Update phpstan.neon

Update composer.lock
Update version to 1.0-RC
2025-09-14 04:23:34 +02:00 · 2024-07-23 08:47:22 +02:00 · 2024-07-23 08:45:55 +02:00 · 2024-07-23 08:35:08 +02:00 · 2024-07-23 08:30:53 +02:00 · 2024-07-23 08:07:59 +02:00
347 changed files with 9399 additions and 9081 deletions
--- a/.github/workflows/cypress.yml
+++ b/.github/workflows/cypress.yml
@@ -22,8 +22,9 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        php-versions: [ '7.4', '8.0', '8.1' ]
+        php-versions: [ '8.1', '8.2', '8.3' ]
-    name: MyAAC on PHP ${{ matrix.php-versions }}
+        ots: ['tfs-1.4', 'canary-3.1.2'] # TODO: add 'tfs-master' (actually doesn't work cause AAC doesn't support reading .env configuration)
    name: Cypress (PHP ${{ matrix.php-versions }}, ${{ matrix.ots }})
    steps:
        - name: 📌 MySQL Start & init & show db
          run: |
@@ -32,47 +33,81 @@ jobs:
            mysql -e "SHOW DATABASES" -uroot -proot
        - name: Checkout MyAAC
-          uses: actions/checkout@v3
+          uses: actions/checkout@v4
          with:
-            ref: 0.9
+            ref: develop
        - uses: actions/setup-node@v4
          with:
            node-version: 18
        - run: npm ci
        - name: Checkout TFS
-          uses: actions/checkout@v3
+          uses: actions/checkout@v4
          if: matrix.ots == 'tfs-1.4'
          with:
            repository: otland/forgottenserver
            ref: 1.4
-            path: tfs
+            path: ots
-        - name: Import TFS Schema
+        - name: Checkout TFS
          uses: actions/checkout@v4
          if: matrix.ots == 'tfs-master'
          with:
            repository: otland/forgottenserver
            ref: master
            path: ots
        - name: Checkout Canary
          uses: actions/checkout@v4
          if: matrix.ots == 'canary-3.1.2'
          with:
            repository: opentibiabr/canary
            ref: v3.1.2
            path: ots
        - name: Import OTS Schema
          run: |
-              mysql -uroot -proot myaac < tfs/schema.sql
+              mysql -uroot -proot myaac < ots/schema.sql
        - name: Rename config.lua
-          run: mv tfs/config.lua.dist tfs/config.lua
+          run: mv ots/config.lua.dist ots/config.lua
-        - name: Replace mysqlUser
+        - name: Replace mysqlUser (TFS 1.4)
-          uses: jacobtomlinson/gha-find-replace@v2
+          uses: jacobtomlinson/gha-find-replace@v3
          if: matrix.ots == 'tfs-1.4'
          with:
            find: 'mysqlUser = "forgottenserver"'
            replace: 'mysqlUser = "root"'
            regex: false
-            include: 'tfs/config.lua'
+            include: 'ots/config.lua'
-        - name: Replace mysqlPass
+        - name: Replace mysqlPass (TFS 1.4)
-          uses: jacobtomlinson/gha-find-replace@v2
+          uses: jacobtomlinson/gha-find-replace@v3
          if: matrix.ots == 'tfs-1.4'
          with:
              find: 'mysqlPass = ""'
              replace: 'mysqlPass = "root"'
              regex: false
-              include: 'tfs/config.lua'
+              include: 'ots/config.lua'
-        - name: Replace mysqlDatabase
+        - name: Replace mysqlDatabase (TFS 1.4)
-          uses: jacobtomlinson/gha-find-replace@v2
+          uses: jacobtomlinson/gha-find-replace@v3
          if: matrix.ots == 'tfs-1.4'
          with:
              find: 'mysqlDatabase = "forgottenserver"'
              replace: 'mysqlDatabase = "myaac"'
              regex: false
-              include: 'tfs/config.lua'
+              include: 'ots/config.lua'
        - name: Replace mysqlDatabase (Canary)
          uses: jacobtomlinson/gha-find-replace@v3
          if: matrix.ots == 'canary-3.1.2'
          with:
              find: 'mysqlDatabase = "otservbr-global"'
              replace: 'mysqlDatabase = "myaac"'
              regex: false
              include: 'ots/config.lua'
        - name: Setup PHP
          uses: shivammathur/setup-php@v2
@@ -85,13 +120,13 @@ jobs:
          run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
        - name: Cache composer dependencies
-          uses: actions/cache@v3
+          uses: actions/cache@v4
          with:
            path: ${{ steps.composer-cache.outputs.dir }}
            # Use composer.json for key, if composer.lock is not committed.
-            # key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
+            key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
-            key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+            #key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
-            restore-keys: ${{ runner.os }}-composer-
+            restore-keys: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
        - name: Install Composer dependencies
          run: composer install --no-progress --prefer-dist --optimize-autoloader
@@ -100,21 +135,28 @@ jobs:
          run: nohup php -S localhost:8080 > php.log 2>&1 &
        - name: Cypress Run
-          uses: cypress-io/github-action@v5
+          uses: cypress-io/github-action@v6
          env:
            CYPRESS_URL: http://localhost:8080
-            CYPRESS_SERVER_PATH: /home/runner/work/myaac/myaac/tfs
+            CYPRESS_SERVER_PATH: /home/runner/work/myaac/myaac/ots
        - name: Save screenshots
-          uses: actions/upload-artifact@v3
+          uses: actions/upload-artifact@v4
          if: always()
          with:
-            name: cypress-screenshots
+            name: cypress-screenshots-${{ matrix.php-versions }}-${{ matrix.ots }}
            path: cypress/screenshots
        - name: Upload Cypress Videos
-          uses: actions/upload-artifact@v3
+          uses: actions/upload-artifact@v4
          if: always()
          with:
-            name: cypress-videos
+            name: cypress-videos-${{ matrix.php-versions }}-${{ matrix.ots }}
            path: cypress/videos
        - name: Upload PHP Logs
          uses: actions/upload-artifact@v4
          if: always()
          with:
            name: php-log-${{ matrix.php-versions }}-${{ matrix.ots }}
            path: php.log
--- a/.github/workflows/phpstan.yml
+++ b/.github/workflows/phpstan.yml
@@ -0,0 +1,46 @@
 name: "PHPStan"
 on:
  pull_request:
    branches: [develop]
  push:
    branches: [develop]
 jobs:
  tests:
    name: PhpStan on PHP ${{ matrix.php-versions }}
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        php-versions: [ '8.1', '8.2', '8.3' ]
    steps:
      - name: "Checkout"
        uses: "actions/checkout@v4"
      - name: "Install PHP"
        uses: "shivammathur/setup-php@v2"
        with:
          coverage: "none"
          extensions: "intl, zip"
          ini-values: "memory_limit=-1"
          php-version: "${{ matrix.php-version }}"
      - name: Get composer cache directory
        id: composer-cache
        run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
      - name: Cache composer dependencies
        uses: actions/cache@v4
        with:
          path: ${{ steps.composer-cache.outputs.dir }}
          # Use composer.json for key, if composer.lock is not committed.
          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
          restore-keys: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
      - name: "Install composer dependencies"
        run: "composer install"
      - name: "Run PHPStan"
        run: "/usr/bin/php vendor/bin/phpstan analyse"
--- a/.gitignore
+++ b/.gitignore
@@ -6,15 +6,17 @@ Thumbs.db
 /.htaccess
 # composer
-composer.lock
+composer.phar
 vendor
 # npm
 node_modules
 tools/ext
 # cypress
 cypress.env.json
 cypress/e2e/2-advanced-examples
 cypress/screenshots
 # created by release.sh
 releases
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,8 +1,38 @@
 # Changelog
-## [0.9.0-alpha - 02.06.2023]
+## [1.0-RC -23.07.2024]
-Minimum PHP version for this release is 7.2.5.
+Changes since 1.0-beta:
 ### Added
 * Feat: Hooks priority (https://github.com/slawkens/myaac/commit/dc17b701da053e04bfa64e21be9247a4f07505e1)
 * Make autoload of pages, commands and themes configurable (https://github.com/slawkens/myaac/commit/c1d4b4f80cd6bb85507ee9471e47013955a26a91)
 * Fraggers in characters page for TFS 1.x and canary (https://github.com/slawkens/myaac/commit/42f99c3edc8de39cccc5632cb42e88b24579c5a6)
 * New hooks: HOOK_INSTALL_FINISH, HOOK_ACCOUNT_CREATE_CHARACTER_* (https://github.com/slawkens/myaac/commit/08ac8ebade106521a5c7396faa5ce7006e629f7c, https://github.com/slawkens/myaac/commit/45dda5e834ff2059faea6ef9be2efa76f1723cbd)
 ### Changed
 * Allow account_create_character_create even if account_mail_verify is activated (https://github.com/slawkens/myaac/commit/203e411b626fe62401a4b74a48420769e512aa39)
 * Create guild_rank entries, in case MySQL trigger not loaded (https://github.com/slawkens/myaac/commit/d9c1b2507c81f306970642b35e4bf5f7cc04a6f2, https://github.com/slawkens/myaac/commit/47a19e85dd84e9f3b39a1b29cfc2c04b004832b9)
 * Set Admin Account verified by default (https://github.com/slawkens/myaac/commit/cd49dfc79942f3301ce9c0b8d899b9f39bda9a41)
 * Refactor account routes into sub folders (https://github.com/slawkens/myaac/commit/bdc0c43d3fd3a51030c3e916bdb9f008468f5ecd)
 * Order towns by id (https://github.com/slawkens/myaac/commit/9ea2a5067fc4b75de395f381577b18914132ad84)
 * Do not create news about myaac, if any news already exist (on installation (https://github.com/slawkens/myaac/commit/504242fb846b73b56b87bc1e39d070687ad7f5b4)
 ### Fixed
 * Not working google recaptcha plugin (https://github.com/slawkens/myaac/commit/a1bcb217ecf4e21fd58da4ba491da1852029898a)
 * Not working account create if account_country is disabled (https://github.com/slawkens/myaac/commit/933b681a9fcdbb6283e0469b3806d2ded492d232)
 * Account verify - do not allow login without verified email (Thanks @anyeor, https://github.com/slawkens/myaac/commit/fcb13f3c0fb8ceafda0bd614a229a26a269432bd)
 * Detect tools/ext exists on install to prevent broken installs (https://github.com/slawkens/myaac/commit/10a739773c4f2911876bc802a0ee0537c3e00a92)
 * Cache reloading each time page refreshes (https://github.com/slawkens/myaac/commit/ec96985872057340112f65073efc0c4bf86dddb0)
 * Highscores frags for TFS 1.x and canary (https://github.com/slawkens/myaac/commit/a04d186c22912915f0a7873dfe677ef3b5a23c79)
 * Monsters page: monster not found exception (https://github.com/slawkens/myaac/commit/ef79b99b8acc179f14b8475547347d9daca27512)
 * Fixed bug if \<flags\> are not present in monster.xml (https://github.com/slawkens/myaac/commit/57b47ab7983f625c7c0ef4f5303a4d07ef172786)
 * fastRoute duplicate errors (https://github.com/slawkens/myaac/commit/4c0739d3e93812dff0c33849ea3f38e4e49113ac)
 * useGuildNick displaying (https://github.com/slawkens/myaac/commit/0db0ec1aa47e044c26bc403ff5078a2115d086f8)
 ## [1.0-beta - 18.05.2024]
 Minimum PHP version for this release is 8.1.
 ### Added
 * reworked Admin Panel (@Leesneaks, @gpedro, @slawkens)
@@ -11,17 +41,26 @@ Minimum PHP version for this release is 7.2.5.
  * new Dashboard: statistics, server status
  * new Admin Bar showed on top when admin logged in
  * new page: Server Data, to reload server data
    * Towns, NPCs & Items are stored in permanent cache
  * new pages: mass account & teleport tools
  * changelogs editor
  * revised Accounts & Players editors
-  * option to add/modify menus with plugins
+  * option to add/modify admin menus with plugins
  * option to enable/disable plugins
  * better, updated TinyMCE editor (v6.x)
    * with option to upload images
-  * list of open source libraries used in project
+  * list of open source libraries used in project page
 * auto-loading of themes, commands & pages from plugins/ folder. You need just to place them in correct folder and they will be loaded automatically - this allows better customization, without interfering with core AAC folders. This will allow in the future automatic updates for plugins as well the AAC as whole.
 * config.php moved to Admin Panel -> Settings page
 * new console script: aac - using symfony/console
  * usage: `php aac` (will list all commands by default)
  * example: `php aac cache:clear`
  * example: `php aac plugin:install theme-example.zip`
 * replace POT Query Builder to Eloquent ORM. Not 100% yet - in some places there is still old $db approach used (@gpedro) (https://github.com/slawkens/myaac/pull/230)
 * brand new charming installation page (by @fernandomatos)
  * using Bootstrap
 * new pages router: nikic/fast-route, allowing for better customisation
 * Plugin cronjobs: central control of the cronjobs
 * Guild Wars support (available as plugin)
 * support for login and create account only by email (configurable)
  * with no need for account name
@@ -31,10 +70,13 @@ Minimum PHP version for this release is 7.2.5.
  * suggest account number option
 * many new functions, hooks and configurables
 * better Exception Handler (Whoops - https://github.com/filp/whoops)
-* add Cypress testing
+* automated website tests (using Cypress)
 * csrf protection (https://github.com/slawkens/myaac/pull/235)
 * option to restrict Page view to specified group of users (Not-Logged in, logged-in players, tutors, gamemasters etc.)
 * phpdebug bar (http://phpdebugbar.com/). Activated if env == 'dev', can be also activated in production by enabling "enable_debugbar" in local config
 ### Changed
-* Composer is now used for external libraries like: Twig, PHPMailer, fast-route etc.
+* Composer and NPM is now used for external libraries like: Twig, PHPMailer, fast-route, jQuery, Bootstrap etc.
 * mail support is disabled on fresh install, can be manually enabled by user
 * disable add php pages in admin panel for security. Option to disable plugins upload
 * visitors counter shows now user browser, and also if its bot
@@ -45,7 +87,7 @@ Minimum PHP version for this release is 7.2.5.
 	* Highscores
 		* frags works for TFS 1.x
 		* cached
-	* creatures
+	* Monsters
 * moved pages to Twig:
  * experience stages
 * update player_deaths entries on name change
--- a/CONTRIBUTORS.txt
+++ b/CONTRIBUTORS.txt
@@ -8,7 +8,11 @@ Fernando Matos <fernando@pixele.com.br>
 Lee <42119604+Leesneaks@users.noreply.github.com>
 caio <caio.zucoli@gmail.com>
 slawkens <slawkens@gmail.com>
-tobi132 <52947952+tobi132@users.noreply.github.com>
+tobi132 <tobi132@gmx.net>
 vankk <nwtr.otland@hotmail.com>
 whiteblXK <krzys16001@gmail.com>
 xitobuh <jonas.hockert92@gmail.com>
 Danilo Pucci <dnlps@hotmail.com>
 gpedro <gpedro831@gmail.com>
 Matheus Collier <matheuscollier@gmail.com>
 SRNT-GG <95472530+SRNT-GG@users.noreply.github.com>
--- a/README.md
+++ b/README.md
@@ -10,21 +10,20 @@ Official website: https://my-aac.org
 [![OpenTibia Discord](https://img.shields.io/discord/288399552581468162)](https://discord.gg/2J39Wus)
 [![Closed Issues](https://img.shields.io/github/issues-closed-raw/slawkens/myaac)](https://github.com/slawkens/myaac/issues?q=is%3Aissue+is%3Aclosed)
-| Version    | Status                                    | Branch  | Requirements   |
+| Version | Status                 | Branch  | Requirements   |
-|:-----------|:------------------------------------------|:--------|:---------------|
+|:--------|:-----------------------|:--------|:---------------|
-| **0.10.x** | **Active development**                    | develop | **PHP >= 8.0** |
+| **1.x** | **Active development** | develop | **PHP >= 8.1** |
-| 0.9.x      | Active support                            | 0.9     | PHP >= 7.2.5   |
+| 0.9.x   | Not developed anymore  | 0.9     | PHP >= 7.2.5   |
-| 0.8.x      | Active support                            | master  | PHP >= 7.2.5   |
+| 0.8.x   | Active support         | master  | PHP >= 7.2.5   |
-| 0.7.x      | End Of Life                               | 0.7     | PHP >= 5.3.3   |
+| 0.7.x   | End Of Life            | 0.7     | PHP >= 5.3.3   |
 ### Requirements
 	- PHP 8.0 or later
 	- MySQL database
-	- PDO PHP Extension
+	- PHP Extensions: pdo, xml, json
-	- XML PHP Extension
+	- (optional) apache2 mod_rewrite (to use friendly_urls)
-	- (optional) ZIP PHP Extension
+	- (optional) zip PHP Extension (to install plugins)
-	- (optional) mod_rewrite to use friendly_urls
+	- (optional) gd PHP Extension (for generating signature images)
 ### Installation
@@ -48,7 +47,8 @@ Official website: https://my-aac.org
 ### Configuration
-Check *config.php* to get more informations.
+Check *config.php* to get more informations. (Notice: MyAAC 1.0+ doesn't use config.php anymore, it has been moved to Admin Panel - Settings page).
 Use *config.local.php* for your local configuration changes.
 ### Branches
--- a/40
+++ b/40
@@ -0,0 +1,40 @@
 #!/usr/bin/env php
 <?php
 require_once __DIR__ . '/common.php';
 if(!IS_CLI) {
 	echo 'This script can be run only in command line mode.';
 	exit(1);
 }
 require_once SYSTEM . 'functions.php';
 require_once SYSTEM . 'init.php';
 define('SELF_NAME', basename(__FILE__));
 use MyAAC\Plugins;
 use Symfony\Component\Console\Application;
 $application = new Application();
 $commandsGlob = glob(SYSTEM . 'src/Commands/*.php');
 foreach ($commandsGlob as $item) {
 	$name = pathinfo($item, PATHINFO_FILENAME);
 	if ($name == 'Command') { // ignore base Command class
 		continue;
 	}
 	$commandPre = '\\MyAAC\Commands\\';
 	$application->add(new ($commandPre . $name));
 }
 $pluginCommands = Plugins::getCommands();
 foreach ($pluginCommands as $item) {
 	$application->add(require $item);
 }
 $application->setName('MyAAC');
 $application->setVersion(MYAAC_VERSION);
 $application->run();
--- a/admin/includes/settings_menus.php
+++ b/admin/includes/settings_menus.php
@@ -1,5 +1,7 @@
 <?php
 use MyAAC\Plugins;
 $order = 10;
 $settingsMenu = [];
--- a/admin/index.php
+++ b/admin/index.php
@@ -25,11 +25,6 @@ define('PAGE', $page);
 require SYSTEM . 'functions.php';
 require SYSTEM . 'init.php';
 // verify myaac tables exists in database
 if(!$db->hasTable('myaac_account_actions')) {
 	throw new RuntimeException('Seems that the table <strong>myaac_account_actions</strong> of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting <a href="' . BASE_URL . 'install">this</a> url.');
 }
 require __DIR__ . '/includes/debugbar.php';
 require SYSTEM . 'status.php';
 require SYSTEM . 'login.php';
@@ -50,7 +45,7 @@ if(!$logged || !admin()) {
 // include our page
 $file = __DIR__ . '/pages/' . $page . '.php';
 if(!@file_exists($file)) {
-	if (strpos($page, 'plugins/') !== false) {
+	if (str_contains($page, 'plugins/')) {
 		$file = BASE . $page;
 	}
 	else {
--- a/admin/pages/accounts.php
+++ b/admin/pages/accounts.php
@@ -291,7 +291,7 @@ else if (isset($_REQUEST['search'])) {
 				<div class="card-body">
 					<div class="tab-content" id="accounts-tabContent">
 						<div class="tab-pane fade active show" id="accounts-acc">
-							<form action="<?php echo $admin_base . ((isset($id) && $id > 0) ? '&id=' . $id : ''); ?>" method="post">
+							<form action="<?php echo $admin_base . ($id > 0 ? '&id=' . $id : ''); ?>" method="post">
 								<?php csrf(); ?>
 								<div class="form-group row">
 									<?php if (USE_ACCOUNT_NAME): ?>
@@ -404,6 +404,7 @@ else if (isset($_REQUEST['search'])) {
 											   autocomplete="off" maxlength="20"
 											   value="<?php echo $account->getLocation(); ?>"/>
 									</div>
 									<?php if(setting('core.account_country')): ?>
 									<div class="col-12 col-sm-12 col-lg-4">
 										<label for="rl_country">Country:</label>
 										<select name="rl_country" id="rl_country" class="form-control">
@@ -412,6 +413,7 @@ else if (isset($_REQUEST['search'])) {
 											<?php endforeach; ?>
 										</select>
 									</div>
 									<?php endif; ?>
 								</div>
 								<div class="form-group row">
 									<div class="col-12 col-sm-12 col-lg-6">
--- a/admin/pages/changelog.php
+++ b/admin/pages/changelog.php
@@ -9,6 +9,7 @@
 * @link      https://my-aac.org
 */
 use MyAAC\Changelog;
 use MyAAC\Models\Changelog as ModelsChangelog;
 defined('MYAAC') or die('Direct access not allowed!');
@@ -26,9 +27,8 @@ $use_datatable = true;
 const CL_LIMIT = 600; // maximum changelog body length
 $id = $_GET['id'] ?? 0;
 require_once LIBS . 'changelog.php';
-if(!empty($action))
+if(!empty($action) && isRequestMethod('post'))
 {
 	$id = $_POST['id'] ?? null;
 	$body = isset($_POST['body']) ? stripslashes($_POST['body']) : null;
@@ -73,7 +73,7 @@ if(!empty($action))
 		}
 	}
 	else if($action == 'hide') {
-		if (Changelog::toggleHidden($id, $errors, $status)) {
+		if (Changelog::toggleHide($id, $errors, $status)) {
 			success(($status == 1 ? 'Hide' : 'Show') . ' successful.');
 		}
 	}
--- a/admin/pages/mass_account.php
+++ b/admin/pages/mass_account.php
@@ -162,9 +162,9 @@ function admin_give_premdays($days)
 	displayMessage('Premium Days not supported.');
 }
-if (isset($_POST['action']) && $_POST['action']) {
+if (!empty(ACTION) && isRequestMethod('post')) {
-	$action = $_POST['action'];
+	$action = ACTION;
 	if (preg_match("/[^A-z0-9_\-]/", $action)) {
 		displayMessage('Invalid action.');
--- a/admin/pages/mass_teleport.php
+++ b/admin/pages/mass_teleport.php
@@ -40,9 +40,9 @@ function admin_teleport_town($town_id) {
 	displayMessage('Player\'s town updated.', true);
 }
-if (isset($_POST['action']) && $_POST['action'])    {
+if (!empty(ACTION) && isRequestMethod('post'))    {
-	$action = $_POST['action'];
+	$action = ACTION;
 	if (preg_match("/[^A-z0-9_\-]/", $action)) {
 		displayMessage('Invalid action.');
--- a/admin/pages/menus.php
+++ b/admin/pages/menus.php
@@ -8,6 +8,7 @@
 * @link      https://my-aac.org
 */
 use MyAAC\Cache\Cache;
 use MyAAC\Models\Menu;
 defined('MYAAC') or die('Direct access not allowed!');
--- a/admin/pages/news.php
+++ b/admin/pages/news.php
@@ -7,6 +7,10 @@
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 use MyAAC\Forum;
 use MyAAC\News;
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'News Panel';
@@ -15,9 +19,6 @@ csrfProtect();
 $use_datatable = true;
 require_once LIBS . 'forum.php';
 require_once LIBS . 'news.php';
 if (!hasFlag(FLAG_CONTENT_PAGES) && !superAdmin()) {
 	echo 'Access denied.';
 	return;
@@ -46,53 +47,50 @@ if(!empty($action))
 	$forum_section = $_POST['forum_section'] ?? null;
 	$errors = [];
-	if($action == 'new') {
+	if (isRequestMethod('post')) {
-		if(isset($forum_section) && $forum_section != '-1') {
+		if ($action == 'new') {
-			$forum_add = Forum::add_thread($p_title, $body, $forum_section, $player_id, $account_logged->getId(), $errors);
+			if (isset($forum_section) && $forum_section != '-1') {
-		}
+				$forum_add = Forum::add_thread($p_title, $body, $forum_section, $player_id, $account_logged->getId(), $errors);
 			}
-		if(isset($p_title) && News::add($p_title, $body, $type, $category, $player_id, isset($forum_add) && $forum_add != 0 ? $forum_add : 0, $article_text, $article_image, $errors)) {
+			if (isset($p_title) && News::add($p_title, $body, $type, $category, $player_id, isset($forum_add) && $forum_add != 0 ? $forum_add : 0, $article_text, $article_image, $errors)) {
-			$p_title = $body = $comments = $article_text = $article_image = '';
+				$p_title = $body = $comments = $article_text = $article_image = '';
 			$type = $category = $player_id = 0;
 			success('Added successful.');
 		}
 	}
 	else if($action == 'delete') {
 		if (News::delete($id, $errors)) {
 			success('Deleted successful.');
 		}
 	}
 	else if($action == 'edit')
 	{
 		if(isset($id) && !isset($p_title)) {
 			$news = News::get($id);
 			$p_title = $news['title'];
 			$body = $news['body'];
 			$comments = $news['comments'];
 			$type = $news['type'];
 			$category = $news['category'];
 			$player_id = $news['player_id'];
 			$article_text = $news['article_text'];
 			$article_image = $news['article_image'];
 		}
 		else {
 			if(News::update($id, $p_title, $body, $type, $category, $player_id, $forum_section, $article_text, $article_image, $errors)) {
 				// update forum thread if exists
 				if(isset($forum_section) && Validator::number($forum_section)) {
 					$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `author_guid` = ".(int) $player_id.", `post_text` = ".$db->quote($body).", `post_topic` = ".$db->quote($p_title).", `edit_date` = " . time() . " WHERE `id` = " . $db->quote($forum_section));
 				}
 				$action = $p_title = $body = $comments = $article_text = $article_image = '';
 				$type = $category = $player_id = 0;
-				success('Updated successful.');
+				success('Added successful.');
 			}
 		} else if ($action == 'delete') {
 			if (News::delete($id, $errors)) {
 				success('Deleted successful.');
 			}
 		} else if ($action == 'edit') {
 			if (isset($id) && !isset($p_title)) {
 				$news = News::get($id);
 				$p_title = $news['title'];
 				$body = $news['body'];
 				$comments = $news['comments'];
 				$type = $news['type'];
 				$category = $news['category'];
 				$player_id = $news['player_id'];
 				$article_text = $news['article_text'];
 				$article_image = $news['article_image'];
 			} else {
 				if (News::update($id, $p_title, $body, $type, $category, $player_id, $forum_section, $article_text, $article_image, $errors)) {
 					// update forum thread if exists
 					if (isset($forum_section) && Validator::number($forum_section)) {
 						$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `author_guid` = " . (int)$player_id . ", `post_text` = " . $db->quote($body) . ", `post_topic` = " . $db->quote($p_title) . ", `edit_date` = " . time() . " WHERE `id` = " . $db->quote($forum_section));
 					}
 					$action = $p_title = $body = $comments = $article_text = $article_image = '';
 					$type = $category = $player_id = 0;
 					success('Updated successful.');
 				}
 			}
 		} else if ($action == 'hide') {
 			if (News::toggleHide($id, $errors, $status)) {
 				success(($status == 1 ? 'Hide' : 'Show') . ' successful.');
 			}
 		}
 	}
 	else if($action == 'hide') {
 		if (News::toggleHidden($id, $errors, $status)) {
 			success(($status == 1 ? 'Hide' : 'Show') . ' successful.');
 		}
 	}
@@ -101,7 +99,7 @@ if(!empty($action))
 }
 $categories = array();
-foreach($db->query('SELECT `id`, `name`, `icon_id` FROM `' . TABLE_PREFIX . 'news_categories` WHERE `hidden` != 1') as $cat)
+foreach($db->query('SELECT `id`, `name`, `icon_id` FROM `' . TABLE_PREFIX . 'news_categories` WHERE `hide` != 1') as $cat)
 {
 	$categories[$cat['id']] = array(
 		'name' => $cat['name'],
@@ -144,12 +142,12 @@ foreach ($query as $_news) {
 	$newses[$_news['type']][] = array(
 		'id' => $_news['id'],
-		'hidden' => $_news['hidden'],
+		'hide' => $_news['hide'],
 		'archive_link' => getLink('news') . '/archive/' . $_news['id'],
 		'title' => $_news['title'],
 		'date' => $_news['date'],
-		'player_name' => isset($_player) && $_player->isLoaded() ? $_player->getName() : '',
+		'player_name' => $_player->isLoaded() ? $_player->getName() : '',
-		'player_link' => isset($_player) && $_player->isLoaded() ? getPlayerLink($_player->getName(), false) : '',
+		'player_link' => $_player->isLoaded() ? getPlayerLink($_player->getName(), false) : '',
 	);
 }
--- a/admin/pages/notepad.php
+++ b/admin/pages/notepad.php
@@ -16,7 +16,7 @@ $title = 'Notepad';
 csrfProtect();
 /**
- * @var $account_logged OTS_Account
+ * @var OTS_Account $account_logged
 */
 $_content = '';
 $notepad = ModelsNotepad::where('account_id', $account_logged->getId())->first();
--- a/admin/pages/pages.php
+++ b/admin/pages/pages.php
@@ -36,7 +36,7 @@ const PAGE_TITLE_LIMIT = 30;
 const PAGE_NAME_LIMIT = 30;
 const PAGE_BODY_LIMIT = 65535; // maximum page body length
-if (!empty($action)) {
+if (!empty($action) && isRequestMethod('post')) {
 	if ($action == 'delete' || $action == 'edit' || $action == 'hide') {
 		$id = $_POST['id'];
 	}
@@ -97,7 +97,7 @@ if (!empty($action)) {
 			}
 		}
 	} else if ($action == 'hide') {
-		if (Pages::toggleHidden($id, $errors, $status)) {
+		if (Pages::toggleHide($id, $errors, $status)) {
 			success(($status == 0 ? 'Show' : 'Hide') . ' successful.');
 		}
 	}
@@ -112,7 +112,7 @@ $pages = ModelsPages::all()->map(function ($e) {
 		'title' => substr($e->title, 0, 20),
 		'php' => $e->php == '1',
 		'id' => $e->id,
-		'hidden' => $e->hidden
+		'hide' => $e->hide
 	];
 })->toArray();
--- a/admin/pages/players.php
+++ b/admin/pages/players.php
@@ -8,6 +8,7 @@
 * @link      https://my-aac.org
 */
 use MyAAC\Forum;
 use MyAAC\Models\Player;
 defined('MYAAC') or die('Direct access not allowed!');
@@ -19,7 +20,6 @@ csrfProtect();
 $player_base = ADMIN_URL . '?p=players';
 $use_datatable = true;
 require_once LIBS . 'forum.php';
 $skills = array(
 	POT::SKILL_FIST => array('Fist fighting', 'fist'),
@@ -202,7 +202,7 @@ else if (isset($_REQUEST['search'])) {
 			if ($hasBlessingsColumn) {
 				$blessings = $_POST['blessings'];
-				verify_number($blessings, 'Blessings', 2);
+				verify_number($blessings, 'Blessings', 3);
 			}
 			$balance = $_POST['balance'];
@@ -213,7 +213,7 @@ else if (isset($_REQUEST['search'])) {
 			}
 			$deleted = (isset($_POST['deleted']) && $_POST['deleted'] == 'true');
-			$hidden = (isset($_POST['hidden']) && $_POST['hidden'] == 'true');
+			$hide = (isset($_POST['hide']) && $_POST['hide'] == 'true');
 			$created = strtotime($_POST['created']);
 			verify_number($created, 'Created', 11);
@@ -274,7 +274,7 @@ else if (isset($_REQUEST['search'])) {
 					$player->setLossContainers($loss_containers);
 					$player->setLossItems($loss_items);
 				}
-				if ($db->hasColumn('players', 'blessings'))
+				if ($hasBlessingsColumn)
 					$player->setBlessings($blessings);
 				if ($hasBlessingColumn) {
@@ -290,7 +290,7 @@ else if (isset($_REQUEST['search'])) {
 					$player->setCustomField('deletion', $deleted ? '1' : '0');
 				else
 					$player->setCustomField('deleted', $deleted ? '1' : '0');
-				$player->setCustomField('hidden', $hidden ? '1' : '0');
+				$player->setCustomField('hide', $hide ? '1' : '0');
 				$player->setCustomField('created', $created);
 				if (isset($comment))
 					$player->setCustomField('comment', $comment);
@@ -375,7 +375,7 @@ else if (isset($_REQUEST['search'])) {
 						</li>
 					</ul>
 				</div>
-				<form action="<?php echo $player_base . ((isset($id) && $id > 0) ? '&id=' . $id : ''); ?>" method="post">
+				<form action="<?php echo $player_base . ($id > 0 ? '&id=' . $id : ''); ?>" method="post">
 					<?php csrf(); ?>
 					<div class="card-body">
 						<div class="tab-content" id="tabs-tabContent">
@@ -485,8 +485,8 @@ else if (isset($_REQUEST['search'])) {
 									</div>
 									<div class="col-12 col-sm-12 col-lg-6">
 										<div class="custom-control custom-switch custom-switch-on-success">
-											<input type="checkbox" class="custom-control-input" name="hidden" id="hidden" value="true" <?php echo($player->isHidden() ? ' checked' : ''); ?>>
+											<input type="checkbox" class="custom-control-input" name="hide" id="hide" value="true" <?php echo($player->isHidden() ? ' checked' : ''); ?>>
-											<label class="custom-control-label" for="hidden">Hidden</label>
+											<label class="custom-control-label" for="hide">Hidden</label>
 										</div>
 									</div>
 								</div>
--- a/admin/pages/plugins.php
+++ b/admin/pages/plugins.php
@@ -7,6 +7,9 @@
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 use MyAAC\Plugins;
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Plugin manager';
@@ -14,8 +17,6 @@ csrfProtect();
 $use_datatable = true;
 require_once LIBS . 'plugins.php';
 if (!getBoolean(setting('core.admin_plugins_manage_enable'))) {
 	warning('Plugin installation and management is disabled in Settings.<br/>If you wish to enable, go to Settings and enable <strong>Enable Plugins Manage</strong>.');
 }
--- a/admin/pages/settings.php
+++ b/admin/pages/settings.php
@@ -7,6 +7,10 @@
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 use MyAAC\Plugins;
 use MyAAC\Settings;
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Settings';
@@ -44,7 +48,7 @@ if (!is_array($settingsFile)) {
 $settingsKeyName = ($plugin == 'core' ? $plugin : $settingsFile['key']);
-$title = ($plugin == 'core' ? 'Settings' : 'Plugin Settings - ' . $plugin);
+$title = ($plugin == 'core' ? 'Settings' : 'Plugin Settings - ' . $settingsFile['name']);
 $settingsParsed = Settings::display($settingsKeyName, $settingsFile['settings']);
--- a/admin/pages/visitors.php
+++ b/admin/pages/visitors.php
@@ -12,6 +12,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 use DeviceDetector\DeviceDetector;
 use DeviceDetector\Parser\Client\Browser;
 use DeviceDetector\Parser\OperatingSystem;
 use MyAAC\Visitors;
 $title = 'Visitors';
 $use_datatable = true;
@@ -24,7 +25,6 @@ if (!setting('core.visitors_counter')): ?>
 	return;
 endif;
 require SYSTEM . 'libs/visitors.php';
 $visitors = new Visitors(setting('core.visitors_counter_ttl'));
 function compare($a, $b): int {
--- a/admin/template/menus.php
+++ b/admin/template/menus.php
@@ -1,6 +1,6 @@
 <?php
-return [
+$menus = [
 	['name' => 'Dashboard', 'icon' => 'tachometer-alt', 'order' => 10, 'link' => 'dashboard'],
 	['name' => 'Settings', 'icon' => 'edit', 'order' => 19, 'link' =>
 		require ADMIN . 'includes/settings_menus.php'
--- a/admin/template/style.css
+++ b/admin/template/style.css
@@ -7,4 +7,9 @@
 .sidebar-mini.sidebar-collapse .menu-text {
 	display: none;
-}
+}
 .myaac-table tbody tr:nth-child(even) {background: #FFF} /* light border */
 .myaac-table tbody tr:nth-child(odd) {background: #CCC} /* dark border */
 .myaac-table thead td {background: #000000; color: #ffffff !important;} /* vdark border */
 .myaac-table tfoot td {background: #000000; color: #ffffff !important;} /* vdark border */
--- a/admin/template/template.php
+++ b/admin/template/template.php
@@ -191,8 +191,8 @@ if ($logged && admin()) {
 	]);
 }
 ?>
-<script src="<?php echo BASE_URL; ?>tools/js/bootstrap.min.js"></script>
+<script src="<?php echo BASE_URL; ?>tools/ext/bootstrap/js/bootstrap.min.js"></script>
-<script src="<?php echo BASE_URL; ?>tools/js/jquery-ui.min.js"></script>
+<script src="<?php echo BASE_URL; ?>tools/ext/jquery-ui/jquery-ui.min.js"></script>
 <?php if (isset($use_datatable))  { ?>
 <script src="<?php echo BASE_URL; ?>tools/js/datatables.min.js"></script>
 <script src="<?php echo BASE_URL; ?>tools/js/datatables.bs.min.js"></script>
--- a/admin/tools/reload_data.php
+++ b/admin/tools/reload_data.php
@@ -22,7 +22,10 @@
 * @copyright 2020 MyAAC
 * @link      https://my-aac.org
 */
-define('MYAAC_ADMIN', true);
+
 use MyAAC\DataLoader;
 const MYAAC_ADMIN = true;
 require '../../common.php';
 require SYSTEM . 'functions.php';
@@ -34,11 +37,9 @@ if (!admin())
 ini_set('max_execution_time', 300);
 ob_implicit_flush();
-ob_end_flush();
+@ob_end_flush();
 header('X-Accel-Buffering: no');
 require LIBS . 'DataLoader.php';
 require LOCALE . 'en/main.php';
 require LOCALE . 'en/install.php';
--- a/admin/tools/settings_save.php
+++ b/admin/tools/settings_save.php
@@ -1,4 +1,8 @@
 <?php
 use MyAAC\Hooks;
 use MyAAC\Settings;
 const MYAAC_ADMIN = true;
 require '../../common.php';
@@ -6,11 +10,6 @@ require SYSTEM . 'functions.php';
 require SYSTEM . 'init.php';
 require SYSTEM . 'login.php';
 // event system
 require_once SYSTEM . 'hooks.php';
 $hooks = new Hooks();
 $hooks->load();
 if(!admin()) {
 	http_response_code(500);
 	die('Access denied.');
--- a/common.php
+++ b/common.php
@@ -20,14 +20,14 @@
 *
 * @package   MyAAC
 * @author    Slawkens <slawkens@gmail.com>
- * @copyright 2019 MyAAC
+ * @copyright 2024 MyAAC
 * @link      https://my-aac.org
 */
-if (version_compare(phpversion(), '8.0', '<')) die('PHP version 8.0 or higher is required.');
+if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 const MYAAC = true;
-const MYAAC_VERSION = '1.0-dev';
+const MYAAC_VERSION = '1.0-RC';
-const DATABASE_VERSION = 38;
+const DATABASE_VERSION = 40;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
 define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));
@@ -156,7 +156,7 @@ if (file_exists(BASE . 'config.local.php')) {
 /** @var array $config */
 ini_set('log_errors', 1);
-if(@$config['env'] === 'dev') {
+if(@$config['env'] === 'dev' || defined('MYAAC_INSTALL')) {
 	ini_set('display_errors', 1);
 	ini_set('display_startup_errors', 1);
 	error_reporting(E_ALL);
--- a/composer.json
+++ b/composer.json
@@ -13,15 +13,20 @@
        "nikic/fast-route": "^1.3",
        "matomo/device-detector": "^6.0",
        "illuminate/database": "^10.18",
-        "peppeocchi/php-cron-scheduler": "4.*"
+        "peppeocchi/php-cron-scheduler": "4.*",
-    },
+        "symfony/console": "^6.4",
-    "require-dev": {
+        "symfony/string": "^6.4",
        "symfony/var-dumper": "^6.4",
        "filp/whoops": "^2.15",
        "maximebf/debugbar": "dev-master"
    },
    "require-dev": {
        "phpstan/phpstan": "^1.10"
    },
    "autoload": {
        "psr-4": {
            "MyAAC\\": "system/src"
-        }
+        },
        "files": ["system/src/global.php"]
    }
 }
--- a/composer.lock
+++ b/composer.lock
--- a/cypress/e2e/1-install.cy.js
+++ b/cypress/e2e/1-install.cy.js
@@ -38,7 +38,6 @@ describe('Install MyAAC', () => {
 		cy.contains('Basic configuration');
 		cy.get('#vars_server_path').click().clear().type(Cypress.env('SERVER_PATH'))
 		cy.get('#vars_mail_admin').click().clear().type('noone@example.net')
 		cy.get('[type="checkbox"]').uncheck() // usage statistics uncheck
@@ -68,7 +67,9 @@ describe('Install MyAAC', () => {
 		cy.get('form').submit()
-		cy.contains('[class="alert alert-success"]', 'Congratulations', { timeout: 30000 }).should('be.visible')
+		cy.contains('[class="alert alert-success"]', 'Congratulations', { timeout: 60000 }).should('be.visible')
 		cy.wait(2000);
 		cy.screenshot('install-finish')
 	})
--- a/cypress/e2e/3-check-public-pages.cy.js
+++ b/cypress/e2e/3-check-public-pages.cy.js
@@ -82,7 +82,7 @@ describe('Check Public Pages', () => {
 	it('Go to last kills page', () => {
 		cy.visit({
-			url: Cypress.env('URL') + '/lastkills',
+			url: Cypress.env('URL') + '/last-kills',
 			method: 'GET',
 		})
 	})
@@ -132,7 +132,7 @@ describe('Check Public Pages', () => {
 	it('Go to server info page', () => {
 		cy.visit({
-			url: Cypress.env('URL') + '/serverInfo',
+			url: Cypress.env('URL') + '/server-info',
 			method: 'GET',
 		})
 	})
@@ -160,7 +160,7 @@ describe('Check Public Pages', () => {
 	it('Go to experience table page', () => {
 		cy.visit({
-			url: Cypress.env('URL') + '/experienceTable',
+			url: Cypress.env('URL') + '/exp-table',
 			method: 'GET',
 		})
 	})
--- a/index.php
+++ b/index.php
@@ -24,6 +24,9 @@
 * @link      https://my-aac.org
 */
 use MyAAC\UsageStatistics;
 use MyAAC\Visitors;
 require_once 'common.php';
 require_once SYSTEM . 'functions.php';
@@ -59,18 +62,13 @@ if(preg_match("/^(.*)\.(gif|jpg|png|jpeg|tiff|bmp|css|js|less|map|html|zip|rar|g
 if((!isset($config['installed']) || !$config['installed']) && file_exists(BASE . 'install'))
 {
 	header('Location: ' . BASE_URL . 'install/');
-	throw new RuntimeException('Setup detected that <b>install/</b> directory exists. Please visit <a href="' . BASE_URL . 'install">this</a> url to start MyAAC Installation.<br/>Delete <b>install/</b> directory if you already installed MyAAC.<br/>Remember to REFRESH this page when you\'re done!');
+	exit();
 }
 $template_place_holders = array();
 require_once SYSTEM . 'init.php';
 // verify myaac tables exists in database
 if(!$db->hasTable('myaac_account_actions')) {
 	throw new RuntimeException('Seems that the table <strong>myaac_account_actions</strong> of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting <a href="' . BASE_URL . 'install">this</a> url.');
 }
 require_once SYSTEM . 'template.php';
 require_once SYSTEM . 'login.php';
 require_once SYSTEM . 'status.php';
@@ -78,53 +76,6 @@ require_once SYSTEM . 'status.php';
 $twig->addGlobal('config', $config);
 $twig->addGlobal('status', $status);
 require_once SYSTEM . 'router.php';
 $hooks->trigger(HOOK_STARTUP);
 // anonymous usage statistics
 // sent only when user agrees
 if(setting('core.anonymous_usage_statistics')) {
 	$report_time = 30 * 24 * 60 * 60; // report one time per 30 days
 	$should_report = true;
 	$value = '';
 	if($cache->enabled() && $cache->fetch('last_usage_report', $value)) {
 		$should_report = time() > (int)$value + $report_time;
 	}
 	else {
 		$value = '';
 		if(fetchDatabaseConfig('last_usage_report', $value)) {
 			$should_report = time() > (int)$value + $report_time;
 			if($cache->enabled()) {
 				$cache->set('last_usage_report', $value);
 			}
 		}
 		else {
 			registerDatabaseConfig('last_usage_report', time() - ($report_time - (7 * 24 * 60 * 60))); // first report after a week
 			$should_report = false;
 		}
 	}
 	if($should_report) {
 		require_once LIBS . 'usage_statistics.php';
 		Usage_Statistics::report();
 		updateDatabaseConfig('last_usage_report', time());
 		if($cache->enabled()) {
 			$cache->set('last_usage_report', time());
 		}
 	}
 }
 if(setting('core.views_counter'))
 	require_once SYSTEM . 'counter.php';
 if(setting('core.visitors_counter')) {
 	require_once SYSTEM . 'libs/visitors.php';
 	$visitors = new Visitors(setting('core.visitors_counter_ttl'));
 }
 // backward support for gesior
 if(setting('core.backward_support')) {
 	define('INITIALIZED', true);
@@ -164,6 +115,51 @@ if(setting('core.backward_support')) {
 		$config['status']['serverStatus_' . $key] = $value;
 }
 require_once SYSTEM . 'router.php';
 $hooks->trigger(HOOK_STARTUP);
 // anonymous usage statistics
 // sent only when user agrees
 if(setting('core.anonymous_usage_statistics')) {
 	$report_time = 30 * 24 * 60 * 60; // report one time per 30 days
 	$should_report = true;
 	$value = '';
 	if($cache->enabled() && $cache->fetch('last_usage_report', $value)) {
 		$should_report = time() > (int)$value + $report_time;
 	}
 	else {
 		$value = '';
 		if(fetchDatabaseConfig('last_usage_report', $value)) {
 			$should_report = time() > (int)$value + $report_time;
 			if($cache->enabled()) {
 				$cache->set('last_usage_report', $value);
 			}
 		}
 		else {
 			registerDatabaseConfig('last_usage_report', time() - ($report_time - (7 * 24 * 60 * 60))); // first report after a week
 			$should_report = false;
 		}
 	}
 	if($should_report) {
 		UsageStatistics::report();
 		updateDatabaseConfig('last_usage_report', time());
 		if($cache->enabled()) {
 			$cache->set('last_usage_report', time());
 		}
 	}
 }
 if(setting('core.views_counter'))
 	require_once SYSTEM . 'counter.php';
 if(setting('core.visitors_counter')) {
 	$visitors = new Visitors(setting('core.visitors_counter_ttl'));
 }
 /**
 * @var OTS_Account $account_logged
 */
--- a/install/includes/functions.php
+++ b/install/includes/functions.php
@@ -11,13 +11,13 @@ function query($query)
 		error($error_);
 		$error = true;
 	}
-	
+
 	return !$error;
 }
 // define php version id if its not already
 if(!defined('PHP_VERSION_ID')) {
-	$version = explode('.', PHP_VERSION);
+	$version = array_map('intval', explode('.', PHP_VERSION));
 	define('PHP_VERSION_ID', ($version[0] * 10000 + $version[1] * 100 + $version[2]));
 }
@@ -97,4 +97,4 @@ function win_is_writable($path) {
 		unlink($path);
 	return true;
-}
+}
--- a/install/includes/schema.sql
+++ b/install/includes/schema.sql
@@ -1,4 +1,4 @@
-SET @myaac_database_version = 36;
+SET @myaac_database_version = 40;
 CREATE TABLE `myaac_account_actions`
 (
@@ -44,11 +44,11 @@ CREATE TABLE `myaac_changelog`
 	`where` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - server, 2 - site',
 	`date` INT(11) NOT NULL DEFAULT 0,
 	`player_id` INT(11) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-INSERT INTO `myaac_changelog` (`id`, `type`, `where`, `date`, `body`, `hidden`) VALUES (1, 3, 2, UNIX_TIMESTAMP(), 'MyAAC installed. (:', 0);
+INSERT INTO `myaac_changelog` (`id`, `type`, `where`, `date`, `body`, `hide`) VALUES (1, 3, 2, UNIX_TIMESTAMP(), 'MyAAC installed. (:', 0);
 CREATE TABLE `myaac_config`
 (
@@ -67,7 +67,7 @@ CREATE TABLE `myaac_faq`
 	`question` VARCHAR(255) NOT NULL DEFAULT '',
 	`answer` VARCHAR(1020) NOT NULL DEFAULT '',
 	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
@@ -80,7 +80,7 @@ CREATE TABLE `myaac_forum_boards`
 	`guild` INT(11) NOT NULL DEFAULT 0,
 	`access` INT(11) NOT NULL DEFAULT 0,
 	`closed` TINYINT(1) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`, `closed`) VALUES (NULL, 'News', 'News commenting', 0, 1);
@@ -129,7 +129,7 @@ CREATE TABLE `myaac_menu`
 CREATE TABLE `myaac_monsters` (
 	`id` int(11) NOT NULL AUTO_INCREMENT,
-	`hidden` tinyint(1) NOT NULL default 0,
+	`hide` tinyint(1) NOT NULL default 0,
 	`name` varchar(255) NOT NULL,
 	`mana` int(11) NOT NULL DEFAULT 0,
 	`exp` int(11) NOT NULL,
@@ -174,7 +174,7 @@ CREATE TABLE `myaac_news`
 	`comments` VARCHAR(50) NOT NULL DEFAULT '',
 	`article_text` VARCHAR(300) NOT NULL DEFAULT '',
 	`article_image` VARCHAR(100) NOT NULL DEFAULT '',
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
@@ -184,7 +184,7 @@ CREATE TABLE `myaac_news_categories`
 	`name` VARCHAR(50) NOT NULL DEFAULT "",
 	`description` VARCHAR(50) NOT NULL DEFAULT "",
 	`icon_id` INT(2) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
@@ -215,7 +215,7 @@ CREATE TABLE `myaac_pages`
 	`php` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '0 - plain html, 1 - php',
 	`enable_tinymce` TINYINT(1) NOT NULL DEFAULT 1 COMMENT '1 - enabled, 0 - disabled',
 	`access` TINYINT(2) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
@@ -228,7 +228,7 @@ CREATE TABLE `myaac_gallery`
 	`thumb` VARCHAR(255) NOT NULL,
 	`author` VARCHAR(50) NOT NULL DEFAULT '',
 	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
@@ -262,7 +262,7 @@ CREATE TABLE `myaac_spells`
 	`item_id` INT(11) NOT NULL DEFAULT 0,
 	`premium` TINYINT(1) NOT NULL DEFAULT 0,
 	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
--- a/install/index.php
+++ b/install/index.php
@@ -3,16 +3,15 @@
 use Twig\Environment as Twig_Environment;
 use Twig\Loader\FilesystemLoader as Twig_FilesystemLoader;
-require '../common.php';
+const MYAAC_INSTALL = true;
-define('MYAAC_INSTALL', true);
+require '../common.php';
 // includes
 require SYSTEM . 'functions.php';
 require BASE . 'install/includes/functions.php';
 require BASE . 'install/includes/locale.php';
 require SYSTEM . 'clients.conf.php';
 require LIBS . 'Settings.php';
 // ignore undefined index from Twig autoloader
 $config['env'] = 'prod';
--- a/install/steps/3-requirements.php
+++ b/install/steps/3-requirements.php
@@ -2,10 +2,15 @@
 defined('MYAAC') or die('Direct access not allowed!');
 // configuration
-$dirs_required = [
+$dirs_required_writable = [
 	'system/logs',
 	'system/cache',
 ];
 $dirs_required = [
 	'tools/ext' => $locale['step_requirements_folder_not_exists_tools_ext'],
 ];
 $dirs_optional = [
 	GUILD_IMAGES_DIR => $locale['step_requirements_warning_images_guilds'],
 	GALLERY_DIR => $locale['step_requirements_warning_images_gallery'],
@@ -18,6 +23,7 @@ $extensions_optional = [
 	'gd' => $locale['step_requirements_warning_player_signatures'],
 	'zip' => $locale['step_requirements_warning_install_plugins'],
 ];
 /*
 *
 * @param string $name
@@ -41,7 +47,7 @@ $failed = false;
 // start validating
 version_check($locale['step_requirements_php_version'], (PHP_VERSION_ID >= 50500), PHP_VERSION);
-foreach ($dirs_required as $value)
+foreach ($dirs_required_writable as $value)
 {
 	$is_writable = is_writable(BASE . $value) && (MYAAC_OS != 'WINDOWS' || win_is_writable(BASE . $value));
 	version_check($locale['step_requirements_write_perms'] . ': ' . $value, $is_writable);
@@ -52,6 +58,12 @@ foreach ($dirs_optional as $dir => $errorMsg) {
 	version_check($locale['step_requirements_write_perms'] . ': ' . $dir, $is_writable, $is_writable ? '' : $errorMsg, true);
 }
 foreach ($dirs_required as $dir => $errorMsg)
 {
 	$exists = is_dir(BASE . $dir);
 	version_check($locale['step_requirements_folder_exists'] . ': ' . $dir, $exists, $exists ? '' : $errorMsg);
 }
 $ini_register_globals = ini_get_bool('register_globals');
 version_check('register_long_arrays', !$ini_register_globals, $ini_register_globals ? $locale['on'] : $locale['off']);
@@ -78,4 +90,3 @@ if($failed) {
 }
 echo '</div>';
 ?>
--- a/install/steps/5-database.php
+++ b/install/steps/5-database.php
@@ -1,4 +1,7 @@
 <?php
 use MyAAC\Settings;
 defined('MYAAC') or die('Direct access not allowed!');
 //ini_set('display_errors', false);
@@ -38,57 +41,56 @@ if(!$error) {
 	$configToSave['cache_engine'] = 'auto';
 	$configToSave['cache_prefix'] = 'myaac_' . generateRandomString(8, true, false, true);
 	require BASE . 'install/includes/config.php';
 	if(!$error) {
-		require BASE . 'install/includes/database.php';
+		$content = '';
 		$saved = Settings::saveConfig($configToSave, BASE . 'config.local.php', $content);
 		if ($saved) {
 			success($locale['step_database_config_saved']);
 			$_SESSION['saved'] = true;
-		$locale['step_database_importing'] = str_replace('$DATABASE_NAME$', config('database_name'), $locale['step_database_importing']);
+			require BASE . 'config.local.php';
-		success($locale['step_database_importing']);
+			require BASE . 'install/includes/config.php';
-		if(isset($database_error)) { // we failed connect to the database
+			if (!$error) {
-			error($database_error);
+				require BASE . 'install/includes/database.php';
 		}
 		else {
 			if(!$db->hasTable('accounts')) {
 				$tmp = str_replace('$TABLE$', 'accounts', $locale['step_database_error_table']);
 				error($tmp);
 				$error = true;
 			}
-			if(!$db->hasTable('players')) {
+				if (isset($database_error)) { // we failed connect to the database
-				$tmp = str_replace('$TABLE$', 'players', $locale['step_database_error_table']);
+					error($database_error);
 				error($tmp);
 				$error = true;
 			}
 			if(!$db->hasTable('guilds')) {
 				$tmp = str_replace('$TABLE$', 'guilds', $locale['step_database_error_table']);
 				error($tmp);
 				$error = true;
 			}
 			if(!$error) {
 				$twig->display('install.installer.html.twig', array(
 					'url' => 'tools/5-database.php',
 					'message' => $locale['loading_spinner']
 				));
 				$content = '';
 				$saved = Settings::saveConfig($configToSave, BASE . 'config.local.php', $content);
 				if($saved) {
 					success($locale['step_database_config_saved']);
 					$_SESSION['saved'] = true;
 				}
 				else {
-					$_SESSION['config_content'] = $content;
+					if (!$db->hasTable('accounts')) {
-					unset($_SESSION['saved']);
+						$tmp = str_replace('$TABLE$', 'accounts', $locale['step_database_error_table']);
 						error($tmp);
 						$error = true;
 					}
-					$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.php</b>', $locale['step_database_error_file']);
+					if (!$db->hasTable('players')) {
-					error($locale['step_database_error_file'] . '<br/>
+						$tmp = str_replace('$TABLE$', 'players', $locale['step_database_error_table']);
-						<textarea cols="70" rows="10">' . $content . '</textarea>');
+						error($tmp);
 						$error = true;
 					}
 					if (!$db->hasTable('guilds')) {
 						$tmp = str_replace('$TABLE$', 'guilds', $locale['step_database_error_table']);
 						error($tmp);
 						$error = true;
 					}
 					if (!$error) {
 						$twig->display('install.installer.html.twig', array(
 							'url' => 'tools/5-database.php',
 							'message' => $locale['loading_spinner']
 						));
 					}
 				}
 			}
 		} else {
 			$_SESSION['config_content'] = $content;
 			unset($_SESSION['saved']);
 			$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.php</b>', $locale['step_database_error_file']);
 			error($locale['step_database_error_file'] . '<br/>
 				<textarea cols="70" rows="10">' . $content . '</textarea>');
 		}
 	}
 }
--- a/install/steps/7-finish.php
+++ b/install/steps/7-finish.php
@@ -1,169 +1,203 @@
 <?php
 use MyAAC\Cache\Cache;
 use MyAAC\Models\News;
 use MyAAC\Settings;
 defined('MYAAC') or die('Direct access not allowed!');
 ini_set('max_execution_time', 300);
 if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
 	warning($locale['already_installed']);
 	return;
 }
 $cache = Cache::getInstance();
 if ($cache->enabled()) {
 	// clear plugin_hooks to have fresh hooks
 	$cache->delete('plugins_hooks');
 }
 require SYSTEM . 'init.php';
 if($error) {
 	return;
 }
 if(USE_ACCOUNT_NAME || USE_ACCOUNT_NUMBER)
 	$account = $_SESSION['var_account'] ?? null;
 else
 	$account_id = $_SESSION['var_account_id'] ?? null;
 $password = $_SESSION['var_password'];
 if(USE_ACCOUNT_SALT)
 {
 	$salt = generateRandomString(10, false, true, true);
 	$password = $salt . $password;
 }
 $account_db = new OTS_Account();
 if(isset($account))
 	$account_db->find($account);
 else
 	$account_db->load($account_id);
 $player_name = $_SESSION['var_player_name'];
 $player_db = new OTS_Player();
 $player_db->find($player_name);
 if(!$player_db->isLoaded())
 {
 	$player = new OTS_Player();
 	$player->setName($player_name);
 	$player_used = &$player;
 }
 else {
-	require SYSTEM . 'init.php';
+	$player_used = &$player_db;
-	if(!$error) {
+}
 		if(USE_ACCOUNT_NAME || USE_ACCOUNT_NUMBER)
 			$account = isset($_SESSION['var_account']) ? $_SESSION['var_account'] : null;
 		else
 			$account_id = isset($_SESSION['var_account_id']) ? $_SESSION['var_account_id'] : null;
-		$password = $_SESSION['var_password'];
+$groups = new OTS_Groups_List();
 $player_used->setGroupId($groups->getHighestId());
-		if(USE_ACCOUNT_SALT)
+$email = $_SESSION['var_email'];
-		{
+if($account_db->isLoaded()) {
-			$salt = generateRandomString(10, false, true, true);
+	$account_db->setPassword(encrypt($password));
-			$password = $salt . $password;
+	$account_db->setEMail($email);
 	$account_db->save();
 	$account_used = &$account_db;
 }
 else {
 	$new_account = new OTS_Account();
 	if(USE_ACCOUNT_NAME) {
 		$new_account->create($account);
 	}
 	else {
 		$new_account->create(null, $account_id);
 	}
 	$new_account->setPassword(encrypt($password));
 	$new_account->setEMail($email);
 	$new_account->save();
 	$new_account->setCustomField('created', time());
 	$new_account->logAction('Account created.');
 	$account_used = &$new_account;
 }
 if(USE_ACCOUNT_SALT)
 	$account_used->setCustomField('salt', $salt);
 $account_used->setCustomField('web_flags', FLAG_ADMIN + FLAG_SUPER_ADMIN);
 $account_used->setCustomField('country', 'us');
 $account_used->setCustomField('email_verified', 1);
 if($db->hasColumn('accounts', 'group_id'))
 	$account_used->setCustomField('group_id', $groups->getHighestId());
 if($db->hasColumn('accounts', 'type'))
 	$account_used->setCustomField('type', 6);
 if(!$player_db->isLoaded())
 	$player->setAccountId($account_used->getId());
 else
 	$player_db->setAccountId($account_used->getId());
 success($locale['step_database_created_account']);
 setSession('account', $account_used->getId());
 setSession('password', encrypt($password));
 setSession('remember_me', true);
 if($player_db->isLoaded()) {
 	$player_db->save();
 }
 else {
 	$player->save();
 }
 if(!News::all()->count()) {
 	$player_id = 0;
 	$tmpNewsPlayer = \MyAAC\Models\Player::where('name', $player_name)->first();
 	if($tmpNewsPlayer) {
 		$player_id = $tmpNewsPlayer->id;
 	}
 	News::create([
 		'type' => 1,
 		'date' => time(),
 		'category' => 2,
 		'title' => 'Hello!',
 		'body' => 'MyAAC is just READY to use!',
 		'player_id' => $player_id,
 		'comments' => 'https://my-aac.org',
 		'hide' => 0,
 	]);
 	News::create([
 		'type' => 2,
 		'date' => time(),
 		'category' => 4,
 		'title' => 'Hello tickers!',
 		'body' => 'https://my-aac.org',
 		'player_id' => $player_id,
 		'comments' => '',
 		'hide' => 0,
 	]);
 	success($locale['step_database_created_news']);
 }
 $settings = Settings::getInstance();
 foreach($_SESSION as $key => $value) {
 	if (in_array($key, ['var_usage', 'var_date_timezone', 'var_client'])) {
 		if ($key == 'var_usage') {
 			$key = 'anonymous_usage_statistics';
 			$value = ((int)$value == 1 ? 'true' : 'false');
 		} elseif ($key == 'var_date_timezone') {
 			$key = 'date_timezone';
 		} elseif ($key == 'var_client') {
 			$key = 'client';
 		}
-		$account_db = new OTS_Account();
+		$settings->updateInDatabase('core', $key, $value);
 		if(isset($account))
 			$account_db->find($account);
 		else
 			$account_db->load($account_id);
 		$player_name = $_SESSION['var_player_name'];
 		$player_db = new OTS_Player();
 		$player_db->find($player_name);
 		if(!$player_db->isLoaded())
 		{
 			$player = new OTS_Player();
 			$player->setName($player_name);
 			$player_used = &$player;
 		}
 		else {
 			$player_used = &$player_db;
 		}
 		$groups = new OTS_Groups_List();
 		$player_used->setGroupId($groups->getHighestId());
 		$email = $_SESSION['var_email'];
 		if($account_db->isLoaded()) {
 			$account_db->setPassword(encrypt($password));
 			$account_db->setEMail($email);
 			$account_db->save();
 			$account_used = &$account_db;
 		}
 		else {
 			$new_account = new OTS_Account();
 			if(USE_ACCOUNT_NAME) {
 				$new_account->create($account);
 			}
 			else {
 				$new_account->create(null, $account_id);
 			}
 			$new_account->setPassword(encrypt($password));
 			$new_account->setEMail($email);
 			$new_account->save();
 			$new_account->setCustomField('created', time());
 			$new_account->logAction('Account created.');
 			$account_used = &$new_account;
 		}
 		if(USE_ACCOUNT_SALT)
 			$account_used->setCustomField('salt', $salt);
 		$account_used->setCustomField('web_flags', FLAG_ADMIN + FLAG_SUPER_ADMIN);
 		$account_used->setCustomField('country', 'us');
 		if($db->hasColumn('accounts', 'group_id'))
 			$account_used->setCustomField('group_id', $groups->getHighestId());
 		if($db->hasColumn('accounts', 'type'))
 			$account_used->setCustomField('type', 6);
 		if(!$player_db->isLoaded())
 			$player->setAccountId($account_used->getId());
 		else
 			$player_db->setAccountId($account_used->getId());
 		success($locale['step_database_created_account']);
 		setSession('account', $account_used->getId());
 		setSession('password', encrypt($password));
 		setSession('remember_me', true);
 		if($player_db->isLoaded()) {
 			$player_db->save();
 		}
 		else {
 			$player->save();
 		}
 		$player_id = 0;
 		$query = $db->query("SELECT `id` FROM `players` WHERE `name` = " . $db->quote($player_name) . ";");
 		if($query->rowCount() == 1) {
 			$query = $query->fetch();
 			$player_id = $query['id'];
 		}
 		$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX ."news` WHERE `title` LIKE 'Hello!';");
 		if($query->rowCount() == 0) {
 			if(query("INSERT INTO `" . TABLE_PREFIX ."news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hidden`) VALUES (NULL, '1', UNIX_TIMESTAMP(), '2', 'Hello!', 'MyAAC is just READY to use!', " . $player_id . ", 'https://my-aac.org', '0');
 	INSERT INTO `myaac_news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hidden`) VALUES (NULL, '2', UNIX_TIMESTAMP(), '4', 'Hello tickets!', 'https://my-aac.org', " . $player_id . ", '', '0');")) {
 				success($locale['step_database_created_news']);
 			}
 		}
 		$settings = Settings::getInstance();
 		foreach($_SESSION as $key => $value) {
 			if (in_array($key, ['var_usage', 'var_date_timezone', 'var_client'])) {
 				if ($key == 'var_usage') {
 					$key = 'anonymous_usage_statistics';
 					$value = ((int)$value == 1 ? 'true' : 'false');
 				} elseif ($key == 'var_date_timezone') {
 					$key = 'date_timezone';
 				} elseif ($key == 'var_client') {
 					$key = 'client';
 				}
 				$settings->updateInDatabase('core', $key, $value);
 			}
 		}
 		success('Settings saved.');
 		$twig->display('install.installer.html.twig', array(
 			'url' => 'tools/7-finish.php',
 			'message' => $locale['importing_spinner']
 		));
 		if(!isset($_SESSION['installed'])) {
 			if (!array_key_exists('CI', getenv())) {
 				$report_url = 'https://my-aac.org/report_install.php?v=' . MYAAC_VERSION . '&b=' . urlencode(BASE_URL);
 				if (function_exists('curl_version'))
 				{
 					$curl = curl_init();
 					curl_setopt($curl, CURLOPT_URL, $report_url);
 					curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
 					curl_exec($curl);
 					curl_close($curl);
 				}
 				else if (ini_get('allow_url_fopen') ) {
 					file_get_contents($report_url);
 				}
 			}
 			$_SESSION['installed'] = true;
 		}
 		foreach($_SESSION as $key => $value) {
 			if(strpos($key, 'var_') !== false)
 				unset($_SESSION[$key]);
 		}
 		unset($_SESSION['saved']);
 		if(file_exists(CACHE . 'install.txt')) {
 			unlink(CACHE . 'install.txt');
 		}
 	}
 }
 success('Settings saved.');
 $twig->display('install.installer.html.twig', array(
 	'url' => 'tools/7-finish.php',
 	'message' => $locale['importing_spinner']
 ));
 if(!isset($_SESSION['installed'])) {
 	if (!array_key_exists('CI', getenv())) {
 		$report_url = 'https://my-aac.org/report_install.php?v=' . MYAAC_VERSION . '&b=' . urlencode(BASE_URL);
 		if (function_exists('curl_version'))
 		{
 			$curl = curl_init();
 			curl_setopt($curl, CURLOPT_URL, $report_url);
 			curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
 			curl_exec($curl);
 			curl_close($curl);
 		}
 		else if (ini_get('allow_url_fopen') ) {
 			file_get_contents($report_url);
 		}
 	}
 	$_SESSION['installed'] = true;
 }
 foreach($_SESSION as $key => $value) {
 	if(strpos($key, 'var_') !== false)
 		unset($_SESSION[$key]);
 }
 unset($_SESSION['saved']);
 if(file_exists(CACHE . 'install.txt')) {
 	unlink(CACHE . 'install.txt');
 }
 $hooks->trigger(HOOK_INSTALL_FINISH_END);
--- a/install/template/template.php
+++ b/install/template/template.php
@@ -6,7 +6,7 @@
 	<title>MyAAC - <?php echo $locale['installation']; ?></title>
 	<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-rbsA2VBKQhggwzxH7pPCaAqO46MgnOM80zW1RWuH61DGLwZJEdK2Kadq2F9CUG65" crossorigin="anonymous">
 	<link rel="stylesheet" type="text/css" href="template/style.css" />
-	<script type="text/javascript" src="<?php echo BASE_URL; ?>tools/js/jquery.min.js"></script>
+	<script type="text/javascript" src="<?php echo BASE_URL; ?>tools/ext/jquery/jquery.min.js"></script>
 </head>
 <body>
--- a/install/tools/5-database.php
+++ b/install/tools/5-database.php
@@ -11,8 +11,10 @@ $error = false;
 require BASE . 'install/includes/config.php';
 ini_set('max_execution_time', 300);
@ob_end_flush();
 ob_implicit_flush();
-ob_end_flush();
+
 header('X-Accel-Buffering: no');
 if(!$error) {
@@ -30,6 +32,9 @@ if($db->hasTable(TABLE_PREFIX . 'account_actions')) {
 else {
 	// import schema
 	try {
 		$locale['step_database_importing'] = str_replace('$DATABASE_NAME$', config('database_name'), $locale['step_database_importing']);
 		success($locale['step_database_importing']);
 		$db->query(file_get_contents(BASE . 'install/includes/schema.sql'));
 		$locale['step_database_success_schema'] = str_replace('$PREFIX$', TABLE_PREFIX, $locale['step_database_success_schema']);
@@ -136,73 +141,74 @@ if(!$db->hasColumn('accounts', 'premium_points')) {
 		success($locale['step_database_adding_field'] . ' accounts.premium_points...');
 }
-if($db->hasColumn('guilds', 'checkdata')) {
+if ($db->hasTable('guilds')) {
-	if(query("ALTER TABLE `guilds` MODIFY `checkdata` INT NOT NULL DEFAULT 0;"))
+	if ($db->hasColumn('guilds', 'checkdata')) {
-		success($locale['step_database_modifying_field'] . ' guilds.checkdata...');
+		if (query("ALTER TABLE `guilds` MODIFY `checkdata` INT NOT NULL DEFAULT 0;"))
-}
+			success($locale['step_database_modifying_field'] . ' guilds.checkdata...');
 if(!$db->hasColumn('guilds', 'motd')) {
 	if(query("ALTER TABLE `guilds` ADD `motd` VARCHAR(255) NOT NULL DEFAULT '';"))
 		success($locale['step_database_adding_field'] . ' guilds.motd...');
 }
 else {
 	if(query("ALTER TABLE `guilds` MODIFY `motd` VARCHAR(255) NOT NULL DEFAULT '';"))
 		success($locale['step_database_modifying_field'] . ' guilds.motd...');
 }
 if(!$db->hasColumn('guilds', 'description')) {
 	if(query("ALTER TABLE `guilds` ADD `description` TEXT NOT NULL;"))
 		success($locale['step_database_adding_field'] . ' guilds.description...');
 }
 if($db->hasColumn('guilds', 'logo_gfx_name')) {
 	if(query("ALTER TABLE `guilds` CHANGE `logo_gfx_name` `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';")) {
 		$tmp = str_replace('$FIELD$', 'guilds.logo_gfx_name', $locale['step_database_changing_field']);
 		$tmp = str_replace('$FIELD_NEW$', 'guilds.logo_name', $tmp);
 		success($tmp);
 	}
 }
 else if(!$db->hasColumn('guilds', 'logo_name')) {
 	if(query("ALTER TABLE `guilds` ADD `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';"))
 		success($locale['step_database_adding_field'] . ' guilds.logo_name...');
 }
-if(!$db->hasColumn('players', 'created')) {
+	if (!$db->hasColumn('guilds', 'motd')) {
-	if(query("ALTER TABLE `players` ADD `created` INT(11) NOT NULL DEFAULT 0;"))
+		if (query("ALTER TABLE `guilds` ADD `motd` VARCHAR(255) NOT NULL DEFAULT '';"))
-		success($locale['step_database_adding_field'] . ' players.created...');
+			success($locale['step_database_adding_field'] . ' guilds.motd...');
-}
+	} else {
 		if (query("ALTER TABLE `guilds` MODIFY `motd` VARCHAR(255) NOT NULL DEFAULT '';"))
 			success($locale['step_database_modifying_field'] . ' guilds.motd...');
 	}
-if(!$db->hasColumn('players', 'deleted') && !$db->hasColumn('players', 'deletion')) {
+	if (!$db->hasColumn('guilds', 'description')) {
-	if(query("ALTER TABLE `players` ADD `deleted` TINYINT(1) NOT NULL DEFAULT 0;"))
+		if (query("ALTER TABLE `guilds` ADD `description` TEXT NOT NULL;"))
-		success($locale['step_database_adding_field'] . ' players.deleted...');
+			success($locale['step_database_adding_field'] . ' guilds.description...');
-}
+	}
-if($db->hasColumn('players', 'hide_char')) {
+	if ($db->hasColumn('guilds', 'logo_gfx_name')) {
-	if(!$db->hasColumn('players', 'hidden')) {
+		if (query("ALTER TABLE `guilds` CHANGE `logo_gfx_name` `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';")) {
-		if(query("ALTER TABLE `players` CHANGE `hide_char` `hidden` TINYINT(1) NOT NULL DEFAULT 0;")) {
+			$tmp = str_replace('$FIELD$', 'guilds.logo_gfx_name', $locale['step_database_changing_field']);
-			$tmp = str_replace('$FIELD$', 'players.hide_char', $locale['step_database_changing_field']);
+			$tmp = str_replace('$FIELD_NEW$', 'guilds.logo_name', $tmp);
 			$tmp = str_replace('$FIELD_NEW$', 'players.hidden', $tmp);
 			success($tmp);
 		}
 	} else if (!$db->hasColumn('guilds', 'logo_name')) {
 		if (query("ALTER TABLE `guilds` ADD `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';"))
 			success($locale['step_database_adding_field'] . ' guilds.logo_name...');
 	}
 }
 else if(!$db->hasColumn('players', 'hidden')) {
 	if(query("ALTER TABLE `players` ADD `hidden` TINYINT(1) NOT NULL DEFAULT 0;"))
 		success($locale['step_database_adding_field'] . ' players.hidden...');
 }
-if(!$db->hasColumn('players', 'comment')) {
+if ($db->hasTable('players')) {
-	if(query("ALTER TABLE `players` ADD `comment` TEXT NOT NULL;"))
+	if (!$db->hasColumn('players', 'created')) {
-		success($locale['step_database_adding_field'] . ' players.comment...');
+		if (query("ALTER TABLE `players` ADD `created` INT(11) NOT NULL DEFAULT 0;"))
-}
+			success($locale['step_database_adding_field'] . ' players.created...');
 	}
-if($db->hasColumn('players', 'rank_id')) {
+	if (!$db->hasColumn('players', 'deleted') && !$db->hasColumn('players', 'deletion')) {
-	if(query("ALTER TABLE players MODIFY `rank_id` INT(11) NOT NULL DEFAULT 0;"))
+		if (query("ALTER TABLE `players` ADD `deleted` TINYINT(1) NOT NULL DEFAULT 0;"))
-		success($locale['step_database_modifying_field'] . ' players.rank_id...');
+			success($locale['step_database_adding_field'] . ' players.deleted...');
 	}
-	if($db->hasColumn('players', 'guildnick')) {
+	if ($db->hasColumn('players', 'hide_char')) {
-		if(query("ALTER TABLE players MODIFY `guildnick` VARCHAR(255) NOT NULL DEFAULT '';")) {
+		if (!$db->hasColumn('players', 'hide')) {
-			success($locale['step_database_modifying_field'] . ' players.guildnick...');
+			if (query("ALTER TABLE `players` CHANGE `hide_char` `hide` TINYINT(1) NOT NULL DEFAULT 0;")) {
 				$tmp = str_replace('$FIELD$', 'players.hide_char', $locale['step_database_changing_field']);
 				$tmp = str_replace('$FIELD_NEW$', 'players.hide', $tmp);
 				success($tmp);
 			}
 		}
 	} else if (!$db->hasColumn('players', 'hide')) {
 		if (query("ALTER TABLE `players` ADD `hide` TINYINT(1) NOT NULL DEFAULT 0;"))
 			success($locale['step_database_adding_field'] . ' players.hide...');
 	}
 	if (!$db->hasColumn('players', 'comment')) {
 		if (query("ALTER TABLE `players` ADD `comment` TEXT NOT NULL;"))
 			success($locale['step_database_adding_field'] . ' players.comment...');
 	}
 	if ($db->hasColumn('players', 'rank_id')) {
 		if (query("ALTER TABLE players MODIFY `rank_id` INT(11) NOT NULL DEFAULT 0;"))
 			success($locale['step_database_modifying_field'] . ' players.rank_id...');
 		if ($db->hasColumn('players', 'guildnick')) {
 			if (query("ALTER TABLE players MODIFY `guildnick` VARCHAR(255) NOT NULL DEFAULT '';")) {
 				success($locale['step_database_modifying_field'] . ' players.guildnick...');
 			}
 		}
 	}
 }
--- a/install/tools/7-finish.php
+++ b/install/tools/7-finish.php
@@ -1,6 +1,10 @@
 <?php
 define('MYAAC_INSTALL', true);
 use MyAAC\DataLoader;
 use MyAAC\Models\FAQ as ModelsFAQ;
 use MyAAC\Plugins;
 require_once '../../common.php';
 require SYSTEM . 'functions.php';
@@ -8,8 +12,10 @@ require BASE . 'install/includes/functions.php';
 require BASE . 'install/includes/locale.php';
 ini_set('max_execution_time', 300);
@ob_end_flush();
 ob_implicit_flush();
-ob_end_flush();
+
 header('X-Accel-Buffering: no');
 /*
 if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
@@ -29,7 +35,7 @@ function insert_sample_if_not_exist($p) {
 	$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote($p['name']));
 	if($query->rowCount() == 0) {
-		if(!query("INSERT INTO `players` (`id`, `name`, `group_id`, `account_id`, `level`, `vocation`, `health`, `healthmax`, `experience`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`, `maglevel`, `mana`, `manamax`, `manaspent`, `soul`, `town_id`, `posx`, `posy`, `posz`, `conditions`, `cap`, `sex`, `lastlogin`, `lastip`, `save`, `lastlogout`, `balance`, `$deleted`, `created`, `hidden`, `comment`) VALUES (null, " . $db->quote($p['name']) . ", 1, " . getSession('account') . ", " . $p['level'] . ", " . $p['vocation_id'] . ", " . $p['health'] . ", " . $p['healthmax'] . ", " . $p['experience'] . ", 118, 114, 38, 57, " . $p['looktype'] . ", 0, " . $p['mana'] . ", " . $p['manamax'] . ", 0, " . $p['soul'] . ", 1, 1000, 1000, 7, '', " . $p['cap'] . ", 1, " . $time . ", 2130706433, 1, " . $time . ", 0, 0, " . $time . ", 1, '');"))
+		if(!query("INSERT INTO `players` (`id`, `name`, `group_id`, `account_id`, `level`, `vocation`, `health`, `healthmax`, `experience`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`, `maglevel`, `mana`, `manamax`, `manaspent`, `soul`, `town_id`, `posx`, `posy`, `posz`, `conditions`, `cap`, `sex`, `lastlogin`, `lastip`, `save`, `lastlogout`, `balance`, `$deleted`, `created`, `hide`, `comment`) VALUES (null, " . $db->quote($p['name']) . ", 1, " . getSession('account') . ", " . $p['level'] . ", " . $p['vocation_id'] . ", " . $p['health'] . ", " . $p['healthmax'] . ", " . $p['experience'] . ", 118, 114, 38, 57, " . $p['looktype'] . ", 0, " . $p['mana'] . ", " . $p['manamax'] . ", 0, " . $p['soul'] . ", 1, 1000, 1000, 7, '', " . $p['cap'] . ", 1, " . $time . ", 2130706433, 1, " . $time . ", 0, 0, " . $time . ", 1, '');"))
 			$success = false;
 	}
 }
@@ -45,11 +51,9 @@ if($success) {
 	success($locale['step_database_imported_players']);
 }
 require_once LIBS . 'plugins.php';
 Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
 Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
 require LIBS . 'DataLoader.php';
 DataLoader::setLocale($locale);
 DataLoader::load();
@@ -63,7 +67,9 @@ require_once SYSTEM . 'migrations/22.php';
 require_once SYSTEM . 'migrations/27.php';
 require_once SYSTEM . 'migrations/30.php';
-use MyAAC\Models\FAQ as ModelsFAQ;
+// new monster columns
 require_once SYSTEM . 'migrations/31.php';
 if(ModelsFAQ::count() == 0) {
 	ModelsFAQ::create([
 		'question' => 'What is this?',
@@ -71,6 +77,10 @@ if(ModelsFAQ::count() == 0) {
 	]);
 }
 $hooks->trigger(HOOK_INSTALL_FINISH);
 $db->setClearCacheAfter(true);
 $locale['step_finish_desc'] = str_replace('$ADMIN_PANEL$', generateLink(str_replace('tools/', '',ADMIN_URL), $locale['step_finish_admin_panel'], true), $locale['step_finish_desc']);
 $locale['step_finish_desc'] = str_replace('$HOMEPAGE$', generateLink(str_replace('tools/', '', BASE_URL), $locale['step_finish_homepage'], true), $locale['step_finish_desc']);
 $locale['step_finish_desc'] = str_replace('$LINK$', generateLink('https://my-aac.org', 'https://my-aac.org', true), $locale['step_finish_desc']);
--- a/nginx-sample.conf
+++ b/nginx-sample.conf
@@ -10,22 +10,25 @@ server {
 	# this is very important, be sure its in your nginx conf - it prevents access to logs etc.
 	location ~ /system {
 		deny all;
 		return 404;
 	}
-	# block .htaccess
+	location /vendor {
-	location ~ /\.ht {
+		deny all;
 	}
 	# block .htaccess, CHANGELOG.md, composer.json etc.
 	# this is to prevent finding software versions
 	location ~\.(ht|md|json|dist)$ {
 		deny all;
 	}
 	# block git files and folders
 	location ~ /\.git {
 		return 404;
 		deny all;
 	}
 	location / {
-		try_files $uri $uri/ /index.php;
+		try_files $uri $uri/ /index.php?$query_string;;
 	}
 	location ~ \.php$ {
--- a/npm-post-install.js
+++ b/npm-post-install.js
@@ -0,0 +1,16 @@
 const fse = require('fs-extra');
 const path = require('path');
 const nodeModulesDir = path.join(__dirname, 'node_modules');
 const publicDir = path.join(__dirname, 'tools/ext');
 fse.emptyDirSync(path.join(publicDir, 'jquery'));
 fse.emptyDirSync(path.join(publicDir, 'jquery-ui'));
 fse.emptyDirSync(path.join(publicDir, 'bootstrap'));
 fse.emptyDirSync(path.join(publicDir, 'tinymce'));
 fse.emptyDirSync(path.join(publicDir, 'tinymce-jquery'));
 fse.copySync(path.join(nodeModulesDir, 'jquery', 'dist'), path.join(publicDir, 'jquery'), { overwrite: true });
 fse.copySync(path.join(nodeModulesDir, 'jquery-ui', 'dist'), path.join(publicDir, 'jquery-ui'), { overwrite: true });
 fse.copySync(path.join(nodeModulesDir, 'bootstrap', 'dist'), path.join(publicDir, 'bootstrap'), { overwrite: true });
 fse.copySync(path.join(nodeModulesDir, 'tinymce'), path.join(publicDir, 'tinymce'), { overwrite: true });
 fse.copySync(path.join(nodeModulesDir, '@tinymce', 'tinymce-jquery', 'dist'), path.join(publicDir, 'tinymce-jquery'), { overwrite: true });
--- a/package-lock.json
+++ b/package-lock.json
@@ -4,6 +4,15 @@
  "requires": true,
  "packages": {
    "": {
      "hasInstallScript": true,
      "dependencies": {
        "@tinymce/tinymce-jquery": "^2.1.0",
        "bootstrap": "^4.6.2",
        "fs-extra": "^11.2.0",
        "jquery": "^3.7.1",
        "jquery-ui": "^1.13.2",
        "tinymce": "^6.8.3"
      },
      "devDependencies": {
        "cypress": "^12.12.0"
      }
@@ -19,9 +28,9 @@
      }
    },
    "node_modules/@cypress/request": {
-      "version": "2.88.11",
+      "version": "2.88.12",
-      "resolved": "https://registry.npmjs.org/@cypress/request/-/request-2.88.11.tgz",
+      "resolved": "https://registry.npmjs.org/@cypress/request/-/request-2.88.12.tgz",
-      "integrity": "sha512-M83/wfQ1EkspjkE2lNWNV5ui2Cv7UCv1swW1DqljahbzLVWltcsexQh8jYtuS/vzFXP+HySntGM83ZXA9fn17w==",
+      "integrity": "sha512-tOn+0mDZxASFM+cuAP9szGUGPI1HwWVSvdzm7V4cCsPdFTx6qMj29CwaQmRAMIEhORIUBFBsYROYJcveK4uOjA==",
      "dev": true,
      "dependencies": {
        "aws-sign2": "~0.7.0",
@@ -39,7 +48,7 @@
        "performance-now": "^2.1.0",
        "qs": "~6.10.3",
        "safe-buffer": "^5.1.2",
-        "tough-cookie": "~2.5.0",
+        "tough-cookie": "^4.1.3",
        "tunnel-agent": "^0.6.0",
        "uuid": "^8.3.2"
      },
@@ -66,10 +75,15 @@
        "ms": "^2.1.1"
      }
    },
    "node_modules/@tinymce/tinymce-jquery": {
      "version": "2.1.0",
      "resolved": "https://registry.npmjs.org/@tinymce/tinymce-jquery/-/tinymce-jquery-2.1.0.tgz",
      "integrity": "sha512-ynfgfL/n5/Us7h3AnJL3mAwsShuE/USvAJFOdilJDkZuVCypWSwVVo3E3wIqSzDGvqyU+293ok1+sD+jxraT8w=="
    },
    "node_modules/@types/node": {
-      "version": "14.18.47",
+      "version": "16.18.82",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-14.18.47.tgz",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.82.tgz",
-      "integrity": "sha512-OuJi8bIng4wYHHA3YpKauL58dZrPxro3d0tabPHyiNF8rKfGKuVfr83oFlPLmKri1cX+Z3cJP39GXmnqkP11Gw==",
+      "integrity": "sha512-pcDZtkx9z8XYV+ius2P3Ot2VVrcYOfXffBQUBuiszrlUzKSmoDYqo+mV+IoL8iIiIjjtOMvNSmH1hwJ+Q+f96Q==",
      "dev": true
    },
    "node_modules/@types/sinonjs__fake-timers": {
@@ -79,15 +93,15 @@
      "dev": true
    },
    "node_modules/@types/sizzle": {
-      "version": "2.3.3",
+      "version": "2.3.8",
-      "resolved": "https://registry.npmjs.org/@types/sizzle/-/sizzle-2.3.3.tgz",
+      "resolved": "https://registry.npmjs.org/@types/sizzle/-/sizzle-2.3.8.tgz",
-      "integrity": "sha512-JYM8x9EGF163bEyhdJBpR2QX1R5naCJHC8ucJylJ3w9/CVBaskdQ8WqBf8MmQrd1kRvp/a4TS8HJ+bxzR7ZJYQ==",
+      "integrity": "sha512-0vWLNK2D5MT9dg0iOo8GlKguPAU02QjmZitPEsXRuJXU/OGIOt9vT9Fc26wtYuavLxtO45v9PGleoL9Z0k1LHg==",
      "dev": true
    },
    "node_modules/@types/yauzl": {
-      "version": "2.10.0",
+      "version": "2.10.3",
-      "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.10.0.tgz",
+      "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.10.3.tgz",
-      "integrity": "sha512-Cn6WYCm0tXv8p6k+A8PvbDG763EDpBoTzHdA+Q/MF6H3sapGjCm9NzoaJncJS9tUKSuCoDs9XHxYYsQDgxR6kw==",
+      "integrity": "sha512-oJoftv0LSuaDZE3Le4DbKX+KS9G36NzOeSap90UIK0yMA/NhKJhqlSGtNDORNRaIbQfzjXDrQa0ytJ6mNRGz/Q==",
      "dev": true,
      "optional": true,
      "dependencies": {
@@ -203,9 +217,9 @@
      }
    },
    "node_modules/async": {
-      "version": "3.2.4",
+      "version": "3.2.5",
-      "resolved": "https://registry.npmjs.org/async/-/async-3.2.4.tgz",
+      "resolved": "https://registry.npmjs.org/async/-/async-3.2.5.tgz",
-      "integrity": "sha512-iAB+JbDEGXhyIUavoDl9WP/Jj106Kz9DEn1DPgYw5ruDn0e3Wgi3sKFm55sASdGBNOQB8F59d9qQ7deqrHA8wQ==",
+      "integrity": "sha512-baNZyqaaLhyLVKm/DlvdW051MSgO6b8eVfIezl9E5PqWxFgzLm/wQntEW4zOytVburDEr0JlALEpdOFwvErLsg==",
      "dev": true
    },
    "node_modules/asynckit": {
@@ -285,6 +299,25 @@
      "integrity": "sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==",
      "dev": true
    },
    "node_modules/bootstrap": {
      "version": "4.6.2",
      "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.6.2.tgz",
      "integrity": "sha512-51Bbp/Uxr9aTuy6ca/8FbFloBUJZLHwnhTcnjIeRn2suQWsWzcuJhGjKDB5eppVte/8oCdOL3VuwxvZDUggwGQ==",
      "funding": [
        {
          "type": "github",
          "url": "https://github.com/sponsors/twbs"
        },
        {
          "type": "opencollective",
          "url": "https://opencollective.com/bootstrap"
        }
      ],
      "peerDependencies": {
        "jquery": "1.9.1 - 3",
        "popper.js": "^1.16.1"
      }
    },
    "node_modules/brace-expansion": {
      "version": "1.1.11",
      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
@@ -329,22 +362,28 @@
      }
    },
    "node_modules/cachedir": {
-      "version": "2.3.0",
+      "version": "2.4.0",
-      "resolved": "https://registry.npmjs.org/cachedir/-/cachedir-2.3.0.tgz",
+      "resolved": "https://registry.npmjs.org/cachedir/-/cachedir-2.4.0.tgz",
-      "integrity": "sha512-A+Fezp4zxnit6FanDmv9EqXNAi3vt9DWp51/71UEhXukb7QUuvtv9344h91dyAxuTLoSYJFU299qzR3tzwPAhw==",
+      "integrity": "sha512-9EtFOZR8g22CL7BWjJ9BUx1+A/djkofnyW3aOXZORNW2kxoUpx2h+uN2cOqwPmFhnpVmxg+KW2OjOSgChTEvsQ==",
      "dev": true,
      "engines": {
        "node": ">=6"
      }
    },
    "node_modules/call-bind": {
-      "version": "1.0.2",
+      "version": "1.0.7",
-      "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.2.tgz",
+      "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz",
-      "integrity": "sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA==",
+      "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==",
      "dev": true,
      "dependencies": {
-        "function-bind": "^1.1.1",
+        "es-define-property": "^1.0.0",
-        "get-intrinsic": "^1.0.2"
+        "es-errors": "^1.3.0",
        "function-bind": "^1.1.2",
        "get-intrinsic": "^1.2.4",
        "set-function-length": "^1.2.1"
      },
      "engines": {
        "node": ">= 0.4"
      },
      "funding": {
        "url": "https://github.com/sponsors/ljharb"
@@ -394,9 +433,9 @@
      }
    },
    "node_modules/ci-info": {
-      "version": "3.8.0",
+      "version": "3.9.0",
-      "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz",
+      "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz",
-      "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==",
+      "integrity": "sha512-NIxF55hv4nSqQswkAeiOi1r83xy8JldOFDTWiug55KBu9Jnblncd2U6ViHmYgHf01TPZS77NJBhBMKdWj9HQMQ==",
      "dev": true,
      "funding": [
        {
@@ -541,15 +580,15 @@
      }
    },
    "node_modules/cypress": {
-      "version": "12.12.0",
+      "version": "12.17.4",
-      "resolved": "https://registry.npmjs.org/cypress/-/cypress-12.12.0.tgz",
+      "resolved": "https://registry.npmjs.org/cypress/-/cypress-12.17.4.tgz",
-      "integrity": "sha512-UU5wFQ7SMVCR/hyKok/KmzG6fpZgBHHfrXcHzDmPHWrT+UUetxFzQgt7cxCszlwfozckzwkd22dxMwl/vNkWRw==",
+      "integrity": "sha512-gAN8Pmns9MA5eCDFSDJXWKUpaL3IDd89N9TtIupjYnzLSmlpVr+ZR+vb4U/qaMp+lB6tBvAmt7504c3Z4RU5KQ==",
      "dev": true,
      "hasInstallScript": true,
      "dependencies": {
-        "@cypress/request": "^2.88.10",
+        "@cypress/request": "2.88.12",
        "@cypress/xvfb": "^1.2.4",
-        "@types/node": "^14.14.31",
+        "@types/node": "^16.18.39",
        "@types/sinonjs__fake-timers": "8.1.1",
        "@types/sizzle": "^2.3.2",
        "arch": "^2.2.0",
@@ -582,9 +621,10 @@
        "minimist": "^1.2.8",
        "ospath": "^1.2.2",
        "pretty-bytes": "^5.6.0",
        "process": "^0.11.10",
        "proxy-from-env": "1.0.0",
        "request-progress": "^3.0.0",
-        "semver": "^7.3.2",
+        "semver": "^7.5.3",
        "supports-color": "^8.1.1",
        "tmp": "~0.2.1",
        "untildify": "^4.0.0",
@@ -597,6 +637,21 @@
        "node": "^14.0.0 || ^16.0.0 || >=18.0.0"
      }
    },
    "node_modules/cypress/node_modules/fs-extra": {
      "version": "9.1.0",
      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
      "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
      "dev": true,
      "dependencies": {
        "at-least-node": "^1.0.0",
        "graceful-fs": "^4.2.0",
        "jsonfile": "^6.0.1",
        "universalify": "^2.0.0"
      },
      "engines": {
        "node": ">=10"
      }
    },
    "node_modules/dashdash": {
      "version": "1.14.1",
      "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz",
@@ -610,9 +665,9 @@
      }
    },
    "node_modules/dayjs": {
-      "version": "1.11.7",
+      "version": "1.11.10",
-      "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.7.tgz",
+      "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.10.tgz",
-      "integrity": "sha512-+Yw9U6YO5TQohxLcIkrXBeY73WP3ejHWVvx8XCk3gxvQDCTEmS48ZrSZCKciI7Bhl/uCMyxYtE9UqRILmFphkQ==",
+      "integrity": "sha512-vjAczensTgRcqDERK0SR2XMwsF/tSvnvlv6VcF2GIhg6Sx4yOIt/irsr1RDJsKiIyBzJDpCoXiWWq28MqH2cnQ==",
      "dev": true
    },
    "node_modules/debug": {
@@ -632,6 +687,23 @@
        }
      }
    },
    "node_modules/define-data-property": {
      "version": "1.1.4",
      "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz",
      "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==",
      "dev": true,
      "dependencies": {
        "es-define-property": "^1.0.0",
        "es-errors": "^1.3.0",
        "gopd": "^1.0.1"
      },
      "engines": {
        "node": ">= 0.4"
      },
      "funding": {
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/delayed-stream": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
@@ -667,17 +739,39 @@
      }
    },
    "node_modules/enquirer": {
-      "version": "2.3.6",
+      "version": "2.4.1",
-      "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz",
+      "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.4.1.tgz",
-      "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==",
+      "integrity": "sha512-rRqJg/6gd538VHvR3PSrdRBb/1Vy2YfzHqzvbhGIQpDRKIa4FgV/54b5Q1xYSxOOwKvjXweS26E0Q+nAMwp2pQ==",
      "dev": true,
      "dependencies": {
-        "ansi-colors": "^4.1.1"
+        "ansi-colors": "^4.1.1",
        "strip-ansi": "^6.0.1"
      },
      "engines": {
        "node": ">=8.6"
      }
    },
    "node_modules/es-define-property": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz",
      "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==",
      "dev": true,
      "dependencies": {
        "get-intrinsic": "^1.2.4"
      },
      "engines": {
        "node": ">= 0.4"
      }
    },
    "node_modules/es-errors": {
      "version": "1.3.0",
      "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz",
      "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==",
      "dev": true,
      "engines": {
        "node": ">= 0.4"
      }
    },
    "node_modules/escape-string-regexp": {
      "version": "1.0.5",
      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
@@ -811,18 +905,16 @@
      }
    },
    "node_modules/fs-extra": {
-      "version": "9.1.0",
+      "version": "11.2.0",
-      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
+      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.2.0.tgz",
-      "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
+      "integrity": "sha512-PmDi3uwK5nFuXh7XDTlVnS17xJS7vW36is2+w3xcv8SVxiB4NyATf4ctkVY5bkSjX0Y4nbvZCq1/EjtEyr9ktw==",
      "dev": true,
      "dependencies": {
        "at-least-node": "^1.0.0",
        "graceful-fs": "^4.2.0",
        "jsonfile": "^6.0.1",
        "universalify": "^2.0.0"
      },
      "engines": {
-        "node": ">=10"
+        "node": ">=14.14"
      }
    },
    "node_modules/fs.realpath": {
@@ -832,21 +924,28 @@
      "dev": true
    },
    "node_modules/function-bind": {
-      "version": "1.1.1",
+      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz",
+      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz",
-      "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==",
+      "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==",
-      "dev": true
+      "dev": true,
      "funding": {
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/get-intrinsic": {
-      "version": "1.2.1",
+      "version": "1.2.4",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz",
-      "integrity": "sha512-2DcsyfABl+gVHEfCOaTrWgyt+tb6MSEGmKq+kI5HwLbIYgjgmMcV8KQ41uaKz1xxUcn9tJtgFbQUEVcEbd0FYw==",
+      "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==",
      "dev": true,
      "dependencies": {
-        "function-bind": "^1.1.1",
+        "es-errors": "^1.3.0",
-        "has": "^1.0.3",
+        "function-bind": "^1.1.2",
        "has-proto": "^1.0.1",
-        "has-symbols": "^1.0.3"
+        "has-symbols": "^1.0.3",
        "hasown": "^2.0.0"
      },
      "engines": {
        "node": ">= 0.4"
      },
      "funding": {
        "url": "https://github.com/sponsors/ljharb"
@@ -920,23 +1019,22 @@
        "url": "https://github.com/sponsors/sindresorhus"
      }
    },
    "node_modules/gopd": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz",
      "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==",
      "dev": true,
      "dependencies": {
        "get-intrinsic": "^1.1.3"
      },
      "funding": {
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/graceful-fs": {
      "version": "4.2.11",
      "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz",
-      "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==",
+      "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ=="
      "dev": true
    },
    "node_modules/has": {
      "version": "1.0.3",
      "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz",
      "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==",
      "dev": true,
      "dependencies": {
        "function-bind": "^1.1.1"
      },
      "engines": {
        "node": ">= 0.4.0"
      }
    },
    "node_modules/has-flag": {
      "version": "4.0.0",
@@ -947,6 +1045,18 @@
        "node": ">=8"
      }
    },
    "node_modules/has-property-descriptors": {
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz",
      "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==",
      "dev": true,
      "dependencies": {
        "es-define-property": "^1.0.0"
      },
      "funding": {
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/has-proto": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
@@ -971,6 +1081,18 @@
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/hasown": {
      "version": "2.0.1",
      "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.1.tgz",
      "integrity": "sha512-1/th4MHjnwncwXsIW6QMzlvYL9kG5e/CpVvLRZe4XPa8TOUNbCELqmvhDmnkNsAjwaG4+I8gJJL0JBvTTLO9qA==",
      "dev": true,
      "dependencies": {
        "function-bind": "^1.1.2"
      },
      "engines": {
        "node": ">= 0.4"
      }
    },
    "node_modules/http-signature": {
      "version": "1.3.6",
      "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.3.6.tgz",
@@ -1136,6 +1258,19 @@
      "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==",
      "dev": true
    },
    "node_modules/jquery": {
      "version": "3.7.1",
      "resolved": "https://registry.npmjs.org/jquery/-/jquery-3.7.1.tgz",
      "integrity": "sha512-m4avr8yL8kmFN8psrbFFFmB/If14iN5o9nw/NgnnM+kybDJpRsAynV2BsfpTYrTRysYUdADVD7CkUUizgkpLfg=="
    },
    "node_modules/jquery-ui": {
      "version": "1.13.2",
      "resolved": "https://registry.npmjs.org/jquery-ui/-/jquery-ui-1.13.2.tgz",
      "integrity": "sha512-wBZPnqWs5GaYJmo1Jj0k/mrSkzdQzKDwhXNtHKcBdAcKVxMM3KNYFq+iJ2i1rwiG53Z8M4mTn3Qxrm17uH1D4Q==",
      "dependencies": {
        "jquery": ">=1.8.0 <4.0.0"
      }
    },
    "node_modules/jsbn": {
      "version": "0.1.1",
      "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz",
@@ -1158,7 +1293,6 @@
      "version": "6.1.0",
      "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
      "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
      "dev": true,
      "dependencies": {
        "universalify": "^2.0.0"
      },
@@ -1382,9 +1516,9 @@
      }
    },
    "node_modules/object-inspect": {
-      "version": "1.12.3",
+      "version": "1.13.1",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.3.tgz",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz",
-      "integrity": "sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g==",
+      "integrity": "sha512-5qoj1RUiKOMsCCNLV1CBiPYE10sziTsnmNxkAI/rZhiD63CF7IqdFGC/XzjWjpSgLf0LxXX3bDFIh0E18f6UhQ==",
      "dev": true,
      "funding": {
        "url": "https://github.com/sponsors/ljharb"
@@ -1474,6 +1608,17 @@
        "node": ">=0.10.0"
      }
    },
    "node_modules/popper.js": {
      "version": "1.16.1",
      "resolved": "https://registry.npmjs.org/popper.js/-/popper.js-1.16.1.tgz",
      "integrity": "sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==",
      "deprecated": "You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1",
      "peer": true,
      "funding": {
        "type": "opencollective",
        "url": "https://opencollective.com/popperjs"
      }
    },
    "node_modules/pretty-bytes": {
      "version": "5.6.0",
      "resolved": "https://registry.npmjs.org/pretty-bytes/-/pretty-bytes-5.6.0.tgz",
@@ -1486,6 +1631,15 @@
        "url": "https://github.com/sponsors/sindresorhus"
      }
    },
    "node_modules/process": {
      "version": "0.11.10",
      "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz",
      "integrity": "sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==",
      "dev": true,
      "engines": {
        "node": ">= 0.6.0"
      }
    },
    "node_modules/proxy-from-env": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.0.0.tgz",
@@ -1509,9 +1663,9 @@
      }
    },
    "node_modules/punycode": {
-      "version": "2.3.0",
+      "version": "2.3.1",
-      "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz",
+      "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz",
-      "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==",
+      "integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==",
      "dev": true,
      "engines": {
        "node": ">=6"
@@ -1532,6 +1686,12 @@
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/querystringify": {
      "version": "2.2.0",
      "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-2.2.0.tgz",
      "integrity": "sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ==",
      "dev": true
    },
    "node_modules/request-progress": {
      "version": "3.0.0",
      "resolved": "https://registry.npmjs.org/request-progress/-/request-progress-3.0.0.tgz",
@@ -1541,6 +1701,12 @@
        "throttleit": "^1.0.0"
      }
    },
    "node_modules/requires-port": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz",
      "integrity": "sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ==",
      "dev": true
    },
    "node_modules/restore-cursor": {
      "version": "3.1.0",
      "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz",
@@ -1555,9 +1721,9 @@
      }
    },
    "node_modules/rfdc": {
-      "version": "1.3.0",
+      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/rfdc/-/rfdc-1.3.0.tgz",
+      "resolved": "https://registry.npmjs.org/rfdc/-/rfdc-1.3.1.tgz",
-      "integrity": "sha512-V2hovdzFbOi77/WajaSMXk2OLm+xNIeQdMMuB7icj7bk6zi2F8GGAxigcnDFpJHbNyNcgyJDiP+8nOrY5cZGrA==",
+      "integrity": "sha512-r5a3l5HzYlIC68TpmYKlxWjmOP6wiPJ1vWv2HeLhNsRZMrCkxeqxiHlQ21oXmQ4F3SiryXBHhAD7JZqvOJjFmg==",
      "dev": true
    },
    "node_modules/rimraf": {
@@ -1611,9 +1777,9 @@
      "dev": true
    },
    "node_modules/semver": {
-      "version": "7.5.1",
+      "version": "7.6.0",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.1.tgz",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.0.tgz",
-      "integrity": "sha512-Wvss5ivl8TMRZXXESstBA4uR5iXgEN/VC5/sOcuXdVLzcdkz4HWetIoRfG5gb5X+ij/G9rw9YoGn3QoQ8OCSpw==",
+      "integrity": "sha512-EnwXhrlwXMk9gKu5/flx5sv/an57AkRplG3hTK68W7FRDN+k+OWBj65M7719OkA82XLBxrcX0KSHj+X5COhOVg==",
      "dev": true,
      "dependencies": {
        "lru-cache": "^6.0.0"
@@ -1625,6 +1791,23 @@
        "node": ">=10"
      }
    },
    "node_modules/set-function-length": {
      "version": "1.2.1",
      "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.1.tgz",
      "integrity": "sha512-j4t6ccc+VsKwYHso+kElc5neZpjtq9EnRICFZtWyBsLojhmeF/ZBd/elqm22WJh/BziDe/SBiOeAt0m2mfLD0g==",
      "dev": true,
      "dependencies": {
        "define-data-property": "^1.1.2",
        "es-errors": "^1.3.0",
        "function-bind": "^1.1.2",
        "get-intrinsic": "^1.2.3",
        "gopd": "^1.0.1",
        "has-property-descriptors": "^1.0.1"
      },
      "engines": {
        "node": ">= 0.4"
      }
    },
    "node_modules/shebang-command": {
      "version": "2.0.0",
      "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz",
@@ -1647,14 +1830,18 @@
      }
    },
    "node_modules/side-channel": {
-      "version": "1.0.4",
+      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.4.tgz",
+      "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.5.tgz",
-      "integrity": "sha512-q5XPytqFEIKHkGdiMIrY10mvLRvnQh42/+GoBlFW3b2LXLE2xxJpZFdm94we0BaoV3RwJyGqg5wS7epxTv0Zvw==",
+      "integrity": "sha512-QcgiIWV4WV7qWExbN5llt6frQB/lBven9pqliLXfGPB+K9ZYXxDozp0wLkHS24kWCm+6YXH/f0HhnObZnZOBnQ==",
      "dev": true,
      "dependencies": {
-        "call-bind": "^1.0.0",
+        "call-bind": "^1.0.6",
-        "get-intrinsic": "^1.0.2",
+        "es-errors": "^1.3.0",
-        "object-inspect": "^1.9.0"
+        "get-intrinsic": "^1.2.4",
        "object-inspect": "^1.13.1"
      },
      "engines": {
        "node": ">= 0.4"
      },
      "funding": {
        "url": "https://github.com/sponsors/ljharb"
@@ -1681,9 +1868,9 @@
      }
    },
    "node_modules/sshpk": {
-      "version": "1.17.0",
+      "version": "1.18.0",
-      "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz",
+      "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.18.0.tgz",
-      "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==",
+      "integrity": "sha512-2p2KJZTSqQ/I3+HX42EpYOa2l3f8Erv8MWKsy2I9uf4wA7yFIkXRffYdsx86y6z4vHtV8u7g+pPlr8/4ouAxsQ==",
      "dev": true,
      "dependencies": {
        "asn1": "~0.2.3",
@@ -1756,10 +1943,13 @@
      }
    },
    "node_modules/throttleit": {
-      "version": "1.0.0",
+      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/throttleit/-/throttleit-1.0.0.tgz",
+      "resolved": "https://registry.npmjs.org/throttleit/-/throttleit-1.0.1.tgz",
-      "integrity": "sha512-rkTVqu6IjfQ/6+uNuuc3sZek4CEYxTJom3IktzgdSxcZqdARuebbA/f4QmAxMQIxqq9ZLEUkSYqvuk1I6VKq4g==",
+      "integrity": "sha512-vDZpf9Chs9mAdfY046mcPt8fg5QSZr37hEH4TXYBnDF+izxgrbRGUAAaBvIk/fJm9aOFCGFd1EsNg5AZCbnQCQ==",
-      "dev": true
+      "dev": true,
      "funding": {
        "url": "https://github.com/sponsors/sindresorhus"
      }
    },
    "node_modules/through": {
      "version": "2.3.8",
@@ -1767,6 +1957,11 @@
      "integrity": "sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg==",
      "dev": true
    },
    "node_modules/tinymce": {
      "version": "6.8.3",
      "resolved": "https://registry.npmjs.org/tinymce/-/tinymce-6.8.3.tgz",
      "integrity": "sha512-3fCHKAeqT+xNwBVESf6iDbDV0VNwZNmfrkx9c/6Gz5iB8piMfaO6s7FvoiTrj1hf1gVbfyLTnz1DooI6DhgINQ=="
    },
    "node_modules/tmp": {
      "version": "0.2.1",
      "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.1.tgz",
@@ -1780,22 +1975,33 @@
      }
    },
    "node_modules/tough-cookie": {
-      "version": "2.5.0",
+      "version": "4.1.3",
-      "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz",
+      "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.1.3.tgz",
-      "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==",
+      "integrity": "sha512-aX/y5pVRkfRnfmuX+OdbSdXvPe6ieKX/G2s7e98f4poJHnqH3281gDPm/metm6E/WRamfx7WC4HUqkWHfQHprw==",
      "dev": true,
      "dependencies": {
-        "psl": "^1.1.28",
+        "psl": "^1.1.33",
-        "punycode": "^2.1.1"
+        "punycode": "^2.1.1",
        "universalify": "^0.2.0",
        "url-parse": "^1.5.3"
      },
      "engines": {
-        "node": ">=0.8"
+        "node": ">=6"
      }
    },
    "node_modules/tough-cookie/node_modules/universalify": {
      "version": "0.2.0",
      "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.2.0.tgz",
      "integrity": "sha512-CJ1QgKmNg3CwvAv/kOFmtnEN05f0D/cn9QntgNOQlQF9dgvVTHj3t+8JPdjqawCHk7V/KA+fbUqzZ9XWhcqPUg==",
      "dev": true,
      "engines": {
        "node": ">= 4.0.0"
      }
    },
    "node_modules/tslib": {
-      "version": "2.5.1",
+      "version": "2.6.2",
-      "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.5.1.tgz",
+      "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.2.tgz",
-      "integrity": "sha512-KaI6gPil5m9vF7DKaoXxx1ia9fxS4qG5YveErRRVknPDXXriu5M8h48YRjB6h5ZUOKuAKlSJYb0GaDe8I39fRw==",
+      "integrity": "sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==",
      "dev": true
    },
    "node_modules/tunnel-agent": {
@@ -1829,10 +2035,9 @@
      }
    },
    "node_modules/universalify": {
-      "version": "2.0.0",
+      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
+      "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
-      "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
+      "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
      "dev": true,
      "engines": {
        "node": ">= 10.0.0"
      }
@@ -1846,6 +2051,16 @@
        "node": ">=8"
      }
    },
    "node_modules/url-parse": {
      "version": "1.5.10",
      "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.5.10.tgz",
      "integrity": "sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ==",
      "dev": true,
      "dependencies": {
        "querystringify": "^2.1.1",
        "requires-port": "^1.0.0"
      }
    },
    "node_modules/uuid": {
      "version": "8.3.2",
      "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
--- a/package.json
+++ b/package.json
@@ -1,8 +1,17 @@
 {
  "scripts": {
-    "cypress:open": "cypress open"
+    "cypress:open": "cypress open",
    "postinstall": "node ./npm-post-install.js"
  },
  "devDependencies": {
    "cypress": "^12.12.0"
  },
  "dependencies": {
    "@tinymce/tinymce-jquery": "^2.1.0",
    "bootstrap": "^4.6.2",
    "fs-extra": "^11.2.0",
    "jquery": "^3.7.1",
    "jquery-ui": "^1.13.2",
    "tinymce": "^6.8.3"
  }
 }
--- a/phpstan-bootstrap.php
+++ b/phpstan-bootstrap.php
@@ -0,0 +1,13 @@
 <?php
 require __DIR__ . '/system/libs/pot/OTS.php';
 $ots = POT::getInstance();
 require __DIR__ . '/system/libs/pot/InvitesDriver.php';
 require __DIR__ . '/system/libs/rfc6238.php';
 require __DIR__ . '/common.php';
 const ACTION = '';
 const PAGE = '';
 const URI = '';
 define('SELF_NAME', basename(__FILE__));
--- a/phpstan.neon
+++ b/phpstan.neon
@@ -0,0 +1,39 @@
 parameters:
 	level: 3
 	paths:
 		- .
 		- templates/tibiacom
 		- templates/kathrine
 	excludePaths:
 		- system/cache/*
 		- vendor/*
 		- plugins/*
 		- system/libs
 		- tools/signature/mango.php
 		- tools/signature/gd.class.php
 	bootstrapFiles:
 		- phpstan-bootstrap.php
 	ignoreErrors:
 		- '#Variable \$db might not be defined#'
 		- '#Variable \$twig might not be defined#'
 		- '#Variable \$hooks might not be defined#'
 		- '#Variable \$account_logged might not be defined#'
 		- '#Variable \$logged might not be defined#'
 		- '#Variable \$config might not be defined#'
 		- '#Variable \$action might not be defined#'
 		- '#Variable \$errors might not be defined#'
 		- '#Variable \$cache might not be defined#'
 		- '#Variable \$status might not be defined#'
 		- '#Variable \$player might not be defined#'
 		- '#Variable \$guild might not be defined#'
 		- '#Variable \$[a-zA-Z0-9\\_]+ might not be defined#'
 		# Eloquent models
 		- '#Call to an undefined static method [a-zA-Z0-9\\_]+::[a-zA-Z0-9\\_]+\(\)#'
 		- '#Call to an undefined method object::toArray\(\)#'
 		# system/pages/highscores.php
 		- '#Call to an undefined method Illuminate\\Database\\Query\\Builder::withOnlineStatus\(\)#'
 		- '#Access to an undefined property Illuminate\\Database\\Eloquent\\Model::\$online_status#'
 		- '#Access to an undefined property Illuminate\\Database\\Eloquent\\Model::\$vocation_name#'
 		-
 			message: '#Variable \$tmp in empty\(\) always exists and is always falsy#'
 			path: templates\kathrine\javascript.php
--- a/plugins/email-confirmed-reward/reward.php
+++ b/plugins/email-confirmed-reward/reward.php
@@ -1,8 +1,6 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 $reward = setting('core.account_mail_confirmed_reward');
 $hasCoinsColumn = $db->hasColumn('accounts', 'coins');
 $rewardCoins = setting('core.account_mail_confirmed_reward_coins');
 if ($rewardCoins > 0 && !$hasCoinsColumn) {
--- a/plugins/example.json
+++ b/plugins/example.json
@@ -25,7 +25,8 @@
 	"hooks": {
 		"Example Hook": {
 			"type": "BEFORE_PAGE",
-			"file": "plugins/example/before.php"
+			"file": "plugins/example/before.php",
 			"priority": 1000
 		}
 	},
 	"routes": {
@@ -33,12 +34,20 @@
 			"pattern": "/YourAwesomePage/{name:string}/{page:int}",
 			"file": "plugins/your-plugin/your-awesome-page.php",
 			"method": "GET",
-			"priority": "130"
+			"priority": 130
 		},
 		"Redirect Example": {
 			"redirect_from": "/redirectExample",
 			"redirect_to": "account/manage"
 		}
 	},
-	"settings": "plugins/your-plugin-folder/settings.php"
+	"routes-default-priority": 1000,
 	"pages-default-priority": 1000,
 	"settings": "plugins/your-plugin-folder/settings.php",
 	"autoload": {
 		"pages": true,
 		"pagesSubFolders": false,
 		"commands": true,
 		"themes": true
 	}
 }
--- a/release.sh
+++ b/release.sh
@@ -38,7 +38,11 @@ if [ $1 = "prepare" ]; then
 	cd $dir || exit
 	# dependencies
-	composer install --no-dev
+	composer install --no-dev --prefer-dist --optimize-autoloader
 	npm install
 	# node_modules is useless, we already have copy in tools/ext
 	rm -R node_modules
 	echo "Now you can make changes to $dir. When you are ready, type 'release.sh pack'"
 	exit
--- a/system/bin/clear_cache.php
+++ b/system/bin/clear_cache.php
@@ -1,18 +0,0 @@
 <?php
 if(PHP_SAPI !== 'cli') {
 	echo 'This script can be run only in command line mode.';
 	exit(1);
 }
 require_once __DIR__ . '/../../common.php';
 require_once SYSTEM . 'functions.php';
 require_once SYSTEM . 'init.php';
 if(clearCache()) {
 	echo 'Cache cleared.' . PHP_EOL;
 }
 else {
 	echo 'Unexpected error.' . PHP_EOL;
 	exit(2);
 }
--- a/system/bin/cronjob.php
+++ b/system/bin/cronjob.php
@@ -1,19 +0,0 @@
 <?php
 require_once __DIR__ . '/../../common.php';
 require_once SYSTEM . 'functions.php';
 require_once SYSTEM . 'init.php';
 require_once SYSTEM . 'hooks.php';
 $hooks = new Hooks();
 $hooks->load();
 use GO\Scheduler;
 // Create a new scheduler
 $scheduler = new Scheduler();
 $hooks->trigger(HOOK_CRONJOB, ['scheduler' => $scheduler]);
 // Let the scheduler execute jobs which are due.
 $scheduler->run();
--- a/system/bin/index.html
+++ b/system/bin/index.html
--- a/system/bin/install_cronjob.php
+++ b/system/bin/install_cronjob.php
@@ -1,50 +0,0 @@
 <?php
 require_once __DIR__ . '/../../common.php';
 require_once SYSTEM . 'functions.php';
 require_once SYSTEM . 'init.php';
 if(!IS_CLI) {
 	echo 'This script can be run only in command line mode.' . PHP_EOL;
 	exit(1);
 }
 if (MYAAC_OS !== 'LINUX') {
 	echo 'This script can be run only on linux.' . PHP_EOL;
 	exit(1);
 }
 $job = '* * * * * /usr/bin/php ' . SYSTEM . 'bin/cronjob.php >> ' . SYSTEM . 'logs/cron.log 2>&1';
 if (cronjob_exists($job)) {
 	echo 'MyAAC cronjob already installed.' . PHP_EOL;
 	exit(0);
 }
 exec ('crontab -l', $content);
 $content = implode(' ', $content);
 $content .= PHP_EOL . $job;
 file_put_contents(CACHE . 'cronjob', $content . PHP_EOL);
 exec('crontab ' . CACHE. 'cronjob');
 echo 'Installed crontab successfully.' . PHP_EOL;
 function cronjob_exists($command)
 {
 	$cronjob_exists=false;
 	exec('crontab -l', $crontab);
 	if(isset($crontab)&&is_array($crontab)) {
 		$crontab = array_flip($crontab);
 		if(isset($crontab[$command])){
 			$cronjob_exists = true;
 		}
 	}
 	return $cronjob_exists;
 }
--- a/system/bin/install_plugin.php
+++ b/system/bin/install_plugin.php
@@ -1,42 +0,0 @@
 <?php
 if(PHP_SAPI !== 'cli') {
 	echo 'This script can be run only in command line mode.';
 	exit(1);
 }
 require_once __DIR__ . '/../../common.php';
 require_once SYSTEM . 'functions.php';
 require_once SYSTEM . 'init.php';
 require_once SYSTEM . 'hooks.php';
 require_once LIBS . 'plugins.php';
 if($argc !== 2) {
 	echo 'This command expects one parameter: zip file name (plugin)' . PHP_EOL;
 	exit(2);
 }
 $path_to_file = $argv[1];
 $ext = strtolower(pathinfo($path_to_file, PATHINFO_EXTENSION));
 if($ext !== 'zip') {// check if it is zipped/compressed file
 	echo 'Please install only .zip files.' . PHP_EOL;
 	exit(3);
 }
 if(!file_exists($path_to_file)) {
 	echo 'ERROR: File ' . $path_to_file . ' does not exist' . PHP_EOL;
 	exit(4);
 }
 if(Plugins::install($path_to_file)) {
 	foreach(Plugins::getWarnings() as $warning) {
 		echo 'WARNING: ' . $warning;
 	}
 	$info = Plugins::getPluginJson();
 	echo (isset($info['name']) ? $info['name'] . ' p' : 'P') . 'lugin has been successfully installed.' . PHP_EOL;
 }
 else {
 	echo 'ERROR: ' . Plugins::getError() . PHP_EOL;
 	exit(5);
 }
--- a/system/bin/send_email.php
+++ b/system/bin/send_email.php
@@ -1,61 +0,0 @@
 <?php
 if(PHP_SAPI !== 'cli') {
 	echo 'This script can be run only in command line mode.';
 	exit(1);
 }
 require_once __DIR__ . '/../../common.php';
 require_once SYSTEM . 'functions.php';
 require_once SYSTEM . 'init.php';
 if($argc !== 3) {
 	echo 'This command expects two parameters: account_name_or_id|player_name|email address, subject.' . PHP_EOL;
 	exit(2);
 }
 $email_account_name = $argv[1];
 $subject = $argv[2];
 $message = file_get_contents('php://stdin');
 if(strpos($email_account_name, '@') === false) {
 	$account = new OTS_Account();
 	if(USE_ACCOUNT_NAME) {
 		$account->find($email_account_name);
 	}
 	else {
 		$account->load($email_account_name);
 	}
 	if($account->isLoaded()) {
 		$email_account_name = $account->getEMail();
 	}
 	else {
 		$player = new OTS_Player();
 		$player->find($email_account_name);
 		if($player->isLoaded()) {
 			$email_account_name = $player->getAccount()->getEMail();
 		}
 		else {
 			echo 'Cannot find player or account with name: ' . $email_account_name . '.' . PHP_EOL;
 			exit(3);
 		}
 	}
 }
 if(!Validator::email($email_account_name)) {
 	echo 'Invalid E-Mail format.' . PHP_EOL;
 	exit(4);
 }
 if(strlen($subject) > 255) {
 	echo 'Subject max length is 255 characters.' . PHP_EOL;
 	exit(5);
 }
 if(!_mail($email_account_name, $subject, $message)) {
 	echo 'An error occurred while sending email. More info can be found in system/logs/mailer-error.log';
 	exit(6);
 }
 echo 'Mail sent to ' . $email_account_name . '.' . PHP_EOL;
--- a/system/compat/base.php
+++ b/system/compat/base.php
@@ -9,10 +9,12 @@
 */
 defined('MYAAC') or die('Direct access not allowed!');
 class Validator extends \MyAAC\Validator {}
 function check_name($name, &$errors = '') {
 	if(Validator::characterName($name))
 		return true;
-	
+
 	$errors = Validator::getLastError();
 	return false;
 }
@@ -20,7 +22,7 @@ function check_name($name, &$errors = '') {
 function check_account_id($id, &$errors = '') {
 	if(Validator::accountId($id))
 		return true;
-	
+
 	$errors = Validator::getLastError();
 	return false;
 }
@@ -28,7 +30,7 @@ function check_account_id($id, &$errors = '') {
 function check_account_name($name, &$errors = '') {
 	if(Validator::accountName($name))
 		return true;
-	
+
 	$errors = Validator::getLastError();
 	return false;
 }
@@ -36,7 +38,7 @@ function check_account_name($name, &$errors = '') {
 function check_name_new_char($name, &$errors = '') {
 	if(Validator::newCharacterName($name))
 		return true;
-	
+
 	$errors = Validator::getLastError();
 	return false;
 }
@@ -44,7 +46,7 @@ function check_name_new_char($name, &$errors = '') {
 function check_rank_name($name, &$errors = '') {
 	if(Validator::rankName($name))
 		return true;
-	
+
 	$errors = Validator::getLastError();
 	return false;
 }
@@ -52,7 +54,7 @@ function check_rank_name($name, &$errors = '') {
 function check_guild_name($name, &$errors = '') {
 	if(Validator::guildName($name))
 		return true;
-	
+
 	$errors = Validator::getLastError();
 	return false;
 }
@@ -72,4 +74,7 @@ function fieldExist($field, $table)
 	global $db;
 	return $db->hasColumn($table, $field);
 }
-?>
+
 function getCreatureImgPath($creature): string {
 	return getMonsterImgPath($creature);
 }
--- a/system/compat/pages.php
+++ b/system/compat/pages.php
@@ -44,7 +44,7 @@ switch($page)
 		break;
 	case 'killstatistics':
-		$page = 'lastkills';
+		$page = 'last-kills';
 		break;
 	case 'buypoints':
--- a/system/counter.php
+++ b/system/counter.php
@@ -7,6 +7,9 @@
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 use MyAAC\Cache\Cache;
 defined('MYAAC') or die('Direct access not allowed!');
 define('COUNTER_SYNC', 10); // how often counter is synchronized with database (each x site refreshes)
--- a/system/database.php
+++ b/system/database.php
@@ -127,6 +127,7 @@ try {
 	}
 	if(defined('MYAAC_INSTALL')) {
 		$error = $e->getMessage();
 		return; // installer will take care of this
 	}
--- a/system/exception.php
+++ b/system/exception.php
@@ -8,6 +8,8 @@
 * @link      https://my-aac.org
 */
 use MyAAC\Exceptions\SensitiveException;
 if (class_exists(\Whoops\Run::class)) {
 	$whoops = new \Whoops\Run;
 	if(IS_CLI) {
@@ -21,8 +23,6 @@ if (class_exists(\Whoops\Run::class)) {
 	return;
 }
 require LIBS . 'SensitiveException.php';
 /**
 * @param Exception $exception
 */
--- a/system/functions.php
+++ b/system/functions.php
@@ -9,12 +9,17 @@
 */
 defined('MYAAC') or die('Direct access not allowed!');
 use MyAAC\Cache\Cache;
 use MyAAC\CsrfToken;
 use MyAAC\Items;
 use MyAAC\Models\Config;
 use MyAAC\Models\Guild;
 use MyAAC\Models\House;
 use MyAAC\Models\Pages;
 use MyAAC\Models\Player;
 use MyAAC\News;
 use MyAAC\Plugins;
 use MyAAC\Settings;
 use PHPMailer\PHPMailer\PHPMailer;
 use Twig\Loader\ArrayLoader as Twig_ArrayLoader;
@@ -82,25 +87,36 @@ function getForumBoardLink($board_id, $page = NULL): string {
 	return BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . 'forum/board/' . (int)$board_id . (isset($page) ? '/' . $page : '');
 }
-function getPlayerLink($name, $generate = true): string
+function getPlayerLink($name, $generate = true, bool $colored = false): string
 {
-	if(is_numeric($name))
+	$player = new OTS_Player();
-	{
+
-		$player = new OTS_Player();
+	if(is_numeric($name)) {
 		$player->load((int)$name);
-		if($player->isLoaded())
+	}
-			$name = $player->getName();
+	else {
 		$player->find($name);
 	}
 	if (!$player->isLoaded()) {
 		return '(error)';
 	}
 	$name = $player->getName();
 	$url = BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . 'characters/' . urlencode($name);
 	if ($colored) {
 		$name = '<span style="color: ' . ($player->isOnline() ? 'green' : 'red') . ';">' . $name . '</span>';
 	}
 	if(!$generate) return $url;
 	return generateLink($url, $name);
 }
 function getMonsterLink($name, $generate = true): string
 {
-	$url = BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . 'creatures/' . urlencode($name);
+	$url = BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . 'monsters/' . urlencode($name);
 	if(!$generate) return $url;
 	return generateLink($url, $name);
@@ -137,7 +153,6 @@ function getGuildLink($name, $generate = true): string
 }
 function getItemNameById($id) {
 	require_once LIBS . 'items.php';
 	$item = Items::get($id);
 	return !empty($item['name']) ? $item['name'] : '';
 }
@@ -197,7 +212,7 @@ function getFlagImage($country): string
 * @param mixed $v Variable to check.
 * @return bool Value boolean status.
 */
-function getBoolean($v): bool
+function getBoolean(mixed $v): bool
 {
 	if(is_bool($v)) {
 		return $v;
@@ -206,6 +221,10 @@ function getBoolean($v): bool
 	if(is_numeric($v))
 		return (int)$v > 0;
 	if (is_null($v)) {
 		return false;
 	}
 	$v = strtolower($v);
 	return $v === 'yes' || $v === 'true';
 }
@@ -253,7 +272,7 @@ function generateRandomString($length, $lowCase = true, $upCase = false, $numeri
 function getForumBoards()
 {
 	global $db, $canEdit;
-	$sections = $db->query('SELECT `id`, `name`, `description`, `closed`, `guild`, `access`' . ($canEdit ? ', `hidden`, `ordering`' : '') . ' FROM `' . TABLE_PREFIX . 'forum_boards` ' . (!$canEdit ? ' WHERE `hidden` != 1' : '') .
+	$sections = $db->query('SELECT `id`, `name`, `description`, `closed`, `guild`, `access`' . ($canEdit ? ', `hide`, `ordering`' : '') . ' FROM `' . TABLE_PREFIX . 'forum_boards` ' . (!$canEdit ? ' WHERE `hide` != 1' : '') .
 		' ORDER BY `ordering`;');
 	if($sections)
 		return $sections->fetchAll();
@@ -410,7 +429,10 @@ function delete_guild($id)
 	if(count($rank_list) > 0) {
 		$rank_list->orderBy('level');
-		global $db, $ots;
+		global $db;
 		/**
 		 * @var OTS_GuildRank $rank_in_guild
 		 */
 		foreach($rank_list as $rank_in_guild) {
 			if($db->hasTable('guild_members'))
 				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_members`.`rank_id` as `rank_id` FROM `players`, `guild_members` WHERE `guild_members`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_members`.`player_id` ORDER BY `name`;');
@@ -702,11 +724,8 @@ function getSkillName($skillId, $suffix = true)
 /**
 * Performs flag check on the current logged in user.
 * Table in database: accounts, field: website_flags
 *
 * @param int @flag Flag to be verified.
 * @return bool If user got flag.
 */
-function hasFlag($flag) {
+function hasFlag(int $flag): bool {
 	global $logged, $logged_flags;
 	return ($logged && ($logged_flags & $flag) == $flag);
 }
@@ -779,7 +798,7 @@ function get_browser_languages()
 	$languages = str_replace(' ', '', $languages);
 	foreach(explode(',', $languages) as $language_list)
-		$ret[] .= substr($language_list, 0, 2);
+		$ret[] = substr($language_list, 0, 2);
 	return $ret;
 }
@@ -798,6 +817,10 @@ function get_templates()
 			$ret[] = $file;
 	}
 	foreach (Plugins::getThemes() as $name => $path) {
 		$ret[] = $name;
 	}
 	return $ret;
 }
@@ -1052,8 +1075,8 @@ function unsetSession($key) {
 	unset($_SESSION[setting('core.session_prefix') . $key]);
 }
-function csrf(): void {
+function csrf(bool $return = false): string {
-	CsrfToken::create();
+	return CsrfToken::create($return);
 }
 function csrfToken(): string {
@@ -1062,7 +1085,7 @@ function csrfToken(): string {
 function isValidToken(): bool {
 	$token = $_POST['csrf_token'] ?? $_SERVER['HTTP_X_CSRF_TOKEN'] ?? null;
-	return ($_SERVER['REQUEST_METHOD'] !== 'POST' || (isset($token) && CsrfToken::isValid($token)));
+	return (!isRequestMethod('post') || (isset($token) && CsrfToken::isValid($token)));
 }
 function csrfProtect(): void
@@ -1191,72 +1214,48 @@ function setting($key)
 function clearCache()
 {
 	require_once LIBS . 'news.php';
 	News::clearCache();
 	$cache = Cache::getInstance();
 	if($cache->enabled()) {
-		$tmp = '';
+		$keysToClear = [
-
+			'status', 'templates',
-		if ($cache->fetch('status', $tmp))
+			'config_lua',
-			$cache->delete('status');
+			'towns', 'groups', 'vocations',
-
+			'visitors', 'views_counter', 'failed_logins',
-		if ($cache->fetch('templates', $tmp))
+			'template_menus',
-			$cache->delete('templates');
+			'last_kills',
-
+			'hooks', 'plugins_hooks', 'plugins_routes', 'plugins_settings', 'plugins_themes', 'plugins_commands',
-		if ($cache->fetch('config_lua', $tmp))
+			'settings',
-			$cache->delete('config_lua');
+		];
 		if ($cache->fetch('vocations', $tmp))
 			$cache->delete('vocations');
 		if ($cache->fetch('towns', $tmp))
 			$cache->delete('towns');
 		if ($cache->fetch('groups', $tmp))
 			$cache->delete('groups');
 		if ($cache->fetch('visitors', $tmp))
 			$cache->delete('visitors');
 		if ($cache->fetch('views_counter', $tmp))
 			$cache->delete('views_counter');
 		if ($cache->fetch('failed_logins', $tmp))
 			$cache->delete('failed_logins');
 		foreach (get_templates() as $template) {
-			if ($cache->fetch('template_ini_' . $template, $tmp)) {
+			$keysToClear[] = 'template_ini_' . $template;
-				$cache->delete('template_ini_' . $template);
+		}
 		// highscores cache
 		$configHighscoresPerPage = setting('core.highscores_per_page');
 		$skills = [POT::SKILL_FIST, POT::SKILL_CLUB, POT::SKILL_SWORD, POT::SKILL_AXE, POT::SKILL_DIST, POT::SKILL_SHIELD, POT::SKILL_FISH, POT::SKILL_LEVEL, POT::SKILL__MAGLEVEL, SKILL_FRAGS, SKILL_BALANCE];
 		foreach ($skills as $skill) {
 			// config('vocations') may be empty after previous cache clear
 			$vocations = (config('vocations') ?? []) + ['all'];
 			foreach ($vocations as $vocation) {
 				for($page = 0; $page < 10; $page++) {
 					$cacheKey = 'highscores_' . $skill . '_' . strtolower($vocation) . '_' . $page . '_' . $configHighscoresPerPage;
 					$keysToClear[] = $cacheKey;
 				}
 			}
 		}
-		if ($cache->fetch('template_menus', $tmp)) {
+		foreach ($keysToClear as $item) {
-			$cache->delete('template_menus');
+			$tmp = '';
-		}
+			if ($cache->fetch($item, $tmp)) {
-		if ($cache->fetch('database_tables', $tmp)) {
+				$cache->delete($item);
-			$cache->delete('database_tables');
+			}
 		}
 		if ($cache->fetch('database_columns', $tmp)) {
 			$cache->delete('database_columns');
 		}
 		if ($cache->fetch('database_checksum', $tmp)) {
 			$cache->delete('database_checksum');
 		}
 		if ($cache->fetch('last_kills', $tmp)) {
 			$cache->delete('last_kills');
 		}
-		if ($cache->fetch('hooks', $tmp)) {
+		global $db;
-			$cache->delete('hooks');
+		$db->setClearCacheAfter(true);
 		}
 		if ($cache->fetch('plugins_hooks', $tmp)) {
 			$cache->delete('plugins_hooks');
 		}
 		if ($cache->fetch('plugins_routes', $tmp)) {
 			$cache->delete('plugins_routes');
 		}
 	}
 	deleteDirectory(CACHE . 'signatures', ['index.html'], true);
@@ -1265,12 +1264,20 @@ function clearCache()
 	deleteDirectory(CACHE, ['signatures', 'twig', 'plugins', 'index.html', 'persistent'], true);
 	// routes cache
 	clearRouteCache();
 	global $hooks;
 	$hooks->trigger(HOOK_CACHE_CLEAR, ['cache' => Cache::getInstance()]);
 	return true;
 }
 function clearRouteCache(): void
 {
 	$routeCacheFile = CACHE . 'route.cache';
 	if (file_exists($routeCacheFile)) {
 		unlink($routeCacheFile);
 	}
 	return true;
 }
 function getCustomPageInfo($name)
@@ -1312,13 +1319,6 @@ function getCustomPage($name, &$success): string
 			else
 				$tmp = $page['body'];
 			$php_errors = array();
 			function error_handler($errno, $errstr) {
 				global $php_errors;
 				$php_errors[] = array('errno' => $errno, 'errstr' => $errstr);
 			}
 			set_error_handler('error_handler');
 			global $config;
 			if(setting('core.backward_support')) {
 				global $SQL, $main_content, $subtopic;
@@ -1328,11 +1328,6 @@ function getCustomPage($name, &$success): string
 			eval($tmp);
 			$content .= ob_get_contents();
 			ob_end_clean();
 			restore_error_handler();
 			if(isset($php_errors[0]) && superAdmin()) {
 				var_dump($php_errors);
 			}
 		}
 		else {
 			$oldLoader = $twig->getLoader();
@@ -1576,18 +1571,19 @@ function right($str, $length) {
 	return substr($str, -$length);
 }
-function getCreatureImgPath($creature){
+function getMonsterImgPath($monster): string
-	$creature_path = setting('core.monsters_images_url');
+{
-	$creature_gfx_name = trim(strtolower($creature)) . setting('core.monsters_images_extension');
+	$monster_path = setting('core.monsters_images_url');
-	if (!file_exists($creature_path . $creature_gfx_name)) {
+	$monster_gfx_name = trim(strtolower($monster)) . setting('core.monsters_images_extension');
-		$creature_gfx_name = str_replace(" ", "", $creature_gfx_name);
+	if (!file_exists($monster_path . $monster_gfx_name)) {
-		if (file_exists($creature_path . $creature_gfx_name)) {
+		$monster_gfx_name = str_replace(" ", "", $monster_gfx_name);
-			return $creature_path . $creature_gfx_name;
+		if (file_exists($monster_path . $monster_gfx_name)) {
 			return $monster_path . $monster_gfx_name;
 		} else {
-			return $creature_path . 'nophoto.png';
+			return $monster_path . 'nophoto.png';
 		}
 	} else {
-		return $creature_path . $creature_gfx_name;
+		return $monster_path . $monster_gfx_name;
 	}
 }
@@ -1638,7 +1634,7 @@ function removeIfFirstSlash(&$text) {
 };
 function escapeHtml($html) {
-	return htmlentities($html, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
+	return htmlspecialchars($html);
 }
 function getGuildNameById($id)
@@ -1675,8 +1671,15 @@ function displayErrorBoxWithBackButton($errors, $action = null) {
 	]);
 }
 function makeLinksClickable($text, $blank = true) {
 	return preg_replace('!(((f|ht)tp(s)?://)[-a-zA-Zа-яА-Я()0-9@:%_+.~#?&;//=]+)!i', '<a href="$1"' . (!$blank ?: ' target="_blank"') . '>$1</a>', $text);
 }
 function isRequestMethod(string $method): bool {
 	return strtolower($_SERVER['REQUEST_METHOD']) == strtolower($method);
 }
 // validator functions
 require_once LIBS . 'validator.php';
 require_once SYSTEM . 'compat/base.php';
 // custom functions
--- a/system/init.php
+++ b/system/init.php
@@ -8,7 +8,12 @@
 * @link      https://my-aac.org
 */
 use DebugBar\StandardDebugBar;
 use MyAAC\Cache\Cache;
 use MyAAC\CsrfToken;
 use MyAAC\Hooks;
 use MyAAC\Settings;
 use MyAAC\Towns;
 defined('MYAAC') or die('Direct access not allowed!');
@@ -16,8 +21,6 @@ if(!isset($config['installed']) || !$config['installed']) {
 	throw new RuntimeException('MyAAC has not been installed yet or there was error during installation. Please install again.');
 }
 use DebugBar\StandardDebugBar;
 if(config('env') === 'dev') {
 	require SYSTEM . 'exception.php';
 }
@@ -39,11 +42,9 @@ if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HT
 	ob_start('ob_gzhandler');
 // cache
 require_once SYSTEM . 'libs/cache.php';
 $cache = Cache::getInstance();
 // event system
 require_once SYSTEM . 'hooks.php';
 $hooks = new Hooks();
 $hooks->load();
@@ -54,28 +55,24 @@ require_once SYSTEM . 'twig.php';
 $action = $_REQUEST['action'] ?? '';
 define('ACTION', $action);
 // errors, is also often used
 $errors = [];
 // trim values we receive
-if(isset($_POST))
+foreach($_POST as $var => $value) {
-{
+	if(is_string($value)) {
-	foreach($_POST as $var => $value) {
+		$_POST[$var] = trim($value);
 		if(is_string($value)) {
 			$_POST[$var] = trim($value);
 		}
 	}
 }
-if(isset($_GET))
+
-{
+foreach($_GET as $var => $value) {
-	foreach($_GET as $var => $value) {
+	if(is_string($value))
-		if(is_string($value))
+		$_GET[$var] = trim($value);
 			$_GET[$var] = trim($value);
 	}
 }
-if(isset($_REQUEST))
+
-{
+foreach($_REQUEST as $var => $value) {
-	foreach($_REQUEST as $var => $value) {
+	if(is_string($value))
-		if(is_string($value))
+		$_REQUEST[$var] = trim($value);
 			$_REQUEST[$var] = trim($value);
 	}
 }
 // load otserv config file
@@ -131,18 +128,21 @@ if(!isset($foundValue)) {
 $config['data_path'] = $foundValue;
 unset($foundValue);
 // POT
 require_once SYSTEM . 'libs/pot/OTS.php';
 $ots = POT::getInstance();
 $eloquentConnection = null;
 require_once SYSTEM . 'database.php';
 // verify myaac tables exists in database
 if(!defined('MYAAC_INSTALL') && !$db->hasTable('myaac_account_actions')) {
 	throw new RuntimeException('Seems that the table myaac_account_actions of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting ' . BASE_URL . 'install');
 }
 // execute migrations
 require SYSTEM . 'migrate.php';
 // settings
 require_once LIBS . 'Settings.php';
 $settings = Settings::getInstance();
 $settings->load();
@@ -159,8 +159,8 @@ date_default_timezone_set(setting('core.date_timezone'));
 setting(
 	[
-		'core.account_create_character_create',
+		'core.account_mail_verify',
-		setting('core.account_create_character_create') && (!setting('core.mail_enabled') || !setting('core.account_mail_verify'))
+		setting('core.account_mail_verify') && setting('core.mail_enabled')
 	]
 );
@@ -173,5 +173,4 @@ define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
 define('USE_ACCOUNT_NUMBER', $db->hasColumn('accounts', 'number'));
 define('USE_ACCOUNT_SALT', $db->hasColumn('accounts', 'salt'));
 require LIBS . 'Towns.php';
 Towns::load();
--- a/system/libs/SensitiveException.php
+++ b/system/libs/SensitiveException.php
@@ -1,3 +0,0 @@
 <?php
 class SensitiveException extends Exception {}
--- a/system/libs/cache_eaccelerator.php
+++ b/system/libs/cache_eaccelerator.php
@@ -1,51 +0,0 @@
 <?php
 /**
 * Cache eAccelerator class
 *
 * @package   MyAAC
 * @author    Slawkens <slawkens@gmail.com>
 * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
 class Cache_eAccelerator
 {
 	private $prefix;
 	private $enabled;
 	public function __construct($prefix = '') {
 		$this->prefix = $prefix;
 		$this->enabled = function_exists('eaccelerator_get');
 	}
 	public function set($key, $var, $ttl = 0)
 	{
 		$key = $this->prefix . $key;
 		eaccelerator_rm($key);
 		eaccelerator_put($key, $var, $ttl);
 	}
 	public function get($key)
 	{
 		$tmp = '';
 		if($this->fetch($this->prefix . $key, $tmp)) {
 			return $tmp;
 		}
 		return '';
 	}
 	public function fetch($key, &$var) {
 		return ($var = eaccelerator_get($this->prefix . $key)) !== null;
 	}
 	public function delete($key) {
 		eaccelerator_rm($this->prefix . $key);
 	}
 	public function enabled() {
 		return $this->enabled;
 	}
 }
--- a/system/libs/pot/OTS_Base_DAO.php
+++ b/system/libs/pot/OTS_Base_DAO.php
@@ -15,15 +15,15 @@
 /**
 * Basic data access object routines.
- * 
+ *
 * <p>
 * This class defines basic mechanisms for all classes that will represent database accessors. However no coding logic is defined here - only connection handling and PHP core-related stuff to enable variouse operations with objects.
 * </p>
- * 
+ *
 * <p>
 * This class is mostly usefull when you create own extensions for POT code.
 * </p>
- * 
+ *
 * @package POT
 * @version 0.1.0
 */
@@ -31,14 +31,14 @@ abstract class OTS_Base_DAO implements IOTS_DAO
 {
 /**
 * Database connection.
- * 
+ *
 * @var PDO
 */
    protected $db;
 /**
 * Sets database connection handler.
- * 
+ *
 * @version 0.1.0
 */
    public function __construct()
@@ -48,11 +48,11 @@ abstract class OTS_Base_DAO implements IOTS_DAO
 /**
 * Magic PHP5 method.
- * 
+ *
 * <p>
 * Allows object serialisation.
 * </p>
- * 
+ *
 * @return array List of properties that should be saved.
 */
    public function __sleep()
@@ -62,7 +62,7 @@ abstract class OTS_Base_DAO implements IOTS_DAO
 /**
 * Magic PHP5 method.
- * 
+ *
 * <p>
 * Allows object unserialisation.
 * </p>
@@ -74,7 +74,7 @@ abstract class OTS_Base_DAO implements IOTS_DAO
 /**
 * Creates clone of object.
- * 
+ *
 * <p>
 * Copy of object needs to have different ID.
 * </p>
@@ -83,38 +83,4 @@ abstract class OTS_Base_DAO implements IOTS_DAO
    {
        unset($this->data['id']);
    }
 /**
 * Magic PHP5 method.
 * 
 * <p>
 * Allows object importing from {@link http://www.php.net/manual/en/function.var-export.php var_export()}.
 * </p>
 * 
 * @version 0.1.0
 * @param array $properties List of object properties.
 */
    public static function __set_state($properties)
    {
        // deletes database handle
        if( isset($properties['db']) )
        {
            unset($properties['db']);
        }
        // initializes new object with current database connection
        $object = new self();
        // loads properties
        foreach($properties as $name => $value)
        {
            $object->$name = $value;
        }
        return $object;
    }
 }
 /**#@-*/
 ?>
--- a/system/libs/pot/OTS_Buffer.php
+++ b/system/libs/pot/OTS_Buffer.php
@@ -15,15 +15,15 @@
 /**
 * Binary buffer container.
- * 
+ *
 * <p>
 * This is generic class for classes that uses buffer-baser read-write operations (it can also emulate C-like pointers).
 * <p>
- * 
+ *
 * <p>
 * Note that unlike <var>NetworkMessage</var> class from OTServ C++ source code, in this one reading and writing positions are separated so you can pararelly read and write it's content like for example using object of this class as stack.
 * </p>
- * 
+ *
 * @package POT
 * @version 0.1.3
 * @property string $buffer Properties binary string.
@@ -39,381 +39,391 @@ class OTS_Buffer
 {
 /**
 * Node properties stream.
- * 
+ *
 * @var string
 */
-    protected $buffer;
+	protected $buffer;
 /**
 * Properties stream pointer.
- * 
+ *
 * @var int
 */
-    protected $pos;
+	protected $pos;
 /**
 * Initializes new buffered reader.
- * 
+ *
 * @param string $buffer Buffer content.
 */
-    public function __construct($buffer = '')
+	public function __construct($buffer = '')
-    {
+	{
-        $this->buffer = $buffer;
+		$this->buffer = $buffer;
-        $this->pos = 0;
+		$this->pos = 0;
-    }
+	}
 /**
 * Magic PHP5 method.
- * 
+ *
 * <p>
 * Allows object importing from {@link http://www.php.net/manual/en/function.var-export.php var_export()}.
 * </p>
- * 
+ *
 * @param array $properties List of object properties.
 */
-    public static function __set_state($properties)
+	public static function __set_state($properties)
-    {
+	{
-        $object = new self();
+		$object = new self();
-        // loads properties
+		// loads properties
-        foreach($properties as $name => $value)
+		foreach($properties as $name => $value)
-        {
+		{
-            $object->$name = $value;
+			$object->$name = $value;
-        }
+		}
-        return $object;
+		return $object;
-    }
+	}
 /**
 * Returs properties stream.
- * 
+ *
 * @return string Properties stream.
 */
-    public function getBuffer()
+	public function getBuffer()
-    {
+	{
-        return $this->buffer;
+		return $this->buffer;
-    }
+	}
 /**
 * Sets properties stream.
- * 
+ *
 * @param string Properties stream.
 */
-    public function setBuffer($buffer)
+	public function setBuffer($buffer)
-    {
+	{
-        $this->buffer = $buffer;
+		$this->buffer = $buffer;
-        $this->pos = 0;
+		$this->pos = 0;
-    }
+	}
 /**
 * Checks if there is anything left in stream.
- * 
+ *
 * @return bool False if pointer is at the end of stream.
 */
-    public function isValid()
+	public function isValid()
-    {
+	{
-        return $this->pos < strlen($this->buffer);
+		return $this->pos < strlen($this->buffer);
-    }
+	}
 /**
 * Checks stream end state.
- * 
+ *
 * @param int $size Amount of bytes that are going to be read.
 * @throws E_OTS_OutOfBuffer When there is read attemp after end of stream.
 */
-    protected function check($size = 1)
+	protected function check($size = 1)
-    {
+	{
-        if( strlen($this->buffer) < $this->pos + $size)
+		if( strlen($this->buffer) < $this->pos + $size)
-        {
+		{
-            throw new E_OTS_OutOfBuffer();
+			throw new E_OTS_OutOfBuffer();
-        }
+		}
-    }
+	}
 /**
 * Returns single byte.
- * 
+ *
 * @return int Byte (char) value.
 * @throws E_OTS_OutOfBuffer When there is read attemp after end of stream.
 */
-    public function getChar()
+	public function getChar()
-    {
+	{
-        // checks buffer size
+		// checks buffer size
-        $this->check();
+		$this->check();
-        $value = ord($this->buffer[$this->pos]);
+		$value = ord($this->buffer[$this->pos]);
-        $this->pos++;
+		$this->pos++;
-        return $value;
+		return $value;
-    }
+	}
 /**
 * Appends single byte to buffer.
- * 
+ *
 * @param int $char Byte (char) value.
 */
-    public function putChar($char)
+	public function putChar($char)
-    {
+	{
-        $this->buffer .= chr($char);
+		$this->buffer .= chr($char);
-    }
+	}
 /**
 * Returns double byte.
- * 
+ *
 * @return int Word (short) value.
 * @throws E_OTS_OutOfBuffer When there is read attemp after end of stream.
 */
-    public function getShort()
+	public function getShort()
-    {
+	{
-        // checks buffer size
+		// checks buffer size
-        $this->check(2);
+		$this->check(2);
-        $value = unpack('v', substr($this->buffer, $this->pos, 2) );
+		$value = unpack('v', substr($this->buffer, $this->pos, 2) );
-        $this->pos += 2;
+		$this->pos += 2;
-        return $value[1];
+		return $value[1];
-    }
+	}
 /**
 * Appends double byte to buffer.
- * 
+ *
 * @param int $short Word (short) value.
 */
-    public function putShort($short)
+	public function putShort($short)
-    {
+	{
-        $this->buffer .= pack('v', $short);
+		$this->buffer .= pack('v', $short);
-    }
+	}
 /**
 * Returns quater byte.
- * 
+ *
 * @return int Double word (long) value.
 * @throws E_OTS_OutOfBuffer When there is read attemp after end of stream.
 */
-    public function getLong()
+	public function getLong()
-    {
+	{
-        // checks buffer size
+		// checks buffer size
-        $this->check(4);
+		$this->check(4);
-        $value = unpack('V', substr($this->buffer, $this->pos, 4) );
+		$value = unpack('V', substr($this->buffer, $this->pos, 4) );
-        $this->pos += 4;
+		$this->pos += 4;
-        return $value[1];
+		return $value[1];
-    }
+	}
 	public function getLongLong()
 	{
 		// checks buffer size
 		$this->check(8);
 		$value = unpack('P', substr($this->buffer, $this->pos, 8) );
 		$this->pos += 8;
 		return $value[1];
 	}
 /**
 * Appends quater byte to buffer.
- * 
+ *
 * @param int $long Double word (long) value.
 */
-    public function putLong($long)
+	public function putLong($long)
-    {
+	{
-        $this->buffer .= pack('V', $long);
+		$this->buffer .= pack('V', $long);
-    }
+	}
 /**
 * Returns string from buffer.
- * 
+ *
 * <p>
 * If length is not given then treats first short value from current buffer as string length.
 * </p>
- * 
+ *
 * @param int|bool $length String length.
 * @return string First substring.
 * @throws E_OTS_OutOfBuffer When there is read attemp after end of stream.
 */
-    public function getString($length = false)
+	public function getString($length = false)
-    {
+	{
-        // reads string length if not given
+		// reads string length if not given
-        if($length === false)
+		if($length === false)
-        {
+		{
-            $length = $this->getShort();
+			$length = $this->getShort();
-        }
+		}
-        // checks buffer size
+		// checks buffer size
-        $this->check($length);
+		$this->check($length);
-        // copies substring
+		// copies substring
-        $value = substr($this->buffer, $this->pos, $length);
+		$value = substr($this->buffer, $this->pos, $length);
-        $this->pos += $length;
+		$this->pos += $length;
-        return $value;
+		return $value;
-    }
+	}
 /**
 * Appends string to buffer.
- * 
+ *
 * @param string $string Binary length.
 * @param bool $dynamic Whether if string length is fixed or not (if it is dynamic then length will be inserted as short before string chunk).
 */
-    public function putString($string, $dynamic = true)
+	public function putString($string, $dynamic = true)
-    {
+	{
-        // appends string length if requires
+		// appends string length if requires
-        if($dynamic)
+		if($dynamic)
-        {
+		{
-            $this->putShort( strlen($string) );
+			$this->putShort( strlen($string) );
-        }
+		}
-        $this->buffer .= $string;
+		$this->buffer .= $string;
-    }
+	}
 /**
 * Empties buffer.
 */
-    public function reset()
+	public function reset()
-    {
+	{
-        $this->__construct();
+		$this->__construct();
-    }
+	}
 /**
 * Returns current read position.
- * 
+ *
 * @return int Read position.
 */
-    public function getPos()
+	public function getPos()
-    {
+	{
-        return $this->pos;
+		return $this->pos;
-    }
+	}
 /**
 * Seeks current reading position.
- * 
+ *
 * @param int $pos Read position.
 */
-    public function setPos($pos)
+	public function setPos($pos)
-    {
+	{
-        $this->pos = $pos;
+		$this->pos = $pos;
-    }
+	}
 /**
 * Returns buffer size.
- * 
+ *
 * @return int Buffer length.
 */
-    public function getSize()
+	public function getSize()
-    {
+	{
-        return strlen($this->buffer);
+		return strlen($this->buffer);
-    }
+	}
 /**
 * Skips given amount of bytes.
- * 
+ *
 * @param int $n Bytes to skip.
 * @throws E_OTS_OutOfBuffer When there is read attemp after end of stream.
 */
-    public function skip($n)
+	public function skip($n)
-    {
+	{
-        $this->check($n);
+		$this->check($n);
-        $this->pos += $n;
+		$this->pos += $n;
-    }
+	}
 /**
 * Magic PHP5 method.
- * 
+ *
 * @param string $name Property name.
 * @return mixed Property value.
 * @throws OutOfBoundsException For non-supported properties.
 * @throws E_OTS_OutOfBuffer When there is read attemp after end of stream.
 */
-    public function __get($name)
+	public function __get($name)
-    {
+	{
-        switch($name)
+		switch($name)
-        {
+		{
-            // simple properties
+			// simple properties
-            case 'buffer':
+			case 'buffer':
-                return $this->buffer;
+				return $this->buffer;
-            // isValid() wrapper
+			// isValid() wrapper
-            case 'valid':
+			case 'valid':
-                return $this->isValid();
+				return $this->isValid();
-            // getChar() wrapper
+			// getChar() wrapper
-            case 'char':
+			case 'char':
-                return $this->getChar();
+				return $this->getChar();
-            // getShort() wrapper
+			// getShort() wrapper
-            case 'short':
+			case 'short':
-                return $this->getShort();
+				return $this->getShort();
-            // getLong() wrapper
+			// getLong() wrapper
-            case 'long':
+			case 'long':
-                return $this->getLong();
+				return $this->getLong();
-            // getString() wrapper
+			// getString() wrapper
-            case 'string':
+			case 'string':
-                return $this->getString();
+				return $this->getString();
-            // getPos() wrapper
+			// getPos() wrapper
-            case 'pos':
+			case 'pos':
-                return $this->getPos();
+				return $this->getPos();
-            // getSize() wrapper
+			// getSize() wrapper
-            case 'size':
+			case 'size':
-                return $this->getSize();
+				return $this->getSize();
-            default:
+			default:
-                throw new OutOfBoundsException();
+				throw new OutOfBoundsException();
-        }
+		}
-    }
+	}
 /**
 * Magic PHP5 method.
- * 
+ *
 * @version 0.1.3
 * @param string $name Property name.
 * @param mixed $value Property value.
 * @throws OutOfBoundsException For non-supported properties.
 */
-    public function __set($name, $value)
+	public function __set($name, $value)
-    {
+	{
-        switch($name)
+		switch($name)
-        {
+		{
-            // buffer needs to be reset
+			// buffer needs to be reset
-            case 'buffer':
+			case 'buffer':
-                $this->setBuffer($value);
+				$this->setBuffer($value);
-                break;
+				break;
-            // putChar() wrapper
+			// putChar() wrapper
-            case 'char':
+			case 'char':
-                $this->putChar($value);
+				$this->putChar($value);
-                break;
+				break;
-            // putShort() wrapper
+			// putShort() wrapper
-            case 'short':
+			case 'short':
-                $this->putShort($value);
+				$this->putShort($value);
-                break;
+				break;
-            // putLong() wrapper
+			// putLong() wrapper
-            case 'long':
+			case 'long':
-                $this->putLong($value);
+				$this->putLong($value);
-                break;
+				break;
-            // putString() wrapper
+			// putString() wrapper
-            case 'string':
+			case 'string':
-                $this->putString($value);
+				$this->putString($value);
-                break;
+				break;
-            // setPos() wrapper
+			// setPos() wrapper
-            case 'pos':
+			case 'pos':
-                $this->setPos($value);
+				$this->setPos($value);
-                break;
+				break;
-            default:
+			default:
-                throw new OutOfBoundsException();
+				throw new OutOfBoundsException();
-        }
+		}
-    }
+	}
 /**
 * Returns string representation of buffer object.
- * 
+ *
 * @return string Object's buffer.
 */
-    public function __toString()
+	public function __toString()
-    {
+	{
-        return $this->buffer;
+		return $this->buffer;
-    }
+	}
 /**
 * Resets pointer of cloned object.
 */
-    public function __clone()
+	public function __clone()
-    {
+	{
-        $this->pos = 0;
+		$this->pos = 0;
-    }
+	}
 }
 /**#@-*/
--- a/system/libs/pot/OTS_DB_MySQL.php
+++ b/system/libs/pot/OTS_DB_MySQL.php
@@ -12,6 +12,8 @@
 * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
 */
 use MyAAC\Cache\Cache;
 /**
 * MySQL connection interface.
 *
@@ -26,6 +28,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 {
 	private $has_table_cache = array();
 	private $has_column_cache = array();
 	private $clearCacheAfter = false;
 /**
 * Creates database connection.
 *
@@ -94,7 +98,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
        }
 		global $config;
-		if(class_exists('Cache') && ($cache = Cache::getInstance()) && $cache->enabled()) {
+		$cache = Cache::getInstance();
 		if($cache->enabled()) {
 			$tmp = null;
 			$need_revalidation = true;
 			if($cache->fetch('database_checksum', $tmp) && $tmp) {
@@ -145,10 +150,18 @@ class OTS_DB_MySQL extends OTS_Base_DB
    {
 		global $config;
-	    if(class_exists('Cache') && ($cache = Cache::getInstance()) && $cache->enabled()) {
+		$cache = Cache::getInstance();
-			$cache->set('database_tables', serialize($this->has_table_cache), 3600);
+		if($cache->enabled()) {
-			$cache->set('database_columns', serialize($this->has_column_cache), 3600);
+			if ($this->clearCacheAfter) {
-			$cache->set('database_checksum', serialize(sha1($config['database_host'] . '.' . $config['database_name'])), 3600);
+				$cache->delete('database_tables');
 				$cache->delete('database_columns');
 				$cache->delete('database_checksum');
 			}
 			else {
 				$cache->set('database_tables', serialize($this->has_table_cache), 3600);
 				$cache->set('database_columns', serialize($this->has_column_cache), 3600);
 				$cache->set('database_checksum', serialize(sha1($config['database_host'] . '.' . $config['database_name'])), 3600);
 			}
 		}
 		if($this->logged) {
@@ -236,6 +249,11 @@ class OTS_DB_MySQL extends OTS_Base_DB
 			}
 		}
 	}
 	public function setClearCacheAfter($clearCache)
 	{
 		$this->clearCacheAfter = $clearCache;
 	}
 }
 /**#@-*/
--- a/system/libs/pot/OTS_Groups_List.php
+++ b/system/libs/pot/OTS_Groups_List.php
@@ -8,6 +8,8 @@
 * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
 */
 use MyAAC\Cache\Cache;
 /**
 * List of groups.
 *
--- a/system/libs/pot/OTS_Monster.php
+++ b/system/libs/pot/OTS_Monster.php
@@ -41,9 +41,10 @@
 class OTS_Monster extends DOMDocument
 {
 	private $loaded = false;
-	public function loadXML($source , $options = 0)
+	public function loadXML(string $source , int $options = 0): bool
 	{
 		$this->loaded = parent::loadXML($source, $options);
 		return $this->loaded;
 	}
 	public function loaded()
@@ -56,10 +57,10 @@ class OTS_Monster extends DOMDocument
 * @return string Name.
 * @throws DOMException On DOM operation error.
 */
-    public function getName()
+	public function getName()
-    {
+	{
-        return $this->documentElement->getAttribute('name');
+		return $this->documentElement->getAttribute('name');
-    }
+	}
 /**
 * Returns monster race.
@@ -67,10 +68,10 @@ class OTS_Monster extends DOMDocument
 * @return string Race.
 * @throws DOMException On DOM operation error.
 */
-    public function getRace()
+	public function getRace()
-    {
+	{
-        return $this->documentElement->getAttribute('race');
+		return $this->documentElement->getAttribute('race');
-    }
+	}
 /**
 * Returns amount of experience for killing this monster.
@@ -78,10 +79,10 @@ class OTS_Monster extends DOMDocument
 * @return int Experience points.
 * @throws DOMException On DOM operation error.
 */
-    public function getExperience()
+	public function getExperience()
-    {
+	{
-        return (int) $this->documentElement->getAttribute('experience');
+		return (int) $this->documentElement->getAttribute('experience');
-    }
+	}
 /**
 * Returns monster speed.
@@ -89,10 +90,10 @@ class OTS_Monster extends DOMDocument
 * @return int Speed.
 * @throws DOMException On DOM operation error.
 */
-    public function getSpeed()
+	public function getSpeed()
-    {
+	{
-        return (int) $this->documentElement->getAttribute('speed');
+		return (int) $this->documentElement->getAttribute('speed');
-    }
+	}
 /**
 * Returns amount of mana required to summon this monster.
@@ -100,18 +101,18 @@ class OTS_Monster extends DOMDocument
 * @return int|bool Mana required (false if not possible).
 * @throws DOMException On DOM operation error.
 */
-    public function getManaCost()
+	public function getManaCost()
-    {
+	{
-        // check if it is possible to summon this monster
+		// check if it is possible to summon this monster
-        if( $this->documentElement->hasAttribute('manacost') )
+		if( $this->documentElement->hasAttribute('manacost') )
-        {
+		{
-            return (int) $this->documentElement->getAttribute('manacost');
+			return (int) $this->documentElement->getAttribute('manacost');
-        }
+		}
-        else
+		else
-        {
+		{
-            return false;
+			return false;
-        }
+		}
-    }
+	}
 /**
 * Returns monster HP.
@@ -119,10 +120,10 @@ class OTS_Monster extends DOMDocument
 * @return int Hit points.
 * @throws DOMException On DOM operation error.
 */
-    public function getHealth()
+	public function getHealth()
-    {
+	{
-        return (int) $this->documentElement->getElementsByTagName('health')->item(0)->getAttribute('max');
+		return (int) $this->documentElement->getElementsByTagName('health')->item(0)->getAttribute('max');
-    }
+	}
 /**
 * Returns all monster flags (in format flagname => value).
@@ -130,20 +131,21 @@ class OTS_Monster extends DOMDocument
 * @return array Flags.
 * @throws DOMException On DOM operation error.
 */
-    public function getFlags()
+	public function getFlags()
-    {
+	{
-        $flags = array();
+		$flags = array();
-        // read all flags
+		if ($this->documentElement->getElementsByTagName('flags')->item(0)) {
-        foreach( $this->documentElement->getElementsByTagName('flags')->item(0)->getElementsByTagName('flag') as $flag)
+			foreach( $this->documentElement->getElementsByTagName('flags')->item(0)->getElementsByTagName('flag') as $flag)
-        {
+			{
-            $flag = $flag->attributes->item(0);
+				$flag = $flag->attributes->item(0);
-            $flags[$flag->nodeName] = (int) $flag->nodeValue;
+				$flags[$flag->nodeName] = (int) $flag->nodeValue;
-        }
+			}
 		}
-        return $flags;
+		return $flags;
-    }
+	}
 /**
 * Returns specified flag value.
@@ -152,21 +154,21 @@ class OTS_Monster extends DOMDocument
 * @return int|bool Flag value (false if not set).
 * @throws DOMException On DOM operation error.
 */
-    public function getFlag($flag)
+	public function getFlag($flag)
-    {
+	{
-        // searches for flag
+		// searches for flag
-        foreach( $this->documentElement->getElementsByTagName('flags')->item(0)->getElementsByTagName('flag') as $flag)
+		foreach( $this->documentElement->getElementsByTagName('flags')->item(0)->getElementsByTagName('flag') as $flag)
-        {
+		{
-            // found
+			// found
-            if( $flag->hasAttribute($flag) )
+			if( $flag->hasAttribute($flag) )
-            {
+			{
-                return (int) $flag->getAttribute($flag);
+				return (int) $flag->getAttribute($flag);
-            }
+			}
-        }
+		}
-        // not found
+		// not found
-        return false;
+		return false;
-    }
+	}
 /**
 * Returns voices that monster can sound.
@@ -174,64 +176,64 @@ class OTS_Monster extends DOMDocument
 * @return array List of voices.
 * @throws DOMException On DOM operation error.
 */
-    public function getVoices()
+	public function getVoices()
-    {
+	{
-        $voices = array();
+		$voices = array();
-        $element = $this->documentElement->getElementsByTagName('voices')->item(0);
+		$element = $this->documentElement->getElementsByTagName('voices')->item(0);
-        // checks if it has any voices
+		// checks if it has any voices
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            // loads all voices
+			// loads all voices
-            foreach( $element->getElementsByTagName('voice') as $voice)
+			foreach( $element->getElementsByTagName('voice') as $voice)
-            {
+			{
-                $voices[] = $voice->getAttribute('sentence');
+				$voices[] = $voice->getAttribute('sentence');
-            }
+			}
-        }
+		}
-        return $voices;
+		return $voices;
-    }
+	}
 /**
 * @return array List of item IDs.
 */
-    public function getLoot()
+	public function getLoot()
-    {
+	{
-        $loot = array();
+		$loot = array();
-        $element = $this->documentElement->getElementsByTagName('loot')->item(0);
+		$element = $this->documentElement->getElementsByTagName('loot')->item(0);
-        // checks if it has any loot
+		// checks if it has any loot
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            // adds all items
+			// adds all items
-            foreach( $element->getElementsByTagName('item') as $item)
+			foreach( $element->getElementsByTagName('item') as $item)
-            {
+			{
-	            $chance = $item->getAttribute('chance');
+				$chance = $item->getAttribute('chance');
-	            if(empty($chance)) {
+				if(empty($chance)) {
-		            $chance = $item->getAttribute('chance1');
+					$chance = $item->getAttribute('chance1');
-		            if(empty($chance)) {
+					if(empty($chance)) {
-		                $chance = 100000;
+						$chance = 100000;
-                    }
+					}
-                }
+				}
-                $count = $item->getAttribute('countmax');
+				$count = $item->getAttribute('countmax');
-	            if(empty($count)) {
+				if(empty($count)) {
-	                $count = 1;
+					$count = 1;
-                }
+				}
-                $id = $item->getAttribute('id');
+				$id = $item->getAttribute('id');
-                if(empty($id)) {
+				if(empty($id)) {
-                    $id = $item->getAttribute('name');
+					$id = $item->getAttribute('name');
-                }
+				}
-                $loot[] = array('id' => $id, 'count' => $count, 'chance' => $chance);
+				$loot[] = array('id' => $id, 'count' => $count, 'chance' => $chance);
-            }
+			}
-        }
+		}
-        return $loot;
+		return $loot;
-    }
+	}
 /**
 * Returns all possible loot.
@@ -246,33 +248,33 @@ class OTS_Monster extends DOMDocument
 * @throws E_OTS_NotLoaded When there is no items list available in global POT instance.
 * @throws DOMException On DOM operation error.
 */
-    public function getItems()
+	public function getItems()
-    {
+	{
-        $loot = array();
+		$loot = array();
-        $keys = array();
+		$keys = array();
-        $items = POT::getInstance()->getItemsList();
+		$items = POT::getInstance()->getItemsList();
-        $element = $this->documentElement->getElementsByTagName('loot')->item(0);
+		$element = $this->documentElement->getElementsByTagName('loot')->item(0);
-        // checks if it has any loot
+		// checks if it has any loot
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            // adds all items
+			// adds all items
-            foreach( $element->getElementsByTagName('item') as $item)
+			foreach( $element->getElementsByTagName('item') as $item)
-            {
+			{
-                $id = $item->getAttribute('id');
+				$id = $item->getAttribute('id');
-                // avoid redundancy
+				// avoid redundancy
-                if( !in_array($id, $keys) )
+				if( !in_array($id, $keys) )
-                {
+				{
-                    $keys[] = $id;
+					$keys[] = $id;
-                    $loot[] = $items->getItemType($id);
+					$loot[] = $items->getItemType($id);
-                }
+				}
-            }
+			}
-        }
+		}
-        return $loot;
+		return $loot;
-    }
+	}
 /**
 * Returns look of the monster.
@@ -280,27 +282,27 @@ class OTS_Monster extends DOMDocument
 * @return array Look with all the attributes of the look.
 * @throws DOMException On DOM operation error.
 */
-    public function getLook()
+	public function getLook()
-    {
+	{
-        $look = array();
+		$look = array();
-        $element = $this->documentElement->getElementsByTagName('look')->item(0);
+		$element = $this->documentElement->getElementsByTagName('look')->item(0);
-        if (!$element) {
+		if (!$element) {
-            return $look;
+			return $look;
-        }
+		}
-        $look['type'] = $element->getAttribute('type');
+		$look['type'] = $element->getAttribute('type');
-        $look['typeex'] = $element->getAttribute('typeex');
+		$look['typeex'] = $element->getAttribute('typeex');
-        $look['head'] = $element->getAttribute('head');
+		$look['head'] = $element->getAttribute('head');
-        $look['body'] = $element->getAttribute('body');
+		$look['body'] = $element->getAttribute('body');
-        $look['legs'] = $element->getAttribute('legs');
+		$look['legs'] = $element->getAttribute('legs');
-        $look['feet'] = $element->getAttribute('feet');
+		$look['feet'] = $element->getAttribute('feet');
-        $look['addons'] = $element->getAttribute('addons');
+		$look['addons'] = $element->getAttribute('addons');
-        $look['corpse'] = $element->getAttribute('corpse');
+		$look['corpse'] = $element->getAttribute('corpse');
-        return $look;
+		return $look;
-    }
+	}
 /**
 * Returns all monster summons.
@@ -310,24 +312,24 @@ class OTS_Monster extends DOMDocument
 */
 	public function getSummons()
-    {
+	{
-        $summons = array();
+		$summons = array();
-        $element = $this->documentElement->getElementsByTagName('summons')->item(0);
+		$element = $this->documentElement->getElementsByTagName('summons')->item(0);
-        // checks if it has any Summons
+		// checks if it has any Summons
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            // adds all summons
+			// adds all summons
-            foreach( $element->getElementsByTagName('summon') as $item)
+			foreach( $element->getElementsByTagName('summon') as $item)
-            {
+			{
-	            $chance = $item->getAttribute('chance');
+				$chance = $item->getAttribute('chance');
-                $id = $item->getAttribute('name');
+				$id = $item->getAttribute('name');
-                $summons[] = array('name' => $id, 'chance' => $chance);
+				$summons[] = array('name' => $id, 'chance' => $chance);
-            }
+			}
-        }
+		}
-        return $summons;
+		return $summons;
-    }
+	}
 /**
 * Returns all monster elements.
@@ -335,30 +337,30 @@ class OTS_Monster extends DOMDocument
 * @return array elements.
 * @throws DOMException On DOM operation error.
 */
-    public function getElements()
+	public function getElements()
-    {
+	{
-        $elements = array();
+		$elements = array();
-        $element = $this->documentElement->getElementsByTagName('elements')->item(0);
+		$element = $this->documentElement->getElementsByTagName('elements')->item(0);
-        // checks if it has any elements
+		// checks if it has any elements
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            // read all elements
+			// read all elements
-            foreach( $element->getElementsByTagName('element') as $elementv)
+			foreach( $element->getElementsByTagName('element') as $elementv)
-            {
+			{
-                $elementv = $elementv->attributes->item(0);
+				$elementv = $elementv->attributes->item(0);
-                // checks if element is set
+				// checks if element is set
-                if($elementv->nodeValue > 0)
+				if($elementv->nodeValue > 0)
-                {
+				{
 					 $elements[] = array('name' => ucfirst(str_replace('Percent', '', $elementv->nodeName)), 'percent' => $elementv->nodeValue);
-                }
+				}
-            }
+			}
-        }
+		}
-        return $elements;
+		return $elements;
-    }
+	}
 /**
 * Checks if monster has given element.
@@ -367,26 +369,26 @@ class OTS_Monster extends DOMDocument
 * @return bool element state.
 * @throws DOMException On DOM operation error.
 */
-    public function hasElement($name)
+	public function hasElement($name)
-    {
+	{
-        $element = $this->documentElement->getElementsByTagName('elements')->item(0);
+		$element = $this->documentElement->getElementsByTagName('elements')->item(0);
-        // if doesn't have any elements obviously doesn't have this one too
+		// if doesn't have any elements obviously doesn't have this one too
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            // read all elements
+			// read all elements
-            foreach( $element->getElementsByTagName('element') as $element)
+			foreach( $element->getElementsByTagName('element') as $element)
-            {
+			{
-                // checks if this is what we are searching for
+				// checks if this is what we are searching for
-                if( $element->hasAttribute($name) )
+				if( $element->hasAttribute($name) )
-                {
+				{
-                    return $element->getAttribute($name) > 0;
+					return $element->getAttribute($name) > 0;
-                }
+				}
-            }
+			}
-        }
+		}
-        return false;
+		return false;
-    }
+	}
 /**
 * Returns all monster immunities.
@@ -394,30 +396,30 @@ class OTS_Monster extends DOMDocument
 * @return array Immunities.
 * @throws DOMException On DOM operation error.
 */
-    public function getImmunities()
+	public function getImmunities()
-    {
+	{
-        $immunities = array();
+		$immunities = array();
-        $element = $this->documentElement->getElementsByTagName('immunities')->item(0);
+		$element = $this->documentElement->getElementsByTagName('immunities')->item(0);
-        // checks if it has any immunities
+		// checks if it has any immunities
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            // read all immunities
+			// read all immunities
-            foreach( $element->getElementsByTagName('immunity') as $immunity)
+			foreach( $element->getElementsByTagName('immunity') as $immunity)
-            {
+			{
-                $immunity = $immunity->attributes->item(0);
+				$immunity = $immunity->attributes->item(0);
-                // checks if immunity is set
+				// checks if immunity is set
-                if($immunity->nodeValue > 0)
+				if($immunity->nodeValue > 0)
-                {
+				{
-                    $immunities[] = $immunity->nodeName;
+					$immunities[] = $immunity->nodeName;
-                }
+				}
-            }
+			}
-        }
+		}
-        return $immunities;
+		return $immunities;
-    }
+	}
 /**
 * Checks if monster has given immunity.
@@ -426,26 +428,26 @@ class OTS_Monster extends DOMDocument
 * @return bool Immunity state.
 * @throws DOMException On DOM operation error.
 */
-    public function hasImmunity($name)
+	public function hasImmunity($name)
-    {
+	{
-        $element = $this->documentElement->getElementsByTagName('immunities')->item(0);
+		$element = $this->documentElement->getElementsByTagName('immunities')->item(0);
-        // if doesn't have any immunities obviously doesn't have this one too
+		// if doesn't have any immunities obviously doesn't have this one too
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            // read all immunities
+			// read all immunities
-            foreach( $element->getElementsByTagName('immunity') as $immunity)
+			foreach( $element->getElementsByTagName('immunity') as $immunity)
-            {
+			{
-                // checks if this is what we are searching for
+				// checks if this is what we are searching for
-                if( $immunity->hasAttribute($name) )
+				if( $immunity->hasAttribute($name) )
-                {
+				{
-                    return $immunity->getAttribute($name) > 0;
+					return $immunity->getAttribute($name) > 0;
-                }
+				}
-            }
+			}
-        }
+		}
-        return false;
+		return false;
-    }
+	}
 /**
 * Returns monster defense rate.
@@ -453,18 +455,18 @@ class OTS_Monster extends DOMDocument
 * @return int Defense rate.
 * @throws DOMException On DOM operation error.
 */
-    public function getDefense()
+	public function getDefense()
-    {
+	{
-        $element = $this->documentElement->getElementsByTagName('defenses')->item(0);
+		$element = $this->documentElement->getElementsByTagName('defenses')->item(0);
-        // checks if defenses element is set
+		// checks if defenses element is set
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            return (int) $element->getAttribute('defense');
+			return (int) $element->getAttribute('defense');
-        }
+		}
-        return 0;
+		return 0;
-    }
+	}
 /**
 * Returns monster armor.
@@ -472,18 +474,18 @@ class OTS_Monster extends DOMDocument
 * @return int Armor rate.
 * @throws DOMException On DOM operation error.
 */
-    public function getArmor()
+	public function getArmor()
-    {
+	{
-        $element = $this->documentElement->getElementsByTagName('defenses')->item(0);
+		$element = $this->documentElement->getElementsByTagName('defenses')->item(0);
-        // checks if defenses element is set
+		// checks if defenses element is set
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            return (int) $element->getAttribute('armor');
+			return (int) $element->getAttribute('armor');
-        }
+		}
-        return 0;
+		return 0;
-    }
+	}
 /**
 * Returns list of special defenses.
@@ -491,23 +493,23 @@ class OTS_Monster extends DOMDocument
 * @return array List of defense effects.
 * @throws DOMException On DOM operation error.
 */
-    public function getDefenses()
+	public function getDefenses()
-    {
+	{
-        $defenses = array();
+		$defenses = array();
-        $element = $this->documentElement->getElementsByTagName('defenses')->item(0);
+		$element = $this->documentElement->getElementsByTagName('defenses')->item(0);
-        // checks if it has any defenses
+		// checks if it has any defenses
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            foreach( $element->getElementsByTagName('defense') as $defense)
+			foreach( $element->getElementsByTagName('defense') as $defense)
-            {
+			{
-                $defenses[] = $defense->getAttribute('name');
+				$defenses[] = $defense->getAttribute('name');
-            }
+			}
-        }
+		}
-        return $defenses;
+		return $defenses;
-    }
+	}
 /**
 * Returns list of monster attacks.
@@ -515,23 +517,23 @@ class OTS_Monster extends DOMDocument
 * @return array List of attafck effects.
 * @throws DOMException On DOM operation error.
 */
-    public function getAttacks()
+	public function getAttacks()
-    {
+	{
-        $attacks = array();
+		$attacks = array();
-        $element = $this->documentElement->getElementsByTagName('attacks')->item(0);
+		$element = $this->documentElement->getElementsByTagName('attacks')->item(0);
-        // checks if it has any defenses
+		// checks if it has any defenses
-        if( isset($element) )
+		if( isset($element) )
-        {
+		{
-            foreach( $element->getElementsByTagName('attack') as $attack)
+			foreach( $element->getElementsByTagName('attack') as $attack)
-            {
+			{
-                $attacks[] = $attack->getAttribute('name');
+				$attacks[] = $attack->getAttribute('name');
-            }
+			}
-        }
+		}
-        return $attacks;
+		return $attacks;
-    }
+	}
 /**
 * Magic PHP5 method.
@@ -543,59 +545,59 @@ class OTS_Monster extends DOMDocument
 * @throws OutOfBoundsException For non-supported properties.
 * @throws DOMException On DOM operation error.
 */
-    public function __get($name)
+	public function __get($name)
-    {
+	{
-        switch($name)
+		switch($name)
-        {
+		{
-            case 'name':
+			case 'name':
-                return $this->getName();
+				return $this->getName();
-            case 'race':
+			case 'race':
-                return $this->getRace();
+				return $this->getRace();
-            case 'experience':
+			case 'experience':
-                return $this->getExperience();
+				return $this->getExperience();
-            case 'speed':
+			case 'speed':
-                return $this->getSpeed();
+				return $this->getSpeed();
-            case 'manaCost':
+			case 'manaCost':
-                return $this->getManaCost();
+				return $this->getManaCost();
-            case 'health':
+			case 'health':
-                return $this->getHealth();
+				return $this->getHealth();
-            case 'flags':
+			case 'flags':
-                return $this->getFlags();
+				return $this->getFlags();
-            case 'voices':
+			case 'voices':
-                return $this->getVoices();
+				return $this->getVoices();
-            case 'items':
+			case 'items':
-                return $this->getItems();
+				return $this->getItems();
-            case 'immunities':
+			case 'immunities':
-                return $this->getImmunities();
+				return $this->getImmunities();
-            case 'defense':
+			case 'defense':
-                return $this->getDefense();
+				return $this->getDefense();
-            case 'armor':
+			case 'armor':
-                return $this->getArmor();
+				return $this->getArmor();
-            case 'defenses':
+			case 'defenses':
-                return $this->getDefenses();
+				return $this->getDefenses();
-            case 'attacks':
+			case 'attacks':
-                return $this->getAttacks();
+				return $this->getAttacks();
-            case 'look':
+			case 'look':
-                return $this->getLook();
+				return $this->getLook();
-            default:
+			default:
-                throw new OutOfBoundsException();
+				throw new OutOfBoundsException();
-        }
+		}
-    }
+	}
 /**
 * Returns string representation of XML.
@@ -608,18 +610,18 @@ class OTS_Monster extends DOMDocument
 * @since 0.1.0
 * @return string String representation of object.
 */
-    public function __toString()
+	public function __toString()
-    {
+	{
-        $ots = POT::getInstance();
+		$ots = POT::getInstance();
-        // checks if display driver is loaded
+		// checks if display driver is loaded
-        if( $ots->isDataDisplayDriverLoaded() )
+		if( $ots->isDataDisplayDriverLoaded() )
-        {
+		{
-            return $ots->getDataDisplayDriver()->displayMonster($this);
+			return $ots->getDataDisplayDriver()->displayMonster($this);
-        }
+		}
-        return $this->saveXML();
+		return $this->saveXML();
-    }
+	}
 }
 /**#@-*/
--- a/system/libs/pot/OTS_Player.php
+++ b/system/libs/pot/OTS_Player.php
@@ -90,7 +90,7 @@ class OTS_Player extends OTS_Row_DAO
 * @version 0.1.2
 * @var array
 */
-    private $data = array('sex' => 0, 'vocation' => 0, 'experience' => 0, 'level' => 1, 'maglevel' => 0, 'health' => 100, 'healthmax' => 100, 'mana' => 100, 'manamax' => 100, 'manaspent' => 0, 'soul' => 0, 'lookbody' => 10, 'lookfeet' => 10, 'lookhead' => 10, 'looklegs' => 10, 'looktype' => 136, 'lookaddons' => 0, 'posx' => 0, 'posy' => 0, 'posz' => 0, 'cap' => 0, 'lastlogin' => 0, 'lastip' => 0, 'save' => true, 'skulltime' => 0, 'skull' => 0, 'balance' => 0, 'lastlogout' => 0, 'blessings' => 0, 'stamina' => 0, 'online' => 0, 'comment' => '', 'created' => 0, 'hidden' => 0);
+    private $data = array('group_id' => 1, 'sex' => 0, 'vocation' => 0, 'experience' => 0, 'level' => 1, 'maglevel' => 0, 'health' => 100, 'healthmax' => 100, 'mana' => 100, 'manamax' => 100, 'manaspent' => 0, 'soul' => 0, 'lookbody' => 10, 'lookfeet' => 10, 'lookhead' => 10, 'looklegs' => 10, 'looktype' => 136, 'lookaddons' => 0, 'posx' => 0, 'posy' => 0, 'posz' => 0, 'cap' => 0, 'lastlogin' => 0, 'lastip' => 0, 'save' => true, 'skulltime' => 0, 'skull' => 0, 'balance' => 0, 'lastlogout' => 0, 'blessings' => 0, 'stamina' => 0, 'online' => 0, 'comment' => '', 'created' => 0, 'hide' => 0);
 /**
 * Player skills.
@@ -231,7 +231,7 @@ class OTS_Player extends OTS_Row_DAO
 		}
 		else {
 			// SELECT query on database
-			$this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . ($this->db->hasColumn('players', 'lookaddons') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $__load['skull_time'] . '` as `skulltime`, `' . $__load['skull_type'] . '` as `skull`' . $__load['guild_info'] . ', `town_id`' . $__load['loss_experience'] . $__load['loss_items'] . ', `balance`' . ($__load['blessings'] ? ', `blessings`' : '') . ($__load['direction'] ? ', `direction`' : '') . ($__load['stamina'] ? ', `stamina`' : '') . ($__load['world_id'] ? ', `world_id`' : '') . ($__load['online'] ? ', `online`' : '') . ', `' . ($__load['deletion'] ? 'deletion' : 'deleted') . '`' . ($__load['promotion'] ? ', `promotion`' : '') . ($__load['marriage'] ? ', `marriage`' : '') . ', `comment`, `created`, `hidden` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
+			$this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . ($this->db->hasColumn('players', 'lookaddons') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $__load['skull_time'] . '` as `skulltime`, `' . $__load['skull_type'] . '` as `skull`' . $__load['guild_info'] . ', `town_id`' . $__load['loss_experience'] . $__load['loss_items'] . ', `balance`' . ($__load['blessings'] ? ', `blessings`' : '') . ($__load['direction'] ? ', `direction`' : '') . ($__load['stamina'] ? ', `stamina`' : '') . ($__load['world_id'] ? ', `world_id`' : '') . ($__load['online'] ? ', `online`' : '') . ', `' . ($__load['deletion'] ? 'deletion' : 'deleted') . '`' . ($__load['promotion'] ? ', `promotion`' : '') . ($__load['marriage'] ? ', `marriage`' : '') . ', `comment`, `created`, `hide` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
 		}
        // loads skills
@@ -521,17 +521,17 @@ class OTS_Player extends OTS_Row_DAO
    public function isHidden()
    {
-        if( !isset($this->data['hidden']) )
+        if( !isset($this->data['hide']) )
        {
            throw new E_OTS_NotLoaded();
        }
-        return $this->data['hidden'] == 1;
+        return $this->data['hide'] == 1;
    }
    public function setHidden($hidden)
    {
-        $this->data['hidden'] = (int) $hidden;
+        $this->data['hide'] = (int) $hidden;
    }
    public function getMarriage()
@@ -1229,6 +1229,13 @@ class OTS_Player extends OTS_Row_DAO
        $this->data['direction'] = (int) $direction;
    }
 	public function getOutfit(): string
 	{
 		$hasLookAddons = $this->db->hasColumn('players', 'lookaddons');
 		return setting('core.outfit_images_url') . '?id=' . $this->getLookType() . ($hasLookAddons ? '&addons=' . $this->getLookAddons() : '') . '&head=' . $this->getLookHead() . '&body=' . $this->getLookBody() . '&legs=' . $this->getLookLegs() . '&feet=' . $this->getLookFeet();
 	}
 /**
 * Body color.
 *
--- a/system/locale/de/install.php
+++ b/system/locale/de/install.php
@@ -36,6 +36,10 @@ $locale['step_requirements'] = 'Anforderungen';
 $locale['step_requirements_title'] = 'Anforderungen überprüfen';
 $locale['step_requirements_php_version'] = 'PHP Version';
 $locale['step_requirements_write_perms'] = 'Schreibberechtigungen';
 $locale['step_requirements_folder_exists'] = 'Ordner ist vorhanden';
 $locale['step_requirements_folder_not_exists_tools_ext'] = 'NPM Package Manager wird verwendet für externe JavaScript/CSS Bibliotheken.'
 	. ' Es sollte via Command Line installiert werden: <a href="https://docs.npmjs.com/downloading-and-installing-node-js-and-npm">https://docs.npmjs.com/downloading-and-installing-node-js-and-npm</a>'
 	. ' Nachdem das Tool installiert wurde, folgende Befehl sollte ausgeführt in dem Hauptordner des MyAACs: "npm install".';
 $locale['step_requirements_failed'] = 'Die Installation wird deaktiviert, bis diese Anforderungen erfüllt sind.</b><br/>Für weitere Informationen siehe <b>README</b> Datei.';
 $locale['step_requirements_extension'] = '$EXTENSION$ PHP Erweiterung';
--- a/system/locale/en/install.php
+++ b/system/locale/en/install.php
@@ -36,6 +36,10 @@ $locale['step_requirements'] = 'Requirements';
 $locale['step_requirements_title'] = 'Requirements check';
 $locale['step_requirements_php_version'] = 'PHP Version';
 $locale['step_requirements_write_perms'] = 'Write permissions';
 $locale['step_requirements_folder_exists'] = 'Directory exists';
 $locale['step_requirements_folder_not_exists_tools_ext'] = 'NPM Package Manager is used for external JavaScript/CSS libraries.'
 	. ' You need to install it through Command Line: <a href="https://docs.npmjs.com/downloading-and-installing-node-js-and-npm">https://docs.npmjs.com/downloading-and-installing-node-js-and-npm</a>'
 	. ' When you done with installing that tool, execute: "npm install" in the main MyAAC folder.';
 $locale['step_requirements_failed'] = 'Installation will be disabled until these requirements will be passed.</b><br/>For more informations see <b>README</b> file.';
 $locale['step_requirements_extension'] = '$EXTENSION$ PHP extension';
 $locale['step_requirements_warning_images_guilds'] = 'Guild logo upload will not work';
--- a/system/locale/pl/install.php
+++ b/system/locale/pl/install.php
@@ -36,6 +36,10 @@ $locale['step_requirements'] = 'Wymagania';
 $locale['step_requirements_title'] = 'Sprawdzanie wymagań';
 $locale['step_requirements_php_version'] = 'Wersja PHP';
 $locale['step_requirements_write_perms'] = 'Uprawnienia do zapisu';
 $locale['step_requirements_folder_exists'] = 'Folder istnieje';
 $locale['step_requirements_folder_not_exists_tools_ext'] = 'Manadżer Pakietów NPM jest używany do zewnętrznych bibliotek JavaScript/CSS.'
 	. ' Trzeba go zainstalować poprzez wiersz poleceń: <a href="https://docs.npmjs.com/downloading-and-installing-node-js-and-npm">https://docs.npmjs.com/downloading-and-installing-node-js-and-npm</a>'
 	. ' Po instalacji narzędzia, wywołaj następujące polecenie w głownym katalogu MyAAC: "npm install".';
 $locale['step_requirements_failed'] = 'Instalacja zostanie zablokowana dopóki te wymagania nie zostaną spełnione.</b><br/>Po więcej informacji zasięgnij do pliku <b>README</b>.';
 $locale['step_requirements_extension'] = 'Rozszerzenie PHP - $EXTENSION$';
 $locale['step_requirements_warning_images_guilds'] = 'Nie będzie możliwości uploadu obrazków gildii';
--- a/system/logout.php
+++ b/system/logout.php
@@ -22,11 +22,5 @@ if(isset($account_logged) && $account_logged->isLoaded()) {
 		$logged = false;
 		unset($account_logged);
 		if(isset($_REQUEST['redirect']))
 		{
 			header('Location: ' . urldecode($_REQUEST['redirect']));
 			exit;
 		}
 	}
 }
--- a/system/migrations/17.php
+++ b/system/migrations/17.php
@@ -1,5 +1,7 @@
 <?php
 use MyAAC\Plugins;
 if(!$db->hasTable('myaac_menu')) {
 	$db->query("
 CREATE TABLE `myaac_menu`
@@ -16,7 +18,6 @@ CREATE TABLE `myaac_menu`
 ");
 }
 require_once LIBS . 'plugins.php';
 Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
 Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
--- a/system/migrations/20.php
+++ b/system/migrations/20.php
@@ -1,6 +1,6 @@
 <?php
-require_once LIBS . 'Settings.php';
+use MyAAC\Settings;
 $query = $db->query("SELECT `id` FROM `players` WHERE (`name` = " . $db->quote("Rook Sample") . " OR `name` = " . $db->quote("Sorcerer Sample") . " OR `name` = " . $db->quote("Druid Sample") . " OR `name` = " . $db->quote("Paladin Sample") . " OR `name` = " . $db->quote("Knight Sample") . " OR `name` = " . $db->quote("Account Manager") . ") ORDER BY `id`;");
--- a/system/migrations/27.php
+++ b/system/migrations/27.php
@@ -1,37 +1,47 @@
 <?php
 $downloadsPage = <<<HTML
 <p>&nbsp;</p>
 <p>&nbsp;</p>
 <div style="text-align: center;">We're using official Tibia Client <strong>{{ config.client / 100 }}</strong><br>
 <p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href="https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ" target="_blank" rel="noopener">HERE</a>.</p>
 <h2>IP Changer:</h2>
 <a href="https://static.otland.net/ipchanger.exe" target="_blank" rel="noopener">HERE</a></div>
 HTML;
 $query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('downloads') . " LIMIT 1;");
 if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hidden`) VALUES
+	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
-	(null, 'downloads', 'Downloads', '<p>&nbsp;</p>
+	(null, 'downloads', 'Downloads', {$db->quote($downloadsPage)}, 0, 1, 0, 0, 0);");
 <p>&nbsp;</p>
 <div style=\"text-align: center;\">We''re using official Tibia Client <strong>{{ config.client / 100 }}</strong><br />
 <p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href=\"https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ\" target=\"_blank\" rel=\"noopener\">HERE</a>.</p>
 <h2>IP Changer:</h2>
 <a href=\"https://static.otland.net/ipchanger.exe\" target=\"_blank\" rel=\"noopener\">HERE</a></div>', 0, 1, 0, 1, 0);");
 }
 $commandsPage = <<<HTML
 <table class="myaac-table" style="border-collapse: collapse; width: 100%; height: 72px; border-width: 1px;" border="1"><colgroup><col style="width: 50%;"><col style="width: 50%;"></colgroup>
 <thead>
 <tr style="height: 18px;">
 <td style="height: 18px; border-width: 1px; text-align: center;"><span style="color: #ffffff;"><strong>Words</strong></span></td>
 <td style="height: 18px; border-width: 1px; text-align: center;"><strong>Description</strong></td>
 </tr>
 </thead>
 <tbody>
 <tr style="height: 18px;">
 <td style="height: 18px; border-width: 1px;">!example</td>
 <td style="height: 18px; border-width: 1px;">This is just an example</td>
 </tr>
 <tr style="height: 18px;">
 <td style="height: 18px; border-width: 1px;">!buyhouse</td>
 <td style="height: 18px; border-width: 1px;">Buy house you are looking at</td>
 </tr>
 <tr style="height: 18px;">
 <td style="height: 18px; border-width: 1px;"><em>!aol</em></td>
 <td style="height: 18px; border-width: 1px;">Buy AoL</td>
 </tr>
 </tbody>
 </table>
 HTML;
 $query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('commands') . " LIMIT 1;");
 if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hidden`) VALUES
+	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
-(null, 'commands', 'Commands', '<table style=\"border-collapse: collapse; width: 87.8471%; height: 57px;\" border=\"1\">
+(null, 'commands', 'Commands', {$db->quote($commandsPage)}, 0, 1, 0, 0, 0);");
-<tbody>
+}
 <tr style=\"height: 18px;\">
 <td style=\"width: 33.3333%; background-color: #505050; height: 18px;\"><span style=\"color: #ffffff;\"><strong>Words</strong></span></td>
 <td style=\"width: 33.3333%; background-color: #505050; height: 18px;\"><span style=\"color: #ffffff;\"><strong>Description</strong></span></td>
 </tr>
 <tr style=\"height: 18px; background-color: #f1e0c6;\">
 <td style=\"width: 33.3333%; height: 18px;\"><em>!example</em></td>
 <td style=\"width: 33.3333%; height: 18px;\">This is just an example</td>
 </tr>
 <tr style=\"height: 18px; background-color: #d4c0a1;\">
 <td style=\"width: 33.3333%; height: 18px;\"><em>!buyhouse</em></td>
 <td style=\"width: 33.3333%; height: 18px;\">Buy house you are looking at</td>
 </tr>
 <tr style=\"height: 18px; background-color: #f1e0c6;\">
 <td style=\"width: 33.3333%; height: 18px;\"><em>!aol</em></td>
 <td style=\"width: 33.3333%; height: 18px;\">Buy AoL</td>
 </tr>
 </tbody>
 </table>', 0, 1, 0, 1, 0);");
 }
--- a/system/migrations/28.php
+++ b/system/migrations/28.php
@@ -1,8 +1,10 @@
 <?php
 use MyAAC\Cache\Cache;
 $db->exec('DROP TABLE IF EXISTS `' . TABLE_PREFIX . 'hooks`;');
 $cache = Cache::getInstance();
 if($cache->enabled()) {
 	$cache->delete('hooks');
-}
+}
--- a/system/migrations/30.php
+++ b/system/migrations/30.php
@@ -2,7 +2,7 @@
 $query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('rules_on_the_page') . " LIMIT 1;");
 if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `enable_tinymce`, `access`, `hidden`) VALUES
+	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `enable_tinymce`, `access`, `hide`) VALUES
 	(null, 'rules_on_the_page', 'Rules', '1. Names
 a) Names which contain insulting (e.g. \"Bastard\"), racist (e.g. \"Nigger\"), extremely right-wing (e.g. \"Hitler\"), sexist (e.g. \"Bitch\") or offensive (e.g. \"Copkiller\") language.
 b) Names containing parts of sentences (e.g. \"Mike returns\"), nonsensical combinations of letters (e.g. \"Fgfshdsfg\") or invalid formattings (e.g. \"Thegreatknight\").
@@ -27,5 +27,5 @@ a) Excessive killing of characters who are not marked with a \"skull\" on worlds
 A violation of the Tibia Rules may lead to temporary banishment of characters and accounts. In severe cases removal or modification of character skills, attributes and belongings, as well as the permanent removal of accounts without any compensation may be considered. The sanction is based on the seriousness of the rule violation and the previous record of the player. It is determined by the gamemaster imposing the banishment.
-These rules may be changed at any time. All changes will be announced on the official website.', 0, 1, 0, 0, 1, 0);");
+These rules may be changed at any time. All changes will be announced on the official website.', 0, 1, 0, 0, 0, 0);");
 }
--- a/system/migrations/31.php
+++ b/system/migrations/31.php
@@ -2,17 +2,56 @@
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'elements')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `elements` TEXT NOT NULL AFTER `immunities`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'pushable')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `pushable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `convinceable`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushitems')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canpushitems` TINYINT(1) NOT NULL DEFAULT '0' AFTER `pushable`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canpushcreatures` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonenergy` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonpoison` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonenergy`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonfire` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonpoison`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'runonhealth')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `runonhealth` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonfire`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'hostile')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `hostile` TINYINT(1) NOT NULL DEFAULT '0' AFTER `runonhealth`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'attackable')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `attackable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `hostile`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'rewardboss')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `rewardboss` TINYINT(1) NOT NULL DEFAULT '0' AFTER `attackable`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'defense')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `defense` INT(11) NOT NULL DEFAULT '0' AFTER `rewardboss`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'armor')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `armor` INT(11) NOT NULL DEFAULT '0' AFTER `defense`;");
 }
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'summons')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `summons` TEXT NOT NULL AFTER `loot`;");
 }
--- a/system/migrations/39.php
+++ b/system/migrations/39.php
@@ -0,0 +1,18 @@
 <?php
 // 2024-01-27
 // change hidden to hide (Eloquent model reserved keyword)
 if (!$db->hasColumn('players', 'hide')) {
 	$db->exec("ALTER TABLE `players` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
 }
 $db->exec("ALTER TABLE `" . TABLE_PREFIX . "changelog` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
 $db->exec("ALTER TABLE `" . TABLE_PREFIX . "faq` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
 $db->exec("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
 $db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
 $db->exec("ALTER TABLE `" . TABLE_PREFIX . "news` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
 $db->exec("ALTER TABLE `" . TABLE_PREFIX . "news_categories` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
 $db->exec("ALTER TABLE `" . TABLE_PREFIX . "pages` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
 $db->exec("ALTER TABLE `" . TABLE_PREFIX . "gallery` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
 $db->exec("ALTER TABLE `" . TABLE_PREFIX . "spells` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
--- a/system/migrations/40.php
+++ b/system/migrations/40.php
@@ -0,0 +1,12 @@
 <?php
 // 2024-02-03
 // update pages links
 use MyAAC\Models\Menu;
 Menu::where('link', 'lastkills')->update(['link' => 'last-kills']);
 Menu::where('link', 'serverInfo')->update(['link' => 'server-info']);
 Menu::where('link', 'experienceStages')->update(['link' => 'exp-stages']);
 Menu::where('link', 'experienceTable')->update(['link' => 'exp-table']);
 Menu::where('link', 'creatures')->update(['link' => 'monsters']);
--- a/system/pages/account/base.php
+++ b/system/pages/account/base.php
@@ -12,6 +12,8 @@ defined('MYAAC') or die('Direct access not allowed!');
 if(!$logged)
 {
 	$title = 'Login';
 	if(!empty($errors))
 		$twig->display('error_box.html.twig', array('errors' => $errors));
@@ -19,7 +21,8 @@ if(!$logged)
 		'redirect' => $_REQUEST['redirect'] ?? null,
 		'account' => USE_ACCOUNT_NAME ? 'Name' : 'Number',
 		'account_login_by' => getAccountLoginByLabel(),
-		'error' => $errors[0] ?? null
+		'error' => $errors[0] ?? null,
 		'errors' => $errors ?? [],
 	));
 	return;
--- a/system/pages/account/change-email.php
+++ b/system/pages/account/change-email.php
@@ -57,14 +57,14 @@ if($email_new_time < 10) {
 			$twig->display('error_box.html.twig', array('errors' => $errors));
 			//show form
-			$twig->display('account.change_mail.html.twig', array(
+			$twig->display('account.change-email.html.twig', array(
 				'new_email' => isset($_POST['new_email']) ? $_POST['new_email'] : null
 			));
 		}
 	}
 	else
 	{
-		$twig->display('account.change_mail.html.twig', array(
+		$twig->display('account.change-email.html.twig', array(
 			'new_email' => isset($_POST['new_email']) ? $_POST['new_email'] : null
 		));
 	}
@@ -93,21 +93,21 @@ else
 		<td width="30">&nbsp;</td>
 		<td align=left>
 			<form action="' . getLink('account/email') . '" method="post">
-				' . csrf() . '
+				' . csrf(true) . '
 				<input type="hidden" name="changeemailsave" value=1 >
 				<INPUT TYPE=image NAME="I Agree" SRC="' . $template_path . '/images/global/buttons/sbutton_iagree.gif" BORDER=0 WIDTH=120 HEIGHT=17>
 			</form>
 		</td>
 		<td align=left>
 			<form action="' . getLink('account/email') . '" method="post">
-				' . csrf() . '
+				' . csrf(true) . '
 				<input type="hidden" name="emailchangecancel" value=1 >
 				' . $twig->render('buttons.cancel.html.twig') . '
 			</form>
 		</td>
 		<td align=right>
-			<form action="?subtopic=accountmanagement" method="post" >
+			<form action="' . getLink('account/manage') . '" method="post" >
-				' . csrf() . '
+				' . csrf(true) . '
 				' . $twig->render('buttons.back.html.twig') . '
 			</form>
 		</td>
@@ -129,7 +129,7 @@ else
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0" >
 				<form action="' .getLink('account/email') . '" method="post" >
-					' . csrf() . '
+					' . csrf(true) . '
 					<tr>
 						<td style="border:0px;" >
 							<input type="hidden" name="emailchangecancel" value="1" >
@@ -142,7 +142,7 @@ else
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0" >
 				<form action="' . getLink('account/manage') . '" method="post" >
-					' . csrf() . '
+					' . csrf(true) . '
 					<tr>
 						<td style="border:0px;" >
 							' . $twig->render('buttons.back.html.twig') . '
@@ -164,7 +164,7 @@ if(isset($_POST['emailchangecancel']) && $_POST['emailchangecancel'] == 1) {
 	$account_logged->setCustomField("email_new", "");
 	$account_logged->setCustomField("email_new_time", 0);
-	$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
+	$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="' . getLink('account/manage') . '" method="post" ><tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
 	$twig->display('success.html.twig', array(
 		'title' => 'Email Address Change Cancelled',
--- a/system/pages/account/change-info.php
+++ b/system/pages/account/change-info.php
@@ -26,12 +26,13 @@ if(setting('core.account_country'))
 $account = Account::find($account_logged->getId());
 $show_form = true;
-$new_rlname = isset($_POST['info_rlname']) ? htmlspecialchars(stripslashes($_POST['info_rlname'])) : NULL;
+$new_rlname = isset($_POST['info_rlname']) ? htmlspecialchars(stripslashes($_POST['info_rlname'])) : '';
-$new_location = isset($_POST['info_location']) ? htmlspecialchars(stripslashes($_POST['info_location'])) : NULL;
+$new_location = isset($_POST['info_location']) ? htmlspecialchars(stripslashes($_POST['info_location'])) : '';
-$new_country = isset($_POST['info_country']) ? htmlspecialchars(stripslashes($_POST['info_country'])) : NULL;
+$new_country = isset($_POST['info_country']) ? htmlspecialchars(stripslashes($_POST['info_country'])) : '';
 if(isset($_POST['changeinfosave']) && $_POST['changeinfosave'] == 1) {
-	if(!isset($config['countries'][$new_country]))
+	if(setting('core.account_country') && !isset($config['countries'][$new_country])) {
 		$errors[] = 'Country is not correct.';
 	}
 	if(empty($errors)) {
 		//save data from form
@@ -39,7 +40,14 @@ if(isset($_POST['changeinfosave']) && $_POST['changeinfosave'] == 1) {
 		$account->location = $new_location;
 		$account->country = $new_country;
 		$account->save();
-		$account_logged->logAction('Changed Real Name to <b>' . $new_rlname . '</b>, Location to <b>' . $new_location . '</b> and Country to <b>' . $config['countries'][$new_country] . '</b>.');
+
 		$log = 'Changed Real Name to <b>' . $new_rlname . '</b>, Location to <b>' . $new_location . '</b>';
 		if(setting('core.account_country')) {
 			$log .= ' and Country to <b>' . $config['countries'][$new_country] . '</b>';
 		}
 		$log .= '.';
 		$account_logged->logAction($log);
 		$twig->display('success.html.twig', array(
 			'title' => 'Public Information Changed',
 			'description' => 'Your public information has been changed.'
@@ -68,7 +76,7 @@ if($show_form) {
 			$countries[$code] = $country;
 	}
-	$twig->display('account.change_info.html.twig', array(
+	$twig->display('account.change-info.html.twig', array(
 		'countries' => $countries ?? [],
 		'account_rlname' => $account_rlname,
 		'account_location' => $account_location,
--- a/system/pages/account/change-password.php
+++ b/system/pages/account/change-password.php
@@ -21,7 +21,7 @@ $new_password = $_POST['newpassword'] ?? NULL;
 $new_password_confirm = $_POST['newpassword_confirm'] ?? NULL;
 $old_password = $_POST['oldpassword'] ?? NULL;
 if(empty($new_password) && empty($new_password_confirm) && empty($old_password)) {
-	$twig->display('account.change_password.html.twig');
+	$twig->display('account.change-password.html.twig');
 }
 else
 {
@@ -52,7 +52,7 @@ else
 		$twig->display('error_box.html.twig', array('errors' => $errors));
 		//show form
-		$twig->display('account.change_password.html.twig');
+		$twig->display('account.change-password.html.twig');
 	}
 	else {
 		$org_pass = $new_password;
--- a/system/pages/account/characters/change-comment.php
+++ b/system/pages/account/characters/change-comment.php
@@ -14,7 +14,7 @@ use MyAAC\Models\Player;
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Change Comment';
-require __DIR__ . '/base.php';
+require PAGES . 'account/base.php';
 if(!$logged) {
 	return;
@@ -40,7 +40,7 @@ if($player_name != null) {
 			if (isset($_POST['changecommentsave']) && $_POST['changecommentsave'] == 1) {
 				if(empty($errors)) {
-					$player->hidden = $new_hideacc;
+					$player->hide = $new_hideacc;
 					$player->comment = $new_comment;
 					$player->save();
 					$account_logged->logAction('Changed comment for character <b>' . $player->name . '</b>.');
@@ -68,7 +68,7 @@ if($show_form) {
 	}
 	if(isset($player) && $player) {
-		$twig->display('account.change_comment.html.twig', array(
+		$twig->display('account.characters.change-comment.html.twig', array(
 			'player' => $player->toArray()
 		));
 	}
--- a/system/pages/account/characters/change-name.php
+++ b/system/pages/account/characters/change-name.php
@@ -11,7 +11,7 @@
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Change Name';
-require __DIR__ . '/base.php';
+require PAGES . 'account/base.php';
 if(!$logged) {
 	return;
@@ -109,7 +109,7 @@ else
 			$twig->display('error_box.html.twig', array('errors' => $errors));
 		}
-		$twig->display('account.change_name.html.twig', array(
+		$twig->display('account.characters.change-name.html.twig', array(
 			'points' => $points,
 			'errors' => $errors
 			//'account_players' => $account_logged->getPlayersList()
--- a/system/pages/account/characters/change-sex.php
+++ b/system/pages/account/characters/change-sex.php
@@ -11,7 +11,7 @@
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Change Sex';
-require __DIR__ . '/base.php';
+require PAGES . 'account/base.php';
 if(!$logged) {
 	return;
@@ -88,7 +88,7 @@ else
 		if(!empty($errors)) {
 			$twig->display('error_box.html.twig', array('errors' => $errors));
 		}
-		$twig->display('account.change_sex.html.twig', array(
+		$twig->display('account.characters.change-sex.html.twig', array(
 			'players' => $account_logged->getPlayersList(false),
 			'player_sex' => isset($player) ? $player->getSex() : -1,
 			'points' => $points
--- a/system/pages/account/characters/create.php
+++ b/system/pages/account/characters/create.php
@@ -8,10 +8,13 @@
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 use MyAAC\CreateCharacter;
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Create Character';
-require __DIR__ . '/base.php';
+require PAGES . 'account/base.php';
 if(!$logged) {
 	return;
@@ -30,7 +33,6 @@ $character_created = false;
 $save = isset($_POST['save']) && $_POST['save'] == 1;
 $errors = array();
 if($save) {
 	require_once LIBS . 'CreateCharacter.php';
 	$createCharacter = new CreateCharacter();
 	$character_created = $createCharacter->doCreate($character_name, $character_sex, $character_vocation, $character_town, $account_logged, $errors);
@@ -41,7 +43,7 @@ if(count($errors) > 0) {
 }
 if(!$character_created) {
-	$twig->display('account.create_character.html.twig', array(
+	$twig->display('account.characters.create.html.twig', array(
 		'name' => $character_name,
 		'sex' => $character_sex,
 		'vocation' => $character_vocation,
--- a/system/pages/account/characters/delete.php
+++ b/system/pages/account/characters/delete.php
@@ -11,7 +11,7 @@
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Delete Character';
-require __DIR__ . '/base.php';
+require PAGES . 'account/base.php';
 if(!$logged) {
 	return;
@@ -61,16 +61,18 @@ if(isset($_POST['deletecharactersave']) && $_POST['deletecharactersave'] == 1) {
 		}
 	}
-	$ownerid = 'ownerid';
+	if(empty($errors)) {
-	if($db->hasColumn('guilds', 'owner_id'))
+		$ownerid = 'ownerid';
-		$ownerid = 'owner_id';
+		if ($db->hasColumn('guilds', 'owner_id'))
-	$guild = $db->query('SELECT `name` FROM `guilds` WHERE `' . $ownerid . '` = '.$player->getId());
+			$ownerid = 'owner_id';
-	if($guild->rowCount() > 0) {
+		$guild = $db->query('SELECT `name` FROM `guilds` WHERE `' . $ownerid . '` = ' . $player->getId());
-		$errors[] = 'You cannot delete a character when they own a guild.';
+		if ($guild->rowCount() > 0) {
 			$errors[] = 'You cannot delete a character when they own a guild.';
 		}
 	}
 	if(empty($errors)) {
-		//dont show table "delete character" again
+		// don't show table "delete character" again
 		$show_form = false;
 		/** @var OTS_DB_MySQL $db */
 		if ($db->hasColumn('players', 'deletion'))
@@ -91,5 +93,5 @@ if($show_form) {
 		$twig->display('error_box.html.twig', array('errors' => $errors));
 	}
-	$twig->display('account.delete_character.html.twig');
+	$twig->display('account.characters.delete.html.twig');
 }
--- a/system/pages/account/confirm-email.php
+++ b/system/pages/account/confirm-email.php
@@ -25,16 +25,20 @@ if(!Account::where('email_hash', $hash)->exists()) {
 }
 else
 {
-	if (Account::where('email_hash', $hash)->where('email_verified', 0)->exists()) {
+	$accountModel = Account::where('email_hash', $hash)->where('email_verified', 0)->first();
-		$query = $query->fetch(PDO::FETCH_ASSOC);
+	if ($accountModel) {
 		$accountModel->email_verified = 1;
 		$accountModel->save();
 		success('You have now verified your e-mail, this will increase the security of your account. Thank you for doing this. You can now <a href=' . getLink('account/manage') . '>log in</a>.');
 		$account = new OTS_Account();
-		$account->load($query['id']);
+		$account->load($accountModel->id);
 		if ($account->isLoaded()) {
 			$hooks->trigger(HOOK_EMAIL_CONFIRMED, ['account' => $account]);
 		}
 	}
-
+	else {
-	Account::where('email_hash', $hash)->update('email_verified', 1);
+		error('Link has expired.');
-	success('You have now verified your e-mail, this will increase the security of your account. Thank you for doing this.');
+	}
 }
 ?>
--- a/system/pages/account/create.php
+++ b/system/pages/account/create.php
@@ -8,6 +8,9 @@
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 use MyAAC\CreateCharacter;
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Create Account';
@@ -21,7 +24,6 @@ if($logged)
 }
 if(setting('core.account_create_character_create')) {
 	require_once LIBS . 'CreateCharacter.php';
 	$createCharacter = new CreateCharacter();
 }
@@ -225,7 +227,7 @@ if($save)
 			$hash = md5(generateRandomString(16, true, true) . $email);
 			$new_account->setCustomField('email_hash', $hash);
-			$verify_url = getLink('account/confirm_email/' . $hash);
+			$verify_url = getLink('account/confirm-email/' . $hash);
 			$body_html = $twig->render('mail.account.verify.html.twig', array(
 				'account' => $tmp_account,
 				'verify_url' => generateLink($verify_url, $verify_url, true)
@@ -234,6 +236,9 @@ if($save)
 			if(_mail($email, 'New account on ' . $config['lua']['serverName'], $body_html))
 			{
 				echo 'Your account has been created.<br/><br/>';
 				warning("Before you can login - you need to verify your E-Mail. The verification link has been sent to $email. If the message is not coming - remember to check the SPAM folder.");
 				$twig->display('success.html.twig', array(
 					'title' => 'Account Created',
 					'description' => 'Your account ' . $account_type . ' is <b>' . $tmp_account . '</b><br/>You will need the account ' . $account_type . ' and your password to play on ' . configLua('serverName') . '.
@@ -250,15 +255,6 @@ if($save)
 		}
 		else
 		{
 			if(setting('core.account_create_character_create')) {
 				// character creation
 				$character_created = $createCharacter->doCreate($character_name, $character_sex, $character_vocation, $character_town, $new_account, $errors);
 				if (!$character_created) {
 					error('There was an error creating your character. Please create your character later in account management page.');
 					error(implode(' ', $errors));
 				}
 			}
 			if(setting('core.account_create_auto_login')) {
 				if ($hasBeenCreatedByEMail) {
 					$_POST['account_login'] = $email;
@@ -309,6 +305,15 @@ if($save)
 			}
 		}
 		if(setting('core.account_create_character_create')) {
 			// character creation
 			$character_created = $createCharacter->doCreate($character_name, $character_sex, $character_vocation, $character_town, $new_account, $errors);
 			if (!$character_created) {
 				error('There was an error creating your character. Please create your character later in account management page.');
 				error(implode(' ', $errors));
 			}
 		}
 		return;
 	}
 }
--- a/system/pages/account/login.php
+++ b/system/pages/account/login.php
@@ -9,56 +9,62 @@
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Login';
 // new login with data from form
-if(!$logged && isset($_POST['account_login'], $_POST['password_login']))
+if($logged || !isset($_POST['account_login']) || !isset($_POST['password_login'])) {
 	return;
 }
 $login_account = $_POST['account_login'];
 $login_password = $_POST['password_login'];
 $remember_me = isset($_POST['remember_me']);
 if(!empty($login_account) && !empty($login_password))
 {
-	$login_account = $_POST['account_login'];
+	if($cache->enabled())
 	$login_password = $_POST['password_login'];
 	$remember_me = isset($_POST['remember_me']);
 	if(!empty($login_account) && !empty($login_password))
 	{
-		if($cache->enabled())
+		$tmp = '';
 		if($cache->fetch('failed_logins', $tmp))
 		{
-			$tmp = '';
+			$tmp = unserialize($tmp);
-			if($cache->fetch('failed_logins', $tmp))
+			$to_remove = array();
 			foreach($tmp as $ip => $t)
 			{
-				$tmp = unserialize($tmp);
+				if(time() - $t['last'] >= 5 * 60)
-				$to_remove = array();
+					$to_remove[] = $ip;
 				foreach($tmp as $ip => $t)
 				{
 					if(time() - $t['last'] >= 5 * 60)
 						$to_remove[] = $ip;
 				}
 				foreach($to_remove as $ip)
 					unset($tmp[$ip]);
 			}
 			else
 				$tmp = array();
-			$ip = $_SERVER['REMOTE_ADDR'];
+			foreach($to_remove as $ip)
-			$t = $tmp[$ip] ?? null;
+				unset($tmp[$ip]);
 		}
 		else
 			$tmp = array();
-		$account_logged = new OTS_Account();
+		$ip = $_SERVER['REMOTE_ADDR'];
-		if (config('account_login_by_email')) {
+		$t = $tmp[$ip] ?? null;
-			$account_logged->findByEMail($login_account);
+	}
 	$account_logged = new OTS_Account();
 	if (config('account_login_by_email')) {
 		$account_logged->findByEMail($login_account);
 	}
 	if (!config('account_login_by_email') || config('account_login_by_email_fallback')) {
 		if(USE_ACCOUNT_NAME || USE_ACCOUNT_NUMBER) {
 			$account_logged->find($login_account);
 		} else {
 			$account_logged->load($login_account, true);
 		}
 	}
-		if (!config('account_login_by_email') || config('account_login_by_email_fallback')) {
+	if($account_logged->isLoaded() && encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password) == $account_logged->getPassword()
-			if(USE_ACCOUNT_NAME || USE_ACCOUNT_NUMBER) {
+		&& (!isset($t) || $t['attempts'] < 5)
-				$account_logged->find($login_account);
+	)
-			} else {
+	{
-				$account_logged->load($login_account, true);
+		if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
-			}
+			$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
 		}
-
+		else {
-		if($account_logged->isLoaded() && encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password) == $account_logged->getPassword()
+			session_regenerate_id();
 			&& (!isset($t) || $t['attempts'] < 5)
 		)
 		{
 			setSession('account', $account_logged->getId());
 			setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
 			if($remember_me) {
@@ -81,44 +87,44 @@ if(!$logged && isset($_POST['account_login'], $_POST['password_login']))
 			$hooks->trigger(HOOK_LOGIN, array('account' => $account_logged, 'password' => $login_password, 'remember_me' => $remember_me));
 		}
-		else
+	}
 	else
 	{
 		$hooks->trigger(HOOK_LOGIN_ATTEMPT, array('account' => $login_account, 'password' => $login_password, 'remember_me' => $remember_me));
 		$errorMessage = getAccountLoginByLabel() . ' or password is not correct.';
 		// temporary solution for blocking failed login attempts
 		if($cache->enabled())
 		{
-			$hooks->trigger(HOOK_LOGIN_ATTEMPT, array('account' => $login_account, 'password' => $login_password, 'remember_me' => $remember_me));
+			if(isset($t))
 			$errorMessage = getAccountLoginByLabel() . ' or password is not correct.';
 			// temporary solution for blocking failed login attempts
 			if($cache->enabled())
 			{
-				if(isset($t))
+				$t['attempts']++;
-				{
+				$t['last'] = time();
 					$t['attempts']++;
 					$t['last'] = time();
-					if($t['attempts'] >= 5)
+				if($t['attempts'] >= 5)
-						$errors[] = 'A wrong password has been entered 5 times in a row. You are unable to log into your account for the next 5 minutes. Please wait.';
+					$errors[] = 'A wrong password has been entered 5 times in a row. You are unable to log into your account for the next 5 minutes. Please wait.';
 					else
 						$errors[] = $errorMessage;
 				}
 				else
 				{
 					$t = array('attempts' => 1, 'last' => time());
 					$errors[] = $errorMessage;
 				}
 				$tmp[$ip] = $t;
 				$cache->set('failed_logins', serialize($tmp), 60 * 60); // save for 1 hour
 			}
-			else {
+			else
 			{
 				$t = array('attempts' => 1, 'last' => time());
 				$errors[] = $errorMessage;
 			}
 			$tmp[$ip] = $t;
 			$cache->set('failed_logins', serialize($tmp), 60 * 60); // save for 1 hour
 		}
 		else {
 			$errors[] = $errorMessage;
 		}
 	}
 	else {
 		$errors[] = 'Please enter your ' . getAccountLoginByLabel() . ' and password.';
 		$hooks->trigger(HOOK_LOGIN_ATTEMPT, array('account' => $login_account, 'password' => $login_password, 'remember_me' => $remember_me));
 	}
 	$hooks->trigger(HOOK_ACCOUNT_LOGIN_POST);
 }
 else {
 	$errors[] = 'Please enter your ' . getAccountLoginByLabel() . ' and password.';
 	$hooks->trigger(HOOK_LOGIN_ATTEMPT, array('account' => $login_account, 'password' => $login_password, 'remember_me' => $remember_me));
 }
 $hooks->trigger(HOOK_ACCOUNT_LOGIN_POST);
--- a/system/pages/account/lost.php
+++ b/system/pages/account/lost.php
@@ -55,7 +55,7 @@ elseif($action == 'step1' && $action_type == 'email')
 				</TD></TR></FORM></TABLE></TABLE>';
 			else
 			{
-				$insec = $account->getCustomField('email_next') - time();
+				$insec = (int)$account->getCustomField('email_next') - time();
 				$minutesleft = floor($insec / 60);
 				$secondsleft = $insec - ($minutesleft * 60);
 				$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
@@ -95,7 +95,7 @@ elseif($action == 'sendcode')
 					<p>Account name: '.$account->getName().'</p>
 					<br />
 					To do so, please click this link:
-					<p><a href="' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'">'.BASE_URL.'/?subtopic=lostaccount&action=checkcode&code='.$newcode.'&character='.urlencode($nick).'</a></p>
+					<p><a href="' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'">' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'</a></p>
 					<p>or open page: <i>' . getLink('account/lost') . '?action=checkcode</i> and in field "code" write <b>'.$newcode.'</b></p>
 					<br/>
 						<p>If you did not request a password change, you may ignore this message and your password will remain unchanged.';
@@ -118,7 +118,7 @@ elseif($action == 'sendcode')
 			}
 			else
 			{
-				$insec = $account->getCustomField('email_next') - time();
+				$insec = (int)$account->getCustomField('email_next') - time();
 				$minutesleft = floor($insec / 60);
 				$secondsleft = $insec - ($minutesleft * 60);
 				$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
@@ -172,7 +172,7 @@ elseif($action == 'step1' && $action_type == 'reckey')
 	else
 		echo 'Invalid player name format. If you have other characters on account try with other name.';
 	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<a href="?subtopic=lostaccount" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
+				<a href="' . getLink('account/lost') . '" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'step2')
@@ -232,7 +232,7 @@ elseif($action == 'step2')
 					}
 					</script>';
 					echo 'Set new password and e-mail to your account.<BR>
-					<FORM ACTION="?subtopic=lostaccount&action=step3" onsubmit="return validate_form(this)" METHOD=post>
+					<FORM ACTION="' . getLink('account/lost') . '?action=step3" onsubmit="return validate_form(this)" METHOD=post>
 					<INPUT TYPE=hidden NAME="character" VALUE="">
 					<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 					<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter new password and e-mail</B></TD></TR>
@@ -261,7 +261,7 @@ elseif($action == 'step2')
 	else
 		echo 'Invalid player name format. If you have other characters on account try with other name.';
 	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<a href="?subtopic=lostaccount&action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
+				<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'step3')
@@ -304,7 +304,7 @@ elseif($action == 'step3')
 								$account->setCustomField('salt', $salt);
 							echo 'Your account name, new password and new e-mail.<BR>
-							<FORM ACTION="?subtopic=accountmanagement" onsubmit="return validate_form(this)" METHOD=post>
+							<FORM ACTION="' . getLink('account/manage') . '" onsubmit="return validate_form(this)" METHOD=post>
 							<INPUT TYPE=hidden NAME="character" VALUE="">
 							<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 							<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Your account name, new password and new e-mail</B></TD></TR>
@@ -361,7 +361,7 @@ elseif($action == 'step3')
 	else
 		echo 'Invalid player name format. If you have other characters on account try with other name.';
 	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<a href="?subtopic=lostaccount&action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
+				<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'checkcode')
@@ -370,7 +370,7 @@ elseif($action == 'checkcode')
 	$character = stripslashes(trim($_REQUEST['character']));
 	if(empty($code) || empty($character))
 		echo 'Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
+				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
 				<TR><TD BGCOLOR="'.$config['darkborder'].'">
@@ -418,7 +418,7 @@ elseif($action == 'checkcode')
 				}
 				</script>
 				Please enter new password to your account and repeat to make sure you remember password.<BR>
-				<FORM ACTION="?subtopic=lostaccount&action=setnewpassword" onsubmit="return validate_form(this)" METHOD=post>
+				<FORM ACTION="' . getLink('account/lost') . '?action=setnewpassword" onsubmit="return validate_form(this)" METHOD=post>
 				<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
 				<INPUT TYPE=hidden NAME="code" VALUE="'.$code.'">
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
@@ -441,7 +441,7 @@ elseif($action == 'checkcode')
 	}
 	if(!empty($error))
 				echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
+				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
 				<TR><TD BGCOLOR="'.$config['darkborder'].'">
@@ -462,7 +462,7 @@ elseif($action == 'setnewpassword')
 	echo '';
 	if(empty($code) || empty($character) || empty($newpassword))
 		echo '<span style="color: red"><b>Error. Try again.</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<BR><FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
+				<BR><FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				<INPUT TYPE=image NAME="Back" ALT="Back" SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
 				</TD></TR></FORM></TABLE></TABLE>';
@@ -518,7 +518,7 @@ elseif($action == 'setnewpassword')
 				</TABLE>
 				<BR>
 				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<FORM ACTION="?subtopic=accountmanagement" METHOD=post>
+				<FORM ACTION="' . getLink('account/manage') . '" METHOD=post>
 				<INPUT TYPE=image NAME="Login" ALT="Login" SRC="'.$template_path.'/images/global/buttons/sbutton_login.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 				}
@@ -533,7 +533,7 @@ elseif($action == 'setnewpassword')
 	}
 	if(!empty($error))
 				echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
+				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
 				<TR><TD BGCOLOR="'.$config['darkborder'].'">
--- a/system/pages/account/manage.php
+++ b/system/pages/account/manage.php
@@ -18,6 +18,22 @@ if(!$logged) {
 	return;
 }
 if(isset($_REQUEST['redirect']))
 {
 	$redirect = urldecode($_REQUEST['redirect']);
 	// should never happen, unless hacker modify the URL
 	if (!str_contains($redirect, BASE_URL)) {
 		error('Fatal error: Cannot redirect outside the website.');
 		return;
 	}
 	$twig->display('account.redirect.html.twig', array(
 		'redirect' => $redirect
 	));
 	return;
 }
 $groups = new OTS_Groups_List();
 $freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS;
@@ -36,7 +52,7 @@ if(empty($recovery_key))
 else
 {
 	if(setting('core.account_generate_new_reckey') && setting('core.mail_enabled'))
-		$account_registered = '<b><span style="color: green">Yes ( <a href="' . getLink('account/register/new') . '"> Buy new Recovery Key </a> )</span></b>';
+		$account_registered = '<b><span style="color: green">Yes ( <a href="' . getLink('account/register-new') . '"> Buy new Recovery Key </a> )</span></b>';
 	else
 		$account_registered = '<b><span style="color: green">Yes</span></b>';
 }
--- a/system/pages/account/redirect.php
+++ b/system/pages/account/redirect.php
@@ -12,6 +12,12 @@ defined('MYAAC') or die('Direct access not allowed!');
 $redirect = urldecode($_REQUEST['redirect']);
 // should never happen, unless hacker modify the URL
 if (!str_contains($redirect, BASE_URL)) {
 	error('Fatal error: Cannot redirect outside the website.');
 	return;
 }
 $twig->display('account.redirect.html.twig', array(
 	'redirect' => $redirect
 ));
--- a/system/pages/account/register-new.php
+++ b/system/pages/account/register-new.php
--- a/system/pages/bans.php
+++ b/system/pages/bans.php
@@ -27,7 +27,7 @@ $configBans = [];
 $configBans['hasType'] = false;
 $configBans['hasReason'] = false;
-$limit = 'LIMIT ' . ($configBansPerPage + 1) . (isset($offset) ? ' OFFSET ' . $offset : '');
+$limit = 'LIMIT ' . ($configBansPerPage + 1) . ' OFFSET ' . $offset;
 if ($db->hasTable('account_bans')) {
 	$bansQuery = $db->query('SELECT * FROM `account_bans` ORDER BY `banned_at` DESC ' . $limit);
 }
--- a/Show More
+++ b/Show More
		`@@ -1,3 +0,0 @@`
			`<?php`

			`class SensitiveException extends Exception {}`