diff --git a/lam/templates/upload/massBuildAccounts.php b/lam/templates/upload/massBuildAccounts.php
index e1a65f5f5..03bc2ae2a 100644
--- a/lam/templates/upload/massBuildAccounts.php
+++ b/lam/templates/upload/massBuildAccounts.php
@@ -1,12 +1,11 @@
 <?php
 namespace LAM\UPLOAD;
 use htmlForm;
-use \htmlStatusMessage;
-use \htmlLink;
-use \htmlOutputText;
-use \htmlButton;
-use \htmlHiddenInput;
-use \htmlResponsiveRow;
+use htmlStatusMessage;
+use htmlOutputText;
+use htmlButton;
+use htmlHiddenInput;
+use htmlResponsiveRow;
 use LAM\TYPES\TypeManager;
 use LamTemporaryFilesManager;
 
@@ -112,6 +111,10 @@ include __DIR__ . '/../../lib/adminHeader.inc';
 $typeId = htmlspecialchars($_POST['typeId']);
 $typeManager = new TypeManager();
 $type = $typeManager->getConfiguredType($typeId);
+if ($type === null) {
+	logNewMessage(LOG_ERR, 'User tried to access invalid upload type: ' . $typeId);
+	die();
+}
 
 // check if account type is ok
 if ($type->isHidden()) {
@@ -215,7 +218,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
 	// if input data is invalid just display error messages (max 50)
 	if ($errors !== []) {
 		foreach ($errors as $error) {
-			$container->add(new htmlStatusMessage("ERROR", $error[0], $error[1]), 12);
+			$container->add(new htmlStatusMessage("ERROR", $error[0], $error[1]));
 		}
 		$container->addVerticalSpacer('2rem');
 		massPrintBackButton($type->getId(), $selectedModules, $container);
@@ -250,7 +253,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
 			// print errors if DN could not be built
 			if ($errors !== []) {
 				foreach ($errors as $error) {
-					$container->add(new htmlStatusMessage("ERROR", $error[0], $error[1], $error[2]), 12);
+					$container->add(new htmlStatusMessage("ERROR", $error[0], $error[1], $error[2]));
 				}
 			}
 			else {
@@ -278,7 +281,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
 				}
 				// show links for upload and LDIF export
 				$container->addVerticalSpacer('2rem');
-				$container->add(new htmlOutputText(_("LAM has checked your input and is now ready to create the accounts.")), 12);
+				$container->add(new htmlOutputText(_("LAM has checked your input and is now ready to create the accounts.")));
 				$container->addVerticalSpacer('3rem');
 				$formRow = new htmlResponsiveRow();
 				$uploadButton = new htmlButton('upload', _("Upload accounts to LDAP"));
@@ -301,7 +304,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
 	}
 }
 else {
-	$container->add(new htmlStatusMessage('ERROR', _('Please provide a file to upload.')), 12);
+	$container->add(new htmlStatusMessage('ERROR', _('Please provide a file to upload.')));
 	$container->addVerticalSpacer('2rem');
 	massPrintBackButton($type->getId(), $selectedModules, $container);
 }
@@ -318,19 +321,19 @@ include __DIR__ . '/../../lib/adminFooter.inc';
  * @param string[] $selectedModules selected modules for upload
  * @param htmlResponsiveRow $container table container
  */
-function massPrintBackButton(string $typeId, array $selectedModules, htmlResponsiveRow &$container): void {
+function massPrintBackButton(string $typeId, array $selectedModules, htmlResponsiveRow $container): void {
 	$row = new htmlResponsiveRow();
 	$backButton = new htmlButton('submit', _('Back'));
-	$row->add($backButton, 12);
-	$row->add(new htmlHiddenInput('type', $typeId), 12);
-	$createPDF = 0;
+	$row->add($backButton);
+	$row->add(new htmlHiddenInput('type', $typeId));
+	$createPDF = '0';
 	if (isset($_POST['createPDF']) && ($_POST['createPDF'] == 'on')) {
-		$createPDF = 1;
+		$createPDF = '1';
 	}
-	$row->add(new htmlHiddenInput('createPDF', $createPDF), 12);
-	$row->add(new htmlHiddenInput('pdfStructure', $_POST['pdfStructure']), 12);
+	$row->add(new htmlHiddenInput('createPDF', $createPDF));
+	$row->add(new htmlHiddenInput('pdfStructure', $_POST['pdfStructure']));
 	foreach ($selectedModules as $selectedModule) {
-		$row->add(new htmlHiddenInput($typeId . '___' . $selectedModule, 'on'), 12);
+		$row->add(new htmlHiddenInput($typeId . '___' . $selectedModule, 'on'));
 	}
 	addSecurityTokenToMetaHTML($row);
 	$container->add(new htmlForm('backform', 'masscreate.php', $row));
diff --git a/lam/templates/upload/massDoUpload.php b/lam/templates/upload/massDoUpload.php
index e9f800e72..c7a4884ec 100644
--- a/lam/templates/upload/massDoUpload.php
+++ b/lam/templates/upload/massDoUpload.php
@@ -3,7 +3,7 @@ namespace LAM\UPLOAD;
 /*
 
   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
-  Copyright (C) 2004 - 2024  Roland Gruber
+  Copyright (C) 2004 - 2025  Roland Gruber
 
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -24,6 +24,7 @@ namespace LAM\UPLOAD;
 use htmlDiv;
 use htmlJavaScript;
 use htmlResponsiveRow;
+use LAM\TYPES\TypeManager;
 
 /**
 * Creates LDAP accounts for file upload.
@@ -69,8 +70,12 @@ setlanguage();
 
 include __DIR__ . '/../../lib/adminHeader.inc';
 $typeId = htmlspecialchars($_SESSION['mass_typeId']);
-$typeManager = new \LAM\TYPES\TypeManager();
+$typeManager = new TypeManager();
 $type = $typeManager->getConfiguredType($typeId);
+if ($type === null) {
+	logNewMessage(LOG_ERR, 'User tried to access invalid upload type: ' . $typeId);
+	die();
+}
 
 // check if account type is ok
 if ($type->isHidden()) {
diff --git a/lam/templates/upload/masscreate.php b/lam/templates/upload/masscreate.php
index 3651d92c2..90043d67f 100644
--- a/lam/templates/upload/masscreate.php
+++ b/lam/templates/upload/masscreate.php
@@ -26,7 +26,7 @@ use \moduleCache;
 /*
 
   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
-  Copyright (C) 2004 - 2024  Roland Gruber
+  Copyright (C) 2004 - 2025  Roland Gruber
 
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -404,11 +404,14 @@ function showMainPage(\LAM\TYPES\ConfiguredType $type, array $selectedModules):
 		$data = [];
 		$row->addVerticalSpacer('2rem');
 		$module = moduleCache::getModule($moduleName, $scope);
+		if ($module === null) {
+			continue;
+		}
 		$icon = $module->getIcon();
 		if (!(str_starts_with($icon, 'http')) && !(str_starts_with($icon, '/'))) {
 			$icon = '../../graphics/' . $icon;
 		}
-		$moduleTitle = new htmlSubTitle(getModuleAlias($moduleName, $scope), $icon);
+		$moduleTitle = new htmlSubTitle($module->get_alias(), $icon);
 		$moduleTitle->colspan = 20;
 		$row->add($moduleTitle, 12);
 		foreach ($columns[$moduleName] as $column) {
diff --git a/phpstan.neon b/phpstan.neon
index 7478ca1c2..b8ee0ad32 100644
--- a/phpstan.neon
+++ b/phpstan.neon
@@ -8,7 +8,7 @@ parameters:
 		- lam/templates
 	fileExtensions:
 	    - php
-	    - lib
+	    - inc
 	excludePaths:
 		analyseAndScan:
 			- */3rdParty/*
@@ -48,3 +48,5 @@ parameters:
 		- '#Binary operation .* between .* and .* results in an error.#'
 		- '#Parameter \#. .* of (function|method) .* expects .*, mixed given.#'
 		- '#Cannot access property .* on mixed#'
+		- '#.* function lamEncrypt expects string.*#'
+		- '#.*class htmlHiddenInput constructor expects string, mixed given.*#'
diff --git a/rector.php b/rector.php
index 5fa26ef8f..e2d5e3700 100644
--- a/rector.php
+++ b/rector.php
@@ -20,7 +20,7 @@ use Rector\Php81\Rector\FuncCall\NullToStrictStringFuncCallArgRector;
 use Rector\Strict\Rector\Empty_\DisallowedEmptyRuleFixerRector;
 
 return RectorConfig::configure()
-	->withParallel(240, 6)
+	->withParallel(240, 2)
 	->withPaths([
 		__DIR__ . '/lam/help',
 		__DIR__ . '/lam/lib',