diff --git a/TODO b/TODO new file mode 100644 index 00000000..10fc9f2e --- /dev/null +++ b/TODO @@ -0,0 +1,22 @@ +// MyAAC TODO + +0.* + * support duplicated vocation names with different ids + * plugins: option to define custom requirements check in json file, to check if system meets the requirement + * Inform user about Twig cache failure on installation, instead of 500 error + * add support for defining max myaac version in plugin.json file + +1.0: + * i18n support (issue #1 on github) + * New Admin Panel layout and interface + * change gifts_system to shop_system configurable + * rename templates to layouts as templates is meant to be used for twig templates + * remove compat functions + +At any time between (version not specified): + * better news archive with search function (like on tibia.com) + * guild wars management (issue #13 on github) + * update account.management page to be more realistic (like on tibia.com) + * update guilds page to be more realistic (like on tibia.com) + * possibility to add extra cache engines with plugins + * preferably configurable (enable/disable) forum TinyMCE editor \ No newline at end of file diff --git a/common.php b/common.php index 8b76cd2e..f527e329 100644 --- a/common.php +++ b/common.php @@ -26,7 +26,7 @@ session_start(); define('MYAAC', true); -define('MYAAC_VERSION', '0.7.2-dev'); +define('MYAAC_VERSION', '0.7.3-dev'); define('DATABASE_VERSION', 18); define('TABLE_PREFIX', 'myaac_'); define('START_TIME', microtime(true)); diff --git a/install/includes/config.php b/install/includes/config.php index d2928c93..67a73e03 100644 --- a/install/includes/config.php +++ b/install/includes/config.php @@ -1,12 +1,17 @@ 'welcome', 2 => 'license', 3 => 'requirements', 4 => 'config', 5 => 'database', 6 => 'admin', 7 => 'finish'); if(!in_array($step, $steps)) // check if step is valid die('ERROR: Unknown step.'); @@ -56,12 +56,46 @@ if($step == 'database') $step = 'config'; } } +else if($step == 'finish') { + // password + $password = $_SESSION['var_password']; + + if(isset($_SESSION['var_account'])) { + if(!Validator::accountName($_SESSION['var_account'])) { + $errors[] = $locale['step_admin_account_error_format']; + } + else if(strtoupper($_SESSION['var_account']) == strtoupper($password)) { + $errors[] = $locale['step_admin_account_error_same']; + } + } + else if(isset($_SESSION['var_account_id'])) { + if(!Validator::accountId($account_id)) { + $errors[] = $locale['step_admin_account_id_error_format']; + } + else if($_SESSION['var_account'] == $password) { + $errors[] = $locale['step_admin_account_id_error_same']; + } + } + + if(empty($password)) { + $errors[] = $locale['step_admin_password_error_empty']; + } + else if(!Validator::password($password)) { + $errors[] = $locale['step_admin_password_error_format']; + } + + if(!empty($errors)) { + $step = 'admin'; + } +} $error = false; // step include ob_start(); -require('steps/' . $step . '.php'); + +$step_id = array_search($step, $steps); +require('steps/' . $step_id . '-' . $step . '.php'); $content = ob_get_contents(); ob_end_clean(); diff --git a/install/steps/welcome.php b/install/steps/1-welcome.php similarity index 100% rename from install/steps/welcome.php rename to install/steps/1-welcome.php diff --git a/install/steps/license.php b/install/steps/2-license.php similarity index 100% rename from install/steps/license.php rename to install/steps/2-license.php diff --git a/install/steps/requirements.php b/install/steps/3-requirements.php similarity index 100% rename from install/steps/requirements.php rename to install/steps/3-requirements.php diff --git a/install/steps/config.php b/install/steps/4-config.php similarity index 100% rename from install/steps/config.php rename to install/steps/4-config.php diff --git a/install/steps/database.php b/install/steps/5-database.php similarity index 100% rename from install/steps/database.php rename to install/steps/5-database.php diff --git a/install/steps/admin.php b/install/steps/6-admin.php similarity index 87% rename from install/steps/admin.php rename to install/steps/6-admin.php index 7be88fc9..b3d46db4 100644 --- a/install/steps/admin.php +++ b/install/steps/6-admin.php @@ -8,6 +8,7 @@ if(!$error) { echo $twig->render('install.admin.html.twig', array( 'locale' => $locale, 'session' => $_SESSION, + 'errors' => isset($errors) ? $errors : null, 'buttons' => next_buttons(true, $error ? false : true) )); } diff --git a/install/steps/finish.php b/install/steps/7-finish.php similarity index 68% rename from install/steps/finish.php rename to install/steps/7-finish.php index f8a0426f..eb668947 100644 --- a/install/steps/finish.php +++ b/install/steps/7-finish.php @@ -20,27 +20,7 @@ else { $salt = generateRandomString(10, false, true, true); $password = $salt . $password; } -/* - $account_db = new OTS_Account(); - $account_db->load(1); - if($account_db->isLoaded()) { - if(USE_ACCOUNT_NAME) - $account_db->setName('dummy_account'); - $account_db->setPassword('for sample characters. ' . generateRandomString(10)); - $account_db->save(); - } - else { - $new_account = new OTS_Account(); - if(USE_ACCOUNT_NAME) - $new_account->create('dummy_account', 1); - else - $new_account->create(null, 1); - - $new_account->setPassword('for sample characters. ' . generateRandomString(10)); - $new_account->save(); - } -*/ $account_db = new OTS_Account(); if(isset($account)) $account_db->find($account); @@ -55,30 +35,20 @@ else { $player = new OTS_Player(); $player->setName('Admin'); - $player->setGroupId($groups->getHighestId()); + $player_used = &$player; } + else { + $player_used = &$player_db; + } + + $player_used->setGroupId($groups->getHighestId()); if($account_db->isLoaded()) { $account_db->setPassword(encrypt($password)); $account_db->setEMail($_SESSION['var_mail_admin']); $account_db->save(); - if($config_salt_enabled) - $account_db->setCustomField('salt', $salt); - - $account_db->setCustomField('web_flags', 3); - $account_db->setCustomField('country', 'us'); - if(fieldExist('group_id', 'accounts')) - $account_db->setCustomField('group_id', $groups->getHighestId()); - if(fieldExist('type', 'accounts')) - $account_db->setCustomField('type', 5); - - if(!$player_db->isLoaded()) - $player->setAccountId($account_db->getId()); - else - $player_db->setAccountId($account_db->getId()); - - setSession('account', $account_db->getId()); + $account_used = &$account_db; } else { $new_account = new OTS_Account(); @@ -90,28 +60,30 @@ else { $new_account->unblock(); $new_account->save(); - if($config_salt_enabled) - $new_account->setCustomField('salt', $salt); - $new_account->setCustomField('created', time()); - $new_account->setCustomField('web_flags', 3); - $new_account->setCustomField('country', 'us'); - if(fieldExist('group_id', 'accounts')) - $new_account->setCustomField('group_id', $groups->getHighestId()); - if(fieldExist('type', 'accounts')) - $new_account->setCustomField('type', 5); - $new_account->logAction('Account created.'); - if(!$player_db->isLoaded()) - $player->setAccountId($new_account->getId()); - else - $player_db->setAccountId($new_account->getId()); - - setSession('account', $new_account->getId()); + $account_used = &$new_account; } + if($config_salt_enabled) + $account_used->setCustomField('salt', $salt); + + $account_used->setCustomField('web_flags', FLAG_ADMIN + FLAG_SUPER_ADMIN); + $account_used->setCustomField('country', 'us'); + if(fieldExist('group_id', 'accounts')) + $account_used->setCustomField('group_id', $groups->getHighestId()); + if(fieldExist('type', 'accounts')) + $account_used->setCustomField('type', 5); + + if(!$player_db->isLoaded()) + $player->setAccountId($account_used->getId()); + else + $player_db->setAccountId($account_used->getId()); + success($locale['step_database_created_account']); + + setSession('account', $account_used->getId()); setSession('password', encrypt($password)); setSession('remember_me', true); @@ -143,31 +115,31 @@ INSERT INTO `myaac_news` (`id`, `type`, `date`, `category`, `title`, `body`, `pl $query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote('Rook Sample')); if($query->rowCount() == 0) { - if(!query($insert_into_players . "(null, 'Rook Sample', 4, " . getSession('account') . ", 1, 0, 150, 150, 4200, 118, 114, 38, 57, 130, 0, 0, 0, 0, 100, 11, 2200, 1298, 7, '', 400, 1, 1255179613, 2453925456, 1, 1255179614, 0, 0, UNIX_TIMESTAMP(), 1, '');")) + if(!query($insert_into_players . "(null, 'Rook Sample', 1, " . getSession('account') . ", 1, 0, 150, 150, 4200, 118, 114, 38, 57, 130, 0, 0, 0, 0, 100, 1, 1000, 1000, 7, '', 400, 1, 1255179613, 2453925456, 1, 1255179614, 0, 0, UNIX_TIMESTAMP(), 1, '');")) $success = false; } $query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote('Sorcerer Sample')); if($query->rowCount() == 0) { - if(!query($insert_into_players . "(null, 'Sorcerer Sample', 4, " . getSession('account') . ", 8, 1, 185, 185, 4200, 118, 114, 38, 57, 130, 0, 35, 35, 0, 100, 11, 2200, 1298, 7, '', 470, 1, 1255179571, 2453925456, 1, 1255179612, 0, 0, UNIX_TIMESTAMP(), 1, '');")) + if(!query($insert_into_players . "(null, 'Sorcerer Sample', 1, " . getSession('account') . ", 8, 1, 185, 185, 4200, 118, 114, 38, 57, 130, 0, 35, 35, 0, 100, 1, 1000, 1000, 7, '', 470, 1, 1255179571, 2453925456, 1, 1255179612, 0, 0, UNIX_TIMESTAMP(), 1, '');")) $success = false; } $query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote('Druid Sample')); if($query->rowCount() == 0) { - if(!query($insert_into_players . "(null, 'Druid Sample', 4, " . getSession('account') . ", 8, 2, 185, 185, 4200, 118, 114, 38, 57, 130, 0, 35, 35, 0, 100, 11, 2200, 1298, 7, '', 470, 1, 1255179655, 2453925456, 1, 1255179658, 0, 0, UNIX_TIMESTAMP(), 1, '');")) + if(!query($insert_into_players . "(null, 'Druid Sample', 1, " . getSession('account') . ", 8, 2, 185, 185, 4200, 118, 114, 38, 57, 130, 0, 35, 35, 0, 100, 1, 1000, 1000, 7, '', 470, 1, 1255179655, 2453925456, 1, 1255179658, 0, 0, UNIX_TIMESTAMP(), 1, '');")) $success = false; } $query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote('Paladin Sample')); if($query->rowCount() == 0) { - if(!query($insert_into_players . "(null, 'Paladin Sample', 4, " . getSession('account') . ", 8, 3, 185, 185, 4200, 118, 114, 38, 57, 129, 0, 35, 35, 0, 100, 11, 2200, 1298, 7, '', 470, 1, 1255179854, 2453925456, 1, 1255179858, 0, 0, UNIX_TIMESTAMP(), 1, '');")) + if(!query($insert_into_players . "(null, 'Paladin Sample', 1, " . getSession('account') . ", 8, 3, 185, 185, 4200, 118, 114, 38, 57, 129, 0, 35, 35, 0, 100, 1, 1000, 1000, 7, '', 470, 1, 1255179854, 2453925456, 1, 1255179858, 0, 0, UNIX_TIMESTAMP(), 1, '');")) $success = false; } $query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote('Knight Sample')); if($query->rowCount() == 0) { - if(!query($insert_into_players . "(null, 'Knight Sample', 4, " . getSession('account') . ", 8, 4, 185, 185, 4200, 118, 114, 38, 57, 131, 0, 35, 35, 0, 100, 11, 2200, 1298, 7, '', 470, 1, 1255179620, 2453925456, 1, 1255179654, 0, 0, UNIX_TIMESTAMP(), 1, '');")) + if(!query($insert_into_players . "(null, 'Knight Sample', 1, " . getSession('account') . ", 8, 4, 185, 185, 4200, 118, 114, 38, 57, 131, 0, 35, 35, 0, 100, 1, 1000, 1000, 7, '', 470, 1, 1255179620, 2453925456, 1, 1255179654, 0, 0, UNIX_TIMESTAMP(), 1, '');")) $success = false; } diff --git a/system/libs/validator.php b/system/libs/validator.php index 9e2bba3a..652aa59a 100644 --- a/system/libs/validator.php +++ b/system/libs/validator.php @@ -85,13 +85,7 @@ class Validator return false; } - if(strspn($name, "QWERTYUIOPASDFGHJKLZXCVBNM0123456789") != $length) - { - self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9.'; - return false; - } - - if(!preg_match("/[A-Z0-9]/", $name)) + if(!preg_match("/[A-Z0-9]/i", $name)) { self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9.'; return false; diff --git a/system/locale/en/install.php b/system/locale/en/install.php index e5c93343..b9eb0ab9 100644 --- a/system/locale/en/install.php +++ b/system/locale/en/install.php @@ -42,7 +42,6 @@ $locale['step_config'] = 'Configuration'; $locale['step_config_title'] = 'Basic configuration'; $locale['step_config_server_path'] = 'Server path'; $locale['step_config_server_path_desc'] = 'Path to your TFS main directory, where you have config.lua located.'; - $locale['step_config_mail_admin'] = 'Admin E-Mail'; $locale['step_config_mail_admin_desc'] = 'Address where emails from contact form will be delivered, for example admin@gmail.com'; $locale['step_config_mail_admin_error'] = 'Admin E-Mail is not correct.'; @@ -82,10 +81,16 @@ $locale['step_admin'] = 'Admin Account'; $locale['step_admin_title'] = 'Create Admin Account'; $locale['step_admin_account'] = 'Admin account name'; $locale['step_admin_account_desc'] = 'Name of your admin account, which will be used to login to website and server.'; +$locale['step_admin_account_error_format'] = 'Invalid account name format. Use only a-Z and numbers 0-9. Minimum 3, maximum 32 characters.'; +$locale['step_admin_account_error_same'] = 'Password may not be the same as account name.'; $locale['step_admin_account_id'] = 'Admin account id'; $locale['step_admin_account_id_desc'] = 'ID of your admin account, which will be used to login to website and server.'; +$locale['step_admin_account_id_error_format'] = 'Invalid account number format. Please use only numbers 0-9. Minimum 6, maximum 10 characters.'; +$locale['step_admin_account_id_error_same'] = 'Password may not be the same as account number.'; $locale['step_admin_password'] = 'Admin account password'; $locale['step_admin_password_desc'] = 'Password to your admin account.'; +$locale['step_admin_password_error_empty'] = 'Please enter the password for your new account.'; +$locale['step_admin_password_error_format'] = 'Invalid password format. Use only a-Z and numbers 0-9. Minimum 8, maximum 30 characters.'; // finish $locale['step_finish_admin_panel'] = 'Admin Panel'; diff --git a/system/locale/pl/install.php b/system/locale/pl/install.php index a1be3ab9..98ef31d0 100644 --- a/system/locale/pl/install.php +++ b/system/locale/pl/install.php @@ -42,11 +42,6 @@ $locale['step_config'] = 'Konfiguracja'; $locale['step_config_title'] = 'Podstawowa konfiguracja'; $locale['step_config_server_path'] = 'Ścieżka do serwera'; $locale['step_config_server_path_desc'] = 'Ścieżka do Twojego folderu z TFS, gdzie znajduje się plik config.lua.'; -$locale['step_config_account'] = 'Konto administratora'; -$locale['step_config_account_desc'] = 'Nazwa twojego konta admina, która będzie używana do logowania na stronę i do serwera.'; -$locale['step_config_password'] = 'Hasło do konta admina'; -$locale['step_config_password_desc'] = 'Hasło do Twojego konta administratora.'; - $locale['step_config_mail_admin'] = 'E-Mail admina'; $locale['step_config_mail_admin_desc'] = 'Na ten adres będą dostarczane E-Maile z formularza kontaktowego , przykładowo admin@gmail.com'; $locale['step_config_mail_admin_error'] = 'E-Mail admina jest niepoprawny.'; @@ -55,13 +50,16 @@ $locale['step_config_mail_address_desc'] = 'Ten adres będzie używany do wysył $locale['step_config_mail_address_error'] = 'E-Mail serwera jest niepoprawny.'; $locale['step_config_client'] = 'Wersja klienta'; $locale['step_config_client_desc'] = 'Używana do strony pobieranie klienta oraz kilku szablonów'; +$locale['step_config_usage'] = 'Raportowanie Statystyk'; +$locale['step_config_usage_desc'] = 'Zezwalaj MyAAC na raportowanie anonimowych statystyk? Dane są wysyłane raz na 30 dni i są w pełni anonimowe.'; // database -$locale['step_database'] = 'Baza'; +$locale['step_database'] = 'Baza Danych'; $locale['step_database_title'] = 'Baza MySQL'; $locale['step_database_importing'] = 'Twoja baza to MySQL. Importowanie schematu...'; $locale['step_database_error_path'] = 'Proszę podać ścieżkę do serwera.'; $locale['step_database_error_config'] = 'Nie można znaleźć pliku config. Jest Twoja ścieżka do katalogu serwera poprawna? Wróć się i sprawdź ponownie.'; +$locale['step_database_error_database_empty'] = 'Nie można wykryć typu bazy danych z pliku config.lua. Prawdopodobnie Twój OTS nie jest wspierany przez ten AAC.'; $locale['step_database_error_only_mysql'] = 'Ten AAC wspiera tylko bazy danych MySQL. Z Twojego pliku config wynika, że Twój serwera używa bazy: $DATABASE_TYPE$. Proszę zmienić typ bazy na MySQL i ponownie przystąpić do instalacji.'; $locale['step_database_error_table'] = 'Tabela $TABLE$ nie istnieje. Proszę najpierw zaimportować schemat bazy danych serwera OTS.'; $locale['step_database_error_table_exist'] = 'Tabela $TABLE$ już istnieje. Wygląda na to, że AAC został już zainstalowany. Schemat MySQL nie zostanie zaimportowany..'; @@ -72,9 +70,28 @@ $locale['step_database_adding_field'] = 'Dodawanie pola'; $locale['step_database_modifying_field'] = 'Modyfikacja pola'; $locale['step_database_changing_field'] = 'Zmiana $FIELD$ na $FIELD_NEW$...'; $locale['step_database_imported_players'] = 'Importowanie schematów graczy...'; +$locale['step_database_loaded_monsters'] = 'Załadowano potworki (monsters)...'; +$locale['step_database_error_monsters'] = 'Wystąpiły problemy podczas ładowania pliku monsters.xml. Zobacz $LOG$ po więcej informacji.'; +$locale['step_database_loaded_spells'] = 'Załadowano czary (spells)...'; $locale['step_database_created_account'] = 'Utworzono konto admina...'; $locale['step_database_created_news'] = 'Utworzono newsy...'; +// admin account +$locale['step_admin'] = 'Konto Admina'; +$locale['step_admin_title'] = 'Tworzenie Konta Admina'; +$locale['step_admin_account'] = 'Nazwa Konta Admina'; +$locale['step_admin_account_desc'] = 'Nazwa Twojego konta admina, która będzie używana do logowania na stronę i do serwera.'; +$locale['step_admin_account_error_format'] = 'Nieprawidłowy format nazwy konta. Używaj tylko znaków a-Z oraz liczb 0-9. Minimum 3, maksimum 32 znaków.'; +$locale['step_admin_account_error_same'] = 'Hasło nie może być takie same jak nazwa konta.'; +$locale['step_admin_account_id'] = 'Numer Konta Admina'; +$locale['step_admin_account_id_desc'] = 'Numer Twojego Konta Admina, który będzie używany do logowania do strony i na serwer.'; +$locale['step_admin_account_id_error_format'] = 'Nieprawidłowy format numeru konta. Używaj tylko liczb 0-9. Minimum 6, maksimum 10 znaków.'; +$locale['step_admin_account_id_error_same'] = 'Hasło nie może być takie same jak numer konta.'; +$locale['step_admin_password'] = 'Hasło Konta Admina'; +$locale['step_admin_password_desc'] = 'Hasło do Twojego Konta Admina.'; +$locale['step_admin_password_error_empty'] = 'Proszę podać hasło do Twojego nowego konta.'; +$locale['step_admin_password_error_format'] = 'Nieprawidłowy format hasła. Używaj tylko znaków a-Z oraz liczb 0-9. Minimum 8, maksimum 30 characters.'; + // finish $locale['step_finish_admin_panel'] = 'Panelu Admina'; $locale['step_finish_homepage'] = 'stronę główną'; diff --git a/system/pages/createaccount.php b/system/pages/createaccount.php index 845f4892..1a45cc7d 100644 --- a/system/pages/createaccount.php +++ b/system/pages/createaccount.php @@ -26,7 +26,6 @@ if($save) { if(USE_ACCOUNT_NAME) { $account_name = $_POST['account']; - $account_name_up = strtoupper($account_name); } else $account_id = $_POST['account']; @@ -40,7 +39,7 @@ if($save) if(!Validator::accountId($account_id)) $errors['account'] = Validator::getLastError(); } - else if(!Validator::accountName($account_name_up)) + else if(!Validator::accountName($account_name)) $errors['account'] = Validator::getLastError(); // email @@ -72,7 +71,7 @@ if($save) } // password - if(!isset($password[0])) { + if(empty($password)) { $errors['password'] = 'Please enter the password for your new account.'; } elseif($password != $password2) { @@ -83,8 +82,7 @@ if($save) } // check if account name is not equal to password - if(USE_ACCOUNT_NAME && $account_name_up == strtoupper($password)) - { + if(USE_ACCOUNT_NAME && strtoupper($account_name) == strtoupper($password)) { $errors['password'] = 'Password may not be the same as account name.'; } diff --git a/system/templates/install.admin.html.twig b/system/templates/install.admin.html.twig index 2c6b0b1c..07e94dde 100644 --- a/system/templates/install.admin.html.twig +++ b/system/templates/install.admin.html.twig @@ -23,5 +23,10 @@ {% endfor %} + {% if errors is defined %} + {% for error in errors %} +

{{ error }}

+ {% endfor %} + {% endif %} {{ buttons|raw }} \ No newline at end of file diff --git a/templates/tibiacom/account.login.html.twig b/templates/tibiacom/account.login.html.twig index 1f523434..a84ba6ea 100644 --- a/templates/tibiacom/account.login.html.twig +++ b/templates/tibiacom/account.login.html.twig @@ -1,4 +1,7 @@
+ {% if redirect is not null %} + + {% endif %}
diff --git a/templates/tibiacom/index.php b/templates/tibiacom/index.php index ec7ce9cb..4d9d5e6b 100644 --- a/templates/tibiacom/index.php +++ b/templates/tibiacom/index.php @@ -21,6 +21,9 @@ if(isset($config['boxes'])) if(PAGE != 'news') { if(strpos(URI, 'subtopic=') !== false) { $tmp = $_REQUEST['subtopic']; + if($tmp == 'accountmanagement') { + $tmp = 'accountmanage'; + } } else { $tmp = str_replace('/', '', URI); @@ -316,7 +319,7 @@ if(isset($config['boxes'])) $menus = get_template_menus(); foreach($config['menu_categories'] as $id => $cat) { - if(!isset($menus[$id])) { + if(!isset($menus[$id]) || ($id == MENU_CATEGORY_SHOP && !$config['gifts_system'])) { continue; } ?> diff --git a/tools/validate.php b/tools/validate.php index 41af9e8e..ff2d77d5 100644 --- a/tools/validate.php +++ b/tools/validate.php @@ -18,11 +18,8 @@ $error = ''; if(isset($_GET['account'])) { $account = $_GET['account']; - $tmp = strtoupper($account); - - if(USE_ACCOUNT_NAME) - { - if(!Validator::accountName($tmp)) + if(USE_ACCOUNT_NAME) { + if(!Validator::accountName($account)) error_(Validator::getLastError()); } else if(!Validator::accountId($account)) @@ -30,9 +27,9 @@ if(isset($_GET['account'])) $_account = new OTS_Account(); if(USE_ACCOUNT_NAME) - $_account->find($tmp); + $_account->find($account); else - $_account->load($tmp); + $_account->load($account); if($_account->isLoaded()) error_('Account with this name already exist.');