* Escape HTML in the location field of a calendar event post
- This allowed script tags to be interpreted in the post display of an event.
* Add form security token check to /admin/phpinfo module
- This prevents basic XSS attacks against /admin/phpinfo
* Add form security token check to /babel module
- This prevents basic XSS attacks against /babel
* Prevent pass-through for attachments
- This addresses a straightforward Reflected XSS vulnerability if a malicious HTML/Javascript file is attached to a post through upload
* Prevent overwriting cid on event edit
- This allowed to share an event as any other user after zeroing the cid field of an existing event
* Check form security token in /settings/userexport module
- Prevents basic XSS attacks against /settings/userexport/*
- Import IHandleUserSessions and DbaDefinition object in constructor
- Convert remaining double quotes to single quotes
- Convert static methods to dynamic to use class properties
- Remove unused POST permission from route
- new "Definition" classes vor DB and Views
- new "Writer" classes to create SQL definitions for DB and Views
- DBStructure & View are responsible to execute DB-querys
- Add all dependencies, necessary to run the content (baseUrl, Arguments)
- Encapsulate all POST/GET/DELETE/PATCH/PUT methods as protected methods inside the BaseModule
- Return Module content ONLY per `BaseModule::run()` (including the Hook logic there as well)
- Account for backward compatibility when exporting: add values for profile.is-default and profile.profile-name fields
- Account for forward compatibility when importing: migrate legacy profiles to custom profile fields
