1) fix Rating Model
2) sql CreateSubject: restore expected behavior (see todo in commit "Refactoring of subjects upload page" 19.06.15)
3) refactor and disable JavaAuth (see todo)

Not all servers detect HTTP_X_REQUESTED_WITH header.
And now it is possible to load excel files.

Default faculty was not defined by default.

Russian constants are moved to twig & RusLang modules.
Functions were renamed to Semesters::load($id) & Semesters::loadAll().

Moved some functions from Account to Model_Account & Model_Teacher.

It may seem that this commit is rather big, but it's not. Don't be afraid, just read the message. Recently we have understood that it was a bad idea to store rights for pages in a database. So I decided to move the information to PHP layer and make it more clear.

When you write a new controller in Admin/ Dean/ Student/ folder, you should explicitly extend one of Controller_Environment_* classes, and all specific checks will be done there. Additional advantage is manipulating $user variable, so you will have access to extended fields of user, ie User_Student contains StudentID, but User_Teacher does not.

Also, prefer -> operator to []. The reason is simple: IDE shows hints and mismatches only with the first one.

The second important statement is User::checkAccess(User::RIGHTS_*) — call it at the top of *every* function in the Handler/ classes. Exception will be thrown, if user doesn't have enough rights.

NB. If you want to overload "before()" function while extending Environment_* controller, do it in the right way:

    public function before() {
        parent::before();   // always first

        // any magic you like most
    }

It will be loaded _only_ on the sign in page!