Merge pull request #1524 from KodeStar/remove_dropdown_on_single_provider

Remove search provider dropdown when there's only a single provider
Fix lint issue
2026-02-23 13:10:32 +09:00 · 2025-11-11 12:05:43 +00:00 · 2025-11-11 12:02:53 +00:00 · 2025-11-11 12:00:41 +00:00 · 2025-11-11 11:43:55 +00:00 · 2025-11-11 11:42:38 +00:00
18129 changed files with 1208445 additions and 577673 deletions
--- a/.env
+++ b/.env
@@ -1,31 +0,0 @@
-APP_NAME=Heimdall
-APP_ENV=local
-APP_KEY=base64:I206O8ibx+GQyRE7BeOxDobn04Mfmyyc5Ptzns/C0mY=
-APP_DEBUG=true
-APP_LOG_LEVEL=debug
-APP_URL=http://localhost
-
-DB_CONNECTION=sqlite
-DB_DATABASE=app.sqlite
-
-BROADCAST_DRIVER=log
-CACHE_DRIVER=file
-SESSION_DRIVER=file
-SESSION_LIFETIME=120
-QUEUE_DRIVER=sync
-
-REDIS_HOST=127.0.0.1
-REDIS_PASSWORD=null
-REDIS_PORT=6379
-
-MAIL_DRIVER=smtp
-MAIL_HOST=smtp.mailtrap.io
-MAIL_PORT=2525
-MAIL_USERNAME=null
-MAIL_PASSWORD=null
-MAIL_ENCRYPTION=null
-
-PUSHER_APP_ID=
-PUSHER_APP_KEY=
-PUSHER_APP_SECRET=
-PUSHER_APP_CLUSTER=mt1
--- a/.env.example
+++ b/.env.example
@@ -1,35 +1,69 @@
-APP_NAME=Laravel
+APP_NAME=Heimdall
 APP_ENV=local
 APP_KEY=
-APP_DEBUG=true
-APP_LOG_LEVEL=debug
+APP_DEBUG=false
 APP_URL=http://localhost

-DB_CONNECTION=mysql
-DB_HOST=127.0.0.1
-DB_PORT=3306
-DB_DATABASE=homestead
-DB_USERNAME=homestead
-DB_PASSWORD=secret
+APP_LOCALE=en
+APP_FALLBACK_LOCALE=en
+APP_FAKER_LOCALE=en_US
+APP_MAINTENANCE_DRIVER=file
+APP_MAINTENANCE_STORE=database
+BCRYPT_ROUNDS=12

-BROADCAST_DRIVER=log
-CACHE_DRIVER=file
+LOG_CHANNEL=daily
+LOG_STACK=single
+
+DB_CONNECTION=sqlite
+DB_DATABASE=app.sqlite
+
+#DB_CONNECTION=<mysql | pgsql>
+#DB_HOST=<hostname | ip>
+#DB_PORT=<port number>
+#DB_DATABASE=<database>
+#DB_USERNAME=<user>
+#DB_PASSWORD=<password>
+
+BROADCAST_CONNECTION=log
+CACHE_STORE=file
+QUEUE_CONNECTION=sync
 SESSION_DRIVER=file
 SESSION_LIFETIME=120
+SESSION_ENCRYPT=false
+SESSION_PATH=/
+SESSION_DOMAIN=null
 QUEUE_DRIVER=sync

 REDIS_HOST=127.0.0.1
 REDIS_PASSWORD=null
 REDIS_PORT=6379

-MAIL_DRIVER=smtp
+MAIL_MAILER=smtp
 MAIL_HOST=smtp.mailtrap.io
 MAIL_PORT=2525
 MAIL_USERNAME=null
 MAIL_PASSWORD=null
 MAIL_ENCRYPTION=null
+MAIL_FROM_ADDRESS=null
+MAIL_FROM_NAME="${APP_NAME}"
+
+AWS_ACCESS_KEY_ID=
+AWS_SECRET_ACCESS_KEY=
+AWS_DEFAULT_REGION=us-east-1
+AWS_BUCKET=

 PUSHER_APP_ID=
 PUSHER_APP_KEY=
 PUSHER_APP_SECRET=
 PUSHER_APP_CLUSTER=mt1
+
+MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
+MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
+
+AUTH_ROLES_ENABLE=false
+AUTH_ROLES_HEADER="remote-groups"
+AUTH_ROLES_HTTP_HEADER="HTTP_REMOTE_GROUPS"
+AUTH_ROLES_ADMIN="admin"
+AUTH_ROLES_DELIMITER=","
+
+ALLOW_INTERNAL_REQUESTS=false
--- a/.eslintignore
+++ b/.eslintignore
@@ -0,0 +1,3 @@
+huebee.js
+jquery-ui.min.js
+bootstrap.js
--- a/.eslintrc
+++ b/.eslintrc
@@ -0,0 +1,13 @@
+{
+    "extends": ["airbnb-base", "prettier"],
+    "plugins": ["prettier"],
+    "rules": {
+        "prettier/prettier": ["error"]
+    },
+    "env": {
+        "browser": true
+    },
+    "globals": {
+        "$": true
+    }
+}
--- a/.github/workflows/call_issue_pr_tracker.yml
+++ b/.github/workflows/call_issue_pr_tracker.yml
@@ -0,0 +1,16 @@
+name: Issue & PR Tracker
+
+on:
+  issues:
+    types: [opened,reopened,labeled,unlabeled,closed]
+  pull_request_target:
+    types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed]
+  pull_request_review:
+    types: [submitted,edited,dismissed]
+
+jobs:
+  manage-project:
+    permissions:
+      issues: write
+    uses: linuxserver/github-workflows/.github/workflows/issue-pr-tracker.yml@v1
+    secrets: inherit
--- a/.github/workflows/call_issues_cron.yml
+++ b/.github/workflows/call_issues_cron.yml
@@ -0,0 +1,13 @@
+name: Mark stale issues and pull requests
+on:
+  schedule:
+    - cron:  '35 15 * * *'
+  workflow_dispatch:
+
+jobs:
+  stale:
+    permissions:
+      issues: write
+      pull-requests: write
+    uses: linuxserver/github-workflows/.github/workflows/issues-cron.yml@v1
+    secrets: inherit
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,59 @@
+name: Tests (PHP)
+
+on: [pull_request]
+
+jobs:
+  tests:
+    name: Run tests
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v1
+
+      - name: Setup PHP, with composer and extensions
+        uses: shivammathur/setup-php@v2 #https://github.com/shivammathur/setup-php
+        with:
+          php-version: '8.3'
+          extensions: mbstring, dom, fileinfo, mysql, libxml, xml, xmlwriter, dom, tokenizer, filter, json, phar, pcre, openssl, pdo, intl, curl
+
+      - name: Cache composer dependencies
+        uses: actions/cache@v4
+        with:
+          path: vendor
+          key: composer-${{ hashFiles('composer.lock') }}
+
+      #- name: Run composer install
+      #  run: composer install -n --prefer-dist
+      #  env:
+      #    APP_ENV: testing
+
+      - name: Prepare Laravel Application
+        run: |
+          cp .env.example .env
+          php artisan key:generate
+
+      - name: Cache yarn dependencies
+        uses: actions/cache@v4
+        with:
+          path: node_modules
+          key: yarn-${{ hashFiles('yarn.lock') }}
+
+      - name: Run yarn
+        run: yarn && yarn dev
+
+      - name: Run ESLint
+        run: yarn lint
+
+      - name: Run tests
+        run: php artisan test
+        env:
+          APP_ENV: testing
+
+      - name: Php code sniffer
+        run: ./vendor/bin/phpcs --config-set ignore_warnings_on_exit 1
+
+      - name: Upload artifacts
+        uses: actions/upload-artifact@master
+        if: failure()
+        with:
+          name: Logs
+          path: ./storage/logs
--- a/.gitignore
+++ b/.gitignore
@@ -1,7 +1,9 @@
+/app/SupportedApps
 /node_modules
 /public/hot
 /public/storage
 /storage/*.key
+/storage/debugbar
 /.idea
 /.vagrant
 Homestead.json
@@ -25,3 +27,5 @@ yarn-error.log
 .Trashes
 .VolumeIcon.icns
 storage/app/public/avatars/*
+.env
+.phpunit.result.cache
--- a/.phpstorm.meta.php
+++ b/.phpstorm.meta.php
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -0,0 +1,15 @@
+{
+    "version": "0.2.0",
+    "configurations": [
+      {
+        "name": "Listen for Xdebug",
+        "type": "php",
+        "request": "launch",
+        "port": 9003,
+        "pathMappings": {
+          "/var/www/html": "${workspaceFolder}"
+        }
+      }
+    ]
+  }
+  
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@@ -0,0 +1,16 @@
+{
+    "version": "2.0.0",
+    "tasks": [
+      {
+        "label": "Start Docker Compose",
+        "type": "shell",
+        "command": "docker-compose up --build",
+        "group": {
+          "kind": "build",
+          "isDefault": true
+        },
+        "problemMatcher": []
+      }
+    ]
+  }
+  
--- a/_ide_helper.php
+++ b/_ide_helper.php
--- a/app/Application.php
+++ b/app/Application.php
@@ -2,62 +2,199 @@

 namespace App;

+use GuzzleHttp\Exception\GuzzleException;
+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Collection;
+use Illuminate\Support\Facades\Log;

+/**
+ * App\Application
+ *
+ * @property string $appid
+ * @property string $name
+ * @property string|null $sha
+ * @property string|null $icon
+ * @property string|null $website
+ * @property string|null $license
+ * @property string|null $description
+ * @property int $enhanced
+ * @property string $tile_background
+ * @property \Illuminate\Support\Carbon|null $created_at
+ * @property \Illuminate\Support\Carbon|null $updated_at
+ * @property string|null $class
+ * @method static Builder|Application newModelQuery()
+ * @method static Builder|Application newQuery()
+ * @method static Builder|Application query()
+ * @method static Builder|Application whereAppid($value)
+ * @method static Builder|Application whereClass($value)
+ * @method static Builder|Application whereCreatedAt($value)
+ * @method static Builder|Application whereDescription($value)
+ * @method static Builder|Application whereEnhanced($value)
+ * @method static Builder|Application whereIcon($value)
+ * @method static Builder|Application whereLicense($value)
+ * @method static Builder|Application whereName($value)
+ * @method static Builder|Application whereSha($value)
+ * @method static Builder|Application whereTileBackground($value)
+ * @method static Builder|Application whereUpdatedAt($value)
+ * @method static Builder|Application whereWebsite($value)
+ */
 class Application extends Model
 {
+    /**
+     * @var bool
+     */
    public $incrementing = false;

+    /**
+     * @var string
+     */
    protected $primaryKey = 'appid';

-    //
+    /**
+     * @return mixed
+     */
    public function icon()
    {
-        if(!file_exists(storage_path('app/public/'.$this->icon)))  {
+        if (! file_exists(storage_path('app/public/'.$this->icon))) {
            $img_src = app_path('SupportedApps/'.$this->name.'/'.str_replace('icons/', '', $this->icon));
            $img_dest = storage_path('app/public/'.$this->icon);
            //die("i: ".$img_src);
            @copy($img_src, $img_dest);
        }

-
        return $this->icon;
    }

-    public function iconView()
+    public function iconView(): string
    {
        return asset('storage/'.$this->icon);
    }

-    public function defaultColour()
+    public function defaultColour(): string
    {
        // check if light or dark
-        if($this->tile_background == 'light') return '#fafbfc';
+        if ($this->tile_background == 'light') {
+            return '#fafbfc';
+        }
+
        return '#161b1f';
    }

-    public function class()
+    public function class(): string
    {
        $name = $this->name;
-        $name = preg_replace('/\PL/u', '', $name);    
+        $name = preg_replace('/[^\p{L}\p{N}]/u', '', $name);
+
+        return \App\SupportedApps::class.'\\'.$name.'\\'.$name;
+    }
+
+    /**
+     * @param $name
+     */
+    public static function classFromName($name): string
+    {
+        $name = preg_replace('/[^\p{L}\p{N}]/u', '', $name);
+
+        $class = \App\SupportedApps::class.'\\'.$name.'\\'.$name;

-        $class = '\App\SupportedApps\\'.$name.'\\'.$name;
        return $class;
    }

-    public static function applist()
+    public static function apps(): Collection
    {
+        $json = json_decode(file_get_contents(storage_path('app/supportedapps.json'))) ?? [];
+        $apps = collect($json->apps);
+
+        return $apps->sortBy('name', SORT_NATURAL | SORT_FLAG_CASE);
+    }
+
+    public static function autocomplete(): array
+    {
+        $apps = self::apps();
        $list = [];
-        $all = self::orderBy('name')->get()->sortBy('name', SORT_NATURAL|SORT_FLAG_CASE);
-        $list['null'] = 'None';
-        foreach($all as $app) {
-            $name = $app->name;
-            $name = preg_replace('/\PL/u', '', $name);
-        
-            $list['\App\SupportedApps\\'.$name.'\\'.$name] = $app->name;
+        foreach ($apps as $app) {
+            $list[] = (object) [
+                'label' => $app->name,
+                'value' => $app->appid,
+            ];
        }
+
        return $list;
    }

+    /**
+     * @param $appid
+     * @return mixed|null
+     * @throws GuzzleException
+     */
+    public static function getApp($appid)
+    {
+        Log::debug("Get app triggered for: $appid");

+        $localapp = self::where('appid', $appid)->first();
+        $app = self::single($appid);
+
+        $application = ($localapp) ? $localapp : new self;
+
+        // Files missing? || app not in db || old sha version
+        if (! file_exists(app_path('SupportedApps/'.className($app->name))) ||
+            ! $localapp ||
+            $localapp->sha !== $app->sha
+        ) {
+            $gotFiles = SupportedApps::getFiles($app);
+            if ($gotFiles) {
+                $app = SupportedApps::saveApp($app, $application);
+            }
+        }
+
+        return $app;
+    }
+
+    /**
+     * @param $appid
+     * @return mixed|null
+     */
+    public static function single($appid)
+    {
+        $apps = self::apps();
+        $app = $apps->where('appid', $appid)->first();
+
+        if ($app === null) {
+            // Try in db for Private App
+            $appModel = self::where('appid', $appid)->first();
+            if ($appModel) {
+                $app = json_decode($appModel->toJson());
+            }
+        }
+
+        if ($app === null) {
+            return null;
+        }
+        $classname = preg_replace('/[^\p{L}\p{N}]/u', '', $app->name);
+        $app->class = \App\SupportedApps::class.'\\'.$classname.'\\'.$classname;
+
+        return $app;
+    }
+
+    public static function applist(): array
+    {
+        $list = [];
+        $list['null'] = 'None';
+        $apps = self::apps();
+        foreach ($apps as $app) {
+            $list[$app->appid] = $app->name;
+        }
+
+        // Check for private apps in the db
+        $appsListFromDB = self::all(['appid', 'name']);
+
+        foreach ($appsListFromDB as $app) {
+            // Already existing keys are overwritten,
+            // only private apps should be added at the end
+            $list[$app->appid] = $app->name;
+        }
+
+        return $list;
+    }
 }
--- a/app/Console/Commands/RegisterApp.php
+++ b/app/Console/Commands/RegisterApp.php
@@ -2,9 +2,10 @@

 namespace App\Console\Commands;

-use Illuminate\Console\Command;
 use App\Application;
 use App\SupportedApps;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Storage;

 class RegisterApp extends Command
 {
@@ -13,7 +14,7 @@ class RegisterApp extends Command
     *
     * @var string
     */
-    protected $signature = 'register:app {folder}';
+    protected $signature = 'register:app {folder} {--remove}';

    /**
     * The console command description.
@@ -34,46 +35,68 @@ class RegisterApp extends Command

    /**
     * Execute the console command.
-     *
-     * @return mixed
     */
-    public function handle()
+    public function handle(): void
    {
        $folder = $this->argument('folder');
-        if($folder == 'all') {
+        if ($folder == 'all') {
            $apps = scandir(app_path('SupportedApps'));
-            foreach($apps as $folder) {
-                if($folder == '.' || $folder == '..') continue;
+            foreach ($apps as $folder) {
+                if ($folder == '.' || $folder == '..') {
+                    continue;
+                }
                $this->addApp($folder);
            }
-
        } else {
-            $this->addApp($folder);
+            $this->addApp($folder, $this->option('remove'));
        }
-        
    }

-    public function addApp($folder)
+    /**
+     * @param $folder
+     */
+    public function addApp($folder, bool $remove = false): void
    {
        $json = app_path('SupportedApps/'.$folder.'/app.json');
-        if(file_exists($json)) {
-            $app = json_decode(file_get_contents($json));
-            if(isset($app->appid)) {
-                $exists = Application::find($app->appid);
-                if($exists) {
-                    $this->error('Application already registered - '.$exists->name." - ".$exists->appid);
-                } else {
-                    // Doesn't exist so add it
-                    SupportedApps::saveApp($app, new Application);
-                    $this->info("Application Added - ".$app->name." - ".$app->appid);
-                }
-            } else {
-                $this->error('No App ID for - '.$folder);
-            }
-            
-        } else {
-            $this->error('Could not find '.$json);
+
+        if (!file_exists($json)) {
+            $this->error('Could not find ' . $json);
+            return;
        }

+        $app = json_decode(file_get_contents($json));
+
+        if (!isset($app->appid)) {
+            $this->error('No App ID for - ' . $folder);
+            return;
+        }
+
+        $exists = Application::find($app->appid);
+
+        if ($exists) {
+            if ($remove) {
+                $exists->delete();
+                $this->info('Application Removed - ' . $app->name . ' - ' . $app->appid);
+                return;
+            }
+            $this->error('Application already registered - ' . $exists->name . ' - ' . $exists->appid);
+            return;
+        }
+
+        // Doesn't exist so add it
+        SupportedApps::saveApp($app, new Application);
+        $this->saveIcon($folder, $app->icon);
+        $this->info('Application Added - ' . $app->name . ' - ' . $app->appid);
+    }
+
+    /**
+     * @param $appFolder
+     * @param $icon
+     */
+    private function saveIcon($appFolder, $icon): void
+    {
+        $iconPath = app_path('SupportedApps/' . $appFolder . '/' . $icon);
+        $contents = file_get_contents($iconPath);
+        Storage::disk('public')->put('icons/'.$icon, $contents);
    }
 }
--- a/app/Console/Kernel.php
+++ b/app/Console/Kernel.php
@@ -1,42 +0,0 @@
-<?php
-
-namespace App\Console;
-
-use Illuminate\Console\Scheduling\Schedule;
-use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
-
-class Kernel extends ConsoleKernel
-{
-    /**
-     * The Artisan commands provided by your application.
-     *
-     * @var array
-     */
-    protected $commands = [
-        //
-    ];
-
-    /**
-     * Define the application's command schedule.
-     *
-     * @param  \Illuminate\Console\Scheduling\Schedule  $schedule
-     * @return void
-     */
-    protected function schedule(Schedule $schedule)
-    {
-        // $schedule->command('inspire')
-        //          ->hourly();
-    }
-
-    /**
-     * Register the commands for the application.
-     *
-     * @return void
-     */
-    protected function commands()
-    {
-        $this->load(__DIR__.'/Commands');
-
-        require base_path('routes/console.php');
-    }
-}
--- a/app/EnhancedApps.php
+++ b/app/EnhancedApps.php
@@ -1,12 +1,12 @@
-<?php namespace App;
+<?php

-use GuzzleHttp\Exception\GuzzleException;
-use GuzzleHttp\Client;
+namespace App;

 interface EnhancedApps
 {
    public function test();
-    public function livestats();
-    public function url($endpoint);

-}
+    public function livestats();
+
+    public function url($endpoint);
+}
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@@ -1,53 +0,0 @@
-<?php
-
-namespace App\Exceptions;
-
-use Exception;
-use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
-
-class Handler extends ExceptionHandler
-{
-    /**
-     * A list of the exception types that are not reported.
-     *
-     * @var array
-     */
-    protected $dontReport = [
-        //
-    ];
-
-    /**
-     * A list of the inputs that are never flashed for validation exceptions.
-     *
-     * @var array
-     */
-    protected $dontFlash = [
-        'password',
-        'password_confirmation',
-    ];
-
-    /**
-     * Report or log an exception.
-     *
-     * This is a great spot to send exceptions to Sentry, Bugsnag, etc.
-     *
-     * @param  \Exception  $exception
-     * @return void
-     */
-    public function report(Exception $exception)
-    {
-        parent::report($exception);
-    }
-
-    /**
-     * Render an exception into an HTTP response.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Exception  $exception
-     * @return \Illuminate\Http\Response
-     */
-    public function render($request, Exception $exception)
-    {
-        return parent::render($request, $exception);
-    }
-}
--- a/app/Facades/Form.php
+++ b/app/Facades/Form.php
@@ -0,0 +1,13 @@
+<?php
+
+namespace App\Facades;
+
+use Illuminate\Support\Facades\Facade;
+
+class Form extends Facade
+{
+    protected static function getFacadeAccessor()
+    {
+        return 'custom-form';
+    }
+}
--- a/app/Helper.php
+++ b/app/Helper.php
@@ -1,44 +1,154 @@
 <?php

-function format_bytes($bytes, $is_drive_size = true, $beforeunit = '', $afterunit = '')
+use Illuminate\Support\Str;
+use enshrined\svgSanitize\Sanitizer;
+
+/**
+ * @param $bytes
+ * @param bool $is_drive_size
+ * @param string $beforeunit
+ * @param string $afterunit
+ * @return string
+ */
+function format_bytes($bytes, bool $is_drive_size = true, string $beforeunit = '', string $afterunit = ''): string
 {
-	$btype = ($is_drive_size === true) ? 1000 : 1024;
-    $labels = array('B','KB','MB','GB','TB');
-    for($x = 0; $bytes >= $btype && $x < (count($labels) - 1); $bytes /= $btype, $x++); // use 1000 rather than 1024 to simulate HD size not real size
-    if($labels[$x] == "TB") return(round($bytes, 3).$beforeunit.$labels[$x].$afterunit);
-    elseif($labels[$x] == "GB") return(round($bytes, 2).$beforeunit.$labels[$x].$afterunit);
-    elseif($labels[$x] == "MB") return(round($bytes, 2).$beforeunit.$labels[$x].$afterunit);
-    else return(round($bytes, 0).$beforeunit.$labels[$x].$afterunit);
+    $btype = ($is_drive_size === true) ? 1000 : 1024;
+    $labels = ['B', 'KB', 'MB', 'GB', 'TB'];
+    // use 1000 rather than 1024 to simulate HD size not real size
+    for ($x = 0; $bytes >= $btype && $x < (count($labels) - 1); $bytes /= $btype, $x++) ;
+    if ($labels[$x] == 'TB') {
+        return round($bytes, 3) . $beforeunit . $labels[$x] . $afterunit;
+    } elseif ($labels[$x] == 'GB') {
+        return round($bytes, 2) . $beforeunit . $labels[$x] . $afterunit;
+    } elseif ($labels[$x] == 'MB') {
+        return round($bytes, 2) . $beforeunit . $labels[$x] . $afterunit;
+    } else {
+        return round($bytes, 0) . $beforeunit . $labels[$x] . $afterunit;
+    }
 }

-function get_brightness($hex) {
+function parse_size($size) {
+    $unit = strtolower(substr($size, -1));
+    $bytes = (int)$size;
+    switch($unit) {
+        case 'g': $bytes *= 1024 * 1024 * 1024; break;
+        case 'm': $bytes *= 1024 * 1024; break;
+        case 'k': $bytes *= 1024; break;
+    }
+    return $bytes;
+}
+
+/**
+ * @param $title
+ * @param string $separator
+ * @param string $language
+ * @return string
+ */
+function str_slug($title, string $separator = '-', string $language = 'en'): string
+{
+    return Str::slug($title, $separator, $language);
+}
+
+if (!function_exists('str_is')) {
+    /**
+     * Determine if a given string matches a given pattern.
+     *
+     * @param string|array $pattern
+     * @param string $value
+     * @return bool
+     *
+     * @deprecated Str::is() should be used directly instead. Will be removed in Laravel 6.0.
+     */
+    function str_is($pattern, string $value): bool
+    {
+        return Str::is($pattern, $value);
+    }
+}
+
+/**
+ * @param $hex
+ * @return float|int
+ */
+function get_brightness($hex)
+{
    // returns brightness value from 0 to 255
    // strip off any leading #
-    $hex = str_replace('#', '', $hex);
-    if(strlen($hex) == 3) {
-        $hex = $hex[0].$hex[0].$hex[1].$hex[1].$hex[2].$hex[2];
+    // $hex = str_replace('#', '', $hex);
+    $hex = preg_replace("/[^0-9A-Fa-f]/", '', $hex);
+    if (strlen($hex) == 3) {
+        $hex = $hex[0] . $hex[0] . $hex[1] . $hex[1] . $hex[2] . $hex[2];
    }
-   
+
    $c_r = hexdec(substr($hex, 0, 2));
    $c_g = hexdec(substr($hex, 2, 2));
    $c_b = hexdec(substr($hex, 4, 2));
-   
+
    return (($c_r * 299) + ($c_g * 587) + ($c_b * 114)) / 1000;
 }

-function title_color($hex)
+/**
+ * @param $hex
+ * @return string
+ */
+function title_color($hex): string
 {
-    if(get_brightness($hex) > 130) {
+    if (get_brightness($hex) > 130) {
        return ' black';
    } else {
        return ' white';
    }
 }

-
-function className($name)
+/**
+ * @return string
+ */
+function getLinkTargetAttribute(): string
 {
-    $name = preg_replace('/\PL/u', '', $name);
-    return $name;
+    $target = \App\Setting::fetch('window_target');
+
+    if ($target === 'current') {
+        return '';
+    } else {
+        return ' target="' . $target . '"';
+    }
 }

+/**
+ * @param $name
+ * @return array|string|string[]|null
+ */
+function className($name)
+{
+    return preg_replace('/[^\p{L}\p{N}]/u', '', $name);
+}
+
+/**
+ * @param string $file
+ * @param string $extension
+ * @return bool
+ */
+function isImage(string $file, string $extension): bool
+{
+    $allowedExtensions = ['jpg', 'jpeg', 'png', 'bmp', 'gif', 'svg', 'webp', 'ico'];
+
+    if (!in_array($extension, $allowedExtensions)) {
+        return false;
+    }
+
+    $tempFileName = @tempnam("/tmp", "image-check-");
+    $handle = fopen($tempFileName, "w");
+
+    fwrite($handle, $file);
+    fclose($handle);
+
+    if ($extension === 'svg') {
+        $sanitizer = new Sanitizer();
+        $sanitizedSvg = $sanitizer->sanitize(file_get_contents($tempFileName));
+        file_put_contents($tempFileName, $sanitizedSvg);
+
+        return 'image/svg+xml' === mime_content_type($tempFileName);
+    }
+
+    $size = @getimagesize($tempFileName);
+    return is_array($size) && str_starts_with($size['mime'], 'image');
+}
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -3,12 +3,18 @@
 namespace App\Http\Controllers\Auth;

 use App\Http\Controllers\Controller;
-use Illuminate\Foundation\Auth\AuthenticatesUsers;
 use App\User;
+use Illuminate\Contracts\Foundation\Application;
+use Illuminate\Contracts\View\Factory;
+use Illuminate\Contracts\View\View;
+use Illuminate\Foundation\Auth\AuthenticatesUsers;
+use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\URL;
+use Illuminate\Validation\ValidationException;
+use Symfony\Component\HttpFoundation\Response;

 class LoginController extends Controller
 {
@@ -30,7 +36,7 @@ class LoginController extends Controller
     *
     * @var string
     */
-    protected $redirectTo = '/';
+    protected string $redirectTo = '/';

    /**
     * Create a new controller instance.
@@ -40,10 +46,10 @@ class LoginController extends Controller
    public function __construct()
    {
        Session::put('backUrl', URL::previous());
-        $this->middleware('guest')->except('logout');
+        $this->middleware('guest')->except(['logout','autologin']);
    }

-    public function username()
+    public function username(): string
    {
        return 'username';
    }
@@ -51,15 +57,13 @@ class LoginController extends Controller
    /**
     * Handle a login request to the application.
     *
-     * @param  \Illuminate\Http\Request  $request
-     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response|\Illuminate\Http\JsonResponse
     *
-     * @throws \Illuminate\Validation\ValidationException
+     * @throws ValidationException
     */
-    public function login(Request $request)
+    public function login(Request $request): Response
    {
        $current_user = User::currentUser();
-        $request->merge(['username' => $current_user->username]);
+        $request->merge(['username' => $current_user->username, 'remember' => true]);
        //die(print_r($request->all()));
        $this->validateLogin($request);

@@ -88,39 +92,57 @@ class LoginController extends Controller
    {
    }

-    public function setUser(User $user)
+    public function setUser(User $user): RedirectResponse
    {
        Auth::logout();
        session(['current_user' => $user]);
+
        return redirect()->route('dash');
    }

-    public function autologin($uuid)
+    /**
+     * @param $uuid
+     */
+    public function autologin($uuid): RedirectResponse
    {
+        Auth::logout();
+
        $user = User::where('autologin', $uuid)->first();
-        Auth::login($user);
+
+        if (!$user) {
+            return redirect()->route('dash');
+        }
+
+        Auth::login($user, true);
+
        session(['current_user' => $user]);
+
        return redirect()->route('dash');
    }

    /**
     * Show the application's login form.
     *
-     * @return \Illuminate\Http\Response
+     * @return Application|Factory|View
     */
-    public function showLoginForm()
+    public function showLoginForm(): \Illuminate\View\View
    {
        return view('auth.login');
    }

-    protected function authenticated(Request $request, $user)
+    /**
+     * @param $user
+     */
+    protected function authenticated(Request $request, $user): RedirectResponse
    {
        return back();
    }

+    /**
+     * @return mixed|string
+     */
    public function redirectTo()
    {
        return Session::get('url.intended') ? Session::get('url.intended') : $this->redirectTo;
    }
-
 }
--- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php
@@ -2,10 +2,10 @@

 namespace App\Http\Controllers\Auth;

-use App\User;
 use App\Http\Controllers\Controller;
-use Illuminate\Support\Facades\Validator;
+use App\User;
 use Illuminate\Foundation\Auth\RegistersUsers;
+use Illuminate\Support\Facades\Validator;

 class RegisterController extends Controller
 {
@@ -27,7 +27,7 @@ class RegisterController extends Controller
     *
     * @var string
     */
-    protected $redirectTo = '/';
+    protected string $redirectTo = '/';

    /**
     * Create a new controller instance.
@@ -41,11 +41,8 @@ class RegisterController extends Controller

    /**
     * Get a validator for an incoming registration request.
-     *
-     * @param  array  $data
-     * @return \Illuminate\Contracts\Validation\Validator
     */
-    protected function validator(array $data)
+    protected function validator(array $data): \Illuminate\Contracts\Validation\Validator
    {
        return Validator::make($data, [
            'name' => 'required|string|max:255',
@@ -56,11 +53,8 @@ class RegisterController extends Controller

    /**
     * Create a new user instance after a valid registration.
-     *
-     * @param  array  $data
-     * @return \App\User
     */
-    protected function create(array $data)
+    protected function create(array $data): User
    {
        return User::create([
            'name' => $data['name'],
--- a/app/Http/Controllers/Auth/ResetPasswordController.php
+++ b/app/Http/Controllers/Auth/ResetPasswordController.php
@@ -25,7 +25,7 @@ class ResetPasswordController extends Controller
     *
     * @var string
     */
-    protected $redirectTo = '/';
+    protected string $redirectTo = '/';

    /**
     * Create a new controller instance.
--- a/app/Http/Controllers/Controller.php
+++ b/app/Http/Controllers/Controller.php
@@ -2,16 +2,14 @@

 namespace App\Http\Controllers;

-use Illuminate\Foundation\Bus\DispatchesJobs;
-use Illuminate\Routing\Controller as BaseController;
-use Illuminate\Foundation\Validation\ValidatesRequests;
-use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
-use Illuminate\Support\Facades\Auth;
 use App\User;
+use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
+use Illuminate\Foundation\Validation\ValidatesRequests;
+use Illuminate\Routing\Controller as BaseController;

 class Controller extends BaseController
 {
-    use AuthorizesRequests, DispatchesJobs, ValidatesRequests;
+    use AuthorizesRequests, ValidatesRequests;

    protected $user;

@@ -22,7 +20,6 @@ class Controller extends BaseController
            //print_r($this->user);
            return $next($request);
        });
-        
    }

    public function user()
--- a/app/Http/Controllers/HealthController.php
+++ b/app/Http/Controllers/HealthController.php
@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Item;
+use App\User;
+use Illuminate\Contracts\Container\BindingResolutionException;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\RateLimiter;
+
+class HealthController extends Controller
+{
+    private static function getUsers(): int
+    {
+        return User::count();
+    }
+
+    private static function getItems(): int
+    {
+        return Item::select('id')
+            ->where('deleted_at', null)
+            ->where('type', '0')
+            ->count();
+    }
+
+    /**
+     * Handle the incoming request.
+     *
+     * @return JsonResponse|Response
+     * @throws BindingResolutionException
+     */
+    public function __invoke(Request $request)
+    {
+        $REQUESTS_MAX_PER_MIN = 30;
+        $STATUS_TOO_MANY_REQUESTS = 429;
+
+        if (RateLimiter::remaining('health', $REQUESTS_MAX_PER_MIN) < 1) {
+            return response()->make('Too many attempts.', $STATUS_TOO_MANY_REQUESTS);
+        }
+
+        RateLimiter::hit('health');
+
+        return response()->json([
+            'status' => 'ok',
+            'items' => self::getItems(),
+            'users' => self::getUsers(),
+        ]);
+    }
+}
--- a/app/Http/Controllers/HomeController.php
+++ b/app/Http/Controllers/HomeController.php
@@ -2,7 +2,7 @@

 namespace App\Http\Controllers;

-use Illuminate\Http\Request;
+use Illuminate\Http\RedirectResponse;

 class HomeController extends Controller
 {
@@ -13,15 +13,14 @@ class HomeController extends Controller
     */
    public function __construct()
    {
+        parent::__construct();
        $this->middleware('auth');
    }

    /**
     * Show the application dashboard.
-     *
-     * @return \Illuminate\Http\Response
     */
-    public function index()
+    public function index(): RedirectResponse
    {
        return redirect()->route('dash');
    }
--- a/app/Http/Controllers/ImportController.php
+++ b/app/Http/Controllers/ImportController.php
@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use Illuminate\View\View;
+
+class ImportController extends Controller
+{
+    /**
+     * Instantiate a new controller instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+        $this->middleware('allowed');
+    }
+
+    /**
+     * Handle the incoming request.
+     */
+    public function __invoke(Request $request): View
+    {
+        return view('items.import');
+    }
+}
--- a/app/Http/Controllers/ItemController.php
+++ b/app/Http/Controllers/ItemController.php
@@ -2,44 +2,104 @@

 namespace App\Http\Controllers;

-use Artisan;
 use App\Application;
 use App\Item;
-use App\Setting;
-use App\User;
-use GrahamCampbell\GitHub\Facades\GitHub;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Storage;
-use App\SupportedApps;
 use App\Jobs\ProcessApps;
+use App\User;
+use GuzzleHttp\Client;
+use GuzzleHttp\Exception\ConnectException;
+use GuzzleHttp\Exception\GuzzleException;
+use GuzzleHttp\Exception\ServerException;
+use Illuminate\Contracts\View\View;
+use Illuminate\Database\Eloquent\Collection;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Routing\Redirector;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\URL;
+use Illuminate\Validation\ValidationException;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\StreamInterface;
+use Illuminate\Http\Response;
+use enshrined\svgSanitize\Sanitizer;

 class ItemController extends Controller
 {
    public function __construct()
    {
+        parent::__construct();
        $this->middleware('allowed');
    }
-     /**
+
+    /**
     * Display a listing of the resource on the dashboard.
-     *
-     * @return \Illuminate\Http\Response
     */
-    public function dash()
+    public function dash(Request $request): View
    {
-        $data['apps'] = Item::doesntHave('parents')->pinned()->orderBy('order', 'asc')->get();
-        $data['all_apps'] = Item::doesntHave('parents')->get();
+        $treat_tags_as = \App\Setting::fetch('treat_tags_as');
+
+        $data["treat_tags_as"] = $treat_tags_as;
+
+        if (config('app.auth_roles_enable')) {
+            $roles = explode(config('app.auth_roles_delimiter'), $request->header(config('app.auth_roles_header')));
+            if ($treat_tags_as == 'categories') {
+                $data['categories'] = Item::whereHas('children')->with('children', function ($query) {
+                    $query->pinned()->orderBy('order', 'asc');
+                })->pinned()->orderBy('order', 'asc')->get();
+            } elseif ($treat_tags_as == 'tags') {
+                $data['apps'] = Item::with('parents')->where('type', 0)->pinned()->orderBy('order', 'asc')->get();
+                $data['all_apps'] = Item::where('type', 0)->orderBy('order', 'asc')->get();
+                $data['taglist'] = Item::where('id', 0)->orWhere(function ($query) {
+                    $query->where('type', 1)->pinned();
+                })->orderBy('order', 'asc')->get();
+            } else {
+                $data['apps'] = Item::whereHas('parents', function ($query) {
+                    $query->where('id', 0);
+                })->whereIn('role', $roles)->orWhere('type', 1)->pinned()->orderBy('order', 'asc')->get();
+        
+                $data['all_apps'] = Item::whereHas('parents', function ($query) {
+                    $query->where('id', 0);
+                })->orWhere('type', 1)->orderBy('order', 'asc')->get();
+            }
+        } else {
+            if ($treat_tags_as == 'categories') {
+                $data['categories'] = Item::whereHas('children')->with('children', function ($query) {
+                    $query->pinned()->orderBy('order', 'asc');
+                })->pinned()->orderBy('order', 'asc')->get();
+            } elseif ($treat_tags_as == 'tags') {
+                $data['apps'] = Item::with('parents')->where('type', 0)->pinned()->orderBy('order', 'asc')->get();
+                $data['all_apps'] = Item::where('type', 0)->orderBy('order', 'asc')->get();
+                $data['taglist'] = Item::where('id', 0)->orWhere(function ($query) {
+                    $query->where('type', 1)->pinned();
+                })->orderBy('order', 'asc')->get();
+            } else {
+                $data['apps'] = Item::whereHas('parents', function ($query) {
+                    $query->where('id', 0);
+                })->orWhere('type', 1)->pinned()->orderBy('order', 'asc')->get();
+
+                $data['all_apps'] = Item::whereHas('parents', function ($query) {
+                    $query->where('id', 0);
+                })->orWhere(function ($query) {
+                    $query->where('type', 1)->whereNot('id', 0);
+                })->orderBy('order', 'asc')->get();
+            }
+        }
+
+        //$data['all_apps'] = Item::doesntHave('parents')->get();
+        // die(print_r($data));
        return view('welcome', $data);
    }

-     /**
+    /**
     * Set order on the dashboard.
     *
-     * @return \Illuminate\Http\Response
+     * @return void
     */
    public function setOrder(Request $request)
    {
        $order = array_filter($request->input('order'));
-        foreach($order as $o => $id) {
+        foreach ($order as $o => $id) {
            $item = Item::find($id);
            $item->order = $o;
            $item->save();
@@ -49,216 +109,293 @@ class ItemController extends Controller
    /**
     * Pin item on the dashboard.
     *
-     * @return \Illuminate\Http\Response
+     * @param $id
     */
-    public function pin($id)
+    public function pin($id): RedirectResponse
    {
        $item = Item::findOrFail($id);
        $item->pinned = true;
        $item->save();
-        $route = route('dash', [], false);
+        $route = route('dash', []);
+
        return redirect($route);
    }

-     /**
+    /**
     * Unpin item on the dashboard.
     *
-     * @return \Illuminate\Http\Response
+     * @param $id
     */
-    public function unpin($id)
+    public function unpin($id): RedirectResponse
    {
        $item = Item::findOrFail($id);
        $item->pinned = false;
        $item->save();
-        $route = route('dash', [], false);
+        $route = route('dash', []);
+
        return redirect($route);
    }

-     /**
+    /**
     * Unpin item on the dashboard.
     *
-     * @return \Illuminate\Http\Response
+     * @return RedirectResponse|View
     */
-    public function pinToggle($id, $ajax=false)
+    public function pinToggle($id, $ajax = false, $tag = false)
    {
        $item = Item::findOrFail($id);
-        $new = ((bool)$item->pinned === true) ? false : true;
+        $new = !(((bool)$item->pinned === true));
        $item->pinned = $new;
        $item->save();
-        if($ajax) {
-            $data['apps'] = Item::pinned()->get();
+
+        if ($ajax) {
+            $item = Item::whereId($tag)->first();
+
+            $data['apps'] = new Collection;
+
+            if ((int)$tag === 0) {
+                $tags = Item::where('type', 1)->pinned()->orderBy('order', 'asc')->get();
+                $data['apps'] = $data['apps']->merge($tags);
+            }
+
+            $apps = $item->children()->pinned()->orderBy('order', 'asc')->get();
+            $data['apps'] = $data['apps']->merge($apps);
+
+
            $data['ajax'] = true;
+
            return view('sortable', $data);
        } else {
-            $route = route('dash', [], false);
+            $route = route('dash', []);
+
            return redirect($route);
-            }
+        }
    }

-   
    /**
     * Display a listing of the resource.
-     *
-     * @return \Illuminate\Http\Response
     */
-    public function index(Request $request)
+    public function index(Request $request): View
    {
        $trash = (bool)$request->input('trash');

        $data['apps'] = Item::ofType('item')->orderBy('title', 'asc')->get();
        $data['trash'] = Item::ofType('item')->onlyTrashed()->get();
-        if($trash) {
+        if ($trash) {
            return view('items.trash', $data);
        } else {
            return view('items.list', $data);
        }
    }

-
    /**
     * Show the form for creating a new resource.
-     *
-     * @return \Illuminate\Http\Response
     */
-    public function create()
+    public function create(): View
    {
        //
+        $data['item'] = new \App\Item();
        $data['tags'] = Item::ofType('tag')->orderBy('title', 'asc')->pluck('title', 'id');
-        $data['current_tags'] = [];
-        return view('items.create', $data);
+        $data['tags']->prepend(__('app.dashboard'), 0);
+        $data['current_tags'] = '0';

+        return view('items.create', $data);
    }

    /**
-     * Store a newly created resource in storage.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @return \Illuminate\Http\Response
+     * Show the form for editing the specified resource.
     */
-    public function store(Request $request)
+    public function edit(int $id): View
    {
-        //
+        // Get the item
+        $item = Item::find($id);
+        if ($item->appid === null && $item->class !== null) { // old apps won't have an app id so set it
+            $app = Application::where('class', $item->class)->first();
+            if ($app) {
+                $item->appid = $app->appid;
+            }
+        }
+        $data['item'] = $item;
+        $data['tags'] = Item::ofType('tag')->orderBy('title', 'asc')->pluck('title', 'id');
+        $data['tags']->prepend(__('app.dashboard'), 0);
+        $data['current_tags'] = $data['item']->tags();
+        //$data['current_tags'] = $data['item']->parent;
+        //die(print_r($data['current_tags']));
+        // show the edit form and pass the nerd
+        return view('items.edit', $data);
+    }
+
+    /**
+     * @param null $id
+     * @throws ValidationException
+     */
+    public static function storelogic(Request $request, $id = null): Item
+    {
+        $application = Application::single($request->input('appid'));
        $validatedData = $request->validate([
            'title' => 'required|max:255',
-            'url' => 'required|url',
+            'url' => 'required',
+            'file' => 'image'
        ]);

-        if($request->hasFile('file')) {
-            $path = $request->file('file')->store('icons');
+        if ($request->hasFile('file')) {
+            $image = $request->file('file');
+            $extension = $image->getClientOriginalExtension();
+
+            if ($extension === 'svg') {
+                $sanitizer = new Sanitizer();
+                $sanitizedSvg = $sanitizer->sanitize(file_get_contents($image->getRealPath()));
+
+                // Verify that the sanitization removed malicious content
+                if (strpos($sanitizedSvg, '<script>') !== false) {
+                    throw ValidationException::withMessages(['file' => 'SVG contains malicious content and cannot be uploaded.']);
+                }
+
+                // Save the sanitized SVG back to the file
+                file_put_contents($image->getRealPath(), $sanitizedSvg);
+            }
+
+            $path = $image->store('icons', 'public');
            $request->merge([
-                'icon' => $path
+                'icon' => $path,
+            ]);
+        } elseif (strpos($request->input('icon'), 'http') === 0) {
+            $options = [
+                "ssl" => [
+                    "verify_peer" => false,
+                    "verify_peer_name" => false,
+                ],
+            ];
+
+            // Proxy management
+            $httpsProxy = getenv('HTTPS_PROXY');
+            $httpsProxyLower = getenv('https_proxy');
+            if ($httpsProxy !== false || $httpsProxyLower !== false) {
+                $options['proxy']['http'] = $httpsProxy ?: $httpsProxyLower;
+            }
+
+            $file = $request->input('icon');
+            $path_parts = pathinfo($file);
+            if (!array_key_exists('extension', $path_parts)) {
+                throw ValidationException::withMessages(['file' => 'Icon URL must have a valid file extension.']);
+            }
+            $extension = $path_parts['extension'];
+
+            $contents = file_get_contents($request->input('icon'), false, stream_context_create($options));
+
+            if ($extension === 'svg') {
+                $sanitizer = new Sanitizer();
+                $contents = $sanitizer->sanitize($contents);
+
+                // Verify that the sanitization removed malicious content
+                if (strpos($contents, '<script>') !== false) {
+                    throw ValidationException::withMessages(['file' => 'SVG contains malicious content and cannot be uploaded.']);
+                }
+            }
+
+            if (!isImage($contents, $extension)) {
+                throw ValidationException::withMessages(['file' => 'Icon must be an image.']);
+            }
+
+            $path = 'icons/' . ($application ? $application->icon : md5($contents) . '.' . $extension);
+
+            // Private apps could have here duplicated icons folder
+            if (strpos($path, 'icons/icons/') !== false) {
+                $path = str_replace('icons/icons/', 'icons/', $path);
+            }
+            if (!Storage::disk('public')->exists($path)) {
+                Storage::disk('public')->put($path, $contents);
+            }
+            $request->merge([
+                'icon' => $path,
            ]);
        }

        $config = Item::checkConfig($request->input('config'));
+
+        // Don't overwrite the stored password if it wasn't submitted when updating the item
+        if ($id !== null && strpos($config, '"password":null') !== false) {
+            $storedItem = Item::find($id);
+            $storedConfigObject = json_decode($storedItem->getAttribute('description'));
+
+            $configObject = json_decode($config);
+            if ($storedConfigObject && property_exists($storedConfigObject, 'password')) {
+                $configObject->password = $storedConfigObject->password;
+            } else {
+                $configObject->password = null;
+            }
+
+            $config = json_encode($configObject);
+        }
+
        $current_user = User::currentUser();
        $request->merge([
            'description' => $config,
-            'user_id' => $current_user->id
+            'user_id' => $current_user->getId(),
        ]);

-        if($request->input('class') === 'null') {
+        if ($request->input('appid') === 'null' || $request->input('appid') === null) {
            $request->merge([
                'class' => null,
            ]);
+        } else {
+            $request->merge([
+                'class' => Application::classFromName($application->name),
+            ]);
        }

-
-        //die(print_r($request->input('config')));
-        
-        $item = Item::create($request->all());
+        if ($id === null) {
+            $item = Item::create($request->all());
+        } else {
+            $item = Item::find($id);
+            $item->update($request->all());
+        }

        $item->parents()->sync($request->tags);
+        return $item;
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     */
+    public function store(Request $request): RedirectResponse
+    {
+        self::storelogic($request);
+
+        $route = route('dash', []);

-        $route = route('dash', [], false);
        return redirect($route)
            ->with('success', __('app.alert.success.item_created'));
    }

    /**
     * Display the specified resource.
-     *
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
     */
-    public function show($id)
+    public function show(int $id): void
    {
        //
    }

-    /**
-     * Show the form for editing the specified resource.
-     *
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
-     */
-    public function edit($id)
-    {
-        // Get the item
-        $data['item'] = Item::find($id);
-        $data['tags'] = Item::ofType('tag')->orderBy('title', 'asc')->pluck('title', 'id');
-        $data['current_tags'] = $data['item']->parents;
-
-        // show the edit form and pass the nerd
-        return view('items.edit', $data);    
-    }
-
    /**
     * Update the specified resource in storage.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, $id)
+    public function update(Request $request, int $id): RedirectResponse
    {
-        $validatedData = $request->validate([
-            'title' => 'required|max:255',
-            'url' => 'required|url',
-        ]);
-            //die(print_r($request->all()));
-        if($request->hasFile('file')) {
-            $path = $request->file('file')->store('icons');
-            $request->merge([
-                'icon' => $path
-            ]);
-        }
-        
-        $config = Item::checkConfig($request->input('config'));
-        $current_user = User::currentUser();
-        $request->merge([
-            'description' => $config,
-            'user_id' => $current_user->id
-        ]);
+        self::storelogic($request, $id);
+        $route = route('dash', []);

-        if($request->input('class') === 'null') {
-            $request->merge([
-                'class' => null,
-            ]);
-        }
-
-
-        $item = Item::find($id);
-        $item->update($request->all());
-
-        $item->parents()->sync($request->tags);
-
-        $route = route('dash', [], false);
        return redirect($route)
-            ->with('success',__('app.alert.success.item_updated'));
+            ->with('success', __('app.alert.success.item_updated'));
    }

    /**
     * Remove the specified resource from storage.
-     *
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
     */
-    public function destroy(Request $request, $id)
+    public function destroy(Request $request, int $id): RedirectResponse
    {
        //
        $force = (bool)$request->input('force');
-        if($force) {
+        if ($force) {
            Item::withTrashed()
                ->where('id', $id)
                ->forceDelete();
@@ -266,98 +403,214 @@ class ItemController extends Controller
            Item::find($id)->delete();
        }

-        $route = route('items.index', [], false);
-        return redirect($route)       
-            ->with('success',__('app.alert.success.item_deleted'));
+        $route = route('items.index', []);
+
+        return redirect($route)
+            ->with('success', __('app.alert.success.item_deleted'));
    }

    /**
     * Restore the specified resource from soft deletion.
-     *
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
     */
-    public function restore($id)
+    public function restore(int $id): RedirectResponse
    {
        //
        Item::withTrashed()
-                ->where('id', $id)
-                ->restore();      
-        
-        $route = route('items.inded', [], false);
+            ->where('id', $id)
+            ->restore();
+
+        $route = route('items.index', []);
+
        return redirect($route)
-            ->with('success',__('app.alert.success.item_restored'));
+            ->with('success', __('app.alert.success.item_restored'));
    }

    /**
     * Return details for supported apps
     *
-     * @return Json
+     * @throws GuzzleException
     */
-    public function appload(Request $request)
+    public function appload(Request $request): ?string
    {
        $output = [];
-        $appname = $request->input('app');
-        //die($appname);
+        $appid = $request->input('app');
+        $itemId = $request->input('item_id');

-        $app_details = Application::where('name', $appname)->firstOrFail();
-        $appclass = $app_details->class();
-        $app = new $appclass;
-
-        // basic details
-        $output['icon'] = $app_details->icon();
-        $output['name'] = $app_details->name;
-        $output['iconview'] = $app_details->iconView();
-        $output['colour'] = $app_details->defaultColour();
-        $output['class'] = $appclass;
-
-        // live details
-        if($app instanceof \App\EnhancedApps) {
-            $output['config'] = className($app_details->name).'.config';
-        } else {
-            $output['config'] = null;
+        if ($appid === 'null') {
+            return null;
        }
-        
+
+        $app = Application::single($appid);
+
+        if (!$app) {
+            return response()->json(['error' => 'Application not found.'], 404);
+        }
+
+        $output = (array)$app;
+
+        $appdetails = Application::getApp($appid);
+
+        if (!$appdetails) {
+            return response()->json(['error' => 'Application details not found.'], 404);
+        }
+
+        if ((bool)$app->enhanced === true) {
+            $item = $itemId ? Item::find($itemId) : Item::where('appid', $appid)->first();
+
+            if ($item) {
+                $output['custom'] = className($appdetails->name) . '.config';
+                $output['appvalue'] = $item->description;
+            } else {
+                // Ensure the app is installed if not found
+                $output['custom'] = className($appdetails->name) . '.config';
+                $output['appvalue'] = null;
+            }
+        }
+
+        $output['colour'] = ($app->tile_background == 'light') ? '#fafbfc' : '#161b1f';
+
+        if (strpos($app->icon, '://') !== false) {
+            $output['iconview'] = $app->icon;
+        } elseif (strpos($app->icon, 'icons/') !== false) {
+            $output['iconview'] = URL::to('/') . '/storage/' . $app->icon;
+            $output['icon'] = str_replace('icons/', '', $output['icon']);
+        } else {
+            $output['iconview'] = config('app.appsource') . 'icons/' . $app->icon;
+        }
+
        return json_encode($output);
    }

+    /**
+     * @return void
+     */
    public function testConfig(Request $request)
    {
        $data = $request->input('data');
        //$url = $data[array_search('url', array_column($data, 'name'))]['value'];
-        
-        $app = $data['type'];
+        $single = Application::single($data['type']);
+        $app = $single->class;
+
+        // If password is not resubmitted fill it from the database when in edit mode
+        if (array_key_exists('password', $data) &&
+            $data['password'] === null &&
+            array_key_exists('id', $data)
+        ) {
+            $item = Item::find($data['id']);
+            if ($item) {
+                $itemConfig = $item->getConfig();
+                $data['password'] = $itemConfig->password;
+            }
+        }

        $app_details = new $app();
        $app_details->config = (object)$data;
        $app_details->test();
    }

+    /**
+     * @param $url
+     * @param array|bool $overridevars
+     * @throws GuzzleException
+     */
+    public function execute($url, array $attrs = [], $overridevars = false): ?ResponseInterface
+    {
+        // Default Guzzle client configuration
+        $clientOptions = [
+            'http_errors' => false,
+            'timeout' => 15,
+            'connect_timeout' => 15,
+            'verify' => false, // In production, set this to `true` and manage certs.
+        ];
+
+        // If the user provided overrides, use them.
+        if ($overridevars !== false) {
+            $clientOptions = $overridevars;
+        }
+
+        // Resolve the hostname to an IP address
+        $host = parse_url($url, PHP_URL_HOST);
+        $ip = gethostbyname($host);
+
+        // Check if the IP is private or reserved
+        $allowInternalIps = env('ALLOW_INTERNAL_REQUESTS', false);
+        if (!$allowInternalIps && filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) === false) {
+            Log::warning('Blocked access to private or reserved IPs.', ['ip' => $ip, 'host' => $host]);
+            abort(Response::HTTP_FORBIDDEN, 'Access to private or reserved IPs is not allowed.');
+        }
+
+        // Force Guzzle to use the resolved IP address
+        $clientOptions['curl'][CURLOPT_RESOLVE] = ["{$host}:80:{$ip}", "{$host}:443:{$ip}"];
+
+        $client = new Client($clientOptions);
+        $method = 'GET';
+
+        try {
+            return $client->request($method, $url, $attrs);
+        } catch (ConnectException $e) {
+            Log::warning('SSRF Attempt Blocked: Connection to a private IP was prevented.', [
+                'url' => $url,
+                'error' => $e->getMessage()
+            ]);
+            return null;
+        } catch (ServerException $e) {
+            Log::debug($e->getMessage());
+        } catch (\Exception $e) {
+            Log::error('General error: ' . $e->getMessage());
+        }
+
+        return null;
+    }
+
+    /**
+     * @param $url
+     * @throws GuzzleException
+     */
+    public function websitelookup($url): StreamInterface
+    {
+        $decodedUrl = base64_decode($url);
+
+        // Validate the URL format.
+        if (filter_var($decodedUrl, FILTER_VALIDATE_URL) === false) {
+            abort(Response::HTTP_BAD_REQUEST, 'Invalid URL format provided.');
+        }
+
+        $response = $this->execute($decodedUrl);
+
+        // If execute() returns null, it means the connection failed.
+        // This can happen for many reasons, including our SSRF protection kicking in.
+        if ($response === null) {
+            abort(Response::HTTP_FORBIDDEN, 'Access to the requested resource is not allowed or the resource is unavailable.');
+        }
+    
+        return $response->getBody();
+    }
+
+    /**
+     * @param $id
+     * @return void
+     */
    public function getStats($id)
    {
        $item = Item::find($id);

        $config = $item->getconfig();
-        if(isset($item->class)) {
+        if (isset($item->class)) {
            $application = new $item->class;
            $application->config = $config;
            echo $application->livestats();
        }
-        
    }

-
-    public function checkAppList()
+    /**
+     * @return \Illuminate\Contracts\Foundation\Application|RedirectResponse|Redirector
+     */
+    public function checkAppList(): RedirectResponse
    {
        ProcessApps::dispatch();
        $route = route('items.index');
+
        return redirect($route)
            ->with('success', __('app.alert.success.updating'));
-
    }
-
-    
-    
-
-    
 }
--- a/app/Http/Controllers/ItemRestController.php
+++ b/app/Http/Controllers/ItemRestController.php
@@ -0,0 +1,93 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Item;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Collection;
+
+class ItemRestController extends Controller
+{
+    public function __construct()
+    {
+        parent::__construct();
+        $this->middleware('allowed');
+    }
+
+    /**
+     * Display a listing of the resource.
+     */
+    public function index(): Collection
+    {
+        $columns = [
+            'title',
+            'colour',
+            'url',
+            'description',
+            'appid',
+            'appdescription',
+        ];
+
+        return Item::select($columns)
+            ->where('deleted_at', null)
+            ->where('type', '0')
+            ->orderBy('order', 'asc')
+            ->get();
+    }
+
+    /**
+     * Show the form for creating a new resource.
+     *
+     * @return void
+     */
+    public function create()
+    {
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     */
+    public function store(Request $request): object
+    {
+        $item = ItemController::storelogic($request);
+
+        if ($item) {
+            return (object) ['status' => 'OK'];
+        }
+
+        return (object) ['status' => 'FAILED'];
+    }
+
+    /**
+     * Display the specified resource.
+     */
+    public function show(Item $item): Response
+    {
+        //
+    }
+
+    /**
+     * Show the form for editing the specified resource.
+     */
+    public function edit(Item $item): Response
+    {
+        //
+    }
+
+    /**
+     * Update the specified resource in storage.
+     */
+    public function update(Request $request, Item $item): Response
+    {
+        //
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     */
+    public function destroy(Item $item): Response
+    {
+        //
+    }
+}
--- a/app/Http/Controllers/SearchController.php
+++ b/app/Http/Controllers/SearchController.php
@@ -0,0 +1,139 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Search;
+use Illuminate\Contracts\Foundation\Application;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Routing\Redirector;
+use Illuminate\Support\Facades\Http;
+
+class SearchController extends Controller
+{
+    /**
+     * @return Application|RedirectResponse|Redirector|mixed|void
+     */
+    public function index(Request $request)
+    {
+        $requestprovider = $request->input('provider');
+        $query = $request->input('q');
+
+        // Sanitize the query to prevent XSS
+        $query = htmlspecialchars($query, ENT_QUOTES, 'UTF-8'); 
+
+        $provider = Search::providerDetails($requestprovider);
+
+        if (!$provider || !isset($provider->type)) {
+            abort(404, 'Invalid provider');
+        }
+
+        // If the query is empty, redirect to the provider's base URL
+        if (!$query || trim($query) === '') {
+            return redirect($provider->url);
+        }
+
+        if ($provider->type == 'standard') {
+            return redirect($provider->url.'?'.$provider->query.'='.urlencode($query));
+        } elseif ($provider->type == 'external') {
+            $class = new $provider->class;
+            return $class->getResults($query, $provider);
+        }
+
+        abort(404, 'Provider type not supported');
+    }
+
+    /**
+     * Get autocomplete suggestions for a search query
+     *
+     * @return JsonResponse
+     */
+    public function autocomplete(Request $request)
+    {
+        $requestprovider = $request->input('provider');
+        $query = $request->input('q');
+
+        if (!$query || trim($query) === '') {
+            return response()->json([]);
+        }
+
+        $provider = Search::providerDetails($requestprovider);
+
+        if (!$provider || !isset($provider->autocomplete)) {
+            return response()->json([]);
+        }
+
+        // Replace {query} placeholder with actual query
+        $autocompleteUrl = str_replace('{query}', urlencode($query), $provider->autocomplete);
+
+        try {
+            $response = Http::timeout(5)->get($autocompleteUrl);
+
+            if ($response->successful()) {
+                $data = $response->body();
+                
+                // Parse the response based on provider
+                $suggestions = $this->parseAutocompleteResponse($data, $provider->id);
+                
+                return response()->json($suggestions);
+            }
+        } catch (\Exception $e) {
+            // Return empty array on error
+            return response()->json([]);
+        }
+
+        return response()->json([]);
+    }
+
+    /**
+     * Parse autocomplete response based on provider format
+     *
+     * @param string $data
+     * @param string $providerId
+     * @return array
+     */
+    private function parseAutocompleteResponse($data, $providerId)
+    {
+        $suggestions = [];
+
+        switch ($providerId) {
+            case 'google':
+                // Google returns XML format
+                if (strpos($data, '<?xml') === 0) {
+                    $xml = simplexml_load_string($data);
+                    if ($xml && isset($xml->CompleteSuggestion)) {
+                        foreach ($xml->CompleteSuggestion as $suggestion) {
+                            if (isset($suggestion->suggestion['data'])) {
+                                $suggestions[] = (string) $suggestion->suggestion['data'];
+                            }
+                        }
+                    }
+                }
+                break;
+
+            case 'bing':
+            case 'ddg':
+                // Bing and DuckDuckGo return JSON array format
+                $json = json_decode($data, true);
+                if (is_array($json) && isset($json[1]) && is_array($json[1])) {
+                    $suggestions = $json[1];
+                }
+                break;
+
+            default:
+                // Try to parse as JSON array
+                $json = json_decode($data, true);
+                if (is_array($json)) {
+                    if (isset($json[1]) && is_array($json[1])) {
+                        $suggestions = $json[1];
+                    } else {
+                        $suggestions = $json;
+                    }
+                }
+                break;
+        }
+
+        return $suggestions;
+    }
+}
--- a/app/Http/Controllers/SettingsController.php
+++ b/app/Http/Controllers/SettingsController.php
@@ -2,24 +2,23 @@

 namespace App\Http\Controllers;

-use Illuminate\Http\Request;
 use App\Setting;
 use App\SettingGroup;
-use App\User;
-use Illuminate\Support\Facades\Auth;
-use App\Http\Controllers\Controller;
+use Exception;
+use enshrined\svgSanitize\Sanitizer;
+use Illuminate\Contracts\View\View;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;

 class SettingsController extends Controller
 {
    public function __construct()
    {
+        parent::__construct();
        $this->middleware('allowed');
    }

-    /**
-     * @return \Illuminate\View\View
-     */
-    public function index()
+    public function index(): View
    {
        $settings = SettingGroup::with([
            'settings',
@@ -31,91 +30,113 @@ class SettingsController extends Controller
    }

    /**
-     * @param int $id
     *
-     * @return \Illuminate\Http\RedirectResponse
+     * @return RedirectResponse|View
     */
-    public function edit($id)
+    public function edit(int $id)
    {
        $setting = Setting::find($id);
        //die("s: ".$setting->label);

-        if((bool)$setting->system === true) return abort(404);
+        if ((bool) $setting->system === true) {
+            return abort(404);
+        }

-        if (!is_null($setting)) {
+        if (! is_null($setting)) {
            return view('settings.edit')->with([
                'setting' => $setting,
+                'value' => $setting->value,
            ]);
        } else {
-            $route = route('settings.list', [], false);
-            return redirect($route) 
+            $route = route('settings.list', []);
+
+            return redirect($route)
            ->with([
-                'error' => __('app.alert.error.not_exist'),
+                'errors' => collect([__('app.alert.error.not_exist')]),
            ]);
        }
    }

-    /**
-     * @param int $id
-     *
-     * @return \Illuminate\Http\RedirectResponse
-     */
-    public function update(Request $request, $id)
+    public function update(Request $request, int $id): RedirectResponse
    {
        $setting = Setting::find($id);
        $user = $this->user();
+        $route = route('settings.index', []);

-        if (!is_null($setting)) {
-            $data = Setting::getInput();
+        try {
+            if (is_null($setting)) {
+                throw new Exception('not_exists');
+            }

-            $setting_value = null;
+            if ($setting->type === 'image') {
+                $validatedData = $request->validate([
+                    'value' => 'image',
+                ]);

-            if ($setting->type == 'image') {
-
-
-                if($request->hasFile('value')) {
-                    $path = $request->file('value')->store('backgrounds');
-                    $setting_value = $path;
+                if (!$request->hasFile('value')) {
+                    throw new \Exception('file_too_big');
                }
-            
+
+                $image = $request->file('value');
+                $extension = $image->getClientOriginalExtension();
+
+                if ($extension === 'svg') {
+                    $sanitizer = new Sanitizer();
+                    $sanitizedSvg = $sanitizer->sanitize(file_get_contents($image->getRealPath()));
+
+                    // Verify that the sanitization removed malicious content
+                    if (strpos($sanitizedSvg, '<script>') !== false) {
+                        throw new \Exception('SVG contains malicious content and cannot be uploaded.');
+                    }
+
+                    // Save the sanitized SVG back to the file
+                    file_put_contents($image->getRealPath(), $sanitizedSvg);
+                }
+
+                $path = $image->store('backgrounds', 'public');
+
+                if ($path === null) {
+                    throw new \Exception('file_not_stored');
+                }
+
+                $setting_value = $path;
            } else {
+                $data = Setting::getInput($request);
                $setting_value = $data->value;
            }

            $user->settings()->detach($setting->id);
            $user->settings()->save($setting, ['uservalue' => $setting_value]);
-            
-            $route = route('settings.index', [], false);
-            return redirect($route) 
-            ->with([
-                'success' => __('app.alert.success.setting_updated'),
-            ]);
-        } else {
-            $route = route('settings.index', [], false);
-            return redirect($route) 
-            ->with([
-                'error' => __('app.alert.error.not_exist'),
-            ]);
+
+            return redirect($route)
+                ->with([
+                    'success' => __('app.alert.success.setting_updated'),
+                ]);
+        } catch (Exception $e) {
+            return redirect($route)
+                ->with([
+                    'errors' => collect([__('app.alert.error.' . $e->getMessage())]),
+                ]);
        }
    }
-    /**
-     * @param int $id
-     *
-     * @return \Illuminate\Http\RedirectResponse
-     */
-    public function clear($id)
+
+    public function clear(int $id): RedirectResponse
    {
        $user = $this->user();
        $setting = Setting::find($id);
-        if((bool)$setting->system !== true) {
+        if ((bool) $setting->system !== true) {
            $user->settings()->detach($setting->id);
            $user->settings()->save($setting, ['uservalue' => '']);
        }
-        $route = route('settings.index', [], false);
-        return redirect($route) 
+        $route = route('settings.index', []);
+
+        return redirect($route)
        ->with([
            'success' => __('app.alert.success.setting_updated'),
        ]);
-    
+    }
+
+    public function search(Request $request)
+    {
    }
 }
--- a/app/Http/Controllers/TagController.php
+++ b/app/Http/Controllers/TagController.php
@@ -2,10 +2,13 @@

 namespace App\Http\Controllers;

-use Illuminate\Http\Request;
 use App\Item;
 use App\User;
-use DB;
+use Illuminate\Contracts\Foundation\Application;
+use Illuminate\Contracts\View\Factory;
+use Illuminate\Contracts\View\View;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;

 class TagController extends Controller
 {
@@ -13,18 +16,19 @@ class TagController extends Controller
    {
        $this->middleware('allowed');
    }
+
    /**
     * Display a listing of the resource.
     *
-     * @return \Illuminate\Http\Response
+     * @return Application|Factory|View
     */
-    public function index(Request $request)
+    public function index(Request $request): \Illuminate\View\View
    {
-        $trash = (bool)$request->input('trash');
+        $trash = (bool) $request->input('trash');

-        $data['apps'] = Item::ofType('tag')->orderBy('title', 'asc')->get();
-        $data['trash'] = Item::ofType('tag')->onlyTrashed()->get();
-        if($trash) {
+        $data['apps'] = Item::ofType('tag')->where('id', '>', 0)->orderBy('title', 'asc')->get();
+        $data['trash'] = Item::ofType('tag')->where('id', '>', 0)->onlyTrashed()->get();
+        if ($trash) {
            return view('tags.trash', $data);
        } else {
            return view('tags.list', $data);
@@ -34,34 +38,33 @@ class TagController extends Controller
    /**
     * Show the form for creating a new resource.
     *
-     * @return \Illuminate\Http\Response
+     * @return Application|Factory|View
     */
-    public function create()
+    public function create(): \Illuminate\View\View
    {
        $data = [];
+
        return view('tags.create', $data);
    }

    /**
     * Store a newly created resource in storage.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(Request $request): RedirectResponse
    {
        $validatedData = $request->validate([
            'title' => 'required|max:255',
+            'file' => 'image'
        ]);

-        if($request->hasFile('file')) {
-            $path = $request->file('file')->store('icons');
+        if ($request->hasFile('file')) {
+            $path = $request->file('file')->store('icons', 'public');
            $request->merge([
-                'icon' => $path
+                'icon' => $path,
            ]);
        }

-        $slug = str_slug($request->title, '-');
+        $slug = str_slug($request->title, '-', 'en_US');

        $current_user = User::currentUser();

@@ -69,12 +72,13 @@ class TagController extends Controller
        $request->merge([
            'type' => '1',
            'url' => $slug,
-            'user_id' => $current_user->id
+            'user_id' => $current_user->getId(),
        ]);
        //die(print_r($request->all()));
        Item::create($request->all());

-        $route = route('dash', [], false);
+        $route = route('dash', []);
+
        return redirect($route)
            ->with('success', __('app.alert.success.tag_created'));
    }
@@ -82,120 +86,126 @@ class TagController extends Controller
    /**
     * Display the specified resource.
     *
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @param $slug
     */
-    public function show($slug)
+    public function show($slug, Request $request): View
    {
        $item = Item::whereUrl($slug)->first();
        //print_r($item);
-        $data['apps'] = $item->children()->pinned()->orderBy('order', 'asc')->get();
+        if (config('app.auth_roles_enable')) {
+            $roles = explode(config('app.auth_roles_delimiter'), $request->header(config('app.auth_roles_header')));
+            $data['apps'] = $item->children()->whereIn('role', $roles)->pinned()->orderBy('order', 'asc')->get();
+        } else {
+            $data['apps'] = $item->children()->pinned()->orderBy('order', 'asc')->get();
+        }
+        $data['tag'] = $item->id;
        $data['all_apps'] = $item->children;
+
+        $data['taglist'] = Item::ofType('tag')->where('id', '>', 0)->orderBy('title', 'asc')->get();
+
        return view('welcome', $data);
    }

    /**
     * Show the form for editing the specified resource.
-     *
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
     */
-    public function edit($id)
+    public function edit(int $id): View
    {
        // Get the item
        $item = Item::find($id);

        // show the edit form and pass the nerd
        return view('tags.edit')
-            ->with('item', $item);    
+            ->with('item', $item);
    }

    /**
     * Update the specified resource in storage.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, $id)
+    public function update(Request $request, int $id): RedirectResponse
    {
        $validatedData = $request->validate([
            'title' => 'required|max:255',
+            'file' => 'image'
        ]);

-        if($request->hasFile('file')) {
-            $path = $request->file('file')->store('icons');
+        if ($request->hasFile('file')) {
+            $path = $request->file('file')->store('icons', 'public');
            $request->merge([
-                'icon' => $path
+                'icon' => $path,
            ]);
        }

-        $slug = str_slug($request->title, '-');
+        $slug = str_slug($request->title, '-', 'en_US');
        // set item type to tag
        $request->merge([
-            'url' => $slug
+            'url' => $slug,
        ]);

        Item::find($id)->update($request->all());

-        $route = route('dash', [], false);
+        $route = route('dash', []);
+
        return redirect($route)
-        ->with('success',__('app.alert.success.tag_updated'));
+        ->with('success', __('app.alert.success.tag_updated'));
    }

    /**
     * Remove the specified resource from storage.
-     *
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
     */
-    public function destroy(Request $request, $id)
+    public function destroy(Request $request, int $id): RedirectResponse
    {
        //
-        $force = (bool)$request->input('force');
-        if($force) {
+        $force = (bool) $request->input('force');
+        if ($force) {
            Item::withTrashed()
                ->where('id', $id)
                ->forceDelete();
        } else {
            Item::find($id)->delete();
        }
-        
-        $route = route('tags.index', [], false);
+
+        $route = route('tags.index', []);
+
        return redirect($route)
-            ->with('success',__('app.alert.success.item_deleted'));
+            ->with('success', __('app.alert.success.item_deleted'));
    }

    /**
     * Restore the specified resource from soft deletion.
-     *
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
     */
-    public function restore($id)
+    public function restore(int $id): RedirectResponse
    {
        //
        Item::withTrashed()
                ->where('id', $id)
-                ->restore();        
-        $route = route('tags.index', [], false);
+                ->restore();
+        $route = route('tags.index', []);
+
        return redirect($route)
-            ->with('success',__('app.alert.success.item_restored'));
+            ->with('success', __('app.alert.success.item_restored'));
    }

-    public function add($tag, $item)
+    /**
+     * Add item to tag
+     *
+     * @param $tag
+     * @param $item
+     * @return int 1|0
+     */
+    public function add($tag, $item): int
    {
-        $output = 0;
        $tag = Item::find($tag);
        $item = Item::find($item);
-        if($tag && $item) {
+        if ($tag && $item) {
            // only add items, not cats
-            if((int)$item->type === 0) {
+            if ((int) $item->type === 0) {
                $tag->children()->attach($item);
+
                return 1;
            }
        }
-        return $output;
-    }

+        return 0;
+    }
 }
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -2,62 +2,60 @@

 namespace App\Http\Controllers;

-use Illuminate\Http\Request;
-use App\Http\Controllers\Controller;
 use App\User;
-use Illuminate\Support\Str;
+use Illuminate\Contracts\View\View;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Str;

 class UserController extends Controller
 {
    public function __construct()
    {
+        parent::__construct();
        $this->middleware('allowed')->except(['selectUser']);
    }
+
    /**
     * Display a listing of the resource.
-     *
-     * @return \Illuminate\Http\Response
     */
-    public function index()
+    public function index(): View
    {
        $data['users'] = User::all();
+
        return view('users.index', $data);
    }

    /**
     * Show the form for creating a new resource.
-     *
-     * @return \Illuminate\Http\Response
     */
-    public function create()
+    public function create(): View
    {
        $data = [];
+
        return view('users.create', $data);
    }

-    public function selectUser()
+    public function selectUser(): \Illuminate\View\View
    {
        Auth::logout();
        $data['users'] = User::all();
-        return view('userselect', $data);

+        return view('userselect', $data);
    }

    /**
     * Store a newly created resource in storage.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @return \Illuminate\Http\Response
     */
-    public function store(Request $request)
+    public function store(Request $request): RedirectResponse
    {
        $validatedData = $request->validate([
            'username' => 'required|max:255|unique:users',
            'email' => 'required|email',
            'password' => 'nullable|confirmed',
-            'password_confirmation' => 'nullable'
-
+            'password_confirmation' => 'nullable',
+            'file' => 'image'
        ]);
        $user = new User;
        $user->username = $request->input('username');
@@ -65,111 +63,102 @@ class UserController extends Controller
        $user->public_front = $request->input('public_front');

        $password = $request->input('password');
-        if(!empty($password)) {
+        if (! empty($password)) {
            $user->password = bcrypt($password);
        }

-        if($request->hasFile('file')) {
-            $path = $request->file('file')->store('avatars');
+        if ($request->hasFile('file')) {
+            $path = $request->file('file')->store('avatars', 'public');
            $user->avatar = $path;
        }

-        if ((bool)$request->input('autologin_allow') === true) {
-            $user->autologin = (string)Str::uuid();
+        if ((bool) $request->input('autologin_allow') === true) {
+            $user->autologin = (string) Str::uuid();
        }

        $user->save();
-        
-        $route = route('dash', [], false);
+
+        $route = route('dash', []);
+
        return redirect($route)
-            ->with('success',__('app.alert.success.user_updated'));
+            ->with('success', __('app.alert.success.user_updated'));
    }

    /**
     * Display the specified resource.
-     *
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
     */
-    public function show($id)
+    public function show(int $id): void
    {
        //
    }

    /**
     * Show the form for editing the specified resource.
-     *
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
     */
-    public function edit(User $user)
+    public function edit(User $user): View
    {
        $data['user'] = $user;
-        return view('users.edit', $data);

+        return view('users.edit', $data);
    }

    /**
     * Update the specified resource in storage.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
     */
-    public function update(Request $request, User $user)
+    public function update(Request $request, User $user): RedirectResponse
    {
        $validatedData = $request->validate([
            'username' => 'required|max:255|unique:users,username,'.$user->id,
            'email' => 'required|email',
            'password' => 'nullable|confirmed',
-            'password_confirmation' => 'nullable'
+            'password_confirmation' => 'nullable',
+            'file' => 'image'
        ]);
-            //die(print_r($request->all()));
+        //die(print_r($request->all()));

        $user->username = $request->input('username');
        $user->email = $request->input('email');
        $user->public_front = $request->input('public_front');

        $password = $request->input('password');
-        if(!empty($password)) {
+        if (! empty($password)) {
            $user->password = bcrypt($password);
-        } elseif($password == 'null') {
+        } elseif ($password == 'null') {
            $user->password = null;
        }
-    
-        if($request->hasFile('file')) {
-            $path = $request->file('file')->store('avatars');
+
+        if ($request->hasFile('file')) {
+            $path = $request->file('file')->store('avatars', 'public');
            $user->avatar = $path;
        }

-        if ((bool)$request->input('autologin_allow') === true) {
-            $user->autologin = (is_null($user->autologin)) ? (string)Str::uuid() : $user->autologin;
+        if ((bool) $request->input('autologin_allow') === true) {
+            $user->autologin = (is_null($user->autologin)) ? (string) Str::uuid() : $user->autologin;
        } else {
            $user->autologin = null;
        }

        $user->save();

-        $route = route('dash', [], false);
-        return redirect($route)
-            ->with('success',__('app.alert.success.user_updated'));
+        $route = route('dash', []);

+        return redirect($route)
+            ->with('success', __('app.alert.success.user_updated'));
    }

    /**
     * Remove the specified resource from storage.
     *
-     * @param  int  $id
-     * @return \Illuminate\Http\Response
+     * @return RedirectResponse | void
     */
-    public function destroy(User $user)
+    public function destroy(User $user): RedirectResponse
    {
-        if($user->id !== 1) {
+        if ($user->id !== 1) {
            $user->delete();
-            $route = route('dash', [], false);
-            return redirect($route)
-            ->with('success',__('app.alert.success.user_deleted'));
+            $route = route('dash', []);

+            return redirect($route)
+            ->with('success', __('app.alert.success.user_deleted'));
        }
    }
 }
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -1,62 +0,0 @@
-<?php
-
-namespace App\Http;
-
-use Illuminate\Foundation\Http\Kernel as HttpKernel;
-
-class Kernel extends HttpKernel
-{
-    /**
-     * The application's global HTTP middleware stack.
-     *
-     * These middleware are run during every request to your application.
-     *
-     * @var array
-     */
-    protected $middleware = [
-        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
-        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
-        \App\Http\Middleware\TrimStrings::class,
-        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
-        \App\Http\Middleware\TrustProxies::class,
-    ];
-
-    /**
-     * The application's route middleware groups.
-     *
-     * @var array
-     */
-    protected $middlewareGroups = [
-        'web' => [
-            \App\Http\Middleware\EncryptCookies::class,
-            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
-            \Illuminate\Session\Middleware\StartSession::class,
-            // \Illuminate\Session\Middleware\AuthenticateSession::class,
-            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
-            \App\Http\Middleware\VerifyCsrfToken::class,
-            \Illuminate\Routing\Middleware\SubstituteBindings::class,
-        ],
-
-        'api' => [
-            'throttle:60,1',
-            'bindings',
-        ],
-    ];
-
-    /**
-     * The application's route middleware.
-     *
-     * These middleware may be assigned to groups or used individually.
-     *
-     * @var array
-     */
-    protected $routeMiddleware = [
-        'allowed' => \App\Http\Middleware\CheckAllowed::class,
-        'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
-        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
-        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
-        'can' => \Illuminate\Auth\Middleware\Authorize::class,
-        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
-        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
-    ];
-}
--- a/app/Http/Middleware/CheckAllowed.php
+++ b/app/Http/Middleware/CheckAllowed.php
@@ -2,9 +2,12 @@

 namespace App\Http\Middleware;

-use Closure;
-use Illuminate\Support\Facades\Auth;
+use Symfony\Component\HttpFoundation\Response;
 use App\User;
+use Closure;
+use Illuminate\Auth\AuthenticationException;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Route;
 use Session;

@@ -13,36 +16,42 @@ class CheckAllowed
    /**
     * Handle an incoming request.
     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
-     * @return mixed
+     * @throws AuthenticationException
     */
-    public function handle($request, Closure $next)
+    public function handle(Request $request, Closure $next): Response
    {
        $route = Route::currentRouteName();
        $current_user = User::currentUser();

-        if(str_is('users*', $route)) {
-            if($current_user->id !== 1) {
+        // Non admin users can't access users management
+        if (str_is('users*', $route)) {
+            if ($current_user->getId() !== 1) {
                return redirect()->route('dash');
            }
        }

-        if($route == 'dash') {
-            //print_r(User::all());
-            //die("here".var_dump($current_user->password));
-            if((bool)$current_user->public_front === true) return $next($request);
+        // Public access to frontpage
+        if ($route === 'dash' || $route === 'tags.show') {
+            if ((bool)$current_user->public_front === true) {
+                return $next($request);
+            }
        }

-        if(empty($current_user->password)) return $next($request);
+        // Continue with passwordless user
+        if (empty($current_user->password)) {
+            return $next($request);
+        }

        // Check if user is logged in as $current_user
        if (Auth::check()) {
            $loggedin_user = Auth::user();
-            if($loggedin_user->id === $current_user->id) return $next($request);
+            if ($loggedin_user->id === $current_user->getId()) {
+                return $next($request);
+            }
        }

-        return Auth::authenticate();
-
+        // Redirect to login
+        Auth::authenticate();
+        return redirect()->route('user.select');
    }
 }
--- a/app/Http/Middleware/EncryptCookies.php
+++ b/app/Http/Middleware/EncryptCookies.php
@@ -1,17 +0,0 @@
-<?php
-
-namespace App\Http\Middleware;
-
-use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
-
-class EncryptCookies extends Middleware
-{
-    /**
-     * The names of the cookies that should not be encrypted.
-     *
-     * @var array
-     */
-    protected $except = [
-        //
-    ];
-}
--- a/app/Http/Middleware/RedirectIfAuthenticated.php
+++ b/app/Http/Middleware/RedirectIfAuthenticated.php
@@ -2,20 +2,17 @@

 namespace App\Http\Middleware;

+use Symfony\Component\HttpFoundation\Response;
 use Closure;
+use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;

 class RedirectIfAuthenticated
 {
    /**
     * Handle an incoming request.
-     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Closure  $next
-     * @param  string|null  $guard
-     * @return mixed
     */
-    public function handle($request, Closure $next, $guard = null)
+    public function handle(Request $request, Closure $next, string $guard = null): Response
    {
        if (Auth::guard($guard)->check()) {
            return redirect()->intended();
--- a/app/Http/Middleware/TrimStrings.php
+++ b/app/Http/Middleware/TrimStrings.php
@@ -1,18 +0,0 @@
-<?php
-
-namespace App\Http\Middleware;
-
-use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
-
-class TrimStrings extends Middleware
-{
-    /**
-     * The names of the attributes that should not be trimmed.
-     *
-     * @var array
-     */
-    protected $except = [
-        'password',
-        'password_confirmation',
-    ];
-}
--- a/app/Http/Middleware/TrustProxies.php
+++ b/app/Http/Middleware/TrustProxies.php
@@ -2,8 +2,8 @@

 namespace App\Http\Middleware;

+use Illuminate\Http\Middleware\TrustProxies as Middleware;
 use Illuminate\Http\Request;
-use Fideloper\Proxy\TrustProxies as Middleware;

 class TrustProxies extends Middleware
 {
@@ -12,12 +12,12 @@ class TrustProxies extends Middleware
     *
     * @var array
     */
-    protected $proxies;
+    protected $proxies = ['192.168.0.0/16', '172.16.0.0/12', '10.0.0.0/8', '127.0.0.1'];

    /**
     * The current proxy header mappings.
     *
     * @var array
     */
-    protected $headers = Request::HEADER_X_FORWARDED_ALL;
+    protected $headers = Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO | Request::HEADER_X_FORWARDED_AWS_ELB;
 }
--- a/app/Http/Middleware/VerifyCsrfToken.php
+++ b/app/Http/Middleware/VerifyCsrfToken.php
@@ -1,21 +0,0 @@
-<?php
-
-namespace App\Http\Middleware;
-
-use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
-
-class VerifyCsrfToken extends Middleware
-{
-    /**
-     * The URIs that should be excluded from CSRF verification.
-     *
-     * @var array
-     */
-    protected $except = [
-        //
-        'order',
-        'appload',
-        'test_config',
-        //'get_stats'
-    ];
-}
--- a/app/Item.php
+++ b/app/Item.php
@@ -2,139 +2,270 @@

 namespace App;

-use Illuminate\Database\Eloquent\Model;
-use Symfony\Component\ClassLoader\ClassMapGenerator;
-use Illuminate\Database\Eloquent\SoftDeletes;
+use Illuminate\Contracts\Routing\UrlGenerator;
 use Illuminate\Database\Eloquent\Builder;
-use App\User;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
+use Illuminate\Database\Eloquent\SoftDeletes;
+use Illuminate\Database\Eloquent\Casts\Attribute;
+use stdClass;
+use Symfony\Component\ClassLoader\ClassMapGenerator;

+// @codingStandardsIgnoreStart
+/**
+ * App\Item
+ *
+ * @property int $id
+ * @property string $title
+ * @property string|null $colour
+ * @property string|null $icon
+ * @property string $url
+ * @property string|null $description
+ * @property int $pinned
+ * @property int $order
+ * @property \Illuminate\Support\Carbon|null $deleted_at
+ * @property \Illuminate\Support\Carbon|null $created_at
+ * @property \Illuminate\Support\Carbon|null $updated_at
+ * @property int $type
+ * @property int $user_id
+ * @property string|null $class
+ * @property string|null $appid
+ * @property string|null $appdescription
+ * @property string|null $role
+ * @property-read \Illuminate\Database\Eloquent\Collection|Item[] $children
+ * @property-read int|null $children_count
+ * @property-read string $droppable
+ * @property-read \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\Routing\UrlGenerator|mixed|string $link
+ * @property-read string $link_icon
+ * @property-read string $link_target
+ * @property-read string $link_type
+ * @property-read \Illuminate\Database\Eloquent\Collection|Item[] $parents
+ * @property-read int|null $parents_count
+ * @property-read \App\User|null $user
+ * @method static \Database\Factories\ItemFactory factory(...$parameters)
+ * @method static Builder|Item newModelQuery()
+ * @method static Builder|Item newQuery()
+ * @method static Builder|Item ofType($type)
+ * @method static \Illuminate\Database\Query\Builder|Item onlyTrashed()
+ * @method static Builder|Item pinned()
+ * @method static Builder|Item query()
+ * @method static Builder|Item whereAppdescription($value)
+ * @method static Builder|Item whereRole($value)
+ * @method static Builder|Item whereAppid($value)
+ * @method static Builder|Item whereClass($value)
+ * @method static Builder|Item whereColour($value)
+ * @method static Builder|Item whereCreatedAt($value)
+ * @method static Builder|Item whereDeletedAt($value)
+ * @method static Builder|Item whereDescription($value)
+ * @method static Builder|Item whereIcon($value)
+ * @method static Builder|Item whereId($value)
+ * @method static Builder|Item whereOrder($value)
+ * @method static Builder|Item wherePinned($value)
+ * @method static Builder|Item whereTitle($value)
+ * @method static Builder|Item whereType($value)
+ * @method static Builder|Item whereUpdatedAt($value)
+ * @method static Builder|Item whereUrl($value)
+ * @method static Builder|Item whereUserId($value)
+ * @method static \Illuminate\Database\Query\Builder|Item withTrashed()
+ * @method static \Illuminate\Database\Query\Builder|Item withoutTrashed()
+ * @mixin \Eloquent
+ */
+// @codingStandardsIgnoreEnd
 class Item extends Model
 {
    use SoftDeletes;

-    protected static function boot()
+    use HasFactory;
+
+    protected static function boot(): void
    {
        parent::boot();

        static::addGlobalScope('user_id', function (Builder $builder) {
            $current_user = User::currentUser();
-            $builder->where('user_id', $current_user->id);
+            if ($current_user) {
+                $builder->where('user_id', $current_user->getId())->orWhere('user_id', 0);
+            } else {
+                $builder->where('user_id', 0);
+            }
        });
    }

-    //
    protected $fillable = [
-        'title', 'url', 'colour', 'icon', 'description', 'pinned', 'order', 'type', 'class', 'user_id'
+        'title',
+        'url',
+        'colour',
+        'icon',
+        'appdescription',
+        'description',
+        'pinned',
+        'order',
+        'type',
+        'class',
+        'user_id',
+        'tag_id',
+        'appid',
+        'role',
    ];

-    /**
-     * The attributes that should be mutated to dates.
-     *
-     * @var array
-     */
-    protected $dates = ['deleted_at'];
+

    /**
     * Scope a query to only include pinned items.
-     *
-     * @param \Illuminate\Database\Eloquent\Builder $query
-     * @return \Illuminate\Database\Eloquent\Builder
     */
-    public function scopePinned($query)
+    public function scopePinned(Builder $query): Builder
    {
        return $query->where('pinned', 1);
    }

    public static function checkConfig($config)
    {
-        if(empty($config)) {
+        // die(print_r($config));
+        if (empty($config)) {
            $config = null;
        } else {
-            $store = false;
-            //die(var_dump($config));
-            foreach($config as $key => $check) {
-                if($key == 'type') continue;
-                if($key == 'dataonly') continue;
-                if(!empty($check) && $check != '0') {
-                    $store = true;
-                    break;
-                }
-            }
-            //die(var_dump($store))
-
-            $config['enabled'] = ($store) ? true : false;
            $config = json_encode($config);
        }
+
        return $config;
-
    }

-    public function parents()
+    public function tags()
    {
-        return $this->belongsToMany('App\Item', 'item_tag', 'item_id', 'tag_id');
-    }
-    public function children()
-    {
-        return $this->belongsToMany('App\Item', 'item_tag', 'tag_id', 'item_id');
+        $id = $this->id;
+        $tags = ItemTag::select('tag_id')->where('item_id', $id)->pluck('tag_id')->toArray();
+        $tagdetails = self::select('id', 'title', 'url', 'pinned')->whereIn('id', $tags)->get();
+
+        return $tagdetails;
    }

+    protected function title(): Attribute
+    {
+        return Attribute::make(
+            get: fn (mixed $value) => ($value === 'app.dashboard' ? __('app.dashboard') : $value),
+        );
+    }
+
+    protected function tagUrl(): Attribute
+    {
+        return Attribute::make(
+            get: fn (mixed $value, array $attributes) => ($attributes['id'] === 0 ? '0-dash' : $attributes['url']),
+        );
+    }
+
+    public function getTagClass(): string
+    {
+        $tags = $this->tags();
+        $slugs = [];
+
+        foreach ($tags as $tag) {
+            if ($tag->id === 0) {
+                $tag->url = '0-dash';
+            }
+            if ($tag->url) {
+                $slugs[] = 'tag-'.$tag->url;
+            }
+        }
+
+        return implode(' ', $slugs);
+    }
+
+    public function getTagList(): string
+    {
+        $tags = $this->tags();
+        $titles = [];
+        // print_r($tags);
+        foreach ($tags as $tag) {
+            if ($tag->title) {
+                $titles[] = $tag->title;
+            }
+        }
+
+        return implode(', ', $titles);
+    }
+
+    public function parents(): BelongsToMany
+    {
+        return $this->belongsToMany(Item::class, 'item_tag', 'item_id', 'tag_id');
+    }
+
+    public function children(): BelongsToMany
+    {
+        return $this->belongsToMany(Item::class, 'item_tag', 'tag_id', 'item_id');
+    }
+
+    /**
+     * @return \Illuminate\Contracts\Foundation\Application|UrlGenerator|mixed|string
+     */
    public function getLinkAttribute()
    {
-        if((int)$this->type === 1) {
-            return '/tag/'.$this->url;
+        if ((int) $this->type === 1) {
+            return url('tag/'.$this->url);
        } else {
            return $this->url;
        }
    }

-    public function getDroppableAttribute()
+    public function getDroppableAttribute(): string
    {
-        if((int)$this->type === 1) {
+        if ((int) $this->type === 1) {
            return ' droppable';
        } else {
            return '';
        }
    }

-    public function getLinkTargetAttribute()
+    public function getLinkTargetAttribute(): string
    {
        $target = Setting::fetch('window_target');

-        if((int)$this->type === 1 || $target === 'current') {
+        if ((int) $this->type === 1 || $target === 'current') {
            return '';
        } else {
-            return ' target="' . $target . '"';
+            return ' target="'.$target.'"';
        }
    }

-    public function getLinkIconAttribute()
+    public function getLinkIconAttribute(): string
    {
-        if((int)$this->type === 1) {
+        if ((int) $this->type === 1) {
            return 'fa-tag';
        } else {
            return 'fa-arrow-alt-to-right';
        }
    }
-    public function getLinkTypeAttribute()
+
+    public function getLinkTypeAttribute(): string
    {
-        if((int)$this->type === 1) {
+        if ((int) $this->type === 1) {
            return 'tags';
        } else {
            return 'items';
        }
    }

+    /**
+     * @param $class
+     * @return false|mixed|string
+     */
    public static function nameFromClass($class)
    {
        $explode = explode('\\', $class);
        $name = end($explode);
-        
+
        return $name;
    }

+    /**
+     * @param $query
+     * @param $type
+     * @return mixed
+     */
    public function scopeOfType($query, $type)
    {
-        switch($type) {
+        switch ($type) {
            case 'item':
                $typeid = 0;
                break;
@@ -146,69 +277,121 @@ class Item extends Model
        return $query->where('type', $typeid);
    }

-    public function enhanced()
+    public function enhanced(): bool
    {
-        if(isset($this->class) && !empty($this->class)) {
+        /*if(isset($this->class) && !empty($this->class)) {
            $app = new $this->class;
        } else {
            return false;
        }
-        return (bool)($app instanceof \App\EnhancedApps);
+        return (bool)($app instanceof \App\EnhancedApps);*/
+        return $this->description !== null;
    }

-    public static function isEnhanced($class)
+    /**
+     * @param $class
+     */
+    public static function isEnhanced($class): bool
    {
+        if (!class_exists($class, false) || $class === null || $class === 'null') {
+            return false;
+        }
        $app = new $class;
-        return (bool)($app instanceof \App\EnhancedApps);
+
+        return (bool) ($app instanceof EnhancedApps);
    }

-    public function enabled()
+    /**
+     * @param $class
+     * @return false|mixed
+     */
+    public static function isSearchProvider($class)
    {
-        if($this->enhanced()) {
+        if (!class_exists($class, false) || $class === null || $class === 'null') {
+            return false;
+        }
+        $app = new $class;
+
+        return ((bool) ($app instanceof SearchInterface)) ? $app : false;
+    }
+
+    public function enabled(): bool
+    {
+        if ($this->enhanced()) {
            $config = $this->getconfig();
-            if($config) {
+            if ($config) {
                return (bool) $config->enabled;
            }
        }
+
        return false;
    }

+    /**
+     * @return mixed|stdClass
+     */
    public function getconfig()
    {
-        $explode = explode('\\', $this->class);
-        
+        // $explode = explode('\\', $this->class);

-        if(!isset($this->description) || empty($this->description)) {
-            $config = new \stdClass;
-            $config->name = end($explode);
+        if (! isset($this->description) || empty($this->description)) {
+            $config = new stdClass;
+            // $config->name = end($explode);
            $config->enabled = false;
+            $config->override_url = null;
+            $config->apikey = null;
+
            return $config;
        }

-        
-
        $config = json_decode($this->description);

-        $config->name = end($explode);
+        // $config->name = end($explode);

-        
        $config->url = $this->url;
-        if(isset($config->override_url) && !empty($config->override_url)) {
+        if (isset($config->override_url) && ! empty($config->override_url)) {
            $config->url = $config->override_url;
+        } else {
+            $config->override_url = null;
        }
-    
+
        return $config;
    }

+    /**
+     * @param $class
+     */
+    public static function applicationDetails($class): ?Application
+    {
+        if (! empty($class)) {
+            $name = self::nameFromClass($class);
+            $application = Application::where('name', $name)->first();
+            if ($application) {
+                return $application;
+            }
+        }

+        return null;
+    }
+
+    /**
+     * @param $class
+     */
+    public static function getApplicationDescription($class): string
+    {
+        $details = self::applicationDetails($class);
+        if ($details !== null) {
+            return $details->description.' - '.$details->license;
+        }
+
+        return '';
+    }

    /**
     * Get the user that owns the item.
     */
-    public function user()
+    public function user(): BelongsTo
    {
-        return $this->belongsTo('App\User');
-    }   
-
-
+        return $this->belongsTo(User::class);
+    }
 }
--- a/app/ItemTag.php
+++ b/app/ItemTag.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace App;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Relations\Pivot;
+
+/**
+ * App\ItemTag
+ *
+ * @property int $item_id
+ * @property int $tag_id
+ * @property \Illuminate\Support\Carbon|null $created_at
+ * @property \Illuminate\Support\Carbon|null $updated_at
+ * @method static \Illuminate\Database\Eloquent\Builder|ItemTag newModelQuery()
+ * @method static \Illuminate\Database\Eloquent\Builder|ItemTag newQuery()
+ * @method static \Illuminate\Database\Eloquent\Builder|ItemTag query()
+ * @method static \Illuminate\Database\Eloquent\Builder|ItemTag whereCreatedAt($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|ItemTag whereItemId($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|ItemTag whereTagId($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|ItemTag whereUpdatedAt($value)
+ * @mixin \Eloquent
+ */
+class ItemTag extends Pivot
+{
+    use HasFactory;
+}
--- a/app/Jobs/ProcessApps.php
+++ b/app/Jobs/ProcessApps.php
@@ -2,15 +2,20 @@

 namespace App\Jobs;

+use App\Application;
+use App\Item;
+use App\SupportedApps;
+use GuzzleHttp\Exception\GuzzleException;
 use Illuminate\Bus\Queueable;
-use Illuminate\Queue\SerializesModels;
-use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Contracts\Queue\ShouldBeUnique;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Foundation\Bus\Dispatchable;
-use App\Application;
-use App\SupportedApps;
+use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Queue\SerializesModels;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;

-class ProcessApps implements ShouldQueue
+class ProcessApps implements ShouldQueue, ShouldBeUnique
 {
    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;

@@ -27,40 +32,29 @@ class ProcessApps implements ShouldQueue
    /**
     * Execute the job.
     *
-     * @return void
+     * @throws GuzzleException
     */
-    public function handle()
+    public function handle(): void
    {
-        $localapps = Application::all();
-        $list = json_decode(SupportedApps::getList()->getBody());
-        $validapps = [];
-        
-        foreach($list->apps as $app) {
-            $validapps[] = $app->appid;
-            $localapp = $localapps->where('appid', $app->appid)->first();
+        Log::debug('Process Apps dispatched');
+        $localapps = Application::whereNull('class')->get();
+        $json = SupportedApps::getList()->getBody();

-            $application = ($localapp) ? $localapp : new Application;
+        Storage::disk('local')->put('supportedapps.json', $json);

-            if(!file_exists(app_path('SupportedApps/'.className($app->name)))) {
-                SupportedApps::getFiles($app);
-                SupportedApps::saveApp($app, $application);
-            } else {
-                // check if there has been an update for this app
-                $localapp = $localapps->where('appid', $app->appid)->first();
-                if($localapp) {
-                    if($localapp->sha !== $app->sha) {
-                        SupportedApps::getFiles($app);
-                        SupportedApps::saveApp($app, $application);
-                    }
-                }  else {
-                    SupportedApps::getFiles($app);
-                    SupportedApps::saveApp($app, $application);
-      
+        foreach ($localapps as $app) {
+            $app->class = $app->class();
+            $app->save();
+        }
+
+        $items = Item::whereNotNull('class')->get();
+        foreach ($items as $item) {
+            if (! file_exists(app_path('SupportedApps/'.Item::nameFromClass($item->class)))) {
+                $app = Application::where('class', $item->class)->first();
+                if ($app) {
+                    Application::getApp($app->appid);
                }
            }
        }
-        //$delete = Application::whereNotIn('appid', $validapps)->delete(); // delete any apps not in list
-        // removed the delete so local apps can be added
-
    }
 }
--- a/app/Jobs/UpdateApps.php
+++ b/app/Jobs/UpdateApps.php
@@ -0,0 +1,56 @@
+<?php
+
+namespace App\Jobs;
+
+use App\Application;
+use GuzzleHttp\Exception\GuzzleException;
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldBeUnique;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Foundation\Bus\Dispatchable;
+use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Queue\SerializesModels;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Facades\Log;
+
+class UpdateApps implements ShouldQueue, ShouldBeUnique
+{
+    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
+
+    /**
+     * Create a new job instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        //
+    }
+
+    /**
+     * Execute the job.
+     *
+     * @throws GuzzleException
+     */
+    public function handle(): void
+    {
+        Log::debug('Update of all apps triggered!');
+        $apps = Application::all('appid')->toArray();
+
+        // We onl update the apps that are actually in use by items
+        // 1 sec delay after each update to throttle the requests
+        foreach ($apps as $appKey => $app) {
+            Application::getApp($app['appid']);
+            sleep(1);
+        }
+
+        Log::debug('Update of all apps finished!');
+
+        Cache::lock('updateApps')->forceRelease();
+    }
+
+    public function failed($exception): void
+    {
+        Cache::lock('updateApps')->forceRelease();
+    }
+}
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -2,130 +2,197 @@

 namespace App\Providers;

-use Illuminate\Support\ServiceProvider;
-use Artisan;
-use Schema;
-use App\Setting;
-use App\User;
 use App\Application;
 use App\Jobs\ProcessApps;
+use App\Jobs\UpdateApps;
+use App\Setting;
+use App\User;
+use Barryvdh\LaravelIdeHelper\IdeHelperServiceProvider;
+use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Support\ServiceProvider;
+use Psr\Container\ContainerExceptionInterface;
+use Psr\Container\NotFoundExceptionInterface;
+use App\Services\CustomFormBuilder;
+use Spatie\Html\Html;

 class AppServiceProvider extends ServiceProvider
 {
    /**
     * Bootstrap any application services.
-     *
-     * @return void
     */
-    public function boot()
+    public function boot(): void
    {
-
-        if(!is_file(base_path('.env'))) {
-            touch(base_path('.env'));
-            Artisan::call('key:generate');
-        }
-        if(!is_file(database_path('app.sqlite'))) {
-            // first time setup
-            touch(database_path('app.sqlite'));
-            Artisan::call('migrate', array('--path' => 'database/migrations', '--force' => true, '--seed' => true));
-            //Cache
-            //Artisan::call('config:cache');
-            //Artisan::call('route:cache');
-        }
-        if(is_file(database_path('app.sqlite'))) {
-            if(Schema::hasTable('settings')) {
-
-                // check version to see if an upgrade is needed
-                $db_version = Setting::_fetch('version');
-                $app_version = config('app.version');
-                if(version_compare($app_version, $db_version) == 1) { // app is higher than db, so need to run migrations etc
-                    Artisan::call('migrate', array('--path' => 'database/migrations', '--force' => true, '--seed' => true));                   
-                }
-
-            } else {
-                Artisan::call('migrate', array('--path' => 'database/migrations', '--force' => true, '--seed' => true)); 
-            }
-
+        if (! class_exists('ZipArchive')) {
+            die('You are missing php-zip');
        }

-        if(!is_file(public_path('storage'))) {
+        $this->createEnvFile();
+
+        $this->setupDatabase();
+
+        if (! is_file(public_path('storage/.gitignore'))) {
            Artisan::call('storage:link');
            \Session::put('current_user', null);
        }
-        
+
        $applications = Application::all();
-        if($applications->count() <= 0) {
-            if (class_exists('ZipArchive')) {
-                ProcessApps::dispatch();
-            } else {
-                die("You are missing php-zip");
-            }
-            
+
+        if ($applications->count() <= 0) {
+            ProcessApps::dispatch();
        }

-        // User specific settings need to go here as session isn't available at this point in the app
-        view()->composer('*', function ($view) 
-        {
+        $lang = Setting::fetch('language');
+        \App::setLocale($lang);

-            if(isset($_SERVER['HTTP_AUTHORIZATION']) && !empty($_SERVER['HTTP_AUTHORIZATION'])) {
-                list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = 
+        // User specific settings need to go here as session isn't available at this point in the app
+        view()->composer('*', function ($view) {
+            if (isset($_SERVER['HTTP_AUTHORIZATION']) && ! empty($_SERVER['HTTP_AUTHORIZATION'])) {
+                list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
                explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
            }
-            if(!\Auth::check()) {
-                if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
+            if (! \Auth::check()) {
+                if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])
+                        && ! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) {
                    $credentials = ['username' => $_SERVER['PHP_AUTH_USER'], 'password' => $_SERVER['PHP_AUTH_PW']];
-                    
-                    if (\Auth::attempt($credentials)) {
+
+                    if (\Auth::attempt($credentials, true)) {
                        // Authentication passed...
                        $user = \Auth::user();
                        //\Session::put('current_user', $user);
-                        session(['current_user' => $user]);                
+                        session(['current_user' => $user]);
+                    }
+                } elseif (isset($_SERVER['REMOTE_USER']) && ! empty($_SERVER['REMOTE_USER'])) {
+                    $user = User::where('username', $_SERVER['REMOTE_USER'])->first();
+                    if ($user) {
+                        \Auth::login($user, true);
+                        session(['current_user' => $user]);
                    }
                }
            }

-
            $alt_bg = '';
-            if($bg_image = Setting::fetch('background_image')) {
-                $alt_bg = ' style="background-image: url(/storage/'.$bg_image.')"';
+            $trianglify = 'false';
+            $trianglify_seed = null;
+            if (Setting::fetch('trianglify')) {
+                $trianglify = 'true';
+                $trianglify_seed = Setting::fetch('trianglify_seed');
+            } elseif ($bg_image = Setting::fetch('background_image')) {
+                $alt_bg = ' style="background-image: url(storage/'.$bg_image.')"';
            }
-            $lang = Setting::fetch('language');
-            \App::setLocale($lang);

            $allusers = User::all();
            $current_user = User::currentUser();

-            $view->with('alt_bg', $alt_bg );    
-            $view->with('allusers', $allusers );    
-            $view->with('current_user', $current_user );   
-
-    
-            
-            
-        });  
+            $view->with('alt_bg', $alt_bg);
+            $view->with('trianglify', $trianglify);
+            $view->with('trianglify_seed', $trianglify_seed);
+            $view->with('allusers', $allusers);
+            $view->with('current_user', $current_user);
+            if (config('app.auth_roles_enable')) {
+                $view->with('enable_auth_admin_controls', in_array(config('app.auth_roles_admin'), explode(config('app.auth_roles_delimiter'), $_SERVER[config('app.auth_roles_http_header')])));
+            } else {
+                $view->with('enable_auth_admin_controls', true);
+            }
+        });

        $this->app['view']->addNamespace('SupportedApps', app_path('SupportedApps'));

-
        if (env('FORCE_HTTPS') === true) {
            \URL::forceScheme('https');
        }

-        if(env('APP_URL') != 'http://localhost') {
+        if (env('APP_URL') != 'http://localhost') {
            \URL::forceRootUrl(env('APP_URL'));
        }
+    }

+    /**
+     * Generate app key if missing and .env exists
+     */
+    public function genKey(): void
+    {
+        if (is_file(base_path('.env'))) {
+            if (empty(env('APP_KEY'))) {
+                Artisan::call('key:generate', ['--force' => true, '--no-interaction' => true]);
+            }
+        }
    }

    /**
     * Register any application services.
-     *
-     * @return void
     */
-    public function register()
+    public function register(): void
    {
+        if ($this->app->isLocal()) {
+            $this->app->register(IdeHelperServiceProvider::class);
+        }
+
+        $this->app->singleton('custom-form', function ($app) {
+            return new CustomFormBuilder($app->make(Html::class));
+        });
+
        $this->app->singleton('settings', function () {
            return new Setting();
        });
    }
+
+    /**
+     * Check if database needs an update or do first time database setup
+     *
+     * @throws ContainerExceptionInterface
+     * @throws NotFoundExceptionInterface
+     */
+    public function setupDatabase(): void
+    {
+        $db_type = config()->get('database.default');
+
+        if ($db_type == 'sqlite') {
+            $db_file = database_path(env('DB_DATABASE', 'app.sqlite'));
+            Log::debug('SQLite Database Path: ' . $db_file);
+            if (! is_file($db_file)) {
+                touch($db_file);
+            }
+        }
+
+        if ($this->needsDBUpdate()) {
+            Artisan::call('migrate', ['--path' => 'database/migrations', '--force' => true, '--seed' => true]);
+            ProcessApps::dispatchSync();
+            $this->updateApps();
+        }
+    }
+
+    public function createEnvFile(): void
+    {
+        if (!is_file(base_path('.env'))) {
+            copy(base_path('.env.example'), base_path('.env'));
+        }
+
+        $this->genKey();
+    }
+
+    private function needsDBUpdate(): bool
+    {
+        if (!Schema::hasTable('settings')) {
+            return true;
+        }
+
+        $db_version = Setting::_fetch('version');
+        $app_version = config('app.version');
+
+        return version_compare($app_version, $db_version) === 1;
+    }
+
+    private function updateApps(): void
+    {
+        // This lock ensures that the job is not invoked multiple times.
+        // In 5 minutes all app updates should be finished.
+        $lock = Cache::lock('updateApps', 5*60);
+
+        if ($lock->get()) {
+            UpdateApps::dispatchAfterResponse();
+        }
+    }
 }
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@@ -1,30 +0,0 @@
-<?php
-
-namespace App\Providers;
-
-use Illuminate\Support\Facades\Gate;
-use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
-
-class AuthServiceProvider extends ServiceProvider
-{
-    /**
-     * The policy mappings for the application.
-     *
-     * @var array
-     */
-    protected $policies = [
-        'App\Model' => 'App\Policies\ModelPolicy',
-    ];
-
-    /**
-     * Register any authentication / authorization services.
-     *
-     * @return void
-     */
-    public function boot()
-    {
-        $this->registerPolicies();
-
-        //
-    }
-}
--- a/app/Providers/BroadcastServiceProvider.php
+++ b/app/Providers/BroadcastServiceProvider.php
@@ -1,21 +0,0 @@
-<?php
-
-namespace App\Providers;
-
-use Illuminate\Support\ServiceProvider;
-use Illuminate\Support\Facades\Broadcast;
-
-class BroadcastServiceProvider extends ServiceProvider
-{
-    /**
-     * Bootstrap any application services.
-     *
-     * @return void
-     */
-    public function boot()
-    {
-        Broadcast::routes();
-
-        require base_path('routes/channels.php');
-    }
-}
--- a/app/Providers/EventServiceProvider.php
+++ b/app/Providers/EventServiceProvider.php
@@ -1,32 +0,0 @@
-<?php
-
-namespace App\Providers;
-
-use Illuminate\Support\Facades\Event;
-use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
-
-class EventServiceProvider extends ServiceProvider
-{
-    /**
-     * The event listener mappings for the application.
-     *
-     * @var array
-     */
-    protected $listen = [
-        'App\Events\Event' => [
-            'App\Listeners\EventListener',
-        ],
-    ];
-
-    /**
-     * Register any events for your application.
-     *
-     * @return void
-     */
-    public function boot()
-    {
-        parent::boot();
-
-        //
-    }
-}
--- a/app/Providers/RouteServiceProvider.php
+++ b/app/Providers/RouteServiceProvider.php
@@ -2,8 +2,8 @@

 namespace App\Providers;

-use Illuminate\Support\Facades\Route;
 use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
+use Illuminate\Support\Facades\Route;

 class RouteServiceProvider extends ServiceProvider
 {
@@ -12,16 +12,13 @@ class RouteServiceProvider extends ServiceProvider
     *
     * In addition, it is set as the URL generator's root namespace.
     *
-     * @var string
+     * REMOVED WITH LARAVEL 8 UPGRADE
     */
-    protected $namespace = 'App\Http\Controllers';

    /**
     * Define your route model bindings, pattern filters, etc.
-     *
-     * @return void
     */
-    public function boot()
+    public function boot(): void
    {
        //

@@ -30,10 +27,8 @@ class RouteServiceProvider extends ServiceProvider

    /**
     * Define the routes for the application.
-     *
-     * @return void
     */
-    public function map()
+    public function map(): void
    {
        $this->mapApiRoutes();

@@ -46,13 +41,10 @@ class RouteServiceProvider extends ServiceProvider
     * Define the "web" routes for the application.
     *
     * These routes all receive session state, CSRF protection, etc.
-     *
-     * @return void
     */
-    protected function mapWebRoutes()
+    protected function mapWebRoutes(): void
    {
        Route::middleware('web')
-             ->namespace($this->namespace)
             ->group(base_path('routes/web.php'));
    }

@@ -60,14 +52,11 @@ class RouteServiceProvider extends ServiceProvider
     * Define the "api" routes for the application.
     *
     * These routes are typically stateless.
-     *
-     * @return void
     */
-    protected function mapApiRoutes()
+    protected function mapApiRoutes(): void
    {
        Route::prefix('api')
             ->middleware('api')
-             ->namespace($this->namespace)
             ->group(base_path('routes/api.php'));
    }
 }
--- a/app/Search.php
+++ b/app/Search.php
@@ -0,0 +1,149 @@
+<?php
+
+namespace App;
+
+use Illuminate\Support\Collection;
+use Illuminate\Support\Facades\Request as Input;
+use Yaml;
+
+abstract class Search
+{
+    /**
+     * List of all search providers
+     *
+     * @return Collection
+     */
+    public static function providers(): Collection
+    {
+        $providers = self::standardProviders();
+        $providers = $providers + self::appProviders();
+
+        return collect($providers);
+    }
+
+    /**
+     * Gets details for a single provider
+     *
+     * @return false|object
+     */
+    public static function providerDetails($provider)
+    {
+        $providers = self::providers();
+        if (! isset($providers[$provider])) {
+            return false;
+        }
+
+        return (object) $providers[$provider] ?? false;
+    }
+
+    /**
+     * Array of the standard providers
+     *
+     * @return array
+     */
+    public static function standardProviders(): array
+    {
+        // $providers = json_decode(file_get_contents(storage_path('app/searchproviders.json')));
+        // print_r($providers);
+        $providers = Yaml::parseFile(storage_path('app/searchproviders.yaml'));
+        $all = [];
+        foreach ($providers as $key => $provider) {
+            $all[$key] = $provider;
+            $all[$key]['type'] = 'standard';
+        }
+
+        return $all;
+    }
+
+    /**
+     * Loops through users apps to see if app is a search provider, might be worth
+     * looking into caching this at some point
+     *
+     * @return array
+     */
+    public static function appProviders(): array
+    {
+        $providers = [];
+        $userapps = Item::all();
+        foreach ($userapps as $app) {
+            if (empty($app->class)) {
+                continue;
+            }
+            if (($provider = Item::isSearchProvider($app->class)) !== false) {
+                $name = Item::nameFromClass($app->class);
+                $providers[$app->id] = [
+                    'id' => $app->id,
+                    'type' => $provider->type,
+                    'class' => $app->class,
+                    'url' => $app->url,
+                    'name' => $app->title,
+                    'colour' => $app->colour,
+                    'icon' => $app->icon,
+                    'description' => $app->description,
+                ];
+            }
+        }
+
+        return $providers;
+    }
+
+    /**
+     * Outputs the search form
+     *
+     * @return string
+     */
+    public static function form(): string
+    {
+        $output = '';
+        $homepage_search = Setting::fetch('homepage_search');
+        $search_provider = Setting::where('key', '=', 'search_provider')->first();
+        $user_search_provider = Setting::fetch('search_provider');
+        //die(print_r($search_provider));
+
+        //die(var_dump($user_search_provider));
+        // return early if search isn't applicable
+        if ((bool) $homepage_search !== true) {
+            return $output;
+        }
+        $user_search_provider = Input::get('p') ?? $user_search_provider ?? 'none';
+
+        if ((bool) $search_provider) {
+            if ((bool) $user_search_provider) {
+                $name = 'app.options.'.$user_search_provider;
+                $provider = self::providerDetails($user_search_provider);
+                $providers = self::providers();
+                $providerCount = count($providers);
+
+                // If there's only one provider, use its key instead of the user's setting
+                if ($providerCount === 1) {
+                    $user_search_provider = $providers->keys()->first();
+                }
+
+                $output .= '<div class="searchform">';
+                $output .= '<form action="'.url('search').'"'.getLinkTargetAttribute().' method="get">';
+                $output .= '<div id="search-container" class="input-container">';
+                
+                // Only show dropdown if there's more than one provider
+                if ($providerCount > 1) {
+                    $output .= '<select name="provider">';
+                    foreach ($providers as $key => $searchprovider) {
+                        $selected = ((string) $key === (string) $user_search_provider) ? ' selected="selected"' : '';
+                        $output .= '<option value="'.$key.'"'.$selected.'>'.$searchprovider['name'].'</option>';
+                    }
+                    $output .= '</select>';
+                } else {
+                    // Hidden input for single provider
+                    $output .= '<input type="hidden" name="provider" value="'.$user_search_provider.'" />';
+                }
+                
+                $output .= '<input type="text" name="q" value="'.e(Input::get('q') ?? '').'" class="homesearch" autofocus placeholder="'.__('app.settings.search').'..." />';
+                $output .= '<button type="submit">'.ucwords(__('app.settings.search')).'</button>';
+                $output .= '</div>';
+                $output .= '</form>';
+                $output .= '</div>';
+            }
+        }
+
+        return $output;
+    }
+}
--- a/app/SearchInterface.php
+++ b/app/SearchInterface.php
@@ -0,0 +1,8 @@
+<?php
+
+namespace App;
+
+interface SearchInterface
+{
+    public function getResults($query, $providerdetails);
+}
--- a/app/Services/CustomFormBuilder.php
+++ b/app/Services/CustomFormBuilder.php
@@ -0,0 +1,67 @@
+<?php
+
+namespace App\Services;
+
+use Spatie\Html\Html;
+use Illuminate\Support\HtmlString;
+
+class CustomFormBuilder
+{
+    protected Html $html;
+
+    public function __construct(Html $html)
+    {
+        $this->html = $html;
+    }
+
+    public function text($name, $value = null, $options = [])
+    {
+        return new HtmlString(
+            $this->html->input('text', $name, $value)->attributes($options)
+        );
+    }
+
+    public function password($name, $options = [])
+    {
+        return new HtmlString(
+            $this->html->input('password', $name)->attributes($options)
+        );
+    }
+
+    public function hidden($name, $value = null, $options = [])
+    {
+        return new HtmlString(
+            $this->html->input('hidden', $name, $value)->attributes($options)
+        );
+    }
+
+    public function checkbox($name, $value = null, $checked = false, $options = [])
+    {
+        return new HtmlString(
+            $this->html->checkbox($name, $value, $checked)->attributes($options)
+        );
+    }
+
+    public function select($name, $list = [], $selected = null, $options = [])
+    {
+        return new HtmlString(
+            $this->html->select($name)->options($list, $selected)->attributes($options)
+        );
+    }
+
+    public function textarea($name, $value = null, $options = [])
+    {
+        return new HtmlString(
+            $this->html->textarea($name, $value)->attributes($options)
+        );
+    }
+
+    public function input($type, $name, $value = null, $options = [])
+    {
+        return new HtmlString(
+            $this->html->input($type, $name, $value)->attributes($options)
+        );
+    }
+
+    // Add other methods as needed
+}
--- a/app/Setting.php
+++ b/app/Setting.php
@@ -2,12 +2,46 @@

 namespace App;

+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Model;
-use Illuminate\Support\Facades\Input;
-use Form;
-use Illuminate\Support\Facades\Auth;
-use App\User;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
+use Illuminate\Http\Request;
+use Illuminate\Session\SessionManager;
+use Illuminate\Session\Store;
+use enshrined\svgSanitize\Sanitizer;

+/**
+ * App\Setting
+ *
+ * @mixin Builder
+ * @property int $id
+ * @property int $group_id
+ * @property string $key
+ * @property string $type
+ * @property string|null $options
+ * @property string $label
+ * @property string|null $value
+ * @property string $order
+ * @property int $system
+ * @property-read mixed $edit_value
+ * @property-read mixed $list_value
+ * @property-read \App\SettingGroup|null $group
+ * @property-read \Illuminate\Database\Eloquent\Collection|\App\User[] $users
+ * @property-read int|null $users_count
+ * @method static Builder|Setting newModelQuery()
+ * @method static Builder|Setting newQuery()
+ * @method static Builder|Setting query()
+ * @method static Builder|Setting whereGroupId($value)
+ * @method static Builder|Setting whereId($value)
+ * @method static Builder|Setting whereKey($value)
+ * @method static Builder|Setting whereLabel($value)
+ * @method static Builder|Setting whereOptions($value)
+ * @method static Builder|Setting whereOrder($value)
+ * @method static Builder|Setting whereSystem($value)
+ * @method static Builder|Setting whereType($value)
+ * @method static Builder|Setting whereValue($value)
+ */
 class Setting extends Model
 {
    /**
@@ -18,7 +52,7 @@ class Setting extends Model
    protected $table = 'settings';

    protected $fillable = [
-        'id', 'group_id', 'key', 'type', 'options', 'label', 'value', 'order', 'system'
+        'id', 'group_id', 'key', 'type', 'options', 'label', 'value', 'order', 'system',
    ];

    /**
@@ -35,47 +69,67 @@ class Setting extends Model
     */
    protected static $cache = [];

-    /**
-     * @return array
-     */
-    public static function getInput()
+    public static function getInput(Request $request): object
    {
+        $image = $request->file('value');
+        if ($image && $image->getClientOriginalExtension() === 'svg') {
+            $sanitizer = new Sanitizer();
+            $sanitizedSvg = $sanitizer->sanitize(file_get_contents($image->getRealPath()));
+
+            // Verify that the sanitization removed malicious content
+            if (strpos($sanitizedSvg, '<script>') !== false) {
+                throw new \Exception('SVG contains malicious content and cannot be uploaded.');
+            }
+
+            // Save the sanitized SVG back to the file
+            file_put_contents($image->getRealPath(), $sanitizedSvg);
+        }
+
        return (object) [
-            'value' => Input::get('value'),
-            'image' => Input::file('value'),
+            'value' => $request->input('value'),
+            'image' => $image,
        ];
    }

    public function getListValueAttribute()
    {
-        if((bool)$this->system === true) {
+        if ((bool) $this->system === true) {
            $value = self::_fetch($this->key);
        } else {
            $value = self::fetch($this->key);
        }
        $this->value = $value;
-        switch($this->type) {
+        switch ($this->type) {
            case 'image':
-                if(!empty($this->value)) {
-                    $value = '<a href="'.asset('storage/'.$this->value).'" title="'.__('app.settings.view').'" target="_blank">'.__('app.settings.view').'</a>';
+                if (! empty($this->value)) {
+                    $value = '<a href="'.asset('storage/'.$this->value).'" title="'.
+                        __('app.settings.view').
+                        '" target="_blank">'.
+                        __('app.settings.view').
+                        '</a>';
                } else {
                    $value = __('app.options.none');
-                }    
+                }
                break;
            case 'boolean':
-                if((bool)$this->value === true) {
+                if ((bool) $this->value === true) {
                    $value = __('app.options.yes');
                } else {
                    $value = __('app.options.no');
-                }    
+                }
                break;
            case 'select':
-                if(!empty($this->value) && $this->value !== 'none') {
-                    $options =  (array)json_decode($this->options);
-                    $value = __($options[$this->value]);
+                if (! empty($this->value) && $this->value !== 'none') {
+                    $options = (array) json_decode($this->options);
+                    if ($this->key === 'search_provider') {
+                        $options = Search::providers()->pluck('name', 'id')->toArray();
+                    }
+                    $value = (array_key_exists($this->value, $options))
+                        ? __($options[$this->value])
+                        : __('app.options.none');
                } else {
                    $value = __('app.options.none');
-                }                
+                }
                break;
            default:
                $value = __($this->value);
@@ -83,205 +137,166 @@ class Setting extends Model
        }

        return $value;
-
    }

    public function getEditValueAttribute()
    {
-        if((bool)$this->system === true) {
+        if ((bool) $this->system === true) {
            $value = self::_fetch($this->key);
        } else {
            $value = self::fetch($this->key);
        }
        $this->value = $value;
-        switch($this->type) {
+        switch ($this->type) {
            case 'image':
                $value = '';
-                if(isset($this->value) && !empty($this->value)) {
-                    $value .= '<a class="setting-view-image" href="'.asset('storage/'.$this->value).'" title="'.__('app.settings.view').'" target="_blank"><img src="'.asset('storage/'.$this->value).'" /></a>';
+                if (isset($this->value) && !empty($this->value)) {
+                    $value .= '<a class="setting-view-image" href="' .
+                        asset('storage/' . $this->value) .
+                        '" title="' .
+                        __('app.settings.view') .
+                        '" target="_blank"><img src="' .
+                        asset('storage/' .
+                            $this->value) .
+                        '" /></a>';
                }
-                $value .= Form::file('value', ['class' => 'form-control']);
-                if(isset($this->value) && !empty($this->value)) {
-                    $value .= '<a class="settinglink" href="'.route('settings.clear', $this->id).'" title="'.__('app.settings.remove').'">'.__('app.settings.reset').'</a>';
+                $value .= '<input type="file" name="value" class="form-control" />';
+                if (isset($this->value) && !empty($this->value)) {
+                    $value .= '<a class="settinglink" href="' .
+                        route('settings.clear', $this->id) .
+                        '" title="' .
+                        __('app.settings.remove') .
+                        '">' .
+                        __('app.settings.reset') .
+                        '</a>';
                }
-                
+    
                break;
            case 'boolean':
                $checked = false;
-                if(isset($this->value) && (bool)$this->value === true) $checked = true;
+                if (isset($this->value) && (bool)$this->value === true) {
+                    $checked = true;
+                }
                $set_checked = ($checked) ? ' checked="checked"' : '';
                $value = '
                <input type="hidden" name="value" value="0" />
                <label class="switch">
-                    <input type="checkbox" name="value" value="1"'.$set_checked.' />
+                    <input type="checkbox" name="value" value="1"' . $set_checked . ' />
                    <span class="slider round"></span>
                </label>';
-
+    
                break;
            case 'select':
                $options = json_decode($this->options);
-                foreach($options as $key => $opt) {
-                    $options->$key = __($opt);
+                if ($this->key === 'search_provider') {
+                    $options = Search::providers()->pluck('name', 'id');
                }
-                $value = Form::select('value', $options, null, ['class' => 'form-control']);
+                $value = '<select name="value" class="form-control">';
+                foreach ($options as $key => $opt) {
+                    $value .= '<option value="' . $key . '" ' . (($this->value == $key) ? 'selected' : '') . '>' . __($opt) . '</option>';
+                }
+                $value .= '</select>';
+                break;
+            case 'textarea':
+                $value = '<textarea name="value" class="form-control" cols="44" rows="15">' . htmlspecialchars($this->value, ENT_QUOTES, 'UTF-8') . '</textarea>';
                break;
            default:
-                $value = Form::text('value', null, ['class' => 'form-control']);
+                $value = '<input type="text" name="value" class="form-control" value="' . htmlspecialchars($this->value, ENT_QUOTES, 'UTF-8') . '" />';
                break;
        }
-
+    
        return $value;
-
    }
-
-    public function group()
+    
+    public function group(): BelongsTo
    {
-        return $this->belongsTo('App\SettingGroup', 'group_id');
+        return $this->belongsTo(\App\SettingGroup::class, 'group_id');
    }

-
    /**
-     * @param string $key
     *
     * @return mixed
     */
-    public static function fetch($key)
+    public static function fetch(string $key)
    {
        $user = self::user();
+
        return self::_fetch($key, $user);
    }
+
+    // @codingStandardsIgnoreStart
    /**
-     * @param string $key
     *
     * @return mixed
     */
-    public static function _fetch($key, $user=null)
+    public static function _fetch(string $key, $user = null)
    {
-        #$cachekey = ($user === null) ? $key : $key.'-'.$user->id;
-        #if (Setting::cached($cachekey)) {
-        #    return Setting::$cache[$cachekey];
-        #} else {
-            $find = self::where('key', '=', $key)->first();
+        // @codingStandardsIgnoreEnd
+        //$cachekey = ($user === null) ? $key : $key.'-'.$user->id;
+        //if (Setting::cached($cachekey)) {
+        //    return Setting::$cache[$cachekey];
+        //} else {
+        $find = self::where('key', '=', $key)->first();

-            if (!is_null($find)) {
-                if((bool)$find->system === true) { // if system variable use global value
+        if (! is_null($find)) {
+            if ((bool) $find->system === true) { // if system variable use global value
+                $value = $find->value;
+            } else { // not system variable so use user specific value
+                // check if user specified value has been set
+                //print_r($user);
+                $usersetting = $user->settings()->where('id', $find->id)->first();
+                //print_r($user->settings);
+                //die(var_dump($usersetting));
+                //->pivot->value;
+                //echo "user: ".$user->id." --- ".$usersettings;
+                if (isset($usersetting) && ! empty($usersetting)) {
+                    $value = $usersetting->pivot->uservalue;
+                } else { // if not get default from base setting
+                    //$user->settings()->save($find, ['value' => $find->value]);
+                    //$has_setting = $user->settings()->where('id', $find->id)->exists();
+                    //if($has_setting) {
+                    //    $user->settings()->updateExistingPivot($find->id, ['uservalue' => (string)$find->value]);
+                    //} else {
+                    //    $user->settings()->save($find, ['uservalue' => (string)$find->value]);
+                    //}
                    $value = $find->value;
-                } else { // not system variable so use user specific value
-                    // check if user specified value has been set
-                    //print_r($user);
-                    $usersetting = $user->settings()->where('id', $find->id)->first();
-                    //print_r($user->settings);
-                    //die(var_dump($usersetting));
-                    //->pivot->value;
-                    //echo "user: ".$user->id." --- ".$usersettings;
-                    if(isset($usersetting) && !empty($usersetting)) {
-                        $value = $usersetting->pivot->uservalue;
-                    } else { // if not get default from base setting
-                        //$user->settings()->save($find, ['value' => $find->value]);
-                        #$has_setting = $user->settings()->where('id', $find->id)->exists();
-                        #if($has_setting) {
-                        #    $user->settings()->updateExistingPivot($find->id, ['uservalue' => (string)$find->value]);
-                        #} else {
-                        #    $user->settings()->save($find, ['uservalue' => (string)$find->value]);
-                        #}
-                        $value = $find->value;
-                    }
-                    
                }
-                #Setting::add($cachekey, $value);
-
-                return $value;
-            } else {
-                return false;
            }
-        #}
+            //Setting::add($cachekey, $value);
+
+            return $value;
+        } else {
+            return false;
+        }
+        //}
    }

    /**
-     * @param string $key
     * @param $value
     */
-    public static function add($key, $value)
+    public static function add(string $key, $value)
    {
-        Setting::$cache[$key] = $value;
+        self::$cache[$key] = $value;
    }

-    /**
-     * @param string $key
-     *
-     * @return bool
-     */
-    public static function cached($key)
+    public static function cached(string $key): bool
    {
-        return array_key_exists($key, Setting::$cache);
-    }
-
-    /**
-     * @return html
-     */
-    public static function search()
-    {
-        $output = '';
-        $homepage_search = self::fetch('homepage_search');
-        $search_provider = self::where('key', '=', 'search_provider')->first();
-        $user_search_provider = self::fetch('search_provider');
-        //die(print_r($search_provider));
-       
-        //die(var_dump($user_search_provider));
-        // return early if search isn't applicable
-        if((bool)$homepage_search !== true) return $output;
-        if($user_search_provider === 'none') return $output;
-        if(empty($user_search_provider)) return $output;
-        if(is_null($user_search_provider)) return $output;
-
-
-        if((bool)$homepage_search && (bool)$search_provider) {
-
-            $options = (array)json_decode($search_provider->options);
-            $name = $options[$user_search_provider];
-            if((bool)$user_search_provider) {
-                switch($user_search_provider) {
-                    case 'google':
-                        $url = 'https://www.google.com/search';
-                        $var = 'q';
-                        break;
-                    case 'ddg':
-                        $url = 'https://duckduckgo.com/';
-                        $var = 'q';
-                        break;
-                    case 'bing':
-                        $url = 'https://www.bing.com/search';
-                        $var = 'q';
-                        break;
-                    case 'startpage':
-                        $url = 'https://www.startpage.com/';
-                        $var = 'q';
-                }
-                $output .= '<div class="searchform">';
-                $output .= Form::open(['url' => $url, 'method' => 'get']);
-                $output .= '<div class="input-container">';
-                $output .= Form::text($var, null, ['class' => 'homesearch', 'autofocus' => 'autofocus', 'placeholder' => __($name).' '.__('app.settings.search').'...']);
-                $output .= '<button type="submit">'.ucwords(__('app.settings.search')).'</button>';
-                $output .= '</div>';
-                $output .= Form::close();
-                $output .= '</div>';
-            }
-        }
-        return $output;
+        return array_key_exists($key, self::$cache);
    }

    /**
     * The users that belong to the setting.
     */
-    public function users()
+    public function users(): BelongsToMany
    {
-        return $this->belongsToMany('App\User')->using('App\SettingUser')->withPivot('uservalue');
+        return $this->belongsToMany(\App\User::class)->using(\App\SettingUser::class)->withPivot('uservalue');
    }

+    /**
+     * @return \Illuminate\Contracts\Foundation\Application|SessionManager|Store|mixed
+     */
    public static function user()
    {
        return User::currentUser();
    }
-
-
 }
--- a/app/SettingGroup.php
+++ b/app/SettingGroup.php
@@ -3,7 +3,24 @@
 namespace App;

 use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\HasMany;

+/**
+ * App\SettingGroup
+ *
+ * @property int $id
+ * @property string $title
+ * @property int $order
+ * @property-read \Illuminate\Database\Eloquent\Collection|\App\Setting[] $settings
+ * @property-read int|null $settings_count
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingGroup newModelQuery()
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingGroup newQuery()
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingGroup query()
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingGroup whereId($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingGroup whereOrder($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingGroup whereTitle($value)
+ * @mixin \Eloquent
+ */
 class SettingGroup extends Model
 {
    /**
@@ -20,8 +37,8 @@ class SettingGroup extends Model
     */
    public $timestamps = false;

-    public function settings()
+    public function settings(): HasMany
    {
-        return $this->hasMany('App\Setting', 'group_id');
+        return $this->hasMany(\App\Setting::class, 'group_id');
    }
 }
--- a/app/SettingUser.php
+++ b/app/SettingUser.php
@@ -4,6 +4,20 @@ namespace App;

 use Illuminate\Database\Eloquent\Relations\Pivot;

+/**
+ * App\SettingUser
+ *
+ * @property int $setting_id
+ * @property int $user_id
+ * @property string|null $uservalue
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingUser newModelQuery()
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingUser newQuery()
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingUser query()
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingUser whereSettingId($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingUser whereUserId($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|SettingUser whereUservalue($value)
+ * @mixin \Eloquent
+ */
 class SettingUser extends Pivot
 {
    //
--- a/app/SupportedApps.php
+++ b/app/SupportedApps.php
@@ -1,34 +1,46 @@
-<?php namespace App;
+<?php
+
+namespace App;

-use GuzzleHttp\Exception\GuzzleException;
 use GuzzleHttp\Client;
+use GuzzleHttp\Exception\ConnectException;
+use GuzzleHttp\Exception\GuzzleException;
+use GuzzleHttp\Exception\ServerException;
 use Illuminate\Support\Facades\Log;
+use Psr\Http\Message\ResponseInterface;

 abstract class SupportedApps
 {
-
    protected $jar = false;
+
    protected $method = 'GET';
+
    protected $error;

-    public function appTest($url, $attrs = [], $overridevars=false)
+    /**
+     * @param $url
+     * @param array $attrs
+     * @return object
+     * @throws GuzzleException
+     */
+    public function appTest($url, array $attrs = []): object
    {
-        if(empty($this->config->url)) {
-            return (object)[
+        if (empty($this->config->url)) {
+            return (object) [
                'code' => 404,
                'status' => 'No URL has been specified',
                'response' => 'No URL has been specified',
-            ];    
+            ];
        }
        $res = $this->execute($url, $attrs);
-        if($res == null) {
-            return (object)[
+        if ($res == null) {
+            return (object) [
                'code' => null,
                'status' => $this->error,
                'response' => 'Connection failed',
            ];
        }
-        switch($res->getStatusCode()) {
+        switch ($res->getStatusCode()) {
            case 200:
                $status = 'Successfully communicated with the API';
                break;
@@ -42,90 +54,138 @@ abstract class SupportedApps
                $status = 'Something went wrong... Code: '.$res->getStatusCode();
                break;
        }
-        return (object)[
+
+        return (object) [
            'code' => $res->getStatusCode(),
            'status' => $status,
            'response' => $res->getBody(),
        ];
    }

-    public function execute($url, $attrs = [], $overridevars=false, $overridemethod=false)
-    {
+    /**
+     * @param $url
+     * @param array $attrs
+     * @param array|bool|null $overridevars
+     * @param string|bool|null $overridemethod
+     * @return ResponseInterface|null
+     * @throws GuzzleException
+     */
+    public function execute(
+        $url,
+        array $attrs = [],
+        $overridevars = null,
+        $overridemethod = null
+    ): ?ResponseInterface {
        $res = null;

-        $vars = ($overridevars !== false) ?
-        $overridevars : [
-            'http_errors' => false, 
-            'timeout' => 15, 
+        $vars = ($overridevars === null || $overridevars === false) ?
+         [
+            'http_errors' => false,
+            'timeout' => 15,
            'connect_timeout' => 15,
-        ];
+        ] : $overridevars;

        $client = new Client($vars);

-        $method = ($overridemethod !== false) ? $overridemethod : $this->method;
+        $method = ($overridemethod === null || $overridemethod === false) ? $this->method : $overridemethod;
+

        try {
-            return $client->request($method, $url, $attrs);  
-        } catch (\GuzzleHttp\Exception\ConnectException $e) {
-            Log::error("Connection refused");
+            return $client->request($method, $url, $attrs);
+        } catch (ConnectException $e) {
+            Log::error('Connection refused');
            Log::debug($e->getMessage());
-            $this->error = "Connection refused - ".(string) $e->getMessage();
-        } catch (\GuzzleHttp\Exception\ServerException $e) {
+            $this->error = 'Connection refused - '.(string) $e->getMessage();
+        } catch (ServerException $e) {
            Log::debug($e->getMessage());
            $this->error = (string) $e->getResponse()->getBody();
        }
        $this->error = 'General error connecting with API';
+
        return $res;
    }

+    /**
+     * @return void
+     */
    public function login()
    {
-
    }

-    public function normaliseurl($url, $addslash=true)
+    /**
+     * @param string $url
+     * @param bool $addslash
+     * @return string
+     */
+    public function normaliseurl(string $url, bool $addslash = true): string
    {
-
        $url = rtrim($url, '/');
-        if($addslash) $url .= '/';
+        if ($addslash) {
+            $url .= '/';
+        }

        return $url;
-
    }

-
+    /**
+     * @param $status
+     * @param $data
+     * @return false|string
+     */
    public function getLiveStats($status, $data)
    {
-        $className = get_class($this);
+        $className = $this::class;
        $explode = explode('\\', $className);
        $name = end($explode);

        $html = view('SupportedApps::'.$name.'.livestats', $data)->with('data', $data)->render();
+
        return json_encode(['status' => $status, 'html' => $html]);
-        //return 
+        //return
    }

-    public static function getList()
+    /**
+     * @return ResponseInterface
+     * @throws GuzzleException
+     */
+    public static function getList(): ResponseInterface
    {
-        $list_url = 'https://apps.heimdall.site/list';
-        $client = new Client(['http_errors' => false, 'timeout' => 15, 'connect_timeout' => 15]);
+        // $list_url = 'https://apps.heimdall.site/list';
+        $list_url = config('app.appsource').'list.json';
+        $client = new Client(['http_errors' => false, 'verify' => false, 'timeout' => 15, 'connect_timeout' => 15]);
+
        return $client->request('GET', $list_url);
    }

-    public static function configValue($item=null, $key=null)
+    public static function configValue($item = null, $key = null)
    {
-        if(isset($item) && !empty($item)) {
+        if (isset($item) && ! empty($item)) {
            return $item->getconfig()->$key;
-        } else return null;
+        } else {
+            return null;
+        }
    }

-    public static function getFiles($app)
+    /**
+     * @param $app
+     * @return bool|false
+     * @throws GuzzleException
+     */
+    public static function getFiles($app): bool
    {
-        $zipurl = $app->files;
-        $client = new Client(['http_errors' => false, 'timeout' => 60, 'connect_timeout' => 15]);
+        Log::debug("Download triggered for ".print_r($app, true));
+
+        $zipurl = config('app.appsource').'files/'.$app->sha.'.zip';
+
+        $client = new Client(['http_errors' => false, 'timeout' => 60, 'connect_timeout' => 15, 'verify' => false]);
        $res = $client->request('GET', $zipurl);

-        if(!file_exists(app_path('SupportedApps')))  {
+        // Something went wrong?
+        if ($res->getStatusCode() !== 200) {
+            return false;
+        }
+
+        if (! file_exists(app_path('SupportedApps'))) {
            mkdir(app_path('SupportedApps'), 0777, true);
        }

@@ -138,35 +198,35 @@ abstract class SupportedApps
            $zip->extractTo(app_path('SupportedApps')); // place in the directory with same name
            $zip->close();
            unlink($src); //Deleting the Zipped file
+        } else {
+            var_dump($x);
+            return false;
        }
+        return true;
    }

+    /**
+     * @param $details
+     * @param $app
+     * @return mixed
+     */
    public static function saveApp($details, $app)
    {
-        if(!file_exists(storage_path('app/public/icons')))  {
-            mkdir(storage_path('app/public/icons'), 0777, true);
-        }
-
-        $img_src = app_path('SupportedApps/'.className($details->name).'/'.$details->icon);
-        $img_dest = storage_path('app/public/icons/'.$details->icon);
-        //die("i: ".$img_src);
-        @copy($img_src, $img_dest);
-        
        $app->appid = $details->appid;
        $app->name = $details->name;
        $app->sha = $details->sha ?? null;
        $app->icon = 'icons/'.$details->icon;
        $app->website = $details->website;
        $app->license = $details->license;
-        $app->description = $details->description;

        $appclass = $app->class();
        $application = new $appclass;
-        $enhanced = (bool)($application instanceof \App\EnhancedApps);
-
+        $enhanced = (bool) ($application instanceof \App\EnhancedApps);
+        $app->class = $appclass;
        $app->enhanced = $enhanced;
        $app->tile_background = $details->tile_background;
        $app->save();
-    }

-}
+        return $app;
+    }
+}
--- a/app/SupportedApps/Ghost/Ghost.php
+++ b/app/SupportedApps/Ghost/Ghost.php
@@ -1,5 +0,0 @@
-<?php namespace App\SupportedApps\Ghost;
-
-class Ghost extends \App\SupportedApps {
-
-}
--- a/app/SupportedApps/Ghost/app.json
+++ b/app/SupportedApps/Ghost/app.json
@@ -1,10 +0,0 @@
-{
-    "appid": "c4745785181de931cfd5bd79294cb1687d82aea9",
-    "name": "Ghost",
-    "website": "https://github.com/tryghost/ghost",
-    "license": "MIT License",
-    "description": "Fiercely independent, professional publishing. A fully open source, powerful platform for building and running modern publications, we power serious blogs, magazines and journalism from DuckDuckGo to OpenAI & Sky News.",
-    "enhanced": false,
-    "tile_background": "light",
-    "icon": "ghost.png"
-}
--- a/app/SupportedApps/Ghost/ghost.png
+++ b/app/SupportedApps/Ghost/ghost.png
--- a/app/SupportedApps/MailcowSOGo/MailcowSOGo.php
+++ b/app/SupportedApps/MailcowSOGo/MailcowSOGo.php
@@ -1,5 +0,0 @@
-<?php namespace App\SupportedApps\MailcowSOGo;
-
-class MailcowSOGo extends \App\SupportedApps {
-
-}
--- a/app/SupportedApps/MailcowSOGo/app.json
+++ b/app/SupportedApps/MailcowSOGo/app.json
@@ -1,10 +0,0 @@
-{
-    "appid": "1ec48781d2c87a9e6dc9ee99e5eff0ab5958df09",
-    "name": "Mailcow - SOGo",
-    "website": "https://sogo.nu/",
-    "license": "GNU GPL/LGPL v2 and above",
-    "description": "SOGo is a fully supported and trusted groupware server with a focus on scalability and open standards.\r\n\r\nPart of the Mailcow stack.",
-    "enhanced": false,
-    "tile_background": "dark",
-    "icon": "mailcowsogo.svg"
-}
--- a/app/SupportedApps/MailcowSOGo/mailcowsogo.svg
+++ b/app/SupportedApps/MailcowSOGo/mailcowsogo.svg
--- a/app/SupportedApps/Mattermost/Mattermost.php
+++ b/app/SupportedApps/Mattermost/Mattermost.php
@@ -1,5 +0,0 @@
-<?php namespace App\SupportedApps\Mattermost;
-
-class Mattermost extends \App\SupportedApps {
-
-}
--- a/app/SupportedApps/Mattermost/app.json
+++ b/app/SupportedApps/Mattermost/app.json
@@ -1,10 +0,0 @@
-{
-    "appid": "b3e1424fb69ca08481b03ad9d81e95488421997f",
-    "name": "Mattermost",
-    "website": "https://mattermost.com/",
-    "license": "MIT License",
-    "description": "Mattermost provides high trust collaboration and messaging solutions through an open source, community-powered approach. Enjoy all the productivity benefits of workplace messaging across web, mobile and PC, with unlimited archiving, search and integrations within IT-controlled private environments in public clouds, including AWS and Azure, as well as on-premise in private clouds and virtual or physical servers.",
-    "enhanced": false,
-    "tile_background": "light",
-    "icon": "mattermost.png"
-}
--- a/app/SupportedApps/Mattermost/mattermost.png
+++ b/app/SupportedApps/Mattermost/mattermost.png
--- a/app/SupportedApps/MayanEDMS/MayanEDMS.php
+++ b/app/SupportedApps/MayanEDMS/MayanEDMS.php
@@ -1,5 +0,0 @@
-<?php namespace App\SupportedApps\MayanEDMS;
-
-class MayanEDMS extends \App\SupportedApps {
-
-}
--- a/app/SupportedApps/MayanEDMS/app.json
+++ b/app/SupportedApps/MayanEDMS/app.json
@@ -1,10 +0,0 @@
-{
-    "appid": "6b9e062ff02ea610df64e9b0eca1c973faf1b51d",
-    "name": "Mayan EDMS",
-    "website": "https://github.com/tryghost/ghost",
-    "license": "Apache License 2.0",
-    "description": "Mayan EDMS is an open-source document management system. Its main purpose is to store, introspect, and categorize files, with a strong emphasis on preserving the contextual and business information of documents. It can also OCR, preview, label, sign, send, and receive thoses files. Other features of interest are its workflow system, role based access control, and REST API.",
-    "enhanced": false,
-    "tile_background": "light",
-    "icon": "mayanedms.png"
-}
--- a/app/SupportedApps/MayanEDMS/mayanedms.png
+++ b/app/SupportedApps/MayanEDMS/mayanedms.png
--- a/app/SupportedApps/Nzbget/Nzbget.php
+++ b/app/SupportedApps/Nzbget/Nzbget.php
@@ -1,45 +0,0 @@
-<?php namespace App\SupportedApps\Nzbget;
-
-class Nzbget extends \App\SupportedApps implements \App\EnhancedApps {
-
-    public $config;
-
-    public function test()
-    {
-        $test = parent::appTest($this->url('status'));
-        echo $test->status;
-    }
-   
-    public function livestats()
-    {
-        $status = 'inactive';
-        $res = parent::execute($this->url('status'));
-        $details = json_decode($res->getBody());
-
-        $data = [];
-
-        if($details) {
-            $size = $details->result->RemainingSizeMB;
-            $rate = $details->result->DownloadRate;
-            $data['queue_size'] = format_bytes($size*1000*1000, false, ' <span>', '</span>');
-            $data['current_speed'] = format_bytes($rate, false, ' <span>');
-            $status = ($size > 0 || $rate > 0) ? 'active' : 'inactive';
-        }
-
-        return parent::getLiveStats($status, $data);
-        
-    }
-
-    public function url($endpoint)
-    {
-        $api_url = parent::normaliseurl($this->config->url);
-        $username = $this->config->username;
-        $password = $this->config->password;
-        $rebuild_url = str_replace('http://', 'http://'.$username.':'.$password.'@', $api_url);
-        $rebuild_url = str_replace('https://', 'https://'.$username.':'.$password.'@', $rebuild_url);
-        $rebuild_url = rtrim($rebuild_url, '/');
-        
-        $api_url = $rebuild_url.'/jsonrpc/'.$endpoint;
-        return $api_url;
-    }
-}
--- a/app/SupportedApps/Privatebin/Privatebin.php
+++ b/app/SupportedApps/Privatebin/Privatebin.php
@@ -1,5 +0,0 @@
-<?php namespace App\SupportedApps\Privatebin;
-
-class Privatebin extends \App\SupportedApps {
-
-}
--- a/app/SupportedApps/Privatebin/app.json
+++ b/app/SupportedApps/Privatebin/app.json
@@ -1,10 +0,0 @@
-{
-    "appid": "87ecbead58e42b5ab9e1a92ccc0b42075f4fba91",
-    "name": "Privatebin",
-    "website": "https://privatebin.info/",
-    "license": "zlib/libpng License with Acknowledgement",
-    "description": "PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data.\r\n\r\nData is encrypted and decrypted in the browser using 256bit AES in Galois Counter mode.",
-    "enhanced": false,
-    "tile_background": "light",
-    "icon": "privatebin.png"
-}
--- a/app/SupportedApps/Privatebin/privatebin.png
+++ b/app/SupportedApps/Privatebin/privatebin.png
--- a/app/SupportedApps/Rspamd/Rspamd.php
+++ b/app/SupportedApps/Rspamd/Rspamd.php
@@ -1,5 +0,0 @@
-<?php namespace App\SupportedApps\Rspamd;
-
-class Rspamd extends \App\SupportedApps {
-
-}
--- a/app/SupportedApps/Rspamd/app.json
+++ b/app/SupportedApps/Rspamd/app.json
@@ -1,10 +0,0 @@
-{
-    "appid": "5876529d5d47f91c435d9230576044bc4cad8547",
-    "name": "Rspamd",
-    "website": "https://rspamd.com/",
-    "license": "Apache 2.0",
-    "description": "Fast, free and open-source spam filtering system.",
-    "enhanced": false,
-    "tile_background": "dark",
-    "icon": "rspamd.png"
-}
--- a/app/SupportedApps/Rspamd/rspamd.png
+++ b/app/SupportedApps/Rspamd/rspamd.png
--- a/app/SupportedApps/SOGo/SOGo.php
+++ b/app/SupportedApps/SOGo/SOGo.php
@@ -1,5 +0,0 @@
-<?php namespace App\SupportedApps\SOGo;
-
-class SOGo extends \App\SupportedApps {
-
-}
--- a/app/SupportedApps/SOGo/app.json
+++ b/app/SupportedApps/SOGo/app.json
@@ -1,10 +0,0 @@
-{
-    "appid": "d143b3a76b72591495655c5257c7523456bdd736",
-    "name": "SOGo",
-    "website": "https://sogo.nu/",
-    "license": "GNU GPL/LGPL v2 and above",
-    "description": "SOGo is a fully supported and trusted groupware server with a focus on scalability and open standards.",
-    "enhanced": false,
-    "tile_background": "light",
-    "icon": "sogo.svg"
-}
--- a/app/SupportedApps/SOGo/sogo.svg
+++ b/app/SupportedApps/SOGo/sogo.svg
@@ -1,11 +0,0 @@
-<?xml version="1.0" standalone="no"?>
-<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
-<svg width="792px" height="464px" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xml:space="preserve" style="fill-rule:evenodd;clip-rule:evenodd;stroke-linejoin:round;stroke-miterlimit:1.41421;">
-    <g>
-        <g>
-            <g>
-                <path d="M643.711,144.938C633.849,144.938 626.847,137.721 626.847,128.035C626.847,118.341 633.849,111.123 643.711,111.123C653.65,111.123 660.652,118.341 660.652,128.035C660.652,137.721 653.65,144.938 643.711,144.938ZM643.681,94.5835C624.154,94.5835 610.288,108.861 610.288,128.035C610.288,147.2 624.154,161.478 643.681,161.478C663.335,161.478 677.202,147.2 677.202,128.035C677.202,108.861 663.335,94.5835 643.681,94.5835ZM643.652,178.811C614.019,178.811 592.965,157.13 592.965,128.035C592.965,98.9315 614.019,77.2602 643.652,77.2602C673.48,77.2602 694.525,98.9315 694.525,128.035C694.525,157.13 673.48,178.811 643.652,178.811ZM643.613,58.4876C603.032,58.4876 574.212,88.1791 574.212,128.035C574.212,167.882 603.032,197.564 643.613,197.564C684.458,197.564 713.288,167.882 713.288,128.035C713.288,88.1791 684.458,58.4876 643.613,58.4876ZM157.492,182.836L136.653,177.871C117.684,173.513 108.048,168.538 108.048,154.858C108.048,139.307 123.903,133.079 138.21,133.079C152.752,133.079 163.377,140.345 169.635,151.656C169.654,151.704 169.684,151.753 169.723,151.812C169.85,152.057 169.997,152.292 170.124,152.537L170.154,152.517C172.122,155.494 175.432,157.482 178.997,157.482C185.068,157.482 189.465,153.095 189.465,147.024C189.465,144.703 188.966,142.245 187.879,140.394C177.205,122.248 159.607,114.424 139.454,114.424C112.093,114.424 85.6524,128.104 85.6524,158.266C85.6524,185.95 113.023,194.038 122.972,196.516L142.871,201.187C158.109,204.918 170.546,209.903 170.546,224.504C170.546,241.298 153.134,248.77 136.34,248.77C119.241,248.77 106.579,240.025 97.8541,227.118L97.8443,227.118C95.9054,224.288 92.899,222.3 89.2169,222.3C83.2826,222.3 78.5037,227.177 78.7191,233.102C78.8171,235.52 79.6201,237.567 80.854,239.32C94.5246,259.777 114.296,267.425 136.34,267.425C164.641,267.425 192.942,254.362 192.942,222.643C192.942,202.127 177.704,187.507 157.492,182.836ZM296.617,248.682C263.038,248.682 241.886,223.495 241.886,190.846C241.886,158.187 263.038,133 296.617,133C330.52,133 351.662,158.187 351.662,190.846C351.662,223.495 330.52,248.682 296.617,248.682ZM296.617,114.345C251.531,114.345 219.499,146.994 219.499,190.846C219.499,234.688 251.531,267.337 296.617,267.337C342.016,267.337 374.048,234.688 374.048,190.846C374.048,146.994 342.016,114.345 296.617,114.345ZM514.985,232.818C514.221,233.552 513.448,234.277 512.606,234.972C511.509,235.981 510.236,237.068 508.786,238.155C500.032,244.491 488.976,248.163 476.049,248.163C442.46,248.163 421.318,222.976 421.318,190.327C421.318,157.668 442.46,132.481 476.049,132.481C509.942,132.481 531.084,157.668 531.084,190.327C531.084,207.376 525.316,222.369 514.985,232.818ZM464.797,315.733C467.304,315.733 469.899,315.566 472.592,315.233C477.567,314.607 482.101,314.332 486.204,314.332C505.281,314.44 514.995,319.983 520.851,326.387C526.697,332.831 528.95,341.566 528.94,348.989C528.95,352.544 528.391,355.726 527.774,357.636C524.856,366.488 518.961,372.511 509.932,377.045C500.972,381.491 489.015,383.763 476.51,383.743C472.034,383.743 467.481,383.459 462.986,382.921C454.486,381.941 443.244,378.289 435.096,371.923C430.993,368.751 427.614,364.99 425.235,360.534C422.875,356.059 421.406,350.869 421.396,344.23L421.396,343.495C421.651,331.254 427.272,323.126 433.431,317.221C436.477,314.342 439.611,312.198 441.892,310.836C442.255,310.621 442.597,310.425 442.911,310.249C448.953,313.823 456.454,315.762 464.797,315.733ZM476.049,113.826C430.964,113.826 398.922,146.475 398.922,190.327C398.922,219.96 413.562,244.461 436.976,257.241C436.663,257.554 436.359,257.877 436.066,258.2C430.014,264.83 426.919,273.32 426.909,281.909C426.9,285.698 427.526,289.586 428.868,293.307C425.832,295.246 422.209,297.9 418.497,301.386C409.547,309.72 399.921,323.733 399.637,343.123C399.627,343.573 399.627,343.946 399.627,344.23C399.617,354.218 401.987,363.227 406.031,370.778C412.113,382.147 421.582,390.059 431.355,395.338C441.187,400.626 451.44,403.436 460.381,404.533C465.708,405.17 471.114,405.512 476.51,405.512C491.532,405.493 506.514,402.957 519.549,396.572C532.524,390.285 543.678,379.464 548.496,364.285C549.926,359.771 550.689,354.649 550.709,348.989C550.689,337.492 547.389,323.449 537.058,311.855C526.727,300.221 509.638,292.455 486.204,292.563C481.112,292.563 475.687,292.916 469.919,293.63C468.058,293.856 466.354,293.963 464.797,293.963C457.619,293.915 454.016,291.927 451.871,289.899C449.756,287.833 448.698,285.101 448.669,281.909C448.659,278.657 449.942,275.24 452.106,272.909C454.319,270.598 457.071,269.031 461.869,268.972C462.3,268.972 462.761,268.982 463.231,269.021C466.306,269.237 469.292,269.345 472.191,269.345C496.173,269.393 514.212,261.961 526.482,251.737C538.791,241.514 545.294,229.077 548.369,219.255L548.329,219.245C551.669,210.422 553.48,200.688 553.48,190.327C553.48,146.475 521.448,113.826 476.049,113.826Z" style="fill:rgb(80,189,55);fill-rule:nonzero;"/>
-            </g>
-        </g>
-    </g>
-</svg>
--- a/app/SupportedApps/Snibox/Snibox.php
+++ b/app/SupportedApps/Snibox/Snibox.php
@@ -1,5 +0,0 @@
-<?php namespace App\SupportedApps\Snibox;
-
-class Snibox extends \App\SupportedApps {
-
-}
--- a/app/SupportedApps/Snibox/app.json
+++ b/app/SupportedApps/Snibox/app.json
@@ -1,10 +0,0 @@
-{
-    "appid": "6c050d5bdf522fa20599560ff0f6b74e7dcd97a8",
-    "name": "Snibox",
-    "website": "https://github.com/snibox/snibox",
-    "license": "MIT License",
-    "description": "Snibox is a self-hosted, single-user (for now) snippet manager. Developed to collect and organize code snippets. Supports various programming languages, markdown, plain text.",
-    "enhanced": false,
-    "tile_background": "dark",
-    "icon": "snibox.png"
-}
--- a/app/SupportedApps/Snibox/snibox.png
+++ b/app/SupportedApps/Snibox/snibox.png
--- a/app/User.php
+++ b/app/User.php
@@ -2,13 +2,54 @@

 namespace App;

-use Illuminate\Notifications\Notifiable;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
+use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Foundation\Auth\User as Authenticatable;
+use Illuminate\Notifications\Notifiable;

+// @codingStandardsIgnoreStart
+/**
+ * App\User
+ *
+ * @property int $id
+ * @property string $username
+ * @property string $email
+ * @property string|null $avatar
+ * @property string|null $password
+ * @property string|null $autologin
+ * @property int $public_front
+ * @property string|null $remember_token
+ * @property \Illuminate\Support\Carbon|null $created_at
+ * @property \Illuminate\Support\Carbon|null $updated_at
+ * @property-read \Illuminate\Database\Eloquent\Collection|\App\Item[] $items
+ * @property-read int|null $items_count
+ * @property-read \Illuminate\Notifications\DatabaseNotificationCollection|\Illuminate\Notifications\DatabaseNotification[] $notifications
+ * @property-read int|null $notifications_count
+ * @property-read \Illuminate\Database\Eloquent\Collection|\App\Setting[] $settings
+ * @property-read int|null $settings_count
+ * @method static \Illuminate\Database\Eloquent\Builder|User newModelQuery()
+ * @method static \Illuminate\Database\Eloquent\Builder|User newQuery()
+ * @method static \Illuminate\Database\Eloquent\Builder|User query()
+ * @method static \Illuminate\Database\Eloquent\Builder|User whereAutologin($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|User whereAvatar($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|User whereCreatedAt($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|User whereEmail($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|User whereId($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|User wherePassword($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|User wherePublicFront($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|User whereRememberToken($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|User whereUpdatedAt($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|User whereUsername($value)
+ * @mixin \Eloquent
+ */
+// @codingStandardsIgnoreEnd
 class User extends Authenticatable
 {
    use Notifiable;

+    use HasFactory;
+
    /**
     * The attributes that are mass assignable.
     *
@@ -27,20 +68,28 @@ class User extends Authenticatable
        'password', 'remember_token',
    ];

+    /**
+     * @return mixed
+     */
+    public function getId()
+    {
+        return $this->id;
+    }
+
    /**
     * Get the items for the user.
     */
-    public function items()
+    public function items(): HasMany
    {
-        return $this->hasMany('App\Item');
+        return $this->hasMany(Item::class);
    }

    /**
     * The settings that belong to the user.
     */
-    public function settings()
+    public function settings(): BelongsToMany
    {
-        return $this->belongsToMany('App\Setting')->withPivot('uservalue');
+        return $this->belongsToMany(Setting::class)->withPivot('uservalue');
    }

    public static function currentUser()
@@ -49,15 +98,13 @@ class User extends Authenticatable
        if ($current_user) { // if logged in, set this user
            return $current_user;
        } else { // not logged in, get first user
-            $user = User::where('public_front',true)->first();
-            if(!$user) {
-                $user = User::first();
+            $user = self::where('public_front', true)->first();
+            if (! $user) {
+                $user = self::first();
            }
            session(['current_user' => $user]);
+
            return $user;
        }
-
    }
-
-
 }
--- a/50
+++ b/50
@@ -1,53 +1,15 @@
 #!/usr/bin/env php
 <?php

+use Symfony\Component\Console\Input\ArgvInput;
+
 define('LARAVEL_START', microtime(true));

-/*
-|--------------------------------------------------------------------------
-| Register The Auto Loader
-|--------------------------------------------------------------------------
-|
-| Composer provides a convenient, automatically generated class loader
-| for our application. We just need to utilize it! We'll require it
-| into the script here so that we do not have to worry about the
-| loading of any our classes "manually". Feels great to relax.
-|
-*/
-
+// Register the Composer autoloader...
 require __DIR__.'/vendor/autoload.php';

-$app = require_once __DIR__.'/bootstrap/app.php';
-
-/*
-|--------------------------------------------------------------------------
-| Run The Artisan Application
-|--------------------------------------------------------------------------
-|
-| When we run the console application, the current CLI command will be
-| executed in this console and the response sent back to a terminal
-| or another output device for the developers. Here goes nothing!
-|
-*/
-
-$kernel = $app->make(Illuminate\Contracts\Console\Kernel::class);
-
-$status = $kernel->handle(
-    $input = new Symfony\Component\Console\Input\ArgvInput,
-    new Symfony\Component\Console\Output\ConsoleOutput
-);
-
-/*
-|--------------------------------------------------------------------------
-| Shutdown The Application
-|--------------------------------------------------------------------------
-|
-| Once Artisan has finished running, we will fire off the shutdown events
-| so that any final work may be done by the application before we shut
-| down the process. This is the last thing to happen to the request.
-|
-*/
-
-$kernel->terminate($input, $status);
+// Bootstrap Laravel and handle the command...
+$status = (require_once __DIR__.'/bootstrap/app.php')
+    ->handleCommand(new ArgvInput);

 exit($status);
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@@ -1,55 +1,43 @@
 <?php

-/*
-|--------------------------------------------------------------------------
-| Create The Application
-|--------------------------------------------------------------------------
-|
-| The first thing we will do is create a new Laravel application instance
-| which serves as the "glue" for all the components of Laravel, and is
-| the IoC container for the system binding all of the various parts.
-|
-*/
+use Illuminate\Foundation\Application;
+use Illuminate\Foundation\Configuration\Exceptions;
+use Illuminate\Foundation\Configuration\Middleware;

-$app = new Illuminate\Foundation\Application(
-    realpath(__DIR__.'/../')
-);
+return Application::configure(basePath: dirname(__DIR__))
+    ->withProviders([
+        \Spatie\Html\HtmlServiceProvider::class,
+    ])
+    ->withRouting(
+        web: __DIR__.'/../routes/web.php',
+        api: __DIR__.'/../routes/api.php',
+        commands: __DIR__.'/../routes/console.php',
+        channels: __DIR__.'/../routes/channels.php',
+        health: '/up',
+    )
+    ->withMiddleware(function (Middleware $middleware) {
+        $middleware->redirectGuestsTo(fn () => route('login'));

-/*
-|--------------------------------------------------------------------------
-| Bind Important Interfaces
-|--------------------------------------------------------------------------
-|
-| Next, we need to bind some important interfaces into the container so
-| we will be able to resolve them when needed. The kernels serve the
-| incoming requests to this application from both the web and CLI.
-|
-*/
+        $middleware->validateCsrfTokens(except: [
+            //
+            'order',
+            'appload',
+            'test_config',
+            //'get_stats'
+        ]);

-$app->singleton(
-    Illuminate\Contracts\Http\Kernel::class,
-    App\Http\Kernel::class
-);
+        $middleware->append(\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class);

-$app->singleton(
-    Illuminate\Contracts\Console\Kernel::class,
-    App\Console\Kernel::class
-);
+        $middleware->throttleApi('60,1');

-$app->singleton(
-    Illuminate\Contracts\Debug\ExceptionHandler::class,
-    App\Exceptions\Handler::class
-);
+        $middleware->replace(\Illuminate\Http\Middleware\TrustProxies::class, \App\Http\Middleware\TrustProxies::class);

-/*
-|--------------------------------------------------------------------------
-| Return The Application
-|--------------------------------------------------------------------------
-|
-| This script returns the application instance. The instance is given to
-| the calling script so we can separate the building of the instances
-| from the actual running of the application and sending responses.
-|
-*/
-
-return $app;
+        $middleware->alias([
+            'allowed' => \App\Http\Middleware\CheckAllowed::class,
+            'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
+            'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
+        ]);
+    })
+    ->withExceptions(function (Exceptions $exceptions) {
+        //
+    })->create();
--- a/bootstrap/providers.php
+++ b/bootstrap/providers.php
@@ -0,0 +1,7 @@
+<?php
+
+return [
+    App\Providers\AppServiceProvider::class,
+    App\Providers\FormMacroServiceProvider::class,
+    App\Providers\RouteServiceProvider::class,
+];
--- a/composer.json
+++ b/composer.json
@@ -1,36 +1,49 @@
 {
    "name": "laravel/laravel",
    "description": "The Laravel Framework.",
-    "keywords": ["framework", "laravel"],
+    "keywords": [
+        "framework",
+        "laravel"
+    ],
    "license": "MIT",
    "type": "project",
    "require": {
-        "php": ">=7.0.0",
-        "fideloper/proxy": "^4.0",
-        "graham-campbell/github": "^7.5",
-        "guzzlehttp/guzzle": "^6.3",
-        "laravel/framework": "5.7.*",
-        "laravel/tinker": "~1.0",
-        "laravelcollective/html": "^5.5",
-        "php-http/guzzle6-adapter": "^1.1"
+        "php": "^8.2",
+        "ext-intl": "*",
+        "ext-json": "*",
+        "enshrined/svg-sanitize": "^0.21.0",
+        "graham-campbell/github": "^12.5",
+        "guzzlehttp/guzzle": "^7.8",
+        "laravel/framework": "^11.45",
+        "laravel/tinker": "^2.9",
+        "laravel/ui": "^4.4",
+        "league/flysystem-aws-s3-v3": "^3.0",
+        "nunomaduro/collision": "^8.0",
+        "spatie/laravel-html": "^3.11",
+        "spatie/laravel-ignition": "^2.4",
+        "symfony/yaml": "^7.0"
    },
    "require-dev": {
-        "filp/whoops": "~2.0",
-        "fzaninotto/faker": "~1.4",
-        "mockery/mockery": "~1.0",
-        "phpunit/phpunit": "~6.0",
-        "symfony/thanks": "^1.0"
+        "barryvdh/laravel-ide-helper": "^3.0",
+        "filp/whoops": "^2.8",
+        "mockery/mockery": "^1.6",
+        "phpunit/phpunit": "^10.5",
+        "squizlabs/php_codesniffer": "3.*",
+        "symfony/thanks": "^1.2",
+        "fakerphp/faker": "^1.23"
    },
    "autoload": {
        "classmap": [
-            "database/seeds",
+            "database/seeders",
            "database/factories"
        ],
        "files": [
            "app/Helper.php"
        ],
        "psr-4": {
-            "App\\": "app/"
+            "App\\": "app/",
+            "Database\\Factories\\": "database/factories/",
+            "Database\\Seeders\\": "database/seeders/"
        }
    },
    "autoload-dev": {
@@ -41,6 +54,7 @@
    "extra": {
        "laravel": {
            "dont-discover": [
+                "barryvdh/laravel-ide-helper"
            ]
        }
    },
@@ -54,11 +68,24 @@
        "post-autoload-dump": [
            "Illuminate\\Foundation\\ComposerScripts::postAutoloadDump",
            "@php artisan package:discover"
+        ],
+        "post-update-cmd": [
+            "Illuminate\\Foundation\\ComposerScripts::postUpdate",
+            "@php artisan ide-helper:generate",
+            "@php artisan ide-helper:meta",
+            "@php artisan vendor:publish --tag=laravel-assets --ansi --force"
        ]
    },
    "config": {
        "preferred-install": "dist",
        "sort-packages": true,
-        "optimize-autoloader": true
-    }
+        "optimize-autoloader": true,
+        "allow-plugins": {
+            "kylekatarnls/update-helper": true,
+            "symfony/thanks": true,
+            "php-http/discovery": true
+        }
+    },
+    "minimum-stability": "stable",
+    "prefer-stable": true
 }
--- a/composer.lock
+++ b/composer.lock
--- a/vendor/monolog/monolog/tests/Monolog/Handler/Fixtures/.gitkeep
+++ b/vendor/monolog/monolog/tests/Monolog/Handler/Fixtures/.gitkeep
--- a/config/app.php
+++ b/config/app.php
@@ -1,237 +1,32 @@
 <?php

+use Illuminate\Support\ServiceProvider;
+use Illuminate\Support\Facades\Facade;
+
 return [

-    /*
-    |--------------------------------------------------------------------------
-    | Application Name
-    |--------------------------------------------------------------------------
-    |
-    | This value is the name of your application. This value is used when the
-    | framework needs to place the application's name in a notification or
-    | any other location as required by the application or its packages.
-    |
-    */
+    'version' => '2.7.7',

-    'name' => env('APP_NAME', 'Heimdall'),  
-    'version' => '2.1.11',
+    'appsource' => env('APP_SOURCE', 'https://appslist.heimdall.site/'),

-    /*
-    |--------------------------------------------------------------------------
-    | Application Environment
-    |--------------------------------------------------------------------------
-    |
-    | This value determines the "environment" your application is currently
-    | running in. This may determine how you prefer to configure various
-    | services your application utilizes. Set this in your ".env" file.
-    |
-    */
+    'allow_internal_requests' => env('ALLOW_INTERNAL_REQUESTS', false),

-    'env' => env('APP_ENV', 'production'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Application Debug Mode
-    |--------------------------------------------------------------------------
-    |
-    | When your application is in debug mode, detailed error messages with
-    | stack traces will be shown on every error that occurs within your
-    | application. If disabled, a simple generic error page is shown.
-    |
-    */
-
-    'debug' => env('APP_DEBUG', false),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Application URL
-    |--------------------------------------------------------------------------
-    |
-    | This URL is used by the console to properly generate URLs when using
-    | the Artisan command line tool. You should set this to the root of
-    | your application so that it is used when running Artisan tasks.
-    |
-    */
-
-    'url' => env('APP_URL', 'http://localhost'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Application Timezone
-    |--------------------------------------------------------------------------
-    |
-    | Here you may specify the default timezone for your application, which
-    | will be used by the PHP date and date-time functions. We have gone
-    | ahead and set this to a sensible default for you out of the box.
-    |
-    */
-
-    'timezone' => 'UTC',
-
-    /*
-    |--------------------------------------------------------------------------
-    | Application Locale Configuration
-    |--------------------------------------------------------------------------
-    |
-    | The application locale determines the default locale that will be used
-    | by the translation service provider. You are free to set this value
-    | to any of the locales which will be supported by the application.
-    |
-    */
-
-    'locale' => 'en',
-
-    /*
-    |--------------------------------------------------------------------------
-    | Application Fallback Locale
-    |--------------------------------------------------------------------------
-    |
-    | The fallback locale determines the locale to use when the current one
-    | is not available. You may change the value to correspond to any of
-    | the language folders that are provided through your application.
-    |
-    */
-
-    'fallback_locale' => 'en',
-
-    /*
-    |--------------------------------------------------------------------------
-    | Encryption Key
-    |--------------------------------------------------------------------------
-    |
-    | This key is used by the Illuminate encrypter service and should be set
-    | to a random, 32 character string, otherwise these encrypted strings
-    | will not be safe. Please do this before deploying an application!
-    |
-    */
-
-    'key' => env('APP_KEY', 'base64:I206O8ibx+GQyRE7BeOxDobn04Mfmyyc5Ptzns/C0mY='),
-
-    'cipher' => 'AES-256-CBC',
-
-    /*
-    |--------------------------------------------------------------------------
-    | Logging Configuration
-    |--------------------------------------------------------------------------
-    |
-    | Here you may configure the log settings for your application. Out of
-    | the box, Laravel uses the Monolog PHP logging library. This gives
-    | you a variety of powerful log handlers / formatters to utilize.
-    |
-    | Available Settings: "single", "daily", "syslog", "errorlog"
-    |
-    */
-
-    'log' => env('APP_LOG', 'single'),
-
-    'log_level' => env('APP_LOG_LEVEL', 'debug'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Autoloaded Service Providers
-    |--------------------------------------------------------------------------
-    |
-    | The service providers listed here will be automatically loaded on the
-    | request to your application. Feel free to add your own services to
-    | this array to grant expanded functionality to your applications.
-    |
-    */
-
-    'providers' => [
-
-        /*
-         * Laravel Framework Service Providers...
-         */
-        Illuminate\Auth\AuthServiceProvider::class,
-        Illuminate\Broadcasting\BroadcastServiceProvider::class,
-        Illuminate\Bus\BusServiceProvider::class,
-        Illuminate\Cache\CacheServiceProvider::class,
-        Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class,
-        Illuminate\Cookie\CookieServiceProvider::class,
-        Illuminate\Database\DatabaseServiceProvider::class,
-        Illuminate\Encryption\EncryptionServiceProvider::class,
-        Illuminate\Filesystem\FilesystemServiceProvider::class,
-        Illuminate\Foundation\Providers\FoundationServiceProvider::class,
-        Illuminate\Hashing\HashServiceProvider::class,
-        Illuminate\Mail\MailServiceProvider::class,
-        Illuminate\Notifications\NotificationServiceProvider::class,
-        Illuminate\Pagination\PaginationServiceProvider::class,
-        Illuminate\Pipeline\PipelineServiceProvider::class,
-        Illuminate\Queue\QueueServiceProvider::class,
-        Illuminate\Redis\RedisServiceProvider::class,
-        Illuminate\Auth\Passwords\PasswordResetServiceProvider::class,
-        Illuminate\Session\SessionServiceProvider::class,
-        Illuminate\Translation\TranslationServiceProvider::class,
-        Illuminate\Validation\ValidationServiceProvider::class,
-        Illuminate\View\ViewServiceProvider::class,
-
-        /*
-         * Package Service Providers...
-         */
-        Collective\Html\HtmlServiceProvider::class,
-        /*
-         * Application Service Providers...
-         */
-        App\Providers\AppServiceProvider::class,
-        App\Providers\AuthServiceProvider::class,
-        // App\Providers\BroadcastServiceProvider::class,
-        App\Providers\EventServiceProvider::class,
-        App\Providers\RouteServiceProvider::class,
-
-    ],
-
-    /*
-    |--------------------------------------------------------------------------
-    | Class Aliases
-    |--------------------------------------------------------------------------
-    |
-    | This array of class aliases will be registered when this application
-    | is started. However, feel free to register as many as you wish as
-    | the aliases are "lazy" loaded so they don't hinder performance.
-    |
-    */
-
-    'aliases' => [
-
-        'App' => Illuminate\Support\Facades\App::class,
-        'Artisan' => Illuminate\Support\Facades\Artisan::class,
-        'Auth' => Illuminate\Support\Facades\Auth::class,
-        'Blade' => Illuminate\Support\Facades\Blade::class,
-        'Broadcast' => Illuminate\Support\Facades\Broadcast::class,
-        'Bus' => Illuminate\Support\Facades\Bus::class,
-        'Cache' => Illuminate\Support\Facades\Cache::class,
-        'Config' => Illuminate\Support\Facades\Config::class,
-        'Cookie' => Illuminate\Support\Facades\Cookie::class,
-        'Crypt' => Illuminate\Support\Facades\Crypt::class,
-        'DB' => Illuminate\Support\Facades\DB::class,
-        'Eloquent' => Illuminate\Database\Eloquent\Model::class,
-        'Event' => Illuminate\Support\Facades\Event::class,
-        'File' => Illuminate\Support\Facades\File::class,
-        'Form' => Collective\Html\FormFacade::class,
-        'Gate' => Illuminate\Support\Facades\Gate::class,
-        'Hash' => Illuminate\Support\Facades\Hash::class,
-        'Html' => Collective\Html\HtmlFacade::class,
-        'Lang' => Illuminate\Support\Facades\Lang::class,
-        'Log' => Illuminate\Support\Facades\Log::class,
-        'Mail' => Illuminate\Support\Facades\Mail::class,
-        'Notification' => Illuminate\Support\Facades\Notification::class,
-        'Password' => Illuminate\Support\Facades\Password::class,
-        'Queue' => Illuminate\Support\Facades\Queue::class,
-        'Redirect' => Illuminate\Support\Facades\Redirect::class,
-        'Redis' => Illuminate\Support\Facades\Redis::class,
-        'Request' => Illuminate\Support\Facades\Request::class,
-        'Response' => Illuminate\Support\Facades\Response::class,
-        'Route' => Illuminate\Support\Facades\Route::class,
-        'Schema' => Illuminate\Support\Facades\Schema::class,
-        'Session' => Illuminate\Support\Facades\Session::class,
-        'Storage' => Illuminate\Support\Facades\Storage::class,
-        'URL' => Illuminate\Support\Facades\URL::class,
-        'Validator' => Illuminate\Support\Facades\Validator::class,
-        'View' => Illuminate\Support\Facades\View::class,
-
-        'SupportedApps' => App\SupportedApps::class,
+    'aliases' => Facade::defaultAliases()->merge([
        'EnhancedApps' => App\EnhancedApps::class,
+        'Form' => App\Facades\Form::class,
+        'Redis' => Illuminate\Support\Facades\Redis::class,
+        'SupportedApps' => App\SupportedApps::class,
+        'Yaml' => Symfony\Component\Yaml\Yaml::class,
+    ])->toArray(),

-    ],
+    'auth_roles_enable' =>  (bool) env('AUTH_ROLES_ENABLE', false),
+
+    'auth_roles_header' =>  env('AUTH_ROLES_HEADER', 'remote-groups'),
+
+    'auth_roles_http_header' =>  env('AUTH_ROLES_HTTP_HEADER', 'HTTP_REMOTE_GROUPS'),
+
+    'auth_roles_admin' =>  env('AUTH_ROLES_ADMIN', 'admin'),
+
+    'auth_roles_delimiter' =>  env('AUTH_ROLES_DELIMITER', ','),

 ];
--- a/config/auth.php
+++ b/config/auth.php
@@ -2,100 +2,17 @@

 return [

-    /*
-    |--------------------------------------------------------------------------
-    | Authentication Defaults
-    |--------------------------------------------------------------------------
-    |
-    | This option controls the default authentication "guard" and password
-    | reset options for your application. You may change these defaults
-    | as required, but they're a perfect start for most applications.
-    |
-    */
-
-    'defaults' => [
-        'guard' => 'web',
-        'passwords' => 'users',
-    ],
-
-    /*
-    |--------------------------------------------------------------------------
-    | Authentication Guards
-    |--------------------------------------------------------------------------
-    |
-    | Next, you may define every authentication guard for your application.
-    | Of course, a great default configuration has been defined for you
-    | here which uses session storage and the Eloquent user provider.
-    |
-    | All authentication drivers have a user provider. This defines how the
-    | users are actually retrieved out of your database or other storage
-    | mechanisms used by this application to persist your user's data.
-    |
-    | Supported: "session", "token"
-    |
-    */
-
    'guards' => [
-        'web' => [
-            'driver' => 'session',
-            'provider' => 'users',
-        ],
-
        'api' => [
            'driver' => 'token',
            'provider' => 'users',
+            'hash' => false,
        ],
    ],
-
-    /*
-    |--------------------------------------------------------------------------
-    | User Providers
-    |--------------------------------------------------------------------------
-    |
-    | All authentication drivers have a user provider. This defines how the
-    | users are actually retrieved out of your database or other storage
-    | mechanisms used by this application to persist your user's data.
-    |
-    | If you have multiple user tables or models you may configure multiple
-    | sources which represent each model / table. These sources may then
-    | be assigned to any extra authentication guards you have defined.
-    |
-    | Supported: "database", "eloquent"
-    |
-    */
-
    'providers' => [
        'users' => [
            'driver' => 'eloquent',
-            'model' => App\User::class,
-        ],
-
-        // 'users' => [
-        //     'driver' => 'database',
-        //     'table' => 'users',
-        // ],
-    ],
-
-    /*
-    |--------------------------------------------------------------------------
-    | Resetting Passwords
-    |--------------------------------------------------------------------------
-    |
-    | You may specify multiple password reset configurations if you have more
-    | than one user table or model in the application and you want to have
-    | separate password reset settings based on the specific user types.
-    |
-    | The expire time is the number of minutes that the reset token should be
-    | considered valid. This security feature keeps tokens short-lived so
-    | they have less time to be guessed. You may change this as needed.
-    |
-    */
-
-    'passwords' => [
-        'users' => [
-            'provider' => 'users',
-            'table' => 'password_resets',
-            'expire' => 60,
+            'model' => App\User::class, // Update this to the correct namespace
        ],
    ],

--- a/config/broadcasting.php
+++ b/config/broadcasting.php
@@ -1,59 +0,0 @@
-<?php
-
-return [
-
-    /*
-    |--------------------------------------------------------------------------
-    | Default Broadcaster
-    |--------------------------------------------------------------------------
-    |
-    | This option controls the default broadcaster that will be used by the
-    | framework when an event needs to be broadcast. You may set this to
-    | any of the connections defined in the "connections" array below.
-    |
-    | Supported: "pusher", "redis", "log", "null"
-    |
-    */
-
-    'default' => env('BROADCAST_DRIVER', 'null'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Broadcast Connections
-    |--------------------------------------------------------------------------
-    |
-    | Here you may define all of the broadcast connections that will be used
-    | to broadcast events to other systems or over websockets. Samples of
-    | each available type of connection are provided inside this array.
-    |
-    */
-
-    'connections' => [
-
-        'pusher' => [
-            'driver' => 'pusher',
-            'key' => env('PUSHER_APP_KEY'),
-            'secret' => env('PUSHER_APP_SECRET'),
-            'app_id' => env('PUSHER_APP_ID'),
-            'options' => [
-                'cluster' => env('PUSHER_APP_CLUSTER'),
-                'encrypted' => true,
-            ],
-        ],
-
-        'redis' => [
-            'driver' => 'redis',
-            'connection' => 'default',
-        ],
-
-        'log' => [
-            'driver' => 'log',
-        ],
-
-        'null' => [
-            'driver' => 'null',
-        ],
-
-    ],
-
-];
--- a/config/cache.php
+++ b/config/cache.php
@@ -1,94 +0,0 @@
-<?php
-
-return [
-
-    /*
-    |--------------------------------------------------------------------------
-    | Default Cache Store
-    |--------------------------------------------------------------------------
-    |
-    | This option controls the default cache connection that gets used while
-    | using this caching library. This connection is used when another is
-    | not explicitly specified when executing a given caching function.
-    |
-    | Supported: "apc", "array", "database", "file", "memcached", "redis"
-    |
-    */
-
-    'default' => env('CACHE_DRIVER', 'file'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Cache Stores
-    |--------------------------------------------------------------------------
-    |
-    | Here you may define all of the cache "stores" for your application as
-    | well as their drivers. You may even define multiple stores for the
-    | same cache driver to group types of items stored in your caches.
-    |
-    */
-
-    'stores' => [
-
-        'apc' => [
-            'driver' => 'apc',
-        ],
-
-        'array' => [
-            'driver' => 'array',
-        ],
-
-        'database' => [
-            'driver' => 'database',
-            'table' => 'cache',
-            'connection' => null,
-        ],
-
-        'file' => [
-            'driver' => 'file',
-            'path' => storage_path('framework/cache/data'),
-        ],
-
-        'memcached' => [
-            'driver' => 'memcached',
-            'persistent_id' => env('MEMCACHED_PERSISTENT_ID'),
-            'sasl' => [
-                env('MEMCACHED_USERNAME'),
-                env('MEMCACHED_PASSWORD'),
-            ],
-            'options' => [
-                // Memcached::OPT_CONNECT_TIMEOUT  => 2000,
-            ],
-            'servers' => [
-                [
-                    'host' => env('MEMCACHED_HOST', '127.0.0.1'),
-                    'port' => env('MEMCACHED_PORT', 11211),
-                    'weight' => 100,
-                ],
-            ],
-        ],
-
-        'redis' => [
-            'driver' => 'redis',
-            'connection' => 'default',
-        ],
-
-    ],
-
-    /*
-    |--------------------------------------------------------------------------
-    | Cache Key Prefix
-    |--------------------------------------------------------------------------
-    |
-    | When utilizing a RAM based store such as APC or Memcached, there might
-    | be other applications utilizing the same cache. So, we'll specify a
-    | value to get prefixed to all our keys so we can avoid collisions.
-    |
-    */
-
-    'prefix' => env(
-        'CACHE_PREFIX',
-        str_slug(env('APP_NAME', 'laravel'), '_').'_cache'
-    ),
-
-];
--- a/config/database.php
+++ b/config/database.php
@@ -2,120 +2,21 @@

 return [

-    /*
-    |--------------------------------------------------------------------------
-    | Default Database Connection Name
-    |--------------------------------------------------------------------------
-    |
-    | Here you may specify which of the database connections below you wish
-    | to use as your default connection for all database work. Of course
-    | you may use many connections at once using the Database library.
-    |
-    */
-
-    'default' => env('DB_CONNECTION', 'sqlite'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Database Connections
-    |--------------------------------------------------------------------------
-    |
-    | Here are each of the database connections setup for your application.
-    | Of course, examples of configuring each database platform that is
-    | supported by Laravel is shown below to make development simple.
-    |
-    |
-    | All database work in Laravel is done through the PHP PDO facilities
-    | so make sure you have the driver for your particular database of
-    | choice installed on your machine before you begin development.
-    |
-    */
+    'default' => env('DB_CONNECTION', 'sqlite'),  // Make sure the default connection is set

    'connections' => [
-
        'sqlite' => [
            'driver' => 'sqlite',
-            //'database' => env('DB_DATABASE', database_path('database.sqlite')),
-            'database' => database_path(env('DB_DATABASE', 'app.sqlite')),
+            'database' => database_path(env('DB_DATABASE', 'app.sqlite')), // Make sure to use the correct path
            'prefix' => '',
+            'foreign_key_constraints' => env('DB_FOREIGN_KEYS', true), // Enable foreign key constraints
        ],
-
-        'mysql' => [
-            'driver' => 'mysql',
-            'host' => env('DB_HOST', '127.0.0.1'),
-            'port' => env('DB_PORT', '3306'),
-            'database' => env('DB_DATABASE', 'forge'),
-            'username' => env('DB_USERNAME', 'forge'),
-            'password' => env('DB_PASSWORD', ''),
-            'unix_socket' => env('DB_SOCKET', ''),
-            'charset' => 'utf8mb4',
-            'collation' => 'utf8mb4_unicode_ci',
-            'prefix' => '',
-            'strict' => true,
-            'engine' => null,
-        ],
-
-        'pgsql' => [
-            'driver' => 'pgsql',
-            'host' => env('DB_HOST', '127.0.0.1'),
-            'port' => env('DB_PORT', '5432'),
-            'database' => env('DB_DATABASE', 'forge'),
-            'username' => env('DB_USERNAME', 'forge'),
-            'password' => env('DB_PASSWORD', ''),
-            'charset' => 'utf8',
-            'prefix' => '',
-            'schema' => 'public',
-            'sslmode' => 'prefer',
-        ],
-
-        'sqlsrv' => [
-            'driver' => 'sqlsrv',
-            'host' => env('DB_HOST', 'localhost'),
-            'port' => env('DB_PORT', '1433'),
-            'database' => env('DB_DATABASE', 'forge'),
-            'username' => env('DB_USERNAME', 'forge'),
-            'password' => env('DB_PASSWORD', ''),
-            'charset' => 'utf8',
-            'prefix' => '',
-        ],
-
    ],

-    /*
-    |--------------------------------------------------------------------------
-    | Migration Repository Table
-    |--------------------------------------------------------------------------
-    |
-    | This table keeps track of all the migrations that have already run for
-    | your application. Using this information, we can determine which of
-    | the migrations on disk haven't actually been run in the database.
-    |
-    */
-
-    'migrations' => 'migrations',
-
-    /*
-    |--------------------------------------------------------------------------
-    | Redis Databases
-    |--------------------------------------------------------------------------
-    |
-    | Redis is an open source, fast, and advanced key-value store that also
-    | provides a richer set of commands than a typical key-value systems
-    | such as APC or Memcached. Laravel makes it easy to dig right in.
-    |
-    */
-
-    'redis' => [
-
-        'client' => 'predis',
-
-        'default' => [
-            'host' => env('REDIS_HOST', '127.0.0.1'),
-            'password' => env('REDIS_PASSWORD', null),
-            'port' => env('REDIS_PORT', 6379),
-            'database' => 0,
-        ],

+    'migrations' => [
+        'table' => 'migrations',
+        'update_date_on_publish' => false, // disable to preserve original behavior for existing applications
    ],

 ];
--- a/config/filesystems.php
+++ b/config/filesystems.php
@@ -2,67 +2,14 @@

 return [

-    /*
-    |--------------------------------------------------------------------------
-    | Default Filesystem Disk
-    |--------------------------------------------------------------------------
-    |
-    | Here you may specify the default filesystem disk that should be used
-    | by the framework. The "local" disk, as well as a variety of cloud
-    | based disks are available to your application. Just store away!
-    |
-    */
-
-    'default' => env('FILESYSTEM_DRIVER', 'public'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Default Cloud Filesystem Disk
-    |--------------------------------------------------------------------------
-    |
-    | Many applications store files both locally and in the cloud. For this
-    | reason, you may specify a default "cloud" driver here. This driver
-    | will be bound as the Cloud disk implementation in the container.
-    |
-    */
-
    'cloud' => env('FILESYSTEM_CLOUD', 's3'),

-    /*
-    |--------------------------------------------------------------------------
-    | Filesystem Disks
-    |--------------------------------------------------------------------------
-    |
-    | Here you may configure as many filesystem "disks" as you wish, and you
-    | may even configure multiple disks of the same driver. Defaults have
-    | been setup for each driver as an example of the required options.
-    |
-    | Supported Drivers: "local", "ftp", "s3", "rackspace"
-    |
-    */
-
    'disks' => [
-
        'local' => [
            'driver' => 'local',
            'root' => storage_path('app'),
+            'throw' => false,
        ],
-
-        'public' => [
-            'driver' => 'local',
-            'root' => storage_path('app/public'),
-            'url' => env('APP_URL').'/storage',
-            'visibility' => 'public',
-        ],
-
-        's3' => [
-            'driver' => 's3',
-            'key' => env('AWS_ACCESS_KEY_ID'),
-            'secret' => env('AWS_SECRET_ACCESS_KEY'),
-            'region' => env('AWS_DEFAULT_REGION'),
-            'bucket' => env('AWS_BUCKET'),
-        ],
-
    ],

 ];
--- a/config/mail.php
+++ b/config/mail.php
@@ -2,116 +2,15 @@

 return [

-    /*
-    |--------------------------------------------------------------------------
-    | Mail Driver
-    |--------------------------------------------------------------------------
-    |
-    | Laravel supports both SMTP and PHP's "mail" function as drivers for the
-    | sending of e-mail. You may specify which one you're using throughout
-    | your application here. By default, Laravel is setup for SMTP mail.
-    |
-    | Supported: "smtp", "sendmail", "mailgun", "mandrill", "ses",
-    |            "sparkpost", "log", "array"
-    |
-    */
-
-    'driver' => env('MAIL_DRIVER', 'smtp'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | SMTP Host Address
-    |--------------------------------------------------------------------------
-    |
-    | Here you may provide the host address of the SMTP server used by your
-    | applications. A default option is provided that is compatible with
-    | the Mailgun mail service which will provide reliable deliveries.
-    |
-    */
-
-    'host' => env('MAIL_HOST', 'smtp.mailgun.org'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | SMTP Host Port
-    |--------------------------------------------------------------------------
-    |
-    | This is the SMTP port used by your application to deliver e-mails to
-    | users of the application. Like the host we have set this value to
-    | stay compatible with the Mailgun e-mail application by default.
-    |
-    */
-
-    'port' => env('MAIL_PORT', 587),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Global "From" Address
-    |--------------------------------------------------------------------------
-    |
-    | You may wish for all e-mails sent by your application to be sent from
-    | the same address. Here, you may specify a name and address that is
-    | used globally for all e-mails that are sent by your application.
-    |
-    */
-
-    'from' => [
-        'address' => env('MAIL_FROM_ADDRESS', 'hello@example.com'),
-        'name' => env('MAIL_FROM_NAME', 'Example'),
+    'mailers' => [
+        'mailgun' => [
+            'transport' => 'mailgun',
+            // 'client' => [
+            //     'timeout' => 5,
+            // ],
+        ],
    ],

-    /*
-    |--------------------------------------------------------------------------
-    | E-Mail Encryption Protocol
-    |--------------------------------------------------------------------------
-    |
-    | Here you may specify the encryption protocol that should be used when
-    | the application send e-mail messages. A sensible default using the
-    | transport layer security protocol should provide great security.
-    |
-    */
-
-    'encryption' => env('MAIL_ENCRYPTION', 'tls'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | SMTP Server Username
-    |--------------------------------------------------------------------------
-    |
-    | If your SMTP server requires a username for authentication, you should
-    | set it here. This will get used to authenticate with your server on
-    | connection. You may also set the "password" value below this one.
-    |
-    */
-
-    'username' => env('MAIL_USERNAME'),
-
-    'password' => env('MAIL_PASSWORD'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Sendmail System Path
-    |--------------------------------------------------------------------------
-    |
-    | When using the "sendmail" driver to send e-mails, we will need to know
-    | the path to where Sendmail lives on this server. A default path has
-    | been provided here, which will work well on most of your systems.
-    |
-    */
-
-    'sendmail' => '/usr/sbin/sendmail -bs',
-
-    /*
-    |--------------------------------------------------------------------------
-    | Markdown Mail Settings
-    |--------------------------------------------------------------------------
-    |
-    | If you are using Markdown based email rendering, you may configure your
-    | theme and component paths here, allowing you to customize the design
-    | of the emails. Or, you may simply stick with the Laravel defaults!
-    |
-    */
-
    'markdown' => [
        'theme' => 'default',

--- a/config/queue.php
+++ b/config/queue.php
@@ -1,85 +0,0 @@
-<?php
-
-return [
-
-    /*
-    |--------------------------------------------------------------------------
-    | Default Queue Driver
-    |--------------------------------------------------------------------------
-    |
-    | Laravel's queue API supports an assortment of back-ends via a single
-    | API, giving you convenient access to each back-end using the same
-    | syntax for each one. Here you may set the default queue driver.
-    |
-    | Supported: "sync", "database", "beanstalkd", "sqs", "redis", "null"
-    |
-    */
-
-    'default' => env('QUEUE_DRIVER', 'sync'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Queue Connections
-    |--------------------------------------------------------------------------
-    |
-    | Here you may configure the connection information for each server that
-    | is used by your application. A default configuration has been added
-    | for each back-end shipped with Laravel. You are free to add more.
-    |
-    */
-
-    'connections' => [
-
-        'sync' => [
-            'driver' => 'sync',
-        ],
-
-        'database' => [
-            'driver' => 'database',
-            'table' => 'jobs',
-            'queue' => 'default',
-            'retry_after' => 90,
-        ],
-
-        'beanstalkd' => [
-            'driver' => 'beanstalkd',
-            'host' => 'localhost',
-            'queue' => 'default',
-            'retry_after' => 90,
-        ],
-
-        'sqs' => [
-            'driver' => 'sqs',
-            'key' => env('SQS_KEY', 'your-public-key'),
-            'secret' => env('SQS_SECRET', 'your-secret-key'),
-            'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'),
-            'queue' => env('SQS_QUEUE', 'your-queue-name'),
-            'region' => env('SQS_REGION', 'us-east-1'),
-        ],
-
-        'redis' => [
-            'driver' => 'redis',
-            'connection' => 'default',
-            'queue' => 'default',
-            'retry_after' => 90,
-        ],
-
-    ],
-
-    /*
-    |--------------------------------------------------------------------------
-    | Failed Queue Jobs
-    |--------------------------------------------------------------------------
-    |
-    | These options configure the behavior of failed queue job logging so you
-    | can control which database and table are used to store the jobs that
-    | have failed. You may change them to any database / table you wish.
-    |
-    */
-
-    'failed' => [
-        'database' => env('DB_CONNECTION', 'mysql'),
-        'table' => 'failed_jobs',
-    ],
-
-];
--- a/config/services.php
+++ b/config/services.php
@@ -2,37 +2,11 @@

 return [

-    /*
-    |--------------------------------------------------------------------------
-    | Third Party Services
-    |--------------------------------------------------------------------------
-    |
-    | This file is for storing the credentials for third party services such
-    | as Stripe, Mailgun, SparkPost and others. This file provides a sane
-    | default location for this type of information, allowing packages
-    | to have a conventional place to find your various credentials.
-    |
-    */
-
    'mailgun' => [
        'domain' => env('MAILGUN_DOMAIN'),
        'secret' => env('MAILGUN_SECRET'),
-    ],
-
-    'ses' => [
-        'key' => env('SES_KEY'),
-        'secret' => env('SES_SECRET'),
-        'region' => 'us-east-1',
-    ],
-
-    'sparkpost' => [
-        'secret' => env('SPARKPOST_SECRET'),
-    ],
-
-    'stripe' => [
-        'model' => App\User::class,
-        'key' => env('STRIPE_KEY'),
-        'secret' => env('STRIPE_SECRET'),
+        'endpoint' => env('MAILGUN_ENDPOINT', 'api.mailgun.net'),
+        'scheme' => 'https',
    ],

 ];
--- a/config/session.php
+++ b/config/session.php
@@ -1,197 +0,0 @@
-<?php
-
-return [
-
-    /*
-    |--------------------------------------------------------------------------
-    | Default Session Driver
-    |--------------------------------------------------------------------------
-    |
-    | This option controls the default session "driver" that will be used on
-    | requests. By default, we will use the lightweight native driver but
-    | you may specify any of the other wonderful drivers provided here.
-    |
-    | Supported: "file", "cookie", "database", "apc",
-    |            "memcached", "redis", "array"
-    |
-    */
-
-    'driver' => env('SESSION_DRIVER', 'file'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Session Lifetime
-    |--------------------------------------------------------------------------
-    |
-    | Here you may specify the number of minutes that you wish the session
-    | to be allowed to remain idle before it expires. If you want them
-    | to immediately expire on the browser closing, set that option.
-    |
-    */
-
-    'lifetime' => env('SESSION_LIFETIME', 120),
-
-    'expire_on_close' => false,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Session Encryption
-    |--------------------------------------------------------------------------
-    |
-    | This option allows you to easily specify that all of your session data
-    | should be encrypted before it is stored. All encryption will be run
-    | automatically by Laravel and you can use the Session like normal.
-    |
-    */
-
-    'encrypt' => false,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Session File Location
-    |--------------------------------------------------------------------------
-    |
-    | When using the native session driver, we need a location where session
-    | files may be stored. A default has been set for you but a different
-    | location may be specified. This is only needed for file sessions.
-    |
-    */
-
-    'files' => storage_path('framework/sessions'),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Session Database Connection
-    |--------------------------------------------------------------------------
-    |
-    | When using the "database" or "redis" session drivers, you may specify a
-    | connection that should be used to manage these sessions. This should
-    | correspond to a connection in your database configuration options.
-    |
-    */
-
-    'connection' => null,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Session Database Table
-    |--------------------------------------------------------------------------
-    |
-    | When using the "database" session driver, you may specify the table we
-    | should use to manage the sessions. Of course, a sensible default is
-    | provided for you; however, you are free to change this as needed.
-    |
-    */
-
-    'table' => 'sessions',
-
-    /*
-    |--------------------------------------------------------------------------
-    | Session Cache Store
-    |--------------------------------------------------------------------------
-    |
-    | When using the "apc" or "memcached" session drivers, you may specify a
-    | cache store that should be used for these sessions. This value must
-    | correspond with one of the application's configured cache stores.
-    |
-    */
-
-    'store' => null,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Session Sweeping Lottery
-    |--------------------------------------------------------------------------
-    |
-    | Some session drivers must manually sweep their storage location to get
-    | rid of old sessions from storage. Here are the chances that it will
-    | happen on a given request. By default, the odds are 2 out of 100.
-    |
-    */
-
-    'lottery' => [2, 100],
-
-    /*
-    |--------------------------------------------------------------------------
-    | Session Cookie Name
-    |--------------------------------------------------------------------------
-    |
-    | Here you may change the name of the cookie used to identify a session
-    | instance by ID. The name specified here will get used every time a
-    | new session cookie is created by the framework for every driver.
-    |
-    */
-
-    'cookie' => env(
-        'SESSION_COOKIE',
-        str_slug(env('APP_NAME', 'laravel'), '_').'_session'
-    ),
-
-    /*
-    |--------------------------------------------------------------------------
-    | Session Cookie Path
-    |--------------------------------------------------------------------------
-    |
-    | The session cookie path determines the path for which the cookie will
-    | be regarded as available. Typically, this will be the root path of
-    | your application but you are free to change this when necessary.
-    |
-    */
-
-    'path' => '/',
-
-    /*
-    |--------------------------------------------------------------------------
-    | Session Cookie Domain
-    |--------------------------------------------------------------------------
-    |
-    | Here you may change the domain of the cookie used to identify a session
-    | in your application. This will determine which domains the cookie is
-    | available to in your application. A sensible default has been set.
-    |
-    */
-
-    'domain' => env('SESSION_DOMAIN', null),
-
-    /*
-    |--------------------------------------------------------------------------
-    | HTTPS Only Cookies
-    |--------------------------------------------------------------------------
-    |
-    | By setting this option to true, session cookies will only be sent back
-    | to the server if the browser has a HTTPS connection. This will keep
-    | the cookie from being sent to you if it can not be done securely.
-    |
-    */
-
-    'secure' => env('SESSION_SECURE_COOKIE', false),
-
-    /*
-    |--------------------------------------------------------------------------
-    | HTTP Access Only
-    |--------------------------------------------------------------------------
-    |
-    | Setting this value to true will prevent JavaScript from accessing the
-    | value of the cookie and the cookie will only be accessible through
-    | the HTTP protocol. You are free to modify this option if needed.
-    |
-    */
-
-    'http_only' => true,
-
-    /*
-    |--------------------------------------------------------------------------
-    | Same-Site Cookies
-    |--------------------------------------------------------------------------
-    |
-    | This option determines how your cookies behave when cross-site requests
-    | take place, and can be used to mitigate CSRF attacks. By default, we
-    | do not enable this as other CSRF protection services are in place.
-    |
-    | Supported: "lax", "strict"
-    |
-    */
-
-    'same_site' => null,
-
-];
--- a/database/.gitignore
+++ b/database/.gitignore
--- a/database/factories/ItemFactory.php
+++ b/database/factories/ItemFactory.php
@@ -0,0 +1,20 @@
+<?php
+
+namespace Database\Factories;
+
+use App\Item;
+use Illuminate\Database\Eloquent\Factories\Factory;
+
+class ItemFactory extends Factory
+{
+    /**
+     * Define the model's default state.
+     */
+    public function definition(): array
+    {
+        return [
+            'title' => $this->faker->unique()->text(),
+            'url' => $this->faker->unique()->url(),
+        ];
+    }
+}
--- a/database/factories/ItemTagFactory.php
+++ b/database/factories/ItemTagFactory.php
@@ -0,0 +1,18 @@
+<?php
+
+namespace Database\Factories;
+
+use App\Item;
+use App\ItemTag;
+use Illuminate\Database\Eloquent\Factories\Factory;
+
+class ItemTagFactory extends Factory
+{
+    /**
+     * Define the model's default state.
+     */
+    public function definition(): array
+    {
+        return [];
+    }
+}
--- a/Show More
+++ b/Show More