diff --git a/application/classes/Database/Mysql.php b/application/classes/Database/MySQLi.php
similarity index 89%
rename from application/classes/Database/Mysql.php
rename to application/classes/Database/MySQLi.php
index 5b7e889f..a3e1b64b 100644
--- a/application/classes/Database/Mysql.php
+++ b/application/classes/Database/MySQLi.php
@@ -12,7 +12,7 @@
  * @copyright  (c) 2009-2013 Open Source Billing
  * @license    http://dev.osbill.net/license.html
  */
-class Database_MySQL extends Kohana_Database_MySQL {
+class Database_MySQLi extends Kohana_Database_MySQLi {
 	// MySQL uses a backtick for identifiers
 	protected $_identifier = '';
 }
diff --git a/application/classes/Database/Query/Builder/Join.php b/application/classes/Database/Query/Builder/Join.php
new file mode 100644
index 00000000..975c95f1
--- /dev/null
+++ b/application/classes/Database/Query/Builder/Join.php
@@ -0,0 +1,21 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * This class extends Kohana's [Database_Query_Builder_Join] to ensure that we have a site_id in join statements
+ *
+ * @package    OSB
+ * @category   Helpers
+ * @author     Deon George
+ * @copyright  (c) 2009-2013 Open Source Billing
+ * @license    http://dev.osbill.net/license.html
+ */
+
+class Database_Query_Builder_Join extends Kohana_Database_Query_Builder_Join {
+
+	public function compile($db = NULL) {
+		$this->_on[] = array($this->_table.'.site_id','=',Site::id());
+
+		return parent::compile($db);
+	}
+}
+?>
diff --git a/application/classes/Model/Account.php b/application/classes/Model/Account.php
index e8fe2fdb..7174fc01 100644
--- a/application/classes/Model/Account.php
+++ b/application/classes/Model/Account.php
@@ -50,6 +50,10 @@ class Model_Account extends Model_Auth_UserDefault {
 		return sprintf('%s-%04s',Company::instance()->site(TRUE),$this->id);
 	}
 
+	public function activated() {
+		return $this->has('group');
+	}
+
 	/**
 	 * Get the groups that an account belongs to
 	 */
@@ -135,7 +139,7 @@ class Model_Account extends Model_Auth_UserDefault {
 				if (empty($result[$mmo->id]))
 					$result[$mmo->id] = $mmo;
 
-		Sort::MAsort($result,'module->name,menu_display');
+		Sort::MAsort($result,array('module->name','menu_display'));
 
 		return $result;
 	}
diff --git a/application/config/database.php b/application/config/database.php
index 896a3e43..30faa4b1 100644
--- a/application/config/database.php
+++ b/application/config/database.php
@@ -12,7 +12,7 @@
 
 return array
 (
-	'default' => array
+	'old' => array
 	(
 		'type'       => 'mysql',
 		'connection' => array(
@@ -39,5 +39,46 @@ return array
 		'compress'     => FALSE,
 		'profiling'    => TRUE,
 	),
+	'pdo' => array(
+		'type'       => 'PDO',
+		'connection' => array(
+			/**
+			 * The following options are available for PDO:
+			 *
+			 * string   dsn         Data Source Name
+			 * string   username    database username
+			 * string   password    database password
+			 * boolean  persistent  use persistent connections?
+			 */
+			'dsn'        => 'mysql:host=localhost;dbname=database',
+			'username'   => 'username',
+			'password'   => 'password',
+			'persistent' => FALSE,
+		),
+		/**
+		 * The following extra options are available for PDO:
+		 *
+		 * string   identifier  set the escaping identifier
+		 */
+		'table_prefix' => 'ab_',
+		'charset'      => 'utf8',
+		'caching'      => FALSE,
+	),
+	'default' => array(
+		'type'       => 'MySQLi',
+		'connection' => array(
+			'hostname'   => 'localhost',
+			'username'   => 'username',
+			'password'   => 'password',
+			'persistent' => FALSE,
+			'database'   => 'database',
+			'ssl'        => NULL,
+		),
+		'table_prefix' => 'ab_',
+		'charset'      => 'utf8',
+		'caching'      => FALSE,
+		'compress'     => FALSE,
+		'profiling'    => TRUE,
+	),
 );
 ?>
diff --git a/application/config/session.php b/application/config/session.php
new file mode 100644
index 00000000..c0bfec9b
--- /dev/null
+++ b/application/config/session.php
@@ -0,0 +1,18 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * OSB Configuration - Session Configuration
+ *
+ * @package    OSB
+ * @category   Configuration
+ * @author     Deon George
+ * @copyright  (c) 2010 Open Source Billing
+ * @license    http://dev.osbill.net/license.html
+ */
+
+return array(
+	'native' => array(
+		'name'=>'OSB',
+	),
+);
+?>
diff --git a/application/media/guide/img/logo-small.png b/application/media/guide/img/logo-small.png
new file mode 100644
index 00000000..2fc13978
Binary files /dev/null and b/application/media/guide/img/logo-small.png differ
diff --git a/modules/lnapp b/modules/lnapp
index 3bbab271..c5b2785e 160000
--- a/modules/lnapp
+++ b/modules/lnapp
@@ -1 +1 @@
-Subproject commit 3bbab271e75e079e8c3d5371064153cabdd3c98d
+Subproject commit c5b2785e82ed2bf914e7df3107373e24098df794
diff --git a/modules/service/classes/Controller/Admin/Service.php b/modules/service/classes/Controller/Admin/Service.php
index ed53de57..8026cd31 100644
--- a/modules/service/classes/Controller/Admin/Service.php
+++ b/modules/service/classes/Controller/Admin/Service.php
@@ -100,10 +100,11 @@ $(document).ready(function() {
 });
 			');
 
+// @todo Move this to automatically add this if a date format is used
 		Block::factory()
 			->type('form-horizontal')
 			->title('Add/View Charge')
-			->title_icon('icon-wrench')
+			->title_icon('fa fa-wrench')
 			->body(View::factory('service/admin/add'));
 	}
 
@@ -169,7 +170,7 @@ $(document).ready(function() {
 		Block::factory()
 			->type('form-horizontal')
 			->title(sprintf('%s: %s %s',_('Update Service'),$id,$so->name()))
-			->title_icon('icon-wrench')
+			->title_icon('fa fa-wrench')
 			->body(View::factory('service/admin/edit')
 				->set('o',$so)
 				->set('plugin_form',$so->plugin_edit())
diff --git a/modules/service/classes/Model/Service.php b/modules/service/classes/Model/Service.php
index 2b45d0de..2abe972a 100644
--- a/modules/service/classes/Model/Service.php
+++ b/modules/service/classes/Model/Service.php
@@ -156,7 +156,7 @@ class Model_Service extends ORM_OSB {
 	/**
 	 * List invoices for this service
 	 */
-	public function invoice_list($due=FALSE) {
+	public function invoice_list($due=FALSE,$num=NULL) {
 		$result = array();
 
 		$x = $this->invoice->distinct('id');
@@ -165,6 +165,9 @@ class Model_Service extends ORM_OSB {
 		if ($due)
 			$x->where_unprocessed();
 
+		if (! is_null($num))
+			$x->limit($num);
+
 		foreach ($x->find_all() as $io)
 			if (! $due OR $io->due())
 				array_push($result,$io);
diff --git a/modules/service/views/service/admin/edit.php b/modules/service/views/service/admin/edit.php
index 21b91018..f0252f6c 100644
--- a/modules/service/views/service/admin/edit.php
+++ b/modules/service/views/service/admin/edit.php
@@ -1,42 +1,29 @@
-<div class="span11">
+<div class="col-md-11">
 	<fieldset>
 		<legend>Update Service</legend>
 
-		<div class="row">
-			<?php echo StaticList_YesNo::form('status',$o->status,FALSE,array('label'=>'Active','class'=>'span1')); ?>
-		</div> <!-- /row -->
+		<?php echo StaticList_YesNo::form('status',$o->status,FALSE,array('label'=>'Active')); ?>
 
-		<div class="row">
-			<?php echo StaticList_RecurSchedule::form('recur_schedule',$o->recur_schedule,FALSE,array('label'=>'Billing Period','required'));?>
-		</div> <!-- /row -->
+		<?php echo StaticList_RecurSchedule::form('recur_schedule',$o->recur_schedule,FALSE,array('label'=>'Billing Period','required'));?>
 
-		<div class="row">
-			<div class="input-append date" id="date_next_invoice_label">
-				<?php echo Form::input('date_next_invoice_label',$o->display('date_next_invoice'),array('class'=>'span2','label'=>'Date Next Invoice','add-on'=>'<i class="icon-calendar"></i>','disabled')); ?>
-			</div>
+		<label for="date_next_invoice_label">Date Next Invoice</label>
+		<div class="input-group col-md-3">
+			<input type="text" id="date_next_invoice_label" value="<?php echo $o->display('date_next_invoice'); ?>" class="form-control" placeholder="Date Next Invoice">
+			<span class="input-group-addon" id="basic-addon1"><i class="fa fa-calendar"></i></span>
+		</div>
+		<?php echo Form::hidden('date_next_invoice',$o->date_next_invoice); ?>
 
-			<?php echo Form::hidden('date_next_invoice',$o->date_next_invoice); ?>
-		</div> <!-- /row -->
+		<?php echo StaticList_YesNo::form('taxable',$o->taxable,FALSE,array('label'=>'Taxable')); ?>
 
-		<div class="row">
-			<?php echo StaticList_YesNo::form('taxable',$o->taxable,FALSE,array('label'=>'Taxable','class'=>'span1')); ?>
-		</div> <!-- /row -->
+		<?php echo StaticList_YesNo::form('suspend_billing',$o->suspend_billing,FALSE,array('label'=>'Suspend Billing')); ?>
 
-		<div class="row">
-			<?php echo StaticList_YesNo::form('suspend_billing',$o->suspend_billing,FALSE,array('label'=>'Suspend Billing','class'=>'span1')); ?>
-		</div> <!-- /row -->
-
-		<div class="row">
-			<?php echo Form::input('price_override',$o->price_override,array('label'=>'Override Price','class'=>'span1')); ?>
-		</div> <!-- /row -->
+		<?php echo Form::input('price_override',$o->price_override,array('label'=>'Override Price')); ?>
 	</fieldset>
 
 	<?php if ($plugin_form) { echo $plugin_form; } ?>
 
 	<div class="row">
-		<div class="offset2">
-			<button type="submit" class="btn btn-primary">Save changes</button>
-			<button type="button" class="btn">Cancel</button>
-		</div>
+		<button type="submit" class="btn btn-primary">Save changes</button>
+		<button type="button" class="btn">Cancel</button>
 	</div>
-</div> <!-- /span -->
+</div> <!-- /col-md-11 -->
diff --git a/modules/service/views/service/info.php b/modules/service/views/service/info.php
index a7b4b38d..344f37ad 100644
--- a/modules/service/views/service/info.php
+++ b/modules/service/views/service/info.php
@@ -1,46 +1,44 @@
 <!-- o = Service -->
-<div class="col-md-5">
-	<fieldset>
-		<legend>Service Information</legend>
+<fieldset>
+	<legend>Service Information</legend>
 
-		<div class="dl-horizontal">
-			<dt>Account</dt>
-			<dd><?php printf('%s (%s)',$o->account->name(),$o->account->accnum()); ?></dd>
+	<div class="dl-horizontal">
+		<dt>Account</dt>
+		<dd><?php printf('%s (%s)',$o->account->name(),$o->account->accnum()); ?></dd>
 
-			<?php if ($o->external_billing) : ?>
-				<dt>External Billed</dt>
-				<dd><?php echo $o->display('external_billing'); ?></dd>
- 
-			<?php else : ?>
-				<dt>Service Active</dt>
-				<dd><?php echo $o->display('status'); ?></dd>
+		<?php if ($o->external_billing) : ?>
+			<dt>External Billed</dt>
+			<dd><?php echo $o->display('external_billing'); ?></dd>
 
-				<dt>Billing Period</dt>
-				<dd><?php echo $o->display('recur_schedule');?></dd>
+		<?php else : ?>
+			<dt>Service Active</dt>
+			<dd><?php echo $o->display('status'); ?></dd>
 
-				<dt>Cost</dt>
-				<dd><?php echo (! is_null($o->price_override) ? sprintf('<strike>%s</strike> ',$o->price(TRUE,TRUE,TRUE)) : ''). $o->price(TRUE,TRUE); if ($o->pending_change()) echo ' *'; ?></dd>
+			<dt>Billing Period</dt>
+			<dd><?php echo $o->display('recur_schedule');?></dd>
+
+			<dt>Cost</dt>
+			<dd><?php echo (! is_null($o->price_override) ? sprintf('<strike>%s</strike> ',$o->price(TRUE,TRUE,TRUE)) : ''). $o->price(TRUE,TRUE); if ($o->pending_change()) echo ' *'; ?></dd>
 
 <!-- @todo -->
-				<?php if (is_null($o->price) OR ($o->price<=$o->product->price($o->price_group,$o->recur_schedule,'base'))) : ?>
-					<dt>Service</dt>
-					<dd><?php echo HTML::anchor('product/view/'.$o->product_id,$o->product->title()); ?></dd>
-				<?php endif ?>
-
-				<dt>Invoiced To</dt>
-				<dd><?php echo $o->invoiced_to(TRUE); ?></dd>
-
-				<dt>Paid To</dt>
-				<dd><?php echo $o->paid_to(TRUE); ?></dd>
-
-				<dt>Date Next Invoice</dt>
-				<dd><?php printf($o->suspend_billing ? '<strike>%s</strike>' : '%s',$o->display('date_next_invoice')); ?></dd>
-
-				<dt>Current Invoices Due</dt>
-				<dd><?php echo $o->due(TRUE); ?></dd>
+			<?php if (is_null($o->price) OR ($o->price<=$o->product->price($o->price_group,$o->recur_schedule,'base'))) : ?>
+				<dt>Service</dt>
+				<dd><?php echo HTML::anchor('product/view/'.$o->product_id,$o->product->title()); ?></dd>
 			<?php endif ?>
-		</div> <!-- /dl-horizontal -->
-	</fieldset>
 
-	<?php echo $o->product->feature_summary(); ?>
-</div> <!-- /span -->
+			<dt>Invoiced To</dt>
+			<dd><?php echo $o->invoiced_to(TRUE); ?></dd>
+
+			<dt>Paid To</dt>
+			<dd><?php echo $o->paid_to(TRUE); ?></dd>
+
+			<dt>Date Next Invoice</dt>
+			<dd><?php printf($o->suspend_billing ? '<strike>%s</strike>' : '%s',$o->display('date_next_invoice')); ?></dd>
+
+			<dt>Current Invoices Due</dt>
+			<dd><?php echo $o->due(TRUE); ?></dd>
+		<?php endif ?>
+	</div> <!-- /dl-horizontal -->
+</fieldset>
+
+<?php echo $o->product->feature_summary(); ?>
diff --git a/modules/service/views/service/user/invoice/list.php b/modules/service/views/service/user/invoice/list.php
new file mode 100644
index 00000000..0644096d
--- /dev/null
+++ b/modules/service/views/service/user/invoice/list.php
@@ -0,0 +1,18 @@
+<!-- o = Model_Service -->
+<fieldset>
+	<legend>Invoices for this Service</legend>
+
+	<?php echo Table::factory()
+		->data($o->invoice_list(FALSE,20))
+		->columns(array(
+			'id'=>'ID',
+			'void'=>'Void',
+			'date_orig'=>'Date',
+			'due_date'=>'Due',
+			'total(TRUE)'=>'Amount',
+			'due(TRUE)'=>'Due',
+		))
+		->prepend(array(
+			'id'=>array('url'=>URL::link('user','invoice/view/')),
+		)); ?>
+</fieldset>
diff --git a/modules/service/views/service/user/invoice/next.php b/modules/service/views/service/user/invoice/next.php
new file mode 100644
index 00000000..2d95af65
--- /dev/null
+++ b/modules/service/views/service/user/invoice/next.php
@@ -0,0 +1,6 @@
+<!-- o = Model_Service -->
+<fieldset>
+	<legend>Next Invoice Charges</legend>
+
+	<?php echo Invoice::instance()->add_service($o)->render('html','body',array('noid'=>TRUE)); ?>
+</fieldset>
diff --git a/modules/service/views/service/user/view.php b/modules/service/views/service/user/view.php
index 048bb1e9..64b49fad 100644
--- a/modules/service/views/service/user/view.php
+++ b/modules/service/views/service/user/view.php
@@ -1,104 +1,39 @@
-<?php echo View::factory('service/info')->set('o',$o); ?>
-<?php echo $o->service_view(); ?>
+<div class="col-md-5">
+<?php
+	echo View::factory('service/info')->set('o',$o);
 
-<?php if ($o->service_billing->loaded()) : ?>
-	<div class="span5">
-		<fieldset>
-			<legend>Automatic Payment Details</legend>
+	if ($o->status AND ! $o->external_billing) :
+		echo View::factory('service/user/invoice/next')->set('o',$o);
+	endif;
 
-			<div class="dl-horizontal">
-				<dt>Direct Payment</dt>
-				<dd><?php echo $o->service_billing->checkout->display('name'); ?></dd>
-				<?php if (! is_null($o->service_billing->checkout_amount)) : ?>
-					<dt>Standard Amount</dt>
-					<dd><?php echo $o->service_billing->display('checkout_amount'); ?></dd>
-				<?php endif ?>
-			</div> <!-- /dl-horizontal -->
-		</fieldset>
-	</div> <!-- /span -->
-<?php endif ?>
+	if ($o->service_billing->loaded()) :
+		echo View::factory('service/user/view/payment')->set('o',$o);
+	endif;
+?>
+</div>
+
+<div class="col-md-6">
+	<?php echo $o->service_view(); ?>
+</div>
+
+<div class="col-md-5">
+	<?php echo View::factory('service/user/invoice/list')->set('o',$o); ?>
+</div>
 
 <?php if ($o->charges()) : ?>
-	<div class="span5">
-		<fieldset>
-			<legend>Service Charges to Bill: <?php echo $o->charges(TRUE,TRUE); ?></legend>
-
-			<?php echo Table::factory()
-				->data($o->charge_list(TRUE))
-				->columns(array(
-					'date_orig'=>'Date',
-					'description'=>'Description',
-					'total(TRUE)'=>'Amount',
-				)); ?>
-		</fieldset>
-	</div> <!-- /span -->
+	<div class="col-md-7">
+		<?php echo View::factory('service/user/view/charges')->set('o',$o); ?>
+	</div>
 <?php endif ?>
 
-<?php if ($o->status AND ! $o->external_billing) : ?>
-	<div class="span5">
-		<fieldset>
-			<legend>Next Invoice Charges</legend>
-
-			<?php echo Invoice::instance()->add_service($o)->render('html','body',array('noid'=>TRUE)); ?>
-		</fieldset>
-	</div> <!-- /span -->
-<?php endif ?>
-
-<div class="span5">
-	<fieldset>
-		<legend>Invoices for this Service</legend>
-
-		<?php echo Table::factory()
-			->data($o->invoice_list())
-			->columns(array(
-				'id'=>'ID',
-				'void'=>'Void',
-				'date_orig'=>'Date',
-				'due_date'=>'Due',
-				'total(TRUE)'=>'Amount',
-				'due(TRUE)'=>'Due',
-			))
-			->prepend(array(
-				'id'=>array('url'=>URL::link('user','invoice/view/')),
-			)); ?>
-	</fieldset>
-</div> <!-- /span -->
-
 <?php $x=$o->service_memo->find_all(); if ($x->count()) : ?>
-	<div class="span5">
-		<fieldset>
-			<legend>Service Memos</legend>
-
-			<?php echo Table::factory()
-				->data($x)
-				->columns(array(
-					'id'=>'ID',
-					'date_orig'=>'Date',
-					'account->name()'=>'Account',
-					'memo'=>'Memo',
-				)); ?>
-		</fieldset>
-	</div> <!-- /span -->
+	<div class="col-md-7">
+		<?php echo View::factory('service/user/view/memos')->set('o',$o); ?>
+	</div>
 <?php endif ?>
 
 <?php $x=$o->email()->find_all(); if ($x->count()) : ?>
-	<div class="span5">
-		<fieldset>
-			<legend>Emails about this service</legend>
-
-			<?php echo Table::factory()
-				->data($x)
-				->columns(array(
-					'id'=>'ID',
-					'date_orig'=>'Date',
-					'resolve("subject")'=>'Subject',
-				))
-				->prepend(array(
-					'id'=>array('url'=>URL::link('user','email/view/')),
-				))
-				->postproc(array(
-					'resolve("subject")'=>array('trim'=>45),
-				)); ?>
-		</fieldset>
-	</div> <!-- /span -->
+	<div class="col-md-7">
+		<?php echo View::factory('service/user/view/emails')->set('o',$o); ?>
+	</div>
 <?php endif ?>
diff --git a/modules/service/views/service/user/view/charges.php b/modules/service/views/service/user/view/charges.php
new file mode 100644
index 00000000..15952d54
--- /dev/null
+++ b/modules/service/views/service/user/view/charges.php
@@ -0,0 +1,12 @@
+<!-- o = Model_Service -->
+<fieldset>
+	<legend>Service Charges to Bill: <?php echo $o->charges(TRUE,TRUE); ?></legend>
+
+	<?php echo Table::factory()
+		->data($o->charge_list(TRUE))
+		->columns(array(
+			'date_orig'=>'Date',
+			'description'=>'Description',
+			'total(TRUE)'=>'Amount',
+		)); ?>
+</fieldset>
diff --git a/modules/service/views/service/user/view/emails.php b/modules/service/views/service/user/view/emails.php
new file mode 100644
index 00000000..1234ae3e
--- /dev/null
+++ b/modules/service/views/service/user/view/emails.php
@@ -0,0 +1,17 @@
+<fieldset>
+	<legend>Emails about this service</legend>
+
+	<?php echo Table::factory()
+		->data($o->email()->limit(20)->find_all())
+		->columns(array(
+			'id'=>'ID',
+			'date_orig'=>'Date',
+			'resolve("subject")'=>'Subject',
+		))
+		->prepend(array(
+			'id'=>array('url'=>URL::link('user','email/view/')),
+		))
+		->postproc(array(
+			'resolve("subject")'=>array('trim'=>45),
+		)); ?>
+</fieldset>
diff --git a/modules/service/views/service/user/view/memos.php b/modules/service/views/service/user/view/memos.php
new file mode 100644
index 00000000..382401d3
--- /dev/null
+++ b/modules/service/views/service/user/view/memos.php
@@ -0,0 +1,13 @@
+<!-- o = Model_Service -->
+<fieldset>
+	<legend>Service Memos</legend>
+
+	<?php echo Table::factory()
+		->data($o->service_memo->find_all())
+		->columns(array(
+			'id'=>'ID',
+			'date_orig'=>'Date',
+			'account->name()'=>'Account',
+			'memo'=>'Memo',
+		)); ?>
+</fieldset>
diff --git a/modules/service/views/service/user/view/payment.php b/modules/service/views/service/user/view/payment.php
new file mode 100644
index 00000000..93f17841
--- /dev/null
+++ b/modules/service/views/service/user/view/payment.php
@@ -0,0 +1,13 @@
+<!-- o = Model_Service -->
+<fieldset>
+	<legend>Automatic Payment Details</legend>
+
+	<div class="dl-horizontal">
+		<dt>Direct Payment</dt>
+		<dd><?php echo $o->service_billing->checkout->display('name'); ?></dd>
+		<?php if (! is_null($o->service_billing->checkout_amount)) : ?>
+			<dt>Standard Amount</dt>
+			<dd><?php echo $o->service_billing->display('checkout_amount'); ?></dd>
+		<?php endif ?>
+	</div> <!-- /dl-horizontal -->
+</fieldset>
diff --git a/modules/ssl/classes/Controller/Reseller/Service/Ssl.php b/modules/ssl/classes/Controller/Reseller/Service/Ssl.php
index 64da60a7..2553d8d6 100644
--- a/modules/ssl/classes/Controller/Reseller/Service/Ssl.php
+++ b/modules/ssl/classes/Controller/Reseller/Service/Ssl.php
@@ -10,6 +10,8 @@
  * @license    http://dev.osbill.net/license.html
  */
 class Controller_Reseller_Service_Ssl extends Controller_Service {
+	protected $auth_required = TRUE;
+
 	protected $secure_actions = array(
 		'list'=>TRUE,
 	);
diff --git a/modules/ssl/classes/Controller/Reseller/Ssl.php b/modules/ssl/classes/Controller/Reseller/Ssl.php
index ca5f4939..f8693f2e 100644
--- a/modules/ssl/classes/Controller/Reseller/Ssl.php
+++ b/modules/ssl/classes/Controller/Reseller/Ssl.php
@@ -10,6 +10,8 @@
  * @license    http://dev.osbill.net/license.html
  */
 class Controller_Reseller_SSL extends Controller_SSL {
+	protected $auth_required = TRUE;
+
 	protected $secure_actions = array(
 		'add'=>TRUE,
 		'edit'=>TRUE,
diff --git a/modules/ssl/classes/Controller/SSL.php b/modules/ssl/classes/Controller/SSL.php
deleted file mode 100644
index 6d5a8138..00000000
--- a/modules/ssl/classes/Controller/SSL.php
+++ /dev/null
@@ -1,14 +0,0 @@
-<?php defined('SYSPATH') or die('No direct access allowed.');
-
-/**
- * This class provides SSL management
- *
- * @package    SSL
- * @category   Controllers
- * @author     Deon George
- * @copyright  (c) 2009-2013 Open Source Billing
- * @license    http://dev.osbill.net/license.html
- */
-class Controller_SSL extends Controller_TemplateDefault {
-}
-?>
diff --git a/modules/ssl/classes/Controller/Ssl.php b/modules/ssl/classes/Controller/Ssl.php
new file mode 100644
index 00000000..7ffb994a
--- /dev/null
+++ b/modules/ssl/classes/Controller/Ssl.php
@@ -0,0 +1,64 @@
+<?php defined('SYSPATH') or die('No direct access allowed.');
+
+/**
+ * This class provides SSL management
+ *
+ * @package    SSL
+ * @category   Controllers
+ * @author     Deon George
+ * @copyright  (c) 2009-2013 Open Source Billing
+ * @license    http://dev.osbill.net/license.html
+ */
+class Controller_SSL extends Controller_TemplateDefault {
+	protected $auth_required = false;
+
+	/**
+	 * Render out an SSL CA certificate
+	 */
+	public function action_ca() {
+		$o = ORM::factory('SSL_CA',$this->request->param('id'));
+
+		$this->response->body($o->loaded() ? $o->sign_cert."\n" : NULL);
+
+		$this->response->headers(array('Content-Type' => 'text/plain'));
+		if ($o->loaded() AND ! is_null($this->request->query('download')))
+			$this->response->headers('Content-Disposition','attachment; filename="'.$o->id.'.ca.crt"');
+		$this->auto_render = FALSE;
+	}
+
+	/**
+	 * Render the public certificate of a service
+	 */
+	public function action_cert() {
+		$o = ORM::factory('Service',$this->request->param('id'));
+
+		if ($o->loaded() and ($o->plugin() instanceof Model_Service_Plugin))
+			$this->response->body($o->plugin()->cert."\n");
+
+		$this->response->headers(array('Content-Type' => 'text/plain'));
+		if ($o->loaded() AND ! is_null($this->request->query('download')))
+			$this->response->headers('Content-Disposition','attachment; filename="'.$o->id.'.crt"');
+		$this->auto_render = FALSE;
+	}
+
+	/**
+	 * Render out an SSL CA chain
+	 */
+	public function action_chain() {
+		$result = '';
+
+		$o = ORM::factory('Service',$this->request->param('id'));
+
+		if ($o->loaded() and $o->plugin() instanceof Model_Service_Plugin_Ssl) {
+			foreach ($o->plugin()->chain() as $cao)
+				$result .= $cao->sign_cert."\n";
+		}
+
+		$this->response->body($result);
+		$this->response->headers(array('Content-Type' => 'text/plain'));
+		if ($o->loaded() AND ! is_null($this->request->query('download')))
+			$this->response->headers('Content-Disposition','attachment; filename="ca.crts"');
+		$this->auto_render = FALSE;
+	}
+}
+?>
diff --git a/modules/ssl/classes/Controller/User/Ssl.php b/modules/ssl/classes/Controller/User/Ssl.php
index 9bd4d2b6..6afde677 100644
--- a/modules/ssl/classes/Controller/User/Ssl.php
+++ b/modules/ssl/classes/Controller/User/Ssl.php
@@ -9,9 +9,12 @@
  * @copyright  (c) 2009-2013 Open Source Billing
  * @license    http://dev.osbill.net/license.html
  */
-class Controller_User_SSL extends Controller_SSL {
+class Controller_User_Ssl extends Controller_Ssl {
+	protected $auth_required = TRUE;
+
 	protected $secure_actions = array(
-		'download'=>FALSE,
+		'download'=>TRUE,
+		'key'=>TRUE,
 	);
 
 	public function action_download() {
@@ -22,7 +25,7 @@ class Controller_User_SSL extends Controller_SSL {
 
 		$passwd = $this->request->post('passwd');
 
-		if (strlen($passwd) < Kohana::$config->load('ssl')->minpass_length) {
+		if (! Auth::instance()->get_user()->isAdmin() AND strlen($passwd) < Kohana::$config->load('ssl')->minpass_length) {
 			SystemMessage::add(array(
 				'title'=>_('Validation failed'),
 				'type'=>'error',
@@ -50,5 +53,23 @@ class Controller_User_SSL extends Controller_SSL {
 		$this->response->headers('Content-Disposition','attachment; filename="'.basename($file).'"');
 		$this->response->body($x);
 	}
+
+	/**
+	 * Render the private key of a service
+	 */
+	public function action_key() {
+		$so = ORM::factory('Service',$this->request->param('id'));
+
+		if (! $so->loaded() OR ! Auth::instance()->authorised($so->account))
+			throw HTTP_Exception::factory(403,'Service either doesnt exist, or you are not authorised to see it');
+
+		if ($so->plugin() instanceof Model_Service_Plugin)
+			$this->response->body($so->plugin()->pk."\n");
+
+		$this->response->headers(array('Content-Type' => 'text/plain'));
+		if ($so->loaded() AND ! is_null($this->request->query('download')))
+			$this->response->headers('Content-Disposition','attachment; filename="'.$so->id.'.key"');
+		$this->auto_render = FALSE;
+	}
 }
 ?>
diff --git a/modules/ssl/classes/Model/Service/Plugin/Ssl.php b/modules/ssl/classes/Model/Service/Plugin/Ssl.php
index 28cd78be..e18d5f12 100644
--- a/modules/ssl/classes/Model/Service/Plugin/Ssl.php
+++ b/modules/ssl/classes/Model/Service/Plugin/Ssl.php
@@ -86,6 +86,7 @@ class Model_Service_Plugin_Ssl extends Model_Service_Plugin {
 
 	/**
 	 * Return all our CA Certs for this certificate
+	 * @deprecated Use chain() instead.
 	 */
 	public function cacerts() {
 		$result = array();
@@ -100,15 +101,34 @@ class Model_Service_Plugin_Ssl extends Model_Service_Plugin {
 		return $result;
 	}
 
+	/**
+	 * Return the Certificate Chain
+	 *
+	 * @return array Of SSL_CA Objects representing the Chain
+	 */
+	public function chain() {
+		$result = array();
+
+		// Get the first parent CA certificate
+		$po = $this->ca;
+
+		while ($po AND $po->loaded()) {
+			array_push($result,$po);
+			$po = ($po->validParent()) ? $po->parent : NULL;
+		}
+
+		return $result;
+	}
+
 	public function download_button() {
-		if (! $this->service->status OR ! preg_match('/client/',$this->service->product->plugin()->extensions) OR $this->valid_to() < time())
+		if (! $this->pk OR ! $this->service->status OR ! preg_match('/client/',$this->service->product->plugin()->extensions) OR $this->valid_to() < time())
 			return '';
 
 		$output = Form::open(URL::link('user','ssl/download'),array('class'=>'form-inline'));
 		$output .= Form::hidden('sid',$this->service->id);
 		$output .= '<div class="input-append">';
 		$output .= Form::password('passwd','',array('placeholder'=>_('Choose a password'),'required','nocg'=>TRUE,'pattern'=>'.{6,}','title'=>'Minimum 6 chars'));
-		$output .= Form::button('download','Download',array('class'=>'btn btn-default','nocg'=>TRUE));
+		$output .= Form::button('download','PKCS12',array('class'=>'btn btn-default','nocg'=>TRUE));
 		$output .= '</div>';
 		$output .= Form::close();
 
diff --git a/modules/ssl/classes/SSL.php b/modules/ssl/classes/SSL.php
index 5c0c56cf..41bf218a 100644
--- a/modules/ssl/classes/SSL.php
+++ b/modules/ssl/classes/SSL.php
@@ -108,7 +108,7 @@ class SSL {
 			if ($i++)
 				$result .= ',';
 
-			$result .= sprintf('%s=%s',$k,$v);
+			$result .= sprintf('%s=%s',$k,(is_array($v) ? join(','.$k.'=',$v) : $v));
 		}
 
 		return $result;
diff --git a/modules/ssl/views/service/admin/plugin/ssl/edit.php b/modules/ssl/views/service/admin/plugin/ssl/edit.php
index 74c6000d..bff575f9 100644
--- a/modules/ssl/views/service/admin/plugin/ssl/edit.php
+++ b/modules/ssl/views/service/admin/plugin/ssl/edit.php
@@ -1,15 +1,7 @@
 <fieldset>
 	<legend>SSL Certificate Service Details</legend>
 
-	<div class="row">
-		<?php echo Form::textarea('plugin[csr]',$o->service->plugin()->csr,array('class'=>'span6','label'=>'CSR','placeholder'=>'CSR','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->csr))); ?>
-	</div>
-
-	<div class="row">
-		<?php echo Form::textarea('plugin[pk]',$o->service->plugin()->pk,array('class'=>'span6','label'=>'Private Key','placeholder'=>'Private Key','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->pk))); ?>
-	</div>
-
-	<div class="row">
-		<?php echo Form::textarea('plugin[cert]',$o->service->plugin()->cert,array('class'=>'span6','label'=>'Public Certificate','placeholder'=>'Public Certificate','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->cert))); ?>
-	</div>
+	<?php echo Form::textarea('plugin[csr]',$o->service->plugin()->csr,array('label'=>'CSR','placeholder'=>'CSR','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->csr),'cols'=>Form::textarea_width($o->service->plugin()->csr))); ?>
+	<?php echo Form::textarea('plugin[pk]',$o->service->plugin()->pk,array('label'=>'Private Key','placeholder'=>'Private Key','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->pk),'cols'=>Form::textarea_width($o->service->plugin()->pk))); ?>
+	<?php echo Form::textarea('plugin[cert]',$o->service->plugin()->cert,array('label'=>'Public Certificate','placeholder'=>'Public Certificate','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->cert),'cols'=>Form::textarea_width($o->service->plugin()->cert))); ?>
 </fieldset>
diff --git a/modules/ssl/views/service/user/plugin/ssl/view.php b/modules/ssl/views/service/user/plugin/ssl/view.php
index 2281f73e..539c8601 100644
--- a/modules/ssl/views/service/user/plugin/ssl/view.php
+++ b/modules/ssl/views/service/user/plugin/ssl/view.php
@@ -1,62 +1,3 @@
-<div class="span5">
-	<fieldset>
-		<legend>Service Details</legend>
-
-		<div class="dl-horizontal">
-			<dt>DN</dt>
-			<dd><?php echo $o->dn(); ?></dd>
-
-			<?php if (! $o->isCSR()) : ?>
-				<dt>Serial Number</dt>
-				<dd><?php echo $o->serial(); ?></dd>
-
-				<dt>Subject Key Id</dt>
-				<dd><?php echo $o->ski(); ?></dd>
-
-				<dt>Issuer</dt>
-				<dd>
-					<?php if ($o->validCA() AND $o->authorised($o->ca)) : ?>
-					<?php echo HTML::anchor(URL::link('reseller','ssl/edit/').$o->ca->id,$o->issuer()); ?>
-					<?php else : ?>
-					<?php echo $o->issuer(); ?>
-					<?php endif ?>
-				</dd>
-
-				<dt>Issuer Serial</dt>
-				<dd><?php printf('%s (%s)',$o->aki_keyid(), $o->aki_serial()); ?></dd>
-
-				<dt>Valid From</dt>
-				<dd><?php echo $o->valid_from(TRUE); ?></dd>
-
-				<dt>Valid To</dt>
-				<dd><?php echo $o->valid_to(TRUE); ?></dd>
-
-				<dt>Hash</dt>
-				<dd><?php echo $o->hash(); ?></dd>
-
-				<dt>Version</dt>
-				<dd><?php echo $o->version(); ?></dd>
-
-				<dt>Algorithm</dt>
-				<dd><?php echo $o->algorithm(); ?></dd>
-			<?php endif ?>
-
-		</div> <!-- dl-horizontal -->
-	</fieldset>
-</div> <!-- /span -->
-
-<div class="span6">
-	<fieldset>
-		<legend>Certificate</legend>
-
-		<pre><?php echo $o->cert; ?></pre>
-
-		<?php
-			echo $o->download_button(); 
-			if ($ao=Auth::instance()->get_user() AND ($ao->isAdmin() OR $ao->isReseller()) AND $o->service->status AND ($o->valid_to()-(Kohana::$config->load('ssl.min_renew_days')*86400) <= time()) AND $o->service->paid_to() > time()) :
-				echo Form::open(URL::link('reseller','ssl/renew/'.$o->service->id));
-				echo Form::button('submit','Renew',array('class'=>'btn btn-primary'));
-			endif
-		?>
-	</fieldset>
-</div> <!-- /span -->
+<?php echo View::factory('service/user/plugin/ssl/view/details')->set('o',$o); ?>
+<?php echo View::factory('service/user/plugin/ssl/view/chain')->set('o',$o); ?>
+<?php echo View::factory('service/user/plugin/ssl/view/certificate')->set('o',$o); ?>
diff --git a/modules/ssl/views/service/user/plugin/ssl/view/certificate.php b/modules/ssl/views/service/user/plugin/ssl/view/certificate.php
new file mode 100644
index 00000000..7f56468a
--- /dev/null
+++ b/modules/ssl/views/service/user/plugin/ssl/view/certificate.php
@@ -0,0 +1,18 @@
+<fieldset>
+	<legend>Certificate</legend>
+
+	<pre><?php echo $o->cert; ?></pre>
+
+	<?php
+		echo $o->download_button(); 
+		if ($ao=Auth::instance()->get_user() AND ($ao->isAdmin() OR $ao->isReseller()) AND $o->service->status AND ($o->valid_to()-(Kohana::$config->load('ssl.min_renew_days')*86400) <= time()) AND $o->service->paid_to() > time()) :
+			echo Form::open(URL::link('reseller','ssl/renew/'.$o->service->id));
+			echo Form::button('submit','Renew',array('class'=>'btn btn-primary','nocg'=>TRUE));
+		else : ?>
+			<a href="<?php echo URL::link('','/ssl/cert/'.$o->service_id,TRUE); ?>" class="btn btn-sm btn-default">Cert Download</a>
+			<?php if ($o->pk) : ?>
+			<a href="<?php echo URL::link('user','ssl/key/'.$o->service_id,TRUE); ?>" class="btn btn-sm btn-default">Key Download</a>
+			<?php endif ?>
+		<?php endif
+	?>
+</fieldset>
diff --git a/modules/ssl/views/service/user/plugin/ssl/view/chain.php b/modules/ssl/views/service/user/plugin/ssl/view/chain.php
new file mode 100644
index 00000000..b64a867f
--- /dev/null
+++ b/modules/ssl/views/service/user/plugin/ssl/view/chain.php
@@ -0,0 +1,20 @@
+<?php if ($o->cert) : ?>
+<fieldset>
+	<legend>Certificate Chain</legend>
+
+	<?php echo Table::factory()
+		->data($o->chain())
+		->columns(array(
+			'id'=>'ID',
+			'subject()'=>'Cert',
+			'valid_to(TRUE)'=>'Expires',
+			'issuer()'=>'Issuer',
+		))
+		->prepend(array(
+			'id'=>array('url'=>URL::link('','/ssl/ca/')),
+		)); ?>
+
+	<a href="<?php echo URL::link('','/ssl/chain/'.$o->service_id,TRUE); ?>" class="btn btn-sm btn-default">Download</a>
+</fieldset>
+
+<?php endif ?>
diff --git a/modules/ssl/views/service/user/plugin/ssl/view/details.php b/modules/ssl/views/service/user/plugin/ssl/view/details.php
new file mode 100644
index 00000000..97200713
--- /dev/null
+++ b/modules/ssl/views/service/user/plugin/ssl/view/details.php
@@ -0,0 +1,44 @@
+<fieldset>
+	<legend>Service Details</legend>
+
+	<div class="dl-horizontal">
+		<dt>DN</dt>
+		<dd><?php echo $o->dn(); ?></dd>
+
+		<?php if (! $o->isCSR()) : ?>
+			<dt>Serial Number</dt>
+			<dd><?php echo $o->serial(); ?></dd>
+
+			<dt>Subject Key Id</dt>
+			<dd><?php echo $o->ski(); ?></dd>
+
+			<dt>Issuer</dt>
+			<dd>
+				<?php if ($o->validCA() AND $o->authorised($o->ca)) : ?>
+				<?php echo HTML::anchor(URL::link('reseller','ssl/edit/').$o->ca->id,$o->issuer()); ?>
+				<?php else : ?>
+				<?php echo $o->issuer(); ?>
+				<?php endif ?>
+			</dd>
+
+			<dt>Issuer Serial</dt>
+			<dd><?php printf('%s (%s)',$o->aki_keyid(), $o->aki_serial()); ?></dd>
+
+			<dt>Valid From</dt>
+			<dd><?php echo $o->valid_from(TRUE); ?></dd>
+
+			<dt>Valid To</dt>
+			<dd><?php echo $o->valid_to(TRUE); ?></dd>
+
+			<dt>Hash</dt>
+			<dd><?php echo $o->hash(); ?></dd>
+
+			<dt>Version</dt>
+			<dd><?php echo $o->version(); ?></dd>
+
+			<dt>Algorithm</dt>
+			<dd><?php echo $o->algorithm(); ?></dd>
+		<?php endif ?>
+
+	</div> <!-- dl-horizontal -->
+</fieldset>