diff --git a/code/web/public_php/login/class/LoginCb.php b/code/web/public_php/login/class/LoginCb.php
index dcc1bdea3..822a433db 100644
--- a/code/web/public_php/login/class/LoginCb.php
+++ b/code/web/public_php/login/class/LoginCb.php
@@ -3,9 +3,11 @@ class LoginCb extends CLoginServiceWeb
 {
     private $ring_web_host;
     private $ring_web_host_php;
+    private $domain_id;
 
-    public function __construct($ring_web_host, $ring_web_host_php)
+    public function __construct($ring_web_host, $ring_web_host_php, $domain_id)
     {
+        $this->domain_id = $domain_id;
         $this->ring_web_host_php = $ring_web_host_php;
         $this->ring_web_host = $ring_web_host;
     }
@@ -13,19 +15,17 @@ class LoginCb extends CLoginServiceWeb
     // receive the login result sent back by the LS
     public function loginResult($userId, $cookie, $resultCode, $errorString)
     {
-        global $domainId;
-
         if ($resultCode == 0 && $cookie != "") {
             // gather the domain information (server version, patch urls and backup patch url
             global $DBHost, $DBUserName, $DBPassword, $DBName, $AutoInsertInRing;
 
             $link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die(errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
             mysqli_select_db($link, $DBName) or die(errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
-            $query = "SELECT * FROM domain WHERE domain_id=$domainId";
+            $query = "SELECT * FROM domain WHERE domain_id = ".$this->domain_id ;
             $result = mysqli_query($link, $query) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
 
             if (mysqli_num_rows($result) != 1) {
-                die(errorMsgBlock(3001, $domainId));
+                die(errorMsgBlock(3001, $this->domain_id ));
             }
             $row = mysqli_fetch_array($result);
 
@@ -36,7 +36,7 @@ class LoginCb extends CLoginServiceWeb
             // Auto-join an available mainland shard
             global $FSHostLuaMode, $FSHostResultStr;
             $FSHostLuaMode = false;
-            $res = joinMainland($userId, $domainId, $row["domain_name"]);
+            $res = joinMainland($userId, $this->domain_id , $row["domain_name"]);
 
             if ($res) {
                 echo "1#" . $cookie . "#" . $FSHostResultStr . "#http://" . $this->ring_web_host_php . "/ring/web_start.php#http://" . $this->ring_web_host . "/ring/\n";
diff --git a/code/web/public_php/login/class/connection_handler.php b/code/web/public_php/login/class/connection_handler.php
index e6b9d4de1..a987a74ae 100644
--- a/code/web/public_php/login/class/connection_handler.php
+++ b/code/web/public_php/login/class/connection_handler.php
@@ -1,15 +1,15 @@
 <?php
-include_once './LoginCb.php';
-include_once './../tools/utils.php';
-include_once './../config.php';
-include_once './../login_translations.php';
-include_once './../login_service_itf.php';
-include_once './../../ring/join_shard.php';
-include_once './../../tools/nel_message.php';
-include_once './../../tools/domain_info.php';
-
+include_once 'login_service_itf.php';
+include_once 'LoginCb.php';
+include_once 'tools/utils.php';
+include_once '../ring/join_shard.php';
+include_once '../tools/nel_message.php';
+include_once '../tools/domain_info.php';
 class ConnectionHandler
 {
+    private $accept_unknown_user;
+    private $auto_create_ring_info;
+
     private $db_base_connection;
     private $db_ring_connection;
 
@@ -31,7 +31,7 @@ class ConnectionHandler
         $this->db_base_connection_host = $db_base_connection_host;
         $this->db_base_connection_username = $db_base_connection_username;
         $this->db_base_connection_password = $db_base_connection_password;
-        $this->db_base_connection_dbname = $db_base_connection_dname;
+        $this->db_base_connection_dbname = $db_base_connection_dbname;
     }
 
     /**
@@ -39,12 +39,21 @@ class ConnectionHandler
      */
     public function connect()
     {
-        connect_to_base_db($this->db_base_connection_host,
+        $this->connect_to_base_db($this->db_base_connection_host,
             $this->db_base_connection_username,
             $this->db_base_connection_password,
             $this->db_base_connection_dbname);
     }
 
+    public function set_accept_unknown_user($value)
+    {
+        $this->accept_unknown_user = $value;
+    }
+    public function set_auto_create_ring_info($value)
+    {
+        $this->auto_create_ring_info = $value;
+    }
+
     /**
      * Connect to the base database and sets the fields.
      */
@@ -79,15 +88,17 @@ class ConnectionHandler
 
     private function askSalt($login, $lang)
     {
+        $salt = '';
         setMsgLanguage($lang);
         $escaped_login = $this->db_base_connection->escape_string($login);
-        if ($stmt = $this->db_base_connection->prepare('SELECT Password FROM user WHERE Login=\'?\' LIMIT 1')) {
+        $query = 'SELECT Password FROM user WHERE Login = ? LIMIT 1';
+        if ($stmt = $this->db_base_connection->prepare($query)) {
             $stmt->bind_param('s', $escaped_login);
             $stmt->execute();
-            $stmt->bind_result($password) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, $this->db_base_connection->error));
+            $stmt->bind_result($password) or die(errorMsgBlock(3006, $query, 'main', $this->db_base_connection_dbname, $this->db_base_connection_host, $this->db_base_connection_username, $this->db_base_connection->error));
             $stmt->fetch();
-            if ($stmt->num_rows == 1) {
-                $salt = '1:' . get_salt($password);
+            if (isset($password)) {
+                $salt = '1:' . $this->get_salt($password);
             } else {
                 $salt = errorMsgBlock(2001, $login, 'askSalt');
             }
@@ -102,7 +113,7 @@ class ConnectionHandler
      */
     private function CreateRing($domainInfo, $id, $login)
     {
-        connect_to_ring_db($this->db_ring_connection_host,
+        $this->connect_to_ring_db($this->db_ring_connection_host,
             $this->db_ring_connection_username,
             $this->db_ring_connection_password,
             $domainInfo['ring_db_name']);
@@ -125,7 +136,7 @@ class ConnectionHandler
     private function Login($login, $password, $clientApplication, $cp, $submittedLang)
     {
         $domainId = -1;
-        $loginSuccessful = checkUserValidity($login, $password, $clientApplication, $cp, $id, $reason, $priv, $extended, $domainId, $submittedLang);
+        $loginSuccessful = $this->checkUserValidity($login, $password, $clientApplication, $cp, $id, $reason, $priv, $extended, $domainId, $submittedLang);
         // Client sent his login info
         if (!$loginSuccessful) {
             echo '0:' . $reason;
@@ -133,15 +144,15 @@ class ConnectionHandler
             // retrieve the domain info
             $domainInfo = getDomainInfo($domainId);
             // if we need to create missing ring info
-            if ($AutoCreateRingInfo) {
-                CreateRing($domainInfo, $id, $login);
+            if ($this->auto_create_ring_info) {
+                $this->CreateRing($domainInfo, $id, $login);
             }
 
             $LSaddr = explode(":", $domainInfo['login_address']);
 
             // ask for a session cookie to the login service
-            $loginCb = new LoginCb($domainInfo['web_host'], $domainInfo['web_host_php']);
-            $loginCb->connect($LSaddr[0], $LSaddr[1], '');
+            $loginCb = new LoginCb($domainInfo['web_host'], $domainInfo['web_host_php'], $domainId);
+            $loginCb->connect($LSaddr[0], $LSaddr[1], $result);
             $loginCb->login($id, $_SERVER['REMOTE_ADDR'], $domainId);
 
             // wait for the return message
@@ -160,17 +171,18 @@ class ConnectionHandler
     {
         switch ($command->cmd) {
             case 'ask':
-                echo askSalt($command->login, $command->submittedLang);
+                echo $this->askSalt($command->login, $command->submittedLang);
                 break;
-            case 'login-https':
-                $salt = substr(askSalt($command->login, $command->submittedLang), 2);
-                $generated_password = crypt($command->password, sprintf('$6$rounds=%d$%s$', 5000, $salt));
-                login($command->login, $generated_password, $command->clientApplication, $command->cp, $command->submittedLang);
+            case 'https-login':
+                $salt = substr($this->askSalt($command->login, $command->submittedLang), 2);
+                $generated_password = crypt($command->password, $salt);
+                $this->login($command->login, $generated_password, $command->clientApplication, $command->cp, $command->submittedLang);
                 break;
             case 'login':
-                login($command->login, $command->password, $command->clientApplication, $command->cp, $command->submittedLang);
+                $this->login($command->login, $command->password, $command->clientApplication, $command->cp, $command->submittedLang);
                 break;
             default:
+                echo ('0:Invalid command');
                 break;
         }
     }
@@ -196,13 +208,13 @@ class ConnectionHandler
         $res = false;
         setMsgLanguage($lang);
         $domainName = $this->db_base_connection->escape_string($clientApplication);
-
-        if ($stmt = $this->db_base_connection->prepare('SELECT domain_id FROM domain WHERE domain_name=\'?\' LIMIT 1')) {
+        $query = 'SELECT domain_id FROM domain WHERE domain_name = ? LIMIT 1';
+        if ($stmt = $this->db_base_connection->prepare($query)) {
             $stmt->bind_param("s", $domainName);
             $stmt->execute();
             $stmt->bind_result($domainId) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, $db_base_connection->error));
             $stmt->fetch();
-            if ($stmt->num_rows == 0) {
+            if (!isset($domainId)) {
                 // unrecoverable error, we must giveup
                 $reason = errorMsg(3007, $domainName);
                 $mysqli->close();
@@ -210,7 +222,6 @@ class ConnectionHandler
             }
             $stmt->close();
         }
-
         // retrieve the domain info
         $domainInfo = getDomainInfo($domainId);
 
@@ -220,20 +231,25 @@ class ConnectionHandler
         // now, retrieve the user infos
         $login = $this->db_base_connection->escape_string($login);
         $numrows = 0;
-        if ($stmt = $this->db_base_connection->prepare('SELECT Password, UId FROM user WHERE Login=\'?\' LIMIT 1')) {
+        $query = 'SELECT Password, UId FROM user WHERE Login = ? LIMIT 1';
+        if ($stmt = $this->db_base_connection->prepare($query)) {
             $stmt->bind_param('s', $login);
             $stmt->execute();
-            $stmt->bind_result($dbPassword, $dbUid) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, $this->db_base_connection->error));
+            $success = $stmt->bind_result($dbPassword, $dbUid) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, $this->db_base_connection->error));
             $stmt->fetch();
-            if ($stmt->num_rows) {
-                $salt = get_salt($dbPassword);
+            if ($success) {
+                $salt = $this->get_salt($dbPassword);
                 if (($cp && $dbPassword == $password) || (!$cp && $dbPassword == crypt($password, $salt))) {
-                    if ($stmt2 = $this->db_base_connection->prepare('SELECT AccessPrivilege, Privilege, ExtendedPrivilege FROM permission WHERE UId=\'' . $dbUid . '\' AND DomainId=\'$domainId\'')) {
-                        $stmt2->bind_param('i', $dbUid);
+                    $stmt->close();
+                    // UId is not a foreign key for some reason.
+                    // Hence we have to join explicitely
+                    $query = 'SELECT AccessPrivilege, Privilege, ExtendedPrivilege FROM permission JOIN user ON user.UId = permission.UId WHERE user.UId = ? AND permission.DomainId = ? LIMIT 1';
+                    if ($stmt2 = $this->db_base_connection->prepare($query)) {
+                        $stmt2->bind_param('ii', $dbUid, $domainId);
                         $stmt2->execute();
-                        $stmt2->bind_result($dbAccessPrivilege, $dbPrivilege, $dbExtendedPrivilege) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, $this->db_base_connection->error));
+                        $success = $stmt2->bind_result($dbAccessPrivilege, $dbPrivilege, $dbExtendedPrivilege) or die(errorMsgBlock(3006, $query, 'main', $this->db_base_connection_dbname, $this->db_base_connection_host, $this->db_base_connection_username, $this->db_base_connection->error));
                         $stmt2->fetch();
-                        if ($stmt->num_rows == 0) {
+                        if (!$success) {
                             // no permission
                             $reason = errorMsg(3011, $clientApplication, $domainName);
                             $res = false;
@@ -242,7 +258,7 @@ class ConnectionHandler
                                 // no permission
                                 $reason = errorMsg(3013, $clientApplication, $domainName, $accessPriv);
                             } else {
-                                if (!IsUserOnline($res)) {
+                                if (!$this->is_user_online($res)) {
                                     $id = $dbUid;
                                     $priv = $dbPrivilege;
                                     $extended = $dbExtendedPrivilege;
@@ -256,7 +272,6 @@ class ConnectionHandler
                     $reason = errorMsg(2004, 'user');
                 }
             }
-            $stmt->close();
         }
         return $res;
     }
@@ -266,7 +281,7 @@ class ConnectionHandler
      * Sets res to false if it failed.
      * @todo fix it.
      */
-    private function IsUserOnline(&$res)
+    private function is_user_online(&$res)
     {
         return false;
         // // check if the user not already online
diff --git a/code/web/public_php/login/class/nel_command.php b/code/web/public_php/login/class/nel_command.php
index 533d53d74..15117c11a 100644
--- a/code/web/public_php/login/class/nel_command.php
+++ b/code/web/public_php/login/class/nel_command.php
@@ -35,10 +35,10 @@ class NelCommand
 
     public function __construct($getParams)
     {
-        $this->cmd = $getParams['cmd'];
-        $this->login = $getParams['login'];
-        $this->password = $getParams['password'];
-        $this->clientApplication = $getParams['clientApplication'];
+        $this->cmd = isset($getParams['cmd']) ? $getParams['cmd'] : NULL;
+        $this->login = isset($getParams['login']) ? $getParams['login'] : "";
+        $this->password = isset($getParams['password']) ? $getParams['password'] : "";
+        $this->clientApplication =isset($getParams['clientApplication']) ? $getParams['clientApplication'] : "";
         $this->cp = isset($getParams['cp']) ? $getParams['cp'] : 0;
         $this->submittedLang = isset($getParams['lg']) ? $getParams['lg'] : 'unknown';
     }
diff --git a/code/web/public_php/login/r2_login.php b/code/web/public_php/login/r2_login.php
index bde0d9f4f..c706c7704 100755
--- a/code/web/public_php/login/r2_login.php
+++ b/code/web/public_php/login/r2_login.php
@@ -1,4 +1,11 @@
 <?php
+error_reporting(E_ERROR | E_PARSE);
+set_error_handler('err_callback');
+// For error handling, buffer all output
+ob_start('ob_callback_r2login');
+
+include_once './login_translations.php';
+include_once './config.php';
 include_once './tools/utils.php';
 include_once './class/connection_handler.php';
 include_once './class/nel_command.php';
@@ -14,14 +21,16 @@ if (!isset($_GET['cmd'])) {
  * $DisplayDbg is used in login_translations.php
  * @todo Make sure this is the best place to do it.
  */
-if (isset($_GET['dbg']) && ($_GET['dbg'] == 1)) {
-    $DisplayDbg = true;
-}
+$DisplayDbg = isset($_GET['dbg']) && ($_GET['dbg'] == 1);
 
 // Create a command object using the user's parameters.
 $nel_command = new NelCommand($_GET);
 // Create a connexion handler to process that command.
 $connection_handler = new ConnectionHandler($DBHost, $DBUserName, $DBPassword, $DBName, $DBHost, $RingDBUserName, $RingDBPassword);
+// Allow to create accounts on the fly (not recommended).
+$connection_handler->set_accept_unknown_user($AcceptUnknownUser);
+// Allow to auto create rings (not recommended).
+$connection_handler->set_auto_create_ring_info($AutoCreateRingInfo);
 // Connect the connection handler to the database.
 $connection_handler->connect();
 // Process the command sent by the user.