Patch some changes/fixes from 0.8 branch

Fix Gesior signature double dollar $$ Add some missing <br/> to online page Use $config['last_kills_limit'] in lastkills.php Fix save_ranks.php: getLastError(); Fix PHPMailer autoloader Fix leaking sensitive informations on MySQL Connection Fail Add nginx-sample.conf Change myaac_monsters.loot to text Add more files to ignore file
2025-06-15 01:04:30 +02:00 · 2020-02-15 03:37:18 +01:00 · 2020-02-15 03:37:18 +01:00 · 5d499bc5e6
commit 5d499bc5e6
parent a7105d33f2
11 changed files with 92 additions and 51 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,34 @@
 Thumbs.db
 .DS_Store
-.idea
+.idea
 releases
 config.local.php
 PERSONAL_NOTES
 # all custom templates
 templates/*
 !templates/tibiacom
 !templates/kathrine
 # guild images
 images/guilds/*
 !images/guilds/default.gif
 # cache
 system/cache/*
 !system/cache/index.html
 !system/cache/twig/index.html
 !system/cache/signatures/index.html
 # logs
 system/logs/*
 !system/logs/index.html
 # plugins
 plugins/*
 !plugins/.htaccess
 !plugins/example.json
 !plugins/account-create-hint.json
 !plugins/account-create-hint
 landing
--- a/install/includes/schema.sql
+++ b/install/includes/schema.sql
@ -236,7 +236,7 @@ CREATE TABLE `myaac_monsters` (
 	`summonable` tinyint(1) NOT NULL,
 	`convinceable` tinyint(1) NOT NULL,
 	`race` varchar(255) NOT NULL,
-	`loot` varchar(500) NOT NULL,
+	`loot` text NOT NULL,
 	PRIMARY KEY (`id`)
 ) ENGINE = MyISAM;
--- a/install/steps/5-database.php
+++ b/install/steps/5-database.php
@ -34,13 +34,13 @@ if(!$error) {
 			}
 		}
 	}
-				
+
 	require(BASE . 'install/includes/config.php');
-		
+
 	if(!$error) {
 		success($locale['step_database_importing']);
 		require(BASE . 'install/includes/database.php');
-		
+
 		if(!tableExist('accounts')) {
 			$locale['step_database_error_table'] = str_replace('$TABLE$', 'accounts', $locale['step_database_error_table']);
 			error($locale['step_database_error_table']);
@ -70,14 +70,14 @@ if(!$error) {
 				error($locale['step_database_error_schema'] . ' ' . $error_);
 				$error = true;
 			}
-			
+
 			if(!$error) {
 				registerDatabaseConfig('database_version', DATABASE_VERSION);
 				$locale['step_database_success_schema'] = str_replace('$PREFIX$', TABLE_PREFIX, $locale['step_database_success_schema']);
 				success($locale['step_database_success_schema']);
 			}
 		}
-		
+
 		if(!$error) {
 			if(fieldExist('key', 'accounts')) {
 				if(query("ALTER TABLE `accounts` MODIFY `key` VARCHAR(64) NOT NULL DEFAULT '';"))
@ -87,32 +87,32 @@ if(!$error) {
 				if(query("ALTER TABLE `accounts` ADD `key` VARCHAR(64) NOT NULL DEFAULT '' AFTER `email`;"))
 					success($locale['step_database_adding_field'] . ' accounts.key...');
 			}
-		
+
 			if(!fieldExist('blocked', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `blocked` TINYINT(1) NOT NULL DEFAULT FALSE COMMENT 'internal usage' AFTER `key`;"))
 					success($locale['step_database_adding_field'] . ' accounts.blocked...');
 			}
-	
+
 			if(!fieldExist('created', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `created` INT(11) NOT NULL DEFAULT 0 AFTER `" . (fieldExist('group_id', 'accounts') ? 'group_id' : 'blocked') . "`;"))
 					success($locale['step_database_adding_field'] . ' accounts.created...');
 			}
-			
+
 			if(!fieldExist('rlname', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `rlname` VARCHAR(255) NOT NULL DEFAULT '' AFTER `created`;"))
 					success($locale['step_database_adding_field'] . ' accounts.rlname...');
 			}
-			
+
 			if(!fieldExist('location', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `location` VARCHAR(255) NOT NULL DEFAULT '' AFTER `rlname`;"))
 					success($locale['step_database_adding_field'] . ' accounts.location...');
 			}
-			
+
 			if(!fieldExist('country', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `country` VARCHAR(3) NOT NULL DEFAULT '' AFTER `location`;"))
 					success($locale['step_database_adding_field'] . ' accounts.country...');
 			}
-			
+
 			if(fieldExist('page_lastday', 'accounts')) {
 				if(query("ALTER TABLE `accounts` CHANGE `page_lastday` `web_lastlogin` INT(11) NOT NULL DEFAULT 0;")) {
 					$tmp = str_replace('$FIELD$', 'accounts.page_lastday', $locale['step_database_changing_field']);
@ -124,32 +124,32 @@ if(!$error) {
 				if(query("ALTER TABLE `accounts` ADD `web_lastlogin` INT(11) NOT NULL DEFAULT 0 AFTER `country`;"))
 					success($locale['step_database_adding_field'] . ' accounts.web_lastlogin...');
 			}
-			
+
 			if(!fieldExist('web_flags', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `web_flags` INT(11) NOT NULL DEFAULT 0 AFTER `web_lastlogin`;"))
 					success($locale['step_database_adding_field'] . ' accounts.web_flags...');
 			}
-			
+
 			if(!fieldExist('email_hash', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `email_hash` VARCHAR(32) NOT NULL DEFAULT '' AFTER `web_flags`;"))
 					success($locale['step_database_adding_field'] . ' accounts.email_hash...');
 			}
-			
+
 			if(!fieldExist('email_verified', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `email_verified` TINYINT(1) NOT NULL DEFAULT 0 AFTER `email_hash`;"))
 					success($locale['step_database_adding_field'] . ' accounts.email_verified...');
 			}
-		
+
 			if(!fieldExist('email_new', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `email_new` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_hash`;"))
 					success($locale['step_database_adding_field'] . ' accounts.email_new...');
 			}
-			
+
 			if(!fieldExist('email_new_time', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `email_new_time` INT(11) NOT NULL DEFAULT 0 AFTER `email_new`;"))
 					success($locale['step_database_adding_field'] . ' accounts.email_new_time...');
 			}
-			
+
 			if(!fieldExist('email_code', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `email_code` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_new_time`;"))
 					success($locale['step_database_adding_field'] . ' accounts.email_code...');
@ -168,7 +168,7 @@ if(!$error) {
 				if(query("ALTER TABLE `accounts` ADD `email_next` INT(11) NOT NULL DEFAULT 0 AFTER `email_code`;"))
 					success($locale['step_database_adding_field'] . ' accounts.email_next...');
 			}
-			
+
 			if(!fieldExist('premium_points', 'accounts')) {
 				if(query("ALTER TABLE `accounts` ADD `premium_points` INT(11) NOT NULL DEFAULT 0 AFTER `email_next`;"))
 					success($locale['step_database_adding_field'] . ' accounts.premium_points...');
@ -183,7 +183,7 @@ if(!$error) {
 				if(query("ALTER TABLE `guilds` ADD `description` TEXT NOT NULL;"))
 					success($locale['step_database_adding_field'] . ' guilds.description...');
 			}
-			
+
 			if(fieldExist('logo_gfx_name', 'guilds')) {
 				if(query("ALTER TABLE `guilds` CHANGE `logo_gfx_name` `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';")) {
 					$tmp = str_replace('$FIELD$', 'guilds.logo_gfx_name', $locale['step_database_changing_field']);
@ -195,15 +195,15 @@ if(!$error) {
 				if(query("ALTER TABLE `guilds` ADD `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';"))
 					success($locale['step_database_adding_field'] . ' guilds.logo_name...');
 			}
-		
+
 			if(!fieldExist('created', 'players')) {
 				if(query("ALTER TABLE `players` ADD `created` INT(11) NOT NULL DEFAULT 0;"))
 					success($locale['step_database_adding_field'] . ' players.created...');
 			}
-		
+
 			if(!fieldExist('deleted', 'players') && !fieldExist('deletion', 'players')) {
 				if(query("ALTER TABLE `players` ADD `deleted` TINYINT(1) NOT NULL DEFAULT 0;"))
-					success($locale['step_database_adding_field'] . ' players.comment...');
+					success($locale['step_database_adding_field'] . ' players.deleted...');
 			}
 			if(fieldExist('hide_char', 'players')) {
@ -219,16 +219,16 @@ if(!$error) {
 				if(query("ALTER TABLE `players` ADD `hidden` TINYINT(1) NOT NULL DEFAULT 0;"))
 					success($locale['step_database_adding_field'] . ' players.hidden...');
 			}
-			
+
 			if(!fieldExist('comment', 'players')) {
 				if(query("ALTER TABLE `players` ADD `comment` TEXT NOT NULL;"))
 					success($locale['step_database_adding_field'] . ' players.comment...');
 			}
-			
+
 			if(fieldExist('rank_id', 'players')) {
 				if(query("ALTER TABLE players MODIFY `rank_id` INT(11) NOT NULL DEFAULT 0;"))
 					success($locale['step_database_modifying_field'] . ' players.rank_id...');
-			
+
 				if(fieldExist('guildnick', 'players')) {
 					if(query("ALTER TABLE players MODIFY `guildnick` VARCHAR(255) NOT NULL DEFAULT '';")) {
 						success($locale['step_database_modifying_field'] . ' players.guildnick...');
@ -236,7 +236,7 @@ if(!$error) {
 				}
 			}
 		}
-		
+
 		if(!$error && (!isset($_SESSION['saved']))) {
 			$content .= '$config[\'installed\'] = true;';
 			$content .= PHP_EOL;
@ -251,7 +251,7 @@ if(!$error) {
 				error($locale['step_config_mail_address_error']);
 				$error = true;
 			}
-			
+
 			$content .= '$config[\'client_download\'] = \'http://tibia-clients.com/clients/download/\'. $config[\'client\'] . \'/exe/windows\';';
 			$content .= PHP_EOL;
 			$content .= '$config[\'client_download_linux\'] = \'http://tibia-clients.com/clients/download/\'. $config[\'client\'] . \'/tar/linux\';';
@ -260,7 +260,7 @@ if(!$error) {
 			$content .= PHP_EOL;
 			$content .= '$config[\'cache_prefix\'] = \'myaac_' . generateRandomString(8, true, false, true, false) . '_\';';
 			$content .= PHP_EOL;
-			
+
 			$file = fopen(BASE . 'config.local.php', 'a+');
 			if($file) {
 				if(!$error) {
--- a/nginx-sample.conf
+++ b/nginx-sample.conf
@ -0,0 +1,25 @@
 server {
        listen 80;
        root /home/otserv/www/public;
        index index.php;
        server_name your-domain.com;
        location / {
                try_files $uri $uri/ /index.php;
        }
        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_read_timeout 240;
                fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        }
        location ~ /\.ht {
                deny all;
        }
        location /system {
           deny all;
           return 404;
        }
 }
--- a/system/database.php
+++ b/system/database.php
@ -95,7 +95,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 			'<ul>' .
 				'<li>MySQL is not configured propertly in <i>config.lua</i>.</li>' .
 				'<li>MySQL server is not running.</li>' .
-			'</ul>' . $error);
+			'</ul>' . $error->getMessage());
 	}
 	$db = POT::getInstance()->getDBHandle();
--- a/system/libs/phpmailer/PHPMailerAutoload.php
+++ b/system/libs/phpmailer/PHPMailerAutoload.php
@ -30,20 +30,4 @@ function PHPMailerAutoload($classname)
    }
 }
 if (version_compare(PHP_VERSION, '5.1.2', '>=')) {
    //SPL autoloading was introduced in PHP 5.1.2
    if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
        spl_autoload_register('PHPMailerAutoload', true, true);
    } else {
        spl_autoload_register('PHPMailerAutoload');
    }
 } else {
    /**
     * Fall back to traditional autoload for old PHP versions
     * @param string $classname The name of the class to load
     */
    function __autoload($classname)
    {
        PHPMailerAutoload($classname);
    }
 }
--- a/system/pages/guilds/save_ranks.php
+++ b/system/pages/guilds/save_ranks.php
@ -12,7 +12,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
 if(!Validator::guildName($guild_name)) {
-	$errors[] = Validator::get;
+	$errors[] = Validator::getLastError();
 }
 if(empty($errors)) {
--- a/system/pages/lastkills.php
+++ b/system/pages/lastkills.php
@ -84,7 +84,7 @@ if(tableExist('player_killers')) // tfs 0.3
 else {
 	//$players_deaths = $db->query("SELECT `p`.`name` AS `victim`, `player_deaths`.`killed_by` as `killed_by`, `player_deaths`.`time` as `time`, `player_deaths`.`is_player` as `is_player`, `player_deaths`.`level` as `level` FROM `player_deaths`, `players` as `d` INNER JOIN `players` as `p` ON player_deaths.player_id = p.id WHERE player_deaths.`is_player`='1' ORDER BY `time` DESC LIMIT " . $config['last_kills_limit'] . ";");
-$players_deaths = $db->query("SELECT `p`.`name` AS `victim`, `d`.`killed_by` as `killed_by`, `d`.`time` as `time`, `d`.`level`, `d`.`is_player` FROM `player_deaths` as `d` INNER JOIN `players` as `p` ON d.player_id = p.id ORDER BY `time` DESC LIMIT 20;");
+$players_deaths = $db->query("SELECT `p`.`name` AS `victim`, `d`.`killed_by` as `killed_by`, `d`.`time` as `time`, `d`.`level`, `d`.`is_player` FROM `player_deaths` as `d` INNER JOIN `players` as `p` ON d.player_id = p.id ORDER BY `time` DESC LIMIT " . $config['last_kills_limit'] . ";");
 	if(!empty($players_deaths))
 	{
--- a/system/templates/online.html.twig
+++ b/system/templates/online.html.twig
@ -26,6 +26,7 @@
 		</td>
 	</tr>
 </table>
 <br/>
 	{# vocation statistics #}
 	{% if config.online_vocations %}
 <br/>
--- a/tools/signature/gesior.php
+++ b/tools/signature/gesior.php
@ -20,7 +20,7 @@
 	if($rank->isLoaded())
 	{
 		imagettftext($image , $fontsize, 0, 20, 75, $color, $font, 'Guild:');
-		imagettftext($image , $fontsize, 0, 70, 75, $color, $font, $player->getRank()->getName() . ' of the ' . $$rank->getGuild()->getName());
+		imagettftext($image , $fontsize, 0, 70, 75, $color, $font, $player->getRank()->getName() . ' of the ' . $rank->getGuild()->getName());
 	}
 	imagettftext($image , $fontsize, 0, 20, 95, $color, $font, 'Last Login:');
 	imagettftext($image , $fontsize, 0, 100, 95, $color, $font, (($player->getLastLogin() > 0) ? date("j F Y, g:i a", $player->getLastLogin()) : 'Never logged in.'));
--- a/tools/validate.php
+++ b/tools/validate.php
@ -1,7 +1,7 @@
 <?php
 /**
 * Ajax validator
- * Returns xml file with result
+ * Returns json with result
 *
 * @package   MyAAC
 * @author    Slawkens <slawkens@gmail.com>