Merge branch 'main' into develop

"Implicitly marking parameter $var as nullable is deprecated, the explicit nullable type must be used instead"

.github/workflows/cypress.yml

@@ -22,7 +22,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-versions: [ '8.1', '8.2', '8.3' ]
+        php-versions: [ '8.1', '8.2', '8.3', '8.4' ]
         ots: ['tfs-1.4', 'canary-3.1.2'] # TODO: add 'tfs-master' (actually doesn't work cause AAC doesn't support reading .env configuration)
     name: Cypress (PHP ${{ matrix.php-versions }}, ${{ matrix.ots }})
     steps:
@@ -146,6 +146,7 @@ jobs:
           with:
             name: cypress-screenshots-${{ matrix.php-versions }}-${{ matrix.ots }}
             path: cypress/screenshots
+            if-no-files-found: ignore
 
         - name: Upload Cypress Videos
           uses: actions/upload-artifact@v4
@@ -153,6 +154,7 @@ jobs:
           with:
             name: cypress-videos-${{ matrix.php-versions }}-${{ matrix.ots }}
             path: cypress/videos
+            if-no-files-found: ignore
 
         - name: Upload PHP Logs
           uses: actions/upload-artifact@v4

.htaccess.dist

@@ -6,7 +6,7 @@
 	Options -MultiViews
 </IfModule>
 
-<FilesMatch "^(CHANGELOG\.md|README\.md|composer\.json|composer\.lock|package\.json|package-lock\.json|cypress\.env\.json)$">
+<FilesMatch "^(.*\.md|.*\.json|.*\.dist|.*\.sql|CHANGELOG|README|composer\.lock)$">
 	Require all denied
 </FilesMatch>
 

CHANGELOG-1.x.md

@@ -1,5 +1,46 @@
 # Changelog
 
+## [1.4 - 22.04.2025]
+
+### Added
+* feat: admin-pages (can add admin pages through plugins) (https://github.com/slawkens/myaac/commit/ceaa0639e66d31e8177ff90791463470367aa45d)
+	* just place the page in admin-pages folder in the plugin
+	* Also, possibility to overwrite default myaac admin pages
+* Add db->hasTableAndColumns(table, columns), credits to @opentibiabr Team (https://github.com/slawkens/myaac/commit/82a533d88c8a342076891d132b4b409ed9a1fe72)
+* Add noSubmit option to buttons.base (https://github.com/slawkens/myaac/commit/64f6d3abcada3bf9fd7599f50d2fac0a1367f383)
+
+### Fixed
+* Fix: display 404 error instead of 500 when page has been removed from filesystem (https://github.com/slawkens/myaac/commit/c2bf94fb2370d2009a2eb907f818955132cf8611)
+* Fix headline.php: change image format to .png cause of black background (https://github.com/slawkens/myaac/commit/b618084d50918539d9a70abd97e764137b966067)
+* Clear cache on plugin enable/disable, fixes some issues with plugin pages being cached (https://github.com/slawkens/myaac/commit/1d0c173e7d000aecbd432800941fc3e38a0e50f2)
+* Do not autoload sub-folders if autoload pages is disabled (https://github.com/slawkens/myaac/commit/d47195a7878095336f9c9edc6f96244257f67eec)
+
+### Changed
+* SQL Syntax Standardization (by @JoaozinhoBrasil, #298)
+* Pages in theme/template folder will now have precedence over normal pages (https://github.com/slawkens/myaac/commit/6d8f4718a1d349fba8f0ebc39cfd3a1a84d104b0)
+* Small changes in account.login.html.twig (https://github.com/slawkens/myaac/commit/f40b986b59d4c8fa89ab4745731bf366f8619976)
+* Plugin name is required, version is optional (https://github.com/slawkens/myaac/commit/e6f05a2731c61d931be49e121c068e49c0ad5e01)
+
+## [1.3.3 - 04.04.2025]
+
+### Fixed
+* Fix uninstall plugin when plugin is disabled (https://github.com/slawkens/myaac/commit/6c568fd36a271270684fc412ccd556b230273a6d)
+
+### Changed
+* Display more useful info when error parsing config.lua (https://github.com/slawkens/myaac/commit/fa6b6aa153ffc131e0d1631a4dcd9012a5850c2e)
+
+### Other
+* Small adjustments (https://github.com/slawkens/myaac/commit/35e2483de86e295bdf089cceffa25842eeb2e34c, https://github.com/slawkens/myaac/commit/ae639d65b0bfa491e747e907e2ebc77f83f47981)
+
+## [1.3.2 - 01.04.2025]
+
+### Fixed
+* Fix debugBar/admin panel menu when using custom base_dir (https://github.com/slawkens/myaac/commit/65696f63e3aac02ff952ea81279e7cb2fa7570fb)
+
+### Changed
+* Settings: Show/hide IP Ban Protection options depending on the value (enabled/disabled) (https://github.com/slawkens/myaac/commit/dbf73d0b61b45601ae95e51b23c051c2704169c5)
+* Do not require init.php in cache:clear command (https://github.com/slawkens/myaac/commit/d25c71857f767834239bbffacd00fdc671adb157)
+
 ## [1.3.1 - 19.03.2025]
 
 ### Fixed

README.md

@@ -1,6 +1,6 @@
 # [MyAAC](https://my-aac.org)
 
-MyAAC is a free and open-source Automatic Account Creator (AAC) written in PHP. It is a fork of the [Gesior](https://github.com/gesior/Gesior2012) project. It supports only MySQL databases.
+MyAAC is a free and open-source Automatic Account Creator (AAC) for Open Tibia Servers written in PHP. It is a fork of the [Gesior](https://github.com/gesior/Gesior2012) project. It supports only MySQL databases.
 
 Official website: https://my-aac.org
 
@@ -10,12 +10,19 @@ Official website: https://my-aac.org
 [![OpenTibia Discord](https://img.shields.io/discord/288399552581468162)](https://discord.gg/2J39Wus)
 [![Closed Issues](https://img.shields.io/github/issues-closed-raw/slawkens/myaac)](https://github.com/slawkens/myaac/issues?q=is%3Aissue+is%3Aclosed)
 
-| Version | Status                 | Branch | Requirements   |
-|:--------|:-----------------------|:-------|:---------------|
-| **1.x** | **Active development** | master | **PHP >= 8.1** |
-| 0.9.x   | Not developed anymore  | 0.9    | PHP >= 7.2.5   |
-| 0.8.x   | Active support         | 0.8    | PHP >= 7.2.5   |
-| 0.7.x   | End Of Life            | 0.7    | PHP >= 5.3.3   |
+| Version | Status                 | Branch  | Requirements   |
+|:--------|:-----------------------|:--------|:---------------|
+| 2.x     | Experimental features  | develop | PHP >= 8.1     |
+| **1.x** | **Active development** | main    | **PHP >= 8.1** |
+| 0.9.x   | Not developed anymore  | 0.9     | PHP >= 7.2.5   |
+| 0.8.x   | Active support         | 0.8     | PHP >= 7.2.5   |
+| 0.7.x   | End Of Life            | 0.7     | PHP >= 5.3.3   |
+
+The recommended version to install is 1.x, which can be found at releases page - [https://github.com/slawkens/myaac/releases](https://github.com/slawkens/myaac/releases).
+
+### Documentation
+* [docs.my-aac.org](https://docs.my-aac.org)
+* [my-aac.org - FAQ](https://my-aac.org/faqs/)
 
 ### Requirements
 
@@ -47,23 +54,23 @@ Official website: https://my-aac.org
 
 ### Configuration
 
-Check *config.php* to get more informations. (Notice: MyAAC 1.0+ doesn't use config.php anymore, it has been moved to Admin Panel - Settings page).
+Check *config.php* to get more information. (Notice: MyAAC 1.0+ doesn't use config.php anymore, it has been moved to Admin Panel - Settings page).
 
 Use *config.local.php* for your local configuration changes.
 
 ### Branches
 
 This repository follows the Git Flow Workflow.
-Cheatsheet: [Git-Flow-Cheetsheet](https://danielkummer.github.io/git-flow-cheatsheet)
+Cheatsheet: [Git-Flow-Cheatsheet](https://danielkummer.github.io/git-flow-cheatsheet)
 
 That means, we use:
-* master branch, for current stable release
+* main branch, for current stable release
 * develop branch, for development version (next release)
 * feature branches, for features etc.
 
 ### Known Problems
 
-- Some compatibility issues with some exotical distibutions.
+- Some compatibility issues with some exotic distributions.
 
 ### Contributing
 
@@ -77,7 +84,7 @@ Look: [Contributing](https://github.com/otsoft/myaac/wiki/Contributing) in our w
 
 ### Other Notes
 
-If you have a great idea or want contribute to the project - visit our website at https://www.my-aac.org
+If you have a great idea or want to contribute to the project - visit our website at https://www.my-aac.org
 
 ## Project supported by JetBrains
 

aac

@@ -3,5 +3,34 @@
 
 require_once __DIR__ . '/common.php';
 
-$console = new \MyAAC\App\Console();
-$console->run();
+if(!IS_CLI) {
+	echo 'This script can be run only in command line mode.';
+	exit(1);
+}
+
+require_once SYSTEM . 'functions.php';
+
+define('SELF_NAME', basename(__FILE__));
+
+use MyAAC\Plugins;
+use Symfony\Component\Console\Application;
+
+$application = new Application('MyAAC', MYAAC_VERSION);
+
+$commandsGlob = glob(SYSTEM . 'src/Commands/*.php');
+foreach ($commandsGlob as $item) {
+	$name = pathinfo($item, PATHINFO_FILENAME);
+	if ($name == 'Command') { // ignore base Command class
+		continue;
+	}
+
+	$commandPre = '\\MyAAC\Commands\\';
+	$application->add(new ($commandPre . $name));
+}
+
+$pluginCommands = Plugins::getCommands();
+foreach ($pluginCommands as $item) {
+	$application->add(require $item);
+}
+
+$application->run();

admin/includes/debugbar.php

@@ -7,7 +7,7 @@ $hooks->register('debugbar_admin_head_end', HOOK_ADMIN_HEAD_END, function ($para
 		return;
 	}
 
-	$debugBarRenderer = $debugBar->getJavascriptRenderer();
+	$debugBarRenderer = $debugBar->getJavascriptRenderer(BASE_URL . 'vendor/maximebf/debugbar/src/DebugBar/Resources/');
 	echo $debugBarRenderer->renderHead();
 });
 $hooks->register('debugbar_admin_body_end', HOOK_ADMIN_BODY_END, function ($params) {
@@ -17,6 +17,6 @@ $hooks->register('debugbar_admin_body_end', HOOK_ADMIN_BODY_END, function ($para
 		return;
 	}
 
-	$debugBarRenderer = $debugBar->getJavascriptRenderer();
+	$debugBarRenderer = $debugBar->getJavascriptRenderer(BASE_URL . 'vendor/maximebf/debugbar/src/DebugBar/Resources/');
 	echo $debugBarRenderer->render();
 });

admin/index.php

@@ -1,8 +1,75 @@
 <?php
-require_once '../common.php';
-require_once SYSTEM . 'functions.php';
 
+// few things we'll need
+use MyAAC\Plugins;
+
+require '../common.php';
+
+const ADMIN_PANEL = true;
 const MYAAC_ADMIN = true;
 
-$admin = new \MyAAC\App\Admin();
-$admin->run();
+if(file_exists(BASE . 'install') && (!isset($config['installed']) || !$config['installed']))
+{
+	header('Location: ' . BASE_URL . 'install/');
+	throw new RuntimeException('Setup detected that <b>install/</b> directory exists. Please visit <a href="' . BASE_URL . 'install">this</a> url to start MyAAC Installation.<br/>Delete <b>install/</b> directory if you already installed MyAAC.<br/>Remember to REFRESH this page when you\'re done!');
+}
+
+$content = '';
+
+// validate page
+$page = $_GET['p'] ?? '';
+if(empty($page) || preg_match("/[^a-zA-Z0-9_\-\/.]/", $page))
+	$page = 'dashboard';
+
+$page = strtolower($page);
+define('PAGE', $page);
+
+require SYSTEM . 'functions.php';
+require SYSTEM . 'init.php';
+
+require __DIR__ . '/includes/debugbar.php';
+require SYSTEM . 'status.php';
+require SYSTEM . 'login.php';
+require __DIR__ . '/includes/functions.php';
+
+$twig->addGlobal('config', $config);
+$twig->addGlobal('status', $status);
+
+if (ACTION == 'logout') {
+	require SYSTEM . 'logout.php';
+}
+
+// if we're not logged in - show login box
+if(!$logged || !admin()) {
+	$page = 'login';
+}
+
+$pluginsAdminPages = Plugins::getAdminPages();
+if(isset($pluginsAdminPages[$page]) && file_exists(BASE . $pluginsAdminPages[$page])) {
+	$file = BASE . $pluginsAdminPages[$page];
+}
+else {
+	// include our page
+	$file = __DIR__ . '/pages/' . $page . '.php';
+	if(!@file_exists($file)) {
+		if (str_contains($page, 'plugins/')) {
+			$file = BASE . $page;
+		}
+		else {
+			$page = '404';
+			$file = SYSTEM . 'pages/404.php';
+		}
+	}
+}
+
+ob_start();
+if($hooks->trigger(HOOK_ADMIN_BEFORE_PAGE)) {
+	require $file;
+}
+
+$content .= ob_get_contents();
+ob_end_clean();
+
+// template
+$template_path = 'template/';
+require __DIR__ . '/' . $template_path . 'template.php';

admin/pages/accounts.php

@@ -94,7 +94,7 @@ else if (isset($_REQUEST['search'])) {
 ?>
 <div class="row">
 	<?php
-	$groups = app()->get('groups');
+	$groups = new OTS_Groups_List();
 	if ($id > 0) {
 		$account = new OTS_Account();
 		$account->load($id);

admin/pages/changelog.php

@@ -110,7 +110,7 @@ if($action == 'edit' || $action == 'new') {
 		$player->load($player_id);
 	}
 
-	$account_players = accountLogged()->getPlayersList();
+	$account_players = $account_logged->getPlayersList();
 	$account_players->orderBy('group_id', POT::ORDER_DESC);
 	$twig->display('admin.changelog.form.html.twig', array(
 		'action' => $action,

admin/pages/login.php

@@ -13,7 +13,7 @@ $title = 'Login';
 csrfProtect();
 
 require PAGES . 'account/login.php';
-if (logged()) {
+if ($logged) {
 	header('Location: ' . (admin() ? ADMIN_URL : BASE_URL));
 	return;
 }

admin/pages/mass_account.php

@@ -57,14 +57,13 @@ function admin_give_coins($coins)
 
 function admin_give_premdays($days)
 {
-	global $freePremium;
+	global $db, $freePremium;
 
 	if ($freePremium) {
 		displayMessage('Premium days not supported. Free Premium enabled.');
 		return;
 	}
 
-	$db = app()->get('database');
 	$value = $days * 86400;
 	$now = time();
 	// othire
@@ -175,12 +174,10 @@ else {
 }
 
 function displayMessage($message, $success = false) {
-	global $hasCoinsColumn, $hasPointsColumn, $freePremium;
+	global $twig, $hasCoinsColumn, $hasPointsColumn, $freePremium;
 
 	$success ? success($message): error($message);
 
-	$twig = app()->get('twig');
-
 	$twig->display('admin.tools.account.html.twig', array(
 		'hasCoinsColumn' => $hasCoinsColumn,
 		'hasPointsColumn' => $hasPointsColumn,

admin/pages/mass_teleport.php

@@ -99,9 +99,9 @@ else {
 }
 
 
-function displayMessage($message, $success = false)
-{
-	$twig = app()->get('twig');
+function displayMessage($message, $success = false) {
+	global $twig;
+
 	$success ? success($message): error($message);
 	$twig->display('admin.tools.teleport.html.twig', array());
 }

admin/pages/menus.php

@@ -203,7 +203,7 @@ if (isset($_POST['template'])) {
 
 function onTemplateMenusChange(): void
 {
-	$cache = app()->get('cache');
+	$cache = Cache::getInstance();
 	if ($cache->enabled()) {
 		$cache->delete('template_menus');
 	}

admin/pages/modules/statistics.php

@@ -7,8 +7,6 @@ use MyAAC\Models\Monster;
 use MyAAC\Models\Player;
 
 defined('MYAAC') or die('Direct access not allowed!');
-
-global $eloquentConnection;
 $count = $eloquentConnection->query()
 	->select([
 		'total_accounts' => Account::selectRaw('COUNT(id)'),

admin/pages/news.php

@@ -50,7 +50,7 @@ if(!empty($action))
 	if (isRequestMethod('post')) {
 		if ($action == 'new') {
 			if (isset($forum_section) && $forum_section != '-1') {
-				$forum_add = Forum::add_thread($p_title, $body, $forum_section, $player_id, accountLogged()->getId(), $errors);
+				$forum_add = Forum::add_thread($p_title, $body, $forum_section, $player_id, $account_logged->getId(), $errors);
 			}
 
 			if (isset($p_title) && News::add($p_title, $body, $type, $category, $player_id, isset($forum_add) && $forum_add != 0 ? $forum_add : 0, $article_text, $article_image, $errors)) {
@@ -113,7 +113,7 @@ if($action == 'edit' || $action == 'new') {
 		$player->load($player_id);
 	}
 
-	$account_players = accountLogged()->getPlayersList();
+	$account_players = $account_logged->getPlayersList();
 	$account_players->orderBy('group_id', POT::ORDER_DESC);
 	$twig->display('admin.news.form.html.twig', array(
 		'action' => $action,

admin/pages/notepad.php

@@ -15,18 +15,21 @@ $title = 'Notepad';
 
 csrfProtect();
 
+/**
+ * @var OTS_Account $account_logged
+ */
 $_content = '';
-$notepad = ModelsNotepad::where('account_id', accountLogged()->getId())->first();
+$notepad = ModelsNotepad::where('account_id', $account_logged->getId())->first();
 if (isset($_POST['content'])) {
 	$_content = html_entity_decode(stripslashes($_POST['content']));
 	if (!$notepad) {
 		ModelsNotepad::create([
-			'account_id' => accountLogged()->getId(),
+			'account_id' => $account_logged->getId(),
 			'content' => $_content
 		]);
 	}
 	else {
-		ModelsNotepad::where('account_id', accountLogged()->getId())->update(['content' => $_content]);
+		ModelsNotepad::where('account_id', $account_logged->getId())->update(['content' => $_content]);
 	}
 
 	success('Saved at ' . date('H:i'));

admin/pages/pages.php

@@ -25,7 +25,7 @@ if (!hasFlag(FLAG_CONTENT_PAGES) && !superAdmin()) {
 header('X-XSS-Protection:0');
 
 $name = $p_title = null;
-$groups = app()->get('groups');
+$groups = new OTS_Groups_List();
 
 $php = false;
 $enable_tinymce = true;

admin/pages/players.php

@@ -71,7 +71,7 @@ else if (isset($_REQUEST['search'])) {
 ?>
 <div class="row">
 	<?php
-	$groups = app()->get('groups');
+	$groups = new OTS_Groups_List();
 	if ($id > 0) {
 		$player = new OTS_Player();
 		$player->load($id);

admin/pages/plugins.php

@@ -17,7 +17,7 @@ csrfProtect();
 
 $use_datatable = true;
 
-if (!getBoolean(setting('core.admin_plugins_manage_enable'))) {
+if (!setting('core.admin_plugins_manage_enable')) {
 	warning('Plugin installation and management is disabled in Settings.<br/>If you wish to enable, go to Settings and enable <strong>Enable Plugins Manage</strong>.');
 }
 else {

admin/template/menus.php

@@ -1,7 +1,5 @@
 <?php
 
-global $menus;
-
 $menus = [
 	['name' => 'Dashboard', 'icon' => 'tachometer-alt', 'order' => 10, 'link' => 'dashboard'],
 	['name' => 'Settings', 'icon' => 'edit', 'order' => 19, 'link' =>

admin/template/template.php

@@ -21,7 +21,7 @@
 </head>
 <body class="sidebar-mini ">
 <?php $hooks->trigger(HOOK_ADMIN_BODY_START); ?>
-<?php if (admin()) { ?>
+<?php if ($logged && admin()) { ?>
 	<div class="wrapper">
 		<nav class="main-header navbar navbar-expand navbar-white navbar-light">
 			<ul class="navbar-nav">
@@ -40,7 +40,7 @@
 		</nav>
 		<aside class="main-sidebar sidebar-dark-info elevation-4">
 			<a href="<?php echo ADMIN_URL; ?>" class="brand-link navbar-info">
-				<img src="<?php echo ADMIN_URL; ?>images/logo.png" class="brand-image img-circle elevation-3" style="opacity: .8" alt="MyAAC">
+				<img src="<?php echo ADMIN_URL; ?>images/logo.png" class="brand-image img-circle elevation-3" style="opacity: .8">
 				<span class="brand-text"><b>My</b>AAC</span>
 			</a>
 			<div class="sidebar">
@@ -97,6 +97,20 @@
 								<?php
 							}
 						}
+
+						$query = $db->query('SELECT `name`, `page`, `flags` FROM `' . TABLE_PREFIX . 'admin_menu` ORDER BY `ordering`');
+						$menu_db = $query->fetchAll();
+						foreach ($menu_db as $item) {
+							if ($item['flags'] == 0 || hasFlag($item['flags'])) { ?>
+								<li class="nav-item">
+									<a class="nav-link<?php echo($page == $item['page'] ? ' active' : '') ?>" href="?p=<?php echo $item['page'] ?>">
+										<i class="nav-icon fas fa-link"></i>
+										<p><?php echo $item['name'] ?></p>
+									</a>
+								</li>
+								<?php
+							}
+						}
 						?>
 					</ul>
 				</nav>
@@ -108,7 +122,7 @@
 				<div class="container-fluid">
 					<div class="row mb-2">
 						<div class="col-sm-6">
-							<h3 class="m-0 text-dark"><?php echo($title ?? ''); ?><small> - Admin Panel</small></h3>
+							<h3 class="m-0 text-dark"><?php echo(isset($title) ? $title : ''); ?><small> - Admin Panel</small></h3>
 						</div>
 						<div class="col-sm-6">
 							<div class="float-sm-right d-none d-sm-inline">
@@ -163,14 +177,17 @@
 		<div id="sidebar-overlay"></div>
 	</div>
 
-<?php } else if (!logged() && !admin()) {
+<?php } else if (!$logged && !admin()) {
 	echo $content;
 }
 ?>
 <?php
-if (admin()) {
+/**
+ * @var OTS_Account $account_logged
+ */
+if ($logged && admin()) {
 	$twig->display('admin-bar.html.twig', [
-		'username' => USE_ACCOUNT_NAME ? accountLogged()->getName() : accountLogged()->getId()
+		'username' => USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()
 	]);
 }
 ?>

admin/tools/phpinfo.php

@@ -1,22 +1,15 @@
 <?php
-
-use MyAAC\Services\LoginService;
-
 define('MYAAC_ADMIN', true);
 
 require '../../common.php';
 require SYSTEM . 'functions.php';
 require SYSTEM . 'init.php';
+require SYSTEM . 'login.php';
 
-$loginService = new LoginService();
-$loginService->checkLogin();
-
-if(!admin()) {
+if(!admin())
 	die('Access denied.');
-}
 
-if(!function_exists('phpinfo')) {
+if(!function_exists('phpinfo'))
 	die('phpinfo() disabled on this web server.');
-}
 
 phpinfo();

admin/tools/reload_data.php

@@ -24,20 +24,16 @@
  */
 
 use MyAAC\DataLoader;
-use MyAAC\Services\LoginService;
 
 const MYAAC_ADMIN = true;
 
 require '../../common.php';
 require SYSTEM . 'functions.php';
 require SYSTEM . 'init.php';
+require SYSTEM . 'login.php';
 
-$loginService = new LoginService();
-$loginService->checkLogin();
-
-if (!admin()) {
+if (!admin())
 	die('Access denied.');
-}
 
 ini_set('max_execution_time', 300);
 ob_implicit_flush();

admin/tools/settings_save.php

@@ -1,6 +1,6 @@
 <?php
 
-use MyAAC\Services\LoginService;
+use MyAAC\Hooks;
 use MyAAC\Settings;
 
 const MYAAC_ADMIN = true;
@@ -8,9 +8,7 @@ const MYAAC_ADMIN = true;
 require '../../common.php';
 require SYSTEM . 'functions.php';
 require SYSTEM . 'init.php';
-
-$loginService = new LoginService();
-$loginService->checkLogin();
+require SYSTEM . 'login.php';
 
 if(!admin()) {
 	http_response_code(500);
@@ -29,7 +27,7 @@ if (!isset($_POST['settings'])) {
 	die('Please enter settings.');
 }
 
-$settings = app()->get('settings');
+$settings = Settings::getInstance();
 
 $success = $settings->save($_REQUEST['plugin'], $_POST['settings']);
 

admin/tools/status.php

@@ -1,20 +1,14 @@
 <?php
-
-use MyAAC\Services\LoginService;
-
 define('MYAAC_ADMIN', true);
 
 require '../../common.php';
 require SYSTEM . 'init.php';
 require SYSTEM . 'functions.php';
 require SYSTEM . 'status.php';
+require SYSTEM . 'login.php';
 
-$loginService = new LoginService();
-$loginService->checkLogin();
-
-if(!admin()) {
+if(!admin())
 	die('Access denied.');
-}
 
 if(!$status['online'])
 	die('Offline');

admin/tools/upload_image.php

@@ -1,19 +1,13 @@
 <?php
-
-use MyAAC\Services\LoginService;
-
 define('MYAAC_ADMIN', true);
 
 require '../../common.php';
 require SYSTEM . 'functions.php';
 require SYSTEM . 'init.php';
+require SYSTEM . 'login.php';
 
-$loginService = new LoginService();
-$loginService->checkLogin();
-
-if(!admin()) {
+if(!admin())
 	die('Access denied.');
-}
 
 // Don't attempt to process the upload on an OPTIONS request
 if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {

index.php

@@ -24,7 +24,161 @@
  * @link      https://my-aac.org
  */
 
+use MyAAC\UsageStatistics;
+use MyAAC\Visitors;
+
 require_once 'common.php';
 require_once SYSTEM . 'functions.php';
 
-app()->run();
+$uri = $_SERVER['REQUEST_URI'];
+if(str_contains($uri, 'index.php')) {
+	$uri = str_replace_first('/index.php', '', $uri);
+}
+
+if(str_starts_with($uri, '/')) {
+	$uri = str_replace_first('/', '', $uri);
+}
+
+if(preg_match("/^[A-Za-z0-9-_%'+\/]+\.png$/i", $uri)) {
+	if (!empty(BASE_DIR)) {
+		$tmp = explode('.', str_replace_first(str_replace_first('/', '', BASE_DIR) . '/', '', $uri));
+	}
+	else {
+		$tmp = explode('.', $uri);
+	}
+
+	$_REQUEST['name'] = urldecode($tmp[0]);
+
+	chdir(TOOLS . 'signature');
+	include TOOLS . 'signature/index.php';
+	exit();
+}
+
+if(preg_match("/^(.*)\.(gif|jpg|png|jpeg|tiff|bmp|css|js|less|map|html|zip|rar|gz|ttf|woff|ico)$/i", $_SERVER['REQUEST_URI'])) {
+	http_response_code(404);
+	exit;
+}
+
+if((!isset($config['installed']) || !$config['installed']) && file_exists(BASE . 'install'))
+{
+	header('Location: ' . BASE_URL . 'install/');
+	exit();
+}
+
+$template_place_holders = array();
+
+require_once SYSTEM . 'init.php';
+
+require_once SYSTEM . 'template.php';
+require_once SYSTEM . 'login.php';
+require_once SYSTEM . 'status.php';
+
+$twig->addGlobal('config', $config);
+$twig->addGlobal('status', $status);
+
+$hooks->trigger(HOOK_STARTUP);
+
+// backward support for gesior
+if(setting('core.backward_support')) {
+	define('INITIALIZED', true);
+	$SQL = $db;
+	$layout_header = template_header();
+	$layout_name = $template_path;
+	$news_content = '';
+	$tickers_content = '';
+	$main_content = '';
+
+	$config['access_admin_panel'] = 2;
+	$group_id_of_acc_logged = 0;
+	if($logged && $account_logged)
+		$group_id_of_acc_logged = $account_logged->getGroupId();
+
+	$config['site'] = &$config;
+	$config['server'] = &$config['lua'];
+	$config['site']['shop_system'] = setting('core.gifts_system');
+	$config['site']['gallery_page'] = true;
+
+	if(!isset($config['vdarkborder']))
+		$config['vdarkborder'] = '#505050';
+	if(!isset($config['darkborder']))
+		$config['darkborder'] = '#D4C0A1';
+	if(!isset($config['lightborder']))
+		$config['lightborder'] = '#F1E0C6';
+
+	$config['site']['download_page'] = true;
+	$config['site']['serverinfo_page'] = true;
+	$config['site']['screenshot_page'] = true;
+
+	$forumSetting = setting('core.forum');
+	if($forumSetting != '')
+		$config['forum_link'] = (strtolower($forumSetting) === 'site' ? getLink('forum') : $forumSetting);
+
+	foreach($status as $key => $value)
+		$config['status']['serverStatus_' . $key] = $value;
+}
+
+require_once SYSTEM . 'router.php';
+
+// anonymous usage statistics
+// sent only when user agrees
+if(setting('core.anonymous_usage_statistics')) {
+	$report_time = 30 * 24 * 60 * 60; // report one time per 30 days
+	$should_report = true;
+
+	$value = '';
+	if($cache->enabled() && $cache->fetch('last_usage_report', $value)) {
+		$should_report = time() > (int)$value + $report_time;
+	}
+	else {
+		$value = '';
+		if(fetchDatabaseConfig('last_usage_report', $value)) {
+			$should_report = time() > (int)$value + $report_time;
+			if($cache->enabled()) {
+				$cache->set('last_usage_report', $value, 60 * 60);
+			}
+		}
+		else {
+			registerDatabaseConfig('last_usage_report', time() - ($report_time - (7 * 24 * 60 * 60))); // first report after a week
+			$should_report = false;
+		}
+	}
+
+	if($should_report) {
+		UsageStatistics::report();
+
+		updateDatabaseConfig('last_usage_report', time());
+		if($cache->enabled()) {
+			$cache->set('last_usage_report', time(), 60 * 60);
+		}
+	}
+}
+
+if(setting('core.views_counter'))
+	require_once SYSTEM . 'counter.php';
+
+if(setting('core.visitors_counter')) {
+	$visitors = new Visitors(setting('core.visitors_counter_ttl'));
+}
+
+/**
+ * @var OTS_Account $account_logged
+ */
+if ($logged && admin()) {
+	$content .= $twig->render('admin-bar.html.twig', [
+		'username' => USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()
+	]);
+}
+
+$title_full =  (isset($title) ? $title . ' - ' : '') . $config['lua']['serverName'];
+require $template_path . '/' . $template_index;
+
+echo base64_decode('PCEtLSBQb3dlcmVkIGJ5IE15QUFDIDo6IGh0dHBzOi8vd3d3Lm15LWFhYy5vcmcvIC0tPg==') . PHP_EOL;
+if(superAdmin()) {
+	echo '<!-- Generated in: ' . round(microtime(true) - START_TIME, 4) . 'ms -->';
+	echo PHP_EOL . '<!-- Queries done: ' . $db->queries() . ' -->';
+	if(function_exists('memory_get_peak_usage')) {
+		echo PHP_EOL . '<!-- Peak memory usage: ' . convert_bytes(memory_get_peak_usage(true)) . ' -->';
+	}
+}
+
+$hooks->trigger(HOOK_FINISH);

install/includes/config.php

@@ -26,6 +26,9 @@ if(!isset($error) || !$error) {
 		$config['database_type'] = $config['lua']['database_type'];
 	else if(isset($config['lua']['sql_type'])) // otserv
 		$config['database_type'] = $config['lua']['sql_type'];
+	else {
+		$config['database_type'] = '';
+	}
 
 	$config['database_type'] = strtolower($config['database_type']);
 	if(empty($config['database_type'])) {

install/includes/functions.php

@@ -2,9 +2,7 @@
 defined('MYAAC') or die('Direct access not allowed!');
 function query($query)
 {
-	global $error;
-
-	$db = app()->get('database');
+	global $db, $error;
 
 	try {
 		$db->query($query);

install/includes/schema.sql

@@ -2,34 +2,34 @@ SET @myaac_database_version = 43;
 
 CREATE TABLE `myaac_account_actions`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`account_id` INT(11) NOT NULL,
-	`ip` VARCHAR(45) NOT NULL DEFAULT '',
-	`date` INT(11) NOT NULL DEFAULT 0,
-	`action` VARCHAR(255) NOT NULL DEFAULT '',
+	`id` int NOT NULL AUTO_INCREMENT,
+	`account_id` int NOT NULL,
+	`ip` varchar(45) NOT NULL DEFAULT '',
+	`date` int NOT NULL DEFAULT 0,
+	`action` varchar(255) NOT NULL DEFAULT '',
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_admin_menu`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(255) NOT NULL DEFAULT '',
-	`page` VARCHAR(255) NOT NULL DEFAULT '',
-	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`flags` INT(11) NOT NULL DEFAULT 0,
-	`enabled` INT(1) NOT NULL DEFAULT 1,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`name` varchar(255) NOT NULL DEFAULT '',
+	`page` varchar(255) NOT NULL DEFAULT '',
+	`ordering` int NOT NULL DEFAULT 0,
+	`flags` int NOT NULL DEFAULT 0,
+	`enabled` int NOT NULL DEFAULT 1,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_changelog`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`body` VARCHAR(500) NOT NULL DEFAULT '',
-	`type` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - added, 2 - removed, 3 - changed, 4 - fixed',
-	`where` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - server, 2 - site',
-	`date` INT(11) NOT NULL DEFAULT 0,
-	`player_id` INT(11) NOT NULL DEFAULT 0,
-	`hide` TINYINT(1) NOT NULL DEFAULT 0,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`body` varchar(500) NOT NULL DEFAULT '',
+	`type` tinyint NOT NULL DEFAULT 0 COMMENT '1 - added, 2 - removed, 3 - changed, 4 - fixed',
+	`where` tinyint NOT NULL DEFAULT 0 COMMENT '1 - server, 2 - site',
+	`date` int NOT NULL DEFAULT 0,
+	`player_id` int NOT NULL DEFAULT 0,
+	`hide` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
@@ -37,9 +37,9 @@ INSERT INTO `myaac_changelog` (`id`, `type`, `where`, `date`, `body`, `hide`) VA
 
 CREATE TABLE `myaac_config`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(30) NOT NULL,
-	`value` VARCHAR(1000) NOT NULL,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`name` varchar(30) NOT NULL,
+	`value` varchar(1000) NOT NULL,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
@@ -48,24 +48,24 @@ INSERT INTO `myaac_config` (`name`, `value`) VALUES ('database_version', @myaac_
 
 CREATE TABLE `myaac_faq`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`question` VARCHAR(255) NOT NULL DEFAULT '',
-	`answer` VARCHAR(1020) NOT NULL DEFAULT '',
-	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`hide` TINYINT(1) NOT NULL DEFAULT 0,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`question` varchar(255) NOT NULL DEFAULT '',
+	`answer` varchar(1020) NOT NULL DEFAULT '',
+	`ordering` int NOT NULL DEFAULT 0,
+	`hide` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_forum_boards`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(32) NOT NULL,
-	`description` VARCHAR(255) NOT NULL DEFAULT '',
-	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`guild` INT(11) NOT NULL DEFAULT 0,
-	`access` INT(11) NOT NULL DEFAULT 0,
-	`closed` TINYINT(1) NOT NULL DEFAULT 0,
-	`hide` TINYINT(1) NOT NULL DEFAULT 0,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`name` varchar(32) NOT NULL,
+	`description` varchar(255) NOT NULL DEFAULT '',
+	`ordering` int NOT NULL DEFAULT 0,
+	`guild` int NOT NULL DEFAULT 0,
+	`access` int NOT NULL DEFAULT 0,
+	`closed` tinyint NOT NULL DEFAULT 0,
+	`hide` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`, `closed`) VALUES (NULL, 'News', 'News commenting', 0, 1);
@@ -76,100 +76,100 @@ INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUE
 
 CREATE TABLE `myaac_forum`
 (
-	`id` int(11) NOT NULL AUTO_INCREMENT,
-	`first_post` int(11) NOT NULL default '0',
-	`last_post` int(11) NOT NULL default '0',
-	`section` int(3) NOT NULL default '0',
-	`replies` int(20) NOT NULL default '0',
-	`views` int(20) NOT NULL default '0',
-	`author_aid` int(20) NOT NULL default '0',
-	`author_guid` int(20) NOT NULL default '0',
+	`id` int NOT NULL AUTO_INCREMENT,
+	`first_post` int NOT NULL DEFAULT 0,
+	`last_post` int NOT NULL DEFAULT 0,
+	`section` int NOT NULL DEFAULT 0,
+	`replies` int NOT NULL DEFAULT 0,
+	`views` int NOT NULL DEFAULT 0,
+	`author_aid` int NOT NULL DEFAULT 0,
+	`author_guid` int NOT NULL DEFAULT 0,
 	`post_text` text NOT NULL,
 	`post_topic` varchar(255) NOT NULL DEFAULT '',
-	`post_smile` tinyint(1) NOT NULL default '0',
-	`post_html` tinyint(1) NOT NULL default '0',
-	`post_date` int(20) NOT NULL default '0',
-	`last_edit_aid` int(20) NOT NULL default '0',
-	`edit_date` int(20) NOT NULL default '0',
-	`post_ip` varchar(45) NOT NULL default '0.0.0.0',
-	`sticked` tinyint(1) NOT NULL DEFAULT '0',
-	`closed` tinyint(1) NOT NULL DEFAULT '0',
+	`post_smile` tinyint NOT NULL DEFAULT 0,
+	`post_html` tinyint NOT NULL DEFAULT 0,
+	`post_date` int NOT NULL DEFAULT 0,
+	`last_edit_aid` int NOT NULL DEFAULT 0,
+	`edit_date` int NOT NULL DEFAULT 0,
+	`post_ip` varchar(45) NOT NULL DEFAULT '0.0.0.0',
+	`sticked` tinyint NOT NULL DEFAULT 0,
+	`closed` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	KEY `section` (`section`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_menu`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`template` VARCHAR(255) NOT NULL,
-	`name` VARCHAR(255) NOT NULL,
-	`link` VARCHAR(255) NOT NULL,
-	`blank` TINYINT(1) NOT NULL DEFAULT 0,
-	`color` VARCHAR(6) NOT NULL DEFAULT '',
-	`category` INT(11) NOT NULL DEFAULT 1,
-	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`enabled` INT(1) NOT NULL DEFAULT 1,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`template` varchar(255) NOT NULL,
+	`name` varchar(255) NOT NULL,
+	`link` varchar(255) NOT NULL,
+	`blank` tinyint NOT NULL DEFAULT 0,
+	`color` varchar(6) NOT NULL DEFAULT '',
+	`category` int NOT NULL DEFAULT 1,
+	`ordering` int NOT NULL DEFAULT 0,
+	`enabled` int NOT NULL DEFAULT 1,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_monsters` (
-	`id` int(11) NOT NULL AUTO_INCREMENT,
-	`hide` tinyint(1) NOT NULL default 0,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`hide` tinyint NOT NULL DEFAULT 0,
 	`name` varchar(255) NOT NULL,
-	`mana` int(11) NOT NULL DEFAULT 0,
-	`exp` int(11) NOT NULL,
-	`health` int(11) NOT NULL,
-	`look` VARCHAR(255) NOT NULL DEFAULT '',
-	`speed_lvl` int(11) NOT NULL default 1,
-	`use_haste` tinyint(1) NOT NULL,
+	`mana` int NOT NULL DEFAULT 0,
+	`exp` int NOT NULL,
+	`health` int NOT NULL,
+	`look` varchar(255) NOT NULL DEFAULT '',
+	`speed_lvl` int NOT NULL DEFAULT 1,
+	`use_haste` tinyint NOT NULL,
 	`voices` text NOT NULL,
 	`immunities` varchar(255) NOT NULL,
-	`elements` TEXT NOT NULL,
-	`summonable` tinyint(1) NOT NULL,
-	`convinceable` tinyint(1) NOT NULL,
-	`pushable` TINYINT(1) NOT NULL DEFAULT '0',
-	`canpushitems` TINYINT(1) NOT NULL DEFAULT '0',
-	`canwalkonenergy` TINYINT(1) NOT NULL DEFAULT '0',
-	`canwalkonpoison` TINYINT(1) NOT NULL DEFAULT '0',
-	`canwalkonfire` TINYINT(1) NOT NULL DEFAULT '0',
-	`runonhealth` TINYINT(1) NOT NULL DEFAULT '0',
-	`hostile` TINYINT(1) NOT NULL DEFAULT '0',
-	`attackable` TINYINT(1) NOT NULL DEFAULT '0',
-	`rewardboss` TINYINT(1) NOT NULL DEFAULT '0',
-	`defense` INT(11) NOT NULL DEFAULT '0',
-	`armor` INT(11) NOT NULL DEFAULT '0',
-	`canpushcreatures` TINYINT(1) NOT NULL DEFAULT '0',
+	`elements` text NOT NULL,
+	`summonable` tinyint NOT NULL,
+	`convinceable` tinyint NOT NULL,
+	`pushable` tinyint NOT NULL DEFAULT 0,
+	`canpushitems` tinyint NOT NULL DEFAULT 0,
+	`canwalkonenergy` tinyint NOT NULL DEFAULT 0,
+	`canwalkonpoison` tinyint NOT NULL DEFAULT 0,
+	`canwalkonfire` tinyint NOT NULL DEFAULT 0,
+	`runonhealth` tinyint NOT NULL DEFAULT 0,
+	`hostile` tinyint NOT NULL DEFAULT 0,
+	`attackable` tinyint NOT NULL DEFAULT 0,
+	`rewardboss` tinyint NOT NULL DEFAULT 0,
+	`defense` int NOT NULL DEFAULT 0,
+	`armor` int NOT NULL DEFAULT 0,
+	`canpushcreatures` tinyint NOT NULL DEFAULT 0,
 	`race` varchar(255) NOT NULL,
 	`loot` text NOT NULL,
-	`summons` TEXT NOT NULL,
+	`summons` text NOT NULL,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_news`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`title` VARCHAR(100) NOT NULL,
-	`body` TEXT NOT NULL,
-	`type` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - news, 2 - ticker, 3 - article',
-	`date` INT(11) NOT NULL DEFAULT 0,
-	`category` TINYINT(1) NOT NULL DEFAULT 0,
-	`player_id` INT(11) NOT NULL DEFAULT 0,
-	`last_modified_by` INT(11) NOT NULL DEFAULT 0,
-	`last_modified_date` INT(11) NOT NULL DEFAULT 0,
-	`comments` VARCHAR(50) NOT NULL DEFAULT '',
-	`article_text` VARCHAR(300) NOT NULL DEFAULT '',
-	`article_image` VARCHAR(100) NOT NULL DEFAULT '',
-	`hide` TINYINT(1) NOT NULL DEFAULT 0,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`title` varchar(100) NOT NULL,
+	`body` text NOT NULL,
+	`type` tinyint NOT NULL DEFAULT 0 COMMENT '1 - news, 2 - ticker, 3 - article',
+	`date` int NOT NULL DEFAULT 0,
+	`category` tinyint NOT NULL DEFAULT 0,
+	`player_id` int NOT NULL DEFAULT 0,
+	`last_modified_by` int NOT NULL DEFAULT 0,
+	`last_modified_date` int NOT NULL DEFAULT 0,
+	`comments` varchar(50) NOT NULL DEFAULT '',
+	`article_text` varchar(300) NOT NULL DEFAULT '',
+	`article_image` varchar(100) NOT NULL DEFAULT '',
+	`hide` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_news_categories`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(50) NOT NULL DEFAULT "",
-	`description` VARCHAR(50) NOT NULL DEFAULT "",
-	`icon_id` INT(2) NOT NULL DEFAULT 0,
-	`hide` TINYINT(1) NOT NULL DEFAULT 0,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`name` varchar(50) NOT NULL DEFAULT "",
+	`description` varchar(50) NOT NULL DEFAULT "",
+	`icon_id` int NOT NULL DEFAULT 0,
+	`hide` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
@@ -181,39 +181,39 @@ INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 4);
 
 CREATE TABLE `myaac_notepad`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`account_id` INT(11) NOT NULL,
-	/*`name` VARCHAR(30) NOT NULL,*/
-	`content` TEXT NOT NULL,
-	/*`public` TINYINT(1) NOT NULL DEFAULT 0*/
+	`id` int NOT NULL AUTO_INCREMENT,
+	`account_id` int NOT NULL,
+	/*`name` varchar(30) NOT NULL,*/
+	`content` text NOT NULL,
+	/*`public` tinyint NOT NULL DEFAULT 0*/
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_pages`
 (
 	`id` INT NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(30) NOT NULL,
-	`title` VARCHAR(30) NOT NULL,
-	`body` TEXT NOT NULL,
-	`date` INT(11) NOT NULL DEFAULT 0,
-	`player_id` INT(11) NOT NULL DEFAULT 0,
-	`php` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '0 - plain html, 1 - php',
-	`enable_tinymce` TINYINT(1) NOT NULL DEFAULT 1 COMMENT '1 - enabled, 0 - disabled',
-	`access` TINYINT(2) NOT NULL DEFAULT 0,
-	`hide` TINYINT(1) NOT NULL DEFAULT 0,
+	`name` varchar(30) NOT NULL,
+	`title` varchar(30) NOT NULL,
+	`body` text NOT NULL,
+	`date` int NOT NULL DEFAULT 0,
+	`player_id` int NOT NULL DEFAULT 0,
+	`php` tinyint NOT NULL DEFAULT 0 COMMENT '0 - plain html, 1 - php',
+	`enable_tinymce` tinyint NOT NULL DEFAULT 1 COMMENT '1 - enabled, 0 - disabled',
+	`access` tinyint NOT NULL DEFAULT 0,
+	`hide` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_gallery`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`comment` VARCHAR(255) NOT NULL DEFAULT '',
-	`image` VARCHAR(255) NOT NULL,
-	`thumb` VARCHAR(255) NOT NULL,
-	`author` VARCHAR(50) NOT NULL DEFAULT '',
-	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`hide` TINYINT(1) NOT NULL DEFAULT 0,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`comment` varchar(255) NOT NULL DEFAULT '',
+	`image` varchar(255) NOT NULL,
+	`thumb` varchar(255) NOT NULL,
+	`author` varchar(50) NOT NULL DEFAULT '',
+	`ordering` int NOT NULL DEFAULT 0,
+	`hide` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
@@ -221,51 +221,51 @@ INSERT INTO `myaac_gallery` (`id`, `ordering`, `comment`, `image`, `thumb`, `aut
 
 CREATE TABLE `myaac_settings`
 (
-	`id` int(11) NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(255) NOT NULL DEFAULT '',
-	`key` VARCHAR(255) NOT NULL DEFAULT '',
-	`value` TEXT NOT NULL,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`name` varchar(255) NOT NULL DEFAULT '',
+	`key` varchar(255) NOT NULL DEFAULT '',
+	`value` text NOT NULL,
 	PRIMARY KEY (`id`),
 	KEY `key` (`key`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_spells`
 (
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`spell` VARCHAR(255) NOT NULL DEFAULT '',
-	`name` VARCHAR(255) NOT NULL,
-	`words` VARCHAR(255) NOT NULL DEFAULT '',
-	`category` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - attack, 2 - healing, 3 - summon, 4 - supply, 5 - support',
-	`type` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - instant, 2 - conjure, 3 - rune',
-	`level` INT(11) NOT NULL DEFAULT 0,
-	`maglevel` INT(11) NOT NULL DEFAULT 0,
-	`mana` INT(11) NOT NULL DEFAULT 0,
-	`soul` TINYINT(3) NOT NULL DEFAULT 0,
-	`conjure_id` INT(11) NOT NULL DEFAULT 0,
-	`conjure_count` TINYINT(3) NOT NULL DEFAULT 0,
-	`reagent` INT(11) NOT NULL DEFAULT 0,
-	`item_id` INT(11) NOT NULL DEFAULT 0,
-	`premium` TINYINT(1) NOT NULL DEFAULT 0,
-	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
-	`hide` TINYINT(1) NOT NULL DEFAULT 0,
+	`id` int NOT NULL AUTO_INCREMENT,
+	`spell` varchar(255) NOT NULL DEFAULT '',
+	`name` varchar(255) NOT NULL,
+	`words` varchar(255) NOT NULL DEFAULT '',
+	`category` tinyint NOT NULL DEFAULT 0 COMMENT '1 - attack, 2 - healing, 3 - summon, 4 - supply, 5 - support',
+	`type` tinyint NOT NULL DEFAULT 0 COMMENT '1 - instant, 2 - conjure, 3 - rune',
+	`level` int NOT NULL DEFAULT 0,
+	`maglevel` int NOT NULL DEFAULT 0,
+	`mana` int NOT NULL DEFAULT 0,
+	`soul` tinyint NOT NULL DEFAULT 0,
+	`conjure_id` int NOT NULL DEFAULT 0,
+	`conjure_count` tinyint NOT NULL DEFAULT 0,
+	`reagent` int NOT NULL DEFAULT 0,
+	`item_id` int NOT NULL DEFAULT 0,
+	`premium` tinyint NOT NULL DEFAULT 0,
+	`vocations` varchar(100) NOT NULL DEFAULT '',
+	`hide` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_visitors`
 (
-	`ip` VARCHAR(45) NOT NULL,
-	`lastvisit` INT(11) NOT NULL DEFAULT 0,
-	`page` VARCHAR(2048) NOT NULL,
-	`user_agent` VARCHAR(255) NOT NULL DEFAULT '',
+	`ip` varchar(45) NOT NULL,
+	`lastvisit` int NOT NULL DEFAULT 0,
+	`page` varchar(2048) NOT NULL,
+	`user_agent` varchar(255) NOT NULL DEFAULT '',
 	UNIQUE (`ip`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_weapons`
 (
-	`id` INT(11) NOT NULL,
-	`level` INT(11) NOT NULL DEFAULT 0,
-	`maglevel` INT(11) NOT NULL DEFAULT 0,
-	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
+	`id` int NOT NULL,
+	`level` int NOT NULL DEFAULT 0,
+	`maglevel` int NOT NULL DEFAULT 0,
+	`vocations` varchar(100) NOT NULL DEFAULT '',
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;

install/steps/7-finish.php

@@ -12,7 +12,7 @@ if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['save
 	return;
 }
 
-$cache = app()->get('cache');
+$cache = Cache::getInstance();
 if ($cache->enabled()) {
 	// clear plugin_hooks to have fresh hooks
 	$cache->delete('plugins_hooks');
@@ -58,7 +58,7 @@ if ($db->hasTable('players')) {
 		$player_used = &$player_db;
 	}
 
-	$groups = app()->get('groups');
+	$groups = new OTS_Groups_List();
 	$player_used->setGroupId($groups->getHighestId());
 }
 

install/tools/7-finish.php

@@ -33,9 +33,7 @@ if ($db->hasTable('players')) {
 	$time = time();
 	function insert_sample_if_not_exist($p)
 	{
-		global $success, $deleted, $time;
-
-		$db = app()->get('database');
+		global $db, $success, $deleted, $time;
 
 		$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote($p['name']));
 		if ($query->rowCount() == 0) {
@@ -56,12 +54,13 @@ if ($db->hasTable('players')) {
 	}
 }
 
-Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
-Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
-
 DataLoader::setLocale($locale);
 DataLoader::load();
 
+// add menus entries
+require_once SYSTEM . 'migrations/17.php';
+$up();
+
 // update config.highscores_ids_hidden
 require_once SYSTEM . 'migrations/20.php';
 $up();

login.php

@@ -86,7 +86,7 @@ switch ($action) {
 		die(json_encode(['eventlist' => $eventlist, 'lastupdatetimestamp' => time()]));
 
 	case 'boostedcreature':
-		$boostedCreature = BoostedCreature::latest();
+		$boostedCreature = BoostedCreature::first();
 		die(json_encode([
 			'boostedcreature' => true,
 			'raceid' => $boostedCreature->raceid

nginx-sample.conf

@@ -1,6 +1,6 @@
 server {
 	listen 80;
-	root /home/otserv/www/public;
+	root /var/www/html;
 	index index.php;
 	server_name your-domain.com;
 
@@ -14,7 +14,7 @@ server {
 
 	# block .htaccess, CHANGELOG.md, composer.json etc.
 	# this is to prevent finding software versions
-	location ~\.(ht|md|json|dist)$ {
+	location ~\.(ht|md|json|dist|sql)$ {
 		deny all;
 	}
 

plugins/example.json

@@ -46,8 +46,10 @@
 	"settings": "plugins/your-plugin-folder/settings.php",
 	"autoload": {
 		"pages": true,
-		"pagesSubFolders": false,
+		"pages-sub-folders": false,
 		"commands": true,
-		"themes": true
+		"themes": true,
+		"admin-pages": true,
+		"admin-pages-sub-folders": true,
 	}
  }

system/compat/base.php

@@ -9,6 +9,68 @@
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
-function getCreatureImgPath($creature): string {
-	return getMonsterImgPath($creature);
+class Validator extends \MyAAC\Validator {}
+
+function check_name($name, &$errors = '') {
+	if(Validator::characterName($name))
+		return true;
+
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function check_account_id($id, &$errors = '') {
+	if(Validator::accountId($id))
+		return true;
+
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function check_account_name($name, &$errors = '') {
+	if(Validator::accountName($name))
+		return true;
+
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function check_name_new_char($name, &$errors = '') {
+	if(Validator::newCharacterName($name))
+		return true;
+
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function check_rank_name($name, &$errors = '') {
+	if(Validator::rankName($name))
+		return true;
+
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function check_guild_name($name, &$errors = '') {
+	if(Validator::guildName($name))
+		return true;
+
+	$errors = Validator::getLastError();
+	return false;
+}
+
+function news_place() {
+	return tickers();
+}
+
+function tableExist($table)
+{
+	global $db;
+	return $db->hasTable($table);
+}
+
+function fieldExist($field, $table)
+{
+	global $db;
+	return $db->hasColumn($table, $field);
 }

system/compat/classes.php

@@ -38,4 +38,3 @@ class GuildRank extends OTS_GuildRank {}
 class House extends OTS_House {}
 
 class Cache extends \MyAAC\Cache\Cache {}
-class Validator extends \MyAAC\Validator {}

system/compat/pages.php

@@ -0,0 +1,60 @@
+<?php
+/**
+ * Compat pages (backward support for Gesior AAC)
+ *
+ * @package   MyAAC
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2019 MyAAC
+ * @link      https://my-aac.org
+ */
+defined('MYAAC') or die('Direct access not allowed!');
+switch($page)
+{
+	case 'adminpanel':
+		header('Location: ' . ADMIN_URL);
+		die;
+
+	case 'createaccount':
+		$page = 'account/create';
+		break;
+
+	case 'accountmanagement':
+		$page = 'account/manage';
+		break;
+
+	case 'lostaccount':
+		$page = 'account/lost';
+		break;
+
+	case 'whoisonline':
+		$page = 'online';
+		break;
+
+	case 'latestnews':
+		$page = 'news';
+		break;
+
+	case 'archive':
+	case 'newsarchive':
+		$page = 'news/archive';
+		break;
+
+	case 'tibiarules':
+		$page = 'rules';
+		break;
+
+	case 'killstatistics':
+		$page = 'last-kills';
+		break;
+
+	case 'buypoints':
+		$page = 'points';
+		break;
+
+	case 'shopsystem':
+		$page = 'gifts';
+		break;
+
+	default:
+		break;
+}

system/counter.php

@@ -15,7 +15,7 @@ define('COUNTER_SYNC', 10); // how often counter is synchronized with database (
 
 $views_counter = 1; // default value, must be here!
 
-$cache = app()->get('cache');
+$cache = Cache::getInstance();
 if($cache->enabled())
 {
 	$value = 0;

system/database.php

@@ -0,0 +1,141 @@
+<?php
+/**
+ * Database connection
+ *
+ * @package   MyAAC
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2019 MyAAC
+ * @link      https://my-aac.org
+ */
+
+use Illuminate\Database\Capsule\Manager as Capsule;
+
+defined('MYAAC') or die('Direct access not allowed!');
+
+if (!isset($config['database_overwrite'])) {
+	$config['database_overwrite'] = false;
+}
+
+if(!$config['database_overwrite'] && !isset($config['database_user'][0], $config['database_password'][0], $config['database_name'][0]))
+{
+	if(isset($config['lua']['sqlType'])) {// tfs 0.3
+		if(isset($config['lua']['mysqlHost'])) {// tfs 0.2
+			$config['otserv_version'] = TFS_02;
+			$config['database_type'] = 'mysql';
+			$config['database_host'] = $config['lua']['mysqlHost'];
+			$config['database_port'] = $config['lua']['mysqlPort'];
+			$config['database_user'] = $config['lua']['mysqlUser'];
+			$config['database_password'] = $config['lua']['mysqlPass'];
+			$config['database_name'] = $config['lua']['mysqlDatabase'];
+			$config['database_encryption'] = $config['lua']['passwordType'];
+		}
+		else {
+			$config['otserv_version'] = TFS_03;
+			$config['database_type'] = $config['lua']['sqlType'];
+			$config['database_host'] = $config['lua']['sqlHost'];
+			$config['database_port'] = $config['lua']['sqlPort'];
+			$config['database_user'] = $config['lua']['sqlUser'];
+			$config['database_password'] = $config['lua']['sqlPass'];
+			$config['database_name'] = $config['lua']['sqlDatabase'];
+
+			$config['database_encryption'] = $config['lua']['encryptionType'];
+			if(!isset($config['database_encryption']) || empty($config['database_encryption'])) // before 0.3.6
+				$config['database_encryption'] = $config['lua']['passwordType'];
+		}
+	}
+	else if(isset($config['lua']['mysqlHost'])) // tfs 1.0
+	{
+		$config['otserv_version'] = TFS_02;
+		$config['database_type'] = 'mysql';
+		$config['database_host'] = $config['lua']['mysqlHost'];
+		$config['database_port'] = $config['lua']['mysqlPort'];
+		$config['database_user'] = $config['lua']['mysqlUser'];
+		$config['database_password'] = $config['lua']['mysqlPass'];
+		$config['database_name'] = $config['lua']['mysqlDatabase'];
+		if(!isset($config['database_socket'][0])) {
+			$config['database_socket'] = isset($config['lua']['mysqlSock']) ? trim($config['lua']['mysqlSock']) : '';
+		}
+		$config['database_encryption'] = 'sha1';
+	}
+	else if(isset($config['lua']['database_type'])) // otserv
+	{
+		$config['otserv_version'] = OTSERV;
+		$config['database_type'] = $config['lua']['database_type'];
+		$config['database_host'] = $config['lua']['database_host'];
+		$config['database_port'] = $config['lua']['database_port'];
+		$config['database_user'] = $config['lua']['database_username'];
+		$config['database_password'] = $config['lua']['database_password'];
+		$config['database_name'] = $config['lua']['database_schema'];
+		$config['database_encryption'] = isset($config['lua']['passwordtype']) ? $config['lua']['passwordtype'] : $config['lua']['password_type'];
+		$config['database_salt'] = isset($config['lua']['passwordsalt']) ? $config['lua']['passwordsalt'] : $config['lua']['password_salt'];
+	}
+	else if(isset($config['lua']['sql_host'])) // otserv 0.6.3 / 0.6.4
+	{
+		$config['otserv_version'] = OTSERV_06;
+		$config['database_type'] = $config['lua']['sql_type'];
+		$config['database_host'] = $config['lua']['sql_host'];
+		$config['database_port'] = $config['lua']['sql_port'];
+		$config['database_user'] = $config['lua']['sql_user'];
+		$config['database_password'] = $config['lua']['sql_pass'];
+		$config['database_name'] = $config['lua']['sql_db'];
+		$config['database_encryption'] = isset($config['lua']['passwordtype']) ? $config['lua']['passwordtype'] : $config['lua']['password_type'];
+		$config['database_salt'] = isset($config['lua']['passwordsalt']) ? $config['lua']['passwordsalt'] : $config['lua']['password_salt'];
+	}
+}
+
+if(isset($config['lua']['useMD5Passwords']) && getBoolean($config['lua']['useMD5Passwords']))
+	$config['database_encryption'] = 'md5';
+
+if(!isset($config['database_log'])) {
+	$config['database_log'] = false;
+}
+
+if(!isset($config['database_socket'])) {
+	$config['database_socket'] = '';
+}
+
+
+try {
+	$ots->connect(array(
+		'host' => $config['database_host'],
+		'user' => $config['database_user'],
+		'password' => $config['database_password'],
+		'database' => $config['database_name'],
+		'log' => $config['database_log'],
+		'socket' => @$config['database_socket'],
+		'persistent' => @$config['database_persistent']
+	));
+
+	global $db;
+	$db = POT::getInstance()->getDBHandle();
+	$capsule = new Capsule;
+	$capsule->addConnection([
+		'driver' => 'mysql',
+		'database' => $config['database_name'],
+	]);
+
+	$capsule->getConnection()->setPdo($db);
+	$capsule->getConnection()->setReadPdo($db);
+
+	$capsule->setAsGlobal();
+	$capsule->bootEloquent();
+
+	$eloquentConnection = $capsule->getConnection();
+
+} catch (Exception $e) {
+	if(isset($cache) && $cache->enabled()) {
+		$cache->delete('config_lua');
+	}
+
+	if(defined('MYAAC_INSTALL')) {
+		$error = $e->getMessage();
+		return; // installer will take care of this
+	}
+
+	throw new RuntimeException('ERROR: Cannot connect to MySQL database.<br/>' .
+		'Possible reasons:' .
+		'<ul>' .
+			'<li>MySQL is not configured propertly in <i>config.lua</i>.</li>' .
+			'<li>MySQL server is not running.</li>' .
+		'</ul>' . $e->getMessage());
+}

system/functions.php

@@ -9,7 +9,6 @@
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
-use MyAAC\App\App;
 use MyAAC\Cache\Cache;
 use MyAAC\CsrfToken;
 use MyAAC\Items;
@@ -275,10 +274,7 @@ function generateRandomString($length, $lowCase = true, $upCase = false, $numeri
  */
 function getForumBoards()
 {
-	global $canEdit;
-
-	$db = app()->get('database');
-
+	global $db, $canEdit;
 	$sections = $db->query('SELECT `id`, `name`, `description`, `closed`, `guild`, `access`' . ($canEdit ? ', `hide`, `ordering`' : '') . ' FROM `' . TABLE_PREFIX . 'forum_boards` ' . (!$canEdit ? ' WHERE `hide` != 1' : '') .
 		' ORDER BY `ordering`;');
 	if($sections)
@@ -354,12 +350,13 @@ function updateDatabaseConfig($name, $value)
  */
 function encrypt($str)
 {
-	$configDatabaseSalt = config('database_salt');
-	if(isset($configDatabaseSalt)) // otserv
-		$str .= $configDatabaseSalt;
+	global $config;
+	if(isset($config['database_salt'])) // otserv
+		$str .= $config['database_salt'];
 
-	$encryptionType = config('database_encryption');
-	if(isset($encryptionType) && strtolower($encryptionType) !== 'plain') {
+	$encryptionType = $config['database_encryption'];
+	if(isset($encryptionType) && strtolower($encryptionType) !== 'plain')
+	{
 		if($encryptionType === 'vahash')
 			return base64_encode(hash('sha256', $str));
 
@@ -435,7 +432,7 @@ function delete_guild($id)
 	if(count($rank_list) > 0) {
 		$rank_list->orderBy('level');
 
-		$db = app()->get('database');
+		global $db;
 		/**
 		 * @var OTS_GuildRank $rank_in_guild
 		 */
@@ -497,11 +494,9 @@ function tickers()
  */
 function template_place_holder($type): string
 {
-	global $template_place_holders, $debugBar;
+	global $twig, $template_place_holders, $debugBar;
 	$ret = '';
 
-	$twig = app()->get('twig');
-
 	if (isset($debugBar)) {
 		$debugBarRenderer = $debugBar->getJavascriptRenderer();
 	}
@@ -533,11 +528,9 @@ function template_place_holder($type): string
  */
 function template_header($is_admin = false): string
 {
-	global $title_full;
+	global $title_full, $twig;
 	$charset = setting('core.charset') ?? 'utf-8';
 
-	$twig = app()->get('twig');
-
 	return $twig->render('templates.header.html.twig',
 		[
 			'charset' => $charset,
@@ -581,15 +574,15 @@ function template_footer(): string
 	// please respect my work and help spreading the word, thanks!
 	$footer[] = base64_decode('UG93ZXJlZCBieSA8YSBocmVmPSJodHRwOi8vbXktYWFjLm9yZyIgdGFyZ2V0PSJfYmxhbmsiPk15QUFDLjwvYT4=');
 
-	$hooks = app()->get('hooks');
-	$footer = $hooks->triggerFilter(HOOK_FILTER_THEME_FOOTER, $footer);
+	global $hooks;
+	$hooks->triggerFilter(HOOK_FILTER_THEME_FOOTER, $footer);
 
 	return implode('<br/>', $footer);
 }
 
 function template_ga_code()
 {
-	$twig = app()->get('twig');
+	global $twig;
 	if(!isset(setting('core.google_analytics_id')[0]))
 		return '';
 
@@ -608,12 +601,14 @@ function template_form()
 	foreach($templates as $value)
 		$options .= '<option ' . ($template_name == $value ? 'SELECTED' : '') . '>' . $value . '</option>';
 
-	$twig = app()->get('twig');
+	global $twig;
 	return $twig->render('forms.change_template.html.twig', ['options' => $options]);
 }
 
-function getStyle($i) {
-	return is_int($i / 2) ? config('darkborder') : config('lightborder');
+function getStyle($i)
+{
+	global $config;
+	return is_int($i / 2) ? $config['darkborder'] : $config['lightborder'];
 }
 
 $vowels = array('e', 'y', 'u', 'i', 'o', 'a');
@@ -723,20 +718,13 @@ function getSkillName($skillId, $suffix = true)
 	return 'unknown';
 }
 
-function logged(): bool {
-	return app()->isLoggedIn();
-}
-
-function accountLogged(): OTS_Account {
-	$loggedAccount = app()->getAccountLogged();
-	return $loggedAccount ?? new OTS_Account();
-}
 /**
  * Performs flag check on the current logged in user.
  * Table in database: accounts, field: website_flags
  */
 function hasFlag(int $flag): bool {
-	return (logged() && (accountLogged()->getWebFlags() & $flag) == $flag);
+	global $logged, $logged_flags;
+	return ($logged && ($logged_flags & $flag) == $flag);
 }
 /**
  * Check if current logged user have got admin flag set.
@@ -879,7 +867,7 @@ function getWorldName($id)
  */
 function _mail($to, $subject, $body, $altBody = '', $add_html_tags = true)
 {
-	global $mailer;
+	global $mailer, $config;
 
 	if (!setting('core.mail_enabled')) {
 		log_append('mailer-error.log', '_mail() function has been used, but Mail Support is disabled.');
@@ -931,7 +919,7 @@ function _mail($to, $subject, $body, $altBody = '', $add_html_tags = true)
 	$mailer->From = setting('core.mail_address');
 	$mailer->Sender = setting('core.mail_address');
 	$mailer->CharSet = 'utf-8';
-	$mailer->FromName = configLua('serverName');
+	$mailer->FromName = $config['lua']['serverName'];
 	$mailer->Subject = $subject;
 	$mailer->addAddress($to);
 	$mailer->Body = $tmp_body;
@@ -1030,12 +1018,19 @@ function load_config_lua($filename)
 					}
 					else
 					{
-						foreach($result as $tmp_key => $tmp_value) // load values defined by other keys, like: dailyFragsToBlackSkull = dailyFragsToRedSkull
+						foreach($result as $tmp_key => $tmp_value) { // load values defined by other keys, like: dailyFragsToBlackSkull = dailyFragsToRedSkull
 							$value = str_replace($tmp_key, $tmp_value, $value);
-						$ret = @eval("return $value;");
-						if((string) $ret == '' && trim($value) !== '""') // = parser error
-						{
-							throw new RuntimeException('ERROR: Loading config.lua file. Line <b>' . ($ln + 1) . '</b> of LUA config file is not valid [key: <b>' . $key . '</b>]');
+						}
+
+						try {
+							$ret = eval("return $value;");
+						}
+						catch (Throwable $e) {
+							throw new RuntimeException('ERROR: Loading config.lua file. Line: ' . ($ln + 1) . ' - Unable to parse value "' . $value . '" - ' . $e->getMessage());
+						}
+
+						if((string) $ret == '' && trim($value) !== '""') {
+							throw new RuntimeException('ERROR: Loading config.lua file. Line ' . ($ln + 1) . ' is not valid [key: ' . $key . ']');
 						}
 						$result[$key] = $ret;
 					}
@@ -1123,7 +1118,7 @@ function csrfProtect(): void
 }
 
 function getTopPlayers($limit = 5, $skill = 'level') {
-	$db = app()->get('database');
+	global $db;
 
 	if ($skill === 'level') {
 		$skill = 'experience';
@@ -1228,7 +1223,7 @@ function clearCache()
 {
 	News::clearCache();
 
-	$cache = app()->get('cache');
+	$cache = Cache::getInstance();
 	if($cache->enabled()) {
 		$keysToClear = [
 			'status', 'templates',
@@ -1266,7 +1261,7 @@ function clearCache()
 			}
 		}
 
-		$db = app()->get('database');
+		global $db;
 		$db->setClearCacheAfter(true);
 	}
 
@@ -1278,7 +1273,7 @@ function clearCache()
 	// routes cache
 	clearRouteCache();
 
-	$hooks = app()->get('hooks');
+	global $hooks;
 	$hooks->trigger(HOOK_CACHE_CLEAR, ['cache' => Cache::getInstance()]);
 
 	return true;
@@ -1294,8 +1289,7 @@ function clearRouteCache(): void
 
 function getCustomPageInfo($name)
 {
-	$logged_access = logged() ? accountLogged()->getAccess() : 0;
-
+	global $logged_access;
 	$page = Pages::isPublic()
 		->where('name', 'LIKE', $name)
 		->where('access', '<=', $logged_access)
@@ -1309,9 +1303,7 @@ function getCustomPageInfo($name)
 }
 function getCustomPage($name, &$success): string
 {
-	global $title, $ignore;
-
-	$twig = app()->get('twig');
+	global $twig, $title, $ignore;
 
 	$success = false;
 	$content = '';
@@ -1335,6 +1327,9 @@ function getCustomPage($name, &$success): string
 				$tmp = $page['body'];
 
 			global $config;
+			if(setting('core.backward_support')) {
+				global $SQL, $main_content, $subtopic;
+			}
 
 			ob_start();
 			eval($tmp);
@@ -1525,7 +1520,8 @@ function verify_number($number, $name, $max_length)
 
 function Outfits_loadfromXML()
 {
-	$file_path = config('data_path') . 'XML/outfits.xml';
+	global $config;
+	$file_path = $config['data_path'] . 'XML/outfits.xml';
 	if (!file_exists($file_path)) {	return null; }
 
 	$xml = new DOMDocument;
@@ -1550,7 +1546,8 @@ function Outfits_loadfromXML()
 
 function Mounts_loadfromXML()
 {
-	$file_path = config('data_path') . 'XML/mounts.xml';
+	global $config;
+	$file_path = $config['data_path'] . 'XML/mounts.xml';
 	if (!file_exists($file_path)) {	return null; }
 
 	$xml = new DOMDocument;
@@ -1581,22 +1578,6 @@ function right($str, $length) {
 	return substr($str, -$length);
 }
 
-function getMonsterImgPath($monster): string
-{
-	$monster_path = setting('core.monsters_images_url');
-	$monster_gfx_name = trim(strtolower($monster)) . setting('core.monsters_images_extension');
-	if (!file_exists($monster_path . $monster_gfx_name)) {
-		$monster_gfx_name = str_replace(" ", "", $monster_gfx_name);
-		if (file_exists($monster_path . $monster_gfx_name)) {
-			return $monster_path . $monster_gfx_name;
-		} else {
-			return $monster_path . 'nophoto.png';
-		}
-	} else {
-		return $monster_path . $monster_gfx_name;
-	}
-}
-
 function between($x, $lim1, $lim2) {
 	if ($lim1 < $lim2) {
 		$lower = $lim1; $upper = $lim2;
@@ -1673,10 +1654,8 @@ function getGuildLogoById($id)
 	return BASE_URL . GUILD_IMAGES_DIR . $logo;
 }
 
-function displayErrorBoxWithBackButton($errors, $action = null)
-{
-	$twig = app()->get('twig');
-
+function displayErrorBoxWithBackButton($errors, $action = null) {
+	global $twig;
 	$twig->display('error_box.html.twig', ['errors' => $errors]);
 	$twig->display('account.back_button.html.twig', [
 		'action' => $action ?: getLink('')
@@ -1703,15 +1682,6 @@ function getAccountIdentityColumn(): string
 	return 'id';
 }
 
-function app() {
-	static $__app;
-	if (!isset($__app)) {
-		$__app = new App();
-	}
-
-	return $__app;
-}
-
 // validator functions
 require_once SYSTEM . 'compat/base.php';
 

system/init.php

@@ -17,8 +17,8 @@ use MyAAC\Settings;
 
 defined('MYAAC') or die('Direct access not allowed!');
 
-$configInstalled = config('installed');
-if(!isset($configInstalled) || !$configInstalled) {
+global $config;
+if(!isset($config['installed']) || !$config['installed']) {
 	throw new RuntimeException('MyAAC has not been installed yet or there was error during installation. Please install again.');
 }
 
@@ -30,28 +30,32 @@ if (config('env') === 'dev' || getBoolean(config('enable_debugbar'))) {
 	$debugBar = new StandardDebugBar();
 }
 
-$configServerPath = config('server_path');
-if(empty($configServerPath)) {
+if(empty($config['server_path'])) {
 	throw new RuntimeException('Server Path has been not set. Go to config.php and set it.');
 }
 
 // take care of trailing slash at the end
-if($configServerPath[strlen($configServerPath) - 1] !== '/') {
-	config(['server_path', $configServerPath . '/']);
-}
+if($config['server_path'][strlen($config['server_path']) - 1] !== '/')
+	$config['server_path'] .= '/';
 
 // enable gzip compression if supported by the browser
 if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && str_contains($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') && function_exists('ob_gzhandler'))
 	ob_start('ob_gzhandler');
 
+// cache
+global $cache;
+$cache = Cache::getInstance();
+
 // event system
-$hooks = app()->get('hooks');
+global $hooks;
+$hooks = new Hooks();
+$hooks->load();
+$hooks->trigger(HOOK_INIT);
 
 // twig
 require_once SYSTEM . 'twig.php';
 
 // action, used by many pages
-global $action;
 $action = $_REQUEST['action'] ?? '';
 define('ACTION', $action);
 
@@ -77,11 +81,9 @@ foreach($_REQUEST as $var => $value) {
 
 // load otserv config file
 $config_lua_reload = true;
-global $cache;
-$cache = app()->get('cache');
 if($cache->enabled()) {
 	$tmp = null;
-	if($cache->fetch('server_path', $tmp) && $tmp == config('server_path')) {
+	if($cache->fetch('server_path', $tmp) && $tmp == $config['server_path']) {
 		$tmp = null;
 		if($cache->fetch('config_lua', $tmp) && $tmp) {
 			$config['lua'] = unserialize($tmp);
@@ -91,33 +93,31 @@ if($cache->enabled()) {
 }
 
 if($config_lua_reload) {
-	config(['lua', load_config_lua(config('server_path') . 'config.lua')]);
+	$config['lua'] = load_config_lua($config['server_path'] . 'config.lua');
 
 	// cache config
 	if($cache->enabled()) {
-		$cache->set('config_lua', serialize(config('lua')), 2 * 60);
-		$cache->set('server_path', config('server_path'), 10 * 60);
+		$cache->set('config_lua', serialize($config['lua']), 2 * 60);
+		$cache->set('server_path', $config['server_path'], 10 * 60);
 	}
 }
 unset($tmp);
 
-if(configLua('servername') !== null) {
-	$config['lua']['serverName'] = configLua('servername');
-}
+if(isset($config['lua']['servername']))
+	$config['lua']['serverName'] = $config['lua']['servername'];
 
-if(configLua('houserentperiod') !== null) {
-	$config['lua']['houseRentPeriod'] = configLua('houserentperiod');
-}
+if(isset($config['lua']['houserentperiod']))
+	$config['lua']['houseRentPeriod'] = $config['lua']['houserentperiod'];
 
 // localize data/ directory based on data directory set in config.lua
 foreach(array('dataDirectory', 'data_directory', 'datadir') as $key) {
-	if(!isset(configLua($key)[0])) {
+	if(!isset($config['lua'][$key][0])) {
 		break;
 	}
 
-	$foundValue = configLua('lua')[$key];
+	$foundValue = $config['lua'][$key];
 	if($foundValue[0] !== '/') {
-		$foundValue = config('server_path') . $foundValue;
+		$foundValue = $config['server_path'] . $foundValue;
 	}
 
 	if($foundValue[strlen($foundValue) - 1] !== '/') {// do not forget about trailing slash
@@ -126,17 +126,17 @@ foreach(array('dataDirectory', 'data_directory', 'datadir') as $key) {
 }
 
 if(!isset($foundValue)) {
-	$foundValue = config('server_path') . 'data/';
+	$foundValue = $config['server_path'] . 'data/';
 }
 
-config(['data_path', $foundValue]);
+$config['data_path'] = $foundValue;
 unset($foundValue);
 
 // POT
 require_once SYSTEM . 'libs/pot/OTS.php';
+$ots = POT::getInstance();
 $eloquentConnection = null;
-global $db;
-$db = app()->get('db');
+require_once SYSTEM . 'database.php';
 
 // verify myaac tables exists in database
 if(!defined('MYAAC_INSTALL') && !$db->hasTable('myaac_account_actions')) {
@@ -150,7 +150,8 @@ if (!isset($configDatabaseAutoMigrate) || $configDatabaseAutoMigrate) {
 }
 
 // settings
-$settings = app()->get('settings');
+$settings = Settings::getInstance();
+$settings->load();
 
 // csrf protection
 $token = getSession('csrf_token');

system/libs/pot/OTS_Account.php

@@ -478,12 +478,12 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 
     public function isPremium()
     {
-		$configFreePremium = configLua('freePremium');
-		if(isset($configFreePremium) && getBoolean($configFreePremium)) return true;
+		global $config;
+        if(isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium'])) return true;
 
-		if(isset($this->data['premium_ends_at'])) {
-			return $this->data['premium_ends_at'] > time();
-		}
+	    if(isset($this->data['premium_ends_at'])) {
+		    return $this->data['premium_ends_at'] > time();
+	    }
 
 		if(isset($this->data['premend'])) {
 			return $this->data['premend'] > time();
@@ -772,7 +772,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
         $filter->compareField('account_id', (int) $this->data['id']);
 
 		if(!$withDeleted) {
-			$db = app()->get('database');
+			global $db;
 			if($db->hasColumn('players', 'deletion')) {
 				$filter->compareField('deletion', 0);
 			} else {
@@ -936,7 +936,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 			return $this->data['group_id'];
 		}
 
-		$db = app()->get('database');
+		global $db;
 		if($db->hasColumn('accounts', 'group_id')) {
 			$query = $this->db->query('SELECT `group_id` FROM `accounts` WHERE `id` = ' . (int) $this->getId())->fetch();
 			// if anything was found
@@ -963,7 +963,7 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 			return $this->data['group_id'];
 		}
 
-		$db = app()->get('database');
+		global $db;
 		if($db->hasColumn('accounts', 'group_id')) {
 			$query = $this->db->query('SELECT `group_id` FROM `accounts` WHERE `id` = ' . (int) $this->getId())->fetch();
 			// if anything was found

system/libs/pot/OTS_DB_MySQL.php

@@ -97,13 +97,14 @@ class OTS_DB_MySQL extends OTS_Base_DB
 			$params['persistent'] = false;
 		}
 
-		$cache = app()->get('cache');
+		global $config;
+		$cache = Cache::getInstance();
 		if($cache->enabled()) {
 			$tmp = null;
 			$need_revalidation = true;
 			if($cache->fetch('database_checksum', $tmp) && $tmp) {
 				$tmp = unserialize($tmp);
-				if(sha1(config('database_host') . '.' . config('database_name')) === $tmp) {
+				if(sha1($config['database_host'] . '.' . $config['database_name']) === $tmp) {
 					$need_revalidation = false;
 				}
 			}
@@ -147,7 +148,9 @@ class OTS_DB_MySQL extends OTS_Base_DB
 
 	public function __destruct()
 	{
-		$cache = app()->get('cache');
+		global $config;
+
+		$cache = Cache::getInstance();
 		if($cache->enabled()) {
 			if ($this->clearCacheAfter) {
 				$cache->delete('database_tables');
@@ -157,7 +160,7 @@ class OTS_DB_MySQL extends OTS_Base_DB
 			else {
 				$cache->set('database_tables', serialize($this->has_table_cache), 3600);
 				$cache->set('database_columns', serialize($this->has_column_cache), 3600);
-				$cache->set('database_checksum', serialize(sha1(config('database_host') . '.' . config('database_name'))), 3600);
+				$cache->set('database_checksum', serialize(sha1($config['database_host'] . '.' . $config['database_name'])), 3600);
 			}
 		}
 
@@ -215,7 +218,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 	}
 
 	private function hasTableInternal($name) {
-		return ($this->has_table_cache[$name] = $this->query('SELECT `TABLE_NAME` FROM `information_schema`.`tables` WHERE `TABLE_SCHEMA` = ' . $this->quote(config('database_name')) . ' AND `TABLE_NAME` = ' . $this->quote($name) . ' LIMIT 1;')->rowCount() > 0);
+		global $config;
+		return ($this->has_table_cache[$name] = $this->query('SELECT `TABLE_NAME` FROM `information_schema`.`tables` WHERE `TABLE_SCHEMA` = ' . $this->quote($config['database_name']) . ' AND `TABLE_NAME` = ' . $this->quote($name) . ' LIMIT 1;')->rowCount() > 0);
 	}
 
 	public function hasColumn($table, $column) {
@@ -230,6 +234,19 @@ class OTS_DB_MySQL extends OTS_Base_DB
 		return $this->hasTable($table) && ($this->has_column_cache[$table . '.' . $column] = count($this->query('SHOW COLUMNS FROM `' . $table . "` LIKE '" . $column . "'")->fetchAll()) > 0);
 	}
 
+	public function hasTableAndColumns(string $table, array $columns = []): bool
+	{
+		if (!$this->hasTable($table)) return false;
+
+		foreach ($columns as $column) {
+			if (!$this->hasColumn($table, $column)) {
+				return false;
+			}
+		}
+
+		return true;
+	}
+
 	public function revalidateCache() {
 		foreach($this->has_table_cache as $key => $value) {
 			$this->hasTableInternal($key);

system/libs/pot/OTS_Group.php

@@ -490,9 +490,7 @@ class OTS_Group extends OTS_Row_DAO implements IteratorAggregate, Countable
         // creates filter
         $filter = new OTS_SQLFilter();
         $filter->compareField('group_id', (int) $this->data['id']);
-
-	    $db = app()->get('database');
-
+		global $db;
 		if($db->hasColumn('players', 'deletion'))
 			$filter->compareField('deletion', 0);
 		else

system/libs/pot/OTS_Groups_List.php

@@ -33,7 +33,7 @@ class OTS_Groups_List implements IteratorAggregate, Countable
  */
     public function __construct($file = '')
     {
-		$db = app()->get('db');
+		global $db;
 		if($db->hasTable('groups')) { // read groups from database
 			foreach($db->query('SELECT `id`, `name`, `access` FROM `groups`;') as $group)
 			{
@@ -47,8 +47,10 @@ class OTS_Groups_List implements IteratorAggregate, Countable
 			return;
 		}
 
-		if(!isset($file[0])) {
-			$file = config('data_path') . 'XML/groups.xml';
+		if(!isset($file[0]))
+		{
+			global $config;
+			$file = $config['data_path'] . 'XML/groups.xml';
 		}
 
 		if(!@file_exists($file)) {
@@ -57,7 +59,7 @@ class OTS_Groups_List implements IteratorAggregate, Countable
 			return;
 		}
 
-		$cache = app()->get('cache');
+		$cache = Cache::getInstance();
 
 		$data = array();
 		if($cache->enabled())

system/libs/pot/OTS_Guild.php

@@ -97,7 +97,7 @@ class OTS_Guild extends OTS_Row_DAO implements IteratorAggregate, Countable
  *
  * @param IOTS_GuildAction $invites Invites driver (don't pass it to clear driver).
  */
-    public function setInvitesDriver(IOTS_GuildAction $invites = null)
+    public function setInvitesDriver(?IOTS_GuildAction $invites = null)
     {
         $this->invites = $invites;
     }
@@ -107,7 +107,7 @@ class OTS_Guild extends OTS_Row_DAO implements IteratorAggregate, Countable
  *
  * @param IOTS_GuildAction $requests Membership requests driver (don't pass it to clear driver).
  */
-    public function setRequestsDriver(IOTS_GuildAction $requests = null)
+    public function setRequestsDriver(?IOTS_GuildAction $requests = null)
     {
         $this->requests = $requests;
     }
@@ -284,6 +284,8 @@ class OTS_Guild extends OTS_Row_DAO implements IteratorAggregate, Countable
     }
 
     public function hasMember(OTS_Player $player) {
+        global $db;
+
         if(!$player || !$player->isLoaded()) {
             return false;
         }

system/libs/pot/OTS_GuildRank.php

@@ -60,7 +60,7 @@ class OTS_GuildRank extends OTS_Row_DAO implements IteratorAggregate, Countable
  * @throws PDOException On PDO operation error.
  * @throws E_OTS_NotLoaded If given <var>$guild</var> object is not loaded.
  */
-    public function find($name, OTS_Guild $guild = null)
+    public function find($name, ?OTS_Guild $guild = null)
     {
         $where = '';
 

system/libs/pot/OTS_Monster.php

@@ -284,7 +284,7 @@ class OTS_Monster extends DOMDocument
  */
 	public function getLook()
 	{
-		$look = array();
+		$look = [];
 
 		$element = $this->documentElement->getElementsByTagName('look')->item(0);
 
@@ -292,14 +292,30 @@ class OTS_Monster extends DOMDocument
 			return $look;
 		}
 
-		$look['type'] = $element->getAttribute('type');
-		$look['typeex'] = $element->getAttribute('typeex');
-		$look['head'] = $element->getAttribute('head');
-		$look['body'] = $element->getAttribute('body');
-		$look['legs'] = $element->getAttribute('legs');
-		$look['feet'] = $element->getAttribute('feet');
-		$look['addons'] = $element->getAttribute('addons');
-		$look['corpse'] = $element->getAttribute('corpse');
+		if ($element->hasAttribute('typeex')) {
+			$look['typeEx'] = (int) $element->getAttribute('typeex');
+		}
+		if ($element->hasAttribute('type')) {
+			$look['type'] = (int) $element->getAttribute('type');
+		}
+		if ($element->hasAttribute('head')) {
+			$look['head'] = (int) $element->getAttribute('head');
+		}
+		if ($element->hasAttribute('body')) {
+			$look['body'] = (int) $element->getAttribute('body');
+		}
+		if ($element->hasAttribute('legs')) {
+			$look['legs'] = (int) $element->getAttribute('legs');
+		}
+		if ($element->hasAttribute('feet')) {
+			$look['feet'] = (int) $element->getAttribute('feet');
+		}
+		if ($element->hasAttribute('addons')) {
+			$look['addons'] = (int) $element->getAttribute('addons');
+		}
+		if ($element->hasAttribute('corpse')) {
+			$look['corpse'] = (int) $element->getAttribute('corpse');
+		}
 
 		return $look;
 	}

system/libs/pot/OTS_Player.php

@@ -655,19 +655,18 @@ class OTS_Player extends OTS_Row_DAO
 		//if($path == '')
 		//	$path = $config['data_path'].'XML/groups.xml';
 
-		if(!isset($this->data['group_id'])) {
+		if( !isset($this->data['group_id']) )
+		{
 			throw new E_OTS_NotLoaded();
 		}
 
 		//$groups = new DOMDocument();
 		//$groups->load($path);
 
-		$groups = app()->get('groups');
+		global $groups;
 		$tmp = $groups->getGroup($this->data['group_id']);
-
-		if($tmp) {
+		if($tmp)
 			return $tmp;
-		}
 
 		return new OTS_Group();
 			// echo 'error while loading group..';
@@ -854,8 +853,9 @@ class OTS_Player extends OTS_Row_DAO
 		}
 
 		if(isset($this->data['promotion'])) {
+			global $config;
 			if((int)$this->data['promotion'] > 0)
-				return ($this->data['vocation'] + ($this->data['promotion'] * config('vocations_amount')));
+				return ($this->data['vocation'] + ($this->data['promotion'] * $config['vocations_amount']));
 		}
 
 		return $this->data['vocation'];
@@ -2026,7 +2026,7 @@ class OTS_Player extends OTS_Row_DAO
  * @param OTS_GuildRank|null Guild rank (null to clear assign).
  * @throws E_OTS_NotLoaded If passed <var>$guildRank</var> parameter is not loaded.
  */
-	public function setRank(OTS_GuildRank $guildRank = null)
+	public function setRank(?OTS_GuildRank $guildRank = null)
 	{
 		if(isset($guildRank))
 			$this->setRankId($guildRank->getId(), $guildRank->getGuild()->getId());
@@ -2632,7 +2632,7 @@ class OTS_Player extends OTS_Row_DAO
  * @throws E_OTS_NotLoaded If player is not loaded.
  * @throws PDOException On PDO operation error.
  */
-	public function setSlot($slot, OTS_Item $item = null, $pid = 0)
+	public function setSlot($slot, ?OTS_Item $item = null, $pid = 0)
 	{
 		static $sid;
 
@@ -2776,7 +2776,7 @@ class OTS_Player extends OTS_Row_DAO
  * @throws E_OTS_NotLoaded If player is not loaded.
  * @throws PDOException On PDO operation error.
  */
-	public function setDepot($depot, OTS_Item $item = null, $pid = 0, $depot_id = 0)
+	public function setDepot($depot, ?OTS_Item $item = null, $pid = 0, $depot_id = 0)
 	{
 		static $sid;
 

system/login.php

@@ -0,0 +1,41 @@
+<?php
+/**
+ * Login manager
+ *
+ * @package   MyAAC
+ * @author    Slawkens <slawkens@gmail.com>
+ * @copyright 2019 MyAAC
+ * @link      https://my-aac.org
+ */
+defined('MYAAC') or die('Direct access not allowed!');
+$logged = false;
+$logged_flags = 0;
+$account_logged = new OTS_Account();
+
+// stay-logged with sessions
+$current_session = getSession('account');
+if($current_session)
+{
+	$account_logged->load($current_session);
+	if($account_logged->isLoaded() && $account_logged->getPassword() == getSession('password')
+		//&& (!isset($_SESSION['admin']) || admin())
+		&& (getSession('remember_me') || getSession('last_visit') > time() - 15 * 60)) {  // login for 15 minutes if "remember me" is not used
+			$logged = true;
+	}
+	else {
+		unsetSession('account');
+		unset($account_logged);
+	}
+}
+
+if($logged) {
+	$logged_flags = $account_logged->getWebFlags();
+	$twig->addGlobal('logged', true);
+	$twig->addGlobal('account_logged', $account_logged);
+}
+
+setSession('last_visit', time());
+if(defined('PAGE')) {
+	setSession('last_page', PAGE);
+}
+setSession('last_uri', $_SERVER['REQUEST_URI']);

system/logout.php

@@ -12,10 +12,7 @@ use MyAAC\CsrfToken;
 
 defined('MYAAC') or die('Direct access not allowed!');
 
-$account_logged = accountLogged();
-$hooks = app()->get('hooks');
-
-if($account_logged !== null && $account_logged->isLoaded()) {
+if(isset($account_logged) && $account_logged->isLoaded()) {
 	if($hooks->trigger(HOOK_LOGOUT, ['account_id' => $account_logged->getId()])) {
 		unsetSession('account');
 		unsetSession('password');
@@ -23,11 +20,7 @@ if($account_logged !== null && $account_logged->isLoaded()) {
 
 		CsrfToken::generate();
 
-		global $logged, $account_logged;
 		$logged = false;
-		$account_logged = new OTS_Account();
-
-		app()->setLoggedIn($logged);
-		app()->setAccountLogged($account_logged);
+		unset($account_logged);
 	}
 }

system/migrations/17.php

@@ -10,8 +10,13 @@ $up = function () use ($db) {
 		$db->exec(file_get_contents(__DIR__ . '/17-menu.sql'));
 	}
 
-	Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
-	Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
+	$themes = ['kathrine', 'tibiacom',];
+	foreach ($themes as $theme) {
+		$file = TEMPLATES . $theme . '/menus.php';
+		if (is_file($file)) {
+			Plugins::installMenus($theme, require $file);
+		}
+	}
 };
 
 $down = function () use ($db) {

system/migrations/20.php

@@ -4,7 +4,7 @@ use MyAAC\Settings;
 
 function updateHighscoresIdsHidden(): void
 {
-	$db = app()->get('database');
+	global $db;
 
 	if (!$db->hasTable('players')) {
 		return;

system/migrations/28.php

@@ -3,10 +3,12 @@
  * @var OTS_DB_MySQL $db
  */
 
+use MyAAC\Cache\Cache;
+
 $up = function () use ($db) {
 	$db->dropTable(TABLE_PREFIX . 'hooks');
 
-	$cache = app()->get('cache');
+	$cache = Cache::getInstance();
 	if($cache->enabled()) {
 		$cache->delete('hooks');
 	}
@@ -15,7 +17,7 @@ $up = function () use ($db) {
 $down = function () use ($db) {
 	$db->exec(file_get_contents(__DIR__ . '/28-hooks.sql'));
 
-	$cache = app()->get('cache');
+	$cache = Cache::getInstance();
 	if($cache->enabled()) {
 		$cache->delete('hooks');
 	}

system/pages/account/base.php

@@ -10,7 +10,7 @@
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
-if(!logged())
+if(!$logged)
 {
 	$title = 'Login';
 

system/pages/account/change-email.php

@@ -13,7 +13,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Change E-Mail';
 require __DIR__ . '/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 

system/pages/account/change-info.php

@@ -16,7 +16,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Change Info';
 require __DIR__ . '/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 

system/pages/account/change-password.php

@@ -13,7 +13,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Change Password';
 require __DIR__ . '/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 

system/pages/account/characters/change-comment.php

@@ -16,7 +16,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Change Comment';
 require PAGES . 'account/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 

system/pages/account/characters/change-name.php

@@ -13,7 +13,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Change Name';
 require PAGES . 'account/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 

system/pages/account/characters/change-sex.php

@@ -13,7 +13,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Change Sex';
 require PAGES . 'account/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 

system/pages/account/characters/create.php

@@ -16,7 +16,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Create Character';
 require PAGES . 'account/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 

system/pages/account/characters/delete.php

@@ -13,7 +13,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Delete Character';
 require PAGES . 'account/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 

system/pages/account/create.php

@@ -17,7 +17,8 @@ $title = 'Create Account';
 if (setting('core.account_country'))
 	require SYSTEM . 'countries.conf.php';
 
-if(logged()) {
+if($logged)
+{
 	echo 'Please logout before attempting to create a new account.';
 	return;
 }

system/pages/account/login.php

@@ -29,7 +29,6 @@ if(!empty($login_account) && !empty($login_password))
 	$limiter->enabled = setting('core.account_login_ipban_protection');
 	$limiter->load();
 
-	global $logged, $account_logged, $logged_flags;
 	$account_logged = new OTS_Account();
 	if (config('account_login_by_email')) {
 		$account_logged->findByEMail($login_account);
@@ -70,9 +69,6 @@ if(!empty($login_account) && !empty($login_password))
 				$account_logged->setCustomField('web_lastlogin', time());
 			}
 
-			app()->setLoggedIn($logged);
-			app()->setAccountLogged($account_logged);
-
 			$hooks->trigger(HOOK_LOGIN, array('account' => $account_logged, 'password' => $login_password, 'remember_me' => $remember_me));
 		}
 

system/pages/account/logout.php

@@ -13,7 +13,7 @@ $title = 'Logout';
 
 require __DIR__ . '/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 

system/pages/account/manage.php

@@ -14,7 +14,7 @@ $title = 'Account Management';
 require __DIR__ . '/login.php';
 require __DIR__ . '/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 
@@ -34,7 +34,7 @@ if(isset($_REQUEST['redirect']))
 	return;
 }
 
-$groups = app()->get('groups');
+$groups = new OTS_Groups_List();
 
 $freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS;
 $dayOrDays = $account_logged->getPremDays() == 1 ? 'day' : 'days';

system/pages/account/register-new.php

@@ -13,7 +13,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Register Account';
 require __DIR__ . '/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 

system/pages/account/register.php

@@ -13,7 +13,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Register Account';
 require __DIR__ . '/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	return;
 }
 

system/pages/characters.php

@@ -14,10 +14,10 @@ use MyAAC\Models\PlayerDeath;
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Characters';
 
-$groups = app()->get('groups');
-function generate_search_form($autofocus = false): string
+$groups = new OTS_Groups_List();
+function generate_search_form($autofocus = false)
 {
-	$twig = app()->get('twig');
+	global $config, $twig;
 	return $twig->render('characters.form.html.twig', array(
 		'link' => getLink('characters'),
 		'autofocus' => $autofocus
@@ -26,9 +26,7 @@ function generate_search_form($autofocus = false): string
 
 function retrieve_former_name($name)
 {
-	global $oldName;
-
-	$db = app()->get('db');
+	global $oldName, $db;
 
 	if($db->hasTable('player_namelocks') && $db->hasColumn('player_namelocks', 'name')) {
 		$newNameSql = $db->query('SELECT `name`, `new_name` FROM `player_namelocks` WHERE `name` = ' . $db->quote($name));
@@ -44,9 +42,8 @@ function retrieve_former_name($name)
 }
 
 $name = '';
-if(isset($_REQUEST['name'])) {
+if(isset($_REQUEST['name']))
 	$name = urldecode(stripslashes(ucwords(strtolower($_REQUEST['name']))));
-}
 
 if(empty($name))
 {
@@ -66,14 +63,14 @@ if(!$player->isLoaded())
 {
 	$tmp_zmienna = "";
 	$tmp_name = retrieve_former_name($name);
-	while(!empty($tmp_name)) {
+	while(!empty($tmp_name))
+	{
 		$tmp_zmienna = $tmp_name;
 		$tmp_name = retrieve_former_name($tmp_zmienna);
 	}
 
-	if(!empty($tmp_zmienna)) {
+	if(!empty($tmp_zmienna))
 		$player->find($tmp_zmienna);
-	}
 }
 
 if($player->isLoaded() && !$player->isDeleted())

system/pages/faq.php

@@ -168,8 +168,10 @@ class FAQ
 
 	static public function move($id, $i, &$errors)
 	{
+		global $db;
 		$row = ModelsFAQ::find($id);
-		if($row) {
+		if($row)
+		{
 			$ordering = $row->ordering + $i;
 			$old_record = ModelsFAQ::where('ordering', $ordering)->first();
 			if($old_record) {
@@ -180,9 +182,8 @@ class FAQ
 			$row->ordering = $ordering;
 			$row->save();
 		}
-		else {
+		else
 			$errors[] = 'FAQ with id ' . $id . ' does not exists.';
-		}
 
 		return !count($errors);
 	}

system/pages/forum.php

@@ -39,10 +39,9 @@ if(!empty($action))
 
 $info = $db->query("SELECT `section`, COUNT(`id`) AS 'threads', SUM(`replies`) AS 'replies' FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `first_post` = `id` GROUP BY `section`")->fetchAll();
 
-$boards = [];
-foreach($info as $data) {
+$boards = array();
+foreach($info as $data)
 	$counters[$data['section']] = array('threads' => $data['threads'], 'posts' => $data['replies'] + $data['threads']);
-}
 
 foreach($sections as $id => $section)
 {

system/pages/forum/admin.php

@@ -17,7 +17,7 @@ if(!$canEdit) {
 	return;
 }
 
-$groupsList = app()->get('groups');
+$groupsList = new OTS_Groups_List();
 $groups = [
 	['id' => 0, 'name' => 'Guest'],
 ];

system/pages/forum/base.php

@@ -29,8 +29,7 @@ if(strtolower($forumSetting) != 'site') {
 
 $canEdit = Forum::isModerator();
 
-global $sections;
-$sections = [];
+$sections = array();
 foreach(getForumBoards() as $section) {
 	$sections[$section['id']] = array(
 		'id' => $section['id'],

system/pages/forum/edit_post.php

@@ -18,7 +18,7 @@ if ($ret === false) {
 	return;
 }
 
-if(!logged()) {
+if(!$logged) {
 	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
 	return;
 }

system/pages/forum/move_thread.php

@@ -18,7 +18,7 @@ if ($ret === false) {
 	return;
 }
 
-if(!logged()) {
+if(!$logged) {
 	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
 	return;
 }

system/pages/forum/new_post.php

@@ -18,7 +18,7 @@ if ($ret === false) {
 	return;
 }
 
-if(!logged()) {
+if(!$logged) {
 	$extra_url = '';
 	if(isset($_GET['thread_id'])) {
 		$extra_url = '?action=new_post&thread_id=' . $_GET['thread_id'];

system/pages/forum/new_thread.php

@@ -18,7 +18,7 @@ if ($ret === false) {
 	return;
 }
 
-if(!logged()) {
+if(!$logged) {
 	$extra_url = '';
 	if(isset($_GET['section_id'])) {
 		$extra_url = '?action=new_thread&section_id=' . $_GET['section_id'];

system/pages/forum/remove_post.php

@@ -18,7 +18,7 @@ if ($ret === false) {
 	return;
 }
 
-if(!logged()) {
+if(!$logged) {
 	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
 	return;
 }

system/pages/forum/show_board.php

@@ -44,7 +44,7 @@ for($i = 0; $i < $threads_count['threads_count'] / setting('core.forum_threads_p
 
 echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.$sections[$section_id]['name'].'</b>';
 
-if(logged() && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
+if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 	echo '<br /><br />
 		<a href="' . getLink('forum') . '?action=new_thread&section_id='.$section_id.'"><img src="images/forum/topic.gif" border="0" /></a>';
 }
@@ -94,7 +94,7 @@ if(isset($last_threads[0])) {
 	}
 
 	echo '</table>';
-	if(logged() && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
+	if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 		echo '<br /><a href="' . getLink('forum') . '?action=new_thread&section_id=' . $section_id . '"><img src="images/forum/topic.gif" border="0" /></a>';
 	}
 }

system/pages/forum/show_thread.php

@@ -50,7 +50,7 @@ if(isset($posts[0]['player_id'])) {
 }
 
 $lookaddons = $db->hasColumn('players', 'lookaddons');
-$groups = app()->get('groups');
+$groups = new OTS_Groups_List();
 foreach($posts as &$post) {
 	$post['player'] = new OTS_Player();
 	$player = $post['player'];

system/pages/gallery.php

@@ -132,7 +132,7 @@ class Gallery
 {
 	static public function add($comment, $image, $author, &$errors)
 	{
-		$db = app()->get('database');
+		global $db;
 		if(isset($comment[0]) && isset($image[0]) && isset($author[0]))
 		{
 			$query =
@@ -225,7 +225,7 @@ class Gallery
 
 	static public function move($id, $i, &$errors)
 	{
-		$db = app()->get('database');
+		global $db;
 		$query = self::get($id);
 		if($query !== false)
 		{

system/pages/guilds/accept_invite.php

@@ -15,7 +15,7 @@ require __DIR__ . '/base.php';
 //set rights in guild
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
 $name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null;
-if(!logged()) {
+if(!$logged) {
 	$errors[] = 'You are not logged in. You can\'t accept invitations.';
 }
 

system/pages/guilds/add_rank.php

@@ -22,7 +22,7 @@ if(empty($errors)) {
 	if(!Validator::rankName($rank_name)) {
 		$errors[] = 'Invalid rank name format.';
 	}
-	if(!logged()) {
+	if(!$logged) {
 		$errors[] = 'You are not logged.';
 	}
 	$guild = new OTS_Guild();

system/pages/guilds/change_description.php

@@ -26,7 +26,7 @@ if(empty($errors)) {
 }
 
 if(empty($errors)) {
-	if(logged()) {
+	if($logged) {
 		$guild_leader_char = $guild->getOwner();
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);

system/pages/guilds/change_logo.php

@@ -27,7 +27,7 @@ if(empty($errors)) {
 }
 
 if(empty($errors)) {
-	if(logged()) {
+	if($logged) {
 		$guild_leader_char = $guild->getOwner();
 		$guild_leader = false;
 		$account_players = $account_logged->getPlayers();

system/pages/guilds/change_motd.php

@@ -29,7 +29,7 @@ if(empty($errors)) {
 }
 
 if(empty($errors)) {
-	if(logged()) {
+	if($logged) {
 		$guild_leader_char = $guild->getOwner();
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);

system/pages/guilds/change_nick.php

@@ -12,7 +12,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 
 require __DIR__ . '/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	$errors[] = "You are not logged in. You can't change nick.";
 	$twig->display('error_box.html.twig', array('errors' => $errors));
 	$twig->display('guilds.back_button.html.twig');

system/pages/guilds/change_rank.php

@@ -12,7 +12,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 
 require __DIR__ . '/base.php';
 
-if(!logged()) {
+if(!$logged) {
 	$errors[] = "You are not logged in. You can't change rank.";
 }
 else {

system/pages/guilds/cleanup_guilds.php

@@ -12,7 +12,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 
 require __DIR__ . '/base.php';
 
-if(!logged())
+if(!$logged)
 {
 	echo "You are not logged in.";
 	$twig->display('guilds.back_button.html.twig');

system/pages/guilds/cleanup_players.php

@@ -12,7 +12,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 
 require __DIR__ . '/base.php';
 
-if(!logged())
+if(!$logged)
 {
 	echo "You are not logged in.";
 	$twig->display('guilds.back_button.html.twig');

system/pages/guilds/create.php

@@ -17,7 +17,7 @@ require __DIR__ . '/base.php';
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : NULL;
 $name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : NULL;
 $todo = isset($_REQUEST['todo']) ? $_REQUEST['todo'] : NULL;
-if(!logged()) {
+if(!$logged) {
 	$guild_errors[] = 'You are not logged in. You can\'t create guild.';
 }
 

system/pages/guilds/delete_by_admin.php

@@ -26,7 +26,7 @@ if(empty($errors)) {
 }
 
 if(empty($errors)) {
-	if(logged()) {
+	if($logged) {
 		if(admin()) {
 			$saved = false;
 			if(isset($_POST['todo']) && $_POST['todo'] == 'save') {

system/pages/guilds/delete_guild.php

@@ -26,7 +26,7 @@ if(empty($errors)) {
 }
 
 if(empty($errors)) {
-	if(logged()) {
+	if($logged) {
 		$guild_leader_char = $guild->getOwner();
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);

system/pages/guilds/delete_invite.php

@@ -15,7 +15,7 @@ require __DIR__ . '/base.php';
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
 $name = stripslashes($_REQUEST['name']);
 
-if(!logged())
+if(!$logged)
 	$errors[] = 'You are not logged in. You can\'t delete invitations.';
 
 if(!Validator::guildName($guild_name))

system/pages/guilds/delete_rank.php

@@ -26,7 +26,7 @@ if(empty($guild_errors)) {
 	}
 }
 if(empty($guild_errors)) {
-	if(logged()) {
+	if($logged) {
 		$guild_leader_char = $guild->getOwner();
 		$rank_list = $guild->getGuildRanksList();
 		$rank_list->orderBy('level', POT::ORDER_DESC);

system/pages/guilds/invite.php

@@ -15,7 +15,7 @@ require __DIR__ . '/base.php';
 //set rights in guild
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : NULL;
 $name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : NULL;
-if(!logged()) {
+if(!$logged) {
 	$errors[] = "You are not logged in. You can't invite players.";
 }
 

system/pages/guilds/kick_player.php

@@ -16,7 +16,7 @@ require __DIR__ . '/base.php';
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
 $name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null;
 
-if(!logged()) {
+if(!$logged) {
 	$errors[] = 'You are not logged in. You can\'t kick characters.';
 }
 

system/pages/guilds/leave.php

@@ -15,7 +15,7 @@ require __DIR__ . '/base.php';
 //set rights in guild
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : NULL;
 $name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : NULL;
-if(!logged()) {
+if(!$logged) {
 	$errors[] = "You are not logged in. You can't leave guild.";
 }