uid = ? ;", array($cuid));
         if ($db->next_record()) {
diff --git a/bureau/class/m_err.php b/bureau/class/m_err.php
deleted file mode 100644
index e9c4d93a..00000000
--- a/bureau/class/m_err.php
+++ /dev/null
@@ -1,144 +0,0 @@
-<?php
-
-/*
-  $Id: m_err.php,v 1.4 2004/05/19 14:23:06 benjamin Exp $
-  ----------------------------------------------------------------------
-  LICENSE
-
-  This program is free software; you can redistribute it and/or
-  modify it under the terms of the GNU General Public License (GPL)
-  as published by the Free Software Foundation; either version 2
-  of the License, or (at your option) any later version.
-
-  This program is distributed in the hope that it will be useful,
-  but WITHOUT ANY WARRANTY; without even the implied warranty of
-  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-  GNU General Public License for more details.
-
-  To read the license please visit http://www.gnu.org/copyleft/gpl.html
-  ----------------------------------------------------------------------
-  Original Author of file: Benjamin Sonntag, Franck Missoum
-  ----------------------------------------------------------------------
- */
-
-/**
- * Classe de gestion des erreurs apparaissant lors d'appels API.
- *
- * <p>Cette classe gère les erreurs qui peuvent apparaitre lors d'appels
- * à l'API d'AlternC. Ces erreurs sont stockées sous la forme de 2 nombres
- * (Classe ID et Numéro d'erreur) ainsi qu'un texte facultatif associé.
- * Des textes d'erreurs localisés sont aussi disponibles.</p>
- * <p>Cette classe se charge aussi d'insérer les appels à l'API d'AlternC
- * dans les logs du système dans /var/log/alternc/bureau.log
- * </p>
- * Copyleft {@link http://alternc.net/ AlternC Team}
- * 
- * @copyright    AlternC-Team 2002-11-01 http://alternc.net/
- */
-class m_err {
-
-    /** Numero de classe d'erreur actuelle */
-    var $clsid = 0;
-
-    /** Dernière erreur enregistrée par la classe */
-    var $error = 0;
-
-    /** Paramètre chaine eventuellement associé à la dernière erreur */
-    var $param = "";
-
-    /** Emplacement du fichier de logs d'AlternC */
-    var $logfile = "/var/log/alternc/bureau.log";
-
-    /**
-     * Leve une erreur, signale celle-ci dans les logs et stocke le code erreur
-     * 
-     * Cette fonction lance une erreur, l'ajoute dans les logs d'AlternC, 
-     * et la met à disposition pour le bureau virtuel pour affichage ultérieur.
-     *
-     * @todo ne plus utiliser $error de façon numérique, nulle part
-     *
-     * @param integer $clsid Classe qui lève l'erreur
-     * @param mixed $error Numéro de l'erreur ou chaîne décrivant l'erreur
-     * @param string $param Paramètre chaine associé à l'erreur (facultatif)
-     * @return boolean TRUE si l'erreur est connue, FALSE sinon.
-     *
-     */
-    function raise($clsid, $error, $param = "") {
-        /* Leve une exception. Si elle existe, sinon, stocke un message d'erreur sur erreur ... */
-        if (_("err_" . $clsid . "_" . $error) != "err_" . $clsid . "_" . $error || is_string($error)) {
-            $this->clsid = $clsid;
-            $this->error = $error;
-            $args = func_get_args();
-            $this->param = array_slice($args, 2);
-            $this->logerr();
-            return true;
-        } else {
-            $this->clsid = "err";
-            $this->error = 1;
-            $this->param = "Error # $error in Class $clsid, Value is $param. (sorry, no text for this error in your language at the moment)";
-            $this->logerr();
-            return false;
-        }
-    }
-
-    /**
-     * Retourne la chaine d'erreur correspondant à la dernière erreur rencontrée
-     *
-     * Si la dernière erreur rencontrée est connue, retourne l'erreur en toute lettre
-     * dans la langue actuellement sélectionnée, ou en anglais par défaut.
-     * Si l'erreur n'est pas connue, retourne son numéro de classe et d'ereur.
-     *
-     * @return string Chaine d'erreur.
-     *
-     */
-    function errstr() {
-        if (is_string($this->error)) {
-            // new way of handling errors: message directly in the class
-            $str = $this->error . "\n";
-        } else {
-            // old way: message in the locales files (ugly)
-            $str = _("err_" . $this->clsid . "_" . $this->error) . "\n";
-        }
-        $args = $this->param;
-        if (is_array($args)) {
-            array_unshift($args, $str);
-            $msg = call_user_func_array("sprintf", $args);
-            return $msg;
-        } else {
-            return $args;
-        }
-    }
-
-    /**
-     * Envoi un log d'erreur dans /var/log/alternc/bureau.log
-     *
-     * Cette fonction Loggue la dernière erreur dans /var/log sur la machine,
-     * permettant ainsi aux admins de savoir ce qu'il se passe...
-     * Elle est appelée automatiquement par error
-     * @access private
-     */
-    function logerr() {
-        global $mem;
-        @file_put_contents($this->logfile, date("d/m/Y H:i:s") . " - " . get_remote_ip() . " - ERROR - " . $mem->user["login"] . " - " . $this->errstr(), FILE_APPEND);
-    }
-
-    /**
-     * Envoi un log d'appel d'API dans /var/log/alternc/bureau.log
-     *
-     * Cette fonction loggue dans /var/log l'appel à la fonction de l'API
-     * d'AlternC.
-     *
-     * @param integer $clsid Numéro de la classe dont on a appelé une fonction
-     * @param string $function Nom de la fonction appelée
-     * @param string $param Paramètre (facultatif) passés à la fonction de l'API.
-     * @return boolean TRUE si le log a été ajouté, FALSE sinon
-     *
-     */
-    function log($clsid, $function, $param = "") {
-        global $mem;
-        return @file_put_contents($this->logfile, date("d/m/Y H:i:s") . " - " . get_remote_ip() . " - CALL - " . $mem->user["login"] . " - $clsid - $function - $param\n", FILE_APPEND);
-    }
-
-}
-
-/* Classe m_err */
diff --git a/bureau/class/m_log.php b/bureau/class/m_log.php
index eabe4ad0..65eb3378 100644
--- a/bureau/class/m_log.php
+++ b/bureau/class/m_log.php
@@ -34,8 +34,8 @@ class m_log {
     }
 
     function list_logs_directory($dir) {
-        global $cuid, $err;
-        $err->log("log", "list_logs_directory");
+        global $cuid, $msg;
+        $msg->log("log", "list_logs_directory");
 
         $c = array();
         foreach (glob("${dir}/*log*") as $absfile) {
@@ -72,8 +72,8 @@ class m_log {
     }
 
     function list_logs_directory_all($dirs) {
-        global $err;
-        $err->log("log", "get_logs_directory_all");
+        global $msg;
+        $msg->log("log", "get_logs_directory_all");
         $c = array();
         foreach ($dirs as $dir => $val) {
             $c[$dir] = $this->list_logs_directory($val);
@@ -82,8 +82,8 @@ class m_log {
     }
 
     function get_logs_directory() {
-        global $cuid, $mem, $err;
-        $err->log("log", "get_logs_directory");
+        global $cuid, $mem, $msg;
+        $msg->log("log", "get_logs_directory");
         // Return an array to allow multiple directory in the future
         if (defined('ALTERNC_LOGS_ARCHIVE')) {
             $c = array("dir" => ALTERNC_LOGS_ARCHIVE . "/" . $cuid . "-" . $mem->user["login"]);
@@ -94,8 +94,8 @@ class m_log {
     }
 
     function download_link($file) {
-        global $err;
-        $err->log("log", "download_link");
+        global $msg;
+        $msg->log("log", "download_link");
         header("Content-Disposition: attachment; filename=" . $file . "");
         header("Content-Type: application/force-download");
         header("Content-Transfer-Encoding: binary");
@@ -106,8 +106,8 @@ class m_log {
     }
 
     function tail($file, $lines = 20) {
-        global $err;
-        $err->log("log", "tail");
+        global $msg;
+        $msg->log("log", "tail");
         $lines = intval($lines);
         if ($lines <= 0) {
             $lines = 20;
diff --git a/bureau/class/m_lxc.php b/bureau/class/m_lxc.php
index 27095129..ef97c0cf 100644
--- a/bureau/class/m_lxc.php
+++ b/bureau/class/m_lxc.php
@@ -69,8 +69,8 @@ class m_lxc implements vm {
      * HOOK: remove VM history for AlternC account
      */
     function hook_admin_del_member() {
-        global $db, $err, $cuid;
-        $err->log("lxc", "alternc_del_member");
+        global $db, $msg, $cuid;
+        $msg->log("lxc", "alternc_del_member");
         $db->query("DELETE FROM vm_history WHERE uid= ?", array($cuid));
         return true;
     }
@@ -123,10 +123,10 @@ class m_lxc implements vm {
      * for user $login having hashed password $pass and uid $uid
      */
     public function start($login = FALSE, $pass = FALSE, $uid = FALSE) {
-        global $mem, $db, $err, $mysql;
+        global $mem, $db, $msg, $mysql;
 
         if ($this->getvm() !== FALSE) {
-            $err->raise('lxc', _('VM already started'));
+            $msg->raise('Error', 'lxc', _('VM already started'));
             return FALSE;
         }
         unset($this->error);
@@ -150,7 +150,7 @@ class m_lxc implements vm {
             $uid = $mem->user['uid'];
 
             if ($error != 0) {
-                $err->raise('lxc', _($msg));
+                $msg->raise('Error', 'lxc', _($msg));
                 return FALSE;
             }
             $db->query("INSERT INTO vm_history (ip,date_start,uid,serialized_object) VALUES (?, ?, ?, ?);", array($hostname, $date_start, $uid, $res));
diff --git a/bureau/class/variables.php b/bureau/class/variables.php
index 43ab6d43..7aa67596 100644
--- a/bureau/class/variables.php
+++ b/bureau/class/variables.php
@@ -110,8 +110,8 @@ function variable_get($name, $default = null, $createit_comment = null) {
  *   of serialization as necessary.
  */
 function variable_set($name, $value, $comment = null) {
-    global $conf, $db, $err, $hooks;
-    $err->log('variable', 'variable_set', '+' . serialize($value) . '+' . $comment . '+');
+    global $conf, $db, $msg, $hooks;
+    $msg->log('variable', 'variable_set', '+' . serialize($value) . '+' . $comment . '+');
 
     variable_init_maybe();
     

From 756993878bbafa909e15daf66b03b8d569f627b2 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Thu, 17 Aug 2017 04:26:29 +0200
Subject: [PATCH 15/23] =?UTF-8?q?informations=20d'installation=20et=20mise?=
 =?UTF-8?q?=20=C3=A0=20jour?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../templates/dovecot/dovecot-dict-quota.conf      |  4 ++--
 install/mysql.sql                                  | 14 +++++++++++++-
 install/upgrades/3.4.8.sql                         | 10 ++++++++++
 wheezy/alternc-dict-quota.conf                     |  4 ++--
 4 files changed, 27 insertions(+), 5 deletions(-)
 create mode 100644 install/upgrades/3.4.8.sql

diff --git a/etc/alternc/templates/dovecot/dovecot-dict-quota.conf b/etc/alternc/templates/dovecot/dovecot-dict-quota.conf
index b22e98ef..8ad06548 100644
--- a/etc/alternc/templates/dovecot/dovecot-dict-quota.conf
+++ b/etc/alternc/templates/dovecot/dovecot-dict-quota.conf
@@ -16,13 +16,13 @@ connect=host=%%dbhost%% dbname=%%dbname%% user=%%db_mail_user%% password=%%db_ma
 
 map {
   pattern = priv/quota/storage
-  table = dovecot_view
+  table = dovecot_quota
   username_field = user
   value_field = quota_dovecot 
 }
 map {
  pattern = priv/quota/messages
- table = dovecot_view
+ table = dovecot_quota
  username_field = user
  value_field = nb_messages
 }
diff --git a/install/mysql.sql b/install/mysql.sql
index 037ca611..ba807b47 100644
--- a/install/mysql.sql
+++ b/install/mysql.sql
@@ -582,6 +582,17 @@ CREATE TABLE IF NOT EXISTS `cron` (
 ) ENGINE=InnoDB  DEFAULT CHARSET=latin1;
 
 
+--
+-- Structure de la table `dovecot_quota`
+--
+
+CREATE TABLE IF NOT EXISTS `dovecot_quota` (
+  `user` varchar(320) NOT NULL,
+  `quota_dovecot` bigint(20) NOT NULL DEFAULT '0',
+  `nb_messages` int(11) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`user`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
 
 --
 -- Structure de la vue `dovecot_view`
@@ -661,6 +672,7 @@ where
 CREATE TABLE IF NOT EXISTS `piwik_users` (
   `id` int(11) NOT NULL AUTO_INCREMENT,
   `uid` int(11) NOT NULL,
+  `passwd` varchar(255) NOT NULL,
   `login` varchar(255) NOT NULL,
   `created_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
   PRIMARY KEY (`id`),
@@ -693,7 +705,7 @@ CREATE TABLE IF NOT EXISTS `default_subdomains` (
 
 INSERT IGNORE INTO `default_subdomains` (`sub`, `domain_type`, `domain_type_parameter`, `concerned`) VALUES
 ('www', 'VHOST', '%%DOMAINDIR%%', 'MAIN'),
-('mail', 'WEBMAIL', '', 'MAIN'),
+('mail', 'ROUNDCUBE', '', 'MAIN'),
 ('', 'URL', 'http://www.%%DOMAIN%%', 'MAIN'),
 ('www', 'URL', 'http://www.%%TARGETDOM%%', 'SLAVE'),
 ('mail', 'URL', 'http://mail.%%TARGETDOM%%', 'SLAVE'),
diff --git a/install/upgrades/3.4.8.sql b/install/upgrades/3.4.8.sql
new file mode 100644
index 00000000..d8764808
--- /dev/null
+++ b/install/upgrades/3.4.8.sql
@@ -0,0 +1,10 @@
+CREATE TABLE IF NOT EXISTS `dovecot_quota` (
+  `user` varchar(320) NOT NULL,
+  `quota_dovecot` bigint(20) NOT NULL DEFAULT '0',
+  `nb_messages` int(11) NOT NULL DEFAULT '0',
+  PRIMARY KEY (`user`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+ALTER TABLE `piwik_users` ADD `passwd` VARCHAR(255) NOT NULL AFTER `login`;
+
+UPDATE `default_subdomains` SET `domain_type` = 'ROUNDCUBE' WHERE `domain_type` = 'WEBMAIL';
diff --git a/wheezy/alternc-dict-quota.conf b/wheezy/alternc-dict-quota.conf
index b22e98ef..8ad06548 100644
--- a/wheezy/alternc-dict-quota.conf
+++ b/wheezy/alternc-dict-quota.conf
@@ -16,13 +16,13 @@ connect=host=%%dbhost%% dbname=%%dbname%% user=%%db_mail_user%% password=%%db_ma
 
 map {
   pattern = priv/quota/storage
-  table = dovecot_view
+  table = dovecot_quota
   username_field = user
   value_field = quota_dovecot 
 }
 map {
  pattern = priv/quota/messages
- table = dovecot_view
+ table = dovecot_quota
  username_field = user
  value_field = nb_messages
 }

From 956f6fc2c6a36b44e91703dbbeec6ca8ceaf2b68 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Thu, 17 Aug 2017 04:35:51 +0200
Subject: [PATCH 16/23] fonction generate_password dans alternc.js

---
 bureau/admin/js/alternc.js | 57 ++++++++++++++++++++++++++++----------
 1 file changed, 42 insertions(+), 15 deletions(-)

diff --git a/bureau/admin/js/alternc.js b/bureau/admin/js/alternc.js
index b835b7c0..e0ecabb5 100644
--- a/bureau/admin/js/alternc.js
+++ b/bureau/admin/js/alternc.js
@@ -59,24 +59,51 @@ function false_if_empty(id,err_msg) {
   }
 }
 
-function generate_password(len){
-	len	= parseInt(len);
-	if(!len)
-		len = 8;
-	var password = "";
-	var chars    = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
-	var charsN   = chars.length;
-	var nextChar;
- 
-	for(i=0; i<len; i++){
-		nextChar = chars.charAt(Math.floor(Math.random()*charsN));
-		password += nextChar;
+function generate_password(passwordLength, classcount) {
+        passwordLength     = parseInt(passwordLength);
+        if(!passwordLength)
+                passwordLength = 8;
+
+	classcount = parseInt(classcount);
+	if(!classcount)
+		classcount = 3;
+
+	var numberChars = "0123456789";
+	var upperChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+	var lowerChars = "abcdefghiklmnopqrstuvwxyz";
+	var specialchars = "(!#$%&'()*+,-./:;<=>?@[\]^_";
+
+	if (classcount >= 4) {
+		var allChars = numberChars + upperChars + lowerChars + specialchars;
+	} else {
+		var allChars = numberChars + upperChars + lowerChars;
 	}
-	return password;
+	var randPasswordArray = Array(passwordLength);
+	randPasswordArray[0] = numberChars;
+	randPasswordArray[1] = upperChars;
+	randPasswordArray[2] = lowerChars;
+	if (classcount == 4) {
+		randPasswordArray[3] = specialchars;
+		randPasswordArray = randPasswordArray.fill(allChars, 4);
+	} else {
+		randPasswordArray = randPasswordArray.fill(allChars, 3);
+	}
+
+	return shuffleArray(randPasswordArray.map(function(x) { return x[Math.floor(Math.random() * x.length)] })).join('');
 }
 
-function generate_password_html(id, size, field1, field2) {
-  $("#z"+id).html("<input id='inp"+id+"' type='textbox' size=8 readonly='readonly' value='"+generate_password(size)+"' />&nbsp;<a href='javascript:generate_password_html("+id+","+size+",\""+field1+"\",\""+field2+"\");'><img src='/images/refresh.png' alt='Refresh' title='Refresh'/></a>");
+function shuffleArray(array) {
+  for (var i = array.length - 1; i > 0; i--) {
+    var j = Math.floor(Math.random() * (i + 1));
+    var temp = array[i];
+    array[i] = array[j];
+    array[j] = temp;
+  }
+  return array;
+}
+
+function generate_password_html(id, size, field1, field2, classcount) {
+  $("#z"+id).html("<input id='inp"+id+"' type='textbox' size=8 readonly='readonly' value='"+generate_password(size, classcount)+"' />&nbsp;<a href='javascript:generate_password_html("+id+","+size+",\""+field1+"\",\""+field2+"\");'><img src='/images/refresh.png' alt='Refresh' title='Refresh'/></a>");
   $("#inp"+id).focus();
   $("#inp"+id).select();
   if (field1 != "") { $(field1).val( $("#inp"+id).val() ); }

From 7d993ea51daa87ea5145d86a1fcb755f9736409b Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Thu, 17 Aug 2017 16:38:09 +0200
Subject: [PATCH 17/23] =?UTF-8?q?bug=20-=20n'acceptait=20pas=20un=20mdp=20?=
 =?UTF-8?q?vide=20quand=20on=20=C3=A9ditait=20un=20mail?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/mail_doedit.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/bureau/admin/mail_doedit.php b/bureau/admin/mail_doedit.php
index d1f02477..1336fb32 100644
--- a/bureau/admin/mail_doedit.php
+++ b/bureau/admin/mail_doedit.php
@@ -56,7 +56,8 @@ if (!$res=$mail->get_details($mail_id)) {
     include ("mail_edit.php");
     exit();
   } else {
-    if (!$mail->set_passwd($mail_id,$pass,($islocal == 1?false:true))) { /* SET THE PASSWORD */
+    $canbeempty = ($islocal != 1 || ($islocal == 1 && !$new_account))?true:false;
+    if (!$mail->set_passwd($mail_id,$pass,$canbeempty)) { /* SET THE PASSWORD */
       include ("mail_edit.php");
       exit();
     }

From 5e0d4e8dc7339d41edf13002c33cc4bdc4773452 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Thu, 17 Aug 2017 21:32:21 +0200
Subject: [PATCH 18/23] =?UTF-8?q?syst=C3=A8me=20de=20quota=20-=20quota=20V?=
 =?UTF-8?q?s=20du.pl=20+=20affichage=20des=20quotas=20pour=20les=20utilisa?=
 =?UTF-8?q?teurs?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/quota_show.php | 18 +++++++++++-----
 bureau/class/m_cron.php     |  2 +-
 bureau/class/m_ftp.php      |  2 +-
 bureau/class/m_mail.php     |  3 ++-
 bureau/class/m_mysql.php    |  3 ++-
 bureau/class/m_quota.php    | 42 ++++++++++++++++++++++++++++++-------
 debian/alternc.cron.d       |  5 ++++-
 src/spoolsize.php           | 15 ++++++++-----
 src/update_quota_mail.sh    |  5 +++--
 9 files changed, 70 insertions(+), 25 deletions(-)

diff --git a/bureau/admin/quota_show.php b/bureau/admin/quota_show.php
index 0d1be01e..ea747ddc 100644
--- a/bureau/admin/quota_show.php
+++ b/bureau/admin/quota_show.php
@@ -43,10 +43,11 @@ if (!is_array($q) || empty($q) ) {
 } 
 
 echo "<table cellspacing=\"0\" cellpadding=\"4\" class='tlist'>";
-echo "<tr><th>"._("Quota")."</th><th>"._("Used")."</th><th>"._("Total")."</th></tr>";
+echo "<tr><th>"._("Quota")."</th><th>"._("Used")."</th><th>"._("Total")."</th><th>"._("Size on disk")."</th></tr>";
 $qlist=$quota->qlist();
 reset($qlist);
- while (list($key,$val)=each($qlist)) {
+$totalsize = 0;
+while (list($key,$val)=each($qlist)) {
   if ( !isset($q[$key]) || !$q[$key]["t"]) continue;
    echo "<tr class=\"lst\">";
    echo "<td>";
@@ -55,13 +56,20 @@ reset($qlist);
   if ($q[$key]["u"] >= $q[$key]["t"]) echo "</font>";
 
   if (($key == 'web')||(isset($q[$key]['type'])&&($q[$key]['type']=='size'))) {
-    echo "&nbsp;</td><td>". format_size($q[$key]["u"] * 1024) . "&nbsp;</td><td>". format_size($q[$key]["t"] * 1024) ."&nbsp;</td>";
+    echo "&nbsp;</td><td>". format_size($q[$key]["u"] * 1024) . "&nbsp;</td><td>&nbsp;</td>";
   } else {
     echo "&nbsp;</td><td>".$q[$key]["u"]."&nbsp;</td><td>".$q[$key]["t"]."&nbsp;</td>";
   }
 
-   echo "</tr>";
- }
+  if (isset($q[$key]['s'])) {
+    $totalsize += $q[$key]["s"];
+    echo "<td>". format_size($q[$key]["s"] * 1024) . "&nbsp;</td>";
+  } else {
+    echo "<td>-&nbsp;</td>";
+  }
+  echo "</tr>";
+}
+echo "<tr><td colspan='2'></td><td align='right'><b>"._("Total").":&nbsp;</b></td><td><b>".format_size($totalsize * 1024)." / ".format_size($q['web']["t"] * 1024)."</b></td></tr>";
 echo "</table>";
 
 include_once("foot.php"); 
diff --git a/bureau/class/m_cron.php b/bureau/class/m_cron.php
index bba8214d..ef0b1242 100644
--- a/bureau/class/m_cron.php
+++ b/bureau/class/m_cron.php
@@ -77,7 +77,7 @@ class m_cron {
             'title' => _("Scheduled tasks"),
             'ico' => 'images/schedule.png',
             'link' => 'cron.php',
-            'pos' => 90,
+            'pos' => 120,
                 );
 
         return $obj;
diff --git a/bureau/class/m_ftp.php b/bureau/class/m_ftp.php
index ed119c67..5425ff6f 100644
--- a/bureau/class/m_ftp.php
+++ b/bureau/class/m_ftp.php
@@ -58,7 +58,7 @@ class m_ftp {
             'title' => _("FTP accounts"),
             'ico' => 'images/ftp.png',
             'link' => 'toggle',
-            'pos' => 60,
+            'pos' => 100,
             'links' => array(),
         );
 
diff --git a/bureau/class/m_mail.php b/bureau/class/m_mail.php
index ccfb9c69..24dabe39 100644
--- a/bureau/class/m_mail.php
+++ b/bureau/class/m_mail.php
@@ -200,12 +200,13 @@ class m_mail {
      * or false if I'm not the one for the named quota
      */
     function hook_quota_get() {
-        global $db, $msg, $cuid;
+        global $db, $msg, $cuid, $quota;
         $msg->log("mail", "getquota");
         $q = Array("name" => "mail", "description" => _("Email addresses"), "used" => 0);
         $db->query("SELECT COUNT(*) AS cnt FROM address a, domaines d WHERE a.domain_id=d.id AND d.compte= ? AND a.type='';", array($cuid));
         if ($db->next_record()) {
             $q['used'] = $db->f("cnt");
+            $q['sizeondisk'] =  $quota->get_size_mail_sum_user($cuid)/1024;
         }
         return $q;
     }
diff --git a/bureau/class/m_mysql.php b/bureau/class/m_mysql.php
index b409e5e6..cd5687d8 100644
--- a/bureau/class/m_mysql.php
+++ b/bureau/class/m_mysql.php
@@ -942,12 +942,13 @@ class m_mysql {
      * @access private
      */
     function hook_quota_get() {
-        global $msg;
+        global $msg, $mem, $quota;
         $msg->log("mysql", "alternc_get_quota");
         $q = Array("name" => "mysql", "description" => _("MySQL Databases"), "used" => 0);
         $c = $this->get_dblist();
         if (is_array($c)) {
             $q['used'] = count($c);
+            $q['sizeondisk'] = $quota->get_size_db_sum_user($mem->user["login"])/1024;
         }
         return $q;
     }
diff --git a/bureau/class/m_quota.php b/bureau/class/m_quota.php
index e229a46a..e2d2139f 100644
--- a/bureau/class/m_quota.php
+++ b/bureau/class/m_quota.php
@@ -40,6 +40,7 @@ class m_quota {
 
     var $disk = Array();  /* disk resource for which we will manage quotas */
     var $disk_quota_enable;
+    var $disk_quota_not_blocking;
     var $quotas;
     var $clquota; // Which class manage which quota.
 
@@ -52,6 +53,8 @@ class m_quota {
         $this->disk_quota_enable = variable_get('disk_quota_enable', 1, 'Are disk quota enabled for this server', array('desc' => 'Enabled', 'type' => 'boolean'));
         if ($this->disk_quota_enable) {
             $this->disk = Array("web" => "web");
+
+	    $this->disk_quota_not_blocking = variable_get('disk_quota_not_blocking', 1, "0 - Block data when quota are exceeded (you need a working quota system) | 1 - Just show quota but don't block anything", array('desc' => 'Enabled', 'type' => 'boolean'));
         }
     }
 
@@ -60,11 +63,13 @@ class m_quota {
     }
 
     function hook_menu() {
+        global $cuid, $mem, $quota;
+
         $obj = array(
             'title' => _("Show my quotas"),
             'ico' => 'images/quota.png',
             'link' => 'toggle',
-            'pos' => 110,
+            'pos' => 5,
             'divclass' => 'menu-quota',
             'links' => array(),
         );
@@ -77,9 +82,10 @@ class m_quota {
         	        continue;
 		}
 	            
-		$usage_percent = (int) ($q[$key]["u"] / $q[$key]["t"] * 100);
+                $totalsize_used = $quota->get_size_web_sum_user($cuid) + $quota->get_size_mailman_sum_user($cuid) + ($quota->get_size_db_sum_user($mem->user["login"]) + $quota->get_size_mail_sum_user($cuid))/1024;
+		$usage_percent = (int) ($totalsize_used / $q[$key]["t"] * 100);
 		$obj['links'][] = array('txt' => _("quota_" . $key) . " " . sprintf(_("%s%% of %s"), $usage_percent, format_size($q[$key]["t"] * 1024)), 'url' => 'quota_show.php');
-		$obj['links'][] = array('txt' => 'progressbar', 'total' => $q[$key]["t"], 'used' => $q[$key]["u"]);
+		$obj['links'][] = array('txt' => 'progressbar', 'total' => $q[$key]["t"], 'used' => $totalsize_used);
 	}
 
         // do not return menu item if there is no quota
@@ -186,6 +192,8 @@ class m_quota {
             foreach ($res as $r) {
                 $this->quotas[$r['name']] = $r;
                 $this->quotas[$r['name']]['u'] = $r['used']; // retrocompatibilité
+                if (isset($r['sizeondisk']))
+                    $this->quotas[$r['name']]['s'] = $r['sizeondisk'];
                 $this->quotas[$r['name']]['t'] = 0; // Default quota = 0
             }
             reset($this->disk);
@@ -202,14 +210,20 @@ class m_quota {
                         // If there is a cached value
                         $a = $disk_cached[$val];
                     } else {
-                        exec("/usr/lib/alternc/quota_get " . intval($cuid), $ak);
-                        $a['u'] = intval($ak[0]);
-                        $a['t'] = @intval($ak[1]);
+                        if ($this->disk_quota_not_blocking) {
+                            $a['u'] = $this->get_size_web_sum_user($cuid);
+                            $a['t'] = $this->get_quota_user_cat($cuid, 'web');
+                        } else {
+                            exec("/usr/lib/alternc/quota_get " . intval($cuid), $ak);
+                            $a['u'] = intval($ak[0]);
+                            $a['t'] = @intval($ak[1]);
+                        }
+			$a['sizeondisk'] = $a['u'];
                         $a['timestamp'] = time();
                         $a['uid'] = $cuid;
                         $disk_cached = $mem->session_tempo_params_set('quota_cache_disk', array($val => $a));
                     }
-                    $this->quotas[$val] = array("name" => "$val", 'description' => _("quota_" . $val), "t" => $a['t'], "u" => $a['u']);
+		    $this->quotas[$val] = array("name" => "$val", 'description' => _("Web disk space"), "s" => $a['sizeondisk'], "t" => $a['t'], "u" => $a['u']);
                 }
             }
 
@@ -245,7 +259,7 @@ class m_quota {
         if (floatval($size) == 0) {
             $size = "0";
         }
-        if (isset($this->disk[$ressource])) {
+        if (!$this->disk_quota_not_blocking && isset($this->disk[$ressource])) {
             // It's a disk resource, update it with shell command
             exec("sudo /usr/lib/alternc/quota_edit " . intval($cuid) . " " . intval($size) . " &> /dev/null &");
             // Now we check that the value has been written properly : 
@@ -463,6 +477,12 @@ class m_quota {
         }
     }
 
+    /* get the quota from one user for a cat */
+
+    function get_quota_user_cat($uid, $name) {
+	return $this->_get_sum_sql("SELECT SUM(total) AS sum FROM quotas WHERE uid='$uid' AND name='$name';");
+    }
+
     /* sum of websites sizes from all users */
 
     function get_size_web_sum_all() {
@@ -488,6 +508,12 @@ class m_quota {
         return $mail->get_total_size_for_domain($dom);
     }
 
+    /* sum of mailbox size for ine user */
+
+    function get_size_mail_sum_user($u) {
+      return $this->_get_sum_sql("SELECT SUM(quota_dovecot) as sum FROM dovecot_quota WHERE user IN (SELECT CONCAT(a.address, '@', d.domaine) as mail FROM `address` as a INNER JOIN domaines as d ON a.domain_id = d.id WHERE d.compte = '$u' AND a.type ='')");
+    }
+
     /* count of mailbox sizes from all domains */
 
     function get_size_mail_count_all() {
diff --git a/debian/alternc.cron.d b/debian/alternc.cron.d
index c67056f5..c14b5eda 100644
--- a/debian/alternc.cron.d
+++ b/debian/alternc.cron.d
@@ -21,7 +21,7 @@
 # Every hour, check for slave_dns refreshes
 5 * * * *	root            /usr/lib/alternc/slave_dns
 
-# Every day at 2am, compute web, mail and db space usage per account.
+# Every day at 2am, compute web, mailman and db space usage per account.
 # You may put this computing every week only or on your filer on busy services.
 0 2 * * *	alterncpanel 	/usr/lib/alternc/spoolsize.php 2>&1 > /dev/null
 
@@ -34,3 +34,6 @@
 # Every 20 minutes, do actions
 */20 * * * *	root	/usr/lib/alternc/do_actions.php
 
+# Calculate the mail accounts size once a week beacause the dovecot plugin to do that is not precise (see ticket AlternC #168)
+# Every Sunday at 4am
+0 4 * * 0	root	/usr/lib/alternc/update_quota_mail.sh -a
diff --git a/src/spoolsize.php b/src/spoolsize.php
index 1574e29d..87caa26c 100644
--- a/src/spoolsize.php
+++ b/src/spoolsize.php
@@ -18,9 +18,14 @@ if ($db->query("SELECT uid,login FROM membres;")) {
   while ($db->next_record()) {
     if (isset($list_quota[$db->f('uid')])) {
       $qu=$list_quota[$db->f('uid')];
-      $db2->query("REPLACE INTO size_web SET uid=?, size=?;",array(intval($db->f('uid')),intval($qu['used'])));
-      echo $db->f('login')." (".$qu['used']." B)\n";
-    }  
+      $size=$qu['used'];
+    } else {
+      // Le système de quota n'étant pas actif, on doit passer par un 'du' sur chaque dossier
+      $login = $db->f('login');
+      $size=exec("/usr/lib/alternc/du.pl /var/www/alternc/".substr($login,0,1)."/".$login);
+    }
+    $db2->query("REPLACE INTO size_web SET uid=?, size=?;",array(intval($db->f('uid')),intval($size)));
+    echo $db->f('login')." (".(round($size/1024, 1))." MB)\n";
   }
 }
 
@@ -38,7 +43,7 @@ foreach($allsrv as $c) {
   echo "++ Processing ".$c["name"]." ++\n";
   foreach ($tab as $dbname=>$size) {
     $db->query("REPLACE INTO size_db SET db=?,size=?;",array($dbname,$size)); 
-    echo "   $dbname done ($size B) \n"; flush();
+    echo "   $dbname done (".(round(($size/1024)/1024,1))." MB) \n"; flush();
   }
   echo "\n";
 }
@@ -58,7 +63,7 @@ if ($db->query("SELECT uid, name FROM mailman;")) {
       $size3=exec("sudo /usr/lib/alternc/du.pl ".escapeshellarg("/var/lib/mailman/archives/private/".$c["name"].".mbox"));
       $size=(intval($size1)+intval($size2)+intval($size3));
       $db->query("REPLACE INTO size_mailman SET uid=?,list=?,size=?;",array($c["uid"],$c["name"],$size));
-      echo " done ($size KB) \n"; flush();
+      echo " done (".(round($size/1024, 1))." MB) \n"; flush();
     }
   }
 }
diff --git a/src/update_quota_mail.sh b/src/update_quota_mail.sh
index c774119c..6830f536 100755
--- a/src/update_quota_mail.sh
+++ b/src/update_quota_mail.sh
@@ -108,8 +108,9 @@ for i in $maildirs ; do
 	echo "dir size : "$size
 	echo ""
 	#update the mailbox table accordingly
-	mysql_query "UPDATE mailbox SET bytes=$size WHERE path='$i' ; "
-	mysql_query "UPDATE mailbox SET messages=$mail_count WHERE path='$i' ; " 
+	MAILADD=`basename $i`
+	MAILADD=${MAILADD/_/@}
+	mysql_query "REPLACE INTO dovecot_quota VALUES('$MAILADD', $size, $mail_count);"
 done
 
 # may cause a problem, let's fix this here :) 

From f92f92d34e0e344478a514fd23b9692b3c22fb2c Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Fri, 18 Aug 2017 15:32:16 +0200
Subject: [PATCH 19/23] =?UTF-8?q?suppresion=20des=20textes=20'=C3=A0=20tra?=
 =?UTF-8?q?duire'=20+=20corr=20de=202=20bugs?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 awstats/bureau/class/m_aws.php        |  2 +-
 bureau/admin/adm_authip_whitelist.php |  2 +-
 bureau/admin/bro_main.php             | 32 +++++++++++++--------------
 bureau/admin/hta_doadd.php            |  2 +-
 bureau/admin/hta_doadduser.php        |  2 +-
 bureau/admin/hta_dodeluser.php        |  2 +-
 bureau/admin/ip_main.php              |  8 +++----
 bureau/admin/mail_doedit.php          |  2 +-
 bureau/admin/piwik_addaccount.php     |  2 +-
 bureau/admin/piwik_sitelist.php       |  2 +-
 bureau/admin/piwik_user_dodel.php     |  2 +-
 bureau/admin/piwik_userlist.php       |  8 +++----
 bureau/class/m_authip.php             |  2 +-
 bureau/class/m_mail.php               |  2 +-
 bureau/class/m_piwik.php              | 11 +++++----
 bureau/class/m_quota.php              |  2 +-
 16 files changed, 43 insertions(+), 40 deletions(-)

diff --git a/awstats/bureau/class/m_aws.php b/awstats/bureau/class/m_aws.php
index 199e6b5f..0a0e6a31 100644
--- a/awstats/bureau/class/m_aws.php
+++ b/awstats/bureau/class/m_aws.php
@@ -678,7 +678,7 @@ class m_aws {
       return false;
     } 
    if (!preg_match('/^[0-9a-z_-]*$/', $postfix)){
-      $msg->raise('Error', "aws", _("There is some forbidden characters in the login (only A-Z 0-9 _ and - are allowed)"));  // à traduire
+      $msg->raise('Error', "aws", _("There is some forbidden characters in the login (only A-Z 0-9 _ and - are allowed)"));
       return false;
     }
     return $login;
diff --git a/bureau/admin/adm_authip_whitelist.php b/bureau/admin/adm_authip_whitelist.php
index 700085bc..70ed44f6 100755
--- a/bureau/admin/adm_authip_whitelist.php
+++ b/bureau/admin/adm_authip_whitelist.php
@@ -15,7 +15,7 @@ getFields($fields);
 
 if (!empty($delete_id)) {
   if (! $authip->ip_delete($delete_id)) {
-    $msg->raise('Error', "admin", _("Error during deletion")); // à traduire
+    $msg->raise('Error', "admin", _("Error during deletion"));
   }
 }
 
diff --git a/bureau/admin/bro_main.php b/bureau/admin/bro_main.php
index 86924b35..80b61dde 100755
--- a/bureau/admin/bro_main.php
+++ b/bureau/admin/bro_main.php
@@ -71,13 +71,13 @@ if (!empty($formu) && $formu) {
   switch ($formu) {
     case 1:  // Create the folder $R.$nomfich
       if ($bro->CreateDir($R,$nomfich)) {
-        $msg->raise("Ok", "bro", _("The folder '%s' was successfully created"), $nomfich); // à traduire
+        $msg->raise("Ok", "bro", _("The folder '%s' was successfully created"), $nomfich);
       }
       $p=$bro->GetPrefs();
       break;
     case 6: // Create the file $R.$nomfich
       if ($bro->CreateFile($R,$nomfich)) {
-        $msg->raise("Ok", "bro", _("The file '%s' was successfully created"), $nomfich); // à traduire
+        $msg->raise("Ok", "bro", _("The file '%s' was successfully created"), $nomfich);
       }
       $p=$bro->GetPrefs();
       if ($p["createfile"]==1) {
@@ -92,9 +92,9 @@ if (!empty($formu) && $formu) {
           if ($bro->DeleteFile($d,$R)) {
 	    foreach ($d as $v) {
 	      if (is_dir($absolute . "/" . $v))
-                $msg->raise("Ok", "bro", _("The folder '%s' was successfully deleted"), $v); // à traduire
+                $msg->raise("Ok", "bro", _("The folder '%s' was successfully deleted"), $v);
 	      else
-                $msg->raise("Ok", "bro", _("The file '%s' was successfully deleted"), $v); // à traduire
+                $msg->raise("Ok", "bro", _("The file '%s' was successfully deleted"), $v);
 	    }
           }
         } elseif (empty($cancel) && is_array($d)) {
@@ -128,22 +128,22 @@ if (!empty($formu) && $formu) {
         if ($bro->CopyFile($d,$R,$actmoveto)) {
 	  if (count($d) == 1) {
 	    if (is_dir($absolute . "/" . $d[0]))
-	      $msg->raise("Ok", "bro", _("The folder '%s' was successfully copied to '%s'"), array($d[0], $actmoveto)); // à traduire
+	      $msg->raise("Ok", "bro", _("The folder '%s' was successfully copied to '%s'"), array($d[0], $actmoveto));
 	    else
-	      $msg->raise("Ok", "bro", _("The file '%s' was successfully copied to '%s'"), array($d[0], $actmoveto)); // à traduire
+	      $msg->raise("Ok", "bro", _("The file '%s' was successfully copied to '%s'"), array($d[0], $actmoveto));
 	  } else
-            $msg->raise("Ok", "bro", _("The files / folders were successfully copied")); // à traduire
+            $msg->raise("Ok", "bro", _("The files / folders were successfully copied"));
         }
       }
       if ($actmove) {
         if ($bro->MoveFile($d,$R,$actmoveto)) {
 	  if (count($d) == 1) {
 	    if (is_dir($absolute . "/" . $d[0]))
-	      $msg->raise("Ok", "bro", _("The folder '%s' was successfully moved to '%s'"), array($d[0], $actmoveto)); // à traduire
+	      $msg->raise("Ok", "bro", _("The folder '%s' was successfully moved to '%s'"), array($d[0], $actmoveto));
 	    else
-	      $msg->raise("Ok", "bro", _("The file '%s' was successfully moved to '%s'"), array($d[0], $actmoveto)); // à traduire
+	      $msg->raise("Ok", "bro", _("The file '%s' was successfully moved to '%s'"), array($d[0], $actmoveto));
 	  } else
-            $msg->raise("Ok", "bro", _("The files / folders were successfully moved")); // à traduire
+            $msg->raise("Ok", "bro", _("The files / folders were successfully moved"));
         }
       }
       break;
@@ -151,21 +151,21 @@ if (!empty($formu) && $formu) {
       if ($bro->RenameFile($R,$o,$d)) { // Rename $R (directory) $o (old) $d (new) names
 	if (count($d) == 1) {
 	  if (is_dir($absolute . "/" . $d[0]))
-	    $msg->raise("Ok", "bro", _("The folder '%s' was successfully renamed to '%s'"), array($o[0], $d[0])); // à traduire
+	    $msg->raise("Ok", "bro", _("The folder '%s' was successfully renamed to '%s'"), array($o[0], $d[0]));
 	  else
-	    $msg->raise("Ok", "bro", _("The file '%s' was successfully renamed to '%s'"), array($o[0], $d[0])); // à traduire
+	    $msg->raise("Ok", "bro", _("The file '%s' was successfully renamed to '%s'"), array($o[0], $d[0]));
 	} else
-          $msg->raise("Ok", "bro", _("The files / folders were successfully renamed")); // à traduire
+          $msg->raise("Ok", "bro", _("The files / folders were successfully renamed"));
       } 
       break;
     case 3:  // Upload de fichier...
       if ($bro->UploadFile($R)) {
-        $msg->raise("Ok", "bro", _("The file '%s' was successfully uploaded"), $_FILES['userfile']['name']); // à traduire
+        $msg->raise("Ok", "bro", _("The file '%s' was successfully uploaded"), $_FILES['userfile']['name']);
       }
       break;
     case 7:  // Changement de permissions [ML]
       if ($bro->ChangePermissions($R, $d)) {
-	$msg->raise("Ok", "bro", _("The permissions were successfully set")); // à traduire
+	$msg->raise("Ok", "bro", _("The permissions were successfully set"));
       }
       break;
   }
@@ -173,7 +173,7 @@ if (!empty($formu) && $formu) {
 
 if (isset($actextract) && $actextract) {
   if ($bro->ExtractFile($R. '/' . $fileextract, $R)) {
-    $msg->raise("Ok", "bro", _("The extraction of the file '%s' was successfull"), $fileextract); // à traduire
+    $msg->raise("Ok", "bro", _("The extraction of the file '%s' was successfull"), $fileextract);
   }
 }
 
diff --git a/bureau/admin/hta_doadd.php b/bureau/admin/hta_doadd.php
index 1789b4f4..7b773fb4 100644
--- a/bureau/admin/hta_doadd.php
+++ b/bureau/admin/hta_doadd.php
@@ -42,7 +42,7 @@ if(empty($dir)) {
 	$is_include=true;
 	include("hta_add.php");
 } else {
-	$msg->raise("Ok", "hta", _("Folder %s is protected"), $dir);  // à traduire
+	$msg->raise("Ok", "hta", _("Folder %s is protected"), $dir);
 	include("hta_list.php");
 }
 ?>
diff --git a/bureau/admin/hta_doadduser.php b/bureau/admin/hta_doadduser.php
index d9b0ef65..f3d75f1d 100644
--- a/bureau/admin/hta_doadduser.php
+++ b/bureau/admin/hta_doadduser.php
@@ -46,7 +46,7 @@ if ($password != $passwordconf) {
 if (!$hta->add_user($user, $password, $dir)) {
 	include ("hta_adduser.php");
 } else {
-	$msg->raise("Ok", "hta", _("The user %s was added to th protected folder %s"), array($user, $dir)); // à traduire
+	$msg->raise("Ok", "hta", _("The user %s was added to th protected folder %s"), array($user, $dir));
 	include ("hta_edit.php");
 }
 ?>
diff --git a/bureau/admin/hta_dodeluser.php b/bureau/admin/hta_dodeluser.php
index 3b8d7a33..a4fcd5e6 100755
--- a/bureau/admin/hta_dodeluser.php
+++ b/bureau/admin/hta_dodeluser.php
@@ -40,7 +40,7 @@ if (!empty($confirm_del)) {
   reset($d);
   if ($hta->del_user($d,$dir)) {
     foreach ($d as $v) {
-      $msg->raise("Ok", "hta", _("The user '%s' was successfully deleted"), $v);  // à traduire
+      $msg->raise("Ok", "hta", _("The user '%s' was successfully deleted"), $v);
     }
   }
   $is_include=true;
diff --git a/bureau/admin/ip_main.php b/bureau/admin/ip_main.php
index 6c2e01ed..d8f87f89 100755
--- a/bureau/admin/ip_main.php
+++ b/bureau/admin/ip_main.php
@@ -20,25 +20,25 @@ if (!empty($s_protocol)) {
   getFields($fields);
 
   if (! $authip->ip_affected_save($s_ipsub, $s_protocol, $$val) ) {
-    $msg->raise('Error', "ftp", _("Error during ip_affected_save")); // à traduire
+    $msg->raise('Error', "ftp", _("Error during ip_affected_save"));
   }
 }
 
 if (!empty($delete_affected_id)) {
   if (! $authip->ip_affected_delete($delete_affected_id)) {
-    $msg->raise('Error', "ftp", _("Error during deletion")); // à traduire
+    $msg->raise('Error', "ftp", _("Error during deletion"));
   }
 }
 
 if (!empty($delete_id)) {
   if (! $authip->ip_delete($delete_id)) {
-    $msg->raise('Error', "ftp", _("Error during deletion")); // à traduire
+    $msg->raise('Error', "ftp", _("Error during deletion"));
   }
 }
 
 if (!empty($ipsub)) {
   if (! $authip->ip_save($id, $ipsub, $infos)) {
-    $msg->raise('Error', "ftp", _("Error during recording")); // à traduire
+    $msg->raise('Error', "ftp", _("Error during recording"));
   }
 }
 
diff --git a/bureau/admin/mail_doedit.php b/bureau/admin/mail_doedit.php
index 1336fb32..29138356 100644
--- a/bureau/admin/mail_doedit.php
+++ b/bureau/admin/mail_doedit.php
@@ -104,7 +104,7 @@ if (!$res=$mail->get_details($mail_id)) {
 } 
 
 if ($new_account)
-  $msg->raise("Ok", "mail", _("Your email has been created successfully")); // à traduire
+  $msg->raise("Ok", "mail", _("Your email has been created successfully"));
 else
   $msg->raise("Ok", "mail", _("Your email has been edited successfully"));
 
diff --git a/bureau/admin/piwik_addaccount.php b/bureau/admin/piwik_addaccount.php
index e8d37fdc..ae899c33 100644
--- a/bureau/admin/piwik_addaccount.php
+++ b/bureau/admin/piwik_addaccount.php
@@ -43,7 +43,7 @@ $fields = array (
 getFields($fields);
 
 if ($piwik->user_add($account_name, $account_mail) ) {
-  $msg->raise('Ok', "piwik", _('Successfully added piwik account')); // à traduire (ou à corriger)
+  $msg->raise('Ok', "piwik", _('Successfully added piwik account'));
 }
 include_once("piwik_userlist.php");
 ?>
diff --git a/bureau/admin/piwik_sitelist.php b/bureau/admin/piwik_sitelist.php
index eddd8a4d..20e38ee4 100755
--- a/bureau/admin/piwik_sitelist.php
+++ b/bureau/admin/piwik_sitelist.php
@@ -162,7 +162,7 @@ foreach ($sitelist as $site ){
               <?php
               if (! $no_user) {
 		?>
-                <a id="connect_<?php echo $site->id; ?>" href="<?php echo $first_url; ?>" target="_blank"><?php __('Connect as'); ?></a> <!-- à traduire -->
+                <a id="connect_<?php echo $site->id; ?>" href="<?php echo $first_url; ?>" target="_blank"><?php __('Connect as'); ?></a>
 		<?php
 	        echo $list_users;
               } else {
diff --git a/bureau/admin/piwik_user_dodel.php b/bureau/admin/piwik_user_dodel.php
index e87e0022..ea3ae827 100755
--- a/bureau/admin/piwik_user_dodel.php
+++ b/bureau/admin/piwik_user_dodel.php
@@ -44,7 +44,7 @@ if (empty($login)) {
 if(!empty($confirm_del)) {
   // contrôle si ce compte piwik a encore des sites associés avant d'accepter sa suppression
   if ($piwik->user_has_sites()) {
-    $msg->raise('Alert', "piwik", _("You must first remove all the piwik sites associated with this user before deleting him")); // à traduire
+    $msg->raise('Alert', "piwik", _("To be able to delete the last user account, you must first remove all the piwik sites"));
   } else if ($piwik->user_delete($login) ) {
     $msg->raise('Ok', "piwik", _("Account %s is successfully deleted"), $login);
   }
diff --git a/bureau/admin/piwik_userlist.php b/bureau/admin/piwik_userlist.php
index 4d450ea8..b1a5a645 100755
--- a/bureau/admin/piwik_userlist.php
+++ b/bureau/admin/piwik_userlist.php
@@ -44,11 +44,11 @@ echo $msg->msg_html_all("<li>", true, true);
  <?php csrf_get(); ?>
 	<table class="tedit">
 	<tr>
-	<th><label for="account_name"><?php __("Account Name"); ?></label></th>   <!-- à traduire -->
+	<th><label for="account_name"><?php __("Account Name"); ?></label></th>
 	<td><span class="int" id="account_namefx"><?php echo $mem->user["login"]; ?>_</span><input type="text" class="int" name="account_name" size="20" id="account_name" maxlength="32" value=""/>
 	</tr>
 	<tr>
-	<th><label for="account_mail"><?php __("Linked Account Email"); ?></label></th>  <!-- à traduire -->
+	<th><label for="account_mail"><?php __("Linked Account Email"); ?></label></th>
 	<td><input type="text" class="int" name="account_mail" size="20" id="account_mail" maxlength="32" value="<?php if (count($userslist) == 0) {echo $mem->user["mail"];}?>"/>
 	</tr>
 	<tr class="trbtn"><td colspan="2">
@@ -74,7 +74,7 @@ echo $msg->msg_html_all("<li>", true, true);
 // printVar($piwik->dev());
 
 if (empty($userslist)){
-	$msg->raise('Info', "piwik", _("No existing Piwik accounts")); // à traduire (ou à corriger)
+	$msg->raise('Info', "piwik", _("No existing Piwik accounts"));
 	echo $msg->msg_html_all();
 } else {
 ?>
@@ -125,7 +125,7 @@ foreach ($userslist as $user ){
 ?>
 
 </table>
-<div class="ina" id="alert_div_msg" style="display:none;background-color:yellow;padding:5px;border:2px solid black;margin-top:3em;";> <!-- à traduire -->
+<div class="ina" id="alert_div_msg" style="display:none;background-color:yellow;padding:5px;border:2px solid black;margin-top:3em;";>
   <?php __("An error occurred. It was not possible to retrieve the access information to the Piwik interface") ?>
 </div>
 <?php include_once("foot.php"); ?>
diff --git a/bureau/class/m_authip.php b/bureau/class/m_authip.php
index c8d77bd0..2d07723e 100644
--- a/bureau/class/m_authip.php
+++ b/bureau/class/m_authip.php
@@ -224,7 +224,7 @@ class m_authip {
 
         // Error if $ip not an IP
         if (!checkip($ip) && !checkipv6($ip)) {
-            $msg->raise('Error', 'authip', _("Failed : not an IP address")); // à traduire
+            $msg->raise('Error', 'authip', _("Failed : not an IP address"));
             return false;
         }
 
diff --git a/bureau/class/m_mail.php b/bureau/class/m_mail.php
index 24dabe39..333b63f2 100644
--- a/bureau/class/m_mail.php
+++ b/bureau/class/m_mail.php
@@ -388,7 +388,7 @@ ORDER BY
         $db->query("SELECT * FROM address WHERE domain_id= ? AND address= ? ;", array($dom_id, $mail));
         if ($db->next_record()) {
 	    if ($db->f("type") == "mailman")
-	      $msg->raise('Error', "mail", _("This email address already exists in mailman")); // à traduire
+	      $msg->raise('Error', "mail", _("This email address already exists in mailman"));
 	    else
               $msg->raise('Error', "mail", _("This email address already exists"));
 
diff --git a/bureau/class/m_piwik.php b/bureau/class/m_piwik.php
index 27bd9975..4e5e5809 100644
--- a/bureau/class/m_piwik.php
+++ b/bureau/class/m_piwik.php
@@ -121,7 +121,7 @@ class m_piwik {
 	  if ($api_data->result === 'success') {
 	    $user = $this->get_user($user_login);
 	    $user_creation_date = $user->date_registered;
-	    $ret_value = $db->query("INSERT INTO piwik_users (uid, passwd, login, created_date) VALUES ( ?, ?, ?);", array($cuid, md5('$user_pass'), $user_login, $user_creation_date));
+	    $ret_value = $db->query("INSERT INTO piwik_users (uid, passwd, login, created_date) VALUES ( ?, ?, ?, ?);", array($cuid, md5('$user_pass'), $user_login, $user_creation_date));
 	    return $ret_value;
 	  } else {
 	    $msg->raise('Error', "piwik", $api_data->message);
@@ -227,9 +227,12 @@ class m_piwik {
 
     $msg->log("piwik","user_has_sites");
 
-    $db->query("SELECT id FROM piwik_sites WHERE uid='$cuid'");
-    if ($db->num_rows() > 0)
-      return true;
+    $db->query("SELECT id FROM piwik_users WHERE uid='$cuid'");
+    if ($db->num_rows() <= 1) {
+      $db->query("SELECT id FROM piwik_sites WHERE uid='$cuid'");
+      if ($db->num_rows() > 0)
+        return true;
+    }
 
     return false;
   }
diff --git a/bureau/class/m_quota.php b/bureau/class/m_quota.php
index e2d2139f..8a925993 100644
--- a/bureau/class/m_quota.php
+++ b/bureau/class/m_quota.php
@@ -348,7 +348,7 @@ class m_quota {
         }
         $type = strtolower($type);
         if (!preg_match("#^[a-z0-9]*$#", $type)) {
-            $msg->raise('Error', "quota", _("Type can only contains characters a-z and 0-9")); // à traduire
+            $msg->raise('Error', "quota", _("Type can only contains characters a-z and 0-9"));
             return false;
         }
         while (list($key, $val) = each($qlist)) {

From 7dce491b10bb38565dc06a381873b9839d376f4a Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Mon, 21 Aug 2017 17:50:57 +0200
Subject: [PATCH 20/23] petite correction d'affichage de msgs

---
 bureau/admin/mail_list.php | 7 +++----
 bureau/class/m_mail.php    | 2 +-
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/bureau/admin/mail_list.php b/bureau/admin/mail_list.php
index 03499bc3..64ae4939 100755
--- a/bureau/admin/mail_list.php
+++ b/bureau/admin/mail_list.php
@@ -59,7 +59,7 @@ if ($domain=$dom->get_domain_byid($domain_id)) {
   echo '<h3>'._("Manage Catch-all")."</h3>";
 }
 
-echo $msg->msg_html_all();
+echo $msg->msg_html_all("<li>", true, true);
 ?>
     </td>
   </tr>
@@ -85,9 +85,8 @@ echo $msg->msg_html_all();
 <h3><?php printf(_("Email addresses of the domain %s"),$domain); ?> : </h3>
 <?php
 if (empty($allmails_list) && empty($search)) {
-  echo "<p><i>";
-  __("No mails for this domain.");
-  echo "</i></p><br/>";
+  $msg->raise('Error', 'mail', _("No mails for this domain."));
+  echo $msg->msg_html_all();
 } else {
 
 ?>
diff --git a/bureau/class/m_mail.php b/bureau/class/m_mail.php
index 333b63f2..667241b9 100644
--- a/bureau/class/m_mail.php
+++ b/bureau/class/m_mail.php
@@ -465,7 +465,7 @@ ORDER BY
      * OR when the DOMAIN class tells us we don't host the emails of this domain anymore.
      * @param $dom the ID of the domain to delete
      * @return boolean if the email has been properly deleted
-     * or false if an error occured ($err is filled accordingly)
+     * or false if an error occured ($msg is filled accordingly)
      */
     function hook_dom_del_mx_domain($dom_id) {
         global $db;

From 65f994f763c50201d3309315ca608b020fb8db88 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Tue, 22 Aug 2017 18:02:46 +0200
Subject: [PATCH 21/23] =?UTF-8?q?petit=20oubli=20de=20m=C3=A0j=20de=20$err?=
 =?UTF-8?q?=20->=20$msg=20dans=20functions.php?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/class/functions.php | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/bureau/class/functions.php b/bureau/class/functions.php
index a4ae63ee..a23451dd 100755
--- a/bureau/class/functions.php
+++ b/bureau/class/functions.php
@@ -1081,7 +1081,7 @@ function PercentToColor($p = 0) {
 
 /**
  * 
- * @global m_err    $err
+ * @global m_messages    $msg
  * @global m_mem    $mem
  * @global int          $cuid
  * @return boolean
@@ -1096,7 +1096,7 @@ function panel_lock() {
 
 /**
  * 
- * @global m_err    $err
+ * @global m_messages    $msg
  * @global m_mem    $mem
  * @global int          $cuid
  * @return boolean
@@ -1143,29 +1143,29 @@ function csrf_get($return=false) {
  * a token can be only checked once, it's disabled then
  * @param $token string the token to check in the DB + session
  * @return $result integer 0 for invalid token, 1 for good token, -1 for expired token (already used)
- * if a token is invalid or expired, an $err is raised, that can be displayed
+ * if a token is invalid or expired, an $msg is raised, that can be displayed
  */
 function csrf_check($token=null) {
-    global $db,$err;
+    global $db,$msg;
 
     if (is_null($token)) $token=$_POST["csrf"];
 
     if (!isset($_SESSION["csrf"])) {
-        $err->raise("functions", _("The posted form token is incorrect. Maybe you need to allow cookies"));
+        $msg->raise('Error', "functions", _("The posted form token is incorrect. Maybe you need to allow cookies"));
         return 0; // no csrf cookie :/
     }
     if (strlen($token)!=32 || strlen($_SESSION["csrf"])!=32) {
         unset($_SESSION["csrf"]);
-        $err->raise("functions", _("Your cookie or token is invalid"));
+        $msg->raise('Error', "functions", _("Your cookie or token is invalid"));
         return 0; // invalid csrf cookie 
     }
     $db->query("SELECT used FROM csrf WHERE cookie=? AND token=?;",array($_SESSION["csrf"],$token));
     if (!$db->next_record()) {
-        $err->raise("functions", _("Your token is invalid"));
+        $msg->raise('Error', "functions", _("Your token is invalid"));
         return 0; // invalid csrf cookie 
     }
     if ($db->f("used")) {
-        $err->raise("functions", _("Your token is expired. Please refill the form."));
+        $msg->raise('Error', "functions", _("Your token is expired. Please refill the form."));
         return -1; // expired
     }
     $db->query("UPDATE csrf SET used=1 WHERE cookie=? AND token=?;",array($_SESSION["csrf"],$token)); 

From f6f5a15ded6c49aa7ad3603649af6e1b6ea39a94 Mon Sep 17 00:00:00 2001
From: quenenni <la.jolie@paquerette.org>
Date: Tue, 12 Sep 2017 14:49:33 +0200
Subject: [PATCH 22/23] =?UTF-8?q?le=20mdp=20des=20comptes=20mails=20=C3=A9?=
 =?UTF-8?q?taient=20chang=C3=A9s=20dans=20certains=20cas=20o=C3=B9=20il=20?=
 =?UTF-8?q?ne=20fallait=20pas?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bureau/admin/mail_doedit.php | 16 +++++++++++++---
 bureau/class/m_mail.php      |  4 +++-
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/bureau/admin/mail_doedit.php b/bureau/admin/mail_doedit.php
index 29138356..46561e0a 100644
--- a/bureau/admin/mail_doedit.php
+++ b/bureau/admin/mail_doedit.php
@@ -57,9 +57,19 @@ if (!$res=$mail->get_details($mail_id)) {
     exit();
   } else {
     $canbeempty = ($islocal != 1 || ($islocal == 1 && !$new_account))?true:false;
-    if (!$mail->set_passwd($mail_id,$pass,$canbeempty)) { /* SET THE PASSWORD */
-      include ("mail_edit.php");
-      exit();
+    if ($new_account || !empty($pass) || $islocal != 1) {
+      if ($islocal != 1)
+        $pass = ""; 
+
+      if (!$mail->set_passwd($mail_id,$pass,$canbeempty)) { /* SET THE PASSWORD */
+        include ("mail_edit.php");
+        exit();
+      }
+    } else if (!$new_account && empty($pass) && $islocal == 1 && $res['password'] == "") {
+      if (!$mail->set_passwd($mail_id,$pass, false)) { /* SET THE PASSWORD */
+        include ("mail_edit.php");
+        exit();
+      }
     }
   }	
 
diff --git a/bureau/class/m_mail.php b/bureau/class/m_mail.php
index 667241b9..b5bfe530 100644
--- a/bureau/class/m_mail.php
+++ b/bureau/class/m_mail.php
@@ -615,7 +615,9 @@ ORDER BY
         if (!$admin->checkPolicy("pop", $email, $pass, $canbeempty)) {
             return false;
         }
-        if (!$db->query("UPDATE address SET password= ? where id = ? ;", array(_md5cr($pass), $mail_id ))) {
+        if ($canbeempty && empty($pass)) {
+          return $db->query("UPDATE address SET password= ? where id = ? ;", array(null, $mail_id ));
+        } else if (!$db->query("UPDATE address SET password= ? where id = ? ;", array(_md5cr($pass), $mail_id ))) {
             return false;
         }
         return true;

From b777f982e5125c9c9f115f13f71ba4a289308826 Mon Sep 17 00:00:00 2001
From: Benjamin Sonntag <benjamin@sonntag.fr>
Date: Fri, 6 Oct 2017 12:00:27 +0200
Subject: [PATCH 23/23] [doc] switching comments to english for quenenni
 patches

---
 bureau/class/m_messages.php | 261 ++++++++++++++++++------------------
 1 file changed, 128 insertions(+), 133 deletions(-)

diff --git a/bureau/class/m_messages.php b/bureau/class/m_messages.php
index 6c8acd9b..2b770306 100644
--- a/bureau/class/m_messages.php
+++ b/bureau/class/m_messages.php
@@ -1,7 +1,6 @@
 <?php
 
 /*
-  $Id: m_messages.php,v 1.4 2004/05/19 14:23:06 benjamin Exp $
   ----------------------------------------------------------------------
   LICENSE
 
@@ -17,111 +16,108 @@
 
   To read the license please visit http://www.gnu.org/copyleft/gpl.html
   ----------------------------------------------------------------------
-  Original Author of file: Benjamin Sonntag, Franck Missoum
-  ----------------------------------------------------------------------
- */
+*/
 
 /**
- * Classe de gestion des messages apparaissant lors d'appels API.
+ * Handle messages (error, warning, info, ok) appearing in API calls. 
  *
- * <p>Cette classe gère les messages qui peuvent apparaitre lors d'appels
- * à l'API d'AlternC. Ces msgs sont stockées sous la forme d'1 nombre
- * (Classe ID) ainsi que du msg en associé.
- * Des messages localisés sont aussi disponibles.</p>
- * <p>Cette classe se charge aussi d'insérer les appels à l'API d'AlternC
- * dans les logs du système dans /var/log/alternc/bureau.log
+ * <p>This class handles messages appearing while calling API functions of AlternC
+ * Those messages are stored as a number (class-id) and a message
+ * localized messages are available</p>
+ * <p>This class also handle inserting those messages into the logging 
+ * system in /var/log/alternc/bureau.log
  * </p>
- * Copyleft {@link http://alternc.net/ AlternC Team}
  * 
- * @copyright    AlternC-Team 2002-11-01 http://alternc.net/
+ * @copyright    AlternC-Team  https://alternc.com/
  */
 class m_messages {
 
-    /** Tableau qui va contenir les messages et leur id */
+    /** Contains the messages and their ID */
     var $arrMessages = array();
 
-    /** Emplacement du fichier de logs d'AlternC */
     var $logfile = "/var/log/alternc/bureau.log";
 
-    /** Liste of possible type */
+    /** List of possible message types */
     var $ARRTYPES = array("ERROR", "ALERT", "INFO", "OK");
 
-    /** Associate css classes */
+    /** CSS classes for each type */
     var $ARRCSS = array(
-	"ERROR" => "alert-danger",
-	"ALERT" => "alert-warning",
-	"INFO" => "alert-info",
-	"OK" => "alert-success"
+        "ERROR" => "alert-danger",
+        "ALERT" => "alert-warning",
+        "INFO" => "alert-info",
+        "OK" => "alert-success"
     );
 
     public function __construct() {
-	$this->init_msgs();
+        $this->init_msgs();
     }
 
     /**
-     * Enregistre un message, signale celle-ci dans les logs
+     * Record a message, insert it into the logfile.
      * 
-     * Cette fonction enregistre un message, l'ajoute dans les logs d'AlternC, 
-     * et la met à disposition pour le bureau virtuel pour affichage ultérieur.
+     * This function records a message, add it to the logfile,
+     * and make it available for the web panel to print it later.
      *
      * @param string $cat The category of the msg array to work with
-     * @param integer $clsid Classe qui lève le message
-     * @param mixed $msg Message
-     * @param string $param Paramètre chaine associé au message (facultatif)
-     * @return boolean TRUE si le msg est enregistré, FALSE sinon.
+     * @param integer $clsid Which class raises this message
+     * @param mixed $msg The message
+     * @param string $param Non-mandatory string parameter for this message
+     * @return boolean TRUE if the message got recorded, FALSE if not.
      *
      */
     function raise($cat = "Error", $clsid, $msg, $param = "") {
-	$arrInfos  = array();
+        $arrInfos  = array();
 
-	$type = strtoupper($cat);
-	if (! in_array($type, $this->ARRTYPES)) {
-	    return false;
-	}
+        $type = strtoupper($cat);
+        if (! in_array($type, $this->ARRTYPES)) {
+            return false;
+        }
 
-	$arrInfos['clsid'] = $clsid;
-	$arrInfos['msg'] = $msg;
-	$arrInfos['param'] = is_array($param)?$param:(empty($param)?"":array($param));
+        $arrInfos['clsid'] = $clsid;
+        $arrInfos['msg'] = $msg;
+        $arrInfos['param'] = is_array($param)?$param:(empty($param)?"":array($param));
 
-	$this->arrMessages[$type][] = $arrInfos;
+        $this->arrMessages[$type][] = $arrInfos;
 
         $this->logAlternC($cat);
         return true;
     }
-
+    
+    /**
+     * Reset the stored messages array
+     */
     function init_msgs() {
-	// Initialisation du tableau des message
-	foreach ($this->ARRTYPES as $v) {
-	    $this->arrMessages[$v] = array();
-	}
+        foreach ($this->ARRTYPES as $v) {
+            $this->arrMessages[$v] = array();
+        }
     }
 
     /**
-     * Indique s'il y a ds msgs enregistrés pour une catégorie si le param $cat contient une catégorie
-     * ou pour toutesl es catégories si $cat est vide
+     * Tell if there are stored messages for a specific level
+     * or for all levels (if level is empty)
      *
-     * @param string $cat The category of the msg array to work with
-     * @return boolean True if there is/are msg recorded.
+     * @param string $cat The level of the msg array to work with
+     * @return boolean TRUE if there is/are msg recorded.
      *
      */
     function has_msgs($cat) {
-	$type = strtoupper($cat);
-	if (in_array($type, $this->ARRTYPES)) {
-	    return (count($this->arrMessages[$type]) > 0);
-	} else {
-	    foreach ($this->arrMessages as $v) {
-		if (count($v) > 0)
-		    return true;
-	    }
-	    return false;
-	}
+        $type = strtoupper($cat);
+        if (in_array($type, $this->ARRTYPES)) {
+            return (count($this->arrMessages[$type]) > 0);
+        } else {
+            foreach ($this->arrMessages as $v) {
+                if (count($v) > 0)
+                    return true;
+            }
+            return false;
+        }
     }
 
     /**
-     * Retourne la chaine de message concaténés de l'ensemble des msgs enregistrés
-     * ou du dernièr message rencontré
+     * Return a string of concateneted messages of all recorded messages
+     * or only the last message
      *
-     * @param string $cat The category of the msg array to work with
+     * @param string $cat The level of the msg array to work with
      * @param string $sep The separator used to concatenate msgs
      * @param boolean $all show all the messages or only the last one
      *
@@ -129,78 +125,78 @@ class m_messages {
      *
      */
     function msg_str($cat = "Error", $sep = "<li>", $all = true) {
-	$str = "";
+        $str = "";
 
-	$type = strtoupper($cat);
-	if (! in_array($type, $this->ARRTYPES)) {
-	    return false;
-	}
+        $type = strtoupper($cat);
+        if (! in_array($type, $this->ARRTYPES)) {
+            return false;
+        }
 
-	if (! $this->has_msgs($cat))
-	    return "";
+        if (! $this->has_msgs($cat))
+            return "";
 
-	if ($all) {
-	    foreach ($this->arrMessages[$type] as $k => $arrMsg) {
-		$args = $arrMsg['param'];
+        if ($all) {
+            foreach ($this->arrMessages[$type] as $k => $arrMsg) {
+                $args = $arrMsg['param'];
 
-		if (is_array($args) && count($args) > 0) {
-		    array_unshift($args, $arrMsg['msg']);
-		    if ($sep == "<li>")
-		        $str .= "<li>" . call_user_func_array("sprintf", $args) . "</li>";
-		    else
-			$str .= call_user_func_array("sprintf", $args) . $sep;
-		} else
-		    if ($sep == "<li>")
-		        $str .= "<li>" . $arrMsg['msg'] . "</li>";
-		    else
-			$str .= $arrMsg['msg'] . $sep;
+                if (is_array($args) && count($args) > 0) {
+                    array_unshift($args, $arrMsg['msg']);
+                    if ($sep == "<li>")
+                        $str .= "<li>" . call_user_func_array("sprintf", $args) . "</li>";
+                    else
+                        $str .= call_user_func_array("sprintf", $args) . $sep;
+                } else
+                    if ($sep == "<li>")
+                        $str .= "<li>" . $arrMsg['msg'] . "</li>";
+                    else
+                        $str .= $arrMsg['msg'] . $sep;
             }
 
-	    if ($sep == "<li>") 
-		$str = "<ul>".$str."</ul>";
+            if ($sep == "<li>") 
+                $str = "<ul>".$str."</ul>";
 
-	} else {
-	    $i = count($this->arrMessages[$type]) - 1;
-	    if ($i > 0) {
-		$arr_msg=$this->arrMessages[$type][$i];
-		$args = $arr_msg['param'];
-		if (is_array($args) && count($args) > 0) {
-		    array_unshift($args, $arr_msg['msg']);
-		    $str = call_user_func_array("sprintf", $args);
-		} else
-		    $str = $arr_msg['msgId'];
-	    }
-	}
+        } else {
+            $i = count($this->arrMessages[$type]) - 1;
+            if ($i > 0) {
+                $arr_msg=$this->arrMessages[$type][$i];
+                $args = $arr_msg['param'];
+                if (is_array($args) && count($args) > 0) {
+                    array_unshift($args, $arr_msg['msg']);
+                    $str = call_user_func_array("sprintf", $args);
+                } else
+                    $str = $arr_msg['msgId'];
+            }
+        }
 
-	return $str;
+        return $str;
     }
 
     /**
-     * Retourn le message au format Html avec la class Css associée
+     * Return a message in HTML form with associated CSS
      *
-     * @param string $cat The category of the msg array to work with
+     * @param string $cat The level of the msg array to work with
      * @param string $sep The separator used to concatenate msgs
      * @param boolean $all show all the messages or only the last one
      *
      * @return string HTML message
      */
     function msg_html($cat = "Error", $sep = "<li>", $all = true) {
-	$type = strtoupper($cat);
-	if (! in_array($type, $this->ARRTYPES)) {
-	    return false;
-	}
+        $type = strtoupper($cat);
+        if (! in_array($type, $this->ARRTYPES)) {
+            return false;
+        }
 
-	if (count($this->arrMessages[$type]) == 0)
-	    return "";
+        if (count($this->arrMessages[$type]) == 0)
+            return "";
 
-	$str = $this->msg_str($cat, $sep, $all);
-	$str = "<div class='alert " . $this->ARRCSS[$type] . "'>" . $str . "</div>";
+        $str = $this->msg_str($cat, $sep, $all);
+        $str = "<div class='alert " . $this->ARRCSS[$type] . "'>" . $str . "</div>";
 
-	return $str;
+        return $str;
     }
 
     /**
-     * Retourn le message de toutes les catégories au format Html avec la class Css associée
+     * Return all the messages of all levels in HTML form with associated CSS
      *
      * @param string $sep The separator used to concatenate msgs
      * @param boolean $all show all the messages or only the last one
@@ -208,48 +204,47 @@ class m_messages {
      * @return string HTML message
      */
     function msg_html_all($sep = "<li>", $all = true, $init = false) {
-	$msg="";
+        $msg="";
 
-	$msg.=$this->msg_html("Error", $sep, $all);
-	$msg.=$this->msg_html("Ok", $sep, $all);
-	$msg.=$this->msg_html("Info", $sep, $all);
-	$msg.=$this->msg_html("Alert", $sep, $all);
+        $msg.=$this->msg_html("Error", $sep, $all);
+        $msg.=$this->msg_html("Ok", $sep, $all);
+        $msg.=$this->msg_html("Info", $sep, $all);
+        $msg.=$this->msg_html("Alert", $sep, $all);
 
-	if ($init)
-		$this->init_msgs();
+        if ($init)
+            $this->init_msgs();
 
-	return $msg;
+        return $msg;
     }
 
     /**
-     * Envoi un log dans /var/log/alternc/bureau.log
-     *
-     * Cette fonction Loggue le dernier msg dans /var/log sur la machine,
-     * permettant ainsi aux admins de savoir ce qu'il se passe...
-     * Elle est appelée automatiquement par error
+     * Log a message into /var/log/alternc/bureau.log
+     * 
+     * This function logs the last message in the /var/log/alternc folder
+     * allowing sysadmins to know what's happened.
+     * automatically called by raise()
      * @access private
      */
     function logAlternC($cat = "Error") {
         global $mem;
 
-	$type = strtoupper($cat);
-	if (! in_array($type, $this->ARRTYPES)) {
-	    return false;
-	}
+        $type = strtoupper($cat);
+        if (! in_array($type, $this->ARRTYPES)) {
+            return false;
+        }
 
         @file_put_contents($this->logfile, date("d/m/Y H:i:s") . " - " . get_remote_ip() . " - $type - " . $mem->user["login"] . " - " . $this->msg_str($cat, "", false), FILE_APPEND);
     }
 
     /**
-     * Envoi un log d'appel d'API dans /var/log/alternc/bureau.log
+     * Log an API function call into /var/log/alternc/bureau.log
      *
-     * Cette fonction loggue dans /var/log l'appel à la fonction de l'API
-     * d'AlternC.
+     * This function logs in /var/log/alternc an API function call of AlternC
      *
-     * @param integer $clsid Numéro de la classe dont on a appelé une fonction
-     * @param string $function Nom de la fonction appelée
-     * @param string $param Paramètre (facultatif) passés à la fonction de l'API.
-     * @return boolean TRUE si le log a été ajouté, FALSE sinon
+     * @param integer $clsid Number of the class doing the call
+     * @param string $function Name of the called function
+     * @param string $param non-mandatory parameters of the API call
+     * @return boolean TRUE if the log where successfull, FALSE if not
      *
      */
     function log($clsid, $function, $param = "") {
@@ -259,4 +254,4 @@ class m_messages {
 
 }
 
-/* Classe m_messages */
+/* Class m_messages */