From c5045889932b4440df9a2e0441a3051dae2cb68b Mon Sep 17 00:00:00 2001 From: slawkens Date: Tue, 12 Sep 2017 15:55:23 +0200 Subject: [PATCH] * added option to add/edit/delete/hide/move forum boards * now whole account management page is moved to Twig * renamed table forum_sections to forum_boards * fixed some rare error when user is logged in for longer than 15 minutes and tries to login again --- common.php | 2 +- install/includes/schema.sql | 12 +- system/functions.php | 22 +- system/login.php | 10 +- system/migrations/8.php | 18 + system/pages/accountmanagement.php | 372 +++++++++++------- system/pages/commands.php | 2 - system/pages/forum.php | 217 ++++++++-- system/pages/news.php | 2 +- .../account.change_comment.html.twig | 113 ++++++ .../templates/account.change_name.html.twig | 76 ++++ ...ccount.generate_new_recovery_key.html.twig | 61 +++ ...> account.generate_recovery_key.html.twig} | 0 system/templates/commands.form.html.twig | 4 +- system/templates/commands.html.twig | 6 +- system/templates/forum.add_board.html.twig | 26 ++ system/templates/forum.boards.html.twig | 28 ++ .../templates/mail.account.register.html.twig | 3 + system/templates/news.add.html.twig | 2 +- system/templates/success.html.twig | 4 + .../kathrine/account.change_name.html.twig | 44 +++ 21 files changed, 814 insertions(+), 210 deletions(-) create mode 100644 system/migrations/8.php create mode 100644 system/templates/account.change_comment.html.twig create mode 100644 system/templates/account.change_name.html.twig create mode 100644 system/templates/account.generate_new_recovery_key.html.twig rename system/templates/{account.register.html.twig => account.generate_recovery_key.html.twig} (100%) create mode 100644 system/templates/forum.add_board.html.twig create mode 100644 system/templates/mail.account.register.html.twig create mode 100644 templates/kathrine/account.change_name.html.twig diff --git a/common.php b/common.php index 8055041b..83497cbe 100644 --- a/common.php +++ b/common.php @@ -28,7 +28,7 @@ session_start(); define('MYAAC', true); define('MYAAC_VERSION', '0.3.0'); -define('DATABASE_VERSION', 7); +define('DATABASE_VERSION', 8); define('TABLE_PREFIX', 'myaac_'); define('START_TIME', microtime(true)); define('MYAAC_OS', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'WINDOWS' : (strtoupper(PHP_OS) == 'DARWIN' ? 'MAC' : 'LINUX')); diff --git a/install/includes/schema.sql b/install/includes/schema.sql index acb08f6d..25a22cec 100644 --- a/install/includes/schema.sql +++ b/install/includes/schema.sql @@ -67,7 +67,7 @@ CREATE TABLE `myaac_faq` PRIMARY KEY (`id`) ) ENGINE = MyISAM; -CREATE TABLE `myaac_forum_sections` +CREATE TABLE `myaac_forum_boards` ( `id` INT(11) NOT NULL AUTO_INCREMENT, `name` VARCHAR(32) NOT NULL, @@ -77,11 +77,11 @@ CREATE TABLE `myaac_forum_sections` `hidden` TINYINT(1) NOT NULL DEFAULT 0, PRIMARY KEY (`id`) ) ENGINE = MyISAM; -INSERT INTO `myaac_forum_sections` (`id`, `name`, `description`, `closed`) VALUES (NULL, 'News', 'News commenting', 1); -INSERT INTO `myaac_forum_sections` (`id`, `name`, `description`) VALUES (NULL, 'Trade', 'Trade offers.'); -INSERT INTO `myaac_forum_sections` (`id`, `name`, `description`) VALUES (NULL, 'Quests', 'Quest making.'); -INSERT INTO `myaac_forum_sections` (`id`, `name`, `description`) VALUES (NULL, 'Pictures', 'Your pictures.'); -INSERT INTO `myaac_forum_sections` (`id`, `name`, `description`) VALUES (NULL, 'Bug Report', 'Report bugs there.'); +INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`, `closed`) VALUES (NULL, 'News', 'News commenting', 0, 1); +INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Trade', 'Trade offers.', 1); +INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Quests', 'Quest making.', 2); +INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Pictures', 'Your pictures.', 3); +INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Bug Report', 'Report bugs there.', 4); CREATE TABLE `myaac_forum` ( diff --git a/system/functions.php b/system/functions.php index de2bcf56..8f84b863 100644 --- a/system/functions.php +++ b/system/functions.php @@ -9,13 +9,22 @@ * @link http://my-aac.org */ defined('MYAAC') or die('Direct access not allowed!'); -function success($message) { +function success($message, $return = false) { + if($return) + return '

' . $message . '

'; + echo '

' . $message . '

'; } -function warning($message) { +function warning($message, $return = false) { + if($return) + return '

' . $message . '

'; + echo '

' . $message . '

'; } -function error($message) { +function error($message, $return = false) { + if($return) + return '

' . $message . '

'; + echo '

' . $message . '

'; } @@ -218,10 +227,11 @@ function generateRandomString($length, $lowCase = true, $upCase = false, $numeri * * @return array Forum sections. */ -function getForumSections() +function getForumBoards() { - global $db; - $sections = $db->query('SELECT `id`, `name`, `description`, `closed` FROM ' . TABLE_PREFIX . 'forum_sections WHERE hidden != 1 ORDER BY `ordering`;'); + global $db, $canEdit; + $sections = $db->query('SELECT `id`, `name`, `description`, `closed`' . ($canEdit ? ', `hidden`, `ordering`' : '') . ' FROM `' . TABLE_PREFIX . 'forum_boards` ' . (!$canEdit ? ' WHERE `hidden` != 1' : '') . + ' ORDER BY `ordering`;'); if($sections) return $sections->fetchAll(); diff --git a/system/login.php b/system/login.php index 0b5d0f4b..2c916791 100644 --- a/system/login.php +++ b/system/login.php @@ -74,8 +74,6 @@ else $_SESSION['remember_me'] = true; $logged = true; - - $logged_flags = $account_logged->getWebFlags(); if(isset($_POST['admin']) && !admin()) { $errors[] = 'This account has no admin privileges.'; unset($_SESSION['account']); @@ -114,7 +112,7 @@ else } } } - + // stay-logged with sessions if(isset($_SESSION['account'])) { @@ -122,15 +120,17 @@ else $account_logged->load($_SESSION['account']); if($account_logged->isLoaded() && $account_logged->getPassword() == $_SESSION['password'] //&& (!isset($_SESSION['admin']) || admin()) - && (isset($_SESSION['remember_me']) || $_SESSION['last_visit'] > time() - 15 * 60)) // login for 15 minutes if "remember me" is not used + && (isset($_SESSION['remember_me']) || $_SESSION['last_visit'] > time() - 15 * 60)) { // login for 15 minutes if "remember me" is not used $logged = true; + } else { + $logged = false; unset($_SESSION['account']); unset($account_logged); } } - + if($logged) { $logged_flags = $account_logged->getWebFlags(); $twig->addGlobal('account_logged', $account_logged); diff --git a/system/migrations/8.php b/system/migrations/8.php new file mode 100644 index 00000000..0bf1bb7c --- /dev/null +++ b/system/migrations/8.php @@ -0,0 +1,18 @@ +query('RENAME TABLE `' . TABLE_PREFIX . 'forum_sections` TO `' . TABLE_PREFIX . 'forum_boards`;'); + + $query = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'forum_boards` WHERE `ordering` > 0;'); + if($query->rowCount() == 0) { + $boards = array( + 'News', + 'Trade', + 'Quests', + 'Pictures', + 'Bug Report' + ); + + foreach($boards as $id => $board) + $db->query('UPDATE `' . TABLE_PREFIX . 'forum_boards` SET `ordering` = ' . $id . ' WHERE `name` = ' . $db->quote($board)); + } +?> \ No newline at end of file diff --git a/system/pages/accountmanagement.php b/system/pages/accountmanagement.php index a1d16c20..50ed2d0f 100644 --- a/system/pages/accountmanagement.php +++ b/system/pages/accountmanagement.php @@ -17,7 +17,8 @@ if($config['account_country']) $groups = new OTS_Groups_List(); -$dontshowtableagain = false; +$errors = array(); +$show_form = true; $config_salt_enabled = fieldExist('salt', 'accounts'); if(!$logged) { @@ -213,55 +214,65 @@ if(!$logged) } //############# CHANGE E-MAIL ################### - if($action == "changeemail") { - $email_new_time = $account_logged->getCustomField("email_new_time"); - if($email_new_time > 10) {$email_new = $account_logged->getCustomField("email_new"); } - if($email_new_time < 10){ - if(isset($_POST['changeemailsave']) && $_POST['changeemailsave'] == 1) { - $email_new = $_POST['new_email']; - $post_password = $_POST['password']; - if(empty($email_new)) { - $errors[] = "Please enter your new email address."; - } - else - { - if(!check_mail($email_new)) { - $errors[] = "E-mail address is not correct."; - } - } - if(empty($post_password)) { - $errors[] = "Please enter password to your account."; - } - else - { - $post_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $post_password); - if($post_password != $account_logged->getPassword()) { - $errors[] = "Wrong password to account."; - } - } - if(empty($errors)) { - $email_new_time = time() + $config['account_mail_change'] * 24 * 3600; - $account_logged->setCustomField("email_new", $email_new); - $account_logged->setCustomField("email_new_time", $email_new_time); - echo '
New Email Address Requested
You have requested to change your email address to '.$email_new.'. The actual change will take place after '.date("j F Y, G:i:s", $email_new_time).', during which you can cancel the request at any time.

'; - } - else - { - //show errors - echo $twig->render('error_box.html.twig', array('errors' => $errors)); +if($action == "changeemail") { + $email_new_time = $account_logged->getCustomField("email_new_time"); + + if($email_new_time > 10) { + $email_new = $account_logged->getCustomField("email_new"); + } + + if($email_new_time < 10) { + if(isset($_POST['changeemailsave']) && $_POST['changeemailsave'] == 1) { + $email_new = $_POST['new_email']; + $post_password = $_POST['password']; - //show form + if(empty($email_new)) { + $errors[] = 'Please enter your new email address.'; + } + else + { + if(!check_mail($email_new)) { + $errors[] = 'Email address is not correct.'; + } + } + + if(empty($post_password)) { + $errors[] = 'Please enter password to your account.'; + } + else { + $post_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $post_password); + if($post_password != $account_logged->getPassword()) { + $errors[] = 'Wrong password to account.'; + } + } + + if(empty($errors)) { + $email_new_time = time() + $config['account_mail_change'] * 24 * 3600; + $account_logged->setCustomField("email_new", $email_new); + $account_logged->setCustomField("email_new_time", $email_new_time); + echo $twig->render('success.html.twig', array( + 'title' => 'New Email Address Requested', + 'description' => 'You have requested to change your email address to ' . $email_new . '. The actual change will take place after ' . date("j F Y, G:i:s", $email_new_time) . ', during which you can cancel the request at any time.' + )); + } + else + { + //show errors + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + + //show form + echo $twig->render('account.change_mail.html.twig', array( + 'new_email' => isset($_POST['new_email']) ? $_POST['new_email'] : null + )); + } + } + else + { echo $twig->render('account.change_mail.html.twig', array( 'new_email' => isset($_POST['new_email']) ? $_POST['new_email'] : null )); } - } - else - { - echo $twig->render('account.change_mail.html.twig', array( - 'new_email' => isset($_POST['new_email']) ? $_POST['new_email'] : null - )); - } + } else { @@ -280,20 +291,89 @@ if(!$logged) } else { - echo '
Email Address Change Accepted
Do you accept '.$email_new.' as your new email adress?

 
 
'; + $custom_buttons = ' + + + + + + + + +
  +
+ +
+ 		+
+ + +
+ 		+
+
+
+
+ 		 
'; + echo $twig->render('success.html.twig', array( + 'title' => 'Email Address Change Accepted', + 'description' => 'Do you accept '.$email_new.' as your new email adress?', + 'custom_buttons' => $custom_buttons + )); } } else { - echo '
Change of Email Address
A request has been submitted to change the email address of this account to '.$email_new.'.
The actual change will take place on '.date("j F Y, G:i:s", $email_new_time).'.
If you do not want to change your email address, please click on "Cancel".

'; + $custom_buttons = ' + + + + + +
+ + + + + + +
+ +
+
+
+ 		+ + + + + + +
+
+
+
+
'; + echo $twig->render('success.html.twig', array( + 'title' => 'Change of Email Address', + 'description' => 'A request has been submitted to change the email address of this account to '.$email_new.'.
The actual change will take place on '.date("j F Y, G:i:s", $email_new_time).'.
If you do not want to change your email address, please click on "Cancel".', + 'custom_buttons' => $custom_buttons + )); } } if(isset($_POST['emailchangecancel']) && $_POST['emailchangecancel'] == 1) { $account_logged->setCustomField("email_new", ""); $account_logged->setCustomField("email_new_time", 0); - echo '
Email Address Change Cancelled
Your request to change the email address of your account has been cancelled. The email address will not be changed.

'; - } + + $custom_buttons = '
'; + + echo $twig->render('success.html.twig', array( + 'title' => 'Email Address Change Cancelled', + 'description' => 'Your request to change the email address of your account has been cancelled. The email address will not be changed.', + 'custom_buttons' => $custom_buttons + )); } +} //########### CHANGE PUBLIC INFORMATION (about account owner) ###################### if($action == "changeinfo") { @@ -302,8 +382,6 @@ if(!$logged) $new_location = isset($_POST['info_location']) ? htmlspecialchars(stripslashes($_POST['info_location'])) : NULL; $new_country = isset($_POST['info_country']) ? htmlspecialchars(stripslashes($_POST['info_country'])) : NULL; if(isset($_POST['changeinfosave']) && $_POST['changeinfosave'] == 1) { - $errors = array(); - if(!isset($config['countries'][$new_country])) $errors[] = 'Country is not correct.'; @@ -355,44 +433,46 @@ if(!$logged) $_POST['reg_password'] = isset($_POST['reg_password']) ? $_POST['reg_password'] : ''; $reg_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']); $old_key = $account_logged->getCustomField("key"); + if(isset($_POST['registeraccountsave']) && $_POST['registeraccountsave'] == "1") { if($reg_password == $account_logged->getPassword()) { if(empty($old_key)) { - $dontshowtableagain = true; + $show_form = false; $new_rec_key = generateRandomString(10, false, true, true); $account_logged->setCustomField("key", $new_rec_key); $account_logged->logAction('Generated recovery key.'); - echo '
Account Registered
Thank you for registering your account! You can now recover your account if you have lost access to the assigned email address by using the following

   Recovery Key: '.$new_rec_key.'


Important:
  • Write down this recovery key carefully.
  • Store it at a safe place!
    • '; + if($config['mail_enabled'] && $config['send_mail_when_generate_reckey']) { - $mailBody = ' -

    New recovery key!

    -

    You or someone else generated recovery key to your account on server '.$config['lua']['serverName'].'.

    -

    Recovery key: '.$new_rec_key.'

    '; - if(_mail($account_logged->getEMail(), $config['lua']['serverName']." - recovery key", $mailBody)) - echo '
    Your recovery key were send on email address '.$account_logged->getEMail().'.'; + $mailBody = $twig->render('mail.account.register.html.twig', array( + 'recovery_key' => $new_rec_key + )); + if(_mail($account_logged->getEMail(), $config['lua']['serverName']." - Recovery Key", $mailBody)) + $message = '
    Your recovery key were send on email address '.$account_logged->getEMail().'.'; else - echo '

    An error occorred while sending email with recovery key! You will not receive e-mail with this key. Error:
    ' . $mailer->ErrorInfo . '

    '; + $message = '

    An error occorred while sending email with recovery key! You will not receive e-mail with this key. Error:
    ' . $mailer->ErrorInfo . '

    '; } - echo '

'; + echo $twig->render('success.html.twig', array( + 'title' => 'Account Registered', + 'description' => 'Thank you for registering your account! You can now recover your account if you have lost access to the assigned email address by using the following

   Recovery Key: '.$new_rec_key.'


Important:' + )); } else - $reg_errors[] = 'Your account is already registered.'; + $errors[] = 'Your account is already registered.'; } else - $reg_errors[] = 'Wrong password to account.'; + $errors[] = 'Wrong password to account.'; } - if(!$dontshowtableagain) - { - if(!empty($reg_errors)) - { + + if($show_form) { + if(!empty($errors)) { //show errors - echo $twig->render('error_box.html.twig', array('errors' => $reg_errors)); + echo $twig->render('error_box.html.twig', array('errors' => $errors)); } //show form - echo $twig->render('account.register.html.twig'); + echo $twig->render('account.generate_recovery_key.html.twig'); } } @@ -414,40 +494,46 @@ if(!$logged) { if($points >= $config['generate_new_reckey_price']) { - $dontshowtableagain = true; - $new_rec_key = generateRandomString(10, false, true, true); - - echo '
Account Registered
    '; - - $mailBody = ' -

    New recovery key!

    -

    You or someone else generated recovery key to your account on server '.$config['lua']['serverName'].'.

    -

    Recovery key: '.$new_rec_key.'

    '; - if(_mail($account_logged->getEMail(), $config['lua']['serverName']." - new recovery key", $mailBody)) - { - $account_logged->setCustomField("key", $new_rec_key); - $account_logged->setCustomField("premium_points", $account_logged->getCustomField("premium_points") - $config['generate_new_reckey_price']); - $account_logged->logAction('Generated new recovery key for ' . $config['generate_new_reckey_price'] . ' premium points.'); - echo '
    Your recovery key were send on email address '.$account_logged->getEMail().' for '.$config['generate_new_reckey_price'].' premium points.'; - } - else - echo '

    An error occorred while sending email ( '.$account_logged->getEMail().' ) with recovery key! Recovery key not changed. Try again. Error:
    ' . $mailer->ErrorInfo . '

    '; - echo '

'; + $show_form = false; + $new_rec_key = generateRandomString(10, false, true, true); + + $mailBody = $twig->render('mail.account.register.html.twig', array( + 'recovery_key' => $new_rec_key + )); + + if(_mail($account_logged->getEMail(), $config['lua']['serverName']." - new recovery key", $mailBody)) + { + $account_logged->setCustomField("key", $new_rec_key); + $account_logged->setCustomField("premium_points", $account_logged->getCustomField("premium_points") - $config['generate_new_reckey_price']); + $account_logged->logAction('Generated new recovery key for ' . $config['generate_new_reckey_price'] . ' premium points.'); + $message = '
Your recovery key were send on email address '.$account_logged->getEMail().' for '.$config['generate_new_reckey_price'].' premium points.'; + } + else + $message = '

An error occorred while sending email ( '.$account_logged->getEMail().' ) with recovery key! Recovery key not changed. Try again. Error:
' . $mailer->ErrorInfo . '

'; + + echo $twig->render('success.html.twig', array( + 'title' => 'Account Registered', + 'description' => '' + )); } else - $reg_errors[] = 'You need '.$config['generate_new_reckey_price'].' premium points to generate new recovery key. You have '.$points.' premium points.'; + $errors[] = 'You need '.$config['generate_new_reckey_price'].' premium points to generate new recovery key. You have '.$points.' premium points.'; } else - $reg_errors[] = 'Wrong password to account.'; + $errors[] = 'Wrong password to account.'; } - if(!$dontshowtableagain) + + //show errors if not empty + if(!empty($errors)) { + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + } + + if($show_form) { - //show errors if not empty - if(!empty($reg_errors)) { - echo $twig->render('error_box.html.twig', array('errors' => $reg_errors)); - } //show form - echo 'To generate NEW recovery key for your account please enter your password.
New recovery key cost '.$config['generate_new_reckey_price'].' Premium Points. You have '.$points.' premium points. You will receive e-mail with this recovery key.
Generate recovery key
Password:

'; + echo $twig->render('account.generate_new_recovery_key.html.twig', array( + 'points' => $points + )); } } } @@ -469,19 +555,17 @@ if(!$logged) $player->setCustomField("hidden", $new_hideacc); $player->setCustomField("comment", $new_comment); $account_logged->logAction('Changed comment for character ' . $player->getName() . '.'); - echo '
Character Information Changed
The character information has been changed.

'; + echo $twig->render('success.html.twig', array( + 'title' => 'Character Information Changed', + 'description' => 'The character information has been changed.' + )); } else { - echo 'Here you can see and edit the information about your character.
If you do not want to specify a certain field, just leave it blank.

Edit Character Information
Name:'.$player_name.'
Hide Account: - - - getCustomField("hidden") == 1 ? ' checked="checked"' : '') . '> - '; - if((int)$player->getCustomField('group_id') > 1) - echo ' (you will be also hidden on the Team page!)'; - - echo '
Comment:
[max. length: 2000 chars, 50 lines (ENTERs)]

'; + echo $twig->render('account.change_comment.html.twig', array( + 'player' => $player, + 'player_name' => $player_name + )); } } else @@ -503,11 +587,10 @@ if(!$logged) if($action == "changename") { echo ''; - $name_changed = false; $player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL; $name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : NULL; if((!$config['account_change_character_name'])) - echo 'You cant change your character name'; + echo 'Changing character name for premium points is disabled on this server.'; else { $points = $account_logged->getCustomField('premium_points'); @@ -516,12 +599,18 @@ if(!$logged) $errors[] = 'You need ' . $config['account_change_character_name_points'] . ' premium points to change name. You have '.$points.' premium points.'; if(empty($errors) && empty($name)) - $errors[] = 'Please enter a name for your character!'; - - if(empty($errors) && strlen($name) > 25) + $errors[] = 'Please enter a new name for your character!'; + else if(strlen($name) > 25) $errors[] = 'Name is too long. Max. lenght 25 letters.'; - else if(empty($errors) && strlen($name) < 3) - $errors[] = 'Name is too short. Min. lenght 25 letters.'; + else if(strlen($name) < 3) + $errors[] = 'Name is too short. Min. lenght 3 letters.'; + else { + $exist = new OTS_Player(); + $exist->find($name); + if($exist->isLoaded()) { + $errors[] = 'Character with this name already exist.'; + } + } if(empty($errors)) { @@ -531,7 +620,7 @@ if(!$logged) } if(empty($errors)) { - $player = $ots->createObject('Player'); + $player = new OTS_Player(); $player->load($player_id); if($player->isLoaded()) { $player_account = $player->getAccount(); @@ -541,7 +630,7 @@ if(!$logged) } if(empty($errors)) { - $name_changed = true; + $show_form = false; $old_name = $player->getName(); $player->setName($name); $player->save(); @@ -563,34 +652,15 @@ if(!$logged) } } - if(!$name_changed) { + if($show_form) { if(!empty($errors)) { echo $twig->render('error_box.html.twig', array('errors' => $errors)); } - echo 'To change a name of character select player and choose a new name.
- Change name cost ' . $config['account_change_character_name_points'] . ' premium points. You have ' . $points . ' premium points.

Change Name
- - - - - - - - - -
Character: - -
New Name: - - -
Please enter your character name.
- -

'; + + echo $twig->render('account.change_name.html.twig', array( + 'points' => $points, + //'account_players' => $account_logged->getPlayersList() + )); } } } @@ -688,7 +758,7 @@ if(!$logged) if(!$player->isOnline()) { //dont show table "delete character" again - $dontshowtableagain = true; + $show_form = false; //delete player if(fieldExist('deletion', 'players')) $player->setCustomField('deletion', 1); @@ -723,7 +793,7 @@ if(!$logged) $errors[] = 'Character name or/and password is empty. Please fill in form.'; } } - if(!$dontshowtableagain) { + if($show_form) { if(!empty($errors)) { echo $twig->render('error_box.html.twig', array('errors' => $errors)); } @@ -738,8 +808,7 @@ if(!$logged) $newchar_sex = isset($_POST['sex']) ? $_POST['sex'] : NULL; $newchar_vocation = isset($_POST['vocation']) ? $_POST['vocation'] : NULL; $newchar_town = isset($_POST['town']) ? $_POST['town'] : NULL; - $errors = array(); - + $newchar_created = false; if(isset($_POST['savecharacter']) && $_POST['savecharacter'] == 1) { if(empty($newchar_name)) @@ -880,16 +949,15 @@ if(!$logged) $newchar_created = true; $account_logged->logAction('Created character ' . $player->getName() . '.'); unset($player); + $player = new OTS_Player(); $player->find($newchar_name); - if($player->isLoaded()) - { + + if($player->isLoaded()) { if(tableExist('player_skills')) { - for($i=0;$i<7;$i++) - { + for($i=0; $i<7; $i++) { $skillExists = $db->query('SELECT `skillid` FROM `player_skills` WHERE `player_id` = ' . $player->getId() . ' AND `skillid` = ' . $i); - if($skillExists->rowCount() <= 0) - { + if($skillExists->rowCount() <= 0) { $db->query('INSERT INTO `player_skills` (`player_id`, `skillid`, `value`, `count`) VALUES ('.$player->getId().', '.$i.', 10, 0)'); } } @@ -908,8 +976,8 @@ if(!$logged) } else { - echo "Error. Can\'t create character. Probably problem with database. Try again or contact with admin."; - exit; + error("Error. Can't create character. Probably problem with database. Please try again later or contact with admin."); + return; } } } diff --git a/system/pages/commands.php b/system/pages/commands.php index 3dacf611..80027688 100644 --- a/system/pages/commands.php +++ b/system/pages/commands.php @@ -76,8 +76,6 @@ if($canEdit) 'link' => getPageLink('commands', ($action == 'edit' ? 'edit' : 'add')), 'action' => $action, 'id' => isset($id) ? $id : null, - 'vdarkborder' => $config['vdarkborder'], - 'darkborder' => $config['darkborder'], 'words' => isset($words) ? $words : null, 'description' => isset($description) ? $description : null )); diff --git a/system/pages/forum.php b/system/pages/forum.php index 1d35e82c..f2b7783b 100644 --- a/system/pages/forum.php +++ b/system/pages/forum.php @@ -24,17 +24,6 @@ if(strtolower($config['forum']) != 'site') return; } -$sections = array(); -foreach(getForumSections() as $section) -{ - $sections[$section['id']] = array( - 'id' => $section['id'], - 'name' => $section['name'], - 'description' => $section['description'], - 'closed' => $section['closed'] == '1' - ); -} - function parseSmiles($text) { $smileys = array( @@ -128,6 +117,93 @@ function showPost($topic, $text, $smiles) if(!$logged) echo 'You are not logged in. Log in to post on the forum.

'; +$canEdit = hasFlag(FLAG_CONTENT_FORUM) || superAdmin(); +if($canEdit) +{ + if(!empty($action)) + { + if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board') + $id = $_REQUEST['id']; + + if(isset($_REQUEST['name'])) + $name = $_REQUEST['name']; + + if(isset($_REQUEST['description'])) + $description = stripslashes($_REQUEST['description']); + + $errors = array(); + + if($action == 'add_board') { + if(Forum::add_board($name, $description, $errors)) + $action = $name = $description = ''; + } + else if($action == 'delete_board') { + Forum::delete_board($id, $errors); + $action = ''; + } + else if($action == 'edit_board') + { + if(isset($id) && !isset($name)) { + $board = Forum::get_board($id); + $name = $board['name']; + $description = $board['description']; + } + else { + Forum::update_board($id, $name, $description); + $action = $name = $description = ''; + } + } + else if($action == 'hide_board') { + Forum::toggleHidden_board($id, $errors); + $action = ''; + } + else if($action == 'moveup_board') { + Forum::move_board($id, -1, $errors); + $action = ''; + } + else if($action == 'movedown_board') { + Forum::move_board($id, 1, $errors); + $action = ''; + } + + if(!empty($errors)) { + echo $twig->render('error_box.html.twig', array('errors' => $errors)); + $action = ''; + } + } + + if(empty($action) || $action == 'edit_board') { + echo $twig->render('forum.add_board.html.twig', array( + 'link' => getPageLink('forum', ($action == 'edit_board' ? 'edit_board' : 'add_board')), + 'action' => $action, + 'id' => isset($id) ? $id : null, + 'name' => isset($name) ? $name : null, + 'description' => isset($description) ? $description : null + )); + + if($action == 'edit_board') + $action = ''; + } +} + +$sections = array(); +foreach(getForumBoards() as $section) +{ + $sections[$section['id']] = array( + 'id' => $section['id'], + 'name' => $section['name'], + 'description' => $section['description'], + 'closed' => $section['closed'] == '1' + ); + + if($canEdit) { + $sections[$section['id']]['hidden'] = $section['hidden']; + } + else { + $sections[$section['id']]['hidden'] = 0; + } +} + $number_of_rows = 0; if(empty($action)) { @@ -140,9 +216,11 @@ if(empty($action)) { $last_post = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`section` = ".(int) $id." AND `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch(); $boards[] = array( + 'id' => $id, 'link' => getForumBoardLink($id), 'name' => $section['name'], 'description' => $section['description'], + 'hidden' => $section['hidden'], 'posts' => isset($counters[$id]['posts']) ? $counters[$id]['posts'] : 0, 'threads' => isset($counters[$id]['threads']) ? $counters[$id]['threads'] : 0, 'last_post' => array( @@ -155,7 +233,8 @@ if(empty($action)) echo $twig->render('forum.boards.html.twig', array( 'boards' => $boards, - 'config' => $config + 'canEdit' => $canEdit, + 'last' => count($sections) )); return; @@ -446,7 +525,7 @@ if($action == 'new_post') echo 'Thread with ID '.$thread_id.' doesn\'t exist.'; } else - echo 'Your account is banned, deleted or you don\'t have any player with level '.$config['forum_level_required'].' on your account. You can\'t post.'; + echo "Your account is banned, deleted or you don't have any player with level " . $config['forum_level_required'] . " on your account. You can't post."; } if($action == 'edit_post') @@ -660,24 +739,6 @@ if($action == 'move_thread') 'section_link' => getForumBoardLink($post['section']), 'config' => $config )); - - /* - echo '
- -
Move thread to another board
-
-
- - - - THREAD: '.$post['post_topic'].' -
AUTHOR: '.$name[0].' -
BOARD: '.$sections[$post['section']]['name'].'
-
Select the new board:  -
-
-
';*/ } } else @@ -732,4 +793,98 @@ class Forum static public function isModerator() { return hasFlag(FLAG_CONTENT_FORUM) || admin(); } + + static public function add_board($name, $description, &$errors) + { + global $db; + if(isset($name[0]) && isset($description[0])) + { + $query = $db->select(TABLE_PREFIX . 'forum_boards', array('name' => $name)); + + if($query === false) + { + $query = + $db->query( + 'SELECT ' . $db->fieldName('ordering') . + ' FROM ' . $db->tableName(TABLE_PREFIX . 'forum_boards') . + ' ORDER BY ' . $db->fieldName('ordering') . ' DESC LIMIT 1' + ); + + $ordering = 0; + if($query->rowCount() > 0) { + $query = $query->fetch(); + $ordering = $query['ordering'] + 1; + } + $db->insert(TABLE_PREFIX . 'forum_boards', array('name' => $name, 'description' => $description, 'ordering' => $ordering)); + } + else + $errors[] = 'Forum board with this name already exists.'; + } + else + $errors[] = 'Please fill all inputs.'; + + return !count($errors); + } + + static public function get_board($id) { + global $db; + return $db->select(TABLE_PREFIX . 'forum_boards', array('id' => $id)); + } + + static public function update_board($id, $name, $description) { + global $db; + $db->update(TABLE_PREFIX . 'forum_boards', array('name' => $name, 'description' => $description), array('id' => $id)); + } + + static public function delete_board($id, &$errors) + { + global $db; + if(isset($id)) + { + if(self::get_board($id) !== false) + $db->delete(TABLE_PREFIX . 'forum_boards', array('id' => $id)); + else + $errors[] = 'Forum board with id ' . $id . ' does not exists.'; + } + else + $errors[] = 'id not set'; + + return !count($errors); + } + + static public function toggleHidden_board($id, &$errors) + { + global $db; + if(isset($id)) + { + $query = self::get_board($id); + if($query !== false) + $db->update(TABLE_PREFIX . 'forum_boards', array('hidden' => ($query['hidden'] == 1 ? 0 : 1)), array('id' => $id)); + else + $errors[] = 'Forum board with id ' . $id . ' does not exists.'; + } + else + $errors[] = 'id not set'; + + return !count($errors); + } + + static public function move_board($id, $i, &$errors) + { + global $db; + $query = self::get_board($id); + if($query !== false) + { + $ordering = $query['ordering'] + $i; + $old_record = $db->select(TABLE_PREFIX . 'forum_boards', array('ordering' => $ordering)); + if($old_record !== false) + $db->update(TABLE_PREFIX . 'forum_boards', array('ordering' => $query['ordering']), array('ordering' => $ordering)); + + $db->update(TABLE_PREFIX . 'forum_boards', array('ordering' => $ordering), array('id' => $id)); + } + else + $errors[] = 'Forum board with id ' . $id . ' does not exists.'; + + return !count($errors); + } } diff --git a/system/pages/news.php b/system/pages/news.php index d37c2fe6..0bb32135 100644 --- a/system/pages/news.php +++ b/system/pages/news.php @@ -292,7 +292,7 @@ if(!$news_cached) 'account_players' => $account_players, 'category' => isset($category) ? $category : 0, 'categories' => $categories, - 'forum_sections' => getForumSections(), + 'forum_boards' => getForumBoards(), 'forum_section' => isset($forum_section) ? $forum_section : null )); } diff --git a/system/templates/account.change_comment.html.twig b/system/templates/account.change_comment.html.twig new file mode 100644 index 00000000..dde79b80 --- /dev/null +++ b/system/templates/account.change_comment.html.twig @@ -0,0 +1,113 @@ +Here you can see and edit the information about your character.
+If you do not want to specify a certain field, just leave it blank.

+
+
+ +
+
+ + + + +
Edit Character Information
+ + + + +
+
+ + + +
+
+ + + + + + + +
+
+
+
+
+
+ + + + + + + + + +
Name:{{ player_name }}
Hide Account: + + + + {% if player.getCustomField('group_id') > 1 %} (you will be also hidden on the Team page!){% endif %} +
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ + + + + +
Comment:
[max. length: 2000 chars, 50 lines (ENTERs)]
+
+
+
+
+
+
+
+
+
+
+
+
+
+ + + + + +
+ + + + + +
+ + +
+
+
+ 		+ + + + + + +
+
+
+
+
\ No newline at end of file diff --git a/system/templates/account.change_name.html.twig b/system/templates/account.change_name.html.twig new file mode 100644 index 00000000..f0affbce --- /dev/null +++ b/system/templates/account.change_name.html.twig @@ -0,0 +1,76 @@ +To change a name of character select player and choose a new name.
+Change name cost {{ config.account_change_character_name_points }} premium points. You have {{ points }} premium points.

+
+ +
+ +
+
+ + + + +
Change Name
+ + + + +
+
+ + + +
+
+ + + + + + + + + +
Character: + +
New Name: + + +
Please enter your character name.
+ +
+
+
+
+
+ + + + + +
+ + + + + +
+
+
+
+ 		+ + + + + + +
+
+
+
+
\ No newline at end of file diff --git a/system/templates/account.generate_new_recovery_key.html.twig b/system/templates/account.generate_new_recovery_key.html.twig new file mode 100644 index 00000000..b65f0eb3 --- /dev/null +++ b/system/templates/account.generate_new_recovery_key.html.twig @@ -0,0 +1,61 @@ +To generate new recovery key for your account please enter your password.
+New recovery key cost {{ config.generate_new_reckey_price }} Premium Points. You have {{ points }} premium points. You will receive e-mail with this recovery key.
+
+ +
+ +
+
+ + + + +
Generate recovery key
+ + + + +
+
+ + + +
+
+ + + + + +
Password:
+
+
+
+
+ + + + + +
+ + + + + +
+
+
+
+ 		+ + + + + + +
+
+
+
+
\ No newline at end of file diff --git a/system/templates/account.register.html.twig b/system/templates/account.generate_recovery_key.html.twig similarity index 100% rename from system/templates/account.register.html.twig rename to system/templates/account.generate_recovery_key.html.twig diff --git a/system/templates/commands.form.html.twig b/system/templates/commands.form.html.twig index f6ba72be..6a7ded15 100644 --- a/system/templates/commands.form.html.twig +++ b/system/templates/commands.form.html.twig @@ -4,10 +4,10 @@ {% endif %} - + - + {% if canEdit %} + + {% endif %} {% set i = 0 %} {% for board in boards %} @@ -30,6 +35,29 @@ No posts {% endif %} + {% if canEdit %} + + {% endif %} {% endfor %}
{% if action == 'edit' %}Edit{% else %}Add{% endif %} command{% if action == 'edit' %}Edit{% else %}Add{% endif %} command
+ diff --git a/system/templates/commands.html.twig b/system/templates/commands.html.twig index 7922e891..381e0020 100644 --- a/system/templates/commands.html.twig +++ b/system/templates/commands.html.twig @@ -1,9 +1,9 @@
Words:
- - + + {% if canEdit %} - + {% endif %} {% set i = 0 %} diff --git a/system/templates/forum.add_board.html.twig b/system/templates/forum.add_board.html.twig new file mode 100644 index 00000000..5aeb2490 --- /dev/null +++ b/system/templates/forum.add_board.html.twig @@ -0,0 +1,26 @@ + + {% if action == 'edit_board' %} + + {% endif %} +
WordsDescriptionWordsDescriptionOptionsOptions
+ + + + + + +
{% if action == 'edit' %}Edit{% else %}Add{% endif %} board
+ + + + + + + + + + +
Name:
Description:
+
+
+ \ No newline at end of file diff --git a/system/templates/forum.boards.html.twig b/system/templates/forum.boards.html.twig index 5685493a..532918b0 100644 --- a/system/templates/forum.boards.html.twig +++ b/system/templates/forum.boards.html.twig @@ -13,6 +13,11 @@ 		Last Post + Options +
+ + Edit + + + Delete + + + {% if board.hidden != 1 %}Hide{% else %}Show{% endif %} + + {% if i != 1 %} + + Move up + + {% endif %} + {% if i != last %} + + Move down + + {% endif %} +
\ No newline at end of file diff --git a/system/templates/mail.account.register.html.twig b/system/templates/mail.account.register.html.twig new file mode 100644 index 00000000..0b684b54 --- /dev/null +++ b/system/templates/mail.account.register.html.twig @@ -0,0 +1,3 @@ +

New recovery key!

+

You or someone else generated recovery key to your account on server {{ config.lua.serverName }}.

+

Recovery key: {{ recovery_key }}

\ No newline at end of file diff --git a/system/templates/news.add.html.twig b/system/templates/news.add.html.twig index 54a48138..ac6f532d 100644 --- a/system/templates/news.add.html.twig +++ b/system/templates/news.add.html.twig @@ -96,7 +96,7 @@ diff --git a/system/templates/success.html.twig b/system/templates/success.html.twig index c5b94bb0..7dcfca7f 100644 --- a/system/templates/success.html.twig +++ b/system/templates/success.html.twig @@ -27,6 +27,9 @@
+{% if custom_buttons is defined %} +{{ custom_buttons|raw }} +{% else %}
@@ -39,3 +42,4 @@
+{% endif %} diff --git a/templates/kathrine/account.change_name.html.twig b/templates/kathrine/account.change_name.html.twig new file mode 100644 index 00000000..704a0f0e --- /dev/null +++ b/templates/kathrine/account.change_name.html.twig @@ -0,0 +1,44 @@ +To change a name of character select player and choose a new name.
+Change name cost {{ config.account_change_character_name_points }} premium points. You have {{ points }} premium points.

+
+ +

Change Name

+ + + + + + + + + + + + +
Character: + +
New Name: + + +
Please enter your character name.
+ +
+ +
+
+
+
+ + + + + + +
+ +
+
\ No newline at end of file