Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-10-31 16:06:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into develop

Browse Source
This commit is contained in:
slawkens
2025-10-31 06:56:34 +01:00
parent e719725841 26c5aa2e51
commit 19b1cfdd34
215 changed files with 5224 additions and 3088 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/phpstan.yml vendored
View File

@@ -14,7 +14,7 @@ jobs:
strategy:
fail-fast: false
matrix:
php-versions: [ '8.1', '8.2', '8.3' ]
php-versions: [ '8.1', '8.2', '8.3', '8.4' ]
steps:
- name: "Checkout"
uses: "actions/checkout@v4"

2
.gitignore vendored
View File

@@ -4,7 +4,7 @@ Thumbs.db
#
/.htaccess
lua
/lua
# composer
composer.phar

190
CHANGELOG-1.x.md
View File

@@ -1,5 +1,195 @@
# Changelog
## [1.8.4 - 27.10.2025]
### Changed
* Reimport myaac_ tables on every install, this fixes errors when one table is missing or is duplicated (https://github.com/slawkens/myaac/commit/2580edadf84779f09fd395c21f92019b2c762f83)
* Use custom env init on migrate, migrate:run and migrate:to (https://github.com/slawkens/myaac/commit/13ea68cc0c9349380c8e4051d702a6c2c8256f44, https://github.com/slawkens/myaac/commit/07fd034fe4cb0ffdb88667b1e400f414d0c6d06f)
### Fixed
* Show if there is mysql error on import schema (https://github.com/slawkens/myaac/commit/44110a9496b4385e42c31b75de301037e711b6c3)
* Fix the premium checks, introduced in v1.8.3 (https://github.com/slawkens/myaac/commit/9d92a11fb7cb6d7a1619d79c12faaa0b1c01f980)
## [1.8.3 - 21.10.2025]
### Added
* Feature: resend email verify (https://github.com/slawkens/myaac/commit/fe821c58085483e70491dcf76376ad5b96de3fdd)
* New config: hooks_debug (To view where hooks are located in .twig files) (https://github.com/slawkens/myaac/commit/8c3cb0e06f9709c1de3398b48221241e7cbdd310)
* Functions: Add db->getColumnInfo(table, column) (https://github.com/slawkens/myaac/commit/c898fe25efff6793a01d11c26fc153cb23fcb858)
* Plugins: Add option to use ?subtopic=x for plugins pages (https://github.com/slawkens/myaac/commit/97f9d3d6f6c28aef6d824973058d7133f56e09c4)
* getTopPlayers() Function - Add lookmount & promotion (https://github.com/slawkens/myaac/commit/2da0024c68f1cedc38a16ebbc6f52ffa55e65f7a, https://github.com/slawkens/myaac/commit/901df48d134079d648a18f9d82b60182e818ac02)
* New hooks for account/change-password (https://github.com/slawkens/myaac/commit/470555f2687809a0c12491bbb27597e64b8929c1)
### Changed
* Feature: show vip days in account management (https://github.com/slawkens/myaac/commit/c88b08eb1ec1f560cbfdaaa16b24e3a0f26da7b3, by @andreoam)
* Allow links in error_box.html.twig (https://github.com/slawkens/myaac/commit/9acad15451071639acf7a7d4e81619b0a9742b12)
* Canary - Comment code to update lastday in login.php (https://github.com/slawkens/myaac/commit/38902c30d114fdbce259467f5820f97037b393e9)
* Cache::remember $ttl = -1 = infinite (https://github.com/slawkens/myaac/commit/64acf70d3854182d88aaf0b67f77cea2a254f179)
### Fixed
* Online - Allow for html code (example - img) in online_datacenter (https://github.com/slawkens/myaac/commit/3bb272ebbbd2eb7769d174b7082061d14a17bd44)
* Guilds - Fix guild create with freePremium enabled (https://github.com/slawkens/myaac/commit/c91bb5d4097647dca2196d3dea87bc90c89181d2)
* Canary - Fix premDays count (https://github.com/slawkens/myaac/commit/3e61692780d4add93b7b0e9f12f7a283bd8f4b7a)
* Template Change: Ignore set last visit for AJAX pages - Fixes template change redirect (https://github.com/slawkens/myaac/commit/89fae38caa7e4f645957fcf1a9330a36358ac04f)
* Admin Panel - Accounts: Fix lastip v6 (TFS master) (https://github.com/slawkens/myaac/commit/f54b1bdd2af4c16c64ddff0e87a6c96bc4cf9eeb)
* Functions - Prevent injection in $db->hasColumn (https://github.com/slawkens/myaac/commit/56bd7ec5ed904666074492f2e4f13e4fce226bee)
* Compat Config: Add missing config: email_lai_sec_interval (https://github.com/slawkens/myaac/commit/2eae44e0755e624a91be68b4d1ec26d01eb4d9a1)
## [1.8.2 - 26.09.2025]
### Added
* Routes: Possibility to override routes with plugins pages, like characters.php - No need to define routes in plugin.json anymore (https://github.com/slawkens/myaac/commit/3f24f961b1cdeff5c60387e837ae454448bc5e1b)
### Changed
* Style: Better look for myaac-table (https://github.com/slawkens/myaac/commit/a6032093b21e5bb3f0e75d2704da87d6dea6469d, https://github.com/slawkens/myaac/commit/5aa9bbf1c8e580d973ec82ac012489f8e7bc437e)
### Fixed
* Install: Fix when config.local.php cannot be saved (https://github.com/slawkens/myaac/commit/4eab805d26d8c5562b29ed699769919d77dabced)
* Create Account: Fix an exception when email cannot be sent (https://github.com/slawkens/myaac/commit/d0112d1a67e8b854b65ad131f0375b79305df8d3)
* Login Page: Add missing csrf() - fix create account button (https://github.com/slawkens/myaac/commit/3c0cb53e17dd0b85394cfa0fdc9cf9ad8d4551df)
* tibiacom template: Fix account lost menu (https://github.com/slawkens/myaac/commit/ed9beaf2b6ca069e304e569c52e5b9188b58f05c)
* tibiacom template: Fix Menu div wrong tag/closing (#329) (https://github.com/slawkens/myaac/commit/85e7005fd3f0be51466151a3c122b96085fdfe68)
* tibiacom template: Replace firstChild with firstElementChild (Thanks to @un000000) (https://github.com/slawkens/myaac/commit/df7b6e29fb8875da97f431468c81ee99116271d9)
## [1.8.1 - 05.09.2025]
### Added
* New Commands: plugin:enable/disable/uninstall {plugin-name} (https://github.com/slawkens/myaac/commit/7a08f91d3fc0897c1ff76089ef3c649a2c6d2003, https://github.com/slawkens/myaac/commit/fec773ba4b740f35c0a3ef92ca8444a4c7d02082)
* Gifts: Added Transferable Coins to the store dropdown menu in the admin area (by @andreoam, #321) (https://github.com/slawkens/myaac/commit/42671c5c199dd9e91c774d8c9d30da9e12f1b695)
### Changed
* Commands: Allow settings to be changed/reset by plugin name (https://github.com/slawkens/myaac/commit/f8c4332e03e838d285ea0afb4b72b7c23e324d45, https://github.com/slawkens/myaac/commit/4b948e9510f7ba69d00f84d7fdaea8b3bf05b630)
* Templates: Menus should be saved for each template separately (https://github.com/slawkens/myaac/commit/482f4067b2a2e7513d9ba214274a361ffaf123d8)
### Fixed
* Online: Fix skulls display (#320) (https://github.com/slawkens/myaac/commit/98073a110ae13f9592ec9d2c4d1d1aace87587a9)
* Online: Fix if there is no world_id in the server_record table (https://github.com/slawkens/myaac/commit/b6e1620f14c20eecfc9001a7d86dfb67942985c6) (Reported by @gesior in #318)
* tibiacom: some fixes to menus (https://github.com/slawkens/myaac/commit/20f99903ae80c74ad66c1cf5a5ea8d0b0fc2fd70, https://github.com/slawkens/myaac/commit/11dae90fa94fbbf47447017db5e5847c33d6aadf)
* Guilds: Fix for some servers that don't have guild_invites table (https://github.com/slawkens/myaac/commit/9725a3c2bdb7003f5cb48febb77604c31a9b805b)
## [1.8 - 02.08.2025]
### Added
* Templates - Kathrine: Possibility to add custom menu categories (https://github.com/slawkens/myaac/commit/ec11c1402417c25980582467546d1c1e9bb8267f)
* Admin Panel - Accounts Editor: Add Coins Transferable (https://github.com/slawkens/myaac/commit/45d6047031c9c3a0e7e512dc5d15c75629aec5a2, https://github.com/slawkens/myaac/commit/bb097b69ce106500a49686d6f4fe604348eaa310)
* Highscores:
* Revamped: (https://github.com/slawkens/myaac/commit/d8132d4d76e03d5aa0c042be426320655a601392)
* Show real rank, if 2 or more players have the same skill, show them with same rank
* New setting: highscores_online_status
* Additional fields passed to twig: updatedAt, totalResults, page, baseLink
* Add new Setting: Display Skills Box (https://github.com/slawkens/myaac/commit/36ca755243ef1c83f6ac87465b426d4d8d3b0bb9)
* Functions: Add getExperienceForLevel (level) (https://github.com/slawkens/myaac/commit/1566deb84a082176b8c683fda205d828bc38fbcc)
* Commands - cache:clear : Add warning about APCu clear in CLI (https://github.com/slawkens/myaac/commit/83f84172e02e8ea2ccb6dca29bc033e44c35aebc)
* Models - PlayerOnline: Add missing $fillable into model (https://github.com/slawkens/myaac/commit/43415cf35db1c1307f2684c1728693d65065ffff)
* Twig: add cache variable (https://github.com/slawkens/myaac/commit/0efe47ce71c4b364a9e96bc5a55b1655326ae6da)
### Changed
* pages/online: add cache, resulting in 20x performance boost
* (for an example server with 2k players) (https://github.com/slawkens/myaac/commit/c8363086015cbb6e8786c398c7b9ac3959a26ec4)
* Admin Bar: Move admin bar code into body_start place_holder (https://github.com/slawkens/myaac/commit/f17269e44ce9dd38447bd2e2a8e1bdb065d4161f)
* Cache::remember: $ttl = 0 means no cache (https://github.com/slawkens/myaac/commit/3b47e9df2f4051807c5ff87892f7fa3d348f9c55)
* Templates: Load config.ini with $process_sections set to true (https://github.com/slawkens/myaac/commit/a89f9a84847630eb75b4890fdcc8b7a7bfa6b8ac)
* Twig: Allow for timestamp as integer in the timeago twig function
(https://github.com/slawkens/myaac/commit/34fead906ea13b9f09d7a3c41ed88109d34d386c)
### Fixed
* Settings: Fixed two exceptions (https://github.com/slawkens/myaac/commit/6e5a4ff8c78ff5373aba091baa66cae029557643, https://github.com/slawkens/myaac/commit/20d69a641c0a933d14889a89da6d32f6a4bc6c7d)
* Models\Account + OTS_Account -> isPremium -> ignore config.freePremium (https://github.com/slawkens/myaac/commit/5271633bdbfbbfed0b1d59c403093ce6fc2b7d20)
* Admin Panel - Mailer:
* Fix send to email link redirecting from accounts page (https://github.com/slawkens/myaac/commit/080cc2781f034c844af658229e495e9a47fd2298)
* Option to send only to verified accounts - only if setting('core.account_mail_verify') enabled (https://github.com/slawkens/myaac/commit/cf7fd20452e863980045bb5d6012ec86c6e8e01f)
### Internal
* Rewrite to use constants (account transferable coins) (https://github.com/slawkens/myaac/commit/bccf8e056df985bbe1bab5f7ab5492f714d6b62b)
* Refactor to use HAS_ACCOUNT_COINS (https://github.com/slawkens/myaac/commit/caf326a6584a234775ebc6c8000ea02b3fecd160)
## [1.7.1 - 27.06.2025]
### Changed
* Rename plugin:install:install to plugin:setup, also add alias to previous command (https://github.com/slawkens/myaac/commit/13d33822b59df349199e885a78a3d6beb0863d0b)
### Fixed
* Fix commands: setup + cache:clear (https://github.com/slawkens/myaac/commit/0da524fefe93b3028392e9014550eea3324d3a22, https://github.com/slawkens/myaac/commit/fe8281594e989f00280ba1adc734a9198c6b5cc1)
* Fix polls link in tibiacom template (https://github.com/slawkens/myaac/commit/d90fa323d7c77d81768df60feeb1c374b1650a0c)
## [1.7 - 22.06.2025]
### Added
* Feature: plugins versions check (#310)
* New hooks: HOOK_ACCOUNT_MANAGE_AFTER_CHARACTERS, HOOK_GUILDS_AFTER_MANAGE_BUTTON (https://github.com/slawkens/myaac/commit/c074a48f245df55646b6705737f667b6a84149b2, https://github.com/slawkens/myaac/commit/e6100a1b72de8695bba1dae9ba4e28bfdce47b10)
* Add OTS_Toolbox::getVocationName(id, promotion) + OTS_Player->isNameLocked() (https://github.com/slawkens/myaac/commit/e222957893c4a1de0dc8dbba55bce1a43418d275, https://github.com/slawkens/myaac/commit/522f6c11d835afd36fd07a07074d96d7e219b488)
* Add missing csrf in more places, causing white page with error about Request (https://github.com/slawkens/myaac/commit/dca904e61d21d856bf809070e7652803a2df0f58, https://github.com/slawkens/myaac/commit/c720ccc451ff90ef40b2a1595468d061ffd7e1e4)
### Changed
* Revamped online page (https://github.com/slawkens/myaac/commit/9a90e4aae280e607430511c6727d9a714b11f4c5, https://github.com/slawkens/myaac/commit/4767120043b09141870383e249f3729638d53dc2)
* Better $title inventing (https://github.com/slawkens/myaac/commit/0c95bcfd06b68b21512e477646ef7bd3a0d4912b)
### Fixed
* Use apcu cache clear (https://github.com/slawkens/myaac/commit/b329da52aae9d0e21120a6444d3caf442420ce50, https://github.com/slawkens/myaac/commit/566c2a9151ab6392286f74e26853faa19a1b4f24)
* fix: boostedcreatures for 13.40 (by @GooseWithAKnife) (#307)
## [1.6.1 - 11.06.2025]
### Fixed
* Fixed "Request has been cancelled due to security reasons", cause of missing csrf() in twig files (https://github.com/slawkens/myaac/commit/10cd71a6630ffec91b43a26a6d685b66c5836a6a)
* Fix: Ignore duplicated route exception (https://github.com/slawkens/myaac/commit/9d8e9d27bd87167d8d4005942a6af62bfe4c0892)
### Changed
* Move counter & visitors code before router (In case someone wants to include that info on page) (https://github.com/slawkens/myaac/commit/f78285030708ad3c74ab048711f73bbf3ee5281e)
* Set TinyMCE license key to gpl (Avoid warning message in browser console) (https://github.com/slawkens/myaac/commit/8d29fdb98b92dbc3d2853ef88a185c67036b4a77)
### Removed
* Remove deprecated TinyMCE plugin - template (https://github.com/slawkens/myaac/commit/309c1fb715b882e67cb673b1544a03befbf64a22)
## [1.6 - 03.06.2025]
### Added
* Add new setting/configurable: site_url, prevents domain spoofing (https://github.com/slawkens/myaac/commit/d8a6090be382c35c19117cfef964b594ed02b8d4)
* Add new account coins setting (https://github.com/slawkens/myaac/commit/28886551e86fe562172c4c7f2afb89a2e7672c2e)
* autoload: settings/install/init.php (https://github.com/slawkens/myaac/commit/e5749437074c3b3556628a2aeb5bad2edf97bde0, https://github.com/slawkens/myaac/commit/7d213f479a7e40c6254069b5fc4e578dc32bf8d9, https://github.com/slawkens/myaac/commit/207d6bc69120aba1af2b51808f17e0059b571fed)
* Protect against csrf in more places (accounts & guilds & forums pages) (https://github.com/slawkens/myaac/commit/6eda38603c8ed7e99b92a78a4600b1245377f74d, https://github.com/slawkens/myaac/commit/e776bd52beb3064a9e694efd1b9021ec972ee2f6, https://github.com/slawkens/myaac/commit/84d502bf105f2a789481fba1acc820d236b4de66)
* Added two new hooks for pages loaded from database (custom pages): HOOK_BEFORE_PAGE_CUSTOM, HOOK_AFTER_PAGE_CUSTOM (https://github.com/slawkens/myaac/commit/c961a1ebf837f2ab1734a825ff2c57b4937610c9)
* Add global variables into $hooks->executeFilter (https://github.com/slawkens/myaac/commit/8fdea943768b20193eede99d60313ee84511a0be)
* Add getNPCsCount() to OTS_InfoRespond (https://github.com/slawkens/myaac/commit/7d435ff6433ef1fb2295ee79ed043ee10dc725e9)
### Fixed
* Allow [] in character name (https://github.com/slawkens/myaac/commit/de6603a51347b9e656c58637ed9971fffdd7cedd)
* Do not allow access to tools/ folder after install (https://github.com/slawkens/myaac/commit/6e0f5913831f8dba69fd2d1505be3e2a303c6324)
* Fix CHANGELOG-1.x.md loading in admin panel (https://github.com/slawkens/myaac/commit/4a30fb495dbfbe1d434e8d52419eaf44fe517aee)
* Fix links not working in admin dashboard modules (https://github.com/slawkens/myaac/commit/be7b27c31aa3bbd6c0289c34d1e61139a3fe015c)
* Fix twig variables: logged + account_logged being not set directly after login (https://github.com/slawkens/myaac/commit/1e9b10d6489c488cadf7f6ed17b42f1ea6c767a8)
### Changed
* OTS_ServerInfo -> move setTimeout out of class - Possibility to use the class without MyAAC (https://github.com/slawkens/myaac/commit/40d65a6613149fda51bdceb82c807e5301a3388b)
## [1.5 - 14.05.2025]
### Added
* Feature/twig hooks filters (#258)
* Add latest client versions (14.00 - 15.01) (https://github.com/slawkens/myaac/commit/5367df23812c6182863353c9a39fd7fb0b743f4b)
* db variable to twig (https://github.com/slawkens/myaac/commit/5ed1aec28e146b871a75597411d12e42a067f4e6)
* New filter: HOOK_FILTER_ROUTES (https://github.com/slawkens/myaac/commit/9b75011224f385db8b27e109bfeb28e75b9d779c)
* Allow optionally separate folder for views (thanks @Scrollog for idea) (https://github.com/slawkens/myaac/commit/03e275213901a89edb0ebb8974b776a992ab391f)
* Add float & double types to the Settings (https://github.com/slawkens/myaac/commit/67ab425bb9796d9d123296e3fda542fa8f7f05ee)
* Add optional param _page_only for single-page apps etc. (https://github.com/slawkens/myaac/commit/113473f2560aab6d364c301cc14a8b5ba8f309f4)
### Changed
* Change OTS_Account->getPremDays to not return -1 in case of freePremium (https://github.com/slawkens/myaac/commit/3befde2a1e4d24a011311e785f15185db57e19b8)
* Add note about highscores being updated x minutes + allow ttl 0 to disable cache (https://github.com/slawkens/myaac/commit/a161cff00329da6f970f3a70967fe8346fe92bbc)
* Better monster images (no image not found anymore) + use cache (https://github.com/slawkens/myaac/commit/73a5829974ceca3f02d7925d5cfbd5fa50b1bbd2)
* Rename server-info -> ots-info, changelog -> change-log (Due to conflict with apache2 server-info mod) (https://github.com/slawkens/myaac/commit/3949d84e5d7631f332111b6d00278bddbd0ad10a)
* Move rules page to admin panel (https://github.com/slawkens/myaac/commit/3949d84e5d7631f332111b6d00278bddbd0ad10a)
### Fixed
* php 8.4 warnings
* Visitors counter not working properly on dev mode (https://github.com/slawkens/myaac/commit/da151051186c913dd0dd091aabe893649c2b9ee7)
* Fix login.php boosted creature & boss (not sure exact version, but should be 14.12 or around) (https://github.com/slawkens/myaac/commit/c48b8006319f6c3b5f082befd16785420bb98110)
* Fix installMenus when theme/template was removed from disc (https://github.com/slawkens/myaac/commit/c24c580796bccd54bf9e95b864763f4642684d55)
* Fix if user removes the menu category (https://github.com/slawkens/myaac/commit/dbea69f31478391dacfbbc02c8353c39b4245daf)
### Updated:
* Update cypress from version ^13.17.0 to ^14.3.3 (https://github.com/slawkens/myaac/commit/629fd18ea166860d5898a822f44f9277da6ce43d)
## [1.4 - 22.04.2025]
### Added

4
README.md
View File

@@ -80,7 +80,7 @@ Pull requests should be made to the *develop* branch as that is the working bran
Bug fixes to current release should be done to master branch.
Look: [Contributing](https://github.com/otsoft/myaac/wiki/Contributing) in our wiki.
Look: [Contributing](https://docs.my-aac.org/misc/contributing) in our wiki.
### Other Notes
@@ -95,4 +95,4 @@ Many thanks to Jetbrains for kindly providing a license for me to work on this a
### License
This program and all associated files are released under the GNU Public License.
See [LICENSE](https://github.com/slawkens/myaac/blob/master/LICENSE) for details.
See [LICENSE](https://github.com/slawkens/myaac/blob/main/LICENSE) for details.

4
aac
View File

@@ -25,7 +25,9 @@ foreach ($commandsGlob as $item) {
}
$commandPre = '\\MyAAC\Commands\\';
$application->add(new ($commandPre . $name));
if (!trait_exists($class = $commandPre . $name)) {
$application->add(new $class);
}
}
$pluginCommands = Plugins::getCommands();

29
admin/pages/accounts.php
View File

@@ -27,7 +27,6 @@ if (setting('core.account_country'))
$nameOrNumberColumn = getAccountIdentityColumn();
$hasSecretColumn = $db->hasColumn('accounts', 'secret');
$hasCoinsColumn = $db->hasColumn('accounts', 'coins');
$hasPointsColumn = $db->hasColumn('accounts', 'premium_points');
$hasTypeColumn = $db->hasColumn('accounts', 'type');
$hasGroupColumn = $db->hasColumn('accounts', 'group_id');
@@ -138,10 +137,17 @@ else if (isset($_REQUEST['search'])) {
$errors['email'] = Validator::getLastError();
// tibia coins
if ($hasCoinsColumn) {
if (HAS_ACCOUNT_COINS) {
$t_coins = $_POST['t_coins'];
verify_number($t_coins, 'Tibia coins', 12);
}
// transferable tibia coins
if (HAS_ACCOUNT_COINS_TRANSFERABLE || HAS_ACCOUNT_TRANSFERABLE_COINS) {
$t_coins_transferable = $_POST['t_coins_transferable'];
verify_number($t_coins_transferable, 'Transferable Tibia coins', 12);
}
// prem days
$p_days = (int)$_POST['p_days'];
verify_number($p_days, 'Prem days', 11);
@@ -186,12 +192,18 @@ else if (isset($_REQUEST['search'])) {
if ($hasSecretColumn) {
$account->setCustomField('secret', $secret);
}
$account->setCustomField('key', $key);
$account->setEMail($email);
if ($hasCoinsColumn) {
if (HAS_ACCOUNT_COINS) {
$account->setCustomField('coins', $t_coins);
}
if (HAS_ACCOUNT_COINS_TRANSFERABLE || HAS_ACCOUNT_TRANSFERABLE_COINS) {
$account->setCustomField(ACCOUNT_COINS_TRANSFERABLE_COLUMN, $t_coins_transferable);
}
$lastDay = 0;
if($p_days != 0 && $p_days != OTS_Account::GRATIS_PREMIUM_DAYS) {
$lastDay = time();
@@ -224,9 +236,6 @@ else if (isset($_REQUEST['search'])) {
$password = encrypt($password);
$account->setPassword($password);
if (USE_ACCOUNT_SALT)
$account->setCustomField('salt', $salt);
}
$account->save();
@@ -396,12 +405,18 @@ else if (isset($_REQUEST['search'])) {
<label for="email">Email:</label><?php echo (setting('core.mail_enabled') ? ' (<a href="' . ADMIN_URL . '?p=mailer&mail_to=' . $account->getEMail() . '">Send Mail</a>)' : ''); ?>
<input type="text" class="form-control" id="email" name="email" autocomplete="off" value="<?php echo $account->getEMail(); ?>"/>
</div>
<?php if ($hasCoinsColumn): ?>
<?php if (HAS_ACCOUNT_COINS): ?>
<div class="col-12 col-sm-12 col-lg-6">
<label for="t_coins">Tibia Coins:</label>
<input type="text" class="form-control" id="t_coins" name="t_coins" autocomplete="off" maxlength="11" value="<?php echo $account->getCustomField('coins') ?>"/>
</div>
<?php endif; ?>
<?php if (HAS_ACCOUNT_COINS_TRANSFERABLE || HAS_ACCOUNT_TRANSFERABLE_COINS): ?>
<div class="col-12 col-sm-12 col-lg-6">
<label for="t_coins_transferable">Transferable Tibia Coins:</label>
<input type="text" class="form-control" id="t_coins_transferable" name="t_coins_transferable" autocomplete="off" maxlength="11" value="<?php echo $account->getCustomField(ACCOUNT_COINS_TRANSFERABLE_COLUMN) ?>"/>
</div>
<?php endif; ?>
<div class="col-12 col-sm-12 col-lg-6">
<label for="p_days">Premium Days:</label>
<input type="text" class="form-control" id="p_days" name="p_days" autocomplete="off" maxlength="11" value="<?php echo $account->getPremDays(); ?>"/>

4
admin/pages/clmd.php
View File

@@ -11,12 +11,12 @@
defined('MYAAC') or die('Direct access not allowed!');
$title = 'MyAAC Changelog';
if (!file_exists(BASE . 'CHANGELOG.md')) {
if (!file_exists(BASE . 'CHANGELOG-1.x.md')) {
echo 'File CHANGELOG.md doesn\'t exist.';
return;
}
$changelog = file_get_contents(BASE . 'CHANGELOG.md');
$changelog = file_get_contents(BASE . 'CHANGELOG-1.x.md');
$Parsedown = new Parsedown();

18
admin/pages/mailer.php
View File

@@ -25,9 +25,10 @@ if (!setting('core.mail_enabled')) {
return;
}
$mail_to = isset($_POST['mail_to']) ? stripslashes(trim($_POST['mail_to'])) : null;
$mail_to = isset($_REQUEST['mail_to']) ? stripslashes(trim($_REQUEST['mail_to'])) : null;
$mail_subject = isset($_POST['mail_subject']) ? stripslashes($_POST['mail_subject']) : null;
$mail_content = isset($_POST['mail_content']) ? stripslashes($_POST['mail_content']) : null;
$mail_verified_only = $_POST['mail_verified_only'] ?? false;
if (isset($_POST['submit'])) {
if (empty($mail_subject)) {
@@ -58,14 +59,14 @@ if (!empty($mail_content) && !empty($mail_subject) && empty($mail_to)) {
$success = 0;
$failed = 0;
$add = '';
if (setting('core.account_mail_verify')) {
note('Note: Sending only to users with verified E-Mail.');
$add = ' AND `email_verified` = 1';
$query = Account::where('email', '!=', '');
if ($mail_verified_only) {
info('Note: Sending only to users with verified E-Mail.');
$query->where('email_verified', 1);
}
$query = Account::where('email', '!=', '')->get(['email']);
foreach ($query as $email) {
foreach ($query->get(['email']) as $email) {
if (_mail($email->email, $mail_subject, $mail_content)) {
$success++;
}
@@ -84,5 +85,6 @@ if (!empty($mail_content) && !empty($mail_subject) && empty($mail_to)) {
$twig->display('admin.mailer.html.twig', [
'mail_to' => $mail_to,
'mail_subject' => $mail_subject,
'mail_content' => $mail_content
'mail_content' => $mail_content,
'mail_verified_only' => $mail_verified_only,
]);

36
admin/pages/mass_account.php
View File

@@ -6,6 +6,7 @@
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @author Lee
* @author gpedro
* @copyright 2020 MyAAC
* @link https://my-aac.org
*/
@@ -18,11 +19,10 @@ $title = 'Mass Account Actions';
csrfProtect();
$hasCoinsColumn = $db->hasColumn('accounts', 'coins');
$hasPointsColumn = $db->hasColumn('accounts', 'premium_points');
$freePremium = $config['lua']['freePremium'];
$freePremium = getBoolean(configLua('freePremium'));
function admin_give_points($points)
function admin_give_points($points): void
{
global $hasPointsColumn;
@@ -38,11 +38,9 @@ function admin_give_points($points)
displayMessage($points . ' points added to all accounts.', true);
}
function admin_give_coins($coins)
function admin_give_coins($coins): void
{
global $hasCoinsColumn;
if (!$hasCoinsColumn) {
if (!HAS_ACCOUNT_COINS) {
displayMessage('Coins not supported.');
return;
}
@@ -55,7 +53,7 @@ function admin_give_coins($coins)
displayMessage($coins . ' coins added to all accounts.', true);
}
function admin_give_premdays($days)
function admin_give_premdays($days): void
{
global $db, $freePremium;
@@ -66,6 +64,7 @@ function admin_give_premdays($days)
$value = $days * 86400;
$now = time();
// othire
if ($db->hasColumn('accounts', 'premend')) {
// append premend
@@ -73,14 +72,11 @@ function admin_give_premdays($days)
// set premend
if (Account::where('premend', '<=', $now)->update(['premend' => $now + $value])) {
displayMessage($days . ' premium days added to all accounts.', true);
return;
} else {
displayMessage('Failed to execute set query.');
return;
}
} else {
displayMessage('Failed to execute append query.');
return;
}
return;
@@ -95,20 +91,14 @@ function admin_give_premdays($days)
// set lastday
if (Account::where('lastday', '<=', $now)->update(['lastday' => $now + $value])) {
displayMessage($days . ' premium days added to all accounts.', true);
return;
} else {
displayMessage('Failed to execute set query.');
return;
}
return;
} else {
displayMessage('Failed to execute append query.');
return;
}
} else {
displayMessage('Failed to execute set days query.');
return;
}
return;
@@ -121,14 +111,11 @@ function admin_give_premdays($days)
// set premium_ends_at
if (Account::where('premium_ends_at', '<=', $now)->update(['premium_ends_at' => $now + $value])) {
displayMessage($days . ' premium days added to all accounts.', true);
return;
} else {
displayMessage('Failed to execute set query.');
return;
}
} else {
displayMessage('Failed to execute append query.');
return;
}
return;
@@ -167,19 +154,20 @@ if (!empty(ACTION) && isRequestMethod('post')) {
}
else {
$twig->display('admin.tools.account.html.twig', array(
'hasCoinsColumn' => $hasCoinsColumn,
'hasCoinsColumn' => HAS_ACCOUNT_COINS,
'hasPointsColumn' => $hasPointsColumn,
'freePremium' => $freePremium,
));
}
function displayMessage($message, $success = false) {
global $twig, $hasCoinsColumn, $hasPointsColumn, $freePremium;
function displayMessage($message, $success = false): void
{
global $twig, $hasPointsColumn, $freePremium;
$success ? success($message): error($message);
$twig->display('admin.tools.account.html.twig', array(
'hasCoinsColumn' => $hasCoinsColumn,
'hasCoinsColumn' => HAS_ACCOUNT_COINS,
'hasPointsColumn' => $hasPointsColumn,
'freePremium' => $freePremium,
));

2
admin/pages/modules/balance.php
View File

@@ -7,7 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
$balance = 0;
if ($db->hasColumn('players', 'balance')) {
$balance = Player::orderByDesc('balance')->limit(10)->get(['balance', 'id','name', 'level'])->toArray();
$balance = Player::orderByDesc('balance')->limit(10)->get(['id', 'name', 'balance'])->toArray();
}
$twig->display('balance.html.twig', array(

9
admin/pages/modules/coins.php
View File

@@ -6,8 +6,13 @@ defined('MYAAC') or die('Direct access not allowed!');
$coins = 0;
if ($db->hasColumn('accounts', 'coins')) {
$coins = Account::orderByDesc('coins')->limit(10)->get(['coins', (USE_ACCOUNT_NAME ? 'name' : 'id')])->toArray();
if (HAS_ACCOUNT_COINS) {
$whatToGet = ['id', 'coins'];
if (USE_ACCOUNT_NAME) {
$whatToGet[] = 'name';
}
$coins = Account::orderByDesc('coins')->limit(10)->get($whatToGet)->toArray();
}
$twig->display('coins.html.twig', array(

2
admin/pages/modules/lastlogin.php
View File

@@ -7,7 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
$players = 0;
if ($db->hasColumn('players', 'lastlogin')) {
$players = Player::orderByDesc('lastlogin')->limit(10)->get(['name', 'level', 'lastlogin'])->toArray();
$players = Player::orderByDesc('lastlogin')->limit(10)->get(['id', 'name', 'level', 'lastlogin'])->toArray();
}
$twig->display('lastlogin.html.twig', array(

2
admin/pages/modules/templates/balance.html.twig
View File

@@ -19,7 +19,7 @@
{% set i = i + 1 %}
<tr>
<th>{{ i }}</th>
<td><a href="?p=players&search_name={{ result.name }}">{{ result.name }}</a></td>
<td><a href="?p=players&id={{ result.id }}">{{ result.name }}</a></td>
<td>{{ result.balance }}</td>
</tr>
{% endfor %}

2
admin/pages/modules/templates/coins.html.twig
View File

@@ -19,7 +19,7 @@
{% set i = i + 1 %}
<tr>
<th>{{ i }}</th>
<td><a href="?p=accounts&search_name={{ result.name }}">{{ result.name }}</a></td>
<td><a href="?p=accounts&id={{ result.id }}">{{ result.name ?? result.id }}</a></td>
<td>{{ result.coins }}</td>
</tr>
{% endfor %}

2
admin/pages/modules/templates/lastlogin.html.twig
View File

@@ -19,7 +19,7 @@
{% set i = i + 1 %}
<tr>
<th>{{ i }}</th>
<td><a href="?p=players&search_name={{ result.name }}">{{ result.name }}</a></td>
<td><a href="?p=players&id={{ result.id }}">{{ result.name }}</a></td>
<td>{{ result.lastlogin|date("M d Y, H:i:s") }}</td>
</tr>
{% endfor %}

2
admin/pages/modules/templates/points.html.twig
View File

@@ -19,7 +19,7 @@
{% set i = i + 1 %}
<tr>
<th>{{ i }}</th>
<td><a href="?p=accounts&search_name={{ result.name }}">{{ result.name }}</a></td>
<td><a href="?p=accounts&id={{ result.id }}">{{ result.name }}</a></td>
<td>{{ result.premium_points }}</td>
</tr>
{% endfor %}

8
admin/pages/players.php
View File

@@ -669,12 +669,18 @@ else if (isset($_REQUEST['search'])) {
<div class="col-12 col-sm-12 col-lg-6">
<label for="lastip" class="control-label">Last IP:</label>
<input type="text" class="form-control" id="lastip" name="lastip" autocomplete="off" maxlength="10" value="<?php
if (strlen($player->getLastIP()) > 11) {
$lastIPColumnInfo = $db->getColumnInfo('players', 'lastip');
if ($lastIPColumnInfo && is_array($lastIPColumnInfo)) {
if (str_contains($lastIPColumnInfo['type'], 'varbinary')) {
echo inet_ntop($player->getLastIP());
}
else {
echo longToIp($player->getLastIP());
}
}
else {
echo 'Error';
}
?>" readonly/>
</div>
</div>

50
admin/pages/plugins.php
View File

@@ -51,6 +51,56 @@ else {
} else {
error('Error while disabling plugin ' . $disable . ': ' . Plugins::getError());
}
}
else if (isset($_GET['check-updates'])) {
$repoUri = $config['admin_plugins_api_uri'] ?? 'https://plugins.my-aac.org/api/';
success("Fetching latest info from $repoUri..");
$adminPlugins = new \MyAAC\Admin\Plugins();
$adminPlugins->setApiBaseUri($repoUri);
try {
$plugins = $adminPlugins->getLatestVersions();
}
catch (Exception $e) {
error($e->getMessage());
}
if (isset($plugins) && count($plugins) > 0) {
$outdated = [];
foreach (get_plugins(true) as $plugin) {
$string = file_get_contents(BASE . 'plugins/' . $plugin . '.json');
$plugin_info = json_decode($string, true);
if (!$plugin_info) {
continue;
}
$disabled = (str_contains($plugin, 'disabled.'));
$pluginOriginal = ($disabled ? str_replace('disabled.', '', $plugin) : $plugin);
$info = $plugins[$pluginOriginal] ?? false;
if ($info && version_compare($info['version'], $plugin_info['version'], '>')) {
$outdated[] = [
'name' => $pluginOriginal,
'yourVersion' => $plugin_info['version'],
'latestVersion' => $info['version'],
'link' => $info['link'] ?? 'Unknown',
'download_link' => $info['download_link'] ?? 'Unknown',
];
}
}
if (count($outdated) > 0) {
info('Following updates have been found for your plugins:');
$twig->display('admin.plugins.outdated.html.twig', ['plugins' => $outdated]);
}
else {
success('All plugins up to date!');
}
}
} else if (isset($_FILES['plugin']['name'])) {
$file = $_FILES['plugin'];
$filename = $file['name'];

5
admin/pages/visitors.php
View File

@@ -19,8 +19,7 @@ $use_datatable = true;
if (!setting('core.visitors_counter')): ?>
Visitors counter is disabled.<br/>
You can enable it by editing this configurable in <b>config.local.php</b> file:<br/>
<p style="margin-left: 3em;"><b>$config['visitors_counter'] = true;</b></p>
You can enable it in Settings -> General -> Visitors Counter.<br/>
<?php
return;
endif;
@@ -46,7 +45,7 @@ foreach ($tmp as &$visitor) {
if ($dd->isBot()) {
$bot = $dd->getBot();
$message = '(Bot) %s, <a href="%s" target="_blank">%s</a>';
$browser = sprintf($message, $bot['category'], $bot['url'], $bot['name']);
$browser = sprintf($message, $bot['category'] ?? 'Unknown', $bot['url'] ?? '', $bot['name'] ?? 'Unknown name');
}
else {
$osFamily = OperatingSystem::getOsFamily($dd->getOs('name'));

3
admin/tools/phpinfo.php
View File

@@ -1,5 +1,6 @@
<?php
define('MYAAC_ADMIN', true);
const MYAAC_ADMIN = true;
const IGNORE_SET_LAST_VISIT = true;
require '../../common.php';
require SYSTEM . 'functions.php';

1
admin/tools/reload_data.php
View File

@@ -26,6 +26,7 @@
use MyAAC\DataLoader;
const MYAAC_ADMIN = true;
const IGNORE_SET_LAST_VISIT = true;
require '../../common.php';
require SYSTEM . 'functions.php';

2
admin/tools/settings_save.php
View File

@@ -1,9 +1,9 @@
<?php
use MyAAC\Hooks;
use MyAAC\Settings;
const MYAAC_ADMIN = true;
const IGNORE_SET_LAST_VISIT = true;
require '../../common.php';
require SYSTEM . 'functions.php';

3
admin/tools/status.php
View File

@@ -1,5 +1,6 @@
<?php
define('MYAAC_ADMIN', true);
const MYAAC_ADMIN = true;
const IGNORE_SET_LAST_VISIT = true;
require '../../common.php';
require SYSTEM . 'init.php';

3
admin/tools/upload_image.php
View File

@@ -1,5 +1,6 @@
<?php
define('MYAAC_ADMIN', true);
const MYAAC_ADMIN = true;
const IGNORE_SET_LAST_VISIT = true;
require '../../common.php';
require SYSTEM . 'functions.php';

34
common.php
View File

@@ -27,7 +27,7 @@ if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is
const MYAAC = true;
const MYAAC_VERSION = '2.0-dev';
const DATABASE_VERSION = 44;
const DATABASE_VERSION = 47;
const TABLE_PREFIX = 'myaac_';
define('START_TIME', microtime(true));
define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));
@@ -122,36 +122,28 @@ if (!IS_CLI) {
session_start();
}
// basedir
$basedir = '';
$tmp = explode('/', $_SERVER['SCRIPT_NAME']);
$size = count($tmp) - 1;
for($i = 1; $i < $size; $i++)
$basedir .= '/' . $tmp[$i];
if (file_exists(BASE . 'config.local.php')) {
require BASE . 'config.local.php';
}
$basedir = str_replace(['/' . ADMIN_PANEL_FOLDER, '/install', '/tools'], '', $basedir);
define('BASE_DIR', $basedir);
require SYSTEM . 'base.php';
define('BASE_DIR', $baseDir);
if(!IS_CLI) {
if (isset($_SERVER['HTTP_HOST'][0])) {
$baseHost = $_SERVER['HTTP_HOST'];
} else {
if (isset($_SERVER['SERVER_NAME'][0])) {
$baseHost = $_SERVER['SERVER_NAME'];
} else {
$baseHost = $_SERVER['SERVER_ADDR'];
}
}
if (isset($config['site_url'])) {
$hasSlashAtEnd = ($config['site_url'][strlen($config['site_url']) - 1] == '/');
define('SERVER_URL', $config['site_url']);
define('BASE_URL', SERVER_URL . ($hasSlashAtEnd ? '' : '/'));
define('ADMIN_URL', SERVER_URL . ($hasSlashAtEnd ? '' : '/') . ADMIN_PANEL_FOLDER . '/');
}
else {
define('SERVER_URL', 'http' . (isHttps() ? 's' : '') . '://' . $baseHost);
define('BASE_URL', SERVER_URL . BASE_DIR . '/');
define('ADMIN_URL', SERVER_URL . BASE_DIR . '/' . ADMIN_PANEL_FOLDER . '/');
//define('CURRENT_URL', BASE_URL . $_SERVER['REQUEST_URI']);
}
if (file_exists(BASE . 'config.local.php')) {
require BASE . 'config.local.php';
}
/** @var array $config */

3
composer.json
View File

@@ -18,7 +18,8 @@
"symfony/string": "^6.4",
"symfony/var-dumper": "^6.4",
"filp/whoops": "^2.15",
"maximebf/debugbar": "1.*"
"maximebf/debugbar": "1.*",
"guzzlehttp/guzzle": "7.9.3"
},
"require-dev": {
"phpstan/phpstan": "^1.10"

537
composer.lock generated
View File

@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "be4d1489a53a9cd8eec6bcaa7a096f30",
"content-hash": "5317e97a5025ebc2a977214bd3fa964c",
"packages": [
{
"name": "brick/math",
@@ -493,6 +493,331 @@
],
"time": "2024-09-25T12:00:00+00:00"
},
{
"name": "guzzlehttp/guzzle",
"version": "7.9.3",
"source": {
"type": "git",
"url": "https://github.com/guzzle/guzzle.git",
"reference": "7b2f29fe81dc4da0ca0ea7d42107a0845946ea77"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/guzzle/guzzle/zipball/7b2f29fe81dc4da0ca0ea7d42107a0845946ea77",
"reference": "7b2f29fe81dc4da0ca0ea7d42107a0845946ea77",
"shasum": ""
},
"require": {
"ext-json": "*",
"guzzlehttp/promises": "^1.5.3 || ^2.0.3",
"guzzlehttp/psr7": "^2.7.0",
"php": "^7.2.5 || ^8.0",
"psr/http-client": "^1.0",
"symfony/deprecation-contracts": "^2.2 || ^3.0"
},
"provide": {
"psr/http-client-implementation": "1.0"
},
"require-dev": {
"bamarni/composer-bin-plugin": "^1.8.2",
"ext-curl": "*",
"guzzle/client-integration-tests": "3.0.2",
"php-http/message-factory": "^1.1",
"phpunit/phpunit": "^8.5.39 || ^9.6.20",
"psr/log": "^1.1 || ^2.0 || ^3.0"
},
"suggest": {
"ext-curl": "Required for CURL handler support",
"ext-intl": "Required for Internationalized Domain Name (IDN) support",
"psr/log": "Required for using the Log middleware"
},
"type": "library",
"extra": {
"bamarni-bin": {
"bin-links": true,
"forward-command": false
}
},
"autoload": {
"files": [
"src/functions_include.php"
],
"psr-4": {
"GuzzleHttp\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Graham Campbell",
"email": "hello@gjcampbell.co.uk",
"homepage": "https://github.com/GrahamCampbell"
},
{
"name": "Michael Dowling",
"email": "mtdowling@gmail.com",
"homepage": "https://github.com/mtdowling"
},
{
"name": "Jeremy Lindblom",
"email": "jeremeamia@gmail.com",
"homepage": "https://github.com/jeremeamia"
},
{
"name": "George Mponos",
"email": "gmponos@gmail.com",
"homepage": "https://github.com/gmponos"
},
{
"name": "Tobias Nyholm",
"email": "tobias.nyholm@gmail.com",
"homepage": "https://github.com/Nyholm"
},
{
"name": "Márk Sági-Kazár",
"email": "mark.sagikazar@gmail.com",
"homepage": "https://github.com/sagikazarmark"
},
{
"name": "Tobias Schultze",
"email": "webmaster@tubo-world.de",
"homepage": "https://github.com/Tobion"
}
],
"description": "Guzzle is a PHP HTTP client library",
"keywords": [
"client",
"curl",
"framework",
"http",
"http client",
"psr-18",
"psr-7",
"rest",
"web service"
],
"support": {
"issues": "https://github.com/guzzle/guzzle/issues",
"source": "https://github.com/guzzle/guzzle/tree/7.9.3"
},
"funding": [
{
"url": "https://github.com/GrahamCampbell",
"type": "github"
},
{
"url": "https://github.com/Nyholm",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/guzzlehttp/guzzle",
"type": "tidelift"
}
],
"time": "2025-03-27T13:37:11+00:00"
},
{
"name": "guzzlehttp/promises",
"version": "2.2.0",
"source": {
"type": "git",
"url": "https://github.com/guzzle/promises.git",
"reference": "7c69f28996b0a6920945dd20b3857e499d9ca96c"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/guzzle/promises/zipball/7c69f28996b0a6920945dd20b3857e499d9ca96c",
"reference": "7c69f28996b0a6920945dd20b3857e499d9ca96c",
"shasum": ""
},
"require": {
"php": "^7.2.5 || ^8.0"
},
"require-dev": {
"bamarni/composer-bin-plugin": "^1.8.2",
"phpunit/phpunit": "^8.5.39 || ^9.6.20"
},
"type": "library",
"extra": {
"bamarni-bin": {
"bin-links": true,
"forward-command": false
}
},
"autoload": {
"psr-4": {
"GuzzleHttp\\Promise\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Graham Campbell",
"email": "hello@gjcampbell.co.uk",
"homepage": "https://github.com/GrahamCampbell"
},
{
"name": "Michael Dowling",
"email": "mtdowling@gmail.com",
"homepage": "https://github.com/mtdowling"
},
{
"name": "Tobias Nyholm",
"email": "tobias.nyholm@gmail.com",
"homepage": "https://github.com/Nyholm"
},
{
"name": "Tobias Schultze",
"email": "webmaster@tubo-world.de",
"homepage": "https://github.com/Tobion"
}
],
"description": "Guzzle promises library",
"keywords": [
"promise"
],
"support": {
"issues": "https://github.com/guzzle/promises/issues",
"source": "https://github.com/guzzle/promises/tree/2.2.0"
},
"funding": [
{
"url": "https://github.com/GrahamCampbell",
"type": "github"
},
{
"url": "https://github.com/Nyholm",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/guzzlehttp/promises",
"type": "tidelift"
}
],
"time": "2025-03-27T13:27:01+00:00"
},
{
"name": "guzzlehttp/psr7",
"version": "2.7.1",
"source": {
"type": "git",
"url": "https://github.com/guzzle/psr7.git",
"reference": "c2270caaabe631b3b44c85f99e5a04bbb8060d16"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/guzzle/psr7/zipball/c2270caaabe631b3b44c85f99e5a04bbb8060d16",
"reference": "c2270caaabe631b3b44c85f99e5a04bbb8060d16",
"shasum": ""
},
"require": {
"php": "^7.2.5 || ^8.0",
"psr/http-factory": "^1.0",
"psr/http-message": "^1.1 || ^2.0",
"ralouphie/getallheaders": "^3.0"
},
"provide": {
"psr/http-factory-implementation": "1.0",
"psr/http-message-implementation": "1.0"
},
"require-dev": {
"bamarni/composer-bin-plugin": "^1.8.2",
"http-interop/http-factory-tests": "0.9.0",
"phpunit/phpunit": "^8.5.39 || ^9.6.20"
},
"suggest": {
"laminas/laminas-httphandlerrunner": "Emit PSR-7 responses"
},
"type": "library",
"extra": {
"bamarni-bin": {
"bin-links": true,
"forward-command": false
}
},
"autoload": {
"psr-4": {
"GuzzleHttp\\Psr7\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Graham Campbell",
"email": "hello@gjcampbell.co.uk",
"homepage": "https://github.com/GrahamCampbell"
},
{
"name": "Michael Dowling",
"email": "mtdowling@gmail.com",
"homepage": "https://github.com/mtdowling"
},
{
"name": "George Mponos",
"email": "gmponos@gmail.com",
"homepage": "https://github.com/gmponos"
},
{
"name": "Tobias Nyholm",
"email": "tobias.nyholm@gmail.com",
"homepage": "https://github.com/Nyholm"
},
{
"name": "Márk Sági-Kazár",
"email": "mark.sagikazar@gmail.com",
"homepage": "https://github.com/sagikazarmark"
},
{
"name": "Tobias Schultze",
"email": "webmaster@tubo-world.de",
"homepage": "https://github.com/Tobion"
},
{
"name": "Márk Sági-Kazár",
"email": "mark.sagikazar@gmail.com",
"homepage": "https://sagikazarmark.hu"
}
],
"description": "PSR-7 message implementation that also provides common utility methods",
"keywords": [
"http",
"message",
"psr-7",
"request",
"response",
"stream",
"uri",
"url"
],
"support": {
"issues": "https://github.com/guzzle/psr7/issues",
"source": "https://github.com/guzzle/psr7/tree/2.7.1"
},
"funding": [
{
"url": "https://github.com/GrahamCampbell",
"type": "github"
},
{
"url": "https://github.com/Nyholm",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/guzzlehttp/psr7",
"type": "tidelift"
}
],
"time": "2025-03-27T12:30:47+00:00"
},
{
"name": "illuminate/collections",
"version": "v10.48.25",
@@ -1472,6 +1797,166 @@
},
"time": "2021-11-05T16:47:00+00:00"
},
{
"name": "psr/http-client",
"version": "1.0.3",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-client.git",
"reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-client/zipball/bb5906edc1c324c9a05aa0873d40117941e5fa90",
"reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90",
"shasum": ""
},
"require": {
"php": "^7.0 || ^8.0",
"psr/http-message": "^1.0 || ^2.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.0.x-dev"
}
},
"autoload": {
"psr-4": {
"Psr\\Http\\Client\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "PHP-FIG",
"homepage": "https://www.php-fig.org/"
}
],
"description": "Common interface for HTTP clients",
"homepage": "https://github.com/php-fig/http-client",
"keywords": [
"http",
"http-client",
"psr",
"psr-18"
],
"support": {
"source": "https://github.com/php-fig/http-client"
},
"time": "2023-09-23T14:17:50+00:00"
},
{
"name": "psr/http-factory",
"version": "1.1.0",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-factory.git",
"reference": "2b4765fddfe3b508ac62f829e852b1501d3f6e8a"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-factory/zipball/2b4765fddfe3b508ac62f829e852b1501d3f6e8a",
"reference": "2b4765fddfe3b508ac62f829e852b1501d3f6e8a",
"shasum": ""
},
"require": {
"php": ">=7.1",
"psr/http-message": "^1.0 || ^2.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.0.x-dev"
}
},
"autoload": {
"psr-4": {
"Psr\\Http\\Message\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "PHP-FIG",
"homepage": "https://www.php-fig.org/"
}
],
"description": "PSR-17: Common interfaces for PSR-7 HTTP message factories",
"keywords": [
"factory",
"http",
"message",
"psr",
"psr-17",
"psr-7",
"request",
"response"
],
"support": {
"source": "https://github.com/php-fig/http-factory"
},
"time": "2024-04-15T12:06:14+00:00"
},
{
"name": "psr/http-message",
"version": "2.0",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-message.git",
"reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-message/zipball/402d35bcb92c70c026d1a6a9883f06b2ead23d71",
"reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71",
"shasum": ""
},
"require": {
"php": "^7.2 || ^8.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "2.0.x-dev"
}
},
"autoload": {
"psr-4": {
"Psr\\Http\\Message\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "PHP-FIG",
"homepage": "https://www.php-fig.org/"
}
],
"description": "Common interface for HTTP messages",
"homepage": "https://github.com/php-fig/http-message",
"keywords": [
"http",
"http-message",
"psr",
"psr-7",
"request",
"response"
],
"support": {
"source": "https://github.com/php-fig/http-message/tree/2.0"
},
"time": "2023-04-04T09:54:51+00:00"
},
{
"name": "psr/log",
"version": "3.0.2",
@@ -1573,6 +2058,50 @@
},
"time": "2021-10-29T13:26:27+00:00"
},
{
"name": "ralouphie/getallheaders",
"version": "3.0.3",
"source": {
"type": "git",
"url": "https://github.com/ralouphie/getallheaders.git",
"reference": "120b605dfeb996808c31b6477290a714d356e822"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/ralouphie/getallheaders/zipball/120b605dfeb996808c31b6477290a714d356e822",
"reference": "120b605dfeb996808c31b6477290a714d356e822",
"shasum": ""
},
"require": {
"php": ">=5.6"
},
"require-dev": {
"php-coveralls/php-coveralls": "^2.1",
"phpunit/phpunit": "^5 || ^6.5"
},
"type": "library",
"autoload": {
"files": [
"src/getallheaders.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Ralph Khattar",
"email": "ralph.khattar@gmail.com"
}
],
"description": "A polyfill for getallheaders.",
"support": {
"issues": "https://github.com/ralouphie/getallheaders/issues",
"source": "https://github.com/ralouphie/getallheaders/tree/develop"
},
"time": "2019-03-08T08:55:37+00:00"
},
{
"name": "symfony/console",
"version": "v6.4.17",
@@ -2910,7 +3439,7 @@
],
"aliases": [],
"minimum-stability": "stable",
"stability-flags": [],
"stability-flags": {},
"prefer-stable": false,
"prefer-lowest": false,
"platform": {
@@ -2921,6 +3450,6 @@
"ext-xml": "*",
"ext-dom": "*"
},
"platform-dev": [],
"plugin-api-version": "2.3.0"
"platform-dev": {},
"plugin-api-version": "2.6.0"
}

4
cypress/e2e/3-check-public-pages.cy.js
View File

@@ -17,7 +17,7 @@ describe('Check Public Pages', () => {
it('Go to changelog page', () => {
cy.visit({
url: Cypress.env('URL') + '/changelog',
url: Cypress.env('URL') + '/change-log',
method: 'GET',
})
})
@@ -132,7 +132,7 @@ describe('Check Public Pages', () => {
it('Go to server info page', () => {
cy.visit({
url: Cypress.env('URL') + '/server-info',
url: Cypress.env('URL') + '/ots-info',
method: 'GET',
})
})

BIN
images/order_asc.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 56 B

BIN
images/order_desc.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 56 B

25
index.php
View File

@@ -93,6 +93,7 @@ if(setting('core.backward_support')) {
if($logged && $account_logged)
$group_id_of_acc_logged = $account_logged->getGroupId();
$config['serverPath'] = $config['server_path'];
$config['site'] = &$config;
$config['server'] = &$config['lua'];
$config['site']['shop_system'] = setting('core.gifts_system');
@@ -117,6 +118,14 @@ if(setting('core.backward_support')) {
$config['status']['serverStatus_' . $key] = $value;
}
if(setting('core.views_counter')) {
require_once SYSTEM . 'counter.php';
}
if(setting('core.visitors_counter')) {
$visitors = new Visitors(setting('core.visitors_counter_ttl'));
}
require_once SYSTEM . 'router.php';
// anonymous usage statistics
@@ -153,22 +162,6 @@ if(setting('core.anonymous_usage_statistics')) {
}
}
if(setting('core.views_counter'))
require_once SYSTEM . 'counter.php';
if(setting('core.visitors_counter')) {
$visitors = new Visitors(setting('core.visitors_counter_ttl'));
}
/**
* @var OTS_Account $account_logged
*/
if ($logged && admin()) {
$content .= $twig->render('admin-bar.html.twig', [
'username' => USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()
]);
}
$title_full = (isset($title) ? $title . ' - ' : '') . $config['lua']['serverName'];
require $template_path . '/' . $template_index;

69
install/includes/import_base_data.php Normal file
View File

@@ -0,0 +1,69 @@
<?php
defined('MYAAC') or die('Direct access not allowed!');
use MyAAC\Models\Changelog;
use MyAAC\Models\Config;
use MyAAC\Models\ForumBoard;
use MyAAC\Models\Gallery;
use MyAAC\Models\NewsCategory;
if (Changelog::count() === 0) {
Changelog::create([
'type' => 3,
'where' => 2,
'date' => time(),
'body' => 'MyAAC installed. (:',
'hide' => 0,
]);
}
if (Config::where('name', 'database_version')->count() === 0) {
Config::create([
'name' => 'database_version',
'value' => DATABASE_VERSION,
]);
}
if (ForumBoard::count() === 0) {
$forumBoards = [
['name' => 'News', 'description' => 'News commenting', 'closed' => 1],
['name' => 'Trade', 'description' => 'Trade offers.', 'closed' => 0],
['name' => 'Quests', 'description' => 'Quest making.', 'closed' => 0],
['name' => 'Pictures', 'description' => 'Your pictures.', 'closed' => 0],
['name' => 'Bug Report', 'description' => 'Report bugs there.', 'closed' => 0],
];
$i = 0;
foreach ($forumBoards as $forumBoard) {
ForumBoard::create([
'name' => $forumBoard['name'],
'description' => $forumBoard['description'],
'ordering' => $i++,
'closed' => $forumBoard['closed'],
]);
}
}
if (NewsCategory::count() === 0) {
$newsCategoriesIcons = [
0, 1, 2, 3, 4
];
foreach ($newsCategoriesIcons as $iconId) {
NewsCategory::create([
'icon_id' => $iconId,
]);
}
}
if (Gallery::count() === 0) {
Gallery::create([
'comment' => 'Demon',
'image' => 'images/gallery/demon.jpg',
'thumb' => 'images/gallery/demon_thumb.gif',
'author' => 'MyAAC',
'ordering' => 0,
]);
}
success($locale['step_database_success_import_data']);

64
install/includes/schema.sql
View File

@@ -1,6 +1,4 @@
SET @myaac_database_version = 43;
CREATE TABLE `myaac_account_actions`
CREATE TABLE IF NOT EXISTS `myaac_account_actions`
(
`id` int NOT NULL AUTO_INCREMENT,
`account_id` int NOT NULL,
@@ -10,7 +8,16 @@ CREATE TABLE `myaac_account_actions`
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_admin_menu`
CREATE TABLE IF NOT EXISTS `myaac_account_emails_verify`
(
`id` int NOT NULL AUTO_INCREMENT,
`account_id` int NOT NULL,
`hash` varchar(32) NOT NULL,
`sent_at` int NOT NULL DEFAULT 0,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE IF NOT EXISTS `myaac_admin_menu`
(
`id` int NOT NULL AUTO_INCREMENT,
`name` varchar(255) NOT NULL DEFAULT '',
@@ -21,7 +28,7 @@ CREATE TABLE `myaac_admin_menu`
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_changelog`
CREATE TABLE IF NOT EXISTS `myaac_changelog`
(
`id` int NOT NULL AUTO_INCREMENT,
`body` varchar(500) NOT NULL DEFAULT '',
@@ -33,9 +40,7 @@ CREATE TABLE `myaac_changelog`
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
INSERT INTO `myaac_changelog` (`id`, `type`, `where`, `date`, `body`, `hide`) VALUES (1, 3, 2, UNIX_TIMESTAMP(), 'MyAAC installed. (:', 0);
CREATE TABLE `myaac_config`
CREATE TABLE IF NOT EXISTS `myaac_config`
(
`id` int NOT NULL AUTO_INCREMENT,
`name` varchar(30) NOT NULL,
@@ -44,9 +49,7 @@ CREATE TABLE `myaac_config`
UNIQUE (`name`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
INSERT INTO `myaac_config` (`name`, `value`) VALUES ('database_version', @myaac_database_version);
CREATE TABLE `myaac_faq`
CREATE TABLE IF NOT EXISTS `myaac_faq`
(
`id` int NOT NULL AUTO_INCREMENT,
`question` varchar(255) NOT NULL DEFAULT '',
@@ -56,7 +59,7 @@ CREATE TABLE `myaac_faq`
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_forum_boards`
CREATE TABLE IF NOT EXISTS `myaac_forum_boards`
(
`id` int NOT NULL AUTO_INCREMENT,
`name` varchar(32) NOT NULL,
@@ -68,13 +71,8 @@ CREATE TABLE `myaac_forum_boards`
`hide` tinyint NOT NULL DEFAULT 0,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`, `closed`) VALUES (NULL, 'News', 'News commenting', 0, 1);
INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Trade', 'Trade offers.', 1);
INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Quests', 'Quest making.', 2);
INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Pictures', 'Your pictures.', 3);
INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Bug Report', 'Report bugs there.', 4);
CREATE TABLE `myaac_forum`
CREATE TABLE IF NOT EXISTS `myaac_forum`
(
`id` int NOT NULL AUTO_INCREMENT,
`first_post` int NOT NULL DEFAULT 0,
@@ -98,7 +96,7 @@ CREATE TABLE `myaac_forum`
KEY `section` (`section`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_menu`
CREATE TABLE IF NOT EXISTS `myaac_menu`
(
`id` int NOT NULL AUTO_INCREMENT,
`template` varchar(255) NOT NULL,
@@ -112,7 +110,7 @@ CREATE TABLE `myaac_menu`
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_monsters` (
CREATE TABLE IF NOT EXISTS `myaac_monsters` (
`id` int NOT NULL AUTO_INCREMENT,
`hide` tinyint NOT NULL DEFAULT 0,
`name` varchar(255) NOT NULL,
@@ -145,7 +143,7 @@ CREATE TABLE `myaac_monsters` (
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_news`
CREATE TABLE IF NOT EXISTS `myaac_news`
(
`id` int NOT NULL AUTO_INCREMENT,
`title` varchar(100) NOT NULL,
@@ -163,7 +161,7 @@ CREATE TABLE `myaac_news`
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_news_categories`
CREATE TABLE IF NOT EXISTS `myaac_news_categories`
(
`id` int NOT NULL AUTO_INCREMENT,
`name` varchar(50) NOT NULL DEFAULT "",
@@ -173,13 +171,7 @@ CREATE TABLE `myaac_news_categories`
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 0);
INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 1);
INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 2);
INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 3);
INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 4);
CREATE TABLE `myaac_notepad`
CREATE TABLE IF NOT EXISTS `myaac_notepad`
(
`id` int NOT NULL AUTO_INCREMENT,
`account_id` int NOT NULL,
@@ -189,7 +181,7 @@ CREATE TABLE `myaac_notepad`
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_pages`
CREATE TABLE IF NOT EXISTS `myaac_pages`
(
`id` INT NOT NULL AUTO_INCREMENT,
`name` varchar(30) NOT NULL,
@@ -205,7 +197,7 @@ CREATE TABLE `myaac_pages`
UNIQUE (`name`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_gallery`
CREATE TABLE IF NOT EXISTS `myaac_gallery`
(
`id` int NOT NULL AUTO_INCREMENT,
`comment` varchar(255) NOT NULL DEFAULT '',
@@ -217,9 +209,7 @@ CREATE TABLE `myaac_gallery`
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
INSERT INTO `myaac_gallery` (`id`, `ordering`, `comment`, `image`, `thumb`, `author`) VALUES (NULL, 1, 'Demon', 'images/gallery/demon.jpg', 'images/gallery/demon_thumb.gif', 'MyAAC');
CREATE TABLE `myaac_settings`
CREATE TABLE IF NOT EXISTS `myaac_settings`
(
`id` int NOT NULL AUTO_INCREMENT,
`name` varchar(255) NOT NULL DEFAULT '',
@@ -229,7 +219,7 @@ CREATE TABLE `myaac_settings`
KEY `key` (`key`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_spells`
CREATE TABLE IF NOT EXISTS `myaac_spells`
(
`id` int NOT NULL AUTO_INCREMENT,
`spell` varchar(255) NOT NULL DEFAULT '',
@@ -252,7 +242,7 @@ CREATE TABLE `myaac_spells`
UNIQUE (`name`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_visitors`
CREATE TABLE IF NOT EXISTS `myaac_visitors`
(
`ip` varchar(45) NOT NULL,
`lastvisit` int NOT NULL DEFAULT 0,
@@ -261,7 +251,7 @@ CREATE TABLE `myaac_visitors`
UNIQUE (`ip`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_weapons`
CREATE TABLE IF NOT EXISTS `myaac_weapons`
(
`id` int NOT NULL,
`level` int NOT NULL DEFAULT 0,

8
install/steps/4-config.php
View File

@@ -10,6 +10,14 @@ foreach($config['clients'] as $client) {
$clients[$client] = $client_version;
}
if (empty($_SESSION['var_site_url'])) {
//require SYSTEM . 'base.php';
$serverUrl = 'http' . (isHttps() ? 's' : '') . '://' . $baseHost;
$siteURL = $serverUrl . $baseDir;
$_SESSION['var_site_url'] = $siteURL;
}
$twig->display('install.config.html.twig', array(
'clients' => $clients,
'timezones' => DateTimeZone::listIdentifiers(),

7
install/steps/5-database.php
View File

@@ -42,10 +42,9 @@ if(!$error) {
$configToSave['cache_prefix'] = 'myaac_' . generateRandomString(8, true, false, true);
$configToSave['database_auto_migrate'] = true;
if(!$error) {
$content = '';
$saved = Settings::saveConfig($configToSave, BASE . 'config.local.php', $content);
if ($saved) {
if ($saved || file_exists(BASE . 'config.local.php')) {
success($locale['step_database_config_saved']);
$_SESSION['saved'] = true;
@@ -74,15 +73,15 @@ if(!$error) {
}
}
} else {
$error = true;
$_SESSION['config_content'] = $content;
unset($_SESSION['saved']);
$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.php</b>', $locale['step_database_error_file']);
$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.local.php</b>', $locale['step_database_error_file']);
error($locale['step_database_error_file'] . '<br/>
<textarea cols="70" rows="10">' . $content . '</textarea>');
}
}
}
?>
<div class="text-center m-3">

9
install/steps/7-finish.php
View File

@@ -195,13 +195,4 @@ if(!isset($_SESSION['installed'])) {
$_SESSION['installed'] = true;
}
foreach($_SESSION as $key => $value) {
if(strpos($key, 'var_') !== false)
unset($_SESSION[$key]);
}
unset($_SESSION['saved']);
if(file_exists(CACHE . 'install.txt')) {
unlink(CACHE . 'install.txt');
}
$hooks->trigger(HOOK_INSTALL_FINISH_END);

24
install/tools/5-database.php
View File

@@ -7,6 +7,11 @@ require SYSTEM . 'functions.php';
require BASE . 'install/includes/functions.php';
require BASE . 'install/includes/locale.php';
if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
warning($locale['already_installed']);
return;
}
$error = false;
require BASE . 'install/includes/config.php';
@@ -25,17 +30,12 @@ if(!$error) {
}
}
if($db->hasTable(TABLE_PREFIX . 'account_actions')) {
$locale['step_database_error_table_exist'] = str_replace('$TABLE$', TABLE_PREFIX . 'account_actions', $locale['step_database_error_table_exist']);
warning($locale['step_database_error_table_exist']);
}
else {
// import schema
try {
$locale['step_database_importing'] = str_replace('$DATABASE_NAME$', config('database_name'), $locale['step_database_importing']);
success($locale['step_database_importing']);
$db->query(file_get_contents(BASE . 'install/includes/schema.sql'));
$db->exec(file_get_contents(BASE . 'install/includes/schema.sql'));
$locale['step_database_success_schema'] = str_replace('$PREFIX$', TABLE_PREFIX, $locale['step_database_success_schema']);
success($locale['step_database_success_schema']);
@@ -44,7 +44,8 @@ else {
error($locale['step_database_error_schema'] . ' ' . $error_);
return;
}
}
require BASE . 'install/includes/import_base_data.php';
if(!$db->hasColumn('accounts', 'email')) {
if(query("ALTER TABLE `accounts` ADD `email` varchar(255) NOT NULL DEFAULT '';"))
@@ -97,18 +98,13 @@ if(!$db->hasColumn('accounts', 'web_flags')) {
success($locale['step_database_adding_field'] . ' accounts.web_flags...');
}
if(!$db->hasColumn('accounts', 'email_hash')) {
if(query("ALTER TABLE `accounts` ADD `email_hash` VARCHAR(32) NOT NULL DEFAULT '' AFTER `web_flags`;"))
success($locale['step_database_adding_field'] . ' accounts.email_hash...');
}
if(!$db->hasColumn('accounts', 'email_verified')) {
if(query("ALTER TABLE `accounts` ADD `email_verified` TINYINT(1) NOT NULL DEFAULT 0 AFTER `email_hash`;"))
if(query("ALTER TABLE `accounts` ADD `email_verified` TINYINT(1) NOT NULL DEFAULT 0 AFTER `web_flags`;"))
success($locale['step_database_adding_field'] . ' accounts.email_verified...');
}
if(!$db->hasColumn('accounts', 'email_new')) {
if(query("ALTER TABLE `accounts` ADD `email_new` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_hash`;"))
if(query("ALTER TABLE `accounts` ADD `email_new` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_verified`;"))
success($locale['step_database_adding_field'] . ' accounts.email_new...');
}

19
install/tools/7-finish.php
View File

@@ -17,11 +17,11 @@ ini_set('max_execution_time', 300);
ob_implicit_flush();
header('X-Accel-Buffering: no');
/*
if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
warning($locale['already_installed']);
return;
}*/
}
require SYSTEM . 'init.php';
@@ -79,6 +79,10 @@ $up();
require_once SYSTEM . 'migrations/31.php';
$up();
// rules page
require_once SYSTEM . 'migrations/45.php';
$up();
if(ModelsFAQ::count() == 0) {
ModelsFAQ::create([
'question' => 'What is this?',
@@ -90,6 +94,17 @@ $hooks->trigger(HOOK_INSTALL_FINISH);
$db->setClearCacheAfter(true);
// cleanup
foreach($_SESSION as $key => $value) {
if(str_contains($key, 'var_')) {
unset($_SESSION[$key]);
}
}
unset($_SESSION['saved']);
if(file_exists(CACHE . 'install.txt')) {
unlink(CACHE . 'install.txt');
}
$locale['step_finish_desc'] = str_replace('$ADMIN_PANEL$', generateLink(str_replace('tools/', '',ADMIN_URL), $locale['step_finish_admin_panel'], true), $locale['step_finish_desc']);
$locale['step_finish_desc'] = str_replace('$HOMEPAGE$', generateLink(str_replace('tools/', '', BASE_URL), $locale['step_finish_homepage'], true), $locale['step_finish_desc']);
$locale['step_finish_desc'] = str_replace('$LINK$', generateLink('https://my-aac.org', 'https://my-aac.org', true), $locale['step_finish_desc']);

18
login.php
View File

@@ -86,12 +86,25 @@ switch ($action) {
die(json_encode(['eventlist' => $eventlist, 'lastupdatetimestamp' => time()]));
case 'boostedcreature':
$clientVersion = (int)setting('core.client');
// 13.40 and up
if ($clientVersion >= 1340) {
$creatureBoost = $db->query("SELECT * FROM " . $db->tableName('boosted_creature'))->fetchAll();
$bossBoost = $db->query("SELECT * FROM " . $db->tableName('boosted_boss'))->fetchAll();
die(json_encode([
'boostedcreature' => true,
'creatureraceid' => intval($creatureBoost[0]['raceid']),
'bossraceid' => intval($bossBoost[0]['raceid'])
]));
}
// lower clients
$boostedCreature = BoostedCreature::first();
die(json_encode([
'boostedcreature' => true,
'raceid' => $boostedCreature->raceid
]));
break;
case 'login':
@@ -207,6 +220,8 @@ switch ($action) {
}
}
/*
* not needed anymore?
if (fieldExist('premdays', 'accounts') && fieldExist('lastday', 'accounts')) {
$save = false;
$timeNow = time();
@@ -243,6 +258,7 @@ switch ($action) {
$account->save();
}
}
*/
$worlds = [$world];
$playdata = compact('worlds', 'characters');

176
package-lock.json generated
View File

@@ -14,24 +14,13 @@
"tinymce": "^7.2.0"
},
"devDependencies": {
"cypress": "^13.17.0"
}
},
"node_modules/@colors/colors": {
"version": "1.5.0",
"resolved": "https://registry.npmjs.org/@colors/colors/-/colors-1.5.0.tgz",
"integrity": "sha512-ooWCrlZP11i8GImSjTHYHLkvFDP48nS4+204nGb1RiX/WXYHmJA2III9/e2DWVabCESdW7hBAEzHRqUn9OUVvQ==",
"dev": true,
"license": "MIT",
"optional": true,
"engines": {
"node": ">=0.1.90"
"cypress": "^14.3.3"
}
},
"node_modules/@cypress/request": {
"version": "3.0.7",
"resolved": "https://registry.npmjs.org/@cypress/request/-/request-3.0.7.tgz",
"integrity": "sha512-LzxlLEMbBOPYB85uXrDqvD4MgcenjRBLIns3zyhx7vTPj/0u2eQhzXvPiGcaJrV38Q9dbkExWp6cOHPJ+EtFYg==",
"version": "3.0.8",
"resolved": "https://registry.npmjs.org/@cypress/request/-/request-3.0.8.tgz",
"integrity": "sha512-h0NFgh1mJmm1nr4jCwkGHwKneVYKghUyWe6TMNrk0B9zsjAJxpg8C4/+BAcmLgCPa1vj1V8rNUaILl+zYRUWBQ==",
"dev": true,
"license": "Apache-2.0",
"dependencies": {
@@ -48,7 +37,7 @@
"json-stringify-safe": "~5.0.1",
"mime-types": "~2.1.19",
"performance-now": "^2.1.0",
"qs": "6.13.1",
"qs": "6.14.0",
"safe-buffer": "^5.1.2",
"tough-cookie": "^5.0.0",
"tunnel-agent": "^0.6.0",
@@ -387,9 +376,9 @@
}
},
"node_modules/call-bind-apply-helpers": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.1.tgz",
"integrity": "sha512-BhYE+WDaywFg2TBWYNXAE+8B1ATnThNBqXHP5nQu0jWJdVvY2hvkpyB3qOmtmDePiS5/BDQ8wASEWGMWRG148g==",
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz",
"integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -401,14 +390,14 @@
}
},
"node_modules/call-bound": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.3.tgz",
"integrity": "sha512-YTd+6wGlNlPxSuri7Y6X8tY2dmm12UMH66RpKMhiX6rsk5wXXnYgbUcOt8kiS31/AjfoTOvCsE+w8nZQLQnzHA==",
"version": "1.0.4",
"resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.4.tgz",
"integrity": "sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==",
"dev": true,
"license": "MIT",
"dependencies": {
"call-bind-apply-helpers": "^1.0.1",
"get-intrinsic": "^1.2.6"
"call-bind-apply-helpers": "^1.0.2",
"get-intrinsic": "^1.3.0"
},
"engines": {
"node": ">= 0.4"
@@ -504,9 +493,9 @@
}
},
"node_modules/cli-table3": {
"version": "0.6.5",
"resolved": "https://registry.npmjs.org/cli-table3/-/cli-table3-0.6.5.tgz",
"integrity": "sha512-+W/5efTR7y5HRD7gACw9yQjqMVvEMLBHmboM/kPWam+H+Hmyrgjh6YncVKK122YZkXrLudzTuAukUw9FnMf7IQ==",
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/cli-table3/-/cli-table3-0.6.1.tgz",
"integrity": "sha512-w0q/enDHhPLq44ovMGdQeeDLvwxwavsJX7oQGYt/LrBlYsyaxyDnp6z3QzFut/6kLLKnlcUVJLrpB7KBfgG/RA==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -516,7 +505,7 @@
"node": "10.* || >= 12.*"
},
"optionalDependencies": {
"@colors/colors": "1.5.0"
"colors": "1.4.0"
}
},
"node_modules/cli-truncate": {
@@ -563,6 +552,17 @@
"dev": true,
"license": "MIT"
},
"node_modules/colors": {
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/colors/-/colors-1.4.0.tgz",
"integrity": "sha512-a+UqTh4kgZg/SlGvfbzDHpgRu7AAQOmmqRHJnxhRZICKFUT91brVhNNt58CMWU9PsBbv3PDCZUHbVxuDiH2mtA==",
"dev": true,
"license": "MIT",
"optional": true,
"engines": {
"node": ">=0.1.90"
}
},
"node_modules/combined-stream": {
"version": "1.0.8",
"resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
@@ -619,14 +619,14 @@
}
},
"node_modules/cypress": {
"version": "13.17.0",
"resolved": "https://registry.npmjs.org/cypress/-/cypress-13.17.0.tgz",
"integrity": "sha512-5xWkaPurwkIljojFidhw8lFScyxhtiFHl/i/3zov+1Z5CmY4t9tjIdvSXfu82Y3w7wt0uR9KkucbhkVvJZLQSA==",
"version": "14.3.3",
"resolved": "https://registry.npmjs.org/cypress/-/cypress-14.3.3.tgz",
"integrity": "sha512-1Rz7zc9iqLww6BysaESqUhtIuaFHS7nL3wREovAKYsNhLTfX3TbcBWHWgEz70YimH2NkSOsm4oIcJJ9HYHOlew==",
"dev": true,
"hasInstallScript": true,
"license": "MIT",
"dependencies": {
"@cypress/request": "^3.0.6",
"@cypress/request": "^3.0.8",
"@cypress/xvfb": "^1.2.4",
"@types/sinonjs__fake-timers": "8.1.1",
"@types/sizzle": "^2.3.2",
@@ -637,9 +637,9 @@
"cachedir": "^2.3.0",
"chalk": "^4.1.0",
"check-more-types": "^2.24.0",
"ci-info": "^4.0.0",
"ci-info": "^4.1.0",
"cli-cursor": "^3.1.0",
"cli-table3": "~0.6.1",
"cli-table3": "0.6.1",
"commander": "^6.2.1",
"common-tags": "^1.8.0",
"dayjs": "^1.10.4",
@@ -663,7 +663,7 @@
"process": "^0.11.10",
"proxy-from-env": "1.0.0",
"request-progress": "^3.0.0",
"semver": "^7.5.3",
"semver": "^7.7.1",
"supports-color": "^8.1.1",
"tmp": "~0.2.3",
"tree-kill": "1.2.2",
@@ -674,7 +674,7 @@
"cypress": "bin/cypress"
},
"engines": {
"node": "^16.0.0 || ^18.0.0 || >=20.0.0"
"node": "^18.0.0 || ^20.0.0 || >=22.0.0"
}
},
"node_modules/cypress/node_modules/fs-extra": {
@@ -819,9 +819,9 @@
}
},
"node_modules/es-object-atoms": {
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.0.0.tgz",
"integrity": "sha512-MZ4iQ6JwHOBQjahnjwaC1ZtIBH+2ohjamzAO3oaHcXYup7qxjF2fixyH+Q71voWHeOkI2q/TnJao/KfXYIZWbw==",
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz",
"integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -831,6 +831,22 @@
"node": ">= 0.4"
}
},
"node_modules/es-set-tostringtag": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz",
"integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==",
"dev": true,
"license": "MIT",
"dependencies": {
"es-errors": "^1.3.0",
"get-intrinsic": "^1.2.6",
"has-tostringtag": "^1.0.2",
"hasown": "^2.0.2"
},
"engines": {
"node": ">= 0.4"
}
},
"node_modules/escape-string-regexp": {
"version": "1.0.5",
"resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
@@ -960,14 +976,16 @@
}
},
"node_modules/form-data": {
"version": "4.0.1",
"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.1.tgz",
"integrity": "sha512-tzN8e4TX8+kkxGPK8D5u0FNmjPUjw3lwC9lSLxxoB/+GtsJG91CO8bSWy73APlgAZzZbXEYZJuxjkHH2w+Ezhw==",
"version": "4.0.4",
"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.4.tgz",
"integrity": "sha512-KrGhL9Q4zjj0kiUt5OO4Mr/A/jlI2jDYs5eHBpYHPcBEVSiipAvn2Ko2HnPe20rmcuuvMHNdZFp+4IlGTMF0Ow==",
"dev": true,
"license": "MIT",
"dependencies": {
"asynckit": "^0.4.0",
"combined-stream": "^1.0.8",
"es-set-tostringtag": "^2.1.0",
"hasown": "^2.0.2",
"mime-types": "^2.1.12"
},
"engines": {
@@ -999,18 +1017,18 @@
}
},
"node_modules/get-intrinsic": {
"version": "1.2.7",
"resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.7.tgz",
"integrity": "sha512-VW6Pxhsrk0KAOqs3WEd0klDiF/+V7gQOpAvY1jVU/LHmaD/kQO4523aiJuikX/QAKYiW6x8Jh+RJej1almdtCA==",
"version": "1.3.0",
"resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz",
"integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==",
"dev": true,
"license": "MIT",
"dependencies": {
"call-bind-apply-helpers": "^1.0.1",
"call-bind-apply-helpers": "^1.0.2",
"es-define-property": "^1.0.1",
"es-errors": "^1.3.0",
"es-object-atoms": "^1.0.0",
"es-object-atoms": "^1.1.1",
"function-bind": "^1.1.2",
"get-proto": "^1.0.0",
"get-proto": "^1.0.1",
"gopd": "^1.2.0",
"has-symbols": "^1.1.0",
"hasown": "^2.0.2",
@@ -1131,6 +1149,22 @@
"url": "https://github.com/sponsors/ljharb"
}
},
"node_modules/has-tostringtag": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz",
"integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==",
"dev": true,
"license": "MIT",
"dependencies": {
"has-symbols": "^1.0.3"
},
"engines": {
"node": ">= 0.4"
},
"funding": {
"url": "https://github.com/sponsors/ljharb"
}
},
"node_modules/hasown": {
"version": "2.0.2",
"resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz",
@@ -1560,9 +1594,9 @@
}
},
"node_modules/object-inspect": {
"version": "1.13.3",
"resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.3.tgz",
"integrity": "sha512-kDCGIbxkDSXE3euJZZXzc6to7fCrKHNI/hSRQnRuQ+BWjFNzZwiFF8fj/6o2t2G9/jTj8PSIYTfCLelLZEeRpA==",
"version": "1.13.4",
"resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz",
"integrity": "sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew==",
"dev": true,
"license": "MIT",
"engines": {
@@ -1709,13 +1743,13 @@
}
},
"node_modules/qs": {
"version": "6.13.1",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.13.1.tgz",
"integrity": "sha512-EJPeIn0CYrGu+hli1xilKAPXODtJ12T0sP63Ijx2/khC2JtuaN3JyNIpvmnkmaEtha9ocbG4A4cMcr+TvqvwQg==",
"version": "6.14.0",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz",
"integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==",
"dev": true,
"license": "BSD-3-Clause",
"dependencies": {
"side-channel": "^1.0.6"
"side-channel": "^1.1.0"
},
"engines": {
"node": ">=0.6"
@@ -1794,9 +1828,9 @@
"license": "MIT"
},
"node_modules/semver": {
"version": "7.6.3",
"resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz",
"integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==",
"version": "7.7.1",
"resolved": "https://registry.npmjs.org/semver/-/semver-7.7.1.tgz",
"integrity": "sha512-hlq8tAfn0m/61p4BVRcPzIGr6LKiMwo4VM6dGi6pt4qcRkmNzTcWq6eCEjEh+qXjkMDvPlOFFSGwQjoEa6gyMA==",
"dev": true,
"license": "ISC",
"bin": {
@@ -2031,29 +2065,29 @@
"license": "GPL-2.0-or-later"
},
"node_modules/tldts": {
"version": "6.1.71",
"resolved": "https://registry.npmjs.org/tldts/-/tldts-6.1.71.tgz",
"integrity": "sha512-LQIHmHnuzfZgZWAf2HzL83TIIrD8NhhI0DVxqo9/FdOd4ilec+NTNZOlDZf7EwrTNoutccbsHjvWHYXLAtvxjw==",
"version": "6.1.86",
"resolved": "https://registry.npmjs.org/tldts/-/tldts-6.1.86.tgz",
"integrity": "sha512-WMi/OQ2axVTf/ykqCQgXiIct+mSQDFdH2fkwhPwgEwvJ1kSzZRiinb0zF2Xb8u4+OqPChmyI6MEu4EezNJz+FQ==",
"dev": true,
"license": "MIT",
"dependencies": {
"tldts-core": "^6.1.71"
"tldts-core": "^6.1.86"
},
"bin": {
"tldts": "bin/cli.js"
}
},
"node_modules/tldts-core": {
"version": "6.1.71",
"resolved": "https://registry.npmjs.org/tldts-core/-/tldts-core-6.1.71.tgz",
"integrity": "sha512-LRbChn2YRpic1KxY+ldL1pGXN/oVvKfCVufwfVzEQdFYNo39uF7AJa/WXdo+gYO7PTvdfkCPCed6Hkvz/kR7jg==",
"version": "6.1.86",
"resolved": "https://registry.npmjs.org/tldts-core/-/tldts-core-6.1.86.tgz",
"integrity": "sha512-Je6p7pkk+KMzMv2XXKmAE3McmolOQFdxkKw0R8EYNr7sELW46JqnNeTX8ybPiQgvg1ymCoF8LXs5fzFaZvJPTA==",
"dev": true,
"license": "MIT"
},
"node_modules/tmp": {
"version": "0.2.3",
"resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.3.tgz",
"integrity": "sha512-nZD7m9iCPC5g0pYmcaxogYKggSfLsdxl8of3Q/oIbqCqLLIO9IAF0GWjX1z9NZRHPiXv8Wex4yDCaZsgEw0Y8w==",
"version": "0.2.4",
"resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.4.tgz",
"integrity": "sha512-UdiSoX6ypifLmrfQ/XfiawN6hkjSBpCjhKxxZcWlUUmoXLaCKQU0bx4HF/tdDK2uzRuchf1txGvrWBzYREssoQ==",
"dev": true,
"license": "MIT",
"engines": {
@@ -2061,9 +2095,9 @@
}
},
"node_modules/tough-cookie": {
"version": "5.1.0",
"resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-5.1.0.tgz",
"integrity": "sha512-rvZUv+7MoBYTiDmFPBrhL7Ujx9Sk+q9wwm22x8c8T5IJaR+Wsyc7TNxbVxo84kZoRJZZMazowFLqpankBEQrGg==",
"version": "5.1.2",
"resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-5.1.2.tgz",
"integrity": "sha512-FVDYdxtnj0G6Qm/DhNPSb8Ju59ULcup3tuJxkFb5K8Bv2pUXILbf0xZWU8PX8Ov19OXljbUyveOFwRMwkXzO+A==",
"dev": true,
"license": "BSD-3-Clause",
"dependencies": {

2
package.json
View File

@@ -4,7 +4,7 @@
"postinstall": "node ./npm-post-install.js"
},
"devDependencies": {
"cypress": "^13.17.0"
"cypress": "^14.3.3"
},
"dependencies": {
"@tinymce/tinymce-jquery": "^2.1.0",

3
phpstan.neon
View File

@@ -28,10 +28,9 @@ parameters:
- '#Variable \$guild might not be defined#'
- '#Variable \$[a-zA-Z0-9\\_]+ might not be defined#'
# Eloquent models
- '#Call to an undefined method [a-zA-Z0-9\\_]+::[a-zA-Z0-9\\_]+\(\)#'
- '#Call to an undefined static method [a-zA-Z0-9\\_]+::[a-zA-Z0-9\\_]+\(\)#'
- '#Call to an undefined method object::toArray\(\)#'
# system/pages/highscores.php
- '#Call to an undefined method Illuminate\\Database\\Query\\Builder::withOnlineStatus\(\)#'
- '#Access to an undefined property Illuminate\\Database\\Eloquent\\Model::\$online_status#'
- '#Access to an undefined property Illuminate\\Database\\Eloquent\\Model::\$vocation_name#'
-

3
plugins/example.json
View File

@@ -51,5 +51,8 @@
"themes": true,
"admin-pages": true,
"admin-pages-sub-folders": true,
"settings": true,
"install": true,
"init": false
}
}

21
system/base.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
$baseDir = '';
$tmp = explode('/', $_SERVER['SCRIPT_NAME']);
$size = count($tmp) - 1;
for($i = 1; $i < $size; $i++)
$baseDir .= '/' . $tmp[$i];
$baseDir = str_replace(['/' . ADMIN_PANEL_FOLDER, '/install', '/tools'], '', $baseDir);
if(!IS_CLI) {
if (isset($_SERVER['HTTP_HOST'][0])) {
$baseHost = $_SERVER['HTTP_HOST'];
} else {
if (isset($_SERVER['SERVER_NAME'][0])) {
$baseHost = $_SERVER['SERVER_NAME'];
} else {
$baseHost = $_SERVER['SERVER_ADDR'];
}
}
}

8
system/clients.conf.php
View File

@@ -109,4 +109,12 @@ $config['clients'] = [
1330,
1332,
1340,
1400,
1405,
1410,
1411,
1412,
1500,
1501,
];

1
system/compat/config.php
View File

@@ -81,6 +81,7 @@ $deprecatedConfig = [
'account_change_character_name_points' => 'account_change_character_name_price',
'account_change_character_sex',
'account_change_character_sex_points' => 'account_change_character_name_price',
'email_lai_sec_interval' => 'mail_lost_account_interval',
];
foreach ($deprecatedConfig as $key => $value) {

4
system/database.php
View File

@@ -122,6 +122,10 @@ try {
$eloquentConnection = $capsule->getConnection();
if (isset($twig)) {
$twig->addGlobal('db', $db);
}
} catch (Exception $e) {
if(isset($cache) && $cache->enabled()) {
$cache->delete('config_lua');

48
system/functions.php
View File

@@ -512,6 +512,13 @@ function template_place_holder($type): string
}
elseif ($type === 'body_start') {
$ret .= $twig->render('browsehappy.html.twig');
if (admin()) {
global $account_logged;
$ret .= $twig->render('admin-bar.html.twig', [
'username' => USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()
]);
}
}
elseif($type === 'body_end') {
$ret .= template_ga_code();
@@ -767,6 +774,10 @@ function formatExperience($exp, $color = true)
return $ret;
}
function getExperienceForLevel($level): float|int {
return ( 50 / 3 ) * pow( $level, 3 ) - ( 100 * pow( $level, 2 ) ) + ( ( 850 / 3 ) * $level ) - 200;
}
function get_locales()
{
$ret = array();
@@ -982,11 +993,12 @@ function load_config_lua($filename)
foreach($lines as $ln => $line)
{
$line = trim($line);
if(@$line[0] === '{' || @$line[0] === '}') {
if(isset($line[0]) && ($line[0] === '{' || $line[0] === '}')) {
// arrays are not supported yet
// just ignore the error
continue;
}
$tmp_exp = explode('=', $line, 2);
if(str_contains($line, 'dofile')) {
$delimiter = '"';
@@ -1130,10 +1142,18 @@ function getTopPlayers($limit = 5, $skill = 'level') {
'looktype', 'lookhead', 'lookbody', 'looklegs', 'lookfeet'
];
if ($db->hasColumn('players', 'promotion')) {
$columns[] = 'promotion';
}
if ($db->hasColumn('players', 'lookaddons')) {
$columns[] = 'lookaddons';
}
if ($db->hasColumn('players', 'lookmount')) {
$columns[] = 'lookmount';
}
return Player::query()
->select($columns)
->withOnlineStatus()
@@ -1216,7 +1236,8 @@ function setting($key)
return $settings[$key[0]] = $key[1];
}
return $settings[$key]['value'];
$ret = $settings[$key];
return isset($ret) ? $ret['value'] : null;
}
function clearCache()
@@ -1265,14 +1286,15 @@ function clearCache()
$db->setClearCacheAfter(true);
}
if (function_exists('apcu_clear_cache')) {
apcu_clear_cache();
}
deleteDirectory(CACHE . 'signatures', ['index.html'], true);
deleteDirectory(CACHE . 'twig', ['index.html'], true);
deleteDirectory(CACHE . 'plugins', ['index.html'], true);
deleteDirectory(CACHE, ['signatures', 'twig', 'plugins', 'index.html', 'persistent'], true);
// routes cache
clearRouteCache();
global $hooks;
$hooks->trigger(HOOK_CACHE_CLEAR, ['cache' => Cache::getInstance()]);
@@ -1618,13 +1640,14 @@ function camelCaseToUnderscore($input)
return ltrim(strtolower(preg_replace('/[A-Z]([A-Z](?![a-z]))*/', '_$0', $input)), '_');
}
function removeIfFirstSlash(&$text) {
function removeIfFirstSlash(&$text): void
{
if(strpos($text, '/') === 0) {
$text = str_replace_first('/', '', $text);
}
};
function escapeHtml($html) {
function escapeHtml($html): string {
return htmlspecialchars($html);
}
@@ -1638,7 +1661,7 @@ function getGuildNameById($id)
return false;
}
function getGuildLogoById($id)
function getGuildLogoById($id): string
{
$logo = 'default.gif';
@@ -1654,7 +1677,8 @@ function getGuildLogoById($id)
return BASE_URL . GUILD_IMAGES_DIR . $logo;
}
function displayErrorBoxWithBackButton($errors, $action = null) {
function displayErrorBoxWithBackButton($errors, $action = null): void
{
global $twig;
$twig->display('error_box.html.twig', ['errors' => $errors]);
$twig->display('account.back_button.html.twig', [
@@ -1682,6 +1706,12 @@ function getAccountIdentityColumn(): string
return 'id';
}
function isCanary(): bool
{
$vipSystemEnabled = configLua('vipSystemEnabled');
return isset($vipSystemEnabled);
}
// validator functions
require_once SYSTEM . 'compat/base.php';

22
system/init.php
View File

@@ -12,6 +12,7 @@ use DebugBar\StandardDebugBar;
use MyAAC\Cache\Cache;
use MyAAC\CsrfToken;
use MyAAC\Hooks;
use MyAAC\Plugins;
use MyAAC\Models\Town;
use MyAAC\Settings;
@@ -46,6 +47,11 @@ if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HT
global $cache;
$cache = Cache::getInstance();
// load plugins init.php
foreach (Plugins::getInits() as $init) {
require $init;
}
// event system
global $hooks;
$hooks = new Hooks();
@@ -138,6 +144,18 @@ $ots = POT::getInstance();
$eloquentConnection = null;
require_once SYSTEM . 'database.php';
define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
define('USE_ACCOUNT_NUMBER', $db->hasColumn('accounts', 'number'));
define('USE_ACCOUNT_SALT', $db->hasColumn('accounts', 'salt'));
define('HAS_ACCOUNT_COINS', $db->hasColumn('accounts', 'coins'));
define('HAS_ACCOUNT_COINS_TRANSFERABLE', $db->hasColumn('accounts', 'coins_transferable'));
define('HAS_ACCOUNT_TRANSFERABLE_COINS', $db->hasColumn('accounts', 'transferable_coins'));
const ACCOUNT_COINS_TRANSFERABLE_COLUMN = (HAS_ACCOUNT_COINS_TRANSFERABLE ? 'coins_transferable' : 'transferable_coins');
$twig->addGlobal('logged', false);
$twig->addGlobal('account_logged', new \OTS_Account());
// verify myaac tables exists in database
if(!defined('MYAAC_INSTALL') && !$db->hasTable('myaac_account_actions')) {
throw new RuntimeException('Seems that the table myaac_account_actions of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting ' . (IS_CLI ? 'http://your-ip.com/' : BASE_URL) . 'install');
@@ -179,10 +197,6 @@ if($settingsItemImagesURL[strlen($settingsItemImagesURL) - 1] !== '/') {
setting(['core.item_images_url', $settingsItemImagesURL . '/']);
}
define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
define('USE_ACCOUNT_NUMBER', $db->hasColumn('accounts', 'number'));
define('USE_ACCOUNT_SALT', $db->hasColumn('accounts', 'salt'));
$towns = Cache::remember('towns', 10 * 60, function () use ($db) {
if ($db->hasTable('towns') && Town::count() > 0) {
return Town::orderBy('id', 'ASC')->pluck('name', 'id')->toArray();

8
system/libs/pot/OTS.php
View File

@@ -415,9 +415,11 @@ class POT
* @tutorial POT/Server_status.pkg
* @deprecated 0.1.4 Use OTS_ServerInfo->status().
*/
public static function serverStatus($server, $port)
public static function serverStatus($server, $port, $timeout = 2.0)
{
$status = new OTS_ServerInfo($server, $port);
$status->setTimeout($timeout);
return $status->status();
}
@@ -1115,7 +1117,7 @@ class POT
*
* @param IOTS_FileCache $cache Cache handler (skip this parameter to reset cache handler to null).
*/
public function setItemsCache(IOTS_FileCache $cache = null)
public function setItemsCache(?IOTS_FileCache $cache = null)
{
$this->itemsCache = $cache;
}
@@ -1253,7 +1255,7 @@ class POT
*
* @param IOTS_FileCache $cache Cache handler (skip this parameter to reset cache handler to null).
*/
public function setMapCache(IOTS_FileCache $cache = null)
public function setMapCache(?IOTS_FileCache $cache = null)
{
$this->mapCache = $cache;
}

23
system/libs/pot/OTS_Account.php
View File

@@ -445,11 +445,9 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
throw new E_OTS_NotLoaded();
}
$configFreePremium = configLua('freePremium');
if(isset($configFreePremium) && getBoolean($configFreePremium)) {return -1;}
if(isset($this->data['premium_ends_at']) || isset($this->data['premend'])) {
$col = isset($this->data['premium_ends_at']) ? 'premium_ends_at' : 'premend';
if(isset($this->data['premium_ends_at']) || isset($this->data['premend']) ||
(isCanary() && isset($this->data['lastday']))) {
$col = (isset($this->data['premium_ends_at']) ? 'premium_ends_at' : (isset($this->data['lastday']) ? 'lastday' : 'premend'));
$ret = ceil(($this->data[$col] - time()) / (24 * 60 * 60));
return max($ret, 0);
}
@@ -476,17 +474,16 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
return $this->data['lastday'];
}
public function isPremium()
public function isPremium(): bool
{
global $config;
if(isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium'])) return true;
if(isset($this->data['premium_ends_at'])) {
return $this->data['premium_ends_at'] > time();
if(isset($this->data['premium_ends_at']) || isset($this->data['premend']) ||
(isCanary() && isset($this->data['lastday']))) {
$col = (isset($this->data['premium_ends_at']) ? 'premium_ends_at' : (isset($this->data['lastday']) ? 'lastday' : 'premend'));
return $this->data[$col] > time();
}
if(isset($this->data['premend'])) {
return $this->data['premend'] > time();
if($this->data['premdays'] == self::GRATIS_PREMIUM_DAYS){
return true;
}
return ($this->data['premdays'] - (date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->data['lastday']))) - date("z", $this->data['lastday'])) > 0);

93
system/libs/pot/OTS_DB_MySQL.php
View File

@@ -26,10 +26,11 @@ use MyAAC\Cache\Cache;
*/
class OTS_DB_MySQL extends OTS_Base_DB
{
private $has_table_cache = array();
private $has_column_cache = array();
private array $has_table_cache = [];
private array $has_column_cache = [];
private array $get_column_info_cache = [];
private $clearCacheAfter = false;
private bool $clearCacheAfter = false;
/**
* Creates database connection.
*
@@ -119,6 +120,11 @@ class OTS_DB_MySQL extends OTS_Base_DB
if($cache->fetch('database_columns', $tmp) && $tmp) {
$this->has_column_cache = unserialize($tmp);
}
$tmp = null;
if($cache->fetch('database_columns_info', $tmp) && $tmp) {
$this->get_column_info_cache = unserialize($tmp);
}
}
}
@@ -155,11 +161,13 @@ class OTS_DB_MySQL extends OTS_Base_DB
if ($this->clearCacheAfter) {
$cache->delete('database_tables');
$cache->delete('database_columns');
$cache->delete('database_columns_info');
$cache->delete('database_checksum');
}
else {
$cache->set('database_tables', serialize($this->has_table_cache), 3600);
$cache->set('database_columns', serialize($this->has_column_cache), 3600);
$cache->set('database_columns_info', serialize($this->get_column_info_cache), 3600);
$cache->set('database_checksum', serialize(sha1($config['database_host'] . '.' . $config['database_name'])), 3600);
}
}
@@ -209,7 +217,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
return $sql;
}
public function hasTable($name) {
public function hasTable($name): bool
{
if(isset($this->has_table_cache[$name])) {
return $this->has_table_cache[$name];
}
@@ -217,12 +226,13 @@ class OTS_DB_MySQL extends OTS_Base_DB
return $this->hasTableInternal($name);
}
private function hasTableInternal($name) {
global $config;
return ($this->has_table_cache[$name] = $this->query('SELECT `TABLE_NAME` FROM `information_schema`.`tables` WHERE `TABLE_SCHEMA` = ' . $this->quote($config['database_name']) . ' AND `TABLE_NAME` = ' . $this->quote($name) . ' LIMIT 1;')->rowCount() > 0);
private function hasTableInternal($name): bool
{
return ($this->has_table_cache[$name] = $this->query('SELECT `TABLE_NAME` FROM `information_schema`.`tables` WHERE `TABLE_SCHEMA` = ' . $this->quote(config('database_name')) . ' AND `TABLE_NAME` = ' . $this->quote($name) . ' LIMIT 1;')->rowCount() > 0);
}
public function hasColumn($table, $column) {
public function hasColumn($table, $column): bool
{
if(isset($this->has_column_cache[$table . '.' . $column])) {
return $this->has_column_cache[$table . '.' . $column];
}
@@ -230,8 +240,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
return $this->hasColumnInternal($table, $column);
}
private function hasColumnInternal($table, $column) {
return $this->hasTable($table) && ($this->has_column_cache[$table . '.' . $column] = count($this->query('SHOW COLUMNS FROM `' . $table . "` LIKE '" . $column . "'")->fetchAll()) > 0);
private function hasColumnInternal($table, $column): bool {
return $this->hasTable($table) && ($this->has_column_cache[$table . '.' . $column] = count($this->query('SHOW COLUMNS FROM `' . $table . "` LIKE " . $this->quote($column))->fetchAll()) > 0);
}
public function hasTableAndColumns(string $table, array $columns = []): bool
@@ -247,7 +257,53 @@ class OTS_DB_MySQL extends OTS_Base_DB
return true;
}
public function revalidateCache() {
public function getColumnInfo(string $table, string $column): bool|array
{
if(isset($this->get_column_info_cache[$table . '.' . $column])) {
return $this->get_column_info_cache[$table . '.' . $column];
}
return $this->getColumnInfoInternal($table, $column);
}
private function getColumnInfoInternal(string $table, string $column): bool|array
{
if (!$this->hasTable($table) || !$this->hasColumn($table, $column)) {
return false;
}
$formatResult = function ($result) {
return [
'field' => $result['Field'],
'type' => $result['Type'],
'null' => strtolower($result['Null']),
'default' => $result['Default'],
'extra' => $result['Extra'],
];
};
$query = $this->query('SHOW COLUMNS FROM `' . $table . "` LIKE " . $this->quote($column));
$rowCount = $query->rowCount();
if ($rowCount > 1) {
$tmp = [];
$results = $query->fetchAll(PDO::FETCH_ASSOC);
foreach ($results as $result) {
$tmp[] = $formatResult($result);
}
return ($this->get_column_info_cache[$table . '.' . $column] = $tmp);
}
else if ($rowCount == 1) {
$result = $query->fetch(PDO::FETCH_ASSOC);
return ($this->get_column_info_cache[$table . '.' . $column] = $formatResult($result));
}
return [];
}
public function revalidateCache(): void
{
foreach($this->has_table_cache as $key => $value) {
$this->hasTableInternal($key);
}
@@ -262,6 +318,21 @@ class OTS_DB_MySQL extends OTS_Base_DB
$this->hasColumnInternal($explode[0], $explode[1]);
}
}
foreach($this->get_column_info_cache as $key => $value) {
$explode = explode('.', $key);
if(!isset($this->has_table_cache[$explode[0]])) { // first check if table exist
$this->hasTableInternal($explode[0]);
}
if($this->has_table_cache[$explode[0]]) {
$this->hasColumnInternal($explode[0], $explode[1]);
}
if($this->has_table_cache[$explode[0]]) {
$this->getColumnInfoInternal($explode[0], $explode[1]);
}
}
}
public function setClearCacheAfter($clearCache)

7
system/libs/pot/OTS_InfoRespond.php
View File

@@ -219,11 +219,16 @@ class OTS_InfoRespond extends DOMDocument
* @return int Count of monsters.
* @throws DOMException On DOM operation error.
*/
public function getMonstersCount()
public function getMonstersCount(): int
{
return (int) $this->documentElement->getElementsByTagName('monsters')->item(0)->getAttribute('total');
}
public function getNPCsCount(): int
{
return (int) $this->documentElement->getElementsByTagName('npcs')->item(0)->getAttribute('total');
}
/**
* Returns map name.
*

37
system/libs/pot/OTS_Player.php
View File

@@ -2919,6 +2919,32 @@ class OTS_Player extends OTS_Row_DAO
$this->data['banned'] = $ban['active'];
$this->data['banned_time'] = $ban['expires'];
}
public function isNameLocked(): bool
{
// nothing can't be banned
if( !$this->isLoaded() ) {
throw new E_OTS_NotLoaded();
}
if($this->db->hasTable('player_namelocks')) {
$ban = $this->db->query('SELECT 1 FROM `player_namelocks` WHERE `player_id` = ' . $this->data['id'])->fetch(PDO::FETCH_ASSOC);
return (isset($ban['1']));
}
else if($this->db->hasTable('bans')) {
if($this->db->hasColumn('bans', 'active')) {
$ban = $this->db->query('SELECT `active`, `expires` FROM `bans` WHERE `type` = 2 AND `active` = 1 AND `value` = ' . $this->data['id'] . ' AND (`expires` > ' . time() .' OR `expires` = -1) ORDER BY `expires` DESC')->fetch();
return isset($ban['active']);
}
else { // tfs 0.2
$ban = $this->db->query('SELECT `time` FROM `bans` WHERE `type` = 2 AND `account` = ' . $this->data['account_id'] . ' AND (`time` > ' . time() .' OR `time` = -1) ORDER BY `time` DESC')->fetch();
return isset($ban['time']) && ($ban['time'] == -1 || $ban['time'] > 0);
}
}
return false;
}
/**
* Deletes player.
*
@@ -2953,21 +2979,14 @@ class OTS_Player extends OTS_Row_DAO
* @return string Player proffesion name.
* @throws E_OTS_NotLoaded If player is not loaded or global vocations list is not loaded.
*/
public function getVocationName()
public function getVocationName(): string
{
if( !isset($this->data['vocation']) )
{
throw new E_OTS_NotLoaded();
}
global $config;
$voc = $this->getVocation();
if(!isset($config['vocations'][$voc])) {
return 'Unknown';
}
return $config['vocations'][$voc];
//return POT::getInstance()->getVocationsList()->getVocationName($this->data['vocation']);
return OTS_Toolbox::getVocationName($this->data['vocation'], $this->data['promotion'] ?? 0);
}
/**

15
system/libs/pot/OTS_ServerInfo.php
View File

@@ -26,14 +26,19 @@ class OTS_ServerInfo
*
* @var string
*/
private $server;
private string $server;
/**
* Connection port.
*
* @var int
*/
private $port;
private int $port;
/**
* Status timeout
*/
private float $timeout = 2.0;
/**
* Creates handler for new server.
@@ -57,7 +62,7 @@ class OTS_ServerInfo
private function send(OTS_Buffer $packet)
{
// connects to server
$socket = @fsockopen($this->server, $this->port, $error, $message, setting('core.status_timeout'));
$socket = @fsockopen($this->server, $this->port, $error, $message, $this->timeout);
// if connected then checking statistics
if($socket)
@@ -224,6 +229,10 @@ class OTS_ServerInfo
throw new OutOfBoundsException();
}
}
public function setTimeout($timeout) {
$this->timeout = $timeout;
}
}
/**#@-*/

9
system/libs/pot/OTS_Toolbox.php
View File

@@ -110,6 +110,15 @@ class OTS_Toolbox
$list->setFilter($filter);
return $list;
}
public static function getVocationName($id, $promotion = 0): string
{
if($promotion > 0) {
$id = ($id + ($promotion * config('vocations_amount')));
}
return config('vocations')[$id] ?? 'Unknown';
}
}
/**#@-*/

3
system/locale/de/install.php
View File

@@ -48,6 +48,8 @@ $locale['step_config'] = 'Konfiguration';
$locale['step_config_title'] = 'Grundkonfiguration';
$locale['step_config_server_path'] = 'Serverpfad';
$locale['step_config_server_path_desc'] = 'Pfad zu Ihrem TFS-Hauptverzeichnis, in dem sich die config.lua befinden.';
$locale['step_config_site_url'] = 'Website URL';
$locale['step_config_site_url_desc'] = 'Ihre Website-Adresse.';
$locale['step_config_mail_admin'] = 'Admin E-Mail';
$locale['step_config_mail_admin_desc'] = 'Adresse, an die E-Mails aus dem Kontaktformular gesendet werden, z. B. admin@gmail.com';
$locale['step_config_mail_admin_error'] = 'Admin E-Mail ist nicht korrekt.';
@@ -76,6 +78,7 @@ $locale['step_database_error_mysql_connect_3'] = 'MySQL ist nicht richtig konfig
$locale['step_database_error_mysql_connect_4'] = 'MySQL-Server läuft nicht.';
$locale['step_database_error_schema'] = 'Fehler beim Importieren des Schemas:';
$locale['step_database_success_schema'] = '$PREFIX$ Tabellen wurden erfolgreich installiert.';
$locale['step_database_success_import_data'] = 'Import von Daten für Tabellen was erfolgreich.';
$locale['step_database_error_file'] = '$FILE$ konnte nicht geöffnet werden. Bitte kopieren Sie diesen Inhalt und fügen Sie ihn dort ein:';
$locale['step_database_adding_field'] = 'Folgendes Feld wurde hinzugefügt: ';
$locale['step_database_modifying_field'] = 'Folgendes Feld wurde geändert: ';

3
system/locale/en/install.php
View File

@@ -52,6 +52,8 @@ $locale['step_config'] = 'Configuration';
$locale['step_config_title'] = 'Basic configuration';
$locale['step_config_server_path'] = 'Server path';
$locale['step_config_server_path_desc'] = 'Path to your TFS main directory, where you have config.lua located.';
$locale['step_config_site_url'] = 'Website URL';
$locale['step_config_site_url_desc'] = 'Your website address.';
$locale['step_config_mail_admin'] = 'Admin Email';
$locale['step_config_mail_admin_desc'] = 'Address where emails from contact form will be delivered, for example admin@gmail.com';
$locale['step_config_mail_admin_error'] = 'Admin Email is not correct.';
@@ -81,6 +83,7 @@ $locale['step_database_error_mysql_connect_3'] = 'MySQL is not configured proper
$locale['step_database_error_mysql_connect_4'] = 'MySQL server is not running.';
$locale['step_database_error_schema'] = 'Error while importing schema:';
$locale['step_database_success_schema'] = 'Successfully installed $PREFIX$ tables.';
$locale['step_database_success_import_data'] = 'Successfully imported base data for tables.';
$locale['step_database_error_file'] = '$FILE$ couldn\'t be opened. Please copy this content and paste there:';
$locale['step_database_adding_field'] = 'Adding field';
$locale['step_database_modifying_field'] = 'Modifying field';

5
system/locale/pl/install.php
View File

@@ -52,6 +52,8 @@ $locale['step_config'] = 'Konfiguracja';
$locale['step_config_title'] = 'Podstawowa konfiguracja';
$locale['step_config_server_path'] = 'Ścieżka do serwera';
$locale['step_config_server_path_desc'] = 'Ścieżka do Twojego folderu z TFS, gdzie znajduje się plik config.lua.';
$locale['step_config_server_url'] = 'Adres strony';
$locale['step_config_server_url_desc'] = 'Adres tej strony www.';
$locale['step_config_mail_admin'] = 'E-Mail admina';
$locale['step_config_mail_admin_desc'] = 'Na ten adres będą dostarczane E-Maile z formularza kontaktowego, przykładowo admin@gmail.com';
$locale['step_config_mail_admin_error'] = 'E-Mail admina jest niepoprawny.';
@@ -79,7 +81,8 @@ $locale['step_database_error_mysql_connect_2'] = 'Możliwe przyczyny:';
$locale['step_database_error_mysql_connect_3'] = 'MySQL nie jest poprawnie skonfigurowane w <i>config.lua</i>.';
$locale['step_database_error_mysql_connect_4'] = 'Serwer MySQL nie jest uruchomiony.';
$locale['step_database_error_schema'] = 'Błąd podczas importowania struktury bazy danych:';
$locale['step_database_success_schema'] = 'Pomyślnie zainstalowano tabele $PREFIX$.';
$locale['step_database_success_schema'] = 'Pomyślnie zaimportowano tabele $PREFIX$.';
$locale['step_database_success_import_data'] = 'Pomyślnie załadowano bazowe dane dla tabel.';
$locale['step_database_error_file'] = '$FILE$ nie mógł zostać otwarty. Proszę skopiować zawartość pola tekstowego i wkleić do tego pliku:';
$locale['step_database_adding_field'] = 'Dodawanie pola';
$locale['step_database_modifying_field'] = 'Modyfikacja pola';

2
system/login.php
View File

@@ -34,8 +34,10 @@ if($logged) {
$twig->addGlobal('account_logged', $account_logged);
}
if (!defined('IGNORE_SET_LAST_VISIT') || !IGNORE_SET_LAST_VISIT) {
setSession('last_visit', time());
if(defined('PAGE')) {
setSession('last_page', PAGE);
}
setSession('last_uri', $_SERVER['REQUEST_URI']);
}

2
system/migrate.php
View File

@@ -9,6 +9,8 @@
*/
defined('MYAAC') or die('Direct access not allowed!');
global $db;
// database migrations
$tmp = '';
if(fetchDatabaseConfig('database_version', $tmp)) { // we got version

35
system/migrations/44.php
View File

@@ -1,27 +1,20 @@
<?php
/**
* @var OTS_DB_MySQL $db
*/
// 2025-02-27
// remove ipv6, change to ip (for both ipv4 + ipv6) as VARCHAR(45)
$up = function () use ($db) {
$db->query("ALTER TABLE `myaac_account_actions` DROP KEY `account_id`;");
$db->query("ALTER TABLE `myaac_account_actions` ADD COLUMN `id` INT(11) NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (`id`);");
// 2025-05-14
// update pages links
// server-info conflicts with apache2 mod
// Changelog conflicts with changelog files
$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'ip', "VARCHAR(45) NOT NULL DEFAULT ''");
$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET_NTOA(`ip`) WHERE `ip` != '0';");
$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET6_NTOA(`ipv6`) WHERE `ip` = '0';");
$db->dropColumn(TABLE_PREFIX . 'account_actions', 'ipv6');
use MyAAC\Models\Menu;
use MyAAC\Models\Pages;
$up = function() {
Menu::where('link', 'server-info')->update(['link' => 'ots-info']);
Menu::where('link', 'changelog')->update(['link' => 'change-log']);
};
$down = function () use ($db) {
$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` DROP `id`;");
$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` ADD KEY (`account_id`);");
$db->addColumn(TABLE_PREFIX . 'account_actions', 'ipv6', "BINARY(16) NOT NULL DEFAULT 0x00000000000000000000000000000000 AFTER ip");
$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ipv6` = INET6_ATON(ip) WHERE NOT IS_IPV4(`ip`);");
$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET_ATON(`ip`) WHERE IS_IPV4(`ip`);");
$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = 0 WHERE `ipv6` != 0x00000000000000000000000000000000;");
$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'ip', "INT(11) UNSIGNED NOT NULL DEFAULT 0;");
$down = function() {
Menu::where('link', 'ots-info')->update(['link' => 'server-info']);
Menu::where('link', 'change-log')->update(['link' => 'changelog']);
};

32
system/migrations/45.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
// 2025-05-14
// update pages links
// server-info conflicts with apache2 mod
// Changelog conflicts with changelog files
use MyAAC\Models\Pages;
$up = function() {
Pages::where('name', 'rules_on_the_page')->update(['hide' => 1]);
$rules = Pages::where('name', 'rules')->first();
if (!$rules) {
Pages::create([
'name' => 'rules',
'title' => 'Server Rules',
'body' => '<b>{{ config.lua.serverName }} Rules</b><br/>' . nl2br(file_get_contents(__DIR__ . '/30-rules.txt')),
'date' => time(),
'player_id' => 1,
'php' => 0,
'enable_tinymce' => 1,
'access' => 0,
'hide' => 0,
]);
}
};
$down = function() {
Pages::where('name', 'rules_on_the_page')->update(['hide' => 0]);
};

8
system/migrations/46-account_emails_verify.sql Normal file
View File

@@ -0,0 +1,8 @@
CREATE TABLE `myaac_account_emails_verify`
(
`id` int NOT NULL AUTO_INCREMENT,
`account_id` int NOT NULL,
`hash` varchar(32) NOT NULL,
`sent_at` int NOT NULL DEFAULT 0,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;

24
system/migrations/46.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
/**
* @var OTS_DB_MySQL $db
*/
$up = function () use ($db) {
if ($db->hasColumn('accounts', 'email_hash')) {
$db->dropColumn('accounts', 'email_hash');
}
if (!$db->hasTable(TABLE_PREFIX . 'account_emails_verify')) {
$db->query(file_get_contents(__DIR__ . '/46-account_emails_verify.sql'));
}
};
$down = function () use ($db) {
if (!$db->hasColumn('accounts', 'email_hash')) {
$db->addColumn('accounts', 'email_hash', "varchar(32) NOT NULL DEFAULT ''");
}
if ($db->hasTable(TABLE_PREFIX . 'account_emails_verify')) {
$db->dropTable(TABLE_PREFIX . 'account_emails_verify');
}
};

2
system/pages/404.php
View File

@@ -8,7 +8,7 @@
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = '404 Not Found';
$title = 'Not Found';
header('HTTP/1.0 404 Not Found');
?>

2
system/pages/405.php
View File

@@ -8,7 +8,7 @@
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = '405 Method Not Allowed';
$title = 'Method Not Allowed';
header('HTTP/1.0 405 Method Not Allowed');
?>

4
system/pages/account/change-email.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$email_new_time = $account_logged->getCustomField("email_new_time");
if($email_new_time > 10) {
@@ -164,7 +166,7 @@ if(isset($_POST['emailchangecancel']) && $_POST['emailchangecancel'] == 1) {
$account_logged->setCustomField("email_new", "");
$account_logged->setCustomField("email_new_time", 0);
$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="' . getLink('account/manage') . '" method="post" ><tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="' . getLink('account/manage') . '" method="post" >' . csrf(true) . '<tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
$twig->display('success.html.twig', array(
'title' => 'Email Address Change Cancelled',

2
system/pages/account/change-info.php
View File

@@ -20,6 +20,8 @@ if(!$logged) {
return;
}
csrfProtect();
if(setting('core.account_country'))
require SYSTEM . 'countries.conf.php';

20
system/pages/account/change-password.php
View File

@@ -17,18 +17,19 @@ if(!$logged) {
return;
}
$new_password = $_POST['newpassword'] ?? NULL;
$new_password_confirm = $_POST['newpassword_confirm'] ?? NULL;
$old_password = $_POST['oldpassword'] ?? NULL;
csrfProtect();
$new_password = $_POST['new_password'] ?? null;
$new_password_confirm = $_POST['new_password_confirm'] ?? null;
$old_password = $_POST['old_password'] ?? null;
if(empty($new_password) && empty($new_password_confirm) && empty($old_password)) {
$twig->display('account.change-password.html.twig');
}
else
{
else {
if(empty($new_password) || empty($new_password_confirm) || empty($old_password)){
$errors[] = 'Please fill in form.';
}
$password_strlen = strlen($new_password);
if($new_password != $new_password_confirm) {
$errors[] = 'The new passwords do not match!';
}
@@ -39,10 +40,13 @@ else
}
/** @var OTS_Account $account_logged */
$old_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $old_password);
if($old_password != $account_logged->getPassword()) {
$old_password_hashed = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $old_password);
if($old_password_hashed != $account_logged->getPassword()) {
$errors[] = 'Current password is incorrect!';
}
else if ($old_password == $new_password) {
$errors[] = 'The old password is same as the new password!';
}
$hooks->trigger(HOOK_ACCOUNT_CHANGE_PASSWORD_POST);
}

2
system/pages/account/characters/change-comment.php
View File

@@ -20,6 +20,8 @@ if(!$logged) {
return;
}
csrfProtect();
$player = null;
$player_name = isset($_REQUEST['name']) ? stripslashes(urldecode($_REQUEST['name'])) : null;
$new_comment = isset($_POST['comment']) ? htmlspecialchars(stripslashes(substr($_POST['comment'],0,2000))) : NULL;

2
system/pages/account/characters/change-name.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
$name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : NULL;
if((!setting('core.account_change_character_name')))

2
system/pages/account/characters/change-sex.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$sex_changed = false;
$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
$new_sex = isset($_POST['new_sex']) ? (int)$_POST['new_sex'] : NULL;

2
system/pages/account/characters/create.php
View File

@@ -20,6 +20,8 @@ if(!$logged) {
return;
}
csrfProtect();
$character_name = isset($_POST['name']) ? stripslashes($_POST['name']) : null;
$character_sex = isset($_POST['sex']) ? (int)$_POST['sex'] : null;
$character_vocation = isset($_POST['vocation']) ? (int)$_POST['vocation'] : null;

2
system/pages/account/characters/delete.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : null;
$password_verify = isset($_POST['delete_password']) ? $_POST['delete_password'] : null;
$password_verify = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $password_verify);

13
system/pages/account/confirm-email.php
View File

@@ -9,6 +9,7 @@
*/
use MyAAC\Models\Account;
use MyAAC\Models\AccountEmailVerify;
defined('MYAAC') or die('Direct access not allowed!');
@@ -20,16 +21,20 @@ if(empty($hash)) {
return;
}
if(!Account::where('email_hash', $hash)->exists()) {
note("Your email couldn't be verified. Please contact staff to do it manually.");
// by default link is valid for 30 days
$accountEmailVerify = AccountEmailVerify::where('hash', $hash)->where('sent_at', '>', time() - 30 * 24 * 60 * 60)->first();
if(!$accountEmailVerify) {
note("Wrong link or link has expired.");
}
else
{
$accountModel = Account::where('email_hash', $hash)->where('email_verified', 0)->first();
$accountModel = Account::where('id', $accountEmailVerify->account_id)->where('email_verified', 0)->first();
if ($accountModel) {
$accountModel->email_verified = 1;
$accountModel->save();
AccountEmailVerify::where('account_id', $accountModel->id)->delete();
success('You have now verified your e-mail, this will increase the security of your account. Thank you for doing this. You can now <a href=' . getLink('account/manage') . '>log in</a>.');
$account = new OTS_Account();
@@ -39,6 +44,6 @@ else
}
}
else {
error('Link has expired.');
error('Your account is already verified.');
}
}

29
system/pages/account/create.php
View File

@@ -10,6 +10,7 @@
*/
use MyAAC\CreateCharacter;
use MyAAC\Models\AccountEmailVerify;
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Create Account';
@@ -23,6 +24,8 @@ if($logged)
return;
}
csrfProtect();
if(setting('core.account_create_character_create')) {
$createCharacter = new CreateCharacter();
}
@@ -219,8 +222,19 @@ if($save)
}
}
if(setting('core.account_premium_points') && setting('core.account_premium_points') > 0) {
$new_account->setCustomField('premium_points', setting('core.account_premium_points'));
$accountDefaultPremiumPoints = setting('core.account_premium_points');
if($accountDefaultPremiumPoints > 0) {
$new_account->setCustomField('premium_points', $accountDefaultPremiumPoints);
}
$accountDefaultCoins = setting('core.account_coins');
if(HAS_ACCOUNT_COINS && $accountDefaultCoins > 0) {
$new_account->setCustomField('coins', $accountDefaultCoins);
}
$accountDefaultCoinsTransferable = setting('core.account_coins_transferable');
if((HAS_ACCOUNT_COINS_TRANSFERABLE || HAS_ACCOUNT_TRANSFERABLE_COINS) && $accountDefaultCoinsTransferable > 0) {
$new_account->setCustomField(ACCOUNT_COINS_TRANSFERABLE_COLUMN, $accountDefaultCoinsTransferable);
}
$tmp_account = $email;
@@ -231,7 +245,12 @@ if($save)
if(setting('core.mail_enabled') && setting('core.account_mail_verify'))
{
$hash = md5(generateRandomString(16, true, true) . $email);
$new_account->setCustomField('email_hash', $hash);
AccountEmailVerify::create([
'account_id' => $new_account->getId(),
'hash' => $hash,
'sent_at' => time(),
]);
$verify_url = getLink('account/confirm-email/' . $hash);
$body_html = $twig->render('mail.account.verify.html.twig', array(
@@ -255,8 +274,10 @@ if($save)
}
else
{
error('An error occorred while sending email! Account not created. Try again. For Admin: More info can be found in system/logs/mailer-error.log');
error('An error occurred while sending email! Account not created. Try again. For Admin: More info can be found in system/logs/mailer-error.log');
$new_account->delete();
return;
}
}
else

11
system/pages/account/login.php
View File

@@ -18,6 +18,8 @@ if($logged || !isset($_POST['account_login']) || !isset($_POST['password_login']
return;
}
csrfProtect();
$login_account = $_POST['account_login'];
$login_password = $_POST['password_login'];
$remember_me = isset($_POST['remember_me']);
@@ -46,7 +48,9 @@ if(!empty($login_account) && !empty($login_password))
)
{
if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
$link = getLink('account/resend-email-verify');
$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.<br/>' .
'You can resend the Email here: <a href="' . $link . '">' . $link . '</a>';
} else {
session_regenerate_id();
setSession('account', $account_logged->getId());
@@ -95,3 +99,8 @@ else {
}
$hooks->trigger(HOOK_ACCOUNT_LOGIN_POST);
if($logged) {
$twig->addGlobal('logged', true);
$twig->addGlobal('account_logged', $account_logged);
}

21
system/pages/account/manage.php
View File

@@ -34,17 +34,28 @@ if(isset($_REQUEST['redirect']))
return;
}
csrfProtect();
$groups = new OTS_Groups_List();
$freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS;
$dayOrDays = $account_logged->getPremDays() == 1 ? 'day' : 'days';
/**
* @var OTS_Account $account_logged
*/
if(!$account_logged->isPremium())
$premDays = $account_logged->getPremDays();
$freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $premDays == OTS_Account::GRATIS_PREMIUM_DAYS;
$dayOrDays = ($premDays == 1 ? 'day' : 'days');
$vipSystemEnabled = isset($config['lua']['vipSystemEnabled']) && getBoolean($config['lua']['vipSystemEnabled']);
$premiumLabel = $vipSystemEnabled ? 'VIP' : 'Premium Account';
if ($freePremium && !$vipSystemEnabled) {
$account_status = '<b><span style="color: green">Gratis Premium Account</span></b>';
} else if(!$account_logged->isPremium()) {
$account_status = '<b><span style="color: red">Free Account</span></b>';
else
$account_status = '<b><span style="color: green">' . ($freePremium ? 'Gratis Premium Account' : 'Premium Account, ' . $account_logged->getPremDays() . ' '.$dayOrDays.' left') . '</span></b>';
} else {
$account_status = '<b><span style="color: green">' . $premiumLabel . ', ' . $premDays . ' '.$dayOrDays.' left</span></b>';
}
$recovery_key = $account_logged->getCustomField('key');
if(empty($recovery_key))

23
system/pages/account/redirect.php
View File

@@ -1,23 +0,0 @@
<?php
/**
* Change comment
*
* @package MyAAC
* @author Gesior <jerzyskalski@wp.pl>
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$redirect = urldecode($_REQUEST['redirect']);
// should never happen, unless hacker modify the URL
if (!str_contains($redirect, BASE_URL)) {
error('Fatal error: Cannot redirect outside the website.');
return;
}
$twig->display('account.redirect.html.twig', array(
'redirect' => $redirect
));

2
system/pages/account/register-new.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
if(isset($_POST['reg_password']))
$reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);

2
system/pages/account/register.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$_POST['reg_password'] = $_POST['reg_password'] ?? '';
$reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
$old_key = $account_logged->getCustomField("key");

94
system/pages/account/resend-email-verify.php Normal file
View File

@@ -0,0 +1,94 @@
<?php
use MyAAC\Models\AccountEmailVerify;
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Resend Email';
$errorWithBackButton = function ($msg) use ($twig) {
$errors = [$msg];
$twig->display('error_box.html.twig', ['errors' => $errors]);
$twig->display('account.back_button.html.twig', [
'action' => getLink('account/resend-email-verify'),
]);
};
if (!setting('core.mail_enabled') || !setting('core.account_mail_verify')) {
$errorWithBackButton('Resending email is not possible on this server.');
return;
}
$showForm = true;
if (isset($_POST['submit']) && $_POST['submit'] == '1') {
$email = $_REQUEST['email'];
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errorWithBackButton('Please enter valid Email.');
return;
}
$account = new OTS_Account();
$account->findByEMail($email);
if ($account->isLoaded()) {
if ($account->getCustomField('email_verified') == '1') {
$errorWithBackButton('This account is already verified! You can <a href=' . getLink('account/manage') . '>log in</a> on the website.');
return;
}
$accountEmailVerify = AccountEmailVerify::where('account_id', $account->getId())->orderBy('sent_at', 'DESC')->first();
if ($accountEmailVerify && time() - $accountEmailVerify->sent_at < 60) {
$errorWithBackButton('Only one Email per minute is allowed. Please try again later.');
return;
}
$tmp_account = $email;
if (!config('account_login_by_email')) {
$tmp_account = (USE_ACCOUNT_NAME ? $account->getName() : $account->getId());
}
$hash = md5(generateRandomString(16, true, true) . $email);
AccountEmailVerify::create([
'account_id' => $account->getId(),
'hash' => $hash,
'sent_at' => time(),
]);
$verify_url = getLink('account/confirm-email/' . $hash);
$body_html = $twig->render('mail.account.resend-email-verify.html.twig', array(
'account' => $tmp_account,
'verify_url' => generateLink($verify_url, $verify_url, true)
));
if (_mail($account->getEMail(), configLua('serverName') . ' - Verify Account', $body_html)) {
$message = "If account with this email exists - you will become an email with verification link.";
$showForm = false;
} else {
$message = "<p class='error'>An error occurred while sending email (<b>{$email}</b> )! Try again later. For Admin: More info can be found in system/logs/mailer-error.log</p>";
}
}
else {
$message = "<br />If account with this email exists - you will become an email with verification link.";
$showForm = false;
}
$twig->display('success.html.twig', array(
'title' => 'Verify Email Sent',
'description' => $message,
));
}
//show errors if not empty
if (!empty($errors)) {
$twig->display('error_box.html.twig', ['errors' => $errors]);
$twig->display('account.back_button.html.twig', [
'action' => getLink('account/resend-email-verify'),
]);
}
if ($showForm) {
$twig->display('account.resend-email-verify.html.twig');
}

46
system/pages/change-log.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
/**
* Changelog
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Changelog';
use MyAAC\Models\Changelog;
$_page = isset($_GET['page']) ? (int)$_GET['page'] : 0;
$limit = 30;
$offset = $_page * $limit;
$next_page = false;
$canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin();
$changelogs = Changelog::isPublic()->orderByDesc('date')->limit($limit + 1)->offset($offset)->get()->toArray();
$i = 0;
foreach($changelogs as $key => &$log)
{
if($i < $limit) {
$log['type'] = getChangelogType($log['type']);
$log['where'] = getChangelogWhere($log['where']);
}
else {
unset($changelogs[$key]);
}
if ($i >= $limit)
$next_page = true;
$i++;
}
$twig->display('changelog.html.twig', array(
'changelogs' => $changelogs,
'page' => $_page,
'next_page' => $next_page,
'canEdit' => $canEdit,
));

45
system/pages/changelog.php
View File

@@ -1,46 +1,3 @@
<?php
/**
* Changelog
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Changelog';
use MyAAC\Models\Changelog;
$_page = isset($_GET['page']) ? (int)$_GET['page'] : 0;
$limit = 30;
$offset = $_page * $limit;
$next_page = false;
$canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin();
$changelogs = Changelog::isPublic()->orderByDesc('date')->limit($limit + 1)->offset($offset)->get()->toArray();
$i = 0;
foreach($changelogs as $key => &$log)
{
if($i < $limit) {
$log['type'] = getChangelogType($log['type']);
$log['where'] = getChangelogWhere($log['where']);
}
else {
unset($changelogs[$key]);
}
if ($i >= $limit)
$next_page = true;
$i++;
}
$twig->display('changelog.html.twig', array(
'changelogs' => $changelogs,
'page' => $_page,
'next_page' => $next_page,
'canEdit' => $canEdit,
));
require 'change-log.php';

37
system/pages/forum/admin.php
View File

@@ -17,6 +17,8 @@ if(!$canEdit) {
return;
}
csrfProtect();
$groupsList = new OTS_Groups_List();
$groups = [
['id' => 0, 'name' => 'Guest'],
@@ -30,23 +32,24 @@ foreach ($groupsList as $group) {
}
if(!empty($action)) {
if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board')
if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board') {
$id = $_REQUEST['id'];
if(isset($_REQUEST['access'])) {
$access = $_REQUEST['access'];
}
if(isset($_REQUEST['guild'])) {
$guild = $_REQUEST['guild'];
if(isset($_POST['access'])) {
$access = $_POST['access'];
}
if(isset($_REQUEST['name'])) {
$name = $_REQUEST['name'];
if(isset($_POST['guild'])) {
$guild = $_POST['guild'];
}
if(isset($_REQUEST['description'])) {
$description = stripslashes($_REQUEST['description']);
if(isset($_POST['name'])) {
$name = $_POST['name'];
}
if(isset($_POST['description'])) {
$description = stripslashes($_POST['description']);
}
$errors = [];
@@ -55,12 +58,13 @@ if(!empty($action)) {
if(Forum::add_board($name, $description, $access, $guild, $errors)) {
$action = $name = $description = '';
header('Location: ' . getLink('forum'));
exit;
}
}
else if($action == 'delete_board') {
Forum::delete_board($id, $errors);
header('Location: ' . getLink('forum'));
$action = '';
exit;
}
else if($action == 'edit_board')
{
@@ -74,28 +78,27 @@ if(!empty($action)) {
else {
Forum::update_board($id, $name, $access, $guild, $description);
header('Location: ' . getLink('forum'));
$action = $name = $description = '';
$access = $guild = 0;
exit;
}
}
else if($action == 'hide_board') {
Forum::toggleHide_board($id, $errors);
header('Location: ' . getLink('forum'));
$action = '';
exit;
}
else if($action == 'moveup_board') {
Forum::move_board($id, -1, $errors);
header('Location: ' . getLink('forum'));
$action = '';
exit;
}
else if($action == 'movedown_board') {
Forum::move_board($id, 1, $errors);
header('Location: ' . getLink('forum'));
$action = '';
exit;
}
if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
$twig->display('error_box.html.twig', ['errors' => $errors]);
$action = '';
}
}

17
system/pages/forum/edit_post.php
View File

@@ -23,8 +23,9 @@ if(!$logged) {
return;
}
if(Forum::canPost($account_logged))
{
csrfProtect();
if(Forum::canPost($account_logged)) {
$post_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : false;
if(!$post_id) {
$errors[] = 'Please enter post id.';
@@ -41,12 +42,12 @@ if(Forum::canPost($account_logged))
$char_id = $post_topic = $text = $smile = $html = null;
$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
$saved = false;
if(isset($_REQUEST['save'])) {
$text = stripslashes(trim($_REQUEST['text']));
$char_id = (int) $_REQUEST['char_id'];
$post_topic = stripslashes(trim($_REQUEST['topic']));
$smile = isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0;
$html = isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0;
if(isset($_POST['save'])) {
$text = stripslashes(trim($_POST['text']));
$char_id = (int) $_POST['char_id'];
$post_topic = stripslashes(trim($_POST['topic']));
$smile = isset($_POST['smile']) ? (int)$_POST['smile'] : 0;
$html = isset($_POST['html']) ? (int)$_POST['html'] : 0;
if (!superAdmin()) {
$html = 0;

8
system/pages/forum/move_thread.php
View File

@@ -23,15 +23,17 @@ if(!$logged) {
return;
}
csrfProtect();
if(!Forum::isModerator()) {
echo 'You are not logged in or you are not moderator.';
return;
}
$save = isset($_REQUEST['save']) && (int)$_REQUEST['save'] == 1;
$save = isset($_POST['save']) && (int)$_POST['save'] == 1;
if($save) {
$post_id = (int)$_REQUEST['id'];
$board = (int)$_REQUEST['section'];
$post_id = (int)$_POST['id'];
$board = (int)$_POST['section'];
if(!Forum::hasAccess($board)) {
$errors[] = "You don't have access to this board.";
displayErrorBoxWithBackButton($errors, getLink('forum'));

21
system/pages/forum/new_post.php
View File

@@ -28,6 +28,8 @@ if(!$logged) {
return;
}
csrfProtect();
if(Forum::canPost($account_logged)) {
$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
$thread_id = isset($_REQUEST['thread_id']) ? (int) $_REQUEST['thread_id'] : 0;
@@ -43,11 +45,11 @@ if(Forum::canPost($account_logged)) {
echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread_id) . '">'.htmlspecialchars($thread['post_topic']).'</a> >> <b>Post new reply</b><br /><h3>'.htmlspecialchars($thread['post_topic']).'</h3>';
$quote = isset($_REQUEST['quote']) ? (int) $_REQUEST['quote'] : NULL;
$text = isset($_REQUEST['text']) ? stripslashes(trim($_REQUEST['text'])) : NULL;
$char_id = (int) ($_REQUEST['char_id'] ?? 0);
$post_topic = isset($_REQUEST['topic']) ? stripslashes(trim($_REQUEST['topic'])) : '';
$smile = (int)($_REQUEST['smile'] ?? 0);
$html = (int)($_REQUEST['html'] ?? 0);
$text = isset($_POST['text']) ? stripslashes(trim($_POST['text'])) : NULL;
$char_id = (int) ($_POST['char_id'] ?? 0);
$post_topic = isset($_POST['topic']) ? stripslashes(trim($_POST['topic'])) : '';
$smile = (int)($_POST['smile'] ?? 0);
$html = (int)($_POST['html'] ?? 0);
$saved = false;
if (!superAdmin()) {
@@ -60,10 +62,10 @@ if(Forum::canPost($account_logged)) {
$text = '[i]Originally posted by ' . $quoted_post[0]['name'] . ' on ' . date('d.m.y H:i:s', $quoted_post[0]['post_date']) . ':[/i][quote]' . $quoted_post[0]['post_text'] . '[/quote]';
}
}
elseif(isset($_REQUEST['save'])) {
elseif(isset($_POST['save'])) {
$length = strlen($text);
if($length < 1 || strlen($text) > 15000) {
$errors[] = 'Too short or too long post (Length: $length letters). Minimum 1 letter, maximum 15000 letters.';
$errors[] = "Too short or too long post (Length: $length letters). Minimum 1 letter, maximum 15000 letters.";
}
if($char_id == 0) {
@@ -79,15 +81,14 @@ if(Forum::canPost($account_logged)) {
}
if(!$player_on_account) {
$errors[] = 'Player with selected ID ' . $char_id . ' doesn\'t exist or isn\'t on your account';
$errors[] = "Player with selected ID $char_id doesn't exist or isn't on your account";
}
}
if(count($errors) == 0) {
$last_post = 0;
$query = $db->query('SELECT post_date FROM ' . FORUM_TABLE_PREFIX . 'forum ORDER BY post_date DESC LIMIT 1');
if($query->rowCount() > 0)
{
if($query->rowCount() > 0) {
$query = $query->fetch();
$last_post = $query['post_date'];
}

15
system/pages/forum/new_thread.php
View File

@@ -28,6 +28,8 @@ if(!$logged) {
return;
}
csrfProtect();
if(Forum::canPost($account_logged)) {
$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
$section_id = $_REQUEST['section_id'] ?? null;
@@ -38,19 +40,18 @@ if(Forum::canPost($account_logged)) {
if ($sections[$section_id]['closed'] && !Forum::isModerator())
$errors[] = 'You cannot create topic on this board.';
$quote = (int)(isset($_REQUEST['quote']) ? $_REQUEST['quote'] : 0);
$text = isset($_REQUEST['text']) ? stripslashes($_REQUEST['text']) : '';
$char_id = (int)(isset($_REQUEST['char_id']) ? $_REQUEST['char_id'] : 0);
$post_topic = isset($_REQUEST['topic']) ? stripslashes($_REQUEST['topic']) : '';
$smile = (isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0);
$html = (isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0);
$text = isset($_POST['text']) ? stripslashes($_POST['text']) : '';
$char_id = (int)(isset($_POST['char_id']) ? $_POST['char_id'] : 0);
$post_topic = isset($_POST['topic']) ? stripslashes($_POST['topic']) : '';
$smile = (isset($_POST['smile']) ? (int)$_POST['smile'] : 0);
$html = (isset($_POST['html']) ? (int)$_POST['html'] : 0);
if (!superAdmin()) {
$html = 0;
}
$saved = false;
if (isset($_REQUEST['save'])) {
if (isset($_POST['save'])) {
$length = strlen($post_topic);
if ($length < 1 || $length > 60) {
$errors[] = "Too short or too long topic (Length: $length letters). Minimum 1 letter, maximum 60 letters.";

8
system/pages/forum/remove_post.php
View File

@@ -23,11 +23,13 @@ if(!$logged) {
return;
}
csrfProtect();
if(Forum::isModerator()) {
$id = (int) $_REQUEST['id'];
$id = (int) ($_POST['id'] ?? 0);
$post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$id." LIMIT 1")->fetch();
if($post['id'] == $id && Forum::hasAccess($post['section'])) {
if($post && $post['id'] == $id && Forum::hasAccess($post['section'])) {
if($post['id'] == $post['first_post']) {
$db->query("DELETE FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `first_post` = ".$post['id']);
header('Location: ' . getForumBoardLink($post['section']));
@@ -36,7 +38,7 @@ if(Forum::isModerator()) {
$post_page = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`id` < ".$id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $post['first_post'])->fetch();
$_page = (int) ceil($post_page['posts_count'] / setting('core.forum_threads_per_page')) - 1;
$db->query("DELETE FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$post['id']);
header('Location: ' . getForumThreadLink($post['first_post'], (int) $_page));
header('Location: ' . getForumThreadLink($post['first_post'], $_page));
}
}
else {

15
system/pages/forum/show_board.php
View File

@@ -33,7 +33,7 @@ if(!Forum::hasAccess($section_id)) {
return;
}
$_page = (int) (isset($_REQUEST['page']) ? $_REQUEST['page'] : 0);
$_page = (int) ($_REQUEST['page'] ?? 0);
$threads_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS threads_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id`")->fetch();
for($i = 0; $i < $threads_count['threads_count'] / setting('core.forum_threads_per_page'); $i++) {
if($i != $_page)
@@ -50,7 +50,7 @@ if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
}
echo '<br /><br />Page: '.$links_to_pages.'<br />';
$last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`last_post`, `" . FORUM_TABLE_PREFIX . "forum`.`replies`, `" . FORUM_TABLE_PREFIX . "forum`.`views`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".$section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id` ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".setting('core.forum_threads_per_page')." OFFSET ".($_page * setting('core.forum_threads_per_page')))->fetchAll();
$last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`last_post`, `" . FORUM_TABLE_PREFIX . "forum`.`replies`, `" . FORUM_TABLE_PREFIX . "forum`.`views`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".$section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id` ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".setting('core.forum_threads_per_page')." OFFSET ".($_page * setting('core.forum_threads_per_page')))->fetchAll(PDO::FETCH_ASSOC);
if(isset($last_threads[0])) {
echo '<table width="100%">
@@ -67,8 +67,8 @@ if(isset($last_threads[0])) {
foreach($last_threads as $thread) {
echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td>';
if(Forum::isModerator()) {
echo '<a href="' . getLink('forum') . '?action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
echo '<a href="' . getLink('forum') . '?action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.htmlspecialchars($thread['post_topic']).' <?\')"><span style="color: red">[REMOVE]</span></a> ';
echo '<a href="' . getLink('forum') . '?action=move_thread&id=' . $thread['id'] . '" title="Move Thread"><img src="images/icons/arrow_right.gif"/></a>';
$twig->display('forum.remove_post.html.twig', ['post' => $thread]);
}
$player->load($thread['player_id']);
@@ -82,11 +82,14 @@ if(isset($last_threads[0])) {
echo '<a href="' . getForumThreadLink($thread['id']) . '">'.htmlspecialchars($thread['post_topic']). '</a><br /><small>'.($canEditForum ? substr(strip_tags($thread['post_text']), 0, 50) : htmlspecialchars(substr($thread['post_text'], 0, 50))).'...</small></td><td>' . getPlayerLink($thread['name']) . '</td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
if($thread['last_post'] > 0) {
$last_post = $db->query("SELECT `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread['id']." AND `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch();
if(isset($last_post['name']))
if(isset($last_post['name'])) {
echo date('d.m.y H:i:s', $last_post['post_date']) . '<br />by ' . getPlayerLink($last_post['name']);
else
}
else {
echo 'No posts.';
}
}
else {
echo date('d.m.y H:i:s', $thread['post_date']) . '<br />by ' . getPlayerLink($thread['name']);
}

4
system/pages/forum/show_thread.php
View File

@@ -35,7 +35,7 @@ if(!Forum::hasAccess($thread_starter['section'])) {
return;
}
$posts_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id)->fetch();
$posts_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".$thread_id)->fetch();
for($i = 0; $i < $posts_count['posts_count'] / setting('core.forum_threads_per_page'); $i++) {
if($i != $_page)
$links_to_pages .= '<a href="' . getForumThreadLink($thread_id, $i) . '">'.($i + 1).'</a> ';
@@ -46,7 +46,7 @@ for($i = 0; $i < $posts_count['posts_count'] / setting('core.forum_threads_per_p
$posts = $db->query("SELECT `players`.`id` as `player_id`, `" . FORUM_TABLE_PREFIX . "forum`.`id`,`" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`section`,`" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` AS `date`, `" . FORUM_TABLE_PREFIX . "forum`.`post_smile`, `" . FORUM_TABLE_PREFIX . "forum`.`post_html`, `" . FORUM_TABLE_PREFIX . "forum`.`author_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`author_guid`, `" . FORUM_TABLE_PREFIX . "forum`.`last_edit_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`edit_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".$thread_id." ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`post_date` LIMIT " . setting('core.forum_posts_per_page') . " OFFSET ".($_page * setting('core.forum_posts_per_page')))->fetchAll();
if(isset($posts[0]['player_id'])) {
$db->query("UPDATE `" . FORUM_TABLE_PREFIX . "forum` SET `views`=`views`+1 WHERE `id` = ".(int) $thread_id);
$db->query("UPDATE `" . FORUM_TABLE_PREFIX . "forum` SET `views`=`views`+1 WHERE `id` = " . $thread_id);
}
$lookaddons = $db->hasColumn('players', 'lookaddons');

10
system/pages/guilds/accept_invite.php
View File

@@ -16,7 +16,7 @@ require __DIR__ . '/base.php';
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
$name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null;
if(!$logged) {
$errors[] = 'You are not logged in. You can\'t accept invitations.';
$errors[] = "You are not logged in. You can't accept invitations.";
}
if(!Validator::guildName($guild_name)) {
@@ -27,11 +27,11 @@ if(empty($errors)) {
$guild = new OTS_Guild();
$guild->find($guild_name);
if(!$guild->isLoaded()) {
$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
$errors[] = "Guild with name <b>$guild_name</b> doesn't exist.";
}
}
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
if(!Validator::characterName($name)) {
$errors[] = 'Invalid name format.';
}
@@ -51,7 +51,7 @@ if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
}
}
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
if(empty($errors)) {
$is_invited = false;
include(SYSTEM . 'libs/pot/InvitesDriver.php');
@@ -104,7 +104,7 @@ if(!empty($errors)) {
));
}
else {
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
$guild->acceptInvite($player);
$twig->display('success.html.twig', array(
'title' => 'Accept invitation',

4
system/pages/guilds/add_rank.php
View File

@@ -13,7 +13,7 @@ defined('MYAAC') or die('Direct access not allowed!');
require __DIR__ . '/base.php';
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
$rank_name = isset($_REQUEST['rank_name']) ? $_REQUEST['rank_name'] : null;
$rank_name = $_POST['rank_name'] ?? null;
if(!Validator::guildName($guild_name)) {
$errors[] = Validator::getLastError();
}
@@ -35,7 +35,7 @@ if(empty($errors)) {
$rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild_leader_char->getId() == $player->getId()) {
$guild_vice = true;

2
system/pages/guilds/base.php
View File

@@ -15,3 +15,5 @@ else
define('GUILD_MEMBERS_TABLE', 'guild_membership');
define('MOTD_EXISTS', $db->hasColumn('guilds', 'motd'));
csrfProtect();

6
system/pages/guilds/change_description.php
View File

@@ -31,7 +31,7 @@ if(empty($errors)) {
$rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild->getOwner()->getId() == $player->getId()) {
$guild_vice = true;
@@ -42,8 +42,8 @@ if(empty($errors)) {
$saved = false;
if($guild_leader) {
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
$description = htmlspecialchars(stripslashes(substr(trim($_REQUEST['description']),0, setting('core.guild_description_chars_limit'))));
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
$description = htmlspecialchars(stripslashes(substr(trim($_POST['description']),0, setting('core.guild_description_chars_limit'))));
$guild->setCustomField('description', $description);
$saved = true;
}

11
system/pages/guilds/change_logo.php
View File

@@ -30,7 +30,7 @@ if(empty($errors)) {
if($logged) {
$guild_leader_char = $guild->getOwner();
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild_leader_char->getId() == $player->getId()) {
@@ -40,14 +40,13 @@ if(empty($errors)) {
}
}
if($guild_leader)
{
if($guild_leader) {
$max_image_size_b = setting('core.guild_image_size_kb') * 1024;
$allowed_ext = array('image/gif', 'image/jpg', 'image/pjpeg', 'image/jpeg', 'image/bmp', 'image/png', 'image/x-png');
$ext_name = array('image/gif' => 'gif', 'image/jpg' => 'jpg', 'image/jpeg' => 'jpg', 'image/pjpeg' => 'jpg', 'image/bmp' => 'bmp', 'image/png' => 'png', 'image/x-png' => 'png');
$save_file_name = str_replace(' ', '_', strtolower($guild->getName()));
$save_path = GUILD_IMAGES_DIR . $save_file_name;
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save')
if(isset($_POST['todo']) && $_POST['todo'] == 'save')
{
$file = $_FILES['newlogo'];
if(is_uploaded_file($file['tmp_name']))
@@ -97,13 +96,13 @@ if(empty($errors)) {
$guild_logo = $guild->getCustomField('logo_name');
if(empty($guild_logo) || !file_exists(GUILD_IMAGES_DIR . $guild_logo)) {
$guild_logo = "default.gif";
$guild_logo = 'default.gif';
}
$twig->display('guilds.change_logo.html.twig', array(
'guild_logo' => $guild_logo,
'guild' => $guild,
'max_image_size_b' => $max_image_size_b
//'max_image_size_b' => $max_image_size_b
));
}

6
system/pages/guilds/change_motd.php
View File

@@ -34,7 +34,7 @@ if(empty($errors)) {
$rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild->getOwner()->getId() == $player->getId()) {
$guild_vice = true;
@@ -45,8 +45,8 @@ if(empty($errors)) {
$saved = false;
if($guild_leader) {
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
$motd = htmlspecialchars(stripslashes(substr($_REQUEST['motd'],0, setting('core.guild_motd_chars_limit'))));
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
$motd = htmlspecialchars(stripslashes(substr($_POST['motd'],0, setting('core.guild_motd_chars_limit'))));
$guild->setCustomField('motd', $motd);
$saved = true;
}

4
system/pages/guilds/change_nick.php
View File

@@ -20,17 +20,15 @@ if(!$logged) {
}
$name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null;
$new_nick = isset($_REQUEST['nick']) ? stripslashes($_REQUEST['nick']) : null;
$new_nick = isset($_POST['nick']) ? stripslashes($_POST['nick']) : null;
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
if(!$name) {
$errors[] = 'Please enter new name.';
return;
}
if(!$new_nick) {
$errors[] = 'Please enter new nick.';
return;
}
if(empty($errors))

Some files were not shown because too many files have changed in this diff Show More