From 8dcbb66753914322706216cfd01436eb1478a5ce Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Wed, 28 Jan 2026 21:14:52 +0100
Subject: [PATCH 01/13] Settings: fix show_if for selects

---
 system/templates/admin.settings.html.twig | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/system/templates/admin.settings.html.twig b/system/templates/admin.settings.html.twig
index 7982780d..10eb5e36 100644
--- a/system/templates/admin.settings.html.twig
+++ b/system/templates/admin.settings.html.twig
@@ -37,21 +37,31 @@
 {% for key, value in settings %}
 	{% if value.show_if is defined %}
 		$(function () {
-			$('input[name="settings[{{ value.show_if[0] }}]"]').change(function () {
+			{% set inputType = 'input' %}
+
+			{% if settings[value.show_if[0]]['type'] == 'options' %}
+				{% set inputType = 'select' %}
+			{% endif %}
+
+			$('{{ inputType }}[name="settings[{{ value.show_if[0] }}]"]').change(function () {
 				performChecks_{{ key }}(this);
 			});
 
 			{% if settings[value.show_if[0]]['type'] == 'boolean' %}
 			performChecks_{{ key }}('input[name="settings[{{ value.show_if[0] }}]"]:checked');
 			{% else %}
-			performChecks_{{ key }}('input[name="settings[{{ value.show_if[0] }}]"]');
+			performChecks_{{ key }}('{{ inputType }}[name="settings[{{ value.show_if[0] }}]"]');
 			{% endif %}
 		});
 
 		function performChecks_{{ key }}(el)
 		{
 			let success = false;
+
 			let thisVal = $(el).val();
+			{% if settings[value.show_if[0]]['type'] == 'options' %}
+			thisVal = $(el).find(":selected").val();
+			{% endif %}
 
 			let operator = '{{ value.show_if[1]|raw }}';
 			if (operator === '>') {

From 5e4806f891f8c88c37d45b89bbede23afc2fa37b Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Wed, 28 Jan 2026 21:59:31 +0100
Subject: [PATCH 02/13] Twig: Extract renderInline(content, context) as method
 to $twig

---
 system/functions.php                  | 13 +------------
 system/src/Twig/EnvironmentBridge.php | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+), 12 deletions(-)

diff --git a/system/functions.php b/system/functions.php
index df58193f..6f1d8abe 100644
--- a/system/functions.php
+++ b/system/functions.php
@@ -21,7 +21,6 @@ use MyAAC\News;
 use MyAAC\Plugins;
 use MyAAC\Settings;
 use PHPMailer\PHPMailer\PHPMailer;
-use Twig\Loader\ArrayLoader as Twig_ArrayLoader;
 
 function message($message, $type, $return)
 {
@@ -1379,17 +1378,7 @@ function getCustomPage($name, &$success): string
 			ob_end_clean();
 		}
 		else {
-			$oldLoader = $twig->getLoader();
-
-			$twig_loader_array = new Twig_ArrayLoader(array(
-				'content.html' => $page['body']
-			));
-
-			$twig->setLoader($twig_loader_array);
-
-			$content .= $twig->render('content.html');
-
-			$twig->setLoader($oldLoader);
+			$content .= $twig->renderInline($page['body']);
 		}
 	}
 
diff --git a/system/src/Twig/EnvironmentBridge.php b/system/src/Twig/EnvironmentBridge.php
index 4b8423f8..6fc90a82 100644
--- a/system/src/Twig/EnvironmentBridge.php
+++ b/system/src/Twig/EnvironmentBridge.php
@@ -3,6 +3,7 @@
 namespace MyAAC\Twig;
 
 use Twig\Environment;
+use Twig\Loader\ArrayLoader as Twig_ArrayLoader;
 
 class EnvironmentBridge extends Environment
 {
@@ -25,4 +26,21 @@ class EnvironmentBridge extends Environment
 
 		return parent::render($name, $context);
 	}
+
+	public function renderInline($content, array $context = []): string
+	{
+		$oldLoader = $this->getLoader();
+
+		$twig_loader_array = new Twig_ArrayLoader(array(
+			'content.html' => $content
+		));
+
+		$this->setLoader($twig_loader_array);
+
+		$ret = $this->render('content.html', $context);
+
+		$this->setLoader($oldLoader);
+
+		return $ret;
+	}
 }

From eaa8d9346e6df799cbe4e87a7b4103d7932946b2 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Thu, 29 Jan 2026 20:44:28 +0100
Subject: [PATCH 03/13] Fix migration 49.php when there is no session

---
 system/migrations/49.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/migrations/49.php b/system/migrations/49.php
index 1cc57c05..fc78ac27 100644
--- a/system/migrations/49.php
+++ b/system/migrations/49.php
@@ -17,7 +17,7 @@ function insert_sample_if_not_exist($p): void
 		$player->setData([
 			'name' => $p['name'],
 			'group_id' => 1,
-			'account_id' => getSession('account'),
+			'account_id' => getSession('account') ?? 1,
 			'level' => $p['level'],
 			'vocation' => $p['vocation_id'],
 			'health' => $p['health'],

From c2415e9df3a5ffaf768f6f9668bdd38b5efd0771 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Fri, 30 Jan 2026 16:41:31 +0100
Subject: [PATCH 04/13] Settings: Fix variable overlapping if same var name as
 in core

Example: Plugin has setting key named "env". The same key exist in core. It would falsely get value from core, instead of the plugin
---
 system/src/Settings.php | 25 ++++++++++++++-----------
 1 file changed, 14 insertions(+), 11 deletions(-)

diff --git a/system/src/Settings.php b/system/src/Settings.php
index 2a7a1681..849c6f71 100644
--- a/system/src/Settings.php
+++ b/system/src/Settings.php
@@ -122,18 +122,21 @@ class Settings implements \ArrayAccess
 	public static function display($plugin, $settings): array
 	{
 		$settingsDb = ModelsSettings::where('name', $plugin)->pluck('value', 'key')->toArray();
-		$config = [];
-		require BASE . 'config.local.php';
 
-		foreach ($config as $key => $value) {
-			if (is_bool($value)) {
-				$settingsDb[$key] = $value ? 'true' : 'false';
-			}
-			elseif (is_array($value)) {
-				$settingsDb[$key] = $value;
-			}
-			else {
-				$settingsDb[$key] = (string)$value;
+		if ($plugin === 'core') {
+			$config = [];
+			require BASE . 'config.local.php';
+
+			foreach ($config as $key => $value) {
+				if (is_bool($value)) {
+					$settingsDb[$key] = $value ? 'true' : 'false';
+				}
+				elseif (is_array($value)) {
+					$settingsDb[$key] = $value;
+				}
+				else {
+					$settingsDb[$key] = (string)$value;
+				}
 			}
 		}
 

From e8b47429e8c607c2662a78b65415dfa772aa0e48 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Fri, 30 Jan 2026 22:23:57 +0100
Subject: [PATCH 05/13] Fix post_edit being an author, didn't worked

---
 system/pages/forum/edit_post.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/pages/forum/edit_post.php b/system/pages/forum/edit_post.php
index b9f2890d..a97bb5d9 100644
--- a/system/pages/forum/edit_post.php
+++ b/system/pages/forum/edit_post.php
@@ -38,7 +38,7 @@ if(Forum::canPost($account_logged)) {
 		$first_post = $db->query("SELECT `" . FORUM_TABLE_PREFIX . "forum`.`author_guid`, `" . FORUM_TABLE_PREFIX . "forum`.`author_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_smile`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`id` = ".(int) $thread['first_post']." LIMIT 1")->fetch();
 		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread['first_post']) . '">'.htmlspecialchars($first_post['post_topic']).'</a> >> <b>Edit post</b>';
 
-		if(Forum::hasAccess($thread['section'] && ($account_logged->getId() == $thread['author_aid'] || Forum::isModerator()))) {
+		if(Forum::hasAccess($thread['section']) && ($account_logged->getId() == $thread['author_aid'] || Forum::isModerator())) {
 			$char_id = $post_topic = $text = $smile = $html = null;
 			$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
 			$saved = false;

From c472d5e4733cdfc4dfc5cc246198a1fb2086af94 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 31 Jan 2026 10:21:00 +0100
Subject: [PATCH 06/13] Bump lodash from 4.17.21 to 4.17.23 (#350)

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.21...4.17.23)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index af143d0e..4901f59f 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1431,9 +1431,9 @@
       }
     },
     "node_modules/lodash": {
-      "version": "4.17.21",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
-      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
+      "version": "4.17.23",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
+      "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
       "dev": true,
       "license": "MIT"
     },

From 6859b86f28e55faa962b7acca7d166517f8b8eb2 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Sat, 31 Jan 2026 11:23:33 +0100
Subject: [PATCH 07/13] Release v1.8.8

---
 CHANGELOG-1.x.md | 15 +++++++++++++++
 common.php       |  2 +-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG-1.x.md b/CHANGELOG-1.x.md
index 9713f965..9a4700a4 100644
--- a/CHANGELOG-1.x.md
+++ b/CHANGELOG-1.x.md
@@ -1,5 +1,20 @@
 # Changelog
 
+## [1.8.8 - 31.01.2026]
+### Added
+* Change Comment: Add missing hooks - patched from 0.8 (https://github.com/slawkens/myaac/commit/a60a23b84f61d41d1503073b52e01e3120f6d92a)
+* 
+### Changed
+* Account Manage: Change the last login to the correct login time – Instead of just "now" (https://github.com/slawkens/myaac/commit/5b841682cdc473b38ef1a5edfcfe1a020802e286)
+* Twig: Extract renderInline(content, context) as a method to $twig (https://github.com/slawkens/myaac/commit/5e4806f891f8c88c37d45b89bbede23afc2fa37b)
+* Mail: Remove HTML tags from the email function (https://github.com/slawkens/myaac/commit/6661c78dac69c6aa498b9c79fe7da4fe0150e5c8)
+
+### Fixed
+* Forum: Fix edit_post, despite being an author, didn't work (https://github.com/slawkens/myaac/commit/e8b47429e8c607c2662a78b65415dfa772aa0e48)
+* Forum: Fix a player link in the forum thread being not clickable (When outfits are enabled) (https://github.com/slawkens/myaac/commit/f640ca636f34cd2dfc1fa8de6fdbed0674908b30)
+* Settings: Fix variable overlapping if the same var name as in core (https://github.com/slawkens/myaac/commit/c2415e9df3a5ffaf768f6f9668bdd38b5efd0771)
+* Settings: fix show_if for the selects (https://github.com/slawkens/myaac/commit/8dcbb66753914322706216cfd01436eb1478a5ce)
+
 ## [1.8.7 - 04.01.2026]
 
 ### Fixed
diff --git a/common.php b/common.php
index ff3e31ec..8f946c6e 100644
--- a/common.php
+++ b/common.php
@@ -26,7 +26,7 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.8.7';
+const MYAAC_VERSION = '1.8.8';
 const DATABASE_VERSION = 46;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));

From e52d9e486f5bf1dea867f59287f70aef3d538189 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Sat, 31 Jan 2026 11:34:24 +0100
Subject: [PATCH 08/13] Fix XSS in forum board name

---
 system/pages/forum/new_thread.php | 2 +-
 system/pages/forum/show_board.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/system/pages/forum/new_thread.php b/system/pages/forum/new_thread.php
index 4f311977..2ed6fe81 100644
--- a/system/pages/forum/new_thread.php
+++ b/system/pages/forum/new_thread.php
@@ -34,7 +34,7 @@ if(Forum::canPost($account_logged)) {
 	$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
 	$section_id = $_REQUEST['section_id'] ?? null;
 	if($section_id !== null) {
-		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($section_id) . '">' . $sections[$section_id]['name'] . '</a> >> <b>Post new thread</b><br />';
+		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($section_id) . '">' . escapeHtml($sections[$section_id]['name']) . '</a> >> <b>Post new thread</b><br />';
 
 		if(isset($sections[$section_id]['name']) && Forum::hasAccess($section_id)) {
 			if ($sections[$section_id]['closed'] && !Forum::isModerator())
diff --git a/system/pages/forum/show_board.php b/system/pages/forum/show_board.php
index e899cc99..26b7b9d6 100644
--- a/system/pages/forum/show_board.php
+++ b/system/pages/forum/show_board.php
@@ -42,7 +42,7 @@ for($i = 0; $i < $threads_count['threads_count'] / setting('core.forum_threads_p
 		$links_to_pages .= '<b>'.($i + 1).' </b>';
 }
 
-echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.$sections[$section_id]['name'].'</b>';
+echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.escapeHtml($sections[$section_id]['name']).'</b>';
 
 if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 	echo '<br /><br />

From 6db738a87c44b8d96919191ba5e661c32ab47457 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Sat, 31 Jan 2026 11:40:58 +0100
Subject: [PATCH 09/13] Forum: Fix XSS in board name

---
 system/pages/forum/edit_post.php | 2 +-
 system/pages/forum/new_post.php  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/system/pages/forum/edit_post.php b/system/pages/forum/edit_post.php
index a97bb5d9..6eff5804 100644
--- a/system/pages/forum/edit_post.php
+++ b/system/pages/forum/edit_post.php
@@ -36,7 +36,7 @@ if(Forum::canPost($account_logged)) {
 	$thread = $db->query("SELECT `author_guid`, `author_aid`, `first_post`, `post_topic`, `post_date`, `post_text`, `post_smile`, `post_html`, `id`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$post_id." LIMIT 1")->fetch();
 	if(isset($thread['id'])) {
 		$first_post = $db->query("SELECT `" . FORUM_TABLE_PREFIX . "forum`.`author_guid`, `" . FORUM_TABLE_PREFIX . "forum`.`author_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_smile`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`id` = ".(int) $thread['first_post']." LIMIT 1")->fetch();
-		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread['first_post']) . '">'.htmlspecialchars($first_post['post_topic']).'</a> >> <b>Edit post</b>';
+		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.escapeHtml($sections[$thread['section']]['name']).'</a> >> <a href="' . getForumThreadLink($thread['first_post']) . '">'.htmlspecialchars($first_post['post_topic']).'</a> >> <b>Edit post</b>';
 
 		if(Forum::hasAccess($thread['section']) && ($account_logged->getId() == $thread['author_aid'] || Forum::isModerator())) {
 			$char_id = $post_topic = $text = $smile = $html = null;
diff --git a/system/pages/forum/new_post.php b/system/pages/forum/new_post.php
index 71bc3417..a06183e8 100644
--- a/system/pages/forum/new_post.php
+++ b/system/pages/forum/new_post.php
@@ -42,7 +42,7 @@ if(Forum::canPost($account_logged)) {
 	$thread = $db->query("SELECT `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`id` = ".(int) $thread_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".$thread_id." LIMIT 1")->fetch();
 
 	if(isset($thread['id']) && Forum::hasAccess($thread['section'])) {
-		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread_id) . '">'.htmlspecialchars($thread['post_topic']).'</a> >> <b>Post new reply</b><br /><h3>'.htmlspecialchars($thread['post_topic']).'</h3>';
+		echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.escapeHtml($sections[$thread['section']]['name']).'</a> >> <a href="' . getForumThreadLink($thread_id) . '">'.htmlspecialchars($thread['post_topic']).'</a> >> <b>Post new reply</b><br /><h3>'.htmlspecialchars($thread['post_topic']).'</h3>';
 
 		$quote = isset($_REQUEST['quote']) ? (int) $_REQUEST['quote'] : NULL;
 		$text = isset($_POST['text']) ? stripslashes(trim($_POST['text'])) : NULL;

From e33e86053da32b5448ef302c543f293702fd7068 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Sat, 31 Jan 2026 11:42:40 +0100
Subject: [PATCH 10/13] Update CHANGELOG-1.x.md

---
 CHANGELOG-1.x.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG-1.x.md b/CHANGELOG-1.x.md
index 9a4700a4..768abb73 100644
--- a/CHANGELOG-1.x.md
+++ b/CHANGELOG-1.x.md
@@ -10,7 +10,8 @@
 * Mail: Remove HTML tags from the email function (https://github.com/slawkens/myaac/commit/6661c78dac69c6aa498b9c79fe7da4fe0150e5c8)
 
 ### Fixed
-* Forum: Fix edit_post, despite being an author, didn't work (https://github.com/slawkens/myaac/commit/e8b47429e8c607c2662a78b65415dfa772aa0e48)
+* Forum: Fix XSS in board name (https://github.com/slawkens/myaac/commit/e52d9e486f5bf1dea867f59287f70aef3d538189, https://github.com/slawkens/myaac/commit/6db738a87c44b8d96919191ba5e661c32ab47457)
+* Forum: Fix edit_post, despite being an author, edit didn't work (https://github.com/slawkens/myaac/commit/e8b47429e8c607c2662a78b65415dfa772aa0e48)
 * Forum: Fix a player link in the forum thread being not clickable (When outfits are enabled) (https://github.com/slawkens/myaac/commit/f640ca636f34cd2dfc1fa8de6fdbed0674908b30)
 * Settings: Fix variable overlapping if the same var name as in core (https://github.com/slawkens/myaac/commit/c2415e9df3a5ffaf768f6f9668bdd38b5efd0771)
 * Settings: fix show_if for the selects (https://github.com/slawkens/myaac/commit/8dcbb66753914322706216cfd01436eb1478a5ce)

From c753feeeb0f938130fbb3d7b41325148743f9503 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Sat, 31 Jan 2026 11:55:22 +0100
Subject: [PATCH 11/13] Update CHANGELOG-1.x.md

---
 CHANGELOG-1.x.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG-1.x.md b/CHANGELOG-1.x.md
index 768abb73..4c231dad 100644
--- a/CHANGELOG-1.x.md
+++ b/CHANGELOG-1.x.md
@@ -3,7 +3,7 @@
 ## [1.8.8 - 31.01.2026]
 ### Added
 * Change Comment: Add missing hooks - patched from 0.8 (https://github.com/slawkens/myaac/commit/a60a23b84f61d41d1503073b52e01e3120f6d92a)
-* 
+
 ### Changed
 * Account Manage: Change the last login to the correct login time – Instead of just "now" (https://github.com/slawkens/myaac/commit/5b841682cdc473b38ef1a5edfcfe1a020802e286)
 * Twig: Extract renderInline(content, context) as a method to $twig (https://github.com/slawkens/myaac/commit/5e4806f891f8c88c37d45b89bbede23afc2fa37b)

From a92428287d639104b091663e6f42936f834ea0ba Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Sat, 31 Jan 2026 12:12:32 +0100
Subject: [PATCH 12/13] Migration: 49 - Fix get proper account id for samples

---
 system/migrations/49.php | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/system/migrations/49.php b/system/migrations/49.php
index fc78ac27..6769c715 100644
--- a/system/migrations/49.php
+++ b/system/migrations/49.php
@@ -3,11 +3,21 @@
  * @var OTS_DB_MySQL $db
  */
 
+use MyAAC\Models\Account as AccountModel;
+
 $time = time();
 
+$accountId = getSession('account') ?? 1;
+if (!defined('MYAAC_INSTALL')) {
+	$accountModel = AccountModel::where('web_flags', 3)->first();
+	if ($accountModel) {
+		$accountId = $accountModel->id;
+	}
+}
+
 function insert_sample_if_not_exist($p): void
 {
-	global $time;
+	global $time, $accountId;
 
 	$player = new OTS_Player();
 	$player->find($p['name']);
@@ -17,7 +27,7 @@ function insert_sample_if_not_exist($p): void
 		$player->setData([
 			'name' => $p['name'],
 			'group_id' => 1,
-			'account_id' => getSession('account') ?? 1,
+			'account_id' => $accountId,
 			'level' => $p['level'],
 			'vocation' => $p['vocation_id'],
 			'health' => $p['health'],

From 88ea9ceee1d91efa02181fb1b50c8c057a8c2b7c Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Sat, 31 Jan 2026 12:30:07 +0100
Subject: [PATCH 13/13] Create AccountBan.php

---
 system/src/Models/AccountBan.php | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 system/src/Models/AccountBan.php

diff --git a/system/src/Models/AccountBan.php b/system/src/Models/AccountBan.php
new file mode 100644
index 00000000..fb4d6a7f
--- /dev/null
+++ b/system/src/Models/AccountBan.php
@@ -0,0 +1,18 @@
+<?php
+
+namespace MyAAC\Models;
+use Illuminate\Database\Eloquent\Model;
+
+class AccountBan extends Model {
+
+	protected $table = TABLE_PREFIX . 'account_bans';
+
+	public $timestamps = false;
+
+	protected $fillable = [
+		'account_id',
+		'reason', 'banned_at',
+		'expires_at', 'banned_by'
+	];
+
+}