40 changed files with 1248 additions and 1242 deletions
--- a/controllers/EditAlbum.php
+++ b/controllers/EditAlbum.php
@ -41,13 +41,13 @@ class EditAlbum extends HTMLController
 				exit;
 			}
 			else
-				throw new Exception('Cannot delete album: an error occured while processing the request.');
+				trigger_error('Cannot delete album: an error occured while processing the request.', E_USER_ERROR);
 		}
 		// Editing one, then, surely.
 		else
 		{
 			if ($album->kind !== 'Album')
-				throw new Exception('Cannot edit album: not an album.');
+				trigger_error('Cannot edit album: not an album.', E_USER_ERROR);
 			parent::__construct('Edit album \'' . $album->tag . '\'');
 			$form_title = 'Edit album \'' . $album->tag . '\'';
@ -67,7 +67,7 @@ class EditAlbum extends HTMLController
 		// Gather possible parents for this album to be filed into
 		$parentChoices = [0 => '-root-'];
-		foreach (Tag::getOffset(0, 9999, 'tag', 'up', true) as $parent)
+		foreach (PhotoAlbum::getHierarchy('tag', 'up') as $parent)
 		{
 			if (!empty($id_tag) && $parent['id_tag'] == $id_tag)
 				continue;
@ -139,10 +139,6 @@ class EditAlbum extends HTMLController
 				];
 			}
 		}
 		elseif (empty($_POST) && isset($album))
 		{
 			$formDefaults = get_object_vars($album);
 		}
 		elseif (empty($_POST) && count($parentChoices) > 1)
 		{
 			// Choose the first non-root album as the default parent
@ -150,8 +146,9 @@ class EditAlbum extends HTMLController
 			next($parentChoices);
 			$formDefaults = ['id_parent' => key($parentChoices)];
 		}
-		else
+
-			$formDefaults = $_POST;
+		if (!isset($formDefaults))
 			$formDefaults = isset($album) ? get_object_vars($album) : $_POST;
 		// Create the form, add in default values.
 		$this->form->setData($formDefaults);
--- a/controllers/EditAsset.php
+++ b/controllers/EditAsset.php
@ -67,7 +67,7 @@ class EditAsset extends HTMLController
 		// Get a list of available photo albums
 		$allAlbums = [];
-		foreach (Tag::getOffset(0, 9999, 'tag', 'up', true) as $album)
+		foreach (PhotoAlbum::getHierarchy('tag', 'up') as $album)
 			$allAlbums[$album['id_tag']] = $album['tag'];
 		// Figure out the current album id
--- a/controllers/EditTag.php
+++ b/controllers/EditTag.php
@ -39,13 +39,13 @@ class EditTag extends HTMLController
 				exit;
 			}
 			else
-				throw new Exception('Cannot delete tag: an error occured while processing the request.');
+				trigger_error('Cannot delete tag: an error occured while processing the request.', E_USER_ERROR);
 		}
 		// Editing one, then, surely.
 		else
 		{
 			if ($tag->kind === 'Album')
-				throw new Exception('Cannot edit tag: is actually an album.');
+				trigger_error('Cannot edit tag: is actually an album.', E_USER_ERROR);
 			parent::__construct('Edit tag \'' . $tag->tag . '\'');
 			$form_title = 'Edit tag \'' . $tag->tag . '\'';
--- a/controllers/EditUser.php
+++ b/controllers/EditUser.php
@ -33,7 +33,7 @@ class EditUser extends HTMLController
 		{
 			// Don't be stupid.
 			if ($current_user->getUserId() == $id_user)
-				throw new Exception('Sorry, I cannot allow you to delete yourself.');
+				trigger_error('Sorry, I cannot allow you to delete yourself.', E_USER_ERROR);
 			// So far so good?
 			$user = Member::fromId($id_user);
@ -43,7 +43,7 @@ class EditUser extends HTMLController
 				exit;
 			}
 			else
-				throw new Exception('Cannot delete user: an error occured while processing the request.');
+				trigger_error('Cannot delete user: an error occured while processing the request.', E_USER_ERROR);
 		}
 		// Editing one, then, surely.
 		else
--- a/controllers/Login.php
+++ b/controllers/Login.php
@ -24,9 +24,7 @@ class Login extends HTMLController
 			if (Authentication::checkPassword($_POST['emailaddress'], $_POST['password']))
 			{
 				parent::__construct('Login');
-
+				$_SESSION['user_id'] = Authentication::getUserId($_POST['emailaddress']);
 				$user = Member::fromEmailAddress($_POST['emailaddress']);
 				$_SESSION['user_id'] = $user->getUserId();
 				if (isset($_POST['redirect_url']))
 					header('Location: ' . base64_decode($_POST['redirect_url']));
--- a/controllers/ManageAlbums.php
+++ b/controllers/ManageAlbums.php
@ -35,14 +35,18 @@ class ManageAlbums extends HTMLController
 				'tag' => [
 					'header' => 'Album',
 					'is_sortable' => true,
 					'parse' => [
 						'link' => BASEURL . '/editalbum/?id={ID_TAG}',
-					'value' => 'tag',
+						'data' => 'tag',
 					],
 				],
 				'slug' => [
 					'header' => 'Slug',
 					'is_sortable' => true,
 					'parse' => [
 						'link' => BASEURL . '/editalbum/?id={ID_TAG}',
-					'value' => 'slug',
+						'data' => 'slug',
 					],
 				],
 				'count' => [
 					'header' => '# Photos',
@ -50,21 +54,30 @@ class ManageAlbums extends HTMLController
 					'value' => 'count',
 				],
 			],
-			'default_sort_order' => 'tag',
+			'start' => !empty($_GET['start']) ? (int) $_GET['start'] : 0,
-			'default_sort_direction' => 'up',
+			'sort_order' => !empty($_GET['order']) ? $_GET['order'] : null,
-			'start' => $_GET['start'] ?? 0,
+			'sort_direction' => !empty($_GET['dir']) ? $_GET['dir'] : null,
 			'sort_order' => $_GET['order'] ?? '',
 			'sort_direction' => $_GET['dir'] ?? '',
 			'title' => 'Manage albums',
 			'no_items_label' => 'No albums meet the requirements of the current filter.',
 			'items_per_page' => 9999,
 			'index_class' => 'col-md-6',
 			'base_url' => BASEURL . '/managealbums/',
-			'get_data' => function($offset, $limit, $order, $direction) {
+			'get_data' => function($offset = 0, $limit = 9999, $order = '', $direction = 'up') {
-				return Tag::getOffset($offset, $limit, $order, $direction, true);
+				if (!in_array($order, ['id_tag', 'tag', 'slug', 'count']))
 					$order = 'tag';
 				if (!in_array($direction, ['up', 'down']))
 					$direction = 'up';
 				$rows = PhotoAlbum::getHierarchy($order, $direction);
 				return [
 					'rows' => $rows,
 					'order' => $order,
 					'direction' => ($direction == 'up' ? 'up' : 'down'),
 				];
 			},
 			'get_count' => function() {
-				return Tag::getCount(false, 'Album', true);
+				return 9999;
 			}
 		];
--- a/controllers/ManageAssets.php
+++ b/controllers/ManageAssets.php
@ -38,34 +38,13 @@ class ManageAssets extends HTMLController
 				'checkbox' => [
 					'header' => '<input type="checkbox" id="selectall">',
 					'is_sortable' => false,
-					'format' => fn($row) =>
+					'parse' => [
-						'<input type="checkbox" class="asset_select" name="delete[]" value="' . $row['id_asset'] . '">',
+						'type' => 'function',
-				],
+						'data' => function($row) {
-				'thumbnail' => [
+							return '<input type="checkbox" class="asset_select" name="delete[]" value="' . $row['id_asset'] . '">';
 					'header' => '&nbsp;',
 					'is_sortable' => false,
 					'cell_class' => 'text-center',
 					'format' => function($row) {
 						$asset = Image::byRow($row);
 						$width = $height = 65;
 						if ($asset->isImage())
 						{
 							if ($asset->isPortrait())
 								$width = null;
 							else
 								$height = null;
 							$thumb = $asset->getThumbnailUrl($width, $height);
 						}
 						else
 							$thumb = BASEURL . '/images/nothumb.svg';
 						$width = isset($width) ? $width . 'px' : 'auto';
 						$height = isset($height) ? $height . 'px' : 'auto';
 						return sprintf('<img src="%s" style="width: %s; height: %s;">', $thumb, $width, $height);
 						},
 					],
 				],
 				'id_asset' => [
 					'value' => 'id_asset',
 					'header' => 'ID',
@ -80,13 +59,18 @@ class ManageAssets extends HTMLController
 					'value' => 'filename',
 					'header' => 'Filename',
 					'is_sortable' => true,
 					'parse' => [
 						'type' => 'value',
 						'link' => BASEURL . '/editasset/?id={ID_ASSET}',
-					'value' => 'filename',
+						'data' => 'filename',
 					],
 				],
 				'id_user_uploaded' => [
 					'header' => 'User uploaded',
 					'is_sortable' => true,
-					'format' => function($row) {
+					'parse' => [
 						'type' => 'function',
 						'data' => function($row) {
 							if (!empty($row['id_user']))
 								return sprintf('<a href="%s/edituser/?id=%d">%s</a>', BASEURL, $row['id_user'],
 									$row['first_name'] . ' ' . $row['surname']);
@ -94,10 +78,13 @@ class ManageAssets extends HTMLController
 								return 'n/a';
 						},
 					],
 				],
 				'dimensions' => [
 					'header' => 'Dimensions',
 					'is_sortable' => false,
-					'format' => function($row) {
+					'parse' => [
 						'type' => 'function',
 						'data' => function($row) {
 							if (!empty($row['image_width']))
 								return $row['image_width'] . ' x ' . $row['image_height'];
 							else
@ -105,17 +92,39 @@ class ManageAssets extends HTMLController
 						},
 					],
 				],
-			'default_sort_order' => 'id_asset',
+			],
-			'default_sort_direction' => 'down',
+			'start' => !empty($_GET['start']) ? (int) $_GET['start'] : 0,
-			'start' => $_GET['start'] ?? 0,
+			'sort_order' => !empty($_GET['order']) ? $_GET['order'] : '',
-			'sort_order' => $_GET['order'] ?? '',
+			'sort_direction' => !empty($_GET['dir']) ? $_GET['dir'] : '',
 			'sort_direction' => $_GET['dir'] ?? '',
 			'title' => 'Manage assets',
 			'no_items_label' => 'No assets meet the requirements of the current filter.',
 			'items_per_page' => 30,
 			'index_class' => 'col-md-6',
 			'base_url' => BASEURL . '/manageassets/',
-			'get_data' => 'Asset::getOffset',
+			'get_data' => function($offset = 0, $limit = 30, $order = '', $direction = 'down') {
 				if (!in_array($order, ['id_asset', 'id_user_uploaded', 'title', 'subdir', 'filename']))
 					$order = 'id_asset';
 				$data = Registry::get('db')->queryAssocs('
 					SELECT a.id_asset, a.subdir, a.filename,
 						a.image_width, a.image_height,
 						u.id_user, u.first_name, u.surname
 					FROM assets AS a
 					LEFT JOIN users AS u ON a.id_user_uploaded = u.id_user
 					ORDER BY {raw:order}
 					LIMIT {int:offset}, {int:limit}',
 					[
 						'order' => $order . ($direction == 'up' ? ' ASC' : ' DESC'),
 						'offset' => $offset,
 						'limit' => $limit,
 					]);
 				return [
 					'rows' => $data,
 					'order' => $order,
 					'direction' => $direction,
 				];
 			},
 			'get_count' => 'Asset::getCount',
 		];
--- a/controllers/ManageErrors.php
+++ b/controllers/ManageErrors.php
@ -14,8 +14,8 @@ class ManageErrors extends HTMLController
 		if (!Registry::get('user')->isAdmin())
 			throw new NotAllowedException();
-		// Clearing, are we?
+		// Flushing, are we?
-		if (isset($_POST['clear']) && Session::validateSession('get'))
+		if (isset($_POST['flush']) && Session::validateSession('get'))
 		{
 			ErrorLog::flush();
 			header('Location: ' . BASEURL . '/manageerrors/');
@ -31,7 +31,7 @@ class ManageErrors extends HTMLController
 				'method' => 'post',
 				'class' => 'col-md-6 text-end',
 				'buttons' => [
-					'clear' => [
+					'flush' => [
 						'type' => 'submit',
 						'caption' => 'Delete all',
 						'class' => 'btn-danger',
@ -39,15 +39,15 @@ class ManageErrors extends HTMLController
 				],
 			],
 			'columns' => [
-				'id_entry' => [
+				'id' => [
 					'value' => 'id_entry',
 					'header' => '#',
 					'is_sortable' => true,
 				],
 				'message' => [
-					'header' => 'Message / URL',
+					'parse' => [
-					'is_sortable' => false,
+						'type' => 'function',
-					'format' => function($row) {
+						'data' => function($row) {
 							return $row['message'] . '<br>' .
 								'<div><a onclick="this.parentNode.childNodes[1].style.display=\'block\';this.style.display=\'none\';">Show debug info</a>' .
 								'<pre style="display: none">' . htmlspecialchars($row['debug_info']) .
@ -55,7 +55,10 @@ class ManageErrors extends HTMLController
 								'<small><a href="' . BASEURL .
 									htmlspecialchars($row['request_uri']) . '">' .
 									htmlspecialchars($row['request_uri']) . '</a></small>';
-					},
+						}
 					],
 					'header' => 'Message / URL',
 					'is_sortable' => false,
 				],
 				'file' => [
 					'value' => 'file',
@ -68,10 +71,12 @@ class ManageErrors extends HTMLController
 					'is_sortable' => true,
 				],
 				'time' => [
-					'format' => [
+					'parse' => [
 						'type' => 'timestamp',
 						'data' => [
 							'timestamp' => 'time',
 							'pattern' => 'long',
-						'value' => 'time',
+						],
 					],
 					'header' => 'Time',
 					'is_sortable' => true,
@ -84,21 +89,41 @@ class ManageErrors extends HTMLController
 				'uid' => [
 					'header' => 'UID',
 					'is_sortable' => true,
 					'parse' => [
 						'link' => BASEURL . '/edituser/?id={ID_USER}',
-					'value' => 'id_user',
+						'data' => 'id_user',
 					],
 				],
-			'default_sort_order' => 'id_entry',
+			],
-			'default_sort_direction' => 'down',
+			'start' => !empty($_GET['start']) ? (int) $_GET['start'] : 0,
-			'start' => $_GET['start'] ?? 0,
+			'sort_order' => !empty($_GET['order']) ? $_GET['order'] : '',
-			'sort_order' => $_GET['order'] ?? '',
+			'sort_direction' => !empty($_GET['dir']) ? $_GET['dir'] : '',
 			'sort_direction' => $_GET['dir'] ?? '',
 			'no_items_label' => "No errors to display -- we're all good!",
 			'items_per_page' => 20,
 			'index_class' => 'col-md-6',
 			'base_url' => BASEURL . '/manageerrors/',
 			'get_count' => 'ErrorLog::getCount',
-			'get_data' => 'ErrorLog::getOffset',
+			'get_data' => function($offset = 0, $limit = 20, $order = '', $direction = 'down') {
 				if (!in_array($order, ['id_entry', 'file', 'line', 'time', 'ipaddress', 'id_user']))
 					$order = 'id_entry';
 				$data = Registry::get('db')->queryAssocs('
 					SELECT *
 					FROM log_errors
 					ORDER BY {raw:order}
 					LIMIT {int:offset}, {int:limit}',
 					[
 						'order' => $order . ($direction === 'up' ? ' ASC' : ' DESC'),
 						'offset' => $offset,
 						'limit' => $limit,
 					]);
 				return [
 					'rows' => $data,
 					'order' => $order,
 					'direction' => $direction,
 				];
 			},
 		];
 		$error_log = new GenericTable($options);
--- a/controllers/ManageTags.php
+++ b/controllers/ManageTags.php
@ -37,19 +37,25 @@ class ManageTags extends HTMLController
 				'tag' => [
 					'header' => 'Tag',
 					'is_sortable' => true,
 					'parse' => [
 						'link' => BASEURL . '/edittag/?id={ID_TAG}',
-					'value' => 'tag',
+						'data' => 'tag',
 					],
 				],
 				'slug' => [
 					'header' => 'Slug',
 					'is_sortable' => true,
 					'parse' => [
 						'link' => BASEURL . '/edittag/?id={ID_TAG}',
-					'value' => 'slug',
+						'data' => 'slug',
 					],
 				],
 				'id_user_owner' => [
 					'header' => 'Owning user',
 					'is_sortable' => true,
-					'format' => function($row) {
+					'parse' => [
 						'type' => 'function',
 						'data' => function($row) {
 							if (!empty($row['id_user']))
 								return sprintf('<a href="%s/edituser/?id=%d">%s</a>', BASEURL, $row['id_user'],
 									$row['first_name'] . ' ' . $row['surname']);
@ -57,27 +63,53 @@ class ManageTags extends HTMLController
 								return 'n/a';
 						},
 					],
 				],
 				'count' => [
 					'header' => 'Cardinality',
 					'is_sortable' => true,
 					'value' => 'count',
 				],
 			],
-			'default_sort_order' => 'tag',
+			'start' => !empty($_GET['start']) ? (int) $_GET['start'] : 0,
-			'default_sort_direction' => 'up',
+			'sort_order' => !empty($_GET['order']) ? $_GET['order'] : null,
-			'start' => $_GET['start'] ?? 0,
+			'sort_direction' => !empty($_GET['dir']) ? $_GET['dir'] : null,
 			'sort_order' => $_GET['order'] ?? '',
 			'sort_direction' => $_GET['dir'] ?? '',
 			'title' => 'Manage tags',
 			'no_items_label' => 'No tags meet the requirements of the current filter.',
 			'items_per_page' => 30,
 			'index_class' => 'col-md-6',
 			'base_url' => BASEURL . '/managetags/',
-			'get_data' => function($offset, $limit, $order, $direction) {
+			'get_data' => function($offset = 0, $limit = 30, $order = '', $direction = 'up') {
-				return Tag::getOffset($offset, $limit, $order, $direction, false);
+				if (!in_array($order, ['id_tag', 'tag', 'slug', 'kind', 'count']))
 					$order = 'tag';
 				if (!in_array($direction, ['up', 'down']))
 					$direction = 'up';
 				$data = Registry::get('db')->queryAssocs('
 					SELECT t.*, u.id_user, u.first_name, u.surname
 					FROM tags AS t
 					LEFT JOIN users AS u ON t.id_user_owner = u.id_user
 					WHERE kind != {string:album}
 					ORDER BY {raw:order}
 					LIMIT {int:offset}, {int:limit}',
 					[
 						'order' => $order . ($direction == 'up' ? ' ASC' : ' DESC'),
 						'offset' => $offset,
 						'limit' => $limit,
 						'album' => 'Album',
 					]);
 				return [
 					'rows' => $data,
 					'order' => $order,
 					'direction' => ($direction == 'up' ? 'up' : 'down'),
 				];
 			},
 			'get_count' => function() {
-				return Tag::getCount(false, null, false);
+				return Registry::get('db')->queryValue('
 					SELECT COUNT(*)
 					FROM tags
 					WHERE kind != {string:album}',
 					['album' => 'Album']);
 			}
 		];
--- a/controllers/ManageUsers.php
+++ b/controllers/ManageUsers.php
@ -37,20 +37,26 @@ class ManageUsers extends HTMLController
 				'surname' => [
 					'header' => 'Last name',
 					'is_sortable' => true,
 					'parse' => [
 						'link' => BASEURL . '/edituser/?id={ID_USER}',
-					'value' => 'surname',
+						'data' => 'surname',
 					],
 				],
 				'first_name' => [
 					'header' => 'First name',
 					'is_sortable' => true,
 					'parse' => [
 						'link' => BASEURL . '/edituser/?id={ID_USER}',
-					'value' => 'first_name',
+						'data' => 'first_name',
 					],
 				],
 				'slug' => [
 					'header' => 'Slug',
 					'is_sortable' => true,
 					'parse' => [
 						'link' => BASEURL . '/edituser/?id={ID_USER}',
-					'value' => 'slug',
+						'data' => 'slug',
 					],
 				],
 				'emailaddress' => [
 					'value' => 'emailaddress',
@ -58,11 +64,12 @@ class ManageUsers extends HTMLController
 					'is_sortable' => true,
 				],
 				'last_action_time' => [
-					'format' => [
+					'parse' => [
 						'type' => 'timestamp',
 						'data' => [
 							'timestamp' => 'last_action_time',
 							'pattern' => 'long',
-						'value' => 'last_action_time',
+						],
 						'if_null' => 'n/a',
 					],
 					'header' => 'Last activity',
 					'is_sortable' => true,
@ -75,21 +82,48 @@ class ManageUsers extends HTMLController
 				'is_admin' => [
 					'is_sortable' => true,
 					'header' => 'Admin?',
-					'format' => fn($row) => $row['is_admin'] ? 'yes' : 'no',
+					'parse' => [
 						'type' => 'function',
 						'data' => function($row) {
 							return $row['is_admin'] ? 'yes' : 'no';
 						}
 					],
 				],
-			'default_sort_order' => 'id_user',
+			],
-			'default_sort_direction' => 'down',
+			'start' => !empty($_GET['start']) ? (int) $_GET['start'] : 0,
-			'start' => $_GET['start'] ?? 0,
+			'sort_order' => !empty($_GET['order']) ? $_GET['order'] : '',
-			'sort_order' => $_GET['order'] ?? '',
+			'sort_direction' => !empty($_GET['dir']) ? $_GET['dir'] : '',
 			'sort_direction' => $_GET['dir'] ?? '',
 			'title' => 'Manage users',
 			'no_items_label' => 'No users meet the requirements of the current filter.',
 			'items_per_page' => 30,
 			'index_class' => 'col-md-6',
 			'base_url' => BASEURL . '/manageusers/',
-			'get_data' => 'Member::getOffset',
+			'get_data' => function($offset = 0, $limit = 30, $order = '', $direction = 'down') {
-			'get_count' => 'Member::getCount',
+				if (!in_array($order, ['id_user', 'surname', 'first_name', 'slug', 'emailaddress', 'last_action_time', 'ip_address', 'is_admin']))
 					$order = 'id_user';
 				$data = Registry::get('db')->queryAssocs('
 					SELECT *
 					FROM users
 					ORDER BY {raw:order}
 					LIMIT {int:offset}, {int:limit}',
 					[
 						'order' => $order . ($direction == 'up' ? ' ASC' : ' DESC'),
 						'offset' => $offset,
 						'limit' => $limit,
 					]);
 				return [
 					'rows' => $data,
 					'order' => $order,
 					'direction' => $direction,
 				];
 			},
 			'get_count' => function() {
 				return Registry::get('db')->queryValue('
 					SELECT COUNT(*)
 					FROM users');
 			}
 		];
 		$table = new GenericTable($options);
--- a/controllers/ResetPassword.php
+++ b/controllers/ResetPassword.php
@ -16,65 +16,14 @@ class ResetPassword extends HTMLController
 		// Verifying an existing reset key?
 		if (isset($_GET['step'], $_GET['email'], $_GET['key']) && $_GET['step'] == 2)
 			$this->verifyResetKey();
 		else
 			$this->requestResetKey();
 	}
 	private function requestResetKey()
 	{
 		parent::__construct('Reset password - ' . SITE_TITLE);
 		$form = new ForgotPasswordForm();
 		$this->page->adopt($form);
 		// Have they submitted an email address yet?
 		if (isset($_POST['emailaddress']) && preg_match('~^.+@.+\.[a-z]+$~', trim($_POST['emailaddress'])))
 		{
 			$user = Member::fromEmailAddress($_POST['emailaddress']);
 			if (!$user)
 			{
 				$form->adopt(new Alert('Invalid email address', 'The email address you provided could not be found in our system. Please try again.', 'danger'));
 				return;
 			}
 			if (Authentication::getResetTimeOut($user->getUserId()) > 0)
 			{
 				// Update the reset time-out to prevent hammering
 				$resetTimeOut = Authentication::updateResetTimeOut($user->getUserId());
 				// Present it to the user in a readable way
 				if ($resetTimeOut > 3600)
 					$timeOut = sprintf('%d hours', ceil($resetTimeOut / 3600));
 				elseif ($resetTimeOut > 60)
 					$timeOut = sprintf('%d minutes', ceil($resetTimeOut / 60));
 				else
 					$timeOut = sprintf('%d seconds', $resetTimeOut);
 				$form->adopt(new Alert('Password reset token already sent', 'We already sent a password reset token to this email address recently. ' .
 					'If no email was received, please wait ' . $timeOut . ' to try again.', 'error'));
 				return;
 			}
 			Authentication::setResetKey($user->getUserId());
 			Email::resetMail($user->getUserId());
 			// Show the success message
 			$this->page->clear();
 			$box = new DummyBox('An email has been sent');
 			$box->adopt(new Alert('', 'We have sent an email to ' . $_POST['emailaddress'] . ' containing details on how to reset your password.', 'success'));
 			$this->page->adopt($box);
 		}
 	}
 	private function verifyResetKey()
 		{
 			$email = rawurldecode($_GET['email']);
-		$user = Member::fromEmailAddress($email);
+			$id_user = Authentication::getUserid($email);
-		if (!$user)
+			if ($id_user === false)
 				throw new UserFacingException('Invalid email address. Please make sure you copied the full link in the email you received.');
 			$key = $_GET['key'];
-		if (!Authentication::checkResetKey($user->getUserId(), $key))
+			if (!Authentication::checkResetKey($id_user, $key))
 				throw new UserFacingException('Invalid reset token. Please make sure you copied the full link in the email you received. Note: you cannot use the same token twice.');
 			parent::__construct('Reset password - ' . SITE_TITLE);
@ -93,11 +42,7 @@ class ResetPassword extends HTMLController
 				// So, are we good to go?
 				if (empty($missing))
 				{
-				Authentication::updatePassword($user->getUserId(), Authentication::computeHash($_POST['password1']));
+					Authentication::updatePassword($id_user, Authentication::computeHash($_POST['password1']));
 				// Consume token, ensuring it isn't used again
 				Authentication::consumeResetKey($user->getUserId());
 					$_SESSION['login_msg'] = ['Your password has been reset', 'You can now use the form below to log in to your account.', 'success'];
 					header('Location: ' . BASEURL . '/login/');
 					exit;
@ -106,4 +51,31 @@ class ResetPassword extends HTMLController
 					$form->adopt(new Alert('Some fields require your attention', '<ul><li>' . implode('</li><li>', $missing) . '</li></ul>', 'danger'));
 		 	}
 		}
 		else
 		{
 			parent::__construct('Reset password - ' . SITE_TITLE);
 			$form = new ForgotPasswordForm();
 			$this->page->adopt($form);
 			// Have they submitted an email address yet?
 			if (isset($_POST['emailaddress']) && preg_match('~^.+@.+\.[a-z]+$~', trim($_POST['emailaddress'])))
 			{
 				$id_user = Authentication::getUserid(trim($_POST['emailaddress']));
 				if ($id_user === false)
 				{
 					$form->adopt(new Alert('Invalid email address', 'The email address you provided could not be found in our system. Please try again.', 'danger'));
 					return;
 				}
 				Authentication::setResetKey($id_user);
 				Email::resetMail($id_user);
 				// Show the success message
 				$this->page->clear();
 				$box = new DummyBox('An email has been sent');
 				$box->adopt(new Alert('', 'We have sent an email to ' . $_POST['emailaddress'] . ' containing details on how to reset your password.', 'success'));
 				$this->page->adopt($box);
 			}
 		}
 	}
 }
--- a/controllers/ViewPhotoAlbum.php
+++ b/controllers/ViewPhotoAlbum.php
@ -289,4 +289,10 @@ class ViewPhotoAlbum extends HTMLController
 		$description = !empty($tag->description) ? $tag->description : '';
 		return new AlbumHeaderBox($tag->tag, $description, $back_link, $back_link_title);
 	}
 	public function __destruct()
 	{
 		if (isset($this->iterator))
 			$this->iterator->clean();
 	}
 }
--- a/controllers/ViewTimeline.php
+++ b/controllers/ViewTimeline.php
@ -54,4 +54,10 @@ class ViewTimeline extends HTMLController
 		// Set the canonical url.
 		$this->page->setCanonicalUrl(BASEURL . '/timeline/');
 	}
 	public function __destruct()
 	{
 		if (isset($this->iterator))
 			$this->iterator->clean();
 	}
 }
--- a/migrations/2024-11-05.sql
+++ b/migrations/2024-11-05.sql
@ -1,2 +0,0 @@
 /* Add time-out to password reset keys, and prevent repeated mails */
 ALTER TABLE `users` ADD `reset_blocked_until` INT  UNSIGNED  NULL  AFTER `reset_key`;
--- a/models/Asset.php
+++ b/models/Asset.php
@ -24,7 +24,7 @@ class Asset
 	protected $tags;
 	protected $thumbnails;
-	public function __construct(array $data)
+	protected function __construct(array $data)
 	{
 		foreach ($data as $attribute => $value)
 		{
@ -32,7 +32,7 @@ class Asset
 				$this->$attribute = $value;
 		}
-		if (isset($data['date_captured']) && $data['date_captured'] !== null && !is_object($data['date_captured']))
+		if (!empty($data['date_captured']) && $data['date_captured'] !== 'NULL')
 			$this->date_captured = new DateTime($data['date_captured']);
 	}
@ -56,7 +56,7 @@ class Asset
 		$row = Registry::get('db')->queryAssoc('
 			SELECT *
 			FROM assets
-			WHERE id_asset = :id_asset',
+			WHERE id_asset = {int:id_asset}',
 			[
 				'id_asset' => $id_asset,
 			]);
@ -69,7 +69,7 @@ class Asset
 		$row = Registry::get('db')->queryAssoc('
 			SELECT *
 			FROM assets
-			WHERE slug = :slug',
+			WHERE slug = {string:slug}',
 			[
 				'slug' => $slug,
 			]);
@ -85,7 +85,7 @@ class Asset
 		$row['meta'] = $db->queryPair('
 			SELECT variable, value
 			FROM assets_meta
-			WHERE id_asset = :id_asset',
+			WHERE id_asset = {int:id_asset}',
 			[
 				'id_asset' => $row['id_asset'],
 			]);
@ -94,20 +94,21 @@ class Asset
 		$row['thumbnails'] = $db->queryPair('
 			SELECT
 				CONCAT(
-					width, :x, height,
+					width,
-					IF(mode != :empty1, CONCAT(:_, mode), :empty2)
+					{string:x},
 					height,
 					IF(mode != {string:empty}, CONCAT({string:_}, mode), {string:empty})
 				) AS selector, filename
 			FROM assets_thumbs
-			WHERE id_asset = :id_asset',
+			WHERE id_asset = {int:id_asset}',
 			[
 				'id_asset' => $row['id_asset'],
-				'empty1' => '',
+				'empty' => '',
 				'empty2' => '',
 				'x' => 'x',
 				'_' => '_',
 			]);
-		return $return_format === 'object' ? new static($row) : $row;
+		return $return_format == 'object' ? new Asset($row) : $row;
 	}
 	public static function fromIds(array $id_assets, $return_format = 'array')
@ -120,14 +121,14 @@ class Asset
 		$res = $db->query('
 			SELECT *
 			FROM assets
-			WHERE id_asset IN (@id_assets)
+			WHERE id_asset IN ({array_int:id_assets})
 			ORDER BY id_asset',
 			[
 				'id_assets' => $id_assets,
 			]);
 		$assets = [];
-		while ($asset = $db->fetchAssoc($res))
+		while ($asset = $db->fetch_assoc($res))
 		{
 			$assets[$asset['id_asset']] = $asset;
 			$assets[$asset['id_asset']]['meta'] = [];
@ -137,7 +138,7 @@ class Asset
 		$metas = $db->queryRows('
 			SELECT id_asset, variable, value
 			FROM assets_meta
-			WHERE id_asset IN (@id_assets)
+			WHERE id_asset IN ({array_int:id_assets})
 			ORDER BY id_asset',
 			[
 				'id_assets' => $id_assets,
@ -149,16 +150,17 @@ class Asset
 		$thumbnails = $db->queryRows('
 			SELECT id_asset,
 				CONCAT(
-					width, :x, height,
+					width,
-					IF(mode != :empty1, CONCAT(:_, mode), :empty2)
+					{string:x},
 					height,
 					IF(mode != {string:empty}, CONCAT({string:_}, mode), {string:empty})
 				) AS selector, filename
 			FROM assets_thumbs
-			WHERE id_asset IN (@id_assets)
+			WHERE id_asset IN ({array_int:id_assets})
 			ORDER BY id_asset',
 			[
 				'id_assets' => $id_assets,
-				'empty1' => '',
+				'empty' => '',
 				'empty2' => '',
 				'x' => 'x',
 				'_' => '_',
 			]);
@ -166,10 +168,8 @@ class Asset
 		foreach ($thumbnails as $thumb)
 			$assets[$thumb[0]]['thumbnails'][$thumb[1]] = $thumb[2];
-		if ($return_format === 'array')
+		if ($return_format == 'array')
 		{
 			return $assets;
 		}
 		else
 		{
 			$objects = [];
@ -262,10 +262,10 @@ class Asset
 			INSERT INTO assets
 			(id_user_uploaded, subdir, filename, title, slug, mimetype, image_width, image_height, date_captured, priority)
 			VALUES
-			(:id_user_uploaded, :subdir, :filename, :title, :slug, :mimetype,
+			({int:id_user_uploaded}, {string:subdir}, {string:filename}, {string:title}, {string:slug}, {string:mimetype},
-			 :image_width, :image_height,
+			 {int:image_width}, {int:image_height},
-			 IF(:date_captured > 0, FROM_UNIXTIME(:date_captured), NULL),
+			 IF({int:date_captured} > 0, FROM_UNIXTIME({int:date_captured}), NULL),
-			 :priority)',
+			 {int:priority})',
 			[
 				'id_user_uploaded' => isset($id_user) ? $id_user : Registry::get('user')->getUserId(),
 				'subdir' => $preferred_subdir,
@ -273,9 +273,9 @@ class Asset
 				'title' => $title,
 				'slug' => $slug,
 				'mimetype' => $mimetype,
-				'image_width' => isset($image_width) ? $image_width : null,
+				'image_width' => isset($image_width) ? $image_width : 'NULL',
-				'image_height' => isset($image_height) ? $image_height : null,
+				'image_height' => isset($image_height) ? $image_height : 'NULL',
-				'date_captured' => isset($date_captured) ? $date_captured : null,
+				'date_captured' => isset($date_captured) ? $date_captured : 'NULL',
 				'priority' => isset($priority) ? (int) $priority : 0,
 			]);
@ -285,7 +285,7 @@ class Asset
 			return false;
 		}
-		$data['id_asset'] = $db->insertId();
+		$data['id_asset'] = $db->insert_id();
 		return $return_format === 'object' ? new self($data) : $data;
 	}
@ -324,7 +324,7 @@ class Asset
 		$posts = Registry::get('db')->queryValues('
 			SELECT id_post
 			FROM posts_assets
-			WHERE id_asset = :id_asset',
+			WHERE id_asset = {int:id_asset}',
 			['id_asset' => $this->id_asset]);
 		// TODO: fix empty post iterator.
@ -495,18 +495,18 @@ class Asset
 		return Registry::get('db')->query('
 			UPDATE assets
 			SET
-				mimetype = :mimetype,
+				mimetype = {string:mimetype},
-				image_width = :image_width,
+				image_width = {int:image_width},
-				image_height = :image_height,
+				image_height = {int:image_height},
-				date_captured = :date_captured,
+				date_captured = {datetime:date_captured},
-				priority = :priority
+				priority = {int:priority}
-			WHERE id_asset = :id_asset',
+			WHERE id_asset = {int:id_asset}',
 			[
 				'id_asset' => $this->id_asset,
 				'mimetype' => $this->mimetype,
-				'image_width' => isset($this->image_width) ? $this->image_width : null,
+				'image_width' => isset($this->image_width) ? $this->image_width : 'NULL',
-				'image_height' => isset($this->image_height) ? $this->image_height : null,
+				'image_height' => isset($this->image_height) ? $this->image_height : 'NULL',
-				'date_captured' => isset($this->date_captured) ? $this->date_captured : null,
+				'date_captured' => isset($this->date_captured) ? $this->date_captured : 'NULL',
 				'priority' => $this->priority,
 			]);
 	}
@ -527,8 +527,8 @@ class Asset
 			if (!empty($to_remove))
 				$db->query('
 					DELETE FROM assets_meta
-					WHERE id_asset = :id_asset AND
+					WHERE id_asset = {int:id_asset} AND
-						variable IN(@variables)',
+						variable IN({array_string:variables})',
 					[
 						'id_asset' => $this->id_asset,
 						'variables' => array_keys($to_remove),
@ -559,40 +559,63 @@ class Asset
 	{
 		$db = Registry::get('db');
-		// Delete any and all thumbnails, if this is an image.
+		// First: delete associated metadata
 		if ($this->isImage())
 		{
 			$image = $this->getImage();
 			$image->removeAllThumbnails();
 		}
 		// Delete all meta info for this asset.
 		$db->query('
 			DELETE FROM assets_meta
-			WHERE id_asset = :id_asset',
+			WHERE id_asset = {int:id_asset}',
-			['id_asset' => $this->id_asset]);
+			[
 				'id_asset' => $this->id_asset,
 			]);
-		// Figure out what tags to recount cardinality for
+		// Second: figure out what tags to recount cardinality for
 		$recount_tags = $db->queryValues('
 			SELECT id_tag
 			FROM assets_tags
-			WHERE id_asset = :id_asset',
+			WHERE id_asset = {int:id_asset}',
-			['id_asset' => $this->id_asset]);
+			[
 				'id_asset' => $this->id_asset,
 			]);
 		// Delete asset association for these tags
 		$db->query('
 			DELETE FROM assets_tags
-			WHERE id_asset = :id_asset',
+			WHERE id_asset = {int:id_asset}',
-			['id_asset' => $this->id_asset]);
+			[
 				'id_asset' => $this->id_asset,
 			]);
 		Tag::recount($recount_tags);
 		// Third: figure out what associated thumbs to delete
 		$thumbs_to_delete = $db->queryValues('
 			SELECT filename
 			FROM assets_thumbs
 			WHERE id_asset = {int:id_asset}',
 			[
 				'id_asset' => $this->id_asset,
 			]);
 		foreach ($thumbs_to_delete as $filename)
 		{
 			$thumb_path = THUMBSDIR . '/' . $this->subdir . '/' . $filename;
 			if (is_file($thumb_path))
 				unlink($thumb_path);
 		}
 		$db->query('
 			DELETE FROM assets_thumbs
 			WHERE id_asset = {int:id_asset}',
 			[
 				'id_asset' => $this->id_asset,
 			]);
 		// Reset asset ID for tags that use this asset for their thumbnail
-		$rows = $db->queryValues('
+		$rows = $db->query('
 			SELECT id_tag
 			FROM tags
-			WHERE id_asset_thumb = :id_asset',
+			WHERE id_asset_thumb = {int:id_asset}',
-			['id_asset' => $this->id_asset]);
+			[
 				'id_asset' => $this->id_asset,
 			]);
 		if (!empty($rows))
 		{
@ -609,8 +632,10 @@ class Asset
 		$return = $db->query('
 			DELETE FROM assets
-			WHERE id_asset = :id_asset',
+			WHERE id_asset = {int:id_asset}',
-			['id_asset' => $this->id_asset]);
+			[
 				'id_asset' => $this->id_asset,
 			]);
 		return $return;
 	}
@ -639,7 +664,7 @@ class Asset
 		Registry::get('db')->query('
 			DELETE FROM assets_tags
-			WHERE id_asset = :id_asset AND id_tag IN (@id_tags)',
+			WHERE id_asset = {int:id_asset} AND id_tag IN ({array_int:id_tags})',
 			[
 				'id_asset' => $this->id_asset,
 				'id_tags' => $id_tags,
@ -655,24 +680,6 @@ class Asset
 			FROM assets');
 	}
 	public static function getOffset($offset, $limit, $order, $direction)
 	{
 		$order = $order . ($direction == 'up' ? ' ASC' : ' DESC');
 		return Registry::get('db')->queryAssocs('
 			SELECT a.id_asset, a.subdir, a.filename,
 				a.image_width, a.image_height, a.mimetype,
 				u.id_user, u.first_name, u.surname
 			FROM assets AS a
 			LEFT JOIN users AS u ON a.id_user_uploaded = u.id_user
 			ORDER BY ' . $order . '
 			LIMIT :offset, :limit',
 			[
 				'offset' => $offset,
 				'limit' => $limit,
 			]);
 	}
 	public function save()
 	{
 		if (empty($this->id_asset))
@ -680,16 +687,18 @@ class Asset
 		return Registry::get('db')->query('
 			UPDATE assets
-			SET subdir = :subdir,
+			SET id_asset = {int:id_asset},
-				filename = :filename,
+				id_user_uploaded = {int:id_user_uploaded},
-				title = :title,
+				subdir = {string:subdir},
-				slug = :slug,
+				filename = {string:filename},
-				mimetype = :mimetype,
+				title = {string:title},
-				image_width = :image_width,
+				slug = {string:slug},
-				image_height = :image_height,
+				mimetype = {string:mimetype},
-				date_captured = :date_captured,
+				image_width = {int:image_width},
-				priority = :priority
+				image_height = {int:image_height},
-			WHERE id_asset = :id_asset',
+				date_captured = {datetime:date_captured},
 				priority = {int:priority}
 			WHERE id_asset = {int:id_asset}',
 			get_object_vars($this));
 	}
@ -707,27 +716,27 @@ class Asset
 		// Direction depends on whether we're browsing a tag or timeline
 		if (isset($tag))
 		{
-			$where[] = 't.id_tag = :id_tag';
+			$where[] = 't.id_tag = {int:id_tag}';
 			$params['id_tag'] = $tag->id_tag;
-			$where_op = $previous ? '<' : '>';
+			$params['where_op'] = $previous ? '<' : '>';
-			$order_dir = $previous ? 'DESC' : 'ASC';
+			$params['order_dir'] = $previous ? 'DESC' : 'ASC';
 		}
 		else
 		{
-			$where_op = $previous ? '>' : '<';
+			$params['where_op'] = $previous ? '>' : '<';
-			$order_dir = $previous ? 'ASC' : 'DESC';
+			$params['order_dir'] = $previous ? 'ASC' : 'DESC';
 		}
 		// Take active filter into account as well
 		if (!empty($activeFilter) && ($user = Member::fromSlug($activeFilter)) !== false)
 		{
-			$where[] = 'id_user_uploaded = :id_user_uploaded';
+			$where[] = 'id_user_uploaded = {int:id_user_uploaded}';
 			$params['id_user_uploaded'] = $user->getUserId();
 		}
 		// Use complete ordering when sorting the set
-		$where[] = '(a.date_captured, a.id_asset) ' . $where_op .
+		$where[] = '(a.date_captured, a.id_asset) {raw:where_op} ' .
-			' (:date_captured, :id_asset)';
+			'({datetime:date_captured}, {int:id_asset})';
 		// Stringify conditions together
 		$where = '(' . implode(') AND (', $where) . ')';
@ -739,7 +748,7 @@ class Asset
 			' . (isset($tag) ? '
 			INNER JOIN assets_tags AS t ON a.id_asset = t.id_asset' : '') . '
 			WHERE ' . $where . '
-			ORDER BY a.date_captured ' . $order_dir . ', a.id_asset ' . $order_dir . '
+			ORDER BY a.date_captured {raw:order_dir}, a.id_asset {raw:order_dir}
 			LIMIT 1',
 			$params);
--- a/models/AssetIterator.php
+++ b/models/AssetIterator.php
@ -1,50 +1,42 @@
 <?php
 /*****************************************************************************
 * AssetIterator.php
- * Contains model class AssetIterator.
+ * Contains key class AssetIterator.
 *
- * Kabuki CMS (C) 2013-2025, Aaron van Geffen
+ * Kabuki CMS (C) 2013-2015, Aaron van Geffen
 *****************************************************************************/
-class AssetIterator implements Iterator
+class AssetIterator extends Asset
 {
 	private Database $db;
 	private $direction;
 	private $return_format;
-	private $rowCount;
+	private $res_assets;
 	private $res_meta;
 	private $res_thumbs;
-	private $assets_iterator;
+	protected function __construct($res_assets, $res_meta, $res_thumbs, $return_format, $direction)
 	private $meta_iterator;
 	private $thumbs_iterator;
 	protected function __construct(PDOStatement $stmt_assets, PDOStatement $stmt_meta, PDOStatement $stmt_thumbs,
 		$return_format, $direction)
 	{
 		$this->db = Registry::get('db');
 		$this->direction = $direction;
 		$this->res_assets = $res_assets;
 		$this->res_meta = $res_meta;
 		$this->res_thumbs = $res_thumbs;
 		$this->return_format = $return_format;
 		$this->rowCount = $stmt_assets->rowCount();
 		$this->assets_iterator = new CachedPDOIterator($stmt_assets);
 		$this->assets_iterator->rewind();
 		$this->meta_iterator = new CachedPDOIterator($stmt_meta);
 		$this->thumbs_iterator = new CachedPDOIterator($stmt_thumbs);
 	}
-	public static function all()
+	public function next()
 	{
-		return self::getByOptions();
+		$row = $this->db->fetch_assoc($this->res_assets);
 	}
-	public function current(): mixed
+		// No more rows?
 	{
 		$row = $this->assets_iterator->current();
 		if (!$row)
-			return $row;
+			return false;
-		// Collect metadata
+		// Looks up metadata.
 		$row['meta'] = [];
-		$this->meta_iterator->rewind();
+		while ($meta = $this->db->fetch_assoc($this->res_meta))
 		foreach ($this->meta_iterator as $meta)
 		{
 			if ($meta['id_asset'] != $row['id_asset'])
 				continue;
@ -52,23 +44,54 @@ class AssetIterator implements Iterator
 			$row['meta'][$meta['variable']] = $meta['value'];
 		}
-		// Collect thumbnails
+		// Reset internal pointer for next asset.
 		$this->db->data_seek($this->res_meta, 0);
 		// Looks up thumbnails.
 		$row['thumbnails'] = [];
-		$this->thumbs_iterator->rewind();
+		while ($thumbs = $this->db->fetch_assoc($this->res_thumbs))
 		foreach ($this->thumbs_iterator as $thumb)
 		{
-			if ($thumb['id_asset'] != $row['id_asset'])
+			if ($thumbs['id_asset'] != $row['id_asset'])
 				continue;
-			$row['thumbnails'][$thumb['selector']] = $thumb['filename'];
+			$row['thumbnails'][$thumbs['selector']] = $thumbs['filename'];
 		}
 		// Reset internal pointer for next asset.
 		$this->db->data_seek($this->res_thumbs, 0);
 		if ($this->return_format === 'object')
 			return new Asset($row);
 		else
 			return $row;
 	}
 	public function reset()
 	{
 		$this->db->data_seek($this->res_assets, 0);
 		$this->db->data_seek($this->res_meta, 0);
 		$this->db->data_seek($this->res_thumbs, 0);
 	}
 	public function clean()
 	{
 		if (!$this->res_assets)
 			return;
 		$this->db->free_result($this->res_assets);
 		$this->res_assets = null;
 	}
 	public function num()
 	{
 		return $this->db->num_rows($this->res_assets);
 	}
 	public static function all()
 	{
 		return self::getByOptions();
 	}
 	public static function getByOptions(array $options = [], $return_count = false, $return_format = 'object')
 	{
 		$params = [
@ -91,9 +114,9 @@ class AssetIterator implements Iterator
 		{
 			$params['mime_type'] = $options['mime_type'];
 			if (is_array($options['mime_type']))
-				$where[] = 'a.mimetype IN(@mime_type)';
+				$where[] = 'a.mimetype IN({array_string:mime_type})';
 			else
-				$where[] = 'a.mimetype = :mime_type';
+				$where[] = 'a.mimetype = {string:mime_type}';
 		}
 		if (isset($options['id_user_uploaded']))
 		{
@ -106,17 +129,7 @@ class AssetIterator implements Iterator
 			$where[] = 'id_asset IN(
 				SELECT l.id_asset
 				FROM assets_tags AS l
-				WHERE l.id_tag = :id_tag)';
+				WHERE l.id_tag = {int:id_tag})';
 		}
 		elseif (isset($options['tag']))
 		{
 			$params['tag'] = $options['tag'];
 			$where[] = 'id_asset IN(
 				SELECT l.id_asset
 				FROM assets_tags AS l
 				INNER JOIN tags AS t
 				ON l.id_tag = t.id_tag
 				WHERE t.slug = :tag)';
 		}
 		// Make it valid SQL.
@ -132,7 +145,7 @@ class AssetIterator implements Iterator
 			FROM assets AS a
 			WHERE ' . $where . '
 			ORDER BY ' . $order . (!empty($params['limit']) ? '
-			LIMIT :offset, :limit' : ''),
+			LIMIT {int:offset}, {int:limit}' : ''),
 			$params);
 		// Get a resource object for the asset meta.
@ -152,9 +165,9 @@ class AssetIterator implements Iterator
 			SELECT id_asset, filename,
 				CONCAT(
 					width,
-					:x,
+					{string:x},
 					height,
-					IF(mode != :empty1, CONCAT(:_, mode), :empty2)
+					IF(mode != {string:empty}, CONCAT({string:_}, mode), {string:empty})
 				) AS selector
 			FROM assets_thumbs
 			WHERE id_asset IN(
@ -164,8 +177,7 @@ class AssetIterator implements Iterator
 			)
 			ORDER BY id_asset',
 			$params + [
-				'empty1' => '',
+				'empty' => '',
 				'empty2' => '',
 				'x' => 'x',
 				'_' => '_',
 			]);
@ -187,38 +199,13 @@ class AssetIterator implements Iterator
 			return $iterator;
 	}
-	public function key(): mixed
+	public function isAscending()
 	{
 		return $this->assets_iterator->key();
 	}
 	public function isAscending(): bool
 	{
 		return $this->direction === 'asc';
 	}
-	public function isDescending(): bool
+	public function isDescending()
 	{
 		return $this->direction === 'desc';
 	}
 	public function next(): void
 	{
 		$this->assets_iterator->next();
 	}
 	public function num(): int
 	{
 		return $this->rowCount;
 	}
 	public function rewind(): void
 	{
 		$this->assets_iterator->rewind();
 	}
 	public function valid(): bool
 	{
 		return $this->assets_iterator->valid();
 	}
 }
--- a/models/Authentication.php
+++ b/models/Authentication.php
@ -12,27 +12,48 @@
 */
 class Authentication
 {
-	const DEFAULT_RESET_TIMEOUT = 30;
+	/**
 	 * Checks whether a user still exists in the database.
 	 */
 	public static function checkExists($id_user)
 	{
 		$res = Registry::get('db')->queryValue('
 			SELECT id_user
 			FROM users
 			WHERE id_user = {int:id}',
 			[
 				'id' => $id_user,
 			]);
 		return $res !== null;
 	}
 	/**
-	 * Checks a password for a given username against the database.
+	 * Finds the user id belonging to a certain emailaddress.
 	 */
-	public static function checkPassword($emailaddress, $password)
+	public static function getUserId($emailaddress)
 	{
-		// Retrieve password hash for user matching the provided emailaddress.
+		$res = Registry::get('db')->queryValue('
-		$password_hash = Registry::get('db')->queryValue('
+			SELECT id_user
 			SELECT password_hash
 			FROM users
-			WHERE emailaddress = :emailaddress',
+			WHERE emailaddress = {string:emailaddress}',
 			[
 				'emailaddress' => $emailaddress,
 			]);
-		// If there's no hash, the user likely does not exist.
+		return empty($res) ? false : $res;
-		if (!$password_hash)
+	}
 			return false;
-		return password_verify($password, $password_hash);
+	public static function setResetKey($id_user)
 	{
 		return Registry::get('db')->query('
 			UPDATE users
 			SET reset_key = {string:key}
 			WHERE id_user = {int:id}',
 			[
 				'id' => $id_user,
 				'key' => self::newActivationKey(),
 			]);
 	}
 	public static function checkResetKey($id_user, $reset_key)
@ -48,55 +69,22 @@ class Authentication
 		return $key == $reset_key;
 	}
 	/**
 	 * Computes a password hash.
 	 */
 	public static function computeHash($password)
 	{
 		$hash = password_hash($password, PASSWORD_DEFAULT);
 		if (!$hash)
 			throw new Exception('Hash creation failed!');
 		return $hash;
 	}
 	public static function consumeResetKey($id_user)
 	{
 		return Registry::get('db')->query('
 			UPDATE users
 			SET reset_key = NULL,
 				reset_blocked_until = NULL
 			WHERE id_user = {int:id_user}',
 			['id_user' => $id_user]);
 	}
 	public static function getResetTimeOut($id_user)
 	{
 		$resetTime = Registry::get('db')->queryValue('
 			SELECT reset_blocked_until
 			FROM users
 			WHERE id_user = {int:id_user}',
 			['id_user' => $id_user]);
 		return max(0, $resetTime - time());
 	}
 	/**
 	 * Verifies whether the user is currently logged in.
 	 */
 	public static function isLoggedIn()
 	{
-		if (!isset($_SESSION['user_id']))
+		// Check whether the active session matches the current user's environment.
 		if (isset($_SESSION['ip_address'], $_SESSION['user_agent']) && (
 			 (isset($_SERVER['REMOTE_ADDR']) && $_SESSION['ip_address'] != $_SERVER['REMOTE_ADDR']) ||
 			 (isset($_SERVER['HTTP_USER_AGENT']) && $_SESSION['user_agent'] != $_SERVER['HTTP_USER_AGENT'])))
 		{
 			session_destroy();
 			return false;
 		}
-		try
+		// A user is logged in if a user id exists in the session and this id is (still) in the database.
-		{
+		return isset($_SESSION['user_id']) && self::checkExists($_SESSION['user_id']);
 			$exists = Member::fromId($_SESSION['user_id']);
 			return true;
 		}
 		catch (NotFoundException $e)
 		{
 			return false;
 		}
 	}
 	/**
@ -111,17 +99,36 @@ class Authentication
 		return $string;
 	}
-	public static function setResetKey($id_user)
+	/**
 	 * Checks a password for a given username against the database.
 	 */
 	public static function checkPassword($emailaddress, $password)
 	{
-		return Registry::get('db')->query('
+		// Retrieve password hash for user matching the provided emailaddress.
-			UPDATE users
+		$password_hash = Registry::get('db')->queryValue('
-			SET reset_key = {string:key},
+			SELECT password_hash
-				reset_blocked_until = UNIX_TIMESTAMP() + ' . static::DEFAULT_RESET_TIMEOUT . '
+			FROM users
-			WHERE id_user = {int:id}',
+			WHERE emailaddress = {string:emailaddress}',
 			[
-				'id' => $id_user,
+				'emailaddress' => $emailaddress,
 				'key' => self::newActivationKey(),
 			]);
 		// If there's no hash, the user likely does not exist.
 		if (!$password_hash)
 			return false;
 		return password_verify($password, $password_hash);
 	}
 	/**
 	 * Computes a password hash.
 	 */
 	public static function computeHash($password)
 	{
 		$hash = password_hash($password, PASSWORD_DEFAULT);
 		if (!$hash)
 			throw new Exception('Hash creation failed!');
 		return $hash;
 	}
 	/**
@ -132,35 +139,13 @@ class Authentication
 		return Registry::get('db')->query('
 			UPDATE users
 			SET
-				password_hash = :hash,
+				password_hash = {string:hash},
-				reset_key = :blank
+				reset_key = {string:blank}
-			WHERE id_user = :id_user',
+			WHERE id_user = {int:id_user}',
 			[
 				'id_user' => $id_user,
 				'hash' => $hash,
 				'blank' => '',
 			]);
 	}
 	public static function updateResetTimeOut($id_user)
 	{
 		$currentResetTimeOut = static::getResetTimeOut($id_user);
 		// New timeout: between 30 seconds, double the current timeout, and a full day
 		$newResetTimeOut = min(max(static::DEFAULT_RESET_TIMEOUT, $currentResetTimeOut * 2), 60 * 60 * 24);
 		$success = Registry::get('db')->query('
 			UPDATE users
 			SET reset_blocked_until = {int:new_time_out}
 			WHERE id_user = {int:id_user}',
 			[
 				'id_user' => $id_user,
 				'new_time_out' => time() + $newResetTimeOut,
 			]);
 		if (!$success)
 			throw new UnexpectedValueException('Could not set password reset timeout!');
 		return $newResetTimeOut;
 	}
 }
--- a/models/CachedPDOIterator.php
+++ b/models/CachedPDOIterator.php
@ -1,56 +0,0 @@
 <?php
 /*****************************************************************************
 * CachedPDOIterator.php
 * Contains model class CachedPDOIterator.
 *
 * Based on https://gist.github.com/hakre/5152090
 *
 * Kabuki CMS (C) 2013-2021, Aaron van Geffen
 *****************************************************************************/
 class CachedPDOIterator extends CachingIterator
 {
    private $index;
    public function __construct(PDOStatement $statement)
    {
        parent::__construct(new IteratorIterator($statement), self::FULL_CACHE);
    }
    public function rewind(): void
    {
        if ($this->index === null)
        {
            parent::rewind();
        }
        $this->index = 0;
    }
    public function current(): mixed
    {
        if ($this->offsetExists($this->index))
        {
            return $this->offsetGet($this->index);
        }
        return parent::current();
    }
    public function key(): mixed
    {
        return $this->index;
    }
    public function next(): void
    {
        $this->index++;
        if (!$this->offsetExists($this->index))
        {
            parent::next();
        }
    }
    public function valid(): bool
    {
        return $this->offsetExists($this->index) || parent::valid();
    }
 }
--- a/models/Database.php
+++ b/models/Database.php
@ -1,34 +1,44 @@
 <?php
 /*****************************************************************************
 * Database.php
- * Contains model class Database.
+ * Contains key class Database.
 *
- * Kabuki CMS (C) 2013-2025, Aaron van Geffen
+ * Adapted from SMF 2.0's DBA (C) 2011 Simple Machines
 * Used under BSD 3-clause license.
 *
 * Kabuki CMS (C) 2013-2015, Aaron van Geffen
 *****************************************************************************/
 /**
 * The database model used to communicate with the MySQL server.
 */
 class Database
 {
 	private $connection;
 	private $query_count = 0;
 	private $logged_queries = [];
 	private array $db_callback;
-	public function __construct($host, $user, $password, $name)
+	/**
 	 * Initialises a new database connection.
 	 * @param server: server to connect to.
 	 * @param user: username to use for authentication.
 	 * @param password: password to use for authentication.
 	 * @param name: database to select.
 	 */
 	public function __construct($server, $user, $password, $name)
 	{
-		try
+		$this->connection = @mysqli_connect($server, $user, $password, $name);
-		{
+
 			$this->connection = new PDO("mysql:host=$host;dbname=$name;charset=utf8mb4", $user, $password, [
 				PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
 				PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
 				PDO::ATTR_EMULATE_PREPARES => false,
 			]);
 		}
 		// Give up if we have a connection error.
-		catch (PDOException $e)
+		if (mysqli_connect_error())
 		{
-			http_response_code(503);
+			header('HTTP/1.1 503 Service Temporarily Unavailable');
 			echo '<h2>Database Connection Problems</h2><p>Our software could not connect to the database. We apologise for any inconvenience and ask you to check back later.</p>';
 			exit;
 		}
 		$this->query('SET NAMES {string:utf8mb4}', ['utf8mb4' => 'utf8mb4']);
 	}
 	public function getQueryCount()
@ -42,227 +52,305 @@ class Database
 	}
 	/**
-	 * Fetches a row from a given statement/recordset, using field names as keys.
+	 * Fetches a row from a given recordset, using field names as keys.
 	 */
-	public function fetchAssoc($stmt)
+	public function fetch_assoc($resource)
 	{
-		return $stmt->fetch(PDO::FETCH_ASSOC);
+		return mysqli_fetch_assoc($resource);
 	}
 	/**
-	 * Fetches a row from a given statement/recordset, encapsulating into an object.
+	 * Fetches a row from a given recordset, using numeric keys.
 	 */
-	public function fetchObject($stmt, $class)
+	public function fetch_row($resource)
 	{
-		return $stmt->fetchObject($class);
+		return mysqli_fetch_row($resource);
 	}
 	/**
-	 * Fetches a row from a given statement/recordset, using numeric keys.
+	 * Destroys a given recordset.
 	 */
-	public function fetchNum($stmt)
+	public function free_result($resource)
 	{
-		return $stmt->fetch(PDO::FETCH_NUM);
+		return mysqli_free_result($resource);
 	}
 	public function data_seek($result, $row_num)
 	{
 		return mysqli_data_seek($result, $row_num);
 	}
 	/**
-	 * Destroys a given statement/recordset.
+	 * Returns the amount of rows in a given recordset.
 	 */
-	public function free($stmt)
+	public function num_rows($resource)
 	{
-		return $stmt->closeCursor();
+		return mysqli_num_rows($resource);
 	}
 	/**
-	 * Returns the amount of rows in a given statement/recordset.
+	 * Returns the amount of fields in a given recordset.
 	 */
-	public function rowCount($stmt)
+	public function num_fields($resource)
 	{
-		return $stmt->rowCount();
+		return mysqli_num_fields($resource);
 	}
 	/**
-	 * Returns the amount of fields in a given statement/recordset.
+	 * Escapes a string.
 	 */
-	public function columnCount($stmt)
+	public function escape_string($string)
 	{
-		return $stmt->columnCount();
+		return mysqli_real_escape_string($this->connection, $string);
 	}
 	/**
 	 * Unescapes a string.
 	 */
 	public function unescape_string($string)
 	{
 		return stripslashes($string);
 	}
 	/**
 	 * Returns the last MySQL error.
 	 */
 	public function error()
 	{
 		return mysqli_error($this->connection);
 	}
 	public function server_info()
 	{
 		return mysqli_get_server_info($this->connection);
 	}
 	/**
 	 * Selects a database on a given connection.
 	 */
 	public function select_db($database)
 	{
 		return mysqli_select_db($database, $this->connection);
 	}
 	/**
 	 * Returns the amount of rows affected by the previous query.
 	 */
 	public function affected_rows()
 	{
 		return mysqli_affected_rows($this->connection);
 	}
 	/**
 	 * Returns the id of the row created by a previous query.
 	 */
-	public function insertId($name = null)
+	public function insert_id()
 	{
-		return $this->connection->lastInsertId($name);
+		return mysqli_insert_id($this->connection);
 	}
 	/**
-	 * Start a transaction.
+	 * Do a MySQL transaction.
 	 */
-	public function beginTransaction()
+	public function transaction($operation = 'commit')
 	{
-		return $this->connection->beginTransaction();
+		switch ($operation)
 		{
 				case 'begin':
 				case 'rollback':
 				case 'commit':
 					return @mysqli_query($this->connection, strtoupper($operation));
 			default:
 				return false;
 		}
 	}
 	/**
-	 * Rollback changes in a transaction.
+	 * Function used as a callback for the preg_match function that parses variables into database queries.
 	 */
-	public function rollback()
+	private function replacement_callback($matches)
 	{
-		return $this->connection->rollBack();
+		list ($values, $connection) = $this->db_callback;
 		if (!isset($matches[2]))
 			trigger_error('Invalid value inserted or no type specified.', E_USER_ERROR);
 		if (!isset($values[$matches[2]]))
 			trigger_error('The database value you\'re trying to insert does not exist: ' . htmlspecialchars($matches[2]), E_USER_ERROR);
 		$replacement = $values[$matches[2]];
 		switch ($matches[1])
 		{
 			case 'int':
 				if ((!is_numeric($replacement) || (string) $replacement !== (string) (int) $replacement) && $replacement !== 'NULL')
 					trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Integer expected.', E_USER_ERROR);
 				return $replacement !== 'NULL' ? (string) (int) $replacement : 'NULL';
 			break;
 			case 'string':
 			case 'text':
 				return $replacement !== 'NULL' ? sprintf('\'%1$s\'', mysqli_real_escape_string($connection, $replacement)) : 'NULL';
 			break;
 			case 'array_int':
 				if (is_array($replacement))
 				{
 					if (empty($replacement))
 						trigger_error('Database error, given array of integer values is empty.', E_USER_ERROR);
 					foreach ($replacement as $key => $value)
 					{
 						if (!is_numeric($value) || (string) $value !== (string) (int) $value)
 							trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Array of integers expected.', E_USER_ERROR);
 						$replacement[$key] = (string) (int) $value;
 					}
-	/**
+					return implode(', ', $replacement);
 	 * Commit changes in a transaction.
 	 */
 	public function commit()
 	{
 		return $this->connection->commit();
 	}
 	private function expandPlaceholders($db_string, array &$db_values)
 	{
 		foreach ($db_values as $key => &$value)
 		{
 			if (str_contains($db_string, ':' . $key))
 			{
 				if (is_array($value))
 				{
 					throw new UnexpectedValueException('Array ' . $key .
 						' is used as a scalar placeholder. Did you mean to use \'@\' instead?');
 				}
 				// Prepare date/time values
 				if (is_a($value, 'DateTime'))
 				{
 					$value = $value->format('Y-m-d H:i:s');
 				}
 			}
 			elseif (str_contains($db_string, '@' . $key))
 			{
 				if (!is_array($value))
 				{
 					throw new UnexpectedValueException('Scalar value ' . $key .
 						' is used as an array placeholder. Did you mean to use \':\' instead?');
 				}
 				// Create placeholders for all array elements
 				$placeholders = array_map(fn($num) => ':' . $key . $num, range(0, count($value) - 1));
 				$db_string = str_replace('@' . $key, implode(', ', $placeholders), $db_string);
 				}
 				else
-			{
+					trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Array of integers expected.', E_USER_ERROR);
 				// throw new Exception('Warning: unused key in query: ' . $key);
 			}
 		}
-		return $db_string;
+			break;
 			case 'array_string':
 				if (is_array($replacement))
 				{
 					if (empty($replacement))
 						trigger_error('Database error, given array of string values is empty.', E_USER_ERROR);
 					foreach ($replacement as $key => $value)
 						$replacement[$key] = sprintf('\'%1$s\'', mysqli_real_escape_string($connection, $value));
 					return implode(', ', $replacement);
 				}
 				else
 					trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Array of strings expected.', E_USER_ERROR);
 			break;
 			case 'date':
 				if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d)$~', $replacement, $date_matches) === 1)
 					return sprintf('\'%04d-%02d-%02d\'', $date_matches[1], $date_matches[2], $date_matches[3]);
 				elseif ($replacement === 'NULL')
 					return 'NULL';
 				else
 					trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Date expected.', E_USER_ERROR);
 			break;
 			case 'datetime':
 				if (is_a($replacement, 'DateTime'))
 					return $replacement->format('\'Y-m-d H:i:s\'');
 				elseif (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d) (\d{2}):(\d{2}):(\d{2})$~', $replacement, $date_matches) === 1)
 					return sprintf('\'%04d-%02d-%02d %02d:%02d:%02d\'', $date_matches[1], $date_matches[2], $date_matches[3], $date_matches[4], $date_matches[5], $date_matches[6]);
 				elseif ($replacement === 'NULL')
 					return 'NULL';
 				else
 					trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. DateTime expected.', E_USER_ERROR);
 			break;
 			case 'float':
 				if (!is_numeric($replacement) && $replacement !== 'NULL')
 					trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Floating point number expected.', E_USER_ERROR);
 				return $replacement !== 'NULL' ? (string) (float) $replacement : 'NULL';
 			break;
 			case 'identifier':
 				// Backticks inside identifiers are supported as of MySQL 4.1. We don't need them here.
 				return '`' . strtr($replacement, ['`' => '', '.' => '']) . '`';
 			break;
 			case 'raw':
 				return $replacement;
 			break;
 			case 'bool':
 			case 'boolean':
 				// In mysql this is a synonym for tinyint(1)
 				return (bool)$replacement ? 1 : 0;
 			break;
 			default:
 				trigger_error('Undefined type <b>' . $matches[1] . '</b> used in the database query', E_USER_ERROR);
 			break;
 		}
 	}
 	/**
 	 * Escapes and quotes a string using values passed, and executes the query.
 	 */
-	public function query($db_string, array $db_values = []): PDOStatement
+	public function query($db_string, $db_values = [])
 	{
-		// One more query...
+		// One more query....
-		$this->query_count++;
+		$this->query_count ++;
-		// Error out if hardcoded strings are detected
+		// Overriding security? This is evil!
-		if (strpos($db_string, '\'') !== false)
+		$security_override = $db_values === 'security_override' || !empty($db_values['security_override']);
 			throw new UnexpectedValueException('Hack attempt: illegal character (\') used in query.');
-		if (defined('DB_LOG_QUERIES') && DB_LOG_QUERIES)
+		// Please, just use new style queries.
 		if (strpos($db_string, '\'') !== false && !$security_override)
 			trigger_error('Hack attempt!', 'Illegal character (\') used in query.', E_USER_ERROR);
 		if (!$security_override && !empty($db_values))
 		{
 			// Set some values for use in the callback function.
 			$this->db_callback = [$db_values, $this->connection];
 			// Insert the values passed to this function.
 			$db_string = preg_replace_callback('~{([a-z_]+)(?::([a-zA-Z0-9_-]+))?}~', [&$this, 'replacement_callback'], $db_string);
 			// Save some memory.
 			$this->db_callback = [];
 		}
 		if (defined("DB_LOG_QUERIES") && DB_LOG_QUERIES)
 			$this->logged_queries[] = $db_string;
-		try
+		$return = @mysqli_query($this->connection, $db_string, empty($this->unbuffered) ? MYSQLI_STORE_RESULT : MYSQLI_USE_RESULT);
 		{
 			// Preprocessing/checks: prepare any arrays for binding
 			$db_string = $this->expandPlaceholders($db_string, $db_values);
-			// Prepare query for execution
+		if (!$return)
 			$statement = $this->connection->prepare($db_string);
 			// Bind parameters... the hard way, due to a limit/offset hack.
 			// NB: bindParam binds by reference, hence &$value here.
 			foreach ($db_values as $key => &$value)
 		{
-				// Assumption: both scalar and array values are preprocessed to use named ':' placeholders
+			$clean_sql = implode("\n", array_map('trim', explode("\n", $db_string)));
-				if (!str_contains($db_string, ':' . $key))
+			trigger_error($this->error() . '<br>' . $clean_sql, E_USER_ERROR);
 					continue;
 				if (!is_array($value))
 				{
 					$statement->bindParam(':' . $key, $value);
 					continue;
 		}
-				foreach (array_values($value) as $num => &$element)
+		return $return;
 				{
 					$statement->bindParam(':' . $key . $num, $element);
 				}
 			}
 			$statement->execute();
 			return $statement;
 		}
 		catch (PDOException $e)
 		{
 			ob_start();
 			$debug = ob_get_clean();
 			throw new Exception($e->getMessage() . "\n" . var_export($e->errorInfo, true) . "\n" . var_export($db_values, true));
 		}
 	}
 	/**
-	 * Executes a query, returning an object of the row it returns.
+	 * Escapes and quotes a string just like db_query, but does not execute the query.
 	 * Useful for debugging purposes.
 	 */
-	public function queryObject($class, $db_string, $db_values = [])
+	public function quote($db_string, $db_values = [])
 	{
-		$res = $this->query($db_string, $db_values);
+		// Please, just use new style queries.
 		if (strpos($db_string, '\'') !== false)
 			trigger_error('Hack attempt!', 'Illegal character (\') used in query.', E_USER_ERROR);
-		if (!$res || $this->rowCount($res) === 0)
+		// Save some values for use in the callback function.
-			return null;
+		$this->db_callback = [$db_values, $this->connection];
-		$object = $this->fetchObject($res, $class);
+		// Insert the values passed to this function.
-		$this->free($res);
+		$db_string = preg_replace_callback('~{([a-z_]+)(?::([a-zA-Z0-9_-]+))?}~', [&$this, 'replacement_callback'], $db_string);
-		return $object;
+		// Save some memory.
-	}
+		$this->db_callback = [];
-	/**
+		return $db_string;
 	 * Executes a query, returning an array of objects of all the rows returns.
 	 */
 	public function queryObjects($class, $db_string, $db_values = [])
 	{
 		$res = $this->query($db_string, $db_values);
 		if (!$res || $this->rowCount($res) === 0)
 			return [];
 		$rows = [];
 		while ($object = $this->fetchObject($res, $class))
 			$rows[] = $object;
 		$this->free($res);
 		return $rows;
 	}
 	/**
 	 * Executes a query, returning an array of all the rows it returns.
 	 */
-	public function queryRow($db_string, array $db_values = [])
+	public function queryRow($db_string, $db_values = [])
 	{
 		$res = $this->query($db_string, $db_values);
-		if ($this->rowCount($res) === 0)
+		if (!$res || $this->num_rows($res) == 0)
 			return [];
-		$row = $this->fetchNum($res);
+		$row = $this->fetch_row($res);
-		$this->free($res);
+		$this->free_result($res);
 		return $row;
 	}
@ -270,18 +358,18 @@ class Database
 	/**
 	 * Executes a query, returning an array of all the rows it returns.
 	 */
-	public function queryRows($db_string, array $db_values = [])
+	public function queryRows($db_string, $db_values = [])
 	{
 		$res = $this->query($db_string, $db_values);
-		if ($this->rowCount($res) === 0)
+		if (!$res || $this->num_rows($res) == 0)
 			return [];
 		$rows = [];
-		while ($row = $this->fetchNum($res))
+		while ($row = $this->fetch_row($res))
 			$rows[] = $row;
-		$this->free($res);
+		$this->free_result($res);
 		return $rows;
 	}
@ -289,18 +377,18 @@ class Database
 	/**
 	 * Executes a query, returning an array of all the rows it returns.
 	 */
-	public function queryPair($db_string, array $db_values = [])
+	public function queryPair($db_string, $db_values = [])
 	{
 		$res = $this->query($db_string, $db_values);
-		if ($this->rowCount($res) === 0)
+		if (!$res || $this->num_rows($res) == 0)
 			return [];
 		$rows = [];
-		while ($row = $this->fetchNum($res))
+		while ($row = $this->fetch_row($res))
 			$rows[$row[0]] = $row[1];
-		$this->free($res);
+		$this->free_result($res);
 		return $rows;
 	}
@ -308,21 +396,21 @@ class Database
 	/**
 	 * Executes a query, returning an array of all the rows it returns.
 	 */
-	public function queryPairs($db_string, $db_values = array())
+	public function queryPairs($db_string, $db_values = [])
 	{
 		$res = $this->query($db_string, $db_values);
-		if (!$res || $this->rowCount($res) === 0)
+		if (!$res || $this->num_rows($res) == 0)
 			return [];
 		$rows = [];
-		while ($row = $this->fetchAssoc($res))
+		while ($row = $this->fetch_assoc($res))
 		{
 			$key_value = reset($row);
 			$rows[$key_value] = $row;
 		}
-		$this->free($res);
+		$this->free_result($res);
 		return $rows;
 	}
@ -330,15 +418,15 @@ class Database
 	/**
 	 * Executes a query, returning an associative array of all the rows it returns.
 	 */
-	public function queryAssoc($db_string, array $db_values = [])
+	public function queryAssoc($db_string, $db_values = [])
 	{
 		$res = $this->query($db_string, $db_values);
-		if ($this->rowCount($res) === 0)
+		if (!$res || $this->num_rows($res) == 0)
 			return [];
-		$row = $this->fetchAssoc($res);
+		$row = $this->fetch_assoc($res);
-		$this->free($res);
+		$this->free_result($res);
 		return $row;
 	}
@ -346,18 +434,18 @@ class Database
 	/**
 	 * Executes a query, returning an associative array of all the rows it returns.
 	 */
-	public function queryAssocs($db_string, array $db_values = [])
+	public function queryAssocs($db_string, $db_values = [], $connection = null)
 	{
 		$res = $this->query($db_string, $db_values);
-		if ($this->rowCount($res) === 0)
+		if (!$res || $this->num_rows($res) == 0)
 			return [];
 		$rows = [];
-		while ($row = $this->fetchAssoc($res))
+		while ($row = $this->fetch_assoc($res))
 			$rows[] = $row;
-		$this->free($res);
+		$this->free_result($res);
 		return $rows;
 	}
@ -365,16 +453,16 @@ class Database
 	/**
 	 * Executes a query, returning the first value of the first row.
 	 */
-	public function queryValue($db_string, array $db_values = [])
+	public function queryValue($db_string, $db_values = [])
 	{
 		$res = $this->query($db_string, $db_values);
 		// If this happens, you're doing it wrong.
-		if ($this->rowCount($res) === 0)
+		if (!$res || $this->num_rows($res) == 0)
 			return null;
-		list($value) = $this->fetchNum($res);
+		list($value) = $this->fetch_row($res);
-		$this->free($res);
+		$this->free_result($res);
 		return $value;
 	}
@ -382,18 +470,18 @@ class Database
 	/**
 	 * Executes a query, returning an array of the first value of each row.
 	 */
-	public function queryValues($db_string, array $db_values = [])
+	public function queryValues($db_string, $db_values = [])
 	{
 		$res = $this->query($db_string, $db_values);
-		if ($this->rowCount($res) === 0)
+		if (!$res || $this->num_rows($res) == 0)
 			return [];
 		$rows = [];
-		while ($row = $this->fetchNum($res))
+		while ($row = $this->fetch_row($res))
 			$rows[] = $row[0];
-		$this->free($res);
+		$this->free_result($res);
 		return $rows;
 	}
@ -411,45 +499,35 @@ class Database
 		if (!is_array($data[array_rand($data)]))
 			$data = [$data];
 		// Determine the method of insertion.
 		$method = $method == 'replace' ? 'REPLACE' : ($method == 'ignore' ? 'INSERT IGNORE' : 'INSERT');
 		// What columns are we inserting?
 		$columns = array_keys($data[0]);
 		// Start building the query.
 		$db_string = $method . ' INTO ' . $table . ' (' . implode(',', $columns) . ') VALUES ';
 		// Create the mold for a single row insert.
-		$placeholders = '(' . substr(str_repeat('?, ', count($columns)), 0, -2) . '), ';
+		$insertData = '(';
-
+		foreach ($columns as $columnName => $type)
 		// Append it for every row we're to insert.
 		$values = [];
 		foreach ($data as $row)
 		{
-			$values = array_merge($values, array_values($row));
+			// Are we restricting the length?
-			$db_string .= $placeholders;
+			if (strpos($type, 'string-') !== false)
 				$insertData .= sprintf('SUBSTRING({string:%1$s}, 1, ' . substr($type, 7) . '), ', $columnName);
 			else
 				$insertData .= sprintf('{%1$s:%2$s}, ', $type, $columnName);
 		}
 		$insertData = substr($insertData, 0, -2) . ')';
-		// Get rid of the tailing comma.
+		// Create an array consisting of only the columns.
-		$db_string = substr($db_string, 0, -2);
+		$indexed_columns = array_keys($columns);
-		// Prepare for your impending demise!
+		// Here's where the variables are injected to the query.
-		$statement = $this->connection->prepare($db_string);
+		$insertRows = [];
 		foreach ($data as $dataRow)
 			$insertRows[] = $this->quote($insertData, array_combine($indexed_columns, $dataRow));
-		// Bind parameters... the hard way, due to a limit/offset hack.
+		// Determine the method of insertion.
-		foreach ($values as $key => $value)
+		$queryTitle = $method === 'replace' ? 'REPLACE' : ($method === 'ignore' ? 'INSERT IGNORE' : 'INSERT');
 			$statement->bindValue($key + 1, $values[$key]);
-		// Handle errors.
+		// Do the insert.
-		try
+		return $this->query('
-		{
+			' . $queryTitle . ' INTO ' . $table . ' (`' . implode('`, `', $indexed_columns) . '`)
-			$statement->execute();
+			VALUES
-			return $statement;
+				' . implode(',
-		}
+				', $insertRows),
-		catch (PDOException $e)
+			['security_override' => true]);
 		{
 			throw new Exception($e->getMessage() . '<br><br>' . $db_string . '<br><br>' . print_r($values, true));
 		}
 	}
 }
--- a/models/Dispatcher.php
+++ b/models/Dispatcher.php
@ -44,19 +44,6 @@ class Dispatcher
 		}
 	}
 	public static function errorPage($title, $body)
 	{
 		$page = new MainTemplate($title);
 		$page->adopt(new ErrorPage($title, $body));
 		if (Registry::get('user')->isAdmin())
 		{
 			$page->appendStylesheet(BASEURL . '/css/admin.css');
 		}
 		$page->html_main();
 	}
 	/**
 	 * Kicks a guest to a login form, redirecting them back to this page upon login.
 	 */
@ -73,24 +60,37 @@ class Dispatcher
 		exit;
 	}
-	private static function trigger400()
+	public static function trigger400()
 	{
-		http_response_code(400);
+		header('HTTP/1.1 400 Bad Request');
-		self::errorPage('Bad request', 'The server does not understand your request.');
+		$page = new MainTemplate('Bad request');
 		$page->adopt(new DummyBox('Bad request', '<p>The server does not understand your request.</p>'));
 		$page->html_main();
 		exit;
 	}
-	private static function trigger403()
+	public static function trigger403()
 	{
-		http_response_code(403);
+		header('HTTP/1.1 403 Forbidden');
-		self::errorPage('Forbidden', 'You do not have access to this page.');
+		$page = new MainTemplate('Access denied');
 		$page->adopt(new DummyBox('Forbidden', '<p>You do not have access to the page you requested.</p>'));
 		$page->html_main();
 		exit;
 	}
-	private static function trigger404()
+	public static function trigger404()
 	{
-		http_response_code(404);
+		header('HTTP/1.1 404 Not Found');
-		$page = new ViewErrorPage('Page not found!');
+		$page = new MainTemplate('Page not found');
-		$page->showContent();
+
 		if (Registry::has('user') && Registry::get('user')->isAdmin())
 		{
 			$page->appendStylesheet(BASEURL . '/css/admin.css');
 		}
 		$page->adopt(new DummyBox('Well, this is a bit embarrassing!', '<p>The page you requested could not be found. Don\'t worry, it\'s probably not your fault. You\'re welcome to browse the website, though!</p>', 'errormsg'));
 		$page->addClass('errorpage');
 		$page->html_main();
 		exit;
 	}
 }
--- a/models/ErrorHandler.php
+++ b/models/ErrorHandler.php
@ -3,7 +3,7 @@
 * ErrorHandler.php
 * Contains key class ErrorHandler.
 *
- * Kabuki CMS (C) 2013-2025, Aaron van Geffen
+ * Kabuki CMS (C) 2013-2016, Aaron van Geffen
 *****************************************************************************/
 class ErrorHandler
@ -47,8 +47,10 @@ class ErrorHandler
 		// Log the error in the database.
 		self::logError($error_message, $debug_info, $file, $line);
-		// Display error and exit.
+		// Are we considering this fatal? Then display and exit.
-		self::display($error_message, $file, $line, $debug_info);
+		// !!! TODO: should we consider warnings fatal?
 		if (true) // DEBUG || (!DEBUG && $error_level === E_WARNING || $error_level === E_USER_WARNING))
 			self::display($file . ' (' . $line . ')<br>' . $error_message, $debug_info);
 		// If it wasn't a fatal error, well...
 		self::$handling_error = false;
@ -116,7 +118,7 @@ class ErrorHandler
 	}
 	// Logs an error into the database.
-	public static function logError($error_message = '', $debug_info = '', $file = '', $line = 0)
+	private static function logError($error_message = '', $debug_info = '', $file = '', $line = 0)
 	{
 		if (!ErrorLog::log([
 			'message' => $error_message,
@ -128,7 +130,7 @@ class ErrorHandler
 			'request_uri' => isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '',
 			]))
 		{
-			http_response_code(503);
+			header('HTTP/1.1 503 Service Temporarily Unavailable');
 			echo '<h2>An Error Occurred</h2><p>Our software could not connect to the database. We apologise for any inconvenience and ask you to check back later.</p>';
 			exit;
 		}
@ -136,7 +138,7 @@ class ErrorHandler
 		return $error_message;
 	}
-	public static function display($message, $file, $line, $debug_info, $is_sensitive = true)
+	public static function display($message, $debug_info, $is_sensitive = true)
 	{
 		$is_admin = Registry::has('user') && Registry::get('user')->isAdmin();
@ -165,8 +167,7 @@ class ErrorHandler
 		$is_admin = Registry::has('user') && Registry::get('user')->isAdmin();
 		if (DEBUG || $is_admin)
 		{
-			$debug_info = sprintf("Trigger point:\n%s (L%d)\n\n%s", $file, $line, $debug_info);
+			$page->adopt(new DummyBox('An error occurred!', '<p>' . $message . '</p><pre>' . $debug_info . '</pre>'));
 			$page->adopt(new ErrorPage('An error occurred!', $message, $debug_info));
 			// Let's provide the admin navigation despite it all!
 			if ($is_admin)
@ -175,9 +176,9 @@ class ErrorHandler
 			}
 		}
 		elseif (!$is_sensitive)
-			$page->adopt(new ErrorPage('An error occurred!', '<p>' . $message . '</p>'));
+			$page->adopt(new DummyBox('An error occurred!', '<p>' . $message . '</p>'));
 		else
-			$page->adopt(new ErrorPage('An error occurred!', 'Our apologies, an error occurred while we were processing your request. Please try again later, or contact us if the problem persists.'));
+			$page->adopt(new DummyBox('An error occurred!', '<p>Our apologies, an error occurred while we were processing your request. Please try again later, or contact us if the problem persists.</p>'));
 		// If we got this far, make sure we're not showing stuff twice.
 		ob_end_clean();
--- a/models/ErrorLog.php
+++ b/models/ErrorLog.php
@ -17,14 +17,14 @@ class ErrorLog
 			INSERT INTO log_errors
 			(id_user, message, debug_info, file, line, request_uri, time, ip_address)
 			VALUES
-			(:id_user, :message, :debug_info, :file, :line,
+			({int:id_user}, {string:message}, {string:debug_info}, {string:file}, {int:line},
-			 :request_uri, CURRENT_TIMESTAMP, :ip_address)',
+			 {string:request_uri}, CURRENT_TIMESTAMP, {string:ip_address})',
 			$data);
 	}
 	public static function flush()
 	{
-		return Registry::get('db')->query('DELETE FROM log_errors');
+		return Registry::get('db')->query('TRUNCATE log_errors');
 	}
 	public static function getCount()
@ -33,20 +33,4 @@ class ErrorLog
 			SELECT COUNT(*)
 			FROM log_errors');
 	}
 	public static function getOffset($offset, $limit, $order, $direction)
 	{
 		assert(in_array($order, ['id_entry', 'file', 'line', 'time', 'ipaddress', 'id_user']));
 		$order = $order . ($direction === 'up' ? ' ASC' : ' DESC');
 		return Registry::get('db')->queryAssocs('
 			SELECT *
 			FROM log_errors
 			ORDER BY ' . $order . '
 			LIMIT :offset, :limit',
 			[
 				'offset' => $offset,
 				'limit' => $limit,
 			]);
 	}
 }
--- a/models/GenericTable.php
+++ b/models/GenericTable.php
@ -15,6 +15,7 @@ class GenericTable
 	private $title;
 	private $title_class;
 	private $tableIsSortable = false;
 	public $form_above;
 	public $form_below;
@ -28,22 +29,58 @@ class GenericTable
 	public function __construct($options)
 	{
-		$this->initOrder($options);
+		// Make sure we're actually sorting on something sortable.
-		$this->initPagination($options);
+		if (!isset($options['sort_order']) || (!empty($options['sort_order']) && empty($options['columns'][$options['sort_order']]['is_sortable'])))
 			$options['sort_order'] = '';
-		$data = $options['get_data']($this->start, $this->items_per_page,
+		// Order in which direction?
-			$this->sort_order, $this->sort_direction);
+		if (!empty($options['sort_direction']) && !in_array($options['sort_direction'], ['up', 'down']))
 			$options['sort_direction'] = 'up';
 		// Make sure we know whether we can actually sort on something.
 		$this->tableIsSortable = !empty($options['base_url']);
 		// How much data do we have?
 		$this->recordCount = $options['get_count'](...(!empty($options['get_count_params']) ? $options['get_count_params'] : []));
 		// How much data do we need to retrieve?
 		$this->items_per_page = !empty($options['items_per_page']) ? $options['items_per_page'] : 30;
 		// Figure out where to start.
 		$this->start = empty($options['start']) || !is_numeric($options['start']) || $options['start'] < 0 || $options['start'] > $this->recordCount ? 0 : $options['start'];
 		// Figure out where we are on the whole, too.
 		$numPages = max(1, ceil($this->recordCount / $this->items_per_page));
 		$this->currentPage = min(ceil($this->start / $this->items_per_page) + 1, $numPages);
 		// Let's bear a few things in mind...
 		$this->base_url = $options['base_url'];
 		// Gather parameters for the data gather function first.
 		$parameters = [$this->start, $this->items_per_page, $options['sort_order'], $options['sort_direction']];
 		if (!empty($options['get_data_params']) && is_array($options['get_data_params']))
 			$parameters = array_merge($parameters, $options['get_data_params']);
 		// Okay, let's fetch the data!
 		$data = $options['get_data'](...$parameters);
 		// Extract data into local variables.
 		$rawRowData = $data['rows'];
 		$this->sort_order = $data['order'];
 		$this->sort_direction = $data['direction'];
 		unset($data);
 		// Okay, now for the column headers...
 		$this->generateColumnHeaders($options);
 		// Should we create a page index?
-		if ($this->recordCount > $this->items_per_page)
+		$needsPageIndex = !empty($this->items_per_page) && $this->recordCount > $this->items_per_page;
 		if ($needsPageIndex)
 			$this->generatePageIndex($options);
 		// Process the data to be shown into rows.
-		if (!empty($data))
+		if (!empty($rawRowData))
-			$this->processAllRows($data, $options);
+			$this->processAllRows($rawRowData, $options);
 		else
 			$this->body = $options['no_items_label'] ?? '';
@ -58,38 +95,6 @@ class GenericTable
 		$this->form_below = $options['form_below'] ?? $options['form'] ?? null;
 	}
 	private function initOrder($options)
 	{
 		assert(isset($options['default_sort_order']));
 		assert(isset($options['default_sort_direction']));
 		// Validate sort order (column)
 		$this->sort_order = $options['sort_order'];
 		if (empty($this->sort_order) || empty($options['columns'][$this->sort_order]['is_sortable']))
 			$this->sort_order = $options['default_sort_order'];
 		// Validate sort direction
 		$this->sort_direction = $options['sort_direction'];
 		if (empty($this->sort_direction) || !in_array($this->sort_direction, ['up', 'down']))
 			$this->sort_direction = $options['default_sort_direction'];
 	}
 	private function initPagination(array $options)
 	{
 		assert(isset($options['base_url']));
 		assert(isset($options['items_per_page']));
 		$this->base_url = $options['base_url'];
 		$this->recordCount = $options['get_count']();
 		$this->items_per_page = !empty($options['items_per_page']) ? $options['items_per_page'] : 30;
 		$this->start = empty($options['start']) || !is_numeric($options['start']) || $options['start'] < 0 || $options['start'] > $this->recordCount ? 0 : $options['start'];
 		$numPages = max(1, ceil($this->recordCount / $this->items_per_page));
 		$this->currentPage = min(ceil($this->start / $this->items_per_page) + 1, $numPages);
 	}
 	private function generateColumnHeaders($options)
 	{
 		foreach ($options['columns'] as $key => $column)
@ -97,14 +102,14 @@ class GenericTable
 			if (empty($column['header']))
 				continue;
-			$isSortable = !empty($column['is_sortable']);
+			$isSortable = $this->tableIsSortable && !empty($column['is_sortable']);
 			$sortDirection = $key == $this->sort_order && $this->sort_direction === 'up' ? 'down' : 'up';
 			$header = [
 				'class' => isset($column['class']) ? $column['class'] : '',
 				'cell_class' => isset($column['cell_class']) ? $column['cell_class'] : null,
 				'colspan' => !empty($column['header_colspan']) ? $column['header_colspan'] : 1,
-				'href' => $isSortable ? $this->getHeaderLink($this->start, $key, $sortDirection) : null,
+				'href' => $isSortable ? $this->getLink($this->start, $key, $sortDirection) : null,
 				'label' => $column['header'],
 				'scope' => 'col',
 				'sort_mode' => $key == $this->sort_order ? $this->sort_direction : null,
@ -121,7 +126,7 @@ class GenericTable
 			'base_url' => $this->base_url,
 			'index_class' => $options['index_class'] ?? '',
 			'items_per_page' => $this->items_per_page,
-			'linkBuilder' => [$this, 'getHeaderLink'],
+			'linkBuilder' => [$this, 'getLink'],
 			'recordCount' => $this->recordCount,
 			'sort_direction' => $this->sort_direction,
 			'sort_order' => $this->sort_order,
@ -129,7 +134,7 @@ class GenericTable
 		]);
 	}
-	public function getHeaderLink($start = null, $order = null, $dir = null)
+	public function getLink($start = null, $order = null, $dir = null)
 	{
 		if ($start === null)
 			$start = $this->start;
@ -191,18 +196,12 @@ class GenericTable
 			foreach ($options['columns'] as $column)
 			{
-				// Process formatting
+				// Process data for this particular cell.
-				if (isset($column['format']) && is_callable($column['format']))
+				if (isset($column['parse']))
-					$value = $column['format']($row);
+					$value = self::processCell($column['parse'], $row);
 				elseif (isset($column['format']))
 					$value = self::processFormatting($column['format'], $row);
 				else
 					$value = $row[$column['value']];
 				// Turn value into a link?
 				if (!empty($column['link']))
 					$value = $this->processLink($column['link'], $value, $row);
 				// Append the cell to the row.
 				$newRow['cells'][] = [
 					'class' => $column['cell_class'] ?? '',
@ -215,47 +214,68 @@ class GenericTable
 		}
 	}
-	private function processFormatting($options, $rowData)
+	private function processCell($options, $rowData)
 	{
-		if ($options['type'] === 'timestamp')
+		if (!isset($options['type']))
 			$options['type'] = 'value';
 		// Parse the basic value first.
 		switch ($options['type'])
 		{
-			if (empty($options['pattern']) || $options['pattern'] === 'long')
+			// Basic option: simply take a use a particular data property.
 			case 'value':
 				$value = htmlspecialchars($rowData[$options['data']]);
 				break;
 			// Processing via a lambda function.
 			case 'function':
 				$value = $options['data']($rowData);
 				break;
 			// Using sprintf to fill out a particular pattern.
 			case 'sprintf':
 				$parameters = [$options['data']['pattern']];
 				foreach ($options['data']['arguments'] as $identifier)
 					$parameters[] = $rowData[$identifier];
 				$value = sprintf(...$parameters);
 				break;
 			// Timestamps get custom treatment.
 			case 'timestamp':
 				if (empty($options['data']['pattern']) || $options['data']['pattern'] === 'long')
 					$pattern = 'Y-m-d H:i';
-			elseif ($options['pattern'] === 'short')
+				elseif ($options['data']['pattern'] === 'short')
 					$pattern = 'Y-m-d';
 				else
-				$pattern = $options['pattern'];
+					$pattern = $options['data']['pattern'];
-			assert(array_key_exists($options['value'], $rowData));
+				if (!isset($rowData[$options['data']['timestamp']]))
-			if (isset($rowData[$options['value']]) && !is_numeric($rowData[$options['value']]))
+					$timestamp = 0;
-				$timestamp = strtotime($rowData[$options['value']]);
+				elseif (!is_numeric($rowData[$options['data']['timestamp']]))
 					$timestamp = strtotime($rowData[$options['data']['timestamp']]);
 				else
-				$timestamp = (int) $rowData[$options['value']];
+					$timestamp = (int) $rowData[$options['data']['timestamp']];
-			if (isset($options['if_null']) && $timestamp == 0)
+				if (isset($options['data']['if_null']) && $timestamp == 0)
-				$value = $options['if_null'];
+					$value = $options['data']['if_null'];
 				else
 					$value = date($pattern, $timestamp);
-
+				break;
 			return $value;
 		}
 		else
 			throw ValueError('Unexpected formatter type: ' . $options['type']);
 		}
-	private function processLink($template, $value, array $rowData)
+		// Generate a link, if requested.
-	{
+		if (!empty($options['link']))
 		$href = $this->rowReplacements($template, $rowData);
 		return '<a href="' . $href . '">' . $value . '</a>';
 	}
 	private function rowReplacements($template, array $rowData)
 		{
 			// First, generate the replacement variables.
 			$keys = array_keys($rowData);
 			$values = array_values($rowData);
 			foreach ($keys as $keyKey => $keyValue)
 				$keys[$keyKey] = '{' . strtoupper($keyValue) . '}';
-		return str_replace($keys, $values, $template);
+			$value = '<a href="' . str_replace($keys, $values, $options['link']) . '">' . $value . '</a>';
 		}
 		return $value;
 	}
 }
--- a/models/Image.php
+++ b/models/Image.php
@ -12,6 +12,12 @@ class Image extends Asset
 	const TYPE_LANDSCAPE = 2;
 	const TYPE_PORTRAIT = 4;
 	protected function __construct(array $data)
 	{
 		foreach ($data as $attribute => $value)
 			$this->$attribute = $value;
 	}
 	public static function fromId($id_asset, $return_format = 'object')
 	{
 		$asset = parent::fromId($id_asset, 'array');
@ -165,7 +171,7 @@ class Image extends Asset
 		return Registry::get('db')->query('
 			DELETE FROM assets_thumbs
-			WHERE id_asset = :id_asset',
+			WHERE id_asset = {int:id_asset}',
 			['id_asset' => $this->id_asset]);
 	}
@ -183,9 +189,9 @@ class Image extends Asset
 		return Registry::get('db')->query('
 			DELETE FROM assets_thumbs
-			WHERE id_asset = :id_asset AND
+			WHERE id_asset = {int:id_asset} AND
-				width = :width AND
+				width = {int:width} AND
-				height = :height',
+				height = {int:height}',
 			[
 				'height' => $height,
 				'id_asset' => $this->id_asset,
--- a/models/Member.php
+++ b/models/Member.php
@ -8,7 +8,7 @@
 class Member extends User
 {
-	private function __construct($data = [])
+	private function __construct($data)
 	{
 		foreach ($data as $key => $value)
 			$this->$key = $value;
@ -18,21 +18,12 @@ class Member extends User
 		$this->is_admin = $this->is_admin == 1;
 	}
 	public static function fromEmailAddress($email_address)
 	{
 		return Registry::get('db')->queryObject(static::class, '
 			SELECT *
 			FROM users
 			WHERE emailaddress = :email_address',
 			['email_address' => $email_address]);
 	}
 	public static function fromId($id_user)
 	{
 		$row = Registry::get('db')->queryAssoc('
 			SELECT *
 			FROM users
-			WHERE id_user = :id_user',
+			WHERE id_user = {int:id_user}',
 			[
 				'id_user' => $id_user,
 			]);
@ -49,7 +40,7 @@ class Member extends User
 		$row = Registry::get('db')->queryAssoc('
 			SELECT *
 			FROM users
-			WHERE slug = :slug',
+			WHERE slug = {string:slug}',
 			[
 				'slug' => $slug,
 			]);
@ -77,7 +68,6 @@ class Member extends User
 			'creation_time' => time(),
 			'ip_address' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '',
 			'is_admin' => empty($data['is_admin']) ? 0 : 1,
 			'reset_key' => '',
 		];
 		if ($error)
@ -93,13 +83,12 @@ class Member extends User
 			'creation_time' => 'int',
 			'ip_address' => 'string-45',
 			'is_admin' => 'int',
 			'reset_key' => 'string-16'
 		], $new_user, ['id_user']);
 		if (!$bool)
 			return false;
-		$new_user['id_user'] = $db->insertId();
+		$new_user['id_user'] = $db->insert_id();
 		$member = new Member($new_user);
 		return $member;
@ -127,14 +116,14 @@ class Member extends User
 		return Registry::get('db')->query('
 			UPDATE users
 			SET
-				first_name = :first_name,
+				first_name = {string:first_name},
-				surname = :surname,
+				surname = {string:surname},
-				slug = :slug,
+				slug = {string:slug},
-				emailaddress = :emailaddress,
+				emailaddress = {string:emailaddress},
-				password_hash = :password_hash,
+				password_hash = {string:password_hash},
-				is_admin = :is_admin
+				is_admin = {int:is_admin}
-			WHERE id_user = :id_user',
+			WHERE id_user = {int:id_user}',
-			get_object_vars($this));
+			$params);
 	}
 	/**
@ -145,7 +134,7 @@ class Member extends User
 	{
 		return Registry::get('db')->query('
 			DELETE FROM users
-			WHERE id_user = :id_user',
+			WHERE id_user = {int:id_user}',
 			['id_user' => $this->id_user]);
 	}
@ -160,7 +149,7 @@ class Member extends User
 		$res = Registry::get('db')->queryValue('
 			SELECT id_user
 			FROM users
-			WHERE emailaddress = :emailaddress',
+			WHERE emailaddress = {string:emailaddress}',
 			[
 				'emailaddress' => $emailaddress,
 			]);
@ -176,9 +165,9 @@ class Member extends User
 		return Registry::get('db')->query('
 			UPDATE users
 			SET
-				last_action_time = :now,
+				last_action_time = {int:now},
-				ip_address = :ip
+				ip_address = {string:ip}
-			WHERE id_user = :id',
+			WHERE id_user = {int:id}',
 			[
 				'now' => time(),
 				'id' => $this->id_user,
@ -198,22 +187,6 @@ class Member extends User
 			FROM users');
 	}
 	public static function getOffset($offset, $limit, $order, $direction)
 	{
 		assert(in_array($order, ['id_user', 'surname', 'first_name', 'slug', 'emailaddress', 'last_action_time', 'ip_address', 'is_admin']));
 		$order = $order . ($direction === 'up' ? ' ASC' : ' DESC');
 		return Registry::get('db')->queryAssocs('
 			SELECT *
 			FROM users
 			ORDER BY ' . $order . '
 			LIMIT :offset, :limit',
 			[
 				'offset' => $offset,
 				'limit' => $limit,
 			]);
 	}
 	public function getProps()
 	{
 		// We should probably phase out the use of this function, or refactor the access levels of member properties...
@ -223,7 +196,7 @@ class Member extends User
 	public static function getMemberMap()
 	{
 		return Registry::get('db')->queryPair('
-			SELECT id_user, CONCAT(first_name, :blank, surname) AS full_name
+			SELECT id_user, CONCAT(first_name, {string:blank}, surname) AS full_name
 			FROM users
 			ORDER BY first_name, surname',
 			[
--- a/models/PhotoAlbum.php
+++ b/models/PhotoAlbum.php
@ -0,0 +1,76 @@
 <?php
 /*****************************************************************************
 * PhotoAlbum.php
 * Contains key class PhotoAlbum.
 *
 * Kabuki CMS (C) 2013-2015, Aaron van Geffen
 *****************************************************************************/
 class PhotoAlbum extends Tag
 {
 	public static function getHierarchy($order, $direction)
 	{
 		$db = Registry::get('db');
 		$res = $db->query('
 			SELECT *
 			FROM tags
 			WHERE kind = {string:album}
 			ORDER BY id_parent, {raw:order}',
 			[
 				'order' => $order . ($direction == 'up' ? ' ASC' : ' DESC'),
 				'album' => 'Album',
 			]);
 		$albums_by_parent = [];
 		while ($row = $db->fetch_assoc($res))
 		{
 			if (!isset($albums_by_parent[$row['id_parent']]))
 				$albums_by_parent[$row['id_parent']] = [];
 			$albums_by_parent[$row['id_parent']][] = $row + ['children' => []];
 		}
 		$albums = self::getChildrenRecursively(0, 0, $albums_by_parent);
 		$rows = self::flattenChildrenRecursively($albums);
 		return $rows;
 	}
 	private static function getChildrenRecursively($id_parent, $level, &$albums_by_parent)
 	{
 		$children = [];
 		if (!isset($albums_by_parent[$id_parent]))
 			return $children;
 		foreach ($albums_by_parent[$id_parent] as $child)
 		{
 			if (isset($albums_by_parent[$child['id_tag']]))
 				$child['children'] = self::getChildrenRecursively($child['id_tag'], $level + 1, $albums_by_parent);
 			$child['tag'] = ($level ? str_repeat('—', $level * 2) . ' ' : '') . $child['tag'];
 			$children[] = $child;
 		}
 		return $children;
 	}
 	private static function flattenChildrenRecursively($albums)
 	{
 		if (empty($albums))
 			return [];
 		$rows = [];
 		foreach ($albums as $album)
 		{
 			$rows[] = array_intersect_key($album, array_flip(['id_tag', 'tag', 'slug', 'count']));
 			if (!empty($album['children']))
 			{
 				$children = self::flattenChildrenRecursively($album['children']);
 				foreach ($children as $child)
 					$rows[] = array_intersect_key($child, array_flip(['id_tag', 'tag', 'slug', 'count']));
 			}
 		}
 		return $rows;
 	}
 }
--- a/models/PhotoMosaic.php
+++ b/models/PhotoMosaic.php
@ -8,11 +8,11 @@
 class PhotoMosaic
 {
-	private bool $descending;
+	private $descending;
 	private AssetIterator $iterator;
-	private array $layouts;
+	private $layouts;
-	private int $processedImages = 0;
+	private $processedImages = 0;
-	private array $queue = [];
+	private $queue = [];
 	const IMAGE_MASK_ALL = Image::TYPE_PORTRAIT | Image::TYPE_LANDSCAPE | Image::TYPE_PANORAMA;
 	const NUM_DAYS_CUTOFF = 7;
@ -25,6 +25,11 @@ class PhotoMosaic
 		$this->descending = $iterator->isDescending();
 	}
 	public function __destruct()
 	{
 		$this->iterator->clean();
 	}
 	private function availableLayouts()
 	{
 		static $layouts = [
@ -81,14 +86,9 @@ class PhotoMosaic
 			}
 		}
-		// Check whatever's up next!
+		// Check whatever's next up!
-		// NB: not is not a `foreach` so as to not reset the iterator implicitly
+		while (($asset = $this->iterator->next()) && ($image = $asset->getImage()))
 		while ($this->iterator->valid())
 		{
 			$asset = $this->iterator->current();
 			$image = $asset->getImage();
 			$this->iterator->next();
 			// Give up on the recordset once dates are too far apart
 			if (isset($refDate) && abs(self::daysApart($image->getDateCaptured(), $refDate)) > self::NUM_DAYS_CUTOFF)
 			{
--- a/models/Registry.php
+++ b/models/Registry.php
@ -24,7 +24,7 @@ class Registry
 	public static function get($key)
 	{
 		if (!isset(self::$storage[$key]))
-			throw new Exception('Key does not exist in Registry: ' . $key);
+			trigger_error('Key does not exist in Registry: ' . $key, E_USER_ERROR);
 		return self::$storage[$key];
 	}
@ -32,7 +32,7 @@ class Registry
 	public static function remove($key)
 	{
 		if (!isset(self::$storage[$key]))
-			throw new Exception('Key does not exist in Registry: ' . $key);
+			trigger_error('Key does not exist in Registry: ' . $key, E_USER_ERROR);
 		unset(self::$storage[$key]);
 	}
--- a/models/Session.php
+++ b/models/Session.php
@ -33,7 +33,7 @@ class Session
 	public static function getSessionToken()
 	{
 		if (empty($_SESSION['session_token']))
-			throw new Exception('Call to getSessionToken without a session token being set!');
+			trigger_error('Call to getSessionToken without a session token being set!', E_USER_ERROR);
 		return $_SESSION['session_token'];
 	}
@ -41,7 +41,7 @@ class Session
 	public static function getSessionTokenKey()
 	{
 		if (empty($_SESSION['session_token_key']))
-			throw new Exception('Call to getSessionTokenKey without a session token key being set!');
+			trigger_error('Call to getSessionTokenKey without a session token key being set!', E_USER_ERROR);
 		return $_SESSION['session_token_key'];
 	}
--- a/models/Setting.php
+++ b/models/Setting.php
@ -21,7 +21,7 @@ class Setting
 			REPLACE INTO settings
 			(id_user, variable, value, time_set)
 			VALUES
-			(:id_user, :key, :value, CURRENT_TIMESTAMP())',
+			({int:id_user}, {string:key}, {string:value}, CURRENT_TIMESTAMP())',
 			[
 				'id_user' => $id_user,
 				'key' => $key,
@ -45,7 +45,7 @@ class Setting
 		$value = Registry::get('db')->queryValue('
 			SELECT value
 			FROM settings
-			WHERE id_user = :id_user AND variable = :key',
+			WHERE id_user = {int:id_user} AND variable = {string:key}',
 			[
 				'id_user' => $id_user,
 				'key' => $key,
@ -63,30 +63,11 @@ class Setting
 	public static function remove($key, $id_user = null)
 	{
 		// User setting or global setting?
 		if ($id_user === null)
 			$id_user = Registry::get('user')->getUserId();
 		$pairs = Registry::get('db')->queryPair('
 			SELECT variable, value
 			FROM settings
 			WHERE id_user = :id_user',
 			[
 				'id_user' => $id_user,
 			]);
 		return $pairs;
 	}
 	public static function remove($key, $id_user = 0)
 	{
 		// User setting or global setting?
 		if ($id_user === null)
 		$id_user = Registry::get('user')->getUserId();
 		if (Registry::get('db')->query('
 			DELETE FROM settings
-			WHERE id_user = :id_user AND variable = :key',
+			WHERE id_user = {int:id_user} AND variable = {string:key}',
 			[
 				'id_user' => $id_user,
 				'key' => $key,
--- a/models/Tag.php
+++ b/models/Tag.php
@ -24,11 +24,6 @@ class Tag
 			$this->$attribute = $value;
 	}
 	public function __toString()
 	{
 		return $this->tag;
 	}
 	public static function fromId($id_tag, $return_format = 'object')
 	{
 		$db = Registry::get('db');
@ -36,7 +31,7 @@ class Tag
 		$row = $db->queryAssoc('
 			SELECT *
 			FROM tags
-			WHERE id_tag = :id_tag',
+			WHERE id_tag = {int:id_tag}',
 			[
 				'id_tag' => $id_tag,
 			]);
@ -55,7 +50,7 @@ class Tag
 		$row = $db->queryAssoc('
 			SELECT *
 			FROM tags
-			WHERE slug = :slug',
+			WHERE slug = {string:slug}',
 			[
 				'slug' => $slug,
 			]);
@ -73,7 +68,7 @@ class Tag
 			SELECT *
 			FROM tags
 			ORDER BY ' . ($limit > 0 ? 'count
-			LIMIT :limit' : 'tag'),
+			LIMIT {int:limit}' : 'tag'),
 			[
 				'limit' => $limit,
 			]);
@ -107,14 +102,14 @@ class Tag
 		$res = $db->query('
 			SELECT *
 			FROM tags
-			WHERE id_user_owner = :id_user_owner
+			WHERE id_user_owner = {int:id_user_owner}
 			ORDER BY tag',
 			[
 				'id_user_owner' => $id_user_owner,
 			]);
 		$objects = [];
-		while ($row = $db->fetchAssoc($res))
+		while ($row = $db->fetch_assoc($res))
 			$objects[$row['id_tag']] = new Tag($row);
 		return $objects;
@ -125,9 +120,9 @@ class Tag
 		$rows = Registry::get('db')->queryAssocs('
 			SELECT *
 			FROM tags
-			WHERE id_parent = :id_parent AND kind = :kind
+			WHERE id_parent = {int:id_parent} AND kind = {string:kind}
 			ORDER BY tag ASC
-			LIMIT :offset, :limit',
+			LIMIT {int:offset}, {int:limit}',
 			[
 				'id_parent' => $id_parent,
 				'kind' => 'Album',
@ -153,7 +148,7 @@ class Tag
 			FROM assets_tags AS at
 			LEFT JOIN assets AS a ON at.id_asset = a.id_asset
 			LEFT JOIN users AS u ON a.id_user_uploaded = u.id_user
-			WHERE at.id_tag = :id_tag
+			WHERE at.id_tag = {int:id_tag}
 			GROUP BY a.id_user_uploaded
 			ORDER BY u.first_name, u.surname',
 			[
@ -166,9 +161,9 @@ class Tag
 		$rows = Registry::get('db')->queryAssocs('
 			SELECT *
 			FROM tags
-			WHERE id_parent = :id_parent AND kind = :kind
+			WHERE id_parent = {int:id_parent} AND kind = {string:kind}
 			ORDER BY tag ASC
-			LIMIT :offset, :limit',
+			LIMIT {int:offset}, {int:limit}',
 			[
 				'id_parent' => $id_parent,
 				'kind' => 'Person',
@ -195,7 +190,7 @@ class Tag
 			WHERE id_tag IN(
 				SELECT id_tag
 				FROM assets_tags
-				WHERE id_asset = :id_asset
+				WHERE id_asset = {int:id_asset}
 			)
 			ORDER BY count DESC',
 			[
@ -225,7 +220,7 @@ class Tag
 			WHERE id_tag IN(
 				SELECT id_tag
 				FROM posts_tags
-				WHERE id_post = :id_post
+				WHERE id_post = {int:id_post}
 			)
 			ORDER BY count DESC',
 			[
@ -255,7 +250,7 @@ class Tag
 				FROM `assets_tags` AS at
 				WHERE at.id_tag = t.id_tag
 			)' . (!empty($id_tags) ? '
-			WHERE t.id_tag IN(@id_tags)' : ''),
+			WHERE t.id_tag IN({array_int:id_tags})' : ''),
 			['id_tags' => $id_tags]);
 	}
@ -276,14 +271,14 @@ class Tag
 			INSERT IGNORE INTO tags
 			(id_parent, tag, slug, kind, description, count)
 			VALUES
-			(:id_parent, :tag, :slug, :kind, :description, :count)
+			({int:id_parent}, {string:tag}, {string:slug}, {string:kind}, {string:description}, {int:count})
 			ON DUPLICATE KEY UPDATE count = count + 1',
 			$data);
 		if (!$res)
-			throw new Exception('Could not create the requested tag.');
+			trigger_error('Could not create the requested tag.', E_USER_ERROR);
-		$data['id_tag'] = $db->insertId();
+		$data['id_tag'] = $db->insert_id();
 		return $return_format === 'object' ? new Tag($data) : $data;
 	}
@ -297,15 +292,14 @@ class Tag
 		return Registry::get('db')->query('
 			UPDATE tags
 			SET
-				id_parent = :id_parent,
+				id_parent = {int:id_parent},
-				id_asset_thumb = :id_asset_thumb,' . (isset($this->id_user_owner) ? '
+				id_asset_thumb = {int:id_asset_thumb},' . (isset($this->id_user_owner) ? '
-				id_user_owner = :id_user_owner,' : '') . '
+				id_user_owner = {int:id_user_owner},' : '') . '
-				tag = :tag,
+				tag = {string:tag},
-				slug = :slug,
+				slug = {string:slug},
-				kind = :kind,
+				description = {string:description},
-				description = :description,
+				count = {int:count}
-				count = :count
+			WHERE id_tag = {int:id_tag}',
 			WHERE id_tag = :id_tag',
 			get_object_vars($this));
 	}
@ -313,10 +307,9 @@ class Tag
 	{
 		$db = Registry::get('db');
 		// Unlink any tagged assets
 		$res = $db->query('
 			DELETE FROM assets_tags
-			WHERE id_tag = :id_tag',
+			WHERE id_tag = {int:id_tag}',
 			[
 				'id_tag' => $this->id_tag,
 			]);
@ -324,10 +317,9 @@ class Tag
 		if (!$res)
 			return false;
 		// Delete the actual tag
 		return $db->query('
 			DELETE FROM tags
-			WHERE id_tag = :id_tag',
+			WHERE id_tag = {int:id_tag}',
 			[
 				'id_tag' => $this->id_tag,
 			]);
@ -339,15 +331,15 @@ class Tag
 		$new_id = $db->queryValue('
 			SELECT MAX(id_asset) as new_id
 			FROM assets_tags
-			WHERE id_tag = :id_tag',
+			WHERE id_tag = {int:id_tag}',
 			[
 				'id_tag' => $this->id_tag,
 			]);
 		return $db->query('
 			UPDATE tags
-			SET id_asset_thumb = :new_id
+			SET id_asset_thumb = {int:new_id}
-			WHERE id_tag = :id_tag',
+			WHERE id_tag = {int:id_tag}',
 			[
 				'new_id' => $new_id ?? 0,
 				'id_tag' => $this->id_tag,
@ -362,7 +354,7 @@ class Tag
 		return Registry::get('db')->queryPair('
 			SELECT id_tag, tag
 			FROM tags
-			WHERE LOWER(tag) LIKE :tokens
+			WHERE LOWER(tag) LIKE {string:tokens}
 			ORDER BY tag ASC',
 			['tokens' => '%' . strtolower(implode('%', $tokens)) . '%']);
 	}
@ -392,7 +384,7 @@ class Tag
 		return Registry::get('db')->queryPair('
 			SELECT id_tag, tag
 			FROM tags
-			WHERE tag = :tag',
+			WHERE tag = {string:tag}',
 			['tag' => $tag]);
 	}
@ -404,7 +396,7 @@ class Tag
 		return Registry::get('db')->queryValue('
 			SELECT id_tag
 			FROM tags
-			WHERE slug = :slug',
+			WHERE slug = {string:slug}',
 			['slug' => $slug]);
 	}
@ -413,103 +405,31 @@ class Tag
 		return Registry::get('db')->queryPair('
 			SELECT tag, id_tag
 			FROM tags
-			WHERE tag IN (:tags)',
+			WHERE tag IN ({array_string:tags})',
 			['tags' => $tags]);
 	}
-	public static function getCount($only_used = true, $kind = '', $isAlbum = false)
+	public static function getCount($only_active = 1, $kind = '')
 	{
 		$where = [];
-		if ($only_used)
+		if ($only_active)
 			$where[] = 'count > 0';
-		if (empty($kind))
+		if (!empty($kind))
-			$kind = 'Album';
+			$where[] = 'kind = {string:kind}';
-		$operator = $isAlbum ? '=' : '!=';
+		if (!empty($where))
-		$where[] = 'kind ' . $operator . ' :kind';
+			$where = 'WHERE ' . implode(' AND ', $where);
-		$where = implode(' AND ', $where);
+		else
 			$where = '';
 		return Registry::get('db')->queryValue('
 			SELECT COUNT(*)
-			FROM tags
+			FROM tags ' . $where,
-			WHERE ' . $where,
+			['kind' => $kind]);
 			[
 				'kind' => $kind,
 			]);
 	}
-	public static function getOffset($offset, $limit, $order, $direction, $isAlbum = false)
+	public function __toString()
 	{
-		assert(in_array($order, ['id_tag', 'tag', 'slug', 'count']));
+		return $this->tag;
 		$order = $order . ($direction === 'up' ? ' ASC' : ' DESC');
 		$operator = $isAlbum ? '=' : '!=';
 		$db = Registry::get('db');
 		$res = $db->query('
 			SELECT t.*, u.id_user, u.first_name, u.surname
 			FROM tags AS t
 			LEFT JOIN users AS u ON t.id_user_owner = u.id_user
 			WHERE kind ' . $operator . ' :album
 			ORDER BY id_parent, ' . $order . '
 			LIMIT :offset, :limit',
 			[
 				'offset' => $offset,
 				'limit' => $limit,
 				'album' => 'Album',
 			]);
 		$albums_by_parent = [];
 		while ($row = $db->fetchAssoc($res))
 		{
 			if (!isset($albums_by_parent[$row['id_parent']]))
 				$albums_by_parent[$row['id_parent']] = [];
 			$albums_by_parent[$row['id_parent']][] = $row + ['children' => []];
 		}
 		$albums = self::getChildrenRecursively(0, 0, $albums_by_parent);
 		$rows = self::flattenChildrenRecursively($albums);
 		return $rows;
 	}
 	private static function getChildrenRecursively($id_parent, $level, &$albums_by_parent)
 	{
 		$children = [];
 		if (!isset($albums_by_parent[$id_parent]))
 			return $children;
 		foreach ($albums_by_parent[$id_parent] as $child)
 		{
 			if (isset($albums_by_parent[$child['id_tag']]))
 				$child['children'] = self::getChildrenRecursively($child['id_tag'], $level + 1, $albums_by_parent);
 			$child['tag'] = ($level ? str_repeat('—', $level * 2) . ' ' : '') . $child['tag'];
 			$children[] = $child;
 		}
 		return $children;
 	}
 	private static function flattenChildrenRecursively($albums)
 	{
 		if (empty($albums))
 			return [];
 		$rows = [];
 		foreach ($albums as $album)
 		{
 			static $headers_to_keep = ['id_tag', 'tag', 'slug', 'count', 'id_user', 'first_name', 'surname'];
 			$rows[] = array_intersect_key($album, array_flip($headers_to_keep));
 			if (!empty($album['children']))
 			{
 				$children = self::flattenChildrenRecursively($album['children']);
 				foreach ($children as $child)
 					$rows[] = array_intersect_key($child, array_flip($headers_to_keep));
 			}
 		}
 		return $rows;
 	}
 }
--- a/models/Thumbnail.php
+++ b/models/Thumbnail.php
@ -335,7 +335,7 @@ class Thumbnail
 		if ($success)
 		{
 			$thumb_selector = $this->width . 'x' . $this->height . $this->filename_suffix;
-			$this->thumbnails[$thumb_selector] = $filename ?? null;
+			$this->thumbnails[$thumb_selector] = $filename !== 'NULL' ? $filename : null;
 			// For consistency, write new thumbnail filename to parent Image object.
 			// TODO: there could still be an inconsistency if multiple objects exists for the same image asset.
@ -349,7 +349,7 @@ class Thumbnail
 	private function markAsQueued()
 	{
-		$this->updateDb(null);
+		$this->updateDb('NULL');
 	}
 	private function markAsGenerated($filename)
--- a/models/User.php
+++ b/models/User.php
@ -23,7 +23,6 @@ abstract class User
 	protected $ip_address;
 	protected $is_admin;
 	protected $reset_key;
 	protected $reset_blocked_until;
 	protected bool $is_logged;
 	protected bool $is_guest;
--- a/public/css/default.css
+++ b/public/css/default.css
@ -366,8 +366,8 @@ div.polaroid a {
 /* Album button box
 ---------------------*/
 .album_button_box {
 	float: right;
 	display: flex;
 	justify-content: flex-end;
 	margin-bottom: 3rem;
 }
 .album_button_box > a,
--- a/templates/AlbumButtonBox.php
+++ b/templates/AlbumButtonBox.php
@ -22,7 +22,7 @@ class AlbumButtonBox extends Template
 	public function html_main()
 	{
 		echo '
-			<div class="container album_button_box">';
+			<div class="album_button_box">';
 		foreach ($this->buttons as $button)
 			echo '
--- a/templates/ErrorPage.php
+++ b/templates/ErrorPage.php
@ -1,41 +0,0 @@
 <?php
 /*****************************************************************************
 * ErrorPage.php
 * Defines the template class ErrorPage.
 *
 * Kabuki CMS (C) 2013-2025, Aaron van Geffen
 *****************************************************************************/
 class ErrorPage extends Template
 {
 	private $debug_info;
 	private $message;
 	private $title;
 	public function __construct($title, $message, $debug_info = null)
 	{
 		$this->title = $title;
 		$this->message = $message;
 		$this->debug_info = $debug_info;
 	}
 	public function html_main()
 	{
 		echo '
 				<div class="content-box container">
 					<h2>', $this->title, '</h2>
 					<p>', nl2br(htmlspecialchars($this->message)), '</p>';
 		if (isset($this->debug_info))
 		{
 			echo '
 				</div>
 				<div class="content-box container">
 					<h4>Debug Info</h4>
 					<pre>', htmlspecialchars($this->debug_info), '</pre>';
 		}
 		echo '
 				</div>';
 	}
 }
--- a/templates/FeaturedThumbnailManager.php
+++ b/templates/FeaturedThumbnailManager.php
@ -8,12 +8,12 @@
 class FeaturedThumbnailManager extends SubTemplate
 {
-	private $iterator;
+	private $assets;
 	private $currentThumbnailId;
-	public function __construct(AssetIterator $iterator, $currentThumbnailId)
+	public function __construct(AssetIterator $assets, $currentThumbnailId)
 	{
-		$this->iterator = $iterator;
+		$this->assets = $assets;
 		$this->currentThumbnailId = $currentThumbnailId;
 	}
@ -25,7 +25,7 @@ class FeaturedThumbnailManager extends SubTemplate
 			<h2>Select thumbnail</h2>
 			<ul id="featuredThumbnail">';
-		foreach ($this->iterator as $asset)
+		while ($asset = $this->assets->next())
 		{
 			$image = $asset->getImage();
 			echo '
@ -36,6 +36,8 @@ class FeaturedThumbnailManager extends SubTemplate
 				</li>';
 		}
 		$this->assets->clean();
 		echo '
 				</ul>
 				<input type="hidden" name="', Session::getSessionTokenKey(), '" value="', Session::getSessionToken(), '">
--- a/templates/MainNavBar.php
+++ b/templates/MainNavBar.php
@ -33,7 +33,7 @@ class MainNavBar extends NavBar
 					<span class="navbar-toggler-icon"></span>
 				</button>';
-		if (Registry::has('user') && Registry::get('user')->isLoggedIn())
+		if (Registry::get('user')->isLoggedIn())
 		{
 			echo '
 				<div class="collapse navbar-collapse justify-content-end" id="', $this->innerMenuId, '">
--- a/templates/PhotoPage.php
+++ b/templates/PhotoPage.php
@ -174,11 +174,8 @@ class PhotoPage extends Template
 		echo '
 					</ul>';
 		if ($allowLinkingNewTags)
 		{
 		$this->printNewTagScript($tagKind, $tagListId, $newTagId);
 	}
 	}
 	private function printNewTagScript($tagKind, $tagListId, $newTagId)
 	{
--- a/templates/TabularData.php
+++ b/templates/TabularData.php
@ -8,7 +8,7 @@
 class TabularData extends SubTemplate
 {
-	protected GenericTable $_t;
+	private GenericTable $_t;
 	public function __construct(GenericTable $table)
 	{
@ -16,47 +16,6 @@ class TabularData extends SubTemplate
 	}
 	protected function html_content()
 	{
 		$this->renderTitle();
 		foreach ($this->_subtemplates as $template)
 			$template->html_main();
 		// Showing an inline form?
 		$pager = $this->_t->getPageIndex();
 		if (!empty($pager) || isset($this->_t->form_above))
 			$this->renderPaginationForm($pager, $this->_t->form_above);
 		$tableClass = $this->_t->getTableClass();
 		if ($tableClass)
 			echo '
 			<div class="', $tableClass, '">';
 		// Build the table!
 		echo '
 				<table class="table table-striped table-condensed">';
 		$this->renderTableHead($this->_t->getHeader());
 		$this->renderTableBody($this->_t->getBody());
 		echo '
 				</table>';
 		if ($tableClass)
 			echo '
 			</div>';
 		// Showing an inline form?
 		if (!empty($pager) || isset($this->_t->form_below))
 			$this->renderPaginationForm($pager, $this->_t->form_below);
 		$title = $this->_t->getTitle();
 		if (!empty($title))
 			echo '
 			</div>';
 	}
 	protected function renderTitle()
 	{
 		$title = $this->_t->getTitle();
 		if (!empty($title))
@ -66,32 +25,43 @@ class TabularData extends SubTemplate
 			<div class="generic-table', !empty($titleclass) ? ' ' . $titleclass : '', '">
 				<h1>', htmlspecialchars($title), '</h1>';
 		}
 	}
-	protected function renderPaginationForm($pager, $form, $class='row')
+		foreach ($this->_subtemplates as $template)
 			$template->html_main();
 		// Showing an inline form?
 		$pager = $this->_t->getPageIndex();
 		if (!empty($pager) || isset($this->_t->form_above))
 		{
 			echo '
-			<div class="', $class, ' clearfix justify-content-end">';
+				<div class="row clearfix justify-content-end">';
 			// Page index?
 			if (!empty($pager))
 				PageIndexWidget::paginate($pager);
 			// Form controls?
-		if (isset($form))
+			if (isset($this->_t->form_above))
-			$this->renderInlineForm($form);
+				$this->showForm($this->_t->form_above);
 			echo '
 				</div>';
 		}
-	protected function renderTableHead(array $headers)
+		$tableClass = $this->_t->getTableClass();
-	{
+		if ($tableClass)
 			echo '
 			<div class="', $tableClass, '">';
 		// Build the table!
 		echo '
 				<table class="table table-striped table-condensed">
 					<thead>
 						<tr>';
-		foreach ($headers as $th)
+		// Show all headers in their full glory!
 		$header = $this->_t->getHeader();
 		foreach ($header as $th)
 		{
 			echo '
 							<th', (!empty($th['width']) ? ' width="' . $th['width'] . '"' : ''), (!empty($th['class']) ? ' class="' . $th['class'] . '"' : ''), ($th['colspan'] > 1 ? ' colspan="' . $th['colspan'] . '"' : ''), ' scope="', $th['scope'], '">',
@ -105,14 +75,11 @@ class TabularData extends SubTemplate
 		echo '
 						</tr>
-					</thead>';
+					</thead>
 	}
 	protected function renderTableBody($body)
 	{
 		echo '
 					<tbody>';
 		// The body is what we came to see!
 		$body = $this->_t->getBody();
 		if (is_array($body))
 		{
 			foreach ($body as $tr)
@ -123,31 +90,59 @@ class TabularData extends SubTemplate
 				foreach ($tr['cells'] as $td)
 				{
 					echo '
-							<td',
+							<td', (!empty($td['width']) ? ' width="' . $td['width'] . '"' : ''), '>';
-								(!empty($td['class']) ? ' class="' . $td['class'] . '"' : ''),
+
-								(!empty($td['width']) ? ' width="' . $td['width'] . '"' : ''), '>',
+					if (!empty($td['class']))
-								$td['value'],
+						echo '<span class="', $td['class'], '">', $td['value'], '</span>';
-							'</td>';
+					else
 						echo $td['value'];
 					echo '</td>';
 				}
 				echo '
 						</tr>';
 			}
 		}
 		// !!! Sum colspan!
 		else
 		{
 			$header = $this->_t->getHeader();
 			echo '
 						<tr>
 							<td colspan="', count($header), '" class="fullwidth">', $body, '</td>
 						</tr>';
 		}
 		echo '
-					</tbody>';
+					</tbody>
 				</table>';
 		if ($tableClass)
 			echo '
 			</div>';
 		// Showing an inline form?
 		if (!empty($pager) || isset($this->_t->form_below))
 		{
 			echo '
 				<div class="row clearfix justify-content-end">';
 			// Page index?
 			if (!empty($pager))
 				PageIndexWidget::paginate($pager);
 			// Form controls?
 			if (isset($this->_t->form_below))
 				$this->showForm($this->_t->form_below);
 			echo '
 				</div>';
 		}
-	protected function renderInlineForm($form)
+		if (!empty($title))
 			echo '
 			</div>';
 	}
 	protected function showForm($form)
 	{
 		if (!isset($form['is_embed']))
 			echo '
		`@ -1,2 +0,0 @@`
			`/* Add time-out to password reset keys, and prevent repeated mails */`
			ALTER TABLE `users` ADD `reset_blocked_until` INT UNSIGNED NULL AFTER `reset_key`;