diff --git a/phpgwapi/inc/class.bolink.inc.php b/phpgwapi/inc/class.bolink.inc.php
index 4bf97bb271..4ed07051c0 100644
--- a/phpgwapi/inc/class.bolink.inc.php
+++ b/phpgwapi/inc/class.bolink.inc.php
@@ -257,16 +257,26 @@ class bolink extends solink
 					$only_app = substr(1,$only_app);
 				}
 				end($id);
-				while ($link = current($id))
-				{
-					if (!is_array($link) ||		// check for unlink-marker
-					    $only_app && $not_only == ($link['app'] == $only_app))
+				foreach (array_reverse($id) as $link) {
+					if (is_array($link)  // check for unlink-marker
+					&&  !($only_app && $not_only == ($link['app'] == $only_app)))
 					{
-						continue;
+						$ids[$link['link_id']] = $only_app ? $link['id'] : $link;
 					}
-					$ids[$link['link_id']] = $only_app ? $link['id'] : $link;
-					prev($id);
 				}
+				# the old version of the foreach from above
+				# left here for reference. can be deleted later
+				#
+				#while ($link = current($id))
+				#{
+				#	if (!is_array($link) ||		// check for unlink-marker
+				#	    $only_app && $not_only == ($link['app'] == $only_app))
+				#	{
+				#		continue;
+				#	}
+				#	$ids[$link['link_id']] = $only_app ? $link['id'] : $link;
+				#	prev($id);
+				#}
 			}
 			return $ids;
 		}
diff --git a/phpgwapi/inc/class.sessions.inc.php b/phpgwapi/inc/class.sessions.inc.php
index 6dd5f02cec..651183518a 100644
--- a/phpgwapi/inc/class.sessions.inc.php
+++ b/phpgwapi/inc/class.sessions.inc.php
@@ -160,6 +160,13 @@
 		* @var array
 		*/
 		var $egw_domains;
+		
+		/**
+		 * Write debug messages about session verification to the error_log
+		 *
+		 * @var boolean
+		 */
+		var $errorlog_debug = false;
 
 		/**
 		* Constructor just loads up some defaults from cookies
@@ -310,6 +317,7 @@
 			*/
 			if ($session['session_dla'] <= (time() - $GLOBALS['egw_info']['server']['sessions_timeout']))
 			{
+				if ($this->errorlog_debug) error_log("*** session::verify('$sessionid') session timed out");
 				$this->destroy($sessionid,$kp3);
 				return False;
 			}
@@ -338,6 +346,7 @@
 			$this->account_id = $GLOBALS['egw']->accounts->name2id($this->account_lid,'account_lid','u');
 			if (!$this->account_id)
 			{
+				if ($this->errorlog_debug) error_log("*** session::verify($sessionid) !accounts::name2id('$this->account_lid')");
 				return False;
 			}
 
@@ -355,6 +364,7 @@
 
 			if ($this->user['expires'] != -1 && $this->user['expires'] < time())
 			{
+				if ($this->errorlog_debug) error_log("*** session::verify($sessionid) accounts is expired");
 				if(is_object($GLOBALS['egw']->log))
 				{
 					$GLOBALS['egw']->log->message(array(
@@ -377,6 +387,7 @@
 			}
 			if ($this->account_domain != $GLOBALS['egw_info']['user']['domain'])
 			{
+				if ($this->errorlog_debug) error_log("*** session::verify($sessionid) wrong domain");
 				if(is_object($GLOBALS['egw']->log))
 				{
 					$GLOBALS['egw']->log->message(array(
@@ -393,6 +404,7 @@
 
 			if (@$GLOBALS['egw_info']['server']['sessions_checkip'])
 			{
+				if ($this->errorlog_debug) error_log("*** session::verify($sessionid) wrong IP");
 				if((PHP_OS != 'Windows') && (PHP_OS != 'WINNT') &&
 					(!$GLOBALS['egw_info']['user']['session_ip'] || $GLOBALS['egw_info']['user']['session_ip'] != $this->getuser_ip())
 				)
@@ -422,6 +434,7 @@
 			}
 			if (! $this->account_lid)
 			{
+				if ($this->errorlog_debug) error_log("*** session::verify($sessionid) !account_lid");
 				if(is_object($GLOBALS['egw']->log))
 				{
 					// This needs some better wording
@@ -439,17 +452,19 @@
 			$_current_app=$GLOBALS['egw_info']['flags']['currentapp'];
 			if($this->session_flags=='A' && !$GLOBALS['egw_info']['user']['apps'][$_current_app])
 			{
-			   $this->destroy($sessionid,$kp3);
-
-			   /* Overwrite Cookie with empty user. For 2 weeks */
-			   $this->egw_setcookie('sessionid','');
-			   $this->egw_setcookie('kp3','');
-			   $this->egw_setcookie('domain','');
-			   $this->egw_setcookie('last_domain','');
-			   $this->egw_setcookie('last_loginid', ''); 
-
-			   return False;
+				if ($this->errorlog_debug) error_log("*** session::verify($sessionid) anon user entering not allowed app");
+				$this->destroy($sessionid,$kp3);
+				
+				/* Overwrite Cookie with empty user. For 2 weeks */
+				$this->egw_setcookie('sessionid','');
+				$this->egw_setcookie('kp3','');
+				$this->egw_setcookie('domain','');
+				$this->egw_setcookie('last_domain','');
+				$this->egw_setcookie('last_loginid', ''); 
+				
+				return False;
 			}
+			if ($this->errorlog_debug) error_log("--> session::verify($sessionid) SUCCESS");
 
 			return True;
 		}
@@ -497,17 +512,15 @@
 			}
 			print_debug('COOKIE_DOMAIN',$this->cookie_domain,'api');
 
-			$url_parts = parse_url($GLOBALS['egw_info']['server']['webserver_url']);
-			if (!($this->cookie_path = $url_parts['path'])) $this->cookie_path = '/';
-			// if the cookiepath should be / and it's not, delete evtl. existing cookies and set '/'
-			if (!$GLOBALS['egw_info']['server']['cookiepath'] && $this->cookie_path != '/')
+			if (!$GLOBALS['egw_info']['server']['cookiepath'])
 			{
-				foreach(array('sessionid','kp3','domain','last_domain','last_loginid') as $name)
-				{
-					setcookie($name,false,0,$this->cookie_path,$this->cookie_domain);
-				}
 				$this->cookie_path = '/';
 			}
+			else
+			{
+				$url_parts = parse_url($GLOBALS['egw_info']['server']['webserver_url']);
+				if (!($this->cookie_path = $url_parts['path']) ) $this->cookie_path = '/';
+			}
 			//echo "<p>cookie_path='$this->cookie_path', cookie_domain='$this->cookie_domain'</p>\n";
 
 			$this->set_cookie_params($this->cookie_domain,$this->cookie_path);	// for php4 sessions necessary
@@ -529,6 +542,8 @@
 			}
 			if (is_null($cookiepath)) $cookiepath = $this->cookie_path;
 
+			if ($this->errorlog_debug) error_log("setcookie($cookiename,$cookievalue,$cookietime,$cookiepath,$this->cookie_domain)");
+
 			setcookie($cookiename,$cookievalue,$cookietime,$cookiepath,$this->cookie_domain);
 		}
 
diff --git a/timesheet/inc/class.uitimesheet.inc.php b/timesheet/inc/class.uitimesheet.inc.php
index b7308f73d5..1ad1324070 100644
--- a/timesheet/inc/class.uitimesheet.inc.php
+++ b/timesheet/inc/class.uitimesheet.inc.php
@@ -135,6 +135,11 @@ class uitimesheet extends botimesheet
 						$etpl->set_validation_error('ts_quantity',lang('Starttime has to be before endtime !!!'));
 					}
 					if (!$this->data['ts_project']) $this->data['ts_project'] = $this->data['ts_project_blur'];
+					// set ts_title to ts_project if short viewtype (title is not editable) 
+					if($this->ts_viewtype == 'short') 
+					{
+						$this->data['ts_title'] = $this->data['ts_project'];							
+					}
 					if (!$this->data['ts_title']) $this->data['ts_title'] = $this->data['ts_title_blur'];
 					if (!$this->data['ts_title'])
 					{
@@ -263,18 +268,25 @@ class uitimesheet extends botimesheet
 		}
 		// make all linked projects availible for the pm-pricelist widget, to be able to choose prices from all
 		$content['all_pm_ids'] = array_values($links);
-
-		$preserv['old_pm_id'] = array_shift($links);
-		if (!isset($this->data['pm_id']) && $preserv['old_pm_id']) $content['pm_id'] = $preserv['old_pm_id'];
-
+        
+		// set old id, pm selector (for later removal)
+		if (count($links) > 0) {  
+			$preserv['old_pm_id'] = array_shift($links);
+		}
+		if ($preserv['old_pm_id'] == '') {
+			$preserv['old_pm_id'] = $content['pm_id']; 
+		}
+		if (!isset($this->data['pm_id']) && $preserv['old_pm_id']) {
+			$content['pm_id'] = $preserv['old_pm_id'];
+		}
 		if ($content['pm_id'])
 		{
 			$preserv['ts_project_blur'] = $content['ts_project_blur'] = $this->link->title('projectmanager',$content['pm_id']);
 		}
-      	if ($this->pm_integration == 'full')
-        {
-            $preserv['ts_project'] = $preserv['ts_project_blur'];
-        }
+	      	if ($this->pm_integration == 'full')
+	        {
+	            $preserv['ts_project'] = $preserv['ts_project_blur'];
+	        }
 		$content['ts_title_blur'] = $preserv['ts_title_blur'] = $preserv['ts_title_blur'] ? $preserv['ts_title_blur'] : $preserv['ts_project_blur'];
 
 		$readonlys = array(