Xibo

Merge lp:~dangarner/xibo/server170 into lp:xibo/1.7

server170
Merge into tuttle

Proposed by Dan Garner on 2015-01-09

Status:

Merged

Merged at revision:

355

Proposed branch:

lp:~dangarner/xibo/server170

Merge into:

lp:xibo/1.7

Diff against target:

6714 lines (+3283/-1421)

69 files modified

manual/generate.php (+4/-164)
manual/manualgenerator.class.php (+211/-0)
manual/source/en/install_environment.md (+7/-139)
manual/source/en/install_environment_linux.md (+93/-0)
manual/source/en/install_environment_windows_iis.md (+195/-0)
manual/source/en/install_environment_windows_xampp.md (+47/-0)
manual/source/en/release_notes.md (+1/-0)
manual/source/en/release_notes_1.7.0-rc1.md (+53/-0)
manual/source/fr/tour.md (+65/-0)
manual/template/template.php (+21/-1)
server/config/client.config.php (+24/-2)
server/install/database/60.sql (+13/-0)
server/install/database/80.sql (+1/-1)
server/install/database/81.sql (+1/-1)
server/install/database/83.sql (+5/-0)
server/install/master/data.sql (+3/-3)
server/install/master/structure.sql (+7/-7)
server/lib/app/kit.class.php (+58/-0)
server/lib/app/thememanager.class.php (+2/-2)
server/lib/data/dataset.data.class.php (+27/-10)
server/lib/data/datasetdata.data.class.php (+2/-2)
server/lib/data/displayprofile.data.class.php (+2/-2)
server/lib/data/layout.data.class.php (+8/-2)
server/lib/data/media.data.class.php (+1/-6)
server/lib/data/nonce.data.class.php (+11/-0)
server/lib/data/userdata.data.class.php (+85/-0)
server/lib/include.php (+1/-1)
server/lib/modules/module.class.php (+47/-12)
server/lib/pages/admin.class.php (+4/-7)
server/lib/pages/content.class.php (+53/-48)
server/lib/pages/dataset.class.php (+11/-1)
server/lib/pages/display.class.php (+25/-16)
server/lib/pages/layout.class.php (+8/-3)
server/lib/pages/log.class.php (+2/-0)
server/lib/pages/module.class.php (+40/-30)
server/lib/pages/stats.class.php (+27/-3)
server/lib/pages/timeline.class.php (+9/-2)
server/lib/pages/user.class.php (+22/-35)
server/lib/service/service_v3.wsdl (+0/-9)
server/lib/service/xmdssoap3.class.php (+566/-599)
server/lib/service/xmdssoap4.class.php (+39/-31)
server/modules/3rdparty/twitter-oauth/OAuth.php (+872/-0)
server/modules/3rdparty/twitter-oauth/twitteroauth.php (+243/-0)
server/modules/clock.module.php (+0/-19)
server/modules/datasetview.module.php (+0/-8)
server/modules/embedded.module.php (+0/-14)
server/modules/forecastio.module.php (+43/-37)
server/modules/image.module.php (+1/-1)
server/modules/module_template.php (+2/-8)
server/modules/module_user_general.php (+41/-0)
server/modules/text.module.php (+0/-14)
server/modules/theme/forecastio/current-day.template.json (+7/-0)
server/modules/theme/forecastio/daily.template.json (+7/-0)
server/modules/theme/forecastio/picture.template.json (+7/-0)
server/modules/theme/ticker/media-rss-with-title.template.json (+6/-0)
server/modules/theme/ticker/prominent-title-with-desc-and-name-separator.template.json (+6/-0)
server/modules/theme/ticker/title-only.template.json (+6/-0)
server/modules/theme/twitter/tweet-only.template.json (+6/-0)
server/modules/theme/twitter/tweet-with-profileimage-left.template.json (+6/-0)
server/modules/theme/twitter/tweet-with-profileimage-right.template.json (+6/-0)
server/modules/ticker.module.php (+55/-41)
server/modules/twitter.module.php (+152/-53)
server/modules/webpage.module.php (+0/-13)
server/theme/default/config.php (+0/-1)
server/theme/default/html/display_form_mediainventory.php (+0/-52)
server/theme/default/html/library_form_media_add.php (+11/-4)
server/theme/default/html/schedule_page.php (+1/-1)
server/theme/default/js/xibo-forms.js (+0/-12)
server/theme/default/libraries/jquery-file-upload/js/jquery.fileupload-ui.js (+4/-4)

To merge this branch:

bzr merge lp:~dangarner/xibo/server170

Related bugs:

Bug #1397139: Update 1.6.3 to 1.7 Beta Error	Undecided	Fix Released
Bug #1397143: DEFAULT CHARSET=utf32 ERROR in 1.7 beta	Undecided	Fix Released
Bug #1397237: Delete associated data when deleting a DataSet	Wishlist	Fix Released
Bug #1399278: Problems with 1.6 clients connecting to 1.7.0-beta	Undecided	Fix Released
Bug #1399649: Upgrade that adds timeline page misses re-asserting it on existing for existing permissions	Undecided	Fix Released
Bug #1400515: nothing selected traslation	Low	Fix Released
Bug #1401833: Upload bar doesn't go up	Undecided	Fix Released
Bug #1402292: 1.7- Bandwidth Statistics - All Option	Undecided	Fix Released
Bug #1402295: Library - Owner COMBO	Undecided	Fix Released
Bug #1408009: Username truncation	Low	Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Xibo Maintainters		2015-01-09	Pending
Review via email: mp+245939@code.launchpad.net

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches

to all changes:

Dan Garner

Matt Litchfield

marienk

viccha

xiaozhang

Xibo

Merge lp:~dangarner/xibo/server170 into lp:xibo/1.7

Commit message

Description of the change

Preview Diff

Subscribers

 === modified file 'manual/generate.php'
 --- manual/generate.php	2014-11-06 17:57:03 +0000
 +++ manual/generate.php	2015-01-09 11:27:10 +0000
@@ -1,170 +1,10 @@
  <?php
  include_once('libraries/parsedown/parsedown.php');
++include_once('manualgenerator.class.php');
  include_once('template/template.php');
--$OUTPUT_ROOT = 'output/';
--
  // Generates a complete manual.
--
--// Copy the bootstrap, jquery folders and the img folder
--if (!is_dir($OUTPUT_ROOT . 'libraries'))
--    mkdir($OUTPUT_ROOT . 'libraries');
--
--xcopy('libraries/bootstrap', $OUTPUT_ROOT . 'libraries/bootstrap');
--xcopy('libraries/jquery', $OUTPUT_ROOT . 'libraries/jquery');
--xcopy('template/img', $OUTPUT_ROOT . 'img');
--xcopy('template/manual.css', $OUTPUT_ROOT . 'manual.css');
--
--$languages = array();
--
--// Get a list of folders
--foreach (array_diff(scandir('source'), array('..', '.')) as $langDir) {
--
--    if (is_dir('source/' . $langDir)) {
--        echo 'Found ' . $langDir . PHP_EOL;
--
--        // Make sure our output folder is empty
--        if (is_dir($OUTPUT_ROOT . $langDir)) {
--            delete($OUTPUT_ROOT . $langDir);
--            sleep(3);
--        }
--
--        mkdir($OUTPUT_ROOT . $langDir);
--
--        // Make sure a full suite of images is present.
--        xcopy('source/en/img', $OUTPUT_ROOT . $langDir . '/img');
--
--        // And layer in any language specific replacements
--        if (is_dir('source/' . $langDir . '/img'))
--            xcopy('source/' . $langDir . '/img', $OUTPUT_ROOT . $langDir . '/img');
--
--        if ($langDir != 'en')
--            $languages[] = $langDir;
--    }
--}
--
--// Build a langs string
--$langsString = '<a href="../en/index.html">en</a>';
--foreach ($languages as $lang) {
--    $langsString .= ' | <a href="../' . $lang . '/index.html">' . $lang . '</a>';
--}
--
--// Scan files in the EN folder:
--foreach (array_diff(scandir('source/en'), array('..', '.')) as $file) {
--    if (stripos($file, '.md')) {
--        // Process each file in turn
--        processFile($langsString, $OUTPUT_ROOT, 'en', str_replace('.md', '', $file));
--
--        // Process for the other languages.
--        foreach ($languages as $lang) {
--            processFile($langsString, $OUTPUT_ROOT, $lang, str_replace('.md', '', $file));
--        }
--    }
--}
--
--echo PHP_EOL;
--
--function processFile($langs, $folder, $lang, $file) {
--
--    echo '.';
--    flush();
--
--    // Get the page content
--    $pageContent = Parsedown::instance()->text(processReplacements($lang, file_get_contents_or_default($lang, $file . '.md')));
--    $toc = strtok($pageContent, "\n");
--    $toc = str_replace('-->', '', str_replace('<!--toc=', '', $toc));
--
--    // Header
--    $string  = processReplacements($lang, file_get_contents('template/header.html'));
--    $string .= processReplacements($lang, file_get_contents('template/footer.html'));
--
--    $string = str_replace('[[TOCNAME]]', $toc, $string);
--    $string = str_replace('[[PAGE]]', $pageContent, $string);
--    $string = str_replace('[[NAVBAR]]', file_get_contents_or_default($lang, '/toc/nav_bar.html'), $string);
--
--    // Handle the TOC
--    $string = str_replace('[[TOC]]', Parsedown::instance()->text(file_get_contents_or_default($lang, '/toc/' . $toc . '.md')), $string);
--
--    // Replace the languages
--    $string = str_replace('[[LANGS]]', $langs, $string);
--
--    file_put_contents($folder . $lang . DIRECTORY_SEPARATOR . $file . '.html', $string);
--}
--
--function file_get_contents_or_default($lang, $file) {
--    if (file_exists('source' . DIRECTORY_SEPARATOR . $lang . DIRECTORY_SEPARATOR . $file))
--        return file_get_contents('source' . DIRECTORY_SEPARATOR . $lang . DIRECTORY_SEPARATOR . $file);
--    else
--        return file_get_contents('source' . DIRECTORY_SEPARATOR . 'en' . DIRECTORY_SEPARATOR . $file);
--}
--
--function processReplacements($lang, $string) {
--    // Replace the nav bar
--    $string = str_replace('[[PRODUCTNAME]]', PRODUCT_NAME, $string);
--    $string = str_replace('[[PRODUCTVERSION]]', PRODUCT_VERSION, $string);
--    $string = str_replace('[[PRODUCTHOME]]', PRODUCT_HOME, $string);
--    $string = str_replace('[[PRODUCTSUPPORTURL]]', PRODUCT_SUPPORT_URL, $string);
--    $string = str_replace('[[PRODUCTFAQURL]]', PRODUCT_FAQ_URL, $string);
--
--    return $string;
--}
--
--/**
-- * Copy a file, or recursively copy a folder and its contents
-- * @param       string   $source    Source path
-- * @param       string   $dest      Destination path
-- * @param       string   $permissions New folder creation permissions
-- * @return      bool     Returns true on success, false on failure
-- */
--function xcopy($source, $dest, $permissions = 0755)
--{
--    // Check for symlinks
--    if (is_link($source)) {
--        return symlink(readlink($source), $dest);
--    }
--
--    // Simple copy for a file
--    if (is_file($source)) {
--        return copy($source, $dest);
--    }
--
--    // Make destination directory
--    if (!is_dir($dest)) {
--        mkdir($dest, $permissions);
--    }
--
--    // Loop through the folder
--    $dir = dir($source);
--    while (false !== $entry = $dir->read()) {
--        // Skip pointers
--        if ($entry == '.' || $entry == '..') {
--            continue;
--        }
--
--        // Deep copy directories
--        xcopy("$source/$entry", "$dest/$entry");
--    }
--
--    // Clean up
--    $dir->close();
--    return true;
--}
--
--function delete($path)
--{
--    if (is_dir($path) === true) {
--        $files = array_diff(scandir($path), array('.', '..'));
--
--        foreach ($files as $file) {
--            delete(realpath($path) . '/' . $file);
--        }
--
--        return rmdir($path);
--    }
--    else if (is_file($path) === true) {
--        return unlink($path);
--    }
--
--    return false;
--}
++$manual = new ManualGenerator(PRODUCT_NAME, PRODUCT_VERSION, PRODUCT_HOME, PRODUCT_SUPPORT_URL, PRODUCT_FAQ_URL);
++$manual->build('', 'output/');
++
  ?>
 === added file 'manual/manualgenerator.class.php'
 --- manual/manualgenerator.class.php	1970-01-01 00:00:00 +0000
 +++ manual/manualgenerator.class.php	2015-01-09 11:27:10 +0000
@@ -0,0 +1,211 @@
++<?php
++/*
++ * Xibo - Digital Signage - http://www.xibo.org.uk
++ * Copyright (C) 2006-2014 Spring Signage Ltd
++ *
++ * This file is part of Xibo.
++ *
++ * Xibo is free software: you can redistribute it and/or modify
++ * it under the terms of the GNU Affero General Public License as published by
++ * the Free Software Foundation, either version 3 of the License, or
++ * any later version.
++ *
++ * Xibo is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ * GNU Affero General Public License for more details.
++ *
++ * You should have received a copy of the GNU Affero General Public License
++ * along with Xibo.  If not, see <http://www.gnu.org/licenses/>.
++ */
++class ManualGenerator
++{
++    private $productName;
++    private $productVersion;
++    private $productHome;
++    private $productSupportUrl;
++    private $productFaqUrl;
++
++    private $sourcePath;
++    private $outputPath;
++
++    public function __construct($productName, $productVersion, $productHome, $productSupportUrl, $productFaqUrl)
++    {
++        $this->productName = $productName;
++        $this->productVersion = $productVersion;
++        $this->productHome = $productHome;
++        $this->productSupportUrl = $productSupportUrl;
++        $this->productFaqUrl = $productFaqUrl;
++    }
++
++    public function build($sourcePath, $outputPath)
++    {
++        $this->outputPath = $outputPath;
++        $this->sourcePath = $sourcePath;
++
++        // Copy the bootstrap, jquery folders and the img folder
++        if (!is_dir($this->outputPath . 'libraries'))
++            mkdir($this->outputPath . 'libraries');
++
++        $this->xcopy($this->sourcePath . 'libraries/bootstrap', $this->outputPath . 'libraries/bootstrap');
++        $this->xcopy($this->sourcePath . 'libraries/jquery', $this->outputPath . 'libraries/jquery');
++        $this->xcopy($this->sourcePath . 'template/img', $this->outputPath . 'img');
++        $this->xcopy($this->sourcePath . 'template/manual.css', $this->outputPath . 'manual.css');
++
++        $languages = array();
++
++        // Get a list of folders
++        foreach (array_diff(scandir($this->sourcePath . 'source'), array('..', '.')) as $langDir) {
++
++            if (is_dir($this->sourcePath . 'source/' . $langDir)) {
++                echo 'Found ' . $langDir . PHP_EOL;
++
++                // Make sure our output folder is empty
++                if (is_dir($this->outputPath . $langDir)) {
++                    $this->delete($this->outputPath . $langDir);
++                    sleep(3);
++                }
++
++                mkdir($this->outputPath . $langDir);
++
++                // Make sure a full suite of images is present.
++                $this->xcopy($this->sourcePath . 'source/en/img', $this->outputPath . $langDir . '/img');
++
++                // And layer in any language specific replacements
++                if (is_dir($this->sourcePath . 'source/' . $langDir . '/img'))
++                    $this->xcopy($this->sourcePath . 'source/' . $langDir . '/img', $this->outputPath . $langDir . '/img');
++
++                if ($langDir != 'en')
++                    $languages[] = $langDir;
++            }
++        }
++
++        // Build a langs string
++        $langsString = '<a href="../en/index.html">en</a>';
++        foreach ($languages as $lang) {
++            $langsString .= ' | <a href="../' . $lang . '/index.html">' . $lang . '</a>';
++        }
++
++        // Scan files in the EN folder:
++        foreach (array_diff(scandir($this->sourcePath . 'source/en'), array('..', '.')) as $file) {
++            if (stripos($file, '.md')) {
++                // Process each file in turn
++                $this->processFile($langsString, $this->outputPath, 'en', str_replace('.md', '', $file));
++
++                // Process for the other languages.
++                foreach ($languages as $lang) {
++                    $this->processFile($langsString, $this->outputPath, $lang, str_replace('.md', '', $file));
++                }
++            }
++        }
++
++        echo PHP_EOL;
++    }
++
++    private function processFile($langs, $folder, $lang, $file)
++    {
++        echo '.';
++        flush();
++
++        // Get the page content
++        $pageContent = Parsedown::instance()->text($this->processReplacements($lang, $this->file_get_contents_or_default($lang, $file . '.md')));
++        $toc = strtok($pageContent, "\n");
++        $toc = str_replace('-->', '', str_replace('<!--toc=', '', $toc));
++
++        // Header
++        $string  = $this->processReplacements($lang, file_get_contents($this->sourcePath . 'template/header.html'));
++        $string .= $this->processReplacements($lang, file_get_contents($this->sourcePath . 'template/footer.html'));
++
++        $string = str_replace('[[TOCNAME]]', $toc, $string);
++        $string = str_replace('[[PAGE]]', $pageContent, $string);
++        $string = str_replace('[[NAVBAR]]', $this->file_get_contents_or_default($lang, '/toc/nav_bar.html'), $string);
++
++        // Handle the TOC
++        $string = str_replace('[[TOC]]', Parsedown::instance()->text($this->file_get_contents_or_default($lang, '/toc/' . $toc . '.md')), $string);
++
++        // Replace the languages
++        $string = str_replace('[[LANGS]]', $langs, $string);
++
++        file_put_contents($folder . $lang . DIRECTORY_SEPARATOR . $file . '.html', $string);
++    }
++
++    private function file_get_contents_or_default($lang, $file)
++    {
++        if (file_exists($this->sourcePath . 'source' . DIRECTORY_SEPARATOR . $lang . DIRECTORY_SEPARATOR . $file))
++            return file_get_contents($this->sourcePath . 'source' . DIRECTORY_SEPARATOR . $lang . DIRECTORY_SEPARATOR . $file);
++        else
++            return file_get_contents($this->sourcePath . 'source' . DIRECTORY_SEPARATOR . 'en' . DIRECTORY_SEPARATOR . $file);
++    }
++
++    private function processReplacements($lang, $string)
++    {
++        // Replace the nav bar
++        $string = str_replace('[[PRODUCTNAME]]', $this->productName, $string);
++        $string = str_replace('[[PRODUCTVERSION]]', $this->productVersion, $string);
++        $string = str_replace('[[PRODUCTHOME]]', $this->productHome, $string);
++        $string = str_replace('[[PRODUCTSUPPORTURL]]', $this->productSupportUrl, $string);
++        $string = str_replace('[[PRODUCTFAQURL]]', $this->productFaqUrl, $string);
++
++        return $string;
++    }
++
++    /**
++     * Copy a file, or recursively copy a folder and its contents
++     * @param       string   $source    Source path
++     * @param       string   $dest      Destination path
++     * @param       string   $permissions New folder creation permissions
++     * @return      bool     Returns true on success, false on failure
++     */
++    function xcopy($source, $dest, $permissions = 0755)
++    {
++        // Check for symlinks
++        if (is_link($source)) {
++            return symlink(readlink($source), $dest);
++        }
++
++        // Simple copy for a file
++        if (is_file($source)) {
++            return copy($source, $dest);
++        }
++
++        // Make destination directory
++        if (!is_dir($dest)) {
++            mkdir($dest, $permissions);
++        }
++
++        // Loop through the folder
++        $dir = dir($source);
++        while (false !== $entry = $dir->read()) {
++            // Skip pointers
++            if ($entry == '.' || $entry == '..') {
++                continue;
++            }
++
++            // Deep copy directories
++            $this->xcopy("$source/$entry", "$dest/$entry");
++        }
++
++        // Clean up
++        $dir->close();
++        return true;
++    }
++
++    function delete($path)
++    {
++        if (is_dir($path) === true) {
++            $files = array_diff(scandir($path), array('.', '..'));
++
++            foreach ($files as $file) {
++                $this->delete(realpath($path) . '/' . $file);
++            }
++
++            return rmdir($path);
++        }
++        else if (is_file($path) === true) {
++            return unlink($path);
++        }
++
++        return false;
++    }
++}
++?>
 === added file 'manual/source/en/img/install_environment_windows_cms_install_step1.png'
 Binary files manual/source/en/img/install_environment_windows_cms_install_step1.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_cms_install_step1.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_cms_install_step2.png'
 Binary files manual/source/en/img/install_environment_windows_cms_install_step2.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_cms_install_step2.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_cms_install_step3.png'
 Binary files manual/source/en/img/install_environment_windows_cms_install_step3.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_cms_install_step3.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_iismgr_install.png'
 Binary files manual/source/en/img/install_environment_windows_iismgr_install.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_iismgr_install.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_mysql_install_step1.png'
 Binary files manual/source/en/img/install_environment_windows_mysql_install_step1.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_mysql_install_step1.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_mysql_install_step2.png'
 Binary files manual/source/en/img/install_environment_windows_mysql_install_step2.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_mysql_install_step2.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_mysql_install_step3.png'
 Binary files manual/source/en/img/install_environment_windows_mysql_install_step3.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_mysql_install_step3.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_mysql_install_step4.png'
 Binary files manual/source/en/img/install_environment_windows_mysql_install_step4.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_mysql_install_step4.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_mysql_install_step5.png'
 Binary files manual/source/en/img/install_environment_windows_mysql_install_step5.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_mysql_install_step5.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_mysql_install_step6.png'
 Binary files manual/source/en/img/install_environment_windows_mysql_install_step6.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_mysql_install_step6.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_php_install_step1.png'
 Binary files manual/source/en/img/install_environment_windows_php_install_step1.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_php_install_step1.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_php_install_step2.png'
 Binary files manual/source/en/img/install_environment_windows_php_install_step2.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_php_install_step2.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_php_install_step3.png'
 Binary files manual/source/en/img/install_environment_windows_php_install_step3.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_php_install_step3.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_php_install_step4.png'
 Binary files manual/source/en/img/install_environment_windows_php_install_step4.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_php_install_step4.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_php_install_step5.png'
 Binary files manual/source/en/img/install_environment_windows_php_install_step5.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_php_install_step5.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_php_install_step6.png'
 Binary files manual/source/en/img/install_environment_windows_php_install_step6.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_php_install_step6.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_phpmyadmin_install_step1.png'
 Binary files manual/source/en/img/install_environment_windows_phpmyadmin_install_step1.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_phpmyadmin_install_step1.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_phpmyadmin_install_step2.png'
 Binary files manual/source/en/img/install_environment_windows_phpmyadmin_install_step2.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_phpmyadmin_install_step2.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_phpmyadmin_install_step3.png'
 Binary files manual/source/en/img/install_environment_windows_phpmyadmin_install_step3.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_phpmyadmin_install_step3.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_phpmyadmin_install_step4.png'
 Binary files manual/source/en/img/install_environment_windows_phpmyadmin_install_step4.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_phpmyadmin_install_step4.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_phpmyadmin_install_step5.png'
 Binary files manual/source/en/img/install_environment_windows_phpmyadmin_install_step5.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_phpmyadmin_install_step5.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_phpmyadmin_install_step6.png'
 Binary files manual/source/en/img/install_environment_windows_phpmyadmin_install_step6.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_phpmyadmin_install_step6.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_phpmyadmin_install_step7.png'
 Binary files manual/source/en/img/install_environment_windows_phpmyadmin_install_step7.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_phpmyadmin_install_step7.png	2015-01-09 11:27:10 +0000 differ
 === added file 'manual/source/en/img/install_environment_windows_wpi_install.png'
 Binary files manual/source/en/img/install_environment_windows_wpi_install.png	1970-01-01 00:00:00 +0000 and manual/source/en/img/install_environment_windows_wpi_install.png	2015-01-09 11:27:10 +0000 differ
 === modified file 'manual/source/en/install_environment.md'
 --- manual/source/en/install_environment.md	2014-10-30 12:30:48 +0000
 +++ manual/source/en/install_environment.md	2015-01-09 11:27:10 +0000
@@ -1,141 +1,9 @@
  <!--toc=getting_started-->
  # Choosing your Environment
--
--## <span id="Install_on_Linux"> Install on Linux </span>
--
--Linux makes a good home for a Xibo server. All of the software it needs to support it is provided by the major Linux distributions. We'll cover Ubuntu in detail here, as it's what I use. There are some notes further down for other distributions, however the whole procedure is very similar.
--
--###  <span id="Setup_Apache_and_PHP"> Setup Apache and PHP </span>
--
--####  <span id="Ubuntu"> Ubuntu </span>
--
--*   Install Apache 2.x Webserver
--```
-- sudo apt-get install apache2
--```
--
--*   Install MySQL Server
--```
-- sudo apt-get install mysql-server
--```
--
--*   Install PHP5&#160;:
--```
-- sudo apt-get install php5 php5-mysql php5-gd
--```
--
--_On Ubuntu, DOM, libXML, gettext and JSON extension is already compiled on PHP5_
--
--*   Restart Apache 2 Webserver if necessary
--```
-- sudo /etc/init.d/apache2 restart
--```
--
--####  <span id="CentOS_5.x_.2F_Redhat_RHEL_5.x"> CentOS 5.x / Redhat RHEL 5.x </span>
--
--JSON extension is not include in CentOS 5.x or Redhat RHEL 5.x but you can install it with this steps&#160;:
--
--*   Install JSON PHP Extension
--```
-- yum install php-devel
--```
--
--_If you have more than 8MB of memory limit for PHP, install with PEAR&#160;:_
--
--```
-- pear install pecl/json
--```
--
--_If you have less than 8MB of memory limit for PHP, PEAR failed to install... Use PECL&#160;: _
--
--```
-- pecl install json
--```
--
--*   Active JSON extension&#160;:
--```
-- vim /etc/php.d/json.ini
--```
--```
-- # Json Extension
-- extension=json.so
--```
--
--*   Save file and restart the Apache webserver&#160;:
--```
-- /etc/init.d/httpd restart
--```
--
--####  <span id="SuSe"> SuSe </span>
--
--*   during web install library location says 'full path' but means relative to document root on suse linux
--```
--for me this is /srv/www/htdocs/xlib   in the box for full path, i put "xlib"
--```
--
--###  <span id="Install_Xibo"> Install Xibo </span>
--
--*   Extract the tarball you downloaded inside your webserver's document root (eg /var/www/xibo) and ensure the webserver has permissions to read and write those files:
--```
-- cd /var/www
-- sudo tar zxvf ~/xibo-1.0.5-server.tar.gz
-- sudo mv xibo-1.0.5-server xibo
-- sudo chown www-data.www-data -R xibo
--```
--
--*   Make a directory for the server library. Make sure the webserver has permission to write to this location:
--```
-- sudo mkdir /xibo-library
-- sudo chown www-data.www-data -R /xibo-library
--```
--
--*   You should now use a webbrowser to visit your webserver - eg [http://myserver/xibo](http://myserver/xibo)
--
--*   The process is fairly self explanatory. Follow the final part of the [Windows instructions](install_cms.html) for greater detail.
--
--##  <span id="Install_on_Windows"> Install on Windows </span>
--
--This Windows install guide is focused mainly on someone who wants to use a Windows PC to be the server as well as the client, or perhaps has a spare Windows XP machine to use as a server. The instructions should work equally well on Windows Server operating systems.
--
--Xibo should also run under IIS, however it's not a platform the Xibo development team currently tests with. If you know your way around IIS, then the latter half of this guide plus the "What you need to know!" section should get you going.
--
--###  <span id="Install_the_Webserver_.28XAMPP.29"> Install the Webserver (XAMPP) </span>
--
--We'll be using XAMPP to install Apache, MySQL, PHP (amongst other things) to support Xibo. This is convenient as it provides the whole system in a single installer, and can be un-installed via Add/Remove Programs at a later date if required. If you already have XAMPP installed, you can skip to the next section.
--
--You can download XAMPP from [Apache Friends](http://www.apachefriends.org/en/xampp.html). You need to download the full XAMPP Installer package for Windows systems. Save it to the Desktop.
--
--Once XAMPP Installer has downloaded, double click on it to run it. You may be prompted to allow the installer to run as the publisher could not be verified. Click "Run".
--
--You should get to the start of the install wizard.
--
--![](img/install_environment_Win32_xampp_install_start.jpg)
--
--By default, XAMPP installs to "c:\xampp". Unless you need to move it somewhere else, then that's a good choice. If you do select a different directory, remember it for the next step when we install Xibo.  Click Install.
--The installer will now run, and extract a number of files.  When it finishes, it will bring you to a command prompt.
--
--You'll now be asked a few questions about how XAMPP should install itself.  At the following prompts, you may select all default options.
--
--![](img/install_environment_Capture-2.jpg)
--![](img/install_environment_Capture-3.jpg)
--![](img/install_environment_Capture-4.jpg)
--![](img/install_environment_Capture-6.jpg)
--
--Once the installation scripts complete, you should choose option 1 to load the XAMPP Control Panel. It should open up, and if everything went to plan, look like the screen shot.
--
--![](img/install_environment_Control_Panel_Running.jpg)
--
--At this point, you need to check the boxes next to "Svc" for both Apache and MySql.  As you click each, it will prompt you to install the service for that item.  Click OK.  Then click the "Start" button on each of these items as well.
--Your screen should now look like the below:
--
--![](img/install_environment_Configured_Control_Panel.jpg)
--
--Before we install Xibo, we need to configure a few things on XAMPP to make it a bit more secure. From the XAMPP Control Panel, click the "Admin" button next to MySQL. This will load a web browser and take you to an application called PHPMyAdmin that was installed along with XAMPP. It will let us setup a password for the "root" MySQL account. The "root" account on MySQL has privileges to add new users, create databases etc so needs to have a strong password.
--
--From the PHPMyAdmin screen, click "Privileges" at the top of the screen. You'll see the database users that exist already listed. We're interested in the one called "root" that has "localhost" in the "Host" column. Click the blue "Edit Privileges" symbol to the right of the word "Yes".
--
--![](img/install_environment_Win32_phpmyadmin_privileges.png)
--
--Scroll down the page until you find the "Change Password" box. Enter a new password in both the password boxes and click "Go". On a piece of paper, write down "MySQL Admin User details. Username: root Password:" followed by the password you just chose. We'll need these later!
--
--![](img/install_environment_Win32_phpmyadmin_password.png)
 \ No newline at end of file
++The [[PRODUCTNAME]] CMS can be run on any operating system that supports PHP/MySQL, the most common installation being "LAMP" (Linux, Apache, MySQL and PHP).
++
++The following pages contain basic guides to configuring the most common environments.
++
++- [Install on Linux](install_environment_linux.html)
++- [Install on Windows using XAMPP](install_environment_windows_xampp.html)
++- [Install on Windows using IIS](install_environment_windows_iis.html)
 \ No newline at end of file
 === added file 'manual/source/en/install_environment_linux.md'
 --- manual/source/en/install_environment_linux.md	1970-01-01 00:00:00 +0000
 +++ manual/source/en/install_environment_linux.md	2015-01-09 11:27:10 +0000
@@ -0,0 +1,93 @@
++<!--toc=getting_started-->
++#<span id="Install_on_Linux"> Install on Linux </span>
++
++Linux makes a good home for a Xibo server. All of the software it needs to support it is provided by the major Linux distributions. We'll cover Ubuntu in detail here, as it's what I use. There are some notes further down for other distributions, however the whole procedure is very similar.
++
++###  <span id="Setup_Apache_and_PHP"> Setup Apache and PHP </span>
++
++####  <span id="Ubuntu"> Ubuntu </span>
++
++*   Install Apache 2.x Webserver
++```
++ sudo apt-get install apache2
++```
++
++*   Install MySQL Server
++```
++ sudo apt-get install mysql-server
++```
++
++*   Install PHP5&#160;:
++```
++ sudo apt-get install php5 php5-mysql php5-gd
++```
++
++_On Ubuntu, DOM, libXML, gettext and JSON extension is already compiled on PHP5_
++
++*   Restart Apache 2 Webserver if necessary
++```
++ sudo /etc/init.d/apache2 restart
++```
++
++####  <span id="CentOS_5.x_.2F_Redhat_RHEL_5.x"> CentOS 5.x / Redhat RHEL 5.x </span>
++
++JSON extension is not include in CentOS 5.x or Redhat RHEL 5.x but you can install it with this steps&#160;:
++
++*   Install JSON PHP Extension
++```
++ yum install php-devel
++```
++
++_If you have more than 8MB of memory limit for PHP, install with PEAR&#160;:_
++
++```
++ pear install pecl/json
++```
++
++_If you have less than 8MB of memory limit for PHP, PEAR failed to install... Use PECL&#160;: _
++
++```
++ pecl install json
++```
++
++*   Active JSON extension&#160;:
++```
++ vim /etc/php.d/json.ini
++```
++```
++ # Json Extension
++ extension=json.so
++```
++
++*   Save file and restart the Apache webserver&#160;:
++```
++ /etc/init.d/httpd restart
++```
++
++####  <span id="SuSe"> SuSe </span>
++
++*   during web install library location says 'full path' but means relative to document root on suse linux
++```
++for me this is /srv/www/htdocs/xlib   in the box for full path, i put "xlib"
++```
++
++###  <span id="Install_Xibo"> Install Xibo </span>
++
++*   Extract the tarball you downloaded inside your webserver's document root (eg /var/www/xibo) and ensure the webserver has permissions to read and write those files:
++```
++ cd /var/www
++ sudo tar zxvf ~/xibo-1.0.5-server.tar.gz
++ sudo mv xibo-1.0.5-server xibo
++ sudo chown www-data.www-data -R xibo
++```
++
++*   Make a directory for the server library. Make sure the webserver has permission to write to this location:
++```
++ sudo mkdir /xibo-library
++ sudo chown www-data.www-data -R /xibo-library
++```
++
++*   You should now use a webbrowser to visit your webserver - eg [http://myserver/xibo](http://myserver/xibo)
++
++*   The process is fairly self explanatory. Follow the final part of the [Windows instructions](install_cms.html) for greater detail.
++
 === added file 'manual/source/en/install_environment_windows_iis.md'
 --- manual/source/en/install_environment_windows_iis.md	1970-01-01 00:00:00 +0000
 +++ manual/source/en/install_environment_windows_iis.md	2015-01-09 11:27:10 +0000
@@ -0,0 +1,195 @@
++<!--toc=getting_started-->
++# Install on Windows using IIS
++This guide is written by Piermaria Spinazzola.
++
++## Install Internet Information Services (IIS) Manager
++If you are using Windows Server youâ€™ll need to install the role from "Server Manager".
++
++On Windows 7 and 8, open "Windows Features" and tick the box next to:
++1. Internet Information Services
++
++2. Web Management Tools
++
++3. World Wide Web Services (With all Sub-Features)
++
++4. Internet Information Services Hostable Web Core (With all Sub-Features)
++![IIS Manager Install](img/install_environment_windows_iismgr_install.png)
++
++    Click OK, wait for the features to be installed and when finished reboot windows.
++
++## Install PHP
++To get started go on: [http://php.iis.net](http://php.iis.net), You will be prompted to the Microsoft IIS page for PHP.
++
++1. Click on install and when prompted on Run and start the installation using the Microsoft Web Platform Installer.
++![WPI Install](img/install_environment_windows_wpi_install.png)
++    If WPI is already installed, just open on IIS and click on the icon under management.
++![Step 1](img/install_environment_windows_php_install_step1.png)
++
++2. Click on install a screen like the one below should appear, check that all components have been selected for installation.
++![Step 2](img/install_environment_windows_php_install_step2.png)
++
++3. At the end of the setup, click on Finish to exit the installer.
++![Step 3](img/install_environment_windows_php_install_step3.png)
++
++4. Close IIS
++
++5. Go in the PHP installation folder, should be:
++
++    C:\Program Files (x86)\PHP\v5.3
++    Look for a file called "php.ini" is the php configuration file, once located, open it with text editor:
++
++    By scrolling or searching the following strings of text check that the values are the ones shown below.
++
++        ```
++        fastcgi.impersonate = 1
++        fastcgi.logging = 0
++        cgi.fix_pathinfo=1
++        cgi.force_redirect = 0
++        ```
++
++6. Open IIS
++
++7. Click on Sites and Default Web Site
++![Step 4](img/install_environment_windows_php_install_step4.png)
++
++8. Click on PHP Manager
++![Step 5](img/install_environment_windows_php_install_step5.png)
++
++9. Click on Default Document and check that index.php is enabled.
++
++10. Go back and click on "Handler Mappings", if you can't see the line:
++![Step 6](img/install_environment_windows_php_install_step6.png)
++
++11. Click on "Add Module Mapping" and enter the following in the dialog:
++
++        ```
++        Request path: *.php
++        Module: FastCgiModule
++        Executable: C:\[Path to PHP installation]\php-cgi.exe
++        Name: PHP_via_FastCGI
++        ```
++
++12. Click "Request Restrictions" button and then configure the mapping to invoke handler only if request is mapped to a file or a folder;
++
++13. Go Back to Default Web Site and click on PHP Manager and click on "Enable or Disable and Extension" and in the actions pane click on "Open php.ini". Find the [ExtensionList] and add:
++
++    a. extension=php_fileinfo.dll, or if the line is present, remove the ";" at the beginning.
++
++    b. extension=php_mcrypt.dll, or if the line is present, remove the ";" at the beginning.
++
++    c. Check that php_gd2.dll and php_mbstring.dll are both present.
++    You probably want to allow larger files to be uploaded than is currently available with your default PHP configuration.
++
++    d. Find the upload_max_filesize line and set with a value > 128M if you want to upload files into [[PRODUCTNAME]] bigger than the default size.
++
++    e. Find the post_max_size line and set with a value > 128M if you want to post files into [[PRODUCTNAME]] bigger than the default size.
++
++    f. Find the max_execution_time line and set with a value > 120 this in order to limit the maximum exectuion time of each script, the values is in seconds.
++
++14. Now Save the file using the same extension, close the text editor.
++15. Press Win + R and type iisreset.exe and hit enter.
++
++## Install MySQL
++[[PRODUCTNAME]] Performs better on MySQL Community Server Edition, I strongly suggest to use this version rather than MySQL Server.
++
++1. Go on http://dev.mysql.com/downloads/ and download the MyQL Community Server MSI installer.
++
++2. Once downloaded the installer, run it.
++
++3. Select the right installation for you, as for [[PRODUCTNAME]] we need on MySQL server, I will install the Server Only package.
++![Step 1](img/install_environment_windows_mysql_install_step1.png)
++
++4. Once Done, click next and select the right configuration for you server, for this tutorial as I assumed that server is shared with other services iâ€™ve selected "Server Machine" as configuration type.
++![Step 2](img/install_environment_windows_mysql_install_step2.png)
++
++    Tick the box "Show Advanced Options" and click next
++
++5. The next step is to set the "root" password, you can also create further users, with different responsibilities.
++    Write down and store safely the "root" password you will always need it to let [[PRODUCTNAME]] access the my sql server and create a new DB.
++![Step 3](img/install_environment_windows_mysql_install_step3.png)
++
++6. Once done click next.
++
++7. Configure the Windows Service
++![Step 4](img/install_environment_windows_mysql_install_step4.png)
++
++    Check that the MySQL server will run as a windows Service, if needed you can personalise the name.
++    If the service needs to be run with a different account select it now otherwise keep the radio button on standard.
++    TIP: in Windows Domain is good practice to create special windows account for special services.
++
++8. Once done click next.
++
++9. Configure Advanced Options:
++![Step 5](img/install_environment_windows_mysql_install_step5.png)
++
++    In this page you can disable or enable the service logs and rename them.
++    If youâ€™re happy with the basic settings, click next.
++
++10. Apply Server Configuration
++
++    The installer will now apply the selected configuration.
++
++11. Click Finish to exit the installer configurator.
++
++12. Now Click next again and then finish.
++
++## Install PHP My Admin
++PHPmyAdmin is a third party graphic interface for the MySQL server, this is not essential but useful if you want to manage and have a look at your MySQL Databases.
++
++1. Go at: http://www.phpmyadmin.net/home_page/downloads.php and download the latest version, save it on your disk.
++
++2. Once downloaded, open the Zip file and copy the content in your IIS default site folder, usually: "C:\inetpub\wwwroot"
++![Step 1](img/install_environment_windows_phpmyadmin_install_step1.png)
++
++3. Rename the folder with the following name: phpmyadmin and hit enter
++
++4. Open IIS
++
++5. Click on "Default Site" and right click on the "phpMyAdmin" Folder and from the drop down menu select "Convert to Application"
++![Step 2](img/install_environment_windows_phpmyadmin_install_step2.png)
++
++6. You can leave the default settings and click OK.
++![Step 3](img/install_environment_windows_phpmyadmin_install_step3.png)
++
++7. Now go to the directory that you copied the unzipped PHPMyAdmin folder to and open a file namedÂ config.sample.inc.phpÂ using WordPad
++
++8. Find the lineÂ $cfg[â€˜blowfish_secretâ€™] = â€˜Valueâ€™;Â you have to fill in this line with anything that you want.
++    Tips: The maximum number of characters is 46 and it can be alphanumeric.
++![Step 4](img/install_environment_windows_phpmyadmin_install_step4.png)
++
++9. Go down to the sectionÂ User for advanced featuresÂ and uncomment (Remove theÂ //Â from the front of the line) the two lines under that and change theÂ pmapassÂ to a different password, I will use password.
++![Step 5](img/install_environment_windows_phpmyadmin_install_step5.png)
++
++10. Next, go down to the next sectionÂ Storage database and tablesÂ and uncomment all the lines under it, unless you want to disable access to Database areas (remove theÂ //Â from the front of the line).
++![Step 6](img/install_environment_windows_phpmyadmin_install_step6.png)
++
++11. Now save and close the file.
++
++12. Open your browser and go to: http://localhost/phpmyadmin/
++
++13. You should now see the following page:
++    To login use your "root" username and password to get access.
++
++![Step 7](img/install_environment_windows_phpmyadmin_install_step7.png)
++
++## Install [[PRODUCTNAME]]
++1. Download the latest version of [[PRODUCTNAME]] from the website [[PRODUCTHOME]], save it on your disk.
++
++2. Once downloaded, open the Zip file and copy the content in your IIS default site folder, should be: "C:\inetpub\wwwroot"
++
++3. Rename the folder just copied with the following name: [[PRODUCTNAME]]
++![Step 1](img/install_environment_windows_cms_install_step1.png)
++
++4. Open IIS
++
++5. Click on "Default Site" and right click on the "[[PRODUCTNAME]]" Folder and from the drop down menu select "Convert to Application"
++![Step 2](img/install_environment_windows_cms_install_step2.png)
++
++6. You can leave the default settings and click OK.
++![Step 3](img/install_environment_windows_cms_install_step3.png)
++
++7. Now open your browser and type the following address http://localhost/[[PRODUCTNAME]]/ and follow the CMS installation guide you can find on the website.
++
++```
++Rev 30.11.2014 v.1.0 â€“ IIS 8.5, MySQL 5.6.21 Community Server Edition, PHP 5.3, Windows Server 2012.
++```
 \ No newline at end of file
 === added file 'manual/source/en/install_environment_windows_xampp.md'
 --- manual/source/en/install_environment_windows_xampp.md	1970-01-01 00:00:00 +0000
 +++ manual/source/en/install_environment_windows_xampp.md	2015-01-09 11:27:10 +0000
@@ -0,0 +1,47 @@
++<!--toc=getting_started-->
++#  <span id="Install_on_Windows"> Install on Windows </span>
++
++This Windows install guide is focused mainly on someone who wants to use a Windows PC to be the server as well as the client, or perhaps has a spare Windows XP machine to use as a server. The instructions should work equally well on Windows Server operating systems.
++
++Xibo should also run under IIS, however it's not a platform the Xibo development team currently tests with. If you know your way around IIS, then the latter half of this guide plus the "What you need to know!" section should get you going.
++
++###  <span id="Install_the_Webserver_.28XAMPP.29"> Install the Webserver (XAMPP) </span>
++
++We'll be using XAMPP to install Apache, MySQL, PHP (amongst other things) to support Xibo. This is convenient as it provides the whole system in a single installer, and can be un-installed via Add/Remove Programs at a later date if required. If you already have XAMPP installed, you can skip to the next section.
++
++You can download XAMPP from [Apache Friends](http://www.apachefriends.org/en/xampp.html). You need to download the full XAMPP Installer package for Windows systems. Save it to the Desktop.
++
++Once XAMPP Installer has downloaded, double click on it to run it. You may be prompted to allow the installer to run as the publisher could not be verified. Click "Run".
++
++You should get to the start of the install wizard.
++
++![](img/install_environment_Win32_xampp_install_start.jpg)
++
++By default, XAMPP installs to "c:\xampp". Unless you need to move it somewhere else, then that's a good choice. If you do select a different directory, remember it for the next step when we install Xibo.  Click Install.
++The installer will now run, and extract a number of files.  When it finishes, it will bring you to a command prompt.
++
++You'll now be asked a few questions about how XAMPP should install itself.  At the following prompts, you may select all default options.
++
++![](img/install_environment_Capture-2.jpg)
++![](img/install_environment_Capture-3.jpg)
++![](img/install_environment_Capture-4.jpg)
++![](img/install_environment_Capture-6.jpg)
++
++Once the installation scripts complete, you should choose option 1 to load the XAMPP Control Panel. It should open up, and if everything went to plan, look like the screen shot.
++
++![](img/install_environment_Control_Panel_Running.jpg)
++
++At this point, you need to check the boxes next to "Svc" for both Apache and MySql.  As you click each, it will prompt you to install the service for that item.  Click OK.  Then click the "Start" button on each of these items as well.
++Your screen should now look like the below:
++
++![](img/install_environment_Configured_Control_Panel.jpg)
++
++Before we install Xibo, we need to configure a few things on XAMPP to make it a bit more secure. From the XAMPP Control Panel, click the "Admin" button next to MySQL. This will load a web browser and take you to an application called PHPMyAdmin that was installed along with XAMPP. It will let us setup a password for the "root" MySQL account. The "root" account on MySQL has privileges to add new users, create databases etc so needs to have a strong password.
++
++From the PHPMyAdmin screen, click "Privileges" at the top of the screen. You'll see the database users that exist already listed. We're interested in the one called "root" that has "localhost" in the "Host" column. Click the blue "Edit Privileges" symbol to the right of the word "Yes".
++
++![](img/install_environment_Win32_phpmyadmin_privileges.png)
++
++Scroll down the page until you find the "Change Password" box. Enter a new password in both the password boxes and click "Go". On a piece of paper, write down "MySQL Admin User details. Username: root Password:" followed by the password you just chose. We'll need these later!
++
++![](img/install_environment_Win32_phpmyadmin_password.png)
 \ No newline at end of file
 === modified file 'manual/source/en/release_notes.md'
 --- manual/source/en/release_notes.md	2014-11-25 14:27:02 +0000
 +++ manual/source/en/release_notes.md	2015-01-09 11:27:10 +0000
@@ -5,6 +5,7 @@
  The current release notes are [[[PRODUCTVERSION]]](release_notes_[[PRODUCTVERSION]].html).
  ## Version 1.7 "Tuttle"
++* [1.7.0-rc1](release_notes_1.7.0-rc1.html)
  * [1.7.0-beta](release_notes_1.7.0-beta.html)
  * [1.7.0-alpha2](release_notes_1.7.0-alpha2.html)
  * [1.7.0-alpha](release_notes_1.7.0-alpha.html)
 === added file 'manual/source/en/release_notes_1.7.0-rc1.md'
 --- manual/source/en/release_notes_1.7.0-rc1.md	1970-01-01 00:00:00 +0000
 +++ manual/source/en/release_notes_1.7.0-rc1.md	2015-01-09 11:27:10 +0000
@@ -0,0 +1,53 @@
++<!--toc=getting_started-->
++# Xibo 1.7.0-beta - Codename "Tuttle"</span>
++
++This is a release candidate for Xibo working towards the release of Xibo 1.7.0, the next stable line of Xibo released. **This should NOT BE USED IN PRODUCTION.**.
++
++You can download this release from [https://launchpad.net/xibo/1.7/1.7.0-rc1](https://launchpad.net/xibo/1.7/1.7.0-rc1)
++
++This release builds on 1.7.0-beta, optimizing the improvements already made, fixing bugs and adding a few additional features. The most notable improvements are installable weather and twitter modules.
++
++## Requirements
++
++You must use the 1.7.0-rc1 or higher version of the Windows Display Client with this version of the Xibo CMS. The Ubuntu Client is not currently compatible with 1.7 series.
++
++Xibo requires PHP 5.3.3 or higher. A full list of module requirements is presented at the point of installation.
++
++### Layout Design
++The Layout format has been changed in 1.7 release and this beta contains a method of upgrading older Layouts to the new format. When viewing an older layout a notification will appear below the layout in the designer. Upgrading a Layout will alter the dimensions of the layout so that they match a particular resolution - it will **not** resize the media content and this will have to be done manually.
++
++### Xibo for Windows
++
++There are significant changes to the way display client settings are managed. All settings are now managed on the CMS except the settings required to connect to the CMS. You will need to manually migrate your settings into the CMS - we have provided sensible default values. See [display settings](index.php?toc=user_and_display&p=admin/displayprofiles) in the manual for more information.
++
++The .NET Framework requirement has been raised to v4.
++
++## Upgrading
++
++There are significant database schema changes between the 1.7 series of Xibo and prior releases. The upgrade wizard will take a prior database and convert it to a schema suitable for the 1.7 series to date. Note that this is a one-way conversion. **Please do not upgrade your production database to test Xibo 1.7 functionality, and then expect to run a prior series code base against that database.**
++
++*   Clone your existing Xibo database and grant permissions (see [Release Notes:Clone Database](release_notes_clonedb.html "Clone Database") for details)
++*   Backup settings.php from your installation
++*   Manually take a backup of your database
++*   Replace your existing installation with the new version from the tar.gz or zip file. **Do not copy over the top.**
++*   Replace your backup settings.php file in your Xibo installation directory
++*   Browse to [http://your.server/path](http://your.server/path) as normal
++*   You will be prompted that an upgrade is required.
++*   Enter your xibo_admin password, and follow the upgrade wizard.
++*   The upgrade should run, and finally ask you to log in as you would normally.
++
++Instructions for cloning a Xibo database are available here [Clone Database](release_notes_clonedb.html "Clone Database").
++
++## Help
++
++Please ask for help / advice in the Answers section of Launchpad: [https://answers.launchpad.net/xibo](https://answers.launchpad.net/xibo)
++
++Please report any bugs in the Bugs section of Launchpad: [https://bugs.launchpad.net/xibo](https://bugs.launchpad.net/xibo) (if you're not sure that what you have found is a bug, please ask in the Answers section first!)
++
++Please report any enhancement requests in the Blueprints section of Launchpad: [https://blueprints.launchpad.net/xibo](https://blueprints.launchpad.net/xibo)
++
++When asking for assistance with this release, please make it clear that you're using the development preview and not a stable release of Xibo.
++
++## Bug Fixes
++
++For a full list of bug fixes please refer to the Release Project Page: [https://launchpad.net/xibo/1.7/1.7.0-rc1](https://launchpad.net/xibo/1.7/1.7.0-rc1)
 \ No newline at end of file
 === added file 'manual/source/fr/tour.md'
 --- manual/source/fr/tour.md	1970-01-01 00:00:00 +0000
 +++ manual/source/fr/tour.md	2015-01-09 11:27:10 +0000
@@ -0,0 +1,65 @@
++<!--toc=tour-->
++#Vue d'ensemble de la plate-forme
++
++[[PRODUCTNAME]] est une application puissante et flexible dotée d'un noyau "ethos", dédiée à l'affichage dynamique, dont il est important de comprendre le fondement.
++
++Une solution [[PRODUCTNAME]] s'appuie sur quatre éléments:
++
++*   Les afficheurs
++*   Les medias
++*   Les présentations
++*   La planification
++
++Que faut-il entendre par là ? Fondamentalement, [[PRODUCTNAME]] permet à de multiples afficheurs de diffuser des medias sur un grand nombre de présentations d'écran différentes, planifiés dans le temps.
++
++Ce manuel comprend des sections traitant de chacun de ces éléments, mais pour commencer examinons-les brièvement.
++
++
++###Les afficheurs
++Il s'agit de l'équipement relié à l'écran de télévision, de projecteur et de tablette qui diffusent réellement le contenu final. En d'autres termes, les afficheurs pilotent le contenu que les gens regarderont. Chaque afficheur a sa propre identification auprès du CMS de sorte qu'un contenu, une présentation et une planification spécifique peuvent lui être attribués. Chacun d'eux peut aussi être identifié à des fins statistiques.
++
++###Les medias
++Le contenu du media constitue la clé de voûte d'une solution [[PRODUCTNAME]] et de nombreux types de contenu peuvent être utilisés. Ils se répartissent généralement en deux catégories. Le fichier média, chargé et stocké dans la bibliothèque, et le média de présentation auquel n'est pas associé de fichier mais qui au contraire est configuré directement à partir d'un modèle. Une image ou une vidéo correspond à un média de la bibliothèque et un flux RSS ou des données texte correspondent à des médias de présentation.
++
++###Présentations
++Il s'agit de la présentation qui apparaît à l'écran. [[PRODUCTNAME]] permet de partager l'écran en différentes régions, chacune disposant de son propre déroulé chronologique pour la lecture des médias. Une présentation demeure à l'écran jusqu'à ce que les déroulés chronologiques aient été lus en entier, ensuite, on pourra charger une présentation totalement nouvelle, dotée de tailles et d'emplacements différents pour les régions ainsi que de chronologies différentes. Cette flexibilité est à l'origine du comportement dynamique d'un écran d'affichage [[PRODUCTNAME]].
++
++###Planification
++Lorsque les afficheurs ont été enregistrés, que le contenu d'un media est téléchargé et que les présentations sont conçues, il est temps de les assembler et de planifier les présentations sur les afficheurs. Chaque afficheur vérifie régulièrement les nouveaux contenus planifiés et télécharge les éléments planifiés avant leur reproduction. La planification est extrêmement flexible et peut s'effectuer par afficheur ou par groupes spécifiques, par présentations et campagnes spécifiques et de façon récurrente. Chaque afficheur dispose d'une présentation par défaut qui apparaît si rien d'autre n'est planifié.
++
++## Contenu - que peut afficher [[PRODUCTNAME]]?
++
++[[PRODUCTNAME]] peut lire un grand nombre de contenus sur fichier ainsi que des contenus depuis internet.
++
++*   Texte
++*   Images
++*   Vidéo
++*   PowerPoint (client d'affichage Windows uniquement)
++*   Flash (client d'affichage Windows uniquement)
++*   RSS / Atom
++*   Fichier CSV (formatés)
++*   Pages Web
++*   Contenu personnalisé intégré
++
++On trouvera sur le site web de [[PRODUCTNAME]] une liste complète des fonctionnalités.
++
++## CMS - Comment gérer tout cela?
++
++La gestion d'une solution aussi souple que [[PRODUCTNAME]] nécessite un puissant CMS (content management system = système de gestion de contenu) pour offrir ces fonctions fondamentales de façon rationnelle et maîtrisée. Le CMS de [[PRODUCTNAME]] est doté de fonctionnalités telles que:
++
++*   Groupes d'utilisateurs
++*   Définition de droits d'accès pour utilisateurs et groupes
++*   Groupes d'afficheurs
++*   Définition de droits d'accès pour des groupes d'afficheurs
++*   Définition de droits d'accès aux menus et aux pages
++*   Campagnes (groupes de présentations ordonnés)
++*   Modèles de présentations
++*   Statistiques concernant les afficheurs
++
++## Le Manuel
++
++Ce manuel est structuré en sections correspondant globalement aux principes de base et aux fonctions les plus évoluées du CMS. Nous commençons par la bibliothèque, les présentations et la planification, pour passer ensuite à la gestion des afficheurs et aux options pour utilisateurs et développeurs.
++
++
++## Plus d'informations
++Le site web de [[[PRODUCTNAME]] ]([[PRODUCTHOME]]) est une excellente ressource pour en savoir plus car il s'agit du site de la communauté d'utilisateurs (PRODUCTSUPPORTURL) pour la plate-forme.
 === modified file 'manual/template/template.php'
 --- manual/template/template.php	2014-10-27 18:25:50 +0000
 +++ manual/template/template.php	2015-01-09 11:27:10 +0000
@@ -1,9 +1,29 @@
  <?php
++/*
++ * Xibo - Digital Signage - http://www.xibo.org.uk
++ * Copyright (C) 2006-2014 Spring Signage Ltd
++ *
++ * This file is part of Xibo.
++ *
++ * Xibo is free software: you can redistribute it and/or modify
++ * it under the terms of the GNU Affero General Public License as published by
++ * the Free Software Foundation, either version 3 of the License, or
++ * any later version.
++ *
++ * Xibo is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ * GNU Affero General Public License for more details.
++ *
++ * You should have received a copy of the GNU Affero General Public License
++ * along with Xibo.  If not, see <http://www.gnu.org/licenses/>.
++ */
++
  # Name of the product
  define('PRODUCT_NAME', 'Xibo');
  # Product Version
--define('PRODUCT_VERSION', '1.7.0-beta');
++define('PRODUCT_VERSION', '1.7.0');
  # Home page URL
  define('PRODUCT_HOME', 'http://xibo.org.uk');
 === modified file 'server/config/client.config.php'
 --- server/config/client.config.php	2014-11-14 15:43:58 +0000
 +++ server/config/client.config.php	2015-01-09 11:27:10 +0000
@@ -285,7 +285,7 @@
                          'fieldType' => 'checkbox',
                          'default' => 0,
                          'helpText' => __('When enabled the client will send the current layout to the CMS each time it changes. Warning: This is bandwidth intensive and should be disabled unless on a LAN.'),
--                        'enabled' => true,
++                        'enabled' => Theme::GetConfig('client_sendCurrentLayoutAsStatusUpdate_enabled', true),
                          'groupClass' => NULL
                      ),
                      array(
@@ -296,7 +296,7 @@
                          'fieldType' => 'number',
                          'default' => 0,
                          'helpText' => __('The duration between status screen shots in minutes. 0 to disable. Warning: This is bandwidth intensive.'),
--                        'enabled' => true,
++                        'enabled' => Theme::GetConfig('client_screenShotRequestInterval_enabled', true),
                          'groupClass' => NULL
+                     )
+                 )
@@ -471,6 +471,28 @@
                          'helpText' => __('Store all HTML resources on the Internal Storage? Should be selected if the device cannot display text, ticker, dataset media.'),
                          'enabled' => true,
                          'groupClass' => NULL
++                    ),
++                    array(
++                        'name' => 'sendCurrentLayoutAsStatusUpdate',
++                        'tabId' => 'advanced',
++                        'title' => __('Notify current layout'),
++                        'type' => _CHECKBOX,
++                        'fieldType' => 'checkbox',
++                        'default' => 0,
++                        'helpText' => __('When enabled the client will send the current layout to the CMS each time it changes. Warning: This is bandwidth intensive and should be disabled unless on a LAN.'),
++                        'enabled' => Theme::GetConfig('client_sendCurrentLayoutAsStatusUpdate_enabled', true),
++                        'groupClass' => NULL
++                    ),
++                    array(
++                        'name' => 'screenShotRequestInterval',
++                        'tabId' => 'advanced',
++                        'title' => __('Screen shot interval'),
++                        'type' => _INT,
++                        'fieldType' => 'number',
++                        'default' => 0,
++                        'helpText' => __('The duration between status screen shots in minutes. 0 to disable. Warning: This is bandwidth intensive.'),
++                        'enabled' => Theme::GetConfig('client_screenShotRequestInterval_enabled', true),
++                        'groupClass' => NULL
+                     )
+                 )
+             )
 === modified file 'server/install/database/60.sql'
 --- server/install/database/60.sql	2013-05-01 19:24:35 +0000
 +++ server/install/database/60.sql	2015-01-09 11:27:10 +0000
@@ -32,6 +32,19 @@
  INSERT INTO `pages` (`pageID`, `name`, `pagegroupID`) VALUES (NULL, 'timeline', '3');
++/* Get all of the current permission links between pages in the Layouts group and add a duplicate for the new time line page  */
++INSERT INTO `lkpagegroup` (`pageID`, `groupID`)
++SELECT DISTINCT newpage.pageID, lkpagegroup.groupID
++  FROM `lkpagegroup`
++    INNER JOIN `pages`
++    ON pages.pageID = lkpagegroup.pageID
++    CROSS JOIN (
++      SELECT pageID
++        FROM `pages`
++       WHERE `name` = 'timeline'
++    ) newpage
++   WHERE pages.pagegroupID = 3;
++
  UPDATE `module` SET `ImageUri` = REPLACE(ImageUri, 'img/forms/', 'forms/') WHERE ImageUri IS NOT NULL;
  UPDATE `menuitem` SET `Img` = REPLACE(Img, 'img/dashboard/', 'dashboard/') WHERE Img IS NOT NULL;
 === modified file 'server/install/database/80.sql'
 --- server/install/database/80.sql	2014-11-24 15:49:49 +0000
 +++ server/install/database/80.sql	2015-01-09 11:27:10 +0000
@@ -45,7 +45,7 @@
  ALTER TABLE  `layout` CHANGE  `background`  `backgroundImageId` INT( 11 ) NULL DEFAULT NULL;
  INSERT INTO `lklayoutmedia` (mediaid, layoutid, regionid)
--SELECT backgroundimageid, layoutid, 'background' FROM `layout` WHERE IFNULL(backgroundImageId, 0) <> 0;
++SELECT backgroundimageid, layoutid, 'background' FROM `layout` INNER JOIN `media` ON media.mediaid = layout.backgroundImageId WHERE IFNULL(backgroundImageId, 0) <> 0;
  ALTER TABLE  `setting` CHANGE  `type`  `fieldType` VARCHAR( 24 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL;
 === modified file 'server/install/database/81.sql'
 --- server/install/database/81.sql	2014-11-11 21:42:27 +0000
 +++ server/install/database/81.sql	2015-01-09 11:27:10 +0000
@@ -1,6 +1,6 @@
  INSERT INTO  `setting` (`setting` ,`value` ,`fieldType` ,`helptext` ,`options` ,`cat` ,`userChange` ,`title` ,`validation` ,`ordering` ,`default` ,`userSee` ,`type`)
  VALUES (
-- 'DATE_FORMAT',  'Y-m-d',  'text',  'The Date Format to use when displaying dates in the CMS.', NULL ,  'regional',  '1',  'Date Format',  'required',  '30',  'Y-m-d',  '1',  'string'
++ 'DATE_FORMAT',  'Y-m-d H:i',  'text',  'The Date Format to use when displaying dates in the CMS.', NULL ,  'regional',  '1',  'Date Format',  'required',  '30',  'Y-m-d',  '1',  'string'
  );
  INSERT INTO  `setting` (`setting` ,`value` ,`fieldType` ,`helptext` ,`options` ,`cat` ,`userChange` ,`title` ,`validation` ,`ordering` ,`default` ,`userSee` ,`type`)
 === added file 'server/install/database/83.sql'
 --- server/install/database/83.sql	1970-01-01 00:00:00 +0000
 +++ server/install/database/83.sql	2015-01-09 11:27:10 +0000
@@ -0,0 +1,5 @@
++ALTER TABLE  `user` CHANGE  `UserName`  `UserName` VARCHAR( 50 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL;
++
++UPDATE `version` SET `app_ver` = '1.7.0-rc1', `XmdsVersion` = 4, `XlfVersion` = 2;
++UPDATE `setting` SET `value` = 0 WHERE `setting` = 'PHONE_HOME_DATE';
++UPDATE `version` SET `DBVersion` = '83';
 \ No newline at end of file
 === modified file 'server/install/master/data.sql'
 --- server/install/master/data.sql	2014-11-26 15:33:06 +0000
 +++ server/install/master/data.sql	2015-01-09 11:27:10 +0000
@@ -1,5 +1,5 @@
  INSERT INTO `version` (`app_ver`, `XmdsVersion`, `XlfVersion`, `DBVersion`) VALUES
--('1.7.0-beta', 4, 2, 82);
++('1.7.0-rc1', 4, 2, 83);
  INSERT INTO `group` (`groupID`, `group`, `IsUserSpecific`, `IsEveryone`) VALUES
  (1, 'Users', 0, 0),
@@ -236,7 +236,7 @@
  (44, 'MAINTENANCE_LOG_MAXAGE', '30', 'number', 'Maximum age for log entries. Set to 0 to keep logs indefinitely.', NULL, 'maintenance', 1, 'Max Log Age', '', 60, '30', 1, 'int'),
  (45, 'MAINTENANCE_STAT_MAXAGE', '30', 'number', 'Maximum age for statistics entries. Set to 0 to keep statistics indefinitely.', NULL, 'maintenance', 1, 'Max Statistics Age', '', 70, '30', 1, 'int'),
  (46, 'MAINTENANCE_ALERT_TOUT', '12', 'number', 'How long in minutes after the last time a client connects should we send an alert? Can be overridden on a per client basis.', NULL, 'maintenance', 1, 'Max Display Timeout', '', 80, '12', 1, 'int'),
--(47, 'SHOW_DISPLAY_AS_VNCLINK', '0', 'checkbox', 'Turn the display name in display management into a VNC link using the IP address last collected. The %s is replaced with the IP address. Leave blank to disable.', NULL, 'displays', 1, 'Display a VNC Link?', '', 30, '0', 1, 'checkbox'),
++(47, 'SHOW_DISPLAY_AS_VNCLINK', '0', 'text', 'Turn the display name in display management into a VNC link using the IP address last collected. The %s is replaced with the IP address. Leave blank to disable.', NULL, 'displays', '', 'Display a VNC Link?', '', 30, '', 1, 'string'),
  (48, 'SHOW_DISPLAY_AS_VNC_TGT', '_top', 'text', 'If the display name is shown as a link in display management, what target should the link have? Set _top to open the link in the same window or _blank to open in a new window.', NULL, 'displays', 1, 'Open VNC Link in new window?', '', 40, '_top', 1, 'string'),
  (49, 'MAINTENANCE_ALWAYS_ALERT', 'Off', 'dropdown', 'Should Xibo send an email if a display is in an error state every time the maintenance script runs?', 'On|Off', 'maintenance', 1, 'Send repeat Display Timeouts', '', 80, 'Off', 1, 'word'),
  (50, 'SCHEDULE_LOOKAHEAD', 'On', 'dropdown', 'Should Xibo send future schedule information to clients?', 'On|Off', 'general', 0, 'Send Schedule in advance?', '', 40, 'On', 1, 'word'),
@@ -263,7 +263,7 @@
  (71, 'PROXY_HOST', '', 'text', 'The Proxy URL', NULL, 'network', 1, 'Proxy URL', '', 10, '', 1, 'string'),
  (72, 'PROXY_PORT', '0', 'number', 'The Proxy Port', NULL, 'network', 1, 'Proxy Port', '', 20, '0', 1, 'int'),
  (73, 'PROXY_AUTH', '', 'text', 'The Authentication information for this proxy. username:password', NULL, 'network', 1, 'Proxy Credentials', '', 30, '', 1, 'string'),
--(74, 'DATE_FORMAT',  'Y-m-d',  'text',  'The Date Format to use when displaying dates in the CMS.', NULL ,  'regional',  '1',  'Date Format',  'required',  30,  'Y-m-d',  '1',  'string'),
++(74, 'DATE_FORMAT',  'Y-m-d H:i',  'text',  'The Date Format to use when displaying dates in the CMS.', NULL ,  'regional',  '1',  'Date Format',  'required',  30,  'Y-m-d',  '1',  'string'),
  (75, 'DETECT_LANGUAGE',  '1',  'checkbox',  'Detect the browser language?', NULL ,  'regional',  '1',  'Detect Language',  '',  40,  '1',  1,  'checkbox'),
  (76, 'DEFAULTS_IMPORTED', '0', 'text', 'Has the default layout been imported?', NULL, 'general', 0, 'Defaults Imported?', 'required', 100, '0', 0, 'checkbox'),
  (77, 'FORCE_HTTPS', '0', 'checkbox', 'Force the portal into HTTPS?', NULL, 'network', 1, 'Force HTTPS?', '', 70, '0', 1, 'checkbox'),
 === modified file 'server/install/master/structure.sql'
 --- server/install/master/structure.sql	2014-11-12 17:20:55 +0000
 +++ server/install/master/structure.sql	2015-01-09 11:27:10 +0000
@@ -5,7 +5,7 @@
    `Month` int(11) NOT NULL,
    `Size` bigint(20) NOT NULL,
    PRIMARY KEY (`DisplayID`, `Type`, `Month`)
--) ENGINE=InnoDB DEFAULT CHARSET=latin1;
++) ENGINE=InnoDB DEFAULT CHARSET=utf8;
  CREATE TABLE IF NOT EXISTS `blacklist` (
    `BlackListID` int(11) NOT NULL AUTO_INCREMENT,
@@ -111,7 +111,7 @@
    `UserID` int(11) NOT NULL,
    PRIMARY KEY (`FileID`),
    KEY `UserID` (`UserID`)
--) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
++) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
  CREATE TABLE IF NOT EXISTS `group` (
    `groupID` int(11) NOT NULL AUTO_INCREMENT,
@@ -543,7 +543,7 @@
  CREATE TABLE IF NOT EXISTS `user` (
    `UserID` int(11) NOT NULL AUTO_INCREMENT,
    `usertypeid` int(8) NOT NULL,
--  `UserName` varchar(15) NOT NULL,
++  `UserName` varchar(50) NOT NULL,
    `UserPassword` varchar(128) NOT NULL,
    `loggedin` tinyint(1) NOT NULL DEFAULT '0',
    `lastaccessed` datetime DEFAULT NULL,
@@ -558,7 +558,7 @@
  CREATE TABLE IF NOT EXISTS `usertype` (
    `usertypeid` int(8) NOT NULL,
--  `usertype` varchar(16) CHARACTER SET latin1 NOT NULL,
++  `usertype` varchar(16) CHARACTER SET utf8 NOT NULL,
    PRIMARY KEY (`usertypeid`)
  ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
@@ -627,7 +627,7 @@
    `bandwidthtypeid` int(11) NOT NULL AUTO_INCREMENT,
    `name` varchar(25) NOT NULL,
    PRIMARY KEY (`bandwidthtypeid`)
--) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=12 ;
++) ENGINE=InnoDB  DEFAULT CHARSET=utf8 AUTO_INCREMENT=12 ;
  CREATE TABLE IF NOT EXISTS `tag` (
    `tagId` int(11) NOT NULL AUTO_INCREMENT,
@@ -640,14 +640,14 @@
    `tagId` int(11) NOT NULL,
    `layoutId` int(11) NOT NULL,
    PRIMARY KEY (`lkTagLayoutId`)
--) ENGINE=InnoDB  DEFAULT CHARSET=utf32 AUTO_INCREMENT=1 ;
++) ENGINE=InnoDB  DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
  CREATE TABLE IF NOT EXISTS `lktagmedia` (
    `lkTagMediaId` int(11) NOT NULL AUTO_INCREMENT,
    `tagId` int(11) NOT NULL,
    `mediaId` int(11) NOT NULL,
    PRIMARY KEY (`lkTagMediaId`)
--) ENGINE=InnoDB DEFAULT CHARSET=utf16 AUTO_INCREMENT=1 ;
++) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
  --
  -- Constraints for dumped tables
 === modified file 'server/lib/app/kit.class.php'
 --- server/lib/app/kit.class.php	2014-11-25 11:09:21 +0000
 +++ server/lib/app/kit.class.php	2015-01-09 11:27:10 +0000
@@ -689,5 +689,63 @@
          if (Config::GetSetting('ISSUE_STS', 0) == 1)
              header("strict-transport-security: max-age=" . Config::GetSetting('STS_TTL', 600));
+     }
++
++    /**
++     * Json Encode, handling and logging errors
++     * http://stackoverflow.com/questions/10199017/how-to-solve-json-error-utf8-error-in-php-json-decode
++     * @param  mixed $mixed The item to encode
++     * @return mixed The Encoded Item
++     */
++    public static function jsonEncode($mixed)
++    {
++        if (version_compare(PHP_VERSION, '5.4.0') >= 0) {
++            $encoded = json_encode($mixed, JSON_PRETTY_PRINT);
++        }
++        else {
++            $encoded = json_encode($mixed);
++        }
++
++        switch (json_last_error()) {
++            case JSON_ERROR_NONE:
++                return $encoded;
++            case JSON_ERROR_DEPTH:
++                Debug::Audit('Maximum stack depth exceeded');
++                return false;
++            case JSON_ERROR_STATE_MISMATCH:
++                Debug::Audit('Underflow or the modes mismatch');
++                return false;
++            case JSON_ERROR_CTRL_CHAR:
++                Debug::Audit('Unexpected control character found');
++                return false;
++            case JSON_ERROR_SYNTAX:
++                Debug::Audit('Syntax error, malformed JSON');
++                return false;
++            case JSON_ERROR_UTF8:
++                $clean = Kit::utf8ize($mixed);
++                return Kit::jsonEncode($clean);
++            default:
++                Debug::Audit('Unknown error');
++                return false;
++        }
++    }
++
++    /**
++     * Utf8ize a string or array
++     * http://stackoverflow.com/questions/10199017/how-to-solve-json-error-utf8-error-in-php-json-decode
++     * @param  mixed $mixed The item to uft8ize
++     * @return mixed The utf8ized item
++     */
++    public static function utf8ize($mixed)
++    {
++        if (is_array($mixed)) {
++            foreach ($mixed as $key => $value) {
++                $mixed[$key] = Kit::utf8ize($value);
++            }
++        }
++        else if (is_string ($mixed)) {
++            return utf8_encode($mixed);
++        }
++        return $mixed;
++    }
+ }
  ?>
 === modified file 'server/lib/app/thememanager.class.php'
 --- server/lib/app/thememanager.class.php	2014-10-15 16:22:31 +0000
 +++ server/lib/app/thememanager.class.php	2015-01-09 11:27:10 +0000
@@ -281,13 +281,13 @@
  		return Theme::GetInstance()->name;
+ 	}
--	public static function GetConfig($settingName) {
++	public static function GetConfig($settingName, $default = null) {
  		$theme = Theme::GetInstance();
  		if (isset($theme->config[$settingName]))
  			return $theme->config[$settingName];
  		else
--			return '';
++			return $default;
+ 	}
  	/**
 === modified file 'server/lib/data/dataset.data.class.php'
 --- server/lib/data/dataset.data.class.php	2014-11-13 17:44:55 +0000
 +++ server/lib/data/dataset.data.class.php	2015-01-09 11:27:10 +0000
@@ -22,6 +22,30 @@
  class DataSet extends Data
+ {
++    public function hasData($dataSetId)
++    {
++        try {
++            $dbh = PDOConnect::init();
++
++            // First check to see if we have any data
++            $sth = $dbh->prepare('SELECT * FROM `datasetdata` INNER JOIN `datasetcolumn` ON datasetcolumn.DataSetColumnID = datasetdata.DataSetColumnID WHERE datasetcolumn.DataSetID = :datasetid');
++            $sth->execute(array(
++                    'datasetid' => $dataSetId
++                ));
++
++            return ($sth->fetch());
++        }
++        catch (Exception $e) {
++
++            Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
++
++            if (!$this->IsError())
++                $this->SetError(1, __('Unknown Error'));
++
++            return false;
++        }
++    }
++
      /**
       * Add a data set
       * @param <type> $dataSet
@@ -137,22 +161,15 @@
          try {
              $dbh = PDOConnect::init();
--            // First check to see if we have any data
--            $sth = $dbh->prepare('SELECT * FROM `datasetdata` INNER JOIN `datasetcolumn` ON datasetcolumn.DataSetColumnID = datasetdata.DataSetColumnID WHERE datasetcolumn.DataSetID = :datasetid');
--            $sth->execute(array(
--                    'datasetid' => $dataSetId
--                ));
++            // Delete the Data
++            $data = new DataSetData();
++            $data->DeleteAll($dataSetId);
--            if ($row = $sth->fetch())
--                return $this->SetError(25005, __('There is data assigned to this data set, cannot delete.'));
--
              // Delete security
--            Kit::ClassLoader('datasetgroupsecurity');
              $security = new DataSetGroupSecurity($this->db);
              $security->UnlinkAll($dataSetId);
              // Delete columns
--            Kit::ClassLoader('datasetcolumn');
              $dataSetObject = new DataSetColumn($this->db);
              if (!$dataSetObject->DeleteAll($dataSetId))
                  return $this->SetError(25005, __('Cannot delete dataset, columns could not be deleted.'));
 === modified file 'server/lib/data/datasetdata.data.class.php'
 --- server/lib/data/datasetdata.data.class.php	2014-10-15 15:13:38 +0000
 +++ server/lib/data/datasetdata.data.class.php	2015-01-09 11:27:10 +0000
@@ -24,11 +24,11 @@
+ {
      private $updateWatermark;
--    public function __construct(database $db) {
++    public function __construct() {
          $this->updateWatermark = true;
--        parent::__construct($db);
++        parent::__construct();
+     }
      /**
 === modified file 'server/lib/data/displayprofile.data.class.php'
 --- server/lib/data/displayprofile.data.class.php	2014-11-14 15:43:58 +0000
 +++ server/lib/data/displayprofile.data.class.php	2015-01-09 11:27:10 +0000
@@ -170,8 +170,8 @@
              $count = $sth->fetchColumn(0) + (int)$this->isDefault;
--            if ($count != 1)
--                $this->ThrowError(__('Must have 1 default per display type.'));
++            if ($count > 1)
++                $this->ThrowError(__('Only 1 default per display type is allowed.'));
              return true;
+         }
 === modified file 'server/lib/data/layout.data.class.php'
 --- server/lib/data/layout.data.class.php	2014-11-24 15:49:49 +0000
 +++ server/lib/data/layout.data.class.php	2015-01-09 11:27:10 +0000
@@ -1682,9 +1682,12 @@
                  $this->ThrowError(__('Layout not found.'));
              // Open a ZIP file with the same name as the layout
++            File::EnsureLibraryExists();
              $zip = new ZipArchive();
              $fileName = $libraryPath . 'temp/export_' . Kit::ValidateParam($row['layout'], _FILENAME) . '.zip';
--            $zip->open($fileName, ZIPARCHIVE::OVERWRITE);
++            $result = $zip->open($fileName, ZIPARCHIVE::OVERWRITE);
++            if ($result !== true)
++                $this->ThrowError(__('Can\'t create ZIP. Error Code: ' . $result));
              // Add layout information to the ZIP
              $layout = array(
@@ -1942,6 +1945,9 @@
                          'mediaId' => $newMediaId,
                          'layoutId' => $layoutId
                      ));
++
++                // Link
++                $this->AddLk($layoutId, 'background', $newMediaId);
+             }
              catch (Exception $e) {
@@ -2020,7 +2026,7 @@
                  Debug::Audit('Found file: ' . $file);
                  if (stripos($file, '.zip'))
--                    $this->Import($folder . DIRECTORY_SEPARATOR . $file, NULL, 1, false, true, true, false);
++                    $this->Import($folder . DIRECTORY_SEPARATOR . $file, NULL, 1, false, false, true, false);
+             }
+         }
+     }
 === modified file 'server/lib/data/media.data.class.php'
 --- server/lib/data/media.data.class.php	2014-11-23 13:37:49 +0000
 +++ server/lib/data/media.data.class.php	2015-01-09 11:27:10 +0000
@@ -170,9 +170,6 @@
              Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
--            if (!$this->IsError())
--                $this->SetError(1, __('Unknown Error'));
--
              return false;
+         }
+     }
@@ -832,8 +829,6 @@
       */
      public function addModuleFileFromUrl($url, $name, $expires, $moduleSystemFile = false, $force = false)
+     {
--        Debug::Audit('Adding: ' . $url . ' with Name: ' . $name . '. Expiry: ' . date('Y-m-d h:i:s', $expires));
--
          // See if we already have it
          // It doesn't matter that we might have already done this, its cached.
          $media = $this->moduleFileExists($name);
@@ -841,7 +836,7 @@
          //Debug::Audit('Module File: ' . var_export($media, true));
          if ($media === false || $force) {
--            Debug::Audit('Media not valid, forcing update.');
++            Debug::Audit('Adding: ' . $url . ' with Name: ' . $name . '. Expiry: ' . date('Y-m-d h:i:s', $expires));
              $fileName = Config::GetSetting('LIBRARY_LOCATION') . 'temp' . DIRECTORY_SEPARATOR . $name;
 === modified file 'server/lib/data/nonce.data.class.php'
 --- server/lib/data/nonce.data.class.php	2014-08-22 16:53:58 +0000
 +++ server/lib/data/nonce.data.class.php	2015-01-09 11:27:10 +0000
@@ -132,6 +132,17 @@
                      $params['displayId'] = $displayId;
                      break;
++                case 'oldfile':
++                    if ($this->validateFileStatement == NULL) {
++                        $this->validateFileStatement = $dbh->prepare('
++                            SELECT nonceId, nonce, expiry, lastUsed FROM `xmdsnonce` INNER JOIN `media` ON media.mediaid = xmdsnonce.fileId WHERE displayId = :displayId AND media.storedAs = :fileId');
++                    }
++
++                    $sth = $this->validateFileStatement;
++                    $params['fileId'] = $fileId;
++                    $params['displayId'] = $displayId;
++                    break;
++
                  case 'layout':
                      if ($this->validateLayoutStatement == NULL) {
                          $this->validateLayoutStatement = $dbh->prepare('
 === modified file 'server/lib/data/userdata.data.class.php'
 --- server/lib/data/userdata.data.class.php	2014-08-07 15:47:19 +0000
 +++ server/lib/data/userdata.data.class.php	2015-01-09 11:27:10 +0000
@@ -35,6 +35,91 @@
  class Userdata extends Data
+ {
      public $userId;
++    public $userName;
++    public $userTypeId;
++    public $loggedIn;
++    public $email;
++    public $homePage;
++    public $lastAccessed;
++    public $newUserWizard;
++    public $retired;
++
++    public static function entries($sortOrder = array(), $filterBy = array())
++    {
++        $entries = array();
++
++        try {
++            $dbh = PDOConnect::init();
++
++            $params = array();
++            $SQL  = 'SELECT userId, userName, userTypeId, loggedIn, email, homePage, lastAccessed, newUserWizard, retired ';
++            $SQL .= '  FROM `user` ';
++            $SQL .= ' WHERE 1 = 1 ';
++
++            // User Id Provided?
++            if (Kit::GetParam('userId', $filterBy, _INT) != 0) {
++                $SQL .= " AND user.userId = :userId ";
++                $params['userId'] = Kit::GetParam('userId', $filterBy, _INT);
++            }
++
++            // User Type Provided
++            if (Kit::GetParam('userTypeId', $filterBy, _INT) != 0) {
++                $SQL .= " AND user.userTypeId = :userTypeId ";
++                $params['userTypeId'] = Kit::GetParam('userTypeId', $filterBy, _INT);
++            }
++
++            // User Name Provided
++            if (Kit::GetParam('userName', $filterBy, _STRING) != 0) {
++                $SQL .= " AND user.userName LIKE :userName ";
++                $params['userName'] = '%' . Kit::GetParam('userName', $filterBy, _STRING) . '%';
++            }
++
++            // Groups Provided
++            $groups = Kit::GetParam('groupIds', $filterBy, _ARRAY_INT);
++            Debug::Audit(var_export($groups, true));
++            if (count($groups) > 0) {
++                $SQL .= " AND user.groupIds IN (" . implode($groups, ',') . ") ";
++            }
++
++            // Retired users?
++            if (Kit::GetParam('retired', $filterBy, _INT) != -1) {
++                $SQL .= " AND user.retired = :retired ";
++                $params['retired'] = Kit::GetParam('retired', $filterBy, _INT);
++            }
++
++            // Sorting?
++            if (is_array($sortOrder))
++                $SQL .= 'ORDER BY ' . implode(',', $sortOrder);
++
++            //Debug::Audit(sprintf('Retrieving list of users with SQL: %s. Params: %s', $SQL, var_export($params, true)));
++
++            $sth = $dbh->prepare($SQL);
++            $sth->execute($params);
++
++            foreach ($sth->fetchAll() as $row) {
++                $user = new Userdata();
++                $user->userId = Kit::ValidateParam($row['userId'], _INT);
++                $user->userName = Kit::ValidateParam($row['userName'], _STRING);
++                $user->userTypeId = Kit::ValidateParam($row['userTypeId'], _INT);
++                $user->loggedIn = Kit::ValidateParam($row['loggedIn'], _INT);
++                $user->email = Kit::ValidateParam($row['email'], _STRING);
++                $user->homePage = Kit::ValidateParam($row['homePage'], _STRING);
++                $user->lastAccessed = Kit::ValidateParam($row['lastAccessed'], _INT);
++                $user->newUserWizard = Kit::ValidateParam($row['newUserWizard'], _INT);
++                $user->retired = Kit::ValidateParam($row['retired'], _INT);
++
++                $entries[] = $user;
++            }
++
++            return $entries;
++        }
++        catch (Exception $e) {
++
++            Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
++
++            return false;
++        }
++    }
      public function Delete() {
          if (!isset($this->userId) || $this->userId == 0)
 === modified file 'server/lib/include.php'
 --- server/lib/include.php	2014-11-25 11:09:21 +0000
 +++ server/lib/include.php	2015-01-09 11:27:10 +0000
@@ -20,7 +20,7 @@
   */
  defined('XIBO') or die("Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.");
--define('WEBSITE_VERSION', 82);
++define('WEBSITE_VERSION', 83);
  // No errors reported until we read the settings from the DB
  error_reporting(0);
 === modified file 'server/lib/modules/module.class.php'
 --- server/lib/modules/module.class.php	2014-11-24 15:49:49 +0000
 +++ server/lib/modules/module.class.php	2015-01-09 11:27:10 +0000
@@ -30,7 +30,7 @@
      public $auth;
      // Module Information
--    private $module_id;
++    protected $module_id;
      protected $render_as;
      public $displayType;
      protected $type;
@@ -110,12 +110,12 @@
          // Members used by forms (routed through the CMS)
          $this->showRegionOptions = Kit::GetParam('showRegionOptions', _REQUEST, _INT, 1);
++
++        // Log
++        Debug::LogEntry('audit', 'Module created with MediaID: ' . $mediaid . ' LayoutID: ' . $layoutid . ' and RegionID: ' . $regionid);
          // Determine which type this module is
--        if (!$this->SetModuleInformation())
--        	return false;
--
--        Debug::LogEntry('audit', 'Module created with MediaID: ' . $mediaid . ' LayoutID: ' . $layoutid . ' and RegionID: ' . $regionid);
++        $this->SetModuleInformation();
          // Either the information from the region - or some blanks
          return ($this->SetMediaInformation($this->layoutid, $this->regionid, $this->mediaid, $this->lkid));
@@ -138,8 +138,9 @@
                      'type' => $this->type
                  ));
--            $row = $sth->fetch();
--
++            if (!$row = $sth->fetch())
++                return;
++
              $this->module_id = Kit::ValidateParam($row['ModuleID'], _INT);
              $this->schemaVersion = Kit::ValidateParam($row['SchemaVersion'], _INT);
              $this->regionSpecific = Kit::ValidateParam($row['RegionSpecific'], _INT);
@@ -172,13 +173,40 @@
          catch (Exception $e) {
              Debug::LogEntry('error', $e->getMessage());
--
--            return $this->SetError(__('Unable to create Module [No registered modules of this type] - please refer to the Module Documentation.'));
++
++            if (!$this->IsError())
++                $this->SetError(__('Unable to create Module [No registered modules of this type] - please refer to the Module Documentation.'));
++
++            throw $e;
+         }
          return true;
+ 	}
++    protected final function saveSettings()
++    {
++        // Save
++        try {
++            $dbh = PDOConnect::init();
++
++            $sth = $dbh->prepare('UPDATE module SET settings = :settings WHERE moduleid = :moduleId');
++            Debug::Audit(var_export(array(
++                    'moduleId' => $this->module_id,
++                    'settings' => json_encode($this->settings)
++                ), true));
++            $sth->execute(array(
++                    'moduleId' => $this->module_id,
++                    'settings' => json_encode($this->settings)
++                ));
++        }
++        catch (Exception $e) {
++
++            Debug::LogEntry('error', $e->getMessage());
++
++            trigger_error(__('Cannot Save Settings'), E_USER_ERROR);
++        }
++    }
++
      /**
       * Gets the information about this Media on this region on this layout
       * @return
@@ -194,6 +222,9 @@
          if ($this->mediaid != '' && $this->regionid != '' && $this->layoutid != '')
+         {
++            if ($this->module_id == 0)
++                $this->ThrowError(__('Module "' . $this->type . '" does not exist or is not installed. Please visit the module administration page or contact your administrator'));
++
              // Existing media that is assigned to a layout
              $this->existingMedia = true;
              $this->assignedMedia = true;
@@ -1362,8 +1393,12 @@
       * @param <type> $width
       * @param <type> $height
       */
--    public function Preview($width, $height) {
--        return '<div style="text-align:center;"><img alt="' . $this->type . ' thumbnail" src="theme/default/img/forms/' . $this->type . '.gif" /></div>';
++    public function Preview($width, $height, $scaleOverride = 0)
++    {
++        if ($this->previewEnabled == 0)
++            return '<div style="text-align:center;"><img alt="' . $this->type . ' thumbnail" src="theme/default/img/forms/' . $this->type . '.gif" /></div>';
++
++        return $this->PreviewAsClient($width, $height, $scaleOverride);
+     }
      /**
@@ -1997,7 +2032,7 @@
      protected function ThrowError($errNo, $errMessage = '') {
          $this->SetError($errNo, $errMessage);
--        throw new Exception(sprintf('Module Class: Error Number [%d] Error Message [%s]', $errNo, $errMessage));
++        throw new Exception(sprintf('%s [%d]', $this->GetErrorMessage(), $this->GetErrorNumber()));
+     }
      public function IsValid() {
 === modified file 'server/lib/pages/admin.class.php'
 --- server/lib/pages/admin.class.php	2014-11-25 11:09:21 +0000
 +++ server/lib/pages/admin.class.php	2015-01-09 11:27:10 +0000
@@ -283,7 +283,7 @@
  	public function SetMaxDebug()
+ 	{
  		$response	= new ResponseManager();
--		$setting 	= new Setting($db);
++		$setting 	= new Setting();
  		if (!$setting->Edit('audit', 'audit'))
              trigger_error(__('Cannot set audit to On'));
@@ -298,9 +298,8 @@
  	 */
  	public function SetMinDebug()
+ 	{
--		$db			=& $this->db;
  		$response	= new ResponseManager();
--		$setting 	= new Setting($db);
++		$setting 	= new Setting();
  		if (!$setting->Edit('audit', 'error'))
              trigger_error(__('Cannot set audit to Off'), E_USER_ERROR);
@@ -315,9 +314,8 @@
  	 */
  	public function SetServerProductionMode()
+ 	{
--		$db			=& $this->db;
  		$response	= new ResponseManager();
--		$setting 	= new Setting($db);
++		$setting 	= new Setting();
  		if (!$setting->Edit('SERVER_MODE', 'Production'))
+ 		{
@@ -334,9 +332,8 @@
  	 */
  	public function SetServerTestMode()
+ 	{
--		$db			=& $this->db;
  		$response	= new ResponseManager();
--		$setting 	= new Setting($db);
++		$setting 	= new Setting();
  		if (!$setting->Edit('SERVER_MODE', 'Test'))
+ 		{
 === modified file 'server/lib/pages/content.class.php'
 --- server/lib/pages/content.class.php	2014-10-31 12:25:45 +0000
 +++ server/lib/pages/content.class.php	2015-01-09 11:27:10 +0000
@@ -57,54 +57,59 @@
  		Theme::Set('form_meta', '<input type="hidden" name="p" value="content"><input type="hidden" name="q" value="LibraryGrid">');
          $formFields = array();
--                $formFields[] = FormManager::AddText('filter_name', __('Name'), $filter_name, NULL, 'n');
--                $formFields[] = FormManager::AddCombo(
--                    'filter_owner',
--                    __('Owner'),
--                    $filter_owner,
--                    $db->GetArray("SELECT 0 AS UserID, 'All' AS UserName UNION SELECT DISTINCT user.UserID, user.UserName FROM `media` INNER JOIN `user` ON media.UserID = user.UserID "),
--                    'UserID',
--                    'UserName',
--                    NULL,
--                    'o');
--
--                $types = $db->GetArray("SELECT Module AS moduleid, Name AS module FROM `module` WHERE RegionSpecific = 0 AND Enabled = 1 ORDER BY 2");
--                array_unshift($types, array('moduleid' => '', 'module' => 'All'));
--                $formFields[] = FormManager::AddCombo(
--                    'filter_type',
--                    __('Type'),
--                    $filter_type,
--                    $types,
--                    'moduleid',
--                    'module',
--                    NULL,
--                    'y');
--
--                $formFields[] = FormManager::AddCombo(
--                    'filter_retired',
--                    __('Retired'),
--                    $filter_retired,
--                    array(array('retiredid' => 1, 'retired' => 'Yes'), array('retiredid' => 0, 'retired' => 'No')),
--                    'retiredid',
--                    'retired',
--                    NULL,
--                    'r');
--
--                $formFields[] = FormManager::AddCheckbox('filter_duration_in_seconds', __('Duration in Seconds'),
--                    $filter_duration_in_seconds, NULL,
--                    's');
--
--                $formFields[] = FormManager::AddCheckbox('showTags', __('Show Tags'),
--                    $showTags, NULL,
--                    't');
--
--                $formFields[] = FormManager::AddCheckbox('filter_showThumbnail', __('Show Thumbnails'),
--                    $filter_showThumbnail, NULL,
--                    't');
--
--                $formFields[] = FormManager::AddCheckbox('XiboFilterPinned', __('Keep Open'),
--                    $filter_pinned, NULL,
--                    'k');
++        $formFields[] = FormManager::AddText('filter_name', __('Name'), $filter_name, NULL, 'n');
++
++        // Users we have permission to see
++        $users = $this->user->userList();
++        array_unshift($users, array('userid' => '', 'username' => 'All'));
++
++        $formFields[] = FormManager::AddCombo(
++            'filter_owner',
++            __('Owner'),
++            $filter_owner,
++            $users,
++            'userid',
++            'username',
++            NULL,
++            'o');
++
++        $types = $db->GetArray("SELECT Module AS moduleid, Name AS module FROM `module` WHERE RegionSpecific = 0 AND Enabled = 1 ORDER BY 2");
++        array_unshift($types, array('moduleid' => '', 'module' => 'All'));
++        $formFields[] = FormManager::AddCombo(
++            'filter_type',
++            __('Type'),
++            $filter_type,
++            $types,
++            'moduleid',
++            'module',
++            NULL,
++            'y');
++
++        $formFields[] = FormManager::AddCombo(
++            'filter_retired',
++            __('Retired'),
++            $filter_retired,
++            array(array('retiredid' => 1, 'retired' => 'Yes'), array('retiredid' => 0, 'retired' => 'No')),
++            'retiredid',
++            'retired',
++            NULL,
++            'r');
++
++        $formFields[] = FormManager::AddCheckbox('filter_duration_in_seconds', __('Duration in Seconds'),
++            $filter_duration_in_seconds, NULL,
++            's');
++
++        $formFields[] = FormManager::AddCheckbox('showTags', __('Show Tags'),
++            $showTags, NULL,
++            't');
++
++        $formFields[] = FormManager::AddCheckbox('filter_showThumbnail', __('Show Thumbnails'),
++            $filter_showThumbnail, NULL,
++            't');
++
++        $formFields[] = FormManager::AddCheckbox('XiboFilterPinned', __('Keep Open'),
++            $filter_pinned, NULL,
++            'k');
          // Call to render the template
          Theme::Set('header_text', __('Library'));
 === modified file 'server/lib/pages/dataset.class.php'
 --- server/lib/pages/dataset.class.php	2014-08-15 14:40:03 +0000
 +++ server/lib/pages/dataset.class.php	2015-01-09 11:27:10 +0000
@@ -313,7 +313,12 @@
          Theme::Set('form_action', 'index.php?p=dataset&q=DeleteDataSet');
          Theme::Set('form_meta', '<input type="hidden" name="datasetid" value="' . $dataSetId . '" />');
--        Theme::Set('form_fields', array(FormManager::AddMessage(__('Are you sure you want to delete?'))));
++        $formFields = array();
++        $formFields[] = FormManager::AddMessage(__('Are you sure you want to delete?'));
++        $formFields[] = FormManager::AddCheckbox('deleteData', __('Delete any associated data?'), NULL,
++            __('Please tick the box if you would like to delete all the Data contained in this DataSet'), 'c');
++
++        Theme::Set('form_fields', $formFields);
          $response->SetFormRequestResponse(NULL, __('Delete this DataSet?'), '350px', '200px');
          $response->AddButton(__('Help'), 'XiboHelpRender("' . HelpManager::Link('DataSet', 'Delete') . '")');
@@ -339,6 +344,11 @@
              trigger_error(__('Access Denied'));
          $dataSetObject = new DataSet($db);
++
++        if ($dataSetObject->hasData($dataSetId) && Kit::GetParam('deleteData', _POST, _CHECKBOX) == 0)
++            trigger_error(__('There is data assigned to this data set, cannot delete.'), E_USER_ERROR);
++
++        // Proceed with the delete
          if (!$dataSetObject->Delete($dataSetId))
              trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR);
 === modified file 'server/lib/pages/display.class.php'
 --- server/lib/pages/display.class.php	2014-11-13 17:44:55 +0000
 +++ server/lib/pages/display.class.php	2015-01-09 11:27:10 +0000
@@ -81,7 +81,7 @@
          $formFields[] = FormManager::AddCombo(
              'filter_showThumbnail',
--            __('Thumbnails'),
++            __('Screen Shot Thumbnails'),
              $filter_showThumbnail,
              array(
                  array('key' => 0, 'value' => __('None')),
@@ -374,8 +374,9 @@
          $cols = array(
                  array('name' => 'displayid', 'title' => __('ID')),
++                array('name' => 'displayWithLink', 'title' => __('Display')),
++                array('name' => 'status', 'title' => __('Status'), 'icons' => true),
                  array('name' => 'licensed', 'title' => __('License'), 'icons' => true),
--                array('name' => 'displayWithLink', 'title' => __('Display')),
                  array('name' => 'description', 'title' => __('Description'), 'hidden' => ($filter_showThumbnail == 1 || $filter_showThumbnail == 2)),
                  array('name' => 'layout', 'title' => __('Default Layout'), 'hidden' => ($filter_showThumbnail == 1 || $filter_showThumbnail == 2)),
                  array('name' => 'inc_schedule', 'title' => __('Interleave Default'), 'icons' => true, 'hidden' => ($filter_showThumbnail == 1 || $filter_showThumbnail == 2)),
@@ -389,35 +390,38 @@
              );
          Theme::Set('table_cols', $cols);
--        Theme::Set('rowClass', 'mediainventorystatus');
++        Theme::Set('rowClass', 'rowColor');
          $rows = array();
--        foreach($displays as $row)
--        {
++        foreach($displays as $row) {
              // VNC Template as display name?
--            if ($vncTemplate != '' && $row['clientaddress'] != '')
--            {
++            if ($vncTemplate != '' && $row['clientaddress'] != '') {
                  if ($linkTarget == '')
                      $linkTarget = '_top';
                  $row['displayWithLink'] = sprintf('<a href="' . $vncTemplate . '" title="VNC to ' . $row['display'] . '" target="' . $linkTarget . '">' . Theme::Prepare($row['display']) . '</a>', $row['clientaddress']);
+             }
++            else {
++                $row['displayWithLink'] = $row['display'];
++            }
              // Format last accessed
              $row['lastaccessed'] = DateManager::getLocalDate($row['lastaccessed']);
              // Create some login lights
--            $row['mediainventorystatus'] = ($row['mediainventorystatus'] == 1) ? 'success' : (($row['mediainventorystatus'] == 2) ? 'danger' : 'warning');
++            $row['rowColor'] = ($row['mediainventorystatus'] == 1) ? 'success' : (($row['mediainventorystatus'] == 2) ? 'danger' : 'warning');
++            $row['status'] = ($row['mediainventorystatus'] == 1) ? 1 : (($row['mediainventorystatus'] == 2) ? 0 : -1);
              // Thumbnail
              $row['thumbnail'] = '';
--            if ($filter_showThumbnail == 1 && file_exists(Config::GetSetting('LIBRARY_LOCATION') . 'screenshots/' . $row['displayid'] . '_screenshot.jpg')) {
++            // If we aren't logged in, and we are showThumbnail == 2, then show a circle
++            if ($filter_showThumbnail == 2 && $row['loggedin'] == 0) {
++                $row['thumbnail'] = '<i class="fa fa-times-circle"></i>';
++            }
++            else if ($filter_showThumbnail <> 0 && file_exists(Config::GetSetting('LIBRARY_LOCATION') . 'screenshots/' . $row['displayid'] . '_screenshot.jpg')) {
                  $row['thumbnail'] = '<a data-toggle="lightbox" data-type="image" href="index.php?p=display&q=ScreenShot&DisplayId=' . $row['displayid'] . '"><img class="display-screenshot" src="index.php?p=display&q=ScreenShot&DisplayId=' . $row['displayid'] . '" /></a>';
+             }
--            else if ($filter_showThumbnail == 2) {
--                $row['thumbnail'] = '<i class="fa fa-times-circle"></i>';
--            }
              // Edit and Delete buttons first
              if ($row['edit'] == 1) {
@@ -710,6 +714,14 @@
          if (!$document->loadXML($mediaInventoryXml))
              trigger_error(__('Invalid Media Inventory'), E_USER_ERROR);
++        $cols = array(
++                array('name' => 'id', 'title' => __('ID')),
++                array('name' => 'type', 'title' => __('Type')),
++                array('name' => 'complete', 'title' => __('Complete')),
++                array('name' => 'last_checked', 'title' => __('Last Checked'))
++            );
++        Theme::Set('table_cols', $cols);
++
          // Need to parse the XML and return a set of rows
          $xpath = new DOMXPath($document);
          $fileNodes = $xpath->query("//file");
@@ -731,10 +743,7 @@
          // Store the table rows
          Theme::Set('table_rows', $rows);
--        // Initialise the theme and capture the output
--        $output = Theme::RenderReturn('display_form_mediainventory');
--
--        $response->SetFormRequestResponse($output, __('Media Inventory'), '550px', '350px');
++        $response->SetFormRequestResponse(Theme::RenderReturn('table_render'), __('Media Inventory'), '550px', '350px');
          $response->AddButton(__('Help'), 'XiboHelpRender("' . HelpManager::Link('Display', 'MediaInventory') . '")');
          $response->AddButton(__('Close'), 'XiboDialogClose()');
          $response->Respond();
 === modified file 'server/lib/pages/layout.class.php'
 --- server/lib/pages/layout.class.php	2014-11-12 17:20:55 +0000
 +++ server/lib/pages/layout.class.php	2015-01-09 11:27:10 +0000
@@ -127,13 +127,18 @@
                  $formFields = array();
                  $formFields[] = FormManager::AddText('filter_layout', __('Name'), $layout, NULL, 'l');
                  $formFields[] = FormManager::AddText('filter_tags', __('Tags'), $tags, NULL, 't');
++
++                // Users we have permission to see
++                $users = $this->user->userList();
++                array_unshift($users, array('userid' => '', 'username' => 'All'));
++
                  $formFields[] = FormManager::AddCombo(
                      'filter_userid',
                      __('Owner'),
                      $owner,
--                    $db->GetArray("SELECT 0 AS UserID, 'All' AS UserName UNION SELECT DISTINCT user.UserID, user.UserName FROM `layout` INNER JOIN `user` ON layout.UserID = user.UserID "),
--                    'UserID',
--                    'UserName',
++                    $users,
++                    'userid',
++                    'username',
                      NULL,
                      'r');
                  $formFields[] = FormManager::AddCombo(
 === modified file 'server/lib/pages/log.class.php'
 --- server/lib/pages/log.class.php	2014-11-03 11:12:50 +0000
 +++ server/lib/pages/log.class.php	2015-01-09 11:27:10 +0000
@@ -284,6 +284,8 @@
              $output = Theme::RenderReturn('table_render');
              $response->initialSortOrder = 2;
++            $response->dialogClass = 'modal-big';
++            $response->dialogTitle = __('Recent Log Messages');
              $response->pageSize = 10;
              $response->SetGridResponse($output);
              $response->Respond();
 === modified file 'server/lib/pages/module.class.php'
 --- server/lib/pages/module.class.php	2014-11-17 15:15:42 +0000
 +++ server/lib/pages/module.class.php	2015-01-09 11:27:10 +0000
@@ -82,36 +82,36 @@
          Theme::Set('form_meta', '<input type="hidden" name="p" value="module"><input type="hidden" name="q" value="Grid">');
          Theme::Set('pager', ResponseManager::Pager($id));
--        //
          // Do we have any modules to install?!
--        //
--        // Get a list of matching files in the modules folder
--        $files = glob('modules/*.module.php');
--
--        // Get a list of all currently installed modules
--        try {
--            $dbh = PDOConnect::init();
--
--            $sth = $dbh->prepare("SELECT CONCAT('modules/', LOWER(Module), '.module.php') AS Module FROM `module`");
--            $sth->execute();
--
--            $rows = $sth->fetchAll();
--            $installed = array();
--
--            foreach($rows as $row)
--                $installed[] = $row['Module'];
--        }
--        catch (Exception $e) {
--            trigger_error(__('Cannot get installed modules'), E_USER_ERROR);
--        }
--
--        // Compare the two
--        $to_install = array_diff($files, $installed);
--
--        if (count($to_install) > 0) {
--            Theme::Set('module_install_url', 'index.php?p=module&q=Install&module=');
--            Theme::Set('to_install', $to_install);
--            Theme::Set('prepend', Theme::RenderReturn('module_page_install_modules'));
++        if (Config::GetSetting('MODULE_CONFIG_LOCKED_CHECKB') != 'Checked') {
++            // Get a list of matching files in the modules folder
++            $files = glob('modules/*.module.php');
++
++            // Get a list of all currently installed modules
++            try {
++                $dbh = PDOConnect::init();
++
++                $sth = $dbh->prepare("SELECT CONCAT('modules/', LOWER(Module), '.module.php') AS Module FROM `module`");
++                $sth->execute();
++
++                $rows = $sth->fetchAll();
++                $installed = array();
++
++                foreach($rows as $row)
++                    $installed[] = $row['Module'];
++            }
++            catch (Exception $e) {
++                trigger_error(__('Cannot get installed modules'), E_USER_ERROR);
++            }
++
++            // Compare the two
++            $to_install = array_diff($files, $installed);
++
++            if (count($to_install) > 0) {
++                Theme::Set('module_install_url', 'index.php?p=module&q=Install&module=');
++                Theme::Set('to_install', $to_install);
++                Theme::Set('prepend', Theme::RenderReturn('module_page_install_modules'));
++            }
+         }
          // Call to render the template
@@ -138,7 +138,8 @@
          $SQL .= '   ValidExtensions, ';
          $SQL .= '   ImageUri, ';
          $SQL .= '   PreviewEnabled, ';
--        $SQL .= '   assignable ';
++        $SQL .= '   assignable, ';
++        $SQL .= '   settings ';
          $SQL .= '  FROM `module` ';
          $SQL .= ' ORDER BY Name ';
@@ -174,6 +175,7 @@
              $row['enabled'] = Kit::ValidateParam($module['Enabled'], _INT);
              $row['preview_enabled'] = Kit::ValidateParam($module['PreviewEnabled'], _INT);
              $row['assignable'] = Kit::ValidateParam($module['assignable'], _INT);
++            $row['settings'] = json_decode(Kit::ValidateParam($module['settings'], _HTMLSTRING), true);
              // Initialise array of buttons, because we might not have any
              $row['buttons'] = array();
@@ -189,6 +191,14 @@
                      );
+             }
++            // Are there any buttons we need to provide as part of the module?
++            if (isset($row['settings']['buttons'])) {
++                foreach($row['settings']['buttons'] as $button) {
++                    $button['text'] = __($button['text']);
++                    $row['buttons'][] = $button;
++                }
++            }
++
              $rows[] = $row;
+         }
 === modified file 'server/lib/pages/stats.class.php'
 --- server/lib/pages/stats.class.php	2014-10-21 14:46:29 +0000
 +++ server/lib/pages/stats.class.php	2015-01-09 11:27:10 +0000
@@ -344,6 +344,17 @@
          $toDt = strtotime(Kit::GetParam('todt', _POST, _STRING));
          $displayId = Kit::GetParam('displayid', _POST, _INT);
++        // Get an array of display id this user has access to.
++        $displays = $this->user->DisplayList();
++        $displayIds = array();
++
++        foreach($displays as $display) {
++            $displayIds[] = $display['displayid'];
++        }
++
++        if (count($displayIds) <= 0)
++            trigger_error(__('No displays with View permissions'), E_USER_ERROR);
++
          // Get some data for a bandwidth chart
          try {
              $dbh = PDOConnect::init();
@@ -364,7 +375,8 @@
                      ON display.displayId = stat.displayId
                   WHERE start <= :end
                      AND end >= :start
--                    AND type = :type ';
++                    AND type = :type
++                    AND display.displayId IN (' . implode(',', $displayIds) . ') ';
              if ($displayId != 0) {
                  $SQL .= ' AND display.displayId = :displayId ';
@@ -413,6 +425,17 @@
          $fromDt = strtotime(Kit::GetParam('fromdt', _POST, _STRING));
          $toDt = strtotime(Kit::GetParam('todt', _POST, _STRING));
++        // Get an array of display id this user has access to.
++        $displays = $this->user->DisplayList();
++        $displayIds = array();
++
++        foreach($displays as $display) {
++            $displayIds[] = $display['displayid'];
++        }
++
++        if (count($displayIds) <= 0)
++            trigger_error(__('No displays with View permissions'), E_USER_ERROR);
++
          // Get some data for a bandwidth chart
          try {
              $dbh = PDOConnect::init();
@@ -439,7 +462,8 @@
                      ';
              $SQL .= '  WHERE month > :month
--                    AND month < :month2 ';
++                    AND month < :month2
++                    AND display.displayId IN (' . implode(',', $displayIds) . ') ';
              if ($displayId != 0) {
                  $SQL .= ' AND display.displayid = :displayid ';
@@ -493,7 +517,7 @@
              // Set up some suffixes
              $suffixes = array('bytes', 'k', 'M', 'G', 'T');
--            Theme::Set('bandwidthWidgetUnits', $suffixes[$base]);
++            Theme::Set('bandwidthWidgetUnits', (isset($suffixes[$base]) ? $suffixes[$base] : ''));
              $output = Theme::RenderReturn('stats_page_bandwidth');
 === modified file 'server/lib/pages/timeline.class.php'
 --- server/lib/pages/timeline.class.php	2014-11-12 17:20:55 +0000
 +++ server/lib/pages/timeline.class.php	2015-01-09 11:27:10 +0000
@@ -751,8 +751,15 @@
              Debug::LogEntry('audit', sprintf('Permission Granted to View MediaID: %s', $mediaId), 'layout', 'TimeLine');
              // Create a media module to handle all the complex stuff
--            require_once("modules/$mediaType.module.php");
--            $tmpModule = new $mediaType($db, $user, $mediaId, $layoutId, $regionId, $lkId);
++            try {
++                require_once("modules/$mediaType.module.php");
++                $tmpModule = new $mediaType($db, $user, $mediaId, $layoutId, $regionId, $lkId);
++            }
++            catch (Exception $e) {
++                Debug::Audit('Caught exception from Module Create');
++                trigger_error($e->getMessage(), E_USER_ERROR);
++            }
++
              $mediaName = $tmpModule->GetName();
              $transitionIn = $tmpModule->GetTransition('in');
              $transitionOut = $tmpModule->GetTransition('out');
 === modified file 'server/lib/pages/user.class.php'
 --- server/lib/pages/user.class.php	2014-10-17 16:13:12 +0000
 +++ server/lib/pages/user.class.php	2015-01-09 11:27:10 +0000
@@ -122,38 +122,30 @@
          // Pinned option?
          setSession('user_admin', 'Filter', Kit::GetParam('XiboFilterPinned', _REQUEST, _CHECKBOX, 'off'));
++        // Filter our users?
++        $filterBy = array();
++
          // Generate the results
          $sql  = "SELECT user.UserID, user.UserName, user.usertypeid, user.loggedin, user.lastaccessed, user.email, user.homepage, user.retired ";
          $sql .= " FROM `user` ";
          $sql .= " WHERE 1 = 1 ";
--        // Normal users can only see themselves
--        if ($user->usertypeid == 3)
--            $sql .= sprintf(" AND userid = %d ", $user->userid);
--
          // Filter on User Type
--        if($filter_usertypeid != 0)
--            $sql .= sprintf(" AND usertypeid = %d ", $filter_usertypeid);
++        if ($filter_usertypeid != 0)
++            $filterBy['userTypeId'] = $filter_usertypeid;
          // Filter on User Name
          if ($filter_username != '')
--            $sql .= " AND UserName LIKE '%" . sprintf("%s", $db->escape_string($filter_username) . "%' ");
--
--        $sql .= " ORDER by UserName";
--
--        //Debug::LogEntry('audit', $sql);
++            $filterBy['userName'] = $filter_username;
          // Load results into an array
--        $users = $db->GetArray($sql);
++        $users = $user->userList(array('userName'), $filterBy);
          if (!is_array($users))
--        {
--            trigger_error($db->error());
              trigger_error(__('Error getting list of users'), E_USER_ERROR);
--        }
--
++
          $cols = array(
--                array('name' => 'UserName', 'title' => __('Name')),
++                array('name' => 'username', 'title' => __('Name')),
                  array('name' => 'homepage', 'title' => __('Homepage')),
                  array('name' => 'email', 'title' => __('Email')),
                  array('name' => 'retired', 'title' => __('Retired?'), 'icons' => true)
@@ -164,7 +156,7 @@
          foreach ($users as $row) {
--            $row['groupid'] = $user->getGroupFromID($row['UserID'], true);
++            $row['groupid'] = $user->getGroupFromID($row['userid'], true);
              // Super admins have some buttons
              if ($user->usertypeid == 1) {
@@ -172,14 +164,14 @@
                  // Edit
                  $row['buttons'][] = array(
                          'id' => 'user_button_edit',
--                        'url' => 'index.php?p=user&q=DisplayForm&userID=' . $row['UserID'],
++                        'url' => 'index.php?p=user&q=DisplayForm&userID=' . $row['userid'],
                          'text' => __('Edit')
                      );
                  // Delete
                  $row['buttons'][] = array(
                          'id' => 'user_button_delete',
--                        'url' => 'index.php?p=user&q=DeleteForm&userID=' . $row['UserID'],
++                        'url' => 'index.php?p=user&q=DeleteForm&userID=' . $row['userid'],
                          'text' => __('Delete')
                      );
@@ -200,21 +192,21 @@
                  // Applications
                  $row['buttons'][] = array(
                          'id' => 'user_button_applications',
--                        'url' => 'index.php?p=oauth&q=UserTokens&userID=' . $row['UserID'],
++                        'url' => 'index.php?p=oauth&q=UserTokens&userID=' . $row['userid'],
                          'text' => __('Applications')
                      );
                  // Set Home Page
                  $row['buttons'][] = array(
                          'id' => 'user_button_homepage',
--                        'url' => 'index.php?p=user&q=SetUserHomePageForm&userid=' . $row['UserID'],
++                        'url' => 'index.php?p=user&q=SetUserHomePageForm&userid=' . $row['userid'],
                          'text' => __('Set Homepage')
                      );
                  // Set Password
                  $row['buttons'][] = array(
                          'id' => 'user_button_delete',
--                        'url' => 'index.php?p=user&q=SetPasswordForm&userid=' . $row['UserID'],
++                        'url' => 'index.php?p=user&q=SetPasswordForm&userid=' . $row['userid'],
                          'text' => __('Set Password')
                      );
+             }
@@ -252,15 +244,12 @@
          $initialGroupId = Kit::GetParam('groupid', _POST, _INT);
          // Validation
--        if ($username=="")
--        {
--            trigger_error("Please enter a User Name.", E_USER_ERROR);
--        }
++        if ($username == '' || strlen($username) > 50)
++            trigger_error(__('User name must be between 1 and 50 characters.'), E_USER_ERROR);
++
          if ($password=="")
--        {
              trigger_error("Please enter a Password.", E_USER_ERROR);
--        }
--
++
          if ($homepage == "")
              $homepage = "dashboard";
@@ -342,10 +331,8 @@
          $retired = Kit::GetParam('retired', _POST, _CHECKBOX);
          // Validation
--        if ($username == "")
--        {
--            trigger_error(__("Please enter a User Name."), E_USER_ERROR);
--        }
++        if ($username == '' || strlen($username) > 50)
++            trigger_error(__('User name must be between 1 and 50 characters.'), E_USER_ERROR);
          // Check for duplicate user name
          $sqlcheck = " ";
@@ -563,7 +550,7 @@
          // Render the return and output
          $formFields = array();
          $formFields[] = FormManager::AddText('edit_username', __('User Name'), $username,
--            __('The Login Name of the user.'), 'n', 'required');
++            __('The Login Name of the user.'), 'n', 'required maxlength="50"');
          $formFields[] = FormManager::AddPassword('edit_password', __('Password'), $password,
              __('The Password for this user.'), 'p', 'required');
 === modified file 'server/lib/service/service_v3.wsdl'
 --- server/lib/service/service_v3.wsdl	2014-10-31 15:27:56 +0000
 +++ server/lib/service/service_v3.wsdl	2015-01-09 11:27:10 +0000
@@ -42,15 +42,6 @@
      <message name="ScheduleResponse">
          <part name="ScheduleXml" type="xsd:string" />
      </message>
--    <message name="RecieveXmlLogRequest">
--        <part name="serverKey" type="xsd:string" />
--        <part name="hardwareKey" type="xsd:string" />
--        <part name="xml" type="xsd:string" />
--        <part name="version" type="xsd:string" />
--    </message>
--    <message name="RecieveXmlLogResponse">
--        <part name="success" type="xsd:boolean" />
--    </message>
      <message name="BlackListRequest">
          <part name="serverKey" type="xsd:string" />
          <part name="hardwareKey" type="xsd:string" />
 === modified file 'server/lib/service/xmdssoap3.class.php'
 --- server/lib/service/xmdssoap3.class.php	2014-11-25 11:09:21 +0000
 +++ server/lib/service/xmdssoap3.class.php	2015-01-09 11:27:10 +0000
@@ -32,12 +32,6 @@
      private $defaultLayoutId;
      private $version_instructions;
--    public function __construct()
--    {
--        global $db;
--        $this->db =& $db;
--    }
--
      /**
       * Registers a new display
       * @param <type> $serverKey
@@ -64,7 +58,7 @@
          try {
              $dbh = PDOConnect::init();
              $sth = $dbh->prepare('
--                SELECT licensed
++                SELECT licensed, displayid
                    FROM display
                  WHERE license = :hardwareKey');
@@ -97,10 +91,10 @@
          // Touch the display record
          $displayObject = new Display();
--        $displayObject->Touch($displayid);
++        $displayObject->Touch($row['displayid']);
          // Log Bandwidth
--        $this->LogBandwidth($displayid, Bandwidth::$REGISTER, strlen($active));
++        $this->LogBandwidth($row['displayid'], Bandwidth::$REGISTER, strlen($active));
          Debug::LogEntry('audit', $active, get_class(), __FUNCTION__);
@@ -114,18 +108,12 @@
       */
      function RequiredFiles($serverKey, $hardwareKey, $version)
+     {
--        $db =& $this->db;
--
          // Sanitize
--        $serverKey  = Kit::ValidateParam($serverKey, _STRING);
--        $hardwareKey    = Kit::ValidateParam($hardwareKey, _STRING);
--        $version    = Kit::ValidateParam($version, _STRING);
--        $rfLookahead    = Kit::ValidateParam(Config::GetSetting('REQUIRED_FILES_LOOKAHEAD'), _INT);
--
--        // Make sure we are talking the same language
--        if (!$this->CheckVersion($version))
--            throw new SoapFault('Sender', 'Your client is not of the correct version for communication with this server.');
--
++        $serverKey = Kit::ValidateParam($serverKey, _STRING);
++        $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
++        $rfLookahead = Kit::ValidateParam(Config::GetSetting('REQUIRED_FILES_LOOKAHEAD'), _INT);
++
++        // Check the serverKey matches
          if ($serverKey != Config::GetSetting('SERVER_KEY'))
              throw new SoapFault('Sender', 'The Server key you entered does not match with the server key at this address');
@@ -140,12 +128,15 @@
              throw new SoapFault('Sender', 'This display is not licensed.');
          if ($this->isAuditing == 1)
--            Debug::LogEntry("audit", '[IN] with hardware key: ' . $hardwareKey, 'xmds', 'RequiredFiles', '', $this->displayId);
--
++            Debug::LogEntry("audit", '[IN] with hardware key: ' . $hardwareKey, "xmds", "RequiredFiles");
++
++        // Remove all Nonces for this display
++        $nonce = new Nonce();
++        $nonce->RemoveAllXmdsNonce($this->displayId);
++
++        // Build a new RF
          $requiredFilesXml = new DOMDocument("1.0");
--        $fileElements   = $requiredFilesXml->createElement("files");
--        $fileElements->setAttribute('version_instructions', $this->version_instructions);
--
++        $fileElements = $requiredFilesXml->createElement("files");
          $requiredFilesXml->appendChild($fileElements);
          // Hour to hour time bands for the query
@@ -157,158 +148,158 @@
          $fromFilter = $fromFilter - ($fromFilter % 3600);
          $toFilter = $rfLookahead - ($rfLookahead % 3600);
--        Debug::LogEntry('audit', sprintf('FromDT = %s. ToDt = %s', date('Y-m-d h:i:s', $fromFilter), date('Y-m-d h:i:s', $toFilter)), 'xmds', 'RequiredFiles', '', $this->displayId);
--
--        // Get a list of all layout ids in the schedule right now.
--        $SQL  = " SELECT DISTINCT layout.layoutID ";
--        $SQL .= " FROM `campaign` ";
--        $SQL .= "   INNER JOIN schedule_detail ON schedule_detail.CampaignID = campaign.CampaignID ";
--        $SQL .= "   INNER JOIN `lkcampaignlayout` ON lkcampaignlayout.CampaignID = campaign.CampaignID ";
--        $SQL .= "   INNER JOIN `layout` ON lkcampaignlayout.LayoutID = layout.LayoutID ";
--        $SQL .= "   INNER JOIN lkdisplaydg ON lkdisplaydg.DisplayGroupID = schedule_detail.DisplayGroupID ";
--        $SQL .= sprintf(" WHERE lkdisplaydg.DisplayID = %d  ", $this->displayId);
--        $SQL .= sprintf(" AND schedule_detail.FromDT < %d AND schedule_detail.ToDT > %d ", $toFilter, $fromFilter);
--        $SQL .= "   AND layout.retired = 0  ";
--
          if ($this->isAuditing == 1)
--            Debug::LogEntry("audit", $SQL, 'xmds', 'RequiredFiles', '', $this->displayId);
--
--        if (!$results = $db->query($SQL))
--        {
--            trigger_error($db->error());
++            Debug::LogEntry('audit', sprintf('FromDT = %s. ToDt = %s', date('Y-m-d h:i:s', $fromFilter), date('Y-m-d h:i:s', $toFilter)), 'xmds', 'RequiredFiles', '', $this->displayId);
++
++        try {
++            $dbh = PDOConnect::init();
++
++            // Get a list of all layout ids in the schedule right now.
++            $SQL  = " SELECT DISTINCT layout.layoutID ";
++            $SQL .= " FROM `campaign` ";
++            $SQL .= "   INNER JOIN schedule ON schedule.CampaignID = campaign.CampaignID ";
++            $SQL .= "   INNER JOIN schedule_detail ON schedule_detail.eventID = schedule.eventID ";
++            $SQL .= "   INNER JOIN `lkcampaignlayout` ON lkcampaignlayout.CampaignID = campaign.CampaignID ";
++            $SQL .= "   INNER JOIN `layout` ON lkcampaignlayout.LayoutID = layout.LayoutID ";
++            $SQL .= "   INNER JOIN lkdisplaydg ON lkdisplaydg.DisplayGroupID = schedule_detail.DisplayGroupID ";
++            $SQL .= " WHERE lkdisplaydg.DisplayID = :displayId ";
++            $SQL .= " AND schedule_detail.FromDT < :fromdt AND schedule_detail.ToDT > :todt ";
++            $SQL .= "   AND layout.retired = 0  ";
++
++            $sth = $dbh->prepare($SQL);
++            $sth->execute(array(
++                    'displayId' => $this->displayId,
++                    'fromdt' => $toFilter,
++                    'todt' => $fromFilter
++                ));
++
++            // Our layout list will always include the default layout
++            $layouts = array();
++            $layouts[] = $this->defaultLayoutId;
++
++            // Build up the other layouts into an array
++            foreach ($sth->fetchAll() as $row)
++                $layouts[] = Kit::ValidateParam($row['layoutID'], _INT);
++        }
++        catch (Exception $e) {
++            Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
              return new SoapFault('Sender', 'Unable to get a list of layouts');
+         }
--        // Our layout list will always include the default layout
--        $layouts = array();
--        $layouts[] = $this->defaultLayoutId;
--
--        // Build up the other layouts into an array
--        while ($row = $db->get_assoc_row($results))
--            $layouts[] = Kit::ValidateParam($row['layoutID'], _INT);
--
          // Create a comma separated list to pass into the query which gets file nodes
          $layoutIdList = implode(',', $layouts);
--        // Add file nodes to the $fileElements
--        $SQL  = " SELECT 'layout' AS RecordType, layout.layoutID AS path, layout.layoutID AS id, MD5(layout.xml) AS `MD5`, NULL AS FileSize, layout.background, layout.xml AS xml ";
--        $SQL .= "   FROM layout ";
--        $SQL .= sprintf(" WHERE layout.layoutid IN (%s)  ", $layoutIdList);
--        $SQL .= " UNION ";
--        $SQL .= " SELECT 'media' AS RecordType, storedAs AS path, media.mediaID AS id, media.`MD5`, media.FileSize, NULL AS background, NULL AS xml ";
--        $SQL .= "   FROM media ";
--        $SQL .= "   INNER JOIN lklayoutmedia ";
--        $SQL .= "   ON lklayoutmedia.MediaID = media.MediaID ";
--        $SQL .= "   INNER JOIN layout ";
--        $SQL .= "   ON layout.LayoutID = lklayoutmedia.LayoutID";
--        $SQL .= sprintf(" WHERE layout.layoutid IN (%s)  ", $layoutIdList);
--        $SQL .= "
--                UNION
--                SELECT 'media' AS RecordType, storedAs AS path, media.mediaID AS id, media.`MD5`, media.FileSize, NULL AS background, NULL AS xml
--                   FROM `media`
--                    INNER JOIN `lkmediadisplaygroup`
--                    ON lkmediadisplaygroup.mediaid = media.MediaID
--                    INNER JOIN lkdisplaydg
--                    ON lkdisplaydg.DisplayGroupID = lkmediadisplaygroup.DisplayGroupID
--                ";
--        $SQL .= sprintf(" WHERE lkdisplaydg.DisplayID = %d  ", $this->displayId);
--        $SQL .= " ORDER BY RecordType DESC";
--
--        if ($this->isAuditing == 1)
--            Debug::LogEntry("audit", $SQL, 'xmds', 'RequiredFiles', '', $this->displayId);
--
--        if (!$results = $db->query($SQL))
--        {
--            trigger_error($db->error());
++        try {
++            $dbh = PDOConnect::init();
++
++            // Add file nodes to the $fileElements
++            $SQL  = "
++                    SELECT 1 AS DownloadOrder, 'media' AS RecordType, storedAs AS path, media.mediaID AS id, media.`MD5`, media.FileSize, NULL AS xml
++                       FROM `media`
++                     WHERE media.type = 'font'
++                        OR (media.type = 'module' AND media.moduleSystemFile = 1)
++                    UNION
++                    ";
++            $SQL .= " SELECT 4 AS DownloadOrder, 'layout' AS RecordType, layout.layoutID AS path, layout.layoutID AS id, MD5(layout.xml) AS `MD5`, NULL AS FileSize, layout.xml AS xml ";
++            $SQL .= "   FROM layout ";
++            $SQL .= sprintf(" WHERE layout.layoutid IN (%s)  ", $layoutIdList);
++            $SQL .= " UNION ";
++            $SQL .= " SELECT 3 AS DownloadOrder, 'media' AS RecordType, storedAs AS path, media.mediaID AS id, media.`MD5`, media.FileSize, NULL AS xml ";
++            $SQL .= "   FROM media ";
++            $SQL .= "   INNER JOIN lklayoutmedia ";
++            $SQL .= "   ON lklayoutmedia.MediaID = media.MediaID ";
++            $SQL .= "   INNER JOIN layout ";
++            $SQL .= "   ON layout.LayoutID = lklayoutmedia.LayoutID";
++            $SQL .= sprintf(" WHERE layout.layoutid IN (%s)  ", $layoutIdList);
++            $SQL .= "
++                    UNION
++                    SELECT 2 AS DownloadOrder, 'media' AS RecordType, storedAs AS path, media.mediaID AS id, media.`MD5`, media.FileSize, NULL AS xml
++                       FROM `media`
++                        INNER JOIN `lkmediadisplaygroup`
++                        ON lkmediadisplaygroup.mediaid = media.MediaID
++                        INNER JOIN lkdisplaydg
++                        ON lkdisplaydg.DisplayGroupID = lkmediadisplaygroup.DisplayGroupID
++                    ";
++            $SQL .= " WHERE lkdisplaydg.DisplayID = :displayId ";
++            $SQL .= " ORDER BY DownloadOrder, RecordType DESC";
++
++            $sth = $dbh->prepare($SQL);
++            $sth->execute(array(
++                    'displayId' => $this->displayId
++                ));
++
++            // Prepare a SQL statement in case we need to update the MD5 and FileSize on media nodes.
++            $mediaSth = $dbh->prepare('UPDATE media SET `MD5` = :md5, FileSize = :size WHERE MediaID = :mediaid');
++
++            // What is the send file mode?
++            $sendFileMode = Config::GetSetting('SENDFILE_MODE');
++
++            foreach ($sth->fetchAll() as $row) {
++                $recordType = Kit::ValidateParam($row['RecordType'], _WORD);
++                $path   = Kit::ValidateParam($row['path'], _STRING);
++                $id     = Kit::ValidateParam($row['id'], _STRING);
++                $md5    = Kit::ValidateParam($row['MD5'], _HTMLSTRING);
++                $fileSize   = Kit::ValidateParam($row['FileSize'], _INT);
++                $xml = Kit::ValidateParam($row['xml'], _HTMLSTRING);
++                $mediaNonce = '';
++
++                if ($recordType == 'layout') {
++                    // For layouts the MD5 column is the layout xml
++                    $fileSize = strlen($xml);
++
++                    if ($this->isAuditing == 1)
++                        Debug::LogEntry("audit", 'MD5 for layoutid ' . $id . ' is: [' . $md5 . ']', "xmds", "RequiredFiles");
++
++                    // Add nonce
++                    $nonce->AddXmdsNonce('layout', $this->displayId, NULL, $fileSize, NULL, $id);
++                }
++                else if ($recordType == 'media') {
++                    // If they are empty calculate them and save them back to the media.
++                    if ($md5 == '' || $fileSize == 0) {
++
++                        $md5 = md5_file($libraryLocation.$path);
++                        $fileSize = filesize($libraryLocation.$path);
++
++                        // Update the media record with this information
++                        $mediaSth->execute(array('md5' => $md5, 'size' => $fileSize, 'mediaid' => $id));
++                    }
++
++                    // Add nonce
++                    $mediaNonce = $nonce->AddXmdsNonce('file', $this->displayId, $id, $fileSize, $path);
++                }
++                else {
++                    continue;
++                }
++
++                // Add the file node
++                $file = $requiredFilesXml->createElement("file");
++                $file->setAttribute("type", $recordType);
++                $file->setAttribute("id", $id);
++                $file->setAttribute("size", $fileSize);
++                $file->setAttribute("md5", $md5);
++                $file->setAttribute("download", 'xmds');
++                $file->setAttribute("path", $path);
++
++                $fileElements->appendChild($file);
++            }
++        }
++        catch (Exception $e) {
++            Debug::LogEntry('error', $e->getMessage());
              return new SoapFault('Sender', 'Unable to get a list of files');
+         }
--        // Added paths
--        $paths = array();
--
--        while ($row = $db->get_assoc_row($results))
--        {
--            $recordType = Kit::ValidateParam($row['RecordType'], _WORD);
--            $path   = Kit::ValidateParam($row['path'], _STRING);
--            $id     = Kit::ValidateParam($row['id'], _STRING);
--            $md5    = Kit::ValidateParam($row['MD5'], _HTMLSTRING);
--            $fileSize   = Kit::ValidateParam($row['FileSize'], _INT);
--            $background = Kit::ValidateParam($row['background'], _STRING);
--            $xml = Kit::ValidateParam($row['xml'], _HTMLSTRING);
--
--            if ($recordType == 'layout')
--            {
--                // For layouts the MD5 column is the layout xml
--                $fileSize   = strlen($xml);
--
--                if ($this->isAuditing == 1)
--                    Debug::LogEntry("audit", 'MD5 for layoutid ' . $id . ' is: [' . $md5 . ']', 'xmds', 'RequiredFiles', '', $this->displayId);
--            }
--            else if ($recordType == 'media')
--            {
--                // If they are empty calculate them and save them back to the media.
--                if ($md5 == '' || $fileSize == 0)
--                {
--                    $md5    = md5_file($libraryLocation.$path);
--                    $fileSize   = filesize($libraryLocation.$path);
--
--                    // Update the media record with this information
--                    $SQL = sprintf("UPDATE media SET `MD5` = '%s', FileSize = %d WHERE MediaID = %d", $md5, $fileSize, $id);
--
--                    if (!$db->query($SQL))
--                        trigger_error($db->error());
--                }
--            }
--            else
--            {
--                continue;
--            }
--
--            // Add the file node
--            $file = $requiredFilesXml->createElement("file");
--
--            $file->setAttribute("type", $recordType);
--            $file->setAttribute("path", $path);
--            $file->setAttribute("id", $id);
--            $file->setAttribute("size", $fileSize);
--            $file->setAttribute("md5", $md5);
--
--            $fileElements->appendChild($file);
--
--            // Add this to the paths array
--            $paths[] = $path;
--
--            // If this is a layout type and there is a background then add the background node
--            // TODO: We need to alter the layout table to have a background ID rather than a path
--            // TODO: We need to alter the background edit method to create a lklayoutmedia link for
--            // background images (and maintain it when they change)
--            if ($recordType == 'layout' && $background != '' && !in_array($background, $paths))
--            {
--                // Also append another file node for the background image (if there is one)
--                $file = $requiredFilesXml->createElement("file");
--                $file->setAttribute("type", "media");
--                $file->setAttribute("path", $background);
--                $file->setAttribute("md5", md5_file($libraryLocation.$background));
--                $file->setAttribute("size", filesize($libraryLocation.$background));
--                $fileElements->appendChild($file);
--
--                // Add this to the paths array
--                $paths[] = $background;
--            }
--        }
--
          Kit::ClassLoader('layout');
          // Go through each layout and see if we need to supply any resource nodes.
          foreach ($layouts as $layoutId) {
              // Load the layout XML and work out if we have any ticker / text / dataset media items
--            $layout = new Layout($db);
++            $layout = new Layout();
              $layoutInformation = $layout->LayoutInformation($layoutId);
              foreach($layoutInformation['regions'] as $region) {
                  foreach($region['media'] as $media) {
--                    if ($media['mediatype'] == 'ticker' || $media['mediatype'] == 'text' || $media['mediatype'] == 'datasetview' || $media['mediatype'] == 'webpage') {
++                    if ($media['render'] == 'html' || $media['mediatype'] == 'ticker' || $media['mediatype'] == 'text' || $media['mediatype'] == 'datasetview' || $media['mediatype'] == 'webpage' || $media['mediatype'] == 'embedded') {
                          // Append this item to required files
                          $file = $requiredFilesXml->createElement("file");
                          $file->setAttribute('type', 'resource');
@@ -319,6 +310,8 @@
                          $file->setAttribute('updated', (isset($media['updated']) ? $media['updated'] : 0));
                          $fileElements->appendChild($file);
++
++                        $nonce->AddXmdsNonce('resource', $this->displayId, NULL, NULL, NULL, $layoutId, $region['regionid'], $media['mediaid']);
+                     }
+                 }
+             }
@@ -330,70 +323,65 @@
          $fileElements->appendChild($blackList);
--        // Populate
--        $SQL = "SELECT MediaID
--                FROM blacklist
--                WHERE DisplayID = " . $this->displayId . "
--                AND isIgnored = 0";
--
--        if (!$results = $db->query($SQL))
--        {
--            trigger_error($db->error());
++        try {
++            $dbh = PDOConnect::init();
++
++            $sth = $dbh->prepare('SELECT MediaID FROM blacklist WHERE DisplayID = :displayid AND isIgnored = 0');
++            $sth->execute(array(
++                    'displayid' => $this->displayId
++                ));
++
++            // Add a black list element for each file
++            foreach ($sth->fetchAll() as $row) {
++                $file = $requiredFilesXml->createElement("file");
++                $file->setAttribute("id", $row['MediaID']);
++
++                $blackList->appendChild($file);
++            }
++        }
++        catch (Exception $e) {
++            Debug::LogEntry('error', $e->getMessage());
              return new SoapFault('Sender', 'Unable to get a list of blacklisted files');
+         }
--        // Add a black list element for each file
--        while ($row = $db->get_row($results))
--        {
--            $file = $requiredFilesXml->createElement("file");
--            $file->setAttribute("id", $row[0]);
--
--            $blackList->appendChild($file);
--        }
--
          // Phone Home?
          $this->PhoneHome();
          if ($this->isAuditing == 1)
--            Debug::LogEntry("audit", $requiredFilesXml->saveXML(), 'xmds', 'RequiredFiles', '', $this->displayId);
--
++            Debug::LogEntry("audit", "[OUT]" . $requiredFilesXml->saveXML(), "xmds", "RequiredFiles");
++
          // Return the results of requiredFiles()
          $requiredFilesXml->formatOutput = true;
          $output = $requiredFilesXml->saveXML();
          // Log Bandwidth
--        $this->LogBandwidth($this->displayId, 2, strlen($output));
++        $this->LogBandwidth($this->displayId, Bandwidth::$RF, strlen($output));
          return $output;
+     }
      /**
--     * Gets the specified file
--     * @return
--     * @param $hardwareKey Object
--     * @param $filePath Object
--     * @param $fileType Object
++     * Get File
++     * @param string $serverKey   The ServerKey for this CMS
++     * @param string $hardwareKey The HardwareKey for this Display
++     * @param int $mediaId     The ID
++     * @param string $fileType    The File Type
++     * @param int $chunkOffset The Offset of the Chunk Requested
++     * @param string $chunkSize   The Size of the Chunk Requested
       */
      function GetFile($serverKey, $hardwareKey, $filePath, $fileType, $chunkOffset, $chunkSize, $version)
+     {
--        $db =& $this->db;
--
          // Sanitize
--        $serverKey  = Kit::ValidateParam($serverKey, _STRING);
--        $hardwareKey    = Kit::ValidateParam($hardwareKey, _STRING);
--        $fileType   = Kit::ValidateParam($fileType, _WORD);
--        $chunkOffset    = Kit::ValidateParam($chunkOffset, _INT);
--        $chunkSize  = Kit::ValidateParam($chunkSize, _INT);
--        $version    = Kit::ValidateParam($version, _STRING);
++        $serverKey = Kit::ValidateParam($serverKey, _STRING);
++        $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
++        $filePath = Kit::ValidateParam($filePath, _STRING);
++        $fileType = Kit::ValidateParam($fileType, _WORD);
++        $chunkOffset = Kit::ValidateParam($chunkOffset, _INT);
++        $chunkSize = Kit::ValidateParam($chunkSize, _INT);
          $libraryLocation = Config::GetSetting("LIBRARY_LOCATION");
--        // Make sure we are talking the same language
--        if (!$this->CheckVersion($version))
--        {
--            throw new SoapFault('Receiver', "Your client is not of the correct version for communication with this server.");
--        }
--
++        // Check the serverKey matches
          if ($serverKey != Config::GetSetting('SERVER_KEY'))
              throw new SoapFault('Sender', 'The Server key you entered does not match with the server key at this address');
@@ -401,60 +389,67 @@
          if (!$this->CheckBandwidth())
              throw new SoapFault('Receiver', "Bandwidth Limit exceeded");
--        //auth this request...
++        // Authenticate this request...
          if (!$this->AuthDisplay($hardwareKey))
--        {
              throw new SoapFault('Receiver', "This display client is not licensed");
--        }
          if ($this->isAuditing == 1)
--        {
--            Debug::LogEntry("audit", "[IN]", "xmds", "GetFile");
--            Debug::LogEntry("audit", "Params: [$hardwareKey] [$filePath] [$fileType] [$chunkOffset] [$chunkSize]", "xmds", "GetFile");
--        }
--
--        if ($fileType == "layout")
--        {
--            $filePath = Kit::ValidateParam($filePath, _INT);
--
--            $SQL = sprintf("SELECT xml FROM layout WHERE layoutid = %d", $filePath);
--            if (!$results = $db->query($SQL))
--            {
--                trigger_error($db->error());
++            Debug::LogEntry("audit", "[IN] Params: [$hardwareKey] [$filePath] [$fileType] [$chunkOffset] [$chunkSize]", "xmds", "GetFile", '', $this->displayId);
++
++        $nonce = new Nonce();
++
++        if ($fileType == "layout") {
++            $fileId = Kit::ValidateParam($filePath, _INT);
++
++            // Validate the nonce
++            if (!$nonce->AllowedFile('layout', $this->displayId, NULL, $fileId))
++                throw new SoapFault('Receiver', 'Requested an invalid file.');
++
++            try {
++                $dbh = PDOConnect::init();
++
++                $sth = $dbh->prepare('SELECT xml FROM layout WHERE layoutid = :layoutid');
++                $sth->execute(array('layoutid' => $fileId));
++
++                if (!$row = $sth->fetch())
++                    throw new Exception('No file found with that ID');
++
++                $file = $row['xml'];
++
++                // Store file size for bandwidth log
++                $chunkSize = strlen($file);
++            }
++            catch (Exception $e) {
++                Debug::LogEntry('error', $e->getMessage());
                  return new SoapFault('Receiver', 'Unable the find layout.');
+             }
--
--            $row = $db->get_row($results);
--            $file = $row[0];
--
--            // Store file size for bandwidth log
--            $chunkSize = strlen($file);
+         }
--        elseif ($fileType == "media")
++        else if ($fileType == "media")
+         {
--            $filePath = Kit::ValidateParam($filePath, _STRING);
--
++            // Get the ID
              if (strstr($filePath, '/') || strstr($filePath, '\\'))
--            {
                  throw new SoapFault('Receiver', "Invalid file path.");
--            }
++            // Validate the nonce
++            if (!$nonce->AllowedFile('oldfile', $this->displayId, $filePath))
++                throw new SoapFault('Receiver', 'Requested an invalid file.');
++
              // Return the Chunk size specified
--            $f = fopen($libraryLocation.$filePath,"r");
++            $f = fopen($libraryLocation . $filePath, 'r');
              fseek($f, $chunkOffset);
              $file = fread($f, $chunkSize);
++
++            // Store file size for bandwidth log
++            $chunkSize = strlen($file);
+         }
--        else
--        {
++        else {
              throw new SoapFault('Receiver', 'Unknown FileType Requested.');
+         }
--        if ($this->isAuditing == 1) Debug::LogEntry("audit", "[OUT]", "xmds", "GetFile");
--
          // Log Bandwidth
--        $this->LogBandwidth($this->displayId, 4, $chunkSize);
++        $this->LogBandwidth($this->displayId, Bandwidth::$GETFILE, $chunkSize);
          return $file;
+     }
@@ -466,18 +461,12 @@
       */
      function Schedule($serverKey, $hardwareKey, $version)
+     {
--        $db =& $this->db;
--
          // Sanitize
--        $serverKey  = Kit::ValidateParam($serverKey, _STRING);
--        $hardwareKey    = Kit::ValidateParam($hardwareKey, _STRING);
--        $version    = Kit::ValidateParam($version, _STRING);
++        $serverKey = Kit::ValidateParam($serverKey, _STRING);
++        $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
          $rfLookahead = Kit::ValidateParam(Config::GetSetting('REQUIRED_FILES_LOOKAHEAD'), _INT);
--        // Make sure we are talking the same language
--        if (!$this->CheckVersion($version))
--            throw new SoapFault('Sender', "Your client is not of the correct version for communication with this server.");
--
++        // Check the serverKey matches
          if ($serverKey != Config::GetSetting('SERVER_KEY'))
              throw new SoapFault('Sender', 'The Server key you entered does not match with the server key at this address');
@@ -489,9 +478,6 @@
          if (!$this->AuthDisplay($hardwareKey))
              throw new SoapFault('Sender', "This display client is not licensed");
--        if ($this->isAuditing == 1)
--            Debug::LogEntry("audit", "[IN] $hardwareKey", 'xmds', 'Schedule', '', $this->displayId);
--
          $scheduleXml = new DOMDocument("1.0");
          $layoutElements = $scheduleXml->createElement("schedule");
@@ -512,57 +498,70 @@
          if ($this->isAuditing == 1)
              Debug::LogEntry('audit', sprintf('FromDT = %s. ToDt = %s', date('Y-m-d h:i:s', $fromFilter), date('Y-m-d h:i:s', $toFilter)), 'xmds', 'Schedule', '', $this->displayId);
--
--        // Add file nodes to the $fileElements
--        // Firstly get all the scheduled layouts
--        $SQL  = " SELECT layout.layoutID, schedule_detail.FromDT, schedule_detail.ToDT, schedule_detail.eventID, schedule_detail.is_priority, ";
--        $SQL .= "  (SELECT GROUP_CONCAT(StoredAs) FROM media INNER JOIN lklayoutmedia ON lklayoutmedia.MediaID = media.MediaID WHERE lklayoutmedia.LayoutID = layout.LayoutID GROUP BY lklayoutmedia.LayoutID) AS Dependents";
--        $SQL .= " FROM `campaign` ";
--        $SQL .= " INNER JOIN schedule_detail ON schedule_detail.CampaignID = campaign.CampaignID ";
--        $SQL .= " INNER JOIN `lkcampaignlayout` ON lkcampaignlayout.CampaignID = campaign.CampaignID ";
--        $SQL .= " INNER JOIN `layout` ON lkcampaignlayout.LayoutID = layout.LayoutID ";
--        $SQL .= " INNER JOIN lkdisplaydg ON lkdisplaydg.DisplayGroupID = schedule_detail.DisplayGroupID ";
--        $SQL .= sprintf(" WHERE lkdisplaydg.DisplayID = %d  ", $this->displayId);
--        $SQL .= sprintf(" AND (schedule_detail.FromDT < %d AND schedule_detail.ToDT > %d )", $toFilter, $fromFilter);
--        $SQL .= "   AND layout.retired = 0  ";
--        $SQL .= " ORDER BY schedule_detail.DisplayOrder, lkcampaignlayout.DisplayOrder, schedule_detail.eventID ";
--
--        if ($this->isAuditing == 1)
--            Debug::LogEntry("audit", $SQL, 'xmds', 'Schedule', '', $this->displayId);
--
--        // Run the query
--        if (!$results = $db->query($SQL))
--        {
--            trigger_error($db->error());
++
++        try {
++            $dbh = PDOConnect::init();
++
++            // Get all the module dependants
++            $sth = $dbh->prepare("SELECT DISTINCT StoredAs FROM `media` WHERE media.type = 'font' OR (media.type = 'module' AND media.moduleSystemFile = 1) ");
++            $sth->execute(array());
++            $rows = $sth->fetchAll();
++            $moduleDependents = array();
++
++            foreach($rows as $dependent)
++                $moduleDependents[] = $dependent['StoredAs'];
++
++            // Add file nodes to the $fileElements
++            // Firstly get all the scheduled layouts
++            $SQL  = " SELECT layout.layoutID, schedule_detail.FromDT, schedule_detail.ToDT, schedule.eventID, schedule.is_priority, ";
++            $SQL .= "  (SELECT GROUP_CONCAT(DISTINCT StoredAs) FROM media INNER JOIN lklayoutmedia ON lklayoutmedia.MediaID = media.MediaID WHERE lklayoutmedia.LayoutID = layout.LayoutID AND lklayoutmedia.regionID <> 'module' GROUP BY lklayoutmedia.LayoutID) AS Dependents";
++            $SQL .= " FROM `campaign` ";
++            $SQL .= " INNER JOIN schedule ON schedule.CampaignID = campaign.CampaignID ";
++            $SQL .= " INNER JOIN schedule_detail ON schedule_detail.eventID = schedule.eventID ";
++            $SQL .= " INNER JOIN `lkcampaignlayout` ON lkcampaignlayout.CampaignID = campaign.CampaignID ";
++            $SQL .= " INNER JOIN `layout` ON lkcampaignlayout.LayoutID = layout.LayoutID ";
++            $SQL .= " INNER JOIN lkdisplaydg ON lkdisplaydg.DisplayGroupID = schedule_detail.DisplayGroupID ";
++            $SQL .= " WHERE lkdisplaydg.DisplayID = :displayId ";
++            $SQL .= " AND (schedule_detail.FromDT < :fromdt AND schedule_detail.ToDT > :todt )";
++            $SQL .= "   AND layout.retired = 0  ";
++            $SQL .= " ORDER BY schedule.DisplayOrder, lkcampaignlayout.DisplayOrder, schedule_detail.eventID ";
++
++            $sth = $dbh->prepare($SQL);
++            $sth->execute(array(
++                    'displayId' => $this->displayId,
++                    'fromdt' => $toFilter,
++                    'todt' => $fromFilter
++                ));
++
++            // We must have some results in here by this point
++            foreach ($sth->fetchAll() as $row) {
++                $layoutid = $row[0];
++                $fromdt = date('Y-m-d H:i:s', $row[1]);
++                $todt = date('Y-m-d H:i:s', $row[2]);
++                $scheduleid = $row[3];
++                $is_priority = Kit::ValidateParam($row[4], _INT);
++                $dependents = implode(',', $moduleDependents) . ',' . Kit::ValidateParam($row[5], _STRING);
++
++                // Add a layout node to the schedule
++                $layout = $scheduleXml->createElement("layout");
++
++                $layout->setAttribute("file", $layoutid);
++                $layout->setAttribute("fromdt", $fromdt);
++                $layout->setAttribute("todt", $todt);
++                $layout->setAttribute("scheduleid", $scheduleid);
++                $layout->setAttribute("priority", $is_priority);
++                $layout->setAttribute("dependents", $dependents);
++
++                $layoutElements->appendChild($layout);
++            }
++        }
++        catch (Exception $e) {
++            Debug::LogEntry('error', $e->getMessage());
              return new SoapFault('Unable to get A list of layouts for the schedule');
+         }
--        // We must have some results in here by this point
--        while ($row = $db->get_row($results))
--        {
--            $layoutid       = $row[0];
--            $fromdt         = date('Y-m-d H:i:s', $row[1]);
--            $todt           = date('Y-m-d H:i:s', $row[2]);
--            $scheduleid     = $row[3];
--            $is_priority    = Kit::ValidateParam($row[4], _INT);
--            $dependents = Kit::ValidateParam($row[5], _STRING);
--
--            // Add a layout node to the schedule
--            $layout = $scheduleXml->createElement("layout");
--
--            $layout->setAttribute("file", $layoutid);
--            $layout->setAttribute("fromdt", $fromdt);
--            $layout->setAttribute("todt", $todt);
--            $layout->setAttribute("scheduleid", $scheduleid);
--            $layout->setAttribute("priority", $is_priority);
--            $layout->setAttribute("dependents", $dependents);
--
--            $layoutElements->appendChild($layout);
--        }
--
          // Are we interleaving the default?
--        if ($this->includeSchedule == 1)
--        {
++        if ($this->includeSchedule == 1) {
              // Add as a node at the end of the schedule.
              $layout = $scheduleXml->createElement("layout");
@@ -571,6 +570,7 @@
              $layout->setAttribute("todt", '2030-01-19 00:00:00');
              $layout->setAttribute("scheduleid", 0);
              $layout->setAttribute("priority", 0);
++            $layout->setAttribute("dependents", implode(',', $moduleDependents));
              $layoutElements->appendChild($layout);
+         }
@@ -580,16 +580,25 @@
          $default->setAttribute("file", $this->defaultLayoutId);
          $layoutElements->appendChild($default);
++        // Add on a list of global dependants
++        $globalDependents = $scheduleXml->createElement("dependants");
++
++        foreach ($moduleDependents as $dep) {
++            $dependent = $scheduleXml->createElement("file", $dep);
++            $globalDependents->appendChild($dependent);
++        }
++        $layoutElements->appendChild($globalDependents);
++
          // Format the output
          $scheduleXml->formatOutput = true;
          if ($this->isAuditing == 1)
--            Debug::LogEntry("audit", $scheduleXml->saveXML(), 'xmds', 'Schedule', '', $this->displayId);
++            Debug::LogEntry("audit", $scheduleXml->saveXML(), "xmds", "Schedule");
          $output = $scheduleXml->saveXML();
          // Log Bandwidth
--        $this->LogBandwidth($this->displayId, 3, strlen($output));
++        $this->LogBandwidth($this->displayId, Bandwidth::$SCHEDULE, strlen($output));
          return $output;
+     }
@@ -603,22 +612,14 @@
       */
      function BlackList($serverKey, $hardwareKey, $mediaId, $type, $reason, $version)
+     {
--        $db =& $this->db;
--
          // Sanitize
--        $serverKey      = Kit::ValidateParam($serverKey, _STRING);
--        $hardwareKey    = Kit::ValidateParam($hardwareKey, _STRING);
--        $mediaId        = Kit::ValidateParam($mediaId, _STRING);
--        $type           = Kit::ValidateParam($type, _STRING);
--        $reason         = Kit::ValidateParam($reason, _STRING);
--        $version        = Kit::ValidateParam($version, _STRING);
--
--        // Make sure we are talking the same language
--        if (!$this->CheckVersion($version))
--        {
--                throw new SoapFault('Receiver', "Your client is not of the correct version for communication with this server.", $serverKey);
--        }
--
++        $serverKey = Kit::ValidateParam($serverKey, _STRING);
++        $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
++        $mediaId = Kit::ValidateParam($mediaId, _STRING);
++        $type = Kit::ValidateParam($type, _STRING);
++        $reason = Kit::ValidateParam($reason, _STRING);
++
++        // Check the serverKey matches
          if ($serverKey != Config::GetSetting('SERVER_KEY'))
              throw new SoapFault('Sender', 'The Server key you entered does not match with the server key at this address');
@@ -626,58 +627,67 @@
          if (!$this->CheckBandwidth())
              throw new SoapFault('Receiver', "Bandwidth Limit exceeded");
--        // Auth this request...
++        // Authenticate this request...
          if (!$this->AuthDisplay($hardwareKey))
--        {
--                throw new SoapFault('Receiver', "This display client is not licensed", $hardwareKey);
++            throw new SoapFault('Receiver', "This display client is not licensed", $hardwareKey);
++
++        if ($this->isAuditing == 1)
++            Debug::LogEntry( "audit", "[IN] $xml", "xmds", "BlackList", "", $this->displayId);
++
++        try {
++            $dbh = PDOConnect::init();
++
++            // Check to see if this media / display is already blacklisted (and not ignored)
++            $sth = $dbh->prepare('SELECT BlackListID FROM blacklist WHERE MediaID = :mediaid AND isIgnored = 0 AND DisplayID = :displayid');
++            $sth->execute(array(
++                    'mediaid' => $mediaId,
++                    'displayid' => $this->displayId
++                ));
++
++            $results = $sth->fetchAll();
++
++            if (count($results) == 0) {
++
++                $insertSth = $dbh->prepare('
++                        INSERT INTO blacklist (MediaID, DisplayID, ReportingDisplayID, Reason)
++                            VALUES (:mediaid, :displayid, :reportingdisplayid, :reason)
++                    ');
++
++                // Insert the black list record
++                if ($type == BLACKLIST_SINGLE) {
++                    $insertSth->execute(array(
++                            'mediaid' => $mediaId,
++                            'displayid' => $displayId,
++                            'reportingdisplayid' => $this->displayId,
++                            'reason' => $reason
++                        ));
++                }
++                else {
++                    $displaySth = $dbh->prepare('SELECT displayID FROM `display`');
++                    $displaySth->execute();
++
++                    foreach ($displaySth->fetchAll() as $row) {
++
++                        $insertSth->execute(array(
++                            'mediaid' => $mediaId,
++                            'displayid' => $row['displayID'],
++                            'reportingdisplayid' => $this->displayId,
++                            'reason' => $reason
++                        ));
++                    }
++                }
++            }
++            else {
++                if ($this->isAuditing == 1)
++                    Debug::LogEntry( "audit", "Media Already BlackListed [$mediaId]", "xmds", "BlackList", "", $this->displayId);
++            }
+         }
--
--        if ($this->isAuditing == 1) Debug::LogEntry( "audit", "[IN]", "xmds", "BlackList", "", $this->displayId);
--        if ($this->isAuditing == 1) Debug::LogEntry( "audit", "$xml", "xmds", "BlackList", "", $this->displayId);
--
--        // Check to see if this media/display is already blacklisted (and not ignored)
--        $SQL = "SELECT BlackListID FROM blacklist WHERE MediaID = $mediaId AND isIgnored = 0 AND DisplayID = " . $this->displayId;
--
--        if (!$results = $db->query($SQL))
--        {
--            trigger_error($db->error());
++        catch (Exception $e) {
++            Debug::LogEntry('error', $e->getMessage());
              return new SoapFault("Unable to query for BlackList records.");
+         }
--        if ($db->num_rows($results) == 0)
--        {
--            // Insert the black list record
--            $SQL = "SELECT displayID FROM display";
--
--            if ($type == BLACKLIST_SINGLE)
--                $SQL .= " WHERE displayID = " . $this->displayId;
--
--            if (!$displays = $db->query($SQL))
--            {
--                trigger_error($db->error());
--                return new SoapFault("Unable to query for BlackList Displays.");
--            }
--
--            while ($row = $db->get_row($displays))
--            {
--                $displayId = $row[0];
--
--                $SQL = "INSERT INTO blacklist (MediaID, DisplayID, ReportingDisplayID, Reason)
--                            VALUES ($mediaId, $displayId, " . $this->displayId . ", '$reason') ";
--
--                if (!$db->query($SQL))
--                {
--                    trigger_error($db->error());
--                    return new SoapFault("Unable to insert BlackList records.");
--                }
--            }
--        }
--        else
--        {
--            if ($this->isAuditing == 1) Debug::LogEntry( "audit", "Media Already BlackListed [$mediaId]", "xmds", "BlackList", "", $this->displayId);
--        }
--
--        if ($this->isAuditing == 1) Debug::LogEntry( "audit", "[OUT]", "xmds", "BlackList", "", $this->displayId);
++        $this->LogBandwidth($this->displayId, Bandwidth::$BLACKLIST, strlen($reason));
          return true;
+     }
@@ -685,111 +695,91 @@
      /**
       * Submit client logging
       * @return
--     * @param $version Object
       * @param $serverKey Object
       * @param $hardwareKey Object
       * @param $logXml Object
       */
      function SubmitLog($version, $serverKey, $hardwareKey, $logXml)
+     {
--        $db =& $this->db;
--
          // Sanitize
--        $serverKey  = Kit::ValidateParam($serverKey, _STRING);
--        $hardwareKey    = Kit::ValidateParam($hardwareKey, _STRING);
--        $version    = Kit::ValidateParam($version, _STRING);
--        $logXml     = Kit::ValidateParam($logXml, _HTMLSTRING);
--
--        // Make sure we are talking the same language
--        if (!$this->CheckVersion($version))
--        {
--            throw new SoapFault('Sender', "Your client is not of the correct version for communication with this server.");
--        }
--
++        $serverKey = Kit::ValidateParam($serverKey, _STRING);
++        $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
++        $logXml = Kit::ValidateParam($logXml, _HTMLSTRING);
++
++        // Check the serverKey matches
          if ($serverKey != Config::GetSetting('SERVER_KEY'))
--            throw new SoapFault('Sender', 'The Server key you entered does not match with the server key at this address');
--
++            throw new SoapFault('Sender', 'The Server key you entered does not match with the server key at this address. ');
++
          // Make sure we are sticking to our bandwidth limit
          if (!$this->CheckBandwidth())
              throw new SoapFault('Receiver', "Bandwidth Limit exceeded");
          // Auth this request...
          if (!$this->AuthDisplay($hardwareKey))
--        {
              throw new SoapFault('Sender', 'This display client is not licensed.');
--        }
--
--        if ($this->isAuditing == 1) Debug::LogEntry( "audit", "IN", "xmds", "SubmitLog", "", $this->displayId);
--        if ($this->isAuditing == 1) Debug::LogEntry( "audit", 'XML [' . $logXml . ']', "xmds", "SubmitLog", "", $this->displayId);
++
++        if ($this->isAuditing == 1)
++            Debug::LogEntry( "audit", 'IN. XML [' . $logXml . ']', "xmds", "SubmitLog", "", $this->displayId);
          // Load the XML into a DOMDocument
          $document = new DOMDocument("1.0");
          if (!$document->loadXML($logXml))
--        {
              throw new SoapFault('Receiver', "XML Cannot be loaded into DOM Document.");
--        }
--        foreach ($document->documentElement->childNodes as $node)
--        {
++        foreach ($document->documentElement->childNodes as $node) {
++
              // Make sure we dont consider any text nodes
--            if ($node->nodeType == XML_TEXT_NODE) continue;
++            if ($node->nodeType == XML_TEXT_NODE)
++                continue;
--            //Zero out the common vars
--            $date       = "";
--            $message    = "";
++            // Zero out the common vars
++            $date = "";
++            $message = "";
              $scheduleID = "";
--            $layoutID   = "";
--            $mediaID    = "";
--            $cat        = '';
--            $method     = '';
++            $layoutID = "";
++            $mediaID = "";
++            $cat = '';
++            $method = '';
              $thread = '';
              // This will be a bunch of trace nodes
              $message = $node->textContent;
--            if ($this->isAuditing == 1)
--                Debug::LogEntry( "audit", 'Trace Message: [' . $message . ']', "xmds", "SubmitLog", "", $this->displayId);
++            // if ($this->isAuditing == 1)
++            //    Debug::LogEntry("audit", 'Trace Message: [' . $message . ']', "xmds", "SubmitLog", "", $this->displayId);
              // Each element should have a category and a date
--            $date   = $node->getAttribute('date');
--            $cat    = strtolower($node->getAttribute('category'));
++            $date = $node->getAttribute('date');
++            $cat = strtolower($node->getAttribute('category'));
--            if ($date == '' || $cat == '')
--            {
++            if ($date == '' || $cat == '') {
                  trigger_error('Log submitted without a date or category attribute');
                  continue;
+             }
              // Get the date and the message (all log types have these)
--            foreach ($node->childNodes as $nodeElements)
--            {
--                if ($nodeElements->nodeName == "scheduleID")
--                {
++            foreach ($node->childNodes as $nodeElements) {
++
++                if ($nodeElements->nodeName == "scheduleID") {
                      $scheduleID = $nodeElements->textContent;
+                 }
--                else if ($nodeElements->nodeName == "layoutID")
--                {
++                else if ($nodeElements->nodeName == "layoutID") {
                      $layoutID = $nodeElements->textContent;
+                 }
--                else if ($nodeElements->nodeName == "mediaID")
--                {
++                else if ($nodeElements->nodeName == "mediaID") {
                      $mediaID = $nodeElements->textContent;
+                 }
--                else if ($nodeElements->nodeName == "type")
--                {
++                else if ($nodeElements->nodeName == "type") {
                      $type = $nodeElements->textContent;
+                 }
--                else if ($nodeElements->nodeName == "method")
--                {
++                else if ($nodeElements->nodeName == "method") {
                      $method = $nodeElements->textContent;
+                 }
--                else if ($nodeElements->nodeName == "message")
--                {
++                else if ($nodeElements->nodeName == "message") {
                      $message = $nodeElements->textContent;
+                 }
--                else if ($nodeElements->nodeName == "thread")
--                {
++                else if ($nodeElements->nodeName == "thread") {
                      if ($nodeElements->textContent != '')
                          $thread = '[' . $nodeElements->textContent . '] ';
+                 }
@@ -805,7 +795,7 @@
              Debug::LogEntry($logType, $message, 'Client', $thread . $method, $date, $this->displayId, $scheduleID, $layoutID, $mediaID);
+         }
--        if ($this->isAuditing == 1) Debug::LogEntry( "audit", "OUT", "xmds", "SubmitLog", "", $this->displayId);
++        $this->LogBandwidth($this->displayId, Bandwidth::$SUBMITLOG, strlen($logXml));
          return true;
+     }
@@ -813,100 +803,84 @@
      /**
       * Submit display statistics to the server
       * @return
--     * @param $version Object
       * @param $serverKey Object
       * @param $hardwareKey Object
       * @param $statXml Object
       */
      function SubmitStats($version, $serverKey, $hardwareKey, $statXml)
+     {
--        $db =& $this->db;
--
          // Sanitize
--        $serverKey      = Kit::ValidateParam($serverKey, _STRING);
--        $hardwareKey    = Kit::ValidateParam($hardwareKey, _STRING);
--        $version        = Kit::ValidateParam($version, _STRING);
--        $statXml        = Kit::ValidateParam($statXml, _HTMLSTRING);
--
--        // Make sure we are talking the same language
--        if (!$this->CheckVersion($version))
--        {
--            throw new SoapFault('Receiver', "Your client is not of the correct version for communication with this server.");
--        }
--
++        $serverKey = Kit::ValidateParam($serverKey, _STRING);
++        $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
++        $statXml = Kit::ValidateParam($statXml, _HTMLSTRING);
++
++        // Check the serverKey matches
          if ($serverKey != Config::GetSetting('SERVER_KEY'))
              throw new SoapFault('Sender', 'The Server key you entered does not match with the server key at this address');
--
++
          // Make sure we are sticking to our bandwidth limit
          if (!$this->CheckBandwidth())
              throw new SoapFault('Receiver', "Bandwidth Limit exceeded");
          // Auth this request...
          if (!$this->AuthDisplay($hardwareKey))
--        {
              throw new SoapFault('Receiver', "This display client is not licensed");
--        }
--
--        if ($this->isAuditing == 1) Debug::LogEntry( "audit", "IN", "xmds", "SubmitStats", "", $this->displayId);
--        if ($this->isAuditing == 1) Debug::LogEntry( "audit", "StatXml: [" . $statXml . "]", "xmds", "SubmitStats", "", $this->displayId);
++
++        if ($this->isAuditing == 1)
++            Debug::LogEntry( "audit", "IN. StatXml: [" . $statXml . "]", "xmds", "SubmitStats", "", $this->displayId);
          if ($statXml == "")
--        {
              throw new SoapFault('Receiver', "Stat XML is empty.");
--        }
--
--        // Log
--        if ($this->isAuditing == 1) Debug::LogEntry( "audit", "About to create Stat Object.", "xmds", "SubmitStats", "", $this->displayId);
--
--        $statObject = new Stat($db);
--
--        // Log
--        if ($this->isAuditing == 1) Debug::LogEntry( "audit", "About to Create DOMDocument.", "xmds", "SubmitStats", "", $this->displayId);
++
++        // Log
++        $statObject = new Stat();
++
++        // Log
++        if ($this->isAuditing == 1)
++            Debug::LogEntry( "audit", "About to Create DOMDocument.", "xmds", "SubmitStats", "", $this->displayId);
          // Load the XML into a DOMDocument
          $document = new DOMDocument("1.0");
          $document->loadXML($statXml);
--        foreach ($document->documentElement->childNodes as $node)
--        {
++        foreach ($document->documentElement->childNodes as $node) {
              // Make sure we dont consider any text nodes
--            if ($node->nodeType == XML_TEXT_NODE) continue;
++            if ($node->nodeType == XML_TEXT_NODE)
++                continue;
--            //Zero out the common vars
++            // Zero out the common vars
              $fromdt = '';
--            $todt   = '';
--            $type   = '';
++            $todt = '';
++            $type = '';
              $scheduleID = 0;
--            $layoutID   = 0;
--            $mediaID    = '';
--            $tag    = '';
++            $layoutID = 0;
++            $mediaID = '';
++            $tag = '';
              // Each element should have these attributes
              $fromdt = $node->getAttribute('fromdt');
--            $todt   = $node->getAttribute('todt');
--            $type   = $node->getAttribute('type');
++            $todt = $node->getAttribute('todt');
++            $type = $node->getAttribute('type');
--            if ($fromdt == '' || $todt == '' || $type == '')
--            {
++            if ($fromdt == '' || $todt == '' || $type == '') {
                  trigger_error('Stat submitted without the fromdt, todt or type attributes.');
                  continue;
+             }
              $scheduleID = $node->getAttribute('scheduleid');
--            $layoutID   = $node->getAttribute('layoutid');
--            $mediaID    = $node->getAttribute('mediaid');
--            $tag    = $node->getAttribute('tag');
++            $layoutID = $node->getAttribute('layoutid');
++            $mediaID = $node->getAttribute('mediaid');
++            $tag = $node->getAttribute('tag');
              // Write the stat record with the information we have available to us.
--            if (!$statObject->Add($type, $fromdt, $todt, $scheduleID, $this->displayId, $layoutID, $mediaID, $tag))
--            {
++            if (!$statObject->Add($type, $fromdt, $todt, $scheduleID, $this->displayId, $layoutID, $mediaID, $tag)) {
                  trigger_error(sprintf('Stat Add failed with error: %s', $statObject->GetErrorMessage()));
                  continue;
+             }
+         }
--        if ($this->isAuditing == 1) Debug::LogEntry( "audit", "OUT", "xmds", "SubmitStats", "", $this->displayId);
++        $this->LogBandwidth($this->displayId, Bandwidth::$SUBMITSTATS, strlen($statXml));
          return true;
+     }
@@ -918,18 +892,12 @@
       */
      public function MediaInventory($version, $serverKey, $hardwareKey, $inventory)
+     {
--        $db =& $this->db;
--
          // Sanitize
--        $serverKey  = Kit::ValidateParam($serverKey, _STRING);
--        $hardwareKey    = Kit::ValidateParam($hardwareKey, _STRING);
--        $version    = Kit::ValidateParam($version, _STRING);
--        $inventory  = Kit::ValidateParam($inventory, _HTMLSTRING);
--
--        // Make sure we are talking the same language
--        if (!$this->CheckVersion($version))
--            throw new SoapFault('Receiver', "Your client is not of the correct version for communication with this server.");
--
++        $serverKey = Kit::ValidateParam($serverKey, _STRING);
++        $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
++        $inventory = Kit::ValidateParam($inventory, _HTMLSTRING);
++
++        // Check the serverKey matches
          if ($serverKey != Config::GetSetting('SERVER_KEY'))
              throw new SoapFault('Sender', 'The Server key you entered does not match with the server key at this address');
@@ -941,7 +909,8 @@
          if (!$this->AuthDisplay($hardwareKey))
              throw new SoapFault('Receiver', 'This display client is not licensed');
--        if ($this->isAuditing == 1) Debug::LogEntry( 'audit', $inventory, 'xmds', 'MediaInventory', '', $this->displayId);
++        if ($this->isAuditing == 1)
++            Debug::LogEntry( 'audit', $inventory, 'xmds', 'MediaInventory', '', $this->displayId);
          // Check that the $inventory contains something
          if ($inventory == '')
@@ -951,20 +920,13 @@
          $document = new DOMDocument("1.0");
          $document->loadXML($inventory);
--        // Get some information from the media inventory XML and update the display record with it.
--        $macAddress = Kit::ValidateParam($document->documentElement->getAttribute('macAddress'), _STRING);
--        $clientType = Kit::ValidateParam($document->documentElement->getAttribute('clientType'), _STRING);
--        $clientVersion = Kit::ValidateParam($document->documentElement->getAttribute('clientVersion'), _STRING);
--        $clientCode = Kit::ValidateParam($document->documentElement->getAttribute('clientCode'), _INT);
--
          // Assume we are complete (but we are getting some)
          $mediaInventoryComplete = 1;
          $xpath = new DOMXPath($document);
          $fileNodes = $xpath->query("//file");
--        foreach ($fileNodes as $node)
--        {
++        foreach ($fileNodes as $node) {
              $mediaId = $node->getAttribute('id');
              $complete = $node->getAttribute('complete');
              $md5 = $node->getAttribute('md5');
@@ -978,8 +940,10 @@
+         }
          // Touch the display record
--        $displayObject = new Display($db);
--        $displayObject->Touch($hardwareKey, '', $mediaInventoryComplete, $inventory, $macAddress, $clientType, $clientVersion, $clientCode);
++        $displayObject = new Display();
++        $displayObject->Touch($this->displayId, array('mediaInventoryStatus' => $mediaInventoryComplete, 'mediaInventoryXml' => $inventory));
++
++        $this->LogBandwidth($this->displayId, Bandwidth::$MEDIAINVENTORY, strlen($inventory));
          return true;
+     }
@@ -991,24 +955,17 @@
       * @param <type> $layoutId
       * @param <type> $regionId
       * @param <type> $mediaId
--     * @param <type> $version
       */
      function GetResource($serverKey, $hardwareKey, $layoutId, $regionId, $mediaId, $version)
+     {
--        $db =& $this->db;
--
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
          $layoutId = Kit::ValidateParam($layoutId, _INT);
          $regionId = Kit::ValidateParam($regionId, _STRING);
          $mediaId = Kit::ValidateParam($mediaId, _STRING);
--        $version = Kit::ValidateParam($version, _STRING);
--
--        // Make sure we are talking the same language
--        if (!$this->CheckVersion($version))
--            throw new SoapFault('Receiver', "Your client is not of the correct version for communication with this server.");
--
++
++        // Check the serverKey matches
          if ($serverKey != Config::GetSetting('SERVER_KEY'))
              throw new SoapFault('Sender', 'The Server key you entered does not match with the server key at this address');
@@ -1020,23 +977,32 @@
          if (!$this->AuthDisplay($hardwareKey))
              throw new SoapFault('Receiver', "This display client is not licensed");
++        // Validate the nonce
++        $nonce = new Nonce();
++        if (!$nonce->AllowedFile('resource', $this->displayId, NULL, $layoutId, $regionId, $mediaId))
++            throw new SoapFault('Receiver', 'Requested an invalid file.');
++
          // What type of module is this?
          Kit::ClassLoader('region');
--        $region = new region($db);
++        $region = new region();
          $type = $region->GetMediaNodeType($layoutId, $regionId, $mediaId);
          if ($type == '')
              throw new SoapFault('Receiver', 'Unable to get the media node type');
          // Dummy User Object
--        $user = new User($db);
++        $user = new User();
          $user->userid = 0;
          $user->usertypeid = 1;
++        // Initialise the theme (for global styles in GetResource)
++        new Theme($user);
++        Theme::SetPagename('module');
++
          // Get the resource from the module
          require_once('modules/' . $type . '.module.php');
--        if (!$module = new $type($db, $user, $mediaId, $layoutId, $regionId))
++        if (!$module = new $type(new Database(), $user, $mediaId, $layoutId, $regionId))
              throw new SoapFault('Receiver', 'Cannot create module. Check CMS Log');
          $resource = $module->GetResource($this->displayId);
@@ -1045,7 +1011,7 @@
              throw new SoapFault('Receiver', 'Unable to get the media resource');
          // Log Bandwidth
--        $this->LogBandwidth($this->displayId, 5, strlen($resource));
++        $this->LogBandwidth($this->displayId, Bandwidth::$GETRESOURCE, strlen($resource));
          return $resource;
+     }
@@ -1053,19 +1019,13 @@
      /**
       * PHONE_HOME if required
       */
--    private function PhoneHome() {
--
--        if (Config::GetSetting('PHONE_HOME') == 'On')
--        {
++    private function PhoneHome()
++    {
++        if (Config::GetSetting('PHONE_HOME') == 'On') {
              // Find out when we last PHONED_HOME :D
              // If it's been > 28 days since last PHONE_HOME then
--            if (Config::GetSetting('PHONE_HOME_DATE') < (time() - (60 * 60 * 24 * 28)))
--            {
--                if ($this->isAuditing == 1)
--                {
--                    Debug::LogEntry("audit", "PHONE_HOME [IN]", "xmds", "RequiredFiles");
--                }
--
++            if (Config::GetSetting('PHONE_HOME_DATE') < (time() - (60 * 60 * 24 * 28))) {
++
                  try {
                      $dbh = PDOConnect::init();
@@ -1110,90 +1070,94 @@
       * @param <type> $hardwareKey
       * @return <type>
       */
--    private function AuthDisplay($hardwareKey)
--    {
--    $db =& $this->db;
--
--    // check in the database for this hardwareKey
--    $SQL = "SELECT licensed, inc_schedule, isAuditing, displayID, defaultlayoutid, loggedin, email_alert, display, version_instructions FROM display WHERE license = '$hardwareKey'";
--
--        if (!$result = $db->query($SQL))
--    {
--            trigger_error("License key query failed:" .$db->error());
++    private function AuthDisplay($hardwareKey, $status = NULL)
++    {
++        try {
++            $dbh = PDOConnect::init();
++
++            $sth = $dbh->prepare('
++                SELECT licensed, inc_schedule, isAuditing, displayID, defaultlayoutid, loggedin,
++                    email_alert, display, version_instructions, client_type, client_code, client_version
++                  FROM display
++                 WHERE license = :hardwareKey
++                ');
++
++            $sth->execute(array(
++                    'hardwareKey' => $hardwareKey
++                ));
++
++            $result = $sth->fetchAll();
++
++            // Is it there?
++            if (count($result) == 0)
++                return false;
++
++            // We have seen this display before, so check the licensed value
++            $row = $result[0];
++
++            if ($row['licensed'] == 0)
++                return false;
++
++            // See if the client was off-line and if appropriate send an alert
++            // to say that it has come back on-line
++            $this->AlertDisplayUp($row['displayID'], $row['display'], $row['loggedin'], $row['email_alert']);
++
++            // It is licensed?
++            $this->licensed = true;
++            $this->includeSchedule = $row['inc_schedule'];
++            $this->isAuditing = $row['isAuditing'];
++            $this->displayId = $row['displayID'];
++            $this->defaultLayoutId = $row['defaultlayoutid'];
++            $this->version_instructions = $row['version_instructions'];
++            $this->clientType = $row['client_type'];
++            $this->clientVersion = $row['client_version'];
++            $this->clientCode = $row['client_code'];
++
++            // Last accessed date on the display
++            $displayObject = new Display();
++            $displayObject->Touch($this->displayId, array('clientAddress' => Kit::GetParam('REMOTE_ADDR', $_SERVER, _STRING)));
++
++            return true;
++        }
++        catch (Exception $e) {
++            Debug::LogEntry('error', $e->getMessage());
              return false;
++        }
+     }
--    //Is it there?
--    if ($db->num_rows($result) == 0)
--            return false;
--
--        //we have seen this display before, so check the licensed value
--        $row = $db->get_row($result);
--
--        if ($row[0] == 0)
--            return false;
--
--        // Pull the client IP address
--        $clientAddress = Kit::GetParam('REMOTE_ADDR', $_SERVER, _STRING);
--
--        // See if the client was offline and if appropriate send an alert
--        // to say that it has come back online
--        if ($row[5] == 0 && $row[6] == 1
--            && (Config::GetSetting('MAINTENANCE_ENABLED') == 'On' || Config::GetSetting('MAINTENANCE_ENABLED') == 'Protected')
--            && Config::GetSetting('MAINTENANCE_EMAIL_ALERTS') == 'On')
--        {
--            $msgTo    = Kit::ValidateParam(Config::GetSetting("mail_to"),_PASSWORD);
--            $msgFrom  = Kit::ValidateParam(Config::GetSetting("mail_from"),_PASSWORD);
--
--            $subject  = sprintf(__("Recovery for Display %s"),$row[7]);
--            $body     = sprintf(__("Display %s with ID %d is now back online."), $row[7], $row[3]);
--
--            // Get a list of people that have view access to the display?
--            if (Config::GetSetting('MAINTENANCE_ALERTS_FOR_VIEW_USERS') == 1) {
--                foreach (Display::getUsers($row[3]) as $user) {
--                    if ($user['email'] != '') {
--                        Kit::SendEmail($user['email'], $msgFrom, $subject, $body);
++    private function AlertDisplayUp($displayId, $display, $loggedIn, $emailAlert)
++    {
++        $maintenanceEnabled = Config::GetSetting('MAINTENANCE_ENABLED');
++
++        if ($loggedIn == 0) {
++
++            // Log display up
++            $statObject = new Stat();
++            $statObject->displayUp($displayId);
++
++            // Do we need to email?
++            if ($emailAlert == 1 && ($maintenanceEnabled == 'On' || $maintenanceEnabled == 'Protected')
++                && Config::GetSetting('MAINTENANCE_EMAIL_ALERTS') == 'On') {
++
++                $msgTo = Kit::ValidateParam(Config::GetSetting("mail_to") ,_PASSWORD);
++                $msgFrom = Kit::ValidateParam(Config::GetSetting("mail_from"), _PASSWORD);
++
++                $subject = sprintf(__("Recovery for Display %s"), $display);
++                $body = sprintf(__("Display %s with ID %d is now back online."), $display, $displayId);
++
++                // Get a list of people that have view access to the display?
++                if (Config::GetSetting('MAINTENANCE_ALERTS_FOR_VIEW_USERS') == 1) {
++                    foreach (Display::getUsers($displayId) as $user) {
++                        if ($user['email'] != '') {
++                            Kit::SendEmail($user['email'], $msgFrom, $subject, $body);
++                        }
+                     }
+                 }
++
++                // Send to the original admin contact
++                Kit::SendEmail($msgTo, $msgFrom, $subject, $body);
+             }
--
--            Kit::SendEmail($msgTo, $msgFrom, $subject, $body);
--        }
--
--        // Last accessed date on the display
--        $displayObject = new Display($db);
--        $displayObject->Touch($hardwareKey, $clientAddress);
--
--        // It is licensed?
--        $this->licensed = true;
--        $this->includeSchedule = $row[1];
--        $this->isAuditing = $row[2];
--        $this->displayId = $row[3];
--        $this->defaultLayoutId = $row[4];
--        $this->version_instructions = $row[8];
--
--        return true;
--    }
--
--    /**
--     * Checks that the calling service is talking the correct version
--     * @return
--     * @param $version Object
--     */
--    private function CheckVersion($version)
--    {
--        $db =& $this->db;
--
--        // Look up the Service XMDS version from the Version table
--        $serverVersion = Config::Version('XmdsVersion');
--
--        if ($version != $serverVersion)
--        {
--            Debug::LogEntry('audit', sprintf('A Client with an incorrect version connected. Client Version: [%s] Server Version [%s]', $version, $serverVersion));
--            return false;
--        }
--
--        return true;
++        }
+     }
      /**
@@ -1206,13 +1170,23 @@
          if ($xmdsLimit <= 0)
              return true;
--        // Test bandwidth for the current month
--        $startOfMonth = strtotime(date('m').'/02/'.date('Y').' 00:00:00');
--
--        $sql = sprintf('SELECT IFNULL(SUM(Size), 0) AS BandwidthUsage FROM `bandwidth` WHERE Month = %d', $startOfMonth);
--        $bandwidthUsage = $this->db->GetSingleValue($sql, 'BandwidthUsage', _INT);
--
--        return ($bandwidthUsage >= ($xmdsLimit * 1024)) ? false : true;
++        try {
++            $dbh = PDOConnect::init();
++
++            // Test bandwidth for the current month
++            $sth = $dbh->prepare('SELECT IFNULL(SUM(Size), 0) AS BandwidthUsage FROM `bandwidth` WHERE Month = :month');
++            $sth->execute(array(
++                    'month' => strtotime(date('m').'/02/'.date('Y').' 00:00:00')
++                ));
++
++            $bandwidthUsage = $sth->fetchColumn(0);
++
++            return ($bandwidthUsage >= ($xmdsLimit * 1024)) ? false : true;
++        }
++        catch (Exception $e) {
++            Debug::LogEntry('error', $e->getMessage());
++            return false;
++        }
+     }
      /**
@@ -1222,16 +1196,9 @@
       * @param <type> $sizeInBytes
       */
      private function LogBandwidth($displayId, $type, $sizeInBytes)
--    {
--        $startOfMonth = strtotime(date('m').'/02/'.date('Y').' 00:00:00');
--
--        $sql  = "INSERT INTO `bandwidth` (Month, Type, DisplayID, Size) VALUES (%d, %d, %d, %d) ";
--        $sql .= "ON DUPLICATE KEY UPDATE Size = Size + %d ";
--        $sql  = sprintf($sql, $startOfMonth, $type, $displayId, $sizeInBytes, $sizeInBytes);
--
--        $this->db->query($sql);
--
--        return true;
++    {
++        $bandwidth = new Bandwidth();
++        $bandwidth->Log($displayId, $type, $sizeInBytes);
+     }
+ }
  ?>
 === modified file 'server/lib/service/xmdssoap4.class.php'
 --- server/lib/service/xmdssoap4.class.php	2014-11-25 11:09:21 +0000
 +++ server/lib/service/xmdssoap4.class.php	2015-01-09 11:27:10 +0000
@@ -21,8 +21,8 @@
  define('BLACKLIST_ALL', "All");
  define('BLACKLIST_SINGLE', "Single");
--class XMDSSoap4 {
--
++class XMDSSoap4
++{
      private $licensed;
      private $includeSchedule;
      private $isAuditing;
@@ -40,8 +40,8 @@
       * @param <type> $displayName
       * @return <type>
       */
--    public function RegisterDisplay($serverKey, $hardwareKey, $displayName, $clientType, $clientVersion, $clientCode, $operatingSystem, $macAddress) {
--
++    public function RegisterDisplay($serverKey, $hardwareKey, $displayName, $clientType, $clientVersion, $clientCode, $operatingSystem, $macAddress)
++    {
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
@@ -138,6 +138,9 @@
                      $displayProfile->displayProfileId = (empty($row['displayprofileid']) ? 0 : Kit::ValidateParam($row['displayprofileid'], _INT));
                      if ($displayProfile->displayProfileId == 0) {
++                        // We need a theme
++                        new Theme(new User());
++
                          // Load the default profile
                          $displayProfile->type = $clientType;
                          $displayProfile->LoadDefault();
@@ -213,8 +216,8 @@
       * @param string $hardwareKey Display Hardware Key
       * @return string $requiredXml Xml Formatted String
       */
--    function RequiredFiles($serverKey, $hardwareKey) {
--
++    function RequiredFiles($serverKey, $hardwareKey)
++    {
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
@@ -485,8 +488,8 @@
       * @param int $chunkOffset The Offset of the Chunk Requested
       * @param string $chunkSize   The Size of the Chunk Requested
       */
--    function GetFile($serverKey, $hardwareKey, $fileId, $fileType, $chunkOffset, $chunkSize) {
--
++    function GetFile($serverKey, $hardwareKey, $fileId, $fileType, $chunkOffset, $chunkSize)
++    {
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
@@ -585,7 +588,8 @@
       * @return
       * @param $hardwareKey Object
       */
--    function Schedule($serverKey, $hardwareKey) {
++    function Schedule($serverKey, $hardwareKey)
++    {
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
@@ -735,8 +739,8 @@
       * @param $mediaId Object
       * @param $type Object
       */
--    function BlackList($serverKey, $hardwareKey, $mediaId, $type, $reason) {
--
++    function BlackList($serverKey, $hardwareKey, $mediaId, $type, $reason)
++    {
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
@@ -824,8 +828,8 @@
       * @param $hardwareKey Object
       * @param $logXml Object
       */
--    function SubmitLog($serverKey, $hardwareKey, $logXml) {
--
++    function SubmitLog($serverKey, $hardwareKey, $logXml)
++    {
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
@@ -932,8 +936,8 @@
       * @param $hardwareKey Object
       * @param $statXml Object
       */
--    function SubmitStats($serverKey, $hardwareKey, $statXml) {
--
++    function SubmitStats($serverKey, $hardwareKey, $statXml)
++    {
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
@@ -1015,7 +1019,8 @@
       * @param <type> $hardwareKey
       * @param <type> $inventory
       */
--    public function MediaInventory($serverKey, $hardwareKey, $inventory) {
++    public function MediaInventory($serverKey, $hardwareKey, $inventory)
++    {
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
@@ -1080,8 +1085,8 @@
       * @param <type> $regionId
       * @param <type> $mediaId
       */
--    function GetResource($serverKey, $hardwareKey, $layoutId, $regionId, $mediaId) {
--
++    function GetResource($serverKey, $hardwareKey, $layoutId, $regionId, $mediaId)
++    {
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
@@ -1140,7 +1145,8 @@
          return $resource;
+     }
--    public function NotifyStatus($serverKey, $hardwareKey, $status) {
++    public function NotifyStatus($serverKey, $hardwareKey, $status)
++    {
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
@@ -1161,16 +1167,17 @@
          if ($this->isAuditing == 1)
              Debug::LogEntry('audit', $status, 'xmds', 'Status', '', $this->displayId);
++        $this->LogBandwidth($this->displayId, Bandwidth::$NOTIFYSTATUS, strlen($status));
++
          // Touch the display record
          $displayObject = new Display();
          $displayObject->Touch($this->displayId, json_decode($status, true));
--        $this->LogBandwidth($this->displayId, Bandwidth::$NOTIFYSTATUS, strlen($status));
--
          return true;
+     }
--    public function SubmitScreenShot($serverKey, $hardwareKey, $screenShot) {
++    public function SubmitScreenShot($serverKey, $hardwareKey, $screenShot)
++    {
          // Sanitize
          $serverKey = Kit::ValidateParam($serverKey, _STRING);
          $hardwareKey = Kit::ValidateParam($hardwareKey, _STRING);
@@ -1210,8 +1217,8 @@
      /**
       * PHONE_HOME if required
       */
--    private function PhoneHome() {
--
++    private function PhoneHome()
++    {
          if (Config::GetSetting('PHONE_HOME') == 'On') {
              // Find out when we last PHONED_HOME :D
              // If it's been > 28 days since last PHONE_HOME then
@@ -1261,8 +1268,8 @@
       * @param <type> $hardwareKey
       * @return <type>
       */
--    private function AuthDisplay($hardwareKey, $status = NULL) {
--
++    private function AuthDisplay($hardwareKey, $status = NULL)
++    {
          try {
              $dbh = PDOConnect::init();
@@ -1316,8 +1323,8 @@
+         }
+     }
--    private function AlertDisplayUp($displayId, $display, $loggedIn, $emailAlert) {
--
++    private function AlertDisplayUp($displayId, $display, $loggedIn, $emailAlert)
++    {
          $maintenanceEnabled = Config::GetSetting('MAINTENANCE_ENABLED');
          if ($loggedIn == 0) {
@@ -1354,7 +1361,8 @@
      /**
       * Check we havent exceeded the bandwidth limits
       */
--    private function CheckBandwidth() {
++    private function CheckBandwidth()
++    {
          $xmdsLimit = Config::GetSetting('MONTHLY_XMDS_TRANSFER_LIMIT_KB');
          if ($xmdsLimit <= 0)
@@ -1385,8 +1393,8 @@
       * @param <type> $type
       * @param <type> $sizeInBytes
       */
--    private function LogBandwidth($displayId, $type, $sizeInBytes) {
--
++    private function LogBandwidth($displayId, $type, $sizeInBytes)
++    {
          $bandwidth = new Bandwidth();
          $bandwidth->Log($displayId, $type, $sizeInBytes);
+     }
 === added directory 'server/modules/3rdparty/twitter-oauth'
 === added file 'server/modules/3rdparty/twitter-oauth/OAuth.php'
 --- server/modules/3rdparty/twitter-oauth/OAuth.php	1970-01-01 00:00:00 +0000
 +++ server/modules/3rdparty/twitter-oauth/OAuth.php	2015-01-09 11:27:10 +0000
@@ -0,0 +1,872 @@
++<?php
++// vim: foldmethod=marker
++
++/* Generic exception class
++ */
++if (!class_exists('TwitterOAuthException')) {
++  class TwitterOAuthException extends Exception {
++    // pass
++  }
++}
++
++class TwitterOAuthConsumer {
++  public $key;
++  public $secret;
++
++  function __construct($key, $secret, $callback_url=NULL) {
++    $this->key = $key;
++    $this->secret = $secret;
++    $this->callback_url = $callback_url;
++  }
++
++  function __toString() {
++    return "OAuthConsumer[key=$this->key,secret=$this->secret]";
++  }
++}
++
++class TwitterOAuthToken {
++  // access tokens and request tokens
++  public $key;
++  public $secret;
++
++  /**
++   * key = the token
++   * secret = the token secret
++   */
++  function __construct($key, $secret) {
++    $this->key = $key;
++    $this->secret = $secret;
++  }
++
++  /**
++   * generates the basic string serialization of a token that a server
++   * would respond to request_token and access_token calls with
++   */
++  function to_string() {
++    return "oauth_token=" .
++           TwitterOAuthUtil::urlencode_rfc3986($this->key) .
++           "&oauth_token_secret=" .
++           TwitterOAuthUtil::urlencode_rfc3986($this->secret);
++  }
++
++  function __toString() {
++    return $this->to_string();
++  }
++}
++
++/**
++ * A class for implementing a Signature Method
++ * See section 9 ("Signing Requests") in the spec
++ */
++abstract class TwitterOAuthSignatureMethod {
++  /**
++   * Needs to return the name of the Signature Method (ie HMAC-SHA1)
++   * @return string
++   */
++  abstract public function get_name();
++
++  /**
++   * Build up the signature
++   * NOTE: The output of this function MUST NOT be urlencoded.
++   * the encoding is handled in TwitterOAuthRequest when the final
++   * request is serialized
++   * @param TwitterOAuthRequest $request
++   * @param OAuthConsumer $consumer
++   * @param OAuthToken $token
++   * @return string
++   */
++  abstract public function build_signature($request, $consumer, $token);
++
++  /**
++   * Verifies that a given signature is correct
++   * @param TwitterOAuthRequest $request
++   * @param OAuthConsumer $consumer
++   * @param OAuthToken $token
++   * @param string $signature
++   * @return bool
++   */
++  public function check_signature($request, $consumer, $token, $signature) {
++    $built = $this->build_signature($request, $consumer, $token);
++    return $built == $signature;
++  }
++}
++
++/**
++ * The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104]
++ * where the Signature Base String is the text and the key is the concatenated values (each first
++ * encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an '&'
++ * character (ASCII code 38) even if empty.
++ *   - Chapter 9.2 ("HMAC-SHA1")
++ */
++class TwitterOAuthSignatureMethod_HMAC_SHA1 extends TwitterOAuthSignatureMethod {
++  function get_name() {
++    return "HMAC-SHA1";
++  }
++
++  public function build_signature($request, $consumer, $token) {
++    $base_string = $request->get_signature_base_string();
++    $request->base_string = $base_string;
++
++    $key_parts = array(
++      $consumer->secret,
++      ($token) ? $token->secret : ""
++    );
++
++    $key_parts = TwitterOAuthUtil::urlencode_rfc3986($key_parts);
++    $key = implode('&', $key_parts);
++
++    return base64_encode(hash_hmac('sha1', $base_string, $key, true));
++  }
++}
++
++/**
++ * The PLAINTEXT method does not provide any security protection and SHOULD only be used
++ * over a secure channel such as HTTPS. It does not use the Signature Base String.
++ *   - Chapter 9.4 ("PLAINTEXT")
++ */
++class TwitterOAuthSignatureMethod_PLAINTEXT extends TwitterOAuthSignatureMethod {
++  public function get_name() {
++    return "PLAINTEXT";
++  }
++
++  /**
++   * oauth_signature is set to the concatenated encoded values of the Consumer Secret and
++   * Token Secret, separated by a '&' character (ASCII code 38), even if either secret is
++   * empty. The result MUST be encoded again.
++   *   - Chapter 9.4.1 ("Generating Signatures")
++   *
++   * Please note that the second encoding MUST NOT happen in the SignatureMethod, as
++   * TwitterOAuthRequest handles this!
++   */
++  public function build_signature($request, $consumer, $token) {
++    $key_parts = array(
++      $consumer->secret,
++      ($token) ? $token->secret : ""
++    );
++
++    $key_parts = TwitterOAuthUtil::urlencode_rfc3986($key_parts);
++    $key = implode('&', $key_parts);
++    $request->base_string = $key;
++
++    return $key;
++  }
++}
++
++/**
++ * The RSA-SHA1 signature method uses the RSASSA-PKCS1-v1_5 signature algorithm as defined in
++ * [RFC3447] section 8.2 (more simply known as PKCS#1), using SHA-1 as the hash function for
++ * EMSA-PKCS1-v1_5. It is assumed that the Consumer has provided its RSA public key in a
++ * verified way to the Service Provider, in a manner which is beyond the scope of this
++ * specification.
++ *   - Chapter 9.3 ("RSA-SHA1")
++ */
++abstract class TwitterOAuthSignatureMethod_RSA_SHA1 extends TwitterOAuthSignatureMethod {
++  public function get_name() {
++    return "RSA-SHA1";
++  }
++
++  // Up to the SP to implement this lookup of keys. Possible ideas are:
++  // (1) do a lookup in a table of trusted certs keyed off of consumer
++  // (2) fetch via http using a url provided by the requester
++  // (3) some sort of specific discovery code based on request
++  //
++  // Either way should return a string representation of the certificate
++  protected abstract function fetch_public_cert(&$request);
++
++  // Up to the SP to implement this lookup of keys. Possible ideas are:
++  // (1) do a lookup in a table of trusted certs keyed off of consumer
++  //
++  // Either way should return a string representation of the certificate
++  protected abstract function fetch_private_cert(&$request);
++
++  public function build_signature($request, $consumer, $token) {
++    $base_string = $request->get_signature_base_string();
++    $request->base_string = $base_string;
++
++    // Fetch the private key cert based on the request
++    $cert = $this->fetch_private_cert($request);
++
++    // Pull the private key ID from the certificate
++    $privatekeyid = openssl_get_privatekey($cert);
++
++    // Sign using the key
++    $ok = openssl_sign($base_string, $signature, $privatekeyid);
++
++    // Release the key resource
++    openssl_free_key($privatekeyid);
++
++    return base64_encode($signature);
++  }
++
++  public function check_signature($request, $consumer, $token, $signature) {
++    $decoded_sig = base64_decode($signature);
++
++    $base_string = $request->get_signature_base_string();
++
++    // Fetch the public key cert based on the request
++    $cert = $this->fetch_public_cert($request);
++
++    // Pull the public key ID from the certificate
++    $publickeyid = openssl_get_publickey($cert);
++
++    // Check the computed signature against the one passed in the query
++    $ok = openssl_verify($base_string, $decoded_sig, $publickeyid);
++
++    // Release the key resource
++    openssl_free_key($publickeyid);
++
++    return $ok == 1;
++  }
++}
++
++class TwitterOAuthRequest {
++  private $parameters;
++  private $http_method;
++  private $http_url;
++  // for debug purposes
++  public $base_string;
++  public static $version = '1.0';
++  public static $POST_INPUT = 'php://input';
++
++  function __construct($http_method, $http_url, $parameters=NULL) {
++    @$parameters or $parameters = array();
++    $parameters = array_merge( TwitterOAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
++    $this->parameters = $parameters;
++    $this->http_method = $http_method;
++    $this->http_url = $http_url;
++  }
++
++
++  /**
++   * attempt to build up a request from what was passed to the server
++   */
++  public static function from_request($http_method=NULL, $http_url=NULL, $parameters=NULL) {
++    $scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on")
++              ? 'http'
++              : 'https';
++    @$http_url or $http_url = $scheme .
++                              '://' . $_SERVER['HTTP_HOST'] .
++                              ':' .
++                              $_SERVER['SERVER_PORT'] .
++                              $_SERVER['REQUEST_URI'];
++    @$http_method or $http_method = $_SERVER['REQUEST_METHOD'];
++
++    // We weren't handed any parameters, so let's find the ones relevant to
++    // this request.
++    // If you run XML-RPC or similar you should use this to provide your own
++    // parsed parameter-list
++    if (!$parameters) {
++      // Find request headers
++      $request_headers = TwitterOAuthUtil::get_headers();
++
++      // Parse the query-string to find GET parameters
++      $parameters = TwitterOAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
++
++      // It's a POST request of the proper content-type, so parse POST
++      // parameters and add those overriding any duplicates from GET
++      if ($http_method == "POST"
++          && @strstr($request_headers["Content-Type"],
++                     "application/x-www-form-urlencoded")
++          ) {
++        $post_data = TwitterOAuthUtil::parse_parameters(
++          file_get_contents(self::$POST_INPUT)
++        );
++        $parameters = array_merge($parameters, $post_data);
++      }
++
++      // We have a Authorization-header with OAuth data. Parse the header
++      // and add those overriding any duplicates from GET or POST
++      if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
++        $header_parameters = TwitterOAuthUtil::split_header(
++          $request_headers['Authorization']
++        );
++        $parameters = array_merge($parameters, $header_parameters);
++      }
++
++    }
++
++    return new TwitterOAuthRequest($http_method, $http_url, $parameters);
++  }
++
++  /**
++   * pretty much a helper function to set up the request
++   */
++  public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) {
++    @$parameters or $parameters = array();
++    $defaults = array("oauth_version" => TwitterOAuthRequest::$version,
++                      "oauth_nonce" => TwitterOAuthRequest::generate_nonce(),
++                      "oauth_timestamp" => TwitterOAuthRequest::generate_timestamp(),
++                      "oauth_consumer_key" => $consumer->key);
++    if ($token)
++      $defaults['oauth_token'] = $token->key;
++
++    $parameters = array_merge($defaults, $parameters);
++
++    return new TwitterOAuthRequest($http_method, $http_url, $parameters);
++  }
++
++  public function set_parameter($name, $value, $allow_duplicates = true) {
++    if ($allow_duplicates && isset($this->parameters[$name])) {
++      // We have already added parameter(s) with this name, so add to the list
++      if (is_scalar($this->parameters[$name])) {
++        // This is the first duplicate, so transform scalar (string)
++        // into an array so we can add the duplicates
++        $this->parameters[$name] = array($this->parameters[$name]);
++      }
++
++      $this->parameters[$name][] = $value;
++    } else {
++      $this->parameters[$name] = $value;
++    }
++  }
++
++  public function get_parameter($name) {
++    return isset($this->parameters[$name]) ? $this->parameters[$name] : null;
++  }
++
++  public function get_parameters() {
++    return $this->parameters;
++  }
++
++  public function unset_parameter($name) {
++    unset($this->parameters[$name]);
++  }
++
++  /**
++   * The request parameters, sorted and concatenated into a normalized string.
++   * @return string
++   */
++  public function get_signable_parameters() {
++    // Grab all parameters
++    $params = $this->parameters;
++
++    // Remove oauth_signature if present
++    // Ref: Spec: 9.1.1 ("The oauth_signature parameter MUST be excluded.")
++    if (isset($params['oauth_signature'])) {
++      unset($params['oauth_signature']);
++    }
++
++    return TwitterOAuthUtil::build_http_query($params);
++  }
++
++  /**
++   * Returns the base string of this request
++   *
++   * The base string defined as the method, the url
++   * and the parameters (normalized), each urlencoded
++   * and the concated with &.
++   */
++  public function get_signature_base_string() {
++    $parts = array(
++      $this->get_normalized_http_method(),
++      $this->get_normalized_http_url(),
++      $this->get_signable_parameters()
++    );
++
++    $parts = TwitterOAuthUtil::urlencode_rfc3986($parts);
++
++    return implode('&', $parts);
++  }
++
++  /**
++   * just uppercases the http method
++   */
++  public function get_normalized_http_method() {
++    return strtoupper($this->http_method);
++  }
++
++  /**
++   * parses the url and rebuilds it to be
++   * scheme://host/path
++   */
++  public function get_normalized_http_url() {
++    $parts = parse_url($this->http_url);
++
++    $port = (isset($parts['port'])) ? $parts['port'] : (($scheme == 'https') ? '443' : '80');
++    $scheme = $parts['scheme'];
++    $host = $parts['host'];
++    $path = @$parts['path'];
++
++    if (($scheme == 'https' && $port != '443')
++        || ($scheme == 'http' && $port != '80')) {
++      $host = "$host:$port";
++    }
++    return "$scheme://$host$path";
++  }
++
++  /**
++   * builds a url usable for a GET request
++   */
++  public function to_url() {
++    $post_data = $this->to_postdata();
++    $out = $this->get_normalized_http_url();
++    if ($post_data) {
++      $out .= '?'.$post_data;
++    }
++    return $out;
++  }
++
++  /**
++   * builds the data one would send in a POST request
++   */
++  public function to_postdata() {
++    return TwitterOAuthUtil::build_http_query($this->parameters);
++  }
++
++  /**
++   * builds the Authorization: header
++   */
++  public function to_header($realm=null) {
++    $first = true;
++	if($realm) {
++      $out = 'Authorization: OAuth realm="' . TwitterOAuthUtil::urlencode_rfc3986($realm) . '"';
++      $first = false;
++    } else
++      $out = 'Authorization: OAuth';
++
++    $total = array();
++    foreach ($this->parameters as $k => $v) {
++      if (substr($k, 0, 5) != "oauth") continue;
++      if (is_array($v)) {
++        throw new OAuthException('Arrays not supported in headers');
++      }
++      $out .= ($first) ? ' ' : ',';
++      $out .= TwitterOAuthUtil::urlencode_rfc3986($k) .
++              '="' .
++              TwitterOAuthUtil::urlencode_rfc3986($v) .
++              '"';
++      $first = false;
++    }
++    return $out;
++  }
++
++  public function __toString() {
++    return $this->to_url();
++  }
++
++
++  public function sign_request($signature_method, $consumer, $token) {
++    $this->set_parameter(
++      "oauth_signature_method",
++      $signature_method->get_name(),
++      false
++    );
++    $signature = $this->build_signature($signature_method, $consumer, $token);
++    $this->set_parameter("oauth_signature", $signature, false);
++  }
++
++  public function build_signature($signature_method, $consumer, $token) {
++    $signature = $signature_method->build_signature($this, $consumer, $token);
++    return $signature;
++  }
++
++  /**
++   * util function: current timestamp
++   */
++  private static function generate_timestamp() {
++    return time();
++  }
++
++  /**
++   * util function: current nonce
++   */
++  private static function generate_nonce() {
++    $mt = microtime();
++    $rand = mt_rand();
++
++    return md5($mt . $rand); // md5s look nicer than numbers
++  }
++}
++
++class TwitterOAuthServer {
++  protected $timestamp_threshold = 300; // in seconds, five minutes
++  protected $version = '1.0';             // hi blaine
++  protected $signature_methods = array();
++
++  protected $data_store;
++
++  function __construct($data_store) {
++    $this->data_store = $data_store;
++  }
++
++  public function add_signature_method($signature_method) {
++    $this->signature_methods[$signature_method->get_name()] =
++      $signature_method;
++  }
++
++  // high level functions
++
++  /**
++   * process a request_token request
++   * returns the request token on success
++   */
++  public function fetch_request_token(&$request) {
++    $this->get_version($request);
++
++    $consumer = $this->get_consumer($request);
++
++    // no token required for the initial token request
++    $token = NULL;
++
++    $this->check_signature($request, $consumer, $token);
++
++    // Rev A change
++    $callback = $request->get_parameter('oauth_callback');
++    $new_token = $this->data_store->new_request_token($consumer, $callback);
++
++    return $new_token;
++  }
++
++  /**
++   * process an access_token request
++   * returns the access token on success
++   */
++  public function fetch_access_token(&$request) {
++    $this->get_version($request);
++
++    $consumer = $this->get_consumer($request);
++
++    // requires authorized request token
++    $token = $this->get_token($request, $consumer, "request");
++
++    $this->check_signature($request, $consumer, $token);
++
++    // Rev A change
++    $verifier = $request->get_parameter('oauth_verifier');
++    $new_token = $this->data_store->new_access_token($token, $consumer, $verifier);
++
++    return $new_token;
++  }
++
++  /**
++   * verify an api call, checks all the parameters
++   */
++  public function verify_request(&$request) {
++    $this->get_version($request);
++    $consumer = $this->get_consumer($request);
++    $token = $this->get_token($request, $consumer, "access");
++    $this->check_signature($request, $consumer, $token);
++    return array($consumer, $token);
++  }
++
++  // Internals from here
++  /**
++   * version 1
++   */
++  private function get_version(&$request) {
++    $version = $request->get_parameter("oauth_version");
++    if (!$version) {
++      // Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present.
++      // Chapter 7.0 ("Accessing Protected Ressources")
++      $version = '1.0';
++    }
++    if ($version !== $this->version) {
++      throw new OAuthException("OAuth version '$version' not supported");
++    }
++    return $version;
++  }
++
++  /**
++   * figure out the signature with some defaults
++   */
++  private function get_signature_method(&$request) {
++    $signature_method =
++        @$request->get_parameter("oauth_signature_method");
++
++    if (!$signature_method) {
++      // According to chapter 7 ("Accessing Protected Ressources") the signature-method
++      // parameter is required, and we can't just fallback to PLAINTEXT
++      throw new OAuthException('No signature method parameter. This parameter is required');
++    }
++
++    if (!in_array($signature_method,
++                  array_keys($this->signature_methods))) {
++      throw new OAuthException(
++        "Signature method '$signature_method' not supported " .
++        "try one of the following: " .
++        implode(", ", array_keys($this->signature_methods))
++      );
++    }
++    return $this->signature_methods[$signature_method];
++  }
++
++  /**
++   * try to find the consumer for the provided request's consumer key
++   */
++  private function get_consumer(&$request) {
++    $consumer_key = @$request->get_parameter("oauth_consumer_key");
++    if (!$consumer_key) {
++      throw new OAuthException("Invalid consumer key");
++    }
++
++    $consumer = $this->data_store->lookup_consumer($consumer_key);
++    if (!$consumer) {
++      throw new OAuthException("Invalid consumer");
++    }
++
++    return $consumer;
++  }
++
++  /**
++   * try to find the token for the provided request's token key
++   */
++  private function get_token(&$request, $consumer, $token_type="access") {
++    $token_field = @$request->get_parameter('oauth_token');
++    $token = $this->data_store->lookup_token(
++      $consumer, $token_type, $token_field
++    );
++    if (!$token) {
++      throw new OAuthException("Invalid $token_type token: $token_field");
++    }
++    return $token;
++  }
++
++  /**
++   * all-in-one function to check the signature on a request
++   * should guess the signature method appropriately
++   */
++  private function check_signature(&$request, $consumer, $token) {
++    // this should probably be in a different method
++    $timestamp = @$request->get_parameter('oauth_timestamp');
++    $nonce = @$request->get_parameter('oauth_nonce');
++
++    $this->check_timestamp($timestamp);
++    $this->check_nonce($consumer, $token, $nonce, $timestamp);
++
++    $signature_method = $this->get_signature_method($request);
++
++    $signature = $request->get_parameter('oauth_signature');
++    $valid_sig = $signature_method->check_signature(
++      $request,
++      $consumer,
++      $token,
++      $signature
++    );
++
++    if (!$valid_sig) {
++      throw new OAuthException("Invalid signature");
++    }
++  }
++
++  /**
++   * check that the timestamp is new enough
++   */
++  private function check_timestamp($timestamp) {
++    if( ! $timestamp )
++      throw new OAuthException(
++        'Missing timestamp parameter. The parameter is required'
++      );
++
++    // verify that timestamp is recentish
++    $now = time();
++    if (abs($now - $timestamp) > $this->timestamp_threshold) {
++      throw new OAuthException(
++        "Expired timestamp, yours $timestamp, ours $now"
++      );
++    }
++  }