diff --git a/about.php b/about.php
index 56a6f7e45..43c692c4c 100644
--- a/about.php
+++ b/about.php
@@ -35,11 +35,11 @@
       <input type="button" id="ok" name="ok" value="' . translate( 'OK' )
  . '" onclick="window.close()">
     </form>' . ( empty ( $credits ) ? '' : "
+    <script src=\"includes/js/v_h_scrolls.js\"></script>
     <script>
       function start() {
         startScroll('creds', '$data');
       }
     </script>
-    <script src=\"includes/js/v_h_scrolls.js\"></script>
 " ) . print_trailer ( false,true,true );
 ?>
diff --git a/access.php b/access.php
index 75eb09dcf..a892f12f2 100644
--- a/access.php
+++ b/access.php
@@ -3,11 +3,11 @@
  * This page is used to manage user access rights.
  *
  * It has three different modes:
- * - list users to manage (no parameters)
- * - manage a single user's rights (just "user" parameter)
- *   this will include which functions the user can access and
- *   (if $ALLOW_VIEW_OTHER is 'Y') which calendars they can view/edit/approve
- * - update the database (form handler)
+ *  - list users to manage (no parameters)
+ *  - manage a single user's rights (just "user" parameter)
+ *    this will include which functions the user can access and
+ *    (if $ALLOW_VIEW_OTHER is 'Y') which calendars they can view/edit/approve
+ *  - update the database (form handler)
  *
  * Input Parameters:
  *  user - specifies which user to manage, a form will be presented
@@ -15,6 +15,11 @@
  *
  *  access_N - where N is 0 to ACCESS_NUMBER_FUNCTIONS as defined in
  *             includes/access.php. Each should be either 'Y' or 'N'.
+ *
+ * @package WebCalendar
+ */
+/**
+ * Include the basics.
  */
 require_once 'includes/init.php';
 
@@ -204,9 +209,7 @@
     $div = ceil( ACCESS_NUMBER_FUNCTIONS / 4 );
 
     // We can reorder the display of user rights here.
-    $order = [
-      1, 0, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 27,
-      15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26];
+    $order = array_merge ( [1, 0], range ( 2, 14 ), [27], range ( 15, 26 ) );
     // Make sure that we have defined all the types of access
     // defined in access.php.
     assert( count( $order ) == ACCESS_NUMBER_FUNCTIONS );
@@ -343,6 +346,10 @@
       $bottomedge = '';
       if( $j == 3 )
         continue;
+
+      $j8 = $j * 8;
+      $j64 = $j * 64;
+
       echo '
           <tr>
             <td class="boxleft leftpadded' . ( $j > 3 ? ' boxbottom' : '' )
@@ -370,12 +377,12 @@
        . ( ! empty( $op['view'] ) && ( $op['view'] & $j ) ? $checked : '' )
        . '></td>
             <td class="conf ' . $bottomedge . '"><input class="form-control-sm" type="checkbox" value="'
-       . $j * 8 . '" name="v_' . $j * 8 . '"'
-       . ( ! empty( $op['view'] ) && ( $op['view'] & ( $j * 8 ) )
+       . $j8 . '" name="v_' . $j8 . '"'
+       . ( ! empty( $op['view'] ) && ( $op['view'] & $j8 )
         ? $checked : '' ) . '></td>
             <td class="priv ' . $bottomedge . '"><input class="form-control-sm" type="checkbox" value="'
-       . $j * 64 . '" name="v_' . $j * 64 . '"'
-       . ( ! empty( $op['view'] ) && ( $op['view'] & ( $j * 64 ) )
+       . $j64 . '" name="v_' . $j64 . '"'
+       . ( ! empty( $op['view'] ) && ( $op['view'] & $j64 )
         ? $checked : '' ) . '></td>'
        . ( $guser != '__public__' ? '
             <td class="aligncenter boxleft pub ' . $bottomedge . '"><input '
@@ -383,24 +390,24 @@
          . ( ! empty( $op['edit'] ) && ( $op['edit'] & $j ) ? $checked : '' )
          . '></td>
             <td class="conf ' . $bottomedge . '"><input class="form-control-sm" type="checkbox" value="'
-         . $j * 8 . '" name="e_' . $j * 8 . '"'
-         . ( ! empty( $op['edit'] ) && ( $op['edit'] & ( $j * 8 ) )
+         . $j8 . '" name="e_' . $j8 . '"'
+         . ( ! empty( $op['edit'] ) && ( $op['edit'] & $j8 )
           ? $checked : '' ) . '></td>
             <td class="priv ' . $bottomedge . '"><input class="form-control-sm" type="checkbox" value="'
-         . $j * 64 . '" name="e_' . $j * 64 . '"'
-         . ( ! empty( $op['edit'] ) && ( $op['edit'] & ( $j * 64 ) )
+         . $j64 . '" name="e_' . $j64 . '"'
+         . ( ! empty( $op['edit'] ) && ( $op['edit'] & $j64 )
           ? $checked : '' ) . '></td>
             <td class="aligncenter boxleft pub ' . $bottomedge . '"><input '
          . 'class="form-control-sm" type="checkbox" value="' . $j . '" name="a_' . $j . '"'
          . ( ! empty( $op['approve'] ) && ( $op['approve'] & $j )
           ? $checked : '' ) . '></td>
             <td class="conf ' . $bottomedge . '"><input class="form-control-sm" type="checkbox" value="'
-         . $j * 8 . '" name="a_' . $j * 8 . '"'
-         . ( ! empty( $op['approve'] ) && ( $op['approve'] & ( $j * 8 ) )
+         . $j8 . '" name="a_' . $j8 . '"'
+         . ( ! empty( $op['approve'] ) && ( $op['approve'] & $j8 )
           ? $checked : '' ) . '></td>
             <td class="boxright priv ' . $bottomedge
-         . '"><input class="form-control-sm" type="checkbox" value="' . $j * 64 . '" name="a_' . $j * 64
-         . '"' . ( ! empty( $op['approve'] ) && ( $op['approve'] & ( $j * 64 ) )
+         . '"><input class="form-control-sm" type="checkbox" value="' . $j64 . '" name="a_' . $j64
+         . '"' . ( ! empty( $op['approve'] ) && ( $op['approve'] & $j64 )
           ? $checked : '' ) . '></td>'
         : '' ) . '
           </tr>';
@@ -443,7 +450,14 @@
 echo print_trailer();
 
 /**
- * Get the list of users that the specified user can see.
+ * get_list_of_users
+ *
+ * @param  string $user
+ *
+ * @global string $is_admin
+ * @global string $is_nonuser_admin
+ *
+ * @return array of users that the specified user can see.
  */
 function get_list_of_users( $user ) {
   global $is_admin, $is_nonuser_admin;
diff --git a/admin.php b/admin.php
index 332b0058e..4419188c5 100644
--- a/admin.php
+++ b/admin.php
@@ -230,7 +230,7 @@ function save_pref ( $prefs, $src ) {
     $handler = 'color_change_handler_' . $k;
     $color_sets .= print_color_input_html ( $k, $v, '', '', 'p', '', $handler );
   }
-  $csp = empty($s['CSP']) ? 'none' : $s['CSP'];
+  $csp = ( $s['CSP'] ?: 'none' );
 
   set_today ( date ( 'Ymd' ) );
 
@@ -776,11 +776,13 @@ function save_pref ( $prefs, $src ) {
                 <div class="form-inline mt-1 mb-2"><label title="' . tooltip ( 'email-smtp-username' ) . '">'
    . translate ( 'SMTP Username' )
    . ':</label><input type="text" size="30" name="admin_SMTP_USERNAME" value="'
-   . ( empty ( $s['SMTP_USERNAME'] ) ? '' : $s['SMTP_USERNAME'] ) . '"></div>
+   . ( $s['SMTP_USERNAME'] ?: '' )
+   . '"></div>
                 <div class="form-inline mt-1 mb-2"><label title="' . tooltip ( 'email-smtp-password' ) . '">'
    . translate ( 'SMTP Password' )
    . ':</label><input type="text" size="30" name="admin_SMTP_PASSWORD" value="'
-   . ( empty ( $s['SMTP_PASSWORD'] ) ? '' : $s['SMTP_PASSWORD'] ) . '"></div>
+   . ( $s['SMTP_PASSWORD'] ?: '' )
+   . '"></div>
               </div>
             </div>
             <p class="bold">' . translate ( 'Default user settings' ) . ':</p>'
@@ -845,7 +847,8 @@ function save_pref ( $prefs, $src ) {
             <p class="form-inline mt-1 mb-2"><label for="admin_BGREPEAT" title="' . tooltip ( 'bgrepeat-help' )
    . '">' . translate ( 'Background Repeat' )
    . ':</label><input type="text" size="30" name="admin_BGREPEAT" id="admin_BGREPEAT" value="'
-   . ( empty ( $s['BGREPEAT'] ) ? '' : $s['BGREPEAT'] ) . '"></p>
+   . ( $s['BGREPEAT'] ?: '' )
+   . '"></p>
           </fieldset>
         </div>
       </div>
diff --git a/includes/functions.php b/includes/functions.php
index f5cff2daa..0fc933e94 100644
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -932,60 +932,36 @@ function decode_string ( $instr ) {
  * @return string  HTML for one log entry.
  */
 function display_activity_log( $cal_type, $cal_text = '', $break = '<br>&nbsp;' ) {
-  if ( $cal_type == LOG_APPROVE )
-    $ret = translate ( 'Event approved' );
-  elseif ( $cal_type == LOG_APPROVE_J )
-    $ret = translate ( 'Journal approved' );
-  elseif ( $cal_type == LOG_APPROVE_T )
-    $ret = translate ( 'Task approved' );
-  elseif ( $cal_type == LOG_ATTACHMENT )
-    $ret = translate ( 'Attachment' );
-  elseif ( $cal_type == LOG_COMMENT )
-    $ret = translate ( 'Comment' );
-  elseif ( $cal_type == LOG_CREATE )
-    $ret = translate ( 'Event created' );
-  elseif ( $cal_type == LOG_CREATE_J )
-    $ret = translate ( 'Journal created' );
-  elseif ( $cal_type == LOG_CREATE_T )
-    $ret = translate ( 'Task created' );
-  elseif ( $cal_type == LOG_DELETE )
-    $ret = translate ( 'Event deleted' );
-  elseif ( $cal_type == LOG_DELETE_J )
-    $ret = translate ( 'Journal deleted' );
-  elseif ( $cal_type == LOG_DELETE_T )
-    $ret = translate ( 'Task deleted' );
-  elseif ( $cal_type == LOG_LOGIN_FAILURE )
-    $ret = translate ( 'Invalid login' );
-  elseif ( $cal_type == LOG_NEWUSER_EMAIL )
-    $ret = translate ( 'New user via email (self registration)' );
-  elseif ( $cal_type == LOG_NEWUSER_FULL )
-    $ret = translate ( 'New user (self registration)' );
-  elseif ( $cal_type == LOG_NOTIFICATION )
-    $ret = translate ( 'Notification sent' );
-  elseif ( $cal_type == LOG_REJECT )
-    $ret = translate ( 'Event rejected' );
-  elseif ( $cal_type == LOG_REJECT_J )
-    $ret = translate ( 'Journal rejected' );
-  elseif ( $cal_type == LOG_REJECT_T )
-    $ret = translate ( 'Task rejected' );
-  elseif ( $cal_type == LOG_REMINDER )
-    $ret = translate ( 'Reminder sent' );
-  elseif ( $cal_type == LOG_UPDATE )
-    $ret = translate ( 'Event updated' );
-  elseif ( $cal_type == LOG_UPDATE_J )
-    $ret = translate ( 'Journal updated' );
-  elseif ( $cal_type == LOG_UPDATE_T )
-    $ret = translate ( 'Task updated' );
-  elseif ( $cal_type == LOG_USER_ADD )
-    $ret = translate ( 'Add User' );
-  elseif ( $cal_type == LOG_USER_DELETE )
-    $ret = translate ( 'Delete User' );
-  elseif ( $cal_type == LOG_USER_UPDATE )
-    $ret = translate ( 'Edit User' );
-  elseif ( $cal_type == LOG_SYSTEM )
-    $ret = translate ( 'System Message' );
-  else
-    $ret = '???';
+  $ret = match ( $cal_type ) {
+    LOG_APPROVE => translate ( 'Event approved' ),
+    LOG_APPROVE_J => translate ( 'Journal approved' ),
+    LOG_APPROVE_T => translate ( 'Task approved' ),
+    LOG_ATTACHMENT => translate ( 'Attachment' ),
+    LOG_COMMENT => translate ( 'Comment' ),
+    LOG_CREATE => translate ( 'Event created' ),
+    LOG_CREATE_J => translate ( 'Journal created' ),
+    LOG_CREATE_T => translate ( 'Task created' ),
+    LOG_DELETE => translate ( 'Event deleted' ),
+    LOG_DELETE_J => translate ( 'Journal deleted' ),
+    LOG_DELETE_T => translate ( 'Task deleted' ),
+    LOG_LOGIN_FAILURE => translate ( 'Invalid login' ),
+    LOG_NEWUSER_EMAIL => translate ( 'New user via email (self registration)' ),
+    LOG_NEWUSER_FULL => translate ( 'New user (self registration)' ),
+    LOG_NOTIFICATION => translate ( 'Notification sent' ),
+    LOG_REJECT => translate ( 'Event rejected' ),
+    LOG_REJECT_J => translate ( 'Journal rejected' ),
+    LOG_REJECT_T => translate ( 'Task rejected' ),
+    LOG_REMINDER => translate ( 'Reminder sent' ),
+    LOG_SYSTEM => translate ( 'System Message' ),
+    LOG_UPDATE => translate ( 'Event updated' ),
+    LOG_UPDATE_J => translate ( 'Journal updated' ),
+    LOG_UPDATE_T => translate ( 'Task updated' ),
+    LOG_USER_ADD => translate ( 'Add User' ),
+    LOG_USER_DELETE => translate ( 'Delete User' ),
+    LOG_USER_UPDATE => translate ( 'Edit User' ),
+    default => '???'
+  };
+
   //fix any broken special characters
   if (!empty($cal_text)) {
     $cal_text = preg_replace("/&amp;(#[0-9]+|[a-z]+);/i", "&$1;", htmlentities($cal_text));
diff --git a/includes/init.php b/includes/init.php
index d88ea63a2..c7c71ed9f 100644
--- a/includes/init.php
+++ b/includes/init.php
@@ -151,7 +151,7 @@ function send_http_headers () {
 function print_header( $includes = '', $HeadX = '', $BodyX = '',
   $disableCustom = false, $disableStyle = false, $disableRSS = false,
   $IGNORED = false, $disableUTIL = false ) {
-  global $BGCOLOR, $browser, $charset, $CUSTOM_HEADER, $CUSTOM_SCRIPT,
+  global $BGCOLOR, $browser, $charset, $CSP, $CUSTOM_HEADER, $CUSTOM_SCRIPT,
   $DISABLE_POPUPS, $DISPLAY_TASKS, $DISPLAY_WEEKENDS, $FONTS, $friendly,
   $is_admin, $LANGUAGE, $login, $MENU_ENABLED, $MENU_THEME, $OTHERMONTHBG,
   $POPUP_FG, $PUBLIC_ACCESS, $PUBLIC_ACCESS_FULLNAME, $REQUEST_URI, $SCRIPT,
@@ -191,15 +191,17 @@ function print_header( $includes = '', $HeadX = '', $BodyX = '',
 
   send_http_headers ();
 
-  $ret .= "\n<style id=\"antiClickjack\">\n  body{display:none !important;}\n</style>\n" .
-    "<script type=\"text/javascript\">\n" .
-    "  if (self.location.hostname === top.location.hostname) {\n" .
-    "      var antiClickjack = document.getElementById(\"antiClickjack\");\n" .
-    "      antiClickjack.parentNode.removeChild(antiClickjack);\n" .
-    "  } else {\n" .
-    "      top.location = self.location;\n" .
-    "  }\n" .
-    "</script>\n";
+  if (empty($CSP) || $CSP == 'none') {
+    $ret .= "\n<style id=\"antiClickjack\">\n  body{display:none !important;}\n</style>\n" .
+      "<script type=\"text/javascript\">\n" .
+      "  if (self.location.hostname === top.location.hostname) {\n" .
+      "      var antiClickjack = document.getElementById(\"antiClickjack\");\n" .
+      "      antiClickjack.parentNode.removeChild(antiClickjack);\n" .
+      "  } else {\n" .
+      "      top.location = self.location;\n" .
+      "  }\n" .
+      "</script>\n";
+    }
 
 
   $ret .= $ASSETS;