diff --git a/security/RIGHTS.php b/security/RIGHTS.php
index 2e6d162..2a75471 100644
--- a/security/RIGHTS.php
+++ b/security/RIGHTS.php
@@ -1,24 +1,39 @@
 <?php
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SECURITY
+ */
 namespace SYSTEM\SECURITY;
 
+/**
+ * Rights Class provided by System to define system rights.
+ * Extend this class for your own.
+ */
 class RIGHTS {
-    //Never use anything with 0 in php
+    /** int Never use anything with 0 in php */ 
     const SYS_DONOTUSE                  = 0;
-    //System Administrator Interface
+    /** int System Administrator Interface */
     const SYS_SAI                       = 1;
-    //Security Module
-    const SYS_SAI_SECURITY              = 5; //access
-    const SYS_SAI_SECURITY_RIGHTS_EDIT  = 6; //edit rights
-    //Database Text Module
+    /** int Security Module access */
+    const SYS_SAI_SECURITY              = 5;
+    /** int Security Module edit rights */
+    const SYS_SAI_SECURITY_RIGHTS_EDIT  = 6; //
+    /** int Database Text Module */
     const SYS_SAI_LOCALE                = 10;
-    //Image Module
+    /** int Image Module */
     const SYS_SAI_FILES                 = 15;
-    //Api Module
+    /** int Api Module */
     const SYS_SAI_API                   = 20;
-    //const SYS_SAI_API_EDIT              = 21;
     
+    /** int Cron jobs */
     const SYS_SAI_CRON                  = 25;
     
-    //Reserve first 1000 ids.
+    /** int Reserve first 1000 ids. Start from here. */
     const RESERVED_SYS_0_999 = 999;
 }
\ No newline at end of file
diff --git a/security/User.php b/security/User.php
index 127c21f..7a1432b 100644
--- a/security/User.php
+++ b/security/User.php
@@ -1,21 +1,58 @@
 <?php
-
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SECURITY
+ */
 namespace SYSTEM\SECURITY;
 
+/**
+ * User Class provided by System to manage website user session values
+ */
 class User {
-
+    /** int user id*/
     public $id = NULL;
+    /** string username*/
     public $username = NULL;
+    /** string email*/
     public $email = NULL;
+    /** int user creation date*/
     public $creationDate = NULL;
+    /** int users last login*/
     public $lastLoginDate = NULL;
+    /** string users last login IP*/
     public $lastLoginIP = NULL;
+    /** int users amunt of wrong passwords*/
     public $passwordWrongCount = NULL;
+    /** array users rights*/
     public $rights = NULL;
+    /** string users language*/
     public $locale = NULL;
+    /** string websiteurl*/
     public $base_url = NULL;
+    /** bool users email confirm status*/
     public $email_confirmed = NULL;
 
+    /**
+     * Create a new User Session Store.
+     *
+     * @param int $id User id
+     * @param string $username Username
+     * @param string $email Users Email
+     * @param int $creationDate user creation date
+     * @param int $lastLoginDate users last login
+     * @param string $lastLoginIP users last login IP
+     * @param int $passwordWrongCount users amunt of wrong passwords
+     * @param array $rights users rights
+     * @param string $locale Users Language
+     * @param string $base_url websiteurl
+     * @param bool $email_confirmed users email confirm status
+     */
     public function __construct($id, $username, $email, $creationDate, $lastLoginDate, $lastLoginIP, $passwordWrongCount, $rights, $locale, $base_url, $email_confirmed){
         $this->id = $id;
         $this->username = $username;
diff --git a/security/qq/SYS_SECURITY_AVAILABLE.php b/security/qq/SYS_SECURITY_AVAILABLE.php
index 01266fb..58c65bb 100644
--- a/security/qq/SYS_SECURITY_AVAILABLE.php
+++ b/security/qq/SYS_SECURITY_AVAILABLE.php
@@ -1,5 +1,19 @@
 <?php
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SQL
+ */
 namespace SYSTEM\SQL;
+
+/**
+ * QQ to check for usernames availibility
+ */
 class SYS_SECURITY_AVAILABLE extends \SYSTEM\DB\QP {
     public static function get_class(){return \get_class();}
     public static function pgsql(){return
diff --git a/security/qq/SYS_SECURITY_AVAILABLE_EMAIL.php b/security/qq/SYS_SECURITY_AVAILABLE_EMAIL.php
index 65b0dee..d3f1474 100644
--- a/security/qq/SYS_SECURITY_AVAILABLE_EMAIL.php
+++ b/security/qq/SYS_SECURITY_AVAILABLE_EMAIL.php
@@ -1,5 +1,19 @@
 <?php
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SQL
+ */
 namespace SYSTEM\SQL;
+
+/**
+ * QQ to check for username || email combination availibility
+ */
 class SYS_SECURITY_AVAILABLE_EMAIL extends \SYSTEM\DB\QP {
     public static function get_class(){return \get_class();}
     public static function pgsql(){return
diff --git a/security/qq/SYS_SECURITY_CHECK.php b/security/qq/SYS_SECURITY_CHECK.php
index 677ea2e..7457058 100644
--- a/security/qq/SYS_SECURITY_CHECK.php
+++ b/security/qq/SYS_SECURITY_CHECK.php
@@ -1,6 +1,19 @@
 <?php
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SQL
+ */
 namespace SYSTEM\SQL;
 
+/**
+ * QQ to check for users rights
+ */
 class SYS_SECURITY_CHECK extends \SYSTEM\DB\QP {
     public static function get_class(){return \get_class();}
     public static function pgsql(){return
diff --git a/security/qq/SYS_SECURITY_CREATE.php b/security/qq/SYS_SECURITY_CREATE.php
index a71147f..d159761 100644
--- a/security/qq/SYS_SECURITY_CREATE.php
+++ b/security/qq/SYS_SECURITY_CREATE.php
@@ -1,5 +1,19 @@
 <?php
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SQL
+ */
 namespace SYSTEM\SQL;
+
+/**
+ * QQ to create a new user
+ */
 class SYS_SECURITY_CREATE extends \SYSTEM\DB\QP {
     public static function get_class(){return \get_class();}
     public static function pgsql(){return           
diff --git a/security/qq/SYS_SECURITY_LOGIN_USER_EMAIL_SHA1.php b/security/qq/SYS_SECURITY_LOGIN_USER_EMAIL_SHA1.php
index 24b582e..5310ed4 100644
--- a/security/qq/SYS_SECURITY_LOGIN_USER_EMAIL_SHA1.php
+++ b/security/qq/SYS_SECURITY_LOGIN_USER_EMAIL_SHA1.php
@@ -1,5 +1,19 @@
 <?php
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SQL
+ */
 namespace SYSTEM\SQL;
+
+/**
+ * QQ to check for emails creadentials (login)
+ */
 class SYS_SECURITY_LOGIN_USER_EMAIL_SHA1 extends \SYSTEM\DB\QP {
     public static function get_class(){return \get_class();}
     public static function pgsql(){return           
diff --git a/security/qq/SYS_SECURITY_LOGIN_USER_SHA1.php b/security/qq/SYS_SECURITY_LOGIN_USER_SHA1.php
index 52abd24..25f8771 100644
--- a/security/qq/SYS_SECURITY_LOGIN_USER_SHA1.php
+++ b/security/qq/SYS_SECURITY_LOGIN_USER_SHA1.php
@@ -1,5 +1,19 @@
 <?php
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SQL
+ */
 namespace SYSTEM\SQL;
+
+/**
+ * QQ to check for usernames credentials (login)
+ */
 class SYS_SECURITY_LOGIN_USER_SHA1 extends \SYSTEM\DB\QP {
     public static function get_class(){return \get_class();}
     public static function pgsql(){return           
diff --git a/security/qq/SYS_SECURITY_UPDATE_LASTACTIVE.php b/security/qq/SYS_SECURITY_UPDATE_LASTACTIVE.php
index 732f87a..cece8e9 100644
--- a/security/qq/SYS_SECURITY_UPDATE_LASTACTIVE.php
+++ b/security/qq/SYS_SECURITY_UPDATE_LASTACTIVE.php
@@ -1,5 +1,19 @@
 <?php
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SQL
+ */
 namespace SYSTEM\SQL;
+
+/**
+ * QQ to update users last active timestamp
+ */
 class SYS_SECURITY_UPDATE_LASTACTIVE extends \SYSTEM\DB\QP {
     public static function get_class(){return \get_class();}
     public static function pgsql(){return
diff --git a/security/qq/SYS_SECURITY_UPDATE_PW.php b/security/qq/SYS_SECURITY_UPDATE_PW.php
index 00fbf9e..10acd09 100644
--- a/security/qq/SYS_SECURITY_UPDATE_PW.php
+++ b/security/qq/SYS_SECURITY_UPDATE_PW.php
@@ -1,5 +1,19 @@
 <?php
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SQL
+ */
 namespace SYSTEM\SQL;
+
+/**
+ * QQ to change a user password
+ */
 class SYS_SECURITY_UPDATE_PW extends \SYSTEM\DB\QP {
     public static function get_class(){return \get_class();}
     public static function pqsql(){return
diff --git a/security/qq/SYS_SECURITY_USER_INFO.php b/security/qq/SYS_SECURITY_USER_INFO.php
index 6a296df..19a85b0 100644
--- a/security/qq/SYS_SECURITY_USER_INFO.php
+++ b/security/qq/SYS_SECURITY_USER_INFO.php
@@ -1,5 +1,19 @@
 <?php
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SQL
+ */
 namespace SYSTEM\SQL;
+
+/**
+ * QQ to get a usernames infos
+ */
 class SYS_SECURITY_USER_INFO extends \SYSTEM\DB\QP {
     public static function get_class(){return \get_class();}
     public static function pgsql(){return
diff --git a/security/security.php b/security/security.php
index 2abfa3c..a61388e 100644
--- a/security/security.php
+++ b/security/security.php
@@ -1,6 +1,30 @@
 <?php
+/**
+ * System - PHP Framework
+ *
+ * PHP Version 5.6
+ *
+ * @copyright   2016 Ulf Gebhardt (http://www.webcraft-media.de)
+ * @license     http://www.opensource.org/licenses/mit-license.php MIT
+ * @link        https://github.com/webcraftmedia/system
+ * @package     SYSTEM\SECURITY
+ */
 namespace SYSTEM\SECURITY;
-class security { 
+
+/**
+ * security Class provided by System to manage website user and its attributes
+ */
+class security {
+    /**
+     * Create a new User. Permanently saved to the Database
+     *
+     * @param string $username Username of the new User
+     * @param string $password_sha1 Hashed Password of the new User
+     * @param string $email Email of the new User
+     * @param string $locale Language of the new User
+     * @param bool $json_result Return data as JSON or Array
+     * @return mixed Returns json with status true or Error or Array with userinfo.
+     */
     public static function create($username, $password_sha1, $email, $locale = 'enUS',$json_result = false){
         self::startSession();
         if(!self::available($username)){
@@ -11,7 +35,16 @@ class security {
             throw new \SYSTEM\LOG\ERROR("Error during Registration process.");}                 
         return $json_result ? \SYSTEM\LOG\JsonResult::ok() : $row;
     }
-             
+    
+    /**
+     * Login a User.
+     *
+     * @param string $username Username of the User
+     * @param string $password_sha1 Hashed Password of the User
+     * @param string $locale Language of the User on login.
+     * @param bool $json_result Return data as JSON or Array
+     * @return mixed Returns json with status true or Error or Array with userinfo.
+     */
     public static function login($username, $password_sha1, $locale=NULL,$json_result = false){
         self::startSession();
         $_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)] = NULL;
@@ -28,9 +61,7 @@ class security {
                                         $row[\SYSTEM\SQL\system_user::FIELD_EMAIL],
                                         $row[\SYSTEM\SQL\system_user::FIELD_JOINDATE],
                                         time(),
-                                        getenv('REMOTE_ADDR'),
-                                        0,
-                                        NULL,
+                                        getenv('REMOTE_ADDR'),0,NULL,
                                         $row[\SYSTEM\SQL\system_user::FIELD_LOCALE],
                                         \SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL),
                                         $row[\SYSTEM\SQL\system_user::FIELD_EMAIL_CONFIRMED]);        
@@ -40,7 +71,14 @@ class security {
         return $json_result ? \SYSTEM\LOG\JsonResult::ok() : $row;
     }       
         
-    // Determine if username exists
+    /**
+     * Determine if username is already in use.
+     *
+     * @param string $username Username to be checked
+     * @param string $email EMail to be checked
+     * @param bool $json_result Return data as JSON or Array
+     * @return mixed Returns json with status true or Error or Array with userinfo.
+     */
     public static function available($username,$email=null,$json_result=false){
         if($email){
             $res = \SYSTEM\SQL\SYS_SECURITY_AVAILABLE_EMAIL::Q1(array($username,$email));
@@ -59,7 +97,13 @@ class security {
         return $json_result ? \SYSTEM\LOG\JsonResult::ok() : true;
     }
 
-    //checks for a right for a logged in user
+    /**
+     * Checks for a right for a logged in user
+     *
+     * @param int $rightid Right ID to be checked
+     * @param bool $json_result Return data as JSON or Array
+     * @return mixed Returns json with status true or false or true or false.
+     */
     public static function check($rightid,$json_result=false){
         //Not logged in? Go away.
         //If you think you need rights for your guests ur doing smth wrong ;-)
@@ -72,6 +116,14 @@ class security {
         return $json_result ? \SYSTEM\LOG\JsonResult::ok() : true;
     }
     
+    /**
+     * Change users Password
+     *
+     * @param string $username Username whos subject to the passwordchange
+     * @param string $old_password_sha1 Users old hashed Password
+     * @param string $new_password_sha1 Users new hashed Password
+     * @return json Returns json with status true or false
+     */
     public static function change_password($username,$old_password_sha1,$new_password_sha1){        
         $row = \SYSTEM\SQL\SYS_SECURITY_LOGIN_USER_SHA1::Q1(array($username, $old_password_sha1));                        
         if(!$row){
@@ -79,6 +131,23 @@ class security {
         $result = \SYSTEM\SQL\SYS_SECURITY_UPDATE_PW::QI(array($new_password_sha1, $row['id']));        
         return $result ? \SYSTEM\LOG\JsonResult::ok() : \SYSTEM\LOG\JsonResult::fail();
     }
+    
+    /**
+     * Change users Email.
+     * This will facilitate the @see \SYSTEM\TOKEN\token utility to generate
+     * a token and send it to the users email using php mailinc function.
+     * 
+     * This function can only be invoked if the user is logged in and uses the
+     * function on himself or \SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT
+     * is present for the invoking user.
+     * 
+     * This function will fail if the Email of the user is unconfirmed. You can
+     * only change the email of a confirmed account.
+     *
+     * @param string $username Username whos subject to the emailchange
+     * @param string $new_email New Email for the given Username
+     * @return bool Returns true or false
+     */
     public static function change_email($username, $new_email) {
         if(!self::isLoggedIn() || (self::getUser()->username !== $username && self::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT))){
             throw new \SYSTEM\LOG\ERROR("You need to be logged in to trigger this function on your account.");}
@@ -102,6 +171,17 @@ class security {
 
         return \mail($to, $subject, $message, $header) ? \SYSTEM\LOG\JsonResult::ok() : \SYSTEM\LOG\JsonResult::fail();
     }
+    
+    /**
+     * Reset users Password.
+     * This will facilitate the @see \SYSTEM\TOKEN\token utility to generate
+     * a token and send it to the users email using php mailinc function.
+     * A new password is generated on invoke and sent with the email.
+     * After confirming the token the new password given in the email is valid.
+     *
+     * @param string $username Username whos subject to the password reset
+     * @return bool Returns true or false
+     */
     public static function reset_password($username) {
         //find all userdata
         $vars = \SYSTEM\SQL\SYS_SECURITY_USER_INFO::Q1(array($username));
@@ -123,6 +203,19 @@ class security {
 
         return \mail($to, $subject, $message, $header) ? \SYSTEM\LOG\JsonResult::ok() : \SYSTEM\LOG\JsonResult::fail();
     }
+    
+    /**
+     * Request an Confirm-Email for given Username.
+     * This will facilitate the @see \SYSTEM\TOKEN\token utility to generate
+     * a token and send it to the users email using php mailinc function.
+     * 
+     * This function can only be invoked if the user is logged in and uses the
+     * function on himself or \SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT
+     * is present for the invoking user.
+     *
+     * @param string $username Username whos subject to the email confirm request
+     * @return bool Returns true or false
+     */
     public static function confirm_email($username) {
         if(!self::isLoggedIn() || (self::getUser()->username !== $username && self::check(\SYSTEM\SECURITY\RIGHTS::SYS_SAI_SECURITY_RIGHTS_EDIT))){
             throw new \SYSTEM\LOG\ERROR("You need to be logged in to trigger this function on your account.");}
@@ -145,39 +238,82 @@ class security {
 
         return \mail($to, $subject, $message, $header) ? \SYSTEM\LOG\JsonResult::ok() : \SYSTEM\LOG\JsonResult::fail();
     }
+    
+    /**
+     * Confirm a token sent using @see \SYSTEM\TOKEN\token utility
+     * (email confirm, email change, password reset)
+     *
+     * @param string $token Token given in eg an email.
+     * @param bool $json_result Return data as JSON or Array
+     * @return bool Returns json with status true or false or a bool
+     */
     public static function confirm($token,$json_result = false) {
         return \SYSTEM\TOKEN\token::confirm($token) ? 
                 ($json_result ? \SYSTEM\LOG\JsonResult::ok() : true) :
                 ($json_result ? \SYSTEM\LOG\JsonResult::fail() : false);}
     
+    /**
+     * Get Userinfo stored in the current Session.
+     *
+     * @return User Returns User object or NULL
+     */
     public static function getUser(){
         if(!self::isLoggedIn(false)){
             return NULL;}
         return $_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)];
     }
 
-    //Session
+    /**
+     * End the current Session and logout the User
+     *
+     * @param bool $json_result Return data as JSON or Array
+     * @return mixed Returns Json status true or true
+     */
     public static function logout($json_result = false){
         self::startSession();
         session_destroy();
         return $json_result ? \SYSTEM\LOG\JsonResult::ok() : true;}
-        
+    
+    /**
+     * Save a key=>value into the current session(not preserved)
+     *
+     * @param string $key key for the given value
+     * @param mixed $value Value for the given Key to be saved
+     * @return null Returns null.
+     */
     public static function save($key,$value){
         self::startSession();
         $_SESSION['values'][$key] = $value;}
         
+    /**
+     * Save the value of a key from the current session(not preserved)
+     *
+     * @param string $key key to be queried
+     * @return mixed Returns Value or null.
+     */
     public static function load($key){
         self::startSession();
         if(!isset($_SESSION['values'][$key])){
             return NULL;}
         return $_SESSION['values'][$key];}
-        
+    
+    /**
+     * Check if the current session is a logged in user
+     *
+     * @param bool $json_result Return data as JSON or Array
+     * @return mixed Returns json with status true or false or a bool.
+     */
     public static function isLoggedIn($json_result = false){
         self::startSession();
         return (isset($_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)]) &&
                 $_SESSION[\SYSTEM\CONFIG\config::get(\SYSTEM\CONFIG\config_ids::SYS_CONFIG_PATH_BASEURL)] instanceof User) ?
                 ($json_result ? \SYSTEM\LOG\JsonResult::ok() : true) : ($json_result ? \SYSTEM\LOG\JsonResult::fail() : false);}
-        
+    
+    /**
+     * State the Session for the current request
+     *
+     * @return null Returns null.
+     */
     protected static function startSession(){
         if(!isset($_SESSION) && !headers_sent()){
             \session_start();}