From 6500c297999f552d1e0042698f32ad450f086182 Mon Sep 17 00:00:00 2001
From: slawkens <slawkens@gmail.com>
Date: Fri, 31 Oct 2025 09:42:52 +0100
Subject: [PATCH] [WIP] Refactor

---
 system/pages/account/lost/base.php                   |  2 +-
 system/pages/account/lost/check-code.php             | 10 +++++-----
 system/pages/account/lost/email/send-code.php        |  4 ++--
 system/pages/account/lost/email/set-new-password.php |  8 ++++----
 system/pages/account/lost/email/step-1.php           |  2 ++
 system/pages/account/lost/recovery-key/step-1.php    |  2 ++
 system/pages/account/lost/recovery-key/step-2.php    |  9 +++++----
 system/pages/account/lost/recovery-key/step-3.php    | 10 +++++-----
 system/pages/account/lost/step-1.php                 |  2 +-
 9 files changed, 27 insertions(+), 22 deletions(-)

diff --git a/system/pages/account/lost/base.php b/system/pages/account/lost/base.php
index 2a0efe9e..58f115ce 100644
--- a/system/pages/account/lost/base.php
+++ b/system/pages/account/lost/base.php
@@ -8,7 +8,7 @@ function lostAccountWriteCooldown(string $nick, int $time): void
 	$inSec = $time - time();
 	$minutesLeft = floor($inSec / 60);
 	$secondsLeft = $inSec - ($minutesLeft * 60);
-	$timeLeft = $minutesLeft.' minutes '.$secondsLeft.' seconds';
+	$timeLeft = "$minutesLeft minutes $secondsLeft seconds";
 
 	$timeRounded = ceil(setting('core.mail_lost_account_interval') / 60);
 
diff --git a/system/pages/account/lost/check-code.php b/system/pages/account/lost/check-code.php
index d1ee948d..3babcd16 100644
--- a/system/pages/account/lost/check-code.php
+++ b/system/pages/account/lost/check-code.php
@@ -5,16 +5,16 @@ csrfProtect();
 
 $title = 'Lost Account';
 
-$code = isset($_REQUEST['code']) ? trim($_REQUEST['code']) : '';
-$character = isset($_REQUEST['character']) ? stripslashes(trim($_REQUEST['character'])) : '';
+$code = $_POST['code'] ?? '';
+$character = $_POST['character'] ?? '';
 
-if(empty($code) || empty($character))
+if(empty($code) || empty($character)) {
 	$twig->display('account/lost/check-code.html.twig', [
 		'code' => $code,
 		'characters' => $character,
 	]);
-else
-{
+}
+else {
 	$player = new OTS_Player();
 	$account = new OTS_Account();
 	$player->find($character);
diff --git a/system/pages/account/lost/email/send-code.php b/system/pages/account/lost/email/send-code.php
index a9f68fdf..79d4f833 100644
--- a/system/pages/account/lost/email/send-code.php
+++ b/system/pages/account/lost/email/send-code.php
@@ -7,8 +7,8 @@ require __DIR__ . '/../base.php';
 
 $title = 'Lost Account';
 
-$email = $_REQUEST['email'];
-$nick = stripslashes($_REQUEST['nick']);
+$email = $_POST['email'] ?? '';
+$nick = $_POST['nick'] ?? '';
 
 $player = new OTS_Player();
 $account = new OTS_Account();
diff --git a/system/pages/account/lost/email/set-new-password.php b/system/pages/account/lost/email/set-new-password.php
index ea65f4f4..44e8197c 100644
--- a/system/pages/account/lost/email/set-new-password.php
+++ b/system/pages/account/lost/email/set-new-password.php
@@ -5,10 +5,10 @@ csrfProtect();
 
 $title = 'Lost Account';
 
-$newPassword = $_REQUEST['password'];
-$passwordRepeat = $_REQUEST['password_repeat'];
-$code = $_REQUEST['code'];
-$character = stripslashes($_REQUEST['character']);
+$newPassword = $_POST['password'] ?? '';
+$passwordRepeat = $_POST['password_repeat'] ?? '';
+$code = $_POST['code'] ?? '';
+$character = $_POST['character'] ?? '';
 
 if(empty($code) || empty($character) || empty($newPassword) || empty($passwordRepeat)) {
 	$errors[] = 'Please enter code from e-mail and name of one character from account. Then press Submit.';
diff --git a/system/pages/account/lost/email/step-1.php b/system/pages/account/lost/email/step-1.php
index d7d82830..eef9211d 100644
--- a/system/pages/account/lost/email/step-1.php
+++ b/system/pages/account/lost/email/step-1.php
@@ -7,6 +7,8 @@ csrfProtect();
 
 $title = 'Lost Account';
 
+$nick = $_POST['nick'] ?? '';
+
 if($account->isLoaded()) {
 	if($account->getCustomField('email_next') < time()) {
 		$twig->display('account/lost/email.html.twig', [
diff --git a/system/pages/account/lost/recovery-key/step-1.php b/system/pages/account/lost/recovery-key/step-1.php
index 9c610328..9ace6a35 100644
--- a/system/pages/account/lost/recovery-key/step-1.php
+++ b/system/pages/account/lost/recovery-key/step-1.php
@@ -5,6 +5,8 @@ csrfProtect();
 
 $title = 'Lost Account';
 
+$nick = $_POST['nick'] ?? '';
+
 if($account->isLoaded()) {
 	$account_key = $account->getCustomField('key');
 
diff --git a/system/pages/account/lost/recovery-key/step-2.php b/system/pages/account/lost/recovery-key/step-2.php
index 5fe7f1ef..b61c39bc 100644
--- a/system/pages/account/lost/recovery-key/step-2.php
+++ b/system/pages/account/lost/recovery-key/step-2.php
@@ -5,8 +5,8 @@ csrfProtect();
 
 $title = 'Lost Account';
 
-$key = trim($_REQUEST['key']);
-$nick = stripslashes($_REQUEST['nick']);
+$key = $_REQUEST['key'] ?? '';
+$nick = $_POST['nick'] ?? '';
 
 $player = new OTS_Player();
 $account = new OTS_Account();
@@ -32,8 +32,9 @@ if($account->isLoaded()) {
 		$errors[] = 'Account of this character has no recovery key!';
 	}
 }
-else
-	$errors[] =  "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
+else {
+	$errors[] = "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
+}
 
 if (!empty($errors)) {
 	$twig->display('error_box.html.twig', [
diff --git a/system/pages/account/lost/recovery-key/step-3.php b/system/pages/account/lost/recovery-key/step-3.php
index a1bc678b..f58437b6 100644
--- a/system/pages/account/lost/recovery-key/step-3.php
+++ b/system/pages/account/lost/recovery-key/step-3.php
@@ -5,11 +5,11 @@ csrfProtect();
 
 $title = 'Lost Account';
 
-$key = trim($_REQUEST['key']);
-$nick = stripslashes($_REQUEST['nick']);
-$newPassword = trim($_REQUEST['password']);
-$passwordRepeat = trim($_REQUEST['password_repeat']);
-$newEmail = trim($_REQUEST['email']);
+$key = $_POST['key'];
+$nick = $_POST['nick'] ?? '';
+$newPassword = $_POST['password'] ?? '';
+$passwordRepeat = $_POST['password_repeat'] ?? '';
+$newEmail = $_POST['email'] ?? '';
 
 $player = new OTS_Player();
 $account = new OTS_Account();
diff --git a/system/pages/account/lost/step-1.php b/system/pages/account/lost/step-1.php
index ebc7c79f..5a7db7fe 100644
--- a/system/pages/account/lost/step-1.php
+++ b/system/pages/account/lost/step-1.php
@@ -5,7 +5,7 @@ csrfProtect();
 
 $title = 'Lost Account';
 
-$nick = stripslashes($_REQUEST['nick']);
+$nick = $_REQUEST['nick'] ?? '';
 
 $player = new OTS_Player();
 $account = new OTS_Account();