From 69f822b69c0e3eef5b9ee88635a72377ec692f23 Mon Sep 17 00:00:00 2001 From: slawkens Date: Tue, 17 Oct 2017 15:28:29 +0200 Subject: [PATCH] * moved account actions (pages) to account/ directory --- common.php | 1 + index.php | 22 +- system/pages/account/change_comment.php | 60 ++ system/pages/account/change_email.php | 166 +++++ system/pages/account/change_info.php | 62 ++ system/pages/account/change_name.php | 93 +++ system/pages/account/change_password.php | 84 +++ system/pages/account/change_sex.php | 89 +++ system/pages/account/create_character.php | 208 ++++++ system/pages/account/delete_character.php | 70 ++ system/pages/account/register.php | 59 ++ system/pages/account/register_new.php | 72 ++ system/pages/accountmanagement.php | 859 +--------------------- 13 files changed, 977 insertions(+), 868 deletions(-) create mode 100644 system/pages/account/change_comment.php create mode 100644 system/pages/account/change_email.php create mode 100644 system/pages/account/change_info.php create mode 100644 system/pages/account/change_name.php create mode 100644 system/pages/account/change_password.php create mode 100644 system/pages/account/change_sex.php create mode 100644 system/pages/account/create_character.php create mode 100644 system/pages/account/delete_character.php create mode 100644 system/pages/account/register.php create mode 100644 system/pages/account/register_new.php diff --git a/common.php b/common.php index 3ae1b154..deab9728 100644 --- a/common.php +++ b/common.php @@ -60,6 +60,7 @@ define('CACHE', SYSTEM . 'cache/'); define('LOCALE', SYSTEM . 'locale/'); define('LIBS', SYSTEM . 'libs/'); define('LOGS', SYSTEM . 'logs/'); +define('PAGES', SYSTEM . 'pages/'); define('PLUGINS', BASE . 'plugins/'); define('TEMPLATES', BASE . 'templates/'); define('TOOLS', BASE . 'tools/'); diff --git a/index.php b/index.php index c38b030e..07c25a77 100644 --- a/index.php +++ b/index.php @@ -71,17 +71,17 @@ else { '/^account\/create\/?$/' => array('subtopic' => 'createaccount'), '/^account\/lost\/?$/' => array('subtopic' => 'lostaccount'), '/^account\/logout\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'logout'), - '/^account\/password\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'changepassword'), - '/^account\/register\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'registeraccount'), - '/^account\/register\/new\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'registernew'), - '/^account\/email\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'changeemail'), - '/^account\/info\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'changeinfo'), - '/^account\/character\/create\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'createcharacter'), - '/^account\/character\/name\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'changename'), - '/^account\/character\/sex\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'changesex'), - '/^account\/character\/delete\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'deletecharacter'), - '/^account\/character\/comment\/[A-Za-z]+\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'changecomment', 'name' => '$3'), - '/^account\/character\/comment\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'changecomment'), + '/^account\/password\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_password'), + '/^account\/register\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'register'), + '/^account\/register\/new\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'register_new'), + '/^account\/email\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_email'), + '/^account\/info\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_info'), + '/^account\/character\/create\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'create_character'), + '/^account\/character\/name\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_name'), + '/^account\/character\/sex\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_sex'), + '/^account\/character\/delete\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'delete_character'), + '/^account\/character\/comment\/[A-Za-z]+\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_comment', 'name' => '$3'), + '/^account\/character\/comment\/?$/' => array('subtopic' => 'accountmanagement', 'action' => 'change_comment'), '/^characters\/[A-Za-z0-9-_%+\']+$/' => array('subtopic' => 'characters', 'name' => '$1'), '/^commands\/add\/?$/' => array('subtopic' => 'commands', 'action' => 'add'), '/^commands\/edit\/?$/' => array('subtopic' => 'commands', 'action' => 'edit'), diff --git a/system/pages/account/change_comment.php b/system/pages/account/change_comment.php new file mode 100644 index 00000000..9da4d900 --- /dev/null +++ b/system/pages/account/change_comment.php @@ -0,0 +1,60 @@ + + * @author Slawkens + * @copyright 2017 MyAAC + * @version 0.6.0 + * @link http://my-aac.org + */ +defined('MYAAC') or die('Direct access not allowed!'); + +$player_name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null; +$new_comment = isset($_POST['comment']) ? htmlspecialchars(stripslashes(substr($_POST['comment'],0,2000))) : NULL; +$new_hideacc = isset($_POST['accountvisible']) ? (int)$_POST['accountvisible'] : NULL; + +if($player_name != null) { + if (Validator::characterName($player_name)) { + $player = new OTS_Player(); + $player->find($player_name); + if ($player->isLoaded()) { + $player_account = $player->getAccount(); + if ($account_logged->getId() == $player_account->getId()) { + if (isset($_POST['changecommentsave']) && $_POST['changecommentsave'] == 1) { + $player->setCustomField("hidden", $new_hideacc); + $player->setCustomField("comment", $new_comment); + $account_logged->logAction('Changed comment for character ' . $player->getName() . '.'); + echo $twig->render('success.html.twig', array( + 'title' => 'Character Information Changed', + 'description' => 'The character information has been changed.' + )); + $show_form = false; + } + } else { + $errors[] = 'Error. Character ' . $player_name . ' is not on your account.'; + } + } else { + $errors[] = "Error. Character with this name doesn't exist."; + } + } else { + $errors[] = 'Error. Name contain illegal characters.'; + } +} +else { + $errors[] = 'Please enter character name.'; +} + +if($show_form) { + if(!empty($errors)) { + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + } + + if(isset($player)) { + echo $twig->render('account.change_comment.html.twig', array( + 'player' => $player + )); + } +} +?> \ No newline at end of file diff --git a/system/pages/account/change_email.php b/system/pages/account/change_email.php new file mode 100644 index 00000000..01f34e5b --- /dev/null +++ b/system/pages/account/change_email.php @@ -0,0 +1,166 @@ + + * @author Slawkens + * @copyright 2017 MyAAC + * @version 0.6.0 + * @link http://my-aac.org + */ +defined('MYAAC') or die('Direct access not allowed!'); + +$email_new_time = $account_logged->getCustomField("email_new_time"); + +if($email_new_time > 10) { + $email_new = $account_logged->getCustomField("email_new"); +} + +if($email_new_time < 10) { + if(isset($_POST['changeemailsave']) && $_POST['changeemailsave'] == 1) { + $email_new = $_POST['new_email']; + $post_password = $_POST['password']; + + if(!Validator::email($email_new)) { + $errors[] = Validator::getLastError(); + } + + if(empty($post_password)) { + $errors[] = 'Please enter password to your account.'; + } + else { + $post_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $post_password); + if($post_password != $account_logged->getPassword()) { + $errors[] = 'Wrong password to account.'; + } + } + + if(empty($errors)) { + $email_new_time = time() + $config['account_mail_change'] * 24 * 3600; + $account_logged->setCustomField("email_new", $email_new); + $account_logged->setCustomField("email_new_time", $email_new_time); + echo $twig->render('success.html.twig', array( + 'title' => 'New Email Address Requested', + 'description' => 'You have requested to change your email address to ' . $email_new . '. The actual change will take place after ' . date("j F Y, G:i:s", $email_new_time) . ', during which you can cancel the request at any time.' + )); + } + else + { + //show errors + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + + //show form + echo $twig->render('account.change_mail.html.twig', array( + 'new_email' => isset($_POST['new_email']) ? $_POST['new_email'] : null + )); + } + } + else + { + echo $twig->render('account.change_mail.html.twig', array( + 'new_email' => isset($_POST['new_email']) ? $_POST['new_email'] : null + )); + } + +} +else +{ + if($email_new_time < time()) { + if($_POST['changeemailsave'] == 1) { + $account_logged->setCustomField("email_new", ""); + $account_logged->setCustomField("email_new_time", 0); + $account_logged->setEmail($email_new); + $account_logged->save(); + $account_logged->logAction('Account email changed to ' . $email_new . ''); + + echo $twig->render('success.html.twig', array( + 'title' => 'Email Address Change Accepted', + 'description' => 'You have accepted ' . $account_logged->getEmail() . ' as your new email adress.' + )); + } + else + { + $custom_buttons = ' + + + + + + + + +
  +
+ +
+ 		+
+ + +
+ 		+
+
+
+
+ 		 
'; + echo $twig->render('success.html.twig', array( + 'title' => 'Email Address Change Accepted', + 'description' => 'Do you accept '.$email_new.' as your new email adress?', + 'custom_buttons' => $custom_buttons + )); + } + } + else + { + $custom_buttons = ' + + + + + +
+ + + + + + +
+ +
+
+
+ 		+ + + + + + +
+
+
+
+
'; + echo $twig->render('success.html.twig', array( + 'title' => 'Change of Email Address', + 'description' => 'A request has been submitted to change the email address of this account to '.$email_new.'.
The actual change will take place on '.date("j F Y, G:i:s", $email_new_time).'.
If you do not want to change your email address, please click on "Cancel".', + 'custom_buttons' => $custom_buttons + )); + } +} +if(isset($_POST['emailchangecancel']) && $_POST['emailchangecancel'] == 1) { + $account_logged->setCustomField("email_new", ""); + $account_logged->setCustomField("email_new_time", 0); + + $custom_buttons = '
'; + + echo $twig->render('success.html.twig', array( + 'title' => 'Email Address Change Cancelled', + 'description' => 'Your request to change the email address of your account has been cancelled. The email address will not be changed.', + 'custom_buttons' => $custom_buttons + )); +} +?> \ No newline at end of file diff --git a/system/pages/account/change_info.php b/system/pages/account/change_info.php new file mode 100644 index 00000000..8a414800 --- /dev/null +++ b/system/pages/account/change_info.php @@ -0,0 +1,62 @@ + + * @author Slawkens + * @copyright 2017 MyAAC + * @version 0.6.0 + * @link http://my-aac.org + */ +defined('MYAAC') or die('Direct access not allowed!'); + +$show_form = true; +$new_rlname = isset($_POST['info_rlname']) ? htmlspecialchars(stripslashes($_POST['info_rlname'])) : NULL; +$new_location = isset($_POST['info_location']) ? htmlspecialchars(stripslashes($_POST['info_location'])) : NULL; +$new_country = isset($_POST['info_country']) ? htmlspecialchars(stripslashes($_POST['info_country'])) : NULL; +if(isset($_POST['changeinfosave']) && $_POST['changeinfosave'] == 1) { + if(!isset($config['countries'][$new_country])) + $errors[] = 'Country is not correct.'; + + if(empty($errors)) { + //save data from form + $account_logged->setCustomField("rlname", $new_rlname); + $account_logged->setCustomField("location", $new_location); + $account_logged->setCustomField("country", $new_country); + $account_logged->logAction('Changed Real Name to ' . $new_rlname . ', Location to ' . $new_location . ' and Country to ' . $config['countries'][$new_country] . '.'); + echo $twig->render('success.html.twig', array( + 'title' => 'Public Information Changed', + 'description' => 'Your public information has been changed.' + )); + $show_form = false; + } + else { + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + } +} + +//show form +if($show_form) { + $account_rlname = $account_logged->getCustomField("rlname"); + $account_location = $account_logged->getCustomField("location"); + if ($config['account_country']) + $account_country = $account_logged->getCustomField("country"); + + $countries = array(); + foreach (array('pl', 'se', 'br', 'us', 'gb',) as $country) + $countries[$country] = $config['countries'][$country]; + + $countries['--'] = '----------'; + + foreach ($config['countries'] as $code => $country) + $countries[$code] = $country; + + echo $twig->render('account.change_info.html.twig', array( + 'countries' => $countries, + 'account_rlname' => $account_rlname, + 'account_location' => $account_location, + 'account_country' => $account_country + )); +} +?> \ No newline at end of file diff --git a/system/pages/account/change_name.php b/system/pages/account/change_name.php new file mode 100644 index 00000000..186b15b8 --- /dev/null +++ b/system/pages/account/change_name.php @@ -0,0 +1,93 @@ + + * @author Slawkens + * @copyright 2017 MyAAC + * @version 0.6.0 + * @link http://my-aac.org + */ +defined('MYAAC') or die('Direct access not allowed!'); + +echo ''; + +$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL; +$name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : NULL; +if((!$config['account_change_character_name'])) + echo 'Changing character name for premium points is disabled on this server.'; +else +{ + $points = $account_logged->getCustomField('premium_points'); + if(isset($_POST['changenamesave']) && $_POST['changenamesave'] == 1) { + if($points < $config['account_change_character_name_points']) + $errors[] = 'You need ' . $config['account_change_character_name_points'] . ' premium points to change name. You have '.$points.' premium points.'; + + if(empty($errors) && empty($name)) + $errors[] = 'Please enter a new name for your character!'; + else if(strlen($name) > 25) + $errors[] = 'Name is too long. Max. lenght 25 letters.'; + else if(strlen($name) < 3) + $errors[] = 'Name is too short. Min. lenght 3 letters.'; + else { + $exist = new OTS_Player(); + $exist->find($name); + if($exist->isLoaded()) { + $errors[] = 'Character with this name already exist.'; + } + } + + if(empty($errors)) + { + if(!admin() && !Validator::newCharacterName($name)) + $errors[] = Validator::getLastError(); + } + + if(empty($errors)) { + $player = new OTS_Player(); + $player->load($player_id); + if($player->isLoaded()) { + $player_account = $player->getAccount(); + if($account_logged->getId() == $player_account->getId()) { + if($player->isOnline()) { + $errors[] = 'This character is online.'; + } + + if(empty($errors)) { + $show_form = false; + $old_name = $player->getName(); + $player->setName($name); + $player->save(); + $account_logged->setCustomField("premium_points", $points - $config['account_change_character_name_points']); + $account_logged->logAction('Changed name from ' . $old_name . ' to ' . $player->getName() . '.'); + echo $twig->render('success.html.twig', array( + 'title' => 'Character Name Changed', + 'description' => 'The character '.$old_name.' name has been changed to ' . $player->getName() . '.' + )); + } + } + else { + $errors[] = 'Character ' . $player_name . ' is not on your account.'; + } + } + else { + $errors[] = "Character with this name doesn't exist."; + } + } + } + + if($show_form) { + if(!empty($errors)) { + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + } + + echo $twig->render('account.change_name.html.twig', array( + 'points' => $points, + 'errors' => $errors + //'account_players' => $account_logged->getPlayersList() + )); + } +} + +?> \ No newline at end of file diff --git a/system/pages/account/change_password.php b/system/pages/account/change_password.php new file mode 100644 index 00000000..91a7027c --- /dev/null +++ b/system/pages/account/change_password.php @@ -0,0 +1,84 @@ + + * @author Slawkens + * @copyright 2017 MyAAC + * @version 0.6.0 + * @link http://my-aac.org + */ +defined('MYAAC') or die('Direct access not allowed!'); + +$new_password = isset($_POST['newpassword']) ? $_POST['newpassword'] : NULL; +$new_password2 = isset($_POST['newpassword2']) ? $_POST['newpassword2'] : NULL; +$old_password = isset($_POST['oldpassword']) ? $_POST['oldpassword'] : NULL; +if(empty($new_password) && empty($new_password2) && empty($old_password)) { + echo $twig->render('account.change_password.html.twig'); +} +else +{ + if(empty($new_password) || empty($new_password2) || empty($old_password)){ + $errors[] = "Please fill in form."; + } + $password_strlen = strlen($new_password); + if($new_password != $new_password2) { + $errors[] = "The new passwords do not match!"; + } + + if(empty($errors)) { + if(!Validator::password($new_password)) { + $errors[] = Validator::getLastError(); + } + + $old_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $old_password); + if($old_password != $account_logged->getPassword()) { + $errors[] = "Current password is incorrect!"; + } + } + if(!empty($errors)){ + //show errors + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + + //show form + echo $twig->render('account.change_password.html.twig'); + } + else + { + $org_pass = $new_password; + + if($config_salt_enabled) + { + $salt = generateRandomString(10, false, true, true); + $new_password = $salt . $new_password; + $account_logged->setCustomField('salt', $salt); + } + + $new_password = encrypt($new_password); + $account_logged->setPassword($new_password); + $account_logged->save(); + $account_logged->logAction('Account password changed.'); + + $message = ''; + if($config['mail_enabled'] && $config['send_mail_when_change_password']) + { + $mailBody = $twig->render('mail.password_changed.html.twig', array( + 'new_password' => $org_pass + )); + + if(_mail($account_logged->getEMail(), $config['lua']['serverName']." - Changed password", $mailBody)) + $message = '
Your new password were send on email address '.$account_logged->getEMail().'.'; + else + $message = '

An error occorred while sending email with password:
' . $mailer->ErrorInfo . '

'; + } + + echo $twig->render('success.html.twig', array( + 'title' => 'Password Changed', + 'description' => 'Your password has been changed.' . $message + )); + $_SESSION['password'] = $new_password; + } +} + +?> \ No newline at end of file diff --git a/system/pages/account/change_sex.php b/system/pages/account/change_sex.php new file mode 100644 index 00000000..6b01286a --- /dev/null +++ b/system/pages/account/change_sex.php @@ -0,0 +1,89 @@ + + * @author Slawkens + * @copyright 2017 MyAAC + * @version 0.6.0 + * @link http://my-aac.org + */ +defined('MYAAC') or die('Direct access not allowed!'); + +$sex_changed = false; +$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL; +$new_sex = isset($_POST['new_sex']) ? (int)$_POST['new_sex'] : NULL; +if((!$config['account_change_character_sex'])) + echo 'You cant change your character sex'; +else +{ + $points = $account_logged->getCustomField('premium_points'); + if(isset($_POST['changesexsave']) && $_POST['changesexsave'] == 1) { + if($points < $config['account_change_character_sex_points']) + $errors[] = 'You need ' . $config['account_change_character_sex_points'] . ' premium points to change sex. You have '.$points.' premium points.'; + + if(empty($errors) && !isset($config['genders'][$new_sex])) { + $errors[] = 'This sex is invalid.'; + } + + if(empty($errors)) { + $player = new OTS_Player(); + $player->load($player_id); + + if($player->isLoaded()) { + $player_account = $player->getAccount(); + + if($account_logged->getId() == $player_account->getId()) { + if($player->isOnline()) { + $errors[] = 'This character is online.'; + } + + if(empty($errors) && $player->getSex() == $new_sex) + $errors[] = 'Sex cannot be same'; + + if(empty($errors)) { + $sex_changed = true; + $old_sex = $player->getSex(); + $player->setSex($new_sex); + + $old_sex_str = 'Unknown'; + if(isset($config['genders'][$old_sex])) + $old_sex_str = $config['genders'][$old_sex]; + + $new_sex_str = 'Unknown'; + if(isset($config['genders'][$new_sex])) + $new_sex_str = $config['genders'][$new_sex]; + + $player->save(); + $account_logged->setCustomField("premium_points", $points - $config['account_change_character_name_points']); + $account_logged->logAction('Changed sex on character ' . $player->getName() . ' from ' . $old_sex_str . ' to ' . $new_sex_str . '.'); + echo $twig->render('success.html.twig', array( + 'title' => 'Character Sex Changed', + 'description' => 'The character ' . $player->getName() . ' sex has been changed to ' . $new_sex_str . '.' + )); + } + } + else { + $errors[] = 'Character '.$player_name.' is not on your account.'; + } + } + else { + $errors[] = "Character with this name doesn't exist."; + } + } + } + + if(!$sex_changed) { + if(!empty($errors)) { + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + } + echo $twig->render('account.change_sex.html.twig', array( + 'players' => $account_logged->getPlayersList(), + 'player_sex' => isset($player) ? $player->getSex() : -1, + 'points' => $points + )); + } +} + +?> \ No newline at end of file diff --git a/system/pages/account/create_character.php b/system/pages/account/create_character.php new file mode 100644 index 00000000..8c8bba0f --- /dev/null +++ b/system/pages/account/create_character.php @@ -0,0 +1,208 @@ + + * @author Slawkens + * @copyright 2017 MyAAC + * @version 0.6.0 + * @link http://my-aac.org + */ +defined('MYAAC') or die('Direct access not allowed!'); + +echo ''; +$newchar_name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : NULL; +$newchar_sex = isset($_POST['sex']) ? $_POST['sex'] : NULL; +$newchar_vocation = isset($_POST['vocation']) ? $_POST['vocation'] : NULL; +$newchar_town = isset($_POST['town']) ? $_POST['town'] : NULL; + +$newchar_created = false; +$save = isset($_POST['save']) && $_POST['save'] == 1; +if($save) { + if(empty($newchar_name)) + $errors['name'] = 'Please enter a name for your character!'; + else if(strlen($newchar_name) > 25) + $errors['name'] = 'Name is too long. Max. lenght 25 letters.'; + else if(strlen($newchar_name) < 3) + $errors['name'] = 'Name is too short. Min. lenght 3 letters.'; + else { + if(!admin() && !Validator::newCharacterName($newchar_name)) { + $errors['name'] = Validator::getLastError(); + } + + $exist = new OTS_Player(); + $exist->find($newchar_name); + if($exist->isLoaded()) { + $errors['name'] = 'Character with this name already exist.'; + } + } + + if(empty($newchar_sex) && $newchar_sex != "0") + $errors[] = 'Please select the sex for your character!'; + + if(count($config['character_samples']) > 1) + { + if(!isset($newchar_vocation)) + $errors[] = 'Please select a vocation for your character.'; + } + else + $newchar_vocation = $config['character_samples'][0]; + + if(count($config['character_towns']) > 1) { + if(!isset($newchar_town)) + $errors[] = 'Please select a town for your character.'; + } + else { + $newchar_town = $config['character_towns'][0]; + } + + if(empty($errors)) { + if(!isset($config['genders'][$newchar_sex])) + $errors[] = 'Sex is invalid.'; + if(!in_array($newchar_town, $config['character_towns'])) + $errors[] = 'Please select valid town.'; + if(count($config['character_samples']) > 1) + { + $newchar_vocation_check = false; + foreach($config['character_samples'] as $char_vocation_key => $sample_char) + if($newchar_vocation == $char_vocation_key) + $newchar_vocation_check = true; + if(!$newchar_vocation_check) + $errors[] = 'Unknown vocation. Please fill in form again.'; + } + else + $newchar_vocation = 0; + } + + if(empty($errors)) + { + $number_of_players_on_account = $account_logged->getPlayersList()->count(); + if($number_of_players_on_account >= $config['characters_per_account']) + $errors[] = 'You have too many characters on your account ('.$number_of_players_on_account.'/'.$config['characters_per_account'].')!'; + } + + if(empty($errors)) + { + $char_to_copy_name = $config['character_samples'][$newchar_vocation]; + $char_to_copy = new OTS_Player(); + $char_to_copy->find($char_to_copy_name); + if(!$char_to_copy->isLoaded()) + $errors[] = 'Wrong characters configuration. Try again or contact with admin. ADMIN: Edit file config/config.php and set valid characters to copy names. Character to copy: '.$char_to_copy_name.' doesn\'t exist.'; + } + + if(empty($errors)) + { + if($newchar_sex == "0") + $char_to_copy->setLookType(136); + $player = $ots->createObject('Player'); + $player->setName($newchar_name); + $player->setAccount($account_logged); + //$player->setGroupId($char_to_copy->getGroup()->getId()); + $player->setGroupId(1); + $player->setSex($newchar_sex); + $player->setVocation($char_to_copy->getVocation()); + if(fieldExist('promotion', 'players')) + $player->setPromotion($char_to_copy->getPromotion()); + + if(fieldExist('direction', 'players')) + $player->setDirection($char_to_copy->getDirection()); + + $player->setConditions($char_to_copy->getConditions()); + $rank = $char_to_copy->getRank(); + if($rank->isLoaded()) { + $player->setRank($char_to_copy->getRank()); + } + + if(fieldExist('lookaddons', 'players')) + $player->setLookAddons($char_to_copy->getLookAddons()); + + $player->setTownId($newchar_town); + $player->setExperience($char_to_copy->getExperience()); + $player->setLevel($char_to_copy->getLevel()); + $player->setMagLevel($char_to_copy->getMagLevel()); + $player->setHealth($char_to_copy->getHealth()); + $player->setHealthMax($char_to_copy->getHealthMax()); + $player->setMana($char_to_copy->getMana()); + $player->setManaMax($char_to_copy->getManaMax()); + $player->setManaSpent($char_to_copy->getManaSpent()); + $player->setSoul($char_to_copy->getSoul()); + + for($skill = POT::SKILL_FIRST; $skill <= POT::SKILL_LAST; $skill++) + $player->setSkill($skill, 10); + + $player->setLookBody($char_to_copy->getLookBody()); + $player->setLookFeet($char_to_copy->getLookFeet()); + $player->setLookHead($char_to_copy->getLookHead()); + $player->setLookLegs($char_to_copy->getLookLegs()); + $player->setLookType($char_to_copy->getLookType()); + $player->setCap($char_to_copy->getCap()); + $player->setBalance(0); + $player->setPosX(0); + $player->setPosY(0); + $player->setPosZ(0); + $player->setStamina($config['otserv_version'] == TFS_03 ? 151200000 : 2520); + if(fieldExist('loss_experience', 'players')) { + $player->setLossExperience($char_to_copy->getLossExperience()); + $player->setLossMana($char_to_copy->getLossMana()); + $player->setLossSkills($char_to_copy->getLossSkills()); + } + if(fieldExist('loss_items', 'players')) { + $player->setLossItems($char_to_copy->getLossItems()); + $player->setLossContainers($char_to_copy->getLossContainers()); + } + + $player->save(); + $player->setCustomField("created", time()); + + $newchar_created = true; + $account_logged->logAction('Created character ' . $player->getName() . '.'); + unset($player); + + $player = new OTS_Player(); + $player->find($newchar_name); + + if($player->isLoaded()) { + if(tableExist('player_skills')) { + for($i=0; $i<7; $i++) { + $skillExists = $db->query('SELECT `skillid` FROM `player_skills` WHERE `player_id` = ' . $player->getId() . ' AND `skillid` = ' . $i); + if($skillExists->rowCount() <= 0) { + $db->query('INSERT INTO `player_skills` (`player_id`, `skillid`, `value`, `count`) VALUES ('.$player->getId().', '.$i.', 10, 0)'); + } + } + } + + $loaded_items_to_copy = $db->query("SELECT * FROM player_items WHERE player_id = ".$char_to_copy->getId().""); + foreach($loaded_items_to_copy as $save_item) + $db->query("INSERT INTO `player_items` (`player_id` ,`pid` ,`sid` ,`itemtype`, `count`, `attributes`) VALUES ('".$player->getId()."', '".$save_item['pid']."', '".$save_item['sid']."', '".$save_item['itemtype']."', '".$save_item['count']."', '".$save_item['attributes']."');"); + + echo $twig->render('success.html.twig', array( + 'title' => 'Character Created', + 'description' => 'The character ' . $newchar_name . ' has been created.
+ Please select the outfit when you log in for the first time.

+ See you on ' . $config['lua']['serverName'] . '!' + )); + } + else + { + error("Error. Can't create character. Probably problem with database. Please try again later or contact with admin."); + return; + } + } +} + +if(count($errors) > 0) { + echo $twig->render('error_box.html.twig', array('errors' => $errors)); +} + +if(!$newchar_created) { + echo $twig->render('account.create_character.html.twig', array( + 'name' => $newchar_name, + 'sex' => $newchar_sex, + 'vocation' => $newchar_vocation, + 'town' => $newchar_town, + 'save' => $save, + 'errors' => $errors + )); +} +?> \ No newline at end of file diff --git a/system/pages/account/delete_character.php b/system/pages/account/delete_character.php new file mode 100644 index 00000000..a07b82e5 --- /dev/null +++ b/system/pages/account/delete_character.php @@ -0,0 +1,70 @@ + + * @author Slawkens + * @copyright 2017 MyAAC + * @version 0.6.0 + * @link http://my-aac.org + */ +defined('MYAAC') or die('Direct access not allowed!'); + +$player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : NULL; +$password_verify = isset($_POST['delete_password']) ? $_POST['delete_password'] : NULL; +$password_verify = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $password_verify); +if(isset($_POST['deletecharactersave']) && $_POST['deletecharactersave'] == 1) { + if(!empty($player_name) && !empty($password_verify)) { + if(Validator::characterName($player_name)) { + $player = new OTS_Player(); + $player->find($player_name); + if($player->isLoaded()) { + $player_account = $player->getAccount(); + if($account_logged->getId() == $player_account->getId()) { + if($password_verify == $account_logged->getPassword()) { + if(!$player->isOnline()) + { + //dont show table "delete character" again + $show_form = false; + //delete player + if(fieldExist('deletion', 'players')) + $player->setCustomField('deletion', 1); + else + $player->setCustomField('deleted', 1); + $account_logged->logAction('Deleted character ' . $player->getName() . '.'); + echo $twig->render('success.html.twig', array( + 'title' => 'Character Deleted', + 'description' => 'The character ' . $player_name . ' has been deleted.' + )); + } + else + $errors[] = 'This character is online.'; + } + else { + $errors[] = 'Wrong password to account.'; + } + } + else { + $errors[] = 'Character '.$player_name.' is not on your account.'; + } + } + else { + $errors[] = 'Character with this name doesn\'t exist.'; + } + } + else { + $errors[] = 'Name contain illegal characters.'; + } + } + else { + $errors[] = 'Character name or/and password is empty. Please fill in form.'; + } +} +if($show_form) { + if(!empty($errors)) { + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + } + echo $twig->render('account.delete_character.html.twig'); +} +?> \ No newline at end of file diff --git a/system/pages/account/register.php b/system/pages/account/register.php new file mode 100644 index 00000000..624f275e --- /dev/null +++ b/system/pages/account/register.php @@ -0,0 +1,59 @@ + + * @author Slawkens + * @copyright 2017 MyAAC + * @version 0.6.0 + * @link http://my-aac.org + */ +defined('MYAAC') or die('Direct access not allowed!'); + +$_POST['reg_password'] = isset($_POST['reg_password']) ? $_POST['reg_password'] : ''; +$reg_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']); +$old_key = $account_logged->getCustomField("key"); + +if(isset($_POST['registeraccountsave']) && $_POST['registeraccountsave'] == "1") { + if($reg_password == $account_logged->getPassword()) { + if(empty($old_key)) { + $show_form = false; + $new_rec_key = generateRandomString(10, false, true, true); + + $account_logged->setCustomField("key", $new_rec_key); + $account_logged->logAction('Generated recovery key.'); + + if($config['mail_enabled'] && $config['send_mail_when_generate_reckey']) + { + $mailBody = $twig->render('mail.account.register.html.twig', array( + 'recovery_key' => $new_rec_key + )); + if(_mail($account_logged->getEMail(), $config['lua']['serverName']." - Recovery Key", $mailBody)) + $message = '
Your recovery key were send on email address '.$account_logged->getEMail().'.'; + else + $message = '

An error occorred while sending email with recovery key! You will not receive e-mail with this key. Error:
' . $mailer->ErrorInfo . '

'; + } + echo $twig->render('success.html.twig', array( + 'title' => 'Account Registered', + 'description' => 'Thank you for registering your account! You can now recover your account if you have lost access to the assigned email address by using the following

   Recovery Key: '.$new_rec_key.'


Important:
  • Write down this recovery key carefully.
  • Store it at a safe place!
    • ' . $message . '
' + )); + } + else + $errors[] = 'Your account is already registered.'; + } + else + $errors[] = 'Wrong password to account.'; +} + +if($show_form) { + if(!empty($errors)) { + //show errors + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + } + + //show form + echo $twig->render('account.generate_recovery_key.html.twig'); +} + +?> \ No newline at end of file diff --git a/system/pages/account/register_new.php b/system/pages/account/register_new.php new file mode 100644 index 00000000..82d610fe --- /dev/null +++ b/system/pages/account/register_new.php @@ -0,0 +1,72 @@ + + * @author Slawkens + * @copyright 2017 MyAAC + * @version 0.6.0 + * @link http://my-aac.org + */ +defined('MYAAC') or die('Direct access not allowed!'); + +if(isset($_POST['reg_password'])) + $reg_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']); + +$reckey = $account_logged->getCustomField('key'); +if((!$config['generate_new_reckey'] || !$config['mail_enabled']) || empty($reckey)) + echo 'You cant get new rec key'; +else +{ + $points = $account_logged->getCustomField('premium_points'); + if(isset($_POST['registeraccountsave']) && $_POST['registeraccountsave'] == '1') + { + if($reg_password == $account_logged->getPassword()) + { + if($points >= $config['generate_new_reckey_price']) + { + $show_form = false; + $new_rec_key = generateRandomString(10, false, true, true); + + $mailBody = $twig->render('mail.account.register.html.twig', array( + 'recovery_key' => $new_rec_key + )); + + if(_mail($account_logged->getEMail(), $config['lua']['serverName']." - new recovery key", $mailBody)) + { + $account_logged->setCustomField("key", $new_rec_key); + $account_logged->setCustomField("premium_points", $account_logged->getCustomField("premium_points") - $config['generate_new_reckey_price']); + $account_logged->logAction('Generated new recovery key for ' . $config['generate_new_reckey_price'] . ' premium points.'); + $message = '
Your recovery key were send on email address '.$account_logged->getEMail().' for '.$config['generate_new_reckey_price'].' premium points.'; + } + else + $message = '

An error occorred while sending email ( '.$account_logged->getEMail().' ) with recovery key! Recovery key not changed. Try again. Error:
' . $mailer->ErrorInfo . '

'; + + echo $twig->render('success.html.twig', array( + 'title' => 'Account Registered', + 'description' => '
    ' . $message . '
' + )); + } + else + $errors[] = 'You need '.$config['generate_new_reckey_price'].' premium points to generate new recovery key. You have '.$points.' premium points.'; + } + else + $errors[] = 'Wrong password to account.'; + } + + //show errors if not empty + if(!empty($errors)) { + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + } + + if($show_form) + { + //show form + echo $twig->render('account.generate_new_recovery_key.html.twig', array( + 'points' => $points + )); + } +} + +?> \ No newline at end of file diff --git a/system/pages/accountmanagement.php b/system/pages/accountmanagement.php index d0af7a3f..928af2b8 100644 --- a/system/pages/accountmanagement.php +++ b/system/pages/accountmanagement.php @@ -124,862 +124,7 @@ $errors = array(); 'players' => $account_players )); } -//########### CHANGE PASSWORD ########## - if($action == "changepassword") { - $new_password = isset($_POST['newpassword']) ? $_POST['newpassword'] : NULL; - $new_password2 = isset($_POST['newpassword2']) ? $_POST['newpassword2'] : NULL; - $old_password = isset($_POST['oldpassword']) ? $_POST['oldpassword'] : NULL; - if(empty($new_password) && empty($new_password2) && empty($old_password)) { - echo $twig->render('account.change_password.html.twig'); - } - else - { - if(empty($new_password) || empty($new_password2) || empty($old_password)){ - $errors[] = "Please fill in form."; - } - $password_strlen = strlen($new_password); - if($new_password != $new_password2) { - $errors[] = "The new passwords do not match!"; - } - - if(empty($errors)) { - if(!Validator::password($new_password)) { - $errors[] = Validator::getLastError(); - } - - $old_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $old_password); - if($old_password != $account_logged->getPassword()) { - $errors[] = "Current password is incorrect!"; - } - } - if(!empty($errors)){ - //show errors - echo $twig->render('error_box.html.twig', array('errors' => $errors)); - - //show form - echo $twig->render('account.change_password.html.twig'); - } - else - { - $org_pass = $new_password; - - if($config_salt_enabled) - { - $salt = generateRandomString(10, false, true, true); - $new_password = $salt . $new_password; - $account_logged->setCustomField('salt', $salt); - } - - $new_password = encrypt($new_password); - $account_logged->setPassword($new_password); - $account_logged->save(); - $account_logged->logAction('Account password changed.'); - - $message = ''; - if($config['mail_enabled'] && $config['send_mail_when_change_password']) - { - $mailBody = $twig->render('mail.password_changed.html.twig', array( - 'new_password' => $org_pass - )); - - if(_mail($account_logged->getEMail(), $config['lua']['serverName']." - Changed password", $mailBody)) - $message = '
Your new password were send on email address '.$account_logged->getEMail().'.'; - else - $message = '

An error occorred while sending email with password:
' . $mailer->ErrorInfo . '

'; - } - - echo $twig->render('success.html.twig', array( - 'title' => 'Password Changed', - 'description' => 'Your password has been changed.' . $message - )); - $_SESSION['password'] = $new_password; - } - } - } - -//############# CHANGE E-MAIL ################### -if($action == "changeemail") { - $email_new_time = $account_logged->getCustomField("email_new_time"); - - if($email_new_time > 10) { - $email_new = $account_logged->getCustomField("email_new"); - } - - if($email_new_time < 10) { - if(isset($_POST['changeemailsave']) && $_POST['changeemailsave'] == 1) { - $email_new = $_POST['new_email']; - $post_password = $_POST['password']; - - if(!Validator::email($email_new)) { - $errors[] = Validator::getLastError(); - } - - if(empty($post_password)) { - $errors[] = 'Please enter password to your account.'; - } - else { - $post_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $post_password); - if($post_password != $account_logged->getPassword()) { - $errors[] = 'Wrong password to account.'; - } - } - - if(empty($errors)) { - $email_new_time = time() + $config['account_mail_change'] * 24 * 3600; - $account_logged->setCustomField("email_new", $email_new); - $account_logged->setCustomField("email_new_time", $email_new_time); - echo $twig->render('success.html.twig', array( - 'title' => 'New Email Address Requested', - 'description' => 'You have requested to change your email address to ' . $email_new . '. The actual change will take place after ' . date("j F Y, G:i:s", $email_new_time) . ', during which you can cancel the request at any time.' - )); - } - else - { - //show errors - echo $twig->render('error_box.html.twig', array('errors' => $errors)); - - //show form - echo $twig->render('account.change_mail.html.twig', array( - 'new_email' => isset($_POST['new_email']) ? $_POST['new_email'] : null - )); - } - } - else - { - echo $twig->render('account.change_mail.html.twig', array( - 'new_email' => isset($_POST['new_email']) ? $_POST['new_email'] : null - )); - } - - } - else - { - if($email_new_time < time()) { - if($_POST['changeemailsave'] == 1) { - $account_logged->setCustomField("email_new", ""); - $account_logged->setCustomField("email_new_time", 0); - $account_logged->setEmail($email_new); - $account_logged->save(); - $account_logged->logAction('Account email changed to ' . $email_new . ''); - - echo $twig->render('success.html.twig', array( - 'title' => 'Email Address Change Accepted', - 'description' => 'You have accepted ' . $account_logged->getEmail() . ' as your new email adress.' - )); - } - else - { - $custom_buttons = ' - - - - - - - - -
  -
- -
- 		-
- - -
- 		-
-
-
-
- 		 
'; - echo $twig->render('success.html.twig', array( - 'title' => 'Email Address Change Accepted', - 'description' => 'Do you accept '.$email_new.' as your new email adress?', - 'custom_buttons' => $custom_buttons - )); - } - } - else - { - $custom_buttons = ' - - - - - -
- - - - - - -
- -
-
-
- 		- - - - - - -
-
-
-
-
'; - echo $twig->render('success.html.twig', array( - 'title' => 'Change of Email Address', - 'description' => 'A request has been submitted to change the email address of this account to '.$email_new.'.
The actual change will take place on '.date("j F Y, G:i:s", $email_new_time).'.
If you do not want to change your email address, please click on "Cancel".', - 'custom_buttons' => $custom_buttons - )); - } - } - if(isset($_POST['emailchangecancel']) && $_POST['emailchangecancel'] == 1) { - $account_logged->setCustomField("email_new", ""); - $account_logged->setCustomField("email_new_time", 0); - - $custom_buttons = '
'; - - echo $twig->render('success.html.twig', array( - 'title' => 'Email Address Change Cancelled', - 'description' => 'Your request to change the email address of your account has been cancelled. The email address will not be changed.', - 'custom_buttons' => $custom_buttons - )); - } -} - -//########### CHANGE PUBLIC INFORMATION (about account owner) ###################### - if($action == "changeinfo") { - $show_form = true; - $new_rlname = isset($_POST['info_rlname']) ? htmlspecialchars(stripslashes($_POST['info_rlname'])) : NULL; - $new_location = isset($_POST['info_location']) ? htmlspecialchars(stripslashes($_POST['info_location'])) : NULL; - $new_country = isset($_POST['info_country']) ? htmlspecialchars(stripslashes($_POST['info_country'])) : NULL; - if(isset($_POST['changeinfosave']) && $_POST['changeinfosave'] == 1) { - if(!isset($config['countries'][$new_country])) - $errors[] = 'Country is not correct.'; - - if(empty($errors)) { - //save data from form - $account_logged->setCustomField("rlname", $new_rlname); - $account_logged->setCustomField("location", $new_location); - $account_logged->setCustomField("country", $new_country); - $account_logged->logAction('Changed Real Name to ' . $new_rlname . ', Location to ' . $new_location . ' and Country to ' . $config['countries'][$new_country] . '.'); - echo $twig->render('success.html.twig', array( - 'title' => 'Public Information Changed', - 'description' => 'Your public information has been changed.' - )); - $show_form = false; - } - else { - echo $twig->render('error_box.html.twig', array('errors' => $errors)); - } - } - - //show form - if($show_form) { - $account_rlname = $account_logged->getCustomField("rlname"); - $account_location = $account_logged->getCustomField("location"); - if ($config['account_country']) - $account_country = $account_logged->getCustomField("country"); - - $countries = array(); - foreach (array('pl', 'se', 'br', 'us', 'gb',) as $country) - $countries[$country] = $config['countries'][$country]; - - $countries['--'] = '----------'; - - foreach ($config['countries'] as $code => $country) - $countries[$code] = $country; - - echo $twig->render('account.change_info.html.twig', array( - 'countries' => $countries, - 'account_rlname' => $account_rlname, - 'account_location' => $account_location, - 'account_country' => $account_country - )); - } - } - -//############## GENERATE RECOVERY KEY ########### - if($action == "registeraccount") - { - $_POST['reg_password'] = isset($_POST['reg_password']) ? $_POST['reg_password'] : ''; - $reg_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']); - $old_key = $account_logged->getCustomField("key"); - - if(isset($_POST['registeraccountsave']) && $_POST['registeraccountsave'] == "1") { - if($reg_password == $account_logged->getPassword()) { - if(empty($old_key)) { - $show_form = false; - $new_rec_key = generateRandomString(10, false, true, true); - - $account_logged->setCustomField("key", $new_rec_key); - $account_logged->logAction('Generated recovery key.'); - - if($config['mail_enabled'] && $config['send_mail_when_generate_reckey']) - { - $mailBody = $twig->render('mail.account.register.html.twig', array( - 'recovery_key' => $new_rec_key - )); - if(_mail($account_logged->getEMail(), $config['lua']['serverName']." - Recovery Key", $mailBody)) - $message = '
Your recovery key were send on email address '.$account_logged->getEMail().'.'; - else - $message = '

An error occorred while sending email with recovery key! You will not receive e-mail with this key. Error:
' . $mailer->ErrorInfo . '

'; - } - echo $twig->render('success.html.twig', array( - 'title' => 'Account Registered', - 'description' => 'Thank you for registering your account! You can now recover your account if you have lost access to the assigned email address by using the following

   Recovery Key: '.$new_rec_key.'


Important:
  • Write down this recovery key carefully.
  • Store it at a safe place!
    • ' . $message . '
' - )); - } - else - $errors[] = 'Your account is already registered.'; - } - else - $errors[] = 'Wrong password to account.'; - } - - if($show_form) { - if(!empty($errors)) { - //show errors - echo $twig->render('error_box.html.twig', array('errors' => $errors)); - } - - //show form - echo $twig->render('account.generate_recovery_key.html.twig'); - } - } - -//############## GENERATE NEW RECOVERY KEY ########### - if($action == "registernew") - { - if(isset($_POST['reg_password'])) - $reg_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']); - - $reckey = $account_logged->getCustomField('key'); - if((!$config['generate_new_reckey'] || !$config['mail_enabled']) || empty($reckey)) - echo 'You cant get new rec key'; - else - { - $points = $account_logged->getCustomField('premium_points'); - if(isset($_POST['registeraccountsave']) && $_POST['registeraccountsave'] == '1') - { - if($reg_password == $account_logged->getPassword()) - { - if($points >= $config['generate_new_reckey_price']) - { - $show_form = false; - $new_rec_key = generateRandomString(10, false, true, true); - - $mailBody = $twig->render('mail.account.register.html.twig', array( - 'recovery_key' => $new_rec_key - )); - - if(_mail($account_logged->getEMail(), $config['lua']['serverName']." - new recovery key", $mailBody)) - { - $account_logged->setCustomField("key", $new_rec_key); - $account_logged->setCustomField("premium_points", $account_logged->getCustomField("premium_points") - $config['generate_new_reckey_price']); - $account_logged->logAction('Generated new recovery key for ' . $config['generate_new_reckey_price'] . ' premium points.'); - $message = '
Your recovery key were send on email address '.$account_logged->getEMail().' for '.$config['generate_new_reckey_price'].' premium points.'; - } - else - $message = '

An error occorred while sending email ( '.$account_logged->getEMail().' ) with recovery key! Recovery key not changed. Try again. Error:
' . $mailer->ErrorInfo . '

'; - - echo $twig->render('success.html.twig', array( - 'title' => 'Account Registered', - 'description' => '
    ' . $message . '
' - )); - } - else - $errors[] = 'You need '.$config['generate_new_reckey_price'].' premium points to generate new recovery key. You have '.$points.' premium points.'; - } - else - $errors[] = 'Wrong password to account.'; - } - - //show errors if not empty - if(!empty($errors)) { - echo $twig->render('error_box.html.twig', array('errors' => $errors)); - } - - if($show_form) - { - //show form - echo $twig->render('account.generate_new_recovery_key.html.twig', array( - 'points' => $points - )); - } - } - } - - - -//###### CHANGE CHARACTER COMMENT ###### - if($action == "changecomment") { - $player_name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null; - $new_comment = isset($_POST['comment']) ? htmlspecialchars(stripslashes(substr($_POST['comment'],0,2000))) : NULL; - $new_hideacc = isset($_POST['accountvisible']) ? (int)$_POST['accountvisible'] : NULL; - - if($player_name != null) { - if (Validator::characterName($player_name)) { - $player = new OTS_Player(); - $player->find($player_name); - if ($player->isLoaded()) { - $player_account = $player->getAccount(); - if ($account_logged->getId() == $player_account->getId()) { - if (isset($_POST['changecommentsave']) && $_POST['changecommentsave'] == 1) { - $player->setCustomField("hidden", $new_hideacc); - $player->setCustomField("comment", $new_comment); - $account_logged->logAction('Changed comment for character ' . $player->getName() . '.'); - echo $twig->render('success.html.twig', array( - 'title' => 'Character Information Changed', - 'description' => 'The character information has been changed.' - )); - $show_form = false; - } - } else { - $errors[] = 'Error. Character ' . $player_name . ' is not on your account.'; - } - } else { - $errors[] = "Error. Character with this name doesn't exist."; - } - } else { - $errors[] = 'Error. Name contain illegal characters.'; - } - } - else { - $errors[] = 'Please enter character name.'; - } - - if($show_form) { - if(!empty($errors)) { - echo $twig->render('error_box.html.twig', array('errors' => $errors)); - } - - if(isset($player)) { - echo $twig->render('account.change_comment.html.twig', array( - 'player' => $player - )); - } - } - } - - if($action == "changename") { - echo ''; - - $player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL; - $name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : NULL; - if((!$config['account_change_character_name'])) - echo 'Changing character name for premium points is disabled on this server.'; - else - { - $points = $account_logged->getCustomField('premium_points'); - if(isset($_POST['changenamesave']) && $_POST['changenamesave'] == 1) { - if($points < $config['account_change_character_name_points']) - $errors[] = 'You need ' . $config['account_change_character_name_points'] . ' premium points to change name. You have '.$points.' premium points.'; - - if(empty($errors) && empty($name)) - $errors[] = 'Please enter a new name for your character!'; - else if(strlen($name) > 25) - $errors[] = 'Name is too long. Max. lenght 25 letters.'; - else if(strlen($name) < 3) - $errors[] = 'Name is too short. Min. lenght 3 letters.'; - else { - $exist = new OTS_Player(); - $exist->find($name); - if($exist->isLoaded()) { - $errors[] = 'Character with this name already exist.'; - } - } - - if(empty($errors)) - { - if(!admin() && !Validator::newCharacterName($name)) - $errors[] = Validator::getLastError(); - } - - if(empty($errors)) { - $player = new OTS_Player(); - $player->load($player_id); - if($player->isLoaded()) { - $player_account = $player->getAccount(); - if($account_logged->getId() == $player_account->getId()) { - if($player->isOnline()) { - $errors[] = 'This character is online.'; - } - - if(empty($errors)) { - $show_form = false; - $old_name = $player->getName(); - $player->setName($name); - $player->save(); - $account_logged->setCustomField("premium_points", $points - $config['account_change_character_name_points']); - $account_logged->logAction('Changed name from ' . $old_name . ' to ' . $player->getName() . '.'); - echo $twig->render('success.html.twig', array( - 'title' => 'Character Name Changed', - 'description' => 'The character '.$old_name.' name has been changed to ' . $player->getName() . '.' - )); - } - } - else { - $errors[] = 'Character ' . $player_name . ' is not on your account.'; - } - } - else { - $errors[] = "Character with this name doesn't exist."; - } - } - } - - if($show_form) { - if(!empty($errors)) { - echo $twig->render('error_box.html.twig', array('errors' => $errors)); - } - - echo $twig->render('account.change_name.html.twig', array( - 'points' => $points, - 'errors' => $errors - //'account_players' => $account_logged->getPlayersList() - )); - } - } - } - - if($action == "changesex") { - $sex_changed = false; - $player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL; - $new_sex = isset($_POST['new_sex']) ? (int)$_POST['new_sex'] : NULL; - if((!$config['account_change_character_sex'])) - echo 'You cant change your character sex'; - else - { - $points = $account_logged->getCustomField('premium_points'); - if(isset($_POST['changesexsave']) && $_POST['changesexsave'] == 1) { - if($points < $config['account_change_character_sex_points']) - $errors[] = 'You need ' . $config['account_change_character_sex_points'] . ' premium points to change sex. You have '.$points.' premium points.'; - - if(empty($errors) && !isset($config['genders'][$new_sex])) { - $errors[] = 'This sex is invalid.'; - } - - if(empty($errors)) { - $player = new OTS_Player(); - $player->load($player_id); - - if($player->isLoaded()) { - $player_account = $player->getAccount(); - - if($account_logged->getId() == $player_account->getId()) { - if($player->isOnline()) { - $errors[] = 'This character is online.'; - } - - if(empty($errors) && $player->getSex() == $new_sex) - $errors[] = 'Sex cannot be same'; - - if(empty($errors)) { - $sex_changed = true; - $old_sex = $player->getSex(); - $player->setSex($new_sex); - - $old_sex_str = 'Unknown'; - if(isset($config['genders'][$old_sex])) - $old_sex_str = $config['genders'][$old_sex]; - - $new_sex_str = 'Unknown'; - if(isset($config['genders'][$new_sex])) - $new_sex_str = $config['genders'][$new_sex]; - - $player->save(); - $account_logged->setCustomField("premium_points", $points - $config['account_change_character_name_points']); - $account_logged->logAction('Changed sex on character ' . $player->getName() . ' from ' . $old_sex_str . ' to ' . $new_sex_str . '.'); - echo $twig->render('success.html.twig', array( - 'title' => 'Character Sex Changed', - 'description' => 'The character ' . $player->getName() . ' sex has been changed to ' . $new_sex_str . '.' - )); - } - } - else { - $errors[] = 'Character '.$player_name.' is not on your account.'; - } - } - else { - $errors[] = "Character with this name doesn't exist."; - } - } - } - - if(!$sex_changed) { - if(!empty($errors)) { - echo $twig->render('error_box.html.twig', array('errors' => $errors)); - } - echo $twig->render('account.change_sex.html.twig', array( - 'players' => $account_logged->getPlayersList(), - 'player_sex' => isset($player) ? $player->getSex() : -1, - 'points' => $points - )); - } - } - } -//### DELETE character from account ### - if($action == "deletecharacter") { - $player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : NULL; - $password_verify = isset($_POST['delete_password']) ? $_POST['delete_password'] : NULL; - $password_verify = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $password_verify); - if(isset($_POST['deletecharactersave']) && $_POST['deletecharactersave'] == 1) { - if(!empty($player_name) && !empty($password_verify)) { - if(Validator::characterName($player_name)) { - $player = new OTS_Player(); - $player->find($player_name); - if($player->isLoaded()) { - $player_account = $player->getAccount(); - if($account_logged->getId() == $player_account->getId()) { - if($password_verify == $account_logged->getPassword()) { - if(!$player->isOnline()) - { - //dont show table "delete character" again - $show_form = false; - //delete player - if(fieldExist('deletion', 'players')) - $player->setCustomField('deletion', 1); - else - $player->setCustomField('deleted', 1); - $account_logged->logAction('Deleted character ' . $player->getName() . '.'); - echo $twig->render('success.html.twig', array( - 'title' => 'Character Deleted', - 'description' => 'The character ' . $player_name . ' has been deleted.' - )); - } - else - $errors[] = 'This character is online.'; - } - else { - $errors[] = 'Wrong password to account.'; - } - } - else { - $errors[] = 'Character '.$player_name.' is not on your account.'; - } - } - else { - $errors[] = 'Character with this name doesn\'t exist.'; - } - } - else { - $errors[] = 'Name contain illegal characters.'; - } - } - else { - $errors[] = 'Character name or/and password is empty. Please fill in form.'; - } - } - if($show_form) { - if(!empty($errors)) { - echo $twig->render('error_box.html.twig', array('errors' => $errors)); - } - echo $twig->render('account.delete_character.html.twig'); - } - } - -//## CREATE CHARACTER on account ### - if($action == "createcharacter") { - echo ''; - $newchar_name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : NULL; - $newchar_sex = isset($_POST['sex']) ? $_POST['sex'] : NULL; - $newchar_vocation = isset($_POST['vocation']) ? $_POST['vocation'] : NULL; - $newchar_town = isset($_POST['town']) ? $_POST['town'] : NULL; - - $newchar_created = false; - $save = isset($_POST['save']) && $_POST['save'] == 1; - if($save) { - if(empty($newchar_name)) - $errors['name'] = 'Please enter a name for your character!'; - else if(strlen($newchar_name) > 25) - $errors['name'] = 'Name is too long. Max. lenght 25 letters.'; - else if(strlen($newchar_name) < 3) - $errors['name'] = 'Name is too short. Min. lenght 3 letters.'; - else { - if(!admin() && !Validator::newCharacterName($newchar_name)) { - $errors['name'] = Validator::getLastError(); - } - - $exist = new OTS_Player(); - $exist->find($newchar_name); - if($exist->isLoaded()) { - $errors['name'] = 'Character with this name already exist.'; - } - } - - if(empty($newchar_sex) && $newchar_sex != "0") - $errors[] = 'Please select the sex for your character!'; - - if(count($config['character_samples']) > 1) - { - if(!isset($newchar_vocation)) - $errors[] = 'Please select a vocation for your character.'; - } - else - $newchar_vocation = $config['character_samples'][0]; - - if(count($config['character_towns']) > 1) { - if(!isset($newchar_town)) - $errors[] = 'Please select a town for your character.'; - } - else { - $newchar_town = $config['character_towns'][0]; - } - - if(empty($errors)) { - if(!isset($config['genders'][$newchar_sex])) - $errors[] = 'Sex is invalid.'; - if(!in_array($newchar_town, $config['character_towns'])) - $errors[] = 'Please select valid town.'; - if(count($config['character_samples']) > 1) - { - $newchar_vocation_check = false; - foreach($config['character_samples'] as $char_vocation_key => $sample_char) - if($newchar_vocation == $char_vocation_key) - $newchar_vocation_check = true; - if(!$newchar_vocation_check) - $errors[] = 'Unknown vocation. Please fill in form again.'; - } - else - $newchar_vocation = 0; - } - - if(empty($errors)) - { - $number_of_players_on_account = $account_logged->getPlayersList()->count(); - if($number_of_players_on_account >= $config['characters_per_account']) - $errors[] = 'You have too many characters on your account ('.$number_of_players_on_account.'/'.$config['characters_per_account'].')!'; - } - - if(empty($errors)) - { - $char_to_copy_name = $config['character_samples'][$newchar_vocation]; - $char_to_copy = new OTS_Player(); - $char_to_copy->find($char_to_copy_name); - if(!$char_to_copy->isLoaded()) - $errors[] = 'Wrong characters configuration. Try again or contact with admin. ADMIN: Edit file config/config.php and set valid characters to copy names. Character to copy: '.$char_to_copy_name.' doesn\'t exist.'; - } - - if(empty($errors)) - { - if($newchar_sex == "0") - $char_to_copy->setLookType(136); - $player = $ots->createObject('Player'); - $player->setName($newchar_name); - $player->setAccount($account_logged); - //$player->setGroupId($char_to_copy->getGroup()->getId()); - $player->setGroupId(1); - $player->setSex($newchar_sex); - $player->setVocation($char_to_copy->getVocation()); - if(fieldExist('promotion', 'players')) - $player->setPromotion($char_to_copy->getPromotion()); - - if(fieldExist('direction', 'players')) - $player->setDirection($char_to_copy->getDirection()); - - $player->setConditions($char_to_copy->getConditions()); - $rank = $char_to_copy->getRank(); - if($rank->isLoaded()) { - $player->setRank($char_to_copy->getRank()); - } - - if(fieldExist('lookaddons', 'players')) - $player->setLookAddons($char_to_copy->getLookAddons()); - - $player->setTownId($newchar_town); - $player->setExperience($char_to_copy->getExperience()); - $player->setLevel($char_to_copy->getLevel()); - $player->setMagLevel($char_to_copy->getMagLevel()); - $player->setHealth($char_to_copy->getHealth()); - $player->setHealthMax($char_to_copy->getHealthMax()); - $player->setMana($char_to_copy->getMana()); - $player->setManaMax($char_to_copy->getManaMax()); - $player->setManaSpent($char_to_copy->getManaSpent()); - $player->setSoul($char_to_copy->getSoul()); - - for($skill = POT::SKILL_FIRST; $skill <= POT::SKILL_LAST; $skill++) - $player->setSkill($skill, 10); - - $player->setLookBody($char_to_copy->getLookBody()); - $player->setLookFeet($char_to_copy->getLookFeet()); - $player->setLookHead($char_to_copy->getLookHead()); - $player->setLookLegs($char_to_copy->getLookLegs()); - $player->setLookType($char_to_copy->getLookType()); - $player->setCap($char_to_copy->getCap()); - $player->setBalance(0); - $player->setPosX(0); - $player->setPosY(0); - $player->setPosZ(0); - $player->setStamina($config['otserv_version'] == TFS_03 ? 151200000 : 2520); - if(fieldExist('loss_experience', 'players')) { - $player->setLossExperience($char_to_copy->getLossExperience()); - $player->setLossMana($char_to_copy->getLossMana()); - $player->setLossSkills($char_to_copy->getLossSkills()); - } - if(fieldExist('loss_items', 'players')) { - $player->setLossItems($char_to_copy->getLossItems()); - $player->setLossContainers($char_to_copy->getLossContainers()); - } - - $player->save(); - $player->setCustomField("created", time()); - - $newchar_created = true; - $account_logged->logAction('Created character ' . $player->getName() . '.'); - unset($player); - - $player = new OTS_Player(); - $player->find($newchar_name); - - if($player->isLoaded()) { - if(tableExist('player_skills')) { - for($i=0; $i<7; $i++) { - $skillExists = $db->query('SELECT `skillid` FROM `player_skills` WHERE `player_id` = ' . $player->getId() . ' AND `skillid` = ' . $i); - if($skillExists->rowCount() <= 0) { - $db->query('INSERT INTO `player_skills` (`player_id`, `skillid`, `value`, `count`) VALUES ('.$player->getId().', '.$i.', 10, 0)'); - } - } - } - - $loaded_items_to_copy = $db->query("SELECT * FROM player_items WHERE player_id = ".$char_to_copy->getId().""); - foreach($loaded_items_to_copy as $save_item) - $db->query("INSERT INTO `player_items` (`player_id` ,`pid` ,`sid` ,`itemtype`, `count`, `attributes`) VALUES ('".$player->getId()."', '".$save_item['pid']."', '".$save_item['sid']."', '".$save_item['itemtype']."', '".$save_item['count']."', '".$save_item['attributes']."');"); - - echo $twig->render('success.html.twig', array( - 'title' => 'Character Created', - 'description' => 'The character ' . $newchar_name . ' has been created.
- Please select the outfit when you log in for the first time.

- See you on ' . $config['lua']['serverName'] . '!' - )); - } - else - { - error("Error. Can't create character. Probably problem with database. Please try again later or contact with admin."); - return; - } - } - } - - if(count($errors) > 0) { - echo $twig->render('error_box.html.twig', array('errors' => $errors)); - } - - if(!$newchar_created) { - echo $twig->render('account.create_character.html.twig', array( - 'name' => $newchar_name, - 'sex' => $newchar_sex, - 'vocation' => $newchar_vocation, - 'town' => $newchar_town, - 'save' => $save, - 'errors' => $errors - )); - } + else if(file_exists(PAGES . 'account/' . $action)) { + require(PAGES . 'account/' . $action . '.php'); } ?>