Fixes to tables headline

* phpstan v1 + workflow

* Fix intend

* More fixes

* Update phpstan.neon

* phpstan level 2

* Move errors ignoring into phpstan.neon

* phpstan level 3

* Don't ignore templates folder

* Something from level 4

* Update phpstan.neon

.github/workflows/cypress.yml

@@ -22,8 +22,9 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-versions: [ '7.4', '8.0', '8.1' ]
+        php-versions: [ '8.1', '8.2', '8.3' ]
-    name: MyAAC on PHP ${{ matrix.php-versions }}
+        ots: ['tfs-1.4', 'canary-3.1.2'] # TODO: add 'tfs-master' (actually doesn't work cause AAC doesn't support reading .env configuration)
+    name: Cypress (PHP ${{ matrix.php-versions }}, ${{ matrix.ots }})
     steps:
         - name: 📌 MySQL Start & init & show db
           run: |
@@ -32,47 +33,81 @@ jobs:
             mysql -e "SHOW DATABASES" -uroot -proot
 
         - name: Checkout MyAAC
-          uses: actions/checkout@v3
+          uses: actions/checkout@v4
           with:
-            ref: 0.9
+            ref: develop
+
+        - uses: actions/setup-node@v4
+          with:
+            node-version: 18
+        - run: npm ci
 
         - name: Checkout TFS
-          uses: actions/checkout@v3
+          uses: actions/checkout@v4
+          if: matrix.ots == 'tfs-1.4'
           with:
             repository: otland/forgottenserver
             ref: 1.4
-            path: tfs
+            path: ots
 
-        - name: Import TFS Schema
+        - name: Checkout TFS
+          uses: actions/checkout@v4
+          if: matrix.ots == 'tfs-master'
+          with:
+            repository: otland/forgottenserver
+            ref: master
+            path: ots
+
+        - name: Checkout Canary
+          uses: actions/checkout@v4
+          if: matrix.ots == 'canary-3.1.2'
+          with:
+            repository: opentibiabr/canary
+            ref: v3.1.2
+            path: ots
+
+        - name: Import OTS Schema
           run: |
-              mysql -uroot -proot myaac < tfs/schema.sql
+              mysql -uroot -proot myaac < ots/schema.sql
 
         - name: Rename config.lua
-          run: mv tfs/config.lua.dist tfs/config.lua
+          run: mv ots/config.lua.dist ots/config.lua
 
-        - name: Replace mysqlUser
+        - name: Replace mysqlUser (TFS 1.4)
-          uses: jacobtomlinson/gha-find-replace@v2
+          uses: jacobtomlinson/gha-find-replace@v3
+          if: matrix.ots == 'tfs-1.4'
           with:
             find: 'mysqlUser = "forgottenserver"'
             replace: 'mysqlUser = "root"'
             regex: false
-            include: 'tfs/config.lua'
+            include: 'ots/config.lua'
 
-        - name: Replace mysqlPass
+        - name: Replace mysqlPass (TFS 1.4)
-          uses: jacobtomlinson/gha-find-replace@v2
+          uses: jacobtomlinson/gha-find-replace@v3
+          if: matrix.ots == 'tfs-1.4'
           with:
               find: 'mysqlPass = ""'
               replace: 'mysqlPass = "root"'
               regex: false
-              include: 'tfs/config.lua'
+              include: 'ots/config.lua'
 
-        - name: Replace mysqlDatabase
+        - name: Replace mysqlDatabase (TFS 1.4)
-          uses: jacobtomlinson/gha-find-replace@v2
+          uses: jacobtomlinson/gha-find-replace@v3
+          if: matrix.ots == 'tfs-1.4'
           with:
               find: 'mysqlDatabase = "forgottenserver"'
               replace: 'mysqlDatabase = "myaac"'
               regex: false
-              include: 'tfs/config.lua'
+              include: 'ots/config.lua'
+
+        - name: Replace mysqlDatabase (Canary)
+          uses: jacobtomlinson/gha-find-replace@v3
+          if: matrix.ots == 'canary-3.1.2'
+          with:
+              find: 'mysqlDatabase = "otservbr-global"'
+              replace: 'mysqlDatabase = "myaac"'
+              regex: false
+              include: 'ots/config.lua'
 
         - name: Setup PHP
           uses: shivammathur/setup-php@v2
@@ -85,13 +120,13 @@ jobs:
           run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
 
         - name: Cache composer dependencies
-          uses: actions/cache@v3
+          uses: actions/cache@v4
           with:
             path: ${{ steps.composer-cache.outputs.dir }}
             # Use composer.json for key, if composer.lock is not committed.
-            # key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
+            key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
-            key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+            #key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
-            restore-keys: ${{ runner.os }}-composer-
+            restore-keys: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
 
         - name: Install Composer dependencies
           run: composer install --no-progress --prefer-dist --optimize-autoloader
@@ -100,21 +135,28 @@ jobs:
           run: nohup php -S localhost:8080 > php.log 2>&1 &
 
         - name: Cypress Run
-          uses: cypress-io/github-action@v5
+          uses: cypress-io/github-action@v6
           env:
             CYPRESS_URL: http://localhost:8080
-            CYPRESS_SERVER_PATH: /home/runner/work/myaac/myaac/tfs
+            CYPRESS_SERVER_PATH: /home/runner/work/myaac/myaac/ots
 
         - name: Save screenshots
-          uses: actions/upload-artifact@v3
+          uses: actions/upload-artifact@v4
           if: always()
           with:
-            name: cypress-screenshots
+            name: cypress-screenshots-${{ matrix.php-versions }}-${{ matrix.ots }}
             path: cypress/screenshots
 
         - name: Upload Cypress Videos
-          uses: actions/upload-artifact@v3
+          uses: actions/upload-artifact@v4
           if: always()
           with:
-            name: cypress-videos
+            name: cypress-videos-${{ matrix.php-versions }}-${{ matrix.ots }}
             path: cypress/videos
+
+        - name: Upload PHP Logs
+          uses: actions/upload-artifact@v4
+          if: always()
+          with:
+            name: php-log-${{ matrix.php-versions }}-${{ matrix.ots }}
+            path: php.log

.github/workflows/phpstan.yml

@@ -0,0 +1,47 @@
+name: "PHPStan"
+
+on:
+  pull_request:
+    branches: [develop]
+  push:
+    branches: [develop]
+
+jobs:
+  tests:
+    name: PhpStan on PHP ${{ matrix.php-versions }}
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        php-versions: [ '8.1', '8.2', '8.3' ]
+    steps:
+      - name: "Checkout"
+        uses: "actions/checkout@v4"
+
+      - name: "Install PHP"
+        uses: "shivammathur/setup-php@v2"
+        with:
+          coverage: "none"
+          extensions: "intl, zip"
+          ini-values: "memory_limit=-1"
+          php-version: "${{ matrix.php-version }}"
+
+      - name: Get composer cache directory
+        id: composer-cache
+        run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
+
+      - name: Cache composer dependencies
+        uses: actions/cache@v4
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          # Use composer.json for key, if composer.lock is not committed.
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
+          #key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+          restore-keys: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
+
+      - name: "Install composer dependencies"
+        run: "composer install"
+
+      - name: "Run PHPStan"
+        run: "/usr/bin/php vendor/bin/phpstan analyse"

.gitignore

@@ -6,15 +6,18 @@ Thumbs.db
 /.htaccess
 
 # composer
+composer.phar
 composer.lock
 vendor
 
 # npm
 node_modules
+tools/ext
 
 # cypress
 cypress.env.json
 cypress/e2e/2-advanced-examples
+cypress/screenshots
 
 # created by release.sh
 releases

CHANGELOG.md

@@ -1,8 +1,8 @@
 # Changelog
 
-## [0.9.0-alpha - 02.06.2023]
+## [1.0-beta - 02.02.2024]
 
-Minimum PHP version for this release is 7.2.5.
+Minimum PHP version for this release is 8.1.
 
 ### Added
 * reworked Admin Panel (@Leesneaks, @gpedro, @slawkens)
@@ -11,17 +11,26 @@ Minimum PHP version for this release is 7.2.5.
   * new Dashboard: statistics, server status
   * new Admin Bar showed on top when admin logged in
   * new page: Server Data, to reload server data
+    * Towns, NPCs & Items are stored in permanent cache
   * new pages: mass account & teleport tools
   * changelogs editor
   * revised Accounts & Players editors
-  * option to add/modify menus with plugins
+  * option to add/modify admin menus with plugins
   * option to enable/disable plugins
   * better, updated TinyMCE editor (v6.x)
     * with option to upload images
-  * list of open source libraries used in project
+  * list of open source libraries used in project page
+* auto-loading of themes, commands & pages from plugins/ folder. You need just to place them in correct folder and they will be loaded automatically - this allows better customization, without interfering with core AAC folders. This will allow in the future automatic updates for plugins as well the AAC as whole.
+* config.php moved to Admin Panel -> Settings page
+* new console script: aac (comes from MyAAC) - using symfony/console
+  * usage: `php aac` (will list all commands by default)
+  * example: `php aac cache:clear`
+  * example: `php aac plugin:install theme-example.zip`
+* replace POT Query Builder to Eloquent ORM. Not 100% yet - in some places there is still old $db approach used (@gpedro) (https://github.com/slawkens/myaac/pull/230)
 * brand new charming installation page (by @fernandomatos)
   * using Bootstrap
 * new pages router: nikic/fast-route, allowing for better customisation
+* Plugin cronjobs: central control of the cronjobs
 * Guild Wars support (available as plugin)
 * support for login and create account only by email (configurable)
   * with no need for account name
@@ -31,7 +40,10 @@ Minimum PHP version for this release is 7.2.5.
   * suggest account number option
 * many new functions, hooks and configurables
 * better Exception Handler (Whoops - https://github.com/filp/whoops)
-* add Cypress testing
+* automated website tests (using Cypress)
+* csrf protection (https://github.com/slawkens/myaac/pull/235)
+* option to restrict Page view to specified group of users (Not-Logged in, logged-in players, tutors, gamemasters etc.)
+* phpdebug bar (http://phpdebugbar.com/). Activated if env == 'dev', can be also activated in production by enabling "enable_debugbar" in local config
 
 ### Changed
 * Composer is now used for external libraries like: Twig, PHPMailer, fast-route etc.
@@ -45,7 +57,7 @@ Minimum PHP version for this release is 7.2.5.
 	* Highscores
 		* frags works for TFS 1.x
 		* cached
-	* creatures
+	* Monsters
 * moved pages to Twig:
   * experience stages
 * update player_deaths entries on name change

CONTRIBUTORS.txt

@@ -8,7 +8,11 @@ Fernando Matos <fernando@pixele.com.br>
 Lee <42119604+Leesneaks@users.noreply.github.com>
 caio <caio.zucoli@gmail.com>
 slawkens <slawkens@gmail.com>
-tobi132 <52947952+tobi132@users.noreply.github.com>
+tobi132 <tobi132@gmx.net>
 vankk <nwtr.otland@hotmail.com>
 whiteblXK <krzys16001@gmail.com>
 xitobuh <jonas.hockert92@gmail.com>
+Danilo Pucci <dnlps@hotmail.com>
+gpedro <gpedro831@gmail.com>
+Matheus Collier <matheuscollier@gmail.com>
+SRNT-GG <95472530+SRNT-GG@users.noreply.github.com>

README.md

@@ -11,20 +11,19 @@ Official website: https://my-aac.org
 [![Closed Issues](https://img.shields.io/github/issues-closed-raw/slawkens/myaac)](https://github.com/slawkens/myaac/issues?q=is%3Aissue+is%3Aclosed)
 
 | Version | Status                 | Branch  | Requirements   |
-|:-----------|:------------------------------------------|:--------|:---------------|
+|:--------|:-----------------------|:--------|:---------------|
-| **0.10.x** | **Active development**                    | develop | **PHP >= 8.0** |
+| **1.x** | **Active development** | develop | **PHP >= 8.1** |
-| 0.9.x      | Active support                            | 0.9     | PHP >= 7.2.5   |
+| 0.9.x   | Not developed anymore  | 0.9     | PHP >= 7.2.5   |
 | 0.8.x   | Active support         | master  | PHP >= 7.2.5   |
 | 0.7.x   | End Of Life            | 0.7     | PHP >= 5.3.3   |
 
 ### Requirements
 
-	- PHP 8.0 or later
 	- MySQL database
-	- PDO PHP Extension
+	- PHP Extensions: pdo, xml, json
-	- XML PHP Extension
+	- (optional) apache2 mod_rewrite (to use friendly_urls)
-	- (optional) ZIP PHP Extension
+	- (optional) zip PHP Extension (to install plugins)
-	- (optional) mod_rewrite to use friendly_urls
+	- (optional) gd PHP Extension (for generating signature images)
 
 ### Installation
 
@@ -48,7 +47,8 @@ Official website: https://my-aac.org
 
 ### Configuration
 
-Check *config.php* to get more informations.
+Check *config.php* to get more informations. (Notice: MyAAC 1.0+ doesn't use config.php anymore, it has been moved to Admin Panel - Settings page).
+
 Use *config.local.php* for your local configuration changes.
 
 ### Branches

aac

@@ -0,0 +1,40 @@
+#!/usr/bin/env php
+<?php
+
+require_once __DIR__ . '/common.php';
+
+if(!IS_CLI) {
+	echo 'This script can be run only in command line mode.';
+	exit(1);
+}
+
+require_once SYSTEM . 'functions.php';
+require_once SYSTEM . 'init.php';
+
+define('SELF_NAME', basename(__FILE__));
+
+use MyAAC\Plugins;
+use Symfony\Component\Console\Application;
+
+$application = new Application();
+
+$commandsGlob = glob(SYSTEM . 'src/Commands/*.php');
+foreach ($commandsGlob as $item) {
+	$name = pathinfo($item, PATHINFO_FILENAME);
+	if ($name == 'Command') { // ignore base Command class
+		continue;
+	}
+
+	$commandPre = '\\MyAAC\Commands\\';
+	$application->add(new ($commandPre . $name));
+}
+
+$pluginCommands = Plugins::getCommands();
+foreach ($pluginCommands as $item) {
+	$application->add(require $item);
+}
+
+$application->setName('MyAAC');
+$application->setVersion(MYAAC_VERSION);
+
+$application->run();

admin/includes/settings_menus.php

@@ -1,5 +1,7 @@
 <?php
 
+use MyAAC\Plugins;
+
 $order = 10;
 
 $settingsMenu = [];

admin/index.php

@@ -25,11 +25,6 @@ define('PAGE', $page);
 require SYSTEM . 'functions.php';
 require SYSTEM . 'init.php';
 
-// verify myaac tables exists in database
-if(!$db->hasTable('myaac_account_actions')) {
-	throw new RuntimeException('Seems that the table <strong>myaac_account_actions</strong> of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting <a href="' . BASE_URL . 'install">this</a> url.');
-}
-
 require __DIR__ . '/includes/debugbar.php';
 require SYSTEM . 'status.php';
 require SYSTEM . 'login.php';
@@ -50,7 +45,7 @@ if(!$logged || !admin()) {
 // include our page
 $file = __DIR__ . '/pages/' . $page . '.php';
 if(!@file_exists($file)) {
-	if (strpos($page, 'plugins/') !== false) {
+	if (str_contains($page, 'plugins/')) {
 		$file = BASE . $page;
 	}
 	else {

admin/pages/accounts.php

@@ -291,7 +291,7 @@ else if (isset($_REQUEST['search'])) {
 				<div class="card-body">
 					<div class="tab-content" id="accounts-tabContent">
 						<div class="tab-pane fade active show" id="accounts-acc">
-							<form action="<?php echo $admin_base . ((isset($id) && $id > 0) ? '&id=' . $id : ''); ?>" method="post">
+							<form action="<?php echo $admin_base . ($id > 0 ? '&id=' . $id : ''); ?>" method="post">
 								<?php csrf(); ?>
 								<div class="form-group row">
 									<?php if (USE_ACCOUNT_NAME): ?>

admin/pages/changelog.php

@@ -9,6 +9,7 @@
  * @link      https://my-aac.org
  */
 
+use MyAAC\Changelog;
 use MyAAC\Models\Changelog as ModelsChangelog;
 
 defined('MYAAC') or die('Direct access not allowed!');
@@ -26,9 +27,8 @@ $use_datatable = true;
 const CL_LIMIT = 600; // maximum changelog body length
 
 $id = $_GET['id'] ?? 0;
-require_once LIBS . 'changelog.php';
 
-if(!empty($action))
+if(!empty($action) && isRequestMethod('post'))
 {
 	$id = $_POST['id'] ?? null;
 	$body = isset($_POST['body']) ? stripslashes($_POST['body']) : null;
@@ -73,7 +73,7 @@ if(!empty($action))
 		}
 	}
 	else if($action == 'hide') {
-		if (Changelog::toggleHidden($id, $errors, $status)) {
+		if (Changelog::toggleHide($id, $errors, $status)) {
 			success(($status == 1 ? 'Hide' : 'Show') . ' successful.');
 		}
 	}

admin/pages/mass_account.php

@@ -162,9 +162,9 @@ function admin_give_premdays($days)
 	displayMessage('Premium Days not supported.');
 }
 
-if (isset($_POST['action']) && $_POST['action']) {
+if (!empty(ACTION) && isRequestMethod('post')) {
 
-	$action = $_POST['action'];
+	$action = ACTION;
 
 	if (preg_match("/[^A-z0-9_\-]/", $action)) {
 		displayMessage('Invalid action.');

admin/pages/mass_teleport.php

@@ -40,9 +40,9 @@ function admin_teleport_town($town_id) {
 	displayMessage('Player\'s town updated.', true);
 }
 
-if (isset($_POST['action']) && $_POST['action'])    {
+if (!empty(ACTION) && isRequestMethod('post'))    {
 
-	$action = $_POST['action'];
+	$action = ACTION;
 
 	if (preg_match("/[^A-z0-9_\-]/", $action)) {
 		displayMessage('Invalid action.');

admin/pages/menus.php

@@ -8,6 +8,7 @@
  * @link      https://my-aac.org
  */
 
+use MyAAC\Cache\Cache;
 use MyAAC\Models\Menu;
 
 defined('MYAAC') or die('Direct access not allowed!');

admin/pages/news.php

@@ -7,6 +7,10 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Forum;
+use MyAAC\News;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 $title = 'News Panel';
@@ -15,9 +19,6 @@ csrfProtect();
 
 $use_datatable = true;
 
-require_once LIBS . 'forum.php';
-require_once LIBS . 'news.php';
-
 if (!hasFlag(FLAG_CONTENT_PAGES) && !superAdmin()) {
 	echo 'Access denied.';
 	return;
@@ -46,26 +47,24 @@ if(!empty($action))
 	$forum_section = $_POST['forum_section'] ?? null;
 	$errors = [];
 
-	if($action == 'new') {
+	if (isRequestMethod('post')) {
-		if(isset($forum_section) && $forum_section != '-1') {
+		if ($action == 'new') {
+			if (isset($forum_section) && $forum_section != '-1') {
 				$forum_add = Forum::add_thread($p_title, $body, $forum_section, $player_id, $account_logged->getId(), $errors);
 			}
 
-		if(isset($p_title) && News::add($p_title, $body, $type, $category, $player_id, isset($forum_add) && $forum_add != 0 ? $forum_add : 0, $article_text, $article_image, $errors)) {
+			if (isset($p_title) && News::add($p_title, $body, $type, $category, $player_id, isset($forum_add) && $forum_add != 0 ? $forum_add : 0, $article_text, $article_image, $errors)) {
 				$p_title = $body = $comments = $article_text = $article_image = '';
 				$type = $category = $player_id = 0;
 
 				success('Added successful.');
 			}
-	}
+		} else if ($action == 'delete') {
-	else if($action == 'delete') {
 			if (News::delete($id, $errors)) {
 				success('Deleted successful.');
 			}
-	}
+		} else if ($action == 'edit') {
-	else if($action == 'edit')
+			if (isset($id) && !isset($p_title)) {
-	{
-		if(isset($id) && !isset($p_title)) {
 				$news = News::get($id);
 				$p_title = $news['title'];
 				$body = $news['body'];
@@ -75,12 +74,11 @@ if(!empty($action))
 				$player_id = $news['player_id'];
 				$article_text = $news['article_text'];
 				$article_image = $news['article_image'];
-		}
+			} else {
-		else {
+				if (News::update($id, $p_title, $body, $type, $category, $player_id, $forum_section, $article_text, $article_image, $errors)) {
-			if(News::update($id, $p_title, $body, $type, $category, $player_id, $forum_section, $article_text, $article_image, $errors)) {
 					// update forum thread if exists
-				if(isset($forum_section) && Validator::number($forum_section)) {
+					if (isset($forum_section) && Validator::number($forum_section)) {
-					$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `author_guid` = ".(int) $player_id.", `post_text` = ".$db->quote($body).", `post_topic` = ".$db->quote($p_title).", `edit_date` = " . time() . " WHERE `id` = " . $db->quote($forum_section));
+						$db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `author_guid` = " . (int)$player_id . ", `post_text` = " . $db->quote($body) . ", `post_topic` = " . $db->quote($p_title) . ", `edit_date` = " . time() . " WHERE `id` = " . $db->quote($forum_section));
 					}
 
 					$action = $p_title = $body = $comments = $article_text = $article_image = '';
@@ -89,19 +87,19 @@ if(!empty($action))
 					success('Updated successful.');
 				}
 			}
-	}
+		} else if ($action == 'hide') {
-	else if($action == 'hide') {
+			if (News::toggleHide($id, $errors, $status)) {
-		if (News::toggleHidden($id, $errors, $status)) {
 				success(($status == 1 ? 'Hide' : 'Show') . ' successful.');
 			}
 		}
+	}
 
 	if(!empty($errors))
 		error(implode(", ", $errors));
 }
 
 $categories = array();
-foreach($db->query('SELECT `id`, `name`, `icon_id` FROM `' . TABLE_PREFIX . 'news_categories` WHERE `hidden` != 1') as $cat)
+foreach($db->query('SELECT `id`, `name`, `icon_id` FROM `' . TABLE_PREFIX . 'news_categories` WHERE `hide` != 1') as $cat)
 {
 	$categories[$cat['id']] = array(
 		'name' => $cat['name'],
@@ -144,12 +142,12 @@ foreach ($query as $_news) {
 
 	$newses[$_news['type']][] = array(
 		'id' => $_news['id'],
-		'hidden' => $_news['hidden'],
+		'hide' => $_news['hide'],
 		'archive_link' => getLink('news') . '/archive/' . $_news['id'],
 		'title' => $_news['title'],
 		'date' => $_news['date'],
-		'player_name' => isset($_player) && $_player->isLoaded() ? $_player->getName() : '',
+		'player_name' => $_player->isLoaded() ? $_player->getName() : '',
-		'player_link' => isset($_player) && $_player->isLoaded() ? getPlayerLink($_player->getName(), false) : '',
+		'player_link' => $_player->isLoaded() ? getPlayerLink($_player->getName(), false) : '',
 	);
 }
 

admin/pages/notepad.php

@@ -16,7 +16,7 @@ $title = 'Notepad';
 csrfProtect();
 
 /**
- * @var $account_logged OTS_Account
+ * @var OTS_Account $account_logged
  */
 $_content = '';
 $notepad = ModelsNotepad::where('account_id', $account_logged->getId())->first();

admin/pages/pages.php

@@ -36,7 +36,7 @@ const PAGE_TITLE_LIMIT = 30;
 const PAGE_NAME_LIMIT = 30;
 const PAGE_BODY_LIMIT = 65535; // maximum page body length
 
-if (!empty($action)) {
+if (!empty($action) && isRequestMethod('post')) {
 	if ($action == 'delete' || $action == 'edit' || $action == 'hide') {
 		$id = $_POST['id'];
 	}
@@ -97,7 +97,7 @@ if (!empty($action)) {
 			}
 		}
 	} else if ($action == 'hide') {
-		if (Pages::toggleHidden($id, $errors, $status)) {
+		if (Pages::toggleHide($id, $errors, $status)) {
 			success(($status == 0 ? 'Show' : 'Hide') . ' successful.');
 		}
 	}
@@ -112,7 +112,7 @@ $pages = ModelsPages::all()->map(function ($e) {
 		'title' => substr($e->title, 0, 20),
 		'php' => $e->php == '1',
 		'id' => $e->id,
-		'hidden' => $e->hidden
+		'hide' => $e->hide
 	];
 })->toArray();
 

admin/pages/players.php

@@ -8,6 +8,7 @@
  * @link      https://my-aac.org
  */
 
+use MyAAC\Forum;
 use MyAAC\Models\Player;
 
 defined('MYAAC') or die('Direct access not allowed!');
@@ -19,7 +20,6 @@ csrfProtect();
 $player_base = ADMIN_URL . '?p=players';
 
 $use_datatable = true;
-require_once LIBS . 'forum.php';
 
 $skills = array(
 	POT::SKILL_FIST => array('Fist fighting', 'fist'),
@@ -213,7 +213,7 @@ else if (isset($_REQUEST['search'])) {
 			}
 
 			$deleted = (isset($_POST['deleted']) && $_POST['deleted'] == 'true');
-			$hidden = (isset($_POST['hidden']) && $_POST['hidden'] == 'true');
+			$hide = (isset($_POST['hide']) && $_POST['hide'] == 'true');
 
 			$created = strtotime($_POST['created']);
 			verify_number($created, 'Created', 11);
@@ -290,7 +290,7 @@ else if (isset($_REQUEST['search'])) {
 					$player->setCustomField('deletion', $deleted ? '1' : '0');
 				else
 					$player->setCustomField('deleted', $deleted ? '1' : '0');
-				$player->setCustomField('hidden', $hidden ? '1' : '0');
+				$player->setCustomField('hide', $hide ? '1' : '0');
 				$player->setCustomField('created', $created);
 				if (isset($comment))
 					$player->setCustomField('comment', $comment);
@@ -375,7 +375,7 @@ else if (isset($_REQUEST['search'])) {
 						</li>
 					</ul>
 				</div>
-				<form action="<?php echo $player_base . ((isset($id) && $id > 0) ? '&id=' . $id : ''); ?>" method="post">
+				<form action="<?php echo $player_base . ($id > 0 ? '&id=' . $id : ''); ?>" method="post">
 					<?php csrf(); ?>
 					<div class="card-body">
 						<div class="tab-content" id="tabs-tabContent">
@@ -485,8 +485,8 @@ else if (isset($_REQUEST['search'])) {
 									</div>
 									<div class="col-12 col-sm-12 col-lg-6">
 										<div class="custom-control custom-switch custom-switch-on-success">
-											<input type="checkbox" class="custom-control-input" name="hidden" id="hidden" value="true" <?php echo($player->isHidden() ? ' checked' : ''); ?>>
+											<input type="checkbox" class="custom-control-input" name="hide" id="hide" value="true" <?php echo($player->isHidden() ? ' checked' : ''); ?>>
-											<label class="custom-control-label" for="hidden">Hidden</label>
+											<label class="custom-control-label" for="hide">Hidden</label>
 										</div>
 									</div>
 								</div>

admin/pages/plugins.php

@@ -7,6 +7,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Plugins;
+
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Plugin manager';
 
@@ -14,8 +17,6 @@ csrfProtect();
 
 $use_datatable = true;
 
-require_once LIBS . 'plugins.php';
-
 if (!getBoolean(setting('core.admin_plugins_manage_enable'))) {
 	warning('Plugin installation and management is disabled in Settings.<br/>If you wish to enable, go to Settings and enable <strong>Enable Plugins Manage</strong>.');
 }

admin/pages/settings.php

@@ -7,6 +7,10 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Plugins;
+use MyAAC\Settings;
+
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Settings';
 

admin/pages/visitors.php

@@ -12,6 +12,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 use DeviceDetector\DeviceDetector;
 use DeviceDetector\Parser\Client\Browser;
 use DeviceDetector\Parser\OperatingSystem;
+use MyAAC\Visitors;
 
 $title = 'Visitors';
 $use_datatable = true;
@@ -24,7 +25,6 @@ if (!setting('core.visitors_counter')): ?>
 	return;
 endif;
 
-require SYSTEM . 'libs/visitors.php';
 $visitors = new Visitors(setting('core.visitors_counter_ttl'));
 
 function compare($a, $b): int {

admin/template/menus.php

@@ -1,6 +1,6 @@
 <?php
 
-return [
+$menus = [
 	['name' => 'Dashboard', 'icon' => 'tachometer-alt', 'order' => 10, 'link' => 'dashboard'],
 	['name' => 'Settings', 'icon' => 'edit', 'order' => 19, 'link' =>
 		require ADMIN . 'includes/settings_menus.php'

admin/template/style.css

@@ -8,3 +8,8 @@
 .sidebar-mini.sidebar-collapse .menu-text {
 	display: none;
 }
+
+.myaac-table tbody tr:nth-child(even) {background: #FFF} /* light border */
+.myaac-table tbody tr:nth-child(odd) {background: #CCC} /* dark border */
+.myaac-table thead td {background: #000000; color: #ffffff !important;} /* vdark border */
+.myaac-table tfoot td {background: #000000; color: #ffffff !important;} /* vdark border */

admin/template/template.php

@@ -191,8 +191,8 @@ if ($logged && admin()) {
 	]);
 }
 ?>
-<script src="<?php echo BASE_URL; ?>tools/js/bootstrap.min.js"></script>
+<script src="<?php echo BASE_URL; ?>tools/ext/bootstrap/js/bootstrap.min.js"></script>
-<script src="<?php echo BASE_URL; ?>tools/js/jquery-ui.min.js"></script>
+<script src="<?php echo BASE_URL; ?>tools/ext/jquery-ui/jquery-ui.min.js"></script>
 <?php if (isset($use_datatable))  { ?>
 <script src="<?php echo BASE_URL; ?>tools/js/datatables.min.js"></script>
 <script src="<?php echo BASE_URL; ?>tools/js/datatables.bs.min.js"></script>

admin/tools/reload_data.php

@@ -22,7 +22,10 @@
  * @copyright 2020 MyAAC
  * @link      https://my-aac.org
  */
-define('MYAAC_ADMIN', true);
+
+use MyAAC\DataLoader;
+
+const MYAAC_ADMIN = true;
 
 require '../../common.php';
 require SYSTEM . 'functions.php';
@@ -34,11 +37,9 @@ if (!admin())
 
 ini_set('max_execution_time', 300);
 ob_implicit_flush();
-ob_end_flush();
+@ob_end_flush();
 header('X-Accel-Buffering: no');
 
-require LIBS . 'DataLoader.php';
-
 require LOCALE . 'en/main.php';
 require LOCALE . 'en/install.php';
 

admin/tools/settings_save.php

@@ -1,4 +1,8 @@
 <?php
+
+use MyAAC\Hooks;
+use MyAAC\Settings;
+
 const MYAAC_ADMIN = true;
 
 require '../../common.php';
@@ -6,11 +10,6 @@ require SYSTEM . 'functions.php';
 require SYSTEM . 'init.php';
 require SYSTEM . 'login.php';
 
-// event system
-require_once SYSTEM . 'hooks.php';
-$hooks = new Hooks();
-$hooks->load();
-
 if(!admin()) {
 	http_response_code(500);
 	die('Access denied.');

common.php

@@ -23,11 +23,11 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
-if (version_compare(phpversion(), '8.0', '<')) die('PHP version 8.0 or higher is required.');
+if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.0-dev';
+const MYAAC_VERSION = '1.0-beta';
-const DATABASE_VERSION = 38;
+const DATABASE_VERSION = 40;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
 define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));

composer.json

@@ -13,17 +13,19 @@
         "nikic/fast-route": "^1.3",
         "matomo/device-detector": "^6.0",
         "illuminate/database": "^10.18",
-        "illuminate/filesystem": "^10.18",
         "peppeocchi/php-cron-scheduler": "4.*",
-        "symfony/process": "^6.3"
+        "symfony/console": "^6.4",
+        "symfony/string": "^6.4"
     },
     "require-dev": {
         "filp/whoops": "^2.15",
-        "maximebf/debugbar": "dev-master"
+        "maximebf/debugbar": "dev-master",
+        "phpstan/phpstan": "^1.10"
     },
     "autoload": {
         "psr-4": {
             "MyAAC\\": "system/src"
-        }
+        },
+        "files": ["system/src/global.php"]
     }
 }

cypress/e2e/1-install.cy.js

@@ -38,7 +38,6 @@ describe('Install MyAAC', () => {
 		cy.contains('Basic configuration');
 
 		cy.get('#vars_server_path').click().clear().type(Cypress.env('SERVER_PATH'))
-		cy.get('#vars_mail_admin').click().clear().type('noone@example.net')
 
 		cy.get('[type="checkbox"]').uncheck() // usage statistics uncheck
 
@@ -70,6 +69,8 @@ describe('Install MyAAC', () => {
 
 		cy.contains('[class="alert alert-success"]', 'Congratulations', { timeout: 30000 }).should('be.visible')
 
+		cy.wait(2000);
+
 		cy.screenshot('install-finish')
 	})
 })

cypress/e2e/3-check-public-pages.cy.js

@@ -82,7 +82,7 @@ describe('Check Public Pages', () => {
 
 	it('Go to last kills page', () => {
 		cy.visit({
-			url: Cypress.env('URL') + '/lastkills',
+			url: Cypress.env('URL') + '/last-kills',
 			method: 'GET',
 		})
 	})
@@ -132,7 +132,7 @@ describe('Check Public Pages', () => {
 
 	it('Go to server info page', () => {
 		cy.visit({
-			url: Cypress.env('URL') + '/serverInfo',
+			url: Cypress.env('URL') + '/server-info',
 			method: 'GET',
 		})
 	})
@@ -160,7 +160,7 @@ describe('Check Public Pages', () => {
 
 	it('Go to experience table page', () => {
 		cy.visit({
-			url: Cypress.env('URL') + '/experienceTable',
+			url: Cypress.env('URL') + '/exp-table',
 			method: 'GET',
 		})
 	})

index.php

@@ -24,6 +24,9 @@
  * @link      https://my-aac.org
  */
 
+use MyAAC\UsageStatistics;
+use MyAAC\Visitors;
+
 require_once 'common.php';
 require_once SYSTEM . 'functions.php';
 
@@ -59,18 +62,13 @@ if(preg_match("/^(.*)\.(gif|jpg|png|jpeg|tiff|bmp|css|js|less|map|html|zip|rar|g
 if((!isset($config['installed']) || !$config['installed']) && file_exists(BASE . 'install'))
 {
 	header('Location: ' . BASE_URL . 'install/');
-	throw new RuntimeException('Setup detected that <b>install/</b> directory exists. Please visit <a href="' . BASE_URL . 'install">this</a> url to start MyAAC Installation.<br/>Delete <b>install/</b> directory if you already installed MyAAC.<br/>Remember to REFRESH this page when you\'re done!');
+	exit();
 }
 
 $template_place_holders = array();
 
 require_once SYSTEM . 'init.php';
 
-// verify myaac tables exists in database
-if(!$db->hasTable('myaac_account_actions')) {
-	throw new RuntimeException('Seems that the table <strong>myaac_account_actions</strong> of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting <a href="' . BASE_URL . 'install">this</a> url.');
-}
-
 require_once SYSTEM . 'template.php';
 require_once SYSTEM . 'login.php';
 require_once SYSTEM . 'status.php';
@@ -78,53 +76,6 @@ require_once SYSTEM . 'status.php';
 $twig->addGlobal('config', $config);
 $twig->addGlobal('status', $status);
 
-require_once SYSTEM . 'router.php';
-
-$hooks->trigger(HOOK_STARTUP);
-
-// anonymous usage statistics
-// sent only when user agrees
-if(setting('core.anonymous_usage_statistics')) {
-	$report_time = 30 * 24 * 60 * 60; // report one time per 30 days
-	$should_report = true;
-
-	$value = '';
-	if($cache->enabled() && $cache->fetch('last_usage_report', $value)) {
-		$should_report = time() > (int)$value + $report_time;
-	}
-	else {
-		$value = '';
-		if(fetchDatabaseConfig('last_usage_report', $value)) {
-			$should_report = time() > (int)$value + $report_time;
-			if($cache->enabled()) {
-				$cache->set('last_usage_report', $value);
-			}
-		}
-		else {
-			registerDatabaseConfig('last_usage_report', time() - ($report_time - (7 * 24 * 60 * 60))); // first report after a week
-			$should_report = false;
-		}
-	}
-
-	if($should_report) {
-		require_once LIBS . 'usage_statistics.php';
-		Usage_Statistics::report();
-
-		updateDatabaseConfig('last_usage_report', time());
-		if($cache->enabled()) {
-			$cache->set('last_usage_report', time());
-		}
-	}
-}
-
-if(setting('core.views_counter'))
-	require_once SYSTEM . 'counter.php';
-
-if(setting('core.visitors_counter')) {
-	require_once SYSTEM . 'libs/visitors.php';
-	$visitors = new Visitors(setting('core.visitors_counter_ttl'));
-}
-
 // backward support for gesior
 if(setting('core.backward_support')) {
 	define('INITIALIZED', true);
@@ -164,6 +115,51 @@ if(setting('core.backward_support')) {
 		$config['status']['serverStatus_' . $key] = $value;
 }
 
+require_once SYSTEM . 'router.php';
+
+$hooks->trigger(HOOK_STARTUP);
+
+// anonymous usage statistics
+// sent only when user agrees
+if(setting('core.anonymous_usage_statistics')) {
+	$report_time = 30 * 24 * 60 * 60; // report one time per 30 days
+	$should_report = true;
+
+	$value = '';
+	if($cache->enabled() && $cache->fetch('last_usage_report', $value)) {
+		$should_report = time() > (int)$value + $report_time;
+	}
+	else {
+		$value = '';
+		if(fetchDatabaseConfig('last_usage_report', $value)) {
+			$should_report = time() > (int)$value + $report_time;
+			if($cache->enabled()) {
+				$cache->set('last_usage_report', $value);
+			}
+		}
+		else {
+			registerDatabaseConfig('last_usage_report', time() - ($report_time - (7 * 24 * 60 * 60))); // first report after a week
+			$should_report = false;
+		}
+	}
+
+	if($should_report) {
+		UsageStatistics::report();
+
+		updateDatabaseConfig('last_usage_report', time());
+		if($cache->enabled()) {
+			$cache->set('last_usage_report', time());
+		}
+	}
+}
+
+if(setting('core.views_counter'))
+	require_once SYSTEM . 'counter.php';
+
+if(setting('core.visitors_counter')) {
+	$visitors = new Visitors(setting('core.visitors_counter_ttl'));
+}
+
 /**
  * @var OTS_Account $account_logged
  */

install/includes/functions.php

@@ -17,7 +17,7 @@ function query($query)
 
 // define php version id if its not already
 if(!defined('PHP_VERSION_ID')) {
-	$version = explode('.', PHP_VERSION);
+	$version = array_map('intval', explode('.', PHP_VERSION));
 
 	define('PHP_VERSION_ID', ($version[0] * 10000 + $version[1] * 100 + $version[2]));
 }

install/includes/schema.sql

@@ -1,4 +1,4 @@
-SET @myaac_database_version = 36;
+SET @myaac_database_version = 40;
 
 CREATE TABLE `myaac_account_actions`
 (
@@ -44,11 +44,11 @@ CREATE TABLE `myaac_changelog`
 	`where` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - server, 2 - site',
 	`date` INT(11) NOT NULL DEFAULT 0,
 	`player_id` INT(11) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
 
-INSERT INTO `myaac_changelog` (`id`, `type`, `where`, `date`, `body`, `hidden`) VALUES (1, 3, 2, UNIX_TIMESTAMP(), 'MyAAC installed. (:', 0);
+INSERT INTO `myaac_changelog` (`id`, `type`, `where`, `date`, `body`, `hide`) VALUES (1, 3, 2, UNIX_TIMESTAMP(), 'MyAAC installed. (:', 0);
 
 CREATE TABLE `myaac_config`
 (
@@ -67,7 +67,7 @@ CREATE TABLE `myaac_faq`
 	`question` VARCHAR(255) NOT NULL DEFAULT '',
 	`answer` VARCHAR(1020) NOT NULL DEFAULT '',
 	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
 
@@ -80,7 +80,7 @@ CREATE TABLE `myaac_forum_boards`
 	`guild` INT(11) NOT NULL DEFAULT 0,
 	`access` INT(11) NOT NULL DEFAULT 0,
 	`closed` TINYINT(1) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`, `closed`) VALUES (NULL, 'News', 'News commenting', 0, 1);
@@ -129,7 +129,7 @@ CREATE TABLE `myaac_menu`
 
 CREATE TABLE `myaac_monsters` (
 	`id` int(11) NOT NULL AUTO_INCREMENT,
-	`hidden` tinyint(1) NOT NULL default 0,
+	`hide` tinyint(1) NOT NULL default 0,
 	`name` varchar(255) NOT NULL,
 	`mana` int(11) NOT NULL DEFAULT 0,
 	`exp` int(11) NOT NULL,
@@ -174,7 +174,7 @@ CREATE TABLE `myaac_news`
 	`comments` VARCHAR(50) NOT NULL DEFAULT '',
 	`article_text` VARCHAR(300) NOT NULL DEFAULT '',
 	`article_image` VARCHAR(100) NOT NULL DEFAULT '',
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
 
@@ -184,7 +184,7 @@ CREATE TABLE `myaac_news_categories`
 	`name` VARCHAR(50) NOT NULL DEFAULT "",
 	`description` VARCHAR(50) NOT NULL DEFAULT "",
 	`icon_id` INT(2) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
 
@@ -215,7 +215,7 @@ CREATE TABLE `myaac_pages`
 	`php` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '0 - plain html, 1 - php',
 	`enable_tinymce` TINYINT(1) NOT NULL DEFAULT 1 COMMENT '1 - enabled, 0 - disabled',
 	`access` TINYINT(2) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
@@ -228,7 +228,7 @@ CREATE TABLE `myaac_gallery`
 	`thumb` VARCHAR(255) NOT NULL,
 	`author` VARCHAR(50) NOT NULL DEFAULT '',
 	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
 
@@ -262,7 +262,7 @@ CREATE TABLE `myaac_spells`
 	`item_id` INT(11) NOT NULL DEFAULT 0,
 	`premium` TINYINT(1) NOT NULL DEFAULT 0,
 	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
-	`hidden` TINYINT(1) NOT NULL DEFAULT 0,
+	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

install/index.php

@@ -12,7 +12,6 @@ require SYSTEM . 'functions.php';
 require BASE . 'install/includes/functions.php';
 require BASE . 'install/includes/locale.php';
 require SYSTEM . 'clients.conf.php';
-require LIBS . 'Settings.php';
 
 // ignore undefined index from Twig autoloader
 $config['env'] = 'prod';

install/steps/5-database.php

@@ -1,4 +1,7 @@
 <?php
+
+use MyAAC\Settings;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 //ini_set('display_errors', false);

install/steps/7-finish.php

@@ -1,4 +1,7 @@
 <?php
+
+use MyAAC\Settings;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 ini_set('max_execution_time', 300);
@@ -110,8 +113,8 @@ else {
 
 		$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX ."news` WHERE `title` LIKE 'Hello!';");
 		if($query->rowCount() == 0) {
-			if(query("INSERT INTO `" . TABLE_PREFIX ."news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hidden`) VALUES (NULL, '1', UNIX_TIMESTAMP(), '2', 'Hello!', 'MyAAC is just READY to use!', " . $player_id . ", 'https://my-aac.org', '0');
+			if(query("INSERT INTO `" . TABLE_PREFIX ."news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hide`) VALUES (NULL, '1', UNIX_TIMESTAMP(), '2', 'Hello!', 'MyAAC is just READY to use!', " . $player_id . ", 'https://my-aac.org', '0');
-	INSERT INTO `myaac_news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hidden`) VALUES (NULL, '2', UNIX_TIMESTAMP(), '4', 'Hello tickets!', 'https://my-aac.org', " . $player_id . ", '', '0');")) {
+	INSERT INTO `myaac_news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hide`) VALUES (NULL, '2', UNIX_TIMESTAMP(), '4', 'Hello tickets!', 'https://my-aac.org', " . $player_id . ", '', '0');")) {
 				success($locale['step_database_created_news']);
 			}
 		}

install/template/template.php

@@ -6,7 +6,7 @@
 	<title>MyAAC - <?php echo $locale['installation']; ?></title>
 	<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-rbsA2VBKQhggwzxH7pPCaAqO46MgnOM80zW1RWuH61DGLwZJEdK2Kadq2F9CUG65" crossorigin="anonymous">
 	<link rel="stylesheet" type="text/css" href="template/style.css" />
-	<script type="text/javascript" src="<?php echo BASE_URL; ?>tools/js/jquery.min.js"></script>
+	<script type="text/javascript" src="<?php echo BASE_URL; ?>tools/ext/jquery/jquery.min.js"></script>
 </head>
 <body>
 

install/tools/5-database.php

@@ -11,8 +11,10 @@ $error = false;
 require BASE . 'install/includes/config.php';
 
 ini_set('max_execution_time', 300);
+
+@ob_end_flush();
 ob_implicit_flush();
-ob_end_flush();
+
 header('X-Accel-Buffering: no');
 
 if(!$error) {
@@ -178,17 +180,17 @@ if(!$db->hasColumn('players', 'deleted') && !$db->hasColumn('players', 'deletion
 }
 
 if($db->hasColumn('players', 'hide_char')) {
-	if(!$db->hasColumn('players', 'hidden')) {
+	if(!$db->hasColumn('players', 'hide')) {
-		if(query("ALTER TABLE `players` CHANGE `hide_char` `hidden` TINYINT(1) NOT NULL DEFAULT 0;")) {
+		if(query("ALTER TABLE `players` CHANGE `hide_char` `hide` TINYINT(1) NOT NULL DEFAULT 0;")) {
 			$tmp = str_replace('$FIELD$', 'players.hide_char', $locale['step_database_changing_field']);
-			$tmp = str_replace('$FIELD_NEW$', 'players.hidden', $tmp);
+			$tmp = str_replace('$FIELD_NEW$', 'players.hide', $tmp);
 			success($tmp);
 		}
 	}
 }
-else if(!$db->hasColumn('players', 'hidden')) {
+else if(!$db->hasColumn('players', 'hide')) {
-	if(query("ALTER TABLE `players` ADD `hidden` TINYINT(1) NOT NULL DEFAULT 0;"))
+	if(query("ALTER TABLE `players` ADD `hide` TINYINT(1) NOT NULL DEFAULT 0;"))
-		success($locale['step_database_adding_field'] . ' players.hidden...');
+		success($locale['step_database_adding_field'] . ' players.hide...');
 }
 
 if(!$db->hasColumn('players', 'comment')) {

install/tools/7-finish.php

@@ -1,6 +1,10 @@
 <?php
 define('MYAAC_INSTALL', true);
 
+use MyAAC\DataLoader;
+use MyAAC\Models\FAQ as ModelsFAQ;
+use MyAAC\Plugins;
+
 require_once '../../common.php';
 
 require SYSTEM . 'functions.php';
@@ -8,8 +12,10 @@ require BASE . 'install/includes/functions.php';
 require BASE . 'install/includes/locale.php';
 
 ini_set('max_execution_time', 300);
+
+@ob_end_flush();
 ob_implicit_flush();
-ob_end_flush();
+
 header('X-Accel-Buffering: no');
 /*
 if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
@@ -29,7 +35,7 @@ function insert_sample_if_not_exist($p) {
 
 	$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote($p['name']));
 	if($query->rowCount() == 0) {
-		if(!query("INSERT INTO `players` (`id`, `name`, `group_id`, `account_id`, `level`, `vocation`, `health`, `healthmax`, `experience`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`, `maglevel`, `mana`, `manamax`, `manaspent`, `soul`, `town_id`, `posx`, `posy`, `posz`, `conditions`, `cap`, `sex`, `lastlogin`, `lastip`, `save`, `lastlogout`, `balance`, `$deleted`, `created`, `hidden`, `comment`) VALUES (null, " . $db->quote($p['name']) . ", 1, " . getSession('account') . ", " . $p['level'] . ", " . $p['vocation_id'] . ", " . $p['health'] . ", " . $p['healthmax'] . ", " . $p['experience'] . ", 118, 114, 38, 57, " . $p['looktype'] . ", 0, " . $p['mana'] . ", " . $p['manamax'] . ", 0, " . $p['soul'] . ", 1, 1000, 1000, 7, '', " . $p['cap'] . ", 1, " . $time . ", 2130706433, 1, " . $time . ", 0, 0, " . $time . ", 1, '');"))
+		if(!query("INSERT INTO `players` (`id`, `name`, `group_id`, `account_id`, `level`, `vocation`, `health`, `healthmax`, `experience`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`, `maglevel`, `mana`, `manamax`, `manaspent`, `soul`, `town_id`, `posx`, `posy`, `posz`, `conditions`, `cap`, `sex`, `lastlogin`, `lastip`, `save`, `lastlogout`, `balance`, `$deleted`, `created`, `hide`, `comment`) VALUES (null, " . $db->quote($p['name']) . ", 1, " . getSession('account') . ", " . $p['level'] . ", " . $p['vocation_id'] . ", " . $p['health'] . ", " . $p['healthmax'] . ", " . $p['experience'] . ", 118, 114, 38, 57, " . $p['looktype'] . ", 0, " . $p['mana'] . ", " . $p['manamax'] . ", 0, " . $p['soul'] . ", 1, 1000, 1000, 7, '', " . $p['cap'] . ", 1, " . $time . ", 2130706433, 1, " . $time . ", 0, 0, " . $time . ", 1, '');"))
 			$success = false;
 	}
 }
@@ -45,11 +51,9 @@ if($success) {
 	success($locale['step_database_imported_players']);
 }
 
-require_once LIBS . 'plugins.php';
 Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
 Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
 
-require LIBS . 'DataLoader.php';
 DataLoader::setLocale($locale);
 DataLoader::load();
 
@@ -63,7 +67,9 @@ require_once SYSTEM . 'migrations/22.php';
 require_once SYSTEM . 'migrations/27.php';
 require_once SYSTEM . 'migrations/30.php';
 
-use MyAAC\Models\FAQ as ModelsFAQ;
+// new monster columns
+require_once SYSTEM . 'migrations/31.php';
+
 if(ModelsFAQ::count() == 0) {
 	ModelsFAQ::create([
 		'question' => 'What is this?',
@@ -71,6 +77,8 @@ if(ModelsFAQ::count() == 0) {
 	]);
 }
 
+$db->setClearCacheAfter(true);
+
 $locale['step_finish_desc'] = str_replace('$ADMIN_PANEL$', generateLink(str_replace('tools/', '',ADMIN_URL), $locale['step_finish_admin_panel'], true), $locale['step_finish_desc']);
 $locale['step_finish_desc'] = str_replace('$HOMEPAGE$', generateLink(str_replace('tools/', '', BASE_URL), $locale['step_finish_homepage'], true), $locale['step_finish_desc']);
 $locale['step_finish_desc'] = str_replace('$LINK$', generateLink('https://my-aac.org', 'https://my-aac.org', true), $locale['step_finish_desc']);

nginx-sample.conf

@@ -25,7 +25,7 @@ server {
 	}
 
 	location / {
-		try_files $uri $uri/ /index.php;
+		try_files $uri $uri/ /index.php?$query_string;;
 	}
 
 	location ~ \.php$ {

npm-post-install.js

@@ -0,0 +1,16 @@
+const fse = require('fs-extra');
+const path = require('path');
+
+const nodeModulesDir = path.join(__dirname, 'node_modules');
+const publicDir = path.join(__dirname, 'tools/ext');
+
+fse.emptyDirSync(path.join(publicDir, 'jquery'));
+fse.emptyDirSync(path.join(publicDir, 'jquery-ui'));
+fse.emptyDirSync(path.join(publicDir, 'bootstrap'));
+fse.emptyDirSync(path.join(publicDir, 'tinymce'));
+fse.emptyDirSync(path.join(publicDir, 'tinymce-jquery'));
+fse.copySync(path.join(nodeModulesDir, 'jquery', 'dist'), path.join(publicDir, 'jquery'), { overwrite: true });
+fse.copySync(path.join(nodeModulesDir, 'jquery-ui', 'dist'), path.join(publicDir, 'jquery-ui'), { overwrite: true });
+fse.copySync(path.join(nodeModulesDir, 'bootstrap', 'dist'), path.join(publicDir, 'bootstrap'), { overwrite: true });
+fse.copySync(path.join(nodeModulesDir, 'tinymce'), path.join(publicDir, 'tinymce'), { overwrite: true });
+fse.copySync(path.join(nodeModulesDir, '@tinymce', 'tinymce-jquery', 'dist'), path.join(publicDir, 'tinymce-jquery'), { overwrite: true });

package-lock.json

@@ -4,6 +4,15 @@
   "requires": true,
   "packages": {
     "": {
+      "hasInstallScript": true,
+      "dependencies": {
+        "@tinymce/tinymce-jquery": "^2.1.0",
+        "bootstrap": "^4.6.2",
+        "fs-extra": "^11.2.0",
+        "jquery": "^3.7.1",
+        "jquery-ui": "^1.13.2",
+        "tinymce": "^6.8.3"
+      },
       "devDependencies": {
         "cypress": "^12.12.0"
       }
@@ -19,9 +28,9 @@
       }
     },
     "node_modules/@cypress/request": {
-      "version": "2.88.11",
+      "version": "2.88.12",
-      "resolved": "https://registry.npmjs.org/@cypress/request/-/request-2.88.11.tgz",
+      "resolved": "https://registry.npmjs.org/@cypress/request/-/request-2.88.12.tgz",
-      "integrity": "sha512-M83/wfQ1EkspjkE2lNWNV5ui2Cv7UCv1swW1DqljahbzLVWltcsexQh8jYtuS/vzFXP+HySntGM83ZXA9fn17w==",
+      "integrity": "sha512-tOn+0mDZxASFM+cuAP9szGUGPI1HwWVSvdzm7V4cCsPdFTx6qMj29CwaQmRAMIEhORIUBFBsYROYJcveK4uOjA==",
       "dev": true,
       "dependencies": {
         "aws-sign2": "~0.7.0",
@@ -39,7 +48,7 @@
         "performance-now": "^2.1.0",
         "qs": "~6.10.3",
         "safe-buffer": "^5.1.2",
-        "tough-cookie": "~2.5.0",
+        "tough-cookie": "^4.1.3",
         "tunnel-agent": "^0.6.0",
         "uuid": "^8.3.2"
       },
@@ -66,10 +75,15 @@
         "ms": "^2.1.1"
       }
     },
+    "node_modules/@tinymce/tinymce-jquery": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/@tinymce/tinymce-jquery/-/tinymce-jquery-2.1.0.tgz",
+      "integrity": "sha512-ynfgfL/n5/Us7h3AnJL3mAwsShuE/USvAJFOdilJDkZuVCypWSwVVo3E3wIqSzDGvqyU+293ok1+sD+jxraT8w=="
+    },
     "node_modules/@types/node": {
-      "version": "14.18.47",
+      "version": "16.18.82",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-14.18.47.tgz",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-16.18.82.tgz",
-      "integrity": "sha512-OuJi8bIng4wYHHA3YpKauL58dZrPxro3d0tabPHyiNF8rKfGKuVfr83oFlPLmKri1cX+Z3cJP39GXmnqkP11Gw==",
+      "integrity": "sha512-pcDZtkx9z8XYV+ius2P3Ot2VVrcYOfXffBQUBuiszrlUzKSmoDYqo+mV+IoL8iIiIjjtOMvNSmH1hwJ+Q+f96Q==",
       "dev": true
     },
     "node_modules/@types/sinonjs__fake-timers": {
@@ -79,15 +93,15 @@
       "dev": true
     },
     "node_modules/@types/sizzle": {
-      "version": "2.3.3",
+      "version": "2.3.8",
-      "resolved": "https://registry.npmjs.org/@types/sizzle/-/sizzle-2.3.3.tgz",
+      "resolved": "https://registry.npmjs.org/@types/sizzle/-/sizzle-2.3.8.tgz",
-      "integrity": "sha512-JYM8x9EGF163bEyhdJBpR2QX1R5naCJHC8ucJylJ3w9/CVBaskdQ8WqBf8MmQrd1kRvp/a4TS8HJ+bxzR7ZJYQ==",
+      "integrity": "sha512-0vWLNK2D5MT9dg0iOo8GlKguPAU02QjmZitPEsXRuJXU/OGIOt9vT9Fc26wtYuavLxtO45v9PGleoL9Z0k1LHg==",
       "dev": true
     },
     "node_modules/@types/yauzl": {
-      "version": "2.10.0",
+      "version": "2.10.3",
-      "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.10.0.tgz",
+      "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.10.3.tgz",
-      "integrity": "sha512-Cn6WYCm0tXv8p6k+A8PvbDG763EDpBoTzHdA+Q/MF6H3sapGjCm9NzoaJncJS9tUKSuCoDs9XHxYYsQDgxR6kw==",
+      "integrity": "sha512-oJoftv0LSuaDZE3Le4DbKX+KS9G36NzOeSap90UIK0yMA/NhKJhqlSGtNDORNRaIbQfzjXDrQa0ytJ6mNRGz/Q==",
       "dev": true,
       "optional": true,
       "dependencies": {
@@ -203,9 +217,9 @@
       }
     },
     "node_modules/async": {
-      "version": "3.2.4",
+      "version": "3.2.5",
-      "resolved": "https://registry.npmjs.org/async/-/async-3.2.4.tgz",
+      "resolved": "https://registry.npmjs.org/async/-/async-3.2.5.tgz",
-      "integrity": "sha512-iAB+JbDEGXhyIUavoDl9WP/Jj106Kz9DEn1DPgYw5ruDn0e3Wgi3sKFm55sASdGBNOQB8F59d9qQ7deqrHA8wQ==",
+      "integrity": "sha512-baNZyqaaLhyLVKm/DlvdW051MSgO6b8eVfIezl9E5PqWxFgzLm/wQntEW4zOytVburDEr0JlALEpdOFwvErLsg==",
       "dev": true
     },
     "node_modules/asynckit": {
@@ -285,6 +299,25 @@
       "integrity": "sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==",
       "dev": true
     },
+    "node_modules/bootstrap": {
+      "version": "4.6.2",
+      "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.6.2.tgz",
+      "integrity": "sha512-51Bbp/Uxr9aTuy6ca/8FbFloBUJZLHwnhTcnjIeRn2suQWsWzcuJhGjKDB5eppVte/8oCdOL3VuwxvZDUggwGQ==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/twbs"
+        },
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/bootstrap"
+        }
+      ],
+      "peerDependencies": {
+        "jquery": "1.9.1 - 3",
+        "popper.js": "^1.16.1"
+      }
+    },
     "node_modules/brace-expansion": {
       "version": "1.1.11",
       "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
@@ -329,22 +362,28 @@
       }
     },
     "node_modules/cachedir": {
-      "version": "2.3.0",
+      "version": "2.4.0",
-      "resolved": "https://registry.npmjs.org/cachedir/-/cachedir-2.3.0.tgz",
+      "resolved": "https://registry.npmjs.org/cachedir/-/cachedir-2.4.0.tgz",
-      "integrity": "sha512-A+Fezp4zxnit6FanDmv9EqXNAi3vt9DWp51/71UEhXukb7QUuvtv9344h91dyAxuTLoSYJFU299qzR3tzwPAhw==",
+      "integrity": "sha512-9EtFOZR8g22CL7BWjJ9BUx1+A/djkofnyW3aOXZORNW2kxoUpx2h+uN2cOqwPmFhnpVmxg+KW2OjOSgChTEvsQ==",
       "dev": true,
       "engines": {
         "node": ">=6"
       }
     },
     "node_modules/call-bind": {
-      "version": "1.0.2",
+      "version": "1.0.7",
-      "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.2.tgz",
+      "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz",
-      "integrity": "sha512-7O+FbCihrB5WGbFYesctwmTKae6rOiIzmz1icreWJ+0aA7LJfuqhEso2T9ncpcFtzMQtzXf2QGGueWJGTYsqrA==",
+      "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==",
       "dev": true,
       "dependencies": {
-        "function-bind": "^1.1.1",
+        "es-define-property": "^1.0.0",
-        "get-intrinsic": "^1.0.2"
+        "es-errors": "^1.3.0",
+        "function-bind": "^1.1.2",
+        "get-intrinsic": "^1.2.4",
+        "set-function-length": "^1.2.1"
+      },
+      "engines": {
+        "node": ">= 0.4"
       },
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
@@ -394,9 +433,9 @@
       }
     },
     "node_modules/ci-info": {
-      "version": "3.8.0",
+      "version": "3.9.0",
-      "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.8.0.tgz",
+      "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz",
-      "integrity": "sha512-eXTggHWSooYhq49F2opQhuHWgzucfF2YgODK4e1566GQs5BIfP30B0oenwBJHfWxAs2fyPB1s7Mg949zLf61Yw==",
+      "integrity": "sha512-NIxF55hv4nSqQswkAeiOi1r83xy8JldOFDTWiug55KBu9Jnblncd2U6ViHmYgHf01TPZS77NJBhBMKdWj9HQMQ==",
       "dev": true,
       "funding": [
         {
@@ -541,15 +580,15 @@
       }
     },
     "node_modules/cypress": {
-      "version": "12.12.0",
+      "version": "12.17.4",
-      "resolved": "https://registry.npmjs.org/cypress/-/cypress-12.12.0.tgz",
+      "resolved": "https://registry.npmjs.org/cypress/-/cypress-12.17.4.tgz",
-      "integrity": "sha512-UU5wFQ7SMVCR/hyKok/KmzG6fpZgBHHfrXcHzDmPHWrT+UUetxFzQgt7cxCszlwfozckzwkd22dxMwl/vNkWRw==",
+      "integrity": "sha512-gAN8Pmns9MA5eCDFSDJXWKUpaL3IDd89N9TtIupjYnzLSmlpVr+ZR+vb4U/qaMp+lB6tBvAmt7504c3Z4RU5KQ==",
       "dev": true,
       "hasInstallScript": true,
       "dependencies": {
-        "@cypress/request": "^2.88.10",
+        "@cypress/request": "2.88.12",
         "@cypress/xvfb": "^1.2.4",
-        "@types/node": "^14.14.31",
+        "@types/node": "^16.18.39",
         "@types/sinonjs__fake-timers": "8.1.1",
         "@types/sizzle": "^2.3.2",
         "arch": "^2.2.0",
@@ -582,9 +621,10 @@
         "minimist": "^1.2.8",
         "ospath": "^1.2.2",
         "pretty-bytes": "^5.6.0",
+        "process": "^0.11.10",
         "proxy-from-env": "1.0.0",
         "request-progress": "^3.0.0",
-        "semver": "^7.3.2",
+        "semver": "^7.5.3",
         "supports-color": "^8.1.1",
         "tmp": "~0.2.1",
         "untildify": "^4.0.0",
@@ -597,6 +637,21 @@
         "node": "^14.0.0 || ^16.0.0 || >=18.0.0"
       }
     },
+    "node_modules/cypress/node_modules/fs-extra": {
+      "version": "9.1.0",
+      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
+      "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
+      "dev": true,
+      "dependencies": {
+        "at-least-node": "^1.0.0",
+        "graceful-fs": "^4.2.0",
+        "jsonfile": "^6.0.1",
+        "universalify": "^2.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
     "node_modules/dashdash": {
       "version": "1.14.1",
       "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz",
@@ -610,9 +665,9 @@
       }
     },
     "node_modules/dayjs": {
-      "version": "1.11.7",
+      "version": "1.11.10",
-      "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.7.tgz",
+      "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.10.tgz",
-      "integrity": "sha512-+Yw9U6YO5TQohxLcIkrXBeY73WP3ejHWVvx8XCk3gxvQDCTEmS48ZrSZCKciI7Bhl/uCMyxYtE9UqRILmFphkQ==",
+      "integrity": "sha512-vjAczensTgRcqDERK0SR2XMwsF/tSvnvlv6VcF2GIhg6Sx4yOIt/irsr1RDJsKiIyBzJDpCoXiWWq28MqH2cnQ==",
       "dev": true
     },
     "node_modules/debug": {
@@ -632,6 +687,23 @@
         }
       }
     },
+    "node_modules/define-data-property": {
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz",
+      "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==",
+      "dev": true,
+      "dependencies": {
+        "es-define-property": "^1.0.0",
+        "es-errors": "^1.3.0",
+        "gopd": "^1.0.1"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/delayed-stream": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
@@ -667,17 +739,39 @@
       }
     },
     "node_modules/enquirer": {
-      "version": "2.3.6",
+      "version": "2.4.1",
-      "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz",
+      "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.4.1.tgz",
-      "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==",
+      "integrity": "sha512-rRqJg/6gd538VHvR3PSrdRBb/1Vy2YfzHqzvbhGIQpDRKIa4FgV/54b5Q1xYSxOOwKvjXweS26E0Q+nAMwp2pQ==",
       "dev": true,
       "dependencies": {
-        "ansi-colors": "^4.1.1"
+        "ansi-colors": "^4.1.1",
+        "strip-ansi": "^6.0.1"
       },
       "engines": {
         "node": ">=8.6"
       }
     },
+    "node_modules/es-define-property": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz",
+      "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==",
+      "dev": true,
+      "dependencies": {
+        "get-intrinsic": "^1.2.4"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/es-errors": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz",
+      "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==",
+      "dev": true,
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
     "node_modules/escape-string-regexp": {
       "version": "1.0.5",
       "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
@@ -811,18 +905,16 @@
       }
     },
     "node_modules/fs-extra": {
-      "version": "9.1.0",
+      "version": "11.2.0",
-      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
+      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.2.0.tgz",
-      "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
+      "integrity": "sha512-PmDi3uwK5nFuXh7XDTlVnS17xJS7vW36is2+w3xcv8SVxiB4NyATf4ctkVY5bkSjX0Y4nbvZCq1/EjtEyr9ktw==",
-      "dev": true,
       "dependencies": {
-        "at-least-node": "^1.0.0",
         "graceful-fs": "^4.2.0",
         "jsonfile": "^6.0.1",
         "universalify": "^2.0.0"
       },
       "engines": {
-        "node": ">=10"
+        "node": ">=14.14"
       }
     },
     "node_modules/fs.realpath": {
@@ -832,21 +924,28 @@
       "dev": true
     },
     "node_modules/function-bind": {
-      "version": "1.1.1",
+      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz",
+      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz",
-      "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==",
+      "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==",
-      "dev": true
+      "dev": true,
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
     },
     "node_modules/get-intrinsic": {
-      "version": "1.2.1",
+      "version": "1.2.4",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz",
-      "integrity": "sha512-2DcsyfABl+gVHEfCOaTrWgyt+tb6MSEGmKq+kI5HwLbIYgjgmMcV8KQ41uaKz1xxUcn9tJtgFbQUEVcEbd0FYw==",
+      "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==",
       "dev": true,
       "dependencies": {
-        "function-bind": "^1.1.1",
+        "es-errors": "^1.3.0",
-        "has": "^1.0.3",
+        "function-bind": "^1.1.2",
         "has-proto": "^1.0.1",
-        "has-symbols": "^1.0.3"
+        "has-symbols": "^1.0.3",
+        "hasown": "^2.0.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
       },
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
@@ -920,23 +1019,22 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
+    "node_modules/gopd": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz",
+      "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==",
+      "dev": true,
+      "dependencies": {
+        "get-intrinsic": "^1.1.3"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/graceful-fs": {
       "version": "4.2.11",
       "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz",
-      "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==",
+      "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ=="
-      "dev": true
-    },
-    "node_modules/has": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz",
-      "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==",
-      "dev": true,
-      "dependencies": {
-        "function-bind": "^1.1.1"
-      },
-      "engines": {
-        "node": ">= 0.4.0"
-      }
     },
     "node_modules/has-flag": {
       "version": "4.0.0",
@@ -947,6 +1045,18 @@
         "node": ">=8"
       }
     },
+    "node_modules/has-property-descriptors": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz",
+      "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==",
+      "dev": true,
+      "dependencies": {
+        "es-define-property": "^1.0.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/has-proto": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
@@ -971,6 +1081,18 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/hasown": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.1.tgz",
+      "integrity": "sha512-1/th4MHjnwncwXsIW6QMzlvYL9kG5e/CpVvLRZe4XPa8TOUNbCELqmvhDmnkNsAjwaG4+I8gJJL0JBvTTLO9qA==",
+      "dev": true,
+      "dependencies": {
+        "function-bind": "^1.1.2"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
     "node_modules/http-signature": {
       "version": "1.3.6",
       "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.3.6.tgz",
@@ -1136,6 +1258,19 @@
       "integrity": "sha512-Yljz7ffyPbrLpLngrMtZ7NduUgVvi6wG9RJ9IUcyCd59YQ911PBJphODUcbOVbqYfxe1wuYf/LJ8PauMRwsM/g==",
       "dev": true
     },
+    "node_modules/jquery": {
+      "version": "3.7.1",
+      "resolved": "https://registry.npmjs.org/jquery/-/jquery-3.7.1.tgz",
+      "integrity": "sha512-m4avr8yL8kmFN8psrbFFFmB/If14iN5o9nw/NgnnM+kybDJpRsAynV2BsfpTYrTRysYUdADVD7CkUUizgkpLfg=="
+    },
+    "node_modules/jquery-ui": {
+      "version": "1.13.2",
+      "resolved": "https://registry.npmjs.org/jquery-ui/-/jquery-ui-1.13.2.tgz",
+      "integrity": "sha512-wBZPnqWs5GaYJmo1Jj0k/mrSkzdQzKDwhXNtHKcBdAcKVxMM3KNYFq+iJ2i1rwiG53Z8M4mTn3Qxrm17uH1D4Q==",
+      "dependencies": {
+        "jquery": ">=1.8.0 <4.0.0"
+      }
+    },
     "node_modules/jsbn": {
       "version": "0.1.1",
       "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz",
@@ -1158,7 +1293,6 @@
       "version": "6.1.0",
       "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
       "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-      "dev": true,
       "dependencies": {
         "universalify": "^2.0.0"
       },
@@ -1382,9 +1516,9 @@
       }
     },
     "node_modules/object-inspect": {
-      "version": "1.12.3",
+      "version": "1.13.1",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.3.tgz",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz",
-      "integrity": "sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g==",
+      "integrity": "sha512-5qoj1RUiKOMsCCNLV1CBiPYE10sziTsnmNxkAI/rZhiD63CF7IqdFGC/XzjWjpSgLf0LxXX3bDFIh0E18f6UhQ==",
       "dev": true,
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
@@ -1474,6 +1608,17 @@
         "node": ">=0.10.0"
       }
     },
+    "node_modules/popper.js": {
+      "version": "1.16.1",
+      "resolved": "https://registry.npmjs.org/popper.js/-/popper.js-1.16.1.tgz",
+      "integrity": "sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==",
+      "deprecated": "You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1",
+      "peer": true,
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/popperjs"
+      }
+    },
     "node_modules/pretty-bytes": {
       "version": "5.6.0",
       "resolved": "https://registry.npmjs.org/pretty-bytes/-/pretty-bytes-5.6.0.tgz",
@@ -1486,6 +1631,15 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
+    "node_modules/process": {
+      "version": "0.11.10",
+      "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz",
+      "integrity": "sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==",
+      "dev": true,
+      "engines": {
+        "node": ">= 0.6.0"
+      }
+    },
     "node_modules/proxy-from-env": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.0.0.tgz",
@@ -1509,9 +1663,9 @@
       }
     },
     "node_modules/punycode": {
-      "version": "2.3.0",
+      "version": "2.3.1",
-      "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.0.tgz",
+      "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz",
-      "integrity": "sha512-rRV+zQD8tVFys26lAGR9WUuS4iUAngJScM+ZRSKtvl5tKeZ2t5bvdNFdNHBW9FWR4guGHlgmsZ1G7BSm2wTbuA==",
+      "integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==",
       "dev": true,
       "engines": {
         "node": ">=6"
@@ -1532,6 +1686,12 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/querystringify": {
+      "version": "2.2.0",
+      "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-2.2.0.tgz",
+      "integrity": "sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ==",
+      "dev": true
+    },
     "node_modules/request-progress": {
       "version": "3.0.0",
       "resolved": "https://registry.npmjs.org/request-progress/-/request-progress-3.0.0.tgz",
@@ -1541,6 +1701,12 @@
         "throttleit": "^1.0.0"
       }
     },
+    "node_modules/requires-port": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz",
+      "integrity": "sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ==",
+      "dev": true
+    },
     "node_modules/restore-cursor": {
       "version": "3.1.0",
       "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz",
@@ -1555,9 +1721,9 @@
       }
     },
     "node_modules/rfdc": {
-      "version": "1.3.0",
+      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/rfdc/-/rfdc-1.3.0.tgz",
+      "resolved": "https://registry.npmjs.org/rfdc/-/rfdc-1.3.1.tgz",
-      "integrity": "sha512-V2hovdzFbOi77/WajaSMXk2OLm+xNIeQdMMuB7icj7bk6zi2F8GGAxigcnDFpJHbNyNcgyJDiP+8nOrY5cZGrA==",
+      "integrity": "sha512-r5a3l5HzYlIC68TpmYKlxWjmOP6wiPJ1vWv2HeLhNsRZMrCkxeqxiHlQ21oXmQ4F3SiryXBHhAD7JZqvOJjFmg==",
       "dev": true
     },
     "node_modules/rimraf": {
@@ -1611,9 +1777,9 @@
       "dev": true
     },
     "node_modules/semver": {
-      "version": "7.5.1",
+      "version": "7.6.0",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.1.tgz",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.0.tgz",
-      "integrity": "sha512-Wvss5ivl8TMRZXXESstBA4uR5iXgEN/VC5/sOcuXdVLzcdkz4HWetIoRfG5gb5X+ij/G9rw9YoGn3QoQ8OCSpw==",
+      "integrity": "sha512-EnwXhrlwXMk9gKu5/flx5sv/an57AkRplG3hTK68W7FRDN+k+OWBj65M7719OkA82XLBxrcX0KSHj+X5COhOVg==",
       "dev": true,
       "dependencies": {
         "lru-cache": "^6.0.0"
@@ -1625,6 +1791,23 @@
         "node": ">=10"
       }
     },
+    "node_modules/set-function-length": {
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.1.tgz",
+      "integrity": "sha512-j4t6ccc+VsKwYHso+kElc5neZpjtq9EnRICFZtWyBsLojhmeF/ZBd/elqm22WJh/BziDe/SBiOeAt0m2mfLD0g==",
+      "dev": true,
+      "dependencies": {
+        "define-data-property": "^1.1.2",
+        "es-errors": "^1.3.0",
+        "function-bind": "^1.1.2",
+        "get-intrinsic": "^1.2.3",
+        "gopd": "^1.0.1",
+        "has-property-descriptors": "^1.0.1"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
     "node_modules/shebang-command": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz",
@@ -1647,14 +1830,18 @@
       }
     },
     "node_modules/side-channel": {
-      "version": "1.0.4",
+      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.4.tgz",
+      "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.5.tgz",
-      "integrity": "sha512-q5XPytqFEIKHkGdiMIrY10mvLRvnQh42/+GoBlFW3b2LXLE2xxJpZFdm94we0BaoV3RwJyGqg5wS7epxTv0Zvw==",
+      "integrity": "sha512-QcgiIWV4WV7qWExbN5llt6frQB/lBven9pqliLXfGPB+K9ZYXxDozp0wLkHS24kWCm+6YXH/f0HhnObZnZOBnQ==",
       "dev": true,
       "dependencies": {
-        "call-bind": "^1.0.0",
+        "call-bind": "^1.0.6",
-        "get-intrinsic": "^1.0.2",
+        "es-errors": "^1.3.0",
-        "object-inspect": "^1.9.0"
+        "get-intrinsic": "^1.2.4",
+        "object-inspect": "^1.13.1"
+      },
+      "engines": {
+        "node": ">= 0.4"
       },
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
@@ -1681,9 +1868,9 @@
       }
     },
     "node_modules/sshpk": {
-      "version": "1.17.0",
+      "version": "1.18.0",
-      "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.17.0.tgz",
+      "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.18.0.tgz",
-      "integrity": "sha512-/9HIEs1ZXGhSPE8X6Ccm7Nam1z8KcoCqPdI7ecm1N33EzAetWahvQWVqLZtaZQ+IDKX4IyA2o0gBzqIMkAagHQ==",
+      "integrity": "sha512-2p2KJZTSqQ/I3+HX42EpYOa2l3f8Erv8MWKsy2I9uf4wA7yFIkXRffYdsx86y6z4vHtV8u7g+pPlr8/4ouAxsQ==",
       "dev": true,
       "dependencies": {
         "asn1": "~0.2.3",
@@ -1756,10 +1943,13 @@
       }
     },
     "node_modules/throttleit": {
-      "version": "1.0.0",
+      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/throttleit/-/throttleit-1.0.0.tgz",
+      "resolved": "https://registry.npmjs.org/throttleit/-/throttleit-1.0.1.tgz",
-      "integrity": "sha512-rkTVqu6IjfQ/6+uNuuc3sZek4CEYxTJom3IktzgdSxcZqdARuebbA/f4QmAxMQIxqq9ZLEUkSYqvuk1I6VKq4g==",
+      "integrity": "sha512-vDZpf9Chs9mAdfY046mcPt8fg5QSZr37hEH4TXYBnDF+izxgrbRGUAAaBvIk/fJm9aOFCGFd1EsNg5AZCbnQCQ==",
-      "dev": true
+      "dev": true,
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
     },
     "node_modules/through": {
       "version": "2.3.8",
@@ -1767,6 +1957,11 @@
       "integrity": "sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg==",
       "dev": true
     },
+    "node_modules/tinymce": {
+      "version": "6.8.3",
+      "resolved": "https://registry.npmjs.org/tinymce/-/tinymce-6.8.3.tgz",
+      "integrity": "sha512-3fCHKAeqT+xNwBVESf6iDbDV0VNwZNmfrkx9c/6Gz5iB8piMfaO6s7FvoiTrj1hf1gVbfyLTnz1DooI6DhgINQ=="
+    },
     "node_modules/tmp": {
       "version": "0.2.1",
       "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.1.tgz",
@@ -1780,22 +1975,33 @@
       }
     },
     "node_modules/tough-cookie": {
-      "version": "2.5.0",
+      "version": "4.1.3",
-      "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz",
+      "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.1.3.tgz",
-      "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==",
+      "integrity": "sha512-aX/y5pVRkfRnfmuX+OdbSdXvPe6ieKX/G2s7e98f4poJHnqH3281gDPm/metm6E/WRamfx7WC4HUqkWHfQHprw==",
       "dev": true,
       "dependencies": {
-        "psl": "^1.1.28",
+        "psl": "^1.1.33",
-        "punycode": "^2.1.1"
+        "punycode": "^2.1.1",
+        "universalify": "^0.2.0",
+        "url-parse": "^1.5.3"
       },
       "engines": {
-        "node": ">=0.8"
+        "node": ">=6"
+      }
+    },
+    "node_modules/tough-cookie/node_modules/universalify": {
+      "version": "0.2.0",
+      "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.2.0.tgz",
+      "integrity": "sha512-CJ1QgKmNg3CwvAv/kOFmtnEN05f0D/cn9QntgNOQlQF9dgvVTHj3t+8JPdjqawCHk7V/KA+fbUqzZ9XWhcqPUg==",
+      "dev": true,
+      "engines": {
+        "node": ">= 4.0.0"
       }
     },
     "node_modules/tslib": {
-      "version": "2.5.1",
+      "version": "2.6.2",
-      "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.5.1.tgz",
+      "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.2.tgz",
-      "integrity": "sha512-KaI6gPil5m9vF7DKaoXxx1ia9fxS4qG5YveErRRVknPDXXriu5M8h48YRjB6h5ZUOKuAKlSJYb0GaDe8I39fRw==",
+      "integrity": "sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==",
       "dev": true
     },
     "node_modules/tunnel-agent": {
@@ -1829,10 +2035,9 @@
       }
     },
     "node_modules/universalify": {
-      "version": "2.0.0",
+      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
+      "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
-      "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
+      "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
-      "dev": true,
       "engines": {
         "node": ">= 10.0.0"
       }
@@ -1846,6 +2051,16 @@
         "node": ">=8"
       }
     },
+    "node_modules/url-parse": {
+      "version": "1.5.10",
+      "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.5.10.tgz",
+      "integrity": "sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ==",
+      "dev": true,
+      "dependencies": {
+        "querystringify": "^2.1.1",
+        "requires-port": "^1.0.0"
+      }
+    },
     "node_modules/uuid": {
       "version": "8.3.2",
       "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",

package.json

@@ -1,8 +1,17 @@
 {
   "scripts": {
-    "cypress:open": "cypress open"
+    "cypress:open": "cypress open",
+    "postinstall": "node ./npm-post-install.js"
   },
   "devDependencies": {
     "cypress": "^12.12.0"
+  },
+  "dependencies": {
+    "@tinymce/tinymce-jquery": "^2.1.0",
+    "bootstrap": "^4.6.2",
+    "fs-extra": "^11.2.0",
+    "jquery": "^3.7.1",
+    "jquery-ui": "^1.13.2",
+    "tinymce": "^6.8.3"
   }
 }

phpstan-bootstrap.php

@@ -0,0 +1,13 @@
+<?php
+
+require __DIR__ . '/system/libs/pot/OTS.php';
+$ots = POT::getInstance();
+
+require __DIR__ . '/system/libs/pot/InvitesDriver.php';
+require __DIR__ . '/system/libs/rfc6238.php';
+require __DIR__ . '/common.php';
+
+const ACTION = '';
+const PAGE = '';
+const URI = '';
+define('SELF_NAME', basename(__FILE__));

phpstan.neon

@@ -0,0 +1,38 @@
+parameters:
+	level: 3
+	paths:
+		- .
+		- templates/tibiacom
+		- templates/kathrine
+	excludePaths:
+		- system/cache/*
+		- vendor/*
+		- plugins/*
+		- system/libs
+		- tools/signature/mango.php
+		- tools/signature/gd.class.php
+	bootstrapFiles:
+		- phpstan-bootstrap.php
+	ignoreErrors:
+		- '#Variable \$db might not be defined#'
+		- '#Variable \$twig might not be defined#'
+		- '#Variable \$hooks might not be defined#'
+		- '#Variable \$account_logged might not be defined#'
+		- '#Variable \$logged might not be defined#'
+		- '#Variable \$config might not be defined#'
+		- '#Variable \$action might not be defined#'
+		- '#Variable \$errors might not be defined#'
+		- '#Variable \$cache might not be defined#'
+		- '#Variable \$status might not be defined#'
+		- '#Variable \$player might not be defined#'
+		- '#Variable \$guild might not be defined#'
+		- '#Variable \$[a-zA-Z0-9\\_]+ might not be defined#'
+		# Eloquent models
+		- '#Call to an undefined static method [a-zA-Z0-9\\_]+::[a-zA-Z0-9\\_]+()#'
+		# system/pages/highscores.php
+		- '#Call to an undefined method Illuminate\\Database\\Query\\Builder::withOnlineStatus\(\)#'
+		- '#Access to an undefined property Illuminate\\Database\\Eloquent\\Model::\$online_status#'
+		- '#Access to an undefined property Illuminate\\Database\\Eloquent\\Model::\$vocation_name#'
+		-
+			message: '#Variable \$tmp in empty\(\) always exists and is always falsy#'
+			path: templates\kathrine\javascript.php

release.sh

@@ -38,7 +38,7 @@ if [ $1 = "prepare" ]; then
 	cd $dir || exit
 
 	# dependencies
-	composer install --no-dev
+	composer install --prefer-dist --optimize-autoloader
 
 	echo "Now you can make changes to $dir. When you are ready, type 'release.sh pack'"
 	exit

system/bin/clear_cache.php

@@ -1,18 +0,0 @@
-<?php
-
-if(PHP_SAPI !== 'cli') {
-	echo 'This script can be run only in command line mode.';
-	exit(1);
-}
-
-require_once __DIR__ . '/../../common.php';
-require_once SYSTEM . 'functions.php';
-require_once SYSTEM . 'init.php';
-
-if(clearCache()) {
-	echo 'Cache cleared.' . PHP_EOL;
-}
-else {
-	echo 'Unexpected error.' . PHP_EOL;
-	exit(2);
-}

system/bin/cronjob.php

@@ -1,19 +0,0 @@
-<?php
-
-require_once __DIR__ . '/../../common.php';
-require_once SYSTEM . 'functions.php';
-require_once SYSTEM . 'init.php';
-require_once SYSTEM . 'hooks.php';
-
-$hooks = new Hooks();
-$hooks->load();
-
-use GO\Scheduler;
-
-// Create a new scheduler
-$scheduler = new Scheduler();
-
-$hooks->trigger(HOOK_CRONJOB, ['scheduler' => $scheduler]);
-
-// Let the scheduler execute jobs which are due.
-$scheduler->run();

system/bin/dump_database.php

@@ -1,15 +0,0 @@
-<?php
-
-if(PHP_SAPI !== 'cli') {
-	echo 'This script can be run only in command line mode.';
-	exit(1);
-}
-
-require_once __DIR__ . '/../../common.php';
-require_once SYSTEM . 'functions.php';
-require_once SYSTEM . 'init.php';
-
-$test = new \Illuminate\Database\Schema\MySqlSchemaState($eloquentConnection);
-$test->dump($eloquentConnection, BASE . 'dump.sql');
-
-echo 'Dumped.';

system/bin/install_cronjob.php

@@ -1,50 +0,0 @@
-<?php
-
-require_once __DIR__ . '/../../common.php';
-require_once SYSTEM . 'functions.php';
-require_once SYSTEM . 'init.php';
-
-if(!IS_CLI) {
-	echo 'This script can be run only in command line mode.' . PHP_EOL;
-	exit(1);
-}
-
-if (MYAAC_OS !== 'LINUX') {
-	echo 'This script can be run only on linux.' . PHP_EOL;
-	exit(1);
-}
-
-$job = '* * * * * /usr/bin/php ' . SYSTEM . 'bin/cronjob.php >> ' . SYSTEM . 'logs/cron.log 2>&1';
-
-if (cronjob_exists($job)) {
-	echo 'MyAAC cronjob already installed.' . PHP_EOL;
-	exit(0);
-}
-
-exec ('crontab -l', $content);
-
-$content = implode(' ', $content);
-$content .= PHP_EOL . $job;
-
-file_put_contents(CACHE . 'cronjob', $content . PHP_EOL);
-exec('crontab ' . CACHE. 'cronjob');
-
-echo 'Installed crontab successfully.' . PHP_EOL;
-
-function cronjob_exists($command)
-{
-	$cronjob_exists=false;
-
-	exec('crontab -l', $crontab);
-	if(isset($crontab)&&is_array($crontab)) {
-
-		$crontab = array_flip($crontab);
-
-		if(isset($crontab[$command])){
-			$cronjob_exists = true;
-		}
-
-	}
-
-	return $cronjob_exists;
-}

system/bin/install_plugin.php

@@ -1,42 +0,0 @@
-<?php
-
-if(PHP_SAPI !== 'cli') {
-	echo 'This script can be run only in command line mode.';
-	exit(1);
-}
-
-require_once __DIR__ . '/../../common.php';
-require_once SYSTEM . 'functions.php';
-require_once SYSTEM . 'init.php';
-require_once SYSTEM . 'hooks.php';
-require_once LIBS . 'plugins.php';
-
-if($argc !== 2) {
-	echo 'This command expects one parameter: zip file name (plugin)' . PHP_EOL;
-	exit(2);
-}
-
-$path_to_file = $argv[1];
-$ext = strtolower(pathinfo($path_to_file, PATHINFO_EXTENSION));
-if($ext !== 'zip') {// check if it is zipped/compressed file
-	echo 'Please install only .zip files.' . PHP_EOL;
-	exit(3);
-}
-
-if(!file_exists($path_to_file)) {
-	echo 'ERROR: File ' . $path_to_file . ' does not exist' . PHP_EOL;
-	exit(4);
-}
-
-if(Plugins::install($path_to_file)) {
-	foreach(Plugins::getWarnings() as $warning) {
-		echo 'WARNING: ' . $warning;
-	}
-
-	$info = Plugins::getPluginJson();
-	echo (isset($info['name']) ? $info['name'] . ' p' : 'P') . 'lugin has been successfully installed.' . PHP_EOL;
-}
-else {
-	echo 'ERROR: ' . Plugins::getError() . PHP_EOL;
-	exit(5);
-}

system/bin/send_email.php

@@ -1,61 +0,0 @@
-<?php
-
-if(PHP_SAPI !== 'cli') {
-	echo 'This script can be run only in command line mode.';
-	exit(1);
-}
-
-require_once __DIR__ . '/../../common.php';
-require_once SYSTEM . 'functions.php';
-require_once SYSTEM . 'init.php';
-
-if($argc !== 3) {
-	echo 'This command expects two parameters: account_name_or_id|player_name|email address, subject.' . PHP_EOL;
-	exit(2);
-}
-
-$email_account_name = $argv[1];
-$subject = $argv[2];
-$message = file_get_contents('php://stdin');
-
-if(strpos($email_account_name, '@') === false) {
-	$account = new OTS_Account();
-	if(USE_ACCOUNT_NAME) {
-		$account->find($email_account_name);
-	}
-	else {
-		$account->load($email_account_name);
-	}
-
-	if($account->isLoaded()) {
-		$email_account_name = $account->getEMail();
-	}
-	else {
-		$player = new OTS_Player();
-		$player->find($email_account_name);
-		if($player->isLoaded()) {
-			$email_account_name = $player->getAccount()->getEMail();
-		}
-		else {
-			echo 'Cannot find player or account with name: ' . $email_account_name . '.' . PHP_EOL;
-			exit(3);
-		}
-	}
-}
-
-if(!Validator::email($email_account_name)) {
-	echo 'Invalid E-Mail format.' . PHP_EOL;
-	exit(4);
-}
-
-if(strlen($subject) > 255) {
-	echo 'Subject max length is 255 characters.' . PHP_EOL;
-	exit(5);
-}
-
-if(!_mail($email_account_name, $subject, $message)) {
-	echo 'An error occurred while sending email. More info can be found in system/logs/mailer-error.log';
-	exit(6);
-}
-
-echo 'Mail sent to ' . $email_account_name . '.' . PHP_EOL;

system/compat/base.php

@@ -9,6 +9,8 @@
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
+class Validator extends \MyAAC\Validator {}
+
 function check_name($name, &$errors = '') {
 	if(Validator::characterName($name))
 		return true;
@@ -72,4 +74,7 @@ function fieldExist($field, $table)
 	global $db;
 	return $db->hasColumn($table, $field);
 }
-?>
+
+function getCreatureImgPath($creature): string {
+	return getMonsterImgPath($creature);
+}

system/compat/pages.php

@@ -44,7 +44,7 @@ switch($page)
 		break;
 
 	case 'killstatistics':
-		$page = 'lastkills';
+		$page = 'last-kills';
 		break;
 
 	case 'buypoints':

system/counter.php

@@ -7,6 +7,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Cache\Cache;
+
 defined('MYAAC') or die('Direct access not allowed!');
 define('COUNTER_SYNC', 10); // how often counter is synchronized with database (each x site refreshes)
 

system/database.php

@@ -111,8 +111,6 @@ try {
 	$capsule->addConnection([
 		'driver' => 'mysql',
 		'database' => $config['database_name'],
-		'username' => $config['database_user'],
-		'password' => $config['database_password'],
 	]);
 
 	$capsule->getConnection()->setPdo($db);

system/exception.php

@@ -8,6 +8,8 @@
  * @link      https://my-aac.org
  */
 
+use MyAAC\Exceptions\SensitiveException;
+
 if (class_exists(\Whoops\Run::class)) {
 	$whoops = new \Whoops\Run;
 	if(IS_CLI) {
@@ -21,8 +23,6 @@ if (class_exists(\Whoops\Run::class)) {
 	return;
 }
 
-require LIBS . 'SensitiveException.php';
-
 /**
  * @param Exception $exception
  */

system/functions.php

@@ -9,12 +9,17 @@
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
+use MyAAC\Cache\Cache;
 use MyAAC\CsrfToken;
+use MyAAC\Items;
 use MyAAC\Models\Config;
 use MyAAC\Models\Guild;
 use MyAAC\Models\House;
 use MyAAC\Models\Pages;
 use MyAAC\Models\Player;
+use MyAAC\News;
+use MyAAC\Plugins;
+use MyAAC\Settings;
 use PHPMailer\PHPMailer\PHPMailer;
 use Twig\Loader\ArrayLoader as Twig_ArrayLoader;
 
@@ -100,7 +105,7 @@ function getPlayerLink($name, $generate = true): string
 
 function getMonsterLink($name, $generate = true): string
 {
-	$url = BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . 'creatures/' . urlencode($name);
+	$url = BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . 'monsters/' . urlencode($name);
 
 	if(!$generate) return $url;
 	return generateLink($url, $name);
@@ -137,7 +142,6 @@ function getGuildLink($name, $generate = true): string
 }
 
 function getItemNameById($id) {
-	require_once LIBS . 'items.php';
 	$item = Items::get($id);
 	return !empty($item['name']) ? $item['name'] : '';
 }
@@ -197,7 +201,7 @@ function getFlagImage($country): string
  * @param mixed $v Variable to check.
  * @return bool Value boolean status.
  */
-function getBoolean($v): bool
+function getBoolean(mixed $v): bool
 {
 	if(is_bool($v)) {
 		return $v;
@@ -206,6 +210,10 @@ function getBoolean($v): bool
 	if(is_numeric($v))
 		return (int)$v > 0;
 
+	if (is_null($v)) {
+		return false;
+	}
+
 	$v = strtolower($v);
 	return $v === 'yes' || $v === 'true';
 }
@@ -253,7 +261,7 @@ function generateRandomString($length, $lowCase = true, $upCase = false, $numeri
 function getForumBoards()
 {
 	global $db, $canEdit;
-	$sections = $db->query('SELECT `id`, `name`, `description`, `closed`, `guild`, `access`' . ($canEdit ? ', `hidden`, `ordering`' : '') . ' FROM `' . TABLE_PREFIX . 'forum_boards` ' . (!$canEdit ? ' WHERE `hidden` != 1' : '') .
+	$sections = $db->query('SELECT `id`, `name`, `description`, `closed`, `guild`, `access`' . ($canEdit ? ', `hide`, `ordering`' : '') . ' FROM `' . TABLE_PREFIX . 'forum_boards` ' . (!$canEdit ? ' WHERE `hide` != 1' : '') .
 		' ORDER BY `ordering`;');
 	if($sections)
 		return $sections->fetchAll();
@@ -410,7 +418,10 @@ function delete_guild($id)
 	if(count($rank_list) > 0) {
 		$rank_list->orderBy('level');
 
-		global $db, $ots;
+		global $db;
+		/**
+		 * @var OTS_GuildRank $rank_in_guild
+		 */
 		foreach($rank_list as $rank_in_guild) {
 			if($db->hasTable('guild_members'))
 				$players_with_rank = $db->query('SELECT `players`.`id` as `id`, `guild_members`.`rank_id` as `rank_id` FROM `players`, `guild_members` WHERE `guild_members`.`rank_id` = ' . $rank_in_guild->getId() . ' AND `players`.`id` = `guild_members`.`player_id` ORDER BY `name`;');
@@ -702,11 +713,8 @@ function getSkillName($skillId, $suffix = true)
 /**
  * Performs flag check on the current logged in user.
  * Table in database: accounts, field: website_flags
- *
- * @param int @flag Flag to be verified.
- * @return bool If user got flag.
  */
-function hasFlag($flag) {
+function hasFlag(int $flag): bool {
 	global $logged, $logged_flags;
 	return ($logged && ($logged_flags & $flag) == $flag);
 }
@@ -779,7 +787,7 @@ function get_browser_languages()
 	$languages = str_replace(' ', '', $languages);
 
 	foreach(explode(',', $languages) as $language_list)
-		$ret[] .= substr($language_list, 0, 2);
+		$ret[] = substr($language_list, 0, 2);
 
 	return $ret;
 }
@@ -798,6 +806,10 @@ function get_templates()
 			$ret[] = $file;
 	}
 
+	foreach (Plugins::getThemes() as $name => $path) {
+		$ret[] = $name;
+	}
+
 	return $ret;
 }
 
@@ -1052,8 +1064,8 @@ function unsetSession($key) {
 	unset($_SESSION[setting('core.session_prefix') . $key]);
 }
 
-function csrf(): void {
+function csrf(bool $return = false): string {
-	CsrfToken::create();
+	return CsrfToken::create($return);
 }
 
 function csrfToken(): string {
@@ -1062,7 +1074,7 @@ function csrfToken(): string {
 
 function isValidToken(): bool {
 	$token = $_POST['csrf_token'] ?? $_SERVER['HTTP_X_CSRF_TOKEN'] ?? null;
-	return ($_SERVER['REQUEST_METHOD'] !== 'POST' || (isset($token) && CsrfToken::isValid($token)));
+	return (!isRequestMethod('post') || (isset($token) && CsrfToken::isValid($token)));
 }
 
 function csrfProtect(): void
@@ -1191,72 +1203,48 @@ function setting($key)
 
 function clearCache()
 {
-	require_once LIBS . 'news.php';
 	News::clearCache();
 
 	$cache = Cache::getInstance();
-
 	if($cache->enabled()) {
-		$tmp = '';
+		$keysToClear = [
-
+			'status', 'templates',
-		if ($cache->fetch('status', $tmp))
+			'config_lua',
-			$cache->delete('status');
+			'towns', 'groups', 'vocations',
-
+			'visitors', 'views_counter', 'failed_logins',
-		if ($cache->fetch('templates', $tmp))
+			'template_menus',
-			$cache->delete('templates');
+			'last_kills',
-
+			'hooks', 'plugins_hooks', 'plugins_routes', 'plugins_settings', 'plugins_themes', 'plugins_commands',
-		if ($cache->fetch('config_lua', $tmp))
+			'settings',
-			$cache->delete('config_lua');
+		];
-
-		if ($cache->fetch('vocations', $tmp))
-			$cache->delete('vocations');
-
-		if ($cache->fetch('towns', $tmp))
-			$cache->delete('towns');
-
-		if ($cache->fetch('groups', $tmp))
-			$cache->delete('groups');
-
-		if ($cache->fetch('visitors', $tmp))
-			$cache->delete('visitors');
-
-		if ($cache->fetch('views_counter', $tmp))
-			$cache->delete('views_counter');
-
-		if ($cache->fetch('failed_logins', $tmp))
-			$cache->delete('failed_logins');
 
 		foreach (get_templates() as $template) {
-			if ($cache->fetch('template_ini_' . $template, $tmp)) {
+			$keysToClear[] = 'template_ini_' . $template;
-				$cache->delete('template_ini_' . $template);
+		}
+
+		// highscores cache
+		$configHighscoresPerPage = setting('core.highscores_per_page');
+		$skills = [POT::SKILL_FIST, POT::SKILL_CLUB, POT::SKILL_SWORD, POT::SKILL_AXE, POT::SKILL_DIST, POT::SKILL_SHIELD, POT::SKILL_FISH, POT::SKILL_LEVEL, POT::SKILL__MAGLEVEL, SKILL_FRAGS, SKILL_BALANCE];
+		foreach ($skills as $skill) {
+			// config('vocations') may be empty after previous cache clear
+			$vocations = (config('vocations') ?? []) + ['all'];
+			foreach ($vocations as $vocation) {
+				for($page = 0; $page < 10; $page++) {
+					$cacheKey = 'highscores_' . $skill . '_' . strtolower($vocation) . '_' . $page . '_' . $configHighscoresPerPage;
+					$keysToClear[] = $cacheKey;
+				}
 			}
 		}
 
-		if ($cache->fetch('template_menus', $tmp)) {
+		foreach ($keysToClear as $item) {
-			$cache->delete('template_menus');
+			$tmp = '';
+			if ($cache->fetch($item, $tmp)) {
+				$cache->delete($item);
 			}
-		if ($cache->fetch('database_tables', $tmp)) {
-			$cache->delete('database_tables');
-		}
-		if ($cache->fetch('database_columns', $tmp)) {
-			$cache->delete('database_columns');
-		}
-		if ($cache->fetch('database_checksum', $tmp)) {
-			$cache->delete('database_checksum');
-		}
-		if ($cache->fetch('last_kills', $tmp)) {
-			$cache->delete('last_kills');
 		}
 
-		if ($cache->fetch('hooks', $tmp)) {
+		global $db;
-			$cache->delete('hooks');
+		$db->setClearCacheAfter(true);
-		}
-		if ($cache->fetch('plugins_hooks', $tmp)) {
-			$cache->delete('plugins_hooks');
-		}
-		if ($cache->fetch('plugins_routes', $tmp)) {
-			$cache->delete('plugins_routes');
-		}
 	}
 
 	deleteDirectory(CACHE . 'signatures', ['index.html'], true);
@@ -1265,12 +1253,20 @@ function clearCache()
 	deleteDirectory(CACHE, ['signatures', 'twig', 'plugins', 'index.html', 'persistent'], true);
 
 	// routes cache
+	clearRouteCache();
+
+	global $hooks;
+	$hooks->trigger(HOOK_CACHE_CLEAR, ['cache' => Cache::getInstance()]);
+
+	return true;
+}
+
+function clearRouteCache(): void
+{
 	$routeCacheFile = CACHE . 'route.cache';
 	if (file_exists($routeCacheFile)) {
 		unlink($routeCacheFile);
 	}
-
-	return true;
 }
 
 function getCustomPageInfo($name)
@@ -1312,13 +1308,6 @@ function getCustomPage($name, &$success): string
 			else
 				$tmp = $page['body'];
 
-			$php_errors = array();
-			function error_handler($errno, $errstr) {
-				global $php_errors;
-				$php_errors[] = array('errno' => $errno, 'errstr' => $errstr);
-			}
-			set_error_handler('error_handler');
-
 			global $config;
 			if(setting('core.backward_support')) {
 				global $SQL, $main_content, $subtopic;
@@ -1328,11 +1317,6 @@ function getCustomPage($name, &$success): string
 			eval($tmp);
 			$content .= ob_get_contents();
 			ob_end_clean();
-
-			restore_error_handler();
-			if(isset($php_errors[0]) && superAdmin()) {
-				var_dump($php_errors);
-			}
 		}
 		else {
 			$oldLoader = $twig->getLoader();
@@ -1576,18 +1560,19 @@ function right($str, $length) {
 	return substr($str, -$length);
 }
 
-function getCreatureImgPath($creature){
+function getMonsterImgPath($monster): string
-	$creature_path = setting('core.monsters_images_url');
+{
-	$creature_gfx_name = trim(strtolower($creature)) . setting('core.monsters_images_extension');
+	$monster_path = setting('core.monsters_images_url');
-	if (!file_exists($creature_path . $creature_gfx_name)) {
+	$monster_gfx_name = trim(strtolower($monster)) . setting('core.monsters_images_extension');
-		$creature_gfx_name = str_replace(" ", "", $creature_gfx_name);
+	if (!file_exists($monster_path . $monster_gfx_name)) {
-		if (file_exists($creature_path . $creature_gfx_name)) {
+		$monster_gfx_name = str_replace(" ", "", $monster_gfx_name);
-			return $creature_path . $creature_gfx_name;
+		if (file_exists($monster_path . $monster_gfx_name)) {
+			return $monster_path . $monster_gfx_name;
 		} else {
-			return $creature_path . 'nophoto.png';
+			return $monster_path . 'nophoto.png';
 		}
 	} else {
-		return $creature_path . $creature_gfx_name;
+		return $monster_path . $monster_gfx_name;
 	}
 }
 
@@ -1675,8 +1660,15 @@ function displayErrorBoxWithBackButton($errors, $action = null) {
 	]);
 }
 
+function makeLinksClickable($text, $blank = true) {
+	return preg_replace('!(((f|ht)tp(s)?://)[-a-zA-Zа-яА-Я()0-9@:%_+.~#?&;//=]+)!i', '<a href="$1"' . (!$blank ?: ' target="_blank"') . '>$1</a>', $text);
+}
+
+function isRequestMethod(string $method): bool {
+	return strtolower($_SERVER['REQUEST_METHOD']) == strtolower($method);
+}
+
 // validator functions
-require_once LIBS . 'validator.php';
 require_once SYSTEM . 'compat/base.php';
 
 // custom functions

system/init.php

@@ -8,7 +8,12 @@
  * @link      https://my-aac.org
  */
 
+use DebugBar\StandardDebugBar;
+use MyAAC\Cache\Cache;
 use MyAAC\CsrfToken;
+use MyAAC\Hooks;
+use MyAAC\Settings;
+use MyAAC\Towns;
 
 defined('MYAAC') or die('Direct access not allowed!');
 
@@ -16,8 +21,6 @@ if(!isset($config['installed']) || !$config['installed']) {
 	throw new RuntimeException('MyAAC has not been installed yet or there was error during installation. Please install again.');
 }
 
-use DebugBar\StandardDebugBar;
-
 if(config('env') === 'dev') {
 	require SYSTEM . 'exception.php';
 }
@@ -39,11 +42,9 @@ if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HT
 	ob_start('ob_gzhandler');
 
 // cache
-require_once SYSTEM . 'libs/cache.php';
 $cache = Cache::getInstance();
 
 // event system
-require_once SYSTEM . 'hooks.php';
 $hooks = new Hooks();
 $hooks->load();
 
@@ -54,28 +55,24 @@ require_once SYSTEM . 'twig.php';
 $action = $_REQUEST['action'] ?? '';
 define('ACTION', $action);
 
+// errors, is also often used
+$errors = [];
+
 // trim values we receive
-if(isset($_POST))
+foreach($_POST as $var => $value) {
-{
-	foreach($_POST as $var => $value) {
 	if(is_string($value)) {
 		$_POST[$var] = trim($value);
 	}
-	}
 }
-if(isset($_GET))
+
-{
+foreach($_GET as $var => $value) {
-	foreach($_GET as $var => $value) {
 	if(is_string($value))
 		$_GET[$var] = trim($value);
-	}
 }
-if(isset($_REQUEST))
+
-{
+foreach($_REQUEST as $var => $value) {
-	foreach($_REQUEST as $var => $value) {
 	if(is_string($value))
 		$_REQUEST[$var] = trim($value);
-	}
 }
 
 // load otserv config file
@@ -131,18 +128,25 @@ if(!isset($foundValue)) {
 $config['data_path'] = $foundValue;
 unset($foundValue);
 
-
 // POT
 require_once SYSTEM . 'libs/pot/OTS.php';
 $ots = POT::getInstance();
 $eloquentConnection = null;
 require_once SYSTEM . 'database.php';
 
+if ($config_lua_reload) {
+	clearCache();
+}
+
+// verify myaac tables exists in database
+if(!defined('MYAAC_INSTALL') && !$db->hasTable('myaac_account_actions')) {
+	throw new RuntimeException('Seems that the table myaac_account_actions of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting ' . BASE_URL . 'install');
+}
+
 // execute migrations
 require SYSTEM . 'migrate.php';
 
 // settings
-require_once LIBS . 'Settings.php';
 $settings = Settings::getInstance();
 $settings->load();
 
@@ -173,5 +177,4 @@ define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
 define('USE_ACCOUNT_NUMBER', $db->hasColumn('accounts', 'number'));
 define('USE_ACCOUNT_SALT', $db->hasColumn('accounts', 'salt'));
 
-require LIBS . 'Towns.php';
 Towns::load();

system/libs/SensitiveException.php

@@ -1,3 +0,0 @@
-<?php
-
-class SensitiveException extends Exception {}

system/libs/cache_eaccelerator.php

@@ -1,51 +0,0 @@
-<?php
-/**
- * Cache eAccelerator class
- *
- * @package   MyAAC
- * @author    Slawkens <slawkens@gmail.com>
- * @author    Mark Samman (Talaturen) <marksamman@gmail.com>
- * @copyright 2019 MyAAC
- * @link      https://my-aac.org
- */
-defined('MYAAC') or die('Direct access not allowed!');
-
-class Cache_eAccelerator
-{
-	private $prefix;
-	private $enabled;
-
-	public function __construct($prefix = '') {
-		$this->prefix = $prefix;
-		$this->enabled = function_exists('eaccelerator_get');
-	}
-
-	public function set($key, $var, $ttl = 0)
-	{
-		$key = $this->prefix . $key;
-		eaccelerator_rm($key);
-		eaccelerator_put($key, $var, $ttl);
-	}
-
-	public function get($key)
-	{
-		$tmp = '';
-		if($this->fetch($this->prefix . $key, $tmp)) {
-			return $tmp;
-		}
-
-		return '';
-	}
-
-	public function fetch($key, &$var) {
-		return ($var = eaccelerator_get($this->prefix . $key)) !== null;
-	}
-
-	public function delete($key) {
-		eaccelerator_rm($this->prefix . $key);
-	}
-
-	public function enabled() {
-		return $this->enabled;
-	}
-}

system/libs/pot/OTS_DB_MySQL.php

@@ -12,6 +12,8 @@
  * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
  */
 
+use MyAAC\Cache\Cache;
+
 /**
  * MySQL connection interface.
  *
@@ -26,6 +28,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 {
 	private $has_table_cache = array();
 	private $has_column_cache = array();
+
+	private $clearCacheAfter = false;
 /**
  * Creates database connection.
  *
@@ -94,7 +98,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
         }
 
 		global $config;
-		if(class_exists('Cache') && ($cache = Cache::getInstance()) && $cache->enabled()) {
+		$cache = Cache::getInstance();
+		if($cache->enabled()) {
 			$tmp = null;
 			$need_revalidation = true;
 			if($cache->fetch('database_checksum', $tmp) && $tmp) {
@@ -145,11 +150,19 @@ class OTS_DB_MySQL extends OTS_Base_DB
     {
 		global $config;
 
-	    if(class_exists('Cache') && ($cache = Cache::getInstance()) && $cache->enabled()) {
+		$cache = Cache::getInstance();
+		if($cache->enabled()) {
+			if ($this->clearCacheAfter) {
+				$cache->delete('database_tables');
+				$cache->delete('database_columns');
+				$cache->delete('database_checksum');
+			}
+			else {
 				$cache->set('database_tables', serialize($this->has_table_cache), 3600);
 				$cache->set('database_columns', serialize($this->has_column_cache), 3600);
 				$cache->set('database_checksum', serialize(sha1($config['database_host'] . '.' . $config['database_name'])), 3600);
 			}
+		}
 
 		if($this->logged) {
 			log_append('database.log', $_SERVER['REQUEST_URI'] . PHP_EOL . $this->getLog());
@@ -236,6 +249,11 @@ class OTS_DB_MySQL extends OTS_Base_DB
 			}
 		}
 	}
+
+	public function setClearCacheAfter($clearCache)
+	{
+		$this->clearCacheAfter = $clearCache;
+	}
 }
 
 /**#@-*/

system/libs/pot/OTS_Groups_List.php

@@ -8,6 +8,8 @@
  * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
  */
 
+use MyAAC\Cache\Cache;
+
 /**
  * List of groups.
  *

system/libs/pot/OTS_Monster.php

@@ -41,9 +41,10 @@
 class OTS_Monster extends DOMDocument
 {
 	private $loaded = false;
-	public function loadXML($source , $options = 0)
+	public function loadXML(string $source , int $options = 0): bool
 	{
 		$this->loaded = parent::loadXML($source, $options);
+		return $this->loaded;
 	}
 
 	public function loaded()

system/libs/pot/OTS_Player.php

@@ -90,7 +90,7 @@ class OTS_Player extends OTS_Row_DAO
  * @version 0.1.2
  * @var array
  */
-    private $data = array('sex' => 0, 'vocation' => 0, 'experience' => 0, 'level' => 1, 'maglevel' => 0, 'health' => 100, 'healthmax' => 100, 'mana' => 100, 'manamax' => 100, 'manaspent' => 0, 'soul' => 0, 'lookbody' => 10, 'lookfeet' => 10, 'lookhead' => 10, 'looklegs' => 10, 'looktype' => 136, 'lookaddons' => 0, 'posx' => 0, 'posy' => 0, 'posz' => 0, 'cap' => 0, 'lastlogin' => 0, 'lastip' => 0, 'save' => true, 'skulltime' => 0, 'skull' => 0, 'balance' => 0, 'lastlogout' => 0, 'blessings' => 0, 'stamina' => 0, 'online' => 0, 'comment' => '', 'created' => 0, 'hidden' => 0);
+    private $data = array('sex' => 0, 'vocation' => 0, 'experience' => 0, 'level' => 1, 'maglevel' => 0, 'health' => 100, 'healthmax' => 100, 'mana' => 100, 'manamax' => 100, 'manaspent' => 0, 'soul' => 0, 'lookbody' => 10, 'lookfeet' => 10, 'lookhead' => 10, 'looklegs' => 10, 'looktype' => 136, 'lookaddons' => 0, 'posx' => 0, 'posy' => 0, 'posz' => 0, 'cap' => 0, 'lastlogin' => 0, 'lastip' => 0, 'save' => true, 'skulltime' => 0, 'skull' => 0, 'balance' => 0, 'lastlogout' => 0, 'blessings' => 0, 'stamina' => 0, 'online' => 0, 'comment' => '', 'created' => 0, 'hide' => 0);
 
 /**
  * Player skills.
@@ -231,7 +231,7 @@ class OTS_Player extends OTS_Row_DAO
 		}
 		else {
 			// SELECT query on database
-			$this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . ($this->db->hasColumn('players', 'lookaddons') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $__load['skull_time'] . '` as `skulltime`, `' . $__load['skull_type'] . '` as `skull`' . $__load['guild_info'] . ', `town_id`' . $__load['loss_experience'] . $__load['loss_items'] . ', `balance`' . ($__load['blessings'] ? ', `blessings`' : '') . ($__load['direction'] ? ', `direction`' : '') . ($__load['stamina'] ? ', `stamina`' : '') . ($__load['world_id'] ? ', `world_id`' : '') . ($__load['online'] ? ', `online`' : '') . ', `' . ($__load['deletion'] ? 'deletion' : 'deleted') . '`' . ($__load['promotion'] ? ', `promotion`' : '') . ($__load['marriage'] ? ', `marriage`' : '') . ', `comment`, `created`, `hidden` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
+			$this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . ($this->db->hasColumn('players', 'lookaddons') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $__load['skull_time'] . '` as `skulltime`, `' . $__load['skull_type'] . '` as `skull`' . $__load['guild_info'] . ', `town_id`' . $__load['loss_experience'] . $__load['loss_items'] . ', `balance`' . ($__load['blessings'] ? ', `blessings`' : '') . ($__load['direction'] ? ', `direction`' : '') . ($__load['stamina'] ? ', `stamina`' : '') . ($__load['world_id'] ? ', `world_id`' : '') . ($__load['online'] ? ', `online`' : '') . ', `' . ($__load['deletion'] ? 'deletion' : 'deleted') . '`' . ($__load['promotion'] ? ', `promotion`' : '') . ($__load['marriage'] ? ', `marriage`' : '') . ', `comment`, `created`, `hide` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
 		}
 
         // loads skills
@@ -521,17 +521,17 @@ class OTS_Player extends OTS_Row_DAO
 
     public function isHidden()
     {
-        if( !isset($this->data['hidden']) )
+        if( !isset($this->data['hide']) )
         {
             throw new E_OTS_NotLoaded();
         }
 
-        return $this->data['hidden'] == 1;
+        return $this->data['hide'] == 1;
     }
 
     public function setHidden($hidden)
     {
-        $this->data['hidden'] = (int) $hidden;
+        $this->data['hide'] = (int) $hidden;
     }
 
     public function getMarriage()

system/migrations/17.php

@@ -1,5 +1,7 @@
 <?php
 
+use MyAAC\Plugins;
+
 if(!$db->hasTable('myaac_menu')) {
 	$db->query("
 CREATE TABLE `myaac_menu`
@@ -16,7 +18,6 @@ CREATE TABLE `myaac_menu`
 ");
 }
 
-require_once LIBS . 'plugins.php';
 Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
 Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
 

system/migrations/20.php

@@ -1,6 +1,6 @@
 <?php
 
-require_once LIBS . 'Settings.php';
+use MyAAC\Settings;
 
 $query = $db->query("SELECT `id` FROM `players` WHERE (`name` = " . $db->quote("Rook Sample") . " OR `name` = " . $db->quote("Sorcerer Sample") . " OR `name` = " . $db->quote("Druid Sample") . " OR `name` = " . $db->quote("Paladin Sample") . " OR `name` = " . $db->quote("Knight Sample") . " OR `name` = " . $db->quote("Account Manager") . ") ORDER BY `id`;");
 

system/migrations/27.php

@@ -1,37 +1,47 @@
 <?php
 
+$downloadsPage = <<<HTML
+<p>&nbsp;</p>
+<p>&nbsp;</p>
+<div style="text-align: center;">We're using official Tibia Client <strong>{{ config.client / 100 }}</strong><br>
+<p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href="https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ" target="_blank" rel="noopener">HERE</a>.</p>
+<h2>IP Changer:</h2>
+<a href="https://static.otland.net/ipchanger.exe" target="_blank" rel="noopener">HERE</a></div>
+HTML;
+
 $query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('downloads') . " LIMIT 1;");
 if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hidden`) VALUES
+	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
-	(null, 'downloads', 'Downloads', '<p>&nbsp;</p>
+	(null, 'downloads', 'Downloads', {$db->quote($downloadsPage)}, 0, 1, 0, 0, 0);");
-<p>&nbsp;</p>
-<div style=\"text-align: center;\">We''re using official Tibia Client <strong>{{ config.client / 100 }}</strong><br />
-<p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href=\"https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ\" target=\"_blank\" rel=\"noopener\">HERE</a>.</p>
-<h2>IP Changer:</h2>
-<a href=\"https://static.otland.net/ipchanger.exe\" target=\"_blank\" rel=\"noopener\">HERE</a></div>', 0, 1, 0, 1, 0);");
 }
 
+$commandsPage = <<<HTML
+<table class="myaac-table" style="border-collapse: collapse; width: 100%; height: 72px; border-width: 1px;" border="1"><colgroup><col style="width: 50%;"><col style="width: 50%;"></colgroup>
+<thead>
+<tr style="height: 18px;">
+<td style="height: 18px; border-width: 1px; text-align: center;"><span style="color: #ffffff;"><strong>Words</strong></span></td>
+<td style="height: 18px; border-width: 1px; text-align: center;"><strong>Description</strong></td>
+</tr>
+</thead>
+<tbody>
+<tr style="height: 18px;">
+<td style="height: 18px; border-width: 1px;">!example</td>
+<td style="height: 18px; border-width: 1px;">This is just an example</td>
+</tr>
+<tr style="height: 18px;">
+<td style="height: 18px; border-width: 1px;">!buyhouse</td>
+<td style="height: 18px; border-width: 1px;">Buy house you are looking at</td>
+</tr>
+<tr style="height: 18px;">
+<td style="height: 18px; border-width: 1px;"><em>!aol</em></td>
+<td style="height: 18px; border-width: 1px;">Buy AoL</td>
+</tr>
+</tbody>
+</table>
+HTML;
+
 $query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('commands') . " LIMIT 1;");
 if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hidden`) VALUES
+	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
-(null, 'commands', 'Commands', '<table style=\"border-collapse: collapse; width: 87.8471%; height: 57px;\" border=\"1\">
+(null, 'commands', 'Commands', {$db->quote($commandsPage)}, 0, 1, 0, 0, 0);");
-<tbody>
-<tr style=\"height: 18px;\">
-<td style=\"width: 33.3333%; background-color: #505050; height: 18px;\"><span style=\"color: #ffffff;\"><strong>Words</strong></span></td>
-<td style=\"width: 33.3333%; background-color: #505050; height: 18px;\"><span style=\"color: #ffffff;\"><strong>Description</strong></span></td>
-</tr>
-<tr style=\"height: 18px; background-color: #f1e0c6;\">
-<td style=\"width: 33.3333%; height: 18px;\"><em>!example</em></td>
-<td style=\"width: 33.3333%; height: 18px;\">This is just an example</td>
-</tr>
-<tr style=\"height: 18px; background-color: #d4c0a1;\">
-<td style=\"width: 33.3333%; height: 18px;\"><em>!buyhouse</em></td>
-<td style=\"width: 33.3333%; height: 18px;\">Buy house you are looking at</td>
-</tr>
-<tr style=\"height: 18px; background-color: #f1e0c6;\">
-<td style=\"width: 33.3333%; height: 18px;\"><em>!aol</em></td>
-<td style=\"width: 33.3333%; height: 18px;\">Buy AoL</td>
-</tr>
-</tbody>
-</table>', 0, 1, 0, 1, 0);");
 }

system/migrations/28.php

@@ -1,5 +1,7 @@
 <?php
 
+use MyAAC\Cache\Cache;
+
 $db->exec('DROP TABLE IF EXISTS `' . TABLE_PREFIX . 'hooks`;');
 
 $cache = Cache::getInstance();

system/migrations/30.php

@@ -2,7 +2,7 @@
 
 $query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('rules_on_the_page') . " LIMIT 1;");
 if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `enable_tinymce`, `access`, `hidden`) VALUES
+	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `enable_tinymce`, `access`, `hide`) VALUES
 	(null, 'rules_on_the_page', 'Rules', '1. Names
 a) Names which contain insulting (e.g. \"Bastard\"), racist (e.g. \"Nigger\"), extremely right-wing (e.g. \"Hitler\"), sexist (e.g. \"Bitch\") or offensive (e.g. \"Copkiller\") language.
 b) Names containing parts of sentences (e.g. \"Mike returns\"), nonsensical combinations of letters (e.g. \"Fgfshdsfg\") or invalid formattings (e.g. \"Thegreatknight\").
@@ -27,5 +27,5 @@ a) Excessive killing of characters who are not marked with a \"skull\" on worlds
 
 A violation of the Tibia Rules may lead to temporary banishment of characters and accounts. In severe cases removal or modification of character skills, attributes and belongings, as well as the permanent removal of accounts without any compensation may be considered. The sanction is based on the seriousness of the rule violation and the previous record of the player. It is determined by the gamemaster imposing the banishment.
 
-These rules may be changed at any time. All changes will be announced on the official website.', 0, 1, 0, 0, 1, 0);");
+These rules may be changed at any time. All changes will be announced on the official website.', 0, 1, 0, 0, 0, 0);");
 }

system/migrations/31.php

@@ -2,17 +2,56 @@
 
 if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'elements')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `elements` TEXT NOT NULL AFTER `immunities`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'pushable')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `pushable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `convinceable`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushitems')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canpushitems` TINYINT(1) NOT NULL DEFAULT '0' AFTER `pushable`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canpushcreatures` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonenergy` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonpoison` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonenergy`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonfire` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonpoison`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'runonhealth')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `runonhealth` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonfire`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'hostile')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `hostile` TINYINT(1) NOT NULL DEFAULT '0' AFTER `runonhealth`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'attackable')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `attackable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `hostile`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'rewardboss')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `rewardboss` TINYINT(1) NOT NULL DEFAULT '0' AFTER `attackable`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'defense')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `defense` INT(11) NOT NULL DEFAULT '0' AFTER `rewardboss`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'armor')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `armor` INT(11) NOT NULL DEFAULT '0' AFTER `defense`;");
+}
+
+if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'summons')) {
 	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `summons` TEXT NOT NULL AFTER `loot`;");
 }

system/migrations/39.php

@@ -0,0 +1,18 @@
+<?php
+
+// 2024-01-27
+// change hidden to hide (Eloquent model reserved keyword)
+
+if (!$db->hasColumn('players', 'hide')) {
+	$db->exec("ALTER TABLE `players` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+}
+
+$db->exec("ALTER TABLE `" . TABLE_PREFIX . "changelog` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+$db->exec("ALTER TABLE `" . TABLE_PREFIX . "faq` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+$db->exec("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+$db->exec("ALTER TABLE `" . TABLE_PREFIX . "news` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+$db->exec("ALTER TABLE `" . TABLE_PREFIX . "news_categories` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+$db->exec("ALTER TABLE `" . TABLE_PREFIX . "pages` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+$db->exec("ALTER TABLE `" . TABLE_PREFIX . "gallery` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+$db->exec("ALTER TABLE `" . TABLE_PREFIX . "spells` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");

system/migrations/40.php

@@ -0,0 +1,12 @@
+<?php
+
+// 2024-02-03
+// update pages links
+
+use MyAAC\Models\Menu;
+
+Menu::where('link', 'lastkills')->update(['link' => 'last-kills']);
+Menu::where('link', 'serverInfo')->update(['link' => 'server-info']);
+Menu::where('link', 'experienceStages')->update(['link' => 'exp-stages']);
+Menu::where('link', 'experienceTable')->update(['link' => 'exp-table']);
+Menu::where('link', 'creatures')->update(['link' => 'monsters']);

system/pages/account/change_comment.php

@@ -40,7 +40,7 @@ if($player_name != null) {
 
 			if (isset($_POST['changecommentsave']) && $_POST['changecommentsave'] == 1) {
 				if(empty($errors)) {
-					$player->hidden = $new_hideacc;
+					$player->hide = $new_hideacc;
 					$player->comment = $new_comment;
 					$player->save();
 					$account_logged->logAction('Changed comment for character <b>' . $player->name . '</b>.');

system/pages/account/change_email.php

@@ -93,21 +93,21 @@ else
 		<td width="30">&nbsp;</td>
 		<td align=left>
 			<form action="' . getLink('account/email') . '" method="post">
-				' . csrf() . '
+				' . csrf(true) . '
 				<input type="hidden" name="changeemailsave" value=1 >
 				<INPUT TYPE=image NAME="I Agree" SRC="' . $template_path . '/images/global/buttons/sbutton_iagree.gif" BORDER=0 WIDTH=120 HEIGHT=17>
 			</form>
 		</td>
 		<td align=left>
 			<form action="' . getLink('account/email') . '" method="post">
-				' . csrf() . '
+				' . csrf(true) . '
 				<input type="hidden" name="emailchangecancel" value=1 >
 				' . $twig->render('buttons.cancel.html.twig') . '
 			</form>
 		</td>
 		<td align=right>
-			<form action="?subtopic=accountmanagement" method="post" >
+			<form action="' . getLink('account/manage') . '" method="post" >
-				' . csrf() . '
+				' . csrf(true) . '
 				' . $twig->render('buttons.back.html.twig') . '
 			</form>
 		</td>
@@ -129,7 +129,7 @@ else
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0" >
 				<form action="' .getLink('account/email') . '" method="post" >
-					' . csrf() . '
+					' . csrf(true) . '
 					<tr>
 						<td style="border:0px;" >
 							<input type="hidden" name="emailchangecancel" value="1" >
@@ -142,7 +142,7 @@ else
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0" >
 				<form action="' . getLink('account/manage') . '" method="post" >
-					' . csrf() . '
+					' . csrf(true) . '
 					<tr>
 						<td style="border:0px;" >
 							' . $twig->render('buttons.back.html.twig') . '
@@ -164,7 +164,7 @@ if(isset($_POST['emailchangecancel']) && $_POST['emailchangecancel'] == 1) {
 	$account_logged->setCustomField("email_new", "");
 	$account_logged->setCustomField("email_new_time", 0);
 
-	$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="?subtopic=accountmanagement" method="post" ><tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
+	$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="' . getLink('account/manage') . '" method="post" ><tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
 
 	$twig->display('success.html.twig', array(
 		'title' => 'Email Address Change Cancelled',

system/pages/account/create.php

@@ -8,6 +8,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\CreateCharacter;
+
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Create Account';
 
@@ -21,7 +24,6 @@ if($logged)
 }
 
 if(setting('core.account_create_character_create')) {
-	require_once LIBS . 'CreateCharacter.php';
 	$createCharacter = new CreateCharacter();
 }
 

system/pages/account/create_character.php

@@ -8,6 +8,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\CreateCharacter;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 $title = 'Create Character';
@@ -30,7 +33,6 @@ $character_created = false;
 $save = isset($_POST['save']) && $_POST['save'] == 1;
 $errors = array();
 if($save) {
-	require_once LIBS . 'CreateCharacter.php';
 	$createCharacter = new CreateCharacter();
 
 	$character_created = $createCharacter->doCreate($character_name, $character_sex, $character_vocation, $character_town, $account_logged, $errors);

system/pages/account/delete_character.php

@@ -61,16 +61,18 @@ if(isset($_POST['deletecharactersave']) && $_POST['deletecharactersave'] == 1) {
 		}
 	}
 
+	if(empty($errors)) {
 		$ownerid = 'ownerid';
-	if($db->hasColumn('guilds', 'owner_id'))
+		if ($db->hasColumn('guilds', 'owner_id'))
 			$ownerid = 'owner_id';
-	$guild = $db->query('SELECT `name` FROM `guilds` WHERE `' . $ownerid . '` = '.$player->getId());
+		$guild = $db->query('SELECT `name` FROM `guilds` WHERE `' . $ownerid . '` = ' . $player->getId());
-	if($guild->rowCount() > 0) {
+		if ($guild->rowCount() > 0) {
 			$errors[] = 'You cannot delete a character when they own a guild.';
 		}
+	}
 
 	if(empty($errors)) {
-		//dont show table "delete character" again
+		// don't show table "delete character" again
 		$show_form = false;
 		/** @var OTS_DB_MySQL $db */
 		if ($db->hasColumn('players', 'deletion'))

system/pages/account/login.php

@@ -59,6 +59,7 @@ if(!$logged && isset($_POST['account_login'], $_POST['password_login']))
 			&& (!isset($t) || $t['attempts'] < 5)
 		)
 		{
+			session_regenerate_id();
 			setSession('account', $account_logged->getId());
 			setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
 			if($remember_me) {

system/pages/account/lost.php

@@ -55,7 +55,7 @@ elseif($action == 'step1' && $action_type == 'email')
 				</TD></TR></FORM></TABLE></TABLE>';
 			else
 			{
-				$insec = $account->getCustomField('email_next') - time();
+				$insec = (int)$account->getCustomField('email_next') - time();
 				$minutesleft = floor($insec / 60);
 				$secondsleft = $insec - ($minutesleft * 60);
 				$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
@@ -95,7 +95,7 @@ elseif($action == 'sendcode')
 					<p>Account name: '.$account->getName().'</p>
 					<br />
 					To do so, please click this link:
-					<p><a href="' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'">'.BASE_URL.'/?subtopic=lostaccount&action=checkcode&code='.$newcode.'&character='.urlencode($nick).'</a></p>
+					<p><a href="' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'">' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'</a></p>
 					<p>or open page: <i>' . getLink('account/lost') . '?action=checkcode</i> and in field "code" write <b>'.$newcode.'</b></p>
 					<br/>
 						<p>If you did not request a password change, you may ignore this message and your password will remain unchanged.';
@@ -118,7 +118,7 @@ elseif($action == 'sendcode')
 			}
 			else
 			{
-				$insec = $account->getCustomField('email_next') - time();
+				$insec = (int)$account->getCustomField('email_next') - time();
 				$minutesleft = floor($insec / 60);
 				$secondsleft = $insec - ($minutesleft * 60);
 				$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
@@ -172,7 +172,7 @@ elseif($action == 'step1' && $action_type == 'reckey')
 	else
 		echo 'Invalid player name format. If you have other characters on account try with other name.';
 	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<a href="?subtopic=lostaccount" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
+				<a href="' . getLink('account/lost') . '" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'step2')
@@ -232,7 +232,7 @@ elseif($action == 'step2')
 					}
 					</script>';
 					echo 'Set new password and e-mail to your account.<BR>
-					<FORM ACTION="?subtopic=lostaccount&action=step3" onsubmit="return validate_form(this)" METHOD=post>
+					<FORM ACTION="' . getLink('account/lost') . '?action=step3" onsubmit="return validate_form(this)" METHOD=post>
 					<INPUT TYPE=hidden NAME="character" VALUE="">
 					<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 					<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter new password and e-mail</B></TD></TR>
@@ -261,7 +261,7 @@ elseif($action == 'step2')
 	else
 		echo 'Invalid player name format. If you have other characters on account try with other name.';
 	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<a href="?subtopic=lostaccount&action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
+				<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'step3')
@@ -304,7 +304,7 @@ elseif($action == 'step3')
 								$account->setCustomField('salt', $salt);
 
 							echo 'Your account name, new password and new e-mail.<BR>
-							<FORM ACTION="?subtopic=accountmanagement" onsubmit="return validate_form(this)" METHOD=post>
+							<FORM ACTION="' . getLink('account/manage') . '" onsubmit="return validate_form(this)" METHOD=post>
 							<INPUT TYPE=hidden NAME="character" VALUE="">
 							<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 							<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Your account name, new password and new e-mail</B></TD></TR>
@@ -361,7 +361,7 @@ elseif($action == 'step3')
 	else
 		echo 'Invalid player name format. If you have other characters on account try with other name.';
 	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<a href="?subtopic=lostaccount&action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
+				<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'checkcode')
@@ -370,7 +370,7 @@ elseif($action == 'checkcode')
 	$character = stripslashes(trim($_REQUEST['character']));
 	if(empty($code) || empty($character))
 		echo 'Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
+				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
 				<TR><TD BGCOLOR="'.$config['darkborder'].'">
@@ -418,7 +418,7 @@ elseif($action == 'checkcode')
 				}
 				</script>
 				Please enter new password to your account and repeat to make sure you remember password.<BR>
-				<FORM ACTION="?subtopic=lostaccount&action=setnewpassword" onsubmit="return validate_form(this)" METHOD=post>
+				<FORM ACTION="' . getLink('account/lost') . '?action=setnewpassword" onsubmit="return validate_form(this)" METHOD=post>
 				<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
 				<INPUT TYPE=hidden NAME="code" VALUE="'.$code.'">
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
@@ -441,7 +441,7 @@ elseif($action == 'checkcode')
 	}
 	if(!empty($error))
 				echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
+				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
 				<TR><TD BGCOLOR="'.$config['darkborder'].'">
@@ -462,7 +462,7 @@ elseif($action == 'setnewpassword')
 	echo '';
 	if(empty($code) || empty($character) || empty($newpassword))
 		echo '<span style="color: red"><b>Error. Try again.</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<BR><FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
+				<BR><FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				<INPUT TYPE=image NAME="Back" ALT="Back" SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
 				</TD></TR></FORM></TABLE></TABLE>';
@@ -518,7 +518,7 @@ elseif($action == 'setnewpassword')
 				</TABLE>
 				<BR>
 				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				<FORM ACTION="?subtopic=accountmanagement" METHOD=post>
+				<FORM ACTION="' . getLink('account/manage') . '" METHOD=post>
 				<INPUT TYPE=image NAME="Login" ALT="Login" SRC="'.$template_path.'/images/global/buttons/sbutton_login.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 				}
@@ -533,7 +533,7 @@ elseif($action == 'setnewpassword')
 	}
 	if(!empty($error))
 				echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
-				<FORM ACTION="?subtopic=lostaccount&action=checkcode" METHOD=post>
+				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
 				<TR><TD BGCOLOR="'.$config['darkborder'].'">

system/pages/account/manage.php

@@ -18,6 +18,16 @@ if(!$logged) {
 	return;
 }
 
+if(isset($_REQUEST['redirect']))
+{
+	$redirect = urldecode($_REQUEST['redirect']);
+
+	$twig->display('account.redirect.html.twig', array(
+		'redirect' => $redirect
+	));
+	return;
+}
+
 $groups = new OTS_Groups_List();
 
 $freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS;

system/pages/bans.php

@@ -27,7 +27,7 @@ $configBans = [];
 $configBans['hasType'] = false;
 $configBans['hasReason'] = false;
 
-$limit = 'LIMIT ' . ($configBansPerPage + 1) . (isset($offset) ? ' OFFSET ' . $offset : '');
+$limit = 'LIMIT ' . ($configBansPerPage + 1) . ' OFFSET ' . $offset;
 if ($db->hasTable('account_bans')) {
 	$bansQuery = $db->query('SELECT * FROM `account_bans` ORDER BY `banned_at` DESC ' . $limit);
 }

system/pages/bugtracker.php

@@ -1,370 +0,0 @@
-<?php
-/**
- * Bug tracker
- *
- * @package   MyAAC
- * @author    Gesior <jerzyskalski@wp.pl>
- * @author    Slawkens <slawkens@gmail.com>
- * @copyright 2019 MyAAC
- * @link      https://my-aac.org
- */
-
-use MyAAC\Models\BugTracker;
-
-defined('MYAAC') or die('Direct access not allowed!');
-$title = 'Bug tracker';
-
-if(!$logged)
-{
-	echo  'You are not logged in. <a href="?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=bugtracker') . '">Log in</a> to post on the bug tracker.<br /><br />';
-	return;
-}
-
-$showed = $post = $reply = false;
-    // type (1 = question; 2 = answer)
-    // status (1 = open; 2 = new message; 3 = closed;)
-
-    $dark = $config['darkborder'];
-    $light = $config['lightborder'];
-
-    $tags = array(1 => "[MAP]", "[WEBSITE]", "[CLIENT]", "[MONSTER]", "[NPC]", "[OTHER]");
-
-    if(admin() and isset($_REQUEST['control']) && $_REQUEST['control'] == "true")
-    {
-        if(empty($_REQUEST['id']) and empty($_REQUEST['acc']) or !is_numeric($_REQUEST['acc']) or !is_numeric($_REQUEST['id']) )
-            $bug[1] = BugTracker::where('type', 1)->orderByDesc('uid')->get()->toArray();
-
-        if(!empty($_REQUEST['id']) and is_numeric($_REQUEST['id']) and !empty($_REQUEST['acc']) and is_numeric($_REQUEST['acc']))
-			$bug[2] = BugTracker::where('type', 1)->where('account', $_REQUEST['acc'])->where('id', $_REQUEST['id'])->get()->toArray();
-
-        if(!empty($_REQUEST['id']) and is_numeric($_REQUEST['id']) and !empty($_REQUEST['acc']) and is_numeric($_REQUEST['acc']))
-        {
-            if(!empty($_REQUEST['reply']))
-                $reply=true;
-
-            $account = new OTS_Account();
-            $account->load($_REQUEST['acc']);
-            $account->isLoaded();
-            $players = $account->getPlayersList();
-
-            if(!$reply)
-            {
-                if($bug[2]['status'] == 2)
-                    $value = '<span style="color: green">[OPEN]</span>';
-                elseif($bug[2]['status'] == 3)
-                    $value = '<span style="color: red">[CLOSED]</span>';
-                elseif($bug[2]['status'] == 1)
-                    $value = '<span style="color: blue">[NEW ANSWER]</span>';
-
-                echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 CLASS=white><B>Bug Tracker</B></TD></TR>';
-                echo '<TR BGCOLOR="'.$dark.'"><td width=40%><i><b>Subject</b></i></td><td>'.$tags[$bug[2]['tag']].' '.$bug[2]['subject'].' '.$value.'</td></tr>';
-                echo '<TR BGCOLOR="'.$light.'"><td><i><b>Posted by</b></i></td><td>';
-
-                foreach($players as $player)
-                {
-                    echo ''.$player->getName().'<br>';
-                }
-
-                echo '</td></tr>';
-                echo '<TR BGCOLOR="'.$dark.'"><td colspan=2><i><b>Description</b></i></td></tr>';
-                echo '<TR BGCOLOR="'.$light.'"><td colspan=2>'.nl2br($bug[2]['text']).'</td></tr>';
-                echo '</TABLE>';
-
-                $answers = BugTracker::where('account', $_REQUEST['acc'])->where('id', $_REQUEST['id'])->where('type', 2)->orderBy('reply')->get()->toArray();
-                foreach($answers as $answer)
-                {
-                    if($answer['who'] == 1)
-                        $who = '<span style="color: red">[ADMIN]</span>';
-                    else
-                        $who = '<span style="color: green">[PLAYER]</span>';
-
-                    echo '<br><TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 CLASS=white><B>Answer #'.$answer['reply'].'</B></TD></TR>';
-                    echo '<TR BGCOLOR="'.$dark.'"><td width=70%><i><b>Posted by</b></i></td><td>'.$who.'</td></tr>';
-                    echo '<TR BGCOLOR="'.$light.'"><td colspan=2><i><b>Description</b></i></td></tr>';
-                    echo '<TR BGCOLOR="'.$dark.'"><td colspan=2>'.nl2br($answer['text']).'</td></tr>';
-                    echo '</TABLE>';
-                }
-                if($bug[2]['status'] != 3)
-                    echo '<br><a href="?subtopic=bugtracker&control=true&id='.$_REQUEST['id'].'&acc='.$_REQUEST['acc'].'&reply=true"><b>[REPLY]</b></a>';
-            }
-            else
-            {
-                if($bug[2]['status'] != 3)
-                {
-                    $reply = BugTracker::where('account', $_REQUEST['acc'])->where('id', $_REQUEST['id'])->where('type', 2)->max('reply');
-                    $reply = $reply + 1;
-                    $iswho =  BugTracker::where('account', $_REQUEST['acc'])->where('id', $_REQUEST['id'])->where('type', 2)->orderByDesc('reply')->first()->toArray();
-
-                    if(isset($_POST['finish']))
-                    {
-                        if(empty($_POST['text']))
-                            $error[] = '<span style="color: black"><b>Description cannot be empty.</b></span>';
-                        if($iswho['who'] == 1)
-                            $error[] = '<span style="color: black"><b>You must wait for User answer.</b></span>';
-                        if(empty($_POST['status']))
-                            $error[] = '<span style="color: black"><b>Status cannot be empty.</b></span>';
-
-                        if(!empty($error))
-                        {
-                            foreach($error as $errors)
-                                echo ''.$errors.'<br>';
-                        }
-                        else
-                        {
-                            $type = 2;
-                            $INSERT =  BugTracker::create([
-								'account' => $_REQUEST['aac'],
-								'id' => $_REQUEST['id'],
-								'text' => $_POST['text'],
-								'reply' => $reply,
-								'type' => $type,
-								'who' => 1,
-							]);
-                            $UPDATE = Bugtracker::where('id', $_REQUEST['id'])->where('account', $_REQUEST['acc'])->update([
-								'status' => $_POST['status']
-							]);
-                            header('Location: ?subtopic=bugtracker&control=true&id='.$_REQUEST['id'].'&acc='.$_REQUEST['acc'].'');
-                        }
-                    }
-                    echo '<br><form method="post" action=""><table><tr><td><i>Description</i></td><td><textarea name="text" rows="15" cols="35"></textarea></td></tr><tr><td>Status[OPEN]</td><td><input type=radio name=status value=2></td></tr><tr><td>Status[CLOSED]</td><td><input type=radio name=status value=3></td></tr></table><br><input type="submit" name="finish" value="Submit" class="input2"/></form>';
-                }
-                else
-                {
-                    echo '<br><span style="color: black"><b>You can\'t add answer to closed bug thread.</b></span>';
-                }
-            }
-
-            $post=true;
-        }
-        if(!$post)
-        {
-            echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD colspan=2 CLASS=white><B>Bug Tracker Admin</B></TD></TR>';
-            $i=1;
-            foreach($bug[1] as $report)
-            {
-                if($report['status'] == 2)
-                    $value = '<span style="color: green">[OPEN]</span>';
-                elseif($report['status'] == 3)
-                    $value = '<span style="color: red">[CLOSED]</span>';
-                elseif($report['status'] == 1)
-                    $value = '<span style="color: blue">[NEW ANSWER]</span>';
-
-                echo '<TR BGCOLOR="' . getStyle($i) . '"><td width=75%><a href="?subtopic=bugtracker&control=true&id='.$report['id'].'&acc='.$report['account'].'">'.$tags[$report['tag']].' '.$report['subject'].'</a></td><td>'.$value.'</td></tr>';
-
-                $showed=true;
-                $i++;
-            }
-            echo '</TABLE>';
-        }
-    }
-    else
-    {
-        $acc = $account_logged->getId();
-        $account_players = $account_logged->getPlayersList();
-
-        foreach($account_players as $player)
-        {
-            $allow=true;
-        }
-
-        if(!empty($_REQUEST['id']))
-            $id = addslashes(htmlspecialchars(trim($_REQUEST['id'])));
-
-        if(empty($_REQUEST['id']))
-            $bug[1] = BugTracker::where('account', $account_logged->getId())->where('type', 1)->orderBy('id')->get()->toArray();
-
-        if(!empty($_REQUEST['id']) and is_numeric($_REQUEST['id']))
-            $bug[2] = BugTracker::where('account', $account_logged->getId())->where('type', 1)->where('id', $id)->get()->toArray();
-        else
-            $bug[2] = NULL;
-
-        if(!empty($_REQUEST['id']) and $bug[2] != NULL)
-        {
-            if(!empty($_REQUEST['reply']))
-                $reply=true;
-
-            if(!$reply)
-            {
-                if($bug[2]['status'] == 1)
-                    $value = '<span style="color: green">[OPEN]</span>';
-                elseif($bug[2]['status'] == 2)
-                    $value = '<span style="color: blue">[NEW ANSWER]</span>';
-                elseif($bug[2]['status'] == 3)
-                    $value = '<span style="color: red">[CLOSED]</span>';
-
-                echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 CLASS=white><B>Bug Tracker</B></TD></TR>';
-                echo '<TR BGCOLOR="'.$dark.'"><td width=40%><i><b>Subject</b></i></td><td>'.$tags[$bug[2]['tag']].' '.$bug[2]['subject'].' '.$value.'</td></tr>';
-                echo '<TR BGCOLOR="'.$light.'"><td colspan=2><i><b>Description</b></i></td></tr>';
-                echo '<TR BGCOLOR="'.$dark.'"><td colspan=2>'.nl2br($bug[2]['text']).'</td></tr>';
-                echo '</TABLE>';
-
-                $answers = Bugtracker::where('account', $account_logged->getId())->where('id', $id)->where('type', 2)->orderBy('reply')->get()->toArray();
-                foreach($answers as $answer)
-                {
-                    if($answer['who'] == 1)
-                        $who = '<span style="color: red">[ADMIN]</span>';
-                    else
-                        $who = '<span style="color: green">[YOU]</span>';
-
-                    echo '<br><TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD COLSPAN=2 CLASS=white><B>Answer #'.$answer['reply'].'</B></TD></TR>';
-                    echo '<TR BGCOLOR="'.$dark.'"><td width=70%><i><b>Posted by</b></i></td><td>'.$who.'</td></tr>';
-                    echo '<TR BGCOLOR="'.$light.'"><td colspan=2><i><b>Description</b></i></td></tr>';
-                    echo '<TR BGCOLOR="'.$dark.'"><td colspan=2>'.nl2br($answer['text']).'</td></tr>';
-                    echo '</TABLE>';
-                }
-                if($bug[2]['status'] != 3)
-                    echo '<br><a href="?subtopic=bugtracker&id='.$id.'&reply=true"><b>[REPLY]</b></a>';
-            }
-            else
-            {
-                if($bug[2]['status'] != 3)
-                {
-                    $reply = BugTracker::where('account', $aac)->where('id', $id)->where('type', 2)->max('reply');
-                    $reply = $reply + 1;
-                    $iswho = BugTracker::where('account', $acc)->where('id', $id)->where('type', 2)->orderByDesc('reply')->first()->toArray();
-
-                    if(isset($_POST['finish']))
-                    {
-                        if(empty($_POST['text']))
-                            $error[] = '<span style="color: black"><b>Description cannot be empty.</b></span>';
-                        if($iswho['who'] == 0)
-                            $error[] = '<span style="color: black"><b>You must wait for Administrator answer.</b></span>';
-                        if(!$allow)
-                            $error[] = '<span style="color: black"><b>You haven\'t any characters on account.</b></span>';
-
-                        if(!empty($error))
-                        {
-                            foreach($error as $errors)
-                                echo ''.$errors.'<br>';
-                        }
-                        else
-                        {
-                            $type = 2;
-                            $INSERT = BugTracker::create([
-								'account' => $acc,
-								'id' => $id,
-								'text' => $_POST['text'],
-								'reply' => $reply,
-								'type' => $type
-							]);
-                            $UPDATE = BugTracker::where('id', $id)->where('account', $acc)->update([
-								'status' => 1
-							]);
-                            header('Location: ?subtopic=bugtracker&id='.$id.'');
-                        }
-                    }
-                    echo '<br><form method="post" action=""><table><tr><td><i>Description</i></td><td><textarea name="text" rows="15" cols="35"></textarea></td></tr></table><br><input type="submit" name="finish" value="Submit" class="input2"/></form>';
-                }
-                else
-                {
-                    echo '<br><span style="color: black"><b>You can\'t add answer to closed bug thread.</b></span>';
-                }
-            }
-
-            $post=true;
-        }
-        elseif(!empty($_REQUEST['id']) and $bug[2] == NULL)
-        {
-            echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD CLASS=white><B>Bug Tracker</B></TD></TR>';
-            echo '<TR BGCOLOR="'.$dark.'"><td><i>Bug doesn\'t exist.</i></td></tr>';
-            echo '</TABLE>';
-            $post=true;
-        }
-
-        if(!$post)
-        {
-            if(!isset($_REQUEST['add']) || $_REQUEST['add'] != TRUE)
-            {
-                echo '<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=4 WIDTH=100%><TR BGCOLOR='.$config['vdarkborder'].'><TD colspan=2 CLASS=white><B>Bug Tracker</B></TD></TR>';
-                foreach($bug[1] as $report)
-                {
-                    if($report['status'] == 1)
-                        $value = '<span style="color: green">[OPEN]</span>';
-                    elseif($report['status'] == 2)
-                        $value = '<span style="color: blue">[NEW ANSWER]</span>';
-                    elseif($report['status'] == 3)
-                        $value = '<span style="color: red">[CLOSED]</span>';
-
-                    if(is_int($report['id'] / 2))
-                    {
-                        $bgcolor = $dark;
-                    }
-                    else
-                    {
-                        $bgcolor = $light;
-                    }
-
-                    echo '<TR BGCOLOR="'.$bgcolor.'"><td width=75%><a href="?subtopic=bugtracker&id='.$report['id'].'">'.$tags[$report['tag']].' '.$report['subject'].'</a></td><td>'.$value.'</td></tr>';
-
-                    $showed=true;
-                }
-
-                if(!$showed)
-                {
-                    echo '<TR BGCOLOR="'.$dark.'"><td><i>You don\'t have reported any bugs.</i></td></tr>';
-                }
-                echo '</TABLE>';
-
-                echo '<br><a href="?subtopic=bugtracker&add=true"><b>[ADD REPORT]</b></a>';
-            }
-            elseif(isset($_REQUEST['add']) && $_REQUEST['add'] == TRUE)
-            {
-                $thread = BugTracker::where('account', $acc)->where('type', 1)->orderByDesc('id')->get()->toArray();
-                $id_next = BugTracker::where('account', $acc)->where('type', 1)->max('id');
-                $id_next = $id_next + 1;
-
-                if(empty($thread))
-                    $thread['status'] = 3;
-
-                if(isset($_POST['submit']))
-                {
-                    if($thread['status'] != 3)
-                        $error[] = '<span style="color: black"><b>Can be only 1 open bug thread.</b></span>';
-                    if(empty($_POST['subject']))
-                        $error[] = '<span style="color: black"><b>Subject cannot be empty.</b></span>';
-                    if(empty($_POST['text']))
-                        $error[] = '<span style="color: black"><b>Description cannot be empty.</b></span>';
-                    if(!$allow)
-                        $error[] = '<span style="color: black"><b>You haven\'t any characters on account.</b></span>';
-                    if(empty($_POST['tags']))
-                        $error[] = '<span style="color: black"><b>Tag cannot be empty.</b></span>';
-
-                    if(!empty($error))
-                    {
-                        foreach($error as $errors)
-                            echo ''.$errors.'<br>';
-                    }
-                    else
-                    {
-                        $type = 1;
-                        $status = 1;
-                        $INSERT = BugTracker::create([
-							'account' => $acc,
-							'id' => $id_next,
-							'text' => $_POST['text'],
-							'type' => $type,
-							'subject' => $_POST['subject'],
-							'reply' => 0,
-							'status' => $status,
-							'tag' => $_POST['tags']
-						]);
-                        header('Location: ?subtopic=bugtracker&id='.$id_next.'');
-                    }
-
-                }
-                echo '<br><form method="post" action=""><table><tr><td><i>Subject</i></td><td><input type=text name="subject"/></td></tr><tr><td><i>Description</i></td><td><textarea name="text" rows="15" cols="35"></textarea></td></tr><tr><td>TAG</td><td><select name="tags"><option value="">SELECT</option>';
-
-                for($i = 1; $i <= count($tags); $i++)
-                {
-                    echo '<option value="' . $i . '">' . $tags[$i] . '</option>';
-                }
-
-                echo '</select></tr></tr></table><br><input type="submit" name="submit" value="Submit" class="input2"/></form>';
-            }
-        }
-    }
-
-    if(admin() and empty($_REQUEST['control']))
-    {
-        echo '<br><br><a href="?subtopic=bugtracker&control=true">[ADMIN PANEL]</a>';
-    }

system/pages/changelog.php

@@ -19,7 +19,7 @@ $next_page = false;
 
 $canEdit = hasFlag(FLAG_CONTENT_NEWS) || superAdmin();
 
-$changelogs = Changelog::isPublic()->orderByDesc('id')->limit($limit + 1)->offset($offset)->get()->toArray();
+$changelogs = Changelog::isPublic()->orderByDesc('date')->limit($limit + 1)->offset($offset)->get()->toArray();
 
 $i = 0;
 foreach($changelogs as $key => &$log)

system/pages/characters.php

@@ -199,7 +199,7 @@ if($player->isLoaded() && !$player->isDeleted())
 		unset($storage);
 	}
 
-	if($config['characters']['equipment'] && $db->hasTable('player_items') && $db->hasColumn('player_items', 'pid') && $db->hasColumn('player_items', 'sid') && $db->hasColumn('player_items', 'itemtype')) {
+	if($db->hasTable('player_items') && $db->hasColumn('player_items', 'pid') && $db->hasColumn('player_items', 'sid') && $db->hasColumn('player_items', 'itemtype')) {
 		$eq_sql = $db->query('SELECT `pid`, `itemtype` FROM player_items WHERE player_id = '.$player->getId().' AND (`pid` >= 1 and `pid` <= 10)');
 		$equipment = array();
 		foreach($eq_sql as $eq)
@@ -342,8 +342,8 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 		$signature_url = BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . urlencode($player->getName()) . '.png';
 	}
 
-	$hidden = $player->isHidden();
+	$hide = $player->isHidden();
-	if(!$hidden) {
+	if(!$hide) {
 		// check if account has been banned
 		$bannedUntil = '';
 		$banned = array();
@@ -363,7 +363,7 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 		$query = $db->query('SELECT `id` FROM `players` WHERE `account_id` = ' . $account->getId() . ' ORDER BY `name`')->fetchAll();
 		foreach($query as $p) {
 			$_player = new OTS_Player();
-			$fields = array('id', 'name', 'vocation', 'level', 'online', 'deleted', 'hidden');
+			$fields = array('id', 'name', 'vocation', 'level', 'online', 'deleted', 'hide');
 			$_player->load($p['id'], $fields, false);
 			if($_player->isLoaded() && !$_player->isHidden()) {
 				$account_players[] = $_player;
@@ -404,7 +404,8 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 		'frags' => $frags,
 		'signature_url' => isset($signature_url) ? $signature_url : null,
 		'player_link' => getPlayerLink($player->getName(), false),
-		'hidden' => $hidden,
+		'hide' => $hide,
+		'hidden' => $hide,
 		'bannedUntil' => isset($bannedUntil) ? $bannedUntil : null,
 		'account_players' => isset($account_players) ? $account_players : null,
 		'search_form' => generate_search_form(),

system/pages/creatures.php

@@ -1,86 +1,3 @@
 <?php
-/**
- * Creatures
- *
- * @package   MyAAC
- * @author    Gesior <jerzyskalski@wp.pl>
- * @author    Slawkens <slawkens@gmail.com>
- * @author    Lee
- * @copyright 2020 MyAAC
- * @link      https://my-aac.org
- */
 
-use MyAAC\Models\Monster;
+require 'monsters.php';
-
-defined('MYAAC') or die('Direct access not allowed!');
-$title = 'Creatures';
-
-if (empty($_REQUEST['name'])) {
-	// display list of monsters
-	$preview = setting('core.monsters_images_preview');
-	$creatures = Monster::where('hidden', '!=', 1)->when(!empty($_REQUEST['boss']), function ($query) {
-		$query->where('rewardboss', 1);
-	})->get()->toArray();
-
-	if ($preview) {
-		foreach($creatures as $key => &$creature)
-		{
-			$creature['img_link'] = getCreatureImgPath($creature['name']);
-		}
-	}
-
-	$twig->display('creatures.html.twig', array(
-		'creatures' => $creatures,
-		'preview' => $preview
-	));
-
-	return;
-}
-
-// display monster
-$creature_name = urldecode(stripslashes(ucwords(strtolower($_REQUEST['name']))));
-$creature = Monster::where('hidden', '!=', 1)->where('name', $creature_name)->first()->toArray();
-
-if (isset($creature['name'])) {
-	function sort_by_chance($a, $b)
-	{
-		if ($a['chance'] == $b['chance']) {
-			return 0;
-		}
-		return ($a['chance'] > $b['chance']) ? -1 : 1;
-	}
-
-	$title = $creature['name'] . " - Creatures";
-
-	$creature['img_link']= getCreatureImgPath($creature_name);
-
-	$voices = json_decode($creature['voices'], true);
-	$summons = json_decode($creature['summons'], true);
-	$elements = json_decode($creature['elements'], true);
-	$immunities = json_decode($creature['immunities'], true);
-	$loot = json_decode($creature['loot'], true);
-	usort($loot, 'sort_by_chance');
-
-	foreach ($loot as &$item) {
-		$item['name'] = getItemNameById($item['id']);
-		$item['rarity_chance'] = round($item['chance'] / 1000, 2);
-		$item['rarity'] = getItemRarity($item['chance']);
-		$item['tooltip'] = ucfirst($item['name']) . '<br/>Chance: ' . $item['rarity'] . (setting('core.monsters_loot_percentage') ? ' ('. $item['rarity_chance'] .'%)' : '') . '<br/>Max count: ' . $item['count'];
-	}
-
-	$creature['loot'] = isset($loot) ? $loot : null;
-	$creature['voices'] = isset($voices) ? $voices : null;
-	$creature['summons'] = isset($summons) ? $summons : null;
-	$creature['elements'] = isset($elements) ? $elements : null;
-	$creature['immunities'] = isset($immunities) ? $immunities : null;
-
-	$twig->display('creature.html.twig', array(
-		'creature' => $creature,
-	));
-
-} else {
-	echo "Creature with name <b>" . $creature_name . "</b> doesn't exist.";
-}
-
-// back button
-$twig->display('creatures.back_button.html.twig');

system/pages/faq.php

@@ -49,7 +49,7 @@ if($canEdit)
 			}
 		}
 		else if($action == 'hide') {
-			FAQ::toggleHidden($id, $errors);
+			FAQ::toggleHide($id, $errors);
 		}
 		else if($action == 'moveup') {
 			FAQ::move($id, -1, $errors);
@@ -72,11 +72,11 @@ if($canEdit)
 }
 
 $faqs = ModelsFAQ::select('id', 'question', 'answer')->when(!$canEdit, function ($query) {
-	$query->where('hidden', '!=', 1);
+	$query->where('hide', '!=', 1);
 })->orderBy('ordering');
 
 if ($canEdit) {
-	$faqs->addSelect(['hidden', 'ordering']);
+	$faqs->addSelect(['hide', 'ordering']);
 }
 
 $faqs = $faqs->get()->toArray();
@@ -146,15 +146,15 @@ class FAQ
 		return !count($errors);
 	}
 
-	static public function toggleHidden($id, &$errors)
+	static public function toggleHide($id, &$errors)
 	{
 		if(isset($id))
 		{
 			$row = ModelsFAQ::find($id);
 			if ($row) {
-				$row->hidden = ($row->hidden == 1 ? 0 : 1);
+				$row->hide = ($row->hide == 1 ? 0 : 1);
 				if (!$row->save()) {
-					$errors[] = 'Fail during toggle hidden FAQ.';
+					$errors[] = 'Fail during toggle hide FAQ.';
 				}
 			} else {
 				$errors[] = 'FAQ with id ' . $id . ' does not exists.';

system/pages/forum.php

@@ -8,6 +8,9 @@
  * @copyright 2021 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Forum;
+
 defined('MYAAC') or exit;
 
 $ret = require __DIR__ . '/forum/base.php';
@@ -50,7 +53,7 @@ foreach($sections as $id => $section)
 			'link' => getForumBoardLink($id),
 			'name' => $section['name'],
 			'description' => $section['description'],
-			'hidden' => $section['hidden'],
+			'hide' => $section['hide'],
 			'posts' => isset($counters[$id]['posts']) ? $counters[$id]['posts'] : 0,
 			'threads' => isset($counters[$id]['threads']) ? $counters[$id]['threads'] : 0,
 			'last_post' => array(

system/pages/forum/admin.php

@@ -8,13 +8,28 @@
  * @copyright 2021 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Forum;
+
 defined('MYAAC') or exit('Direct access not allowed!');
 
-$canEdit = Forum::isModerator();
+if(!$canEdit) {
-if($canEdit) {
+	return;
-	$groups = new OTS_Groups_List();
+}
 
-	if(!empty($action)) {
+$groupsList = new OTS_Groups_List();
+$groups = [
+	['id' => 0, 'name' => 'Guest'],
+];
+
+foreach ($groupsList as $group) {
+	$groups[] = [
+		'id' => $group->getId(),
+		'name' => $group->getName()
+	];
+}
+
+if(!empty($action)) {
 	if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board')
 		$id = $_REQUEST['id'];
 
@@ -39,10 +54,12 @@ if($canEdit) {
 	if($action == 'add_board') {
 		if(Forum::add_board($name, $description, $access, $guild, $errors)) {
 			$action = $name = $description = '';
+			header('Location: ' . getLink('forum'));
 		}
 	}
 	else if($action == 'delete_board') {
 		Forum::delete_board($id, $errors);
+		header('Location: ' . getLink('forum'));
 		$action = '';
 	}
 	else if($action == 'edit_board')
@@ -56,20 +73,24 @@ if($canEdit) {
 		}
 		else {
 			Forum::update_board($id, $name, $access, $guild, $description);
+			header('Location: ' . getLink('forum'));
 			$action = $name = $description = '';
 			$access = $guild = 0;
 		}
 	}
 	else if($action == 'hide_board') {
-			Forum::toggleHidden_board($id, $errors);
+		Forum::toggleHide_board($id, $errors);
+		header('Location: ' . getLink('forum'));
 		$action = '';
 	}
 	else if($action == 'moveup_board') {
 		Forum::move_board($id, -1, $errors);
+		header('Location: ' . getLink('forum'));
 		$action = '';
 	}
 	else if($action == 'movedown_board') {
 		Forum::move_board($id, 1, $errors);
+		header('Location: ' . getLink('forum'));
 		$action = '';
 	}
 
@@ -77,23 +98,22 @@ if($canEdit) {
 		$twig->display('error_box.html.twig', array('errors' => $errors));
 		$action = '';
 	}
-	}
+}
 
-	if(empty($action) || $action == 'edit_board') {
+if(empty($action) || $action == 'edit_board') {
 	$guilds = $db->query('SELECT `id`, `name` FROM `guilds`')->fetchAll();
 	$twig->display('forum.add_board.html.twig', array(
 		'link' => getLink('forum', ($action == 'edit_board' ? 'edit_board' : 'add_board')),
 		'action' => $action,
-			'id' => isset($id) ? $id : null,
+		'id' => $id ?? null,
-			'name' => isset($name) ? $name : null,
+		'name' => $name ?? null,
-			'description' => isset($description) ? $description : null,
+		'description' => $description ?? null,
-			'access' => isset($access) ? $access : 0,
+		'access' => $access ?? 0,
-			'guild' => isset($guild) ? $guild : null,
+		'guild' => $guild ?? null,
 		'groups' => $groups,
 		'guilds' => $guilds
 	));
 
 	if($action == 'edit_board')
 		$action = '';
-	}
 }

system/pages/forum/base.php

@@ -8,10 +8,13 @@
  * @copyright 2021 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Forum;
+
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Forum';
 
-require_once LIBS . 'forum.php';
+class_exists('MyAAC\Forum');
 
 $forumSetting = setting('core.forum');
 if(strtolower($forumSetting) != 'site') {
@@ -24,10 +27,7 @@ if(strtolower($forumSetting) != 'site') {
 	return false;
 }
 
-if(!$logged) {
+$canEdit = Forum::isModerator();
-	echo 'You are not logged in. <a href="?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum') . '">Log in</a> to post on the forum.<br /><br />';
-	return false;
-}
 
 $sections = array();
 foreach(getForumBoards() as $section) {
@@ -41,10 +41,10 @@ foreach(getForumBoards() as $section) {
 	);
 
 	if($canEdit) {
-		$sections[$section['id']]['hidden'] = $section['hidden'];
+		$sections[$section['id']]['hide'] = $section['hide'];
 	}
 	else {
-		$sections[$section['id']]['hidden'] = 0;
+		$sections[$section['id']]['hide'] = 0;
 	}
 }
 

system/pages/forum/edit_post.php

@@ -8,6 +8,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Forum;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 $ret = require __DIR__ . '/base.php';
@@ -15,6 +18,11 @@ if ($ret === false) {
 	return;
 }
 
+if(!$logged) {
+	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
+	return;
+}
+
 if(Forum::canPost($account_logged))
 {
 	$post_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : false;
@@ -40,6 +48,10 @@ if(Forum::canPost($account_logged))
 				$smile = isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0;
 				$html = isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0;
 
+				if (!superAdmin()) {
+					$html = 0;
+				}
+
 				$length = strlen($post_topic);
 				if(($length < 1 || $length > 60) && $thread['id'] == $thread['first_post']) {
 					$errors[] = "Too short or too long topic (Length: $length letters). Minimum 1 letter, maximum 60 letters.";

system/pages/forum/move_thread.php

@@ -8,6 +8,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Forum;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 $ret = require __DIR__ . '/base.php';
@@ -15,6 +18,11 @@ if ($ret === false) {
 	return;
 }
 
+if(!$logged) {
+	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
+	return;
+}
+
 if(!Forum::isModerator()) {
 	echo 'You are not logged in or you are not moderator.';
 }

system/pages/forum/new_post.php

@@ -8,6 +8,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Forum;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 $ret = require __DIR__ . '/base.php';
@@ -18,10 +21,10 @@ if ($ret === false) {
 if(!$logged) {
 	$extra_url = '';
 	if(isset($_GET['thread_id'])) {
-		$extra_url = '&action=new_post&thread_id=' . $_GET['thread_id'];
+		$extra_url = '?action=new_post&thread_id=' . $_GET['thread_id'];
 	}
 
-	header('Location: ' . BASE_URL . '?subtopic=accountmanagement&redirect=' . BASE_URL . urlencode('?subtopic=forum' . $extra_url));
+	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
 	return;
 }
 
@@ -47,6 +50,10 @@ if(Forum::canPost($account_logged)) {
 		$html = (int)($_REQUEST['html'] ?? 0);
 		$saved = false;
 
+		if (!superAdmin()) {
+			$html = 0;
+		}
+
 		if(isset($_REQUEST['quote'])) {
 			$quoted_post = $db->query("SELECT `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`id` = ".(int) $quote)->fetchAll();
 			if(isset($quoted_post[0]['name'])) {

system/pages/forum/new_thread.php

@@ -8,6 +8,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Forum;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 $ret = require __DIR__ . '/base.php';
@@ -15,6 +18,16 @@ if ($ret === false) {
 	return;
 }
 
+if(!$logged) {
+	$extra_url = '';
+	if(isset($_GET['section_id'])) {
+		$extra_url = '?action=new_thread&section_id=' . $_GET['section_id'];
+	}
+
+	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
+	return;
+}
+
 if(Forum::canPost($account_logged)) {
 	$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
 	$section_id = $_REQUEST['section_id'] ?? null;
@@ -31,6 +44,11 @@ if(Forum::canPost($account_logged)) {
 			$post_topic = isset($_REQUEST['topic']) ? stripslashes($_REQUEST['topic']) : '';
 			$smile = (isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0);
 			$html = (isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0);
+
+			if (!superAdmin()) {
+				$html = 0;
+			}
+
 			$saved = false;
 			if (isset($_REQUEST['save'])) {
 				$length = strlen($post_topic);

system/pages/forum/remove_post.php

@@ -8,6 +8,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Forum;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 $ret = require __DIR__ . '/base.php';
@@ -15,6 +18,11 @@ if ($ret === false) {
 	return;
 }
 
+if(!$logged) {
+	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
+	return;
+}
+
 if(Forum::isModerator()) {
 	$id = (int) $_REQUEST['id'];
 	$post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$id." LIMIT 1")->fetch();

system/pages/forum/show_board.php

@@ -8,6 +8,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Forum;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 $ret = require __DIR__ . '/base.php';
@@ -43,7 +46,7 @@ echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.$sections[$section_i
 
 if(!$sections[$section_id]['closed'] || Forum::isModerator()) {
 	echo '<br /><br />
-		<a href="?subtopic=forum&action=new_thread&section_id='.$section_id.'"><img src="images/forum/topic.gif" border="0" /></a>';
+		<a href="' . getLink('forum') . '?action=new_thread&section_id='.$section_id.'"><img src="images/forum/topic.gif" border="0" /></a>';
 }
 
 echo '<br /><br />Page: '.$links_to_pages.'<br />';
@@ -64,8 +67,8 @@ if(isset($last_threads[0])) {
 	foreach($last_threads as $thread) {
 		echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td>';
 		if(Forum::isModerator()) {
-			echo '<a href="?subtopic=forum&action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
+			echo '<a href="' . getLink('forum') . '?action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
-			echo '<a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.$thread['post_topic'].' <?\')"><span style="color: red">[REMOVE]</span></a>  ';
+			echo '<a href="' . getLink('forum') . '?action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.$thread['post_topic'].' <?\')"><span style="color: red">[REMOVE]</span></a>  ';
 		}
 
 		$player->load($thread['player_id']);
@@ -92,7 +95,7 @@ if(isset($last_threads[0])) {
 
 	echo '</table>';
 	if(!$sections[$section_id]['closed'] || Forum::isModerator()) {
-		echo '<br /><a href="?subtopic=forum&action=new_thread&section_id=' . $section_id . '"><img src="images/forum/topic.gif" border="0" /></a>';
+		echo '<br /><a href="' . getLink('forum') . '?action=new_thread&section_id=' . $section_id . '"><img src="images/forum/topic.gif" border="0" /></a>';
 	}
 }
 else {

system/pages/forum/show_thread.php

@@ -8,6 +8,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Forum;
+
 defined('MYAAC') or die('Direct access not allowed!');
 
 $ret = require __DIR__ . '/base.php';