From: konrad <konrad@6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33>
Date: Fri, 7 Aug 2009 20:44:00 +0000 (+0000)
Subject: *switched machine interface to new framework
X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=32d853efe4cd338677e3a3727b5fdda9e44b3f6b;p=web%2Fkonrad%2Fsmoke.git

*switched machine interface to new framework
*implemented web communication - compiles, but UNTESTED!
*removed sub-full-serializers


git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@318 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33
---

diff --git a/src/customer.cpp b/src/customer.cpp
index 1a93a2d..aed971b 100644
--- a/src/customer.cpp
+++ b/src/customer.cpp
@@ -132,9 +132,10 @@ void MCustomerListDialog::updateList(int nid)
 	MTGetAllCustomerNames gac=req->queryGetAllCustomerNames();
 	if(gac.stage()!=gac.Success)return;
 	m_list.clear();
-	QList<MOCustomer>cl=gac.getcustomers();
-	for(int i=0;i<cl.size();i++)
-		m_list.append(cl[i]);
+	QList<MOCustomerShort>cl=gac.getcustomers();
+	//FIXME
+// 	for(int i=0;i<cl.size();i++)
+// 		m_list.append(cl[i]);
 	//update widget
 	m_listmodel->clear();
 	m_listmodel->insertRows(0,m_list.size());
@@ -265,7 +266,8 @@ MCustomerDialog::MCustomerDialog(MCustomer c,QWidget*par)
 	m_addr->setPlainText(m_cust.address());
 	gl->addWidget(new QLabel(tr("Contact Information:")),++lc,0);
 	gl->addWidget(m_cont=new QTextEdit,lc,1);
-	m_cont->setPlainText(m_cust.contact());
+	//FIXME
+// 	m_cont->setPlainText(m_cust.contact());
 	gl->setRowMinimumHeight(++lc,10);
 	gl->addWidget(new QLabel(tr("Web-Login/eMail:")),++lc,0);
 	gl->addWidget(m_mail=new QLabel(m_cust.email()),lc,1);
@@ -291,7 +293,7 @@ MCustomer MCustomerDialog::getCustomer()
 	m_cust.setname(m_name->text());
 	//TODO: redo address editing
 	//m_cust.setaddress(m_addr->toPlainText());
-	m_cust.setcontact(m_cont->toPlainText());
+	//m_cust.setcontact(m_cont->toPlainText());
 	m_cust.setcomments(m_comm->toPlainText());
 	return m_cust;
 }
diff --git a/src/customer.h b/src/customer.h
index d123af7..3653381 100644
--- a/src/customer.h
+++ b/src/customer.h
@@ -17,6 +17,7 @@
 #include <QDialog>
 #include <QList>
 
+#include "MOCustomerShort.h"
 #include "MOCustomer.h"
 
 /**this class expands on MOCustomer to add some convenience methods*/
diff --git a/src/mainwindow.cpp b/src/mainwindow.cpp
index 9c553aa..54b7821 100644
--- a/src/mainwindow.cpp
+++ b/src/mainwindow.cpp
@@ -229,7 +229,8 @@ void MMainWindow::startLogin()
 	QString hn;
 	if(usealterhost->isChecked())hn=alterhostname->text();
 	else hn=QSettings().value("hostname").toString();
-	if(!mw->login(username->text(),password->text(),hn)){
+	QString hk=QSettings().value("hostkey").toString();
+	if(!mw->login(username->text(),password->text(),hn,hk)){
 		QMessageBox::warning(this,tr("Warning"),tr("Unable to log in."));
 		mw->deleteLater();
 		setEnabled(true);
diff --git a/src/msinterface.cpp b/src/msinterface.cpp
index 92b6eca..f4a5526 100644
--- a/src/msinterface.cpp
+++ b/src/msinterface.cpp
@@ -11,9 +11,23 @@
 //
 
 #include "msinterface.h"
+#include <QMessageBox>
 
 MSInterface::MSInterface(QString pid)
 	:MInterface()
 {
 	profileid=pid;
-}
\ No newline at end of file
+}
+
+bool MSInterface::login(QString username,QString passwd,QString hostname,QString hostkey)
+{
+	MTLogin lg=MTLogin::query(username,passwd,hostname,hostkey);
+	if(lg.stage()==lg.Error)
+		QMessageBox::warning(0,tr("Warning"),tr("Login failed: %1").arg(tr(lg.errorString().toAscii())));
+	else
+		setSessionId(lg.getsessionid());
+	return lg.stage()==lg.Success;
+}
+
+		void logout(){}
+		bool relogin(){return false;}
diff --git a/src/msinterface.h b/src/msinterface.h
index bf7b04c..6ef9060 100644
--- a/src/msinterface.h
+++ b/src/msinterface.h
@@ -23,7 +23,7 @@ class MSInterface:public MInterface
 		
 		static MSInterface* instance(){return qobject_cast<MSInterface*>(MInterface::instance());}
 		
-		bool login(QString,QString,QString){return false;}
+		bool login(QString username,QString passwd,QString hostname,QString hostkey);
 		void logout(){}
 		bool relogin(){return false;}
 		QString currentUser()const{return "";}
diff --git a/src/order.cpp b/src/order.cpp
index ce823a0..9384883 100644
--- a/src/order.cpp
+++ b/src/order.cpp
@@ -403,7 +403,7 @@ QString MTicket::ticketReturn()
 
 bool MTicket::isToBePaid()const
 {
-	if(status()==Bought || status()==Used)return true;
+	if(status()==Ordered || status()==Used)return true;
 	else return false;
 }
 
diff --git a/src/overview.cpp b/src/overview.cpp
index 8feed63..b7b61f0 100644
--- a/src/overview.cpp
+++ b/src/overview.cpp
@@ -465,7 +465,7 @@ void MOverview::eventCancel()
 		MOEvent ev=getev.getevent();
 		QString r=QInputDialog::getText(this,tr("Cancel Event"),tr("Please enter a reason to cancel event \"%1\" or abort:").arg(ev.title()),QLineEdit::Normal,"",&ok);
 		if(!ok)return;
-		MTCancelEvent cev=MTCancelEvent::queryWeb(id,r);
+		MTCancelEvent cev=MTCancelEvent::query(id,r);
 		if(!cev.hasError())
 			QMessageBox::information(this,tr("Event Cancelled"),tr("The event \"%1\" has been cancelled. Please inform everybody who bought a ticket.").arg(ev.title()));
 		else
@@ -516,7 +516,7 @@ void MOverview::newUser()
 	//get password
 	QString pwd=QInputDialog::getText(this,tr("Password"),tr("Please enter an initial password for the user:"),QLineEdit::Password);
 	//send request
-	req->queryCreateUser(name,pwd);
+	req->queryCreateUser(name,pwd,"");
 	//update display
 	updateUsers();
 }
diff --git a/src/phpscan.pri b/src/phpscan.pri
index 7452b1c..d78279e 100644
--- a/src/phpscan.pri
+++ b/src/phpscan.pri
@@ -51,8 +51,9 @@ HEADERS += \
 ../www/inc/wob/wo_User.php \
 ../www/inc/wob/wtr_SetUserDescription.php \
 ../www/inc/wob/wtr_GetAllHostNames.php \
-../www/inc/wob/wo_HostAcl.php \
 ../www/inc/wob/wt_room.php \
+../www/inc/wob/wt_item.php \
+../www/inc/wob/wt_eventprice.php \
 ../www/inc/wob/wtr_GetAllShipping.php \
 ../www/inc/wob/wt_customer.php \
 ../www/inc/wob/wo_CartVoucher.php \
@@ -60,42 +61,54 @@ HEADERS += \
 ../www/inc/wob/wt_host.php \
 ../www/inc/wob/wt_country.php \
 ../www/inc/wob/wo_Country.php \
-../www/inc/wob/wt_userhosts.php \
+../www/inc/wob/wo_CustomerShort.php \
+../www/inc/wob/wtr_Logout.php \
 ../www/inc/wob/wtr_GetUserRoles.php \
+../www/inc/wob/wt_seatplan.php \
 ../www/inc/wob/wo_Ticket.php \
 ../www/inc/wob/wt_config.php \
+../www/inc/wob/wt_artist.php \
 ../www/inc/wob/wtr_SetUserRoles.php \
 ../www/inc/wob/wtr_ChangePassword.php \
+../www/inc/wob/wt_contact.php \
 ../www/inc/wob/wtr_DeleteUser.php \
 ../www/inc/wob/wo_Voucher.php \
 ../www/inc/wob/wtr_GetTicket.php \
 ../www/inc/wob/wtr_CancelEvent.php \
 ../www/inc/wob/wo_Host.php \
 ../www/inc/wob/wo_CartOrder.php \
-../www/inc/wob/wo_UserRole.php \
+../www/inc/wob/wt_userhost.php \
 ../www/inc/wob/wt_cart_voucher.php \
 ../www/inc/wob/wt_voucher.php \
 ../www/inc/wob/wo_CartTicket.php \
 ../www/inc/wob/wt_ticket.php \
 ../www/inc/wob/wtr_GetAllRooms.php \
 ../www/inc/wob/wt_moneylog.php \
+../www/inc/wob/wtr_GetMyRights.php \
 ../www/inc/wob/wtr_ServerInfo.php \
 ../www/inc/wob/wtr_Login.php \
 ../www/inc/wob/wtr_GetVoucher.php \
-../www/inc/wob/wt_users.php \
+../www/inc/wob/wt_documentlog.php \
+../www/inc/wob/wt_role.php \
 ../www/inc/wob/wtr_GetAllHosts.php \
 ../www/inc/wob/wtr_GetCustomer.php \
+../www/inc/wob/wo_ContactType.php \
 ../www/inc/wob/wt_cart_ticket.php \
+../www/inc/wob/wt_product.php \
 ../www/inc/wob/wtr_GetOrder.php \
 ../www/inc/wob/wtr_SetHost.php \
 ../www/inc/wob/wt_template.php \
 ../www/inc/wob/wo_Room.php \
 ../www/inc/wob/wtr_GetEvent.php \
 ../www/inc/wob/wt_shipping.php \
+../www/inc/wob/wt_user.php \
+../www/inc/wob/wt_contacttype.php \
 ../www/inc/wob/wt_address.php \
 ../www/inc/wob/wtr_GetMyRoles.php \
 ../www/inc/wob/wtr_GetAllUsers.php \
 ../www/inc/wob/autoload.php \
+../www/inc/wob/wt_cart_item.php \
+../www/inc/wob/wt_pricecategory.php \
 ../www/inc/wob/wo_Address.php \
 ../www/inc/wob/wo_Customer.php \
 ../www/inc/wob/wt_websession.php \
@@ -103,17 +116,16 @@ HEADERS += \
 ../www/inc/wob/wo_Order.php \
 ../www/inc/wob/transaction.php \
 ../www/inc/wob/wtr_SetUserHosts.php \
+../www/inc/wob/wt_roleright.php \
+../www/inc/wob/wo_Contact.php \
 ../www/inc/wob/wtr_GetUserHosts.php \
 ../www/inc/wob/wt_userrole.php \
 ../www/inc/wob/wo_Event.php \
 ../www/inc/wob/wtr_DeleteHost.php \
 ../www/inc/global_variables.php \
 ../www/inc/global_functions.php \
-../www/inc/machine/cauth_hash.php \
-../www/inc/machine/cauth_mhash.php \
 ../www/inc/machine/host.php \
 ../www/inc/machine/version.php \
-../www/inc/machine/cauth_string.php \
 ../www/inc/machine/template.php \
 ../www/inc/machine/session.php \
 ../www/inc/machine/autoload.php \
diff --git a/src/user.cpp b/src/user.cpp
index e16afb8..4c7b18b 100644
--- a/src/user.cpp
+++ b/src/user.cpp
@@ -29,7 +29,7 @@ bool MUser::create(QString pwd)
 	//do not attempt to save invalid or incomplete data
 	if(!isValid())return false;
 	//call
-	MTCreateUser cu=req->queryCreateUser(name(),pwd);
+	MTCreateUser cu=req->queryCreateUser(name(),pwd,"");
 	//check success
 	if(cu.stage()==cu.Success){
 		operator=(cu.getuser().value());
@@ -84,16 +84,17 @@ MCheckList MUser::getRoles()
 	MTGetUserRoles gr=req->queryGetUserRoles(name());
 	//check success
 	MCheckList ret;
+	//TODO: also get roles we don't have and do something about rights
 	if(gr.stage()==gr.Success){
-		QList<MOUserRole>lr=gr.getroles();
+		QList<QString>lr=gr.getroles();
 		for(int i=0;i<lr.size();i++)
-			ret.addItem(new MAcl(lr[i].username(),lr[i].isset()));
+			ret.addItem(new MAcl(lr[i],true));
 	}
 	return ret;
 }
 
 bool MUser::setRoles(const MCheckList&cl)
-{
+{/* TODO
 	//create DOM
 	QList<MOUserRole>lr;
 	for(int i=0;i<cl.size();i++){
@@ -105,11 +106,11 @@ bool MUser::setRoles(const MCheckList&cl)
 	//request
 	MTSetUserRoles sur=req->querySetUserRoles(name(),lr);
 	if(sur.stage()==sur.Success)return true;
-	else return false;
+	else*/ return false;
 }
 
 MCheckList MUser::getHosts()
-{
+{/*TODO
 	//call
 	MTGetUserHosts gh=req->queryGetUserHosts(name());
 	//check success
@@ -120,11 +121,11 @@ MCheckList MUser::getHosts()
 			ret.addItem(new MUserHost(hl[i]));
 		}
 	}
-	return ret;
+	return ret;*/ return MCheckList();
 }
 
 bool MUser::setHosts(const MCheckList&cl)
-{
+{/*TODO
 	//create DOM
 	QList<MOHostAcl> hal;
 	for(int i=0;i<cl.size();i++){
@@ -136,7 +137,7 @@ bool MUser::setHosts(const MCheckList&cl)
 	//request
 	MTSetUserHosts suh=req->querySetUserHosts(name(),hal);
 	if(suh.stage()==suh.Success)return true;
-	else return false;
+	else*/ return false;
 }
 
 /********************************************************/
@@ -216,11 +217,12 @@ MUserHost::MUserHost(QString h,bool s)
 	m_set=s;
 }
 
+/*TODO
 MUserHost::MUserHost(const MOHostAcl&a)
 {
 	m_host=a.hostname();
 	m_set=a.isset();
-}
+}*/
 
 QString MUserHost::host()const
 {
diff --git a/src/user.h b/src/user.h
index 98bae85..e49f125 100644
--- a/src/user.h
+++ b/src/user.h
@@ -88,7 +88,7 @@ class MAcl:public MCheckItem
 		bool m_set;
 };
 
-class MOHostAcl;
+// class MOHostAcl;
 /**overwrites MCheckItem to represent a host item for the user*/
 class MUserHost:public MCheckItem
 {
@@ -96,7 +96,7 @@ class MUserHost:public MCheckItem
 		MUserHost();
 		MUserHost(const MUserHost&);
 		MUserHost(QString,bool);
-		MUserHost(const MOHostAcl&);
+		//MUserHost(const MOHostAcl&);
 		
 		/**returns the host this item represents*/
 		virtual QString host()const;
diff --git a/src/wbase/WInterface.h b/src/wbase/WInterface.h
index 29b2983..94a0908 100644
--- a/src/wbase/WInterface.h
+++ b/src/wbase/WInterface.h
@@ -65,6 +65,9 @@ class WInterface:public QObject
 		
 		/**returns the current log level*/
 		LogLevel logLevel()const{return loglvl;}
+		
+		/**returns the current session ID*/
+		QString sessionId()const{return m_sessid;}
 
 	public slots:
 		/**set log level*/
@@ -80,11 +83,14 @@ class WInterface:public QObject
 	
 		/**sets the URL of the interface*/
 		void setUrl(QUrl u){m_url=u;}
+		
+		/**sets the session id to be transmitted*/
+		void setSessionId(QString sid){m_sessid=sid;}
 	
 	private:
 		static QMap<QString,WInterface*>inst;
 		QUrl m_url;
-		QString m_proxyhost,m_proxyuser,m_proxypass;
+		QString m_proxyhost,m_proxyuser,m_proxypass,m_sessid;
 		unsigned short m_proxyport;
 		int m_wtimeout;
 		LogLevel loglvl;
diff --git a/src/wbase/WTransaction.cpp b/src/wbase/WTransaction.cpp
index aba27a7..615cae1 100644
--- a/src/wbase/WTransaction.cpp
+++ b/src/wbase/WTransaction.cpp
@@ -24,7 +24,6 @@
 WTransaction::WTransaction(QString ifc)
 {
 	m_stage=Uninitialized;
-	m_qsource=None;
 	m_httpid=-1;
 	m_iface=ifc;
 }
@@ -32,7 +31,6 @@ WTransaction::WTransaction(const WTransaction&t)
 	:QObject()
 {
 	m_stage=t.m_stage;
-	m_qsource=t.m_qsource;
 	m_errstr=t.m_errstr;
 	m_errtype=t.m_errtype;
 	m_iface=t.m_iface;
@@ -58,7 +56,6 @@ QByteArray WTransaction::executeQuery(QString hreq,QByteArray data)
 	//show the user we are waiting
 	WaitCursor wc;
 	//set up request
-	m_qsource=Web;
 	QString log;
 	QEventLoop loop(this);
 	connect(this,SIGNAL(webFinished()),&loop,SLOT(quit()));
@@ -67,6 +64,7 @@ QByteArray WTransaction::executeQuery(QString hreq,QByteArray data)
 		qDebug("Error: transaction cannot find interface.");
 		m_stage=Error;
 		m_errtype="_iface";
+		m_errstr="interface not found";
 		return QByteArray();
 	}
 	QUrl url=iface->url();
diff --git a/src/wbase/WTransaction.h b/src/wbase/WTransaction.h
index 162c989..4effa4c 100644
--- a/src/wbase/WTransaction.h
+++ b/src/wbase/WTransaction.h
@@ -24,14 +24,14 @@ class WTransaction:public QObject
 	Q_OBJECT
 	public:
 		enum Stage {Uninitialized,Success,Error};
-		enum QuerySource{None,Buffer,Web};
 		
 		Stage stage()const{return m_stage;}
-		QuerySource querySource()const{return m_qsource;}
 		
 		bool hasError()const{return m_stage==Error;}
 		QString errorType()const{return m_errtype;}
 		QString errorString()const{return m_errstr;}
+		
+		QString interface()const{return m_iface;}
 	protected:
 		WTransaction(QString iface=QString());
 		WTransaction(const WTransaction&);
@@ -42,9 +42,8 @@ class WTransaction:public QObject
 		void webReady(int,bool);
 	signals:
 		void webFinished();
-	private:
+	protected:
 		Stage m_stage;
-		QuerySource m_qsource;
 		QString m_errtype,m_errstr,m_iface;
 		int m_httpid;
 };
diff --git a/wob/event.wolf b/wob/event.wolf
index 2ebf21c..441d503 100644
--- a/wob/event.wolf
+++ b/wob/event.wolf
@@ -60,7 +60,7 @@
 		<Column name="cancelreason" type="string"/>
 	</Table>
 	
-	<Table name="eventprices" backup="yes">
+	<Table name="eventprice" backup="yes">
 		<Column name="eventid" type="int32" primarykey="yes" foreignkey="event:eventid"/>
 		<Column name="pricecategoryid" type="int32" primarykey="yes" foreignkey="pricecategory:pricecategoryid"/>
 		<Column name="maxavailable" type="int32" notnull="yes"/>
@@ -96,7 +96,7 @@
 		</Input>
 		<Call lang="php" method="GetEventXml2($this);"/>
 		<Output>
-			<Var name="event" type="Event/Full"/>
+			<Var name="event" type="Event"/>
 		</Output>
 	</Transaction>
 	
@@ -104,7 +104,7 @@
 		<Input/>
 		<Call lang="php" method="GetAllEventsXml2($this);"/>
 		<Output>
-			<Var name="events" type="List:Event/Full"/>
+			<Var name="events" type="List:Event"/>
 		</Output>
 	</Transaction>
 	
@@ -119,7 +119,7 @@
 	<Transaction name="GetAllRooms">
 		<Input/>
 		<Output>
-			<Var name="rooms" type="List:Room/Full"/>
+			<Var name="rooms" type="List:Room"/>
 		</Output>
 	</Transaction>
 </Wolf>
\ No newline at end of file
diff --git a/wob/magicsmoke.wolf b/wob/magicsmoke.wolf
index 4d359cf..b6a13e6 100644
--- a/wob/magicsmoke.wolf
+++ b/wob/magicsmoke.wolf
@@ -15,7 +15,11 @@
 	<!-- configure output -->
 	<QtClientOutput sourceDir="src" subDir="wob" priInclude="wob.pri" classPrefix="M" clean="yes"/>
 	<PHPServerOutput sourceDir="www" subDir="inc/wob" extension=".php" clean="yes">
-		<Authenticator isAuthenticated="$::session->isAuthenticated()" hasRole="$::session->canExecute('%')" userName="$::session->getUser()"/>
+		<Authenticator 
+			isAuthenticated="$::session->isAuthenticated()"
+			hasRole="$::session->canExecute(%)"
+			userName="$::session->getUser()"
+			init="new Session(%)"/>
 	</PHPServerOutput>
 	<!-- HtmlOutput sourceDir="doc" subDir="wob"/ -->
 	
diff --git a/wob/order.wolf b/wob/order.wolf
index 50fd0d4..6921415 100644
--- a/wob/order.wolf
+++ b/wob/order.wolf
@@ -112,9 +112,6 @@
 		<Property name="status" type="TicketState"/>
 		<Property name="orderid" type="int"/>
 		
-		<ToXml name="inOrder">ticketid eventid price status</ToXml>
-		<ToXml name="Full">ticketid eventid price status orderid</ToXml>
-		
 		<Mapping table="ticket">
 			<Map column="ticketid"/>
 			<Map column="price"/>
@@ -129,7 +126,7 @@
 			<Var name="ticketid" type="astring"/>
 		</Input>
 		<Output>
-			<Var name="ticket" type="Ticket/Full"/>
+			<Var name="ticket" type="Ticket"/>
 		</Output>
 	</Transaction>
 	
@@ -144,9 +141,6 @@
 		<Property name="price" type="int" optional="1"/>
 		<Property name="status" type="VoucherState" optional="1"/>
 		<Property name="isused" type="bool"/>
-		
-		<ToXml name="Full">voucherid value price status</ToXml>
-		<ToXml name="inOrder">voucherid value price status</ToXml>
 	</Class>
 	
 	<Transaction name="GetVoucher">
@@ -154,7 +148,7 @@
 			<Var name="voucherid" type="astring"/>
 		</Input>
 		<Output>
-			<Var name="voucher" type="Voucher/Full"/>
+			<Var name="voucher" type="Voucher"/>
 		</Output>
 	</Transaction>
 	
@@ -176,9 +170,6 @@
 		<Property name="ordertime" type="int64"/>
 		<Property name="senttime" type="int64"/>
 		<!-- etc.pp. -->
-		
-		<ToXml name="Short">orderid customerid seller amountpaid state amountdue</ToXml>
-		<ToXml name="Full">orderid customerid seller amountpaid state amountdue tickets/inOrder vouchers/inOrder</ToXml>
 	</Class>
 	
 	<Transaction name="GetOrder">
@@ -186,7 +177,7 @@
 			<Var name="orderid" type="int"/>
 		</Input>
 		<Output>
-			<Var name="order" type="Order/Full"/>
+			<Var name="order" type="Order"/>
 		</Output>
 	</Transaction>
 	
@@ -203,13 +194,12 @@
 		       <Map column="canallusers"/>
 		       <Map column="description"/>
 	       </Mapping>
-	       <ToXml name="Full">id cost canuseweb canallusers description</ToXml>
 	</Class>
 	
 	<Transaction name="GetAllShipping">
 		<Input/>
 		<Output>
-			<Var name="shipping" type="List:Shipping/Full"/>
+			<Var name="shipping" type="List:Shipping"/>
 		</Output>
 	</Transaction>
 </Wolf>
\ No newline at end of file
diff --git a/wob/user.wolf b/wob/user.wolf
index 8b7a753..799302b 100644
--- a/wob/user.wolf
+++ b/wob/user.wolf
@@ -41,7 +41,7 @@
 		</Preset>
 	</Table>
 	
-	<Table name="rolerights" backup="yes">
+	<Table name="roleright" backup="yes">
 		<Column name="rolename" type="string:64" primarykey="yes"/>
 		<Column name="rightname" type="string:64" primarykey="yes"/>
 	</Table>
@@ -65,11 +65,11 @@
 	
 	<Transaction name="ServerInfo" mode="open">
 		<Input/>
-		<Call lang="php" method="serverInfoXml2($this);"/>
+		<Call lang="php" method="serverInfoXml($this);"/>
 		<Output>
 			<Var name="ServerVersion" type="string"/>
-			<Var name="MinimumProtocolVersion" type="int"/>
-			<Var name="ServerProtocolVersion" type="int"/>
+			<Var name="MinimumProtocolVersion" type="astring"/>
+			<Var name="ServerProtocolVersion" type="astring"/>
 		</Output>
 	</Transaction>
 	
@@ -80,18 +80,33 @@
 			<Var name="hostname" type="string"/>
 			<Var name="hostkey" type="string"/>
 		</Input>
+		<Call lang="php" method="Session::login($this);"/>
 		<Output>
 			<Var name="sessionid" type="string"/>
 			<Var name="validtill" type="int64"/>
 		</Output>
 	</Transaction>
 	
+	<Transaction name="Logout" mode="auth">
+		<Input/>
+		<Call lang="php" method="$::session->deleteSession();"/>
+		<Output/>
+	</Transaction>
+	
 	<Transaction name="GetMyRoles" mode="auth">
 		<Input/>
+		<Call lang="php" method="$this->setrole(array_unique($::session->getRoles()));"/>
 		<Output>
 			<Var name="role" type="List:astring"/>
 		</Output>
 	</Transaction>
+	<Transaction name="GetMyRights" mode="auth">
+		<Input/>
+		<Call lang="php" method="$this->setrole(array_unique($::session->getRights()));"/>
+		<Output>
+			<Var name="right" type="List:astring"/>
+		</Output>
+	</Transaction>
 	
 	<Class name="User">
 		<Property name="name" type="astring"/>
diff --git a/woc/phpout.cpp b/woc/phpout.cpp
index 2eb1d90..39d86ae 100644
--- a/woc/phpout.cpp
+++ b/woc/phpout.cpp
@@ -36,6 +36,7 @@ WocPHPServerOut::WocPHPServerOut(const QDomElement&el)
 		m_isauth=el2.attribute("isAuthenticated","false");
 		m_hasrole=el2.attribute("hasRole","false");
 		m_username=el2.attribute("userName","\"\"");
+		m_authinit=el2.attribute("init","");
 	}else{
 		m_isauth="false";
 		m_hasrole="false";
@@ -545,22 +546,18 @@ QString WocPHPServerOut::classPropertyScalarSetters(const WocClass&cls,QString p
 QString WocPHPServerOut::classSerializers(const WocClass&cls)
 {
 	QString code;
-	QStringList k=cls.serializers();
-	for(int i=0;i<k.size();i++){
-		//toString function (wraps toXml)
-		code+="\npublic function toString"+k[i]+"(){\n\t$xml=new DomDocument;\n";
-		code+="\t$xml->appendChild($this->toXml"+k[i]+"($xml));\n\treturn $xml->saveXml();\n}\n";
-		//toXml function:
-		code+="public function toXml"+k[i]+"($xml,$elementname=\""+cls.name()+"\"){\n";
-		code+="\t$root=$xml->createElement($elementname);\n";
-		code+="\t$root->setAttribute(\"serialization-mode\",\""+k[i]+"\");\n";
-		//add properties
-		QStringList p=cls.serializerProperties(k[i]);
-		for(int j=0;j<p.size();j++)
-			code+=propertyToXml(cls,p[j]);
-		//return result
-		code+="\treturn $root;\n}\n";
-	}
+	//toString function (wraps toXml)
+	code+="\npublic function toString(){\n\t$xml=new DomDocument;\n";
+	code+="\t$xml->appendChild($this->toXml($xml));\n\treturn $xml->saveXml();\n}\n";
+	//toXml function:
+	code+="public function toXml($xml,$elementname=\""+cls.name()+"\"){\n";
+	code+="\t$root=$xml->createElement($elementname);\n";
+	//add properties
+	QStringList p=cls.propertyNames();
+	for(int j=0;j<p.size();j++)
+		code+=propertyToXml(cls,p[j]);
+	//return result
+	code+="\treturn $root;\n}\n";
 	return code;
 }
 
@@ -623,19 +620,15 @@ QString WocPHPServerOut::classMappings(const WocClass&cls)
 	return code;
 }
 
-QString WocPHPServerOut::propertyToXml(const WocClass&cls,QString pt)
+QString WocPHPServerOut::propertyToXml(const WocClass&cls,QString sl)
 {
-	QStringList sl=pt.split("/",QString::SkipEmptyParts);
-	if(sl.size()<1)return "";
-	QString prop=sl[0].trimmed();
-	QString var;
-	if(sl.size()>1)var=sl[1].trimmed();
+	QString prop=sl.trimmed();
 	//is it a list?
 	if(cls.propertyIsList(prop)){
 		//is it a class?
 		if(cls.propertyIsObject(prop)){
 			QString code="\tforeach($this->get_"+prop+"() as $o)\n\t\t";
-			code+="$root->appendChild($o->toXml"+var+"($xml,\""+prop+"\"));\n";
+			code+="$root->appendChild($o->toXml($xml,\""+prop+"\"));\n";
 			return code;
 		}else{
 			//there is no way to create lists of attributes, hence we always create elements
@@ -652,7 +645,7 @@ QString WocPHPServerOut::propertyToXml(const WocClass&cls,QString pt)
 		return "\t$root->appendChild($xml->createElement(\""+prop+"\",xq($this->getstr_"+prop+"())));\n";
 	//is it a class?
 	if(cls.propertyIsObject(prop))
-		return "\t$root->appendChild($this->get_"+prop+"()->toXml"+var+"($xml,\""+prop+"\"));\n";
+		return "\t$root->appendChild($this->get_"+prop+"()->toXml($xml,\""+prop+"\"));\n";
 	//anything else?
 	qDebug("Warning: end of WocPHPServerOut::propertyToXml - this code should not be reachable.");
 	return "//internal generator error!\n";
@@ -683,15 +676,28 @@ void WocPHPServerOut::newTransaction(const WocTransaction&trn)
 	//request handler:
 	code="public function handleRequest(){\n";
 	
+	//parse low level XML
+	code+="\tglobal $HTTP_RAW_POST_DATA;\n\tif(isset($HTTP_RAW_POST_DATA))$txt=$HTTP_RAW_POST_DATA;else $txt=\"\";\n";
+	code+="\t$xml=new DOMDocument;\n\tif(!$xml->loadXML($txt))xmlParserError();\n";
+	code+="\t$root=$xml->documentElement;\n";
+	
 	//security handling
 	switch(trn.authMode()){
 		case WocTransaction::Checked:
-			code+="\tif(!"+m_isauth+"||!"+QString(m_hasrole).replace("%",trn.name())+")notAuthenticated();\n";
+			code+="\t/*security check: authenticated and authorized*/\n";
+			code+="\t$sid=$root->getAttribute(\"sessionid\");\n";
+			code+="\t"+QString(m_authinit).replace("%","$sid")+";\n";
+			code+="\tif(!"+m_isauth+"||!"+QString(m_hasrole).replace("%","\""+trn.name()+"\"")+")notAuthenticated();\n";
 			break;
 		case WocTransaction::Auth:
+			code+="\t/*security check: authenticated*/\n";
+			code+="\t$sid=$root->getAttribute(\"sessionid\");\n";
+			code+="\t"+QString(m_authinit).replace("%","$sid")+";\n";
 			code+="\tif(!"+m_isauth+")notAuthenticated();\n";
 			break;
-		default: break;//none
+		default:
+			code+="\t/*no security check, open function*/\n";
+			break;//none
 	}
 	
 	//parse inputs
@@ -699,9 +705,12 @@ void WocPHPServerOut::newTransaction(const WocTransaction&trn)
 	
 	//call
 	if(trn.hasCall("php")){
+		code+="\t/*call actual functionality:*/\n";
 		code+="\ttry{"+trn.callFunction("php")+"}catch(Exception $e){handleException($e);}\n";
-	}else
+	}else{
+		code+="\t/*normally here would be the PHP call, but it is missing from the config*/\n";
 		qDebug("Warning: transaction %s does not have a PHP call!",trn.name().toAscii().data());
+	}
 	
 	//encode outputs/handle errors
 	code+=trnOutput(trn);
@@ -764,9 +773,8 @@ QString WocPHPServerOut::trnConstruct(const WocTransaction&trn)
 
 QString WocPHPServerOut::trnInput(const WocTransaction&trn)
 {
-	QString code="\tglobal $HTTP_RAW_POST_DATA;\n\tif(isset($HTTP_RAW_POST_DATA))$txt=$HTTP_RAW_POST_DATA;else $txt=\"\";\n";
-	code+="\t$xml=new DOMDocument;\n\tif(!$xml->loadXML($txt))xmlParserError();\n";
-	code+="\t$root=$xml->documentElement;\n\ttry{\n";
+	QString code="\t/*start of input parsing*/\n";
+	code+="\ttry{\n";
 	QStringList sl=trn.inputNames();
 	for(int i=0;i<sl.size();i++){
 		QString t=trn.inputType(sl[i]);
@@ -802,13 +810,15 @@ QString WocPHPServerOut::trnInput(const WocTransaction&trn)
 		}
 	}
 	code+="\t}catch(Exception $e){handleException($e);}\n";
+	code+="\t/*end of input parsing*/\n";
 	return code;
 }
 
 QString WocPHPServerOut::trnOutput(const WocTransaction&trn)
 {
 	QStringList sl=trn.outputNames();
-	QString code="\ttry{\n\t\t$xml=new DOMDocument;\n";
+	QString code="\t/*start of output encoding*/\n";
+	code+="\ttry{\n\t\t$xml=new DOMDocument;\n";
 	code+="\t\t$root=$xml->createElement(\"WobResponse\");\n";
 	code+="\t\t$root->setAttribute(\"status\",statusString());\n";
 	for(int i=0;i<sl.size();i++){
@@ -836,7 +846,11 @@ QString WocPHPServerOut::trnOutput(const WocTransaction&trn)
 			}
 		}
 	}
-	code+="\t\t$xml->appendChild($root);\n\t}catch(Exception $e){handleException($e);}\n";
+	code+="\t\t$xml->appendChild($root);\n";
+	code+="\t\theader(\"X-WobResponse-Status: Ok\");\n";
+	code+="\t\tprint($xml->saveXml());\n";
+	code+="\t}catch(Exception $e){handleException($e);}\n";
+	code+="\t/*end of output*/\n";
 	return code;
 }
 
diff --git a/woc/phpout.h b/woc/phpout.h
index cd8843a..8fea498 100644
--- a/woc/phpout.h
+++ b/woc/phpout.h
@@ -30,7 +30,7 @@ class WocPHPServerOut:public WocOutput
 		virtual void newTransaction(const WocTransaction&);
 	private:
 		QString m_basedir,m_subdir,m_fileext;
-		QString m_isauth,m_hasrole,m_username;
+		QString m_isauth,m_hasrole,m_username,m_authinit;
 		QFile m_loader,m_schema,m_transact;
 		
 		/**helper: adds a loader line for a class to autoload.php*/
diff --git a/woc/processor.cpp b/woc/processor.cpp
index 49d12be..b3beb16 100644
--- a/woc/processor.cpp
+++ b/woc/processor.cpp
@@ -404,26 +404,6 @@ WocClass::WocClass(const QDomElement&cls)
 		}
 		m_maps.insert(name,map);
 	}
-	//scan serializers
-	nl=cls.elementsByTagName("ToXml");
-	for(int i=0;i<nl.size();i++){
-		QDomElement el=nl.at(i).toElement();
-		if(el.isNull())continue;
-		QString name=el.attribute("name");
-		if(!symok.exactMatch(name)){
-			qDebug("Error: Illegal serializer %s in class %s.",name.toAscii().data(),m_name.toAscii().data());
-			m_valid=false;
-			return;
-		}
-		if(hasSerializer(name)){
-			qDebug("Error: Double definition of serializer %s in class %s.",name.toAscii().data(),m_name.toAscii().data());
-			m_valid=false;
-			return;
-		}
-		QStringList prop=el.text().split(" ",QString::SkipEmptyParts);
-		//TODO: check that properties exist
-		m_serial.insert(name,prop);
-	}
 	//check abstraction
 	if(!m_abstract && isAbstract()){
 		qDebug("Warning: class %s should be declared abstract.",m_name.toAscii().data());
diff --git a/woc/processor.h b/woc/processor.h
index 07831b4..3b9c60d 100644
--- a/woc/processor.h
+++ b/woc/processor.h
@@ -88,13 +88,6 @@ class WocClass
 		/**returns a list of enum values as name-value pairs*/
 		QList<QPair<QString,int> > enumValues(QString t)const{return m_enumvals[t];}
 		
-		/**returns the names of all serializer methods of this class*/
-		QStringList serializers()const{return m_serial.keys();}
-		/**returns true if the given serializer is defined*/
-		bool hasSerializer(QString s)const{return m_serial.contains(s);}
-		/**returns which properties are encoded by this serializer*/
-		QStringList serializerProperties(QString s)const{return m_serial[s];}
-		
 		/**returns true if the given mapping exists*/
 		bool hasMapping(QString m)const{return m_maps.contains(m);}
 		/**returns the names of all tables for which a mapping exists*/
@@ -120,7 +113,7 @@ class WocClass
 		//enum types: "type-name" => List of ("constant-name",int-constant-value)
 		QMap<QString,QList<QPair<QString,int> > >m_enumvals;
 		//serializers: "name" => List of properties (syntax Objects: "propertyname/Serializer"
-		QMap<QString,QStringList> m_serial;
+// 		QMap<QString,QStringList> m_serial;
 		
 		//helper: contains predefined types sorted by serialization type
 		static const QStringList attrtypes,elemtypes;
diff --git a/woc/qtout.cpp b/woc/qtout.cpp
index d697e7e..cbf1290 100644
--- a/woc/qtout.cpp
+++ b/woc/qtout.cpp
@@ -264,7 +264,7 @@ void WocQtClientOut::classDeserializer(const WocClass&cls,QFile&hdr,QFile&src,QS
 		scd+="\tmp_"+k[i]+"=o.mp_"+k[i]+";\n";
 	scd+="\treturn *this;\n}\n";
 
-	//implement deserializer
+	//implement deserializer (as constructor)
 	hcd+="\t"+cn+"(const QDomElement&);\n";
 	scd+=cn+"::"+cn+"(const QDomElement&root)\n\t:WObject()\n{\n";
 	scd+="\tQDomNodeList nl;\n";
@@ -357,87 +357,83 @@ void WocQtClientOut::classDeserializer(const WocClass&cls,QFile&hdr,QFile&src,QS
 
 void WocQtClientOut::classSerializers(const WocClass&cls,QFile&hdr,QFile&src,QString cn)
 {
-	QStringList k=cls.serializers();
-	if(k.size()==0)return;
 	QString hcd="  public:\n";
 	QString scd;
-	for(int i=0;i<k.size();i++){
-		hcd+="\tQString toString"+k[i]+"();\n";
-		scd+="QString "+cn+"::toString"+k[i]+"()\n{\n";
-		scd+="\tQDomDocument doc;\n\tdoc.appendChild(toXml"+k[i]+"(doc));\n";
-		scd+="\treturn doc.toString();\n}\n";
-		hcd+="\tQDomElement toXml"+k[i]+"(QDomDocument&,QString name=\""+cls.name()+"\");\n";
-		scd+="QDomElement "+cn+"::toXml"+k[i]+"(QDomDocument&doc,QString name)\n{\n";
-		scd+="\tQDomElement r=doc.createElement(name);\n";
-		QStringList p=cls.serializerProperties(k[i]);
-		for(int j=0;j<p.size();j++){
-			QStringList pv=p[j].split("/",QString::SkipEmptyParts);
-			if(pv.size()<1){
-				qDebug("Error: encountered empty property while creating serializer %s for class %s.",k[i].toAscii().data(),cls.name().toAscii().data());
+	hcd+="\tQString toString();\n";
+	scd+="QString "+cn+"::toString()\n{\n";
+	scd+="\tQDomDocument doc;\n\tdoc.appendChild(toXml(doc));\n";
+	scd+="\treturn doc.toString();\n}\n";
+	hcd+="\tQDomElement toXml(QDomDocument&,QString name=\""+cls.name()+"\");\n";
+	scd+="QDomElement "+cn+"::toXml(QDomDocument&doc,QString name)\n{\n";
+	scd+="\tQDomElement r=doc.createElement(name);\n";
+	QStringList p=cls.propertyNames();
+	for(int j=0;j<p.size();j++){
+		QStringList pv=p[j].split("/",QString::SkipEmptyParts);
+		if(pv.size()<1){
+			qDebug("Error: encountered empty property while creating serializer for class %s.",cls.name().toAscii().data());
+			emit errorFound();
+			return;
+		}
+		QString prop=pv[0];
+		QString var;
+		if(pv.size()>1)var=pv[1];
+		//is it a list
+		if(cls.propertyIsList(prop)){
+			scd+="\tfor(int i=0;i<mp_"+prop+".size();i++){\n";
+			if(cls.propertyIsObject(prop))
+				scd+="\t\tr.appendChild(mp_"+prop+"[i].toXml"+var+"(doc,\""+prop+"\"));\n";
+			else
+			if(cls.propertyIsEnum(prop)){
+				scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
+				scd+="\t\tel.appendChild(doc.createTextNode("+cls.propertyPlainType(prop)+"2str(mp_"+prop+"[i])));\n";
+				scd+="\t\tr.appendChild(el);\n";
+			}else
+			if(cls.propertyIsString(prop)){
+				scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
+				scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"[i]));\n";
+				scd+="\t\tr.appendChild(el);\n";
+			}else
+			if(cls.propertyIsBool(prop)){
+				scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
+				scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"[i]?\"yes\":\"no\"));\n";
+				scd+="\t\tr.appendChild(el);\n";
+			}else
+			if(cls.propertyIsInt(prop)){
+				scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
+				scd+="\t\tel.appendChild(doc.createTextNode(QString::number(mp_"+prop+"[i])));\n";
+				scd+="\t\tr.appendChild(el);\n";
+			}else{
+				qDebug("Error: cannot generate serializer for class %s property %s.",cls.name().toAscii().data(),prop.toAscii().data());
 				emit errorFound();
 				return;
 			}
-			QString prop=pv[0];
-			QString var;
-			if(pv.size()>1)var=pv[1];
-			//is it a list
-			if(cls.propertyIsList(prop)){
-				scd+="\tfor(int i=0;i<mp_"+prop+".size();i++){\n";
-				if(cls.propertyIsObject(prop))
-					scd+="\t\tr.appendChild(mp_"+prop+"[i].toXml"+var+"(doc,\""+prop+"\"));\n";
+			scd+="\t}\n";
+		}else{
+			//non lists
+			scd+="\tif(!mp_"+prop+".isNull()){\n";
+			if(cls.propertyIsAttribute(prop)){
+				if(cls.propertyIsBool(prop))
+					scd+="\t\tr.setAttribute(\""+prop+"\",mp_"+prop+".value()?\"yes\":\"no\");\n";
 				else
-				if(cls.propertyIsEnum(prop)){
-					scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
-					scd+="\t\tel.appendChild(doc.createTextNode("+cls.propertyPlainType(prop)+"2str(mp_"+prop+"[i])));\n";
-					scd+="\t\tr.appendChild(el);\n";
+					scd+="\t\tr.setAttribute(\""+prop+"\",mp_"+prop+".value());\n";
+			}else{
+				if(cls.propertyIsObject(prop)){
+					scd+="\t\tr.appendChild(mp_"+prop+".value().toXml"+var+"(doc,\""+prop+"\"));\n";
 				}else
 				if(cls.propertyIsString(prop)){
 					scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
-					scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"[i]));\n";
-					scd+="\t\tr.appendChild(el);\n";
-				}else
-				if(cls.propertyIsBool(prop)){
-					scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
-					scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"[i]?\"yes\":\"no\"));\n";
-					scd+="\t\tr.appendChild(el);\n";
-				}else
-				if(cls.propertyIsInt(prop)){
-					scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
-					scd+="\t\tel.appendChild(doc.createTextNode(QString::number(mp_"+prop+"[i])));\n";
+					scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"));\n";
 					scd+="\t\tr.appendChild(el);\n";
 				}else{
 					qDebug("Error: cannot generate serializer for class %s property %s.",cls.name().toAscii().data(),prop.toAscii().data());
 					emit errorFound();
 					return;
 				}
-				scd+="\t}\n";
-			}else{
-				//non lists
-				scd+="\tif(!mp_"+prop+".isNull()){\n";
-				if(cls.propertyIsAttribute(prop)){
-					if(cls.propertyIsBool(prop))
-						scd+="\t\tr.setAttribute(\""+prop+"\",mp_"+prop+".value()?\"yes\":\"no\");\n";
-					else
-						scd+="\t\tr.setAttribute(\""+prop+"\",mp_"+prop+".value());\n";
-				}else{
-					if(cls.propertyIsObject(prop)){
-						scd+="\t\tr.appendChild(mp_"+prop+".value().toXml"+var+"(doc,\""+prop+"\"));\n";
-					}else
-					if(cls.propertyIsString(prop)){
-						scd+="\t\tQDomElement el=doc.createElement(\""+prop+"\");\n";
-						scd+="\t\tel.appendChild(doc.createTextNode(mp_"+prop+"));\n";
-						scd+="\t\tr.appendChild(el);\n";
-					}else{
-						qDebug("Error: cannot generate serializer for class %s property %s.",cls.name().toAscii().data(),prop.toAscii().data());
-						emit errorFound();
-						return;
-					}
-				}
-				scd+="\t}\n";
 			}
+			scd+="\t}\n";
 		}
-		scd+="\treturn r;\n}\n";
 	}
+	scd+="\treturn r;\n}\n";
 	hdr.write(hcd.toAscii());
 	src.write(scd.toAscii());
 }
@@ -463,6 +459,7 @@ void WocQtClientOut::newTransaction(const WocTransaction&trn)
 	QString hcd;
 	QString scd;
 	hcd="#include \"WTransaction.h\"\n";
+	scd+="#include \"WInterface.h\"\n";
 	for(int i=0;i<in.size();i++){
 		QString tp=qtobjtype(trn,in[i],In);
 		if(tp!="")hcd+="#include <"+tp+".h>\n";
@@ -490,8 +487,6 @@ void WocQtClientOut::newTransaction(const WocTransaction&trn)
 	//interface code
 	QString sif="  "+cn+" query"+trn.name()+"("+inlist+")\n\t";
 	sif+="{return "+cn+"::query("+clist+(clist!=""?",":"")+"name());}\n";
-	sif+="  "+cn+" queryWeb"+trn.name()+"("+inlist+")\n\t";
-	sif+="{return "+cn+"::queryWeb("+clist+(clist!=""?",":"")+"name());}\n\n";
 	m_iface.write(sif.toAscii());
 		
 	//create constructor
@@ -515,10 +510,19 @@ void WocQtClientOut::newTransaction(const WocTransaction&trn)
 	//query method
 	hcd+="\tvoid netquery();\n";
 	scd+="void "+cn+"::netquery()\n{\n";
-	//TODO: encode input
-	for(int i=0;i<in.size();i++){
-	}
-	//TODO: query and decode output
+	scd+="\tQDomDocument doc;QDomElement root=doc.createElement(\"WobRequest\");\n";
+	scd+="\tQDomElement tmp;\n";
+	scd+="\tWInterface *iface=WInterface::instance(m_iface);\n";
+	scd+="\tif(iface==0){m_errtype=\"_iface\";m_errstr=\"interface not found\";m_stage=Error;return;}\n";
+	if(trn.authMode()!=trn.Open)
+		scd+="\troot.setAttribute(\"sessionid\",iface->sessionId());\n";
+	//encode input
+	scd+=trnInput(trn);
+	scd+="\tdoc.appendChild(root);\n";
+	//query
+	scd+="\tQByteArray rba=executeQuery(\""+trn.name()+"\",doc.toByteArray());\n";
+	//decode output
+	scd+=trnOutput(trn);
 	scd+="}\n";
 	hdr.write(hcd.toAscii());
 	src.write(scd.toAscii());
@@ -534,10 +538,8 @@ void WocQtClientOut::newTransaction(const WocTransaction&trn)
 	}
 	//create queries
 	scd="";
-	//TODO: query should optimize between local & web
-	hcd+="\tstatic "+cn+" query("+inlist+defparm+"){return queryWeb("+clist+");}\n";
-	hcd+="\tstatic "+cn+" queryWeb("+inlist+defparm+");\n";
-	scd+=cn+" "+cn+"::queryWeb("+inlist+")\n{\n";
+	hcd+="\tstatic "+cn+" query("+inlist+defparm+");\n";
+	scd+=cn+" "+cn+"::query("+inlist+")\n{\n";
 	scd+="\t"+cn;
 	if(clist!="")scd+=" r("+clist+");\n";else scd+=" r;";
 	scd+="\tr.netquery();\n\treturn r;\n}\n";
@@ -550,6 +552,113 @@ void WocQtClientOut::newTransaction(const WocTransaction&trn)
 	src.write(QByteArray(SRCEND).replace("%",cn.toAscii()));
 }
 
+QString WocQtClientOut::trnInput(const WocTransaction&trn)
+{
+	QString code="\t/*start of input encoding*/\n";
+	QStringList sl=trn.inputNames();
+	for(int i=0;i<sl.size();i++){
+		QString t=trn.inputType(sl[i]);
+		if(trn.isAttributeType(t)){
+			code+="\troot.setAttribute(\""+sl[i]+"\",in_"+sl[i];
+			if(trn.isBoolType(t))
+				code+="?\"yes\":\"no\"";
+			code+=");\n";
+		}else{
+			if(trn.isListType(t)){
+				QString pt=trn.plainType(t);
+				code+="\tfor(int i=0;i<in_"+sl[i]+".size();i++){\n";
+				if(trn.isObjectType(t)){
+					code+="\t\ttmp=in_"+sl[i]+"[i].toXml(doc,\""+sl[i]+"\");\n";
+				}else{
+					code+="\t\ttmp=doc.createElement(\""+sl[i]+"\");\n";
+					code+="\t\ttmp.appendChild(doc.createTextNode(";
+					if(trn.isIntType(t))
+						code+="QString::number(in_"+sl[i]+"[i])";
+					else
+					if(trn.isBoolType(t))
+						code+="in_"+sl[i]+"[i]?\"yes\":\"no\"";
+					else
+						code+="in_"+sl[i]+"[i]";
+					code+="));\n";
+				}
+				code+="\t\troot.appendChild(tmp);\n";
+				code+="\t}\n";
+			}else{
+				if(trn.isObjectType(t)){
+					code+="\troot.appendChild(in_"+sl[i]+".toXml(doc,\""+sl[i]+"\"));\n";
+				}else{
+					code+="\ttmp=doc.createElement(\""+sl[i]+"\");\n";
+					code+="\ttmp.appendChild(doc.createTextNode(";
+					if(trn.isIntType(t))
+						code+="QString::number(in_"+sl[i]+")";
+					else
+						code+="in_"+sl[i];
+					code+="));\n\troot.appendChild(tmp);\n";
+				}
+			}
+		}
+	}
+	code+="\t/*end of input encoding*/\n";
+	return code;
+}
+
+QString WocQtClientOut::trnOutput(const WocTransaction&trn)
+{
+	QStringList sl=trn.outputNames();
+	QString code="\t/*start of output decoding*/\n";
+	//basic XML parsing
+	code+="\tif(rba.isEmpty())return;\n";
+	code+="\tdoc=QDomDocument();\n";
+	code+="\tQString emsg;int eln,ecl;\n";
+	code+="\tif(!doc.setContent(rba,&emsg,&eln,&ecl)){\n";
+	code+="\t\tm_stage=Error;m_errtype=\"_iface\";m_errstr=QString(\"XML result parser error line %1 col %2: %3\").arg(eln).arg(ecl).arg(emsg);\n\t}\n";
+	code+="\troot=doc.documentElement();\n";
+	//decide where to go, error handling
+	code+="\tQString stat=root.attribute(\"status\");\n";
+	code+="\tif(stat!=\"ok\"){\n\t\tm_stage=Error;m_errtype=\"_server\";m_errstr=\"server error\";\n";
+	code+="\t\tQDomNodeList nl=root.elementsByTagName(\"Error\");\n";
+	code+="\t\tif(nl.size()==0)return;\n";
+	code+="\t\ttmp=nl.at(0).toElement();\n";
+	code+="\t\tm_errtype=tmp.attribute(\"type\",\"_server\");\n";
+	code+="\t\tm_errstr=tmp.text();\n\treturn;\n\t}\n";
+	code+="\tQDomNodeList nl;\n";
+	//parse parameters
+	for(int i=0;i<sl.size();i++){
+		QString t=trn.outputType(sl[i]);
+		if(trn.isAttributeType(t)){
+			code+="\tout_"+sl[i]+"=root.attribute(\""+sl[i]+"\")";
+			if(trn.isIntType(t))code+=".toInt()";else
+			if(trn.isBoolType(t))code+="==\"yes\"";
+			code+=";\n";
+		}else{
+			code+="\tnl=root.elementsByTagName(\""+sl[i]+"\");\n";
+			if(trn.isListType(t)){
+				code+="\tfor(int i=0;i<nl.size();i++){\n";
+				if(trn.isObjectType(t)){
+					code+="\t\tout_"+sl[i]+".append("+qtobjtype(trn,sl[i],Out)+"(nl.at(i).toElement()));\n";
+				}else if(trn.isIntType(t)){
+					code+="\t\tout_"+sl[i]+".append(nl.at(i).toElement().text().toInt());\n";
+				}else if(trn.isBoolType(t)){
+					code+="\t\tout_"+sl[i]+".append(nl.at(i).toElement().text()==\"yes\");\n";
+				}else{//can only be string
+					code+="\t\tout_"+sl[i]+".append(nl.at(i).toElement().text());\n";
+				}
+				code+="\t}\n";
+			}else{
+				code+="\tif(nl.size()>0){\n";
+				if(trn.isObjectType(t)){
+					code+="\t\tout_"+sl[i]+"="+qtobjtype(trn,sl[i],Out)+"(nl.at(0).toElement());\n";
+				}else{//can only be string
+					code+="\t\tout_"+sl[i]+"=nl.at(0).toElement().text();\n";
+				}
+				code+="\t}\n";
+			}
+		}
+	}
+	code+="\t/*end of output*/\n";
+	return code;
+}
+
 QString WocQtClientOut::qttype(const WocTransaction&trn,QString v,InOut io)
 {
 	QString tp=io==In?trn.inputType(v):trn.outputType(v);
@@ -575,8 +684,8 @@ QString WocQtClientOut::qtobjtype(const WocTransaction&trn,QString v,InOut io)
 	QString tp=io==In?trn.inputType(v):trn.outputType(v);
 	if(tp.startsWith("List:"))
 		tp=tp.mid(5);
-	if(tp=="astring" || tp=="string"||tp=="int")return "";
-	else return m_prefix+"O"+tp.split("/",QString::SkipEmptyParts).at(0);
+	if(tp=="astring" || tp=="string"||tp=="int"||tp=="int32"||tp=="int64")return "";
+	else return m_prefix+"O"+tp;
 }
 
 void WocQtClientOut::addFile(QString bn)
diff --git a/woc/qtout.h b/woc/qtout.h
index f7e2932..f1d5f1f 100644
--- a/woc/qtout.h
+++ b/woc/qtout.h
@@ -51,6 +51,11 @@ class WocQtClientOut:public WocOutput
 		QString qttype(const WocTransaction&,QString,InOut);
 		/**helper: generate a proper QT type for a transaction variable, WO* only */
 		QString qtobjtype(const WocTransaction&,QString,InOut);
+		
+		/**helper generates the transaction input encoding*/
+		QString trnInput(const WocTransaction&);
+		/**helper generates the transaction output decoding*/
+		QString trnOutput(const WocTransaction&);
 };
 
 #endif
diff --git a/www/config.php.template b/www/config.php.template
index 7976dd2..68916e9 100644
--- a/www/config.php.template
+++ b/www/config.php.template
@@ -37,16 +37,6 @@ $db->setAdminPassCode("Admin","SmokeInMyEye");
 ////////////
 //Dedicated Client Configuration
 
-//Authentication algorithm
-// possible: md5, sha1, sha256, hmac-md5, hmac-sha1, hmac-sha256
-$ClientAuthAlgo="hmac-sha1";
-//hash algorithm library -- the PHP extension/module used for calculation
-// possible: string (md5, sha1 only), hash, mhash
-$HashLib="hash";
-
-//Initial timeout from start of session request to session authentication
-// usually 300s (5min) is a good value
-$ClientAuthTimeout=300;
 //Authenticated session timeout - how long an authenticated session lasts
 // this should usually be a few hours (3600s per hour)
 $ClientSessionTimeout=2*3600;
diff --git a/www/inc/loader_nonadmin.php b/www/inc/loader_nonadmin.php
index 67a3aa8..7ee0944 100644
--- a/www/inc/loader_nonadmin.php
+++ b/www/inc/loader_nonadmin.php
@@ -4,6 +4,5 @@ if(!$db->canUseDb())
 	die("Database is not correctly configured. Giving up.");
 //load class-files
 include('./inc/classes/autoload.php');
-include("./inc/machine/autoload.php");
 
 ?>
\ No newline at end of file
diff --git a/www/inc/machine/autoload.php b/www/inc/machine/autoload.php
index f4602a6..8fb7f1f 100644
--- a/www/inc/machine/autoload.php
+++ b/www/inc/machine/autoload.php
@@ -15,7 +15,5 @@ $AUTOCLASS["Session"]="./inc/machine/session.php";
 $AUTOCLASS["Host"]="./inc/machine/host.php";
 $AUTOCLASS["Template"]="./inc/machine/template.php";
 
-//load hash lib
-include("./inc/machine/cauth_".$HashLib.".php");
-
+include("./inc/machine/version.php");
 ?>
\ No newline at end of file
diff --git a/www/inc/machine/cauth_hash.php b/www/inc/machine/cauth_hash.php
deleted file mode 100644
index c3d6ef2..0000000
--- a/www/inc/machine/cauth_hash.php
+++ /dev/null
@@ -1,35 +0,0 @@
-<?
-//
-// PHP Implementation: cauth_hash
-//
-// Description: 
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2007
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-/**helper for Session::authenticate, using hash module*/
-function calcAuth($cha,$tok)
-{
-	global $ClientAuthAlgo;
-	switch($ClientAuthAlgo){
-		case "md5":
-		case "sha1":
-		case "sha256":return hash($ClientAuthAlgo,$cha.$tok);
-		case "hmac-md5":return hash_hmac("md5",$cha,$tok);
-		case "hmac-sha1":return hash_hmac("sha1",$cha,$tok);
-		case "hmac-sha256":return hash_hmac("sha256",$cha,$tok);
-		default:trigger_error("Internal error: unknown hash algorithm",E_USER_ERROR);
-	}
-}
-
-/**helper for Customer::authenticate and Customer::setPassword*/
-function calcPasswd($pass,$salt)
-{
-	return $salt.":".hash("sha1",$salt.$pass);
-}
-
-?>
\ No newline at end of file
diff --git a/www/inc/machine/cauth_mhash.php b/www/inc/machine/cauth_mhash.php
deleted file mode 100644
index 9813969..0000000
--- a/www/inc/machine/cauth_mhash.php
+++ /dev/null
@@ -1,35 +0,0 @@
-<?
-//
-// PHP Implementation: cauth_mhash
-//
-// Description: 
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2007
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-/**helper for Session::authenticate, using mhash module*/
-function calcAuth($cha,$tok)
-{
-	global $ClientAuthAlgo;
-	switch($ClientAuthAlgo){
-		case "md5":return bin2hex(mhash(MHASH_MD5,$cha.$tok));
-		case "sha1":return bin2hex(mhash(MHASH_SHA1,$cha.$tok));
-		case "sha256":return bin2hex(mhash(MHASH_SHA256,$cha.$tok));
-		case "hmac-md5":return bin2hex(mhash(MHASH_MD5,$cha,$tok));
-		case "hmac-sha1":return bin2hex(mhash(MHASH_SHA1,$cha,$tok));
-		case "hmac-sha256":return bin2hex(mhash(MHASH_SHA256,$cha,$tok));
-		default:trigger_error("Internal error: unknown hash algorithm",E_USER_ERROR);
-	}
-}
-
-/**helper for Customer::authenticate and Customer::setPassword*/
-function calcPasswd($pass,$salt)
-{
-	return $salt.":".bin2hex(mhash(MHASH_SHA1,$salt.$pass));
-}
-
-?>
\ No newline at end of file
diff --git a/www/inc/machine/cauth_string.php b/www/inc/machine/cauth_string.php
deleted file mode 100644
index 546a8f9..0000000
--- a/www/inc/machine/cauth_string.php
+++ /dev/null
@@ -1,31 +0,0 @@
-<?
-//
-// PHP Implementation: cauth_string
-//
-// Description: 
-//
-//
-// Author: Konrad Rosenbaum <konrad@silmor.de>, (C) 2007
-//
-// Copyright: See README/COPYING files that come with this distribution
-//
-//
-
-/**helper for Session::authenticate, using string module*/
-function calcAuth($key,$tok)
-{
-	global $ClientAuthAlgo;
-	switch($ClientAuthAlgo){
-		case "md5":return strtolower(md5($key.$tok));
-		case "sha1":return strtolower(sha1($key.$tok));
-		default:trigger_error("Internal error: unknown hash algorithm",E_USER_ERROR);
-	}
-}
-
-/**helper for Customer::authenticate and Customer::setPassword*/
-function calcPasswd($pass,$salt)
-{
-	return $salt.":".strtolower(sha1($salt.$pass));
-}
-
-?>
\ No newline at end of file
diff --git a/www/inc/machine/session.php b/www/inc/machine/session.php
index 80c1139..37bb596 100644
--- a/www/inc/machine/session.php
+++ b/www/inc/machine/session.php
@@ -16,57 +16,124 @@
 global $db;
 $db->deleteRows("session","timeout<=".time());
 
-/**initiate new session - $rand should contain some food for the random number generator (from the host request)*/
-function newSession($rand)
-{
-	global $db,$ClientAuthTimeout;
-	//get random bits
-	randseed($rand);
-	$sid=getRandom(128);
-	$ucha=getRandom(128);
-	$hcha=getRandom(128);
-	//try to create entry
-	$db->beginTransaction();
-	while(1){
-		//check for existence
-		$res=$db->select("session","sessionid","sessionid='".$sid."'");
-		if(count($res)==0)break;
-		//create new SID and repeat
-		$sid=getRandom(128);
-	}
-	$ret=array("sessionid"=>$sid,"uchallenge"=>$ucha,"hchallenge"=>$hcha,"user"=>"","timeout"=>time()+$ClientAuthTimeout);
-	$db->insert("session",$ret);
-	$db->commitTransaction();
-	return $ret;
-}
-
-/**delete current session*/
-function deleteSession()
-{
-	global $_SERVER,$db;
-	if(isset($_SERVER["HTTP_X_MAGICSMOKE_SESSION"]))
-		$db->deleteRows("session","sessionid=".$db->escapeString($_SERVER["HTTP_X_MAGICSMOKE_SESSION"]));
-}
-
 /**The session class*/
 class Session
 {
 	private $sessid="";
 	private $user="";
+	private $roles;
+	private $rights;
 	
 	/**construct the session object, check validity*/
-	public function __construct()
+	public function __construct($sid)
+	{
+		global $db,$session;
+		$this->roles=array();
+		$this->rights=array();
+		$res=$db->select("session","sessionid,user","sessionid=".$db->escapeString($sid));
+		if(count($res)>0){
+			$this->sessid=$sid;
+			$this->user=$res[0]["user"];
+			$this->initRights();
+		}
+		$session=$this;
+	}
+	
+	/**internal: retrieve and remember the rights of this user*/
+	public function initRights()
 	{
-		global $_SERVER,$db;
-		if(isset($_SERVER["HTTP_X_MAGICSMOKE_SESSION"])){
-			$res=$db->select("session","sessionid,user","sessionid=".$db->escapeString($_SERVER["HTTP_X_MAGICSMOKE_SESSION"]));
-			if(count($res)>0){
-				$this->sessid=$_SERVER["HTTP_X_MAGICSMOKE_SESSION"];
-				$this->user=$res[0]["user"];
-			}
+		global $db;
+		$res=$db->select("userrole","role","uname=".$db->escapeString($this->user));
+		for($i=0;$i<count($res);$i++){
+			$this->roles[]=$res[$i][0];
+			$res2=$db->select("roleright","rightname","rolename=".$db->escapeString($res[$i][0]));
+			for($j=0;$j<count($res2);$j++)
+				$this->rights[]=$res2[$j][0];
+		}
+	}
+	
+	/**returns all rights of this user*/
+	public function getRights(){return $this->rights;}
+	
+	/**returns all roles of this user*/
+	public function getRoles(){return $this->roles;}
+	
+	/**creates a new session*/
+	static public function login($trans)
+	{
+		global $db,$ClientSessionTimeout;
+		//get host data
+		$uhres=$db->select("userhosts","host","uname=".$db->escapeString($trans->getusername()));
+		$hres=$db->select("host","*","hostname=".$db->escapeString($trans->gethostname));
+		$hosts=array();
+		foreach($uhres as $hst)
+			$hosts[]=$hst["host"];
+		//logic check 1: abort if host is unknown
+		if(count($hres)==0){
+			$trans->abortWithError("auth",translate("php::","Unknown Host"));
+		}
+		//logic check: login is allowed if
+		// a) $hosts contains _any and the host is known, or
+		// b) $hosts contains the transmitted host name
+		$hostname=$trans->gethostname();
+		if( !in_array($hostname,$hosts) && !in_array("_any",$hosts)){
+			$trans->abortWithError("auth",translate("php::","Host/User combination not allowed");
+		}
+		
+		//validate host
+		$splt=explode(" ",$hres[0]["hostkey"]);
+		if(count($splt)!=2){
+			$trans->abortWithError("auth",translate("php::","Host authentication failed"));
+		}
+		$cmp=strtolower(sha1($splt[0].$trans->gethostkey()));
+		if($cmp != strtolower($splt[1])){
+			$trans->abortWithError("auth",translate("php::","Host authentication failed"));
+		}
+		
+		//get user data
+		$ures=$db->select("users","*","uname=".$db->escapeString($trans->getusername()));
+		if(count($ures)<1){
+			$trans->abortWithError("auth",translate("php::","User Authentication failed"));
+		}
+		//validate user
+		$splt=explode(" ",$ures[0]["passwd"]);
+		if(count($splt)!=2){
+			$trans->abortWithError("auth",translate("php::","User Authentication failed"));
+		}
+		$cmp=strtolower(sha1($splt[0].$trans->getpassword()));
+		if($cmp!=strtolower($splt[1])){
+			$trans->abortWithError("auth",translate("php::","User Authentication failed"));
+		}
+		
+		//create session and return
+		//get random bits
+		randseed($rand);
+		$sid=getRandom(128);
+		//try to create entry
+		$db->beginTransaction();
+		while(1){
+			//check for existence
+			$res=$db->select("session","sessionid","sessionid='".$sid."'");
+			if(count($res)==0)break;
+			//create new SID and repeat
+			$sid=getRandom(128);
 		}
+		$valid=time()+$ClientSessionTimeout;
+		$ret=array("sessionid"=>$sid,"user"=>$trans->getusername(),"timeout"=>$valid);
+		$db->insert("session",$ret);
+		$db->commitTransaction();
+		
+		$trans->setsessionid($sid);
+		$trans->setvalidtill($valid);
 	}
 	
+	/**delete current session*/
+	function deleteSession()
+	{
+		global $db;
+		$db->deleteRows("session","sessionid=".$db->escapeString($this->sessid));
+	}
+
 	/**returns true if the session exists, it may still be temporary and unauthenticated*/
 	public function isValid()
 	{
@@ -94,115 +161,6 @@ class Session
 		exit();
 	}
 	
-	/**runs authentication against the user request*/
-	public function authenticate()
-	{
-		global $db,$REQUESTDATA;
-		//already authenticated?
-		if($this->isAuthenticated()){
-			header("X-MagicSmoke-Status: Error");
-			die("Protocol violation: already authenticated.");
-		}
-		//get DB record:session
-		$sres=$db->select("session","*","sessionid=".$db->escapeString($this->sessid));
-		if(count($sres)<1){
-			header("X-MagicSmoke-Status: Unauthenticated");
-			deleteSession();
-			die("No such session");
-		}
-		//parse request
-		$auth=new DOMDocument;
-		if(!$auth->loadXML($REQUESTDATA)){
-			header("X-MagicSmoke-Status: SyntaxError");
-			deleteSession();
-			die(tr("unable to parse XML data"));
-		}
-		$hostname="";$hostauth="";$username="";$userauth="";
-		foreach($auth->getElementsByTagName("HostName") as $el)
-			foreach($el->childNodes as $cn)
-				if($cn->nodeType==XML_TEXT_NODE)
-					$hostname=$cn->wholeText;
-		foreach($auth->getElementsByTagName("HostAuth") as $el)
-			foreach($el->childNodes as $cn)
-				if($cn->nodeType==XML_TEXT_NODE)
-					$hostauth=$cn->wholeText;
-		foreach($auth->getElementsByTagName("UserName") as $el)
-			foreach($el->childNodes as $cn)
-				if($cn->nodeType==XML_TEXT_NODE)
-					$username=$cn->wholeText;
-		foreach($auth->getElementsByTagName("UserAuth") as $el)
-			foreach($el->childNodes as $cn)
-				if($cn->nodeType==XML_TEXT_NODE)
-					$userauth=$cn->wholeText;
-		if($hostname=="" || $hostauth=="" || $username=="" || $userauth==""){
-			header("X-MagicSmoke-Status: SyntaxError");
-			deleteSession();
-			die(tr("missing some authentication data"));
-		}
-		//get user data
-		$ures=$db->select("users","*","uname=".$db->escapeString($username));
-		if(count($ures)<1){
-			header("X-MagicSmoke-Status: Unauthenticated");
-			deleteSession();
-			$this->xdie("No such user");
-		}
-		//get allowed hosts
-		$uhres=$db->select("userhosts","host","uname=".$db->escapeString($username));
-		$hres=$db->select("host","*","hostname=".$db->escapeString($hostname));
-		$hosts=array();
-		foreach($uhres as $hst)
-			$hosts[]=$hst["host"];
-		//check that host is allowed
-		$needhostauth=true;
-		if(in_array("_anon",$hosts)){
-			//anonymous hosts allowed, ignore host auth
-			$needhostauth=false;
-		}else
-		if(in_array("_any",$hosts)){
-			//any host allowed, check it exists
-			if(count($hres)<1){
-				header("X-MagicSmoke-Status: Unauthenticated");
-				deleteSession();
-				$this->xdie("unknown host");
-			}
-		}else{
-			//check whether allowed
-			if(!in_array($hostname,$hosts)){
-				//host name not in allowed list
-				header("X-MagicSmoke-Status: Unauthenticated");
-				deleteSession();
-				$this->xdie("host not allowed");
-			}
-			//check whether exists
-			if(count($hres)<1){
-				header("X-MagicSmoke-Status: Unauthenticated");
-				deleteSession();
-				$this->xdie("No such host");
-			}
-		}
-		//compare
-		$ua=calcAuth($sres[0]["uchallenge"],$ures[0]["passwd"]);
-		if($ua!=$userauth){
-			header("X-MagicSmoke-Status: Unauthenticated");
-			deleteSession();
-			$this->xdie("user challenge failed");
-		}
-		if($needhostauth){
-			$ha=calcAuth($sres[0]["hchallenge"],$hres[0]["hostkey"]);
-			if($ha!=$hostauth){
-				header("X-MagicSmoke-Status: Unauthenticated");
-				deleteSession();
-				$this->xdie("host challenge failed");
-			}
-		}
-		//success
-		header("X-MagicSmoke-Status: Ok");
-		global $ClientSessionTimeout;
-		$tout=(time()+$ClientSessionTimeout)."\n".time();
-		$db->update("session",array("user"=>$username,"timeout"=>$tout),"sessionid=".$db->escapeString($this->sessid));
-		echo $tout;
-	}
-	
 	/**set my own password*/
 	public function setMyPasswd($txt)
 	{
@@ -251,11 +209,8 @@ class Session
 	public function canExecute($transaction)
 	{
 		global $db;
-		$res=$db->select("userrole","role","uname=".$db->escapeString($this->user));
-		foreach($res as $rl)
-			if($rl["role"]==$transaction || $rl["role"]=="_admin")
-				return true;
-		return false;
+		if(in_array("_admin",$this->roles))return true;
+		return in_array($transaction,$this->rights);
 	}
 	
 	/**called for GetMyRoles transaction*/
diff --git a/www/inc/machine/version.inc b/www/inc/machine/version.inc
index 3963284..6a53038 100644
--- a/www/inc/machine/version.inc
+++ b/www/inc/machine/version.inc
@@ -11,17 +11,17 @@
 // PHP: scans each line splitting at () and ,
 
 //minimum version that the server understands (4 hex digits)
-defversion(MINSERVER,0000)
+defversion(MINSERVER,0101)
 //current version of the server
-defversion(CURSERVER,0005)
+defversion(CURSERVER,0101)
 
 //current human readable version of the server
-defversion(HRSERVER,1.1 beta)
+defversion(HRSERVER,1.91 alpha)
 
 //minimum version that the client requires
-defversion(MINCLIENT,0000)
+defversion(MINCLIENT,0101)
 //current version of the client
-defversion(CURCLIENT,0005)
+defversion(CURCLIENT,0101)
 
 //current human readable version of the client
-defversion(HRCLIENT,1.1 beta)
+defversion(HRCLIENT,1.91 alpha)
diff --git a/www/inc/machine/version.php b/www/inc/machine/version.php
index 924c9f7..cadb3bd 100644
--- a/www/inc/machine/version.php
+++ b/www/inc/machine/version.php
@@ -29,4 +29,12 @@ $MSVERSION=array();
 //load version include
 defversion();
 
+function serverInfoXml($trans)
+{
+	global $MSVERSION;
+	$trans->setServerVersion($MSVERSION["HRSERVER"]);
+	$trans->setMinimumProtocolVersion($MSVERSION["MINSERVER"]);
+	$trans->setServerProtocolVersion($MSVERSION["CURSERVER"]);
+}
+
 ?>
\ No newline at end of file
diff --git a/www/inc/wbase/transaction.php b/www/inc/wbase/transaction.php
index 66edbb2..f5b902c 100644
--- a/www/inc/wbase/transaction.php
+++ b/www/inc/wbase/transaction.php
@@ -67,6 +67,13 @@ class WobTransactionBase {
 		exit();
 	}
 	
+	/**called to abort a transactions flow*/
+	public function abortWithError($type,$text){
+		header("X-WobResponse-Status: Error");
+		print("<WobResponse status=\"error\"><Error type=\"".xq($type)."\">".xq($text)."</Error></WobResponse>\n");
+		exit();
+	}
+	
 	/**returns the status of the transaction as string*/
 	public function statusString()
 	{
diff --git a/www/machine.php b/www/machine.php
index cbe7977..bb057a7 100644
--- a/www/machine.php
+++ b/www/machine.php
@@ -1,493 +1,13 @@
 <?
-//check the HTTP-request type
-if($_SERVER["REQUEST_METHOD"] != "POST" || !isset($_SERVER["HTTP_X_MAGICSMOKE_REQUEST"])){
-	header("X-MagicSmoke-Status: NonPost");
-	print("<html><title>Error</title><body>This is the machine interface of Magic Smoke. Other clients and browsers are not allowed.</html>");
-	exit();
-}
 //fix content-type to something that is not manipulated by proxies
 header("Content-Type: application/x-MagicSmoke");
 
-include_once("inc/tr.php");
-include_once("inc/machine/version.php");
-
-//check whether the request is known
-/* TRANSLATOR TransactionNames:: */
-/**all valid requests must be listed here (in lower case and wrapped in tr())*/
-$ALLOWEDREQUESTS=array(
-	//info request:
-	tr("serverinfo"),
-	//session requests:
-	tr("startsession"),tr("sessionauth"),tr("closesession"),
-	//////////
-	//all requests below here need authentication
-	//role management: get my own ACLs
-	tr("getmyroles"),
-	/////////
-	//all requests below here need a role entry in the DB
-	//user management
-	tr("getusers"),tr("setuserdescription"),tr("getuseracl"),tr("setuseracl"),tr("getuserhosts"),
-	tr("setuserhosts"),tr("adduser"),tr("deleteuser"),tr("setmypasswd"),tr("setpasswd"),
-	//host management
-	tr("gethosts"),tr("sethost"),tr("addhost"),tr("deletehost"),
-	//event infos
-	tr("geteventlist"),tr("geteventdata"),tr("seteventdata"),tr("eventsummary"),tr("cancelevent"),
-	//room infos
-	tr("getroomdata"),tr("setroomdata"),
-	//customer info
-	tr("getcustomerlist"),tr("getcustomer"),tr("setcustomer"),tr("deletecustomer"),
-	//sell/order stuff
-	tr("checkorder"),tr("createorder"),tr("createsale"),tr("createreservedorder"),tr("getorderlist"),
-	tr("getorder"),tr("orderpay"),tr("orderrefund"),tr("ordershipped"),tr("cancelorder"),
-	tr("orderbyticket"),tr("getordersbyevents"),tr("setordercomment"),tr("orderchangeshipping"),
-	tr("reservationtoorder"),tr("reservationtosale"),
-	//shipping info
-	tr("getshipping"),tr("setshipping"),tr("deleteshipping"),
-	//ticket management
-	tr("getticket"),tr("useticket"),tr("changeticketprice"),tr("ticketreturn"),
-	//voucher management
-	tr("getvoucherprices"),tr("cancelvoucher"),tr("emptyvoucher"),tr("usevoucher"),tr("usevoucheroutside"),tr("getvoucher"),
-	//templates
-	tr("gettemplatelist"),tr("gettemplate"),tr("settemplate"),tr("settemplatedescription"),
-	tr("deletetemplate"),
-	//backup
-	tr("backup"),
-	//money trail
-	tr("moneylog")
-);
-/**special roles begin with _ and are listed here (in lower case and wrapped in tr())*/
-$SPECIALROLES=array(
-	tr("_admin"),//system administrator
-	tr("_anyshipping"),//user can assign any kind of shipping
-	tr("_repriceshipping"),//user may alter shipping price
-	tr("_anyvoucher"),//user may generate vouchers of any value/price, not just configured ones
-	tr("_anypricevoucher"),//user may generate vouchers with price different from value
-	tr("_explicitshipdate")//user may set an explicit shipping date
-);
-/* TRANSLATOR php::
-*/
-/**contains the low-level request name from the client*/
-$SMOKEREQUEST=strtolower($_SERVER["HTTP_X_MAGICSMOKE_REQUEST"]);
-if(!in_array($SMOKEREQUEST,$ALLOWEDREQUESTS)){
-	header("X-MagicSmoke-Status: InvalidRequest");
-	die(tr("Invalid Request, please use the MagicSmoke Client with this page."));
-}
-/**contains the low-level request data from the client*/
-$REQUESTDATA="";
-if(isset($HTTP_RAW_POST_DATA)){
-	$REQUESTDATA=$HTTP_RAW_POST_DATA;
-}
-
-//initialize basics
+//initialize
 include("inc/loader.php");
-
-// server info can be answered without performing any more initialization
-if($SMOKEREQUEST=="serverinfo"){
-	header("X-MagicSmoke-Status: Ok");
-	print("<Info>\n <ServerVersion proto=\"");
-	print($MSVERSION["MINSERVER"]." ".$MSVERSION["CURSERVER"]);
-	print("\">".$MSVERSION["HRSERVER"]);
-	print("</ServerVersion>\n <AuthAlgorithm>$ClientAuthAlgo</AuthAlgorithm>\n</Info>");
-	exit();
-}
-
-//initialize DB
 include("inc/loader_nonadmin.php");
+include("./inc/machine/autoload.php");
 
-//load machine interface
-include("inc/machine/session.php");
-include("inc/machine/host.php");
-include("inc/machine/template.php");
-
-// request to start a session
-if($SMOKEREQUEST=="startsession"){
-	//start session
-	$sess=newSession($REQUESTDATA);
-	header("X-MagicSmoke-Status: Ok");
-	print("<SessionStart><ID>".$sess["sessionid"]."</ID><HostChallenge>".$sess["hchallenge"].
-	"</HostChallenge><UserChallenge>".$sess["uchallenge"]."</UserChallenge><Timeout>".
-	$sess["timeout"]."</Timeout></SessionStart>");
-	exit();
-}
-//request to close a session
-if($SMOKEREQUEST=="closesession"){
-	//close session
-	deleteSession();
-	//return
-	header("X-MagicSmoke-Status: Ok");
-	exit();
-}
-
-//all others need a valid session, check it
-//check session
-/**session object*/
-$session=new Session;
-if(!$session->isValid()){
-	header("X-MagicSmoke-Status: Unauthenticated");
-	die(tr("Invalid or missing sessionid, or session timed out."));
-}
-
-//request session authentication
-if($SMOKEREQUEST=="sessionauth"){
-	$session->authenticate();
-	exit();
-}
-
-//remainder must be authenticated
-if(!$session->isAuthenticated()){
-	header("X-MagicSmoke-Status: Unauthenticated");
-	die(tr("Session not yet authenticated."));
-}
-
-//get roles of myself
-if($SMOKEREQUEST=="getmyroles"){
-	$session->getMyRoles();
-	exit();
-}
-
-//check that we actually are allowed to do this
-if(!$session->canExecute($SMOKEREQUEST)){
-	header("X-MagicSmoke-Status: NotAllowed");
-	die(tr("You do not have the right to execute this transaction."));
-}
-
-//get a list of events
-if($SMOKEREQUEST=="geteventlist"){
-	getAllEventsXml();
-	exit();
-}
-
-//get a specific event
-if($SMOKEREQUEST=="geteventdata"){
-	//convert request data into array
-	$evts=array();
-	$lst=explode(" ",$REQUESTDATA);
-	foreach($lst as $k=>$v){
-		$evts[]=$v+0;
-	}
-	//get data and build XML
-	getEventsXml(array_values(array_unique($evts)));
-	exit();
-}
-
-//set an event
-if($SMOKEREQUEST=="seteventdata"){
-	setEventXml($REQUESTDATA);
-	exit();
-}
-
-//get the summary info of the event
-if($SMOKEREQUEST=="eventsummary"){
-	getEventSummaryXml($REQUESTDATA+0);
-	exit();
-}
-
-//cancel an event
-if($SMOKEREQUEST=="cancelevent"){
-	cancelEventXml(trim($REQUESTDATA));
-	exit();
-}
-
-//get room
-if($SMOKEREQUEST=="getroomdata"){
-	getRoomsXml($REQUESTDATA);
-	exit();
-}
-
-//set room
-if($SMOKEREQUEST=="setroomdata"){
-	setRoomsXml($REQUESTDATA);
-	exit();
-}
-
-//get all users
-if($SMOKEREQUEST=="getusers"){
-	getAllUsersXml();
-	exit();
-}
-
-if($SMOKEREQUEST=="setuserdescription"){
-	setUserDescrXml($REQUESTDATA);
-	exit();
-}
-
-//get ACL info of specific users
-if($SMOKEREQUEST=="getuseracl"){
-	getUserAclXml($REQUESTDATA);
-	exit();
-}
-//set the ACL of a specific user
-if($SMOKEREQUEST=="setuseracl"){
-	setUserAclXml($REQUESTDATA);
-	exit();
-}
-//get the allowed client hosts of a specific user
-if($SMOKEREQUEST=="getuserhosts"){
-	getUserHostsXml($REQUESTDATA);
-	exit();
-}
-//set the allowed client hosts of a specific user
-if($SMOKEREQUEST=="setuserhosts"){
-	setUserHostsXml($REQUESTDATA);
-	exit();
-}
-//create a new user
-if($SMOKEREQUEST=="adduser"){
-	addUserXml($REQUESTDATA);
-	exit();
-}
-//delete an user
-if($SMOKEREQUEST=="deleteuser"){
-	deleteUserXml($REQUESTDATA);
-	exit();
-}
-//set my own password
-if($SMOKEREQUEST=="setmypasswd"){
-	$session->setMyPasswd($REQUESTDATA);
-	exit();
-}
-//reset another users password
-if($SMOKEREQUEST=="setpasswd"){
-	setPasswdXml($REQUESTDATA);
-	exit();
-}
-
-//return a list of all hosts with their keys
-// there is currently no transaction to get names only, since this is
-// implied in getuserhosts
-if($SMOKEREQUEST=="gethosts"){
-	getAllHostsXml();
-	exit();
-}
-//change the key of a host
-if($SMOKEREQUEST=="sethost"){
-	setHostXml($REQUESTDATA);
-}
-//create a new host entry
-if($SMOKEREQUEST=="addhost"){
-	addHostXml($REQUESTDATA);
-	exit();
-}
-if($SMOKEREQUEST=="deletehost"){
-	deleteHostXml($REQUESTDATA);
-	exit();
-}
-
-
-//return list of templates
-if($SMOKEREQUEST=="gettemplatelist"){
-	getTemplateList();
-	exit();
-}
-//get specific template
-if($SMOKEREQUEST=="gettemplate"){
-	getTemplate(trim($REQUESTDATA));
-	exit();
-}
-//set a specific template
-if($SMOKEREQUEST=="settemplate"){
-	setTemplate($REQUESTDATA);
-	exit();
-}
-//set a specific template description
-if($SMOKEREQUEST=="settemplatedescription"){
-	setTemplateDescription($REQUESTDATA);
-	exit();
-}
-//delete a template
-if($SMOKEREQUEST=="deletetemplate"){
-	deleteTemplate(trim($REQUESTDATA));
-	exit();
-}
-
-
-//get the list of customers
-if($SMOKEREQUEST=="getcustomerlist"){
-	getCustomerListXml();
-	exit();
-}
-
-//get a specific customer
-if($SMOKEREQUEST=="getcustomer"){
-	getCustomerXml(trim($REQUESTDATA));
-	exit();
-}
-
-//set/create a specific customer
-if($SMOKEREQUEST=="setcustomer"){
-	setCustomerXml($REQUESTDATA);
-	exit();
-}
-
-//delete/merge a specific customer
-if($SMOKEREQUEST=="deletecustomer"){
-	deleteCustomerXml($REQUESTDATA);
-	exit();
-}
-
-//check that the order can be executed
-if($SMOKEREQUEST=="checkorder"){
-	createOrderXml($REQUESTDATA,"check");
-	exit();
-}
-//create order as normal order
-if($SMOKEREQUEST=="createorder"){
-	createOrderXml($REQUESTDATA,"order");
-	exit();
-}
-//create order as a sale (already paid and delivered)
-if($SMOKEREQUEST=="createsale"){
-	createOrderXml($REQUESTDATA,"sell");
-	exit();
-}
-//create order as a reservation (like normal order, but cannot be used/paid/sent)
-if($SMOKEREQUEST=="createreservedorder"){
-	createOrderXml($REQUESTDATA,"reserve");
-	exit();
-}
-//change reservation into order
-if($SMOKEREQUEST=="reservationtoorder"){
-	changeReservationXml(trim($REQUESTDATA),ORDER_PLACED);
-	exit();
-}
-//change reservation into sale
-if($SMOKEREQUEST=="reservationtosale"){
-	changeReservationXml(trim($REQUESTDATA),ORDER_SOLD);
-	exit();
-}
-//get list of all orders
-if($SMOKEREQUEST=="getorderlist"){
-	getOrderListXml();
-	exit();
-}
-//get a single order
-if($SMOKEREQUEST=="getorder"){
-	getOrderXml(trim($REQUESTDATA)+0);
-	exit();
-}
-//pay for an order
-if($SMOKEREQUEST=="orderpay"){
-	orderPayXml($REQUESTDATA,1);
-	exit();
-}
-//refund an order
-if($SMOKEREQUEST=="orderrefund"){
-	orderPayXml($REQUESTDATA,-1);
-	exit();
-}
-//mark order shipped
-if($SMOKEREQUEST=="ordershipped"){
-	orderShippedXml(trim($REQUESTDATA));
-	exit();
-}
-//cancel order
-if($SMOKEREQUEST=="cancelorder"){
-	orderCancelXml(trim($REQUESTDATA));
-	exit();
-}
-//find an order
-if($SMOKEREQUEST=="orderbyticket"){
-	orderByTicketXml(trim($REQUESTDATA));
-	exit();
-}
-if($SMOKEREQUEST=="getordersbyevents"){
-	orderByEventXml(trim($REQUESTDATA));
-	exit();
-}
-if($SMOKEREQUEST=="setordercomment"){
-	setOrderCommentXml(trim($REQUESTDATA));
-	exit();
-}
-if($SMOKEREQUEST=="orderchangeshipping"){
-	setOrderShippingXml(trim($REQUESTDATA));
-	exit();
-}
-
-//get shipping info
-if($SMOKEREQUEST=="getshipping"){
-	getShippingXml();
-	exit();
-}
-//set/create shipping info
-if($SMOKEREQUEST=="setshipping"){
-	setShippingXml(trim($REQUESTDATA));
-	exit();
-}
-//delete shipping info
-if($SMOKEREQUEST=="deleteshipping"){
-	deleteShippingXml(trim($REQUESTDATA));
-	exit();
-}
-
-
-//get a ticket
-if($SMOKEREQUEST=="getticket"){
-	getTicketXml(trim($REQUESTDATA));
-	exit();
-}
-//mark a ticket as used
-if($SMOKEREQUEST=="useticket"){
-	useTicketXml(trim($REQUESTDATA));
-	exit();
-}
-//change the price of a ticket
-if($SMOKEREQUEST=="changeticketprice"){
-	changeTicketPriceXml(trim($REQUESTDATA));
-	exit();
-}
-//return a ticket: cancels it
-if($SMOKEREQUEST=="ticketreturn"){
-	ticketReturnXml(trim($REQUESTDATA));
-	exit();
-}
-
-//get all valid prices for vouchers
-if($SMOKEREQUEST=="getvoucherprices"){
-	getVoucherPricesXml();
-	exit();
-}
-//return a voucher: cancels it
-if($SMOKEREQUEST=="cancelvoucher"){
-	cancelVoucherXml(trim($REQUESTDATA));
-	exit();
-}
-//return a voucher: emties it
-if($SMOKEREQUEST=="emptyvoucher"){
-	emptyVoucherXml(trim($REQUESTDATA));
-	exit();
-}
-//use a voucher to pay
-if($SMOKEREQUEST=="usevoucher"){
-	useVoucherXml(trim($REQUESTDATA));
-	exit();
-}
-//use a voucher to pay
-if($SMOKEREQUEST=="usevoucheroutside"){
-	useVoucher2Xml(trim($REQUESTDATA));
-	exit();
-}
-//get info about a voucher
-if($SMOKEREQUEST=="getvoucher"){
-	getVoucherXml(trim($REQUESTDATA));
-	exit();
-}
-
-
-//get info about a voucher
-if($SMOKEREQUEST=="moneylog"){
-	moneylogXml(trim($REQUESTDATA));
-	exit();
-}
-
-
-//retrieve backup
-if($SMOKEREQUEST=="backup"){
-	header("X-MagicSmoke-Status: Ok");
-	$db->dumpBackup();
-	exit();
-}
+//let wob do the rest
+WobTransaction::handle();
 
-//EOF
-header("X-MagicSmoke-Status: Error");
-die(tr("Internal Error: unknown command, hiccup in code structure."));
 ?>
\ No newline at end of file