diff --git a/app/admin/api/edit.php b/app/admin/api/edit.php
index 67958997ba6e1644e101047f8795670ae72c3b55..f7bd1b7544c6710797721583bfb187b139d6c0ad 100755
--- a/app/admin/api/edit.php
+++ b/app/admin/api/edit.php
@@ -36,7 +36,16 @@ if($_POST['action']!="add") {
 } else {
 	# generate new code
 	$api = new StdClass;
+	$api->id = null;
+	$api->app_id = null;
 	$api->app_code = $User->Crypto->generate_html_safe_token(32);
+	$api->app_permissions = 1;
+	$api->app_security = "ssl_code";
+	$api->app_lock = null;
+	$api->app_nest_custom_fields = null;
+	$api->app_show_links = null;
+	$api->app_lock_wait = null;
+	$api->app_comment = null;
 	# title
 	$title = _('Add new api key');
 }
@@ -56,8 +65,8 @@ if($_POST['action']!="add") {
 	<tr>
 	    <td><?php print _('App id'); ?></td>
 	    <td>
-	    	<input type="text" name="app_id" class="form-control input-sm" value="<?php print $Admin->strip_xss(@$api->app_id); ?>" <?php if($_POST['action'] == "delete") print "readonly"; ?>>
-	        <input type="hidden" name="id" value="<?php print $api->id; ?>">
+	    	<input type="text" name="app_id" class="form-control input-sm" value="<?php print escape_input($api->app_id); ?>" <?php if($_POST['action'] == "delete") print "readonly"; ?>>
+	        <input type="hidden" name="id" value="<?php print escape_input($api->id); ?>">
     		<input type="hidden" name="action" value="<?php print escape_input($_POST['action']); ?>">
     		<input type="hidden" name="csrf_cookie" value="<?php print $csrf; ?>">
 	    </td>
@@ -67,7 +76,7 @@ if($_POST['action']!="add") {
 	<!-- code -->
 	<tr>
 	    <td><?php print _('App code'); ?></td>
-	    <td><input type="text" id="appcode" name="app_code" class="form-control input-sm"  value="<?php print $Admin->strip_xss(@$api->app_code); ?>"  maxlength='32' <?php if($_POST['action'] == "delete") print "readonly"; ?>></td>
+	    <td><input type="text" id="appcode" name="app_code" class="form-control input-sm"  value="<?php print escape_input($api->app_code); ?>"  maxlength='32' <?php if($_POST['action'] == "delete") print "readonly"; ?>></td>
        	<td class="info2"><?php print _('Application code'); ?> <button class="btn btn-xs btn-default" id="regApiKey"><i class="fa fa-random"></i> <?php print _('Regenerate'); ?></button></td>
     </tr>
 
@@ -127,7 +136,7 @@ if($_POST['action']!="add") {
 	<tr>
 	    <td><?php print _('Lock timeout'); ?></td>
 	    <td>
-	    	<input name="app_lock_wait" class="form-control input-sm input-w-auto" value="<?php print $Admin->strip_xss(@$api->app_lock_wait); ?>">
+	    	<input name="app_lock_wait" class="form-control input-sm input-w-auto" value="<?php print escape_input($api->app_lock_wait); ?>">
 	    </td>
        	<td class="info2"><?php print _('Seconds to wait for transaction lock to clear'); ?></td>
     </tr>
@@ -170,7 +179,7 @@ if($_POST['action']!="add") {
     <tr>
     	<td><?php print _('Description'); ?></td>
     	<td>
-    		<input type="text" name="app_comment" class="form-control input-sm" value="<?php print $Admin->strip_xss(@$api->app_comment); ?>" <?php if($_POST['action'] == "delete") print "readonly"; ?>>
+    		<input type="text" name="app_comment" class="form-control input-sm" value="<?php print escape_input($api->app_comment); ?>" <?php if($_POST['action'] == "delete") print "readonly"; ?>>
     	</td>
     	<td class="info2"><?php print _('Enter description'); ?></td>
     </tr>
diff --git a/functions/classes/class.Admin.php b/functions/classes/class.Admin.php
index e38be3bf296e333f121f0470cb572bab9cea15d7..f5fa9cef679946af5bc382f68b6a56de3e5aee9c 100644
--- a/functions/classes/class.Admin.php
+++ b/functions/classes/class.Admin.php
@@ -435,7 +435,7 @@ class Admin extends Common_functions {
 	 *
 	 * @access public
 	 * @param mixed $group_id
-	 * @return void
+	 * @return array
 	 */
 	public function group_fetch_missing_users ($group_id) {
 		$out = array ();
@@ -679,7 +679,7 @@ class Admin extends Common_functions {
 	    $field['fieldDefault'] = is_blank($field['fieldDefault']) ? NULL : $field['fieldDefault'];
 
 	    # character set if needed
-	    if($field['fieldType']=="varchar" || $field['fieldType']=="text" || $field['fieldType']=="set" || $field['fieldType']=="enum")	{ $charset = "CHARACTER SET utf8"; }
+	    if($field['fieldType']=="varchar" || $field['fieldType']=="text" || $field['fieldType']=="set" || $field['fieldType']=="enum")	{ $charset = "CHARACTER SET utf8mb4"; }
 	    else																															{ $charset = ""; }
 
 	    # escape fields
diff --git a/functions/classes/class.FirewallZones.php b/functions/classes/class.FirewallZones.php
index 831a8ca7f6450110472c3e16607f824026183b02..275ac31055b46c4fe65434b0f91a5c5b6dbffafb 100644
--- a/functions/classes/class.FirewallZones.php
+++ b/functions/classes/class.FirewallZones.php
@@ -442,7 +442,7 @@ class FirewallZones extends Common_functions {
 	 * Fetches all zones from database
 	 *
 	 * @access public
-	 * @return void
+	 * @return array|false
 	 */
 	public function get_zones () {
 		# try to fetch all zones
diff --git a/functions/classes/class.PDO.php b/functions/classes/class.PDO.php
index 7a2af79356a6a2d36427d5838ceb89e97fa03078..fe2af1e7d7a5268be7736384464420b3184bc426 100644
--- a/functions/classes/class.PDO.php
+++ b/functions/classes/class.PDO.php
@@ -31,7 +31,7 @@ abstract class DB {
 	/**
 	 * charset
 	 *
-	 * (default value: 'utf8')
+	 * (default value: 'utf8mb4')
 	 *
 	 * @var string
 	 * @access protected
diff --git a/functions/classes/class.PowerDNS.php b/functions/classes/class.PowerDNS.php
index e6fcd0c01ebc671cefdff775ebbd3578d15ef5b2..ff559054a495957e6948534452bbafdc9bf6c1c1 100644
--- a/functions/classes/class.PowerDNS.php
+++ b/functions/classes/class.PowerDNS.php
@@ -77,7 +77,7 @@ class PowerDNS extends Common_functions {
     /**
      * ttl value
      *
-     * @var int|string
+     * @var object
      * @access public
      */
     public $ttl;