Fixes theme helper

Fixes themes footers
Adds theme-asset page in index
2025-06-26 14:48:51 +03:00 · 2025-06-26 14:48:10 +03:00 · 2025-06-26 14:27:54 +03:00 · 2025-06-26 14:27:15 +03:00 · 2025-06-26 14:13:19 +03:00 · 2025-06-26 14:10:41 +03:00
211 changed files with 18622 additions and 1593 deletions
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@ -0,0 +1,112 @@
 name: PHP Tests
 on:
  push:
    branches: [ main, master ]
  pull_request:
    branches: [ main, master ]
 jobs:
  test:
    runs-on: ubuntu-latest
    services:
      mariadb:
        image: mariadb:10.6
        env:
          MARIADB_ROOT_PASSWORD: root
          MARIADB_DATABASE: jilo_test
          MARIADB_USER: test_jilo
          MARIADB_PASSWORD: test_password
        ports:
          - 3306:3306
        options: >-
          --health-cmd="mysqladmin ping -h127.0.0.1 -P3306 -uroot -proot"
          --health-interval=10s
          --health-timeout=10s
          --health-retries=5
          --health-start-period=30s
    steps:
    - uses: actions/checkout@v3
    - name: Setup PHP
      uses: shivammathur/setup-php@v2
      with:
        php-version: '8.2'
        extensions: pdo, pdo_mysql, xdebug
        coverage: xdebug
    - name: Wait for MariaDB
      run: |
        sudo apt-get install -y mariadb-client
        while ! mysqladmin ping -h"127.0.0.1" -P"3306" -uroot -proot --silent; do
          echo "Waiting for database connection..."
          sleep 2
        done
    - name: Install dependencies
      run: |
        cd tests
        composer install
    - name: Test database connection
      run: |
        mysql -h127.0.0.1 -P3306 -uroot -proot -e "SHOW DATABASES;"
        mysql -h127.0.0.1 -P3306 -uroot -proot -e "SELECT User,Host FROM mysql.user;"
        mysql -h127.0.0.1 -P3306 -uroot -proot -e "GRANT ALL PRIVILEGES ON jilo_test.* TO 'test_jilo'@'%';"
        mysql -h127.0.0.1 -P3306 -uroot -proot -e "FLUSH PRIVILEGES;"
    - name: Update database config for CI
      run: |
        # Create temporary test config
        mkdir -p tests/config
        cat > tests/config/ci-config.php << 'EOF'
        <?php
        define('CI_DB_PASSWORD', 'test_password');
        define('CI_DB_HOST', '127.0.0.1');
        EOF
        # Verify config file was created
        echo "Config file contents:"
        cat tests/config/ci-config.php
        echo "\nConfig file location:"
        ls -la tests/config/ci-config.php
        # Grant access from Docker network
        mysql -h127.0.0.1 -P3306 -uroot -proot -e "
          DROP USER IF EXISTS 'test_jilo'@'%';
          CREATE USER 'test_jilo'@'%' IDENTIFIED BY 'test_password';
          GRANT ALL PRIVILEGES ON jilo_test.* TO 'test_jilo'@'%';
          CREATE DATABASE IF NOT EXISTS jilo_test;
          FLUSH PRIVILEGES;
        "
        # Update test files to require the config (using absolute path)
        CONFIG_PATH=$(realpath tests/config/ci-config.php)
        echo "\nConfig path: $CONFIG_PATH"
        # Add require statement at the very start
        for file in tests/Unit/Classes/{DatabaseTest,UserTest}.php; do
          echo "<?php" > "$file.tmp"
          echo "require_once '$CONFIG_PATH';" >> "$file.tmp"
          tail -n +2 "$file" >> "$file.tmp"
          mv "$file.tmp" "$file"
          echo "\nFirst 5 lines of $file:"
          head -n 5 "$file"
        done
        # Test database connection directly
        echo "\nTesting database connection:"
        mysql -h127.0.0.1 -P3306 -utest_jilo -ptest_password -e "SELECT 'Database connection successful!'" || echo "Database connection failed"
    - name: Run test suite
      run: |
        cd tests
        ./vendor/bin/phpunit
 # FIXME
 #       XDEBUG_MODE=coverage ./vendor/bin/phpunit --coverage-html coverage
 #      env:
 #        COMPOSER_PROCESS_TIMEOUT: 0
 #        COMPOSER_NO_INTERACTION: 1
 #        COMPOSER_NO_AUDIT: 1
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -7,10 +7,123 @@ All notable changes to this project will be documented in this file.
 ## Unreleased
 #### Links
- upstream: https://code.lindeas.com/lindeas/jilo-web/compare/v0.2...HEAD
+- upstream: https://code.lindeas.com/lindeas/jilo-web/compare/v0.4...HEAD
- codeberg: https://codeberg.org/lindeas/jilo-web/compare/v0.2...HEAD
+- codeberg: https://codeberg.org/lindeas/jilo-web/compare/v0.4...HEAD
- github: https://github.com/lindeas/jilo-web/compare/v0.2...HEAD
+- github: https://github.com/lindeas/jilo-web/compare/v0.4...HEAD
- gitlab: https://gitlab.com/lindeas/jilo-web/-/compare/v0.2...HEAD
+- gitlab: https://gitlab.com/lindeas/jilo-web/-/compare/v0.4...HEAD
 ### Added
 - Added CSS and JS to the default theme
 - Added change theme menu entry
 ### Changed
 ### Fixed
 ---
 ## 0.4 - 2025-04-12
 #### Links
 - upstream: https://code.lindeas.com/lindeas/jilo-web/compare/v0.3...v0.4
 - codeberg: https://codeberg.org/lindeas/jilo-web/compare/v0.3...v0.4
 - github: https://github.com/lindeas/jilo-web/compare/v0.3...v0.4
 - gitlab: https://gitlab.com/lindeas/jilo-web/-/compare/v0.3...v0.4
 ### Added
 - Added top-right menu with profile, admin, and docs sections
 - Added two-factor authentication
 - Added resetting of forgotten password
 - Added login credentials management
 - Added proper pagination
 - Added agents managemet pages
 - Added javascript-based feedback messages
 - Added description to each page
 - Added CSRF checks
 - Added validator class for all forms
 - Added rate limiting to all pages
 - Added authentication rate limiting to login and registration
 - Added unit tests
 - Added integration/feature tests
 - Added testing workflow for github
 ### Changed
 - Increased session to 2 hours w/out "remember me", 30 days with
 - Made the config editing in-place with AJAX
 - Redesigned the help page
 - Moved graphs and latest data to their own pages
 - Moved live config.js to its own page
 - Redesigned the messages system and renamed them to feedback messages
 ### Fixed
 - Bugfixes
 - Fixed config editing
 - Fixed logs search
 - Removed hardcoded messages, changed to feedback messages
 ---
 ## 0.3 - 2025-01-15
 #### Links
 - upstream: https://code.lindeas.com/lindeas/jilo-web/compare/v0.2.1...v0.3
 - codeberg: https://codeberg.org/lindeas/jilo-web/compare/v0.2.1...v0.3
 - github: https://github.com/lindeas/jilo-web/compare/v0.2.1...v0.3
 - gitlab: https://gitlab.com/lindeas/jilo-web/-/compare/v0.2.1...v0.3
 ### Added
 - Added status page
 - Added latest data page
 - Added graphs page
 - Added Jilo agents status checks
 - Added periodic Jilo agents checks
 - Added Jilo Server check and notice on error
 - Added "jitsi platforms config" section in the sidebar
 - Added editing for platforms
 - Added editing for hosts
 - Added editing for the Jilo configuration file
 - Added phpdoc comments
 - Added rate limiting for login with blacklist and whitelist
 - Added a page for configuring the rate limiting
 ### Changed
 - Implemented a new messaging and notifications system
 - Moved all live checks pages to the "live data" sidebar section
 - Separated the config page to multiple pages
 - Moved the config pages to "jitsi platforms config" section
 ### Fixed
 - Fixed bugs in config editing pages and cleaned up the HTML
 ---
 ## 0.2.1 - 2024-10-17
 #### Links
 - upstream: https://code.lindeas.com/lindeas/jilo-web/compare/v0.2...v0.2.1
 - codeberg: https://codeberg.org/lindeas/jilo-web/compare/v0.2...v0.2.1
 - github: https://github.com/lindeas/jilo-web/compare/v0.2...v0.2.1
 - gitlab: https://gitlab.com/lindeas/jilo-web/-/compare/v0.2...v0.2.1
 ### Added
 - Added support for managing Jilo Agents
 - Authenticating to Jilo Agents with JWT tokens with a shared secret key
 - Added Jilo Agent functionality to fetch data, cache it and manage the cache
 - Added more fields and avatar image to user profile
 - Added pagination (with ellipses) for the longer listings
 - Added initial support for application logs
 - Added help page
 - Added support for graphs by Chart.js
 - Added "graphs" section in sidebar with graphs and latest data pages
 ### Changed
 - Jitsi platforms config moved from file to SQLite database
 - Left sidebar menu items reordered
 ### Fixed
 - All output HTML sanitized
 - Sanitized input forms data
 - Fixed error in calculation of monthly total conferences on front page
 ---
--- a/README.md
+++ b/README.md
@ -26,7 +26,7 @@ To see a demo install, go to https://work.lindeas.com/jilo-web-demo/
 ## version
-Current version: **0.2** released on **2024-08-31**
+Current version: **0.3** released on **2025-01-15**
 ## license
@ -36,11 +36,14 @@ Bootstrap is used in this project and is licensed under the MIT License. See lic
 JQuery is used in this project and is licensed under the MIT License. See license-jquery file.
 Chart.js is used in this project and is licensed under the MIT License. See license-chartjs file.
 ## requirements
 - web server (deb: apache | nginx)
 - php support in the web server (deb: php-fpm | libapache2-mod-php)
 - pdo and pdo_sqlite support in php (deb: php-db, php-sqlite3) uncomment in php.ini: ;extension=pdo_sqlite
 - php-curl module
 ## installation
--- a/TODO.md
+++ b/TODO.md
@ -1,27 +0,0 @@
 # Jilo Web
 ## TODO
 - ~~jilo-web.db outside web root~~
 - ~~jilo-web.db writable by web server user~~
 - major refactoring after v0.1
 - - ~~add bootstrap template~~
 - - ~~clean up the code to follow model-view--controller style~~
 - - ~~no HTML inside PHP code~~
 - - put all additional functions in files in a separate folder
 - - ~~reduce try/catch usage, use it only for critical errors~~
 - - move all SQL code in the model classes, one query per method
 - - add 'limit' to SQL and make pagination
 - - pretty URLs routing (no htaccess, it needs to be in PHP code so that it can be used with all servers)
 - add mysql/mariadb option
--- a/app/classes/agent.php
+++ b/app/classes/agent.php
@ -0,0 +1,647 @@
 <?php
 /**
 * class Agent
 *
 * Provides methods to interact with Jilo agents, including retrieving details, managing agents, generating JWT tokens,
 * and fetching data from agent APIs.
 */
 class Agent {
    /**
     * @var PDO|null $db The database connection instance.
     */
    private $db;
    /**
     * Agent constructor.
     * Initializes the database connection.
     *
     * @param object $database The database object to initialize the connection.
     */
    public function __construct($database) {
        $this->db = $database->getConnection();
    }
    /**
     * Retrieves details of agents for a specified host.
     *
     * @param int $host_id The host ID to filter agents by.
     * @param int $agent_id Optional agent ID to filter by.
     *
     * @return array The list of agent details.
     */
    public function getAgentDetails($host_id, $agent_id = '') {
        $sql = 'SELECT
                    ja.id,
                    ja.host_id,
                    ja.agent_type_id,
                    ja.url,
                    ja.secret_key,
                    ja.check_period,
                    jat.description AS agent_description,
                    jat.endpoint AS agent_endpoint,
                    h.platform_id
                FROM
                    jilo_agent ja
                JOIN
                    jilo_agent_type jat ON ja.agent_type_id = jat.id
                JOIN
                    host h ON ja.host_id = h.id
                WHERE
                    ja.host_id = :host_id';
        if ($agent_id !== '') {
            $sql .= ' AND ja.id = :agent_id';
        }
        $query = $this->db->prepare($sql);
        $query->bindParam(':host_id', $host_id);
        if ($agent_id !== '') {
            $query->bindParam(':agent_id', $agent_id);
        }
        $query->execute();
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
    /**
     * Retrieves details of a specified agent by its agent ID.
     *
     * @param int $agent_id The agent ID to filter by.
     *
     * @return array The agent details.
     */
    public function getAgentIDDetails($agent_id) {
        $sql = 'SELECT
                    ja.id,
                    ja.host_id,
                    ja.agent_type_id,
                    ja.url,
                    ja.secret_key,
                    ja.check_period,
                    jat.description AS agent_description,
                    jat.endpoint AS agent_endpoint,
                    h.platform_id
                FROM
                    jilo_agent ja
                JOIN
                    jilo_agent_type jat ON ja.agent_type_id = jat.id
                JOIN
                    host h ON ja.host_id = h.id
                WHERE
                    ja.id = :agent_id';
        $query = $this->db->prepare($sql);
        $query->bindParam(':agent_id', $agent_id);
        $query->execute();
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
    /**
     * Retrieves all agent types.
     *
     * @return array List of all agent types.
     */
    public function getAgentTypes() {
        $sql = 'SELECT *
                    FROM jilo_agent_type
                    ORDER BY id';
        $query = $this->db->prepare($sql);
        $query->execute();
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
    /**
     * Retrieves agent types already configured for a specific host.
     *
     * @param int $host_id The host ID to filter agents by.
     *
     * @return array List of agent types configured for the host.
     */
    public function getHostAgentTypes($host_id) {
        $sql = 'SELECT
                    id,
                    agent_type_id
                FROM
                    jilo_agent
                WHERE
                    host_id = :host_id';
        $query = $this->db->prepare($sql);
        $query->bindParam(':host_id', $host_id);
        $query->execute();
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
    /**
     * Add a new agent to the database.
     *
     * @param int $host_id The host ID to add the agent to.
     * @param array $newAgent An associative array containing the details of the agent to be added.
     *
     * @return bool|string True if the agent was added successfully, otherwise error message.
     */
    public function addAgent($host_id, $newAgent) {
        try {
            $sql = 'INSERT INTO jilo_agent
                    (host_id, agent_type_id, url, secret_key, check_period)
                    VALUES
                    (:host_id, :agent_type_id, :url, :secret_key, :check_period)';
            $query = $this->db->prepare($sql);
            $query->execute([
                ':host_id'       => $host_id,
                ':agent_type_id' => $newAgent['type_id'],
                ':url'          => $newAgent['url'],
                ':secret_key'   => $newAgent['secret_key'],
                ':check_period' => $newAgent['check_period'],
            ]);
            return true;
        } catch (Exception $e) {
            return $e->getMessage();
        }
    }
    /**
     * Edit an existing agent in the database.
     *
     * @param int $agent_id The ID of the agent to edit.
     * @param array $updatedAgent An associative array containing the updated details of the agent.
     *
     * @return bool|string True if the agent was updated successfully, otherwise error message.
     */
    public function editAgent($agent_id, $updatedAgent) {
        try {
            $sql = 'UPDATE jilo_agent
                    SET
                        agent_type_id = :agent_type_id,
                        url = :url,
                        secret_key = :secret_key,
                        check_period = :check_period
                    WHERE
                        id = :agent_id';
            // Convert empty secret key to NULL
            $secretKey = !empty($updatedAgent['secret_key']) ? $updatedAgent['secret_key'] : null;
            $query = $this->db->prepare($sql);
            $query->execute([
                ':agent_id'      => $agent_id,
                ':agent_type_id' => $updatedAgent['agent_type_id'],
                ':url'           => $updatedAgent['url'],
                ':secret_key'    => $secretKey,
                ':check_period'  => $updatedAgent['check_period'],
            ]);
            return true;
        } catch (Exception $e) {
            return $e->getMessage();
        }
    }
    /**
     * Deletes an agent from the database.
     *
     * @param int $agent_id The agent ID to delete.
     *
     * @return bool|string Returns true on success or an error message on failure.
     */
    public function deleteAgent($agent_id) {
        try {
            $sql = 'DELETE FROM jilo_agent
                    WHERE
                    id = :agent_id';
            $query = $this->db->prepare($sql);
            $query->bindParam(':agent_id', $agent_id);
            $query->execute();
            return true;
        } catch (Exception $e) {
            return $e->getMessage();
        }
    }
    /**
     * Checks if the agent cache is still valid.
     *
     * @param int $agent_id The agent ID to check.
     *
     * @return bool Returns true if cache is valid, false otherwise.
     */
    public function checkAgentCache($agent_id) {
        $agent_cache_name = 'agent' . $agent_id . '_cache';
        $agent_cache_time = 'agent' . $agent_id . '_time';
        return isset($_SESSION[$agent_cache_name]) && isset($_SESSION[$agent_cache_time]) && (time() - $_SESSION[$agent_cache_time] < 600);
    }
    /**
     * Base64 URL encodes the input data. Used for encoding JWT tokens
     *
     * @param string $data The data to encode.
     *
     * @return string The base64 URL encoded string.
     */
    private function base64UrlEncode($data) {
        return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
    }
    /**
     * Generates a JWT token for a Jilo agent.
     *
     * @param array $payload The payload data to include in the token.
     * @param string $secret_key The secret key used to sign the token.
     *
     * @return string The generated JWT token.
     */
    public function generateAgentToken($payload, $secret_key) {
        // header
        $header = json_encode([
            'typ' => 'JWT',
            'alg' => 'HS256'
        ]);
        $base64Url_header = $this->base64UrlEncode($header);
        // payload
        $payload = json_encode($payload);
        $base64Url_payload = $this->base64UrlEncode($payload);
        // signature
        $signature = hash_hmac('sha256', $base64Url_header . "." . $base64Url_payload, $secret_key ?? '', true);
        $base64Url_signature = $this->base64UrlEncode($signature);
        // build the JWT
        $jwt = $base64Url_header . "." . $base64Url_payload . "." . $base64Url_signature;
        return $jwt;
    }
    /**
     * Fetches data from a Jilo agent's API, optionally forcing a refresh of the cache.
     *
     * @param int $agent_id The agent ID to fetch data for.
     * @param bool $force Whether to force-refresh the cache (default: false).
     *
     * @return string The API response, or an error message in JSON format.
     */
    public function fetchAgent($agent_id, $force = false) {
        // we need agent details for URL and JWT token
        $agentDetails = $this->getAgentIDDetails($agent_id);
        // Safe exit in case the agent is not found
        if (empty($agentDetails)) {
            return json_encode(['error' => 'Agent not found']);
        }
        $agent = $agentDetails[0];
        $agent_cache_name = 'agent' . $agent_id . '_cache';
        $agent_cache_time = 'agent' . $agent_id . '_time';
        // check if the cache is still valid, unless force-refresh is requested
        if (!$force && $this->checkAgentCache($agent_id)) {
            return $_SESSION[$agent_cache_name];
        }
        // generate the JWT token
        $payload = [
            'agent_id'      => $agent_id,
            'timestamp'     => time()
        ];
        $jwt = $this->generateAgentToken($payload, $agent['secret_key']);
        // Make the API request
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $agent['url'] . $agent['agent_endpoint']);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_TIMEOUT, 10); // timeout 10 seconds
        curl_setopt($ch, CURLOPT_HTTPHEADER, [
            'Authorization: Bearer ' . $jwt,
            'Content-Type: application/json'
        ]);
        $response = curl_exec($ch);
        $curl_error = curl_error($ch);
        $curl_errno = curl_errno($ch);
        $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
        curl_close($ch);
        // curl error
        if ($curl_errno) {
            return json_encode(['error' => 'curl error: ' . $curl_error]);
        }
        // response is not 200 OK
        if ($http_code !== 200) {
            return json_encode(['error' => 'HTTP error: ' . $http_code]);
        }
        // other custom error(s)
        if (strpos($response, 'Auth header not received') !== false) {
            return json_encode(['error' => 'Auth header not received']);
        }
        // Cache the result and the timestamp if the response is successful
        // We decode it so that it's pure JSON and not escaped
        $_SESSION[$agent_cache_name] = json_decode($response, true);
        $_SESSION[$agent_cache_time] = time();
        return $response;
    }
    /**
     * Clears the cached data for a specific agent.
     *
     * @param int $agent_id The agent ID for which the cache should be cleared.
     */
    public function clearAgentCache($agent_id) {
        $_SESSION["agent{$agent_id}_cache"] = '';
        $_SESSION["agent{$agent_id}_cache_time"] = '';
    }
    /**
     * Gets a value from a nested array using dot notation
     * e.g. "bridge_selector.bridge_count" will get $array['bridge_selector']['bridge_count']
     *
     * @param array $array The array to search in
     * @param string $path The path in dot notation
     * @return mixed|null The value if found, null otherwise
     */
    private function getNestedValue($array, $path) {
        $keys = explode('.', $path);
        $value = $array;
        foreach ($keys as $key) {
            if (!isset($value[$key])) {
                return null;
            }
            $value = $value[$key];
        }
        return $value;
    }
    /**
     * Retrieves the latest stored data for a specific host, agent type, and metric type.
     *
     * @param int $host_id The host ID.
     * @param string $agent_type The agent type.
     * @param string $metric_type The metric type to filter by.
     *
     * @return mixed The latest stored data.
     */
    public function getLatestData($host_id, $agent_type, $metric_type) {
        $sql = 'SELECT
                    jac.timestamp,
                    jac.response_content,
                    jac.agent_id,
                    jat.description
                FROM
                    jilo_agent_check jac
                JOIN
                    jilo_agent ja ON jac.agent_id = ja.id
                JOIN
                    jilo_agent_type jat ON ja.agent_type_id = jat.id
                JOIN
                    host h ON ja.host_id = h.id
                WHERE
                    h.id = :host_id
                    AND jat.description = :agent_type
                    AND jac.status_code = 200
                ORDER BY
                    jac.timestamp DESC
                LIMIT 1';
        $query = $this->db->prepare($sql);
        $query->execute([
            ':host_id' => $host_id,
            ':agent_type' => $agent_type
        ]);
        $result = $query->fetch(PDO::FETCH_ASSOC);
        if ($result) {
            // Parse the JSON response content
            $data = json_decode($result['response_content'], true);
            if (json_last_error() !== JSON_ERROR_NONE) {
                return null;
            }
            // Extract the specific metric value from the response based on agent type
            if ($agent_type === 'jvb') {
                $value = $this->getNestedValue($data['jvb_api_data'], $metric_type);
                if ($value !== null) {
                    return [
                        'value' => $value,
                        'timestamp' => $result['timestamp']
                    ];
                }
            } elseif ($agent_type === 'jicofo') {
                $value = $this->getNestedValue($data['jicofo_api_data'], $metric_type);
                if ($value !== null) {
                    return [
                        'value' => $value,
                        'timestamp' => $result['timestamp']
                    ];
                }
            } elseif ($agent_type === 'jigasi') {
                $value = $this->getNestedValue($data['jigasi_api_data'], $metric_type);
                if ($value !== null) {
                    return [
                        'value' => $value,
                        'timestamp' => $result['timestamp']
                    ];
                }
            } elseif ($agent_type === 'prosody') {
                $value = $this->getNestedValue($data['prosody_api_data'], $metric_type);
                if ($value !== null) {
                    return [
                        'value' => $value,
                        'timestamp' => $result['timestamp']
                    ];
                }
            } elseif ($agent_type === 'nginx') {
                $value = $this->getNestedValue($data['nginx_api_data'], $metric_type);
                if ($value !== null) {
                    return [
                        'value' => $value,
                        'timestamp' => $result['timestamp']
                    ];
                }
            }
        }
        return null;
    }
    /**
     * Gets historical data for a specific metric from agent checks
     *
     * @param int $host_id The host ID
     * @param string $agent_type The type of agent (e.g., 'jvb', 'jicofo')
     * @param string $metric_type The type of metric to retrieve
     * @param string $from_time Start time in Y-m-d format
     * @param string $until_time End time in Y-m-d format
     * @return array Array with the dataset from agent checks
     */
    public function getHistoricalData($host_id, $agent_type, $metric_type, $from_time, $until_time) {
        // Get data from agent checks
        $sql = 'SELECT
                    DATE(jac.timestamp) as date,
                    jac.response_content,
                    COUNT(*) as checks_count
                FROM
                    jilo_agent_check jac
                JOIN
                    jilo_agent ja ON jac.agent_id = ja.id
                JOIN
                    jilo_agent_type jat ON ja.agent_type_id = jat.id
                JOIN
                    host h ON ja.host_id = h.id
                WHERE
                    h.id = :host_id
                    AND jat.description = :agent_type
                    AND jac.status_code = 200
                    AND DATE(jac.timestamp) BETWEEN :from_time AND :until_time
                GROUP BY
                    DATE(jac.timestamp)
                ORDER BY
                    DATE(jac.timestamp)';
        $query = $this->db->prepare($sql);
        $query->execute([
            ':host_id' => $host_id,
            ':agent_type' => $agent_type,
            ':from_time' => $from_time,
            ':until_time' => $until_time
        ]);
        $results = $query->fetchAll(PDO::FETCH_ASSOC);
        $data = [];
        foreach ($results as $row) {
            $json_data = json_decode($row['response_content'], true);
            if (json_last_error() === JSON_ERROR_NONE) {
                $api_data = [];
                if ($agent_type === 'jvb') {
                    $api_data = $json_data['jvb_api_data'] ?? [];
                } elseif ($agent_type === 'jicofo') {
                    $api_data = $json_data['jicofo_api_data'] ?? [];
                } elseif ($agent_type === 'jigasi') {
                    $api_data = $json_data['jigasi_api_data'] ?? [];
                } elseif ($agent_type === 'prosody') {
                    $api_data = $json_data['prosody_api_data'] ?? [];
                } elseif ($agent_type === 'nginx') {
                    $api_data = $json_data['nginx_api_data'] ?? [];
                }
                $value = $this->getNestedValue($api_data, $metric_type);
                if ($value !== null) {
                    $data[] = [
                        'date' => $row['date'],
                        'value' => $value
                    ];
                }
            }
        }
        return $data;
    }
    /**
     * Gets the previous record for a specific metric
     *
     * @param int $host_id The host ID
     * @param string $agent_type The type of agent (e.g., 'jvb', 'jicofo')
     * @param string $metric_type The type of metric to retrieve
     * @param string $current_timestamp Current record's timestamp to get data before this
     * @return array|null Previous record data or null if not found
     */
    public function getPreviousRecord($host_id, $agent_type, $metric_type, $current_timestamp) {
        $sql = 'SELECT
                    jac.timestamp,
                    jac.response_content
                FROM
                    jilo_agent_check jac
                JOIN
                    jilo_agent ja ON jac.agent_id = ja.id
                JOIN
                    jilo_agent_type jat ON ja.agent_type_id = jat.id
                JOIN
                    host h ON ja.host_id = h.id
                WHERE
                    h.id = :host_id
                    AND jat.description = :agent_type
                    AND jac.status_code = 200
                    AND jac.timestamp < :current_timestamp
                ORDER BY
                    jac.timestamp DESC
                LIMIT 1';
        $query = $this->db->prepare($sql);
        $query->execute([
            ':host_id' => $host_id,
            ':agent_type' => $agent_type,
            ':current_timestamp' => $current_timestamp
        ]);
        $result = $query->fetch(PDO::FETCH_ASSOC);
        if ($result) {
            $json_data = json_decode($result['response_content'], true);
            if (json_last_error() === JSON_ERROR_NONE) {
                $api_data = [];
                if ($agent_type === 'jvb') {
                    $api_data = $json_data['jvb_api_data'] ?? [];
                } elseif ($agent_type === 'jicofo') {
                    $api_data = $json_data['jicofo_api_data'] ?? [];
                } elseif ($agent_type === 'jigasi') {
                    $api_data = $json_data['jigasi_api_data'] ?? [];
                } elseif ($agent_type === 'prosody') {
                    $api_data = $json_data['prosody_api_data'] ?? [];
                } elseif ($agent_type === 'nginx') {
                    $api_data = $json_data['nginx_api_data'] ?? [];
                }
                $value = $this->getNestedValue($api_data, $metric_type);
                if ($value !== null) {
                    return [
                        'value' => $value,
                        'timestamp' => $result['timestamp']
                    ];
                }
            }
        }
        return null;
    }
 }
--- a/app/classes/api_response.php
+++ b/app/classes/api_response.php
@ -0,0 +1,47 @@
 <?php
 /**
 * API Response Handler
 * Provides a consistent way to send JSON responses from controllers
 */
 class ApiResponse {
    /**
     * Send a success response
     * @param mixed $data Optional data to include in response
     * @param string $message Optional success message
     * @param int $status HTTP status code
     */
    public static function success($data = null, $message = '', $status = 200) {
        self::send([
            'success' => true,
            'data' => $data,
            'message' => $message
        ], $status);
    }
    /**
     * Send an error response
     * @param string $message Error message
     * @param mixed $errors Optional error details
     * @param int $status HTTP status code
     */
    public static function error($message, $errors = null, $status = 400) {
        self::send([
            'success' => false,
            'error' => $message,
            'errors' => $errors
        ], $status);
    }
    /**
     * Send the actual JSON response
     * @param array $data Response data
     * @param int $status HTTP status code
     */
    private static function send($data, $status) {
        http_response_code($status);
        header('Content-Type: application/json');
        echo json_encode($data);
        exit;
    }
 }
--- a/app/classes/component.php
+++ b/app/classes/component.php
@ -1,51 +1,169 @@
 <?php
 /**
 * class Component
 *
 * Provides methods to interact with Jitsi component events in the database.
 */
 class Component {
    /**
     * @var PDO|null $db The database connection instance.
     */
    private $db;
    /**
     * Component constructor.
     * Initializes the database connection.
     *
     * @param object $database The database object to initialize the connection.
     */
    public function __construct($database) {
        $this->db = $database->getConnection();
    }
-    // list of component events
+    /**
-    public function jitsiComponents($jitsi_component, $component_id, $from_time, $until_time) {
+     * Retrieves Jitsi component events based on various filters.
     *
     * @param string $jitsi_component The Jitsi component name.
     * @param int $component_id The component ID.
     * @param string $event_type The type of event to filter by.
     * @param string $from_time The start date in 'YYYY-MM-DD' format.
     * @param string $until_time The end date in 'YYYY-MM-DD' format.
     * @param int $offset The offset for pagination.
     * @param int $items_per_page The number of items to retrieve per page.
     *
     * @return array The list of Jitsi component events or an empty array if no results.
     */
    public function jitsiComponents($jitsi_component, $component_id, $event_type, $from_time, $until_time, $offset=0, $items_per_page='') {
        global $logObject;
        try {
            // Add time part to dates if not present
            if (strlen($from_time) <= 10) {
                $from_time .= ' 00:00:00';
            }
            if (strlen($until_time) <= 10) {
                $until_time .= ' 23:59:59';
            }
-        // time period drill-down
+            // list of jitsi component events
-        // FIXME make it similar to the bash version
+            $sql = "SELECT jitsi_component, loglevel, time, component_id, event_type, event_param
-        if (empty($from_time)) {
+                    FROM jitsi_components
-            $from_time = '0000-01-01';
+                    WHERE time >= :from_time 
                    AND time <= :until_time";
            // Only add component and event filters if they're not the default values
            if ($jitsi_component !== 'jitsi_component') {
                $sql .= " AND LOWER(jitsi_component) = LOWER(:jitsi_component)";
            }
            if ($component_id !== 'component_id') {
                $sql .= " AND component_id = :component_id";
            }
            if ($event_type !== 'event_type') {
                $sql .= " AND event_type LIKE :event_type";
            }
            $sql .= " ORDER BY time";
            if ($items_per_page) {
                $sql .= ' LIMIT :offset, :items_per_page';
            }
            $stmt = $this->db->prepare($sql);
            // Bind parameters only if they're not default values
            if ($jitsi_component !== 'jitsi_component') {
                $stmt->bindValue(':jitsi_component', trim($jitsi_component, "'"));
            }
            if ($component_id !== 'component_id') {
                $stmt->bindValue(':component_id', trim($component_id, "'"));
            }
            if ($event_type !== 'event_type') {
                $stmt->bindValue(':event_type', '%' . trim($event_type, "'") . '%');
            }
            $stmt->bindParam(':from_time', $from_time);
            $stmt->bindParam(':until_time', $until_time);
            if ($items_per_page) {
                $stmt->bindParam(':offset', $offset, PDO::PARAM_INT);
                $stmt->bindParam(':items_per_page', $items_per_page, PDO::PARAM_INT);
            }
            $stmt->execute();
            $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
            if (!empty($result)) {
                $logObject->log('info', "Retrieved " . count($result) . " Jitsi component events", ['user_id' => $userId, 'scope' => 'system']);
            }
            return $result;
        } catch (PDOException $e) {
            $logObject->log('error', "Failed to retrieve Jitsi component events: " . $e->getMessage(), ['user_id' => $userId, 'scope' => 'system']);
            return [];
        }
        if (empty($until_time)) {
            $until_time = '9999-12-31';
        }
        $from_time = htmlspecialchars(strip_tags($from_time));
        $until_time = htmlspecialchars(strip_tags($until_time));
        // list of jitsi component events
        $sql = "
 SELECT
    jitsi_component, loglevel, time, component_id, event_type, event_param
 FROM
    jitsi_components
 WHERE
    jitsi_component = %s
 AND
    component_id = %s
 AND
    (time >= '%s 00:00:00' AND time <= '%s 23:59:59')
 ORDER BY
    time";
        $sql = sprintf($sql, $jitsi_component, $component_id, $from_time, $until_time);
        $query = $this->db->prepare($sql);
        $query->execute();
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
    /**
     * Gets the total count of components events matching the filter criteria
     * 
     * @param string $jitsi_component The Jitsi component name.
     * @param int $component_id The component ID.
     * @param string $event_type The type of event to filter by.
     * @param string $from_time The start date in 'YYYY-MM-DD' format.
     * @param string $until_time The end date in 'YYYY-MM-DD' format.
     * 
     * @return int The total count of matching components
     */
    public function getComponentEventsCount($jitsi_component, $component_id, $event_type, $from_time, $until_time) {
        global $logObject;
        try {
            // Add time part to dates if not present
            if (strlen($from_time) <= 10) {
                $from_time .= ' 00:00:00';
            }
            if (strlen($until_time) <= 10) {
                $until_time .= ' 23:59:59';
            }
            // Build the query
            $sql = "SELECT COUNT(*) as total
                    FROM jitsi_components
                    WHERE time >= :from_time
                    AND time <= :until_time";
            // Only add component and event filters if they're not the default values
            if ($jitsi_component !== 'jitsi_component') {
                $sql .= " AND LOWER(jitsi_component) = LOWER(:jitsi_component)";
            }
            if ($component_id !== 'component_id') {
                $sql .= " AND component_id = :component_id";
            }
            if ($event_type !== 'event_type') {
                $sql .= " AND event_type LIKE :event_type";
            }
            $stmt = $this->db->prepare($sql);
            // Bind parameters only if they're not default values
            if ($jitsi_component !== 'jitsi_component') {
                $stmt->bindValue(':jitsi_component', trim($jitsi_component, "'"));
            }
            if ($component_id !== 'component_id') {
                $stmt->bindValue(':component_id', trim($component_id, "'"));
            }
            if ($event_type !== 'event_type') {
                $stmt->bindValue(':event_type', '%' . trim($event_type, "'") . '%');
            }
            $stmt->bindParam(':from_time', $from_time);
            $stmt->bindParam(':until_time', $until_time);
            $stmt->execute();
            $result = $stmt->fetch(PDO::FETCH_ASSOC);
            return (int)$result['total'];
        } catch (PDOException $e) {
            $logObject->log('error', "Failed to retrieve component events count: " . $e->getMessage(), ['user_id' => $userId, 'scope' => 'system']);
            return 0;
        }
    }
 }
 ?>
--- a/app/classes/conference.php
+++ b/app/classes/conference.php
@ -1,15 +1,39 @@
 <?php
 /**
 * class Conference
 *
 * Provides methods for querying conference-related data from the database.
 */
 class Conference {
    /**
     * @var PDO|null $db The database connection instance.
     */
    private $db;
    /**
     * Conference constructor.
     * Initializes the database connection.
     *
     * @param object $database The database object to initialize the connection.
     */
    public function __construct($database) {
        $this->db = $database->getConnection();
    }
-    // search/list specific conference ID
+    /**
-    public function conferenceById($conference_id, $from_time, $until_time) {
+     * Retrieves conference data by conference ID within a specific time range.
     *
     * @param string $conference_id The conference ID.
     * @param string $from_time The start date in 'YYYY-MM-DD' format.
     * @param string $until_time The end date in 'YYYY-MM-DD' format.
     * @param int $offset The offset for pagination.
     * @param int $items_per_page The number of items to retrieve per page.
     *
     * @return array The list of conference events or an empty array if no results.
     */
    public function conferenceById($conference_id, $from_time, $until_time, $offset=0, $items_per_page='') {
        // time period drill-down
        // FIXME make it similar to the bash version
@ -69,6 +93,11 @@ AND (event_time >= '%s 00:00:00' AND event_time <= '%s 23:59:59')
 ORDER BY
    pe.time";
        if ($items_per_page) {
            $items_per_page = (int)$items_per_page;
            $sql .= ' LIMIT ' . $offset . ',' . $items_per_page;
        }
        $sql = sprintf($sql, $conference_id, $from_time, $until_time, $conference_id, $from_time, $until_time);
        $query = $this->db->prepare($sql);
@ -78,8 +107,18 @@ ORDER BY
    }
-    // search/list specific conference name
+    /**
-    public function conferenceByName($conference_name, $from_time, $until_time) {
+     * Retrieves conference data by conference name within a specific time range.
     *
     * @param string $conference_name The conference name.
     * @param string $from_time The start date in 'YYYY-MM-DD' format.
     * @param string $until_time The end date in 'YYYY-MM-DD' format.
     * @param int $offset The offset for pagination.
     * @param int $items_per_page The number of items to retrieve per page.
     *
     * @return array The list of conference events or an empty array if no results.
     */
    public function conferenceByName($conference_name, $from_time, $until_time, $offset=0, $items_per_page='') {
        // time period drill-down
        // FIXME make it similar to the bash version
@ -139,6 +178,11 @@ AND (event_time >= '%s 00:00:00' AND event_time <= '%s 23:59:59')
 ORDER BY
    pe.time";
        if ($items_per_page) {
            $items_per_page = (int)$items_per_page;
            $sql .= ' LIMIT ' . $offset . ',' . $items_per_page;
        }
        $sql = sprintf($sql, $conference_name, $from_time, $until_time, $conference_name, $from_time, $until_time);
        $query = $this->db->prepare($sql);
@ -148,8 +192,17 @@ ORDER BY
    }
-    // list of all conferences
+    /**
-    public function conferencesAllFormatted($from_time, $until_time) {
+     * Retrieves all conferences within a specific time range, formatted.
     *
     * @param string $from_time The start date in 'YYYY-MM-DD' format.
     * @param string $until_time The end date in 'YYYY-MM-DD' format.
     * @param int $offset The offset for pagination.
     * @param int $items_per_page The number of items to retrieve per page.
     *
     * @return array The list of formatted conference data or an empty array if no results.
     */
    public function conferencesAllFormatted($from_time, $until_time, $offset=0, $items_per_page='') {
        // time period drill-down
        // FIXME make it similar to the bash version
@ -234,6 +287,11 @@ WHERE (ce.time >= '%s 00:00:00' AND ce.time <= '%s 23:59:59')
 ORDER BY
    c.id";
        if ($items_per_page) {
            $items_per_page = (int)$items_per_page;
            $sql .= ' LIMIT ' . $offset . ',' . $items_per_page;
        }
        $sql = sprintf($sql, $from_time, $until_time);
        $query = $this->db->prepare($sql);
@ -242,7 +300,15 @@ ORDER BY
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
-    // number of conferences
+
    /**
     * Retrieves the number of conferences within a specific time range.
     *
     * @param string $from_time The start date in 'YYYY-MM-DD' format.
     * @param string $until_time The end date in 'YYYY-MM-DD' format.
     *
     * @return int The number of conferences found.
     */
    public function conferenceNumber($from_time, $until_time) {
        // time period drill-down
@ -259,25 +325,52 @@ ORDER BY
        $until_time = htmlspecialchars(strip_tags($until_time));
        // number of conferences for time period (if given)
-        // NB we need to cross check with first occurrence of "bridge selected"
+        // FIXME sometimes there is no start/end time, find a way around this
        // as in Jicofo logs there is no way to get the time for conference ID creation
        $sql = "
-SELECT COUNT(c.conference_id) as conferences
+SELECT COUNT(*) AS conferences
-FROM
+    FROM (
-    conferences c
+    SELECT DISTINCT
-LEFT JOIN (
+        (SELECT COALESCE
-    SELECT ce.conference_id, MIN(ce.time) as first_event_time
+            (
-    FROM conference_events ce
+                (SELECT ce.time
-    WHERE ce.conference_event = 'bridge selected'
+                    FROM conference_events ce
-    GROUP BY ce.conference_id
+                    WHERE
-) AS first_event ON c.conference_id = first_event.conference_id
+                        ce.conference_id = c.conference_id
-LEFT JOIN
+                        AND
-    conference_events ce ON c.conference_id = ce.conference_id
+                        ce.conference_event = 'conference created'
-WHERE
+                ),
-    (ce.time >= '%s 00:00:00' AND ce.time <= '%s 23:59:59')
+                (SELECT ce.time
-AND (ce.conference_event = 'conference created'
+                    FROM conference_events ce
-    OR (ce.conference_event = 'bridge selected' AND ce.time = first_event.first_event_time)
+                    WHERE
-)";
+                        ce.conference_id = c.conference_id
                        AND
                        ce.conference_event = 'bridge selected'
                )
            )
        ) AS start,
        (SELECT COALESCE
            (
                (SELECT ce.time
                    FROM conference_events ce
                    WHERE
                        ce.conference_id = c.conference_id
                        AND
                        (ce.conference_event = 'conference expired' OR ce.conference_event = 'conference stopped')
                ),
                (SELECT pe.time
                    FROM participant_events pe
                    WHERE
                        pe.event_param = c.conference_id
                        ORDER BY pe.time DESC
                        LIMIT 1
                )
            )
        ) AS end
        FROM conferences c
        JOIN
            conference_events ce ON c.conference_id = ce.conference_id
        WHERE (start >= '%s 00:00:00' AND end <= '%s 23:59:59')
    ) AS subquery";
        $sql = sprintf($sql, $from_time, $until_time);
@ -289,5 +382,3 @@ AND (ce.conference_event = 'conference created'
 }
 ?>
--- a/app/classes/config.php
+++ b/app/classes/config.php
@ -1,96 +1,158 @@
 <?php
 /**
 * class Config
 *
 * Handles editing and fetching of the config files.
 */
 class Config {
-    public function getPlatformDetails($config, $platform_id) {
+    /**
-        $platformDetails = $config['platforms'][$platform_id];
+     * Edits a config file by updating specified options.
-        return $platformDetails;
+     *
-    }
+     * @param array $updatedConfig Key-value pairs of config options to update.
     * @param string $config_file Path to the config file.
     *
     * @return array Returns an array with 'success' and 'updated' keys on success, or 'success' and 'error' keys on failure.
     */
    public function editConfigFile($updatedConfig, $config_file) {
        global $logObject, $userId;
        $allLogs = [];
        $updated = [];
-    // loading the config.js
+        try {
-    public function getPlatformConfigjs($platformDetails, $raw = false) {
+            if (!is_array($updatedConfig)) {
-        // constructing the URL
+                throw new Exception("Invalid config data: expected array");
        $configjsFile = $platformDetails['jitsi_url'] . '/config.js';
        // default content, if we can't get the file contents
        $platformConfigjs = "The file $configjsFile can't be loaded.";
        // ssl options
        $contextOptions = [
            'ssl' => [
                'verify_peer'		=> true,
                'verify_peer_name'	=> true,
            ],
        ];
        $context = stream_context_create($contextOptions);
        // get the file
        $fileContent = @file_get_contents($configjsFile, false, $context);
        if ($fileContent !== false) {
            // when we need only uncommented values
            if ($raw === false) {
                // remove block comments
                $platformConfigjs = preg_replace('!/\*.*?\*/!s', '', $fileContent);
                // remove single-line comments
                $platformConfigjs = preg_replace('/\/\/[^\n]*/', '', $platformConfigjs);
                // remove empty lines
                $platformConfigjs = preg_replace('/^\s*[\r\n]/m', '', $platformConfigjs);
            // when we need the full file as it is
            } else {
                $platformConfigjs = $fileContent;
            }
        }
-        return $platformConfigjs;
+            if (!file_exists($config_file) || !is_writable($config_file)) {
-
+                throw new Exception("Config file does not exist or is not writable: $config_file");
    }
    // loading the interface_config.js
    public function getPlatformInterfaceConfigjs($platformDetails, $raw = false) {
        // constructing the URL
        $interfaceConfigjsFile = $platformDetails['jitsi_url'] . '/interface_config.js';
        // default content, if we can't get the file contents
        $platformInterfaceConfigjs = "The file $interfaceConfigjsFile can't be loaded.";
        // ssl options
        $contextOptions = [
            'ssl' => [
                'verify_peer'		=> true,
                'verify_peer_name'	=> true,
            ],
        ];
        $context = stream_context_create($contextOptions);
        // get the file
        $fileContent = @file_get_contents($interfaceConfigjsFile, false, $context);
        if ($fileContent !== false) {
            // when we need only uncommented values
            if ($raw === false) {
                // remove block comments
                $platformInterfaceConfigjs = preg_replace('!/\*.*?\*/!s', '', $fileContent);
                // remove single-line comments
                $platformInterfaceConfigjs = preg_replace('/\/\/[^\n]*/', '', $platformInterfaceConfigjs);
                // remove empty lines
                $platformInterfaceConfigjs = preg_replace('/^\s*[\r\n]/m', '', $platformInterfaceConfigjs);
            // when we need the full file as it is
            } else {
                $platformInterfaceConfigjs = $fileContent;
            }
            // First we get a fresh config file contents as text
            $config_contents = file_get_contents($config_file);
            if ($config_contents === false) {
                throw new Exception("Failed to read the config file: $config_file");
            }
            $lines = explode("\n", $config_contents);
            // We loop through the variables and update them
            foreach ($updatedConfig as $key => $newValue) {
                if (strpos($key, '[') !== false) {
                    preg_match_all('/([^\[\]]+)/', $key, $matches);
                    if (empty($matches[1])) continue;
                    $parts = $matches[1];
                    $currentPath = [];
                    $found = false;
                    $inTargetArray = false;
                    foreach ($lines as $i => $line) {
                        $line = rtrim($line);
                        if (preg_match("/^\\s*\\]/", $line)) {
                            if (!empty($currentPath)) {
                                if ($inTargetArray && end($currentPath) === $parts[0]) {
                                    $inTargetArray = false;
                                }
                                array_pop($currentPath);
                            }
                            continue;
                        }
                        if (preg_match("/^\\s*['\"]([^'\"]+)['\"]\\s*=>/", $line, $matches)) {
                            $key = $matches[1];
                            if (strpos($line, '[') !== false) {
                                $currentPath[] = $key;
                                if ($key === $parts[0]) {
                                    $inTargetArray = true;
                                }
                            } else if ($key === end($parts) && $inTargetArray) {
                                $pathMatches = true;
                                $expectedPath = array_slice($parts, 0, -1);
                                if (count($currentPath) === count($expectedPath)) {
                                    for ($j = 0; $j < count($expectedPath); $j++) {
                                        if ($currentPath[$j] !== $expectedPath[$j]) {
                                            $pathMatches = false;
                                            break;
                                        }
                                    }
                                    if ($pathMatches) {
                                        if ($newValue === 'true' || $newValue === '1') {
                                            $replacementValue = 'true';
                                        } elseif ($newValue === 'false' || $newValue === '0') {
                                            $replacementValue = 'false';
                                        } else {
                                            $replacementValue = var_export($newValue, true);
                                        }
                                        if (preg_match("/^(\\s*['\"]" . preg_quote($key, '/') . "['\"]\\s*=>\\s*).*?(,?)\\s*$/", $line, $matches)) {
                                            $lines[$i] = $matches[1] . $replacementValue . $matches[2];
                                            $updated[] = implode('.', array_merge($currentPath, [$key]));
                                            $found = true;
                                        }
                                    }
                                }
                            }
                        }
                    }
                    if (!$found) {
                        $allLogs[] = "Failed to update: $key";
                    }
                } else {
                    if (!preg_match('/^[a-zA-Z_][a-zA-Z0-9_]*$/', $key)) {
                        throw new Exception("Invalid config key format: $key");
                    }
                    if ($newValue === 'true' || $newValue === '1') {
                        $replacementValue = 'true';
                    } elseif ($newValue === 'false' || $newValue === '0') {
                        $replacementValue = 'false';
                    } else {
                        $replacementValue = var_export($newValue, true);
                    }
                    $found = false;
                    foreach ($lines as $i => $line) {
                        if (preg_match("/^(\\s*['\"]" . preg_quote($key, '/') . "['\"]\\s*=>\\s*).*?(,?)\\s*$/", $line, $matches)) {
                            $lines[$i] = $matches[1] . $replacementValue . $matches[2];
                            $updated[] = $key;
                            $found = true;
                            break;
                        }
                    }
                    if (!$found) {
                        $allLogs[] = "Failed to update: $key";
                    }
                }
            }
            // We write the new config file
            $new_contents = implode("\n", $lines);
            if (file_put_contents($config_file, $new_contents) === false) {
                throw new Exception("Failed to write the config file: $config_file");
            }
            if (!empty($allLogs)) {
                $logObject->log('info', implode("\n", $allLogs), ['user_id' => $userId, 'scope' => 'system']);
            }
            return [
                'success' => true,
                'updated' => $updated
            ];
        } catch (Exception $e) {
            $logObject->log('error', "Config update error: " . $e->getMessage(), ['user_id' => $userId, 'scope' => 'system']);
            return [
                'success' => false,
                'error' => $e->getMessage()
            ];
        }
        return $platformInterfaceConfigjs;
    }
 }
 ?>
--- a/app/classes/database.php
+++ b/app/classes/database.php
@ -1,79 +1,223 @@
 <?php
-require '../app/helpers/errors.php';
+/**
-
+ * class Database
 *
 * Manages database connections for SQLite and MySQL (or MariaDB).
 */
 class Database {
    /**
     * @var PDO|null $pdo The database connection instance.
     */
    private $pdo;
    /**
     * Database constructor.
     * Initializes the database connection based on provided options.
     *
     * @param array $options An associative array with database connection options:
     *                       - type: The database type ('sqlite', 'mysql', or 'mariadb').
     *                       - dbFile: The path to the SQLite database file (required for SQLite).
     *                       - host: The database host (required for MySQL).
     *                       - port: The port for MySQL (optional, default: 3306).
     *                       - dbname: The name of the MySQL database (required for MySQL).
     *                       - user: The username for MySQL (required for MySQL).
     *                       - password: The password for MySQL (optional).
     *
     * @throws Exception If required extensions are not loaded or options are invalid.
     */
    public function __construct($options) {
-        // pdo needed
+        // check if PDO extension is loaded
-        if ( !extension_loaded('pdo') ) {
+        if (!extension_loaded('pdo')) {
-            $error = getError('PDO extension not loaded.');
+            throw new Exception('PDO extension not loaded.');
        }
        // options check
        if (empty($options['type'])) {
-            $error = getError('Database type is not set.');
+            throw new Exception('Database type is not set.');
        }
-        // database type
+        // connect based on database type
        switch ($options['type']) {
            case 'sqlite':
                $this->connectSqlite($options);
                break;
-            case 'mysql' || 'mariadb':
+            case 'mysql':
            case 'mariadb':
                $this->connectMysql($options);
                break;
            default:
-                $error = getError("Database type \"{$options['type']}\" is not supported.");
+                $this->pdo = null;
        }
    }
    /**
     * Establishes a connection to a SQLite database.
     *
     * @param array $options An associative array with SQLite connection options:
     *                       - dbFile: The path to the SQLite database file.
     *
     * @throws Exception If the SQLite PDO extension is not loaded or the database file is missing.
     */
    private function connectSqlite($options) {
        // pdo_sqlite extension is needed
        if (!extension_loaded('pdo_sqlite')) {
-            $error = getError('PDO extension for SQLite not loaded.');
+            throw new Exception('PDO extension for SQLite not loaded.');
        }
        // SQLite options
-        if (empty($options['dbFile']) || !file_exists($options['dbFile'])) {
+        if (empty($options['dbFile'])) {
-            $error = getError("SQLite database file \"{$dbFile}\" not found.");
+            throw new Exception('SQLite database file path is missing.');
        }
        // For in-memory database (especially for the tests), skip file check
        if ($options['dbFile'] !== ':memory:' && !file_exists($options['dbFile'])) {
            throw new Exception("SQLite database file \"{$options['dbFile']}\" not found.");
        }
        // connect to SQLite
        try {
            $this->pdo = new PDO("sqlite:" . $options['dbFile']);
            $this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            // enable foreign key constraints (not ON by default in SQLite3)
            $this->pdo->exec('PRAGMA foreign_keys = ON;');
        } catch (PDOException $e) {
-            $error = getError('SQLite connection failed: ', $e->getMessage());
+            throw new Exception('SQLite connection failed: ' . $e->getMessage());
        }
    }
    /**
     * Establishes a connection to a MySQL (or MariaDB) database.
     *
     * @param array $options An associative array with MySQL connection options:
     *                       - host: The database host.
     *                       - port: The database port (default: 3306).
     *                       - dbname: The name of the database.
     *                       - user: The database username.
     *                       - password: The database password (optional).
     *
     * @throws Exception If the MySQL PDO extension is not loaded or required options are missing.
     */
    private function connectMysql($options) {
        // pdo_mysql extension is needed
        if (!extension_loaded('pdo_mysql')) {
-            $error = getError('PDO extension for MySQL not loaded.');
+            throw new Exception('PDO extension for MySQL not loaded.');
        }
        // MySQL options
        if (empty($options['host']) || empty($options['dbname']) || empty($options['user'])) {
-            $error = getError('MySQL connection data is missing.');
+            throw new Exception('MySQL connection data is missing.');
        }
        // Connect to MySQL
        try {
-            $dsn = "mysql:host={$options['host']};port={$options['port']};dbname={$options['dbname']};charset=utf8";
+            $port = $options['port'] ?? 3306;
            $dsn = "mysql:host={$options['host']};port={$port};dbname={$options['dbname']};charset=utf8";
            $this->pdo = new PDO($dsn, $options['user'], $options['password'] ?? '');
            $this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        } catch (PDOException $e) {
-            $error = getError('MySQL connection failed: ', $config['environment'], $e->getMessage());
+            $this->pdo = null;
        }
    }
    /**
     * Retrieves the current PDO connection instance.
     *
     * @return PDO|null The PDO instance or null if no connection is established.
     */
    public function getConnection() {
        return $this->pdo;
    }
-}
+    /**
     * Executes an SQL query with optional parameters.
     *
     * @param string $query The SQL query to execute
     * @param array $params Optional parameters for the query
     * @return PDOStatement|false The result of the query execution
     * @throws Exception If the query fails
     */
    public function execute($query, $params = []) {
        if (!$this->pdo) {
            throw new Exception('No database connection.');
        }
-?>
+        try {
            $stmt = $this->pdo->prepare($query);
            $stmt->execute($params);
            return $stmt;
        } catch (PDOException $e) {
            throw new Exception('Query execution failed: ' . $e->getMessage());
        }
    }
    /**
     * Prepares an SQL statement for execution.
     *
     * @param string $query The SQL query to prepare
     * @return PDOStatement The prepared statement
     * @throws Exception If the preparation fails
     */
    public function prepare($query) {
        if (!$this->pdo) {
            throw new Exception('No database connection.');
        }
        try {
            return $this->pdo->prepare($query);
        } catch (PDOException $e) {
            throw new Exception('Statement preparation failed: ' . $e->getMessage());
        }
    }
    /**
     * Begins a database transaction.
     *
     * @throws Exception If starting the transaction fails
     */
    public function beginTransaction() {
        if (!$this->pdo) {
            throw new Exception('No database connection.');
        }
        try {
            return $this->pdo->beginTransaction();
        } catch (PDOException $e) {
            throw new Exception('Failed to start transaction: ' . $e->getMessage());
        }
    }
    /**
     * Commits the current database transaction.
     *
     * @throws Exception If committing the transaction fails
     */
    public function commit() {
        if (!$this->pdo) {
            throw new Exception('No database connection.');
        }
        try {
            return $this->pdo->commit();
        } catch (PDOException $e) {
            throw new Exception('Failed to commit transaction: ' . $e->getMessage());
        }
    }
    /**
     * Rolls back the current database transaction.
     *
     * @throws Exception If rolling back the transaction fails
     */
    public function rollBack() {
        if (!$this->pdo) {
            throw new Exception('No database connection.');
        }
        try {
            return $this->pdo->rollBack();
        } catch (PDOException $e) {
            throw new Exception('Failed to rollback transaction: ' . $e->getMessage());
        }
    }
 }
--- a/app/classes/feedback.php
+++ b/app/classes/feedback.php
@ -0,0 +1,238 @@
 <?php
 class Feedback {
    // Feedback types
    const TYPE_SUCCESS = 'success';
    const TYPE_ERROR = 'danger';
    const TYPE_INFO = 'info';
    const TYPE_WARNING = 'warning';
    // Default feedback message configurations
    const NOTICE = [
        'DEFAULT' => [
            'type' => self::TYPE_INFO,
            'dismissible' => true
        ]
    ];
    const ERROR = [
        'DEFAULT' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => false
        ]
    ];
    const LOGIN = [
        'LOGIN_SUCCESS' => [
            'type' => self::TYPE_SUCCESS,
            'dismissible' => true
        ],
        'LOGIN_FAILED' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => false
        ],
        'LOGOUT_SUCCESS' => [
            'type' => self::TYPE_SUCCESS,
            'dismissible' => true
        ],
        'SESSION_TIMEOUT' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => true
        ],
        'IP_BLACKLISTED' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => false
        ],
        'IP_NOT_WHITELISTED' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => false
        ],
        'TOO_MANY_ATTEMPTS' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => false
        ]
    ];
    const REGISTER = [
        'SUCCESS' => [
            'type' => self::TYPE_SUCCESS,
            'dismissible' => true
        ],
        'FAILED' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => true
        ],
        'DISABLED' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => false
        ],
    ];
    const SECURITY = [
        'WHITELIST_ADD_SUCCESS' => [
            'type' => self::TYPE_SUCCESS,
            'dismissible' => true
        ],
        'WHITELIST_ADD_ERROR' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => true
        ],
        'WHITELIST_REMOVE_SUCCESS' => [
            'type' => self::TYPE_SUCCESS,
            'dismissible' => true
        ],
        'WHITELIST_REMOVE_ERROR' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => true
        ],
        'BLACKLIST_ADD_SUCCESS' => [
            'type' => self::TYPE_SUCCESS,
            'dismissible' => true
        ],
        'BLACKLIST_ADD_ERROR' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => true
        ],
        'BLACKLIST_REMOVE_SUCCESS' => [
            'type' => self::TYPE_SUCCESS,
            'dismissible' => true
        ],
        'BLACKLIST_REMOVE_ERROR' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => true
        ],
        'RATE_LIMIT_INFO' => [
            'type' => self::TYPE_INFO,
            'dismissible' => false
        ],
        'PERMISSION_DENIED' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => false
        ],
        'IP_REQUIRED' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => false
        ]
    ];
    const THEME = [
        'THEME_CHANGE_SUCCESS' => [
            'type' => self::TYPE_SUCCESS,
            'dismissible' => true
        ],
        'THEME_CHANGE_FAILED' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => true
        ]
    ];
    const SYSTEM = [
        'DB_ERROR' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => false
        ],
        'DB_CONNECT_ERROR' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => false
        ],
        'DB_UNKNOWN_TYPE' => [
            'type' => self::TYPE_ERROR,
            'dismissible' => false
        ],
    ];
    private static $strings = null;
    /**
     * Get feedback message strings
     */
    private static function getStrings() {
        if (self::$strings === null) {
            self::$strings = require __DIR__ . '/../includes/strings.php';
        }
        return self::$strings;
    }
    /**
     * Get feedback message configuration by key
     */
    public static function get($category, $key) {
        $config = constant("self::$category")[$key] ?? null;
        if (!$config) return null;
        $strings = self::getStrings();
        $message = $strings[$category][$key] ?? '';
        return array_merge($config, ['message' => $message]);
    }
    /**
     * Render feedback message HTML
     */
    // Usage: echo Feedback::render('LOGIN', 'LOGIN_SUCCESS', 'custom message [or null]', true [for dismissible; or null], true [for small; or omit]);
    public static function render($category, $key, $customMessage = null, $dismissible = null, $small = false, $sanitize = true) {
        $config = self::get($category, $key);
        if (!$config) return '';
        $message = $customMessage ?? $config['message'];
        $isDismissible = $dismissible ?? $config['dismissible'] ?? false;
        $dismissClass = $isDismissible ? ' alert-dismissible fade show' : '';
        $dismissButton = $isDismissible ? '<button type="button" class="btn-close' . ($small ? ' btn-close-sm' : '') . '" data-bs-dismiss="alert" aria-label="Close"></button>' : '';
        $smallClass = $small ? ' alert-sm' : '';
        return sprintf(
            '<div class="alert alert-%s%s%s" role="alert">%s%s</div>',
            $config['type'],
            $dismissClass,
            $smallClass,
            $sanitize ? htmlspecialchars($message) : $message,
            $dismissButton
        );
    }
    /**
     * Get feedback message data for JavaScript
     */
    public static function getMessageData($category, $key, $customMessage = null, $dismissible = null, $small = false) {
        $config = self::get($category, $key);
        if (!$config) return null;
        return [
            'type' => $config['type'],
            'message' => $customMessage ?? $config['message'],
            'dismissible' => $dismissible ?? $config['dismissible'] ?? false,
            'small' => $small
        ];
    }
    /**
     * Store feedback message in session for display after redirect
     */
    // Usage: Feedback::flash('LOGIN', 'LOGIN_SUCCESS', 'custom message [or null]', true [for dismissible; or null], true [for small; or omit]);
    public static function flash($category, $key, $customMessage = null, $dismissible = null, $small = false) {
        if (!isset($_SESSION['flash_messages'])) {
            $_SESSION['flash_messages'] = [];
        }
        // Get the feedback message configuration
        $config = self::get($category, $key);
        $isDismissible = $dismissible ?? $config['dismissible'] ?? false;
        $_SESSION['flash_messages'][] = [
            'category' => $category,
            'key' => $key,
            'custom_message' => $customMessage,
            'dismissible' => $isDismissible,
            'small' => $small
        ];
    }
    /**
     * Get and clear all flash feedback messages
     */
    public static function getFlash() {
        $system_messages = $_SESSION['flash_messages'] ?? [];
        unset($_SESSION['flash_messages']);
        return $system_messages;
    }
 }
--- a/app/classes/host.php
+++ b/app/classes/host.php
@ -0,0 +1,165 @@
 <?php
 /**
 * class Host
 *
 * Manages the hosts in the database, providing methods to retrieve, add, edit, and delete host entries.
 */
 class Host {
    /**
     * @var PDO|null $db The database connection instance.
     */
    private $db;
    /**
     * Host constructor.
     * Initializes the database connection.
     *
     * @param object $database The database object to initialize the connection.
     */
    public function __construct($database) {
        $this->db = $database->getConnection();
    }
    /**
     * Get details of a specified host ID (or all hosts) in a specified platform ID.
     *
     * @param string $platform_id The platform ID to filter the hosts by (optional).
     * @param string $host_id The host ID to filter the details (optional).
     *
     * @return array The details of the host(s) in the form of an associative array.
     */
    public function getHostDetails($platform_id = '', $host_id = '') {
        $sql = 'SELECT
                    id,
                    address,
                    platform_id,
                    name
                FROM
                    host';
        if ($platform_id !== '' && $host_id !== '') {
            $sql .= ' WHERE platform_id = :platform_id AND id = :host_id';
        } elseif ($platform_id !== '') {
            $sql .= ' WHERE platform_id = :platform_id';
        } elseif ($host_id !== '') {
            $sql .= ' WHERE id = :host_id';
        }
        $query = $this->db->prepare($sql);
        if ($platform_id !== '') {
            $query->bindParam(':platform_id', $platform_id);
        }
        if ($host_id !== '') {
            $query->bindParam(':host_id', $host_id);
        }
        $query->execute();
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
    /**
     * Add a new host to the database.
     *
     * @param array $newHost An associative array containing the details of the host to be added.
     *
     * @return bool True if the host was added successfully, otherwise false.
     */
    public function addHost($newHost) {
        try {
            $sql = 'INSERT INTO host
                    (address, platform_id, name)
                    VALUES
                    (:address, :platform_id, :name)';
            $query = $this->db->prepare($sql);
            $query->execute([
                ':address'          => $newHost['address'],
                ':platform_id'		=> $newHost['platform_id'],
                ':name'             => $newHost['name'],
            ]);
            return true;
        } catch (Exception $e) {
            return $e->getMessage();
        }
    }
    /**
     * Edit an existing host in the database.
     *
     * @param string $platform_id The platform ID to which the host belongs.
     * @param array $updatedHost An associative array containing the updated details of the host.
     *
     * @return bool|string True if the host was updated successfully, otherwise error message.
     */
    public function editHost($platform_id, $updatedHost) {
        try {
            $sql = 'UPDATE host SET
                        address = :address,
                        name = :name
                    WHERE
                        id = :id AND platform_id = :platform_id';
            $query = $this->db->prepare($sql);
            $query->execute([
                ':id'           => $updatedHost['id'],
                ':platform_id'  => $platform_id,
                ':address'      => $updatedHost['address'],
                ':name'         => $updatedHost['name']
            ]);
            if ($query->rowCount() === 0) {
                return "No host found with ID {$updatedHost['id']} in platform $platform_id";
            }
            return true;
        } catch (Exception $e) {
            return $e->getMessage();
        }
    }
    /**
     * Delete a host from the database.
     *
     * @param int $host_id The ID of the host to be deleted.
     *
     * @return bool True if the host was deleted successfully, otherwise false.
     */
    public function deleteHost($host_id) {
        try {
            // Start transaction
            $this->db->beginTransaction();
            // First delete all agents associated with this host
            $sql = 'DELETE FROM jilo_agent WHERE host_id = :host_id';
            $query = $this->db->prepare($sql);
            $query->bindParam(':host_id', $host_id);
            $query->execute();
            // Then delete the host
            $sql = 'DELETE FROM host WHERE id = :host_id';
            $query = $this->db->prepare($sql);
            $query->bindParam(':host_id', $host_id);
            $query->execute();
            // Commit transaction
            $this->db->commit();
            return true;
        } catch (Exception $e) {
            // Rollback transaction on error
            $this->db->rollBack();
            return $e->getMessage();
        }
    }
 }
--- a/app/classes/log.php
+++ b/app/classes/log.php
@ -0,0 +1,40 @@
 <?php
 /**
 * Log wrapper that delegates to plugin Log or NullLogger fallback.
 * Used when code does require_once '../app/classes/log.php'.
 */
 // If there is already a Log plugin loaded
 if (class_exists('Log')) {
    return;
 }
 // Load fallback NullLogger
 require_once __DIR__ . '/../core/NullLogger.php';
 class Log {
    private $logger;
    /**
     * @param mixed $database Database or DatabaseConnector instance
     */
    public function __construct($database) {
        global $logObject;
        if (isset($logObject) && method_exists($logObject, 'insertLog')) {
            $this->logger = $logObject;
        } else {
            $this->logger = new \App\Core\NullLogger();
        }
    }
    /**
     * PSR-3 compatible log method
     * @param string $level
     * @param string $message
     * @param array $context
     */
    public function log(string $level, string $message, array $context = []): void {
        $this->logger->log($level, $message, $context);
    }
 }
--- a/app/classes/participant.php
+++ b/app/classes/participant.php
@ -1,15 +1,40 @@
 <?php
 /**
 * class Participant
 *
 * This class provides methods to retrieve information about participants and their related conference data.
 * It supports querying participant details by ID, name, or IP, as well as listing all participants and counting them within a specific time frame.
 */
 class Participant {
    /**
     * @var PDO|null $db The database connection instance.
     */
    private $db;
    /**
     * Constructor
     * Initializes the database connection.
     *
     * @param object $database The database object to initialize the connection.
     */
    public function __construct($database) {
        $this->db = $database->getConnection();
    }
-    // search/list specific participant ID
+    /**
-    public function conferenceByParticipantId($participant_id, $from_time, $until_time) {
+     * Retrieve conferences by participant ID within a specified time period.
     *
     * @param string $participant_id  The participant's ID (endpoint_id).
     * @param string $from_time       The start date (format: 'YYYY-MM-DD'). Defaults to '0000-01-01' if empty.
     * @param string $until_time      The end date (format: 'YYYY-MM-DD'). Defaults to '9999-12-31' if empty.
     * @param int    $offset          The offset for pagination.
     * @param int    $items_per_page  The number of items per page for pagination.
     *
     * @return array List of conferences involving the specified participant ID.
     */
    public function conferenceByParticipantId($participant_id, $from_time, $until_time, $offset=0, $items_per_page='') {
        // time period drill-down
        // FIXME make it similar to the bash version
@ -69,6 +94,11 @@ AND (event_time >= '%s 00:00:00' AND event_time <= '%s 23:59:59')
 ORDER BY
    pe.time";
        if ($items_per_page) {
            $items_per_page = (int)$items_per_page;
            $sql .= ' LIMIT ' . $offset . ',' . $items_per_page;
        }
        $sql = sprintf($sql, $participant_id, $from_time, $until_time, $participant_id, $from_time, $until_time);
        $query = $this->db->prepare($sql);
@ -78,8 +108,18 @@ ORDER BY
    }
-    // search/list specific participant name (stats_id)
+    /**
-    public function conferenceByParticipantName($participant_name, $from_time, $until_time) {
+     * Retrieve conferences by participant name within a specified time period.
     *
     * @param string $participant_name The participant's name (stats_id).
     * @param string $from_time        The start date (format: 'YYYY-MM-DD'). Defaults to '0000-01-01' if empty.
     * @param string $until_time       The end date (format: 'YYYY-MM-DD'). Defaults to '9999-12-31' if empty.
     * @param int    $offset           The offset for pagination.
     * @param int    $items_per_page   The number of items per page for pagination.
     *
     * @return array List of conferences involving the specified participant name.
     */
    public function conferenceByParticipantName($participant_name, $from_time, $until_time, $offset=0, $items_per_page='') {
        // time period drill-down
        // FIXME make it similar to the bash version
@ -139,6 +179,11 @@ AND (event_time >= '%s 00:00:00' AND event_time <= '%s 23:59:59')
 ORDER BY
    pe.time";
        if ($items_per_page) {
            $items_per_page = (int)$items_per_page;
            $sql .= ' LIMIT ' . $offset . ',' . $items_per_page;
        }
        $sql = sprintf($sql, $participant_name, $from_time, $until_time, $participant_name, $from_time, $until_time);
        $query = $this->db->prepare($sql);
@ -148,8 +193,18 @@ ORDER BY
    }
-    // search/list specific participant IP
+    /**
-    public function conferenceByParticipantIP($participant_ip, $from_time, $until_time) {
+     * Retrieve conferences by participant IP within a specified time period.
     *
     * @param string $participant_ip   The participant's IP address.
     * @param string $from_time        The start date (format: 'YYYY-MM-DD'). Defaults to '0000-01-01' if empty.
     * @param string $until_time       The end date (format: 'YYYY-MM-DD'). Defaults to '9999-12-31' if empty.
     * @param int    $offset           The offset for pagination.
     * @param int    $items_per_page   The number of items per page for pagination.
     *
     * @return array List of conferences involving the specified participant IP.
     */
    public function conferenceByParticipantIP($participant_ip, $from_time, $until_time, $offset=0, $items_per_page='') {
        // time period drill-down
        // FIXME make it similar to the bash version
@ -209,6 +264,11 @@ AND (event_time >= '%s 00:00:00' AND event_time <= '%s 23:59:59')
 ORDER BY
    pe.time";
        if ($items_per_page) {
            $items_per_page = (int)$items_per_page;
            $sql .= ' LIMIT ' . $offset . ',' . $items_per_page;
        }
        $sql = sprintf($sql, $participant_ip, $from_time, $until_time, $participant_ip, $from_time, $until_time);
        $query = $this->db->prepare($sql);
@ -218,8 +278,17 @@ ORDER BY
    }
-    // list of all participants
+    /**
-    public function participantsAll($from_time, $until_time) {
+     * Retrieve a list of all participants within a specified time period.
     *
     * @param string $from_time       The start date (format: 'YYYY-MM-DD'). Defaults to '0000-01-01' if empty.
     * @param string $until_time      The end date (format: 'YYYY-MM-DD'). Defaults to '9999-12-31' if empty.
     * @param int    $offset          The offset for pagination.
     * @param int    $items_per_page  The number of items per page for pagination.
     *
     * @return array List of all participants.
     */
    public function participantsAll($from_time, $until_time, $offset=0, $items_per_page='') {
        // time period drill-down
        // FIXME make it similar to the bash version
@ -246,6 +315,11 @@ WHERE
    pe.time >= '%s 00:00:00' AND pe.time <= '%s 23:59:59'
 ORDER BY p.id";
        if ($items_per_page) {
            $items_per_page = (int)$items_per_page;
            $sql .= ' LIMIT ' . $offset . ',' . $items_per_page;
        }
        $sql = sprintf($sql, $from_time, $until_time);
        $query = $this->db->prepare($sql);
@ -254,7 +328,15 @@ ORDER BY p.id";
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
-    // number of participants
+
    /**
     * Count the number of participants within a specified time period.
     *
     * @param string $from_time  The start date (format: 'YYYY-MM-DD'). Defaults to '0000-01-01' if empty.
     * @param string $until_time The end date (format: 'YYYY-MM-DD'). Defaults to '9999-12-31' if empty.
     *
     * @return int The number of participants.
     */
    public function participantNumber($from_time, $until_time) {
        // time period drill-down
@ -289,7 +371,4 @@ AND pe.event_type = 'participant joining'";
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
 }
 ?>
--- a/app/classes/passwordReset.php
+++ b/app/classes/passwordReset.php
@ -0,0 +1,172 @@
 <?php
 /**
 * Handles password reset functionality including token generation and validation
 */
 class PasswordReset {
    private $db;
    private const TOKEN_LENGTH = 32;
    private const TOKEN_EXPIRY = 3600; // 1 hour
    public function __construct($database) {
        if ($database instanceof PDO) {
            $this->db = $database;
        } else {
            $this->db = $database->getConnection();
        }
    }
    /**
     * Creates a password reset request and sends email to user
     *
     * @param string $email User's email address
     * @return array Status of the reset request
     */
    public function requestReset($email) {
        // Check if email exists
        $query = $this->db->prepare("
            SELECT u.id, um.email
            FROM user u
            JOIN user_meta um ON u.id = um.user_id
            WHERE um.email = :email"
        );
        $query->bindParam(':email', $email);
        $query->execute();
        $user = $query->fetch(PDO::FETCH_ASSOC);
        if (!$user) {
            return ['success' => false, 'message' => 'If this email exists in our system, you will receive reset instructions.'];
        }
        // Generate unique token
        $token = bin2hex(random_bytes(self::TOKEN_LENGTH / 2));
        $expires = time() + self::TOKEN_EXPIRY;
        // Store token in database
        $query = $this->db->prepare("
            INSERT INTO user_password_reset (user_id, token, expires)
            VALUES (:user_id, :token, :expires)"
        );
        $query->bindParam(':user_id', $user['id']);
        $query->bindParam(':token', $token);
        $query->bindParam(':expires', $expires);
        if (!$query->execute()) {
            return ['success' => false, 'message' => 'Failed to process reset request'];
        }
        // We need the config for the email details
        global $config;
        // Prepare the reset link
        $scheme = $_SERVER['REQUEST_SCHEME'];
        $domain = trim($config['domain'], '/');
        $folder = trim($config['folder'], '/');
        $folderPath = $folder !== '' ? "/$folder" : '';
        $resetLink = "{$scheme}://{$domain}{$folderPath}/index.php?page=login&action=reset&token=" . urlencode($token);
        // Send email with reset link
        $to = $user['email'];
        $subject = "{$config['site_name']} - Password reset request";
        $message = "Dear user,\n\n";
        $message .= "We received a request to reset your password for your {$config['site_name']} account.\n\n";
        $message .= "To set a new password, please click the link below:\n\n";
        $message .= $resetLink . "\n\n";
        $message .= "This link will expire in 1 hour for security reasons.\n\n";
        $message .= "If you did not request this password reset, please ignore this email. Your account remains secure.\n\n";
        if (!empty($config['site_name'])) {
            $message .= "Best regards,\n";
            $message .= "The {$config['site_name']} team\n";
            if (!empty($config['site_slogan'])) {
                $message .= ":: {$config['site_slogan']} ::";
            }
        }
        $headers = [
            'From' => "noreply@{$config['domain']}",
            'Reply-To' => "noreply@{$config['domain']}",
            'X-Mailer' => 'PHP/' . phpversion()
        ];
        if (!mail($to, $subject, $message, $headers)) {
            return ['success' => false, 'message' => 'Failed to send reset email'];
        }
        return ['success' => true, 'message' => 'If this email exists in our system, you will receive reset instructions.'];
    }
    /**
     * Validates a reset token and returns associated user ID if valid
     *
     * @param string $token Reset token
     * @return array Validation result with user ID if successful
     */
    public function validateToken($token) {
        $now = time();
        $query = $this->db->prepare("
            SELECT user_id
            FROM user_password_reset
            WHERE token = :token
            AND expires > :now
            AND used = 0
        ");
        $query->bindParam(':token', $token);
        $query->bindParam(':now', $now);
        $query->execute();
        $result = $query->fetch(PDO::FETCH_ASSOC);
        if (!$result) {
            return ['valid' => false];
        }
        return ['valid' => true, 'user_id' => $result['user_id']];
    }
    /**
     * Completes the password reset process
     *
     * @param string $token Reset token
     * @param string $newPassword New password
     * @return bool Whether reset was successful
     */
    public function resetPassword($token, $newPassword) {
        $validation = $this->validateToken($token);
        if (!$validation['valid']) {
            return false;
        }
        // Start transaction
        $this->db->beginTransaction();
        try {
            // Update password
            $hashedPassword = password_hash($newPassword, PASSWORD_DEFAULT);
            $query = $this->db->prepare(
                "UPDATE user
                SET password = :password
                WHERE id = :user_id"
            );
            $query->bindParam(':password', $hashedPassword);
            $query->bindParam(':user_id', $validation['user_id']);
            $query->execute();
            // Mark token as used
            $query = $this->db->prepare(
                "UPDATE user_password_reset
                SET used = 1
                WHERE token = :token"
            );
            $query->bindParam(':token', $token);
            $query->execute();
            $this->db->commit();
            return true;
        } catch (Exception $e) {
            $this->db->rollBack();
            return false;
        }
    }
 }
--- a/app/classes/platform.php
+++ b/app/classes/platform.php
@ -0,0 +1,163 @@
 <?php
 /**
 * class Platform
 *
 * Handles platform management in the database, including retrieving, adding, editing, and deleting platforms.
 */
 class Platform {
    /**
     * @var PDO|null $db The database connection instance.
     */
    private $db;
    /**
     * Platform constructor.
     * Initializes the database connection.
     *
     * @param object $database The database object to initialize the connection.
     */
    public function __construct($database) {
        $this->db = $database->getConnection();
    }
    /**
     * Retrieve details of a specific platform or all platforms.
     *
     * @param string $platform_id The ID of the platform to retrieve details for (optional).
     *
     * @return array An associative array containing platform details.
     */
    public function getPlatformDetails($platform_id = '') {
        $sql = 'SELECT * FROM platform';
        if ($platform_id !== '') {
            $sql .= ' WHERE id = :platform_id';
            $query = $this->db->prepare($sql);
            $query->bindParam(':platform_id', $platform_id);
        } else {
            $query = $this->db->prepare($sql);
        }
        $query->execute();
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
    /**
     * Add a new platform to the database.
     *
     * @param array $newPlatform An associative array containing the details of the new platform:
     *                           - `name` (string): The name of the platform.
     *                           - `jitsi_url` (string): The URL for the Jitsi integration.
     *                           - `jilo_database` (string): The database name for Jilo integration.
     *
     * @return bool|string True if the platform was added successfully, or an error message on failure.
     */
    public function addPlatform($newPlatform) {
        try {
            $sql = 'INSERT INTO platform
                    (name, jitsi_url, jilo_database)
                    VALUES
                    (:name, :jitsi_url, :jilo_database)';
            $query = $this->db->prepare($sql);
            $query->execute([
                ':name'			=> $newPlatform['name'],
                ':jitsi_url'		=> $newPlatform['jitsi_url'],
                ':jilo_database'	=> $newPlatform['jilo_database'],
            ]);
            return true;
        } catch (Exception $e) {
            return $e->getMessage();
        }
    }
    /**
     * Edit an existing platform in the database.
     *
     * @param int $platform_id The ID of the platform to update.
     * @param array $updatedPlatform An associative array containing the updated platform details:
     *                               - `name` (string): The updated name of the platform.
     *                               - `jitsi_url` (string): The updated Jitsi URL.
     *                               - `jilo_database` (string): The updated Jilo database name.
     *
     * @return bool|string True if the platform was updated successfully, or an error message on failure.
     */
    public function editPlatform($platform_id, $updatedPlatform) {
        try {
            $sql = 'UPDATE platform SET
                        name = :name,
                        jitsi_url = :jitsi_url,
                        jilo_database = :jilo_database
                    WHERE
                        id = :platform_id';
            $query = $this->db->prepare($sql);
            $query->execute([
                ':name'			=> $updatedPlatform['name'],
                ':jitsi_url'		=> $updatedPlatform['jitsi_url'],
                ':jilo_database'	=> $updatedPlatform['jilo_database'],
                ':platform_id'		=> $platform_id,
            ]);
            return true;
        } catch (Exception $e) {
            return $e->getMessage();
        }
    }
    /**
     * Delete a platform from the database.
     *
     * @param int $platform_id The ID of the platform to delete.
     *
     * @return bool|string True if the platform was deleted successfully, or an error message on failure.
     */
    public function deletePlatform($platform_id) {
        try {
            $this->db->beginTransaction();
            // First, get all hosts in this platform
            $sql = 'SELECT id FROM host WHERE platform_id = :platform_id';
            $query = $this->db->prepare($sql);
            $query->bindParam(':platform_id', $platform_id);
            $query->execute();
            $hosts = $query->fetchAll(PDO::FETCH_ASSOC);
            // Delete all agents for each host
            foreach ($hosts as $host) {
                $sql = 'DELETE FROM jilo_agent WHERE host_id = :host_id';
                $query = $this->db->prepare($sql);
                $query->bindParam(':host_id', $host['id']);
                $query->execute();
            }
            // Delete all hosts in this platform
            $sql = 'DELETE FROM host WHERE platform_id = :platform_id';
            $query = $this->db->prepare($sql);
            $query->bindParam(':platform_id', $platform_id);
            $query->execute();
            // Finally, delete the platform
            $sql = 'DELETE FROM platform WHERE id = :platform_id';
            $query = $this->db->prepare($sql);
            $query->bindParam(':platform_id', $platform_id);
            $query->execute();
            $this->db->commit();
            return true;
        } catch (Exception $e) {
            $this->db->rollBack();
            return $e->getMessage();
        }
    }
 }
--- a/app/classes/ratelimiter.php
+++ b/app/classes/ratelimiter.php
@ -0,0 +1,668 @@
 <?php
 use App\Core\NullLogger;
 class RateLimiter {
    public $db;
    private $database;
    /** @var mixed NullLogger (or PSR-3 logger) or plugin Log */
    private $logger;
    public $maxAttempts = 5;           // Maximum login attempts
    public $decayMinutes = 15;         // Time window in minutes
    public $autoBlacklistThreshold = 10; // Attempts before auto-blacklist
    public $autoBlacklistDuration = 24;  // Hours to blacklist for
    public $authRatelimitTable = 'security_rate_auth';  // For rate limiting username/password attempts
    public $pagesRatelimitTable = 'security_rate_page';  // For rate limiting page requests
    public $whitelistTable = 'security_ip_whitelist';  // For whitelisting IPs and network ranges
    public $blacklistTable = 'security_ip_blacklist';  // For blacklisting IPs and network ranges
    private $pageLimits = [
        // Default rate limits per minute
        'default' => 60,
        'admin' => 120,
        'message' => 20,
        'contact' => 30,
        'call' => 30,
        'register' => 5,
        'config' => 10
    ];
    /**
     * @param mixed $database Database object
     * @param mixed $logger Optional NullLogger (or PSR-3 logger) or plugin Log
     */
    public function __construct($database, $logger = null) {
        $this->database = $database;
        $this->db = $database->getConnection();
        // Initialize logger (plugin Log if present or NullLogger otherwise)
        if ($logger !== null) {
            $this->logger = $logger;
        } else {
            global $logObject;
            $this->logger = isset($logObject) && is_object($logObject) && method_exists($logObject, 'info')
                ? $logObject
                : new NullLogger();
        }
        // Initialize database tables
        $this->createTablesIfNotExist();
    }
    // Database preparation
    private function createTablesIfNotExist() {
        // Authentication attempts table
        $sql = "CREATE TABLE IF NOT EXISTS {$this->authRatelimitTable} (
            id int(11) PRIMARY KEY AUTO_INCREMENT,
            ip_address VARCHAR(45) NOT NULL,
            username VARCHAR(255) NOT NULL,
            attempted_at DATETIME DEFAULT CURRENT_TIMESTAMP,
            INDEX idx_ip_username (ip_address, username)
        )";
        $this->db->exec($sql);
        // Pages rate limits table
        $sql = "CREATE TABLE IF NOT EXISTS {$this->pagesRatelimitTable} (
            id int(11) PRIMARY KEY AUTO_INCREMENT,
            ip_address VARCHAR(45) NOT NULL,
            endpoint VARCHAR(255) NOT NULL,
            request_time DATETIME DEFAULT CURRENT_TIMESTAMP,
            INDEX idx_ip_endpoint (ip_address, endpoint),
            INDEX idx_request_time (request_time)
        )";
        $this->db->exec($sql);
        // IP whitelist table
        $sql = "CREATE TABLE IF NOT EXISTS {$this->whitelistTable} (
            id int(11) PRIMARY KEY AUTO_INCREMENT,
            ip_address VARCHAR(45) NOT NULL,
            is_network BOOLEAN DEFAULT FALSE,
            description VARCHAR(255),
            created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
            created_by VARCHAR(255),
            UNIQUE KEY unique_ip (ip_address)
        )";
        $this->db->exec($sql);
        // IP blacklist table
        $sql = "CREATE TABLE IF NOT EXISTS {$this->blacklistTable} (
            id int(11) PRIMARY KEY AUTO_INCREMENT,
            ip_address VARCHAR(45) NOT NULL,
            is_network BOOLEAN DEFAULT FALSE,
            reason VARCHAR(255),
            expiry_time TIMESTAMP NULL,
            created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
            created_by VARCHAR(255),
            UNIQUE KEY unique_ip (ip_address)
        )";
        $this->db->exec($sql);
        // Default IPs to whitelist (local interface and private networks IPs)
        $defaultIps = [
            ['127.0.0.1', false, 'localhost IPv4'],
            ['::1', false, 'localhost IPv6'],
            ['10.0.0.0/8', true, 'Private network (Class A)'],
            ['172.16.0.0/12', true, 'Private network (Class B)'],
            ['192.168.0.0/16', true, 'Private network (Class C)']
        ];
        // Insert default whitelisted IPs if they don't exist
        $stmt = $this->db->prepare("INSERT IGNORE INTO {$this->whitelistTable}
            (ip_address, is_network, description, created_by)
            VALUES (?, ?, ?, 'system')");
        foreach ($defaultIps as $ip) {
            $stmt->execute([$ip[0], $ip[1], $ip[2]]);
        }
        // Insert known malicious networks
        $defaultBlacklist = [
            ['0.0.0.0/8', true, 'Reserved address space - RFC 1122'],
            ['100.64.0.0/10', true, 'Carrier-grade NAT space - RFC 6598'],
            ['192.0.2.0/24', true, 'TEST-NET-1 Documentation space - RFC 5737'],
            ['198.51.100.0/24', true, 'TEST-NET-2 Documentation space - RFC 5737'],
            ['203.0.113.0/24', true, 'TEST-NET-3 Documentation space - RFC 5737']
        ];
        $stmt = $this->db->prepare("INSERT IGNORE INTO {$this->blacklistTable}
            (ip_address, is_network, reason, created_by)
            VALUES (?, ?, ?, 'system')");
        foreach ($defaultBlacklist as $ip) {
            $stmt->execute([$ip[0], $ip[1], $ip[2]]);
        }
    }
    /**
     * Get number of recent login attempts for an IP
     */
    public function getRecentAttempts($ip) {
        $stmt = $this->db->prepare("SELECT COUNT(*) as attempts FROM {$this->authRatelimitTable}
            WHERE ip_address = ? AND attempted_at > DATE_SUB(NOW(), INTERVAL ? MINUTE)");
        $stmt->execute([$ip, $this->decayMinutes]);
        $result = $stmt->fetch(PDO::FETCH_ASSOC);
        return intval($result['attempts']);
    }
    /**
     * Check if an IP is blacklisted
     */
    public function isIpBlacklisted($ip) {
        // First check if IP is explicitly blacklisted or in a blacklisted range
        $stmt = $this->db->prepare("SELECT ip_address, is_network, expiry_time FROM {$this->blacklistTable} WHERE ip_address = ?");
        $stmt->execute([$ip]);
        $row = $stmt->fetch(PDO::FETCH_ASSOC);
        if ($row) {
            // Skip expired entries
            if ($row['expiry_time'] !== null && strtotime($row['expiry_time']) < time()) {
                return false;
            }
            return true;
        }
        // Check network ranges
        $stmt = $this->db->prepare("SELECT ip_address, expiry_time FROM {$this->blacklistTable} WHERE is_network = 1");
        $stmt->execute();
        while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
            // Skip expired entries
            if ($row['expiry_time'] !== null && strtotime($row['expiry_time']) < time()) {
                continue;
            }
            if ($this->ipInRange($ip, $row['ip_address'])) {
                return true;
            }
        }
        return false;
    }
    /**
     * Check if an IP is whitelisted
     */
    public function isIpWhitelisted($ip) {
        // Check exact IP match first
        $stmt = $this->db->prepare("SELECT ip_address FROM {$this->whitelistTable} WHERE ip_address = ?");
        $stmt->execute([$ip]);
        $row = $stmt->fetch(PDO::FETCH_ASSOC);
        if ($row) {
            return true;
        }
        // Only check ranges for IPv4 addresses
        if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
            // Check network ranges
            $stmt = $this->db->prepare("SELECT ip_address FROM {$this->whitelistTable} WHERE is_network = 1");
            $stmt->execute();
            while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
                if ($this->ipInRange($ip, $row['ip_address'])) {
                    return true;
                }
            }
        }
        return false;
    }
    private function ipInRange($ip, $cidr) {
        // Only work with IPv4 addresses
        if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
            return false;
        }
        list($subnet, $bits) = explode('/', $cidr);
        // Make sure subnet is IPv4
        if (!filter_var($subnet, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
            return false;
        }
        $ip = ip2long($ip);
        $subnet = ip2long($subnet);
        $mask = -1 << (32 - $bits);
        $subnet &= $mask;
        return ($ip & $mask) == $subnet;
    }
    // Add to whitelist
    public function addToWhitelist($ip, $isNetwork = false, $description = '', $createdBy = 'system', $userId = null) {
        try {
            // Check if IP is blacklisted first
            if ($this->isIpBlacklisted($ip)) {
                $message = "Cannot whitelist {$ip} - IP is currently blacklisted";
                if ($userId) {
                    $this->logger->log('info', "IP Whitelist: {$message}", ['user_id' => $userId, 'scope' => 'system']);
                    Feedback::flash('ERROR', 'DEFAULT', $message);
                }
                return false;
            }
            $stmt = $this->db->prepare("INSERT INTO {$this->whitelistTable}
                (ip_address, is_network, description, created_by)
                VALUES (?, ?, ?, ?)
                ON DUPLICATE KEY UPDATE
                is_network = VALUES(is_network),
                description = VALUES(description),
                created_by = VALUES(created_by)");
                $result = $stmt->execute([$ip, $isNetwork, $description, $createdBy]);
                if ($result) {
                    $logMessage = sprintf(
                        'IP Whitelist: Added %s "%s" by %s. Description: %s',
                        $isNetwork ? 'network' : 'IP',
                        $ip,
                        $createdBy,
                        $description
                    );
                    $this->logger->log('info', $logMessage, ['user_id' => $userId ?? null, 'scope' => 'system']);
                }
            return $result;
        } catch (Exception $e) {
            if ($userId) {
                $this->logger->log('error', "IP Whitelist: Failed to add {$ip}: " . $e->getMessage(), ['user_id' => $userId, 'scope' => 'system']);
                Feedback::flash('ERROR', 'DEFAULT', "IP Whitelist: Failed to add {$ip}: " . $e->getMessage());
            }
            return false;
        }
    }
    // Remove from whitelist
    public function removeFromWhitelist($ip, $removedBy = 'system', $userId = null) {
        try {
            // Get IP details before removal for logging
            $stmt = $this->db->prepare("SELECT * FROM {$this->whitelistTable} WHERE ip_address = ?");
            $stmt->execute([$ip]);
            $ipDetails = $stmt->fetch(PDO::FETCH_ASSOC);
            // Remove the IP
            $stmt = $this->db->prepare("DELETE FROM {$this->whitelistTable} WHERE ip_address = ?");
            $result = $stmt->execute([$ip]);
            if ($result && $ipDetails) {
                $logMessage = sprintf(
                    'IP Whitelist: Removed %s "%s" by %s. Was added by: %s',
                    $ipDetails['is_network'] ? 'network' : 'IP',
                    $ip,
                    $removedBy,
                    $ipDetails['created_by']
                );
                $this->logger->log('info', $logMessage, ['user_id' => $userId ?? null, 'scope' => 'system']);
            }
            return $result;
        } catch (Exception $e) {
            if ($userId) {
                $this->logger->log('error', "IP Whitelist: Failed to remove {$ip}: " . $e->getMessage(), ['user_id' => $userId, 'scope' => 'system']);
                Feedback::flash('ERROR', 'DEFAULT', "IP Whitelist: Failed to remove {$ip}: " . $e->getMessage());
            }
            return false;
        }
    }
    public function addToBlacklist($ip, $isNetwork = false, $reason = '', $createdBy = 'system', $userId = null, $expiryHours = null) {
        try {
            // Check if IP is whitelisted first
            if ($this->isIpWhitelisted($ip)) {
                $message = "Cannot blacklist {$ip} - IP is currently whitelisted";
                if ($userId) {
                    $this->logger->log('info', "IP Blacklist: {$message}", ['user_id' => $userId, 'scope' => 'system']);
                    Feedback::flash('ERROR', 'DEFAULT', $message);
                }
                return false;
            }
            $expiryTime = $expiryHours ? date('Y-m-d H:i:s', strtotime("+{$expiryHours} hours")) : null;
            $stmt = $this->db->prepare("INSERT INTO {$this->blacklistTable}
                (ip_address, is_network, reason, expiry_time, created_by)
                VALUES (?, ?, ?, ?, ?)
                ON DUPLICATE KEY UPDATE
                is_network = VALUES(is_network),
                reason = VALUES(reason),
                expiry_time = VALUES(expiry_time),
                created_by = VALUES(created_by)");
            $result = $stmt->execute([$ip, $isNetwork, $reason, $expiryTime, $createdBy]);
            if ($result) {
                $logMessage = sprintf(
                    'IP Blacklist: Added %s "%s" by %s. Reason: %s. Expires: %s',
                    $isNetwork ? 'network' : 'IP',
                    $ip,
                    $createdBy,
                    $reason,
                    $expiryTime ?? 'never'
                );
                $this->logger->log('info', $logMessage, ['user_id' => $userId ?? null, 'scope' => 'system']);
            }
            return $result;
        } catch (Exception $e) {
            if ($userId) {
                $this->logger->log('error', "IP Blacklist: Failed to add {$ip}: " . $e->getMessage(), ['user_id' => $userId, 'scope' => 'system']);
                Feedback::flash('ERROR', 'DEFAULT', "IP Blacklist: Failed to add {$ip}: " . $e->getMessage());
            }
            return false;
        }
    }
    public function removeFromBlacklist($ip, $removedBy = 'system', $userId = null) {
        try {
            // Get IP details before removal for logging
            $stmt = $this->db->prepare("SELECT * FROM {$this->blacklistTable} WHERE ip_address = ?");
            $stmt->execute([$ip]);
            $ipDetails = $stmt->fetch(PDO::FETCH_ASSOC);
            // Remove the IP
            $stmt = $this->db->prepare("DELETE FROM {$this->blacklistTable} WHERE ip_address = ?");
            $result = $stmt->execute([$ip]);
            if ($result && $ipDetails) {
                $logMessage = sprintf(
                    'IP Blacklist: Removed %s "%s" by %s. Was added by: %s. Reason was: %s',
                    $ipDetails['is_network'] ? 'network' : 'IP',
                    $ip,
                    $removedBy,
                    $ipDetails['created_by'],
                    $ipDetails['reason']
                );
                $this->logger->log('info', $logMessage, ['user_id' => $userId ?? null, 'scope' => 'system']);
            }
            return $result;
        } catch (Exception $e) {
            if ($userId) {
                $this->logger->log('error', "IP Blacklist: Failed to remove {$ip}: " . $e->getMessage(), ['user_id' => $userId, 'scope' => 'system']);
                Feedback::flash('ERROR', 'DEFAULT', "IP Blacklist: Failed to remove {$ip}: " . $e->getMessage());
            }
            return false;
        }
    }
    public function getWhitelistedIps() {
        $stmt = $this->db->prepare("SELECT * FROM {$this->whitelistTable} ORDER BY created_at DESC");
        $stmt->execute();
        return $stmt->fetchAll(PDO::FETCH_ASSOC);
    }
    public function getBlacklistedIps() {
        $stmt = $this->db->prepare("SELECT * FROM {$this->blacklistTable} ORDER BY created_at DESC");
        $stmt->execute();
        return $stmt->fetchAll(PDO::FETCH_ASSOC);
    }
    public function cleanupExpiredEntries() {
        try {
            // Remove expired blacklist entries
            $stmt = $this->db->prepare("DELETE FROM {$this->blacklistTable}
                WHERE expiry_time IS NOT NULL AND expiry_time < NOW()");
            $stmt->execute();
            // Clean old login attempts
            $stmt = $this->db->prepare("DELETE FROM {$this->authRatelimitTable}
                WHERE attempted_at < DATE_SUB(NOW(), INTERVAL :minutes MINUTE)");
            $stmt->execute([':minutes' => $this->decayMinutes]);
            return true;
        } catch (Exception $e) {
            $this->logger->log('error', "Failed to cleanup expired entries: " . $e->getMessage(), ['user_id' => $userId ?? null, 'scope' => 'system']);
            Feedback::flash('ERROR', 'DEFAULT', "Failed to cleanup expired entries: " . $e->getMessage());
            return false;
        }
    }
    public function isAllowed($username, $ipAddress) {
        // First check if IP is blacklisted
        if ($this->isIpBlacklisted($ipAddress)) {
            return false;
        }
        // Then check if IP is whitelisted
        if ($this->isIpWhitelisted($ipAddress)) {
            return true;
        }
        // Clean old attempts
        $this->clearOldAttempts();
        // Check if we've hit the rate limit
        if ($this->tooManyAttempts($username, $ipAddress)) {
            return false;
        }
        // Check total attempts across all usernames from this IP
        $sql = "SELECT COUNT(*) as total_attempts
                FROM {$this->authRatelimitTable}
                WHERE ip_address = :ip
                AND attempted_at > DATE_SUB(NOW(), INTERVAL :minutes MINUTE)";
        $stmt = $this->db->prepare($sql);
        $stmt->execute([
            ':ip'      => $ipAddress,
            ':minutes' => $this->decayMinutes
        ]);
        $result = $stmt->fetch(PDO::FETCH_ASSOC);
        // Check if we would hit auto-blacklist threshold
        return $result['total_attempts'] < $this->autoBlacklistThreshold;
    }
    public function attempt($username, $ipAddress, $failed = true) {
        // Only record failed attempts
        if (!$failed) {
            return true;
        }
        // Record this attempt
        $sql = "INSERT INTO {$this->authRatelimitTable} (ip_address, username) VALUES (:ip, :username)";
        $stmt = $this->db->prepare($sql);
        try {
            $stmt->execute([
                ':ip'           => $ipAddress,
                ':username'     => $username
            ]);
        } catch (PDOException $e) {
            return false;
        }
        return true;
    }
    public function tooManyAttempts($username, $ipAddress) {
        $sql = "SELECT COUNT(*) as attempts
                FROM {$this->authRatelimitTable}
                WHERE ip_address = :ip
                AND username = :username
                AND attempted_at > DATE_SUB(NOW(), INTERVAL :minutes MINUTE)";
        $stmt = $this->db->prepare($sql);
        $stmt->execute([
            ':ip'           => $ipAddress,
            ':username'     => $username,
            ':minutes'      => $this->decayMinutes
        ]);
        $result = $stmt->fetch(PDO::FETCH_ASSOC);
        // Also check what's in the table
        $sql = "SELECT * FROM {$this->authRatelimitTable} WHERE ip_address = :ip";
        $stmt = $this->db->prepare($sql);
        $stmt->execute([':ip' => $ipAddress]);
        $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
        $tooMany = $result['attempts'] >= $this->maxAttempts;
        // Auto-blacklist if too many attempts
        if ($tooMany) {
            $this->addToBlacklist(
                $ipAddress,
                false,
                'Auto-blacklisted due to excessive login attempts',
                'system',
                null,
                $this->autoBlacklistDuration
            );
        }
        return $tooMany;
    }
    public function clearOldAttempts() {
        $sql = "DELETE FROM {$this->authRatelimitTable}
                WHERE attempted_at < DATE_SUB(NOW(), INTERVAL :minutes MINUTE)";
        $stmt = $this->db->prepare($sql);
        $stmt->execute([
            ':minutes'      => $this->decayMinutes
        ]);
    }
    public function getRemainingAttempts($username, $ipAddress) {
        $sql = "SELECT COUNT(*) as attempts
                FROM {$this->authRatelimitTable}
                WHERE ip_address = :ip
                AND username = :username
                AND attempted_at > DATE_SUB(NOW(), INTERVAL :minutes MINUTE)";
        $stmt = $this->db->prepare($sql);
        $stmt->execute([
            ':ip'           => $ipAddress,
            ':username'     => $username,
            ':minutes'      => $this->decayMinutes
        ]);
        $result = $stmt->fetch(PDO::FETCH_ASSOC);
        return max(0, $this->maxAttempts - $result['attempts']);
    }
    public function getDecayMinutes() {
        return $this->decayMinutes;
    }
    /**
     * Check if a page request is allowed
     */
    public function isPageRequestAllowed($ipAddress, $endpoint, $userId = null) {
        // First check if IP is blacklisted
        if ($this->isIpBlacklisted($ipAddress)) {
            return false;
        }
        // Then check if IP is whitelisted
        if ($this->isIpWhitelisted($ipAddress)) {
            return true;
        }
        // Clean old requests
        $this->cleanOldPageRequests();
        // Get limit based on endpoint type and user role
        $limit = $this->getPageLimitForEndpoint($endpoint, $userId);
        // Count recent requests, including this one
        $sql = "SELECT COUNT(*) as request_count
                FROM {$this->pagesRatelimitTable}
                WHERE ip_address = :ip
                AND endpoint = :endpoint
                AND request_time >= DATE_SUB(NOW(), INTERVAL 1 MINUTE)";
        $stmt = $this->db->prepare($sql);
        $stmt->execute([
            ':ip' => $ipAddress,
            ':endpoint' => $endpoint
        ]);
        $result = $stmt->fetch(PDO::FETCH_ASSOC);
        return $result['request_count'] < $limit;
    }
    /**
     * Record a page request
     */
    public function recordPageRequest($ipAddress, $endpoint) {
        $sql = "INSERT INTO {$this->pagesRatelimitTable} (ip_address, endpoint)
                VALUES (:ip, :endpoint)";
        $stmt = $this->db->prepare($sql);
        return $stmt->execute([
            ':ip' => $ipAddress,
            ':endpoint' => $endpoint
        ]);
    }
    /**
     * Clean old page requests
     */
    private function cleanOldPageRequests() {
        $sql = "DELETE FROM {$this->pagesRatelimitTable}
                WHERE request_time < DATE_SUB(NOW(), INTERVAL 1 MINUTE)";
        $stmt = $this->db->prepare($sql);
        $stmt->execute();
    }
    /**
     * Get page rate limit for endpoint
     */
    private function getPageLimitForEndpoint($endpoint, $userId = null) {
        // Admin users get higher limits
        if ($userId) {
            // Check admin rights directly from database
            $stmt = $this->db->prepare('SELECT COUNT(*) FROM `user_right` ur JOIN `right` r ON ur.right_id = r.id WHERE ur.user_id = ? AND r.name = ?');
            $stmt->execute([$userId, 'superuser']);
            if ($stmt->fetchColumn() > 0) {
                return $this->pageLimits['admin'];
            }
        }
        // Get endpoint type from the endpoint path
        $endpointType = $this->getEndpointType($endpoint);
        // Return specific limit if exists, otherwise default
        return isset($this->pageLimits[$endpointType])
            ? $this->pageLimits[$endpointType]
            : $this->pageLimits['default'];
    }
    /**
     * Get endpoint type from path
     */
    private function getEndpointType($endpoint) {
        if (strpos($endpoint, 'message') !== false) return 'message';
        if (strpos($endpoint, 'contact') !== false) return 'contact';
        if (strpos($endpoint, 'call') !== false) return 'call';
        if (strpos($endpoint, 'register') !== false) return 'register';
        if (strpos($endpoint, 'config') !== false) return 'config';
        return 'default';
    }
    /**
     * Get remaining page requests
     */
    public function getRemainingPageRequests($ipAddress, $endpoint, $userId = null) {
        $limit = $this->getPageLimitForEndpoint($endpoint, $userId);
        $sql = "SELECT COUNT(*) as request_count
                FROM {$this->pagesRatelimitTable}
                WHERE ip_address = :ip
                AND endpoint = :endpoint
                AND request_time > DATE_SUB(NOW(), INTERVAL 1 MINUTE)";
        $stmt = $this->db->prepare($sql);
        $stmt->execute([
            ':ip' => $ipAddress,
            ':endpoint' => $endpoint
        ]);
        $result = $stmt->fetch(PDO::FETCH_ASSOC);
        return max(0, $limit - $result['request_count']);
    }
 }
--- a/app/classes/router.php
+++ b/app/classes/router.php
@ -1,20 +1,46 @@
 <?php
 /**
 * class Router
 *
 * A simple Router class to manage URL-to-callback mapping and dispatch requests to the appropriate controllers and methods.
 * The class supports defining routes, matching URLs against patterns, and invoking callbacks for matched routes.
 */
 class Router {
-
+    /**
     * @var array $routes Associative array of route patterns and their corresponding callbacks.
     */
    private $routes = [];
-    public function add() {
+
    /**
     * Adds a new route to the router.
     *
     * @param string $pattern  The URL pattern to match (regular expression).
     * @param string $callback The callback for the route in the format "Controller@Method".
     *
     * @return void
     */
    public function add($pattern, $callback) {
        $this->routes[$pattern] = $callback;
    }
    /**
     * Dispatches a request to the appropriate route callback.
     *
     * @param string $url The URL to match against the defined routes.
     *
     * @return void Outputs the result of the invoked callback or a 404 error if no route matches.
     */
    public function dispatch($url) {
-        // remove variables from url
+        // remove query string variables from url
        $url = strtok($url, '?');
        foreach ($this->routes as $pattern => $callback) {
            // check if the URL matches the current route pattern
            if (preg_match('#^' . $pattern . '$#', $url, $matches)) {
-                // move any exact match
+                // remove the exact match to extrat parameters
                array_shift($matches);
                return $this->invoke($callback, $matches);
            }
@ -25,14 +51,35 @@ class Router {
        echo '404 page not found';
    }
    /**
     * Invokes the callback for a matched route.
     *
     * @param string $callback The callback for the route in the format "Controller@Method".
     * @param array  $params   Parameters extracted from the route pattern.
     *
     * @return void Executes the specified method on the specified controller with the provided parameters.
     *
     * @throws Exception If the controller class or method does not exist.
     */
    private function invoke($callback, $params) {
        list($controllerName, $methodName) = explode('@', $callback);
-//        $controllerClass = "\\App\\Controllers\\$controllerName";
+        $controllerClass = "../pages/$controllerName";
-        $controllerClass = "../pages/$pageName";
+
        // ensure the controller class exists
        if (!class_exists($controllerClass)) {
            throw new Exception("Controller '$controllerClass' not found.");
        }
        $controller = new $controllerClass();
        // ensure the method exists on the controller
        if (!method_exists($controller, $methodName)) {
            throw new Exception("Method '$methodName' not found in controller '$controllerClass'.");
        }
        // call the controller's method with the parameters
        call_user_func_array([$controller, $methodName], $params);
    }
 }
 ?>
--- a/app/classes/server.php
+++ b/app/classes/server.php
@ -0,0 +1,54 @@
 <?php
 /**
 * class Server
 *
 * Handles server-related operations, including retrieving server status.
 */
 class Server {
    /**
     * @var PDO|null $db The database connection instance.
     */
    private $db;
    /**
     * Server constructor.
     * Initializes the database connection.
     *
     * @param object $database The database object to initialize the connection.
     */
    public function __construct($database) {
        $this->db = $database->getConnection();
    }
    /**
     * Checks the status of a Jilo server by sending a GET request to its health endpoint.
     *
     * @param string $host The server hostname or IP address (default: '127.0.0.1').
     * @param int $port The port on which the server is running (default: 8080).
     * @param string $endpoint The health check endpoint path (default: '/health').
     *
     * @return bool True if the server returns a 200 OK status, otherwise false.
     */
    public function getServerStatus($host = '127.0.0.1', $port = 8080, $endpoint = '/health') {
        $url = "http://$host:$port$endpoint";
        $options = [
            'http' => [
                'method'    => 'GET',
                'timeout'   => 3,
            ],
        ];
        $context = stream_context_create($options);
        $response = @file_get_contents($url, false, $context);
        // We check the response if it's 200 OK
        if ($response !== false && isset($http_response_header) && strpos($http_response_header[0], '200 OK') !== false) {
            return true;
        }
        // If it's not 200 OK
        return false;
    }
 }
--- a/app/classes/session.php
+++ b/app/classes/session.php
@ -0,0 +1,265 @@
 <?php
 /**
 * Session Class
 *
 * Core session management functionality for the application
 */
 class Session {
    private static $initialized = false;
    private static $sessionName = ''; // Will be set from config, if not we'll have a random session name
    /**
     * Generate a random session name
     */
    private static function generateRandomSessionName(): string {
        return 'sess_' . bin2hex(random_bytes(8)); // 16-character random string
    }
    private static $sessionOptions = [
        'cookie_httponly' => 1,
        'cookie_secure' => 1,
        'cookie_samesite' => 'Strict',
        'gc_maxlifetime' => 7200 // 2 hours
    ];
    /**
     * Initialize session configuration
     */
    private static function initialize() {
        if (self::$initialized) {
            return;
        }
        global $config;
        // Get session name from config or generate a random one
        self::$sessionName = $config['session']['name'] ?? self::generateRandomSessionName();
        // Set session name before starting the session
        session_name(self::$sessionName);
        // Set session cookie parameters
        $thisPath = $config['folder'] ?? '/';
        $thisDomain = $config['domain'] ?? '';
        $isSecure = isset($_SERVER['HTTPS']);
        session_set_cookie_params([
            'lifetime' => 0, // Session cookie (browser session)
            'path' => $thisPath,
            'domain' => $thisDomain,
            'secure' => $isSecure,
            'httponly' => true,
            'samesite' => 'Strict'
        ]);
        self::$initialized = true;
    }
    /**
     * Get session name from config or generate a random one
     */
    private static function getSessionNameFromConfig($config) {
        if (isset($config['session']['name']) && !empty($config['session']['name'])) {
            return $config['session']['name'];
        }
        return self::generateRandomSessionName();
    }
    /**
     * Start or resume a session with secure options
     */
    public static function startSession() {
        self::initialize();
        if (session_status() === PHP_SESSION_NONE) {
            if (!headers_sent()) {
                session_start(self::$sessionOptions);
            }
        }
    }
    /**
     * Destroy current session and clean up
     */
    public static function destroySession() {
        if (session_status() === PHP_SESSION_ACTIVE) {
            session_unset();
            session_destroy();
        }
    }
    /**
     * Get current username if set
     */
    public static function getUsername() {
        return isset($_SESSION['username']) ? htmlspecialchars($_SESSION['username']) : null;
    }
    /**
     * Get current user ID if set
     */
    public static function getUserId() {
        return isset($_SESSION['user_id']) ? (int)$_SESSION['user_id'] : null;
    }
    /**
     * Check if current session is valid
     *
     * @param bool $strict If true, will return false for new/unauthenticated sessions
     * @return bool True if session is valid, false otherwise
     */
    public static function isValidSession($strict = true) {
        // If session is not started or empty, it's not valid
        if (session_status() !== PHP_SESSION_ACTIVE || empty($_SESSION)) {
            return false;
        }
        // In non-strict mode, consider empty session as valid (for login/logout)
        if (!$strict && !isset($_SESSION['user_id']) && !isset($_SESSION['username'])) {
            return true;
        }
        // In strict mode, require user_id and username
        if ($strict && (!isset($_SESSION['user_id']) || !isset($_SESSION['username']))) {
            return false;
        }
        // Check session timeout
        $session_timeout = isset($_SESSION['REMEMBER_ME']) ? (30 * 24 * 60 * 60) : 7200; // 30 days or 2 hours
        if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > $session_timeout)) {
            return false;
        }
        // Update last activity time
        $_SESSION['LAST_ACTIVITY'] = time();
        // Regenerate session ID periodically (every 30 minutes)
        if (!isset($_SESSION['CREATED'])) {
            $_SESSION['CREATED'] = time();
        } else if (time() - $_SESSION['CREATED'] > 1800) {
            // Regenerate session ID and update creation time
            if (!headers_sent() && session_status() === PHP_SESSION_ACTIVE) {
                $oldData = $_SESSION;
                session_regenerate_id(true);
                $_SESSION = $oldData;
                $_SESSION['CREATED'] = time();
            }
        }
        return true;
    }
    /**
     * Set remember me option for extended session
     */
    public static function setRememberMe($value = true) {
        $_SESSION['REMEMBER_ME'] = $value;
    }
    /**
     * Clear session data and cookies
     */
    public static function cleanup($config) {
        self::destroySession();
        // Clear cookies if headers not sent
        if (!headers_sent()) {
            setcookie('username', '', [
                'expires' => time() - 3600,
                'path' => $config['folder'],
                'domain' => $config['domain'],
                'secure' => isset($_SERVER['HTTPS']),
                'httponly' => true,
                'samesite' => 'Strict'
            ]);
        }
        // Start fresh session
        self::startSession();
        // Reset session timeout flag
        unset($_SESSION['session_timeout_shown']);
    }
    /**
     * Create a new authenticated session for a user
     */
    public static function createAuthSession($userId, $username, $rememberMe, $config) {
        // Ensure session is started
        self::startSession();
        // Set session variables
        $_SESSION['user_id'] = $userId;
        $_SESSION['username'] = $username;
        $_SESSION['LAST_ACTIVITY'] = time();
        $_SESSION['REMEMBER_ME'] = $rememberMe;
        // Set cookie lifetime based on remember me
        $cookieLifetime = $rememberMe ? time() + (30 * 24 * 60 * 60) : 0;
        // Update session cookie with remember me setting
        if (!headers_sent()) {
            setcookie(
                session_name(),
                session_id(),
                [
                    'expires' => $cookieLifetime,
                    'path' => $config['folder'] ?? '/',
                    'domain' => $config['domain'] ?? '',
                    'secure' => isset($_SERVER['HTTPS']),
                    'httponly' => true,
                    'samesite' => 'Strict'
                ]
            );
            // Set username cookie
            setcookie('username', $username, [
                'expires' => $cookieLifetime,
                'path' => $config['folder'] ?? '/',
                'domain' => $config['domain'] ?? '',
                'secure' => isset($_SERVER['HTTPS']),
                'httponly' => true,
                'samesite' => 'Strict'
            ]);
        }
        if ($rememberMe) {
            self::setRememberMe(true);
        }
    }
    /**
     * Store 2FA pending information in session
     */
    public static function store2FAPending($userId, $username, $rememberMe = false) {
        $_SESSION['2fa_pending_user_id'] = $userId;
        $_SESSION['2fa_pending_username'] = $username;
        if ($rememberMe) {
            $_SESSION['2fa_pending_remember'] = true;
        }
    }
    /**
     * Clear 2FA pending information from session
     */
    public static function clear2FAPending() {
        unset($_SESSION['2fa_pending_user_id']);
        unset($_SESSION['2fa_pending_username']);
        unset($_SESSION['2fa_pending_remember']);
    }
    /**
     * Get 2FA pending information
     */
    public static function get2FAPending() {
        if (!isset($_SESSION['2fa_pending_user_id']) || !isset($_SESSION['2fa_pending_username'])) {
            return null;
        }
        return [
            'user_id' => $_SESSION['2fa_pending_user_id'],
            'username' => $_SESSION['2fa_pending_username'],
            'remember_me' => isset($_SESSION['2fa_pending_remember'])
        ];
    }
 }
--- a/app/classes/settings.php
+++ b/app/classes/settings.php
@ -0,0 +1,97 @@
 <?php
 /**
 * class Settings
 *
 * Handles editing and fetching jilo configuration.
 */
 class Settings {
    /**
     * Loads javascript file the Jitsi server.
     *
     * @param string $jitsiUrl The base URL of the Jitsi server.
     * @param string $livejsFile The name of the remote js file to load.
     * @param bool $raw Whether to return the full file (true) or only uncommented values (false).
     *
     * @return string The content of the interface_config.js file or an error message.
     */
    public function getPlatformJsFile($jitsiUrl, $livejsFile, $raw = false) {
        // constructing the URL
        $jsFile = $jitsiUrl . '/' . $livejsFile;
        // default content, if we can't get the file contents
        $jsFileContent = "The file $livejsFile can't be loaded.";
        // Check if URL is valid
        if (!filter_var($jsFile, FILTER_VALIDATE_URL)) {
            return "Invalid URL: $jsFile";
        }
        // ssl options
        $contextOptions = [
            'ssl' => [
                'verify_peer'		=> true,
                'verify_peer_name'	=> true,
            ],
        ];
        $context = stream_context_create($contextOptions);
        // Try to get headers first to check if file exists and wasn't redirected
        $headers = @get_headers($jsFile, 1);  // 1 to get headers as array
        if ($headers === false) {
            return "The file $livejsFile can't be loaded (connection error).";
        }
        // Check for redirects
        $statusLine = $headers[0];
        if (strpos($statusLine, '301') !== false || strpos($statusLine, '302') !== false) {
            return "The file $livejsFile was redirected - this might indicate the file doesn't exist.";
        }
        // Check if we got 200 OK
        if (strpos($statusLine, '200') === false) {
            return "The file $livejsFile can't be loaded (HTTP error: $statusLine).";
        }
        // Check content type
        $contentType = isset($headers['Content-Type']) ? $headers['Content-Type'] : '';
        if (is_array($contentType)) {
            $contentType = end($contentType); // get last content-type in case of redirects
        }
        if (stripos($contentType, 'javascript') === false && stripos($contentType, 'text/plain') === false) {
            return "The file $livejsFile doesn't appear to be a JavaScript file (got $contentType).";
        }
        // get the file
        $fileContent = @file_get_contents($jsFile, false, $context);
        if ($fileContent !== false) {
            // Quick validation of content
            $firstLine = strtolower(trim(substr($fileContent, 0, 100)));
            if (strpos($firstLine, '<!doctype html>') !== false || 
                strpos($firstLine, '<html') !== false || 
                strpos($firstLine, '<?xml') !== false) {
                return "The file $livejsFile appears to be HTML/XML content instead of JavaScript.";
            }
            // when we need only uncommented values
            if ($raw === false) {
                // remove block comments
                $jsFileContent = preg_replace('!/\*.*?\*/!s', '', $fileContent);
                // remove single-line comments
                $jsFileContent = preg_replace('/\/\/[^\n]*/', '', $jsFileContent);
                // remove empty lines
                $jsFileContent = preg_replace('/^\s*[\r\n]/m', '', $jsFileContent);
            // when we need the full file as it is
            } else {
                $jsFileContent = $fileContent;
            }
        }
        return $jsFileContent;
    }
 }
--- a/app/classes/twoFactorAuth.php
+++ b/app/classes/twoFactorAuth.php
@ -0,0 +1,420 @@
 <?php
 /**
 * Class TwoFactorAuthentication
 *
 * Handles two-factor authentication functionality using TOTP (Time-based One-Time Password).
 * Internal implementation without external dependencies.
 */
 class TwoFactorAuthentication {
    private $db;
    private $secretLength = 20; // 160 bits for SHA1
    private $period = 30;       // Time step in seconds (T0)
    private $digits = 6;        // Number of digits in TOTP code
    private $algorithm = 'sha1'; // HMAC algorithm
    private $issuer = 'TotalMeet';
    private $window = 1;        // Time window of 1 step before/after
    /**
     * Constructor
     *
     * @param PDO $database Database connection
     */
    public function __construct($database) {
        if ($database instanceof PDO) {
            $this->db = $database;
        } else {
            $this->db = $database->getConnection();
        }
    }
    /**
     * Enable 2FA for a user
     *
     * @param int $userId User ID
     * @param string $secret Secret key (base32 encoded)
     * @param string $code Verification code
     * @return bool True if enabled successfully
     */
    public function enable($userId, $secret = null, $code = null) {
        try {
            // Check if 2FA is already enabled
            $stmt = $this->db->prepare('SELECT enabled FROM user_2fa WHERE user_id = ?');
            $stmt->execute([$userId]);
            $existing = $stmt->fetch(PDO::FETCH_ASSOC);
            if ($existing && $existing['enabled']) {
                return false;
            }
            // If no secret provided, generate one and return setup data
            if ($secret === null) {
                // Generate secret key
                $secret = $this->generateSecret();
                // Get user's username for the QR code
                $stmt = $this->db->prepare('SELECT username FROM user WHERE id = ?');
                $stmt->execute([$userId]);
                $user = $stmt->fetch(PDO::FETCH_ASSOC);
                // Generate backup codes
                $backupCodes = $this->generateBackupCodes();
                // Store in database without enabling yet
                $this->db->beginTransaction();
                $stmt = $this->db->prepare('
                    INSERT INTO user_2fa (user_id, secret_key, backup_codes, enabled, created_at)
                    VALUES (?, ?, ?, 0, NOW())
                    ON DUPLICATE KEY UPDATE
                        secret_key = VALUES(secret_key),
                        backup_codes = VALUES(backup_codes),
                        enabled = VALUES(enabled),
                        created_at = VALUES(created_at)
                ');
                $stmt->execute([
                    $userId,
                    $secret,
                    json_encode($backupCodes)
                ]);
                $this->db->commit();
                // Generate otpauth URL for QR code
                $otpauthUrl = $this->generateOtpauthUrl($user['username'], $secret);
                return [
                    'success' => true,
                    'data' => [
                        'secret' => $secret,
                        'otpauthUrl' => $otpauthUrl,
                        'backupCodes' => $backupCodes
                    ]
                ];
            }
            // If secret and code provided, verify the code and enable 2FA
            if ($code !== null) {
                // Verify the setup code
                if (!$this->verify($userId, $code)) {
                    error_log("Code verification failed");
                    return false;
                }
                // Enable 2FA
                $stmt = $this->db->prepare('
                    UPDATE user_2fa
                    SET enabled = 1
                    WHERE user_id = ? AND secret_key = ?
                ');
                return $stmt->execute([$userId, $secret]);
            }
            return false;
        } catch (Exception $e) {
            if ($this->db->inTransaction()) {
                $this->db->rollBack();
            }
            error_log('2FA enable error: ' . $e->getMessage());
            return false;
        }
    }
    /**
     * Verify a 2FA code
     *
     * @param int $userId User ID
     * @param string $code The verification code
     * @return bool True if verified, false otherwise
     */
    public function verify($userId, $code) {
        try {
            // Get user's 2FA settings
            $settings = $this->getUserSettings($userId);
            if (!$settings) {
                return false;
            }
            // Check if code matches a backup code
            if ($this->verifyBackupCode($userId, $code)) {
                return true;
            }
            // Get current Unix timestamp
            $currentTime = time();
            // Check time window
            for ($timeSlot = -$this->window; $timeSlot <= $this->window; $timeSlot++) {
                $checkTime = $currentTime + ($timeSlot * $this->period);
                $generatedCode = $this->generateCode($settings['secret_key'], $checkTime);
                if (hash_equals($generatedCode, $code)) {
                    return true;
                }
            }
            return false;
        } catch (Exception $e) {
            error_log('2FA verification error: ' . $e->getMessage());
            return false;
        }
    }
    /**
     * Generate a random secret key
     *
     * @return string Base32 encoded secret
     */
    private function generateSecret() {
        // Generate random bytes (160 bits for SHA1)
        $random = random_bytes($this->secretLength);
        return $this->base32Encode($random);
    }
    /**
     * Base32 encode data
     *
     * @param string $data Data to encode
     * @return string Base32 encoded string
     */
    private function base32Encode($data) {
        $alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
        $binary = '';
        $encoded = '';
        // Convert to binary
        for ($i = 0; $i < strlen($data); $i++) {
            $binary .= str_pad(decbin(ord($data[$i])), 8, '0', STR_PAD_LEFT);
        }
        // Process 5 bits at a time
        for ($i = 0; $i < strlen($binary); $i += 5) {
            $chunk = substr($binary, $i, 5);
            if (strlen($chunk) < 5) {
                $chunk = str_pad($chunk, 5, '0', STR_PAD_RIGHT);
            }
            $encoded .= $alphabet[bindec($chunk)];
        }
        // Add padding
        $padding = strlen($encoded) % 8;
        if ($padding > 0) {
            $encoded .= str_repeat('=', 8 - $padding);
        }
        return $encoded;
    }
    /**
     * Base32 decode data
     *
     * @param string $data Base32 encoded string
     * @return string Decoded data
     */
    private function base32Decode($data) {
        $alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567';
        // Remove padding and uppercase
        $data = rtrim(strtoupper($data), '=');
        $binary = '';
        // Convert to binary
        for ($i = 0; $i < strlen($data); $i++) {
            $position = strpos($alphabet, $data[$i]);
            if ($position === false) {
                continue;
            }
            $binary .= str_pad(decbin($position), 5, '0', STR_PAD_LEFT);
        }
        $decoded = '';
        // Process 8 bits at a time
        for ($i = 0; $i + 7 < strlen($binary); $i += 8) {
            $chunk = substr($binary, $i, 8);
            $decoded .= chr(bindec($chunk));
        }
        return $decoded;
    }
    /**
     * Generate a TOTP code for a given secret and time
     * RFC 6238 compliant implementation
     */
    private function generateCode($secret, $time) {
        // Calculate number of time steps since Unix epoch
        $timeStep = (int)floor($time / $this->period);
        // Pack time into 8 bytes (64-bit big-endian)
        $timeBin = pack('J', $timeStep);
        // Clean secret of any padding
        $secret = rtrim($secret, '=');
        // Get binary secret
        $secretBin = $this->base32Decode($secret);
        // Calculate HMAC
        $hash = hash_hmac($this->algorithm, $timeBin, $secretBin, true);
        // Get dynamic truncation offset
        $offset = ord($hash[strlen($hash) - 1]) & 0xF;
        // Generate 31-bit number
        $code = (
            ((ord($hash[$offset]) & 0x7F) << 24) |
            ((ord($hash[$offset + 1]) & 0xFF) << 16) |
            ((ord($hash[$offset + 2]) & 0xFF) << 8) |
            (ord($hash[$offset + 3]) & 0xFF)
        ) % pow(10, $this->digits);
        $code = str_pad($code, $this->digits, '0', STR_PAD_LEFT);
        return $code;
    }
    /**
     * Generate otpauth URL for QR codes
     * Format: otpauth://totp/ISSUER:ACCOUNT?secret=SECRET&issuer=ISSUER&algorithm=ALGORITHM&digits=DIGITS&period=PERIOD
     */
    private function generateOtpauthUrl($username, $secret) {
        $params = [
            'secret' => $secret,
            'issuer' => $this->issuer,
            'algorithm' => strtoupper($this->algorithm),
            'digits' => $this->digits,
            'period' => $this->period
        ];
        return sprintf(
            'otpauth://totp/%s:%s?%s',
            rawurlencode($this->issuer),
            rawurlencode($username),
            http_build_query($params)
        );
    }
    /**
     * Generate backup codes
     *
     * @param int $count Number of backup codes to generate
     * @return array Array of backup codes
     */
    private function generateBackupCodes($count = 8) {
        $codes = [];
        for ($i = 0; $i < $count; $i++) {
            $codes[] = bin2hex(random_bytes(4));
        }
        return $codes;
    }
    /**
     * Verify a backup code
     *
     * @param int $userId User ID
     * @param string $code The backup code to verify
     * @return bool True if verified, false otherwise
     */
    private function verifyBackupCode($userId, $code) {
        try {
            $stmt = $this->db->prepare('SELECT backup_codes FROM user_2fa WHERE user_id = ?');
            $stmt->execute([$userId]);
            $result = $stmt->fetch(PDO::FETCH_ASSOC);
            if (!$result) {
                return false;
            }
            $backupCodes = json_decode($result['backup_codes'], true);
            // Check if the code exists and hasn't been used
            $codeIndex = array_search($code, $backupCodes);
            if ($codeIndex !== false) {
                // Remove the used code
                unset($backupCodes[$codeIndex]);
                $backupCodes = array_values($backupCodes);
                // Update backup codes in database
                $stmt = $this->db->prepare('
                    UPDATE user_2fa
                    SET backup_codes = ?
                    WHERE user_id = ?
                ');
                $stmt->execute([json_encode($backupCodes), $userId]);
                return true;
            }
            return false;
        } catch (Exception $e) {
            error_log('Backup code verification error: ' . $e->getMessage());
            return false;
        }
    }
    /**
     * Disable 2FA for a user
     *
     * @param int $userId User ID
     * @return bool True if disabled successfully
     */
    public function disable($userId) {
        try {
            // First check if user has 2FA settings
            $settings = $this->getUserSettings($userId);
            if (!$settings) {
                return false;
            }
            // Delete the 2FA settings entirely instead of just disabling
            $stmt = $this->db->prepare('
                DELETE FROM user_2fa
                WHERE user_id = ?
            ');
            return $stmt->execute([$userId]);
        } catch (Exception $e) {
            error_log('2FA disable error: ' . $e->getMessage());
            return false;
        }
    }
    /**
     * Check if 2FA is enabled for a user
     *
     * @param int $userId User ID
     * @return bool True if enabled
     */
    public function isEnabled($userId) {
        try {
            $stmt = $this->db->prepare('SELECT enabled FROM user_2fa WHERE user_id = ?');
            $stmt->execute([$userId]);
            $result = $stmt->fetch(PDO::FETCH_ASSOC);
            return $result && $result['enabled'];
        } catch (Exception $e) {
            error_log('2FA status check error: ' . $e->getMessage());
            return false;
        }
    }
    private function getUserSettings($userId) {
        try {
            $stmt = $this->db->prepare('
                SELECT secret_key, backup_codes, enabled
                FROM user_2fa
                WHERE user_id = ?
            ');
            $stmt->execute([$userId]);
            return $stmt->fetch(PDO::FETCH_ASSOC);
        } catch (Exception $e) {
            error_log('Failed to get user 2FA settings: ' . $e->getMessage());
            return null;
        }
    }
 }
--- a/app/classes/user.php
+++ b/app/classes/user.php
@ -1,38 +1,526 @@
 <?php
 /**
 * class User
 *
 * Handles user-related functionalities such as login, rights management, and profile updates.
 */
 class User {
    /**
     * @var PDO|null $db The database connection instance.
     */
    private $db;
    private $rateLimiter;
    private $twoFactorAuth;
    /**
     * User constructor.
     * Initializes the database connection.
     *
     * @param object $database The database object to initialize the connection.
     */
    public function __construct($database) {
-        $this->db = $database->getConnection();
+        if ($database instanceof PDO) {
            $this->db = $database;
        } else {
            $this->db = $database->getConnection();
        }
        require_once __DIR__ . '/ratelimiter.php';
        require_once __DIR__ . '/twoFactorAuth.php';
        $this->rateLimiter = new RateLimiter($database);
        $this->twoFactorAuth = new TwoFactorAuthentication($database);
    }
    // registration
    public function register($username, $password) {
        $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
        $query = $this->db->prepare("INSERT INTO users (username, password) VALUES (:username, :password)");
        $query->bindParam(':username', $username);
        $query->bindParam(':password', $hashedPassword);
-        return $query->execute();
+    /**
-    }
+     * Logs in a user by verifying credentials.
     *
     * @param string $username The username of the user.
     * @param string $password The password of the user.
     * @param string $twoFactorCode Optional. The 2FA code if 2FA is enabled.
     *
     * @return array Login result with status and any necessary data
     */
    public function login($username, $password, $twoFactorCode = null) {
        // Get user's IP address
        $ipAddress = getUserIP();
-    // login
+        // Check rate limiting first
-    public function login($username, $password) {
+        if (!$this->rateLimiter->isAllowed($username, $ipAddress)) {
-        $query = $this->db->prepare("SELECT * FROM  users WHERE username = :username");
+            $remainingTime = $this->rateLimiter->getDecayMinutes();
            throw new Exception("Too many login attempts. Please try again in {$remainingTime} minutes.");
        }
        // Then check credentials
        $query = $this->db->prepare("SELECT * FROM user WHERE username = :username");
        $query->bindParam(':username', $username);
        $query->execute();
        $user = $query->fetch(PDO::FETCH_ASSOC);
-        if ( $user && password_verify($password, $user['password'])) {
+        if ($user && password_verify($password, $user['password'])) {
            // Check if 2FA is enabled
            if ($this->twoFactorAuth->isEnabled($user['id'])) {
                if ($twoFactorCode === null) {
                    return [
                        'status' => 'requires_2fa',
                        'user_id' => $user['id'],
                        'username' => $user['username']
                    ];
                }
                // Verify 2FA code
                if (!$this->twoFactorAuth->verify($user['id'], $twoFactorCode)) {
                    return [
                        'status' => 'invalid_2fa',
                        'message' => 'Invalid 2FA code'
                    ];
                }
            }
            // Login successful
            $_SESSION['user_id'] = $user['id'];
            $_SESSION['username'] = $user['username'];
            $_SESSION['CREATED'] = time();
            $_SESSION['LAST_ACTIVITY'] = time();
            return [
                'status' => 'success',
                'user_id' => $user['id'],
                'username' => $user['username']
            ];
        }
        // Get remaining attempts AFTER this failed attempt
        $remainingAttempts = $this->rateLimiter->getRemainingAttempts($username, $ipAddress);
        return [
            'status' => 'failed',
            'message' => "Invalid credentials. {$remainingAttempts} attempts remaining."
        ];
    }
    /**
     * Retrieves a user ID based on the username.
     *
     * @param string $username The username to look up.
     *
     * @return array|null User ID details or null if not found.
     */
    // FIXME not used now?
    public function getUserId($username) {
        $sql = 'SELECT id FROM user WHERE username = :username';
        $query = $this->db->prepare($sql);
        $query->bindParam(':username', $username);
        $query->execute();
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
    /**
     * Fetches user details by user ID.
     *
     * @param int $userId The user ID.
     *
     * @return array|null User details or null if not found.
     */
    public function getUserDetails($userId) {
        $sql = 'SELECT
                    um.*,
                    u.username
                FROM
                    user_meta um
                LEFT JOIN user u
                    ON um.user_id = u.id
                WHERE
                    u.id = :user_id';
        $query = $this->db->prepare($sql);
        $query->execute([
            ':user_id'		=> $userId,
        ]);
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
    /**
     * Grants a user a specific right.
     *
     * @param int $userId    The user ID.
     * @param int $right_id  The right ID to grant.
     *
     * @return void
     */
    public function addUserRight($userId, $right_id) {
        $sql = 'INSERT INTO user_right
                    (user_id, right_id)
                VALUES
                    (:user_id, :right_id)';
        $query = $this->db->prepare($sql);
        $query->execute([
            ':user_id'		=> $userId,
            ':right_id'		=> $right_id,
        ]);
    }
    /**
     * Revokes a specific right from a user.
     *
     * @param int $userId    The user ID.
     * @param int $right_id  The right ID to revoke.
     *
     * @return void
     */
    public function removeUserRight($userId, $right_id) {
        $sql = 'DELETE FROM user_right
                WHERE
                    user_id = :user_id
                AND
                    right_id = :right_id';
        $query = $this->db->prepare($sql);
        $query->execute([
            ':user_id'		=> $userId,
            ':right_id'		=> $right_id,
        ]);
    }
    /**
     * Retrieves all rights in the system.
     *
     * @return array List of rights.
     */
    public function getAllRights() {
        $sql = 'SELECT
                    id AS right_id,
                    name AS right_name
                FROM `right`
                ORDER BY id ASC';
        $query = $this->db->prepare($sql);
        $query->execute();
        return $query->fetchAll(PDO::FETCH_ASSOC);
    }
    /**
     * Retrieves the rights assigned to a specific user.
     *
     * @param int $userId The user ID.
     *
     * @return array List of user rights.
     */
    public function getUserRights($userId) {
        $sql = 'SELECT
                    u.id AS user_id,
                    r.id AS right_id,
                    r.name AS right_name
                FROM
                    `user` u
                    LEFT JOIN `user_right` ur
                        ON u.id = ur.user_id
                    LEFT JOIN `right` r
                        ON ur.right_id = r.id
                WHERE
                    u.id = :user_id';
        $query = $this->db->prepare($sql);
        $query->execute([
            ':user_id'		=> $userId,
        ]);
        $result = $query->fetchAll(PDO::FETCH_ASSOC);
        // ensure specific entries are included in the result
        $specialEntries = [];
        // user 1 is always superuser
        if ($userId == 1) {
            $specialEntries = [
                [
                    'user_id' => 1,
                    'right_id' => 1,
                    'right_name' => 'superuser'
                ]
            ];
        // user 2 is always demo
        } elseif ($userId == 2) {
            $specialEntries = [
                [
                    'user_id' => 2,
                    'right_id' => 100,
                    'right_name' => 'demo user'
                ]
            ];
        }
        // merge the special entries with the existing results
        $result = array_merge($specialEntries, $result);
        // remove duplicates if necessary
        $result = array_unique($result, SORT_REGULAR);
        // return the modified result
        return $result;
    }
    /**
     * Check if the user has a specific right.
     *
     * @param int    $userId      The user ID.
     * @param string $right_name  The human-readable name of the user right.
     *
     * @return bool True if the user has the right, false otherwise.
     */
    function hasRight($userId, $right_name) {
        $userRights = $this->getUserRights($userId);
        $userHasRight = false;
        // superuser always has all the rights
        if ($userId === 1) {
            $userHasRight = true;
        }
        foreach ($userRights as $right) {
            if ($right['right_name'] === $right_name) {
                $userHasRight = true;
                break;
            }
        }
        return $userHasRight;
    }
    /**
     * Updates a user's metadata in the database.
     *
     * @param int   $userId       The ID of the user to update.
     * @param array $updatedUser  An associative array containing updated user data:
     *  - 'name' (string): The updated name of the user.
     *  - 'email' (string): The updated email of the user.
     *  - 'timezone' (string): The updated timezone of the user.
     *  - 'bio' (string): The updated biography of the user.
     *
     * @return bool|string Returns true if the update is successful, or an error message if an exception occurs.
     */
    public function editUser($userId, $updatedUser) {
        try {
            $sql = 'UPDATE user_meta SET
                        name = :name,
                        email = :email,
                        timezone = :timezone,
                        bio = :bio
                    WHERE user_id = :user_id';
            $query = $this->db->prepare($sql);
            $query->execute([
                ':user_id'	=> $userId,
                ':name'		=> $updatedUser['name'],
                ':email'	=> $updatedUser['email'],
                ':timezone'	=> $updatedUser['timezone'],
                ':bio'		=> $updatedUser['bio']
            ]);
            return true;
-        } else {
+
-            return false;
+        } catch (Exception $e) {
            return $e->getMessage();
        }
    }
    /**
     * Removes a user's avatar from the database and deletes the associated file.
     *
     * @param int    $userId      The ID of the user whose avatar is being removed.
     * @param string $old_avatar  Optional. The file path of the current avatar to delete. Default is an empty string.
     *
     * @return bool|string Returns true if the avatar is successfully removed, or an error message if an exception occurs.
     */
    public function removeAvatar($userId, $old_avatar = '') {
        try {
            // remove from database
            $sql = 'UPDATE user_meta SET
                        avatar = NULL
                    WHERE user_id = :user_id';
            $query = $this->db->prepare($sql);
            $query->execute([
                ':user_id'	=> $userId,
            ]);
            // delete the old avatar file
            if ($old_avatar && file_exists($old_avatar)) {
                unlink($old_avatar);
            }
            return true;
        } catch (Exception $e) {
            return $e->getMessage();
        }
    }
    /**
     * Updates a user's avatar by uploading a new file and saving its path in the database.
     *
     * @param int    $userId        The ID of the user whose avatar is being updated.
     * @param array  $avatar_file   The uploaded avatar file from the $_FILES array.
     *                              Should include 'tmp_name', 'name', 'error', etc.
     * @param string $avatars_path  The directory path where avatar files should be saved.
     *
     * @return bool|string Returns true if the avatar is successfully updated, or an error message if an exception occurs.
     */
    public function changeAvatar($userId, $avatar_file, $avatars_path) {
        try {
            // check if the file was uploaded
            if (isset($avatar_file) && $avatar_file['error'] === UPLOAD_ERR_OK) {
                $fileTmpPath = $avatar_file['tmp_name'];
                $fileName = $avatar_file['name'];
                $fileExtension = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
                // validate file extension
                if (in_array($fileExtension, ['jpg', 'png', 'jpeg'])) {
                    $newFileName = md5(time() . $fileName) . '.' . $fileExtension;
                    $dest_path = $avatars_path . $newFileName;
                    // move the file to avatars folder
                    if (move_uploaded_file($fileTmpPath, $dest_path)) {
                        try {
                            // update user's avatar path in DB
                            $sql = 'UPDATE user_meta SET
                                        avatar = :avatar
                                    WHERE user_id = :user_id';
                            $query = $this->db->prepare($sql);
                            $query->execute([
                                ':avatar' => $newFileName,
                                ':user_id' => $userId
                            ]);
                            // all went OK
                            $_SESSION['notice'] .= 'Avatar updated successfully. ';
                            return true;
                        } catch (Exception $e) {
                            return $e->getMessage();
                        }
                    } else {
                        $_SESSION['error'] .= 'Error moving the uploaded file. ';
                    }
                } else {
                    $_SESSION['error'] .= 'Invalid avatar file type. ';
                }
            } else {
                $_SESSION['error'] .= 'Error uploading the avatar file. ';
            }
        } catch (Exception $e) {
            return $e->getMessage();
        }
    }
-}
+    /**
     * Get all users for messaging
     *
     * @return array List of users with their IDs and usernames
     */
    public function getUsers() {
        $sql = "SELECT id, username
                FROM `user`
                ORDER BY username ASC";
-?>
+        $stmt = $this->db->prepare($sql);
        $stmt->execute();
        return $stmt->fetchAll(PDO::FETCH_ASSOC);
    }
    /**
     * Enable two-factor authentication for a user
     *
     * @param int    $userId  User ID
     * @param string $secret  Secret key to use
     * @param string $code    Verification code to validate
     * @return bool True if enabled successfully
     */
    public function enableTwoFactor($userId, $secret = null, $code = null) {
        return $this->twoFactorAuth->enable($userId, $secret, $code);
    }
    /**
     * Disable two-factor authentication for a user
     *
     * @param int $userId User ID
     * @return bool True if disabled successfully
     */
    public function disableTwoFactor($userId) {
        return $this->twoFactorAuth->disable($userId);
    }
    /**
     * Verify a two-factor authentication code
     *
     * @param int    $userId  User ID
     * @param string $code    The verification code
     * @return bool True if verified
     */
    public function verifyTwoFactor($userId, $code) {
        return $this->twoFactorAuth->verify($userId, $code);
    }
    /**
     * Check if two-factor authentication is enabled for a user
     *
     * @param int $userId User ID
     * @return bool True if enabled
     */
    public function isTwoFactorEnabled($userId) {
        return $this->twoFactorAuth->isEnabled($userId);
    }
    /**
     * Change a user's password
     *
     * @param int    $userId           User ID
     * @param string $currentPassword  Current password for verification
     * @param string $newPassword      New password to set
     * @return bool True if password was changed successfully
     */
    public function changePassword($userId, $currentPassword, $newPassword) {
        try {
            // First verify the current password
            $sql = "SELECT password FROM user WHERE id = :user_id";
            $query = $this->db->prepare($sql);
            $query->execute([':user_id' => $userId]);
            $user = $query->fetch(PDO::FETCH_ASSOC);
            if (!$user || !password_verify($currentPassword, $user['password'])) {
                return false;
            }
            // Hash the new password
            $hashedPassword = password_hash($newPassword, PASSWORD_DEFAULT);
            // Update the password
            $sql = "UPDATE user SET password = :password WHERE id = :user_id";
            $query = $this->db->prepare($sql);
            return $query->execute([
                ':password' => $hashedPassword,
                ':user_id' => $userId
            ]);
        } catch (Exception $e) {
            error_log("Error changing password: " . $e->getMessage());
            return false;
        }
    }
 }
--- a/app/classes/validator.php
+++ b/app/classes/validator.php
@ -0,0 +1,110 @@
 <?php
 class Validator {
    private $errors = [];
    private $data = [];
    public function __construct(array $data) {
        $this->data = $data;
    }
    public function validate(array $rules) {
        foreach ($rules as $field => $fieldRules) {
            foreach ($fieldRules as $rule => $parameter) {
                $this->applyRule($field, $rule, $parameter);
            }
        }
        return empty($this->errors);
    }
    private function applyRule($field, $rule, $parameter) {
        $value = $this->data[$field] ?? null;
        switch ($rule) {
            case 'required':
                if ($parameter && empty($value)) {
                    $this->addError($field, "Field is required");
                }
                break;
            case 'email':
                if (!empty($value) && !filter_var($value, FILTER_VALIDATE_EMAIL)) {
                    $this->addError($field, "Invalid email format");
                }
                break;
            case 'min':
                if (!empty($value) && strlen($value) < $parameter) {
                    $this->addError($field, "Minimum length is $parameter characters");
                }
                break;
            case 'max':
                if (!empty($value) && strlen($value) > $parameter) {
                    $this->addError($field, "Maximum length is $parameter characters");
                }
                break;
            case 'numeric':
                if (!empty($value) && !is_numeric($value)) {
                    $this->addError($field, "Must be a number");
                }
                break;
            case 'phone':
                if (!empty($value) && !preg_match('/^[+]?[\d\s-()]{7,}$/', $value)) {
                    $this->addError($field, "Invalid phone number format");
                }
                break;
            case 'url':
                if (!empty($value) && !filter_var($value, FILTER_VALIDATE_URL)) {
                    $this->addError($field, "Invalid URL format");
                }
                break;
            case 'date':
                if (!empty($value)) {
                    $date = date_parse($value);
                    if ($date['error_count'] > 0) {
                        $this->addError($field, "Invalid date format");
                    }
                }
                break;
            case 'in':
                if (!empty($value) && !in_array($value, $parameter)) {
                    $this->addError($field, "Invalid option selected");
                }
                break;
            case 'matches':
                if ($value !== ($this->data[$parameter] ?? null)) {
                    $this->addError($field, "Does not match $parameter field");
                }
                break;
            case 'ip':
                if (!empty($value)) {
                    // Support both IPv4 and IPv6
                    if (!filter_var($value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_IPV6)) {
                        $this->addError($field, "Invalid IP address format");
                    }
                }
                break;
        }
    }
    private function addError($field, $message) {
        if (!isset($this->errors[$field])) {
            $this->errors[$field] = [];
        }
        $this->errors[$field][] = $message;
    }
    public function getErrors() {
        return $this->errors;
    }
    public function hasErrors() {
        return !empty($this->errors);
    }
    public function getFirstError() {
        if (!$this->hasErrors()) {
            return null;
        }
        $firstField = array_key_first($this->errors);
        return $this->errors[$firstField][0];
    }
 }
--- a/app/config/jilo-web.conf.php
+++ b/app/config/jilo-web.conf.php
@ -10,6 +10,17 @@ return [
    'domain'			=> 'localhost',
    // subfolder for the web app, if any
    'folder'			=> '/jilo-web/',
    // site name used in emails and in the interface
    'site_name'			=> 'Jilo Web',
    // session configuration
    'session' => [
        // session name, if empty a random one will be generated
        'name' => 'jilo',
        // 2 hours (7200) default, when "remember me" is not checked
        'lifetime' => 7200,
        // 30 days (2592000) default, when "remember me" is checked
        'remember_me_lifetime' => 2592000,
    ],
    // set to false to disable new registrations
    'registration_enabled'	=> true,
    // will be displayed on login screen
@ -20,38 +31,27 @@ return [
    //*******************************************
    // database
-    'db' => [
+    'db_type'			=> 'mariadb',
-        // DB type for the web app, currently only "sqlite" is used
+
-        'db_type'		=> 'sqlite',
+    'sqlite' => [
        // default is ../app/jilo-web.db
        'sqlite_file'		=> '../app/jilo-web.db',
    ],
    'sql' => [
        'sql_host'		=> 'localhost',
        'sql_port'		=> '3306',
        'sql_database'		=> 'jilo',
        'sql_username'		=> 'jilouser',
        'sql_password'		=> 'jilopass',
    ],
    // avatars path
    'avatars_path'		=> 'uploads/avatars/',
    // default avatar
    'default_avatar'		=> 'static/default_avatar.png',
    // system info
-    'version'			=> '0.2',
+    'version'			=> '0.4',
    // development has verbose error messages, production has not
    'environment'		=> 'development',
    // *************************************
    // Maintained by the app, edit with care
    // *************************************
    'platforms' => [
        '0' => [
            'name' => 'lindeas',
            'jitsi_url' => 'https://meet.lindeas.com',
            'jilo_database' => '../../jilo/jilo-meet.lindeas.db',
        ],
        '1' => [
            'name' => 'meet.example.com',
            'jitsi_url' => 'https://meet.example.com',
            'jilo_database' => '../../jilo/jilo.db',
        ],
        '2' => [
            'name' => 'test3',
            'jitsi_url' => 'https://test3.example.com',
            'jilo_database' => '../../jilo/jilo2.db',
        ],
    ],
 ];
 ?>
--- a/app/config/theme.php
+++ b/app/config/theme.php
@ -0,0 +1,35 @@
 <?php
 return [
    // Active theme (can be overridden by user preference)
    'active_theme' => 'default',
    // Available themes with their display names
    'available_themes' => [
        'default' => 'Default built-in theme',
        'modern' => 'Modern theme',
        'retro' => 'Alternative retro theme'
    ],
    // Path configurations
    'paths' => [
        // Base directory for all external themes
        'themes' => __DIR__ . '/../../themes',
        // Default templates location (built-in fallback)
        'templates' => __DIR__ . '/../templates',
        // Public assets directory (built-in fallback)
        'public' => __DIR__ . '/../../public_html'
    ],
    // Theme configuration defaults
    'default_config' => [
        'name' => 'Unnamed Theme',
        'description' => 'A Jilo Web theme',
        'version' => '1.0.0',
        'author' => 'Lindeas Inc.',
        'screenshot' => 'screenshot.png',
        'options' => []
    ]
 ];
--- a/app/core/ConfigLoader.php
+++ b/app/core/ConfigLoader.php
@ -0,0 +1,41 @@
 <?php
 namespace App\Core;
 class ConfigLoader
 {
    /**
     * @var string|null
     */
    private static $configPath = null;
    /**
     * Load configuration array from a set of possible file locations.
     *
     * @param string[] $locations
     * @return array
     */
    public static function loadConfig(array $locations): array
    {
        $configFile = null;
        foreach ($locations as $location) {
            if (file_exists($location)) {
                $configFile = $location;
                break;
            }
        }
        if (!$configFile) {
            die('Config file not found');
        }
        self::$configPath = $configFile;
        return require $configFile;
    }
    /**
     * @return string|null
     */
    public static function getConfigPath(): ?string
    {
        return self::$configPath;
    }
 }
--- a/app/core/DatabaseConnector.php
+++ b/app/core/DatabaseConnector.php
@ -0,0 +1,37 @@
 <?php
 namespace App\Core;
 use Exception;
 use Feedback;
 class DatabaseConnector
 {
    /**
     * Connect to the database using given configuration and handle errors.
     *
     * @param array $config
     * @return mixed Database connection
     */
    public static function connect(array $config)
    {
        // Load DB classes
        require_once __DIR__ . '/../classes/database.php';
        require_once __DIR__ . '/../includes/database.php';
        try {
            $db = connectDB($config);
            if (!$db) {
                throw new Exception('Could not connect to database');
            }
            return $db;
        } catch (Exception $e) {
            // Show error and exit
            Feedback::flash('ERROR', 'DEFAULT', getError('Error connecting to the database.', $e->getMessage()));
            include __DIR__ . '/../templates/page-header.php';
            include __DIR__ . '/../helpers/feedback.php';
            include __DIR__ . '/../templates/page-footer.php';
            exit();
        }
    }
 }
--- a/app/core/HookDispatcher.php
+++ b/app/core/HookDispatcher.php
@ -0,0 +1,53 @@
 <?php
 namespace App\Core;
 class HookDispatcher
 {
    /**
     * Stores all registered hooks and their callbacks.
     * @var array<string, array<callable>>
     */
    private static array $hooks = [];
    /**
     * Register a callback for a given hook.
     */
    public static function register(string $hook, callable $callback): void
    {
        if (!isset(self::$hooks[$hook])) {
            self::$hooks[$hook] = [];
        }
        self::$hooks[$hook][] = $callback;
    }
    /**
     * Dispatch all callbacks for the specified hook.
     */
    public static function dispatch(string $hook, array $context = []): void
    {
        if (!empty(self::$hooks[$hook])) {
            foreach (self::$hooks[$hook] as $callback) {
                call_user_func($callback, $context);
            }
        }
    }
    /**
     * Apply filters for a hook key, passing a value through all callbacks.
     * Each callback should accept the value and return a modified value.
     *
     * @param string $hook
     * @param mixed $value
     * @return mixed
     */
    public static function applyFilters(string $hook, $value)
    {
        if (!empty(self::$hooks[$hook])) {
            foreach (self::$hooks[$hook] as $callback) {
                $value = call_user_func($callback, $value);
            }
        }
        return $value;
    }
 }
--- a/app/core/MiddlewarePipeline.php
+++ b/app/core/MiddlewarePipeline.php
@ -0,0 +1,30 @@
 <?php
 namespace App\Core;
 class MiddlewarePipeline {
    /** @var callable[] */
    private $middlewares = [];
    /**
     * Add a middleware to the pipeline.
     * @param callable $middleware Should return false to halt execution.
     */
    public function add(callable $middleware): void {
        $this->middlewares[] = $middleware;
    }
    /**
     * Execute all middlewares in sequence.
     * @return bool False if any middleware returns false, true otherwise.
     */
    public function run(): bool {
        foreach ($this->middlewares as $middleware) {
            $result = call_user_func($middleware);
            if ($result === false) {
                return false;
            }
        }
        return true;
    }
 }
--- a/app/core/NullLogger.php
+++ b/app/core/NullLogger.php
@ -0,0 +1,17 @@
 <?php
 namespace App\Core;
 /**
 * NullLogger is a fallback for disabling logging when there is no logging plugin enabled.
 */
 class NullLogger
 {
    /**
     * PSR-3 compatible log stub.
     * @param string $level
     * @param string $message
     * @param array $context
     */
    public function log(string $level, string $message, array $context = []): void {}
 }
--- a/app/core/PluginManager.php
+++ b/app/core/PluginManager.php
@ -0,0 +1,37 @@
 <?php
 namespace App\Core;
 class PluginManager
 {
    /**
     * Loads all enabled plugins from the given directory.
     *
     * @param string $pluginsDir
     * @return array<string, array{path: string, meta: array}>
     */
    public static function load(string $pluginsDir): array
    {
        $enabled = [];
        foreach (glob($pluginsDir . '*', GLOB_ONLYDIR) as $pluginPath) {
            $manifest = $pluginPath . '/plugin.json';
            if (!file_exists($manifest)) {
                continue;
            }
            $meta = json_decode(file_get_contents($manifest), true);
            if (empty($meta['enabled'])) {
                continue;
            }
            $name = basename($pluginPath);
            $enabled[$name] = [
                'path' => $pluginPath,
                'meta' => $meta,
            ];
            $bootstrap = $pluginPath . '/bootstrap.php';
            if (file_exists($bootstrap)) {
                include_once $bootstrap;
            }
        }
        return $enabled;
    }
 }
--- a/app/core/Router.php
+++ b/app/core/Router.php
@ -0,0 +1,57 @@
 <?php
 namespace App\Core;
 use Session;
 use Feedback;
 class Router {
    /**
     * Check session validity and handle redirection for protected pages.
     * Returns current username if session is valid, null otherwise.
     */
    public static function checkAuth(array $config, string $app_root, array $public_pages, string $page): ?string {
        // Always allow login page to be accessed
        if ($page === 'login') {
            return null;
        }
        // Check if this is a public page
        $isPublicPage = in_array($page, $public_pages, true);
        // For public pages, don't validate session
        if ($isPublicPage) {
            return null;
        }
        // For protected pages, check if we have a valid session
        $validSession = Session::isValidSession(true);
        // If session is valid, return the username
        if ($validSession) {
            return Session::getUsername();
        }
        // If we get here, we need to redirect to login
        // Only show timeout message if we had an active session before
        if (isset($_SESSION['LAST_ACTIVITY']) && !isset($_SESSION['session_timeout_shown'])) {
            Feedback::flash('LOGIN', 'SESSION_TIMEOUT');
            $_SESSION['session_timeout_shown'] = true;
        }
        // Preserve flash messages
        $flash_messages = $_SESSION['flash_messages'] ?? [];
        Session::cleanup($config);
        $_SESSION['flash_messages'] = $flash_messages;
        // Build login URL with redirect if appropriate
        $loginUrl = $app_root . '?page=login';
        $trimmed = trim($page, '/?');
        if (!empty($trimmed) && !in_array($trimmed, INVALID_REDIRECT_PAGES, true)) {
            $loginUrl .= '&redirect=' . urlencode($_SERVER['REQUEST_URI']);
        }
        header('Location: ' . $loginUrl);
        exit();
    }
 }
--- a/app/helpers/config.php
+++ b/app/helpers/config.php
@ -1,25 +0,0 @@
 <?php
 // Function to format arrays with square brackets
 function formatArray(array $array, $indentLevel = 2) {
    $indent = str_repeat('    ', $indentLevel); // 4 spaces per indent level
    $output = "[\n";
    foreach ($array as $key => $value) {
        $output .= $indent . "'" . $key . "'" . ' => ';
        if (is_array($value)) {
            $output .= formatArray($value, $indentLevel + 1);
        } else {
            $output .= var_export($value, true);
        }
        $output .= ",\n";
    }
    $output .= str_repeat('    ', $indentLevel - 1) . ']';
    return $output;
 }
 ?>
--- a/app/helpers/database.php
+++ b/app/helpers/database.php
@ -1,67 +0,0 @@
 <?php
 // connect to database
 function connectDB($config, $database = '', $platform_id = '') {
    // connecting ti a jilo sqlite database
    if ($database === 'jilo') {
        try {
            $dbFile = $config['platforms'][$platform_id]['jilo_database'] ?? null;
            if (!$dbFile || !file_exists($dbFile)) {
                throw new Exception(getError("Invalid platform ID \"{$platform_id}\", database file \"{$dbFile}\"not found."));
            }
            $db = new Database([
                'type'		=> 'sqlite',
                'dbFile'	=> $dbFile,
            ]);
        } catch (Exception $e) {
            $error = getError('Error connecting to DB.', $e->getMessage());
            include '../app/templates/block-message.php';
            exit();
        }
    // connecting to a jilo-web database of the web app
    } else {
        // sqlite database file
        if ($config['db']['db_type'] === 'sqlite') {
            try {
                $db = new Database([
                    'type'	=> $config['db']['db_type'],
                    'dbFile'	=> $config['db']['sqlite_file'],
                ]);
                $pdo = $db->getConnection();
            } catch (Exception $e) {
                $error = getError('Error connecting to DB.', $e->getMessage());
                include '../app/templates/block-message.php';
                exit();
            }
        // mysql/mariadb database
        } elseif ($config['db']['db_type'] === 'mysql' || $config['db']['db_type'] === 'mariadb') {
            try {
                $db = new Database([
                    'type'	=> $config['db']['db_type'],
                    'host'	=> $config['db']['sql_host'] ?? 'localhost',
                    'port'	=> $config['db']['sql_port'] ?? '3306',
                    'dbname'	=> $config['db']['sql_database'],
                    'user'	=> $config['db']['sql_username'],
                    'password'	=> $config['db']['sql_password'],
                ]);
                $pdo = $db->getConnection();
            } catch (Exception $e) {
                $error = getError('Error connecting to DB.', $e->getMessage());
                include '../app/templates/block-message.php';
                exit();
            }
        // unknown database
        } else {
            $error = "Error: unknow database type \"{$config['db']['db_type']}\"";
            include '../app/templates/block-message.php';
            exit();
        }
    }
    return $db;
 }
 ?>
--- a/app/helpers/errors.php
+++ b/app/helpers/errors.php
@ -1,14 +0,0 @@
 <?php
 function getError($message, $error = '', $environment = null) {
    global $config;
    $environment = $config['environment'] ?? 'production';
    if ($environment === 'production') {
        return 'There was an unexpected error. Please try again.';
    } else {
        return $error ?: $message;
    }
 }
 ?>
--- a/app/helpers/feedback.php
+++ b/app/helpers/feedback.php
@ -0,0 +1,34 @@
 <?php
 /**
 * Feedback Helper
 *
 * Combines functionality to handle retrieving and displaying feedback messages.
 */
 // Get any flash messages from previous request
 $flash_messages = Feedback::getFlash();
 if (!empty($flash_messages)) {
    $system_messages = array_merge($system_messages ?? [], array_map(function($flash) {
        return [
            'category' => $flash['category'],
            'key' => $flash['key'],
            'custom_message' => $flash['custom_message'] ?? null,
            'dismissible' => $flash['dismissible'] ?? false,
            'small' => $flash['small'] ?? false
        ];
    }, $flash_messages));
 }
 // Show feedback messages
 if (isset($system_messages) && is_array($system_messages)) {
    foreach ($system_messages as $msg) {
        echo Feedback::render(
            $msg['category'],
            $msg['key'],
            $msg['custom_message'] ?? null,
            $msg['dismissible'] ?? false,
            $msg['small'] ?? false
        );
    }
 }
--- a/app/helpers/graph.php
+++ b/app/helpers/graph.php
@ -0,0 +1,112 @@
 <div style="position: relative; width: 800px; height: 400px;">
    <div id="current-period-<?= $data['graph_name'] ?>" style="text-align: center; position: absolute; top: 0; left: 0; right: 0; z-index: 10; font-size: 14px; background-color: rgba(255, 255, 255, 0.7);"></div>
    <canvas id="graph_<?= $data['graph_name'] ?>" style="margin-top: 20px; margin-bottom: 50px;"></canvas>
 </div>
 <script>
 var ctx = document.getElementById('graph_<?= $data['graph_name'] ?>').getContext('2d');
 var timeRangeName = '';
 // Prepare datasets
 var datasets = [];
 <?php foreach ($data['datasets'] as $dataset): ?>
    var chartData = <?php echo json_encode($dataset['data']); ?>;
    datasets.push({
        label: '<?= $dataset['label'] ?>',
        data: chartData.map(function(item) {
            return {
                x: item.date,
                y: item.value
            };
        }),
        borderColor: '<?= $dataset['color'] ?>',
        borderWidth: 1,
        fill: false
    });
 <?php endforeach; ?>
 var graph_<?= $data['graph_name'] ?> = new Chart(ctx, {
    type: 'line',
    data: {
        datasets: datasets
    },
    options: {
        layout: {
            padding: {
                top: 30
            }
        },
        scales: {
            x: {
                type: 'time',
                time: {
                    unit: 'day'
                }
            },
            y: {
                beginAtZero: true
            }
        },
        plugins: {
            zoom: {
                pan: {
                    enabled: true,
                    mode: 'x'
                },
                zoom: {
                    mode: 'x',
                    drag: {
                        enabled: true,  // Enable drag to select range
                        borderColor: 'rgba(255, 99, 132, 0.3)',
                        borderWidth: 1
                    },
                    onZoom: function({ chart }) {
                        propagateZoom(chart); // Propagate the zoom to all graphs
                        setActive(document.getElementById('custom_range'));
                    }
                }
            },
            legend: {
                position: 'bottom',
                labels: {
                    boxWidth: 20,
                    padding: 10
                }
            },
            title: {
                display: true,
                text: '<?= $data['graph_title'] ?>',
                font: {
                    size: 16,
                    weight: 'bold'
                },
                padding: {
                    bottom: 10
                }
            }
        }
    }
 });
 // Store graph instance and title for later reference
 graphs.push({
    graph: graph_<?= $data['graph_name'] ?>,
    label: '<?= $data['graph_title'] ?>'
 });
 // Function to update the period label
 function updatePeriodLabel(chart, label) {
    var startDate = new Date(chart.scales.x.min);
    var endDate = new Date(chart.scales.x.max);
    var periodLabel = document.getElementById('current-period-<?= $data['graph_name'] ?>');
    if (timeRangeName) {
        periodLabel.textContent = label + ' (' + timeRangeName + ')';
    } else {
        periodLabel.textContent = label + ' (from ' + startDate.toLocaleDateString() + ' to ' + endDate.toLocaleDateString() + ')';
    }
 }
 // Initial label update
 updatePeriodLabel(graph_<?= $data['graph_name'] ?>, '<?= $data['graph_title'] ?>');
 </script>
--- a/app/helpers/ip_helper.php
+++ b/app/helpers/ip_helper.php
@ -0,0 +1,24 @@
 <?php
 /**
 * Returns the user's IP address.
 * Uses global $user_IP set by Logger plugin if available, else falls back to server variables.
 *
 * @return string
 */
 function getUserIP() {
    global $user_IP;
    if (!empty($user_IP)) {
        return $user_IP;
    }
    // Fallback to HTTP headers or REMOTE_ADDR
    if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
        return $_SERVER['HTTP_CLIENT_IP'];
    }
    if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        // May contain multiple IPs
        $parts = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
        return trim($parts[0]);
    }
    return $_SERVER['REMOTE_ADDR'] ?? '';
 }
--- a/app/helpers/logger_loader.php
+++ b/app/helpers/logger_loader.php
@ -0,0 +1,15 @@
 <?php
 /**
 * Returns a logger instance: plugin Log if available, otherwise NullLogger.
 *
 * @param mixed $database Database or DatabaseConnector instance.
 * @return mixed Logger instance with PSR-3 log() compatible method.
 */
 function getLoggerInstance($database) {
    if (class_exists('Log')) {
        return new Log($database);
    }
    require_once __DIR__ . '/../core/NullLogger.php';
    return new \App\Core\NullLogger();
 }
--- a/app/helpers/pagination.php
+++ b/app/helpers/pagination.php
@ -0,0 +1,81 @@
                        <div class="text-center">
                            <div class="pagination">
 <?php
    $param = '';
    if (isset($_REQUEST['id'])) {
        $param .= '&id=' . htmlspecialchars($_REQUEST['id']);
    }
    if (isset($_REQUEST['name'])) {
        $param .= '&name=' . htmlspecialchars($_REQUEST['name']);
    }
    if (isset($_REQUEST['ip'])) {
        $param .= '&ip=' . htmlspecialchars($_REQUEST['ip']);
    }
    if (isset($_REQUEST['event'])) {
        $param .= '&event=' . htmlspecialchars($_REQUEST['event']);
    }
    if (isset($_REQUEST['from_time'])) {
        $param .= '&from_time=' . htmlspecialchars($from_time);
    }
    if (isset($_REQUEST['until_time'])) {
        $param .= '&until_time=' . htmlspecialchars($until_time);
    }
    $max_visible_pages = 10;
    $step_pages = 10;
    if ($browse_page > 1) {
        echo '<span><a href="' . htmlspecialchars($url) . '&p=1">first</a></span>';
    } else {
        echo '<span>first</span>';
    }
    for ($i = 1; $i <= $page_count; $i++) {
        // always show the first, last, step pages (10, 20, 30, etc.),
        // and the pages close to the current one
        if (
            $i === 1 || // first page
            $i === $page_count || // last page
            $i === $browse_page || // current page
            $i === $browse_page -1 ||
            $i === $browse_page +1 ||
            $i === $browse_page -2 ||
            $i === $browse_page +2 ||
            ($i % $step_pages === 0 && $i > $max_visible_pages) // the step pages - 10, 20, etc.
        ) {
            if ($i === $browse_page) {
                // current page, no link
                if ($browse_page > 1) {
                    echo '<span><a href="' . htmlspecialchars($app_root) . '?platform=' . htmlspecialchars($platform_id) . '&page=' . htmlspecialchars($page) . $param . '&p=' . (htmlspecialchars($browse_page) -1) . '"><<</a></span>';
                } else {
                    echo '<span><<</span>';
                }
                echo '[' . htmlspecialchars($i) . ']';
                if ($browse_page < $page_count) {
                    echo '<span><a href="' . htmlspecialchars($app_root) . '?platform=' . htmlspecialchars($platform_id) . '&page=' . htmlspecialchars($page) . $param . '&p=' . (htmlspecialchars($browse_page) +1) . '">>></a></span>';
                } else {
                    echo '<span>>></span>';
                }
            } else {
                // other pages
                echo '<span><a href="' . htmlspecialchars($app_root) . '?platform=' . htmlspecialchars($platform_id) . '&page=' . htmlspecialchars($page) . $param . '&p=' . htmlspecialchars($i) . '">[' . htmlspecialchars($i) . ']</a></span>';
            }
        // show ellipses between distant pages
        } elseif (
            $i === $browse_page -3 ||
            $i === $browse_page +3
        ) {
            echo '<span>...</span>';
        }
    }
    if ($browse_page < $page_count) {
        echo '<span><a href="' . htmlspecialchars($app_root) . '?platform=' . htmlspecialchars($platform_id) . '&page=' . htmlspecialchars($page) . $param . '&p=' . (htmlspecialchars($page_count)) . '">last</a></span>';
    } else {
        echo '<span>last</span>';
    }
 ?>
                            </div>
                        </div>
--- a/app/helpers/profile.php
+++ b/app/helpers/profile.php
@ -0,0 +1,46 @@
 <?php
 // get the UTC offset of a specified timezone
 function getUTCOffset($timezone) {
    $formattedOffset = '';
    if (isset($timezone)) {
        $datetime = new DateTime("now", new DateTimeZone($timezone));
        $offsetInSeconds = $datetime->getOffset();
        $hours = intdiv($offsetInSeconds, 3600);
        $minutes = ($offsetInSeconds % 3600) / 60;
        $formattedOffset = sprintf("UTC%+03d:%02d", $hours, $minutes); // Format UTC+01:00
    }
    return $formattedOffset;
 }
 // switch platforms
 function switchPlatform($platform_id) {
    // get the current URL and parse it
    $scheme = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http';
    $current_url = "$scheme://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
    $url_components = parse_url($current_url);
    // parse query parameters if they exist
    parse_str($url_components['query'] ?? '', $query_params);
    // check if the 'platform' parameter is set
    if (isset($query_params['platform'])) {
        // change the platform to the new platform_id
        $query_params['platform'] = $platform_id;
        $new_query_string = http_build_query($query_params);
    // there is no 'platform', we redirect to front page of the new platform_id
    } else {
        $new_query_string = 'platform=' . $platform_id;
    }
    // rebuild the query and the URL
    $new_url = $scheme . '://' . $url_components['host'] . $url_components['path'] . '?' . $new_query_string;
    // return the new URL with the new platform_id
    return $new_url;
 }
--- a/app/helpers/render.php
+++ b/app/helpers/render.php
@ -1,69 +1,81 @@
 <?php
 // render config variables array
-function renderConfig($configPart, $indent, $platform=false, $parent='') {
+function renderConfig($configPart, $indent) {
    global $app_root;
    global $config;
        if ($parent === 'platforms') {
 ?>
                        <div class="col-md-8 text-start">
                            <a class="btn btn-secondary" style="padding: 0px;" href="<?= $app_root ?>?page=config&action=add">add</a>
                        </div>
                        <div class="border bg-light" style="padding-left: <?= $indent ?>px; padding-bottom: 20px; padding-top: 20px;">
 <?php   } else {
 ?>
                        <div style="padding-left: <?= $indent ?>px; padding-bottom: 20px;">
-<?php
+<?php foreach ($configPart as $config_item => $config_value) { ?>
        }
        foreach ($configPart as $config_item => $config_value) {
            if ($parent === 'platforms') {
                $indent = 0;
            }
 ?>
                            <div class="row mb-1" style="padding-left: <?= $indent ?>px;">
                                <div class="col-md-4 text-end">
                                    <?= htmlspecialchars($config_item) ?>:
                                </div>
 <?php
            if ($parent === 'platforms') { ?>
                                <div class="col-md-8 text-start">
                                    <a class="btn btn-secondary" style="padding: 2px;" href="<?= $app_root ?>?platform=<?= htmlspecialchars($config_item) ?>&page=config&action=edit">edit</a>
 <?php
            // we don't delete the last platform
            if (count($configPart) <= 1) { ?>
                                    <span class="btn btn-light" style="padding: 2px;" href="#" data-toggle="tooltip" data-placement="right" data-offset="30.0" title="can't delete the last platform">delete</span>
 <?php           } else { ?>
                                    <a class="btn btn-danger" style="padding: 2px;" href="<?= $app_root ?>?platform=<?= htmlspecialchars($config_item) ?>&page=config&action=delete">delete</a>
 <?php           } ?>
                                </div>
 <?php       }
            if (is_array($config_value)) {
                // here we render recursively nested arrays
                $indent = $indent + 50;
-                if ($parent === 'platforms') {
+                renderConfig($config_value, $indent);
-                    $indent = 100;
+                $indent = 0;
-                }
+            } else {
-                if ($config_item === 'platforms') {
+                // if it's not array, just display it
-                    renderConfig($config_value, $indent, $platform, 'platforms');
+                if ($config_item === 'registration_enabled') { ?>
-                } else {
+                                <div class="border col-md-8 text-start">
-                    renderConfig($config_value, $indent, $platform);
+                                    <?= ($config_value === 1 || $config_value === true) ? 'true' : 'false' ?>
-                }
+                                </div>
 <?php           } else { ?>
                                <div class="border col-md-8 text-start">
                                    <?= htmlspecialchars($config_value ?? '')?>
                                </div>
 <?php           } ?>
 <?php       } ?>
                            </div>
 <?php } ?>
                        </div>
 <?php
 }
 // render config variables array
 function editConfig($configPart, $indent) {
 ?>
                        <div style="padding-left: <?= $indent ?>px; padding-bottom: 20px;">
 <?php foreach ($configPart as $config_item => $config_value) { ?>
                            <div class="row mb-1" style="padding-left: <?= $indent ?>px;">
                                <div class="col-md-4 text-end">
                                    <label for="<?= htmlspecialchars($config_item) ?>" class="form-label"><?= htmlspecialchars($config_item) ?></label>
                                </div>
 <?php
            if (is_array($config_value)) {
                // here we render recursively nested arrays
                $indent = $indent + 50;
                editConfig($config_value, $indent);
                $indent = 0;
            } else {
                // if it's not array, just display it
 ?>
-                                <div class="border col-md-8 text-start">
+                                <div class="col-md-8 text-start">
-                                    <?= htmlspecialchars($config_value ?? '')?>
+<?php if ($config_item === 'registration_enabled') { ?>
-<?= $platform ?>
+                                    <input type="hidden" name="<?= htmlspecialchars($config_item) ?>" value="false" />
                                    <input class="form-check-input" type="checkbox" role="switch" name="<?= htmlspecialchars($config_item) ?>" value="true" <?= ($config_value === 1 || $config_value === true) ? 'checked' : '' ?> />
 <?php } elseif ($config_item === 'environment') { ?>
                                    <select class="form-control" type="text" name="<?= htmlspecialchars($config_item) ?>">
                                        <option value="development"<?= ($config_value === 'development') ? ' selected' : '' ?>>development</option>
                                        <option value="production"<?= ($config_value === 'production') ? ' selected' : '' ?>>production</option>
                                    </select>
 <?php } elseif ($config_item === 'version') {?>
                                    <input class="form-control" type="text" name="<?= htmlspecialchars($config_item) ?>" value="<?= htmlspecialchars($config_value ?? '') ?>" disabled />
 <?php } elseif ($config_item === 'db_type') {?>
                                    <input class="form-control" type="text" name="<?= htmlspecialchars($config_item) ?>" value="<?= htmlspecialchars($config_value ?? '') ?>" disabled />
 <?php } else { ?>
                                    <input class="form-control" type="text" name="<?= htmlspecialchars($config_item) ?>" value="<?= htmlspecialchars($config_value ?? '') ?>" />
 <?php } ?>
                                </div>
-<?php
+<?php       } ?>
            }
 ?>
                            </div>
 <?php } ?>
                        </div>
 <?php
        }
    echo '</div>';
 }
 ?>
--- a/app/helpers/security.php
+++ b/app/helpers/security.php
@ -0,0 +1,119 @@
 <?php
 /**
 * Security Helper
 *
 * Security helper, to be used with all the forms in the app.
 * Implements singleton pattern for consistent state management.
 */
 class SecurityHelper {
    private static $instance = null;
    private $session;
    private function __construct() {
        // Don't start a new session, just reference the existing one
        $this->session = &$_SESSION;
    }
    public static function getInstance() {
        if (self::$instance === null) {
            self::$instance = new SecurityHelper();
        }
        return self::$instance;
    }
    // Generate CSRF token
    public function generateCsrfToken() {
        if (empty($this->session['csrf_token'])) {
            $this->session['csrf_token'] = bin2hex(random_bytes(32));
        }
        return $this->session['csrf_token'];
    }
    // Verify CSRF token
    public function verifyCsrfToken($token) {
        if (empty($this->session['csrf_token']) || empty($token)) {
            return false;
        }
        return hash_equals($this->session['csrf_token'], $token);
    }
    // Sanitize string input
    public function sanitizeString($input) {
        if (is_string($input)) {
            return htmlspecialchars(strip_tags(trim($input)), ENT_QUOTES, 'UTF-8');
        }
        return '';
    }
    // Validate email
    public function validateEmail($email) {
        return filter_var($email, FILTER_VALIDATE_EMAIL) !== false;
    }
    // Validate integer
    public function validateInt($input) {
        return filter_var($input, FILTER_VALIDATE_INT) !== false;
    }
    // Validate URL
    public function validateUrl($url) {
        return filter_var($url, FILTER_VALIDATE_URL) !== false;
    }
    // Sanitize array of inputs
    public function sanitizeArray($array, $allowedKeys = []) {
        $sanitized = [];
        foreach ($array as $key => $value) {
            if (empty($allowedKeys) || in_array($key, $allowedKeys)) {
                if (is_array($value)) {
                    $sanitized[$key] = $this->sanitizeArray($value);
                } else {
                    $sanitized[$key] = $this->sanitizeString($value);
                }
            }
        }
        return $sanitized;
    }
    // Validate form data based on rules
    public function validateFormData($data, $rules) {
        $errors = [];
        foreach ($rules as $field => $rule) {
            if (!isset($data[$field]) && $rule['required']) {
                $errors[$field] = "Field is required";
                continue;
            }
            if (isset($data[$field])) {
                $value = $data[$field];
                switch ($rule['type']) {
                    case 'email':
                        if (!$this->validateEmail($value)) {
                            $errors[$field] = "Invalid email format";
                        }
                        break;
                    case 'integer':
                        if (!$this->validateInt($value)) {
                            $errors[$field] = "Must be a valid integer";
                        }
                        break;
                    case 'url':
                        if (!$this->validateUrl($value)) {
                            $errors[$field] = "Invalid URL format";
                        }
                        break;
                    case 'string':
                        if (isset($rule['min']) && strlen($value) < $rule['min']) {
                            $errors[$field] = "Minimum length is {$rule['min']} characters";
                        }
                        if (isset($rule['max']) && strlen($value) > $rule['max']) {
                            $errors[$field] = "Maximum length is {$rule['max']} characters";
                        }
                        break;
                }
            }
        }
        return $errors;
    }
 }
--- a/app/helpers/theme-asset.php
+++ b/app/helpers/theme-asset.php
@ -0,0 +1,109 @@
 <?php
 /**
 * Theme Asset handler
 *
 * Serves theme assets (images, CSS, JS, etc.) securely by checking if the requested
 * theme and asset path are valid and accessible.
 *
 * This is a standalone handler that doesn't require the full application initialization.
 */
 // Set error reporting
 error_reporting(E_ALL);
 ini_set('display_errors', '1');
 // Define base path if not defined
 if (!defined('APP_ROOT')) {
    define('APP_ROOT', dirname(__DIR__));
 }
 // Basic security checks
 if (!isset($_GET['theme']) || !preg_match('/^[a-zA-Z0-9_-]+$/', $_GET['theme'])) {
    http_response_code(400);
    exit('Invalid theme specified');
 }
 if (!isset($_GET['path']) || empty($_GET['path'])) {
    http_response_code(400);
    exit('No asset path specified');
 }
 $themeId = $_GET['theme'];
 $assetPath = $_GET['path'];
 // Validate asset path (only alphanumeric, hyphen, underscore, dot, and forward slash)
 if (!preg_match('/^[a-zA-Z0-9_\-\.\/]+$/', $assetPath)) {
    http_response_code(400);
    exit('Invalid asset path');
 }
 // Prevent directory traversal
 if (strpos($assetPath, '..') !== false) {
    http_response_code(400);
    exit('Invalid asset path');
 }
 // Build full path to the asset
 $themesDir = dirname(dirname(__DIR__)) . '/themes';
 $fullPath = realpath("$themesDir/$themeId/$assetPath");
 // Additional security check to ensure the path is within the themes directory
 if ($fullPath === false) {
    http_response_code(404);
    header('Content-Type: text/plain');
    error_log("Asset not found: $themesDir/$themeId/$assetPath");
    exit("Asset not found: $themesDir/$themeId/$assetPath");
 }
 if (strpos($fullPath, realpath($themesDir)) !== 0) {
    http_response_code(400);
    header('Content-Type: text/plain');
    error_log("Security violation: Attempted to access path outside themes directory: $fullPath");
    exit('Invalid asset path');
 }
 // Check if the file exists and is readable
 if (!file_exists($fullPath) || !is_readable($fullPath)) {
    http_response_code(404);
    header('Content-Type: text/plain');
    error_log("File not found or not readable: $fullPath");
    exit("File not found or not readable: " . basename($fullPath));
 }
 // Clear any previous output
 if (ob_get_level()) {
    ob_clean();
 }
 // Determine content type based on file extension
 $extension = strtolower(pathinfo($assetPath, PATHINFO_EXTENSION));
 $contentTypes = [
    'css'  => 'text/css',
    'js'   => 'application/javascript',
    'json' => 'application/json',
    'png'  => 'image/png',
    'jpg'  => 'image/jpeg',
    'jpeg' => 'image/jpeg',
    'gif'  => 'image/gif',
    'svg'  => 'image/svg+xml',
    'webp' => 'image/webp',
    'woff' => 'font/woff',
    'woff2' => 'font/woff2',
    'ttf'  => 'font/ttf',
    'eot'  => 'application/vnd.ms-fontobject',
 ];
 $contentType = $contentTypes[$extension] ?? 'application/octet-stream';
 // Set proper headers
 header('Content-Type: ' . $contentType);
 header('Content-Length: ' . filesize($fullPath));
 // Cache for 24 hours (86400 seconds)
 $expires = 86400;
 header('Cache-Control: public, max-age=' . $expires);
 header('Expires: ' . gmdate('D, d M Y H:i:s', time() + $expires) . ' GMT');
 header('Pragma: cache');
 // Output the file
 readfile($fullPath);
--- a/app/helpers/theme.php
+++ b/app/helpers/theme.php
@ -0,0 +1,307 @@
 <?php
 /**
 * Theme Helper
 *
 * Handles theme management and template/asset loading for the application.
 * Supports multiple themes with fallback to default theme when needed.
 * The default theme uses app/templates and public_html/static as fallbacks/
 */
 namespace App\Helpers;
 use Exception;
 // Include Session class
 require_once __DIR__ . '/../classes/session.php';
 use Session;
 class Theme
 {
    /**
     * @var array Theme configuration
     */
    private static $config;
    /**
     * Get the theme configuration
     *
     * @return array
     */
    public static function getConfig()
    {
        // Always reload the config to get the latest changes
        self::$config = require __DIR__ . '/../config/theme.php';
        return self::$config;
    }
    /**
     * @var string Current theme name
     */
    private static $currentTheme;
    /**
     * Initialize the theme system
     */
    public static function init()
    {
        // Only load config if not already loaded
        if (self::$config === null) {
            self::$config = require __DIR__ . '/../config/theme.php';
        }
        self::$currentTheme = self::getCurrentThemeName();
    }
    /**
     * Get the current theme name
     *
     * @return string
     */
    public static function getCurrentThemeName()
    {
        // Ensure session is started
        if (session_status() === PHP_SESSION_NONE) {
            Session::startSession();
        }
        // Check if already determined
        if (self::$currentTheme !== null) {
            return self::$currentTheme;
        }
        // Try to get from session first
        $sessionTheme = isset($_SESSION['theme']) ? $_SESSION['theme'] : null;
        if ($sessionTheme && isset(self::$config['available_themes'][$sessionTheme])) {
            self::$currentTheme = $sessionTheme;
        } else {
            // Fall back to default theme
            self::$currentTheme = self::$config['active_theme'];
        }
        return self::$currentTheme;
    }
    /**
     * Get the URL for a theme asset
     *
     * @param string $themeId Theme ID
     * @param string $assetPath Path to the asset relative to theme directory (e.g., 'css/style.css')
     * @return string|null URL to the asset or null if not found
     */
    public static function getAssetUrl($themeId, $assetPath = '')
    {
        // Clean and validate the asset path
        $assetPath = ltrim($assetPath, '/');
        if (empty($assetPath)) {
            return null;
        }
        // Only allow alphanumeric, hyphen, underscore, dot, and forward slash
        if (!preg_match('/^[a-zA-Z0-9_\-\.\/]+$/', $assetPath)) {
            return null;
        }
        // Prevent directory traversal
        if (strpos($assetPath, '..') !== false) {
            return null;
        }
        $fullPath = __DIR__ . "/../../themes/$themeId/$assetPath";
        if (!file_exists($fullPath) || !is_readable($fullPath)) {
            return null;
        }
        // Generate URL that goes through index.php
        global $app_root;
        // Remove any trailing slash from app_root to avoid double slashes
        $baseUrl = rtrim($app_root, '/');
        return "$baseUrl/?page=theme-asset&theme=" . urlencode($themeId) . "&path=" . urlencode($assetPath);
    }
    /**
     * Set the current theme for the session
     *
     * @param string $themeName
     * @return bool
     */
    public static function setCurrentTheme(string $themeName): bool
    {
        if (!self::themeExists($themeName)) {
            return false;
        }
        // Update session
        if (Session::isValidSession()) {
            $_SESSION['theme'] = $themeName;
        } else {
            return false;
        }
        // Clear the current theme cache
        self::$currentTheme = null;
        // Update config file
        $configFile = __DIR__ . '/../config/theme.php';
        if (file_exists($configFile) && is_writable($configFile)) {
            $config = file_get_contents($configFile);
            // Update the active_theme in the config
            $newConfig = preg_replace(
                "/'active_theme'\s*=>\s*'[^']*'/",
                "'active_theme' => '" . addslashes($themeName) . "'",
                $config
            );
            if ($newConfig !== $config) {
                if (file_put_contents($configFile, $newConfig) === false) {
                    return false;
                }
            }
            self::$currentTheme = $themeName;
            return true;
        }
        return false;
    }
    /**
     * Check if a theme exists
     *
     * @param string $themeName
     * @return bool
     */
    public static function themeExists(string $themeName): bool
    {
        // Default theme always exists as it uses core templates
        if ($themeName === 'default') {
            return true;
        }
        $themePath = self::getThemePath($themeName);
        return is_dir($themePath) && file_exists("$themePath/config.php");
    }
    /**
     * Get the path to a theme
     *
     * @param string|null $themeName
     * @return string
     */
    public static function getThemePath(?string $themeName = null): string
    {
        $themeName = $themeName ?? self::getCurrentThemeName();
        $config = self::getConfig();
        return rtrim($config['paths']['themes'], '/') . "/$themeName";
    }
    /**
     * Get the URL for a theme asset
     *
     * @param string $path
     * @param bool $includeVersion
     * @return string
     */
    public static function asset($path, $includeVersion = false)
    {
        $themeName = self::getCurrentThemeName();
        $config = self::getConfig();
        $baseUrl = rtrim($GLOBALS['app_root'] ?? '', '/');
        // For non-default themes, use theme assets
        if ($themeName !== 'default') {
            $assetPath = "/themes/{$themeName}/assets/" . ltrim($path, '/');
            // Add version query string for cache busting
            if ($includeVersion) {
                $version = self::getThemeVersion($themeName);
                $assetPath .= (strpos($assetPath, '?') !== false ? '&' : '?') . 'v=' . $version;
            }
        } else {
            // For default theme, use public_html directly
            $assetPath = '/' . ltrim($path, '/');
        }
        return $baseUrl . $assetPath;
    }
    /**
     * Include a theme template file
     *
     * @param string $template Template name without .php extension
     * @return void
     */
    public static function include($template)
    {
        global $config;
        $config = $config ?? [];
        $themeConfig = self::getConfig();
        $themeName = self::getCurrentThemeName();
        // We need this here, otherwise because this helper
        // between index and the views breaks the session vars
        extract($GLOBALS, EXTR_SKIP | EXTR_REFS);
        // Ensure config is always available in templates
        $config = array_merge($config, $themeConfig);
        // For non-default themes, look in the theme directory first
        if ($themeName !== 'default') {
            $themePath = $config['paths']['themes'] . '/' . $themeName . '/views/' . $template . '.php';
            if (file_exists($themePath)) {
                include $themePath;
                return;
            }
        }
        // Fallback to default template location
        $defaultPath = $config['paths']['templates'] . '/' . $template . '.php';
        if (file_exists($defaultPath)) {
            include $defaultPath;
            return;
        }
        // Log error if template not found
        error_log("Template not found: {$template} in theme: {$themeName}");
    }
    /**
     * Get all available themes
     *
     * @return array
     */
    public static function getAvailableThemes(): array
    {
        $config = self::getConfig();
        $availableThemes = $config['available_themes'] ?? [];
        $themes = [];
        // Add default theme if not already present
        if (!isset($availableThemes['default'])) {
            $availableThemes['default'] = 'Default built-in theme';
        }
        // Verify each theme exists and has a config file
        $themesDir = $config['paths']['themes'] ?? (__DIR__ . '/../../themes');
        foreach ($availableThemes as $id => $name) {
            if ($id === 'default' || (is_dir("$themesDir/$id") && file_exists("$themesDir/$id/config.php"))) {
                $themes[$id] = $name;
            }
        }
        return $themes;
    }
 }
 // Initialize the theme system
 Theme::init();
--- a/app/helpers/time_range.php
+++ b/app/helpers/time_range.php
@ -1,17 +1,13 @@
 <?php
 $time_range_specified = false;
-if (!isset($_REQUEST['from_time']) || (isset($_REQUEST['from_time']) && $_REQUEST['from_time'] == '')) {
+if (!isset($from_time) || (isset($from_time) && $from_time == '')) {
    $from_time = '0000-01-01';
 } else {
    $from_time = $_REQUEST['from_time'];
    $time_range_specified = true;
 }
-if (!isset($_REQUEST['until_time']) || (isset($_REQUEST['until_time']) && $_REQUEST['until_time'] == '')) {
+if (!isset($until_time) || (isset($until_time) && $until_time == '')) {
    $until_time = '9999-12-31';
 } else {
    $until_time = $_REQUEST['until_time'];
    $time_range_specified = true;
 }
 ?>
--- a/app/includes/constants.php
+++ b/app/includes/constants.php
@ -0,0 +1,5 @@
 <?php
 // Pages that should not be used as redirect targets
 const INVALID_REDIRECT_PAGES = [
    '', 'login', 'logout', 'register', 'dashboard', '/'
 ];
--- a/app/includes/csrf_middleware.php
+++ b/app/includes/csrf_middleware.php
@ -0,0 +1,52 @@
 <?php
 require_once __DIR__ . '/../helpers/security.php';
 function applyCsrfMiddleware() {
    global $logObject, $user_IP;
    $security = SecurityHelper::getInstance();
    // Skip CSRF check for GET requests
    if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        return true;
    }
    // Skip CSRF check for initial login, registration, and 2FA verification attempts
    if ($_SERVER['REQUEST_METHOD'] === 'POST' &&
        isset($_GET['page']) && isset($_GET['action']) &&
        $_GET['page'] === 'login' && $_GET['action'] === 'verify' &&
        isset($_SESSION['2fa_pending_user_id'])) {
        return true;
    }
    // Skip CSRF check for initial login and registration attempts
    if ($_SERVER['REQUEST_METHOD'] === 'POST' &&
        isset($_GET['page']) &&
        in_array($_GET['page'], ['login', 'register']) &&
        !isset($_SESSION['username'])) {
        return true;
    }
    // Check CSRF token for all other POST requests
    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        // Check for token in POST data or headers
        $token = $_POST['csrf_token'] ?? $_SERVER['HTTP_X_CSRF_TOKEN'] ?? '';
        if (!$security->verifyCsrfToken($token)) {
            // Log CSRF attempt
            $ipAddress = $user_IP;
            $logMessage = sprintf(
                "CSRF attempt detected - IP: %s, Page: %s, User: %s",
                $ipAddress,
                $_GET['page'] ?? 'unknown',
                $_SESSION['username'] ?? 'anonymous'
            );
            $logObject->log('error', $logMessage, ['user_id' => null, 'scope' => 'system']);
            // Return error message
            http_response_code(403);
            die('Invalid CSRF token. Please try again.');
        }
    }
    return true;
 }
--- a/app/includes/csrf_token.php
+++ b/app/includes/csrf_token.php
@ -0,0 +1,4 @@
 <?php
 $token = SecurityHelper::getInstance()->generateCsrfToken();
 ?>
 <input type="hidden" name="csrf_token" value="<?= htmlspecialchars($token) ?>" />
--- a/app/includes/database.php
+++ b/app/includes/database.php
@ -0,0 +1,63 @@
 <?php
 // connect to database
 function connectDB($config) {
    // sqlite database file
    if ($config['db_type'] === 'sqlite') {
        try {
            $dbFile = $config['sqlite']['sqlite_file'] ?? null;
            if (!$dbFile || !file_exists($dbFile)) {
                throw new Exception(getError("Database file \"{$dbFile}\"not found."));
            }
            $db = new Database([
                'type'		=> $config['db_type'],
                'dbFile'	=> $dbFile,
            ]);
            $pdo = $db->getConnection();
        } catch (Exception $e) {
            Feedback::flash('ERROR', 'DEFAULT', getError('Error connecting to DB.', $e->getMessage()));
            return false;
        }
        return $db;
    // mysql/mariadb database
    } elseif ($config['db_type'] === 'mysql' || $config['db_type'] === 'mariadb') {
        $db = new Database([
            'type'		=> $config['db_type'],
            'host'		=> $config['sql']['sql_host'] ?? 'localhost',
            'port'		=> $config['sql']['sql_port'] ?? '3306',
            'dbname'		=> $config['sql']['sql_database'],
            'user'		=> $config['sql']['sql_username'],
            'password'		=> $config['sql']['sql_password'],
        ]);
        try {
            $pdo = $db->getConnection();
        } catch (Exception $e) {
            Feedback::flash('ERROR', 'DEFAULT', getError('Error connecting to DB.', $e->getMessage()));
            return false;
        }
        return $db;
    // unknown database
    } else {
        Feedback::flash('ERROR', 'DEFAULT', getError("Error: unknown database type \"{$config['db_type']}\""));
        return false;
    }
 }
 // connect to Jilo database
 function connectJiloDB($config, $dbFile = '', $platformId = '') {
    try {
        if (!$dbFile || !file_exists($dbFile)) {
            throw new Exception(getError("Invalid platform ID \"{$platformId}\", database file \"{$dbFile}\" not found."));
        }
        $db = new Database([
            'type'		=> 'sqlite',
            'dbFile'	=> $dbFile,
        ]);
        return ['db' => $db, 'error' => null];
    } catch (Exception $e) {
        return ['db' => null, 'error' => getError('Error connecting to DB.', $e->getMessage())];
    }
 }
--- a/app/includes/errors.php
+++ b/app/includes/errors.php
@ -0,0 +1,40 @@
 <?php
 /**
 * Generate an error or notice message based on the environment.
 *
 * In a production environment, hides detailed error messages and returns
 * a generic message. In other environments, returns the provided message.
 *
 * @param string $message            A user-friendly message to display.
 * @param string $error              The detailed error message for debugging (optional).
 * @param string|null $environment   The environment type ('production', 'development', etc.). If null, defaults to the configured environment.
 *
 * @return string                    The appropriate message based on the environment.
 */
 function getError($message, $error = '', $environment = null) {
    global $config;
    $environment = $config['environment'] ?? 'production';
    if ($environment === 'production') {
        return 'There was an unexpected error. Please try again.';
    } else {
        return $error ?: $message;
    }
 }
 /**
 * Render a message if it exists, and optionally unset it after display.
 *
 * @param string $message   The message to display.
 * @param string $type      The type of message (e.g., 'error', 'notice').
 * @param bool   $unset     Whether to unset the message after display.
 */
 function renderMessage(&$message, $type, $unset = false) {
    if (isset($message)) {
        echo "\t\t<div class=\"{$type}\">" . $message . "</div>\n";
        if ($unset) {
            $message = null;
        }
    }
 }
--- a/app/includes/rate_limit_middleware.php
+++ b/app/includes/rate_limit_middleware.php
@ -0,0 +1,58 @@
 <?php
 require_once __DIR__ . '/../classes/ratelimiter.php';
 /**
 * Rate limit middleware for page requests
 * 
 * @param Database $database Database connection
 * @param string $endpoint The endpoint being accessed
 * @param int|null $userId Current user ID if authenticated
 * @param RateLimiter|null $existingRateLimiter Optional existing RateLimiter instance
 * @return bool True if request is allowed, false if rate limited
 */
 function checkRateLimit($database, $endpoint, $userId = null, $existingRateLimiter = null) {
    global $app_root, $user_IP;
    $isTest = defined('PHPUNIT_RUNNING');
    $rateLimiter = $existingRateLimiter ?? new RateLimiter($database);
    $ipAddress = $user_IP;
    // Check if request is allowed
    if (!$rateLimiter->isPageRequestAllowed($ipAddress, $endpoint, $userId)) {
        // Get remaining requests for error message
        $remaining = $rateLimiter->getRemainingPageRequests($ipAddress, $endpoint, $userId);
        if (!$isTest) {
            // Set rate limit headers
            header('X-RateLimit-Remaining: ' . $remaining);
            header('X-RateLimit-Reset: ' . (time() + 60)); // Reset in 1 minute
            // Return 429 Too Many Requests
            http_response_code(429);
            // If AJAX request, return JSON
            if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && 
                strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
                header('Content-Type: application/json');
                echo json_encode([
                    'success' => false,
                    'message' => 'Too many requests. Please try again in a minute.',
                    'messageData' => Feedback::getMessageData('ERROR', 'DEFAULT', 'Too many requests. Please try again in a minute.', true)
                ]);
            } else {
                // For regular requests, set flash message and redirect
                Feedback::flash('ERROR', 'DEFAULT', 'Too many requests. Please try again in a minute.', true);
                header('Location: ' . htmlspecialchars($app_root));
            }
            exit;
        }
        // In test mode, just set the flash message
        Feedback::flash('ERROR', 'DEFAULT', 'Too many requests. Please try again in a minute.', true);
        return false;
    }
    // Record this request
    $rateLimiter->recordPageRequest($ipAddress, $endpoint);
    return true;
 }
--- a/app/includes/sanitize.php
+++ b/app/includes/sanitize.php
@ -0,0 +1,61 @@
 <?php
 // sanitize all input vars that may end up in URLs or forms
 $platform_id = htmlspecialchars($_REQUEST['platform'] ?? '');
 if (isset($_REQUEST['page'])) {
    $page = htmlspecialchars($_REQUEST['page']);
 } else {
    $page = 'dashboard';
 }
 if (isset($_REQUEST['item'])) {
    $item = htmlspecialchars($_REQUEST['item']);
 } else {
    $item = '';
 }
 if (isset($_REQUEST['from_time'])) {
    $from_time = htmlspecialchars($_REQUEST['from_time']);
 }
 if (isset($_REQUEST['until_time'])) {
    $until_time = htmlspecialchars($_REQUEST['until_time']);
 }
 // sanitize session vars
 if (isset($_SESSION)) {
    foreach ($_SESSION as $key => $value) {
        if (is_string($value)) {
            $_SESSION[$key] = htmlspecialchars($value);
        }
    }
 }
 // hosts
 if (isset($_POST['address'])) {
    $address = htmlspecialchars($_POST['address']);
 }
 if (isset($_POST['port'])) {
    $port = htmlspecialchars($_POST['port']);
 }
 if (isset($_POST['name'])) {
    $name = htmlspecialchars($_POST['name']);
 }
 // agents
 if (isset($_POST['type'])) {
    $type = htmlspecialchars($_POST['type']);
 }
 if (isset($_POST['url'])) {
    $url = htmlspecialchars($_POST['url']);
 }
 if (isset($_POST['secret_key'])) {
    $secret_key = htmlspecialchars($_POST['secret_key']);
 }
 if (isset($_POST['check_period'])) {
    $check_period = htmlspecialchars($_POST['check_period']);
 }
 // platforms
 if (isset($_POST['name'])) {
    $name = htmlspecialchars($_POST['name']);
 }
--- a/app/includes/security_headers_middleware.php
+++ b/app/includes/security_headers_middleware.php
@ -0,0 +1,117 @@
 <?php
 /**
 * Security Headers Middleware
 *
 * Sets various security headers to protect against common web vulnerabilities:
 * - HSTS: Force HTTPS connections
 * - CSP: Content Security Policy to prevent XSS and other injection attacks
 * - X-Frame-Options: Prevent clickjacking
 * - X-Content-Type-Options: Prevent MIME-type sniffing
 * - Referrer-Policy: Control referrer information
 * - Permissions-Policy: Control browser features
 */
 function applySecurityHeaders($testMode = false) {
    $headers = [];
    // Get current page
    $current_page = $_GET['page'] ?? 'dashboard';
    // Define pages that need media access
    $media_enabled_pages = [
        // 'conference' => ['camera', 'microphone'],
        // 'call' => ['microphone'],
        // Add more pages and their required permissions as needed
    ];
    // Strict Transport Security (HSTS)
    // Only enable if HTTPS is properly configured
    if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') {
        $headers[] = 'Strict-Transport-Security: max-age=31536000; includeSubDomains; preload';
    }
    // Content Security Policy (CSP)
    $csp = [
        "default-src 'self'",
        "script-src 'self' 'unsafe-inline' 'unsafe-eval'", // Required for Bootstrap and jQuery
        "style-src 'self' 'unsafe-inline' https://use.fontawesome.com", // Allow FontAwesome CSS
        "img-src 'self' data:", // Allow data: URLs for images
        "font-src 'self' https://use.fontawesome.com", // Allow FontAwesome fonts
        "connect-src 'self'",
        "frame-ancestors 'none'", // Equivalent to X-Frame-Options: DENY
        "form-action 'self'",
        "base-uri 'self'",
        "upgrade-insecure-requests" // Force HTTPS for all requests
    ];
    $headers[] = "Content-Security-Policy: " . implode('; ', $csp);
    // X-Frame-Options (legacy support)
    $headers[] = 'X-Frame-Options: DENY';
    // X-Content-Type-Options
    $headers[] = 'X-Content-Type-Options: nosniff';
    // X-XSS-Protection
    $headers[] = 'X-XSS-Protection: 1; mode=block';
    // Referrer-Policy
    $headers[] = 'Referrer-Policy: strict-origin-when-cross-origin';
    // Permissions-Policy
    $permissions = [
        'geolocation=()',
        'payment=()',
        'usb=()',
        'accelerometer=()',
        'autoplay=()',
        'document-domain=()',
        'encrypted-media=()',
        'fullscreen=(self)',
        'magnetometer=()',
        'midi=()',
        'sync-xhr=(self)',
        'usb=()'
    ];
    // Add camera/microphone permissions based on current page
    $camera_allowed = false;
    $microphone_allowed = false;
    if (isset($media_enabled_pages[$current_page])) {
        $allowed_media = $media_enabled_pages[$current_page];
        if (in_array('camera', $allowed_media)) {
            $camera_allowed = true;
        }
        if (in_array('microphone', $allowed_media)) {
            $microphone_allowed = true;
        }
    }
    // Add media permissions
    $permissions[] = $camera_allowed ? 'camera=(self)' : 'camera=()';
    $permissions[] = $microphone_allowed ? 'microphone=(self)' : 'microphone=()';
    $headers[] = 'Permissions-Policy: ' . implode(', ', $permissions);
    // Clear PHP version
    if (!$testMode) {
        header_remove('X-Powered-By');
    }
    // Prevent caching of sensitive pages
    if (in_array($current_page, ['login', 'register', 'profile', 'security'])) {
        $headers[] = 'Cache-Control: no-store, no-cache, must-revalidate, max-age=0';
        $headers[] = 'Pragma: no-cache';
        $headers[] = 'Expires: ' . gmdate('D, d M Y H:i:s', time() - 3600) . ' GMT';
    }
    if ($testMode) {
        return $headers;
    }
    // Apply headers in production
    foreach ($headers as $header) {
        header($header);
    }
 }
--- a/app/includes/strings.php
+++ b/app/includes/strings.php
@ -0,0 +1,48 @@
 <?php
 // Message strings for translation
 return [
    'ERROR' => [
        'CSRF_INVALID' => 'Invalid security token. Please try again.',
        'INVALID_ACTION' => 'Invalid action requested.',
        'DEFAULT' => 'An error occurred. Please try again.',
    ],
    'LOGIN' => [
        'LOGIN_SUCCESS' => 'Login successful.',
        'LOGIN_FAILED' => 'Login failed. Please check your credentials.',
        'LOGOUT_SUCCESS' => 'Logout successful. You can log in again.',
        'SESSION_TIMEOUT' => 'Your session has expired. Please log in again.',
        'IP_BLACKLISTED' => 'Access denied. Your IP address is blacklisted.',
        'IP_NOT_WHITELISTED' => 'Access denied. Your IP address is not whitelisted.',
        'TOO_MANY_ATTEMPTS' => 'Too many login attempts. Please try again later.',
    ],
    'REGISTER' => [
        'SUCCESS' => 'Registration successful. You can log in now.',
        'FAILED' => 'Registration failed: %s',
        'DISABLED' => 'Registration is disabled.',
    ],
    'SECURITY' => [
        'WHITELIST_ADD_SUCCESS' => 'IP address successfully added to whitelist.',
        'WHITELIST_ADD_FAILED' => 'Failed to add IP to whitelist.',
        'WHITELIST_ADD_ERROR_IP' => 'Failed to add IP to whitelist. Please check the IP format.',
        'WHITELIST_REMOVE_SUCCESS' => 'IP address successfully removed from whitelist.',
        'WHITELIST_REMOVE_FAILED' => 'Failed to remove IP from whitelist.',
        'BLACKLIST_ADD_SUCCESS' => 'IP address successfully added to blacklist.',
        'BLACKLIST_ADD_FAILED' => 'Failed to add IP to blacklist.',
        'BLACKLIST_ADD_ERROR_IP' => 'Failed to add IP to blacklist. Please check the IP format.',
        'BLACKLIST_REMOVE_SUCCESS' => 'IP address successfully removed from blacklist.',
        'BLACKLIST_REMOVE_FAILED' => 'Failed to remove IP from blacklist.',
        'RATE_LIMIT_INFO' => 'Rate limiting is active. This helps protect against brute force attacks.',
        'PERMISSION_DENIED' => 'Permission denied. You do not have the required rights.',
        'IP_REQUIRED' => 'IP address is required.',
    ],
    'THEME' => [
        'THEME_CHANGE_SUCCESS' => 'Theme has been changed successfully.',
        'THEME_CHANGE_FAILED' => 'Failed to change theme. The selected theme may not be available.',
    ],
    'SYSTEM' => [
        'DB_ERROR' => 'Error connecting to the database: %s',
        'DB_CONNECT_ERROR' => 'Error connecting to DB: %s',
        'DB_UNKNOWN_TYPE' => 'Error: unknown database type "%s"',
    ],
 ];
--- a/app/pages/agents.php
+++ b/app/pages/agents.php
@ -0,0 +1,174 @@
 <?php
 /**
 * Agent cache management
 *
 * This page ("agents") handles caching for agents. It allows storing, clearing, and retrieving
 * agent-related data in the session using AJAX requests. The cache is stored with a timestamp
 * to allow time-based invalidation if needed.
 */
 // Constants for session keys and cache settings
 define('SESSION_CACHE_SUFFIX', '_cache');
 define('SESSION_CACHE_TIME_SUFFIX', '_cache_time');
 define('CACHE_EXPIRY_TIME', 3600); // 1 hour in seconds
 // Input validation
 $action = isset($_GET['action']) ? htmlspecialchars(trim($_GET['action']), ENT_QUOTES, 'UTF-8') : '';
 $agentId = filter_input(INPUT_GET, 'agent', FILTER_VALIDATE_INT);
 require '../app/classes/agent.php';
 require '../app/classes/host.php';
 $agentObject = new Agent($db);
 $hostObject = new Host($db);
 /**
 * Get the cache key for an agent
 * @param int $agentId The agent ID
 * @param string $suffix The suffix to append (_cache or _cache_time)
 * @return string The cache key
 */
 function getAgentCacheKey($agentId, $suffix) {
    return "agent{$agentId}{$suffix}";
 }
 /**
 * Check if cache is expired
 * @param int $agentId The agent ID
 * @return bool True if cache is expired or doesn't exist
 */
 function isCacheExpired($agentId) {
    $timeKey = getAgentCacheKey($agentId, SESSION_CACHE_TIME_SUFFIX);
    if (!isset($_SESSION[$timeKey])) {
        return true;
    }
    return (time() - $_SESSION[$timeKey]) > CACHE_EXPIRY_TIME;
 }
 // Handle POST request (saving to cache)
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // Apply rate limiting for adding new contacts
    require '../app/includes/rate_limit_middleware.php';
    checkRateLimit($db, 'contact', $userId);
    // Validate agent ID for POST operations
    if ($agentId === false || $agentId === null) {
        Feedback::flash('ERROR', 'DEFAULT', 'Invalid agent ID format');
        echo json_encode(['status' => 'error', 'message' => 'Invalid agent ID format']);
        exit;
    }
    // Read and validate JSON data
    $jsonData = file_get_contents("php://input");
    if ($jsonData === false) {
        Feedback::flash('ERROR', 'DEFAULT', 'Failed to read input data');
        echo json_encode(['status' => 'error', 'message' => 'Failed to read input data']);
        exit;
    }
    $data = json_decode($jsonData, true);
    // Handle cache clearing
    if ($data === null && !empty($agentId)) {
        $cacheKey = getAgentCacheKey($agentId, SESSION_CACHE_SUFFIX);
        $timeKey = getAgentCacheKey($agentId, SESSION_CACHE_TIME_SUFFIX);
        unset($_SESSION[$cacheKey]);
        unset($_SESSION[$timeKey]);
        Feedback::flash('SUCCESS', 'DEFAULT', "Cache for agent {$agentId} is cleared.");
        echo json_encode([
            'status' => 'success',
            'message' => "Cache for agent {$agentId} is cleared."
        ]);
    }
    // Handle cache storing
    elseif ($data) {
        $cacheKey = getAgentCacheKey($agentId, SESSION_CACHE_SUFFIX);
        $timeKey = getAgentCacheKey($agentId, SESSION_CACHE_TIME_SUFFIX);
        $_SESSION[$cacheKey] = $data;
        $_SESSION[$timeKey] = time();
        Feedback::flash('SUCCESS', 'DEFAULT', "Cache for agent {$agentId} is stored.");
        echo json_encode([
            'status' => 'success',
            'message' => "Cache for agent {$agentId} is stored."
        ]);
    }
    else {
        Feedback::flash('ERROR', 'DEFAULT', 'Invalid data format');
        echo json_encode(['status' => 'error', 'message' => 'Invalid data format']);
    }
 // Handle AJAX requests
 } elseif (isset($_GET['action'])) {
    $action = $_GET['action'];
    $agentId = filter_input(INPUT_GET, 'agent', FILTER_VALIDATE_INT);
    if ($action === 'fetch') {
        $response = ['status' => 'success', 'data' => $data];
        echo json_encode($response);
        exit;
    }
    if ($action === 'status') {
        $response = ['status' => 'success', 'data' => $statusData];
        echo json_encode($response);
        exit;
    }
 // Handle template display
 } else {
    // Validate platform_id is set
    if (!isset($platform_id)) {
        Feedback::flash('ERROR', 'DEFAULT', 'Platform ID is not set');
    }
    // Get host details for this platform
    $hostDetails = $hostObject->getHostDetails($platform_id);
    // Group agents by host
    $agentsByHost = [];
    foreach ($hostDetails as $host) {
        $hostId = $host['id'];
        $agentsByHost[$hostId] = [
            'host_name' => $host['name'],
            'agents' => []
        ];
        // Get agents for this host
        $hostAgents = $agentObject->getAgentDetails($hostId);
        if ($hostAgents) {
            $agentsByHost[$hostId]['agents'] = $hostAgents;
        }
        // Generate JWT tokens for each agent beforehand
        $agentTokens = [];
        foreach ($agentsByHost[$hostId]['agents'] as $agent) {
            $payload = [
                'iss' => 'Jilo Web',
                'aud' => $config['domain'],
                'iat' => time(),
                'exp' => time() + 3600,
                'agent_id' => $agent['id']
            ];
            $agentTokens[$agent['id']] = $agentObject->generateAgentToken($payload, $agent['secret_key']);
        }
        /**
         * Now we have:
         * $hostDetails - hosts in this platform
         * $agentsByHost[$hostId]['agents'] - agents details by hostId
         * $agentTokens[$agent['id']] - tokens for the agentsIds
         */
    }
    // Get any new feedback messages
    include '../app/helpers/feedback.php';
    // Load the template
    include '../app/templates/agents.php';
 }
--- a/app/pages/components.php
+++ b/app/pages/components.php
@ -1,84 +1,109 @@
 <?php
-require_once '../app/classes/database.php';
+/**
-require '../app/classes/component.php';
+ * Components information
 *
 * This page ("components") retrieves and displays information about Jitsi components events.
 * Allows filtering by component ID, name, or event name, and listing within a specified time range.
 * Supports pagination.
 */
 // connect to database
-require '../app/helpers/database.php';
+$response = connectJiloDB($config, $platformDetails[0]['jilo_database'], $platform_id);
 $db = connectDB($config, 'jilo', $platform_id);
-// specify time range
+// if DB connection has error, display it and stop here
-include '../app/helpers/time_range.php';
+if ($response['db'] === null) {
    Feedback::flash('ERROR', 'DEFAULT', $response['error']);
-// jitsi component events list
+// otherwise if DB connection is OK, go on
 // we use $_REQUEST, so that both links and forms work
 if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
    $jitsi_component = "'" . $_REQUEST['name'] . "'";
    $component_id = 'component_id';
 } elseif (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
    $component_id = "'" . $_REQUEST['id'] . "'";
    $jitsi_component = 'jitsi_component';
 } else {
-    // we need the variables to use them later in sql for columnname = columnname
+    $db = $response['db'];
    $jitsi_component = 'jitsi_component';
    $component_id = 'component_id';
 }
    // Get current page for pagination
    $currentPage = $_REQUEST['page_num'] ?? 1;
    $currentPage = (int)$currentPage;
-//
+    // specify time range
-// Component events listings
+    include '../app/helpers/time_range.php';
 //
-
+    // Build params for pagination
-// list of all component events (default)
+    $params = '';
-$component = new Component($db);
+    if (!empty($_REQUEST['from_time'])) {
-
+        $params .= '&from_time=' . urlencode($_REQUEST['from_time']);
 // prepare the result
 $search = $component->jitsiComponents($jitsi_component, $component_id, $from_time, $until_time);
 if (!empty($search)) {
    $components = array();
    $components['records'] = array();
    foreach ($search as $item) {
        extract($item);
        $component_record = array(
            // assign title to the field in the array record
            'component'		=> $jitsi_component,
            'loglevel'		=> $loglevel,
            'time'		=> $time,
            'component ID'	=> $component_id,
            'event'		=> $event_type,
            'param'		=> $event_param,
        );
        // populate the result array
        array_push($components['records'], $component_record);
    }
    if (!empty($_REQUEST['until_time'])) {
        $params .= '&until_time=' . urlencode($_REQUEST['until_time']);
    }
    if (!empty($_REQUEST['name'])) {
        $params .= '&name=' . urlencode($_REQUEST['name']);
    }
    if (!empty($_REQUEST['id'])) {
        $params .= '&id=' . urlencode($_REQUEST['id']);
    }
    if (isset($_REQUEST['event'])) {
        $params .= '&event=' . urlencode($_REQUEST['event']);
    }
    // pagination variables
    $items_per_page = 20;
    $offset = ($currentPage -1) * $items_per_page;
    // jitsi component events list
    // we use $_REQUEST, so that both links and forms work
    // if it's there, but empty, we make it same as the field name; otherwise assign the value
    $jitsi_component = !empty($_REQUEST['name']) ? "'" . $_REQUEST['name'] . "'" : 'jitsi_component';
    $component_id = !empty($_REQUEST['id']) ? "'" . $_REQUEST['id'] . "'" : 'component_id';
    $event_type = !empty($_REQUEST['event']) ? "'" . $_REQUEST['event'] . "'" : 'event_type';
    //
    // Component events listings
    //
    require '../app/classes/component.php';
    $componentObject = new Component($db);
    // prepare the result
    $search = $componentObject->jitsiComponents($jitsi_component, $component_id, $event_type, $from_time, $until_time, $offset, $items_per_page);
    $search_all = $componentObject->jitsiComponents($jitsi_component, $component_id, $event_type, $from_time, $until_time);
    if (!empty($search)) {
        // we get total items and number of pages
        $item_count = count($search_all);
        $totalPages = ceil($item_count / $items_per_page);
        $components = array();
        $components['records'] = array();
        foreach ($search as $item) {
            extract($item);
            $component_record = array(
                // assign title to the field in the array record
                'component'		=> $jitsi_component,
                'loglevel'		=> $loglevel,
                'time'		=> $time,
                'component ID'	=> $component_id,
                'event'		=> $event_type,
                'param'		=> $event_param,
            );
            // populate the result array
            array_push($components['records'], $component_record);
        }
    }
    // filter message
    $filterMessage = array();
    if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
        array_push($filterMessage, 'Jitsi events for component&nbsp;"<strong>' . $_REQUEST['name'] . '</strong>"');
    } elseif (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
        array_push($filterMessage, 'Jitsi events for component ID&nbsp;"<strong>' . $_REQUEST['id'] . '</strong>"');
    }
    // Get any new feedback messages
    include '../app/helpers/feedback.php';
    // display the widget
    include '../app/templates/components.php';
 }
 // prepare the widget
 $widget['full'] = false;
 $widget['name'] = 'AllComponents';
 $widget['collapsible'] = false;
 $widget['collapsed'] = false;
 $widget['filter'] = true;
 // widget title
 if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
    $widget['title'] = 'Jitsi events for component&nbsp;<strong>' . $_REQUEST['name'] . '</strong>';
 } elseif (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
    $widget['title'] = 'Jitsi events for component ID&nbsp;<strong>' . $_REQUEST['id'] . '</strong>';
 } else {
    $widget['title'] = 'Jitsi events for&nbsp;<strong>all components</strong>';
 }
 // widget records
 if (!empty($components['records'])) {
    $widget['full'] = true;
    $widget['table_headers'] = array_keys($components['records'][0]);
    $widget['table_records'] = $components['records'];
 }
 // display the widget
 include('../app/templates/widget.php');
 ?>
--- a/app/pages/conferences.php
+++ b/app/pages/conferences.php
@ -1,133 +1,168 @@
 <?php
-require_once '../app/classes/database.php';
+/**
-require '../app/classes/conference.php';
+ * Conference information
 *
 * This page ("conferences") retrieves and displays information about conferences.
 * Allows filtering by conference ID or name, and listing within a specified time range.
 * Supports pagination.
 */
 // connect to database
-require '../app/helpers/database.php';
+$response = connectJiloDB($config, $platformDetails[0]['jilo_database'], $platform_id);
 $db = connectDB($config, 'jilo', $platform_id);
-// specify time range
+// if DB connection has error, display it and stop here
-include '../app/helpers/time_range.php';
+if ($response['db'] === null) {
    Feedback::flash('ERROR', 'DEFAULT', $response['error']);
-// conference id/name are specified when searching specific conference(s)
+// otherwise if DB connection is OK, go on
 // either id OR name, id has precedence
 // we use $_REQUEST, so that both links and forms work
 if (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
    $conferenceId = $_REQUEST['id'];
    unset($_REQUEST['name']);
    unset($conferenceName);
 } elseif (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
    unset($conferenceId);
    $conferenceName = $_REQUEST['name'];
 } else {
-    unset($conferenceId);
+    $db = $response['db'];
    unset($conferenceName);
 }
    // specify time range
    include '../app/helpers/time_range.php';
-//
+    // conference id/name are specified when searching specific conference(s)
-// Conference listings
+    // we use $_REQUEST, so that both links and forms work
-//
+    // if it's there, but empty, we make it same as the field name; otherwise assign the value
    //$conferenceName = !empty($_REQUEST['name']) ? "'" . $_REQUEST['name'] . "'" : 'conference_name';
    //$conferenceId = !empty($_REQUEST['id']) ? "'" . $_REQUEST['id'] . "'" : 'conference_id';
-$conference = new Conference($db);
+    if (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
-
+        $conferenceId = $_REQUEST['id'];
-// search and list specific conference ID
+        unset($_REQUEST['name']);
-if (isset($conferenceId)) {
+        unset($conferenceName);
-    $search = $conference->conferenceById($conferenceId, $from_time, $until_time);
+    } elseif (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
-// search and list specific conference name
+        unset($conferenceId);
-} elseif (isset($conferenceName)) {
+        $conferenceName = $_REQUEST['name'];
-    $search = $conference->conferenceByName($conferenceName, $from_time, $until_time);
+    } else {
-// list of all conferences (default)
+        unset($conferenceId);
-} else {
+        unset($conferenceName);
    $search = $conference->conferencesAllFormatted($from_time, $until_time);
 }
 if (!empty($search)) {
    $conferences = array();
    $conferences['records'] = array();
    foreach ($search as $item) {
        extract($item);
        // we don't have duration field, so we calculate it
        if (!empty($start) && !empty($end)) {
            $duration = gmdate("H:i:s", abs(strtotime($end) - strtotime($start)));
        } else {
            $duration = '';
        }
        // search and list specific conference ID
        if (isset($conferenceId)) {
            $conference_record = array(
                // assign title to the field in the array record
                'time'			=> $time,
                'conference ID'		=> $conference_id,
                'conference name'	=> $conference_name,
                'conference host'	=> $conference_host,
                'loglevel'		=> $loglevel,
                'participant ID'	=> $participant_id,
                'event'			=> $event_type,
                'parameter'		=> $event_param
            );
        // search and list specific conference name
        } elseif (isset($conferenceName)) {
            $conference_record = array(
                // assign title to the field in the array record
                'time'			=> $time,
                'conference ID'		=> $conference_id,
                'conference name'	=> $conference_name,
                'conference host'	=> $conference_host,
                'loglevel'		=> $loglevel,
                'participant ID'	=> $participant_id,
                'event'			=> $event_type,
                'parameter'		=> $event_param
            );
        // list of all conferences (default)
        } else {
            $conference_record = array(
                // assign title to the field in the array record
                'component'		=> $jitsi_component,
                'start'			=> $start,
                'end'			=> $end,
                'duration'		=> $duration,
                'conference ID'		=> $conference_id,
                'conference name'	=> $conference_name,
                'participants'		=> $participants,
                'name count'		=> $name_count,
                'conference host'	=> $conference_host
            );
        }
        // populate the result array
        array_push($conferences['records'], $conference_record);
    }
    //
    // Conference listings
    //
    require '../app/classes/conference.php';
    $conferenceObject = new Conference($db);
    // get current page for pagination
    $currentPage = $_REQUEST['page_num'] ?? 1;
    $currentPage = (int)$currentPage;
    // pagination variables
    $items_per_page = 20;
    $offset = ($currentPage -1) * $items_per_page;
    // Build params for pagination
    $params = '';
    if (!empty($_REQUEST['from_time'])) {
        $params .= '&from_time=' . urlencode($_REQUEST['from_time']);
    }
    if (!empty($_REQUEST['until_time'])) {
        $params .= '&until_time=' . urlencode($_REQUEST['until_time']);
    }
    if (!empty($_REQUEST['name'])) {
        $params .= '&name=' . urlencode($_REQUEST['name']);
    }
    if (!empty($_REQUEST['id'])) {
        $params .= '&id=' . urlencode($_REQUEST['id']);
    }
    // search and list specific conference ID
    if (isset($conferenceId)) {
        $search = $conferenceObject->conferenceById($conferenceId, $from_time, $until_time, $offset, $items_per_page);
        $search_all = $conferenceObject->conferenceById($conferenceId, $from_time, $until_time);
    // search and list specific conference name
    } elseif (isset($conferenceName)) {
        $search = $conferenceObject->conferenceByName($conferenceName, $from_time, $until_time, $offset, $items_per_page);
        $search_all = $conferenceObject->conferenceByName($conferenceName, $from_time, $until_time);
    // list of all conferences (default)
    } else {
        $search = $conferenceObject->conferencesAllFormatted($from_time, $until_time, $offset, $items_per_page);
        $search_all = $conferenceObject->conferencesAllFormatted($from_time, $until_time);
    }
    if (!empty($search)) {
        // we get total items and number of pages
        $item_count = count($search_all);
        $totalPages = ceil($item_count / $items_per_page);
        $conferences = array();
        $conferences['records'] = array();
        foreach ($search as $item) {
            extract($item);
            // we don't have duration field, so we calculate it
            if (!empty($start) && !empty($end)) {
                $duration = gmdate("H:i:s", abs(strtotime($end) - strtotime($start)));
            } else {
                $duration = '';
            }
            // search and list specific conference ID
            if (isset($conferenceId)) {
                $conference_record = array(
                    // assign title to the field in the array record
                    'time'			=> $time,
                    'conference ID'		=> $conference_id,
                    'conference name'	=> $conference_name,
                    'conference host'	=> $conference_host,
                    'loglevel'		=> $loglevel,
                    'participant ID'	=> $participant_id,
                    'event'			=> $event_type,
                    'parameter'		=> $event_param
                );
            // search and list specific conference name
            } elseif (isset($conferenceName)) {
                $conference_record = array(
                    // assign title to the field in the array record
                    'time'			=> $time,
                    'conference ID'		=> $conference_id,
                    'conference name'	=> $conference_name,
                    'conference host'	=> $conference_host,
                    'loglevel'		=> $loglevel,
                    'participant ID'	=> $participant_id,
                    'event'			=> $event_type,
                    'parameter'		=> $event_param
                );
            // list of all conferences (default)
            } else {
                $conference_record = array(
                    // assign title to the field in the array record
                    'component'		=> $jitsi_component,
                    'start'			=> $start,
                    'end'			=> $end,
                    'duration'		=> $duration,
                    'conference ID'		=> $conference_id,
                    'conference name'	=> $conference_name,
                    'participants'		=> $participants,
                    'name count'		=> $name_count,
                    'conference host'	=> $conference_host
                );
            }
            // populate the result array
            array_push($conferences['records'], $conference_record);
        }
    }
    // filter message
    $filterMessage = array();
    if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
        array_push($filterMessage, 'Conferences with name matching "<strong>' . $_REQUEST['name'] . '</strong>"');
    } elseif (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
        array_push($filterMessage, 'Conference with ID "<strong>' . $_REQUEST['id'] . '</strong>"');
    }
    // Get any new feedback messages
    include '../app/helpers/feedback.php';
    // display the widget
    include '../app/templates/conferences.php';
 }
 // prepare the widget
 $widget['full'] = false;
 $widget['name'] = 'Conferences';
 $widget['collapsible'] = false;
 $widget['collapsed'] = false;
 $widget['filter'] = true;
 // widget title
 if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
    $widget['title'] = 'Conferences with name matching "<strong>' . $_REQUEST['name'] . '"</strong>';
 } elseif (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
    $widget['title'] = 'Conference with ID "<strong>' . $_REQUEST['id'] . '"</strong>';
 } else {
    $widget['title'] = 'All conferences';
 }
 // widget records
 if (!empty($conferences['records'])) {
    $widget['full'] = true;
    $widget['table_headers'] = array_keys($conferences['records'][0]);
    $widget['table_records'] = $conferences['records'];
 }
 // display the widget
 include('../app/templates/widget.php');
 ?>
--- a/app/pages/config.php
+++ b/app/pages/config.php
@ -1,140 +1,124 @@
 <?php
-$action = $_REQUEST['action'] ?? '';
+/**
-require_once '../app/classes/config.php';
+ * Config management.
-require '../app/helpers/errors.php';
+ *
-require '../app/helpers/config.php';
+ * This page handles the config file.
 */
-$configure = new Config();
+// Get any new feedback messages
 include '../app/helpers/feedback.php';
-// if a form is submitted, it's from the edit page
+require '../app/classes/config.php';
-if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+require '../app/classes/api_response.php';
-    // load the config file and initialize a copy
+// Initialize required objects
-    $content = file_get_contents($config_file);
+$userObject = new User($db);
-    $updatedContent = $content;
+$configObject = new Config();
-    // new platform adding
+// For AJAX requests
-    if (isset($_POST['new']) && $_POST['new'] === 'true') {
+$isAjax = !empty($_SERVER['HTTP_X_REQUESTED_WITH']) &&
-        $newPlatform = [
+          strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest';
            'name'		=> $_POST['name'],
            'jitsi_url'		=> $_POST['jitsi_url'],
            'jilo_database'	=> $_POST['jilo_database'],
        ];
-        // Determine the next available index for the new platform
+// Set JSON content type for AJAX requests
-        $nextIndex = count($config['platforms']);
+if ($isAjax) {
    header('Content-Type: application/json');
 }
-        // Add the new platform to the platforms array
+// Ensure config file path is set
-        $config['platforms'][$nextIndex] = $newPlatform;
+if (!isset($config_file) || empty($config_file)) {
-
+    if ($isAjax) {
-        // Rebuild the PHP array syntax for the platforms
+        ApiResponse::error('Config file path not set');
-        $platformsArray = formatArray($config['platforms']);
+        exit;
        // Replace the platforms section in the config file
        $updatedContent = preg_replace(
            '/\'platforms\'\s*=>\s*\[[\s\S]+?\],/s',
            "'platforms' => {$platformsArray}",
            $content
        );
        $updatedContent = preg_replace('/\s*\]\n/s', "\n", $updatedContent);
    // deleting a platform
    } elseif (isset($_POST['delete']) && $_POST['delete'] === 'true') {
        $platform = $_POST['platform'];
        $config['platforms'][$platform]['name'] = $_POST['name'];
        $config['platforms'][$platform]['jitsi_url'] = $_POST['jitsi_url'];
        $config['platforms'][$platform]['jilo_database'] = $_POST['jilo_database'];
        $platformsArray = formatArray($config['platforms'][$platform], 3);
        $updatedContent = preg_replace(
            "/\s*'$platform'\s*=>\s*\[\s*'name'\s*=>\s*'[^']*',\s*'jitsi_url'\s*=>\s*'[^']*,\s*'jilo_database'\s*=>\s*'[^']*',\s*\],/s",
            "",
            $content
        );
    // an update to an existing platform
    } else {
-
+        Feedback::flash('ERROR', 'DEFAULT', 'Config file path not set');
-        $platform = $_POST['platform'];
+        header('Location: ' . htmlspecialchars($app_root));
-
+        exit;
        $config['platforms'][$platform]['name'] = $_POST['name'];
        $config['platforms'][$platform]['jitsi_url'] = $_POST['jitsi_url'];
        $config['platforms'][$platform]['jilo_database'] = $_POST['jilo_database'];
        $platformsArray = formatArray($config['platforms'][$platform], 3);
        $updatedContent = preg_replace(
            "/\s*'$platform'\s*=>\s*\[\s*'name'\s*=>\s*'[^']*',\s*'jitsi_url'\s*=>\s*'[^']*',\s*'jilo_database'\s*=>\s*'[^']*',\s*\],/s",
            "\n        '{$platform}' => {$platformsArray},",
            $content
        );
    }
    // check if file is writable
    if (!is_writable($config_file)) {
        $_SESSION['error'] = getError('Configuration file is not writable.');
        header("Location: $app_root?platform=$platform_id&page=config");
        exit();
    }
    // try to update the config file
    if (file_put_contents($config_file, $updatedContent) !== false) {
        // update successful
        $_SESSION['notice'] = "Configuration for {$_POST['name']} is updated.";
    } else {
        // unsuccessful
        $error = error_get_last();
        $_SESSION['error'] = getError('Error updating the config: ' . ($error['message'] ?? 'unknown error'));
    }
 // FIXME the new file is not loaded on first page load
    unset($config);
    header("Location: $app_root?platform=$platform_id&page=config");
    exit();
 // no form submitted, show the templates
 } else {
    // $item - config.js and interface_config.js are special case; remote loaded files
    switch ($item) {
        case 'configjs':
            $mode = $_REQUEST['mode'] ?? '';
            $raw = ($mode === 'raw');
            $platformDetails = $configure->getPlatformDetails($config, $platform_id);
            $platformConfigjs = $configure->getPlatformConfigjs($platformDetails, $raw);
            include('../app/templates/config-list-configjs.php');
            break;
        case 'interfaceconfigjs':
            $mode = $_REQUEST['mode'] ?? '';
            $raw = ($mode === 'raw');
            $platformDetails = $configure->getPlatformDetails($config, $platform_id);
            $platformInterfaceConfigjs = $configure->getPlatformInterfaceConfigjs($platformDetails, $raw);
            include('../app/templates/config-list-interfaceconfigjs.php');
            break;
    // if there is no $item, we work on the local config file
        default:
            switch ($action) {
                case 'add':
                    include('../app/templates/config-add-platform.php');
                    break;
                case 'edit':
                    include('../app/templates/config-edit-platform.php');
                    break;
                case 'delete':
                    include('../app/templates/config-delete-platform.php');
                    break;
                default:
                    include('../app/templates/config-list.php');
            }
    }
 }
-?>
+// Check if file is writable
 $isWritable = is_writable($config_file);
 $configMessage = '';
 if (!$isWritable) {
    $configMessage = Feedback::render('ERROR', 'DEFAULT', 'Config file is not writable', false);
    if ($isAjax) {
        ApiResponse::error('Config file is not writable', null, 403);
        exit;
    }
 }
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // Check if user has permission to edit config
    if (!$userObject->hasRight($userId, 'edit config file')) {
        $logObject->log('error', "Unauthorized: User \"$currentUser\" tried to edit config file. IP: $user_IP", ['user_id' => $userId, 'scope' => 'system']);
        if ($isAjax) {
            ApiResponse::error('Forbidden: You do not have permission to edit the config file', null, 403);
            exit;
        } else {
            include '../app/templates/error-unauthorized.php';
            exit;
        }
    }
    // Apply rate limiting
    require '../app/includes/rate_limit_middleware.php';
    checkRateLimit($db, 'config', $userId);
    // Ensure no output before this point
    ob_clean();
    // For AJAX requests, get JSON data
    if ($isAjax) {
        // Get raw input
        $jsonData = file_get_contents('php://input');
        if ($jsonData === false) {
            $logObject->log('error', "Failed to read request data for config update", ['user_id' => $userId, 'scope' => 'system']);
            ApiResponse::error('Failed to read request data');
            exit;
        }
        // Try to parse JSON
        $postData = json_decode($jsonData, true);
        if (json_last_error() !== JSON_ERROR_NONE) {
            $error = json_last_error_msg();
            ApiResponse::error('Invalid JSON data received: ' . $error);
            exit;
        }
        // Try to update config file
        $result = $configObject->editConfigFile($postData, $config_file);
        if ($result['success']) {
            ApiResponse::success($result['updated'], 'Config file updated successfully');
        } else {
            ApiResponse::error($result['error']);
        }
        exit;
    } else {
        // Handle non-AJAX POST
        $result = $configObject->editConfigFile($_POST, $config_file);
        if ($result['success']) {
            Feedback::flash('NOTICE', 'DEFAULT', 'Config file updated successfully', true);
        } else {
            Feedback::flash('ERROR', 'DEFAULT', "Error updating config file: " . $result['error'], true);
        }
        header('Location: ' . htmlspecialchars($app_root) . '?page=config');
        exit;
    }
 }
 // Only include template for non-AJAX requests
 if (!$isAjax) {
    /**
     * Handles GET requests to display templates.
     */
    if ($userObject->hasRight($userId, 'superuser') ||
      $userObject->hasRight($userId, 'view config file')) {
        include '../app/templates/config.php';
    } else {
        $logObject->log('error', "Unauthorized: User \"$currentUser\" tried to access \"config\" page. IP: $user_IP", ['user_id' => $userId, 'scope' => 'system']);
        include '../app/templates/error-unauthorized.php';
    }
 }
--- a/app/pages/credentials.php
+++ b/app/pages/credentials.php
@ -0,0 +1,167 @@
 <?php
 /**
 * User credentials management
 *
 * This page ("credentials") handles all credential-related actions including:
 * - Two-factor authentication (2FA) setup, verification, and management
 * - Password changes and resets
 *
 * Actions handled:
 * - `setup`: Initial 2FA setup and verification
 * - `verify`: Verify 2FA codes during login
 * - `disable`: Disable 2FA
 * - `password`: Change password
 */
 // Initialize user object
 $userObject = new User($db);
 // Get action and item from request
 $action = $_REQUEST['action'] ?? '';
 $item = $_REQUEST['item'] ?? '';
 // if a form is submitted
 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // Validate CSRF token
    $security->verifyCsrfToken($_POST['csrf_token'] ?? '');
    if (!$security->verifyCsrfToken($_POST['csrf_token'] ?? '')) {
        Feedback::flash('ERROR', 'DEFAULT', 'Invalid security token. Please try again.');
        header("Location: $app_root?page=credentials");
        exit();
    }
    // Apply rate limiting
    require_once '../app/includes/rate_limit_middleware.php';
    checkRateLimit($db, 'credentials', $userId);
    switch ($item) {
        case '2fa':
            switch ($action) {
                case 'setup':
                    // Validate the setup code
                    $code = $_POST['code'] ?? '';
                    $secret = $_POST['secret'] ?? '';
                    if ($userObject->enableTwoFactor($userId, $secret, $code)) {
                        Feedback::flash('NOTICE', 'DEFAULT', 'Two-factor authentication has been enabled successfully.');
                        header("Location: $app_root?page=credentials");
                        exit();
                    } else {
                        // Only show error if code was actually submitted
                        if ($code !== '') {
                            Feedback::flash('ERROR', 'DEFAULT', 'Invalid verification code. Please try again.');
                        }
                        header("Location: $app_root?page=credentials&action=setup");
                        exit();
                    }
                    break;
                case 'verify':
                    // This is a user-initiated verification
                    $code = $_POST['code'] ?? '';
                    if ($userObject->verifyTwoFactor($userId, $code)) {
                        $_SESSION['2fa_verified'] = true;
                        header("Location: $app_root?page=dashboard");
                        exit();
                    } else {
                        Feedback::flash('ERROR', 'DEFAULT', 'Invalid verification code. Please try again.');
                        header("Location: $app_root?page=credentials&action=verify");
                        exit();
                    }
                    break;
                case 'disable':
                    if ($userObject->disableTwoFactor($userId)) {
                        Feedback::flash('NOTICE', 'DEFAULT', 'Two-factor authentication has been disabled.');
                    } else {
                        Feedback::flash('ERROR', 'DEFAULT', 'Failed to disable two-factor authentication.');
                    }
                    header("Location: $app_root?page=credentials");
                    exit();
                    break;
            }
            break;
        case 'password':
            require_once '../app/classes/validator.php';
            $validator = new Validator($_POST);
            $rules = [
                'current_password' => [
                    'required' => true
                ],
                'new_password' => [
                    'required' => true,
                    'min' => 8
                ],
                'confirm_password' => [
                    'required' => true,
                    'matches' => 'new_password'
                ]
            ];
            if (!$validator->validate($rules)) {
                Feedback::flash('ERROR', 'DEFAULT', $validator->getFirstError());
                header("Location: $app_root?page=credentials");
                exit();
            }
            if ($userObject->changePassword($userId, $_POST['current_password'], $_POST['new_password'])) {
                Feedback::flash('NOTICE', 'DEFAULT', 'Password has been changed successfully.');
            } else {
                Feedback::flash('ERROR', 'DEFAULT', 'Failed to change password. Please verify your current password.');
            }
            header("Location: $app_root?page=credentials");
            exit();
            break;
    }
 // no form submitted, show the templates
 } else {
    // Get user timezone for templates
    $userTimezone = !empty($userDetails[0]['timezone']) ? $userDetails[0]['timezone'] : 'UTC';
    // Generate CSRF token if not exists
    require_once '../app/helpers/security.php';
    $security = SecurityHelper::getInstance();
    $security->generateCsrfToken();
    // Get 2FA status for the template
    $has2fa = $userObject->isTwoFactorEnabled($userId);
    switch ($action) {
        case 'setup':
            if (!$has2fa) {
                $result = $userObject->enableTwoFactor($userId);
                if ($result['success']) {
                    $setupData = $result['data'];
                } else {
                    Feedback::flash('ERROR', 'DEFAULT', $result['message'] ?? 'Failed to generate 2FA setup data');
                    header("Location: $app_root?page=credentials");
                    exit();
                }
            }
            // Get any new feedback messages
            include '../app/helpers/feedback.php';
            // Load the 2FA setup template
            include '../app/templates/credentials-2fa-setup.php';
            break;
        case 'verify':
            // Get any new feedback messages
            include '../app/helpers/feedback.php';
            // Load the 2FA verification template
            include '../app/templates/credentials-2fa-verify.php';
            break;
        default:
            // Get any new feedback messages
            include '../app/helpers/feedback.php';
            // Load the combined management template
            include '../app/templates/credentials-manage.php';
    }
 }
--- a/app/pages/dashboard.php
+++ b/app/pages/dashboard.php
@ -0,0 +1,229 @@
 <?php
 /**
 * Main dashboard file for displaying conference statistics.
 *
 * This page ("dashboard") connects to the database and displays various widgets:
 * 1. Monthly statistics for the past year.
 * 2. Conferences from the last 2 days.
 * 3. The most recent 10 conferences.
 */
 // Get any new feedback messages
 include '../app/helpers/feedback.php';
 require '../app/classes/conference.php';
 require '../app/classes/participant.php';
 // connect to database
 $response = connectJiloDB($config, $platformDetails[0]['jilo_database'], $platform_id);
 // if DB connection has error, display it and stop here
 if ($response['db'] === null) {
    Feedback::flash('ERROR', 'DEFAULT', $response['error']);
 // otherwise if DB connection is OK, go on
 } else {
    $db = $response['db'];
    $conferenceObject = new Conference($db);
    $participantObject = new Participant($db);
    /**
     * Monthly usage statistics for the last year.
     *
     * Retrieves conference and participant numbers for each month within the past year.
     */
    // monthly conferences for the last year
    $fromMonth = (new DateTime())->sub(new DateInterval('P1Y'));
    $fromMonth->modify('first day of this month');
    $thisMonth = new DateTime();
    $from_time = $fromMonth->format('Y-m-d');
    $until_time = $thisMonth->format('Y-m-d');
    $widget['records'] = array();
    // loop 1 year in the past
    $i = 0;
    while ($fromMonth < $thisMonth) {
        $untilMonth = clone $fromMonth;
        $untilMonth->modify('last day of this month');
        $from_time = $fromMonth->format('Y-m-d');
        $until_time = $untilMonth->format('Y-m-d');
        $searchConferenceNumber = $conferenceObject->conferenceNumber($from_time, $until_time);
        $searchParticipantNumber = $participantObject->participantNumber($from_time, $until_time);
        // pretty format for displaying the month in the widget
        $month = $fromMonth->format('F Y');
        // populate the records
        $widget['records'][$i] = array(
            'from_time'	=> $from_time,
            'until_time'	=> $until_time,
            'table_headers'	=> $month,
            'conferences'	=> $searchConferenceNumber[0]['conferences'],
            'participants'	=> $searchParticipantNumber[0]['participants'],
        );
        // move everything one month in future
        $untilMonth->add(new DateInterval('P1M'));
        $fromMonth->add(new DateInterval('P1M'));
        $i++;
    }
    $time_range_specified = true;
    // prepare the widget
    $widget['full'] = false;
    $widget['name'] = 'LastYearMonths';
    $widget['title'] = 'Conferences monthly stats for the last year';
    $widget['collapsible'] = true;
    $widget['collapsed'] = false;
    $widget['filter'] = false;
    if (!empty($searchConferenceNumber) && !empty($searchParticipantNumber)) {
        $widget['full'] = true;
    }
    $widget['pagination'] = false;
    // display the widget
    include '../app/templates/widget-monthly.php';
    /**
     * Conferences in the last 2 days.
     *
     * Displays a summary of all conferences held in the past 48 hours.
     */
    // time range limit
    $from_time = date('Y-m-d', time() - 60 * 60 * 24 * 2);
    $until_time = date('Y-m-d', time());
    $time_range_specified = true;
    // prepare the result
    $search = $conferenceObject->conferencesAllFormatted($from_time, $until_time);
    if (!empty($search)) {
        $conferences = array();
        $conferences['records'] = array();
        foreach ($search as $item) {
            extract($item);
            // we don't have duration field, so we calculate it
            if (!empty($start) && !empty($end)) {
                $duration = gmdate("H:i:s", abs(strtotime($end) - strtotime($start)));
            } else {
                $duration = '';
            }
            $conference_record = array(
                // assign title to the field in the array record
                'component'		=> $jitsi_component,
                'start'			=> $start,
                'end'			=> $end,
                'duration'		=> $duration,
                'conference ID'		=> $conference_id,
                'conference name'	=> $conference_name,
                'participants'		=> $participants,
                'name count'		=> $name_count,
                'conference host'	=> $conference_host
            );
            // populate the result array
            array_push($conferences['records'], $conference_record);
        }
    }
    // prepare the widget
    $widget['full'] = false;
    $widget['name'] = 'LastDays';
    $widget['title'] = 'Conferences for the last 2 days';
    $widget['collapsible'] = true;
    $widget['collapsed'] = false;
    $widget['filter'] = false;
    if (!empty($conferences['records'])) {
        $widget['full'] = true;
        $widget['table_headers'] = array_keys($conferences['records'][0]);
        $widget['table_records'] = $conferences['records'];
    }
    $widget['pagination'] = false;
    // display the widget
    include '../app/templates/widget.php';
    /**
     * Last 10 conferences.
     *
     * Displays the 10 most recent conferences in the database.
     */
    // all time
    $from_time = '0000-01-01';
    $until_time = '9999-12-31';
    $time_range_specified = false;
    // number of conferences to show
    $conference_number = 10;
    // prepare the result
    $search = $conferenceObject->conferencesAllFormatted($from_time, $until_time);
    if (!empty($search)) {
        $conferences = array();
        $conferences['records'] = array();
        $i = 0;
        foreach ($search as $item) {
            extract($item);
            // we don't have duration field, so we calculate it
            if (!empty($start) && !empty($end)) {
                $duration = gmdate("H:i:s", abs(strtotime($end) - strtotime($start)));
            } else {
                $duration = '';
            }
            $conference_record = array(
                // assign title to the field in the array record
                'component'		=> $jitsi_component,
                'start'			=> $start,
                'end'			=> $end,
                'duration'		=> $duration,
                'conference ID'		=> $conference_id,
                'conference name'	=> $conference_name,
                'participants'		=> $participants,
                'name count'		=> $name_count,
                'conference host'	=> $conference_host
            );
            // populate the result array
            array_push($conferences['records'], $conference_record);
            // we only take the first 10 results
            $i++;
            if ($i == 10) break;
        }
    }
    // prepare the widget
    $widget['full'] = false;
    $widget['name'] = 'LastConferences';
    $widget['title'] = 'The last ' . $conference_number . ' conferences';
    $widget['collapsible'] = true;
    $widget['collapsed'] = false;
    $widget['filter'] = false;
    $widget['pagination'] = false;
    if (!empty($conferences['records'])) {
        $widget['full'] = true;
        $widget['table_headers'] = array_keys($conferences['records'][0]);
        $widget['table_records'] = $conferences['records'];
    }
    // display the widget
    include '../app/templates/widget.php';
 }
--- a/app/pages/front.php
+++ b/app/pages/front.php
@ -1,204 +0,0 @@
 <?php
 require_once '../app/classes/database.php';
 require '../app/classes/conference.php';
 require '../app/classes/participant.php';
 // connect to database
 require '../app/helpers/database.php';
 $db = connectDB($config, 'jilo', $platform_id);
 //
 // dashboard widget listings
 //
 ////
 // monthly usage
 $conference = new Conference($db);
 $participant = new Participant($db);
 // monthly conferences for the last year
 $fromMonth = (new DateTime())->sub(new DateInterval('P1Y'));
 $fromMonth->modify('first day of this month');
 $thisMonth = new DateTime();
 $from_time = $fromMonth->format('Y-m-d');
 $until_time = $thisMonth->format('Y-m-d');
 $widget['records'] = array();
 // loop 1 year in the past
 $i = 0;
 while ($fromMonth < $thisMonth) {
    $untilMonth = clone $fromMonth;
    $untilMonth->modify('last day of this month');
    $from_time = $fromMonth->format('Y-m-d');
    $until_time = $untilMonth->format('Y-m-d');
    $searchConferenceNumber = $conference->conferenceNumber($from_time, $until_time);
    $searchParticipantNumber = $participant->participantNumber($from_time, $until_time);
    // pretty format for displaying the month in the widget
    $month = $fromMonth->format('F Y');
    // populate the records
    $widget['records'][$i] = array(
        'from_time'	=> $from_time,
        'until_time'	=> $until_time,
        'table_headers'	=> $month,
        'conferences'	=> $searchConferenceNumber[0]['conferences'],
        'participants'	=> $searchParticipantNumber[0]['participants'],
    );
    // move everything one month in future
    $untilMonth->add(new DateInterval('P1M'));
    $fromMonth->add(new DateInterval('P1M'));
    $i++;
 }
 $time_range_specified = true;
 // prepare the widget
 $widget['full'] = false;
 $widget['name'] = 'LastYearMonths';
 $widget['title'] = 'Conferences monthly stats for the last year';
 $widget['collapsible'] = true;
 $widget['collapsed'] = false;
 $widget['filter'] = false;
 if (!empty($searchConferenceNumber) && !empty($searchParticipantNumber)) {
    $widget['full'] = true;
 }
 // display the widget
 include('../app/templates/widget-monthly.php');
 ////
 // conferences in last 2 days
 $conference = new Conference($db);
 // time range limit
 $from_time = date('Y-m-d', time() - 60 * 60 * 24 * 2);
 $until_time = date('Y-m-d', time());
 $time_range_specified = true;
 // prepare the result
 $search = $conference->conferencesAllFormatted($from_time, $until_time);
 if (!empty($search)) {
    $conferences = array();
    $conferences['records'] = array();
    foreach ($search as $item) {
        extract($item);
        // we don't have duration field, so we calculate it
        if (!empty($start) && !empty($end)) {
            $duration = gmdate("H:i:s", abs(strtotime($end) - strtotime($start)));
        } else {
            $duration = '';
        }
        $conference_record = array(
            // assign title to the field in the array record
            'component'		=> $jitsi_component,
            'start'			=> $start,
            'end'			=> $end,
            'duration'		=> $duration,
            'conference ID'		=> $conference_id,
            'conference name'	=> $conference_name,
            'participants'		=> $participants,
            'name count'		=> $name_count,
            'conference host'	=> $conference_host
        );
        // populate the result array
        array_push($conferences['records'], $conference_record);
    }
 }
 // prepare the widget
 $widget['full'] = false;
 $widget['name'] = 'LastDays';
 $widget['title'] = 'Conferences for the last 2 days';
 $widget['collapsible'] = true;
 $widget['collapsed'] = false;
 $widget['filter'] = false;
 if (!empty($conferences['records'])) {
    $widget['full'] = true;
    $widget['table_headers'] = array_keys($conferences['records'][0]);
    $widget['table_records'] = $conferences['records'];
 }
 // display the widget
 include('../app/templates/widget.php');
 ////
 // last 10 conferences
 $conference = new Conference($db);
 // all time
 $from_time = '0000-01-01';
 $until_time = '9999-12-31';
 $time_range_specified = false;
 // number of conferences to show
 $conference_number = 10;
 // prepare the result
 $search = $conference->conferencesAllFormatted($from_time, $until_time);
 if (!empty($search)) {
    $conferences = array();
    $conferences['records'] = array();
    $i = 0;
    foreach ($search as $item) {
        extract($item);
        // we don't have duration field, so we calculate it
        if (!empty($start) && !empty($end)) {
            $duration = gmdate("H:i:s", abs(strtotime($end) - strtotime($start)));
        } else {
            $duration = '';
        }
        $conference_record = array(
            // assign title to the field in the array record
            'component'		=> $jitsi_component,
            'start'			=> $start,
            'end'			=> $end,
            'duration'		=> $duration,
            'conference ID'		=> $conference_id,
            'conference name'	=> $conference_name,
            'participants'		=> $participants,
            'name count'		=> $name_count,
            'conference host'	=> $conference_host
        );
        // populate the result array
        array_push($conferences['records'], $conference_record);
        // we only take the first 10 results
        $i++;
        if ($i == 10) break;
    }
 }
 // prepare the widget
 $widget['full'] = false;
 $widget['name'] = 'LastConferences';
 $widget['title'] = 'The last ' . $conference_number . ' conferences';
 $widget['collapsible'] = true;
 $widget['collapsed'] = false;
 $widget['filter'] = false;
 if (!empty($conferences['records'])) {
    $widget['full'] = true;
    $widget['table_headers'] = array_keys($conferences['records'][0]);
    $widget['table_records'] = $conferences['records'];
 }
 // display the widget
 include('../app/templates/widget.php');
 ?>
--- a/app/pages/graphs.php
+++ b/app/pages/graphs.php
@ -0,0 +1,91 @@
 <?php
 $action = $_REQUEST['action'] ?? '';
 $agent = $_REQUEST['agent'] ?? '';
 require '../app/classes/agent.php';
 require '../app/classes/conference.php';
 require '../app/classes/host.php';
 $agentObject = new Agent($db);
 $hostObject = new Host($db);
 // Connect to Jilo database for log data
 $response = connectJiloDB($config, $platformDetails[0]['jilo_database'], $platform_id);
 if ($response['db'] === null) {
    Feedback::flash('ERROR', 'DEFAULT', $response['error']);
 } else {
    $db = $response['db'];
 }
 $conferenceObject = new Conference($db);
 // Get date range for the last 7 days
 $from_time = date('Y-m-d', strtotime('-7 days'));
 $until_time = date('Y-m-d');
 // Define graphs to show
 $graphs = [
    [
        'graph_name' => 'conferences',
        'graph_title' => 'Conferences in "' . htmlspecialchars($platformDetails[0]['name']) . '" over time',
        'datasets' => []
    ],
    [
        'graph_name' => 'participants',
        'graph_title' => 'Participants in "' . htmlspecialchars($platformDetails[0]['name']) . '" over time',
        'datasets' => []
    ]
 ];
 // Get Jitsi API data
 $conferences_api = $agentObject->getHistoricalData(
    $platform_id, 
    'jicofo',
    'conferences',
    $from_time,
    $until_time
 );
 $graphs[0]['datasets'][] = [
    'data' => $conferences_api,
    'label' => 'Conferences from Jitsi API',
    'color' => 'rgba(75, 192, 192, 1)'
 ];
 // Get conference data from logs
 $conferences_logs = $conferenceObject->conferenceNumber(
    $from_time,
    $until_time
 );
 $graphs[0]['datasets'][] = [
    'data' => $conferences_logs,
    'label' => 'Conferences from Logs',
    'color' => 'rgba(255, 99, 132, 1)'
 ];
 // Get participants data
 $participants_api = $agentObject->getHistoricalData(
    $platform_id, 
    'jicofo',
    'participants',
    $from_time,
    $until_time
 );
 $graphs[1]['datasets'][] = [
    'data' => $participants_api,
    'label' => 'Participants from Jitsi API',
    'color' => 'rgba(75, 192, 192, 1)'
 ];
 // Prepare data for template
 $graph = $graphs;
 // prepare the widget
 $widget['full'] = false;
 $widget['name'] = 'Graphs';
 $widget['title'] = 'Jitsi graphs';
 // Get any new feedback messages
 include '../app/helpers/feedback.php';
 // Load the template
 include '../app/templates/graphs.php';
--- a/app/pages/help.php
+++ b/app/pages/help.php
@ -0,0 +1,6 @@
 <?php
 // Get any new feedback messages
 include '../app/helpers/feedback.php';
 include '../app/templates/help.php';
--- a/app/pages/latest.php
+++ b/app/pages/latest.php
@ -0,0 +1,106 @@
 <?php
 require '../app/classes/agent.php';
 require '../app/classes/host.php';
 $agentObject = new Agent($db);
 $hostObject = new Host($db);
 // Define metrics to display
 $metrics = [
    'Basic stats' => [
        'conferences' => ['label' => 'Current conferences', 'link' => 'conferences'],
        'participants' => ['label' => 'Current participants', 'link' => 'participants'],
        'total_conferences_created' => ['label' => 'Total conferences created'],
        'total_participants' => ['label' => 'Total participants']
    ],
    'Bridge stats' => [
        'bridge_selector.bridge_count' => ['label' => 'Bridge count'],
        'bridge_selector.operational_bridge_count' => ['label' => 'Operational bridges'],
        'bridge_selector.in_shutdown_bridge_count' => ['label' => 'Bridges in shutdown']
    ],
    'Jibri stats' => [
        'jibri_detector.count' => ['label' => 'Jibri count'],
        'jibri_detector.available' => ['label' => 'Jibri idle'],
        'jibri.live_streaming_active' => ['label' => 'Jibri active streaming'],
        'jibri.recording_active' => ['label' => 'Jibri active recording'],
    ],
    'System stats' => [
        'threads' => ['label' => 'Threads'],
        'stress_level' => ['label' => 'Stress level'],
        'version' => ['label' => 'Version']
    ]
 ];
 // Get all hosts for this platform
 $hosts = $hostObject->getHostDetails($platform_id);
 $hostsData = [];
 // For each host, get its agents and their metrics
 foreach ($hosts as $host) {
    $hostData = [
        'id' => $host['id'],
        'name' => $host['name'] ?: $host['address'],
        'address' => $host['address'],
        'agents' => []
    ];
    // Get agents for this host
    $hostAgents = $agentObject->getAgentDetails($host['id']);
    foreach ($hostAgents as $agent) {
        $agentData = [
            'id' => $agent['id'],
            'type' => $agent['agent_description'],
            'name' => strtoupper($agent['agent_description']),
            'metrics' => [],
            'timestamp' => null
        ];
        // Fetch all metrics for this agent
        foreach ($metrics as $section => $section_metrics) {
            foreach ($section_metrics as $metric => $metricConfig) {
                // Get latest data
                $latestData = $agentObject->getLatestData($host['id'], $agent['agent_description'], $metric);
                if ($latestData !== null) {
                    // Get the previous record
                    $previousData = $agentObject->getPreviousRecord(
                        $host['id'], 
                        $agent['agent_description'], 
                        $metric,
                        $latestData['timestamp']
                    );
                    $agentData['metrics'][$section][$metric] = [
                        'latest' => [
                            'value' => $latestData['value'],
                            'timestamp' => $latestData['timestamp']
                        ],
                        'previous' => $previousData,
                        'label' => $metricConfig['label'],
                        'link' => isset($metricConfig['link']) ? $metricConfig['link'] : null
                    ];
                    // Use the most recent timestamp for the agent
                    if ($agentData['timestamp'] === null || strtotime($latestData['timestamp']) > strtotime($agentData['timestamp'])) {
                        $agentData['timestamp'] = $latestData['timestamp'];
                    }
                }
            }
        }
        if (!empty($agentData['metrics'])) {
            $hostData['agents'][] = $agentData;
        }
    }
    if (!empty($hostData['agents'])) {
        $hostsData[] = $hostData;
    }
 }
 // Get any new feedback messages
 include '../app/helpers/feedback.php';
 // Load the template
 include '../app/templates/latest.php';
--- a/app/pages/livejs.php
+++ b/app/pages/livejs.php
@ -0,0 +1,16 @@
 <?php
 $mode = $_REQUEST['mode'] ?? '';
 $raw = ($mode === 'raw');
 $livejsFile = $_REQUEST['item'] ?? '';
 require '../app/classes/settings.php';
 $settingsObject = new Settings();
 $livejsData = $settingsObject->getPlatformJsFile($platformDetails[0]['jitsi_url'], $item, $raw);
 // Get any new feedback messages
 include '../app/helpers/feedback.php';
 // Load the template
 include '../app/templates/livejs.php';
--- a/app/pages/login.php
+++ b/app/pages/login.php
@ -1,70 +1,305 @@
 <?php
-require_once '../app/classes/database.php';
+/**
-require '../app/classes/user.php';
+ * User login
 *
 * This page ("login") handles user login, session management, cookie handling, and error logging.
 * Supports "remember me" functionality to extend session duration and two-factor authentication.
 *
 * Actions Performed:
 * - Validates login credentials
 * - Handles two-factor authentication if enabled
 * - Manages session and cookies based on "remember me" option
 * - Logs successful and failed login attempts
 * - Displays login form and optional custom messages
 */
 // clear the global error var before login
 unset($error);
 try {
    // connect to database
    require '../app/helpers/database.php';
    $db = connectDB($config);
-    $user = new User($db);
+    // Initialize RateLimiter
    require_once '../app/classes/ratelimiter.php';
    $rateLimiter = new RateLimiter($db);
    // Get user IP
    require_once '../app/helpers/ip_helper.php';
    $user_IP = getUserIP();
-    if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
+    $action = $_REQUEST['action'] ?? '';
        $username = $_POST['username'];
        $password = $_POST['password'];
-        // login successful
+    if ($action === 'verify' && isset($_SESSION['2fa_pending_user_id'])) {
-        if ( $user->login($username, $password) ) {
+        // Handle 2FA verification
-            // if remember_me is checked, max out the session
+        $code = $_POST['code'] ?? '';
-            if (isset($_POST['remember_me'])) {
+        $pending2FA = Session::get2FAPending();
-                // 30*24*60*60 = 30 days
+
-                $cookie_lifetime = 30 * 24 * 60 * 60;
+        if (!$pending2FA) {
-                $setcookie_lifetime = time() + 30 * 24 * 60 * 60;
+            header('Location: ' . htmlspecialchars($app_root) . '?page=login');
-                $gc_maxlifetime = 30 * 24 * 60 * 60;
+            exit();
-            } else {
+        }
-                // 0 - session end on browser close
+
-                // 1440 - 24 minutes (default)
+        require_once '../app/classes/twoFactorAuth.php';
-                $cookie_lifetime = 0;
+        $twoFactorAuth = new TwoFactorAuthentication($db);
-                $setcookie_lifetime = 0;
+
-                $gc_maxlifetime = 1440;
+        if ($twoFactorAuth->verify($pending2FA['user_id'], $code)) {
            // Complete login
            handleSuccessfulLogin($pending2FA['user_id'], $pending2FA['username'],
                $pending2FA['remember_me'], $config, $app_root, $logObject, $user_IP);
            // Clean up 2FA session data
            Session::clear2FAPending();
            exit();
        }
        // If we get here (and we have code submitted), verification failed
        if (!empty($code)) {
            Feedback::flash('ERROR', 'DEFAULT', 'Invalid verification code');
        }
        // Get any new feedback messages
        include '../app/helpers/feedback.php';
        // Make userId available to template
        $userId = $pending2FA['user_id'];
        // Load the 2FA verification template
        include '../app/templates/credentials-2fa-verify.php';
        exit();
    } elseif ($action === 'forgot') {
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            // Handle password reset request
            try {
                // Validate CSRF token
                $security = SecurityHelper::getInstance();
                if (!$security->verifyCsrfToken($_POST['csrf_token'] ?? '')) {
                    throw new Exception('Invalid security token. Please try again.');
                }
                // Apply rate limiting
                if (!$rateLimiter->isIpWhitelisted($user_IP)) {
                    if ($rateLimiter->isIpBlacklisted($user_IP)) {
                        throw new Exception(Feedback::get('LOGIN', 'IP_BLACKLISTED')['message']);
                    }
                    if ($rateLimiter->tooManyAttempts('password_reset', $user_IP)) {
                        throw new Exception(Feedback::get('LOGIN', 'TOO_MANY_ATTEMPTS')['message']);
                    }
                    $rateLimiter->attempt('password_reset', $user_IP);
                }
                // Validate email
                $email = filter_var($_POST['email'] ?? '', FILTER_VALIDATE_EMAIL);
                if (!$email) {
                    throw new Exception('Please enter a valid email address.');
                }
                // Process reset request
                require_once '../app/classes/passwordReset.php';
                $resetHandler = new PasswordReset($db, $config);
                $result = $resetHandler->requestReset($email);
                // Always show same message whether email exists or not for security
                Feedback::flash('NOTICE', 'DEFAULT', $result['message']);
                header("Location: $app_root?page=login");
                exit();
            } catch (Exception $e) {
                Feedback::flash('ERROR', 'DEFAULT', $e->getMessage());
            }
        }
        // Generate CSRF token
        $security = SecurityHelper::getInstance();
        $security->generateCsrfToken();
        // Load the forgot password form
        include '../app/helpers/feedback.php';
        include '../app/templates/form-password-forgot.php';
        exit();
    } elseif ($action === 'reset' && isset($_GET['token'])) {
        // Handle password reset
        try {
            require_once '../app/classes/passwordReset.php';
            $resetHandler = new PasswordReset($db, $config);
            $token = $_GET['token'];
            if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                // Validate CSRF token
                $security = SecurityHelper::getInstance();
                if (!$security->verifyCsrfToken($_POST['csrf_token'] ?? '')) {
                    throw new Exception('Invalid security token. Please try again.');
                }
                // Apply rate limiting
                if (!$rateLimiter->isIpWhitelisted($user_IP)) {
                    if ($rateLimiter->tooManyAttempts('password_reset', $user_IP)) {
                        throw new Exception(Feedback::get('LOGIN', 'TOO_MANY_ATTEMPTS')['message']);
                    }
                    $rateLimiter->attempt('password_reset', $user_IP);
                }
                // Validate password
                require_once '../app/classes/validator.php';
                $validator = new Validator($_POST);
                $rules = [
                    'new_password' => [
                        'required' => true,
                        'min' => 8
                    ],
                    'confirm_password' => [
                        'required' => true,
                        'matches' => 'new_password'
                    ]
                ];
                if (!$validator->validate($rules)) {
                    throw new Exception($validator->getFirstError());
                }
                // Reset password
                if ($resetHandler->resetPassword($token, $_POST['new_password'])) {
                    Feedback::flash('NOTICE', 'DEFAULT', 'Your password has been reset successfully. You can now log in.');
                    header("Location: $app_root?page=login");
                    exit();
                }
                throw new Exception('Invalid or expired reset link. Please request a new one.');
            }
-            // set session lifetime and cookies
+            // Verify token is valid
-            setcookie('username', $username, [
+            $validation = $resetHandler->validateToken($token);
-                'expires'	=> $setcookie_lifetime,
+            if (!$validation['valid']) {
-                'path'		=> $config['folder'],
+                throw new Exception('Invalid or expired reset link. Please request a new one.');
-                'domain'	=> $config['domain'],
+            }
                'secure'	=> isset($_SERVER['HTTPS']),
                'httponly'	=> true,
                'samesite'	=> 'Strict'
            ]);
-            // redirect to index
+            // Show reset password form
-            $_SESSION['notice'] = "Login successful";
+            include '../app/helpers/feedback.php';
-            header('Location: index.php');
+            include '../app/templates/form-password-reset.php';
            exit();
-        // login failed
+        } catch (Exception $e) {
-        } else {
+            Feedback::flash('ERROR', 'DEFAULT', $e->getMessage());
-            $_SESSION['error'] = "Login failed.";
+            header("Location: $app_root?page=login&action=forgot");
            header('Location: index.php');
            exit();
        }
    }
    if ( $_SERVER['REQUEST_METHOD'] == 'POST' && $action !== 'verify' ) {
        try {
            // Validate form data
            $security = SecurityHelper::getInstance();
            $formData = $security->sanitizeArray($_POST, ['username', 'password', 'remember_me', 'csrf_token']);
            $validationRules = [
                'username' => [
                    'type' => 'string',
                    'required' => true,
                    'min' => 3,
                    'max' => 20
                ],
                'password' => [
                    'type' => 'string',
                    'required' => true
                ]
            ];
            $errors = $security->validateFormData($formData, $validationRules);
            if (!empty($errors)) {
                throw new Exception("Invalid input: " . implode(", ", $errors));
            }
            $username = $formData['username'];
            $password = $formData['password'];
            // Skip all checks if IP is whitelisted
            if (!$rateLimiter->isIpWhitelisted($user_IP)) {
                // Check if IP is blacklisted
                if ($rateLimiter->isIpBlacklisted($user_IP)) {
                    throw new Exception(Feedback::get('LOGIN', 'IP_BLACKLISTED')['message']);
                }
                // Check rate limiting before recording attempt
                if ($rateLimiter->tooManyAttempts($username, $user_IP)) {
                    throw new Exception(Feedback::get('LOGIN', 'TOO_MANY_ATTEMPTS')['message']);
                }
            }
            // Attempt login
            $loginResult = $userObject->login($username, $password);
            if (is_array($loginResult)) {
                switch ($loginResult['status']) {
                    case 'requires_2fa':
                        // Store pending 2FA info
                        Session::store2FAPending($loginResult['user_id'], $loginResult['username'],
                            isset($formData['remember_me']));
                        // Redirect to 2FA verification
                        header('Location: ?page=login&action=verify');
                        exit();
                    case 'success':
                        // Complete login
                        handleSuccessfulLogin($loginResult['user_id'], $loginResult['username'],
                            isset($formData['remember_me']), $config, $app_root, $logObject, $user_IP);
                        exit();
                    default:
                        throw new Exception($loginResult['message'] ?? 'Login failed');
                }
            }
            throw new Exception(Feedback::get('LOGIN', 'LOGIN_FAILED')['message']);
        } catch (Exception $e) {
            // Log the failed attempt
            Feedback::flash('ERROR', 'DEFAULT', $e->getMessage());
            if (isset($username)) {
                $userId = $userObject->getUserId($username)[0]['id'] ?? 0;
                $logObject->log('error', "Login: Failed login attempt for user \"$username\". IP: $user_IP. Reason: {$e->getMessage()}", ['user_id' => $userId, 'scope' => 'user']);
                $rateLimiter->attempt($username, $user_IP);
            }
        }
    }
 } catch (Exception $e) {
-    $error = getError('There was an unexpected error. Please try again.', $e->getMessage());
+    Feedback::flash('ERROR', 'DEFAULT');
 }
 // Show configured login message if any
 if (!empty($config['login_message'])) {
-    $notice = $config['login_message'];
+    echo Feedback::render('NOTICE', 'DEFAULT', $config['login_message'], false, false, false);
    include '../app/templates/block-message.php';
 }
 // Get any new feedback messages
 include '../app/helpers/feedback.php';
 // Load the template
 include '../app/templates/form-login.php';
-?>
+/**
 * Handle successful login by setting up session and cookies
 */
 function handleSuccessfulLogin($userId, $username, $rememberMe, $config, $app_root, $logObject, $userIP) {
    // Create authenticated session
    Session::createAuthSession($userId, $username, $rememberMe, $config);
    // Log successful login
    $logObject->log('info', "Login: User \"$username\" logged in. IP: $userIP", ['user_id' => $userId, 'scope' => 'user']);
    // Set success message
    Feedback::flash('LOGIN', 'LOGIN_SUCCESS');
    // After successful login, redirect to original page if provided in URL param or POST
    $redirect = $app_root;
    $candidate = $_POST['redirect'] ?? $_GET['redirect'] ?? '';
    $trimmed = trim($candidate, '/?');
    if (
        (strpos($candidate, '/') === 0 || strpos($candidate, '?') === 0)
        && !in_array($trimmed, INVALID_REDIRECT_PAGES, true)
    ) {
        $redirect = $candidate;
    }
    header('Location: ' . htmlspecialchars($redirect));
    exit();
 }
--- a/app/pages/participants.php
+++ b/app/pages/participants.php
@ -1,142 +1,178 @@
 <?php
-require_once '../app/classes/database.php';
+/**
-require '../app/classes/participant.php';
+ * Participants information
 *
 * This page ("participants") retrieves and displays participant information for conferences.
 * Allows filtering by participant ID, name, or IP address, and listing within a specified time range.
 * Supports pagination.
 */
 // connect to database
-require '../app/helpers/database.php';
+$response = connectJiloDB($config, $platformDetails[0]['jilo_database'], $platform_id);
 $db = connectDB($config, 'jilo', $platform_id);
-// specify time range
+// if DB connection has error, display it and stop here
-include '../app/helpers/time_range.php';
+if ($response['db'] === null) {
    Feedback::flash('ERROR', 'DEFAULT', $response['error']);
-// participant id/name/IP are specified when searching specific participant(s)
+// otherwise if DB connection is OK, go on
 // participant name - this is 'stats_id' in the db
 // either id, name, OR IP - in that order
 // we use $_REQUEST, so that both links and forms work
 if (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
    $participantId = $_REQUEST['id'];
    unset($_REQUEST['name']);
    unset($participantName);
 } elseif (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
    unset($participantId);
    $participantName = $_REQUEST['name'];
 } elseif (isset($_REQUEST['ip']) && $_REQUEST['ip'] != '') {
    unset($participantId);
    $participantIp = $_REQUEST['ip'];
 } else {
-    unset($participantId);
+    $db = $response['db'];
    unset($participantName);
 }
    // specify time range
    include '../app/helpers/time_range.php';
-//
+    // participant id/name/IP are specified when searching specific participant(s)
-// Participant listings
+    // participant name - this is 'stats_id' in the db
-//
+    // either id, name, OR IP - in that order
-
+    // we use $_REQUEST, so that both links and forms work
-$participant = new Participant($db);
+    if (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
-
+        $participantId = $_REQUEST['id'];
-// search and list specific participant ID
+        unset($_REQUEST['name']);
-if (isset($participantId)) {
+        unset($participantName);
-    $search = $participant->conferenceByParticipantId($participantId, $from_time, $until_time, $participantId, $from_time, $until_time);
+    } elseif (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
-// search and list specific participant name (stats_id)
+        unset($participantId);
-} elseif (isset($participantName)) {
+        $participantName = $_REQUEST['name'];
-    $search = $participant->conferenceByParticipantName($participantName, $from_time, $until_time);
+    } elseif (isset($_REQUEST['ip']) && $_REQUEST['ip'] != '') {
-// search and list specific participant IP
+        unset($participantId);
-} elseif (isset($participantIp)) {
+        $participantIp = $_REQUEST['ip'];
-    $search = $participant->conferenceByParticipantIP($participantIp, $from_time, $until_time);
+    } else {
-// list of all participants (default)
+        unset($participantId);
-} else {
+        unset($participantName);
 // prepare the result
    $search = $participant->participantsAll($from_time, $until_time);
 }
 if (!empty($search)) {
    $participants = array();
    $participants['records'] = array();
    foreach ($search as $item) {
        extract($item);
        // search and list specific participant ID
        if (isset($participantId)) {
            $participant_record = array(
                // assign title to the field in the array record
                'time'			=> $time,
                'conference ID'		=> $conference_id,
                'conference name'	=> $conference_name,
                'conference host'	=> $conference_host,
                'loglevel'		=> $loglevel,
                'participant ID'	=> $participant_id,
                'event'			=> $event_type,
                'parameter'		=> $event_param
            );
        // search and list specific participant name (stats_id)
        } elseif (isset($participantName)) {
            $participant_record = array(
                // assign title to the field in the array record
                'time'			=> $time,
                'conference ID'		=> $conference_id,
                'conference name'	=> $conference_name,
                'conference host'	=> $conference_host,
                'loglevel'		=> $loglevel,
                'participant ID'	=> $participant_id,
                'event'			=> $event_type,
                'parameter'		=> $event_param
            );
        // search and list specific participant IP
        } elseif (isset($participantIp)) {
            $participant_record = array(
                // assign title to the field in the array record
                'time'			=> $time,
                'conference ID'		=> $conference_id,
                'conference name'	=> $conference_name,
                'conference host'	=> $conference_host,
                'loglevel'		=> $loglevel,
                'participant ID'	=> $participant_id,
                'event'			=> $event_type,
                'parameter'		=> $event_param
            );
        // list of all participants (default)
        } else {
            $participant_record = array(
                // assign title to the field in the array record
                'component'		=> $jitsi_component,
                'participant ID'	=> $endpoint_id,
                'conference ID'		=> $conference_id
            );
        }
        // populate the result array
        array_push($participants['records'], $participant_record);
    }
    //
    // Participant listings
    //
    require '../app/classes/participant.php';
    $participantObject = new Participant($db);
    // get current page for pagination
    $currentPage = $_REQUEST['page_num'] ?? 1;
    $currentPage = (int)$currentPage;
    // pagination variables
    $items_per_page = 20;
    $offset = ($currentPage -1) * $items_per_page;
    // Build params for pagination
    $params = '';
    if (!empty($_REQUEST['from_time'])) {
        $params .= '&from_time=' . urlencode($_REQUEST['from_time']);
    }
    if (!empty($_REQUEST['until_time'])) {
        $params .= '&until_time=' . urlencode($_REQUEST['until_time']);
    }
    if (!empty($_REQUEST['name'])) {
        $params .= '&name=' . urlencode($_REQUEST['name']);
    }
    if (!empty($_REQUEST['id'])) {
        $params .= '&id=' . urlencode($_REQUEST['id']);
    }
    if (isset($_REQUEST['event'])) {
        $params .= '&ip=' . urlencode($_REQUEST['ip']);
    }
    // search and list specific participant ID
    if (isset($participantId)) {
        $search = $participantObject->conferenceByParticipantId($participantId, $from_time, $until_time, $offset, $items_per_page);
        $search_all = $participantObject->conferenceByParticipantId($participantId, $from_time, $until_time);
    // search and list specific participant name (stats_id)
    } elseif (isset($participantName)) {
        $search = $participantObject->conferenceByParticipantName($participantName, $from_time, $until_time, $offset, $items_per_page);
        $search_all = $participantObject->conferenceByParticipantName($participantName, $from_time, $until_time);
    // search and list specific participant IP
    } elseif (isset($participantIp)) {
        $search = $participantObject->conferenceByParticipantIP($participantIp, $from_time, $until_time, $offset, $items_per_page);
        $search_all = $participantObject->conferenceByParticipantIP($participantIp, $from_time, $until_time);
    // list of all participants (default)
    } else {
    // prepare the result
        $search = $participantObject->participantsAll($from_time, $until_time, $offset, $items_per_page);
        $search_all = $participantObject->participantsAll($from_time, $until_time);
    }
    if (!empty($search)) {
        // we get total items and number of pages
        $item_count = count($search_all);
        $totalPages = ceil($item_count / $items_per_page);
        $participants = array();
        $participants['records'] = array();
        foreach ($search as $item) {
            extract($item);
            // search and list specific participant ID
            if (isset($participantId)) {
                $participant_record = array(
                    // assign title to the field in the array record
                    'time'			=> $time,
                    'conference ID'		=> $conference_id,
                    'conference name'	=> $conference_name,
                    'conference host'	=> $conference_host,
                    'loglevel'		=> $loglevel,
                    'participant ID'	=> $participant_id,
                    'event'			=> $event_type,
                    'parameter'		=> $event_param
                );
            // search and list specific participant name (stats_id)
            } elseif (isset($participantName)) {
                $participant_record = array(
                    // assign title to the field in the array record
                    'time'			=> $time,
                    'conference ID'		=> $conference_id,
                    'conference name'	=> $conference_name,
                    'conference host'	=> $conference_host,
                    'loglevel'		=> $loglevel,
                    'participant ID'	=> $participant_id,
                    'event'			=> $event_type,
                    'parameter'		=> $event_param
                );
            // search and list specific participant IP
            } elseif (isset($participantIp)) {
                $participant_record = array(
                    // assign title to the field in the array record
                    'time'			=> $time,
                    'conference ID'		=> $conference_id,
                    'conference name'	=> $conference_name,
                    'conference host'	=> $conference_host,
                    'loglevel'		=> $loglevel,
                    'participant ID'	=> $participant_id,
                    'event'			=> $event_type,
                    'parameter'		=> $event_param
                );
            // list of all participants (default)
            } else {
                $participant_record = array(
                    // assign title to the field in the array record
                    'component'		=> $jitsi_component,
                    'participant ID'	=> $endpoint_id,
                    'conference ID'		=> $conference_id
                );
            }
            // populate the result array
            array_push($participants['records'], $participant_record);
        }
    }
    // filter message
    $filterMessage = array();
    if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
        array_push($filterMessage, 'Conferences with participant name (stats_id) matching "<strong>' . $_REQUEST['name'] . '</strong>"');
    } elseif (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
        array_push($filterMessage, 'Conferences with participant ID matching "<strong>' . $_REQUEST['id'] . '</strong>"');
    } elseif (isset($participantIp)) {
        array_push($filterMessage, 'Conferences with participant IP matching "<strong>' . $participantIp . '</strong>"');
    }
    // Get any new feedback messages
    include '../app/helpers/feedback.php';
    // display the widget
    include '../app/templates/participants.php';
 }
 // prepare the widget
 $widget['full'] = false;
 $widget['name'] = 'Participants';
 $widget['collapsible'] = false;
 $widget['collapsed'] = false;
 $widget['filter'] = true;
 // widget title
 if (isset($_REQUEST['name']) && $_REQUEST['name'] != '') {
    $widget['title'] = 'Conferences with participant name (stats_id) matching "<strong>' . $_REQUEST['name'] . '"</strong>';
 } elseif (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
    $widget['title'] = 'Conference with participant ID matching "<strong>' . $_REQUEST['id'] . '"</strong>';
 } elseif (isset($participantIp)) {
    $widget['title'] = 'Conference with participant IP matching "<strong>' . $participantIp . '"</strong>';
 } else {
    $widget['title'] = 'All participants';
 }
 // widget records
 if (!empty($participants['records'])) {
    $widget['full'] = true;
    $widget['table_headers'] = array_keys($participants['records'][0]);
    $widget['table_records'] = $participants['records'];
 }
 // display the widget
 include('../app/templates/widget.php');
 ?>
--- a/app/pages/profile.php
+++ b/app/pages/profile.php
@ -1,5 +1,176 @@
 <?php
-include('../app/templates/widget-profile.php');
+/**
 * User profile management
 *
 * This page ("profile") handles user profile actions such as updating user details,
 * avatar management, and assigning or removing user rights.
 * It supports both form submissions and displaying profile templates.
 *
 * Actions handled:
 * - `remove`: Remove a user's avatar.
 * - `edit`: Edit user profile details, rights, or avatar.
 */
-?>
+$action = $_REQUEST['action'] ?? '';
 $item = $_REQUEST['item'] ?? '';
 // if a form is submitted, it's from the edit page
 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // Validate CSRF token
    require_once '../app/helpers/security.php';
    $security = SecurityHelper::getInstance();
    if (!$security->verifyCsrfToken($_POST['csrf_token'] ?? '')) {
        Feedback::flash('ERROR', 'DEFAULT', 'Invalid security token. Please try again.');
        header("Location: $app_root?page=profile");
        exit();
    }
    require_once '../app/classes/validator.php';
    // Apply rate limiting for profile operations
    require_once '../app/includes/rate_limit_middleware.php';
    checkRateLimit($db, 'profile', $userId);
    // avatar removal
    if ($item === 'avatar' && $action === 'remove') {
        $validator = new Validator(['user_id' => $userId]);
        $rules = [
            'user_id' => [
                'required' => true,
                'numeric' => true
            ]
        ];
        if (!$validator->validate($rules)) {
            Feedback::flash('ERROR', 'DEFAULT', $validator->getFirstError());
            header("Location: $app_root?page=profile");
            exit();
        }
        $result = $userObject->removeAvatar($userId, $config['avatars_path'].$userDetails[0]['avatar']);
        if ($result === true) {
            Feedback::flash('NOTICE', 'DEFAULT', "Avatar for user \"{$userDetails[0]['username']}\" is removed.");
        } else {
            Feedback::flash('ERROR', 'DEFAULT', "Removing the avatar failed. Error: $result");
        }
        header("Location: $app_root?page=profile");
        exit();
    }
    // update the profile
    $validator = new Validator($_POST);
    $rules = [
        'name' => [
            'max' => 100
        ],
        'email' => [
            'email' => true,
            'max' => 100
        ],
        'timezone' => [
            'max' => 50
        ],
        'bio' => [
            'max' => 1000
        ]
    ];
    if (!$validator->validate($rules)) {
        Feedback::flash('ERROR', 'DEFAULT', $validator->getFirstError());
        header("Location: $app_root?page=profile");
        exit();
    }
    $updatedUser = [
        'name' => htmlspecialchars($_POST['name'] ?? ''),
        'email' => filter_var($_POST['email'] ?? '', FILTER_VALIDATE_EMAIL),
        'timezone' => htmlspecialchars($_POST['timezone'] ?? ''),
        'bio' => htmlspecialchars($_POST['bio'] ?? ''),
    ];
    $result = $userObject->editUser($userId, $updatedUser);
    if ($result === true) {
        Feedback::flash('NOTICE', 'DEFAULT', "User details for \"{$userDetails[0]['username']}\" are edited.");
    } else {
        Feedback::flash('ERROR', 'DEFAULT', "Editing the user details failed. Error: $result");
    }
    // update the rights
    // Get current rights IDs
    $userRightsIds = array_column($userRights, 'right_id');
    // If no rights are selected, remove all rights
    if (!isset($_POST['rights'])) {
        $_POST['rights'] = [];
    }
    $validator = new Validator(['rights' => $_POST['rights']]);
    $rules = [
        'rights' => [
            'array' => true
        ]
    ];
    if (!$validator->validate($rules)) {
        Feedback::flash('ERROR', 'DEFAULT', $validator->getFirstError());
        header("Location: $app_root?page=profile");
        exit();
    }
    $newRights = $_POST['rights'];
    // what rights we need to add
    $rightsToAdd = array_diff($newRights, $userRightsIds);
    if (!empty($rightsToAdd)) {
        foreach ($rightsToAdd as $rightId) {
            $userObject->addUserRight($userId, $rightId);
        }
    }
    // what rights we need to remove
    $rightsToRemove = array_diff($userRightsIds, $newRights);
    if (!empty($rightsToRemove)) {
        foreach ($rightsToRemove as $rightId) {
            $userObject->removeUserRight($userId, $rightId);
        }
    }
    // update the avatar
    if (!empty($_FILES['avatar_file']['tmp_name'])) {
        $result = $userObject->changeAvatar($userId, $_FILES['avatar_file'], $config['avatars_path']);
    }
    header("Location: $app_root?page=profile");
    exit();
 // no form submitted, show the templates
 } else {
    $avatar = !empty($userDetails[0]['avatar']) ? $config['avatars_path'] . $userDetails[0]['avatar'] : $config['default_avatar'];
    $default_avatar = empty($userDetails[0]['avatar']) ? true : false;
    // Generate CSRF token if not exists
    require_once '../app/helpers/security.php';
    $security = SecurityHelper::getInstance();
    $security->generateCsrfToken();
    switch ($action) {
        case 'edit':
            $allRights = $userObject->getAllRights();
            $allTimezones = timezone_identifiers_list();
            // if timezone is already set, we pass a flag for JS to not autodetect browser timezone
            $isTimezoneSet = !empty($userDetails[0]['timezone']);
            // Get any new feedback messages
            include '../app/helpers/feedback.php';
            // Load the template
            include '../app/templates/profile-edit.php';
            break;
        default:
            // Get any new feedback messages
            include '../app/helpers/feedback.php';
            // Load the template
            include '../app/templates/profile.php';
    }
 }
--- a/app/pages/register.php
+++ b/app/pages/register.php
@ -1,47 +0,0 @@
 <?php
 // registration is allowed, go on
 if ($config['registration_enabled'] === true) {
    require_once '../app/classes/database.php';
    require '../app/classes/user.php';
    unset($error);
    try {
        // connect to database
        require '../app/helpers/database.php';
        $db = connectDB($config);
        $user = new User($db);
        if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
            $username = $_POST['username'];
            $password = $_POST['password'];
            // redirect to login
            if ( $user->register($username, $password) ) {
                $_SESSION['notice'] = "Registration successful.<br />You can log in now.";
                header('Location: index.php');
                exit();
            // registration fail, redirect to login
            } else {
                $_SESSION['error'] = "Registration failed.";
                header('Location: index.php');
                exit();
            }
        }
    } catch (Exception $e) {
        $error = getError('There was an unexpected error. Please try again.', $e->getMessage());
    }
    include '../app/templates/block-message.php';
    include '../app/templates/form-register.php';
 // registration disabled
 } else {
    $notice = 'Registration is disabled';
    include '../app/templates/block-message.php';
 }
 ?>
--- a/app/pages/security.php
+++ b/app/pages/security.php
@ -0,0 +1,174 @@
 <?php
 // Check if user has any of the required rights
 if (!($userObject->hasRight($userId, 'superuser') ||
      $userObject->hasRight($userId, 'edit whitelist') ||
      $userObject->hasRight($userId, 'edit blacklist') ||
      $userObject->hasRight($userId, 'edit ratelimiting'))) {
    include '../app/templates/error-unauthorized.php';
    exit;
 }
 // Get current section
 $section = isset($_POST['section']) ? $_POST['section'] : (isset($_GET['section']) ? $_GET['section'] : 'whitelist');
 // Initialize RateLimiter
 require_once '../app/classes/ratelimiter.php';
 $rateLimiter = new RateLimiter($db);
 // Handle form submissions
 if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
    require_once '../app/classes/validator.php';
    // Apply rate limiting for security operations
    require_once '../app/includes/rate_limit_middleware.php';
    checkRateLimit($db, 'security', $userId);
    $action = $_POST['action'];
    $validator = new Validator($_POST);
    try {
        switch ($action) {
            case 'add_whitelist':
                if (!$userObject->hasRight($userId, 'superuser') && !$userObject->hasRight($userId, 'edit whitelist')) {
                    Feedback::flash('SECURITY', 'PERMISSION_DENIED');
                    break;
                }
                $rules = [
                    'ip_address' => [
                        'required' => true,
                        'max' => 45, // Max length for IPv6
                        'ip' => true
                    ],
                    'description' => [
                        'required' => true,
                        'max' => 255
                    ]
                ];
                if ($validator->validate($rules)) {
                    $is_network = isset($_POST['is_network']) && $_POST['is_network'] === 'on';
                    if (!$rateLimiter->addToWhitelist($_POST['ip_address'], $is_network, $_POST['description'] ?? '', $currentUser, $userId)) {
                        Feedback::flash('SECURITY', 'WHITELIST_ADD_FAILED');
                    } else {
                        Feedback::flash('SECURITY', 'WHITELIST_ADD_SUCCESS');
                    }
                } else {
                    Feedback::flash('SECURITY', 'WHITELIST_ADD_ERROR_IP', $validator->getFirstError());
                }
                break;
            case 'remove_whitelist':
                if (!$userObject->hasRight($userId, 'superuser') && !$userObject->hasRight($userId, 'edit whitelist')) {
                    Feedback::flash('SECURITY', 'PERMISSION_DENIED');
                    break;
                }
                $rules = [
                    'ip_address' => [
                        'required' => true,
                        'max' => 45,
                        'ip' => true
                    ]
                ];
                if ($validator->validate($rules)) {
                    if (!$rateLimiter->removeFromWhitelist($_POST['ip_address'], $currentUser, $userId)) {
                        Feedback::flash('SECURITY', 'WHITELIST_REMOVE_FAILED');
                    } else {
                        Feedback::flash('SECURITY', 'WHITELIST_REMOVE_SUCCESS');
                    }
                } else {
                    Feedback::flash('SECURITY', 'WHITELIST_REMOVE_FAILED', $validator->getFirstError());
                }
                break;
            case 'add_blacklist':
                if (!$userObject->hasRight($userId, 'superuser') && !$userObject->hasRight($userId, 'edit blacklist')) {
                    Feedback::flash('SECURITY', 'PERMISSION_DENIED');
                    break;
                }
                $rules = [
                    'ip_address' => [
                        'required' => true,
                        'max' => 45,
                        'ip' => true
                    ],
                    'reason' => [
                        'required' => true,
                        'max' => 255
                    ],
                    'expiry_hours' => [
                        'numeric' => true,
                        'min' => 0,
                        'max' => 8760 // 1 year in hours
                    ]
                ];
                if ($validator->validate($rules)) {
                    $is_network = isset($_POST['is_network']) && $_POST['is_network'] === 'on';
                    $expiry_hours = !empty($_POST['expiry_hours']) ? (int)$_POST['expiry_hours'] : null;
                    if (!$rateLimiter->addToBlacklist($_POST['ip_address'], $is_network, $_POST['reason'], $currentUser, $userId, $expiry_hours)) {
                        Feedback::flash('SECURITY', 'BLACKLIST_ADD_FAILED');
                    } else {
                        Feedback::flash('SECURITY', 'BLACKLIST_ADD_SUCCESS');
                    }
                } else {
                    Feedback::flash('SECURITY', 'BLACKLIST_ADD_ERROR_IP', $validator->getFirstError());
                }
                break;
            case 'remove_blacklist':
                if (!$userObject->hasRight($userId, 'superuser') && !$userObject->hasRight($userId, 'edit blacklist')) {
                    Feedback::flash('SECURITY', 'PERMISSION_DENIED');
                    break;
                }
                $rules = [
                    'ip_address' => [
                        'required' => true,
                        'max' => 45,
                        'ip' => true
                    ]
                ];
                if ($validator->validate($rules)) {
                    if (!$rateLimiter->removeFromBlacklist($_POST['ip_address'], $currentUser, $userId)) {
                        Feedback::flash('SECURITY', 'BLACKLIST_REMOVE_FAILED');
                    } else {
                        Feedback::flash('SECURITY', 'BLACKLIST_REMOVE_SUCCESS');
                    }
                } else {
                    Feedback::flash('SECURITY', 'BLACKLIST_REMOVE_FAILED', $validator->getFirstError());
                }
                break;
            default:
                Feedback::flash('ERROR', 'INVALID_ACTION');
        }
    } catch (Exception $e) {
        Feedback::flash('ERROR', $e->getMessage());
    }
    // Redirect back to the appropriate section
    header("Location: $app_root?page=security&section=" . urlencode($section));
    exit;
 }
 // Always show rate limit info message for rate limiting section
 if ($section === 'ratelimit') {
    $system_messages[] = ['category' => 'SECURITY', 'key' => 'RATE_LIMIT_INFO'];
 }
 // Get current lists
 $whitelisted = $rateLimiter->getWhitelistedIps();
 $blacklisted = $rateLimiter->getBlacklistedIps();
 // Get any new feedback messages
 include '../app/helpers/feedback.php';
 // Load the template
 include '../app/templates/security.php';
--- a/app/pages/settings.php
+++ b/app/pages/settings.php
@ -0,0 +1,179 @@
 <?php
 /**
 * Jilo settings management.
 *
 * This page ("settings") handles Jilo settings by
 * adding, editing, and deleting platforms, hosts, agents.
 */
 // Check if this is an AJAX request
 $isAjax = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && 
          strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest';
 // Get any new feedback messages
 include '../app/helpers/feedback.php';
 $action = $_REQUEST['action'] ?? '';
 $agent = $_REQUEST['agent'] ?? '';
 $host = $_REQUEST['host'] ?? '';
 require '../app/classes/host.php';
 require '../app/classes/agent.php';
 $hostObject = new Host($db);
 $agentObject = new Agent($db);
 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    /**
     * Handles form submissions from editing
     */
    // Apply rate limiting for profile operations
    require_once '../app/includes/rate_limit_middleware.php';
    checkRateLimit($db, 'profile', $userId);
    // Get hash from URL if present
    $hash = parse_url($_SERVER['REQUEST_URI'], PHP_URL_FRAGMENT) ?? '';
    $redirectUrl = htmlspecialchars($app_root) . '?page=settings';
    if ($hash) {
        $redirectUrl .= '#' . $hash;
    }
    // host operations
    if (isset($_POST['item']) && $_POST['item'] === 'host') {
        if (isset($_POST['delete']) && $_POST['delete'] === 'true') { // This is a host delete
            $host_id = $_POST['host'];
            $result = $hostObject->deleteHost($host_id);
            if ($result === true) {
                Feedback::flash('NOTICE', 'DEFAULT', "Host deleted successfully.", true);
            } else {
                Feedback::flash('ERROR', 'DEFAULT', "Deleting the host failed. Error: $result", true);
            }
        } else if (!isset($_POST['host'])) { // This is a new host
            $newHost = [
                'address'       => $_POST['address'],
                'platform_id'   => $_POST['platform'],
                'name'          => empty($_POST['name']) ? $_POST['address'] : $_POST['name'],
            ];
            $result = $hostObject->addHost($newHost);
            if ($result === true) {
                Feedback::flash('NOTICE', 'DEFAULT', "New Jilo host added.", true);
            } else {
                Feedback::flash('ERROR', 'DEFAULT', "Adding the host failed. Error: $result", true);
            }
        } else { // This is an edit of existing host
            $host_id = $_POST['host'];
            $platform_id = $_POST['platform'];
            $updatedHost = [
                'id'      => $host_id,
                'address' => $_POST['address'],
                'name'    => empty($_POST['name']) ? $_POST['address'] : $_POST['name'],
            ];
            $result = $hostObject->editHost($platform_id, $updatedHost);
            if ($result === true) {
                Feedback::flash('NOTICE', 'DEFAULT', "Host edited.", true);
            } else {
                Feedback::flash('ERROR', 'DEFAULT', "Editing the host failed. Error: $result", true);
            }
        }
        if (!$isAjax) {
            header('Location: ' . $redirectUrl);
            exit;
        }
    // agent operations
    } elseif (isset($_POST['item']) && $_POST['item'] === 'agent') {
        if (isset($_POST['delete']) && $_POST['delete'] === 'true') { // This is an agent delete
            $agent_id = $_POST['agent'];
            $result = $agentObject->deleteAgent($agent_id);
            if ($result === true) {
                Feedback::flash('NOTICE', 'DEFAULT', "Agent deleted successfully.", true);
            } else {
                Feedback::flash('ERROR', 'DEFAULT', "Deleting the agent failed. Error: $result", true);
            }
        } else if (isset($_POST['new']) && $_POST['new'] === 'true') { // This is a new agent
            $newAgent = [
                'type_id'       => $_POST['type'],
                'url'           => $_POST['url'],
                'secret_key'    => empty($_POST['secret_key']) ? null : $_POST['secret_key'],
                'check_period'  => empty($_POST['check_period']) ? 0 : $_POST['check_period'],
            ];
            $result = $agentObject->addAgent($_POST['host'], $newAgent);
            if ($result === true) {
                Feedback::flash('NOTICE', 'DEFAULT', "New Jilo agent added.", true);
            } else {
                Feedback::flash('ERROR', 'DEFAULT', "Adding the agent failed. Error: $result", true);
            }
        } else { // This is an edit of existing agent
            $agent_id = $_POST['agent'];
            $updatedAgent = [
                'agent_type_id' => $_POST['agent_type_id'],
                'url'          => $_POST['url'],
                'secret_key'   => empty($_POST['secret_key']) ? null : $_POST['secret_key'],
                'check_period' => empty($_POST['check_period']) ? 0 : $_POST['check_period'],
            ];
            $result = $agentObject->editAgent($agent_id, $updatedAgent);
            if ($result === true) {
                Feedback::flash('NOTICE', 'DEFAULT', "Agent edited.", true);
            } else {
                Feedback::flash('ERROR', 'DEFAULT', "Editing the agent failed. Error: $result", true);
            }
        }
        if (!$isAjax) {
            header('Location: ' . $redirectUrl);
            exit;
        }
    // platform operations
    } elseif (isset($_POST['item']) && $_POST['item'] === 'platform') {
        if (isset($_POST['delete']) && $_POST['delete'] === 'true') { // This is a platform delete
            $platform_id = $_POST['platform'];
            $result = $platformObject->deletePlatform($platform_id);
            if ($result === true) {
                Feedback::flash('NOTICE', 'DEFAULT', "Platform deleted successfully.", true);
            } else {
                Feedback::flash('ERROR', 'DEFAULT', "Deleting the platform failed. Error: $result", true);
            }
        } else if (!isset($_POST['platform'])) { // This is a new platform
            $newPlatform = [
                'name'          => $_POST['name'],
                'jitsi_url'     => $_POST['jitsi_url'],
                'jilo_database' => $_POST['jilo_database'],
            ];
            $result = $platformObject->addPlatform($newPlatform);
            if ($result === true) {
                Feedback::flash('NOTICE', 'DEFAULT', "New Jitsi platform added.", true);
            } else {
                Feedback::flash('ERROR', 'DEFAULT', "Adding the platform failed. Error: $result", true);
            }
        } else { // This is an edit of existing platform
            $platform_id = $_POST['platform'];
            $updatedPlatform = [
                'name'          => $_POST['name'],
                'jitsi_url'     => $_POST['jitsi_url'],
                'jilo_database' => $_POST['jilo_database'],
            ];
            $result = $platformObject->editPlatform($platform_id, $updatedPlatform);
            if ($result === true) {
                Feedback::flash('NOTICE', 'DEFAULT', "Platform edited.", true);
            } else {
                Feedback::flash('ERROR', 'DEFAULT', "Editing the platform failed. Error: $result", true);
            }
        }
        header('Location: ' . $redirectUrl);
        exit;
    }
 } else {
    /**
     * Handles GET requests to display templates.
     */
    if ($userObject->hasRight($userId, 'view settings') || $userObject->hasRight($userId, 'superuser')) {
        $jilo_agent_types = $agentObject->getAgentTypes();
        include '../app/templates/settings.php';
    } else {
        include '../app/templates/error-unauthorized.php';
    }
 }
--- a/app/pages/status.php
+++ b/app/pages/status.php
@ -0,0 +1,81 @@
 <?php
 /**
 * Jilo components status checks
 *
 * This page ("status") checks the status of various Jilo platform components
 * by fetching data from agents and determining their availability.
 * It generates output for each platform and agent.
 */
 // Get any new feedback messages
 include '../app/helpers/feedback.php';
 require '../app/classes/agent.php';
 require '../app/classes/host.php';
 $agentObject = new Agent($db);
 $hostObject = new Host($db);
 include '../app/templates/status-server.php';
 // loop through all platforms to check their agents
 foreach ($platformsAll as $platform) {
    // check if we can connect to the jilo database
    $response = connectJiloDB($config, $platform['jilo_database'], $platform['id']);
    if ($response['error'] !== null) {
        $jilo_database_status = $response['error'];
    } else {
        $jilo_database_status = 'Connected';
    }
    include '../app/templates/status-platform.php';
    // fetch hosts for the current platform
    $hostDetails = $hostObject->getHostDetails($platform['id']);
    foreach ($hostDetails as $host) {
        // fetch agent details for the current host
        $agentDetails = $agentObject->getAgentDetails($host['id']);
        foreach ($agentDetails as $agent) {
            // we try to parse the URL to scheme:/host:port
            $agent_url = parse_url($agent['url']);
            $agent_protocol = isset($agent_url['scheme']) ? $agent_url['scheme']: '';
            // on failure we keep the full value for displaying purpose
            $agent_host = isset($agent_url['host']) ? $agent_url['host']: $agent['url'];
            $agent_port = isset($agent_url['port']) ? $agent_url['port']: '';
            // we get agent data to check availability
            $agent_response = $agentObject->fetchAgent($agent['id'], true);
            $agent_data = json_decode($agent_response);
            // determine agent availability based on response data
            if (json_last_error() === JSON_ERROR_NONE) {
                $agent_availability = 'unknown';
                foreach ($agent_data as $key => $value) {
                    if ($key === 'error') {
                        $agent_availability = $value;
                        break;
                    }
                    if (preg_match('/_state$/', $key)) {
                        if ($value === 'error') {
                            $agent_availability = 'not running';
                            break;
                        }
                        if ($value === 'running') {
                            $agent_availability = 'running';
                            break;
                        }
                    }
                }
            } else {
                $agent_availability = 'json error';
            }
            include '../app/templates/status-agent.php';
        }
    }
    echo "\n\t\t\t\t\t\t\t</div>\n";
 }
 echo "\n\t\t\t\t\t\t</div>";
 echo "\n\t\t\t\t\t</div>";
 echo "\n\t\t\t\t</div>";
--- a/app/pages/theme-asset.php
+++ b/app/pages/theme-asset.php
@ -0,0 +1,10 @@
 <?php
 /**
 * Theme Asset handler
 *
 * Serves theme assets through the main application router.
 * This provides a secure way to serve theme files that are outside the web root.
 */
 // Include the theme asset handler
 require_once __DIR__ . '/../helpers/theme-asset.php';
--- a/app/pages/theme.php
+++ b/app/pages/theme.php
@ -0,0 +1,71 @@
 <?php
 /**
 * Theme Management Controller
 *
 * Handles theme switching and management functionality.
 * Allows users to view available themes and change the active theme.
 *
 * Actions:
 * - switch_to: Changes the active theme for the current user
 */
 // Initialize security
 require_once '../app/helpers/security.php';
 $security = SecurityHelper::getInstance();
 // Only allow access to logged-in users
 if (!Session::isValidSession()) {
    header('Location: ' . $app_root . '?page=login');
    exit;
 }
 // Handle theme switching
 if (isset($_GET['switch_to'])) {
    $themeName = $_GET['switch_to'];
    // Validate CSRF token for state-changing operations
    if (!$security->verifyCsrfToken($_GET['csrf_token'] ?? '')) {
        Feedback::flash('SECURITY', 'CSRF_INVALID');
        header("Location: $app_root?page=theme");
        exit();
    }
    if (\App\Helpers\Theme::setCurrentTheme($themeName)) {
        // Set success message
        Feedback::flash('THEME', 'THEME_CHANGED');
    } else {
        // Set error message
        Feedback::flash('THEME', 'THEME_CHANGE_FAILED');
    }
    // Redirect back to prevent form resubmission
    $redirect = $app_root . '?page=theme';
    header("Location: $redirect");
    exit;
 }
 // Get available themes and current theme for the view
 $themes = \App\Helpers\Theme::getAvailableThemes();
 $currentTheme = \App\Helpers\Theme::getCurrentThemeName();
 // Prepare theme data with screenshot URLs for the view
 $themeData = [];
 foreach ($themes as $id => $name) {
    $themeData[$id] = [
        'name' => $name,
        'screenshotUrl' => \App\Helpers\Theme::getAssetUrl($id, 'screenshot.png'),
        'isActive' => $id === $currentTheme
    ];
 }
 // Make theme data available to the view
 $themes = $themeData;
 // Generate CSRF token for the form
 $csrf_token = $security->generateCsrfToken();
 // Get any new feedback messages
 include '../app/helpers/feedback.php';
 // Load the template
 include '../app/templates/theme.php';
--- a/app/templates/agents.php
+++ b/app/templates/agents.php
@ -0,0 +1,94 @@
                <!-- agents live data -->
                <div class="container-fluid mt-2">
                    <div class="row mb-4">
                        <div class="col-12 mb-4">
                            <h2 class="mb-0">Jilo Agents status</h2>
                            <small>manage and monitor agents on platform <strong><?= htmlspecialchars($platformDetails[0]['name']) ?></strong></small>
                        </div>
                    </div>
                    <!-- hosts and their agents -->
                    <div class="row">
                        <?php foreach ($agentsByHost as $hostId => $hostData): ?>
                            <div class="col-12 mb-4">
                                <div class="card">
                                    <div class="card-header bg-light">
                                        <h5 class="mb-0">
                                            <i class="fas fa-network-wired me-2 text-secondary"></i>
                                            Host: <?= htmlspecialchars($hostData['host_name']) ?>
                                            <a href="<?= htmlspecialchars($app_root) ?>?page=settings#platform-<?= htmlspecialchars($platform_id) ?>host-<?= htmlspecialchars($hostId) ?>" class="text-decoration-none">
                                                <i class="fas fa-edit ms-2"></i>
                                            </a>
                                        </h5>
                                    </div>
                                    <div class="card-body">
                                        <?php if (empty($hostData['agents'])): ?>
                                            <p class="text-muted">No agents on this host.</p>
                                        <?php else: ?>
                                            <?php foreach ($hostData['agents'] as $agent): ?>
                                                <div class="agent-item mb-4 pb-3 border-bottom">
                                                    <div class="d-flex align-items-center mb-2">
                                                        <div class="flex-grow-1">
                                                            <i class="fas fa-robot me-2 text-secondary"></i>
                                                            <strong>Agent ID:</strong> <?= htmlspecialchars($agent['id']) ?> |
                                                            <strong>Type:</strong> <?= htmlspecialchars($agent['agent_type_id']) ?> (<?= htmlspecialchars($agent['agent_description']) ?>) |
                                                            <strong>Endpoint:</strong> <?= htmlspecialchars($agent['url']) ?><?= htmlspecialchars($agent['agent_endpoint']) ?>
                                                            <a href="<?= htmlspecialchars($app_root) ?>?page=settings#platform-<?= htmlspecialchars($platform_id) ?>agent-<?= htmlspecialchars($agent['id']) ?>" class="text-decoration-none">
                                                                <i class="fas fa-edit ms-2"></i>
                                                            </a>
                                                        </div>
                                                    </div>
                                                    <div class="btn-group" role="group">
                                                        <button id="agent<?= htmlspecialchars($agent['id']) ?>-status" 
                                                                class="btn btn-primary" 
                                                                data-toggle="tooltip" 
                                                                data-trigger="hover" 
                                                                data-placement="bottom" 
                                                                title="Get the agent status" 
                                                                onclick="fetchData('<?= htmlspecialchars($agent['id']) ?>', '<?= htmlspecialchars($agent['url']) ?>', '/status', '<?= htmlspecialchars($agentTokens[$agent['id']]) ?>', true)">
                                                            Get Status
                                                        </button>
                                                        <button id="agent<?= htmlspecialchars($agent['id']) ?>-fetch" 
                                                                class="btn btn-primary" 
                                                                data-toggle="tooltip" 
                                                                data-trigger="hover" 
                                                                data-placement="bottom" 
                                                                title="Get data from the agent" 
                                                                onclick="fetchData('<?= htmlspecialchars($agent['id']) ?>', '<?= htmlspecialchars($agent['url']) ?>', '<?= htmlspecialchars($agent['agent_endpoint']) ?>', '<?= htmlspecialchars($agentTokens[$agent['id']]) ?>', <?= isset($_SESSION["agent{$agent['id']}_cache"]) ? 'true' : 'false' ?>)">
                                                            Fetch Data
                                                        </button>
                                                        <button id="agent<?= htmlspecialchars($agent['id']) ?>-cache" 
                                                                <?= !isset($_SESSION["agent{$agent['id']}_cache"]) ? 'style="display:none;" ' : '' ?>
                                                                class="btn btn-secondary" 
                                                                data-toggle="tooltip" 
                                                                data-trigger="hover" 
                                                                data-placement="bottom" 
                                                                title="Load cache" 
                                                                onclick="loadCache('<?= htmlspecialchars($agent['id']) ?>')">
                                                            Load Cache
                                                        </button>
                                                        <button id="agent<?= htmlspecialchars($agent['id']) ?>-clear" 
                                                                <?= !isset($_SESSION["agent{$agent['id']}_cache"]) ? 'style="display:none;" ' : '' ?>
                                                                class="btn btn-danger" 
                                                                data-toggle="tooltip" 
                                                                data-trigger="hover" 
                                                                data-placement="bottom" 
                                                                title="Clear cache" 
                                                                onclick="clearCache('<?= htmlspecialchars($agent['id']) ?>')">
                                                            Clear Cache
                                                        </button>
                                                    </div>
                                                    <span id="cacheInfo<?= htmlspecialchars($agent['id']) ?>" class="ms-2 <?= isset($_SESSION["agent{$agent['id']}_cache"]) ? '' : 'd-none' ?>"></span>
                                                    <pre class="results mt-3" id="result<?= htmlspecialchars($agent['id']) ?>">Click a button to display data from the agent.</pre>
                                                </div>
                                            <?php endforeach; ?>
                                        <?php endif; ?>
                                    </div>
                                </div>
                            </div>
                        <?php endforeach; ?>
                    </div>
                </div>
                <!-- agents live data -->
--- a/app/templates/block-message.php
+++ b/app/templates/block-message.php
@ -1,7 +0,0 @@
 <?php if (isset($error)) { ?>
        <div class="error"><?php echo $error; ?></div>
 <?php } ?>
 <?php if (isset($notice)) { ?>
        <div class="notice"><?php echo $notice; ?></div>
 <?php } ?>
--- a/app/templates/block-results-filter.php
+++ b/app/templates/block-results-filter.php
@ -1,15 +1,15 @@
                    <!-- Results filter -->
                    <div class="card w-auto bg-light border-light card-body text-right" style="text-align: right;">
-                        <form method="POST" id="filter_form" action="?platform=<?= $platform_id?>&page=<?= $page ?>">
+                        <form method="POST" id="filter_form" class="filter-results" action="?platform=<?= htmlspecialchars($platform_id) ?>&page=<?= htmlspecialchars($page) ?>">
                            <label for="from_time">from</label>
-                            <input type="date" id="from_time" name="from_time"<?php if (isset($_REQUEST['from_time'])) echo " value=\"" . $_REQUEST['from_time'] . "\"" ?> />
+                            <input type="date" id="from_time" name="from_time"<?php if (isset($_REQUEST['from_time'])) echo " value=\"" . htmlspecialchars($from_time) . "\"" ?> />
                            <label for="until_time">until</label>
-                            <input type="date" id="until_time" name="until_time"<?php if (isset($_REQUEST['until_time'])) echo " value=\"" . $_REQUEST['until_time'] . "\"" ?> />
+                            <input type="date" id="until_time" name="until_time"<?php if (isset($_REQUEST['until_time'])) echo " value=\"" . htmlspecialchars($until_time) . "\"" ?> />
-                            <input type="text" name="id" placeholder="ID"<?php if (isset($_REQUEST['id'])) echo " value=\"" . $_REQUEST['id'] . "\"" ?> />
+                            <input type="text" name="id" placeholder="ID"<?php if (isset($_REQUEST['id'])) echo " value=\"" . htmlspecialchars($_REQUEST['id']) . "\"" ?> />
-                            <input type="text" name="name" placeholder="name"<?php if (isset($_REQUEST['name'])) echo " value=\"" . $_REQUEST['name'] . "\"" ?> />
+                            <input type="text" name="name" placeholder="name"<?php if (isset($_REQUEST['name'])) echo " value=\"" . htmlspecialchars($_REQUEST['name']) . "\"" ?> />
 <?php if ($page == 'participants') { ?>
-                            <input type="text" name="ip" placeholder="ip address"<?php if (isset($_REQUEST['ip'])) echo " value=\"" . $_REQUEST['ip'] . "\"" ?> maxlength="15" size="15" />
+                            <input type="text" name="ip" placeholder="ip address"<?php if (isset($_REQUEST['ip'])) echo " value=\"" . htmlspecialchars($_REQUEST['ip']) . "\"" ?> maxlength="15" size="15" />
 <?php } ?>
                            <input type="button" onclick="clearFilter()" value="clear" />
                            <input type="submit" value="search" />
--- a/app/templates/components.php
+++ b/app/templates/components.php
@ -0,0 +1,110 @@
                <!-- jitsi components events -->
                <div class="container-fluid mt-2">
                    <div class="row mb-4">
                        <div class="col-md-6 mb-5">
                            <h2 class="mb-0">Jitsi components events</h2>
                            <small>log events related to Jitsi Meet components like Jicofo, Videobridge, Jigasi, etc.</small>
                        </div>
                        <div class="row mb-4">
                            <!-- component events filter -->
                            <div class="card mb-3">
                                <div class="card-body">
                                    <form method="get" action="" class="row g-3 align-items-end">
                                        <input type="hidden" name="page" value="components">
                                        <div class="col-md-auto">
                                            <label for="from_time" class="form-label">From date</label>
                                            <input type="date" class="form-control" id="from_time" name="from_time" value="<?= htmlspecialchars($_REQUEST['from_time'] ?? '') ?>">
                                        </div>
                                        <div class="col-md-auto">
                                            <label for="until_time" class="form-label">Until date</label>
                                            <input type="date" class="form-control" id="until_time" name="until_time" value="<?= htmlspecialchars($_REQUEST['until_time'] ?? '') ?>">
                                        </div>
                                        <div class="col-md-2">
                                            <label for="name" class="form-label">Component name</label>
                                            <input type="text" class="form-control" id="name" name="name" value="<?= htmlspecialchars($_REQUEST['name'] ?? '') ?>" placeholder="Component name">
                                        </div>
                                        <div class="col-md-4">
                                            <input type="text" class="form-control" id="id" name="id" value="<?= htmlspecialchars($_REQUEST['id'] ?? '') ?>" placeholder="Search in component IDs">
                                            <input type="text" class="form-control" id="event" name="event" value="<?= htmlspecialchars($_REQUEST['event'] ?? '') ?>" placeholder="Search in event messages">
                                        </div>
                                        <div class="col-md-auto align-middle">
                                            <button type="submit" class="btn btn-primary me-2">
                                                <i class="fas fa-search me-2"></i>Search
                                            </button>
                                            <a href="?page=components" class="btn btn-outline-secondary">
                                                <i class="fas fa-times me-2"></i>Clear
                                            </a>
                                        </div>
                                    </form>
                                </div>
                            </div>
                            <!-- /component events filter -->
                            <!-- component events -->
 <?php if ($time_range_specified || count($filterMessage)) { ?>
                            <div class="alert alert-info m-0 mb-3 small">
 <?php   if ($time_range_specified) { ?>
                              <p class="mb-0"><i class="fas fa-calendar-alt me-2"></i>Time period:
                                  <strong>
                                      <?= $from_time == '0000-01-01' ? 'beginning' : date('d M Y', strtotime($from_time)) ?> - <?= $until_time == '9999-12-31' ? 'now' : date('d M Y', strtotime($until_time)) ?>
                                  </strong>
                              </p>
 <?php   } ?>
 <?php   if (count($filterMessage)) {
          foreach ($filterMessage as $message) { ?>
                                <p class="mb-0"><i class="fas fa-users me-2"></i><?= $message ?></strong></p>
 <?php     } ?>
 <?php   } ?>
                            </div>
 <?php } ?>
                            <div class="mb-5">
 <?php if (!empty($components['records'])) { ?>
                                <div class="table-responsive border">
                                    <table class="table table-results table-hover mb-0">
                                        <thead class="table-light">
                                            <tr>
                                                <th>component</th>
                                                <th>log level</th>
                                                <th>time</th>
                                                <th>component ID</th>
                                                <th>event</th>
                                                <th>parameter</th>
                                            </tr>
                                        </thead>
                                        <tbody>
 <?php     foreach ($components['records'] as $row) { ?>
                                            <tr>
                                                <td>
                                                    <a href="<?= htmlspecialchars($app_root) ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=components&name=<?= htmlspecialchars($row['component'] ?? '') ?>">
                                                        <?= htmlspecialchars($row['component'] ?? '') ?>
                                                    </a>
                                                </td>
                                                <td><?= htmlspecialchars($row['loglevel']) ?></td>
                                                <td><span class="text-muted"><?= date('d M Y H:i:s', strtotime($row['time'])) ?></span></td>
                                                <td>
                                                    <a href="<?= htmlspecialchars($app_root) ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=components&id=<?= htmlspecialchars($row['component ID'] ?? '') ?>">
                                                        <?= htmlspecialchars($row['component ID'] ?? '') ?>
                                                    </a>
                                                </td>
                                                <td><?= htmlspecialchars($row['event']) ?></td>
                                                <td><?= htmlspecialchars($row['param']) ?></td>
                                            </tr>
 <?php     } ?>
                                        </tbody>
                                    </table>
                                </div>
 <?php include '../app/templates/pagination.php'; ?>
 <?php } else { ?>
                                <div class="alert alert-danger m-0">
                                    <i class="fas fa-info-circle me-2"></i>No component events found for the specified criteria.
                                </div>
 <?php } ?>
                            </div>
                        </div>
                    </div>
                </div>
                <!-- /jitsi components events -->
--- a/app/templates/conferences.php
+++ b/app/templates/conferences.php
@ -0,0 +1,145 @@
                <!-- jitsi conferences events -->
                <div class="container-fluid mt-2">
                    <div class="row mb-4">
                        <div class="col-md-6 mb-5">
                            <h2 class="mb-0">Jitsi conferences events</h2>
                            <small>log events related to conferences in Jitsi Meet</small>
                        </div>
                        <div class="row mb-4">
                            <!-- conference events filter -->
                            <div class="card mb-3">
                                <div class="card-body">
                                    <form method="get" action="" class="row g-3 align-items-end">
                                        <input type="hidden" name="page" value="conferences">
                                        <div class="col-md-auto">
                                            <label for="from_time" class="form-label">From date</label>
                                            <input type="date" class="form-control" id="from_time" name="from_time" value="<?= htmlspecialchars($_REQUEST['from_time'] ?? '') ?>">
                                        </div>
                                        <div class="col-md-auto">
                                            <label for="until_time" class="form-label">Until date</label>
                                            <input type="date" class="form-control" id="until_time" name="until_time" value="<?= htmlspecialchars($_REQUEST['until_time'] ?? '') ?>">
                                        </div>
                                        <div class="col-md-2">
                                            <label for="name" class="form-label">Conference ID</label>
                                            <input type="text" class="form-control" id="id" name="name" value="<?= htmlspecialchars($_REQUEST['id'] ?? '') ?>" placeholder="Conference ID">
                                        </div>
                                        <div class="col-md-4">
                                            <label for="name" class="form-label">Conference name</label>
                                            <input type="text" class="form-control" id="name" name="name" value="<?= htmlspecialchars($_REQUEST['name'] ?? '') ?>" placeholder="Search in conference names">
                                        </div>
                                        <div class="col-md-auto align-middle">
                                            <button type="submit" class="btn btn-primary me-2">
                                                <i class="fas fa-search me-2"></i>Search
                                            </button>
                                            <a href="?page=conferences" class="btn btn-outline-secondary">
                                                <i class="fas fa-times me-2"></i>Clear
                                            </a>
                                        </div>
                                    </form>
                                </div>
                            </div>
                            <!-- /conference events filter -->
                            <!-- conference events -->
 <?php if ($time_range_specified || count($filterMessage)) { ?>
                            <div class="alert alert-info m-0 mb-3 small">
 <?php   if ($time_range_specified) { ?>
                                <p class="mb-0"><i class="fas fa-calendar-alt me-2"></i>Time period:
                                    <strong>
                                        <?= $from_time == '0000-01-01' ? 'beginning' : date('d M Y', strtotime($from_time)) ?> - <?= $until_time == '9999-12-31' ? 'now' : date('d M Y', strtotime($until_time)) ?>
                                    </strong>
                                </p>
 <?php   } ?>
 <?php   if (count($filterMessage)) {
          foreach ($filterMessage as $message) { ?>
                                <p class="mb-0"><i class="fas fa-users me-2"></i><?= $message ?></strong></p>
 <?php     } ?>
 <?php   } ?>
                            </div>
 <?php } ?>
                            <div class="mb-5">
 <?php if (!empty($conferences['records'])) { ?>
                                <div class="table-responsive border">
                                    <table class="table table-results table-hover">
                                        <thead class="table-light">
                                            <tr>
 <?php     foreach (array_keys($conferences['records'][0]) as $header) { ?>
                                                <th scope="col" class="text-nowrap"><?= htmlspecialchars($header) ?></th>
 <?php     } ?>
                                            </tr>
                                        </thead>
                                        <tbody>
 <?php     foreach ($conferences['records'] as $row) { ?>
                                            <tr>
 <?php       foreach ($row as $key => $column) {
                    if ($key === 'conference ID' && isset($conferenceId) && $conferenceId === $column) { ?>
                                                <td class="text-nowrap">
                                                    <strong <?= (strlen($column ?? '') > 20) ? 'data-toggle="tooltip" title="' . htmlspecialchars($column) . '"' : '' ?>>
                                                        <?= htmlspecialchars(strlen($column ?? '') > 20 ? substr($column, 0, 20) . '...' : $column ?? '') ?>
                                                    </strong>
                                                </td>
 <?php               } elseif ($key === 'conference ID') { ?>
                                                <td class="text-nowrap">
                                                    <a href="<?= htmlspecialchars($app_root) ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=conferences&id=<?= htmlspecialchars($column ?? '') ?>"
                                                       <?= (strlen($column ?? '') > 16) ? 'data-toggle="tooltip" title="' . htmlspecialchars($column) . '"' : '' ?>>
                                                        <?= htmlspecialchars(strlen($column ?? '') > 16 ? substr($column, 0, 16) . '...' : $column ?? '') ?>
                                                    </a>
                                                </td>
 <?php               } elseif ($key === 'conference name' && isset($conferenceName) && $conferenceName === $column) { ?>
                                                <td class="text-nowrap">
                                                    <strong <?= (strlen($column ?? '') > 20) ? 'data-toggle="tooltip" title="' . htmlspecialchars($column) . '"' : '' ?>>
                                                        <?= htmlspecialchars(strlen($column ?? '') > 20 ? substr($column, 0, 20) . '...' : $column ?? '') ?>
                                                    </strong>
                                                </td>
 <?php               } elseif ($key === 'conference name') { ?>
                                                <td class="text-nowrap">
                                                    <a href="<?= htmlspecialchars($app_root) ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=conferences&name=<?= htmlspecialchars($column ?? '') ?>"
                                                       <?= (strlen($column ?? '') > 16) ? 'data-toggle="tooltip" title="' . htmlspecialchars($column) . '"' : '' ?>>
                                                        <?= htmlspecialchars(strlen($column ?? '') > 16 ? substr($column, 0, 16) . '...' : $column ?? '') ?>
                                                    </a>
                                                </td>
 <?php               } elseif ($key === 'conference host') { ?>
                                                <td class="text-nowrap">
                                                    <span <?= (strlen($column ?? '') > 30) ? 'data-toggle="tooltip" title="' . htmlspecialchars($column) . '"' : '' ?>>
                                                        <?= htmlspecialchars(strlen($column ?? '') > 30 ? substr($column, 0, 30) . '...' : $column ?? '') ?>
                                                    </span>
                                                </td>
 <?php               } elseif ($key === 'participant ID') { ?>
                                                <td class="text-nowrap">
                                                    <a href="<?= htmlspecialchars($app_root) ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=participants&id=<?= htmlspecialchars($column ?? '') ?>"
                                                       <?= (strlen($column ?? '') > 16) ? 'data-toggle="tooltip" title="' . htmlspecialchars($column) . '"' : '' ?>>
                                                        <?= htmlspecialchars(strlen($column ?? '') > 16 ? substr($column, 0, 16) . '...' : $column ?? '') ?>
                                                    </a>
                                                </td>
 <?php               } elseif ($key === 'component') { ?>
                                                <td class="text-nowrap">
                                                    <a href="<?= htmlspecialchars($app_root) ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=components&name=<?= htmlspecialchars($column ?? '') ?>"
                                                       <?= (strlen($column ?? '') > 16) ? 'data-toggle="tooltip" title="' . htmlspecialchars($column) . '"' : '' ?>>
                                                        <?= htmlspecialchars(strlen($column ?? '') > 16 ? substr($column, 0, 16) . '...' : $column ?? '') ?>
                                                    </a>
                                                </td>
 <?php               } elseif ($key === 'time' || $key === 'start' || $key === 'end') { ?>
                                                <td class="text-nowrap"><?= !empty($column) ? date('d M Y H:i:s',strtotime($column)) : '<small class="text-muted">n/a</small>' ?></td>
 <?php               } else { ?>
                                                <td><?= htmlspecialchars($column ?? '') ?></td>
 <?php               }
            } ?>
                                            </tr>
 <?php     } ?>
                                        </tbody>
                                    </table>
                                </div>
 <?php include '../app/templates/pagination.php'; ?>
 <?php } else { ?>
                                <div class="alert alert-danger m-0">
                                    <i class="fas fa-info-circle me-2"></i>No conference events found for the specified criteria.
                                </div>
 <?php } ?>
                            </div>
                        </div>
                    </div>
                </div>
                <!-- /jitsi conferences events -->
--- a/app/templates/config-add-platform.php
+++ b/app/templates/config-add-platform.php
@ -1,50 +0,0 @@
                <!-- widget "config" -->
                <div class="card text-center w-50 mx-auto">
                    <p class="h4 card-header">Add new Jitsi platform</p>
                    <div class="card-body">
                        <!--p class="card-text">add new platform:</p-->
                        <form method="POST" action="<?= $app_root ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=config">
                            <div class="row mb-3">
                                <div class="col-md-4 text-end">
                                    <label for="name" class="form-label">name</label>
                                    <span class="text-danger" style="margin-right: -12px;">*</span>
                                </div>
                                <div class="col-md-8">
                                    <input class="form-control" type="text" name="name" value="" required />
                                    <p class="text-start"><small>descriptive name for the platform</small></p>
                                </div>
                            </div>
                            <div class="row mb-3">
                                <div class="col-md-4 text-end">
                                    <label for="jitsi_url" class="form-label">Jitsi URL</label>
                                    <span class="text-danger" style="margin-right: -12px;">*</span>
                                </div>
                                <div class="col-md-8">
                                    <input class="form-control" type="text" name="jitsi_url" value="https://" required />
                                    <p class="text-start"><small>URL of the Jitsi Meet (used for checks and for loading config.js)</small></p>
                                </div>
                            </div>
                            <div class="row mb-3">
                                <div class="col-md-4 text-end">
                                    <label for="jilo_database" class="form-label">jilo_database</label>
                                    <span class="text-danger" style="margin-right: -12px;">*</span>
                                </div>
                                <div class="col-md-8">
                                    <input class="form-control" type="text" name="jilo_database" value="" required />
                                    <p class="text-start"><small>path to the database file (relative to the app root)</small></p>
                                </div>
                            </div>
                            <input type="hidden" name="new" value="true" />
                            <br />
                            <a class="btn btn-secondary" href="<?= $app_root ?>?page=config" />Cancel</a>
                            <input type="submit" class="btn btn-primary" value="Save" />
                        </form>
                    </div>
                </div>
                <!-- /widget "config" -->
--- a/app/templates/config-delete-platform.php
+++ b/app/templates/config-delete-platform.php
@ -1,29 +0,0 @@
                <!-- widget "config" -->
                <div class="card text-center w-50 mx-auto">
                    <p class="h4 card-header">Jilo web configuration for Jitsi platform "<?= htmlspecialchars($platform_id) ?>"</p>
                    <div class="card-body">
                        <p class="card-text">delete a platform:</p>
                        <form method="POST" action="<?= $app_root ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=config">
 <?php foreach ($config['platforms'][$platform_id] as $config_item => $config_value) { ?>
                            <div class="row mb-3">
                                <div class="col-md-4 text-end">
                                    <label for="<?= htmlspecialchars($config_item) ?>" class="form-label"><?= htmlspecialchars($config_item) ?>:</label>
                                </div>
                                <div class="col-md-8">
                                    <div class="text-start"><?= htmlspecialchars($config_value ?? '')?></div>
                                    <input type="hidden" name="<?= htmlspecialchars($config_item) ?>" value="<?= htmlspecialchars($config_value ?? '')?>" />
                                </div>
                            </div>
 <?php } ?>
                            <br />
                            <input type="hidden" name="platform" value="<?= htmlspecialchars($platform_id) ?>" />
                            <input type="hidden" name="delete" value="true" />
                            <p class="h5 text-danger">Are you sure you want to delete this platform?</p>
                            <br />
                            <a class="btn btn-secondary" href="<?= $app_root ?>?page=config" />Cancel</a>
                            <input type="submit" class="btn btn-danger" value="Delete" />
                        </form>
                    </div>
                </div>
                <!-- /widget "config" -->
--- a/app/templates/config-edit-platform.php
+++ b/app/templates/config-edit-platform.php
@ -1,33 +0,0 @@
                <!-- widget "config" -->
                <div class="card text-center w-50 mx-auto">
                    <p class="h4 card-header">Jilo web configuration for Jitsi platform "<?= htmlspecialchars($platform_id) ?>"</p>
                    <div class="card-body">
                        <p class="card-text">edit the platform details:</p>
                        <form method="POST" action="<?= $app_root ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=config">
 <?php foreach ($config['platforms'][$platform_id] as $config_item => $config_value) { ?>
                            <div class="row mb-3">
                                <div class="col-md-4 text-end">
                                    <label for="<?= htmlspecialchars($config_item) ?>" class="form-label"><?= htmlspecialchars($config_item) ?></label>
                                    <span class="text-danger" style="margin-right: -12px;">*</span>
                                </div>
                                <div class="col-md-8">
                                    <input class="form-control" type="text" name="<?= htmlspecialchars($config_item) ?>" value="<?= htmlspecialchars($config_value ?? '')?>" required />
 <?php if ($config_item === 'name') { ?>
                                    <p class="text-start"><small>descriptive name for the platform</small></p>
 <?php } elseif ($config_item === 'jitsi_url') { ?>
                                    <p class="text-start"><small>URL of the Jitsi Meet (used for checks and for loading config.js)</small></p>
 <?php } elseif ($config_item === 'jilo_database') { ?>
                                    <p class="text-start"><small>path to the database file (relative to the app root)</small></p>
 <?php } ?>
                                </div>
                            </div>
 <?php } ?>
                            <br />
                            <input type="hidden" name="platform" value="<?= htmlspecialchars($platform_id) ?>" />
                            <a class="btn btn-secondary" href="<?= $app_root ?>?page=config" />Cancel</a>
                            <input type="submit" class="btn btn-primary" value="Save" />
                        </form>
                    </div>
                </div>
                <!-- /widget "config" -->
--- a/app/templates/config-list-configjs.php
+++ b/app/templates/config-list-configjs.php
@ -1,22 +0,0 @@
                <!-- widget "config" -->
                <div class="card text-center w-75 mx-lef">
                    <p class="h4 card-header">Configuration of the Jitsi platform <strong><?= htmlspecialchars($platformDetails['name']) ?></strong></p>
                    <div class="card-body">
                        <p class="card-text">
                            <span class="m-3">URL: <?= htmlspecialchars($platformDetails['jitsi_url']) ?></span>
                            <span class="m-3">FILE: config.js</span>
 <?php if ($mode === 'raw') { ?>
                            <span class="m-3"><a class="btn btn-light" href="<?= $app_root ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=config&item=configjs">view only active lines</a></span>
 <?php } else { ?>
                            <span class="m-3"><a class="btn btn-light" href="<?= $app_root ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=config&item=configjs&mode=raw">view raw file contents</a></span>
 <?php } ?>
                        </p>
 <pre style="text-align: left;">
 <?php
 echo htmlspecialchars($platformConfigjs);
 ?>
 </pre>
                    </div>
                </div>
                <!-- /widget "config" -->
--- a/app/templates/config-list-interfaceconfigjs.php
+++ b/app/templates/config-list-interfaceconfigjs.php
@ -1,22 +0,0 @@
                <!-- widget "config" -->
                <div class="card text-center w-75 mx-lef">
                    <p class="h4 card-header">Configuration of the Jitsi platform <strong><?= htmlspecialchars($platformDetails['name']) ?></strong></p>
                    <div class="card-body">
                        <p class="card-text">
                            <span class="m-3">URL: <?= htmlspecialchars($platformDetails['jitsi_url']) ?></span>
                            <span class="m-3">FILE: interface_config.js</span>
 <?php if ($mode === 'raw') { ?>
                            <span class="m-3"><a class="btn btn-light" href="<?= $app_root ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=config&item=interfaceconfigjs">view only active lines</a></span>
 <?php } else { ?>
                            <span class="m-3"><a class="btn btn-light" href="<?= $app_root ?>?platform=<?= htmlspecialchars($platform_id) ?>&page=config&item=interfaceconfigjs&mode=raw">view raw file contents</a></span>
 <?php } ?>
                        </p>
 <pre style="text-align: left;">
 <?php
 echo htmlspecialchars($platformInterfaceConfigjs);
 ?>
 </pre>
                    </div>
                </div>
                <!-- /widget "config" -->
--- a/app/templates/config-list.php
+++ b/app/templates/config-list.php
@ -1,14 +0,0 @@
                <!-- widget "config" -->
                <div class="card text-center w-75 mx-lef">
                    <p class="h4 card-header">Jilo web configuration</p>
                    <div class="card-body">
                        <p class="card-text">platform variables</p>
 <?php
 include '../app/helpers/render.php';
 renderConfig($config, '0');
 echo "\n";
 ?>
                    </div>
                </div>
                <!-- /widget "config" -->
--- a/app/templates/config.php
+++ b/app/templates/config.php
@ -0,0 +1,198 @@
 <!-- config file -->
 <div class="container-fluid mt-2">
    <div class="row mb-4">
        <div class="col-12 mb-4">
            <h2>Configuration</h2>
            <small><?= htmlspecialchars($config['site_name']) ?> configuration file: <em><?= htmlspecialchars($localConfigPath) ?></em></small>
 <?php if ($configMessage) { ?>
            <?= $configMessage ?>
 <?php } ?>
        </div>
    </div>
    <div class="card shadow-sm">
        <div class="card-header bg-light d-flex justify-content-between align-items-center py-3">
            <h5 class="card-title mb-0">
                <i class="fas fa-wrench me-2 text-secondary"></i>
                <?= htmlspecialchars($config['site_name']) ?> app configuration
            </h5>
 <?php if ($userObject->hasRight($userId, 'superuser') ||
          $userObject->hasRight($userId, 'edit config file')) { ?>
            <div>
                <button type="button" class="btn btn-outline-primary btn-sm toggle-edit" <?= !$isWritable ? 'disabled' : '' ?>>
                    <i class="fas fa-edit me-2"></i>Edit
                </button>
                <div class="edit-controls d-none">
                    <button type="button" class="btn btn-danger btn-sm save-config">
                        <i class="fas fa-save me-2"></i>Save
                    </button>
                    <button type="button" class="btn btn-outline-secondary btn-sm ms-2 cancel-edit">
                        Cancel
                    </button>
                </div>
            </div>
 <?php } ?>
        </div>
        <div class="card-body p-4">
            <form id="configForm">
 <?php
 include CSRF_TOKEN_INCLUDE;
 function renderConfigItem($key, $value, $path = '') {
    $fullPath = $path ? $path . '[' . $key . ']' : $key;
    // Only capitalize first letter, not every word
    $displayName = ucfirst(str_replace('_', ' ', $key));
    if (is_array($value)) {
        echo "\t\t\t\t\t\t\t\t<div class=\"config-section mb-4\">";
        echo "\n\t\t\t\t\t\t\t\t\t<h6 class=\"border-bottom pb-2 mb-3\">" . htmlspecialchars($displayName) . '</h6>';
        echo "\n\t\t\t\t\t\t\t\t\t<div class=\"ps-4\">\n";
        foreach ($value as $subKey => $subValue) {
            renderConfigItem($subKey, $subValue, $fullPath);
        }
        echo "\t\t\t\t\t\t\t\t\t</div>\n";
        echo "\t\t\t\t\t\t\t\t</div>\n";
    } else {
 ?>
                <div class="config-item row mb-3 align-items-center">
                    <div class="col-md-4 text-end">
                        <label class="form-label mb-0"><?= htmlspecialchars($displayName) ?></label>
                    </div>
                    <div class="col-md-8">
                        <div class="view-mode">
 <?php if (is_bool($value) || $key === 'registration_enabled') { ?>
                            <span class="badge <?= $value ? 'bg-success' : 'bg-secondary' ?>"><?= $value ? 'Enabled' : 'Disabled' ?></span>
 <?php } elseif ($key === 'environment') { ?>
                            <span class="badge <?= $value === 'production' ? 'bg-danger' : 'bg-info' ?>"><?= htmlspecialchars($value) ?></span>
 <?php } else {
        if (empty($value) && $value !== '0') { ?>
                            <span class="text-muted fst-italic">blank</span>
 <?php   } else { ?>
                            <span class="text-body"><?= htmlspecialchars($value) ?></span>
 <?php   } ?>
 <?php } ?>
                        </div>
                        <div class="edit-mode d-none">
 <?php if (is_bool($value) || $key === 'registration_enabled') { ?>
                            <div class="form-check form-switch">
                                <input class="form-check-input" type="checkbox" name="<?= htmlspecialchars($fullPath) ?>" <?= $value ? 'checked' : '' ?>>
                            </div>
 <?php } elseif ($key === 'environment') { ?>
                            <select class="form-select form-select-sm" name="<?= htmlspecialchars($fullPath) ?>">
                                <option value="development" <?= $value === 'development' ? 'selected' : '' ?>>development</option>
                                <option value="production" <?= $value === 'production' ? 'selected' : '' ?>>production</option>
                            </select>
 <?php } else { ?>
                            <input type="text" class="form-control form-control-sm" name="<?= htmlspecialchars($fullPath) ?>" value="<?= htmlspecialchars($value) ?>">
 <?php } ?>
                        </div>
                    </div>
                </div>
 <?php
    }
 }
    foreach ($config as $key => $value) {
        renderConfigItem($key, $value);
    } ?>
            </form>
        </div>
    </div>
 </div>
 </div>
 <script>
 $(function() {
    // Toggle edit mode
    $('.toggle-edit').click(function() {
        $(this).hide();
        $('.edit-controls').removeClass('d-none');
        $('.view-mode').hide();
        $('.edit-mode').removeClass('d-none');
    });
    // Cancel edit
    $('.cancel-edit').click(function() {
        $('.toggle-edit').show();
        $('.edit-controls').addClass('d-none');
        $('.view-mode').show();
        $('.edit-mode').addClass('d-none');
    });
    // Save config
    $('.save-config').click(function() {
        const $btn = $(this).prop('disabled', true).html('<i class="fas fa-spinner fa-spin me-2"></i>Saving...');
        // Build form data object
        const data = {};
        // Handle text inputs
        $('#configForm input[type="text"]').each(function() {
            data[$(this).attr('name')] = $(this).val();
        });
        // Handle checkboxes
        $('#configForm input[type="checkbox"]').each(function() {
            data[$(this).attr('name')] = $(this).prop('checked') ? '1' : '0';
        });
        // Handle selects
        $('#configForm select').each(function() {
            data[$(this).attr('name')] = $(this).val();
        });
        $.ajax({
            url: '<?= htmlspecialchars($app_root) ?>?page=config',
            method: 'POST',
            data: JSON.stringify(data),
            contentType: 'application/json',
            headers: {
                'X-Requested-With': 'XMLHttpRequest',
                'X-CSRF-Token': $('input[name="csrf_token"]').val()
            },
            success: function(response) {
                if (response.success) {
                    JsMessages.success(response.message || 'Config file updated successfully');
                    $('#configForm input[type="text"], #configForm input[type="checkbox"], #configForm select').each(function() {
                        const $input = $(this);
                        const $item = $input.closest('.config-item');
                        const $viewMode = $item.find('.view-mode');
                        if ($item.length) {
                            let value;
                            if ($input.is('[type="checkbox"]')) {
                                value = $input.prop('checked') ? '1' : '0';
                                const isEnabled = value === '1';
                                $viewMode.html(`<span class="badge ${isEnabled ? 'bg-success' : 'bg-secondary'}">${isEnabled ? 'Enabled' : 'Disabled'}</span>`);
                            } else if ($input.is('select')) {
                                value = $input.val();
                                $viewMode.html(`<span class="badge ${value === 'production' ? 'bg-danger' : 'bg-info'}">${value}</span>`);
                            } else {
                                value = $input.val();
                                $viewMode.html(value === '' ? '<span class="text-muted fst-italic">blank</span>' : `<span class="text-body">${value}</span>`);
                            }
                        }
                    });
                    // Finally, exit edit mode
                    $('.toggle-edit').show();
                    $('.edit-controls').addClass('d-none');
                    $('.view-mode').show();
                    $('.edit-mode').addClass('d-none');
                } else {
                    JsMessages.error(response.error || 'Error saving config');
                }
            },
            error: function(xhr, status, error) {
                JsMessages.error('Error saving config: ' + error);
            },
            complete: function() {
                $btn.prop('disabled', false).html('<i class="fas fa-save me-2"></i>Save');
            }
        });
    });
 });
 </script>
 <!-- /config file -->
--- a/app/templates/credentials-2fa-setup.php
+++ b/app/templates/credentials-2fa-setup.php
@ -0,0 +1,108 @@
 <?php
 /**
 * Two-factor authentication setup template
 */
 ?>
 <div class="container mt-4">
    <div class="row justify-content-center">
        <div class="col-md-8">
            <div class="card">
                <div class="card-header">
                    <h3>Set up two-factor authentication</h3>
                </div>
                <div class="card-body">
                    <div class="alert alert-info">
                        <p>Two-factor authentication adds an extra layer of security to your account. Once enabled, you'll need to enter both your password and a code from your authenticator app when signing in.</p>
                    </div>
                    <?php if (isset($error)): ?>
                        <div class="alert alert-danger">
                            <?php echo htmlspecialchars($error); ?>
                        </div>
                    <?php endif; ?>
                    <?php if (isset($setupData) && is_array($setupData)): ?>
                        <div class="setup-steps">
                            <h4>1. Install an authenticator app</h4>
                            <p>If you haven't already, install an authenticator app on your mobile device:</p>
                            <ul>
                                <li>Google Authenticator</li>
                                <li>Microsoft Authenticator</li>
                                <li>Authy</li>
                            </ul>
                            <h4 class="mt-4">2. Scan the QR code</h4>
                            <p>Open your authenticator app and scan this QR code:</p>
                            <div class="text-center my-4">
                                <div id="qrcode"></div>
                                <div class="mt-2">
                                    <small class="text-muted">Can't scan? Use this code instead:</small><br>
                                    <code class="secret-key"><?php echo htmlspecialchars($setupData['secret']); ?></code>
                                </div>
                            </div>
                            <h4 class="mt-4">3. Verify setup</h4>
                            <p>Enter the 6-digit code from your authenticator app to verify the setup:</p>
                            <form method="post" action="?page=credentials&item=2fa&action=setup" class="mt-3">
                                <div class="form-group">
                                    <input type="text" 
                                           name="code" 
                                           class="form-control" 
                                           pattern="[0-9]{6}" 
                                           maxlength="6"
                                           required
                                           placeholder="Enter 6-digit code">
                                </div>
                                <input type="hidden" name="secret" value="<?php echo htmlspecialchars($setupData['secret']); ?>">
                                <input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>">
                                <button type="submit" class="btn btn-primary mt-3">
                                    Verify and enable 2FA
                                </button>
                            </form>
                            <div class="mt-4">
                                <h4>Backup codes</h4>
                                <p class="text-warning">
                                    <strong>Important:</strong> Save these backup codes in a secure place. 
                                    If you lose access to your authenticator app, you can use these codes to sign in.
                                    Each code can only be used once.
                                </p>
                                <div class="backup-codes bg-light p-3 rounded">
                                    <?php foreach ($setupData['backupCodes'] as $code): ?>
                                        <code class="d-block"><?php echo htmlspecialchars($code); ?></code>
                                    <?php endforeach; ?>
                                </div>
                                <button class="btn btn-secondary mt-2" onclick="window.print()">
                                    Print backup codes
                                </button>
                            </div>
                        </div>
                    <?php else: ?>
                        <div class="alert alert-danger">
                            Failed to generate 2FA setup data. Please try again.
                        </div>
                        <a href="?page=credentials" class="btn btn-primary">Back to credentials</a>
                    <?php endif; ?>
                </div>
            </div>
        </div>
    </div>
 </div>
 <?php if (isset($setupData) && is_array($setupData)): ?>
 <script src="https://cdn.jsdelivr.net/npm/qrcodejs@1.0.0/qrcode.min.js"></script>
 <script>
 document.addEventListener('DOMContentLoaded', function() {
    new QRCode(document.getElementById("qrcode"), {
        text: <?php echo json_encode($setupData['otpauthUrl']); ?>,
        width: 200,
        height: 200
    });
 });
 </script>
 <?php endif; ?>
--- a/app/templates/credentials-2fa-verify.php
+++ b/app/templates/credentials-2fa-verify.php
@ -0,0 +1,86 @@
 <?php
 /**
 * Two-factor authentication verification template
 */
 ?>
 <div class="container mt-4">
    <div class="row justify-content-center">
        <div class="col-md-6">
            <div class="card">
                <div class="card-header">
                    <h3>Two-factor authentication</h3>
                </div>
                <div class="card-body">
                    <?php if (isset($error)): ?>
                        <div class="alert alert-danger">
                            <?php echo htmlspecialchars($error); ?>
                        </div>
                    <?php endif; ?>
                    <p>Enter the 6-digit code from your authenticator app:</p>
                    <form method="post" action="?page=login&action=verify" class="mt-3">
                        <div class="form-group">
                            <input type="text" 
                                   name="code" 
                                   class="form-control form-control-lg text-center" 
                                   pattern="[0-9]{6}" 
                                   maxlength="6"
                                   inputmode="numeric"
                                   autocomplete="one-time-code"
                                   required
                                   autofocus
                                   placeholder="000000">
                        </div>
                        <input type="hidden" name="user_id" value="<?php echo htmlspecialchars($userId); ?>">
                        <button type="submit" class="btn btn-primary btn-block mt-4">
                            Verify code
                        </button>
                    </form>
                    <div class="mt-4">
                        <p class="text-muted text-center">
                            Lost access to your authenticator app?<br>
                            <a href="#" data-toggle="collapse" data-target="#backupCodeForm">
                                Use a backup code
                            </a>
                        </p>
                        <div class="collapse mt-3" id="backupCodeForm">
                            <form method="post" action="?page=login&action=verify" class="mt-3">
                                <div class="form-group">
                                    <label>Enter backup code:</label>
                                    <input type="text" 
                                           name="backup_code" 
                                           class="form-control"
                                           pattern="[a-f0-9]{8}"
                                           maxlength="8"
                                           required
                                           placeholder="Enter backup code">
                                </div>
                                <input type="hidden" name="user_id" value="<?php echo htmlspecialchars($userId); ?>">
                                <button type="submit" class="btn btn-secondary btn-block">
                                    Use backup code
                                </button>
                            </form>
                        </div>
                    </div>
                </div>
            </div>
        </div>
    </div>
 </div>
 <script>
 // Auto-submit when 6 digits are entered
 document.querySelector('input[name="code"]').addEventListener('input', function(e) {
    if (e.target.value.length === 6 && e.target.checkValidity()) {
        e.target.form.submit();
    }
 });
 </script>
--- a/app/templates/credentials-manage.php
+++ b/app/templates/credentials-manage.php
@ -0,0 +1,100 @@
 <?php
 /**
 * Combined credentials management template
 * Handles both password changes and 2FA management
 */
 ?>
 <div class="container mt-4">
    <div class="row justify-content-center">
        <div class="col-md-8">
            <!-- Password Management -->
            <div class="card mb-4">
                <div class="card-header">
                    <h3>change password</h3>
                </div>
                <div class="card-body">
                    <form method="post" action="?page=credentials&item=password">
                        <input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>">
                        <div class="form-group">
                            <label for="current_password">current password</label>
                            <input type="password" 
                                   class="form-control" 
                                   id="current_password" 
                                   name="current_password" 
                                   required>
                        </div>
                        <div class="form-group mt-3">
                            <label for="new_password">new password</label>
                            <input type="password" 
                                   class="form-control" 
                                   id="new_password" 
                                   name="new_password"
                                   pattern=".{8,}"
                                   title="Password must be at least 8 characters long"
                                   required>
                            <small class="form-text text-muted">minimum 8 characters</small>
                        </div>
                        <div class="form-group mt-3">
                            <label for="confirm_password">confirm new password</label>
                            <input type="password" 
                                   class="form-control" 
                                   id="confirm_password" 
                                   name="confirm_password"
                                   pattern=".{8,}"
                                   required>
                        </div>
                        <div class="mt-4">
                            <button type="submit" class="btn btn-primary">change password</button>
                        </div>
                    </form>
                </div>
            </div>
            <!-- 2FA Management -->
            <div class="card">
                <div class="card-header">
                    <h3>two-factor authentication</h3>
                </div>
                <div class="card-body">
                    <p class="mb-4">Two-factor authentication adds an extra layer of security to your account. Once enabled, you'll need to enter both your password and a code from your authenticator app when signing in.</p>
                    <?php if ($has2fa): ?>
                        <div class="alert alert-success">
                            <i class="fas fa-check-circle"></i> two-factor authentication is enabled
                        </div>
                        <form method="post" action="?page=credentials&item=2fa&action=disable">
                            <input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>">
                            <button type="submit" class="btn btn-danger" onclick="return confirm('Are you sure you want to disable two-factor authentication? This will make your account less secure.')">
                                disable two-factor authentication
                            </button>
                        </form>
                    <?php else: ?>
                        <div class="alert alert-warning">
                            <i class="fas fa-exclamation-triangle"></i> two-factor authentication is not enabled
                        </div>
                        <form method="post" action="?page=credentials&item=2fa&action=setup">
                            <input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>">
                            <button type="submit" class="btn btn-primary">
                                set up two-factor authentication
                            </button>
                        </form>
                    <?php endif; ?>
                </div>
            </div>
        </div>
    </div>
 </div>
 <script>
 document.getElementById('confirm_password').addEventListener('input', function() {
    if (this.value !== document.getElementById('new_password').value) {
        this.setCustomValidity('Passwords do not match');
    } else {
        this.setCustomValidity('');
    }
 });</script>
--- a/app/templates/credentials.php
+++ b/app/templates/credentials.php
@ -0,0 +1,51 @@
                <!-- Two-Factor Authentication -->
                <div class="card mt-4">
                    <div class="card-header">
                        <h3>Two-factor authentication</h3>
                    </div>
                    <div class="card-body">
                        <?php if ($has2fa): ?>
                            <div class="d-flex align-items-center">
                                <div class="flex-grow-1">
                                    <p class="mb-0">
                                        <i class="fas fa-shield-alt text-success"></i>
                                        Two-factor authentication is enabled
                                    </p>
                                    <small class="text-muted">
                                        Your account is protected with an authenticator app
                                    </small>
                                </div>
                                <form method="post" class="ml-3">
                                    <input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>">
                                    <input type="hidden" name="item" value="2fa">
                                    <input type="hidden" name="action" value="disable">
                                    <button type="submit" class="btn btn-outline-danger" 
                                            onclick="return confirm('Are you sure you want to disable two-factor authentication? This will make your account less secure.')">
                                        Disable 2FA
                                    </button>
                                </form>
                            </div>
                        <?php else: ?>
                            <div class="d-flex align-items-center">
                                <div class="flex-grow-1">
                                    <p class="mb-0">
                                        <i class="fas fa-shield-alt text-muted"></i>
                                        Two-factor authentication is not enabled
                                    </p>
                                    <small class="text-muted">
                                        Add an extra layer of security to your account by requiring both your password and an authentication code
                                    </small>
                                </div>
                                <form method="post" class="ml-3">
                                    <input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>">
                                    <input type="hidden" name="item" value="2fa">
                                    <input type="hidden" name="action" value="enable">
                                    <button type="submit" class="btn btn-primary">
                                        Enable 2FA
                                    </button>
                                </form>
                            </div>
                        <?php endif; ?>
                    </div>
                </div>
--- a/app/templates/error-notfound.php
+++ b/app/templates/error-notfound.php
@ -0,0 +1,8 @@
 <div class="text-center">
    <div class="mt-3 h5">The page is not found.</div>
    <div>
        <small>go to <a href="<?= htmlspecialchars($app_root) ?>">front page</a> or to <a href="<?= htmlspecialchars($app_root) ?>?page=profile">your profile</a></small>
    </div>
 </div>
--- a/app/templates/error-unauthorized.php
+++ b/app/templates/error-unauthorized.php
@ -0,0 +1,8 @@
 <div class="text-center">
    <div class="mt-3 h5">You have no access to this page.</div>
    <div>
        <small>go to <a href="<?= htmlspecialchars($app_root) ?>">front page</a> or to <a href="<?= htmlspecialchars($app_root) ?>?page=profile">your profile</a></small>
    </div>
 </div>
--- a/app/templates/form-login.php
+++ b/app/templates/form-login.php
@ -2,19 +2,33 @@
        <div class="card text-center w-50 mx-auto">
            <h2 class="card-header">Login</h2>
            <div class="card-body">
-                <p class="card-text"><strong>Welcome to JILO!</strong><br />Please enter login credentials:</p>
+                <p class="card-text"><strong>Welcome to <?= htmlspecialchars($config['site_name']); ?>!</strong><br />Please enter login credentials:</p>
-                <form method="POST" action="<?= $app_root ?>?page=login">
+                <form method="POST" action="<?= htmlspecialchars($app_root) ?>?page=login">
-                    <input type="text" name="username" placeholder="Username" required />
+<?php include CSRF_TOKEN_INCLUDE; ?>
-                    <br />
+                    <div class="form-group mb-3">
-                    <input type="password" name="password" placeholder="Password" required />
+                        <input type="text" class="form-control w-50 mx-auto" name="username" placeholder="Username" 
-                    <br />
+                            pattern="[A-Za-z0-9_\-]{3,20}" title="3-20 characters, letters, numbers, - and _"
-                    <label for="remember_me">
+                            required />
-                        <input type="checkbox" id="remember_me" name="remember_me" />
+                    </div>
-                        remember me
+                    <div class="form-group mb-3">
-                    </label>
+                        <input type="password" class="form-control w-50 mx-auto" name="password" placeholder="Password" 
-                    <br />&nbsp;<br />
+                            pattern=".{8,}" title="Eight or more characters"
                            required />
                    </div>
                    <div class="form-group mb-3">
                        <label for="remember_me">
                            <input type="checkbox" id="remember_me" name="remember_me" />
                            remember me
                        </label>
                    </div>
 <?php if (isset($_GET['redirect'])): ?>
                    <input type="hidden" name="redirect" value="<?php echo htmlspecialchars($_GET['redirect']); ?>">
 <?php endif; ?>
                    <input type="submit" class="btn btn-primary" value="Login" />
                </form>
                <div class="mt-3">
                    <a href="?page=login&action=forgot">forgot password?</a>
                </div>
            </div>
        </div>
        <!-- /login form -->
--- a/app/templates/form-password-forgot.php
+++ b/app/templates/form-password-forgot.php
@ -0,0 +1,32 @@
        <div class="container">
            <div class="row justify-content-center">
                <div class="col-md-6">
                    <div class="card mt-5">
                        <div class="card-body">
                            <h3 class="card-title mb-4">Reset password</h3>
                            <p>Enter your email address and we will send you<br />
                                instructions to reset your password.</p>
                            <form method="post" action="?page=login&action=forgot">
 <?php include CSRF_TOKEN_INCLUDE; ?>
                                <div class="form-group">
                                    <label for="email">email address:</label>
                                    <input type="email"
                                           class="form-control"
                                           id="email"
                                           name="email"
                                           required
                                           autocomplete="email">
                                </div>
                                <button type="submit" class="btn btn-primary btn-block mt-4">
                                    Send reset instructions
                                </button>
                            </form>
                            <div class="mt-3 text-center">
                                <a href="?page=login">back to login</a>
                            </div>
                        </div>
                    </div>
                </div>
            </div>
        </div>
--- a/app/templates/form-password-reset.php
+++ b/app/templates/form-password-reset.php
@ -0,0 +1,38 @@
        <div class="container">
            <div class="row justify-content-center">
                <div class="col-md-6">
                    <div class="card mt-5">
                        <div class="card-body">
                            <h3 class="card-title mb-4">Set new password</h3>
                            <form method="post" action="?page=login&action=reset&token=<?= htmlspecialchars(urlencode($token)) ?>">
 <?php include CSRF_TOKEN_INCLUDE; ?>
                                <div class="form-group">
                                    <label for="new_password">new password:</label>
                                    <input type="password"
                                        class="form-control"
                                        id="new_password"
                                        name="new_password"
                                        required
                                        minlength="8"
                                        autocomplete="new-password">
                                </div>
                                <div class="form-group mt-3">
                                    <label for="confirm_password">confirm password:</label>
                                    <input type="password"
                                        class="form-control"
                                        id="confirm_password"
                                        name="confirm_password"
                                        required 
                                        minlength="8"
                                        autocomplete="new-password">
                                </div>
                                <button type="submit" class="btn btn-primary btn-block mt-4">
                                    Set new password
                                </button>
                            </form>
                        </div>
                    </div>
                </div>
            </div>
        </div>
--- a/app/templates/form-register.php
+++ b/app/templates/form-register.php
@ -1,15 +0,0 @@
        <!-- registration form -->
        <div class="card text-center w-50 mx-auto">
            <h2 class="card-header">Register</h2>
            <div class="card-body">
                <p class="card-text">Enter credentials for registration:</p>
                <form method="POST" action="<?php= $app_root ?>?page=register">
                    <input type="text" name="username" placeholder="Username" required />
                    <br />
                    <input type="password" name="password" placeholder="Password" required />
                    <br />&nbsp;<br />
                    <input type="submit" class="btn btn-primary" value="Register" />
                </form>
            </div>
        </div>
        <!-- /registration form -->
--- a/app/templates/graphs.php
+++ b/app/templates/graphs.php
@ -0,0 +1,144 @@
                <!-- jitsi graphs -->
                <div class="container-fluid mt-2">
                    <div class="row mb-4">
                        <div class="col-12 mb-4">
                            <h2 class="mb-0">Jitsi graphs</h2>
                            <small>usage graphs for platform <strong><?= htmlspecialchars($platformDetails[0]['name']) ?></strong></small>
                        </div>
                    </div>
                    <div class="row">
                        <div class="card w-auto bg-light border-light card-body filter-results">
                            <div class="btn-group" role="group">
                                <input type="button" class="button" style="margin-right: 3px;" onclick="setTimeRange('today'); setActive(this)" value="today" />
                                <input type="button" class="button" style="margin-right: 3px;" onclick="setTimeRange('last2days'); setActive(this)" value="last 2 days" />
                                <input type="button" class="button active" style="margin-right: 3px;" onclick="setTimeRange('last7days'); setActive(this)" value="last 7 days" />
                                <input type="button" class="button" style="margin-right: 3px;" onclick="setTimeRange('thisMonth'); setActive(this)" value="month" />
                                <input type="button" class="button" style="margin-right: 18px;" onclick="setTimeRange('thisYear'); setActive(this)" value="year" />
                                <input type="date" style="margin-right: 3px;" id="start-date">
                                <input type="date" style="margin-right: 3px;" id="end-date">
                                <input type="button" id="custom_range" class="button" onclick="setCustomTimeRange(); setActive(this)" value="custom range" />
                            </div>
                        </div>
                    </div>
                </div>
 <script>
 // Define an array to store all graph instances
 var graphs = [];
 </script>
 <?php foreach ($graph as $data) {
    include '../app/helpers/graph.php';
 } ?>
 <script>
 // Function to update the label and propagate zoom across charts
 function propagateZoom(chart) {
    var startDate = chart.scales.x.min;
    var endDate = chart.scales.x.max;
    // Update the datetime input fields
    document.getElementById('start-date').value = new Date(startDate).toISOString().slice(0, 10);
    document.getElementById('end-date').value = new Date(endDate).toISOString().slice(0, 10);
    // Update all charts with the new date range
    graphs.forEach(function(graphObj) {
        if (graphObj.graph !== chart) {
            graphObj.graph.options.scales.x.min = startDate;
            graphObj.graph.options.scales.x.max = endDate;
            graphObj.graph.update(); // Redraw chart with new range
        }
        updatePeriodLabel(graphObj.graph, graphObj.label); // Update period label
    });
 }
 // Predefined time range buttons
 function setTimeRange(range) {
    var startDate, endDate;
    var now = new Date();
    switch (range) {
        case 'today':
            startDate = new Date(now.setHours(0, 0, 0, 0));
            endDate = new Date(now.setHours(23, 59, 59, 999));
            timeRangeName = 'today';
            break;
        case 'last2days':
            startDate = new Date(now.setDate(now.getDate() - 2));
            endDate = new Date();
            timeRangeName = 'last 2 days';
            break;
        case 'last7days':
            startDate = new Date(now.setDate(now.getDate() - 7));
            endDate = new Date();
            timeRangeName = 'last 7 days';
            break;
        case 'thisMonth':
            startDate = new Date(now.getFullYear(), now.getMonth(), 1);
            endDate = new Date();
            timeRangeName = 'this month so far';
            break;
        case 'thisYear':
            startDate = new Date(now.getFullYear(), 0, 1);
            endDate = new Date();
            timeRangeName = 'this year so far';
            break;
        default:
            return;
    }
    // We set the date input fields to match the selected period
    document.getElementById('start-date').value = startDate.toISOString().slice(0, 10);
    document.getElementById('end-date').value = endDate.toISOString().slice(0, 10);
    // Loop through all graphs and update their time range and label
    graphs.forEach(function(graphObj) {
        graphObj.graph.options.scales.x.min = startDate;
        graphObj.graph.options.scales.x.max = endDate;
        graphObj.graph.update();
        updatePeriodLabel(graphObj.graph, graphObj.label); // Update the period label
    });
 }
 // Custom date range
 function setCustomTimeRange() {
    var startDate = document.getElementById('start-date').value;
    var endDate = document.getElementById('end-date').value;
    if (!startDate || !endDate) return;
    // Convert the input dates to JavaScript Date objects
    startDate = new Date(startDate);
    endDate = new Date(endDate);
    timeRangeName = 'custom range';
    // Loop through all graphs and update the custom time range
    graphs.forEach(function(graphObj) {
        graphObj.graph.options.scales.x.min = startDate;
        graphObj.graph.options.scales.x.max = endDate;
        graphObj.graph.update();
        updatePeriodLabel(graphObj.graph, graphObj.label); // Update the period label
    });
 }
 // Set the clicked button state to active
 function setActive(element) {
    // Remove 'active' class from all buttons
    var buttons = document.querySelectorAll('.button');
    buttons.forEach(function(btn) {
        btn.classList.remove('active');
    });
    // Add 'active' class only to the clicked button
    element.classList.add('active');
 }
 // Call setTimeRange('last7days') on page load to pre-load last 7 days by default
 window.onload = function() {
    setTimeRange('last7days');
 };
 </script>
                <!-- /jitsi graphs -->
--- a/app/templates/help.php
+++ b/app/templates/help.php
@ -0,0 +1,128 @@
                <!-- help -->
                <div class="container-fluid mt-2">
                    <div class="row mb-4">
                        <div class="col-12 mb-4">
                            <h2 class="mb-0">Help</h2>
                            <small>about this program</small>
                        </div>
                    </div>
                    <div class="card shadow-sm">
                        <div class="card-body p-4">
                            <!-- Introduction -->
                            <div class="mb-5">
                                <p class="lead">
                                    <a href="https://lindeas.com/jilo" class="text-decoration-none">Jilo</a> is a software tools suite developed by 
                                    <a href="https://lindeas.com" class="text-decoration-none">Lindeas Ltd.</a> designed to help in maintaining a Jitsi Meet platform.
                                </p>
                                <p>It consists of several parts meant to run together, although some of them can be used separately.</p>
                            </div>
                            <!-- Components -->
                            <div class="row g-4">
                                <!-- Jilo CLI -->
                                <div class="col-12">
                                    <div class="card border bg-light">
                                        <div class="card-header bg-light d-flex align-items-center">
                                            <i class="fas fa-terminal me-2 text-secondary"></i>
                                            <h5 class="card-title mb-0">JILO</h5>
                                        </div>
                                        <div class="card-body">
                                            <p class="card-text">
                                                This is the command-line tool for extracting information about important events from the Jitsi Meet log files, 
                                                storing them in a database and searching through that database.
                                            </p>
                                            <p class="card-text">
                                                Jilo is written in Bash and has very minimal external dependencies. That means that you can run it on almost 
                                                any Linux system with jitsi log files.
                                            </p>
                                            <div class="mt-3">
                                                <p class="mb-2">It can either:</p>
                                                <ul class="list-unstyled ps-4">
                                                    <li><i class="fas fa-check text-success me-2"></i>Show the data directly in the terminal</li>
                                                    <li><i class="fas fa-check text-success me-2"></i>Provide it to an instance of "Jilo Web" for displaying statistics</li>
                                                    <li><i class="fas fa-check text-success me-2"></i>Send the data output to a "Jilo Agent"</li>
                                                </ul>
                                            </div>
                                        </div>
                                    </div>
                                </div>
                                <!-- Jilo Agent -->
                                <div class="col-12">
                                    <div class="card border bg-light">
                                        <div class="card-header bg-light d-flex align-items-center">
                                            <i class="fas fa-robot me-2 text-secondary"></i>
                                            <h5 class="card-title mb-0">Jilo Agent</h5>
                                        </div>
                                        <div class="card-body">
                                            <p class="card-text">
                                                The Jilo Agent is a small program, written in Go. It runs on remote servers in the Jitsi Meet platform, 
                                                and provides info about the operation of the different components of the platform.
                                            </p>
                                            <div class="mt-3">
                                                <h6 class="fw-bold mb-2">Key Features:</h6>
                                                <ul class="list-unstyled ps-4">
                                                    <li><i class="fas fa-shield-alt text-primary me-2"></i>Secured with JWT tokens authentication</li>
                                                    <li><i class="fas fa-lock text-primary me-2"></i>HTTPS support</li>
                                                    <li><i class="fas fa-network-wired text-primary me-2"></i>Single port for all services</li>
                                                    <li><i class="fas fa-box text-primary me-2"></i>No external dependencies</li>
                                                </ul>
                                            </div>
                                        </div>
                                    </div>
                                </div>
                                <!-- Jilo Web -->
                                <div class="col-12">
                                    <div class="card border bg-light">
                                        <div class="card-header bg-light d-flex align-items-center">
                                            <i class="fas fa-globe me-2 text-secondary"></i>
                                            <h5 class="card-title mb-0">Jilo Web</h5>
                                        </div>
                                        <div class="card-body">
                                            <p class="card-text">
                                                Jilo Web is the web app that combines all the information received from Jilo and Jilo Agents and shows 
                                                statistics and graphs of the usage, the events and the issues.
                                            </p>
                                            <p class="card-text">
                                                It is a multi-user web tool with user levels and access rights integrated into it, making it suitable 
                                                for the different levels in an enterprise.
                                            </p>
                                            <div class="alert alert-info mt-3 mb-0">
                                                <i class="fas fa-info-circle me-2"></i>
                                                The current website you are looking at is running a Jilo Web instance.
                                            </div>
                                        </div>
                                    </div>
                                </div>
                                <!-- Jilo Server -->
                                <div class="col-12">
                                    <div class="card border bg-light">
                                        <div class="card-header bg-light d-flex align-items-center">
                                            <i class="fas fa-server me-2 text-secondary"></i>
                                            <h5 class="card-title mb-0">Jilo Server</h5>
                                        </div>
                                        <div class="card-body">
                                            <p class="card-text">
                                                Jilo Server is a server component written in Go, meant to work alongside Jilo Web. It is responsible for 
                                                all automated tasks - health checks, periodic retrieval of data from the remote Jilo Agents, etc.
                                            </p>
                                            <p class="card-text">
                                                It generally works on the same machine as the web interface Jilo Web and shares its database, although 
                                                if needed it could be deployed on a separate machine.
                                            </p>
                                            <div class="alert alert-warning mt-3 mb-0">
                                                <i class="fas fa-exclamation-triangle me-2"></i>
                                                Jilo Web checks for the Jilo Server availability and displays a warning if there is a problem with the server.
                                            </div>
                                        </div>
                                    </div>
                                </div>
                            </div>
                        </div>
                    </div>
                </div>
                <!-- /help -->
--- a/Show More
+++ b/Show More