From 1a36aa89041b6813c1cb5d9e87f859fb648bdc1e Mon Sep 17 00:00:00 2001 From: slawkens Date: Thu, 15 Oct 2020 19:55:12 +0200 Subject: [PATCH 01/12] [WIP] New GoogleReCAPTCHA code Support for v3 v2-invisible doesn't work yet --- config.php | 4 + system/functions.php | 6 +- system/libs/GoogleReCAPTCHA.php | 83 +++++++++++++++++++ system/login.php | 8 ++ system/pages/createaccount.php | 13 +-- system/templates/account.create.html.twig | 36 +++++--- system/templates/account.login.html.twig | 22 ++++- .../templates/google_recaptcha_v3.html.twig | 11 +++ templates/tibiacom/account.login.html.twig | 20 +++++ 9 files changed, 178 insertions(+), 25 deletions(-) create mode 100644 system/libs/GoogleReCAPTCHA.php create mode 100644 system/templates/google_recaptcha_v3.html.twig diff --git a/config.php b/config.php index 376fad1d..75057068 100644 --- a/config.php +++ b/config.php @@ -127,9 +127,13 @@ $config = array( // reCAPTCHA (prevent spam bots) 'recaptcha_enabled' => false, // enable recaptcha verification code + 'recaptcha_type' => 'v3', // 'v2-checkbox', 'v2-invisible', 'v3' 'recaptcha_site_key' => '', // get your own site and secret keys at https://www.google.com/recaptcha 'recaptcha_secret_key' => '', 'recaptcha_theme' => 'light', // light, dark + // min score for validation, between 0 - 1.0 + // https://developers.google.com/recaptcha/docs/v3#interpreting_the_score + 'recaptcha_v3_min_score' => 1.1, // 'generate_new_reckey' => true, // let player generate new recovery key, he will receive e-mail with new rec key (not display on page, hacker can't generate rec key) diff --git a/system/functions.php b/system/functions.php index 903570db..891a2ab3 100644 --- a/system/functions.php +++ b/system/functions.php @@ -496,8 +496,10 @@ function template_header($is_admin = false) '; - if($config['recaptcha_enabled']) - $ret .= ""; + if(config('recaptcha_enabled')) { + $ret .= ''; + } + return $ret; } diff --git a/system/libs/GoogleReCAPTCHA.php b/system/libs/GoogleReCAPTCHA.php new file mode 100644 index 00000000..d1799619 --- /dev/null +++ b/system/libs/GoogleReCAPTCHA.php @@ -0,0 +1,83 @@ +score . ', action:' . $json->action); + if (!isset($json->action) || $json->action !== $action) { + self::$errorType = self::ERROR_INVALID_ACTION; + self::$errorMessage = 'Google ReCaptcha returned invalid action.'; + return false; + } + + if (!isset($json->score) || $json->score < config('recaptcha_v3_min_score')) { + self::$errorType = self::ERROR_LOW_SCORE; + self::$errorMessage = 'Your Google ReCaptcha score was too low.'; + return false; + } + } + + if (!isset($json->success) || !$json->success) { + self::$errorType = self::ERROR_NO_SUCCESS; + self::$errorMessage = "Please confirm that you're not a robot."; + return false; + } + + return true; + } + + /** + * @return string + */ + public static function getErrorMessage() { + return self::$errorMessage; + } + + /** + * @return int + */ + public static function getErrorType() { + return self::$errorType; + } +} diff --git a/system/login.php b/system/login.php index 330efd13..452974cb 100644 --- a/system/login.php +++ b/system/login.php @@ -84,6 +84,14 @@ else $t = isset($tmp[$ip]) ? $tmp[$ip] : NULL; } + if(config('recaptcha_enabled')) + { + require LIBS . 'GoogleReCAPTCHA.php'; + if (!GoogleReCAPTCHA::verify('login')) { + $errors[] = GoogleReCAPTCHA::getErrorMessage(); + } + } + $account_logged = new OTS_Account(); if(USE_ACCOUNT_NAME) $account_logged->find($login_account); diff --git a/system/pages/createaccount.php b/system/pages/createaccount.php index 8af31629..49971e97 100644 --- a/system/pages/createaccount.php +++ b/system/pages/createaccount.php @@ -68,17 +68,12 @@ if($save) $errors['country'] = 'Country is invalid.'; } - if($config['recaptcha_enabled']) + if(config('recaptcha_enabled')) { - if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])) - { - $verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$config['recaptcha_secret_key'].'&response='.$_POST['g-recaptcha-response']); - $responseData = json_decode($verifyResponse); - if(!$responseData->success) - $errors['verification'] = "Please confirm that you're not a robot."; + require LIBS . 'GoogleReCAPTCHA.php'; + if (!GoogleReCAPTCHA::verify('register')) { + $errors['verification'] = GoogleReCAPTCHA::getErrorMessage(); } - else - $errors['verification'] = "Please confirm that you're not a robot."; } // password diff --git a/system/templates/account.create.html.twig b/system/templates/account.create.html.twig index a52119b7..9f8e83b4 100644 --- a/system/templates/account.create.html.twig +++ b/system/templates/account.create.html.twig @@ -104,19 +104,25 @@ {{ hook('HOOK_ACCOUNT_CREATE_AFTER_PASSWORDS') }} - {% if config.recaptcha_enabled %} - - - Verification: - - -
- - - {% if errors.verification is defined %} - {{ errors.verification }} - {% endif %} - {% endif %} + {% if config.recaptcha_enabled %} + {% if config.recaptcha_type == 'v3' %} + + {% elseif config.recaptcha_type == 'v2-invisible' %} +
+ {% elseif config.recaptcha_type == 'v2-checkbox' %} + + + Verification: + + +
+ + + {% if errors.verification is defined %} + {{ errors.verification }} + {% endif %} + {% endif %} + {% endif %} {{ hook('HOOK_ACCOUNT_CREATE_AFTER_RECAPTCHA') }} @@ -334,3 +340,7 @@ {{ hook('HOOK_ACCOUNT_CREATE_AFTER_FORM') }} +{% if config.recaptcha_enabled and config.recaptcha_type == 'v3' %} + {% set action = 'register' %} + {{ include('google_recaptcha_v3.html.twig') }} +{% endif %} \ No newline at end of file diff --git a/system/templates/account.login.html.twig b/system/templates/account.login.html.twig index 2ac4f3f6..40cd0f9c 100644 --- a/system/templates/account.login.html.twig +++ b/system/templates/account.login.html.twig @@ -39,6 +39,22 @@ Please enter your account {{ account|lower }} and your password.
+ {% if config.recaptcha_enabled %} + {% if config.recaptcha_type == 'v3' %} + + {% elseif config.recaptcha_type == 'v2-invisible' %} +
+ {% elseif config.recaptcha_type == 'v2-checkbox' %} + + + Verification: + + +
+ + + {% endif %} + {% endif %} {% if error is not null %} {{ error }} {% endif %} @@ -73,4 +89,8 @@ Please enter your account {{ account|lower }} and your password.
 + {% if config.recaptcha_enabled %} + {% if config.recaptcha_type == 'v3' %} + + {% elseif config.recaptcha_type == 'v2-invisible' %} +
+ {% elseif config.recaptcha_type == 'v2-checkbox' %} + + + Verification: + + +
+ + + {% endif %} + {% endif %}
@@ -142,3 +158,7 @@
+{% if config.recaptcha_enabled and config.recaptcha_type == 'v3' %} + {% set action = 'login' %} + {{ include('google_recaptcha_v3.html.twig') }} +{% endif %} \ No newline at end of file From fd51fa7779d1d15e1f54fe4563e6f9a0031267e7 Mon Sep 17 00:00:00 2001 From: slawkens Date: Fri, 16 Oct 2020 20:28:05 +0200 Subject: [PATCH 02/12] Add some notice about recaptchas versions --- config.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/config.php b/config.php index 75057068..2bdf1413 100644 --- a/config.php +++ b/config.php @@ -130,10 +130,12 @@ $config = array( 'recaptcha_type' => 'v3', // 'v2-checkbox', 'v2-invisible', 'v3' 'recaptcha_site_key' => '', // get your own site and secret keys at https://www.google.com/recaptcha 'recaptcha_secret_key' => '', + // following option apply only for ReCaptcha v2-checkbox 'recaptcha_theme' => 'light', // light, dark + // following option apply only for ReCaptcha v3 // min score for validation, between 0 - 1.0 // https://developers.google.com/recaptcha/docs/v3#interpreting_the_score - 'recaptcha_v3_min_score' => 1.1, + 'recaptcha_v3_min_score' => 0.5, // 'generate_new_reckey' => true, // let player generate new recovery key, he will receive e-mail with new rec key (not display on page, hacker can't generate rec key) From 87a98531d997f026e5924832aac5b7af9b6f1729 Mon Sep 17 00:00:00 2001 From: slawkens Date: Sun, 28 Aug 2022 18:13:34 +0200 Subject: [PATCH 03/12] Lets support only ReCaptcha v3 Too much mess ;) --- config.php | 6 +---- system/functions.php | 2 +- system/templates/account.create.html.twig | 24 ++++--------------- system/templates/account.login.html.twig | 19 +++------------ ...3.html.twig => google_recaptcha.html.twig} | 0 templates/tibiacom/account.login.html.twig | 21 ++++------------ 6 files changed, 13 insertions(+), 59 deletions(-) rename system/templates/{google_recaptcha_v3.html.twig => google_recaptcha.html.twig} (100%) diff --git a/config.php b/config.php index 2bdf1413..2ba7b93d 100644 --- a/config.php +++ b/config.php @@ -125,14 +125,10 @@ $config = array( 'smtp_secure' => '', // What kind of encryption to use on the SMTP connection. Options: '', 'ssl' (GMail) or 'tls' (Microsoft Outlook) 'smtp_debug' => false, // set true to debug (you will see more info in error.log) - // reCAPTCHA (prevent spam bots) + // reCAPTCHA v3 (prevent spam bots) 'recaptcha_enabled' => false, // enable recaptcha verification code - 'recaptcha_type' => 'v3', // 'v2-checkbox', 'v2-invisible', 'v3' 'recaptcha_site_key' => '', // get your own site and secret keys at https://www.google.com/recaptcha 'recaptcha_secret_key' => '', - // following option apply only for ReCaptcha v2-checkbox - 'recaptcha_theme' => 'light', // light, dark - // following option apply only for ReCaptcha v3 // min score for validation, between 0 - 1.0 // https://developers.google.com/recaptcha/docs/v3#interpreting_the_score 'recaptcha_v3_min_score' => 0.5, diff --git a/system/functions.php b/system/functions.php index 891a2ab3..c4b51046 100644 --- a/system/functions.php +++ b/system/functions.php @@ -497,7 +497,7 @@ function template_header($is_admin = false) '; if(config('recaptcha_enabled')) { - $ret .= ''; + $ret .= ''; } return $ret; diff --git a/system/templates/account.create.html.twig b/system/templates/account.create.html.twig index 9f8e83b4..2c4b9654 100644 --- a/system/templates/account.create.html.twig +++ b/system/templates/account.create.html.twig @@ -105,23 +105,7 @@ {{ hook('HOOK_ACCOUNT_CREATE_AFTER_PASSWORDS') }} {% if config.recaptcha_enabled %} - {% if config.recaptcha_type == 'v3' %} - - {% elseif config.recaptcha_type == 'v2-invisible' %} -
- {% elseif config.recaptcha_type == 'v2-checkbox' %} - - - Verification: - - -
- - - {% if errors.verification is defined %} - {{ errors.verification }} - {% endif %} - {% endif %} + {% endif %} {{ hook('HOOK_ACCOUNT_CREATE_AFTER_RECAPTCHA') }} @@ -340,7 +324,7 @@ {{ hook('HOOK_ACCOUNT_CREATE_AFTER_FORM') }} -{% if config.recaptcha_enabled and config.recaptcha_type == 'v3' %} +{% if config.recaptcha_enabled %} {% set action = 'register' %} - {{ include('google_recaptcha_v3.html.twig') }} -{% endif %} \ No newline at end of file + {{ include('google_recaptcha.html.twig') }} +{% endif %} diff --git a/system/templates/account.login.html.twig b/system/templates/account.login.html.twig index 40cd0f9c..cc10dd67 100644 --- a/system/templates/account.login.html.twig +++ b/system/templates/account.login.html.twig @@ -40,20 +40,7 @@ Please enter your account {{ account|lower }} and your password.
 Remember me {% if config.recaptcha_enabled %} - {% if config.recaptcha_type == 'v3' %} - {% elseif config.recaptcha_type == 'v2-invisible' %} -
- {% elseif config.recaptcha_type == 'v2-checkbox' %} - - - Verification: - - -
- - - {% endif %} {% endif %} {% if error is not null %} {{ error }} @@ -90,7 +77,7 @@ Please enter your account {{ account|lower }} and your password.
 Remember me {% if config.recaptcha_enabled %} - {% if config.recaptcha_type == 'v3' %} - - {% elseif config.recaptcha_type == 'v2-invisible' %} -
- {% elseif config.recaptcha_type == 'v2-checkbox' %} - - - Verification: - - -
- - - {% endif %} + {% endif %}
@@ -158,7 +145,7 @@
-{% if config.recaptcha_enabled and config.recaptcha_type == 'v3' %} +{% if config.recaptcha_enabled %} {% set action = 'login' %} - {{ include('google_recaptcha_v3.html.twig') }} -{% endif %} \ No newline at end of file + {{ include('google_recaptcha.html.twig') }} +{% endif %} From a9941dea8a0d7a947ddf36eb5335195393cb3123 Mon Sep 17 00:00:00 2001 From: slawkens Date: Mon, 29 Aug 2022 19:04:47 +0200 Subject: [PATCH 04/12] Fixes --- config.php | 4 ++-- system/libs/GoogleReCAPTCHA.php | 24 +++++++++------------ system/templates/templates.header.html.twig | 4 ++-- 3 files changed, 14 insertions(+), 18 deletions(-) diff --git a/config.php b/config.php index bd8483bf..36eda984 100644 --- a/config.php +++ b/config.php @@ -135,13 +135,13 @@ $config = array( 'smtp_secure' => '', // What kind of encryption to use on the SMTP connection. Options: '', 'ssl' (GMail) or 'tls' (Microsoft Outlook) 'smtp_debug' => false, // set true to debug (you will see more info in error.log) - // reCAPTCHA v3 (prevent spam bots) + // Google reCAPTCHA v3 (prevent spam bots) 'recaptcha_enabled' => false, // enable recaptcha verification code 'recaptcha_site_key' => '', // get your own site and secret keys at https://www.google.com/recaptcha 'recaptcha_secret_key' => '', // min score for validation, between 0 - 1.0 // https://developers.google.com/recaptcha/docs/v3#interpreting_the_score - 'recaptcha_v3_min_score' => 0.5, + 'recaptcha_min_score' => 0.5, // 'generate_new_reckey' => true, // let player generate new recovery key, he will receive e-mail with new rec key (not display on page, hacker can't generate rec key) diff --git a/system/libs/GoogleReCAPTCHA.php b/system/libs/GoogleReCAPTCHA.php index d1799619..fe4bda0a 100644 --- a/system/libs/GoogleReCAPTCHA.php +++ b/system/libs/GoogleReCAPTCHA.php @@ -41,21 +41,17 @@ class GoogleReCAPTCHA } $json = json_decode($response); + //log_append('recaptcha.log', 'recaptcha_score: ' . $json->score . ', action:' . $json->action); + if (!isset($json->action) || $json->action !== $action) { + self::$errorType = self::ERROR_INVALID_ACTION; + self::$errorMessage = 'Google ReCaptcha returned invalid action.'; + return false; + } - $recaptchaType = config('recaptcha_type'); - if ($recaptchaType === 'v3') { // score based - log_append('recaptcha.log', 'recaptcha_score: ' . $json->score . ', action:' . $json->action); - if (!isset($json->action) || $json->action !== $action) { - self::$errorType = self::ERROR_INVALID_ACTION; - self::$errorMessage = 'Google ReCaptcha returned invalid action.'; - return false; - } - - if (!isset($json->score) || $json->score < config('recaptcha_v3_min_score')) { - self::$errorType = self::ERROR_LOW_SCORE; - self::$errorMessage = 'Your Google ReCaptcha score was too low.'; - return false; - } + if (!isset($json->score) || $json->score < config('recaptcha_min_score')) { + self::$errorType = self::ERROR_LOW_SCORE; + self::$errorMessage = 'Your Google ReCaptcha score was too low.'; + return false; } if (!isset($json->success) || !$json->success) { diff --git a/system/templates/templates.header.html.twig b/system/templates/templates.header.html.twig index 6438076a..d6ae1fbb 100644 --- a/system/templates/templates.header.html.twig +++ b/system/templates/templates.header.html.twig @@ -17,5 +17,5 @@ {% if config.recaptcha_enabled %} - -{% endif %} \ No newline at end of file + +{% endif %} From a570363fe0341b25e1f59cd45bb1245eff37dc9c Mon Sep 17 00:00:00 2001 From: slawkens Date: Mon, 7 Nov 2022 09:07:32 +0100 Subject: [PATCH 05/12] Update README.md --- README.md | 43 ++++++++++++++++++++++++++++++++++--------- 1 file changed, 34 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 4cfe40ce..6fabc570 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# MyAAC +# [MyAAC](https://my-aac.org) [![Build Status Master](https://img.shields.io/travis/slawkens/myaac/master)](https://travis-ci.org/github/slawkens/myaac) [![License: GPL-3.0](https://img.shields.io/github/license/slawkens/myaac)](https://opensource.org/licenses/gpl-license) @@ -11,7 +11,7 @@ MyAAC is a free and open-source Automatic Account Creator (AAC) written in PHP. Official website: https://my-aac.org -### REQUIREMENTS +### Requirements - PHP 5.6 or later - MySQL database @@ -20,7 +20,7 @@ Official website: https://my-aac.org - ZIP PHP Extension - (optional) mod_rewrite to use friendly_urls -### INSTALLATION AND CONFIGURATION +### Installation Just decompress and untar the source (which you should have done by now, if you're reading this), into your webserver's document root. @@ -40,15 +40,40 @@ Official website: https://my-aac.org Visit http://your_domain/install (http://localhost/install) and follow instructions in the browser. -### KNOWN PROBLEMS +### Configuration - - none - +Check *config.php* to get more informations. +Use *config.local.php* for your local configuration changes. -### OTHER NOTES +### Branches + +This repository follows the Git Flow Workflow. +Cheatsheet: [Git-Flow-Cheetsheet](https://danielkummer.github.io/git-flow-cheatsheet) + +That means, we use: +* master branch, for current stable release +* develop branch, for development version (next release) +* feature branches, for features etc. + +### Known Problems + +- Some compatibility issues with some exotical distibutions. + +### Contributing + +Contributions are more than welcome. + +Pull requests should be made to the *develop* branch as that is the working branch, master is for release code. + +Bug fixes to current release should be done to master branch. + +Look: [Contributing](https://github.com/otsoft/myaac/wiki/Contributing) in our wiki. + +### Other Notes If you have a great idea or want contribute to the project - visit our website at https://www.my-aac.org -### LICENSING +### License - This program and all associated files are released under the GNU Public - License, see LICENSE for details. +This program and all associated files are released under the GNU Public License. +See [LICENSE](https://github.com/slawkens/myaac/blob/master/LICENSE) for details. From 2321cf84b0120ed1bf3ca38439ee44e7bd8c8dd4 Mon Sep 17 00:00:00 2001 From: slawkens Date: Mon, 7 Nov 2022 09:10:19 +0100 Subject: [PATCH 06/12] patch changes & fixes from master branch remove VERSION file update rules add 33 migration add get_version_for_release.sh script update schema add use_character_sample_skills --- CREDITS | 2 +- VERSION | 1 - common.php | 2 +- config.php | 2 ++ install/includes/schema.sql | 4 ++-- nginx-sample.conf | 4 ++-- release.sh | 8 ++++---- system/get_version_for_release.php | 4 ++++ system/libs/CreateCharacter.php | 22 +++++++++++++++++----- system/libs/pot/OTS_Player.php | 2 +- system/migrations/33.php | 6 ++++++ system/templates/rules.html.twig | 8 +------- 12 files changed, 41 insertions(+), 24 deletions(-) delete mode 100644 VERSION create mode 100644 system/get_version_for_release.php create mode 100644 system/migrations/33.php diff --git a/CREDITS b/CREDITS index f727b661..404de30c 100644 --- a/CREDITS +++ b/CREDITS @@ -1,3 +1,3 @@ * Gesior.pl (2007 - 2008) -* Slawkens (2009 - 2021) +* Slawkens (2009 - 2022) * Contributors listed in CONTRIBUTORS.txt diff --git a/VERSION b/VERSION deleted file mode 100644 index 16d5c109..00000000 --- a/VERSION +++ /dev/null @@ -1 +0,0 @@ -0.9.0-dev \ No newline at end of file diff --git a/common.php b/common.php index f0927d6b..df529a4a 100644 --- a/common.php +++ b/common.php @@ -27,7 +27,7 @@ if (version_compare(phpversion(), '7.1', '<')) die('PHP version 7.1 or higher is const MYAAC = true; const MYAAC_VERSION = '0.9.0-dev'; -const DATABASE_VERSION = 32; +const DATABASE_VERSION = 33; const TABLE_PREFIX = 'myaac_'; define('START_TIME', microtime(true)); define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX')); diff --git a/config.php b/config.php index 36eda984..4f4d4c5a 100644 --- a/config.php +++ b/config.php @@ -164,6 +164,8 @@ $config = array( 4 => 'Knight Sample' ), + 'use_character_sample_skills' => false, + // it must show limited number of players after using search in character page 'characters_search_limit' => 15, diff --git a/install/includes/schema.sql b/install/includes/schema.sql index fb097bb0..8a12dd40 100644 --- a/install/includes/schema.sql +++ b/install/includes/schema.sql @@ -1,4 +1,4 @@ -SET @myaac_database_version = 32; +SET @myaac_database_version = 33; CREATE TABLE `myaac_account_actions` ( @@ -327,7 +327,7 @@ CREATE TABLE `myaac_spells` CREATE TABLE `myaac_visitors` ( - `ip` VARCHAR(16) NOT NULL, + `ip` VARCHAR(45) NOT NULL, `lastvisit` INT(11) NOT NULL DEFAULT 0, `page` VARCHAR(2048) NOT NULL, UNIQUE (`ip`) diff --git a/nginx-sample.conf b/nginx-sample.conf index f826d21d..f659c531 100644 --- a/nginx-sample.conf +++ b/nginx-sample.conf @@ -11,7 +11,7 @@ server { location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_read_timeout 240; - fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; + fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; } location ~ /\.ht { @@ -22,4 +22,4 @@ server { deny all; return 404; } -} +} \ No newline at end of file diff --git a/release.sh b/release.sh index 6bf99385..e720a3a9 100644 --- a/release.sh +++ b/release.sh @@ -13,7 +13,7 @@ fi if [ $1 = "prepare" ]; then # define release version - version=`cat VERSION` + version=`php system/get_version_for_release.php` echo "Preparing to release version $version of the MyAAC Project!" @@ -24,7 +24,7 @@ if [ $1 = "prepare" ]; then # get myaac from git archive git archive --format zip --output tmp/myaac.zip master - cd tmp/ + cd tmp/ || exit dir="myaac-$version" if [ -d "$dir" ] ; then @@ -41,9 +41,9 @@ fi if [ $1 = "pack" ]; then # define release version - version=`cat VERSION` + version=`php system/get_version_for_release.php` - cd tmp + cd tmp || exit # tar.gz echo "Creating .tar.gz package.." diff --git a/system/get_version_for_release.php b/system/get_version_for_release.php new file mode 100644 index 00000000..fa378dbb --- /dev/null +++ b/system/get_version_for_release.php @@ -0,0 +1,4 @@ +setManaSpent($char_to_copy->getManaSpent()); $player->setSoul($char_to_copy->getSoul()); - for($skill = POT::SKILL_FIRST; $skill <= POT::SKILL_LAST; $skill++) - $player->setSkill($skill, 10); + for($skill = POT::SKILL_FIRST; $skill <= POT::SKILL_LAST; $skill++) { + $value = 10; + if (config('use_character_sample_skills')) { + $value = $char_to_copy->getSkill($skill); + } + + $player->setSkill($skill, $value); + } $player->setLookBody($char_to_copy->getLookBody()); $player->setLookFeet($char_to_copy->getLookFeet()); @@ -234,16 +240,22 @@ class CreateCharacter if($db->hasTable('player_skills')) { for($i=0; $i<7; $i++) { + $value = 10; + if (config('use_character_sample_skills')) { + $value = $char_to_copy->getSkill($i); + } $skillExists = $db->query('SELECT `skillid` FROM `player_skills` WHERE `player_id` = ' . $player->getId() . ' AND `skillid` = ' . $i); if($skillExists->rowCount() <= 0) { - $db->query('INSERT INTO `player_skills` (`player_id`, `skillid`, `value`, `count`) VALUES ('.$player->getId().', '.$i.', 10, 0)'); + $db->query('INSERT INTO `player_skills` (`player_id`, `skillid`, `value`, `count`) VALUES ('.$player->getId().', '.$i.', ' . $value . ', 0)'); } } } $loaded_items_to_copy = $db->query("SELECT * FROM player_items WHERE player_id = ".$char_to_copy->getId().""); - foreach($loaded_items_to_copy as $save_item) - $db->query("INSERT INTO `player_items` (`player_id` ,`pid` ,`sid` ,`itemtype`, `count`, `attributes`) VALUES ('".$player->getId()."', '".$save_item['pid']."', '".$save_item['sid']."', '".$save_item['itemtype']."', '".$save_item['count']."', '".$save_item['attributes']."');"); + foreach($loaded_items_to_copy as $save_item) { + $blob = $db->quote($save_item['attributes']); + $db->query("INSERT INTO `player_items` (`player_id` ,`pid` ,`sid` ,`itemtype`, `count`, `attributes`) VALUES ('".$player->getId()."', '".$save_item['pid']."', '".$save_item['sid']."', '".$save_item['itemtype']."', '".$save_item['count']."', $blob);"); + } global $twig; $twig->display('success.html.twig', array( diff --git a/system/libs/pot/OTS_Player.php b/system/libs/pot/OTS_Player.php index a32bed8a..b5f48dc6 100644 --- a/system/libs/pot/OTS_Player.php +++ b/system/libs/pot/OTS_Player.php @@ -2489,7 +2489,7 @@ class OTS_Player extends OTS_Row_DAO $value = $this->db->query('SELECT ' . $this->db->fieldName('value') . ' FROM ' . $this->db->tableName('player_storage') . ' WHERE ' . $this->db->fieldName('key') . ' = ' . (int) $key . ' AND ' . $this->db->fieldName('player_id') . ' = ' . $this->data['id'])->fetch(); - if($value !== false) + if($value === false) { return null; } diff --git a/system/migrations/33.php b/system/migrations/33.php new file mode 100644 index 00000000..12fe4c2c --- /dev/null +++ b/system/migrations/33.php @@ -0,0 +1,6 @@ +exec('ALTER TABLE `' . TABLE_PREFIX . "visitors` MODIFY `ip` VARCHAR(45) NOT NULL;"); diff --git a/system/templates/rules.html.twig b/system/templates/rules.html.twig index 83e0103f..55490047 100644 --- a/system/templates/rules.html.twig +++ b/system/templates/rules.html.twig @@ -1,8 +1,2 @@ -{% if constant('PAGE') == 'rules' %} {{ config.lua.serverName }} Rules
- -{% endif %} +{{ getCustomPage('rules_on_the_page') | nl2br }} From 42d531838ca10dc1c799346b53978fb1cabc2d39 Mon Sep 17 00:00:00 2001 From: Gabriel Pedro Date: Thu, 24 Nov 2022 03:19:09 -0400 Subject: [PATCH 07/12] feat: github actions phplint (#206) * feat: php linter on pull requests * test: breaking code * Revert "test: breaking code" This reverts commit 9d385a3421b3e2c72a5c7341bcd387663595c699. --- .github/workflows/phplint.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 .github/workflows/phplint.yml diff --git a/.github/workflows/phplint.yml b/.github/workflows/phplint.yml new file mode 100644 index 00000000..a9c0d700 --- /dev/null +++ b/.github/workflows/phplint.yml @@ -0,0 +1,13 @@ +name: PHP Linting +on: + pull_request: + branches: [master, develop] + push: + branches: [master] + +jobs: + phplint: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v1 + - uses: michaelw90/PHP-Lint@master From ac5b864ea92c5a506f6670ba2502a2e3a4473077 Mon Sep 17 00:00:00 2001 From: slawkens Date: Mon, 28 Nov 2022 12:26:34 +0100 Subject: [PATCH 08/12] Small fixes --- system/templates/admin.news.form.html.twig | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/system/templates/admin.news.form.html.twig b/system/templates/admin.news.form.html.twig index 2427429f..1c134c6e 100644 --- a/system/templates/admin.news.form.html.twig +++ b/system/templates/admin.news.form.html.twig @@ -22,9 +22,9 @@
From c73e476e8859ec1341407fe74a9b83835aea1ca1 Mon Sep 17 00:00:00 2001 From: slawkens Date: Mon, 28 Nov 2022 12:36:23 +0100 Subject: [PATCH 09/12] Reverted support only for recaptcha v3 v2 & v3 are now both supported --- config.php | 8 +++++-- system/templates/account.create.html.twig | 22 ++++++++++++++++--- system/templates/account.login.html.twig | 19 +++++++++++++--- ...tml.twig => google_recaptcha_v3.html.twig} | 0 templates/tibiacom/account.login.html.twig | 21 ++++++++++++++---- 5 files changed, 58 insertions(+), 12 deletions(-) rename system/templates/{google_recaptcha.html.twig => google_recaptcha_v3.html.twig} (100%) diff --git a/config.php b/config.php index 36eda984..5f6d7706 100644 --- a/config.php +++ b/config.php @@ -135,13 +135,17 @@ $config = array( 'smtp_secure' => '', // What kind of encryption to use on the SMTP connection. Options: '', 'ssl' (GMail) or 'tls' (Microsoft Outlook) 'smtp_debug' => false, // set true to debug (you will see more info in error.log) - // Google reCAPTCHA v3 (prevent spam bots) + // reCAPTCHA (prevent spam bots) 'recaptcha_enabled' => false, // enable recaptcha verification code + 'recaptcha_type' => 'v3', // 'v2-checkbox', 'v2-invisible', 'v3' 'recaptcha_site_key' => '', // get your own site and secret keys at https://www.google.com/recaptcha 'recaptcha_secret_key' => '', + // following option apply only for ReCaptcha v2-checkbox + 'recaptcha_theme' => 'light', // light, dark + // following option apply only for ReCaptcha v3 // min score for validation, between 0 - 1.0 // https://developers.google.com/recaptcha/docs/v3#interpreting_the_score - 'recaptcha_min_score' => 0.5, + 'recaptcha_v3_min_score' => 0.5, // 'generate_new_reckey' => true, // let player generate new recovery key, he will receive e-mail with new rec key (not display on page, hacker can't generate rec key) diff --git a/system/templates/account.create.html.twig b/system/templates/account.create.html.twig index 84be3ac6..b08ba42d 100644 --- a/system/templates/account.create.html.twig +++ b/system/templates/account.create.html.twig @@ -110,7 +110,23 @@ {{ hook('HOOK_ACCOUNT_CREATE_AFTER_PASSWORDS') }} {% if config.recaptcha_enabled %} - + {% if config.recaptcha_type == 'v3' %} + + {% elseif config.recaptcha_type == 'v2-invisible' %} +
+ {% elseif config.recaptcha_type == 'v2-checkbox' %} + + + Verification: + + +
+ + + {% if errors.verification is defined %} + {{ errors.verification }} + {% endif %} + {% endif %} {% endif %} {{ hook('HOOK_ACCOUNT_CREATE_AFTER_RECAPTCHA') }} @@ -329,9 +345,9 @@ {{ hook('HOOK_ACCOUNT_CREATE_AFTER_FORM') }} -{% if config.recaptcha_enabled %} +{% if config.recaptcha_enabled and config.recaptcha_type == 'v3' %} {% set action = 'register' %} - {{ include('google_recaptcha.html.twig') }} + {{ include('google_recaptcha_v3.html.twig') }} {% endif %}