diff --git a/admin/index.php b/admin/index.php index d0a16a2e..2045059c 100644 --- a/admin/index.php +++ b/admin/index.php @@ -1 +1 @@ -install/ directory exists. Please visit this url to start MyAAC Installation.
Delete install/ directory if you already installed MyAAC.
Remember to REFRESH this page when you\'re done!'); } $content = ''; // validate page $page = isset($_GET['p']) ? $_GET['p'] : ''; if(empty($page) || preg_match("/[^a-zA-Z0-9_\-]/", $page)) $page = 'dashboard'; $page = strtolower($page); define('PAGE', $page); require(SYSTEM . 'functions.php'); require(SYSTEM . 'init.php'); require(SYSTEM . 'status.php'); require(SYSTEM . 'login.php'); require(ADMIN . 'includes/functions.php'); // if we're not logged in - show login box if(!$logged || !admin()) { $page = 'login'; } // include our page $file = SYSTEM . 'pages/admin/' . $page . '.php'; if(!@file_exists($file)) { $page = '404'; $file = SYSTEM . 'pages/404.php'; } ob_start(); include($file); $content .= ob_get_contents(); ob_end_clean(); // template $template_path = 'templates/clean/'; require(ADMIN . $template_path . 'template.php'); ?> \ No newline at end of file +install/ directory exists. Please visit this url to start MyAAC Installation.
Delete install/ directory if you already installed MyAAC.
Remember to REFRESH this page when you\'re done!'); } $content = ''; // validate page $page = isset($_GET['p']) ? $_GET['p'] : ''; if(empty($page) || preg_match("/[^a-zA-Z0-9_\-]/", $page)) $page = 'dashboard'; $page = strtolower($page); define('PAGE', $page); require(SYSTEM . 'functions.php'); require(SYSTEM . 'init.php'); require(SYSTEM . 'status.php'); require(SYSTEM . 'login.php'); require(ADMIN . 'includes/functions.php'); // if we're not logged in - show login box if(!$logged || !admin()) { $page = 'login'; } // include our page $file = SYSTEM . 'pages/admin/' . $page . '.php'; if(!@file_exists($file)) { $page = '404'; $file = SYSTEM . 'pages/404.php'; } ob_start(); include($file); $content .= ob_get_contents(); ob_end_clean(); // template $template_path = 'templates/clean/'; require(ADMIN . $template_path . 'template.php'); ?> \ No newline at end of file diff --git a/common.php b/common.php index 57d08275..48543716 100644 --- a/common.php +++ b/common.php @@ -28,6 +28,7 @@ session_start(); define('MYAAC', true); define('MYAAC_VERSION', '0.0.6'); +define('DATABASE_VERSION', 1); define('TABLE_PREFIX', 'myaac_'); define('START_TIME', microtime(true)); define('MYAAC_OS', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'WINDOWS' : 'LINUX'); diff --git a/config.php b/config.php index 2b67b13b..a3973e99 100644 --- a/config.php +++ b/config.php @@ -84,6 +84,8 @@ $config = array( 'account_welcome_mail' => true, // send welcome email when user registers 'account_mail_change' => 2, // how many days user need to change email to account - block hackers 'account_country' => true, // user will be able to set country of origin when registering account, this information will be viewable in others places aswell + 'account_change_character_name' => false, // can user change their character name for premium points? + 'account_change_character_name_points' => 30, // cost of name change // mail 'mail_enabled' => false, // is aac maker configured to send e-mails? diff --git a/index.php b/index.php index c32044da..57640fdf 100644 --- a/index.php +++ b/index.php @@ -1 +1 @@ - * @copyright 2017 MyAAC * @version 0.0.6 * @link http://my-aac.org */ require_once('common.php'); require_once(BASE . 'config.local.php'); if(file_exists(BASE . 'install') && (!isset($config['installed']) || !$config['installed'])) { header('Location: ' . BASE_DIR . '/install/'); die('Setup detected that install/ directory exists. Please visit this url to start MyAAC Installation.
Delete install/ directory if you already installed MyAAC.
Remember to REFRESH this page when you\'re done!'); } // define page visited, so it can be used within events system $page = isset($_REQUEST['subtopic']) ? $_REQUEST['subtopic'] : (isset($_GET['p']) ? $_GET['p'] : ''); if(empty($page) || preg_match('/[^A-z0-9_\-]/', $page)) $page = 'news'; $page = strtolower($page); define('PAGE', $page); $template_place_holders = array(); // event system require_once(SYSTEM . 'events.php'); $events = new Events(); $events->trigger('STARTUP'); require_once(SYSTEM . 'functions.php'); require_once(SYSTEM . 'init.php'); require_once(SYSTEM . 'login.php'); require_once(SYSTEM . 'status.php'); require_once(SYSTEM . 'template.php'); if($config['views_counter']) require_once(SYSTEM . 'counter.php'); if($config['visitors_counter']) { require_once(SYSTEM . 'libs/visitors.php'); $visitors = new Visitors($config['visitors_counter_ttl']); } // page content loading if(!isset($content[0])) $content = ''; $load_it = true; // check if site has been closed if($config['site_closed']) { if(!admin()) { $title = $config['site_closed_title']; $content .= $config['site_closed_message']; $load_it = false; } if(!$logged) { ob_start(); require(SYSTEM . 'pages/accountmanagement.php'); $content .= ob_get_contents(); ob_end_clean(); $load_it = false; } } // backward support for gesior if($config['backward_support']) { define('INITIALIZED', true); $SQL = $db; $layout_header = template_header(); $layout_name = $template_path; $config['access_admin_panel'] = 2; $group_id_of_acc_logged = 0; if($logged && $account_logged) $group_id_of_acc_logged = $account_logged->getGroupId(); $config['site'] = &$config; $config['server'] = &$config['lua']; $config['site']['shop_system'] = $config['gifts_system']; $config['serverinfo_page'] = 1; $config['download_page'] = 1; if($config['forum'] != '') $config['forum_link'] = (strtolower($config['forum']) == 'site' ? internalLayoutLink('forum') : $config['forum']); foreach($status as $key => $value) $config['status']['serverStatus_' . $key] = $value; } if($load_it) { if($config['site_closed'] && admin()) $content .= '

Site is under maintenance (closed mode). Only privileged users can see it.

'; if($config['backward_support']) require(SYSTEM . 'compat_pages.php'); $ignore = false; $file = SYSTEM . 'pages/' . $page . '.php'; if(!@file_exists($file)) { $logged_access = 0; if($logged && $account_logged && $account_logged->isLoaded()) { $logged_access = $account_logged->getAccess(); } $query = $db->query( 'SELECT `title`, `body`, `php`' . ' FROM `' . TABLE_PREFIX . 'pages`' . ' WHERE `name` LIKE ' . $db->quote($page) . ' AND `hidden` != 1 AND `access` <= ' . $db->quote($logged_access)); if($query->rowCount() > 0) // found page { $ignore = true; $query = $query->fetch(); $title = $query['title']; if($query['php'] == '1') // execute it as php code { $tmp = substr($query['body'], 0, 10); if(($pos = strpos($tmp, ' $errno, 'errstr' => $errstr); } set_error_handler('error_handler'); ob_start(); eval($tmp); $content .= ob_get_contents(); ob_end_clean(); restore_error_handler(); if(isset($php_errors[0]) && superAdmin()) { var_dump($php_errors); } } else $content .= $query['body']; // plain html } else { $page = '404'; $file = SYSTEM . 'pages/404.php'; } } ob_start(); if($events->trigger('BEFORE_PAGE')) { if(!$ignore) require($file); } if($config['backward_support'] && isset($main_content)) $content .= $main_content; $content .= ob_get_contents(); ob_end_clean(); $events->trigger('AFTER_PAGE'); } if($config['backward_support']) { $main_content = $content; if(!isset($title)) $title = ucfirst($page); } $title_full = (isset($title) ? $title . $config['title_separator'] : '') . $config['lua']['serverName']; if(file_exists($template_path . '/index.php')) require($template_path . '/index.php'); else if(file_exists($template_path . '/template.php')) // deprecated require($template_path . '/template.php'); else if($config['backward_support'] && file_exists($template_path . '/layout.php')) { require($template_path . '/layout.php'); } else { // TODO: save more info to log file die('ERROR: Cannot load template.'); } echo '' . "\n"; if(($config['debug_level'] & 1) == 1) echo ''; if(($config['debug_level'] & 2) == 2) echo "\n" . ''; if(($config['debug_level'] & 4) == 4 && function_exists('memory_get_peak_usage')) echo "\n" . ''; $events->trigger('FINISH'); ?> \ No newline at end of file + * @copyright 2017 MyAAC * @version 0.0.6 * @link http://my-aac.org */ // uncomment if your php.ini have display_errors disabled and you want to see errors // ini_set('display_errors', 1); // ini_set('display_startup_errors', 1); // error_reporting(E_ALL); require_once('common.php'); require_once(BASE . 'config.local.php'); if(file_exists(BASE . 'install') && (!isset($config['installed']) || !$config['installed'])) { header('Location: ' . BASE_URL . 'install/'); die('Setup detected that install/ directory exists. Please visit this url to start MyAAC Installation.
Delete install/ directory if you already installed MyAAC.
Remember to REFRESH this page when you\'re done!'); } // define page visited, so it can be used within events system $page = isset($_REQUEST['subtopic']) ? $_REQUEST['subtopic'] : (isset($_GET['p']) ? $_GET['p'] : ''); if(empty($page) || preg_match('/[^A-z0-9_\-]/', $page)) $page = 'news'; $page = strtolower($page); define('PAGE', $page); $template_place_holders = array(); require_once(SYSTEM . 'functions.php'); require_once(SYSTEM . 'init.php'); require_once(SYSTEM . 'login.php'); require_once(SYSTEM . 'status.php'); require_once(SYSTEM . 'template.php'); // database migrations $tmp = ''; if(fetchDatabaseConfig('database_version', $tmp)) { // we got version $tmp = (int)$tmp; if($tmp < DATABASE_VERSION) { // import if older for($i = $tmp; $i < DATABASE_VERSION; $i++) { require(SYSTEM . 'migrations/' . $i . '.php'); } updateDatabaseConfig('database_version', DATABASE_VERSION); } } else { // register first version require(SYSTEM . 'migrations/1.php'); registerDatabaseConfig('database_version', 1); } // event system require_once(SYSTEM . 'hooks.php'); $hooks = new Hooks(); $hooks->load(); $hooks->trigger(HOOK_STARTUP); if($config['views_counter']) require_once(SYSTEM . 'counter.php'); if($config['visitors_counter']) { require_once(SYSTEM . 'libs/visitors.php'); $visitors = new Visitors($config['visitors_counter_ttl']); } // page content loading if(!isset($content[0])) $content = ''; $load_it = true; // check if site has been closed if($config['site_closed']) { if(!admin()) { $title = $config['site_closed_title']; $content .= $config['site_closed_message']; $load_it = false; } if(!$logged) { ob_start(); require(SYSTEM . 'pages/accountmanagement.php'); $content .= ob_get_contents(); ob_end_clean(); $load_it = false; } } // backward support for gesior if($config['backward_support']) { define('INITIALIZED', true); $SQL = $db; $layout_header = template_header(); $layout_name = $template_path; $news_content = ''; $subtopic = PAGE; $main_content = ''; $config['access_admin_panel'] = 2; $group_id_of_acc_logged = 0; if($logged && $account_logged) $group_id_of_acc_logged = $account_logged->getGroupId(); $config['site'] = &$config; $config['server'] = &$config['lua']; $config['site']['shop_system'] = $config['gifts_system']; if(!isset($config['vdarkborder'])) $config['vdarkborder'] = '#505050'; if(!isset($config['darkborder'])) $config['darkborder'] = '#D4C0A1'; if(!isset($config['lightborder'])) $config['lightborder'] = '#F1E0C6'; $config['site']['download_page'] = false; $config['site']['serverinfo_page'] = true; $config['site']['screenshot_page'] = true; if($config['forum'] != '') $config['forum_link'] = (strtolower($config['forum']) == 'site' ? internalLayoutLink('forum') : $config['forum']); foreach($status as $key => $value) $config['status']['serverStatus_' . $key] = $value; } if($load_it) { if($config['site_closed'] && admin()) $content .= '

Site is under maintenance (closed mode). Only privileged users can see it.

'; if($config['backward_support']) require(SYSTEM . 'compat_pages.php'); $ignore = false; $file = SYSTEM . 'pages/' . $page . '.php'; if(!@file_exists($file)) { $logged_access = 0; if($logged && $account_logged && $account_logged->isLoaded()) { $logged_access = $account_logged->getAccess(); } $query = $db->query( 'SELECT `title`, `body`, `php`' . ' FROM `' . TABLE_PREFIX . 'pages`' . ' WHERE `name` LIKE ' . $db->quote($page) . ' AND `hidden` != 1 AND `access` <= ' . $db->quote($logged_access)); if($query->rowCount() > 0) // found page { $ignore = true; $query = $query->fetch(); $title = $query['title']; if($query['php'] == '1') // execute it as php code { $tmp = substr($query['body'], 0, 10); if(($pos = strpos($tmp, ' $errno, 'errstr' => $errstr); } set_error_handler('error_handler'); ob_start(); eval($tmp); $content .= ob_get_contents(); ob_end_clean(); restore_error_handler(); if(isset($php_errors[0]) && superAdmin()) { var_dump($php_errors); } } else $content .= $query['body']; // plain html } else { $page = '404'; $file = SYSTEM . 'pages/404.php'; } } ob_start(); $hooks->trigger(HOOK_BEFORE_PAGE); if(!$ignore) require($file); if($config['backward_support'] && isset($main_content[0])) $content .= $main_content; $content .= ob_get_contents(); ob_end_clean(); $hooks->trigger(HOOK_AFTER_PAGE); } if($config['backward_support']) { $main_content = $content; if(!isset($title)) $title = ucfirst($page); $topic = $title; } $title_full = (isset($title) ? $title . $config['title_separator'] : '') . $config['lua']['serverName']; if(file_exists($template_path . '/index.php')) require($template_path . '/index.php'); else if(file_exists($template_path . '/template.php')) // deprecated require($template_path . '/template.php'); else if($config['backward_support'] && file_exists($template_path . '/layout.php')) { require($template_path . '/layout.php'); } else { // TODO: save more info to log file die('ERROR: Cannot load template.'); } echo '' . "\n"; if(($config['debug_level'] & 1) == 1) echo ''; if(($config['debug_level'] & 2) == 2) echo "\n" . ''; if(($config['debug_level'] & 4) == 4 && function_exists('memory_get_peak_usage')) echo "\n" . ''; $hooks->trigger(HOOK_FINISH); ?> \ No newline at end of file diff --git a/install/includes/schema.sql b/install/includes/schema.sql index 216f58d4..ffe3e1df 100644 --- a/install/includes/schema.sql +++ b/install/includes/schema.sql @@ -60,7 +60,7 @@ CREATE TABLE `myaac_faq` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `question` VARCHAR(255) NOT NULL DEFAULT '', - `answer` VARCHAR(1020) NOT NULL, + `answer` VARCHAR(1020) NOT NULL DEFAULT '', `ordering` INT(11) NOT NULL DEFAULT 0, `hidden` TINYINT(1) NOT NULL DEFAULT 0, PRIMARY KEY (`id`) @@ -105,6 +105,15 @@ CREATE TABLE `myaac_forum` KEY `section` (`section`) ) ENGINE = MyISAM; +CREATE TABLE `myaac_hooks` +( + `id` INT(11) NOT NULL AUTO_INCREMENT, + `name` VARCHAR(30) NOT NULL DEFAULT '', + `type` INT(2) NOT NULL DEFAULT 0, + `file` VARCHAR(100) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE = MyISAM; + CREATE TABLE `myaac_monsters` ( `hide_creature` tinyint(1) NOT NULL default '0', `name` varchar(255) NOT NULL, @@ -125,7 +134,7 @@ CREATE TABLE `myaac_monsters` ( CREATE TABLE `myaac_movies` ( `id` INT(11) NOT NULL AUTO_INCREMENT, - `title` VARCHAR(50) NOT NULL DEFAULT '', + `title` VARCHAR(100) NOT NULL DEFAULT '', `youtube_id` VARCHAR(20) NOT NULL, `author` VARCHAR(50) NOT NULL DEFAULT '', `ordering` INT(11) NOT NULL DEFAULT 0, diff --git a/install/steps/finish.php b/install/steps/finish.php index 12ee5fd1..8ddb7cf7 100644 --- a/install/steps/finish.php +++ b/install/steps/finish.php @@ -72,6 +72,8 @@ else { $account_db->setCustomField('country', 'us'); if(fieldExist('group_id', 'accounts')) $account_db->setCustomField('group_id', $groups->getHighestId()); + if(fieldExist('type', 'accounts')) + $account_db->setCustomField('type', 5); if(!$player_db->isLoaded()) $player->setAccountId($account_db->getId()); @@ -96,6 +98,9 @@ else { $new_account->setCustomField('country', 'us'); if(fieldExist('group_id', 'accounts')) $new_account->setCustomField('group_id', $groups->getHighestId()); + if(fieldExist('type', 'accounts')) + $new_account->setCustomField('type', 5); + $new_account->logAction('Account created.'); if(!$player_db->isLoaded()) diff --git a/plugins/example.json b/plugins/example.json new file mode 100644 index 00000000..3ba2834a --- /dev/null +++ b/plugins/example.json @@ -0,0 +1,14 @@ +{ + "name": "Example Plugin", + "description": "This is just an example of a Plugin for MyAAC.", + "version": "1.0", + "author": "nobody", + "contact": "nobody@example.org", + "install": "plugins/example/install.php", + "hooks": { + "Example Hook": { + "type": "BEFORE_PAGE", + "file": "plugins/example/before.php" + } + } + } \ No newline at end of file diff --git a/system/events.php b/system/events.php deleted file mode 100644 index 1748eaea..00000000 --- a/system/events.php +++ /dev/null @@ -1,61 +0,0 @@ - - * @copyright 2017 MyAAC - * @version 0.0.6 - * @link http://my-aac.org - */ -defined('MYAAC') or die('Direct access not allowed!'); -class Event -{ - private $_name, $_type, $_callback; - - public function __construct($name, $type, $callback) { - $this->_name = $name; - $this->_type = $type; - $this->_callback = $callback; - } - - public function execute($params) - { - $ret = false; - if(is_callable($this->_callback)) - { - $tmp = $this->_callback; - $ret = $tmp($params); - } - - return $ret; - } - - public function name() {return $this->_name;} - public function type() {return $this->_type;} -} - -class Events -{ - private static $_events = array(); - - public function register($event, $type = '', $callback = null) { - if(!($event instanceof Event)) - $event = new Event($event, $type, $callback); - - self::$_events[$event->type()][] = $event; - } - - public function trigger($type, $params = array()) - { - $ret = true; - if(isset(self::$_events[$type])) - { - foreach(self::$_events[$type] as $name => $event) - $ret = $event->execute($params); - } - - return $ret; - } -} -?> diff --git a/system/functions.php b/system/functions.php index 8bff6e2e..0905fc5e 100644 --- a/system/functions.php +++ b/system/functions.php @@ -598,6 +598,22 @@ function check_name_new_char($name, &$error = '') } } + $player = new OTS_Player(); + $player->find($name); + if($player->isLoaded()) { + $error = 'Player with this name already exist.'; + return false; + } + + //check if was namelocked previously + if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) { + $namelock = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($name)); + if($namelock->rowCount() > 0) { + $error = 'Character with this name has been namelocked.'; + return false; + } + } + $monsters = $db->query( 'SELECT ' . $db->fieldName('name') . ' FROM ' . $db->tableName(TABLE_PREFIX . 'monsters') . @@ -808,8 +824,8 @@ function template_header($is_admin = false) '; if(admin()) - $ret .= ' - '; if($config['recaptcha_enabled']) @@ -852,18 +868,17 @@ function template_ga_code() if(!isset($config['google_analytics_id'][0])) return ''; - return ' -'; + ga('create', '" . $config['google_analytics_id'] . "', 'auto'); + ga('send', 'pageview'); + +"; } function template_form() diff --git a/system/hooks.php b/system/hooks.php new file mode 100644 index 00000000..8827ea5f --- /dev/null +++ b/system/hooks.php @@ -0,0 +1,92 @@ + + * @copyright 2017 MyAAC + * @version 0.0.6 + * @link http://my-aac.org + */ +defined('MYAAC') or die('Direct access not allowed!'); + +define('HOOK_STARTUP', 1); +define('HOOK_BEFORE_PAGE', 2); +define('HOOK_AFTER_PAGE', 3); +define('HOOK_FINISH', 4); +define('HOOK_TIBIACOM_ARTICLE', 5); +define('HOOK_TIBIACOM_BORDER_3', 6); +define('HOOK_FIRST', HOOK_STARTUP); +define('HOOK_LAST', HOOK_TIBIACOM_BORDER_3); + +$hook_types = array( + 'STARTUP' => HOOK_STARTUP, + 'BEFORE_PAGE' => HOOK_BEFORE_PAGE, + 'AFTER_PAGE' => HOOK_AFTER_PAGE, + 'FINISH' => HOOK_FINISH, + 'TIBIACOM_ARTICLE' => HOOK_TIBIACOM_ARTICLE, + 'TIBIACOM_BORDER_3' => HOOK_TIBIACOM_BORDER_3 +); + +class Hook +{ + private $_name, $_type, $_file; + + public function __construct($name, $type, $file) { + $this->_name = $name; + $this->_type = $type; + $this->_file = $file; + } + + public function execute($params) + { + /*if(is_callable($this->_callback)) + { + $tmp = $this->_callback; + $ret = $tmp($params); + }*/ + + global $db, $config, $template_path, $ots; + if(file_exists(BASE . $this->_file)) { + require(BASE . $this->_file); + } + + return false; + } + + public function name() {return $this->_name;} + public function type() {return $this->_type;} +} + +class Hooks +{ + private static $_hooks = array(); + + public function register($hook, $type = '', $file = null) { + if(!($hook instanceof Hook)) + $hook = new Hook($hook, $type, $file); + + self::$_hooks[$hook->type()][] = $hook; + } + + public function trigger($type, $params = array()) + { + $ret = true; + if(isset(self::$_hooks[$type])) + { + foreach(self::$_hooks[$type] as $name => $hook) + $ret = $hook->execute($params); + } + + return $ret; + } + + public function load() + { + global $db; + $hooks = $db->query('SELECT `name`, `type`, `file` FROM `' . TABLE_PREFIX . 'hooks`;'); + foreach($hooks as $hook) + $this->register($hook['name'], $hook['type'], $hook['file']); + } +} +?> diff --git a/system/libs/pot/OTS_Account.php b/system/libs/pot/OTS_Account.php index 1e7894cd..0d2579e2 100644 --- a/system/libs/pot/OTS_Account.php +++ b/system/libs/pot/OTS_Account.php @@ -187,9 +187,6 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable */ public function find($name) { - if(check_number($name)) - $this->load((int)$name); - // finds player's ID $id = $this->db->query('SELECT ' . $this->db->fieldName('id') . ' FROM ' . $this->db->tableName('accounts') . ' WHERE ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($name) )->fetch(); @@ -311,6 +308,25 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable return $this->data['web_flags']; } + public function hasFlag($flag) + { + if(!isset($this->data['web_flags'])) { + throw new E_OTS_NotLoaded(); + } + + return ($this->data['web_flags'] & $flag) == $flag; + } + + public function isAdmin() + { + return $this->hasFlag(FLAG_ADMIN) || $this->isSuperAdmin(); + } + + public function isSuperAdmin() + { + return $this->hasFlag(FLAG_SUPER_ADMIN); + } + public function getPremDays() { if( !isset($this->data['lastday']) ) diff --git a/system/migrations/1.php b/system/migrations/1.php new file mode 100644 index 00000000..8d12f421 --- /dev/null +++ b/system/migrations/1.php @@ -0,0 +1,16 @@ +query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `ip` INT(11) NOT NULL DEFAULT 0;"); + $db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `date` INT(11) NOT NULL DEFAULT 0;"); + $db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `action` VARCHAR(255) NOT NULL DEFAULT '';"); + $db->query(" + CREATE TABLE `myaac_hooks` +( + `id` INT(11) NOT NULL AUTO_INCREMENT, + `name` VARCHAR(30) NOT NULL DEFAULT '', + `type` INT(2) NOT NULL DEFAULT 0, + `file` VARCHAR(100) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE = MyISAM; +"); + +?> \ No newline at end of file diff --git a/system/pages/accountmanagement.php b/system/pages/accountmanagement.php index 9d884651..a8c0f391 100644 --- a/system/pages/accountmanagement.php +++ b/system/pages/accountmanagement.php @@ -222,7 +222,21 @@ Please enter your account name and your password.
Note:A request has been submitted to change the email address of this account to '.$account_email_new.'. After '.date("j F Y, G:i:s", $account_email_new_time).' you can accept the new email address and finish the process. Please cancel the request if you do not want your email address to be changed! Also cancel the request if you have no access to the new email address!


'; } } - echo '
General Information


'; + echo '
Email Address:'.$account_email.''.$account_email_change.'
Created:'.date("j F Y, G:i:s", $account_created).'
Last Login:'.date("j F Y, G:i:s", time()).'
Account Status:'.$account_status.'
Registred:'.$account_registred.'
'; + echo '
General Information
+ + + + + + + + + + + + + +
Account ' . (USE_ACCOUNT_NAME ? 'Name' : 'Number') . ':' . (USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()) . '
Email Address:'.$account_email.''.$account_email_change.'
Created:'.date("j F Y, G:i:s", $account_created).'
Last Login:'.date("j F Y, G:i:s", time()).'
Account Status:'.$account_status.'
Registred:'.$account_registred.'
'; //show button "register account" if(empty($account_reckey)) echo ''; @@ -258,7 +272,37 @@ Please enter your account name and your password.
Online'; echo ''; } - echo '
[Edit]
+ '; + if($config['account_change_character_name']) { + echo ' + '; + } + echo ' + +
+ + + + + + +
+
+
+
+ 		+ + + + + + +
+
+
+
+


'; } //########### CHANGE PASSWORD ########## if($action == "changepassword") { @@ -682,6 +726,105 @@ Please enter your account name and your password.
'; + + $name_changed = false; + $player_id = isset($_POST['player_id']) ? $_POST['player_id'] : NULL; + $newcharname = isset($_POST['newcharname']) ? stripslashes(ucwords(strtolower($_POST['newcharname']))) : NULL; + if((!$config['account_change_character_name'])) + echo 'You cant change your character name'; + else + { + $points = $account_logged->getCustomField('premium_points'); + if(isset($_POST['changenamesave']) && $_POST['changenamesave'] == 1) { + if($points < $config['account_change_character_name_points']) + $errors[] = 'You need ' . $config['account_change_character_name_points'] . ' premium points to change name. You have '.$points.' premium points.'; + + if(empty($errors) && empty($newcharname)) + $errors[] = 'Please enter a name for your character!'; + + if(empty($errors) && strlen($newcharname) > 25) + $errors[] = 'Name is too long. Max. lenght 25 letters.'; + else if(empty($errors) && strlen($newcharname) < 3) + $errors[] = 'Name is too short. Min. lenght 25 letters.'; + + if(empty($errors)) + { + $error = ''; + if(!admin() && !check_name_new_char($newcharname, $error)) + $errors[] = $error; + } + + if(empty($errors)) { + $player = $ots->createObject('Player'); + $player->load($player_id); + if($player->isLoaded()) { + $player_account = $player->getAccount(); + if($account_logged->getId() == $player_account->getId()) { + if($player->isOnline()) { + $errors[] = 'This character is online.'; + } + + if(empty($errors)) { + $name_changed = true; + $old_name = $player->getName(); + $player->setName($newcharname); + $player->save(); + $account_logged->setCustomField("premium_points", $points - $config['account_change_character_name_points']); + $account_logged->logAction('Changed name from ' . $old_name . ' to ' . $player->getName() . '.'); + echo '
Character Name Changed
The character '.$old_name.' name has been changed to ' . $player->getName() . '.

'; + } + else + { + $errors[] = 'Character '.$player_name.' is not on your account.'; + } + } + } + else + { + $errors[] = 'Character with this name doesn\'t exist.'; + } + } + } + + if(!$name_changed) { + if(!empty($errors)) { + echo '
The Following Errors Have Occurred:
'; + foreach($errors as $errors) { + echo '
  • '.$errors; + } + echo '

    • '; + } + echo 'To change a name of character select player and choose a new name.
    + Change name cost ' . $config['account_change_character_name_points'] . ' premium points. You have ' . $points . ' premium points.

    Change Name
    + + + + + + + + + +
    Character: + +
    New Name: + + +
    Please enter your character name.
    +     +

    '; + } + } + } + //### DELETE character from account ### if($action == "deletecharacter") { $player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : NULL; @@ -750,47 +893,7 @@ Please enter your account name and your password.
     - eventId = 0; - lastSend = 0; - -function checkName() -{ - if(eventId != 0) - { - clearInterval(eventId) - eventId = 0; - } - - if(document.getElementById("newcharname").value=="") - { - document.getElementById("name_check").innerHTML = \'Please enter new character name.\'; - return; - } - - //anti flood - var date = new Date; - var timeNow = parseInt(date.getTime()); - - if(lastSend != 0) - { - if(timeNow - lastSend < 1100) - { - eventId = setInterval(\'checkName()\', 1100) - return; - } - } - - var newcharname = document.getElementById("newcharname").value; - $.get("tools/validate.php", { name: newcharname, uid: Math.random() }, - function(data){ - document.getElementById("name_check").innerHTML = data; - lastSend = timeNow; - }); - - lastSend = timeNow; -} -'; + echo ''; $newchar_name = isset($_POST['newcharname']) ? stripslashes(ucwords(strtolower($_POST['newcharname']))) : NULL; $newchar_sex = isset($_POST['newcharsex']) ? $_POST['newcharsex'] : NULL; $newchar_vocation = isset($_POST['newcharvocation']) ? $_POST['newcharvocation'] : NULL; @@ -826,17 +929,10 @@ function checkName() else $newchar_town = $config['character_towns'][0]; - //check if was namelocked previously - if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) { - $namelockSQL = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($newchar_name)); - if($namelockSQL->rowCount() > 0) - $newchar_errors[] = 'Character with this name has been namelocked.'; - } - if(empty($newchar_errors)) { $error = ''; - if(!check_name_new_char($newchar_name, $error)) + if(!admin() && !check_name_new_char($newchar_name, $error)) $newchar_errors[] = $error; if($newchar_sex != 1 && $newchar_sex != "0") $newchar_errors[] = 'Sex must be equal 0 (female) or 1 (male).'; @@ -857,10 +953,6 @@ function checkName() if(empty($newchar_errors)) { - $check_name_in_database = $ots->createObject('Player'); - $check_name_in_database->find($newchar_name); - if($check_name_in_database->isLoaded()) - $newchar_errors[] .= 'This name is already used. Please choose another name!'; $number_of_players_on_account = $account_logged->getPlayersList()->count(); if($number_of_players_on_account >= $config['characters_per_account']) $newchar_errors[] .= 'You have too many characters on your account ('.$number_of_players_on_account.'/'.$config['characters_per_account'].')!'; @@ -930,7 +1022,7 @@ function checkName() } if(fieldExist('loss_items', 'players')) { $player->setLossItems($char_to_copy->getLossItems()); - $player->setLossContainerse($char_to_copy->getLossContainers()); + $player->setLossContainers($char_to_copy->getLossContainers()); } $player->save(); @@ -983,7 +1075,14 @@ function checkName() if($account_logged->getPlayersList()->count() >= $config['characters_per_account']) { echo ' You have maximum number of characters per account on your account. Delete one before you make new.'; } - echo '

    Create Character
    NameSex

    Please enter your character name.
    		'; + echo '

    Create Character
    '; echo '
    @@ -490,14 +501,17 @@ $account = $player->getAccount(); diff --git a/system/pages/admin/plugins.php b/system/pages/admin/plugins.php index 387c1755..3401b704 100644 --- a/system/pages/admin/plugins.php +++ b/system/pages/admin/plugins.php @@ -10,6 +10,8 @@ */ defined('MYAAC') or die('Direct access not allowed!'); $title = 'Plugin manager'; + +require(SYSTEM . 'hooks.php'); ?> @@ -37,33 +39,100 @@ if(isset($_FILES["plugin"]["name"])) $filename = $file["name"]; $tmp_name = $file["tmp_name"]; $type = $file["type"]; - + $name = explode(".", $filename); $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed'); - if(in_array($type, $accepted_types) && strtolower($name[1]) == 'zip') // check if it is zipped/compressed file - { - $targetdir = BASE; - $targetzip = BASE . 'plugins/' . $name[0] . '.zip'; + if(isset($file['error'])) { + $error = 'Error uploading file'; + switch( $file['error'] ) { + case UPLOAD_ERR_OK: + $error = false; + break; + case UPLOAD_ERR_INI_SIZE: + case UPLOAD_ERR_FORM_SIZE: + $error .= ' - file too large (limit of '.ini_get('upload_max_filesize').' bytes).'; + break; + case UPLOAD_ERR_PARTIAL: + $error .= ' - file upload was not completed.'; + break; + case UPLOAD_ERR_NO_FILE: + $error .= ' - zero-length file uploaded.'; + break; + default: + $error .= ' - internal error #' . $file['error']; + break; + } + } - if(move_uploaded_file($tmp_name, $targetzip)) { // move uploaded file - $zip = new ZipArchive(); - $x = $zip->open($targetzip); // open the zip file to extract - if ($x === true) { - $zip->extractTo($targetdir); // place in the directory with same name - $zip->close(); - unlink($targetzip); // delete the Zipped file - - $string = file_get_contents(BASE . 'plugins/' . $name[0] . '.json'); - $plugin_info = json_decode($string, true); - $message = '

    ' . $plugin_info['name'] . ' plugin has been successfully installed.

    '; + if(isset($error) && $error != false) { + error($error); + } + else { + if(is_uploaded_file($file['tmp_name']) ) { + if(in_array($type, $accepted_types) && strtolower($name[1]) == 'zip') // check if it is zipped/compressed file + { + $targetdir = BASE; + $targetzip = BASE . 'plugins/' . $name[0] . '.zip'; + + if(move_uploaded_file($tmp_name, $targetzip)) { // move uploaded file + $zip = new ZipArchive(); + $x = $zip->open($targetzip); // open the zip file to extract + if ($x === true) { + if($zip->extractTo($targetdir)) { // place in the directory with same name + $string = file_get_contents(BASE . 'plugins/' . $name[0] . '.json'); + $plugin = json_decode($string, true); + if($plugin == NULL) { + warning('Cannot load ' . BASE . 'plugins/' . $name[0] . '.json. File might be not valid json code.'); + } + + if(isset($plugin['install'])) { + if(file_exists(BASE . $plugin['install'])) + require(BASE . $plugin['install']); + else + warning('Cannot load install script. Your plugin might be not working correctly.'); + } + + if(isset($plugin['hooks'])) { + foreach($plugin['hooks'] as $_name => $info) { + if(isset($hook_types[$info['type']])) { + $query = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'hooks` WHERE `name` = ' . $db->quote($_name) . ';'); + if($query->rowCount() == 1) { // found something + $query = $query->fetch(); + $db->query('UPDATE `' . TABLE_PREFIX . 'hooks` SET `type` = ' . $hook_types[$info['type']] . ', `file` = ' . $db->quote($info['file']) . ' WHERE `id` = ' . (int)$query['id'] . ';'); + } + else { + $db->query('INSERT INTO `' . TABLE_PREFIX . 'hooks` (`id`, `name`, `type`, `file`) VALUES (NULL, ' . $db->quote($_name) . ', ' . $hook_types[$info['type']] . ', ' . $db->quote($info['file']) . ');'); + } + } + else + warning('Unknown event type: ' . $info['type']); + } + } + success('' . $plugin['name'] . ' plugin has been successfully installed.'); + } + else { + error('There was a problem with extracting zip archive.'); + } + + $zip->close(); + unlink($targetzip); // delete the Zipped file + } + else { + error('There was a problem with opening zip archive.'); + } + } + else + error('There was a problem with the upload. Please try again.'); + } + else { + error('The file you are trying to upload is not a .zip file. Please try again.'); + } + } + else { + error('Error uploading file - unknown error.'); } } - else - $message = '

    There was a problem with the upload. Please try again.

    '; -} - else - $message = '

    The file you are trying to upload is not a .zip file. Please try again.

    '; } echo $message; @@ -78,12 +147,12 @@ echo $message;
    + + @@ -468,19 +479,19 @@ $account = $player->getAccount();
    NameSex
    +
    + +
    Please enter your character name.
    +     +     		'; echo 'Logs are not available on this server.'; + return; +} + foreach(scandir($server_path_logs) as $f) { if($f[0] == '.' || $f == '..') continue; diff --git a/system/pages/admin/players.php b/system/pages/admin/players.php index e5c47634..bd5e1793 100644 --- a/system/pages/admin/players.php +++ b/system/pages/admin/players.php @@ -93,8 +93,8 @@ if($id > 0) { if(!check_name($name, $_error)) echo_error($_error); - //if(!check_name_new_char($name)) - // echo_error('This name contains invalid letters, words or format. Please use only a-Z, - , \' and space.'); + //if(!check_name_new_char($name, $_error)) + // echo_error($_error); $player_db = $ots->createObject('Player'); $player_db->find($name); @@ -150,8 +150,10 @@ if($id > 0) { verify_number($look_legs, 'Look legs', 11); $look_type = $_POST['look_type']; verify_number($look_type, 'Look type', 11); - $look_addons = $_POST['look_addons']; - verify_number($look_addons, 'Look addons', 11); + if(fieldExist('lookaddons', 'players')) { + $look_addons = $_POST['look_addons']; + verify_number($look_addons, 'Look addons', 11); + } // pos $pos_x = $_POST['pos_x']; @@ -200,12 +202,16 @@ if($id > 0) { verify_number($loss_items, 'Loss items', 11); } - $blessings = $_POST['blessings']; - verify_number($blessings, 'Blessings', 2); + if(fieldExist('blessings', 'players')) { + $blessings = $_POST['blessings']; + verify_number($blessings, 'Blessings', 2); + } $balance = $_POST['balance']; verify_number($balance, 'Balance', 20); - $stamina = $_POST['stamina']; - verify_number($stamina, 'Stamina', 20); + if(fieldExist('stamina', 'players')) { + $stamina = $_POST['stamina']; + verify_number($stamina, 'Stamina', 20); + } $deleted = (isset($_POST['deleted']) && $_POST['deleted'] == 'true'); $hidden = (isset($_POST['hidden']) && $_POST['hidden'] == 'true'); @@ -238,7 +244,8 @@ if($id > 0) { $player->setLookHead($look_head); $player->setLookLegs($look_legs); $player->setLookType($look_type); - $player->setLookAddons($look_addons); + if(fieldExist('lookaddons', 'players')) + $player->setLookAddons($look_addons); $player->setPosX($pos_x); $player->setPosY($pos_y); $player->setPosZ($pos_z); @@ -258,9 +265,11 @@ if($id > 0) { $player->setLossContainers($loss_containers); $player->setLossItems($loss_items); } - $player->setBlessings($blessings); + if(fieldExist('blessings', 'players')) + $player->setBlessings($blessings); $player->setBalance($balance); - $player->setStamina($stamina); + if(fieldExist('stamina', 'players')) + $player->setStamina($stamina); if(fieldExist('deletion', 'players')) $player->setCustomField('deletion', $deleted ? '1' : '0'); else @@ -391,7 +400,9 @@ $account = $player->getAccount(); Head: Legs: Type: + Addons: +
    - + - + - + - + - +
    Loss experience: Loss mana: Loss skills: Loss containers: Loss items:
    		+ - + + +
    Blessings: Balance: Stamina:
    		Contact
    - + query('SELECT premium_points, name FROM accounts ORDER BY premium_points DESC LIMIT 10;'); + $query = $db->query('SELECT `premium_points`, `' . (USE_ACCOUNT_NAME ? 'name' : 'id') . '` as `name` FROM `accounts` ORDER BY `premium_points` DESC LIMIT 10;'); $i = 0; foreach($query as $result) { diff --git a/system/pages/createaccount.php b/system/pages/createaccount.php index 9f265f52..c2fc2252 100644 --- a/system/pages/createaccount.php +++ b/system/pages/createaccount.php @@ -137,14 +137,17 @@ if($step == 'save') { $salt = generateRandomString(10, false, true, true); $password = $salt . $password; - $new_account->setSalt($salt); } $new_account->setPassword(encrypt($password)); $new_account->setEMail($email); $new_account->unblock(); $new_account->save(); - $new_account->setCustomField("created", time()); + + if($config_salt_enabled) + $new_account->setCustomField('salt', $salt); + + $new_account->setCustomField('created', time()); $new_account->logAction('Account created.'); if($config['account_country']) { diff --git a/system/pages/creatures.php b/system/pages/creatures.php index e7b44806..c962a97b 100644 --- a/system/pages/creatures.php +++ b/system/pages/creatures.php @@ -303,7 +303,7 @@ if(isset($monster['name'])) echo '
    TOP 10 - Most wealth accounts
    #Account namePremium points
    #Account Premium points
    '; - $loot = simplexml_load_file($config['server_path'] . 'data/monster/' . $monster['file_path']); + $loot = simplexml_load_file($config['data_path'] . 'monster/' . $monster['file_path']); if($loot) { if($item = $loot->loot->item) diff --git a/system/pages/forum.php b/system/pages/forum.php index 5a399bb1..e51b5241 100644 --- a/system/pages/forum.php +++ b/system/pages/forum.php @@ -170,10 +170,12 @@ if($action == 'show_board') } echo '

    Page: '.$links_to_pages.'
    '; - $last_threads = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`last_post`, `" . TABLE_PREFIX . "forum`.`replies`, `" . TABLE_PREFIX . "forum`.`views`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . TABLE_PREFIX . "forum`.`first_post` = `" . TABLE_PREFIX . "forum`.`id` ORDER BY `" . TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".$config['forum_threads_per_page']." OFFSET ".($_page * $config['forum_threads_per_page']))->fetchAll(); + $last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`last_post`, `" . TABLE_PREFIX . "forum`.`replies`, `" . TABLE_PREFIX . "forum`.`views`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . TABLE_PREFIX . "forum`.`first_post` = `" . TABLE_PREFIX . "forum`.`id` ORDER BY `" . TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".$config['forum_threads_per_page']." OFFSET ".($_page * $config['forum_threads_per_page']))->fetchAll(); if(isset($last_threads[0])) { echo '
    '; + + $player = $ots->createObject('Player'); foreach($last_threads as $thread) { echo ' + echo '
    Posts: '.(int) $posts['posts'].'
    + '; ?> diff --git a/system/pages/polls.php b/system/pages/polls.php index 1f1c9ca4..ab9000ad 100644 --- a/system/pages/polls.php +++ b/system/pages/polls.php @@ -3,7 +3,7 @@ * Polls * * @package MyAAC - * @author Gesior + * @author Averatec * @author Slawkens * @copyright 2017 MyAAC * @version 0.0.6 @@ -12,8 +12,10 @@ defined('MYAAC') or die('Direct access not allowed!'); $title = 'Polls'; -/* Polls System By Averatec from pervera.pl & otland.net +/* Polls System By Averatec from pervera.pl & otland.net */ +if(!tableExist('z_polls')) + $db->query(' CREATE TABLE `z_polls` ( `id` int(11) NOT NULL auto_increment, `question` varchar(255) NOT NULL, @@ -23,17 +25,19 @@ CREATE TABLE `z_polls` ( `answers` int(11) NOT NULL, `votes_all` int(11) NOT NULL, PRIMARY KEY (`id`) -) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ; +) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;'); -CREATE TABLE `z_polls_answers` ( +if(!tableExist('z_polls_answers')) +$db->query(' + CREATE TABLE `z_polls_answers` ( `poll_id` int(11) NOT NULL, `answer_id` int(11) NOT NULL, `answer` varchar(255) NOT NULL, `votes` int(11) NOT NULL -) ENGINE=MyISAM DEFAULT CHARSET=latin1; +) ENGINE=MyISAM DEFAULT CHARSET=latin1;'); -ALTER TABLE `accounts` ADD `vote` INT( 11 ) NOT NULL ; -*/ +if(!fieldExist('vote', 'accounts')) + $db->query('ALTER TABLE `accounts` ADD `vote` INT( 11 ) NOT NULL ;'); function getColorByPercent($percent) { @@ -46,7 +50,8 @@ function getColorByPercent($percent) return ''; } - + $number_of_rows = 0; + $showed = false; $link = "polls"; // your link to polls in index.php $dark = $config['darkborder']; $light = $config['lightborder']; @@ -54,7 +59,7 @@ function getColorByPercent($percent) $POLLS = $db->query('SELECT * FROM '.$db->tableName('z_polls').''); $level = 20; // need level to vote - if(empty($_REQUEST['id']) and $_REQUEST['control'] != "true") // list of polls + if(empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true")) // list of polls { $active = $db->query('SELECT * FROM `z_polls` where `end` > '.$time.''); // active polls $closed = $db->query('SELECT * FROM `z_polls` where `end` < '.$time.' order by `end` desc'); // closed polls @@ -62,6 +67,7 @@ function getColorByPercent($percent) echo '
    ThreadThread StarterRepliesViewsLast Post
    '; @@ -182,7 +184,17 @@ if($action == 'show_board') echo '[MOVE]'; echo '[REMOVE] '; } - echo ''.htmlspecialchars($thread['post_topic']).'
    '.htmlspecialchars(substr($thread['post_text'], 0, 50)).'...    		' . getPlayerLink($thread['name']) . ''.(int) $thread['replies'].''.(int) $thread['views'].''; + + $player->load($thread['player_id']); + if(!$player->isLoaded()) { + error('Forum error: Player not loaded.'); + die(); + } + + $player_account = $player->getAccount(); + $canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin(); + + echo ''.($canEditForum ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])) . '
    '.($canEditForum ? substr(strip_tags($thread['post_text']), 0, 50) : htmlspecialchars(substr($thread['post_text'], 0, 50))).'...    		' . getPlayerLink($thread['name']) . ''.(int) $thread['replies'].''.(int) $thread['views'].''; if($thread['last_post'] > 0) { $last_post = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread['id']." AND `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch(); @@ -226,18 +238,14 @@ if($action == 'show_thread') $player = $ots->createObject('Player'); foreach($threads as $thread) { - if(isset($thread['promotion'])) { - if((int)$thread['promotion'] > 0) - $thread['vocation'] + ($thread['promotion'] * 4); - } - echo '
    ' . getPlayerLink($thread['name']) . '

    Profession: '.$config['vocations'][$thread['vocation']].'
    Level: '.$thread['level'].'
    '; - $player->load($thread['player_id']); if(!$player->isLoaded()) { - error('Player not loaded'); + error('Forum error: Player not loaded.'); die(); } + echo '
    ' . getPlayerLink($thread['name']) . '

    Profession: '.$config['vocations'][$player->getVocation()].'
    Level: '.$thread['level'].'
    '; + $rank = $player->getRank(); if($rank->isLoaded()) { @@ -245,8 +253,11 @@ if($action == 'show_thread') if($guild->isLoaded()) echo $rank->getName().' of '.$guild->getName().'
    '; } + $player_account = $player->getAccount(); + $canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin(); + $posts = $db->query("SELECT COUNT(`id`) AS 'posts' FROM `" . TABLE_PREFIX . "forum` WHERE `author_aid`=".(int) $thread['account_id'])->fetch(); - echo '
    Posts: '.(int) $posts['posts'].'
    		'.showPost(htmlspecialchars($thread['post_topic']), htmlspecialchars($thread['post_text']), $thread['post_smile']).'
    '.showPost(($canEditForum ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])), ($canEditForum ? $thread['post_text'] : htmlspecialchars($thread['post_text'])), $thread['post_smile']).'
    '.date('d.m.y H:i:s', $thread['post_date']); if($thread['edit_date'] > 0) { diff --git a/system/pages/lostaccount.php b/system/pages/lostaccount.php index 2329e176..00a023b8 100644 --- a/system/pages/lostaccount.php +++ b/system/pages/lostaccount.php @@ -317,11 +317,14 @@ if($config['mail_enabled']) { $salt = generateRandomString(10, false, true, true); $new_pass_with_salt = $salt . $new_pass; - $account->setSalt($salt); } $account->setPassword(encrypt($new_pass_with_salt)); $account->save(); + + if($config_salt_enabled) + $account->setCustomField('salt', $salt); + echo 'Your account name, new password and new e-mail.
    diff --git a/system/pages/movies.php b/system/pages/movies.php index b8233e1b..922eaa12 100644 --- a/system/pages/movies.php +++ b/system/pages/movies.php @@ -26,10 +26,6 @@ There are no movies added yet.
    Author:
    - - - - -

    '; +

    '; diff --git a/system/pages/news.php b/system/pages/news.php index f73a7f1c..62448272 100644 --- a/system/pages/news.php +++ b/system/pages/news.php @@ -101,6 +101,8 @@ define('ARTICLE', 3); define('BODY_LIMIT', 10000); // maximum news body length $canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin(); +if($canEdit) + echo ''; if($canEdit) { if(!empty($action)) diff --git a/system/pages/online.php b/system/pages/online.php index 079c1e8d..9ca38aa9 100644 --- a/system/pages/online.php +++ b/system/pages/online.php @@ -169,7 +169,7 @@ if($config['online_vocations']): ?> -     		' . $config['vocations'][0][$i] . '' . $config['vocations'][$i] . ' ' . $vocs[$i] . '
    '; echo ''; $bgcolor = getStyle($number_of_rows++); + $empty_active = false; foreach($active as $poll) { echo ' @@ -90,6 +96,7 @@ function getColorByPercent($percent) echo '
    Active Polls
    TopicEnd
    '; echo ''; $bgcolor = getStyle($number_of_rows++); + $empty_closed = false; foreach($closed as $poll) { echo ' @@ -124,6 +131,7 @@ function getColorByPercent($percent) } /* Checking Account */ + $allow = false; $account_players = $account_logged->getPlayers(); foreach($account_players as $player) { @@ -132,7 +140,7 @@ function getColorByPercent($percent) $allow=true; } - if(!empty($_REQUEST['id']) and $_REQUEST['control'] != "true") + if(!empty($_REQUEST['id']) and (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true")) { foreach($POLLS as $POLL) { @@ -186,7 +194,7 @@ function getColorByPercent($percent) if($POLL['end'] > $time) // active poll { - if($_REQUEST['vote'] == true and $allow == true) + if(isset($_REQUEST['vote']) && $_REQUEST['vote'] == true and $allow == true) { if($account_logged->getCustomField('vote') < $_REQUEST['id'] and !empty($_POST['answer'])) { @@ -305,15 +313,16 @@ function getColorByPercent($percent) } } - if(admin() and $_REQUEST['control'] != "true") + if(admin() && (!isset($_REQUEST['control']) || $_REQUEST['control'] != "true")) { echo '
    Panel Control

    '; } /* Control Panel - Only Add Poll Function */ - if(admin() and $_REQUEST['control'] == "true") + if(admin() && isset($_REQUEST['control']) && $_REQUEST['control'] == "true") { + $show = false; if(isset($_POST['submit'])) { $_SESSION['answers'] = $_POST['answers']; diff --git a/templates/kathrine/images/buttons/_sbutton_change_name.gif b/templates/kathrine/images/buttons/_sbutton_change_name.gif new file mode 100644 index 00000000..026844d1 Binary files /dev/null and b/templates/kathrine/images/buttons/_sbutton_change_name.gif differ diff --git a/templates/kathrine/news.php b/templates/kathrine/news.php index b8a30a97..995f8655 100644 --- a/templates/kathrine/news.php +++ b/templates/kathrine/news.php @@ -1,4 +1,6 @@ +
    Closed Polls
    TopicEnd