Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-10-17 11:13:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'develop' into feature/docker

Browse Source
This commit is contained in:
slawkens
2024-02-18 12:12:32 +01:00
parent 42e40e5d77 e23a749e4c
commit 5a9490138b
331 changed files with 3728 additions and 6022 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
system/bin/clear_cache.php
View File

@@ -1,18 +0,0 @@
<?php
if(PHP_SAPI !== 'cli') {
echo 'This script can be run only in command line mode.';
exit(1);
}
require_once __DIR__ . '/../../common.php';
require_once SYSTEM . 'functions.php';
require_once SYSTEM . 'init.php';
if(clearCache()) {
echo 'Cache cleared.' . PHP_EOL;
}
else {
echo 'Unexpected error.' . PHP_EOL;
exit(2);
}

19
system/bin/cronjob.php
View File

@@ -1,19 +0,0 @@
<?php
require_once __DIR__ . '/../../common.php';
require_once SYSTEM . 'functions.php';
require_once SYSTEM . 'init.php';
require_once SYSTEM . 'hooks.php';
$hooks = new Hooks();
$hooks->load();
use GO\Scheduler;
// Create a new scheduler
$scheduler = new Scheduler();
$hooks->trigger(HOOK_CRONJOB, ['scheduler' => $scheduler]);
// Let the scheduler execute jobs which are due.
$scheduler->run();

50
system/bin/install_cronjob.php
View File

@@ -1,50 +0,0 @@
<?php
require_once __DIR__ . '/../../common.php';
require_once SYSTEM . 'functions.php';
require_once SYSTEM . 'init.php';
if(!IS_CLI) {
echo 'This script can be run only in command line mode.' . PHP_EOL;
exit(1);
}
if (MYAAC_OS !== 'LINUX') {
echo 'This script can be run only on linux.' . PHP_EOL;
exit(1);
}
$job = '* * * * * /usr/bin/php ' . SYSTEM . 'bin/cronjob.php >> ' . SYSTEM . 'logs/cron.log 2>&1';
if (cronjob_exists($job)) {
echo 'MyAAC cronjob already installed.' . PHP_EOL;
exit(0);
}
exec ('crontab -l', $content);
$content = implode(' ', $content);
$content .= PHP_EOL . $job;
file_put_contents(CACHE . 'cronjob', $content . PHP_EOL);
exec('crontab ' . CACHE. 'cronjob');
echo 'Installed crontab successfully.' . PHP_EOL;
function cronjob_exists($command)
{
$cronjob_exists=false;
exec('crontab -l', $crontab);
if(isset($crontab)&&is_array($crontab)) {
$crontab = array_flip($crontab);
if(isset($crontab[$command])){
$cronjob_exists = true;
}
}
return $cronjob_exists;
}

42
system/bin/install_plugin.php
View File

@@ -1,42 +0,0 @@
<?php
if(PHP_SAPI !== 'cli') {
echo 'This script can be run only in command line mode.';
exit(1);
}
require_once __DIR__ . '/../../common.php';
require_once SYSTEM . 'functions.php';
require_once SYSTEM . 'init.php';
require_once SYSTEM . 'hooks.php';
require_once LIBS . 'plugins.php';
if($argc !== 2) {
echo 'This command expects one parameter: zip file name (plugin)' . PHP_EOL;
exit(2);
}
$path_to_file = $argv[1];
$ext = strtolower(pathinfo($path_to_file, PATHINFO_EXTENSION));
if($ext !== 'zip') {// check if it is zipped/compressed file
echo 'Please install only .zip files.' . PHP_EOL;
exit(3);
}
if(!file_exists($path_to_file)) {
echo 'ERROR: File ' . $path_to_file . ' does not exist' . PHP_EOL;
exit(4);
}
if(Plugins::install($path_to_file)) {
foreach(Plugins::getWarnings() as $warning) {
echo 'WARNING: ' . $warning;
}
$info = Plugins::getPluginJson();
echo (isset($info['name']) ? $info['name'] . ' p' : 'P') . 'lugin has been successfully installed.' . PHP_EOL;
}
else {
echo 'ERROR: ' . Plugins::getError() . PHP_EOL;
exit(5);
}

61
system/bin/send_email.php
View File

@@ -1,61 +0,0 @@
<?php
if(PHP_SAPI !== 'cli') {
echo 'This script can be run only in command line mode.';
exit(1);
}
require_once __DIR__ . '/../../common.php';
require_once SYSTEM . 'functions.php';
require_once SYSTEM . 'init.php';
if($argc !== 3) {
echo 'This command expects two parameters: account_name_or_id|player_name|email address, subject.' . PHP_EOL;
exit(2);
}
$email_account_name = $argv[1];
$subject = $argv[2];
$message = file_get_contents('php://stdin');
if(strpos($email_account_name, '@') === false) {
$account = new OTS_Account();
if(USE_ACCOUNT_NAME) {
$account->find($email_account_name);
}
else {
$account->load($email_account_name);
}
if($account->isLoaded()) {
$email_account_name = $account->getEMail();
}
else {
$player = new OTS_Player();
$player->find($email_account_name);
if($player->isLoaded()) {
$email_account_name = $player->getAccount()->getEMail();
}
else {
echo 'Cannot find player or account with name: ' . $email_account_name . '.' . PHP_EOL;
exit(3);
}
}
}
if(!Validator::email($email_account_name)) {
echo 'Invalid E-Mail format.' . PHP_EOL;
exit(4);
}
if(strlen($subject) > 255) {
echo 'Subject max length is 255 characters.' . PHP_EOL;
exit(5);
}
if(!_mail($email_account_name, $subject, $message)) {
echo 'An error occurred while sending email. More info can be found in system/logs/mailer-error.log';
exit(6);
}
echo 'Mail sent to ' . $email_account_name . '.' . PHP_EOL;

0
system/bin/index.html → system/cache/persistent/index.html vendored
View File

19
system/compat/base.php
View File

@@ -9,10 +9,12 @@
*/
defined('MYAAC') or die('Direct access not allowed!');
class Validator extends \MyAAC\Validator {}
function check_name($name, &$errors = '') {
if(Validator::characterName($name))
return true;
$errors = Validator::getLastError();
return false;
}
@@ -20,7 +22,7 @@ function check_name($name, &$errors = '') {
function check_account_id($id, &$errors = '') {
if(Validator::accountId($id))
return true;
$errors = Validator::getLastError();
return false;
}
@@ -28,7 +30,7 @@ function check_account_id($id, &$errors = '') {
function check_account_name($name, &$errors = '') {
if(Validator::accountName($name))
return true;
$errors = Validator::getLastError();
return false;
}
@@ -36,7 +38,7 @@ function check_account_name($name, &$errors = '') {
function check_name_new_char($name, &$errors = '') {
if(Validator::newCharacterName($name))
return true;
$errors = Validator::getLastError();
return false;
}
@@ -44,7 +46,7 @@ function check_name_new_char($name, &$errors = '') {
function check_rank_name($name, &$errors = '') {
if(Validator::rankName($name))
return true;
$errors = Validator::getLastError();
return false;
}
@@ -52,7 +54,7 @@ function check_rank_name($name, &$errors = '') {
function check_guild_name($name, &$errors = '') {
if(Validator::guildName($name))
return true;
$errors = Validator::getLastError();
return false;
}
@@ -72,4 +74,7 @@ function fieldExist($field, $table)
global $db;
return $db->hasColumn($table, $field);
}
?>
function getCreatureImgPath($creature): string {
return getMonsterImgPath($creature);
}

2
system/compat/pages.php
View File

@@ -44,7 +44,7 @@ switch($page)
break;
case 'killstatistics':
$page = 'lastkills';
$page = 'last-kills';
break;
case 'buypoints':

3
system/counter.php
View File

@@ -7,6 +7,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Cache\Cache;
defined('MYAAC') or die('Direct access not allowed!');
define('COUNTER_SYNC', 10); // how often counter is synchronized with database (each x site refreshes)

4
system/exception.php
View File

@@ -8,6 +8,8 @@
* @link https://my-aac.org
*/
use MyAAC\Exceptions\SensitiveException;
if (class_exists(\Whoops\Run::class)) {
$whoops = new \Whoops\Run;
if(IS_CLI) {
@@ -21,8 +23,6 @@ if (class_exists(\Whoops\Run::class)) {
return;
}
require LIBS . 'SensitiveException.php';
/**
* @param Exception $exception
*/

193
system/functions.php
View File

@@ -9,11 +9,17 @@
*/
defined('MYAAC') or die('Direct access not allowed!');
use MyAAC\Cache\Cache;
use MyAAC\CsrfToken;
use MyAAC\Items;
use MyAAC\Models\Config;
use MyAAC\Models\Guild;
use MyAAC\Models\House;
use MyAAC\Models\Pages;
use MyAAC\Models\Player;
use MyAAC\News;
use MyAAC\Plugins;
use MyAAC\Settings;
use PHPMailer\PHPMailer\PHPMailer;
use Twig\Loader\ArrayLoader as Twig_ArrayLoader;
@@ -43,7 +49,10 @@ function warning($message, $return = false) {
return message($message, 'warning', $return);
}
function note($message, $return = false) {
return message($message, 'note', $return);
return info($message, $return);
}
function info($message, $return = false) {
return message($message, 'info', $return);
}
function error($message, $return = false) {
return message($message, ((defined('MYAAC_INSTALL') || defined('MYAAC_ADMIN')) ? 'danger' : 'error'), $return);
@@ -96,7 +105,7 @@ function getPlayerLink($name, $generate = true): string
function getMonsterLink($name, $generate = true): string
{
$url = BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . 'creatures/' . urlencode($name);
$url = BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . 'monsters/' . urlencode($name);
if(!$generate) return $url;
return generateLink($url, $name);
@@ -133,7 +142,6 @@ function getGuildLink($name, $generate = true): string
}
function getItemNameById($id) {
require_once LIBS . 'items.php';
$item = Items::get($id);
return !empty($item['name']) ? $item['name'] : '';
}
@@ -193,7 +201,7 @@ function getFlagImage($country): string
* @param mixed $v Variable to check.
* @return bool Value boolean status.
*/
function getBoolean($v): bool
function getBoolean(mixed $v): bool
{
if(is_bool($v)) {
return $v;
@@ -202,6 +210,10 @@ function getBoolean($v): bool
if(is_numeric($v))
return (int)$v > 0;
if (is_null($v)) {
return false;
}
$v = strtolower($v);
return $v === 'yes' || $v === 'true';
}
@@ -249,7 +261,7 @@ function generateRandomString($length, $lowCase = true, $upCase = false, $numeri
function getForumBoards()
{
global $db, $canEdit;
$sections = $db->query('SELECT `id`, `name`, `description`, `closed`, `guild`, `access`' . ($canEdit ? ', `hidden`, `ordering`' : '') . ' FROM `' . TABLE_PREFIX . 'forum_boards` ' . (!$canEdit ? ' WHERE `hidden` != 1' : '') .
$sections = $db->query('SELECT `id`, `name`, `description`, `closed`, `guild`, `access`' . ($canEdit ? ', `hide`, `ordering`' : '') . ' FROM `' . TABLE_PREFIX . 'forum_boards` ' . (!$canEdit ? ' WHERE `hide` != 1' : '') .
' ORDER BY `ordering`;');
if($sections)
return $sections->fetchAll();
@@ -465,20 +477,30 @@ function tickers()
*/
function template_place_holder($type): string
{
global $twig, $template_place_holders;
global $twig, $template_place_holders, $debugBar;
$ret = '';
if (isset($debugBar)) {
$debugBarRenderer = $debugBar->getJavascriptRenderer();
}
if(array_key_exists($type, $template_place_holders) && is_array($template_place_holders[$type]))
$ret = implode($template_place_holders[$type]);
if($type === 'head_start') {
$ret .= template_header();
if (isset($debugBar)) {
$ret .= $debugBarRenderer->renderHead();
}
}
elseif ($type === 'body_start') {
$ret .= $twig->render('browsehappy.html.twig');
}
elseif($type === 'body_end') {
$ret .= template_ga_code();
if (isset($debugBar)) {
$ret .= $debugBarRenderer->render();
}
}
return $ret;
@@ -765,7 +787,7 @@ function get_browser_languages()
$languages = str_replace(' ', '', $languages);
foreach(explode(',', $languages) as $language_list)
$ret[] .= substr($language_list, 0, 2);
$ret[] = substr($language_list, 0, 2);
return $ret;
}
@@ -784,6 +806,10 @@ function get_templates()
$ret[] = $file;
}
foreach (Plugins::getThemes() as $name => $path) {
$ret[] = $name;
}
return $ret;
}
@@ -855,9 +881,6 @@ function _mail($to, $subject, $body, $altBody = '', $add_html_tags = true)
else
$tmp_body = $body . '<br/><br/>' . $signature_html;
define('MAIL_MAIL', 0);
define('MAIL_SMTP', 1);
$mailOption = setting('core.mail_option');
if($mailOption == MAIL_SMTP)
{
@@ -868,10 +891,6 @@ function _mail($to, $subject, $body, $altBody = '', $add_html_tags = true)
$mailer->Username = setting('core.smtp_user');
$mailer->Password = setting('core.smtp_pass');
define('SMTP_SECURITY_NONE', 0);
define('SMTP_SECURITY_SSL', 1);
define('SMTP_SECURITY_TLS', 2);
$security = setting('core.smtp_security');
$tmp = '';
@@ -1045,6 +1064,28 @@ function unsetSession($key) {
unset($_SESSION[setting('core.session_prefix') . $key]);
}
function csrf(bool $return = false): string {
return CsrfToken::create($return);
}
function csrfToken(): string {
return CsrfToken::get();
}
function isValidToken(): bool {
$token = $_POST['csrf_token'] ?? $_SERVER['HTTP_X_CSRF_TOKEN'] ?? null;
return (!isRequestMethod('post') || (isset($token) && CsrfToken::isValid($token)));
}
function csrfProtect(): void
{
if (!isValidToken()) {
$lastUri = BASE_URL . str_replace_first('/', '', getSession('last_uri'));
echo 'Request has been cancelled due to security reasons - token is invalid. Go <a href="' . $lastUri . '">back</a>';
exit();
}
}
function getTopPlayers($limit = 5) {
global $db;
@@ -1162,64 +1203,70 @@ function setting($key)
function clearCache()
{
require_once LIBS . 'news.php';
News::clearCache();
$cache = Cache::getInstance();
if($cache->enabled()) {
$tmp = '';
$keysToClear = [
'status', 'templates',
'config_lua',
'towns', 'groups', 'vocations',
'visitors', 'views_counter', 'failed_logins',
'template_menus',
'last_kills',
'hooks', 'plugins_hooks', 'plugins_routes', 'plugins_settings', 'plugins_themes', 'plugins_commands',
'settings',
];
if ($cache->fetch('status', $tmp))
$cache->delete('status');
foreach (get_templates() as $template) {
$keysToClear[] = 'template_ini_' . $template;
}
if ($cache->fetch('templates', $tmp))
$cache->delete('templates');
// highscores cache
$configHighscoresPerPage = setting('core.highscores_per_page');
$skills = [POT::SKILL_FIST, POT::SKILL_CLUB, POT::SKILL_SWORD, POT::SKILL_AXE, POT::SKILL_DIST, POT::SKILL_SHIELD, POT::SKILL_FISH, POT::SKILL_LEVEL, POT::SKILL__MAGLEVEL, SKILL_FRAGS, SKILL_BALANCE];
foreach ($skills as $skill) {
// config('vocations') may be empty after previous cache clear
$vocations = (config('vocations') ?? []) + ['all'];
foreach ($vocations as $vocation) {
for($page = 0; $page < 10; $page++) {
$cacheKey = 'highscores_' . $skill . '_' . strtolower($vocation) . '_' . $page . '_' . $configHighscoresPerPage;
$keysToClear[] = $cacheKey;
}
}
}
if ($cache->fetch('config_lua', $tmp))
$cache->delete('config_lua');
foreach ($keysToClear as $item) {
$tmp = '';
if ($cache->fetch($item, $tmp)) {
$cache->delete($item);
}
}
if ($cache->fetch('vocations', $tmp))
$cache->delete('vocations');
if ($cache->fetch('towns', $tmp))
$cache->delete('towns');
if ($cache->fetch('groups', $tmp))
$cache->delete('groups');
if ($cache->fetch('visitors', $tmp))
$cache->delete('visitors');
if ($cache->fetch('views_counter', $tmp))
$cache->delete('views_counter');
if ($cache->fetch('failed_logins', $tmp))
$cache->delete('failed_logins');
global $template_name;
if ($cache->fetch('template_ini' . $template_name, $tmp))
$cache->delete('template_ini' . $template_name);
if ($cache->fetch('plugins_hooks', $tmp))
$cache->delete('plugins_hooks');
if ($cache->fetch('plugins_routes', $tmp))
$cache->delete('plugins_routes');
global $db;
$db->setClearCacheAfter(true);
}
deleteDirectory(CACHE . 'signatures', ['index.html'], true);
deleteDirectory(CACHE . 'twig', ['index.html'], true);
deleteDirectory(CACHE . 'plugins', ['index.html'], true);
deleteDirectory(CACHE, ['signatures', 'twig', 'plugins', 'index.html'], true);
deleteDirectory(CACHE, ['signatures', 'twig', 'plugins', 'index.html', 'persistent'], true);
// routes cache
clearRouteCache();
global $hooks;
$hooks->trigger(HOOK_CACHE_CLEAR, ['cache' => Cache::getInstance()]);
return true;
}
function clearRouteCache(): void
{
$routeCacheFile = CACHE . 'route.cache';
if (file_exists($routeCacheFile)) {
unlink($routeCacheFile);
}
return true;
}
function getCustomPageInfo($name)
@@ -1261,13 +1308,6 @@ function getCustomPage($name, &$success): string
else
$tmp = $page['body'];
$php_errors = array();
function error_handler($errno, $errstr) {
global $php_errors;
$php_errors[] = array('errno' => $errno, 'errstr' => $errstr);
}
set_error_handler('error_handler');
global $config;
if(setting('core.backward_support')) {
global $SQL, $main_content, $subtopic;
@@ -1277,11 +1317,6 @@ function getCustomPage($name, &$success): string
eval($tmp);
$content .= ob_get_contents();
ob_end_clean();
restore_error_handler();
if(isset($php_errors[0]) && superAdmin()) {
var_dump($php_errors);
}
}
else {
$oldLoader = $twig->getLoader();
@@ -1525,18 +1560,19 @@ function right($str, $length) {
return substr($str, -$length);
}
function getCreatureImgPath($creature){
$creature_path = setting('core.monsters_images_url');
$creature_gfx_name = trim(strtolower($creature)) . setting('core.monsters_images_extension');
if (!file_exists($creature_path . $creature_gfx_name)) {
$creature_gfx_name = str_replace(" ", "", $creature_gfx_name);
if (file_exists($creature_path . $creature_gfx_name)) {
return $creature_path . $creature_gfx_name;
function getMonsterImgPath($monster): string
{
$monster_path = setting('core.monsters_images_url');
$monster_gfx_name = trim(strtolower($monster)) . setting('core.monsters_images_extension');
if (!file_exists($monster_path . $monster_gfx_name)) {
$monster_gfx_name = str_replace(" ", "", $monster_gfx_name);
if (file_exists($monster_path . $monster_gfx_name)) {
return $monster_path . $monster_gfx_name;
} else {
return $creature_path . 'nophoto.png';
return $monster_path . 'nophoto.png';
}
} else {
return $creature_path . $creature_gfx_name;
return $monster_path . $monster_gfx_name;
}
}
@@ -1624,8 +1660,15 @@ function displayErrorBoxWithBackButton($errors, $action = null) {
]);
}
function makeLinksClickable($text, $blank = true) {
return preg_replace('!(((f|ht)tp(s)?://)[-a-zA-Zа-яА-Я()0-9@:%_+.~#?&;//=]+)!i', '<a href="$1"' . (!$blank ?: ' target="_blank"') . '>$1</a>', $text);
}
function isRequestMethod(string $method): bool {
return strtolower($_SERVER['REQUEST_METHOD']) == strtolower($method);
}
// validator functions
require_once LIBS . 'validator.php';
require_once SYSTEM . 'compat/base.php';
// custom functions

64
system/init.php
View File

@@ -7,6 +7,14 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use DebugBar\StandardDebugBar;
use MyAAC\Cache\Cache;
use MyAAC\CsrfToken;
use MyAAC\Hooks;
use MyAAC\Settings;
use MyAAC\Towns;
defined('MYAAC') or die('Direct access not allowed!');
if(!isset($config['installed']) || !$config['installed']) {
@@ -17,6 +25,10 @@ if(config('env') === 'dev') {
require SYSTEM . 'exception.php';
}
if (config('env') === 'dev' || getBoolean(config('enable_debugbar'))) {
$debugBar = new StandardDebugBar();
}
if(empty($config['server_path'])) {
throw new RuntimeException('Server Path has been not set. Go to config.php and set it.');
}
@@ -30,11 +42,9 @@ if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HT
ob_start('ob_gzhandler');
// cache
require_once SYSTEM . 'libs/cache.php';
$cache = Cache::getInstance();
// event system
require_once SYSTEM . 'hooks.php';
$hooks = new Hooks();
$hooks->load();
@@ -45,28 +55,24 @@ require_once SYSTEM . 'twig.php';
$action = $_REQUEST['action'] ?? '';
define('ACTION', $action);
// errors, is also often used
$errors = [];
// trim values we receive
if(isset($_POST))
{
foreach($_POST as $var => $value) {
if(is_string($value)) {
$_POST[$var] = trim($value);
}
foreach($_POST as $var => $value) {
if(is_string($value)) {
$_POST[$var] = trim($value);
}
}
if(isset($_GET))
{
foreach($_GET as $var => $value) {
if(is_string($value))
$_GET[$var] = trim($value);
}
foreach($_GET as $var => $value) {
if(is_string($value))
$_GET[$var] = trim($value);
}
if(isset($_REQUEST))
{
foreach($_REQUEST as $var => $value) {
if(is_string($value))
$_REQUEST[$var] = trim($value);
}
foreach($_REQUEST as $var => $value) {
if(is_string($value))
$_REQUEST[$var] = trim($value);
}
// load otserv config file
@@ -122,21 +128,34 @@ if(!isset($foundValue)) {
$config['data_path'] = $foundValue;
unset($foundValue);
// POT
require_once SYSTEM . 'libs/pot/OTS.php';
$ots = POT::getInstance();
$eloquentConnection = null;
require_once SYSTEM . 'database.php';
if ($config_lua_reload) {
clearCache();
}
// verify myaac tables exists in database
if(!defined('MYAAC_INSTALL') && !$db->hasTable('myaac_account_actions')) {
throw new RuntimeException('Seems that the table myaac_account_actions of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting ' . BASE_URL . 'install');
}
// execute migrations
require SYSTEM . 'migrate.php';
// settings
require_once LIBS . 'Settings.php';
$settings = Settings::getInstance();
$settings->load();
// csrf protection
$token = getSession('csrf_token');
if (!isset($token) || !$token) {
CsrfToken::generate();
}
// deprecated config values
require_once SYSTEM . 'compat/config.php';
@@ -158,5 +177,4 @@ define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
define('USE_ACCOUNT_NUMBER', $db->hasColumn('accounts', 'number'));
define('USE_ACCOUNT_SALT', $db->hasColumn('accounts', 'salt'));
require LIBS . 'Towns.php';
Towns::load();

3
system/libs/SensitiveException.php
View File

@@ -1,3 +0,0 @@
<?php
class SensitiveException extends Exception {}

51
system/libs/cache_eaccelerator.php
View File

@@ -1,51 +0,0 @@
<?php
/**
* Cache eAccelerator class
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @author Mark Samman (Talaturen) <marksamman@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
class Cache_eAccelerator
{
private $prefix;
private $enabled;
public function __construct($prefix = '') {
$this->prefix = $prefix;
$this->enabled = function_exists('eaccelerator_get');
}
public function set($key, $var, $ttl = 0)
{
$key = $this->prefix . $key;
eaccelerator_rm($key);
eaccelerator_put($key, $var, $ttl);
}
public function get($key)
{
$tmp = '';
if($this->fetch($this->prefix . $key, $tmp)) {
return $tmp;
}
return '';
}
public function fetch($key, &$var) {
return ($var = eaccelerator_get($this->prefix . $key)) !== null;
}
public function delete($key) {
eaccelerator_rm($this->prefix . $key);
}
public function enabled() {
return $this->enabled;
}
}

9
system/libs/pot/OTS.php
View File

@@ -370,7 +370,14 @@ class POT
throw new RuntimeException('Please install PHP pdo extension. MyAAC will not work without it.');
}
$this->db = new OTS_DB_MySQL($params);
global $debugBar;
if (isset($debugBar)) {
$this->db = new DebugBar\DataCollector\PDO\TraceablePDO(new OTS_DB_MySQL($params));
$debugBar->addCollector(new DebugBar\DataCollector\PDO\PDOCollector($this->db));
}
else {
$this->db = new OTS_DB_MySQL($params);
}
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}

2
system/libs/pot/OTS_Account.php
View File

@@ -952,7 +952,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
return $query['group_id'];
}
return 0;
return 1;
}
public function getAccGroupId()

41
system/libs/pot/OTS_DB_MySQL.php
View File

@@ -12,6 +12,8 @@
* @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
*/
use MyAAC\Cache\Cache;
/**
* MySQL connection interface.
*
@@ -26,6 +28,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
{
private $has_table_cache = array();
private $has_column_cache = array();
private $clearCacheAfter = false;
/**
* Creates database connection.
*
@@ -94,7 +98,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
}
global $config;
if(class_exists('Cache') && ($cache = Cache::getInstance()) && $cache->enabled()) {
$cache = Cache::getInstance();
if($cache->enabled()) {
$tmp = null;
$need_revalidation = true;
if($cache->fetch('database_checksum', $tmp) && $tmp) {
@@ -117,12 +122,15 @@ class OTS_DB_MySQL extends OTS_Base_DB
}
}
$driverAttributes = []; // debugbar dont like persistent connection
if (config('env') !== 'dev' && !getBoolean(config('enable_debugbar'))) {
$driverAttributes[PDO::ATTR_PERSISTENT] = $params['persistent'];
}
if(isset($params['socket'][0])) {
$dns[] = 'unix_socket=' . $params['socket'];
parent::__construct('mysql:' . implode(';', $dns), $user, $password, array(
PDO::ATTR_PERSISTENT => $params['persistent']
));
parent::__construct('mysql:' . implode(';', $dns), $user, $password, $driverAttributes);
return;
}
@@ -135,19 +143,25 @@ class OTS_DB_MySQL extends OTS_Base_DB
$dns[] = 'port=' . $params['port'];
}
parent::__construct('mysql:' . implode(';', $dns), $user, $password, array(
PDO::ATTR_PERSISTENT => $params['persistent']
));
parent::__construct('mysql:' . implode(';', $dns), $user, $password, $driverAttributes);
}
public function __destruct()
{
global $config;
if(class_exists('Cache') && ($cache = Cache::getInstance()) && $cache->enabled()) {
$cache->set('database_tables', serialize($this->has_table_cache), 3600);
$cache->set('database_columns', serialize($this->has_column_cache), 3600);
$cache->set('database_checksum', serialize(sha1($config['database_host'] . '.' . $config['database_name'])), 3600);
$cache = Cache::getInstance();
if($cache->enabled()) {
if ($this->clearCacheAfter) {
$cache->delete('database_tables');
$cache->delete('database_columns');
$cache->delete('database_checksum');
}
else {
$cache->set('database_tables', serialize($this->has_table_cache), 3600);
$cache->set('database_columns', serialize($this->has_column_cache), 3600);
$cache->set('database_checksum', serialize(sha1($config['database_host'] . '.' . $config['database_name'])), 3600);
}
}
if($this->logged) {
@@ -235,6 +249,11 @@ class OTS_DB_MySQL extends OTS_Base_DB
}
}
}
public function setClearCacheAfter($clearCache)
{
$this->clearCacheAfter = $clearCache;
}
}
/**#@-*/

2
system/libs/pot/OTS_Groups_List.php
View File

@@ -8,6 +8,8 @@
* @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
*/
use MyAAC\Cache\Cache;
/**
* List of groups.
*

3
system/libs/pot/OTS_Monster.php
View File

@@ -41,9 +41,10 @@
class OTS_Monster extends DOMDocument
{
private $loaded = false;
public function loadXML($source , $options = 0)
public function loadXML(string $source , int $options = 0): bool
{
$this->loaded = parent::loadXML($source, $options);
return $this->loaded;
}
public function loaded()

10
system/libs/pot/OTS_Player.php
View File

@@ -90,7 +90,7 @@ class OTS_Player extends OTS_Row_DAO
* @version 0.1.2
* @var array
*/
private $data = array('sex' => 0, 'vocation' => 0, 'experience' => 0, 'level' => 1, 'maglevel' => 0, 'health' => 100, 'healthmax' => 100, 'mana' => 100, 'manamax' => 100, 'manaspent' => 0, 'soul' => 0, 'lookbody' => 10, 'lookfeet' => 10, 'lookhead' => 10, 'looklegs' => 10, 'looktype' => 136, 'lookaddons' => 0, 'posx' => 0, 'posy' => 0, 'posz' => 0, 'cap' => 0, 'lastlogin' => 0, 'lastip' => 0, 'save' => true, 'skulltime' => 0, 'skull' => 0, 'balance' => 0, 'lastlogout' => 0, 'blessings' => 0, 'stamina' => 0, 'online' => 0, 'comment' => '', 'created' => 0, 'hidden' => 0);
private $data = array('sex' => 0, 'vocation' => 0, 'experience' => 0, 'level' => 1, 'maglevel' => 0, 'health' => 100, 'healthmax' => 100, 'mana' => 100, 'manamax' => 100, 'manaspent' => 0, 'soul' => 0, 'lookbody' => 10, 'lookfeet' => 10, 'lookhead' => 10, 'looklegs' => 10, 'looktype' => 136, 'lookaddons' => 0, 'posx' => 0, 'posy' => 0, 'posz' => 0, 'cap' => 0, 'lastlogin' => 0, 'lastip' => 0, 'save' => true, 'skulltime' => 0, 'skull' => 0, 'balance' => 0, 'lastlogout' => 0, 'blessings' => 0, 'stamina' => 0, 'online' => 0, 'comment' => '', 'created' => 0, 'hide' => 0);
/**
* Player skills.
@@ -231,7 +231,7 @@ class OTS_Player extends OTS_Row_DAO
}
else {
// SELECT query on database
$this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . ($this->db->hasColumn('players', 'lookaddons') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $__load['skull_time'] . '` as `skulltime`, `' . $__load['skull_type'] . '` as `skull`' . $__load['guild_info'] . ', `town_id`' . $__load['loss_experience'] . $__load['loss_items'] . ', `balance`' . ($__load['blessings'] ? ', `blessings`' : '') . ($__load['direction'] ? ', `direction`' : '') . ($__load['stamina'] ? ', `stamina`' : '') . ($__load['world_id'] ? ', `world_id`' : '') . ($__load['online'] ? ', `online`' : '') . ', `' . ($__load['deletion'] ? 'deletion' : 'deleted') . '`' . ($__load['promotion'] ? ', `promotion`' : '') . ($__load['marriage'] ? ', `marriage`' : '') . ', `comment`, `created`, `hidden` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
$this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . ($this->db->hasColumn('players', 'lookaddons') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $__load['skull_time'] . '` as `skulltime`, `' . $__load['skull_type'] . '` as `skull`' . $__load['guild_info'] . ', `town_id`' . $__load['loss_experience'] . $__load['loss_items'] . ', `balance`' . ($__load['blessings'] ? ', `blessings`' : '') . ($__load['direction'] ? ', `direction`' : '') . ($__load['stamina'] ? ', `stamina`' : '') . ($__load['world_id'] ? ', `world_id`' : '') . ($__load['online'] ? ', `online`' : '') . ', `' . ($__load['deletion'] ? 'deletion' : 'deleted') . '`' . ($__load['promotion'] ? ', `promotion`' : '') . ($__load['marriage'] ? ', `marriage`' : '') . ', `comment`, `created`, `hide` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
}
// loads skills
@@ -521,17 +521,17 @@ class OTS_Player extends OTS_Row_DAO
public function isHidden()
{
if( !isset($this->data['hidden']) )
if( !isset($this->data['hide']) )
{
throw new E_OTS_NotLoaded();
}
return $this->data['hidden'] == 1;
return $this->data['hide'] == 1;
}
public function setHidden($hidden)
{
$this->data['hidden'] = (int) $hidden;
$this->data['hide'] = (int) $hidden;
}
public function getMarriage()

5
system/logout.php
View File

@@ -7,6 +7,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\CsrfToken;
defined('MYAAC') or die('Direct access not allowed!');
if(isset($account_logged) && $account_logged->isLoaded()) {
@@ -15,6 +18,8 @@ if(isset($account_logged) && $account_logged->isLoaded()) {
unsetSession('password');
unsetSession('remember_me');
CsrfToken::generate();
$logged = false;
unset($account_logged);

3
system/migrations/17.php
View File

@@ -1,5 +1,7 @@
<?php
use MyAAC\Plugins;
if(!$db->hasTable('myaac_menu')) {
$db->query("
CREATE TABLE `myaac_menu`
@@ -16,7 +18,6 @@ CREATE TABLE `myaac_menu`
");
}
require_once LIBS . 'plugins.php';
Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');

2
system/migrations/20.php
View File

@@ -1,5 +1,7 @@
<?php
use MyAAC\Settings;
$query = $db->query("SELECT `id` FROM `players` WHERE (`name` = " . $db->quote("Rook Sample") . " OR `name` = " . $db->quote("Sorcerer Sample") . " OR `name` = " . $db->quote("Druid Sample") . " OR `name` = " . $db->quote("Paladin Sample") . " OR `name` = " . $db->quote("Knight Sample") . " OR `name` = " . $db->quote("Account Manager") . ") ORDER BY `id`;");
$highscores_ignored_ids = array();

68
system/migrations/27.php
View File

@@ -1,37 +1,47 @@
<?php
$downloadsPage = <<<HTML
<p>&nbsp;</p>
<p>&nbsp;</p>
<div style="text-align: center;">We're using official Tibia Client <strong>{{ config.client / 100 }}</strong><br>
<p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href="https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ" target="_blank" rel="noopener">HERE</a>.</p>
<h2>IP Changer:</h2>
<a href="https://static.otland.net/ipchanger.exe" target="_blank" rel="noopener">HERE</a></div>
HTML;
$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('downloads') . " LIMIT 1;");
if($query->rowCount() === 0) {
$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hidden`) VALUES
(null, 'downloads', 'Downloads', '<p>&nbsp;</p>
<p>&nbsp;</p>
<div style=\"text-align: center;\">We''re using official Tibia Client <strong>{{ config.client / 100 }}</strong><br />
<p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href=\"https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ\" target=\"_blank\" rel=\"noopener\">HERE</a>.</p>
<h2>IP Changer:</h2>
<a href=\"https://static.otland.net/ipchanger.exe\" target=\"_blank\" rel=\"noopener\">HERE</a></div>', 0, 1, 0, 1, 0);");
$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
(null, 'downloads', 'Downloads', {$db->quote($downloadsPage)}, 0, 1, 0, 0, 0);");
}
$commandsPage = <<<HTML
<table class="myaac-table" style="border-collapse: collapse; width: 100%; height: 72px; border-width: 1px;" border="1"><colgroup><col style="width: 50%;"><col style="width: 50%;"></colgroup>
<thead>
<tr style="height: 18px;">
<td style="height: 18px; border-width: 1px; text-align: center;"><span style="color: #ffffff;"><strong>Words</strong></span></td>
<td style="height: 18px; border-width: 1px; text-align: center;"><strong>Description</strong></td>
</tr>
</thead>
<tbody>
<tr style="height: 18px;">
<td style="height: 18px; border-width: 1px;">!example</td>
<td style="height: 18px; border-width: 1px;">This is just an example</td>
</tr>
<tr style="height: 18px;">
<td style="height: 18px; border-width: 1px;">!buyhouse</td>
<td style="height: 18px; border-width: 1px;">Buy house you are looking at</td>
</tr>
<tr style="height: 18px;">
<td style="height: 18px; border-width: 1px;"><em>!aol</em></td>
<td style="height: 18px; border-width: 1px;">Buy AoL</td>
</tr>
</tbody>
</table>
HTML;
$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('commands') . " LIMIT 1;");
if($query->rowCount() === 0) {
$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hidden`) VALUES
(null, 'commands', 'Commands', '<table style=\"border-collapse: collapse; width: 87.8471%; height: 57px;\" border=\"1\">
<tbody>
<tr style=\"height: 18px;\">
<td style=\"width: 33.3333%; background-color: #505050; height: 18px;\"><span style=\"color: #ffffff;\"><strong>Words</strong></span></td>
<td style=\"width: 33.3333%; background-color: #505050; height: 18px;\"><span style=\"color: #ffffff;\"><strong>Description</strong></span></td>
</tr>
<tr style=\"height: 18px; background-color: #f1e0c6;\">
<td style=\"width: 33.3333%; height: 18px;\"><em>!example</em></td>
<td style=\"width: 33.3333%; height: 18px;\">This is just an example</td>
</tr>
<tr style=\"height: 18px; background-color: #d4c0a1;\">
<td style=\"width: 33.3333%; height: 18px;\"><em>!buyhouse</em></td>
<td style=\"width: 33.3333%; height: 18px;\">Buy house you are looking at</td>
</tr>
<tr style=\"height: 18px; background-color: #f1e0c6;\">
<td style=\"width: 33.3333%; height: 18px;\"><em>!aol</em></td>
<td style=\"width: 33.3333%; height: 18px;\">Buy AoL</td>
</tr>
</tbody>
</table>', 0, 1, 0, 1, 0);");
}
$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
(null, 'commands', 'Commands', {$db->quote($commandsPage)}, 0, 1, 0, 0, 0);");
}

4
system/migrations/28.php
View File

@@ -1,8 +1,10 @@
<?php
use MyAAC\Cache\Cache;
$db->exec('DROP TABLE IF EXISTS `' . TABLE_PREFIX . 'hooks`;');
$cache = Cache::getInstance();
if($cache->enabled()) {
$cache->delete('hooks');
}
}

4
system/migrations/30.php
View File

@@ -2,7 +2,7 @@
$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('rules_on_the_page') . " LIMIT 1;");
if($query->rowCount() === 0) {
$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `enable_tinymce`, `access`, `hidden`) VALUES
$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `enable_tinymce`, `access`, `hide`) VALUES
(null, 'rules_on_the_page', 'Rules', '1. Names
a) Names which contain insulting (e.g. \"Bastard\"), racist (e.g. \"Nigger\"), extremely right-wing (e.g. \"Hitler\"), sexist (e.g. \"Bitch\") or offensive (e.g. \"Copkiller\") language.
b) Names containing parts of sentences (e.g. \"Mike returns\"), nonsensical combinations of letters (e.g. \"Fgfshdsfg\") or invalid formattings (e.g. \"Thegreatknight\").
@@ -27,5 +27,5 @@ a) Excessive killing of characters who are not marked with a \"skull\" on worlds
A violation of the Tibia Rules may lead to temporary banishment of characters and accounts. In severe cases removal or modification of character skills, attributes and belongings, as well as the permanent removal of accounts without any compensation may be considered. The sanction is based on the seriousness of the rule violation and the previous record of the player. It is determined by the gamemaster imposing the banishment.
These rules may be changed at any time. All changes will be announced on the official website.', 0, 1, 0, 0, 1, 0);");
These rules may be changed at any time. All changes will be announced on the official website.', 0, 1, 0, 0, 0, 0);");
}

39
system/migrations/31.php
View File

@@ -2,17 +2,56 @@
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'elements')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `elements` TEXT NOT NULL AFTER `immunities`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'pushable')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `pushable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `convinceable`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushitems')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `canpushitems` TINYINT(1) NOT NULL DEFAULT '0' AFTER `pushable`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `canpushcreatures` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `canwalkonenergy` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `canwalkonpoison` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonenergy`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `canwalkonfire` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonpoison`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'runonhealth')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `runonhealth` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonfire`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'hostile')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `hostile` TINYINT(1) NOT NULL DEFAULT '0' AFTER `runonhealth`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'attackable')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `attackable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `hostile`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'rewardboss')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `rewardboss` TINYINT(1) NOT NULL DEFAULT '0' AFTER `attackable`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'defense')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `defense` INT(11) NOT NULL DEFAULT '0' AFTER `rewardboss`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'armor')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `armor` INT(11) NOT NULL DEFAULT '0' AFTER `defense`;");
}
if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'summons')) {
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `summons` TEXT NOT NULL AFTER `loot`;");
}

8
system/migrations/37.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
// 2023-11-11
// Add Guest page access
use MyAAC\Models\Pages;
Pages::query()->where('access', 1)->update(['access' => 0]);

5
system/migrations/38.php Normal file
View File

@@ -0,0 +1,5 @@
<?php
// 2023-11-11
// execute highscores_ids_hidden once again, cause of settings
require __DIR__ . '/20.php';

18
system/migrations/39.php Normal file
View File

@@ -0,0 +1,18 @@
<?php
// 2024-01-27
// change hidden to hide (Eloquent model reserved keyword)
if (!$db->hasColumn('players', 'hide')) {
$db->exec("ALTER TABLE `players` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
}
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "changelog` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "faq` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "news` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "news_categories` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "pages` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "gallery` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
$db->exec("ALTER TABLE `" . TABLE_PREFIX . "spells` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");

12
system/migrations/40.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
// 2024-02-03
// update pages links
use MyAAC\Models\Menu;
Menu::where('link', 'lastkills')->update(['link' => 'last-kills']);
Menu::where('link', 'serverInfo')->update(['link' => 'server-info']);
Menu::where('link', 'experienceStages')->update(['link' => 'exp-stages']);
Menu::where('link', 'experienceTable')->update(['link' => 'exp-table']);
Menu::where('link', 'creatures')->update(['link' => 'monsters']);

2
system/pages/account/change_comment.php
View File

@@ -40,7 +40,7 @@ if($player_name != null) {
if (isset($_POST['changecommentsave']) && $_POST['changecommentsave'] == 1) {
if(empty($errors)) {
$player->hidden = $new_hideacc;
$player->hide = $new_hideacc;
$player->comment = $new_comment;
$player->save();
$account_logged->logAction('Changed comment for character <b>' . $player->name . '</b>.');

12
system/pages/account/change_email.php
View File

@@ -92,18 +92,22 @@ else
<tr>
<td width="30">&nbsp;</td>
<td align=left>
<form action="' . getLink('account/email') . '" method="post"><input type="hidden" name="changeemailsave" value=1 >
<form action="' . getLink('account/email') . '" method="post">
' . csrf(true) . '
<input type="hidden" name="changeemailsave" value=1 >
<INPUT TYPE=image NAME="I Agree" SRC="' . $template_path . '/images/global/buttons/sbutton_iagree.gif" BORDER=0 WIDTH=120 HEIGHT=17>
</form>
</td>
<td align=left>
<form action="' . getLink('account/email') . '" method="post">
' . csrf(true) . '
<input type="hidden" name="emailchangecancel" value=1 >
' . $twig->render('buttons.cancel.html.twig') . '
</form>
</td>
<td align=right>
<form action="?subtopic=accountmanagement" method="post" >
<form action="' . getLink('account/manage') . '" method="post" >
' . csrf(true) . '
' . $twig->render('buttons.back.html.twig') . '
</form>
</td>
@@ -125,6 +129,7 @@ else
<td>
<table border="0" cellspacing="0" cellpadding="0" >
<form action="' .getLink('account/email') . '" method="post" >
' . csrf(true) . '
<tr>
<td style="border:0px;" >
<input type="hidden" name="emailchangecancel" value="1" >
@@ -137,6 +142,7 @@ else
<td>
<table border="0" cellspacing="0" cellpadding="0" >
<form action="' . getLink('account/manage') . '" method="post" >
' . csrf(true) . '
<tr>
<td style="border:0px;" >
' . $twig->render('buttons.back.html.twig') . '
@@ -158,7 +164,7 @@ if(isset($_POST['emailchangecancel']) && $_POST['emailchangecancel'] == 1) {
$account_logged->setCustomField("email_new", "");
$account_logged->setCustomField("email_new_time", 0);
$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="' . getLink('account/manage') . '" method="post" ><tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
$twig->display('success.html.twig', array(
'title' => 'Email Address Change Cancelled',

8
system/pages/account/change_password.php
View File

@@ -18,18 +18,18 @@ if(!$logged) {
}
$new_password = $_POST['newpassword'] ?? NULL;
$new_password2 = $_POST['newpassword2'] ?? NULL;
$new_password_confirm = $_POST['newpassword_confirm'] ?? NULL;
$old_password = $_POST['oldpassword'] ?? NULL;
if(empty($new_password) && empty($new_password2) && empty($old_password)) {
if(empty($new_password) && empty($new_password_confirm) && empty($old_password)) {
$twig->display('account.change_password.html.twig');
}
else
{
if(empty($new_password) || empty($new_password2) || empty($old_password)){
if(empty($new_password) || empty($new_password_confirm) || empty($old_password)){
$errors[] = 'Please fill in form.';
}
$password_strlen = strlen($new_password);
if($new_password != $new_password2) {
if($new_password != $new_password_confirm) {
$errors[] = 'The new passwords do not match!';
}

12
system/pages/account/create.php
View File

@@ -8,6 +8,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\CreateCharacter;
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Create Account';
@@ -21,7 +24,6 @@ if($logged)
}
if(setting('core.account_create_character_create')) {
require_once LIBS . 'CreateCharacter.php';
$createCharacter = new CreateCharacter();
}
@@ -50,7 +52,7 @@ if($save)
$email = $_POST['email'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$password_confirm = $_POST['password_confirm'];
// account
if(!config('account_login_by_email')) {
@@ -81,7 +83,7 @@ if($save)
if(empty($password)) {
$errors['password'] = 'Please enter the password for your new account.';
}
elseif($password != $password2) {
elseif($password != $password_confirm) {
$errors['password'] = 'Passwords are not the same.';
}
else if(!Validator::password($password)) {
@@ -134,7 +136,7 @@ if($save)
'email' => $email,
'country' => $country,
'password' => $password,
'password2' => $password2,
'password_confirm' => $password_confirm,
'accept_rules' => isset($_POST['accept_rules']) ? $_POST['accept_rules'] === 'true' : false,
);
@@ -267,7 +269,7 @@ if($save)
$_POST['account_login'] = USE_ACCOUNT_NAME ? $account_name : $account_id;
}
$_POST['password_login'] = $password2;
$_POST['password_login'] = $password_confirm;
require PAGES . 'account/login.php';
header('Location: ' . getLink('account/manage'));

4
system/pages/account/create_character.php
View File

@@ -8,6 +8,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\CreateCharacter;
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Create Character';
@@ -30,7 +33,6 @@ $character_created = false;
$save = isset($_POST['save']) && $_POST['save'] == 1;
$errors = array();
if($save) {
require_once LIBS . 'CreateCharacter.php';
$createCharacter = new CreateCharacter();
$character_created = $createCharacter->doCreate($character_name, $character_sex, $character_vocation, $character_town, $account_logged, $errors);

16
system/pages/account/delete_character.php
View File

@@ -61,16 +61,18 @@ if(isset($_POST['deletecharactersave']) && $_POST['deletecharactersave'] == 1) {
}
}
$ownerid = 'ownerid';
if($db->hasColumn('guilds', 'owner_id'))
$ownerid = 'owner_id';
$guild = $db->query('SELECT `name` FROM `guilds` WHERE `' . $ownerid . '` = '.$player->getId());
if($guild->rowCount() > 0) {
$errors[] = 'You cannot delete a character when they own a guild.';
if(empty($errors)) {
$ownerid = 'ownerid';
if ($db->hasColumn('guilds', 'owner_id'))
$ownerid = 'owner_id';
$guild = $db->query('SELECT `name` FROM `guilds` WHERE `' . $ownerid . '` = ' . $player->getId());
if ($guild->rowCount() > 0) {
$errors[] = 'You cannot delete a character when they own a guild.';
}
}
if(empty($errors)) {
//dont show table "delete character" again
// don't show table "delete character" again
$show_form = false;
/** @var OTS_DB_MySQL $db */
if ($db->hasColumn('players', 'deletion'))

1
system/pages/account/login.php
View File

@@ -59,6 +59,7 @@ if(!$logged && isset($_POST['account_login'], $_POST['password_login']))
&& (!isset($t) || $t['attempts'] < 5)
)
{
session_regenerate_id();
setSession('account', $account_logged->getId());
setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
if($remember_me) {

24
system/pages/account/lost.php
View File

@@ -95,7 +95,7 @@ elseif($action == 'sendcode')
<p>Account name: '.$account->getName().'</p>
<br />
To do so, please click this link:
<p><a href="' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'">'.BASE_URL.'/?subtopic=lostaccount&action=checkcode&code='.$newcode.'&character='.urlencode($nick).'</a></p>
<p><a href="' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'">' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'</a></p>
<p>or open page: <i>' . getLink('account/lost') . '?action=checkcode</i> and in field "code" write <b>'.$newcode.'</b></p>
<br/>
<p>If you did not request a password change, you may ignore this message and your password will remain unchanged.';
@@ -172,7 +172,7 @@ elseif($action == 'step1' && $action_type == 'reckey')
else
echo 'Invalid player name format. If you have other characters on account try with other name.';
echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
<a href="?subtopic=lostaccount" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
<a href="' . getLink('account/lost') . '" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
</TD></TR></FORM></TABLE></TABLE>';
}
elseif($action == 'step2')
@@ -232,7 +232,7 @@ elseif($action == 'step2')
}
</script>';
echo 'Set new password and e-mail to your account.<BR>
<FORM ACTION="?subtopic=lostaccount&action=step3" onsubmit="return validate_form(this)" METHOD=post>
<FORM ACTION="' . getLink('account/lost') . '?action=step3" onsubmit="return validate_form(this)" METHOD=post>
<INPUT TYPE=hidden NAME="character" VALUE="">
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter new password and e-mail</B></TD></TR>
@@ -261,7 +261,7 @@ elseif($action == 'step2')
else
echo 'Invalid player name format. If you have other characters on account try with other name.';
echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
<a href="?subtopic=lostaccount&action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
</TD></TR></FORM></TABLE></TABLE>';
}
elseif($action == 'step3')
@@ -304,7 +304,7 @@ elseif($action == 'step3')
$account->setCustomField('salt', $salt);
echo 'Your account name, new password and new e-mail.<BR>
<FORM ACTION="?subtopic=accountmanagement" onsubmit="return validate_form(this)" METHOD=post>
<FORM ACTION="' . getLink('account/manage') . '" onsubmit="return validate_form(this)" METHOD=post>
<INPUT TYPE=hidden NAME="character" VALUE="">
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Your account name, new password and new e-mail</B></TD></TR>
@@ -361,7 +361,7 @@ elseif($action == 'step3')
else
echo 'Invalid player name format. If you have other characters on account try with other name.';
echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
<a href="?subtopic=lostaccount&action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
</TD></TR></FORM></TABLE></TABLE>';
}
elseif($action == 'checkcode')
@@ -370,7 +370,7 @@ elseif($action == 'checkcode')
$character = stripslashes(trim($_REQUEST['character']));
if(empty($code) || empty($character))
echo 'Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
<FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
<TR><TD BGCOLOR="'.$config['darkborder'].'">
@@ -418,7 +418,7 @@ elseif($action == 'checkcode')
}
</script>
Please enter new password to your account and repeat to make sure you remember password.<BR>
<FORM ACTION="?subtopic=lostaccount&action=setnewpassword" onsubmit="return validate_form(this)" METHOD=post>
<FORM ACTION="' . getLink('account/lost') . '?action=setnewpassword" onsubmit="return validate_form(this)" METHOD=post>
<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
<INPUT TYPE=hidden NAME="code" VALUE="'.$code.'">
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
@@ -441,7 +441,7 @@ elseif($action == 'checkcode')
}
if(!empty($error))
echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
<FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
<TR><TD BGCOLOR="'.$config['darkborder'].'">
@@ -462,7 +462,7 @@ elseif($action == 'setnewpassword')
echo '';
if(empty($code) || empty($character) || empty($newpassword))
echo '<span style="color: red"><b>Error. Try again.</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
<BR><FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
<BR><FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
<INPUT TYPE=image NAME="Back" ALT="Back" SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
</TD></TR></FORM></TABLE></TABLE>';
@@ -518,7 +518,7 @@ elseif($action == 'setnewpassword')
</TABLE>
<BR>
<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
<FORM ACTION="?subtopic=accountmanagement" METHOD=post>
<FORM ACTION="' . getLink('account/manage') . '" METHOD=post>
<INPUT TYPE=image NAME="Login" ALT="Login" SRC="'.$template_path.'/images/global/buttons/sbutton_login.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
</TD></TR></FORM></TABLE></TABLE>';
}
@@ -533,7 +533,7 @@ elseif($action == 'setnewpassword')
}
if(!empty($error))
echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
<FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
<TR><TD BGCOLOR="'.$config['darkborder'].'">

10
system/pages/account/manage.php
View File

@@ -18,6 +18,16 @@ if(!$logged) {
return;
}
if(isset($_REQUEST['redirect']))
{
$redirect = urldecode($_REQUEST['redirect']);
$twig->display('account.redirect.html.twig', array(
'redirect' => $redirect
));
return;
}
$groups = new OTS_Groups_List();
$freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS;

2
system/pages/bans.php
View File

@@ -27,7 +27,7 @@ $configBans = [];
$configBans['hasType'] = false;
$configBans['hasReason'] = false;
$limit = 'LIMIT ' . ($configBansPerPage + 1) . (isset($offset) ? ' OFFSET ' . $offset : '');
$limit = 'LIMIT ' . ($configBansPerPage + 1) . ' OFFSET ' . $offset;
if ($db->hasTable('account_bans')) {
$bansQuery = $db->query('SELECT * FROM `account_bans` ORDER BY `banned_at` DESC ' . $limit);
}

370
system/pages/bugtracker.php
View File

@@ -1,370 +0,0 @@
<?php
/**
* Bug tracker
*
* @package MyAAC
* @author Gesior <jerzyskalski@wp.pl>
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Models\BugTracker;
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Bug tracker';
if(!$logged)
{
echo 'You are not logged in. <a href="?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=bugtracker') . '">Log in</a> to post on the bug tracker.<br /><br />';
return;
}
$showed = $post = $reply = false;
// type (1 = question; 2 = answer)
// status (1 = open; 2 = new message; 3 = closed;)
$dark = $config['darkborder'];
$light = $config['lightborder'];
$tags = array(1 => "[MAP]", "[WEBSITE]", "[CLIENT]", "[MONSTER]", "[NPC]", "[OTHER]");
if(admin() and isset($_REQUEST['control']) && $_REQUEST['control'] == "true")
{
if(empty($_REQUEST['id']) and empty($_REQUEST['acc']) or !is_numeric($_REQUEST['acc']) or !is_numeric($_REQUEST['id']) )
$bug[1] = BugTracker::where('type', 1)->orderByDesc('uid')->get()->toArray();
if(!empty($_REQUEST['id']) and is_numeric($_REQUEST['id']) and !empty($_REQUEST['acc']) and is_numeric($_REQUEST['acc']))
$bug[2] = BugTracker::where('type', 1)->where('account', $_REQUEST['acc'])->where('id', $_REQUEST['id'])->get()->toArray();
if(!empty($_REQUEST['id']) and is_numeric($_REQUEST['id']) and !empty($_REQUEST['acc']) and is_numeric($_REQUEST['acc']))
{
if(!empty($_REQUEST['reply']))
$reply=true;
$account = new OTS_Account();
$account->load($_REQUEST['acc']);
$account->isLoaded();
$players = $account->getPlayersList();
if(!$reply)
{
if($bug[2]['status'] == 2)
$value = '<span style="color: green">[OPEN]</span>';
elseif($bug[2]['status'] == 3)
$value = '<span style="color: red">[CLOSED]</span>';
elseif($bug[2]['status'] == 1)
$value = '<span style="color: blue">[NEW ANSWER]</span>';
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 CLASS=white><B>Bug Tracker</B></TD></TR>';
echo '<TR BGCOLOR="'.$dark.'"><td width=40%><i><b>Subject</b></i></td><td>'.$tags[$bug[2]['tag']].' '.$bug[2]['subject'].' '.$value.'</td></tr>';
echo '<TR BGCOLOR="'.$light.'"><td><i><b>Posted by</b></i></td><td>';
foreach($players as $player)
{
echo ''.$player->getName().'<br>';
}
echo '</td></tr>';
echo '<TR BGCOLOR="'.$dark.'"><td colspan=2><i><b>Description</b></i></td></tr>';
echo '<TR BGCOLOR="'.$light.'"><td colspan=2>'.nl2br($bug[2]['text']).'</td></tr>';
echo '</TABLE>';
$answers = BugTracker::where('account', $_REQUEST['acc'])->where('id', $_REQUEST['id'])->where('type', 2)->orderBy('reply')->get()->toArray();
foreach($answers as $answer)
{
if($answer['who'] == 1)
$who = '<span style="color: red">[ADMIN]</span>';
else
$who = '<span style="color: green">[PLAYER]</span>';
echo '<br><TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 CLASS=white><B>Answer #'.$answer['reply'].'</B></TD></TR>';
echo '<TR BGCOLOR="'.$dark.'"><td width=70%><i><b>Posted by</b></i></td><td>'.$who.'</td></tr>';
echo '<TR BGCOLOR="'.$light.'"><td colspan=2><i><b>Description</b></i></td></tr>';
echo '<TR BGCOLOR="'.$dark.'"><td colspan=2>'.nl2br($answer['text']).'</td></tr>';
echo '</TABLE>';
}
if($bug[2]['status'] != 3)
echo '<br><a href="?subtopic=bugtracker&control=true&id='.$_REQUEST['id'].'&acc='.$_REQUEST['acc'].'&reply=true"><b>[REPLY]</b></a>';
}
else
{
if($bug[2]['status'] != 3)
{
$reply = BugTracker::where('account', $_REQUEST['acc'])->where('id', $_REQUEST['id'])->where('type', 2)->max('reply');
$reply = $reply + 1;
$iswho = BugTracker::where('account', $_REQUEST['acc'])->where('id', $_REQUEST['id'])->where('type', 2)->orderByDesc('reply')->first()->toArray();
if(isset($_POST['finish']))
{
if(empty($_POST['text']))
$error[] = '<span style="color: black"><b>Description cannot be empty.</b></span>';
if($iswho['who'] == 1)
$error[] = '<span style="color: black"><b>You must wait for User answer.</b></span>';
if(empty($_POST['status']))
$error[] = '<span style="color: black"><b>Status cannot be empty.</b></span>';
if(!empty($error))
{
foreach($error as $errors)
echo ''.$errors.'<br>';
}
else
{
$type = 2;
$INSERT = BugTracker::create([
'account' => $_REQUEST['aac'],
'id' => $_REQUEST['id'],
'text' => $_POST['text'],
'reply' => $reply,
'type' => $type,
'who' => 1,
]);
$UPDATE = Bugtracker::where('id', $_REQUEST['id'])->where('account', $_REQUEST['acc'])->update([
'status' => $_POST['status']
]);
header('Location: ?subtopic=bugtracker&control=true&id='.$_REQUEST['id'].'&acc='.$_REQUEST['acc'].'');
}
}
echo '<br><form method="post" action=""><table><tr><td><i>Description</i></td><td><textarea name="text" rows="15" cols="35"></textarea></td></tr><tr><td>Status[OPEN]</td><td><input type=radio name=status value=2></td></tr><tr><td>Status[CLOSED]</td><td><input type=radio name=status value=3></td></tr></table><br><input type="submit" name="finish" value="Submit" class="input2"/></form>';
}
else
{
echo '<br><span style="color: black"><b>You can\'t add answer to closed bug thread.</b></span>';
}
}
$post=true;
}
if(!$post)
{
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD colspan=2 CLASS=white><B>Bug Tracker Admin</B></TD></TR>';
$i=1;
foreach($bug[1] as $report)
{
if($report['status'] == 2)
$value = '<span style="color: green">[OPEN]</span>';
elseif($report['status'] == 3)
$value = '<span style="color: red">[CLOSED]</span>';
elseif($report['status'] == 1)
$value = '<span style="color: blue">[NEW ANSWER]</span>';
echo '<TR BGCOLOR="' . getStyle($i) . '"><td width=75%><a href="?subtopic=bugtracker&control=true&id='.$report['id'].'&acc='.$report['account'].'">'.$tags[$report['tag']].' '.$report['subject'].'</a></td><td>'.$value.'</td></tr>';
$showed=true;
$i++;
}
echo '</TABLE>';
}
}
else
{
$acc = $account_logged->getId();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player)
{
$allow=true;
}
if(!empty($_REQUEST['id']))
$id = addslashes(htmlspecialchars(trim($_REQUEST['id'])));
if(empty($_REQUEST['id']))
$bug[1] = BugTracker::where('account', $account_logged->getId())->where('type', 1)->orderBy('id')->get()->toArray();
if(!empty($_REQUEST['id']) and is_numeric($_REQUEST['id']))
$bug[2] = BugTracker::where('account', $account_logged->getId())->where('type', 1)->where('id', $id)->get()->toArray();
else
$bug[2] = NULL;
if(!empty($_REQUEST['id']) and $bug[2] != NULL)
{
if(!empty($_REQUEST['reply']))
$reply=true;
if(!$reply)
{
if($bug[2]['status'] == 1)
$value = '<span style="color: green">[OPEN]</span>';
elseif($bug[2]['status'] == 2)
$value = '<span style="color: blue">[NEW ANSWER]</span>';
elseif($bug[2]['status'] == 3)
$value = '<span style="color: red">[CLOSED]</span>';
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 CLASS=white><B>Bug Tracker</B></TD></TR>';
echo '<TR BGCOLOR="'.$dark.'"><td width=40%><i><b>Subject</b></i></td><td>'.$tags[$bug[2]['tag']].' '.$bug[2]['subject'].' '.$value.'</td></tr>';
echo '<TR BGCOLOR="'.$light.'"><td colspan=2><i><b>Description</b></i></td></tr>';
echo '<TR BGCOLOR="'.$dark.'"><td colspan=2>'.nl2br($bug[2]['text']).'</td></tr>';
echo '</TABLE>';
$answers = Bugtracker::where('account', $account_logged->getId())->where('id', $id)->where('type', 2)->orderBy('reply')->get()->toArray();
foreach($answers as $answer)
{
if($answer['who'] == 1)
$who = '<span style="color: red">[ADMIN]</span>';
else
$who = '<span style="color: green">[YOU]</span>';
echo '<br><TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 CLASS=white><B>Answer #'.$answer['reply'].'</B></TD></TR>';
echo '<TR BGCOLOR="'.$dark.'"><td width=70%><i><b>Posted by</b></i></td><td>'.$who.'</td></tr>';
echo '<TR BGCOLOR="'.$light.'"><td colspan=2><i><b>Description</b></i></td></tr>';
echo '<TR BGCOLOR="'.$dark.'"><td colspan=2>'.nl2br($answer['text']).'</td></tr>';
echo '</TABLE>';
}
if($bug[2]['status'] != 3)
echo '<br><a href="?subtopic=bugtracker&id='.$id.'&reply=true"><b>[REPLY]</b></a>';
}
else
{
if($bug[2]['status'] != 3)
{
$reply = BugTracker::where('account', $aac)->where('id', $id)->where('type', 2)->max('reply');
$reply = $reply + 1;
$iswho = BugTracker::where('account', $acc)->where('id', $id)->where('type', 2)->orderByDesc('reply')->first()->toArray();
if(isset($_POST['finish']))
{
if(empty($_POST['text']))
$error[] = '<span style="color: black"><b>Description cannot be empty.</b></span>';
if($iswho['who'] == 0)
$error[] = '<span style="color: black"><b>You must wait for Administrator answer.</b></span>';
if(!$allow)
$error[] = '<span style="color: black"><b>You haven\'t any characters on account.</b></span>';
if(!empty($error))
{
foreach($error as $errors)
echo ''.$errors.'<br>';
}
else
{
$type = 2;
$INSERT = BugTracker::create([
'account' => $acc,
'id' => $id,
'text' => $_POST['text'],
'reply' => $reply,
'type' => $type
]);
$UPDATE = BugTracker::where('id', $id)->where('account', $acc)->update([
'status' => 1
]);
header('Location: ?subtopic=bugtracker&id='.$id.'');
}
}
echo '<br><form method="post" action=""><table><tr><td><i>Description</i></td><td><textarea name="text" rows="15" cols="35"></textarea></td></tr></table><br><input type="submit" name="finish" value="Submit" class="input2"/></form>';
}
else
{
echo '<br><span style="color: black"><b>You can\'t add answer to closed bug thread.</b></span>';
}
}
$post=true;
}
elseif(!empty($_REQUEST['id']) and $bug[2] == NULL)
{
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD CLASS=white><B>Bug Tracker</B></TD></TR>';
echo '<TR BGCOLOR="'.$dark.'"><td><i>Bug doesn\'t exist.</i></td></tr>';
echo '</TABLE>';
$post=true;
}
if(!$post)
{
if(!isset($_REQUEST['add']) || $_REQUEST['add'] != TRUE)
{
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD colspan=2 CLASS=white><B>Bug Tracker</B></TD></TR>';
foreach($bug[1] as $report)
{
if($report['status'] == 1)
$value = '<span style="color: green">[OPEN]</span>';
elseif($report['status'] == 2)
$value = '<span style="color: blue">[NEW ANSWER]</span>';
elseif($report['status'] == 3)
$value = '<span style="color: red">[CLOSED]</span>';
if(is_int($report['id'] / 2))
{
$bgcolor = $dark;
}
else
{
$bgcolor = $light;
}
echo '<TR BGCOLOR="'.$bgcolor.'"><td width=75%><a href="?subtopic=bugtracker&id='.$report['id'].'">'.$tags[$report['tag']].' '.$report['subject'].'</a></td><td>'.$value.'</td></tr>';
$showed=true;
}
if(!$showed)
{
echo '<TR BGCOLOR="'.$dark.'"><td><i>You don\'t have reported any bugs.</i></td></tr>';
}
echo '</TABLE>';
echo '<br><a href="?subtopic=bugtracker&add=true"><b>[ADD REPORT]</b></a>';
}
elseif(isset($_REQUEST['add']) && $_REQUEST['add'] == TRUE)
{
$thread = BugTracker::where('account', $acc)->where('type', 1)->orderByDesc('id')->get()->toArray();
$id_next = BugTracker::where('account', $acc)->where('type', 1)->max('id');
$id_next = $id_next + 1;
if(empty($thread))
$thread['status'] = 3;
if(isset($_POST['submit']))
{
if($thread['status'] != 3)
$error[] = '<span style="color: black"><b>Can be only 1 open bug thread.</b></span>';
if(empty($_POST['subject']))
$error[] = '<span style="color: black"><b>Subject cannot be empty.</b></span>';
if(empty($_POST['text']))
$error[] = '<span style="color: black"><b>Description cannot be empty.</b></span>';
if(!$allow)
$error[] = '<span style="color: black"><b>You haven\'t any characters on account.</b></span>';
if(empty($_POST['tags']))
$error[] = '<span style="color: black"><b>Tag cannot be empty.</b></span>';
if(!empty($error))
{
foreach($error as $errors)
echo ''.$errors.'<br>';
}
else
{
$type = 1;
$status = 1;
$INSERT = BugTracker::create([
'account' => $acc,
'id' => $id_next,
'text' => $_POST['text'],
'type' => $type,
'subject' => $_POST['subject'],
'reply' => 0,
'status' => $status,
'tag' => $_POST['tags']
]);
header('Location: ?subtopic=bugtracker&id='.$id_next.'');
}
}
echo '<br><form method="post" action=""><table><tr><td><i>Subject</i></td><td><input type=text name="subject"/></td></tr><tr><td><i>Description</i></td><td><textarea name="text" rows="15" cols="35"></textarea></td></tr><tr><td>TAG</td><td><select name="tags"><option value="">SELECT</option>';
for($i = 1; $i <= count($tags); $i++)
{
echo '<option value="' . $i . '">' . $tags[$i] . '</option>';
}
echo '</select></tr></tr></table><br><input type="submit" name="submit" value="Submit" class="input2"/></form>';
}
}
}
if(admin() and empty($_REQUEST['control']))
{
echo '<br><br><a href="?subtopic=bugtracker&control=true">[ADMIN PANEL]</a>';
}

2
system/pages/changelog.php
View File

@@ -19,7 +19,7 @@ $next_page = false;
$canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin();
$changelogs = Changelog::isPublic()->orderByDesc('id')->limit($limit + 1)->offset($offset)->get()->toArray();
$changelogs = Changelog::isPublic()->orderByDesc('date')->limit($limit + 1)->offset($offset)->get()->toArray();
$i = 0;
foreach($changelogs as $key => &$log)

9
system/pages/characters.php
View File

@@ -342,8 +342,8 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
$signature_url = BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . urlencode($player->getName()) . '.png';
}
$hidden = $player->isHidden();
if(!$hidden) {
$hide = $player->isHidden();
if(!$hide) {
// check if account has been banned
$bannedUntil = '';
$banned = array();
@@ -363,7 +363,7 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
$query = $db->query('SELECT `id` FROM `players` WHERE `account_id` = ' . $account->getId() . ' ORDER BY `name`')->fetchAll();
foreach($query as $p) {
$_player = new OTS_Player();
$fields = array('id', 'name', 'vocation', 'level', 'online', 'deleted', 'hidden');
$fields = array('id', 'name', 'vocation', 'level', 'online', 'deleted', 'hide');
$_player->load($p['id'], $fields, false);
if($_player->isLoaded() && !$_player->isHidden()) {
$account_players[] = $_player;
@@ -404,7 +404,8 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
'frags' => $frags,
'signature_url' => isset($signature_url) ? $signature_url : null,
'player_link' => getPlayerLink($player->getName(), false),
'hidden' => $hidden,
'hide' => $hide,
'hidden' => $hide,
'bannedUntil' => isset($bannedUntil) ? $bannedUntil : null,
'account_players' => isset($account_players) ? $account_players : null,
'search_form' => generate_search_form(),

85
system/pages/creatures.php
View File

@@ -1,86 +1,3 @@
<?php
/**
* Creatures
*
* @package MyAAC
* @author Gesior <jerzyskalski@wp.pl>
* @author Slawkens <slawkens@gmail.com>
* @author Lee
* @copyright 2020 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Models\Monster;
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Creatures';
if (empty($_REQUEST['name'])) {
// display list of monsters
$preview = setting('core.monsters_images_preview');
$creatures = Monster::where('hidden', '!=', 1)->when(!empty($_REQUEST['boss']), function ($query) {
$query->where('rewardboss', 1);
})->get()->toArray();
if ($preview) {
foreach($creatures as $key => &$creature)
{
$creature['img_link'] = getCreatureImgPath($creature['name']);
}
}
$twig->display('creatures.html.twig', array(
'creatures' => $creatures,
'preview' => $preview
));
return;
}
// display monster
$creature_name = urldecode(stripslashes(ucwords(strtolower($_REQUEST['name']))));
$creature = Monster::where('hidden', '!=', 1)->where('name', $creature_name)->first()->toArray();
if (isset($creature['name'])) {
function sort_by_chance($a, $b)
{
if ($a['chance'] == $b['chance']) {
return 0;
}
return ($a['chance'] > $b['chance']) ? -1 : 1;
}
$title = $creature['name'] . " - Creatures";
$creature['img_link']= getCreatureImgPath($creature_name);
$voices = json_decode($creature['voices'], true);
$summons = json_decode($creature['summons'], true);
$elements = json_decode($creature['elements'], true);
$immunities = json_decode($creature['immunities'], true);
$loot = json_decode($creature['loot'], true);
usort($loot, 'sort_by_chance');
foreach ($loot as &$item) {
$item['name'] = getItemNameById($item['id']);
$item['rarity_chance'] = round($item['chance'] / 1000, 2);
$item['rarity'] = getItemRarity($item['chance']);
$item['tooltip'] = ucfirst($item['name']) . '<br/>Chance: ' . $item['rarity'] . (setting('core.monsters_loot_percentage') ? ' ('. $item['rarity_chance'] .'%)' : '') . '<br/>Max count: ' . $item['count'];
}
$creature['loot'] = isset($loot) ? $loot : null;
$creature['voices'] = isset($voices) ? $voices : null;
$creature['summons'] = isset($summons) ? $summons : null;
$creature['elements'] = isset($elements) ? $elements : null;
$creature['immunities'] = isset($immunities) ? $immunities : null;
$twig->display('creature.html.twig', array(
'creature' => $creature,
));
} else {
echo "Creature with name <b>" . $creature_name . "</b> doesn't exist.";
}
// back button
$twig->display('creatures.back_button.html.twig');
require 'monsters.php';

0
system/pages/experience_stages.php → system/pages/exp-stages.php
View File

0
system/pages/experience_table.php → system/pages/exp-table.php
View File

14
system/pages/faq.php
View File

@@ -49,7 +49,7 @@ if($canEdit)
}
}
else if($action == 'hide') {
FAQ::toggleHidden($id, $errors);
FAQ::toggleHide($id, $errors);
}
else if($action == 'moveup') {
FAQ::move($id, -1, $errors);
@@ -72,11 +72,11 @@ if($canEdit)
}
$faqs = ModelsFAQ::select('id', 'question', 'answer')->when(!$canEdit, function ($query) {
$query->where('hidden', '!=', 1);
$query->where('hide', '!=', 1);
})->orderBy('ordering');
if ($canEdit) {
$faqs->addSelect(['hidden', 'ordering']);
$faqs->addSelect(['hide', 'ordering']);
}
$faqs = $faqs->get()->toArray();
@@ -146,14 +146,16 @@ class FAQ
return !count($errors);
}
static public function toggleHidden($id, &$errors)
static public function toggleHide($id, &$errors)
{
if(isset($id))
{
$row = ModelsFAQ::find($id);
if ($row) {
$row->hidden = ($row->hidden == 1 ? 0 : 1);
$row->save();
$row->hide = ($row->hide == 1 ? 0 : 1);
if (!$row->save()) {
$errors[] = 'Fail during toggle hide FAQ.';
}
} else {
$errors[] = 'FAQ with id ' . $id . ' does not exists.';
}

5
system/pages/forum.php
View File

@@ -8,6 +8,9 @@
* @copyright 2021 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Forum;
defined('MYAAC') or exit;
$ret = require __DIR__ . '/forum/base.php';
@@ -50,7 +53,7 @@ foreach($sections as $id => $section)
'link' => getForumBoardLink($id),
'name' => $section['name'],
'description' => $section['description'],
'hidden' => $section['hidden'],
'hide' => $section['hide'],
'posts' => isset($counters[$id]['posts']) ? $counters[$id]['posts'] : 0,
'threads' => isset($counters[$id]['threads']) ? $counters[$id]['threads'] : 0,
'last_post' => array(

176
system/pages/forum/admin.php
View File

@@ -8,92 +8,112 @@
* @copyright 2021 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Forum;
defined('MYAAC') or exit('Direct access not allowed!');
$canEdit = Forum::isModerator();
if($canEdit) {
$groups = new OTS_Groups_List();
if(!$canEdit) {
return;
}
if(!empty($action)) {
if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board')
$id = $_REQUEST['id'];
$groupsList = new OTS_Groups_List();
$groups = [
['id' => 0, 'name' => 'Guest'],
];
if(isset($_REQUEST['access'])) {
$access = $_REQUEST['access'];
}
foreach ($groupsList as $group) {
$groups[] = [
'id' => $group->getId(),
'name' => $group->getName()
];
}
if(isset($_REQUEST['guild'])) {
$guild = $_REQUEST['guild'];
}
if(!empty($action)) {
if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board')
$id = $_REQUEST['id'];
if(isset($_REQUEST['name'])) {
$name = $_REQUEST['name'];
}
if(isset($_REQUEST['description'])) {
$description = stripslashes($_REQUEST['description']);
}
$errors = [];
if($action == 'add_board') {
if(Forum::add_board($name, $description, $access, $guild, $errors)) {
$action = $name = $description = '';
}
}
else if($action == 'delete_board') {
Forum::delete_board($id, $errors);
$action = '';
}
else if($action == 'edit_board')
{
if(isset($id) && !isset($name)) {
$board = Forum::get_board($id);
$name = $board['name'];
$access = $board['access'];
$guild = $board['guild'];
$description = $board['description'];
}
else {
Forum::update_board($id, $name, $access, $guild, $description);
$action = $name = $description = '';
$access = $guild = 0;
}
}
else if($action == 'hide_board') {
Forum::toggleHidden_board($id, $errors);
$action = '';
}
else if($action == 'moveup_board') {
Forum::move_board($id, -1, $errors);
$action = '';
}
else if($action == 'movedown_board') {
Forum::move_board($id, 1, $errors);
$action = '';
}
if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
$action = '';
}
if(isset($_REQUEST['access'])) {
$access = $_REQUEST['access'];
}
if(empty($action) || $action == 'edit_board') {
$guilds = $db->query('SELECT `id`, `name` FROM `guilds`')->fetchAll();
$twig->display('forum.add_board.html.twig', array(
'link' => getLink('forum', ($action == 'edit_board' ? 'edit_board' : 'add_board')),
'action' => $action,
'id' => isset($id) ? $id : null,
'name' => isset($name) ? $name : null,
'description' => isset($description) ? $description : null,
'access' => isset($access) ? $access : 0,
'guild' => isset($guild) ? $guild : null,
'groups' => $groups,
'guilds' => $guilds
));
if(isset($_REQUEST['guild'])) {
$guild = $_REQUEST['guild'];
}
if($action == 'edit_board')
$action = '';
if(isset($_REQUEST['name'])) {
$name = $_REQUEST['name'];
}
if(isset($_REQUEST['description'])) {
$description = stripslashes($_REQUEST['description']);
}
$errors = [];
if($action == 'add_board') {
if(Forum::add_board($name, $description, $access, $guild, $errors)) {
$action = $name = $description = '';
header('Location: ' . getLink('forum'));
}
}
else if($action == 'delete_board') {
Forum::delete_board($id, $errors);
header('Location: ' . getLink('forum'));
$action = '';
}
else if($action == 'edit_board')
{
if(isset($id) && !isset($name)) {
$board = Forum::get_board($id);
$name = $board['name'];
$access = $board['access'];
$guild = $board['guild'];
$description = $board['description'];
}
else {
Forum::update_board($id, $name, $access, $guild, $description);
header('Location: ' . getLink('forum'));
$action = $name = $description = '';
$access = $guild = 0;
}
}
else if($action == 'hide_board') {
Forum::toggleHide_board($id, $errors);
header('Location: ' . getLink('forum'));
$action = '';
}
else if($action == 'moveup_board') {
Forum::move_board($id, -1, $errors);
header('Location: ' . getLink('forum'));
$action = '';
}
else if($action == 'movedown_board') {
Forum::move_board($id, 1, $errors);
header('Location: ' . getLink('forum'));
$action = '';
}
if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
$action = '';
}
}
if(empty($action) || $action == 'edit_board') {
$guilds = $db->query('SELECT `id`, `name` FROM `guilds`')->fetchAll();
$twig->display('forum.add_board.html.twig', array(
'link' => getLink('forum', ($action == 'edit_board' ? 'edit_board' : 'add_board')),
'action' => $action,
'id' => $id ?? null,
'name' => $name ?? null,
'description' => $description ?? null,
'access' => $access ?? 0,
'guild' => $guild ?? null,
'groups' => $groups,
'guilds' => $guilds
));
if($action == 'edit_board')
$action = '';
}

14
system/pages/forum/base.php
View File

@@ -8,10 +8,13 @@
* @copyright 2021 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Forum;
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Forum';
require_once LIBS . 'forum.php';
class_exists('MyAAC\Forum');
$forumSetting = setting('core.forum');
if(strtolower($forumSetting) != 'site') {
@@ -24,10 +27,7 @@ if(strtolower($forumSetting) != 'site') {
return false;
}
if(!$logged) {
echo 'You are not logged in. <a href="?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum') . '">Log in</a> to post on the forum.<br /><br />';
return false;
}
$canEdit = Forum::isModerator();
$sections = array();
foreach(getForumBoards() as $section) {
@@ -41,10 +41,10 @@ foreach(getForumBoards() as $section) {
);
if($canEdit) {
$sections[$section['id']]['hidden'] = $section['hidden'];
$sections[$section['id']]['hide'] = $section['hide'];
}
else {
$sections[$section['id']]['hidden'] = 0;
$sections[$section['id']]['hide'] = 0;
}
}

12
system/pages/forum/edit_post.php
View File

@@ -8,6 +8,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Forum;
defined('MYAAC') or die('Direct access not allowed!');
$ret = require __DIR__ . '/base.php';
@@ -15,6 +18,11 @@ if ($ret === false) {
return;
}
if(!$logged) {
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
return;
}
if(Forum::canPost($account_logged))
{
$post_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : false;
@@ -40,6 +48,10 @@ if(Forum::canPost($account_logged))
$smile = isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0;
$html = isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0;
if (!superAdmin()) {
$html = 0;
}
$length = strlen($post_topic);
if(($length < 1 || $length > 60) && $thread['id'] == $thread['first_post']) {
$errors[] = "Too short or too long topic (Length: $length letters). Minimum 1 letter, maximum 60 letters.";

8
system/pages/forum/move_thread.php
View File

@@ -8,6 +8,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Forum;
defined('MYAAC') or die('Direct access not allowed!');
$ret = require __DIR__ . '/base.php';
@@ -15,6 +18,11 @@ if ($ret === false) {
return;
}
if(!$logged) {
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
return;
}
if(!Forum::isModerator()) {
echo 'You are not logged in or you are not moderator.';
}

11
system/pages/forum/new_post.php
View File

@@ -8,6 +8,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Forum;
defined('MYAAC') or die('Direct access not allowed!');
$ret = require __DIR__ . '/base.php';
@@ -18,10 +21,10 @@ if ($ret === false) {
if(!$logged) {
$extra_url = '';
if(isset($_GET['thread_id'])) {
$extra_url = '&action=new_post&thread_id=' . $_GET['thread_id'];
$extra_url = '?action=new_post&thread_id=' . $_GET['thread_id'];
}
header('Location: ' . BASE_URL . '?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum' . $extra_url));
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
return;
}
@@ -47,6 +50,10 @@ if(Forum::canPost($account_logged)) {
$html = (int)($_REQUEST['html'] ?? 0);
$saved = false;
if (!superAdmin()) {
$html = 0;
}
if(isset($_REQUEST['quote'])) {
$quoted_post = $db->query("SELECT `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`id` = ".(int) $quote)->fetchAll();
if(isset($quoted_post[0]['name'])) {

18
system/pages/forum/new_thread.php
View File

@@ -8,6 +8,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Forum;
defined('MYAAC') or die('Direct access not allowed!');
$ret = require __DIR__ . '/base.php';
@@ -15,6 +18,16 @@ if ($ret === false) {
return;
}
if(!$logged) {
$extra_url = '';
if(isset($_GET['section_id'])) {
$extra_url = '?action=new_thread&section_id=' . $_GET['section_id'];
}
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
return;
}
if(Forum::canPost($account_logged)) {
$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
$section_id = $_REQUEST['section_id'] ?? null;
@@ -31,6 +44,11 @@ if(Forum::canPost($account_logged)) {
$post_topic = isset($_REQUEST['topic']) ? stripslashes($_REQUEST['topic']) : '';
$smile = (isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0);
$html = (isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0);
if (!superAdmin()) {
$html = 0;
}
$saved = false;
if (isset($_REQUEST['save'])) {
$length = strlen($post_topic);

8
system/pages/forum/remove_post.php
View File

@@ -8,6 +8,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Forum;
defined('MYAAC') or die('Direct access not allowed!');
$ret = require __DIR__ . '/base.php';
@@ -15,6 +18,11 @@ if ($ret === false) {
return;
}
if(!$logged) {
echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
return;
}
if(Forum::isModerator()) {
$id = (int) $_REQUEST['id'];
$post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$id." LIMIT 1")->fetch();

11
system/pages/forum/show_board.php
View File

@@ -8,6 +8,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Forum;
defined('MYAAC') or die('Direct access not allowed!');
$ret = require __DIR__ . '/base.php';
@@ -43,7 +46,7 @@ echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.$sections[$section_i
if(!$sections[$section_id]['closed'] || Forum::isModerator()) {
echo '<br /><br />
<a href="?subtopic=forum&action=new_thread&section_id='.$section_id.'"><img src="images/forum/topic.gif" border="0" /></a>';
<a href="' . getLink('forum') . '?action=new_thread&section_id='.$section_id.'"><img src="images/forum/topic.gif" border="0" /></a>';
}
echo '<br /><br />Page: '.$links_to_pages.'<br />';
@@ -64,8 +67,8 @@ if(isset($last_threads[0])) {
foreach($last_threads as $thread) {
echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td>';
if(Forum::isModerator()) {
echo '<a href="?subtopic=forum&action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
echo '<a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.$thread['post_topic'].' <?\')"><span style="color: red">[REMOVE]</span></a> ';
echo '<a href="' . getLink('forum') . '?action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
echo '<a href="' . getLink('forum') . '?action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.$thread['post_topic'].' <?\')"><span style="color: red">[REMOVE]</span></a> ';
}
$player->load($thread['player_id']);
@@ -92,7 +95,7 @@ if(isset($last_threads[0])) {
echo '</table>';
if(!$sections[$section_id]['closed'] || Forum::isModerator()) {
echo '<br /><a href="?subtopic=forum&action=new_thread&section_id=' . $section_id . '"><img src="images/forum/topic.gif" border="0" /></a>';
echo '<br /><a href="' . getLink('forum') . '?action=new_thread&section_id=' . $section_id . '"><img src="images/forum/topic.gif" border="0" /></a>';
}
}
else {

3
system/pages/forum/show_thread.php
View File

@@ -8,6 +8,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Forum;
defined('MYAAC') or die('Direct access not allowed!');
$ret = require __DIR__ . '/base.php';

13
system/pages/gallery.php
View File

@@ -8,6 +8,7 @@
* @link https://my-aac.org
*/
use MyAAC\Cache\Cache;
use MyAAC\Models\Gallery as ModelsGallery;
defined('MYAAC') or die('Direct access not allowed!');
@@ -47,7 +48,7 @@ if($canEdit) {
$action = $comment = $image = $author = '';
}
} else if ($action == 'hide') {
Gallery::toggleHidden($id, $errors);
Gallery::toggleHide($id, $errors);
} else if ($action == 'moveup') {
Gallery::move($id, -1, $errors);
} else if ($action == 'movedown') {
@@ -106,9 +107,9 @@ if(isset($_GET['image']))
$images = Cache::remember('gallery_' . ($canEdit ? '1' : '0'), 60, function () use ($db, $canEdit) {
return $db->query('SELECT `id`, `comment`, `image`, `author`, `thumb`' .
($canEdit ? ', `hidden`, `ordering`' : '') .
($canEdit ? ', `hide`, `ordering`' : '') .
' FROM `' . TABLE_PREFIX . 'gallery`' .
(!$canEdit ? ' WHERE `hidden` != 1' : '') .
(!$canEdit ? ' WHERE `hide` != 1' : '') .
' ORDER BY `ordering`;')->fetchAll(PDO::FETCH_ASSOC);
});
@@ -203,15 +204,15 @@ class Gallery
return !count($errors);
}
static public function toggleHidden($id, &$errors)
static public function toggleHide($id, &$errors)
{
if(isset($id))
{
$row = ModelsGallery::find($id);
if($row) {
$row->hidden = $row->hidden == 1 ? 0 : 1;
$row->hide = $row->hide == 1 ? 0 : 1;
if (!$row->save()) {
$errors[] = 'Fail during toggle hidden Gallery';
$errors[] = 'Fail during toggle hide Gallery';
}
} else
$errors[] = 'Image with id ' . $id . ' does not exists.';

12
system/pages/guilds/add_rank.php
View File

@@ -49,7 +49,7 @@ if(empty($errors)) {
$new_rank->setLevel(1);
$new_rank->setName($rank_name);
$new_rank->save();
header("Location: ?subtopic=guilds&guild=".$guild->getName()."&action=manager");
header("Location: " . getLink('guilds') . "?guild=".$guild->getName()."&action=manager");
echo 'New rank added. Redirecting...';
}
else {
@@ -61,19 +61,15 @@ if(empty($errors)) {
$twig->display('guilds.back_button.html.twig', array(
'new_line' => true,
'action' => '?subtopic=guilds&guild='.$guild_name.'&action=show'
'action' => getLink('guilds') . '?guild='.$guild_name.'&action=show'
));
}
}
else
{
if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
$twig->display('error_box.html.twig', array('errors' => $errors));
$twig->display('guilds.back_button.html.twig', array(
$twig->display('guilds.back_button.html.twig', array(
'new_line' => true
));
}
}
?>

2
system/pages/guilds/change_description.php
View File

@@ -69,6 +69,6 @@ if(!empty($errors)) {
$twig->display('guilds.back_button.html.twig', array(
'new_line' => true,
'action' => '?subtopic=guilds'
'action' => getLink('guilds')
));
}

2
system/pages/guilds/change_logo.php
View File

@@ -121,7 +121,7 @@ if(!empty($errors)) {
$twig->display('guilds.back_button.html.twig', array(
'new_line' => true,
'action' => '?subtopic=guilds'
'action' => getLink('guilds')
));
}
?>

2
system/pages/guilds/change_motd.php
View File

@@ -72,6 +72,6 @@ if(!empty($errors)) {
$twig->display('guilds.back_button.html.twig', array(
'new_line' => true,
'action' => '?subtopic=guilds'
'action' => getLink('guilds')
));
}

4
system/pages/guilds/delete_by_admin.php
View File

@@ -45,7 +45,7 @@ if(empty($errors)) {
$twig->display('success.html.twig', array(
'title' => 'Delete Guild',
'description' => 'Are you sure you want delete guild <b>' . $guild_name . '</b>?<br/>
<form action="?subtopic=guilds&guild=' . $guild->getName() . '&action=delete_by_admin" METHOD="post"><input type="hidden" name="todo" value="save"><input type="submit" value="Yes, delete"></form>',
<form action="' . getLink('guilds') . '?guild=' . $guild->getName() . '&action=delete_by_admin" METHOD="post"><input type="hidden" name="todo" value="save"><input type="submit" value="Yes, delete"></form>',
'custom_buttons' => $twig->render('guilds.back_button.html.twig')
));
}
@@ -63,6 +63,6 @@ if(!empty($errors)) {
$twig->display('guilds.back_button.html.twig', array(
'new_line' => true,
'action' => '?subtopic=guilds'
'action' => getLink('guilds')
));
}

4
system/pages/guilds/delete_invite.php
View File

@@ -96,7 +96,7 @@ if(!empty($errors))
{
$twig->display('error_box.html.twig', array('errors' => $errors));
$twig->display('guilds.back_button.html.twig', array('action' => '?subtopic=guilds&action=show&guild=' . $guild_name));
$twig->display('guilds.back_button.html.twig', array('action' => getLink('guilds') . '?action=show&guild=' . $guild_name));
}
else
{
@@ -106,7 +106,7 @@ else
$twig->display('success.html.twig', array(
'title' => 'Deleted player invitation',
'description' => 'Player with name <b>' . $player->getName() . '</b> has been deleted from invites list.',
'custom_buttons' => $twig->render('guilds.back_button.html.twig', array('action' => '?subtopic=guilds&action=show&guild=' . $guild_name))
'custom_buttons' => $twig->render('guilds.back_button.html.twig', array('action' => getLink('guilds') . '?action=show&guild=' . $guild_name))
));
}
else {

4
system/pages/guilds/delete_rank.php
View File

@@ -104,7 +104,7 @@ if(empty($guild_errors)) {
$twig->display('guilds.back_button.html.twig', array(
'new_line' => true,
'action' => '?subtopic=guilds&guild='.$guild->getName().'&action=manager'
'action' => getLink('guilds') . '?guild='.$guild->getName().'&action=manager'
));
}
else
@@ -122,6 +122,6 @@ if(!empty($guild_errors)) {
$twig->display('guilds.back_button.html.twig', array(
'new_line' => true,
'action' => '?subtopic=guilds'
'action' => getLink('guilds')
));
}

4
system/pages/guilds/pass_leadership.php
View File

@@ -109,7 +109,7 @@ if(empty($guild_errors) && empty($guild_errors2)) {
if(empty($guild_errors) && !empty($guild_errors2)) {
$twig->display('error_box.html.twig', array('errors' => $guild_errors2));
echo '<br/><div style="text-align:center"><form action="?subtopic=guilds&guild='.$guild->getName().'&action=pass_leadership" method="post">' . $twig->render('buttons.back.html.twig') . '</form></div>';
echo '<br/><div style="text-align:center"><form action="' . getLink('guilds') . '?guild='.$guild->getName().'&action=pass_leadership" method="post">' . $twig->render('buttons.back.html.twig') . '</form></div>';
}
if(!empty($guild_errors)) {
if(!empty($guild_errors2)) {
@@ -117,5 +117,5 @@ if(!empty($guild_errors)) {
}
$twig->display('error_box.html.twig', array('errors' => $guild_errors));
echo '<br/><div style="text-align:center"><form action="?subtopic=guilds" method="post">' . $twig->render('buttons.back.html.twig') . '</form></div>';
echo '<br/><div style="text-align:center"><form action="' . getLink('guilds') . '" method="post">' . $twig->render('buttons.back.html.twig') . '</form></div>';
}

2
system/pages/guilds/save_ranks.php
View File

@@ -63,7 +63,7 @@ if(empty($errors)) {
}
//show errors or redirect
if(empty($errors)) {
header("Location: ?subtopic=guilds&action=manager&guild=".$guild->getName());
header("Location: " . getLink('guilds') . "?action=manager&guild=".$guild->getName());
}
}
else

25
system/pages/highscores.php
View File

@@ -9,6 +9,7 @@
* @link https://my-aac.org
*/
use MyAAC\Cache\Cache;
use MyAAC\Models\Player;
use MyAAC\Models\PlayerDeath;
use MyAAC\Models\PlayerKillers;
@@ -52,9 +53,6 @@ if($settingHighscoresVocationBox && $vocation !== 'all')
}
}
const SKILL_FRAGS = -1;
const SKILL_BALANCE = -2;
$skill = POT::SKILL__LEVEL;
if(is_numeric($list))
{
@@ -135,6 +133,7 @@ if($settingHighscoresOutfit) {
$configHighscoresPerPage = setting('core.highscores_per_page');
$limit = $configHighscoresPerPage + 1;
$highscores = [];
$needReCache = true;
$cacheKey = 'highscores_' . $skill . '_' . $vocation . '_' . $page . '_' . $configHighscoresPerPage;
@@ -158,7 +157,7 @@ $query->join('accounts', 'accounts.id', '=', 'players.account_id')
->selectRaw('accounts.country, players.id, players.name, players.account_id, players.level, players.vocation' . $outfit . $promotion)
->orderByDesc('value');
if (!isset($highscores) || empty($highscores)) {
if (empty($highscores)) {
if ($skill >= POT::SKILL_FIRST && $skill <= POT::SKILL_LAST) { // skills
if ($db->hasColumn('players', 'skill_fist')) {// tfs 1.0
$skill_ids = array(
@@ -201,17 +200,17 @@ if (!isset($highscores) || empty($highscores)) {
$list = 'experience';
}
}
$highscores = $query->get()->map(function($row) {
$tmp = $row->toArray();
$tmp['online'] = $row->online_status;
$tmp['vocation'] = $row->vocation_name;
unset($tmp['online_table']);
return $tmp;
})->toArray();
}
$highscores = $query->get()->map(function($row) {
$tmp = $row->toArray();
$tmp['online'] = $row->online_status;
$tmp['vocation'] = $row->vocation_name;
unset($tmp['online_table']);
return $tmp;
})->toArray();
if ($cache->enabled() && $needReCache) {
$cache->set($cacheKey, serialize($highscores), setting('core.highscores_cache_ttl') * 60);
}

2
system/pages/houses.php
View File

@@ -101,7 +101,7 @@ if(isset($_GET['page']) && $_GET['page'] == 'view' && isset($_REQUEST['house']))
'houseSize' => isset($house['size']) ? $house['size'] : null,
'houseRent' => isset($house['rent']) ? $house['rent'] : null,
'owner' => isset($owner) ? $owner : null,
'rentType' => isset($rentType) ? $rentType : null
'rentType' => $rentType
));
if (count($errors) > 0) {

0
system/pages/lastkills.php → system/pages/last-kills.php
View File

86
system/pages/monsters.php Normal file
View File

@@ -0,0 +1,86 @@
<?php
/**
* Monsters
*
* @package MyAAC
* @author Gesior <jerzyskalski@wp.pl>
* @author Slawkens <slawkens@gmail.com>
* @author Lee
* @copyright 2020 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Models\Monster;
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Monsters';
if (empty($_REQUEST['name'])) {
// display list of monsters
$preview = setting('core.monsters_images_preview');
$monsters = Monster::where('hide', '!=', 1)->when(!empty($_REQUEST['boss']), function ($query) {
$query->where('rewardboss', 1);
})->get()->toArray();
if ($preview) {
foreach($monsters as $key => &$monster)
{
$monster['img_link'] = getMonsterImgPath($monster['name']);
}
}
$twig->display('monsters.html.twig', array(
'monsters' => $monsters,
'preview' => $preview
));
return;
}
// display monster
$monster_name = urldecode(stripslashes(ucwords(strtolower($_REQUEST['name']))));
$monster = Monster::where('hide', '!=', 1)->where('name', $monster_name)->first()->toArray();
if (isset($monster['name'])) {
function sort_by_chance($a, $b)
{
if ($a['chance'] == $b['chance']) {
return 0;
}
return ($a['chance'] > $b['chance']) ? -1 : 1;
}
$title = $monster['name'] . " - Monsters";
$monster['img_link']= getMonsterImgPath($monster_name);
$voices = json_decode($monster['voices'], true);
$summons = json_decode($monster['summons'], true);
$elements = json_decode($monster['elements'], true);
$immunities = json_decode($monster['immunities'], true);
$loot = json_decode($monster['loot'], true);
usort($loot, 'sort_by_chance');
foreach ($loot as &$item) {
$item['name'] = getItemNameById($item['id']);
$item['rarity_chance'] = round($item['chance'] / 1000, 2);
$item['rarity'] = getItemRarity($item['chance']);
$item['tooltip'] = ucfirst($item['name']) . '<br/>Chance: ' . $item['rarity'] . (setting('core.monsters_loot_percentage') ? ' ('. $item['rarity_chance'] .'%)' : '') . '<br/>Max count: ' . $item['count'];
}
$monster['loot'] = $loot ?? null;
$monster['voices'] = $voices ?? null;
$monster['summons'] = $summons ?? null;
$monster['elements'] = $elements ?? null;
$monster['immunities'] = $immunities ?? null;
$twig->display('monster.html.twig', array(
'monster' => $monster,
));
} else {
echo "Monster with name <b>" . $monster_name . "</b> doesn't exist.";
}
// back button
$twig->display('monsters.back_button.html.twig');

52
system/pages/news.php
View File

@@ -8,17 +8,19 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\Cache\Cache;
use MyAAC\News;
defined('MYAAC') or die('Direct access not allowed!');
require_once LIBS . 'forum.php';
require_once LIBS . 'news.php';
$canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin();
if(isset($_GET['archive']))
{
$title = 'News Archive';
$categories = array();
foreach($db->query('SELECT id, name, icon_id FROM ' . TABLE_PREFIX . 'news_categories WHERE hidden != 1') as $cat)
foreach($db->query('SELECT id, name, icon_id FROM ' . TABLE_PREFIX . 'news_categories WHERE hide != 1') as $cat)
{
$categories[$cat['id']] = array(
'name' => $cat['name'],
@@ -35,7 +37,7 @@ if(isset($_GET['archive']))
if($id < 100000)
$field_name = 'id';
$news = $db->query('SELECT * FROM `'.TABLE_PREFIX . 'news` WHERE `hidden` != 1 AND `' . $field_name . '` = ' . $id . '');
$news = $db->query('SELECT * FROM `'.TABLE_PREFIX . 'news` WHERE `hide` != 1 AND `' . $field_name . '` = ' . $id . '');
if($news->rowCount() == 1)
{
$news = $news->fetch();
@@ -57,9 +59,14 @@ if(isset($_GET['archive']))
}
}
$admin_options = '';
if($canEdit) {
$admin_options = '<br/><br/>' . $twig->render('admin.links.html.twig', ['page' => 'news', 'id' => $news['id'], 'hide' => $news['hide']]);
}
$twig->display('news.html.twig', array(
'title' => stripslashes($news['title']),
'content' => $content_,
'content' => $content_ . $admin_options,
'date' => $news['date'],
'icon' => $categories[$news['category']]['icon_id'],
'author' => setting('core.news_author') ? $author : '',
@@ -77,11 +84,11 @@ if(isset($_GET['archive']))
<?php
$newses = array();
$news_DB = $db->query('SELECT * FROM '.$db->tableName(TABLE_PREFIX . 'news').' WHERE `type` = 1 AND `hidden` != 1 ORDER BY `date` DESC');
$news_DB = $db->query('SELECT * FROM '.$db->tableName(TABLE_PREFIX . 'news').' WHERE `type` = 1 AND `hide` != 1 ORDER BY `date` DESC');
foreach($news_DB as $news)
{
$newses[] = array(
'link' => getLink('news') . '/archive/' . $news['id'],
'link' => getLink('news') . '/' . $news['id'],
'icon_id' => $categories[$news['category']]['icon_id'],
'title' => stripslashes($news['title']),
'date' => $news['date']
@@ -99,7 +106,6 @@ header('X-XSS-Protection: 0');
$title = 'Latest News';
$cache = Cache::getInstance();
$canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin();
$news_cached = false;
if($cache->enabled())
@@ -108,7 +114,7 @@ if($cache->enabled())
if(!$news_cached)
{
$categories = array();
foreach($db->query('SELECT `id`, `name`, `icon_id` FROM `' . TABLE_PREFIX . 'news_categories` WHERE `hidden` != 1') as $cat)
foreach($db->query('SELECT `id`, `name`, `icon_id` FROM `' . TABLE_PREFIX . 'news_categories` WHERE `hide` != 1') as $cat)
{
$categories[$cat['id']] = array(
'name' => $cat['name'],
@@ -116,7 +122,7 @@ if(!$news_cached)
);
}
$tickers_db = $db->query('SELECT * FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . TICKER .($canEdit ? '' : ' AND `hidden` != 1') .' ORDER BY `date` DESC LIMIT ' . setting('core.news_ticker_limit'));
$tickers_db = $db->query('SELECT * FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . TICKER .($canEdit ? '' : ' AND `hide` != 1') .' ORDER BY `date` DESC LIMIT ' . setting('core.news_ticker_limit'));
$tickers_content = '';
if($tickers_db->rowCount() > 0)
{
@@ -124,6 +130,7 @@ if(!$news_cached)
foreach($tickers as &$ticker) {
$ticker['icon'] = $categories[$ticker['category']]['icon_id'];
$ticker['body_short'] = short_text(strip_tags($ticker['body']), 100);
$ticker['hidden'] = $ticker['hide'];
}
$tickers_content = $twig->render('news.tickers.html.twig', array(
@@ -135,7 +142,7 @@ if(!$news_cached)
if($cache->enabled() && !$canEdit)
$cache->set('news_' . $template_name . '_' . TICKER, $tickers_content, 60 * 60);
$featured_article_db =$db->query('SELECT `id`, `title`, `article_text`, `article_image`, `hidden` FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . ARTICLE . ($canEdit ? '' : ' AND `hidden` != 1') .' ORDER BY `date` DESC LIMIT 1');
$featured_article_db =$db->query('SELECT `id`, `title`, `article_text`, `article_image`, `hide` FROM `' . TABLE_PREFIX . 'news` WHERE `type` = ' . ARTICLE . ($canEdit ? '' : ' AND `hide` != 1') .' ORDER BY `date` DESC LIMIT 1');
$article = '';
if($featured_article_db->rowCount() > 0) {
$article = $featured_article_db->fetch();
@@ -148,7 +155,8 @@ if(!$news_cached)
'title' => $article['title'],
'text' => $article['article_text'],
'image' => $article['article_image'],
'hidden' => $article['hidden'],
'hide' => $article['hide'],
'hidden' => $article['hide'],
'read_more'=> getLink('news/archive/') . $article['id']
),
'canEdit' => $canEdit
@@ -167,7 +175,7 @@ else {
if(!$news_cached)
{
ob_start();
$newses = $db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'news') . ' WHERE type = ' . NEWS . ($canEdit ? '' : ' AND hidden != 1') . ' ORDER BY date' . ' DESC LIMIT ' . setting('core.news_limit'));
$newses = $db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'news') . ' WHERE type = ' . NEWS . ($canEdit ? '' : ' AND hide != 1') . ' ORDER BY date' . ' DESC LIMIT ' . setting('core.news_limit'));
if($newses->rowCount() > 0)
{
foreach($newses as $news)
@@ -180,18 +188,8 @@ if(!$news_cached)
}
$admin_options = '';
if($canEdit)
{
$admin_options = '<br/><br/><a target="_blank" rel="noopener noreferrer" href="' . ADMIN_URL . '?p=news&action=edit&id=' . $news['id'] . '" title="Edit">
<img src="images/edit.png"/>Edit
</a>
<a id="delete" target="_blank" rel="noopener noreferrer" href="' . ADMIN_URL . '?p=news&action=delete&id=' . $news['id'] . '" onclick="return confirm(\'Are you sure?\');" title="Delete">
<img src="images/del.png"/>Delete
</a>
<a target="_blank" rel="noopener noreferrer" href="' . ADMIN_URL . '?p=news&action=hide&id=' . $news['id'] . '" title="' . ($news['hidden'] != 1 ? 'Hide' : 'Show') . '">
<img src="images/' . ($news['hidden'] != 1 ? 'success' : 'error') . '.png"/>
' . ($news['hidden'] != 1 ? 'Hide' : 'Show') . '
</a>';
if($canEdit) {
$admin_options = '<br/><br/>' . $twig->render('admin.links.html.twig', ['page' => 'news', 'id' => $news['id'], 'hide' => $news['hide']]);
}
$content_ = $news['body'];
@@ -213,7 +211,7 @@ if(!$news_cached)
'icon' => $categories[$news['category']]['icon_id'],
'author' => setting('core.news_author') ? $author : '',
'comments' => $news['comments'] != 0 ? getForumThreadLink($news['comments']) : null,
'hidden'=> $news['hidden']
'hide'=> $news['hide']
));
}
}

442
system/pages/polls.php
View File

@@ -26,77 +26,77 @@ function getColorByPercent($percent)
}
$number_of_rows = 0;
$showed = false;
$link = "polls"; // your link to polls in index.php
$dark = $config['darkborder'];
$light = $config['lightborder'];
$time = time();
$POLLS = $db->query('SELECT * FROM '.$db->tableName('z_polls').'');
$level = 20; // need level to vote
$link = getLink('polls'); // your link to polls in index.php
$dark = $config['darkborder'];
$light = $config['lightborder'];
$time = time();
$POLLS = $db->query('SELECT * FROM '.$db->tableName('z_polls').'');
$level = 20; // need level to vote
if(empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true")) // list of polls
{
$active = $db->query('SELECT * FROM `z_polls` where `end` > '.$time.''); // active polls
$closed = $db->query('SELECT * FROM `z_polls` where `end` < '.$time.' order by `end` desc'); // closed polls
/* Active Polls */
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Active Polls</B></TD></TR>';
echo '<TR BGCOLOR="' . getStyle($number_of_rows++) . '"><td width=75%><b>Topic</b></td><td><b>End</b></td></tr>';
$bgcolor = getStyle($number_of_rows++);
if(empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true")) // list of polls
{
$active = $db->query('SELECT * FROM `z_polls` where `end` > '.$time.''); // active polls
$closed = $db->query('SELECT * FROM `z_polls` where `end` < '.$time.' order by `end` desc'); // closed polls
/* Active Polls */
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Active Polls</B></TD></TR>';
echo '<TR BGCOLOR="' . getStyle($number_of_rows++) . '"><td width=75%><b>Topic</b></td><td><b>End</b></td></tr>';
$bgcolor = getStyle($number_of_rows++);
$empty_active = false;
foreach($active as $poll)
{
echo '
<tr BGCOLOR="'.$bgcolor.'">
foreach($active as $poll)
{
echo '
<tr BGCOLOR="'.$bgcolor.'">
<td>
<a href="';
if($logged)
echo '?subtopic='.$link.'&id='.$poll['id'];
echo $link.'?id='.$poll['id'];
else
echo '?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic='.$link.'&id='.$poll['id']);
echo getLink('account/manage') . '?redirect=' . BASE_URL . urlencode($link.'?id='.$poll['id']);
echo '">'.$poll['question'] . '</a>
</td>
<td>'.date("M j Y", $poll['end']).'</td>
</tr>';
$empty_active = true;
}
$empty_active = true;
}
if(!$empty_active)
{
echo '<tr BGCOLOR="'.$bgcolor.'"><td colspan=2><div style="text-align:center"><i>There are no active polls.</i></div></td></tr>';
}
if(!$empty_active)
{
echo '<tr BGCOLOR="'.$bgcolor.'"><td colspan=2><div style="text-align:center"><i>There are no active polls.</i></div></td></tr>';
}
echo "</table><br><br>";
/* Closed Polls */
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Closed Polls</B></TD></TR>';
echo '<TR BGCOLOR="' . getStyle($number_of_rows++) . '"><td width=75%><b>Topic</b></td><td><b>End</b></td></tr>';
echo "</table><br><br>";
/* Closed Polls */
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Closed Polls</B></TD></TR>';
echo '<TR BGCOLOR="' . getStyle($number_of_rows++) . '"><td width=75%><b>Topic</b></td><td><b>End</b></td></tr>';
$bgcolor = getStyle($number_of_rows++);
$empty_closed = false;
foreach($closed as $poll)
{
echo '
<tr BGCOLOR="'.$bgcolor.'">
foreach($closed as $poll)
{
echo '
<tr BGCOLOR="'.$bgcolor.'">
<td>
<a href="';
if($logged)
echo '?subtopic='.$link.'&id='.$poll['id'];
echo $link.'?id='.$poll['id'];
else
echo '?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic='.$link.'&id='.$poll['id']);
echo getLink('account/manage') . '?redirect=' . BASE_URL . urlencode($link.'?id='.$poll['id']);
echo '">'.$poll['question'] . '</a>
</td>
<td>'.date("M j Y", $poll['end']).'</td>
</tr>';
$empty_closed = true;
}
$empty_closed = true;
}
if(!$empty_closed)
{
echo '<tr BGCOLOR="'.$bgcolor.'"><td colspan=2><div style="text-align:center"><i>There are no closed polls.</i></div></td></tr>';
}
if(!$empty_closed)
{
echo '<tr BGCOLOR="'.$bgcolor.'"><td colspan=2><div style="text-align:center"><i>There are no closed polls.</i></div></td></tr>';
}
echo "</table>";
$showed=true;
}
echo "</table>";
$showed=true;
}
if(!$logged)
{
@@ -104,43 +104,43 @@ function getColorByPercent($percent)
return;
}
/* Checking Account */
/* Checking Account */
$allow = false;
$account_players = $account_logged->getPlayers();
foreach($account_players as $player)
{
$player = $player->getLevel();
if($player >= $level)
$allow=true;
}
$account_players = $account_logged->getPlayers();
foreach($account_players as $player)
{
$player = $player->getLevel();
if($player >= $level)
$allow=true;
}
if(!empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))
{
foreach($POLLS as $POLL)
{
if($_REQUEST['id'] == $POLL['id'])
{
$ANSWERS = $db->query('SELECT * FROM '.$db->tableName('z_polls_answers').' where `poll_id` = '.addslashes(htmlspecialchars(trim($_REQUEST['id']))).' order by `answer_id`');
$votes_all = $POLL['votes_all'];
if(!empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))
{
foreach($POLLS as $POLL)
{
if($_REQUEST['id'] == $POLL['id'])
{
$ANSWERS = $db->query('SELECT * FROM '.$db->tableName('z_polls_answers').' where `poll_id` = '.addslashes(htmlspecialchars(trim($_REQUEST['id']))).' order by `answer_id`');
$votes_all = $POLL['votes_all'];
if($votes_all == 0)
{
$i=1;
foreach($ANSWERS as $answer)
{
$percent[$i] = 0;
$i++;
}
}
else
{
$i=1;
foreach($ANSWERS as $answer)
{
$percent[$i] = round(((100*$answer['votes'])/$votes_all),2);
$i++;
}
}
if($votes_all == 0)
{
$i=1;
foreach($ANSWERS as $answer)
{
$percent[$i] = 0;
$i++;
}
}
else
{
$i=1;
foreach($ANSWERS as $answer)
{
$percent[$i] = round(((100*$answer['votes'])/$votes_all),2);
$i++;
}
}
?>
<style type="text/css" media="screen">
div.progress-container {
@@ -166,51 +166,51 @@ function getColorByPercent($percent)
</div>';
}
if($POLL['end'] > $time) // active poll
{
if(isset($_REQUEST['vote']) && $_REQUEST['vote'] == true and $allow == true)
{
if($account_logged->getCustomField('vote') < $_REQUEST['id'] and !empty($_POST['answer']))
{
if(isset($_POST['continue']))
{
$vote = addslashes(htmlspecialchars(trim($_REQUEST['id'])));
$account_logged->setCustomField("vote", $vote);
$UPDATE_poll = $db->query('UPDATE `z_polls` SET `votes_all` = `votes_all` + 1 where `id` = '.addslashes(htmlspecialchars(trim($_REQUEST['id']))).'');
$UPDATE_answer = $db->query('UPDATE `z_polls_answers` SET `votes` = `votes` + 1 where `answer_id` = '.addslashes(htmlspecialchars($_POST['answer'])).' and`poll_id` = '.addslashes(htmlspecialchars(trim($_REQUEST['id']))).'');
header('Location: ?subtopic='.$link.'&id='.$_REQUEST['id'].'');
}
}
else
{
header('Location: ?subtopic='.$link.'&id='.$_REQUEST['id'].'');
}
}
if($POLL['end'] > $time) // active poll
{
if(isset($_REQUEST['vote']) && $_REQUEST['vote'] == true and $allow == true)
{
if($account_logged->getCustomField('vote') < $_REQUEST['id'] and !empty($_POST['answer']))
{
if(isset($_POST['continue']))
{
$vote = addslashes(htmlspecialchars(trim($_REQUEST['id'])));
$account_logged->setCustomField("vote", $vote);
$UPDATE_poll = $db->query('UPDATE `z_polls` SET `votes_all` = `votes_all` + 1 where `id` = '.addslashes(htmlspecialchars(trim($_REQUEST['id']))).'');
$UPDATE_answer = $db->query('UPDATE `z_polls_answers` SET `votes` = `votes` + 1 where `answer_id` = '.addslashes(htmlspecialchars($_POST['answer'])).' and`poll_id` = '.addslashes(htmlspecialchars(trim($_REQUEST['id']))).'');
header('Location: ' . $link.'?id='.$_REQUEST['id'].'');
}
}
else
{
header('Location: ' . $link.'?id='.$_REQUEST['id'].'');
}
}
if($account_logged->getCustomField('vote') < $_REQUEST['id'] and $allow == true)
{
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Vote</B></TD></TR>';
echo '<TR BGCOLOR="'.$dark.'"><td COLSPAN=2><b>'.$POLL['question'].'</b><br/>' . $POLL['description'] . '</td></tr>
<form action="?subtopic='.$link.'&id='.$_REQUEST['id'].'&vote=true" method="POST"> ';
$ANSWERS_input = $db->query('SELECT * FROM '.$db->tableName('z_polls_answers').' where `poll_id` = '.$_REQUEST['id'].' order by `answer_id`');
$i=1;
foreach($ANSWERS_input as $answer)
{
if(is_int($i / 2)) {
$bgcolor = $dark;
}
else
{
$bgcolor = $light;
}
echo '<tr BGCOLOR="'.$bgcolor.'"><td><input type=radio name=answer value="'.$i.'">'.$answer['answer'].'</td></tr>';
$i++;
}
echo '</table><input type="submit" name="continue" value="Submit" class="input2" /></form><br><br>';
}
elseif($account_logged->getCustomField('vote') >= $_REQUEST['id'])
{
$result[] = '<br><b>You have already voted.</b><br>';
if($account_logged->getCustomField('vote') < $_REQUEST['id'] and $allow == true)
{
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 class=white><B>Vote</B></TD></TR>';
echo '<TR BGCOLOR="'.$dark.'"><td COLSPAN=2><b>'.$POLL['question'].'</b><br/>' . $POLL['description'] . '</td></tr>
<form action="' . $link . '?id='.$_REQUEST['id'].'&vote=true" method="POST"> ';
$ANSWERS_input = $db->query('SELECT * FROM '.$db->tableName('z_polls_answers').' where `poll_id` = '.$_REQUEST['id'].' order by `answer_id`');
$i=1;
foreach($ANSWERS_input as $answer)
{
if(is_int($i / 2)) {
$bgcolor = $dark;
}
else
{
$bgcolor = $light;
}
echo '<tr BGCOLOR="'.$bgcolor.'"><td><input type=radio name=answer value="'.$i.'">'.$answer['answer'].'</td></tr>';
$i++;
}
echo '</table><input type="submit" name="continue" value="Submit" class="input2" /></form><br><br>';
}
elseif($account_logged->getCustomField('vote') >= $_REQUEST['id'])
{
$result[] = '<br><b>You have already voted.</b><br>';
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=3 class=white><B>Results</B></TD></TR>';
echo '<TR BGCOLOR="'.$dark.'"><td COLSPAN=3><b>'.$POLL['question'].'</b><br/>' . $POLL['description'] . '</td></tr>';
@@ -239,31 +239,31 @@ function getColorByPercent($percent)
}
$result[] = '<br>All players with a character of at least level ' . $level . ' may vote.<br>';
foreach($result as $error)
{
echo $error;
}
foreach($result as $error)
{
echo $error;
}
echo '<br>The poll started at '.date("M j Y", $POLL['start']).'<br>';
echo 'The poll will end at '.date("M j Y", $POLL['end']).'<br>';
echo '<br>Total votes <b>'.$POLL['votes_all'].'</b><br>';
echo '<br>The poll started at '.date("M j Y", $POLL['start']).'<br>';
echo 'The poll will end at '.date("M j Y", $POLL['end']).'<br>';
echo '<br>Total votes <b>'.$POLL['votes_all'].'</b><br>';
}
else // closed poll
{
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=3 class=white><B>Results</B></TD></TR>';
echo '<TR BGCOLOR="'.$dark.'"><td COLSPAN=3><b>'.$POLL['question'].'</b></td></tr>';
$ANSWERS_show = $db->query('SELECT * FROM '.$db->tableName('z_polls_answers').' where `poll_id` = '.$_REQUEST['id'].' order by `answer_id`');
$i=1;
foreach($ANSWERS_show as $answer)
{
if(is_int($i / 2)) {
$bgcolor = $dark;
}
else
{
$bgcolor = $light;
}
}
else // closed poll
{
echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=3 class=white><B>Results</B></TD></TR>';
echo '<TR BGCOLOR="'.$dark.'"><td COLSPAN=3><b>'.$POLL['question'].'</b></td></tr>';
$ANSWERS_show = $db->query('SELECT * FROM '.$db->tableName('z_polls_answers').' where `poll_id` = '.$_REQUEST['id'].' order by `answer_id`');
$i=1;
foreach($ANSWERS_show as $answer)
{
if(is_int($i / 2)) {
$bgcolor = $dark;
}
else
{
$bgcolor = $light;
}
echo '<TR BGCOLOR="'.$bgcolor.'">
<td width=60%>'.$answer['answer'].'</td>
@@ -272,64 +272,64 @@ function getColorByPercent($percent)
</td>
<td>' . $answer['votes'] . '(<span style="color:' . getColorByPercent($percent[$i]) . '"><b>' . $percent[$i] . '%</b></span>)</td>
</tr>';
$i++;
}
echo '</table><br><br>';
$i++;
}
echo '</table><br><br>';
echo '<br>The poll started at '.date("M j Y", $POLL['start']).'<br>';
echo 'The poll ended at '.date("M j Y", $POLL['end']).'<br>';
echo '<br>Total votes <b>'.$POLL['votes_all'].'</b><br>';
echo '<br>The poll started at '.date("M j Y", $POLL['start']).'<br>';
echo 'The poll ended at '.date("M j Y", $POLL['end']).'<br>';
echo '<br>Total votes <b>'.$POLL['votes_all'].'</b><br>';
}
$showed=true;
echo '<div class=\'hr1\'></div><a href="?subtopic='.$link.'"><span style="font-size: 13px"><b>Go to list of polls</b></span></a>';
}
}
}
}
$showed=true;
echo '<div class=\'hr1\'></div><a href="'.$link.'"><span style="font-size: 13px"><b>Go to list of polls</b></span></a>';
}
}
}
if(admin() && (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))
{
echo '<br><a href="?subtopic='.$link.'&control=true"><b>Panel Control</b></a><br><br>';
}
if(admin() && (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true"))
{
echo '<br><a href="'.$link.'?control=true"><b>Panel Control</b></a><br><br>';
}
/* Control Panel - Only Add Poll Function */
/* Control Panel - Only Add Poll Function */
if(admin() && isset($_REQUEST['control']) && $_REQUEST['control'] == "true")
{
if(admin() && isset($_REQUEST['control']) && $_REQUEST['control'] == "true")
{
$show = false;
if(isset($_POST['submit']))
{
setSession('answers', $_POST['answers']);
echo '<form method="post" action=""><b><span style="font-size: 16px">Adding Poll</span></b><br><br>
<input type=text name=question value="" /> Question<br>
<input type=text name=description value="" /> Description<br>
<input type=text name=end value="" /> Time to end, in days<br>';
if(isset($_POST['submit']))
{
setSession('answers', $_POST['answers']);
echo '<form method="post" action=""><b><span style="font-size: 16px">Adding Poll</span></b><br><br>
<input type=text name=question value="" /> Question<br>
<input type=text name=description value="" /> Description<br>
<input type=text name=end value="" /> Time to end, in days<br>';
for( $x = 1; $x <= getSession('answers'); $x++ )
{
echo '<input type=text name='.$x.' value="" /> Answer no. '.$x.'<br>';
}
echo '<input type="submit" name="finish" value="Submit" class="input2"/></form><br><br>';
$show=true;
}
for( $x = 1; $x <= getSession('answers'); $x++ )
{
echo '<input type=text name='.$x.' value="" /> Answer no. '.$x.'<br>';
}
echo '<input type="submit" name="finish" value="Submit" class="input2"/></form><br><br>';
$show=true;
}
if(isset($_POST['finish']))
{
$id = $db->query('SELECT MAX(id) FROM `z_polls`')->fetch();
$id_next = $id[0] + 1;
if(isset($_POST['finish']))
{
$id = $db->query('SELECT MAX(id) FROM `z_polls`')->fetch();
$id_next = $id[0] + 1;
for( $x = 1; $x <= getSession('answers'); $x++ )
{
$db->insert('z_polls_answers', array(
'poll_id' => $id_next,
for( $x = 1; $x <= getSession('answers'); $x++ )
{
$db->insert('z_polls_answers', array(
'poll_id' => $id_next,
'answer_id' => $x,
'answer' => $_POST[$x],
'votes' => 0
));
}
$end = $time+24*60*60*$_POST['end'];
$db->insert('z_polls', array(
'id' => $id_next,
}
$end = $time+24*60*60*$_POST['end'];
$db->insert('z_polls', array(
'id' => $id_next,
'question' => $_POST['question'],
'description' => $_POST['description'],
'end' => $end,
@@ -337,35 +337,35 @@ function getColorByPercent($percent)
'start' => $time,
'votes_all' => 0
));
}
}
$POLLS_check = $db->query('SELECT MAX(end) FROM '.$db->tableName('z_polls').'');
foreach($POLLS_check as $checked)
{
if($checked[0] > $time)
$check=true;
else
$check=false;
}
if(!$show)
{
if(!$check)
{
echo '<form method="post" action=""><b><span style="font-size: 16px">Adding Poll</span></b><br><br>
<input type=text name=answers value="" /> Number of Answers<br>
<input type="submit" name="submit" value="Submit" class="input2"/></form><br><br>';
}
else
{
echo '<b><span style="font-size: 16px"><br>Cannot be two and more active polls.<br><br></span></b>';
}
}
$showed=true;
echo '<br><div class=\'hr1\'></div><a href="?subtopic='.$link.'"><span style="font-size: 13px"><b>Go to list of polls</b></span></a>';
}
$POLLS_check = $db->query('SELECT MAX(end) FROM '.$db->tableName('z_polls').'');
foreach($POLLS_check as $checked)
{
if($checked[0] > $time)
$check=true;
else
$check=false;
}
if(!$show)
{
if(!$check)
{
echo '<form method="post" action=""><b><span style="font-size: 16px">Adding Poll</span></b><br><br>
<input type=text name=answers value="" /> Number of Answers<br>
<input type="submit" name="submit" value="Submit" class="input2"/></form><br><br>';
}
else
{
echo '<b><span style="font-size: 16px"><br>Cannot be two and more active polls.<br><br></span></b>';
}
}
$showed=true;
echo '<br><div class=\'hr1\'></div><a href="'.$link.'"><span style="font-size: 13px"><b>Go to list of polls</b></span></a>';
}
if(!$showed)
{
echo 'This poll doesn\'t exist.<br>';
echo '<div class=\'hr1\'></div><a href="?subtopic='.$link.'"><span style="font-size: 13px"><b>Go to list of polls</b></span></a>';
}
if(!$showed)
{
echo 'This poll doesn\'t exist.<br>';
echo '<div class=\'hr1\'></div><a href="'.$link.'"><span style="font-size: 13px"><b>Go to list of polls</b></span></a>';
}

0
system/pages/server_info.php → system/pages/server-info.php
View File

2
system/pages/spells.php
View File

@@ -37,7 +37,7 @@ else {
$order = 'name';
$spells = array();
$spells_db = Spell::where('hidden', '!=', 1)->where('type', '<', 4)->orderBy($order)->get();
$spells_db = Spell::where('hide', '!=', 1)->where('type', '<', 4)->orderBy($order)->get();
if((string)$vocation_id != 'all') {
foreach($spells_db as $spell) {

22
system/router.php
View File

@@ -9,6 +9,7 @@
*/
use MyAAC\Models\Pages;
use MyAAC\Plugins;
defined('MYAAC') or die('Direct access not allowed!');
@@ -79,7 +80,7 @@ $ignore = false;
/** @var boolean $logged */
/** @var OTS_Account $account_logged */
$logged_access = 1;
$logged_access = 0;
if($logged && $account_logged && $account_logged->isLoaded()) {
$logged_access = $account_logged->getAccess();
}
@@ -211,7 +212,7 @@ else {
$_GET = array_merge($_GET, $vars);
extract($vars);
if (strpos($path, '__database__/') !== false) {
if (str_contains($path, '__database__/')) {
$pageName = str_replace('__database__/', '', $path);
$success = false;
@@ -220,15 +221,14 @@ else {
$content .= $tmp_content;
if (hasFlag(FLAG_CONTENT_PAGES) || superAdmin()) {
$pageInfo = getCustomPageInfo($pageName);
$content = $twig->render('admin.pages.links.html.twig', array(
'page' => array('id' => $pageInfo !== null ? $pageInfo['id'] : 0, 'hidden' => $pageInfo !== null ? $pageInfo['hidden'] : '0')
)) . $content;
$content = $twig->render('admin.links.html.twig', ['page' => 'pages', 'id' => $pageInfo !== null ? $pageInfo['id'] : 0, 'hide' => $pageInfo !== null ? $pageInfo['hide'] : '0']
) . $content;
}
$page = $pageName;
$file = false;
}
} else if (strpos($path, '__redirect__/') !== false) {
} else if (str_contains($path, '__redirect__/')) {
$path = str_replace('__redirect__/', '', $path);
header('Location: ' . BASE_URL . $path);
exit;
@@ -243,11 +243,15 @@ else {
if (false !== $pos = strpos($uri, '?')) {
$uri = substr($uri, 0, $pos);
}
if (0 === strpos($uri, '/')) {
if (str_starts_with($uri, '/')) {
$uri = str_replace_first('/', '', $uri);
}
$page = $uri;
if (empty($page)) {
$page = 'news';
}
$file = BASE . $path;
}
@@ -279,7 +283,8 @@ ob_end_clean();
$hooks->trigger(HOOK_AFTER_PAGE);
if(!isset($title)) {
$title = ucfirst($page);
$title = str_replace('index.php/', '', $page);
$title = ucfirst($title);
}
if(setting('core.backward_support')) {
@@ -296,6 +301,7 @@ function getDatabasePages($withHidden = false): array
$q->isPublic();
})->get('name');
$ret = [];
foreach($pages as $page) {
$ret[] = $page->name;
}

3
system/routes.php
View File

@@ -12,6 +12,7 @@ defined('MYAAC') or die('Direct access not allowed!');
return [
['GET', '', 'news.php'], // empty URL = show news
['GET', 'news/archive/{id:int}[/]', 'news/archive.php'],
['GET', 'news/{id:int}[/]', 'news/archive.php'],
// block access to some files
['*', 'account/base[/]', '404.php'], // this is to block account/base.php
@@ -32,7 +33,7 @@ return [
['GET', 'bans/{page:int}[/]', 'bans.php'],
[['GET', 'POST'], 'characters[/{name:string}]', 'characters.php'],
['GET', 'changelog[/{page:int}]', 'changelog.php'],
[['GET', 'POST'], 'creatures[/{name:string}]', 'creatures.php'],
[['GET', 'POST'], 'monsters[/{name:string}]', 'monsters.php'],
[['GET', 'POST'], 'faq[/{action:string}]', 'faq.php'],

82
system/settings.php
View File

@@ -10,6 +10,9 @@
* Additional options
* - for number: min, max, step
*/
use MyAAC\Settings;
return [
'name' => 'MyAAC',
'settings' =>
@@ -45,7 +48,7 @@ return [
'name' => 'Date Timezone',
'type' => 'options',
'options' => '$timezones',
'desc' => 'Timezone of the server, more info at http://php.net/manual/en/timezones.php',
'desc' => 'Timezone of the server, more info at https://php.net/manual/en/timezones.php',
'default' => 'Europe/Warsaw',
],
'friendly_urls' => [
@@ -65,6 +68,12 @@ return [
'default' => false,
'is_config' => true,
],
'csrf_protection' => [
'name' => 'CSRF protection',
'type' => 'boolean',
'desc' => 'Its recommended to keep it enabled. Disable only if you know what you are doing.',
'default' => true,
],
'google_analytics_id' => [
'name' => 'Google Analytics ID',
'type' => 'text',
@@ -180,7 +189,7 @@ return [
'cache_engine' => [
'name' => 'Cache Engine',
'type' => 'options',
'options' => ['auto' => 'Auto', 'file' => 'Files', 'apc' => 'APC', 'apcu' => 'APCu', 'eaccelerator' => 'eAccelerator', 'disable' => 'Disable'],
'options' => ['auto' => 'Auto', 'file' => 'Files', 'apc' => 'APC', 'apcu' => 'APCu', 'disable' => 'Disable'],
'desc' => 'Auto is most reasonable. It will detect the best cache engine',
'default' => 'auto',
'is_config' => true,
@@ -283,7 +292,7 @@ return [
'vocations' => [
'name' => 'Vocation Names',
'type' => 'textarea',
'desc' => 'Separated by comma ,',
'desc' => 'Separated by comma. Must be in the same order as in vocations.xml, starting with id: 0.',
'default' => 'None, Sorcerer, Druid, Paladin, Knight, Master Sorcerer, Elder Druid,Royal Paladin, Elite Knight',
'callbacks' => [
'get' => function ($value) {
@@ -611,7 +620,7 @@ Sent by MyAAC,<br/>
'name' => 'Account Login By E-Mail',
'type' => 'boolean',
'desc' => "use email instead of Account Name like in latest Tibia",
'default' => true,
'default' => false,
],
'account_login_by_email_fallback' => [
'name' => 'Account Login By E-Mail Fallback',
@@ -715,7 +724,7 @@ Sent by MyAAC,<br/>
'name' => 'Towns List',
'type' => 'text',
'desc' => "Towns List used when creating character separated by comma (,). Won't be displayed if there is only one item (rookgaard for example)",
'default' => '1,2',
'default' => '1',
'callbacks' => [
'get' => function ($value) {
return array_map('trim', explode(',', $value));
@@ -933,7 +942,7 @@ Sent by MyAAC,<br/>
'news_date_format' => [
'name' => 'News Date Format',
'type' => 'text',
'desc' => 'Check php manual date() function for more info about this',
'desc' => 'Check php manual date() - https://www.php.net/manual/de/datetime.format.php function for more info about this',
'default' => 'j.n.Y',
],
[
@@ -1254,6 +1263,28 @@ Sent by MyAAC,<br/>
'desc' => '',
'default' => true,
],
[
'type' => 'section',
'title' => 'Monsters Page'
],
'monsters_images_preview' => [
'name' => 'Monsters Images Preview',
'type' => 'boolean',
'desc' => 'Set to yes to allow picture previews for creatures',
'default' => false,
],
'monsters_items_url' => [
'name' => 'Monsters Items URL',
'type' => 'text',
'desc' => 'Set to website which shows details about items',
'default' => 'https://tibia.fandom.com/wiki/',
],
'monsters_loot_percentage' => [
'name' => 'Monsters Loot Percentage',
'type' => 'boolean',
'desc' => 'Set to yes to show the loot tooltip percent',
'default' => true,
],
[
'type' => 'section',
'title' => 'Bans Page'
@@ -1388,24 +1419,6 @@ Sent by MyAAC,<br/>
'desc' => '',
'default' => '.gif',
],
'monsters_images_preview' => [
'name' => 'Monsters Images Preview',
'type' => 'boolean',
'desc' => 'Set to yes to allow picture previews for creatures',
'default' => false,
],
'monsters_items_url' => [
'name' => 'Monsters Items URL',
'type' => 'text',
'desc' => 'Set to website which shows details about items',
'default' => 'https://tibia.fandom.com/wiki/',
],
'monsters_loot_percentage' => [
'name' => 'Monsters Items URL',
'type' => 'boolean',
'desc' => 'Set to yes to show the loot tooltip percent',
'default' => true,
],
// this is hidden, because no implemented yet
'multiworld' => [
'hidden' => true,
@@ -1452,7 +1465,7 @@ Sent by MyAAC,<br/>
'max' => 10, // more than 10 seconds waiting makes no sense
'step' => 0.1,
'desc' => 'How long to wait for the initial response from the server',
'default' => 2.0,
'default' => 1.0,
'show_if' => [
'status_enabled', '=', 'true',
]
@@ -1582,7 +1595,13 @@ Sent by MyAAC,<br/>
'beforeSave' => function(&$settings, &$values) {
global $config;
$configToSave = [];
$configOriginal = $config;
unset($config);
$config = [];
require BASE . 'config.local.php';
$configToSave = $config;
$server_path = '';
$database = [];
@@ -1619,7 +1638,7 @@ Sent by MyAAC,<br/>
// if fail - revert the setting and inform the user
if (!file_exists($server_path . 'config.lua')) {
error('Server Path is invalid - cannot find config.lua in the directory. Setting have been reverted.');
$configToSave['server_path'] = $config['server_path'];
$configToSave['server_path'] = $configOriginal['server_path'];
}
// test database connection
@@ -1627,12 +1646,17 @@ Sent by MyAAC,<br/>
if ($database['database_overwrite'] && !Settings::testDatabaseConnection($database)) {
foreach ($database as $key => $value) {
if (!in_array($key, ['database_log', 'database_persistent'])) { // ignore these two
$configToSave[$key] = $config[$key];
$configToSave[$key] = $configOriginal[$key];
}
}
}
return Settings::saveConfig($configToSave, BASE . 'config.local.php');
$success = Settings::saveConfig($configToSave, BASE . 'config.local.php');
if (!$success) {
error('There has been error saving the config.local.php - probably problem with permissions.');
}
return $success;
},
],
];

142
system/src/Admin/Pages.php Normal file
View File

@@ -0,0 +1,142 @@
<?php
namespace MyAAC\Admin;
use MyAAC\Models\Pages as ModelsPages;
class Pages
{
static public function verify($name, $title, $body, $player_id, $php, $enable_tinymce, $access, &$errors)
{
if(!isset($title[0]) || !isset($body[0])) {
$errors[] = 'Please fill all inputs.';
return false;
}
if(strlen($name) > PAGE_NAME_LIMIT) {
$errors[] = 'Page name cannot be longer than ' . PAGE_NAME_LIMIT . ' characters.';
return false;
}
if(strlen($title) > PAGE_TITLE_LIMIT) {
$errors[] = 'Page title cannot be longer than ' . PAGE_TITLE_LIMIT . ' characters.';
return false;
}
if(strlen($body) > PAGE_BODY_LIMIT) {
$errors[] = 'Page content cannot be longer than ' . PAGE_BODY_LIMIT . ' characters.';
return false;
}
if(!isset($player_id) || $player_id == 0) {
$errors[] = 'Player ID is wrong.';
return false;
}
if(!isset($php) || ($php != 0 && $php != 1)) {
$errors[] = 'Enable PHP is wrong.';
return false;
}
if ($php == 1 && !getBoolean(setting('core.admin_pages_php_enable'))) {
$errors[] = 'PHP pages disabled on this server. To enable go to Settings in Admin Panel and enable <strong>Enable PHP Pages</strong>.';
return false;
}
if(!isset($enable_tinymce) || ($enable_tinymce != 0 && $enable_tinymce != 1)) {
$errors[] = 'Enable TinyMCE is wrong.';
return false;
}
if(!isset($access) || $access < 0 || $access > PHP_INT_MAX) {
$errors[] = 'Access is wrong.';
return false;
}
return true;
}
static public function get($id)
{
$row = ModelsPages::find($id);
if ($row) {
return $row->toArray();
}
return false;
}
static public function add($name, $title, $body, $player_id, $php, $enable_tinymce, $access, &$errors)
{
if(!self::verify($name, $title, $body, $player_id, $php, $enable_tinymce, $access, $errors)) {
return false;
}
if (!ModelsPages::where('name', $name)->exists()) {
ModelsPages::create([
'name' => $name,
'title' => $title,
'body' => $body,
'player_id' => $player_id,
'php' => $php ? '1' : '0',
'enable_tinymce' => $enable_tinymce ? '1' : '0',
'access' => $access
]);
clearRouteCache();
}
else
$errors[] = 'Page with this link already exists.';
return !count($errors);
}
static public function update($id, $name, $title, $body, $player_id, $php, $enable_tinymce, $access, &$errors)
{
if(!self::verify($name, $title, $body, $player_id, $php, $enable_tinymce, $access, $errors)) {
return false;
}
ModelsPages::where('id', $id)->update([
'name' => $name,
'title' => $title,
'body' => $body,
'player_id' => $player_id,
'php' => $php ? '1' : '0',
'enable_tinymce' => $enable_tinymce ? '1' : '0',
'access' => $access
]);
clearRouteCache();
return true;
}
static public function delete($id, &$errors)
{
if (isset($id)) {
$row = ModelsPages::find($id);
if ($row) {
$row->delete();
clearRouteCache();
}
else
$errors[] = 'Page with id ' . $id . ' does not exists.';
} else
$errors[] = 'id not set';
return !count($errors);
}
static public function toggleHide($id, &$errors, &$status)
{
if (isset($id)) {
$row = ModelsPages::find($id);
if ($row) {
$row->hide = $row->hide == 1 ? 0 : 1;
if (!$row->save()) {
$errors[] = 'Fail during toggle hide Page.';
}
else {
clearRouteCache();
}
$status = $row->hide;
}
else {
$errors[] = 'Page with id ' . $id . ' does not exists.';
}
} else
$errors[] = 'id not set';
return !count($errors);
}
}

18
system/libs/cache_apc.php → system/src/Cache/APC.php
View File

@@ -8,9 +8,10 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
class Cache_APC
namespace MyAAC\Cache;
class APC
{
private $prefix;
private $enabled;
@@ -31,22 +32,25 @@ class Cache_APC
public function get($key)
{
$tmp = '';
if($this->fetch($this->prefix . $key, $tmp)) {
if ($this->fetch($this->prefix . $key, $tmp)) {
return $tmp;
}
return '';
}
public function fetch($key, &$var) {
public function fetch($key, &$var)
{
return ($var = apc_fetch($this->prefix . $key)) !== false;
}
public function delete($key) {
public function delete($key)
{
apc_delete($this->prefix . $key);
}
public function enabled() {
public function enabled()
{
return $this->enabled;
}
}
}

16
system/libs/cache_apcu.php → system/src/Cache/APCu.php
View File

@@ -8,9 +8,10 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
class Cache_APCu
namespace MyAAC\Cache;
class APCu
{
private $prefix;
private $enabled;
@@ -31,22 +32,25 @@ class Cache_APCu
public function get($key)
{
$tmp = '';
if($this->fetch($this->prefix . $key, $tmp)) {
if ($this->fetch($this->prefix . $key, $tmp)) {
return $tmp;
}
return '';
}
public function fetch($key, &$var) {
public function fetch($key, &$var)
{
return ($var = apcu_fetch($this->prefix . $key)) !== false;
}
public function delete($key) {
public function delete($key)
{
apcu_delete($this->prefix . $key);
}
public function enabled() {
public function enabled()
{
return $this->enabled;
}
}

44
system/libs/cache.php → system/src/Cache/Cache.php
View File

@@ -8,7 +8,8 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
namespace MyAAC\Cache;
/**
* Class Cache
@@ -41,40 +42,30 @@ class Cache
*/
public static function generateInstance($engine = '', $prefix = '')
{
if(config('env') === 'dev') {
if (config('env') === 'dev') {
self::$instance = new self();
return self::$instance;
}
switch(strtolower($engine)) {
switch (strtolower($engine)) {
case 'apc':
require 'cache_apc.php';
self::$instance = new Cache_APC($prefix);
self::$instance = new APC($prefix);
break;
case 'apcu':
require 'cache_apcu.php';
self::$instance = new Cache_APCu($prefix);
break;
case 'eaccelerator':
require 'cache_eaccelerator.php';
self::$instance = new Cache_eAccelerator($prefix);
self::$instance = new APCu($prefix);
break;
case 'xcache':
require 'cache_xcache.php';
self::$instance = new Cache_XCache($prefix);
self::$instance = new XCache($prefix);
break;
case 'file':
require 'cache_file.php';
self::$instance = new Cache_File($prefix, CACHE);
self::$instance = new File($prefix, CACHE);
break;
case 'php':
require 'cache_php.php';
self::$instance = new Cache_PHP($prefix, CACHE);
self::$instance = new PHP($prefix, CACHE);
break;
case 'auto':
@@ -94,13 +85,11 @@ class Cache
*/
public static function detect()
{
if(function_exists('apc_fetch'))
if (function_exists('apc_fetch'))
return 'apc';
else if(function_exists('apcu_fetch'))
else if (function_exists('apcu_fetch'))
return 'apcu';
else if(function_exists('eaccelerator_get'))
return 'eaccelerator';
else if(function_exists('xcache_get') && ini_get('xcache.var_size'))
else if (function_exists('xcache_get') && ini_get('xcache.var_size'))
return 'xcache';
return 'file';
@@ -109,12 +98,15 @@ class Cache
/**
* @return bool
*/
public function enabled() {return false;}
public function enabled()
{
return false;
}
public static function remember($key, $ttl, $callback)
{
$cache = self::getInstance();
if(!$cache->enabled()) {
if (!$cache->enabled()) {
return $callback();
}
@@ -124,7 +116,7 @@ class Cache
}
$value = $callback();
$cache->set($key, serialize($value),$ttl);
$cache->set($key, serialize($value), $ttl);
return $value;
}
}

22
system/libs/cache_file.php → system/src/Cache/File.php
View File

@@ -7,15 +7,17 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
class Cache_File
namespace MyAAC\Cache;
class File
{
private $prefix;
private $dir;
private $enabled;
public function __construct($prefix = '', $dir = '') {
public function __construct($prefix = '', $dir = '')
{
$this->prefix = $prefix;
$this->dir = $dir;
$this->enabled = (file_exists($this->dir) && is_dir($this->dir) && is_writable($this->dir));
@@ -36,7 +38,7 @@ class Cache_File
public function get($key)
{
$tmp = '';
if($this->fetch($key, $tmp)) {
if ($this->fetch($key, $tmp)) {
return $tmp;
}
@@ -46,7 +48,7 @@ class Cache_File
public function fetch($key, &$var)
{
$file = $this->_name($key);
if(!file_exists($file) || filemtime($file) < time()) {
if (!file_exists($file) || filemtime($file) < time()) {
return false;
}
@@ -57,16 +59,18 @@ class Cache_File
public function delete($key)
{
$file = $this->_name($key);
if(file_exists($file)) {
if (file_exists($file)) {
unlink($file);
}
}
public function enabled() {
public function enabled()
{
return $this->enabled;
}
private function _name($key) {
private function _name($key)
{
return sprintf('%s%s%s', $this->dir, $this->prefix, sha1($key));
}
}
}

22
system/libs/cache_php.php → system/src/Cache/PHP.php
View File

@@ -7,15 +7,17 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
class Cache_PHP
namespace MyAAC\Cache;
class PHP
{
private $prefix;
private $dir;
private $enabled;
public function __construct($prefix = '', $dir = '') {
public function __construct($prefix = '', $dir = '')
{
$this->prefix = $prefix;
$this->dir = $dir;
$this->enabled = (file_exists($this->dir) && is_dir($this->dir) && is_writable($this->dir));
@@ -42,7 +44,7 @@ class Cache_PHP
public function get($key)
{
$tmp = '';
if($this->fetch($key, $tmp)) {
if ($this->fetch($key, $tmp)) {
return $tmp;
}
@@ -52,7 +54,7 @@ class Cache_PHP
public function fetch($key, &$var)
{
$file = $this->_name($key);
if(!file_exists($file) || filemtime($file) < time()) {
if (!file_exists($file) || filemtime($file) < time()) {
return false;
}
@@ -64,16 +66,18 @@ class Cache_PHP
public function delete($key)
{
$file = $this->_name($key);
if(file_exists($file)) {
if (file_exists($file)) {
unlink($file);
}
}
public function enabled() {
public function enabled()
{
return $this->enabled;
}
private function _name($key) {
private function _name($key)
{
return sprintf('%s%s%s', $this->dir, $this->prefix, sha1($key) . '.php');
}
}
}

18
system/libs/cache_xcache.php → system/src/Cache/XCache.php
View File

@@ -8,14 +8,16 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
class Cache_XCache
namespace MyAAC\Cache;
class XCache
{
private $prefix;
private $enabled;
public function __construct($prefix = '') {
public function __construct($prefix = '')
{
$this->prefix = $prefix;
$this->enabled = function_exists('xcache_get') && ini_get('xcache.var_size');
}
@@ -30,7 +32,7 @@ class Cache_XCache
public function get($key)
{
$tmp = '';
if($this->fetch($this->prefix . $key, $tmp)) {
if ($this->fetch($this->prefix . $key, $tmp)) {
return $tmp;
}
@@ -40,7 +42,7 @@ class Cache_XCache
public function fetch($key, &$var)
{
$key = $this->prefix . $key;
if(!xcache_isset($key)) {
if (!xcache_isset($key)) {
return false;
}
@@ -48,11 +50,13 @@ class Cache_XCache
return true;
}
public function delete($key) {
public function delete($key)
{
xcache_unset($this->prefix . $key);
}
public function enabled() {
public function enabled()
{
return $this->enabled;
}
}

10
system/libs/changelog.php → system/src/Changelog.php
View File

@@ -1,5 +1,8 @@
<?php
namespace MyAAC;
use MyAAC\Cache\Cache;
use MyAAC\Models\Changelog as ModelsChangelog;
class Changelog
@@ -85,16 +88,17 @@ class Changelog
return true;
}
static public function toggleHidden($id, &$errors, &$status)
static public function toggleHide($id, &$errors, &$status)
{
if(isset($id))
{
$row = ModelsChangelog::find($id);
if ($row) {
$row->hidden = $row->hidden == 1 ? 0 : 1;
$row->hide = $row->hide == 1 ? 0 : 1;
if (!$row->save()) {
$errors[] = 'Fail during toggle hidden Changelog.';
$errors[] = 'Fail during toggle hide Changelog.';
}
$status = $row->hide;
} else {
$errors[] = 'Changelog with id ' . $id . ' does not exists.';
}

29
system/src/Commands/CacheClearCommand.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace MyAAC\Commands;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Style\SymfonyStyle;
class CacheClearCommand extends Command
{
protected function configure(): void
{
$this->setName('cache:clear')
->setDescription('This command clears the cache');
}
protected function execute(InputInterface $input, OutputInterface $output): int
{
$io = new SymfonyStyle($input, $output);
if (!clearCache()) {
$io->error('Unknown error on clear cache');
return Command::FAILURE;
}
$io->success('Cache cleared');
return Command::SUCCESS;
}
}

13
system/src/Commands/Command.php Normal file
View File

@@ -0,0 +1,13 @@
<?php
namespace MyAAC\Commands;
use MyAAC\Hooks;
use Symfony\Component\Console\Command\Command as SymfonyCommand;
class Command extends SymfonyCommand
{
public function __construct() {
parent::__construct();
}
}

30
system/src/Commands/CronjobCommand.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
namespace MyAAC\Commands;
use GO\Scheduler;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
class CronjobCommand extends Command
{
protected function configure(): void
{
$this->setName('cronjob')
->setDescription('This command runs cron tasks');
}
protected function execute(InputInterface $input, OutputInterface $output): int
{
// Create a new scheduler
$scheduler = new Scheduler();
global $hooks;
$hooks->trigger(HOOK_CRONJOB, ['scheduler' => $scheduler]);
// Let the scheduler execute jobs which are due.
$scheduler->run();
return Command::SUCCESS;
}
}

60
system/src/Commands/CronjobInstallCommand.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
namespace MyAAC\Commands;
use GO\Scheduler;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Style\SymfonyStyle;
class CronjobInstallCommand extends Command
{
protected function configure(): void
{
$this->setName('cronjob:install')
->setDescription('This command automatically registers into your crontab');
}
protected function execute(InputInterface $input, OutputInterface $output): int
{
$io = new SymfonyStyle($input, $output);
if (MYAAC_OS !== 'LINUX') {
$io->error('This script can be run only on linux.');
return 2;
}
$job = '* * * * * /usr/bin/php ' . BASE . SELF_NAME . ' cronjob >> ' . SYSTEM . 'logs/cron.log 2>&1';
if ($this->cronjobExists($job)) {
$io->info('MyAAC cronjob already installed.');
return Command::FAILURE;
}
exec('crontab -l', $content);
$content = implode(' ', $content);
$content .= PHP_EOL . $job;
file_put_contents(CACHE . 'cronjob', $content . PHP_EOL);
exec('crontab ' . CACHE. 'cronjob');
$io->success('Installed crontab successfully.');
return Command::SUCCESS;
}
private function cronjobExists($command): bool
{
exec('crontab -l', $crontab);
if(is_array($crontab)) {
$crontab = array_flip($crontab);
if(isset($crontab[$command])){
return true;
}
}
return false;
}
}

78
system/src/Commands/MailSendCommand.php Normal file
View File

@@ -0,0 +1,78 @@
<?php
namespace MyAAC\Commands;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Style\SymfonyStyle;
class MailSendCommand extends Command
{
protected function configure(): void
{
$this->setName('mail:send')
->setDescription('This command sends E-Mail to single user. Message can be provided as follows: ' . PHP_EOL
. ' echo "Hello World" | php sa email:send --subject="This is the subject" test@test.com')
->addArgument('recipient', InputArgument::REQUIRED, 'Email, Account Name, Account id or Player Name')
->addOption('subject', 's', InputOption::VALUE_REQUIRED, 'Subject');
}
protected function execute(InputInterface $input, OutputInterface $output): int
{
$io = new SymfonyStyle($input, $output);
$email_account_name = $input->getArgument('recipient');
$subject = $input->getOption('subject');
if (!$subject) {
$io->error('Please specify subject via -s or --subject="" option');
return 2;
}
$message = file_get_contents('php://stdin');
if(!str_contains($email_account_name, '@')) {
$account = new \OTS_Account();
if(USE_ACCOUNT_NAME) {
$account->find($email_account_name);
}
else {
$account->load($email_account_name);
}
if($account->isLoaded()) {
$email_account_name = $account->getEMail();
}
else {
$player = new \OTS_Player();
$player->find($email_account_name);
if($player->isLoaded()) {
$email_account_name = $player->getAccount()->getEMail();
}
else {
$io->error('Cannot find player or account with name: ' . $email_account_name);
return 3;
}
}
}
if(!\Validator::email($email_account_name)) {
$io->error('Invalid E-Mail format');
return 4;
}
if(strlen($subject) > 255) {
$io->error('Subject max length is 255 characters');
return 5;
}
if(!_mail($email_account_name, $subject, $message)) {
$io->error('An error occurred while sending email. More info can be found in system/logs/mailer-error.log');
return 6;
}
$io->success('Mail sent to ' . $email_account_name . '.');
return Command::SUCCESS;
}
}

62
system/src/Commands/MigrateRunCommand.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
namespace MyAAC\Commands;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Style\SymfonyStyle;
class MigrateRunCommand extends Command
{
protected function configure(): void
{
$this->setName('migrate:run')
->setDescription('This command runs the migration specified by id')
->addArgument('id',
InputArgument::IS_ARRAY | InputArgument::REQUIRED,
'Id or ids of migration(s)'
);
}
protected function execute(InputInterface $input, OutputInterface $output): int
{
$io = new SymfonyStyle($input, $output);
$ids = $input->getArgument('id');
// pre-check
// in case one of the migrations doesn't exist - we won't execute any of them
foreach ($ids as $id) {
if (!$this->migrationExists($id)) {
$io->error([
"One of the migrations specified doesnt exist: $id",
"Please check it and re-run the command",
"No migration has been executed",
]);
return Command::FAILURE;
}
}
foreach ($ids as $id) {
$this->executeMigration($id, $io);
}
return Command::SUCCESS;
}
private function migrationExists($id): bool {
return file_exists(SYSTEM . 'migrations/' . $id . '.php');
}
private function executeMigration($id, $io): void
{
global $db;
$db->revalidateCache();
require SYSTEM . 'migrations/' . $id . '.php';
$io->success('Migration ' . $id . ' successfully executed');
}
}

50
system/src/Commands/PluginInstallCommand.php Normal file
View File

@@ -0,0 +1,50 @@
<?php
namespace MyAAC\Commands;
use MyAAC\Plugins;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Style\SymfonyStyle;
class PluginInstallCommand extends Command
{
protected function configure(): void
{
$this->setName('plugin:install')
->setDescription('This command installs plugin')
->addArgument('plugin', InputArgument::REQUIRED, 'Path to zip file (plugin) that you want to install');
}
protected function execute(InputInterface $input, OutputInterface $output): int
{
$io = new SymfonyStyle($input, $output);
$pathToFile = $input->getArgument('plugin');
$ext = strtolower(pathinfo($pathToFile, PATHINFO_EXTENSION));
if($ext !== 'zip') {// check if it is zipped/compressed file
$io->error('Please install only .zip files');
return 2;
}
if(!file_exists($pathToFile)) {
$io->error('File ' . $pathToFile . ' does not exist');
return 3;
}
if(!Plugins::install($pathToFile)){
$io->error(Plugins::getError());
return 4;
}
foreach(Plugins::getWarnings() as $warning) {
$io->warning($warning);
}
$info = Plugins::getPluginJson();
$io->success((isset($info['name']) ? $info['name'] . ' p' : 'P') . 'lugin has been successfully installed.');
return Command::SUCCESS;
}
}

38
system/src/Commands/PluginInstallInstallCommand.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
namespace MyAAC\Commands;
use MyAAC\Plugins;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Style\SymfonyStyle;
class PluginInstallInstallCommand extends Command
{
protected function configure(): void
{
$this->setName('plugin:install:install')
->setDescription('This command executes the "install" part of the plugin')
->addArgument('plugin', InputArgument::REQUIRED, 'Plugin name');
}
protected function execute(InputInterface $input, OutputInterface $output): int
{
$io = new SymfonyStyle($input, $output);
$pluginName = $input->getArgument('plugin');
if(!Plugins::executeInstall($pluginName)) {
$io->error(Plugins::getError());
return 2;
}
foreach(Plugins::getWarnings() as $warning) {
$io->warning($warning);
}
$info = Plugins::getPluginJson($pluginName);
$io->success('Script for install ' . (isset($info['name']) ? $info['name'] . ' p' : 'P') . 'lugin has been successfully executed.');
return Command::SUCCESS;
}
}

36
system/src/Commands/SettingsResetCommand.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
namespace MyAAC\Commands;
use MyAAC\Models\Settings as SettingsModel;
use MyAAC\Settings;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Style\SymfonyStyle;
class SettingsResetCommand extends Command
{
protected function configure(): void
{
$this->setName('settings:reset')
->setDescription('Removes all settings in database');
}
protected function execute(InputInterface $input, OutputInterface $output): int
{
$io = new SymfonyStyle($input, $output);
if (!$io->confirm('Are you sure you want to reset all settings in database?', false)) {
return Command::FAILURE;
}
SettingsModel::truncate();
$settings = Settings::getInstance();
$settings->clearCache();
$io->success('Setting cleared successfully');
return Command::SUCCESS;
}
}

55
system/src/Commands/SettingsSetCommand.php Normal file
View File

@@ -0,0 +1,55 @@
<?php
namespace MyAAC\Commands;
use MyAAC\Models\Settings as SettingsModel;
use MyAAC\Settings;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Style\SymfonyStyle;
class SettingsSetCommand extends Command
{
protected function configure(): void
{
$this->setName('settings:set')
->setDescription('Updates the setting specified by argument in database')
->addArgument('key',
InputArgument::REQUIRED,
'Setting name/key'
)
->addArgument('value',
InputArgument::REQUIRED,
'New value'
);
}
protected function execute(InputInterface $input, OutputInterface $output): int
{
$io = new SymfonyStyle($input, $output);
$key = $input->getArgument('key');
$value = $input->getArgument('value');
$settings = Settings::getInstance();
$settings->clearCache();
$settings->load();
$setting = $settings[$key];
if (!isset($setting['value'])) {
$io->warning('Settings with this key does not exists');
return Command::FAILURE;
}
// format plugin_name.key
// example: core.template
$explode = explode('.', $key);
$settings->updateInDatabase($explode[0], $explode[1], $value);
$settings->clearCache();
$io->success("Setting $key successfully updated");
return Command::SUCCESS;
}
}

42
system/libs/CreateCharacter.php → system/src/CreateCharacter.php
View File

@@ -1,5 +1,7 @@
<?php
namespace MyAAC;
use MyAAC\Models\Player;
/**
@@ -50,8 +52,8 @@ class CreateCharacter
return false;
}
if(!admin() && !Validator::newCharacterName($name)) {
$errors['name'] = Validator::getLastError();
if(!admin() && !\Validator::newCharacterName($name)) {
$errors['name'] = \Validator::getLastError();
return false;
}
@@ -71,7 +73,7 @@ class CreateCharacter
* @param array $errors
* @return bool
*/
public function check($name, $sex, &$vocation, &$town, &$errors)
public function check($name, $sex, ?int &$vocation, ?int &$town, &$errors)
{
$this->checkName($name, $errors);
@@ -123,13 +125,13 @@ class CreateCharacter
* @param int $sex
* @param int $vocation
* @param int $town
* @param OTS_Account $account
* @param \OTS_Account $account
* @param array $errors
* @return bool
* @throws E_OTS_NotLoaded
* @throws Twig_Error_Loader
* @throws Twig_Error_Runtime
* @throws Twig_Error_Syntax
* @throws \E_OTS_NotLoaded
* @throws \Twig_Error_Loader
* @throws \Twig_Error_Runtime
* @throws \Twig_Error_Syntax
*/
public function doCreate($name, $sex, $vocation, $town, $account, &$errors)
{
@@ -147,7 +149,7 @@ class CreateCharacter
if(empty($errors))
{
$char_to_copy_name = config('character_samples')[$vocation];
$char_to_copy = new OTS_Player();
$char_to_copy = new \OTS_Player();
$char_to_copy->find($char_to_copy_name);
if(!$char_to_copy->isLoaded())
$errors[] = 'Wrong characters configuration. Try again or contact with admin. ADMIN: Go to Admin Panel -> Settings -> Create Character and set valid characters to copy names. Character to copy: <b>'.$char_to_copy_name.'</b> doesn\'t exist.';
@@ -162,7 +164,7 @@ class CreateCharacter
if($sex == "0")
$char_to_copy->setLookType(136);
$player = new OTS_Player();
$player = new \OTS_Player();
$player->setName($name);
$player->setAccount($account);
$player->setGroupId(1);
@@ -194,7 +196,7 @@ class CreateCharacter
$player->setManaSpent($char_to_copy->getManaSpent());
$player->setSoul($char_to_copy->getSoul());
for($skill = POT::SKILL_FIRST; $skill <= POT::SKILL_LAST; $skill++) {
for($skill = \POT::SKILL_FIRST; $skill <= \POT::SKILL_LAST; $skill++) {
$value = 10;
if (setting('core.use_character_sample_skills')) {
$value = $char_to_copy->getSkill($skill);
@@ -231,7 +233,7 @@ class CreateCharacter
$player->save();
$player->setCustomField('created', time());
$player = new OTS_Player();
$player = new \OTS_Player();
$player->find($name);
if(!$player->isLoaded()) {
@@ -240,7 +242,7 @@ class CreateCharacter
}
if($db->hasTable('player_skills')) {
for($skill = POT::SKILL_FIRST; $skill <= POT::SKILL_LAST; $skill++) {
for($skill = \POT::SKILL_FIRST; $skill <= \POT::SKILL_LAST; $skill++) {
$value = 10;
if (setting('core.use_character_sample_skills')) {
$value = $char_to_copy->getSkill($skill);
@@ -260,6 +262,20 @@ class CreateCharacter
}
}
global $hooks;
if (!$hooks->trigger(HOOK_ACCOUNT_CREATE_CHARACTER_AFTER,
[
'account' => $account,
'player' => $player,
'name' => $name,
'sex' => $sex,
'vocation' => $vocation,
'town' => $town,
]
)) {
return false;
}
global $twig;
$twig->display('success.html.twig', array(
'title' => 'Character Created',

101
system/src/CsrfToken.php Normal file
View File

@@ -0,0 +1,101 @@
<?php
/**
* CsrfToken
*
* @package MyAAC
* @author Znote
* @author Slawkens <slawkens@gmail.com>
* @copyright 2023 MyAAC
* @link https://my-aac.org
*/
namespace MyAAC;
class CsrfToken
{
public static function generate(): void
{
$token = sha1(uniqid(time(), true));
setSession('csrf_token', $token);
}
/**
* Displays a random token to prevent CSRF attacks.
*
* @access public
* @static true
* @return void
**/
public static function create(bool $return = false): string {
$input = '<input type="hidden" name="csrf_token" value="' . self::get() . '" />';
if ($return) {
return $input;
}
echo $input;
return '';
}
/**
* Returns the active token, if there is one.
*
* @access public
* @static true
* @return mixed
**/
public static function get(): mixed
{
$token = getSession('csrf_token');
return $token ?? false;
}
/**
* Validates whether the active token is valid or not.
*
* @param string $post
* @access public
* @static true
* @return boolean
**/
public static function isValid($post): bool
{
if (!setting('core.csrf_protection')) {
return true;
}
// Token doesn't exist yet, return false.
if (!self::get()) {
return false;
}
return ($post == getSession('csrf_token'));
}
/**
* Destroys the active token.
*
* @access protected
* @static true
* @return void
**/
protected static function reset(): void {
unsetSession('csrf_token');
}
/**
* Displays information on both the post token and the session token.
*
* @param string $post
* @access public
* @static true
* @return void
**/
public static function debug($post): void
{
echo '<pre>', var_export([
'post' => $post,
'token' => self::get()
], true), '</pre>';
}
}

3
system/libs/data.php → system/src/Data.php
View File

@@ -7,7 +7,8 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
namespace MyAAC;
class Data
{

Some files were not shown because too many files have changed in this diff Show More