Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-09-14 04:23:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Digitalstack:feature/highscores-customize
Branches Tags
Digitalstack:main Digitalstack:feature/2fa Digitalstack:feature/plugins-versions-check Digitalstack:0.8 Digitalstack:feature/pot-hook-filter Digitalstack:feature/highscores-customize Digitalstack:develop Digitalstack:feature/twig-hooks-filters Digitalstack:feature/app-rewrite Digitalstack:feature/account-actions-ip-rework Digitalstack:feature/docker Digitalstack:feature/refactor-account-lost Digitalstack:feature-tables-headline Digitalstack:feature/phpstan Digitalstack:feature/eloquent-db-dump Digitalstack:feature/debug-bar Digitalstack:feature/csrf Digitalstack:0.9 Digitalstack:feature/cronjob Digitalstack:feature/settings Digitalstack:feature/new-router Digitalstack:feature/recaptcha-v3-plus-login Digitalstack:0.7
Digitalstack:v1.8.1 Digitalstack:v1.8 Digitalstack:v1.7.1 Digitalstack:v1.7 Digitalstack:v1.6.1 Digitalstack:v0.8.24 Digitalstack:v1.6 Digitalstack:v1.5 Digitalstack:v0.8.23 Digitalstack:v1.4 Digitalstack:v1.3.3 Digitalstack:v1.3.2 Digitalstack:v1.3.1 Digitalstack:v1.3 Digitalstack:v1.2 Digitalstack:v1.1 Digitalstack:v0.8.22 Digitalstack:v1.0.1 Digitalstack:v1.0 Digitalstack:v0.8.21 Digitalstack:v0.8.20 Digitalstack:v0.8.19 Digitalstack:v1.0-RC Digitalstack:v0.8.18 Digitalstack:v1.0-beta Digitalstack:v0.8.17 Digitalstack:v0.8.16 Digitalstack:v0.8.15 Digitalstack:v0.8.14 Digitalstack:v0.8.13 Digitalstack:v0.8.12 Digitalstack:v0.8.11 Digitalstack:v0.9.0-alpha Digitalstack:v0.8.10 Digitalstack:v0.8.9 Digitalstack:v0.8.8 Digitalstack:v0.8.7 Digitalstack:v0.8.6 Digitalstack:v0.7.12a Digitalstack:v0.7.11 Digitalstack:v0.7.10 Digitalstack:v0.7.9 Digitalstack:v0.7.8 Digitalstack:v0.7.7 Digitalstack:v0.7.6 Digitalstack:v0.7.5 Digitalstack:v0.7.4 Digitalstack:v0.7.3 Digitalstack:v0.7.1 Digitalstack:v0.7.0 Digitalstack:v0.6.6 Digitalstack:v0.6.5 Digitalstack:v0.6.4 Digitalstack:v0.6.3 Digitalstack:v0.6.2 Digitalstack:v0.6.1 Digitalstack:v0.6.0 Digitalstack:v0.5.1 Digitalstack:v0.5.0 Digitalstack:v0.4.3 Digitalstack:v0.4.2 Digitalstack:v0.4.1 Digitalstack:v0.4.0 Digitalstack:v0.3.1 Digitalstack:v0.3.0 Digitalstack:v0.2.4 Digitalstack:v0.2.3 Digitalstack:v0.2.2 Digitalstack:v0.2.1 Digitalstack:v0.2.0 Digitalstack:v0.1.5 Digitalstack:v0.1.4 Digitalstack:v0.1.3 Digitalstack:v0.1.1 Digitalstack:v0.1.2 Digitalstack:v0.1.0 Digitalstack:v0.0.6 Digitalstack:v0.0.5 Digitalstack:v0.0.4 Digitalstack:v0.0.3 Digitalstack:v0.0.2 Digitalstack:v0.0.1
..
compare: Digitalstack:feature/2fa
Branches Tags
Digitalstack:main Digitalstack:feature/2fa Digitalstack:feature/plugins-versions-check Digitalstack:0.8 Digitalstack:feature/pot-hook-filter Digitalstack:feature/highscores-customize Digitalstack:develop Digitalstack:feature/twig-hooks-filters Digitalstack:feature/app-rewrite Digitalstack:feature/account-actions-ip-rework Digitalstack:feature/docker Digitalstack:feature/refactor-account-lost Digitalstack:feature-tables-headline Digitalstack:feature/phpstan Digitalstack:feature/eloquent-db-dump Digitalstack:feature/debug-bar Digitalstack:feature/csrf Digitalstack:0.9 Digitalstack:feature/cronjob Digitalstack:feature/settings Digitalstack:feature/new-router Digitalstack:feature/recaptcha-v3-plus-login Digitalstack:0.7
Digitalstack:v1.8.1 Digitalstack:v1.8 Digitalstack:v1.7.1 Digitalstack:v1.7 Digitalstack:v1.6.1 Digitalstack:v0.8.24 Digitalstack:v1.6 Digitalstack:v1.5 Digitalstack:v0.8.23 Digitalstack:v1.4 Digitalstack:v1.3.3 Digitalstack:v1.3.2 Digitalstack:v1.3.1 Digitalstack:v1.3 Digitalstack:v1.2 Digitalstack:v1.1 Digitalstack:v0.8.22 Digitalstack:v1.0.1 Digitalstack:v1.0 Digitalstack:v0.8.21 Digitalstack:v0.8.20 Digitalstack:v0.8.19 Digitalstack:v1.0-RC Digitalstack:v0.8.18 Digitalstack:v1.0-beta Digitalstack:v0.8.17 Digitalstack:v0.8.16 Digitalstack:v0.8.15 Digitalstack:v0.8.14 Digitalstack:v0.8.13 Digitalstack:v0.8.12 Digitalstack:v0.8.11 Digitalstack:v0.9.0-alpha Digitalstack:v0.8.10 Digitalstack:v0.8.9 Digitalstack:v0.8.8 Digitalstack:v0.8.7 Digitalstack:v0.8.6 Digitalstack:v0.7.12a Digitalstack:v0.7.11 Digitalstack:v0.7.10 Digitalstack:v0.7.9 Digitalstack:v0.7.8 Digitalstack:v0.7.7 Digitalstack:v0.7.6 Digitalstack:v0.7.5 Digitalstack:v0.7.4 Digitalstack:v0.7.3 Digitalstack:v0.7.1 Digitalstack:v0.7.0 Digitalstack:v0.6.6 Digitalstack:v0.6.5 Digitalstack:v0.6.4 Digitalstack:v0.6.3 Digitalstack:v0.6.2 Digitalstack:v0.6.1 Digitalstack:v0.6.0 Digitalstack:v0.5.1 Digitalstack:v0.5.0 Digitalstack:v0.4.3 Digitalstack:v0.4.2 Digitalstack:v0.4.1 Digitalstack:v0.4.0 Digitalstack:v0.3.1 Digitalstack:v0.3.0 Digitalstack:v0.2.4 Digitalstack:v0.2.3 Digitalstack:v0.2.2 Digitalstack:v0.2.1 Digitalstack:v0.2.0 Digitalstack:v0.1.5 Digitalstack:v0.1.4 Digitalstack:v0.1.3 Digitalstack:v0.1.1 Digitalstack:v0.1.2 Digitalstack:v0.1.0 Digitalstack:v0.0.6 Digitalstack:v0.0.5 Digitalstack:v0.0.4 Digitalstack:v0.0.3 Digitalstack:v0.0.2 Digitalstack:v0.0.1

131 Commits
feature/hi ... feature/2f

Author SHA1 Message Date
slawkens
03c7dd0002 Merge branch 'main' into feature/2fa 2025-08-12 14:36:29 +02:00
slawkens
20f99903ae Fix submenu initialization for missing elements 
Added a check in InitializeMenu to skip submenu items if their corresponding DOM element does not exist, preventing potential JavaScript errors.
 2025-08-12 12:46:39 +02:00
slawkens
b6e1620f14 Fix #318 (online.php throws error in one scenario) 2025-08-07 21:17:25 +02:00
dependabot[bot]
9cb7792623 Bump tmp from 0.2.3 to 0.2.4 (#317) 
Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.3 to 0.2.4.
- [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/raszi/node-tmp/compare/v0.2.3...v0.2.4)

---
updated-dependencies:
- dependency-name: tmp
  dependency-version: 0.2.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-07 16:21:22 +02:00
dependabot[bot]
0db908be18 Bump form-data from 4.0.2 to 4.0.4 (#315) 
Bumps [form-data](https://github.com/form-data/form-data) from 4.0.2 to 4.0.4.
- [Release notes](https://github.com/form-data/form-data/releases)
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](https://github.com/form-data/form-data/compare/v4.0.2...v4.0.4)

---
updated-dependencies:
- dependency-name: form-data
  dependency-version: 4.0.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-02 14:15:13 +02:00
slawkens
785d38312b Start 1.8.1-dev 2025-08-02 12:41:35 +02:00
slawkens
e1c04ed28e Release v1.8 2025-08-02 12:28:13 +02:00
slawkens
c836308601 pages/online: add cache, resulting in 20x performance boost 
(for an example server with 2k players)
 2025-07-31 13:28:46 +02:00
slawkens
0efe47ce71 Twig: add cache variable 2025-07-31 13:15:06 +02:00
slawkens
3b47e9df2f Cache::remember: $ttl = 0 means no cache 2025-07-31 13:02:55 +02:00
slawkens
43415cf35d Add missing $fillable into PlayerOnline model 2025-07-31 12:32:18 +02:00
slawkens
cf7fd20452 Mailer: send only to verified accounts (option) 2025-07-31 09:19:49 +02:00
slawkens
080cc2781f Fix mailer: send to email link from accounts page 2025-07-31 07:31:15 +02:00
slawkens
20d69a641c Fix exception if setting not found 2025-07-24 23:30:28 +02:00
slawkens
2d4be327b2 Fix if highscores show outfit disabled 2025-07-24 23:07:49 +02:00
slawkens
bb097b69ce Update settings.php 2025-07-22 22:06:32 +02:00
slawkens
6e5a4ff8c7 Fix if setting found in db, but not found in plugins 2025-07-22 21:49:05 +02:00
slawkens
caf326a658 Refactor to use HAS_ACCOUNT_COINS 
$db->hasColumn('accounts', 'coins') -> HAS_ACCOUNT_COINS
 2025-07-22 21:44:09 +02:00
slawkens
bccf8e056d Rewrite to use constants (account transferable coins) 2025-07-22 21:33:45 +02:00
slawkens
7d27e5a0ba New setting: Default Account Transferable Coins 2025-07-22 21:32:51 +02:00
slawkens
9b6f410459 Update phpstan.neon 2025-07-22 19:11:42 +02:00
slawkens
c06b0017f1 Update phpstan.neon 2025-07-22 19:07:58 +02:00
slawkens
d8132d4d76 Highscores revamp a bit 
* Show real rank, if 2 or more players have the same skill, show them with same rank
* New setting: highscores_online_status
* Additional fields passed to twig: updatedAt, totalResults, page, baseLink
 2025-07-22 18:18:29 +02:00
slawkens
1566deb84a Add getExperienceForLevel (level) 2025-07-19 15:46:51 +02:00
slawkens
536b29be95 That is duplicated 2025-07-19 15:11:09 +02:00
slawkens
5271633bdb Account -> isPremium -> ignore config.freePremium 2025-07-19 15:00:17 +02:00
slawkens
ce5b1cf2a6 Update CacheClearCommand.php 2025-07-19 11:16:55 +02:00
slawkens
83f84172e0 Add warning about APCu clear in CLI 
Adds a warning message if attempting to clear APCu cache from the CLI, as this is not supported. Users are advised to use the Admin Panel for clearing APCu cache outside of development environments.
 2025-07-19 11:16:03 +02:00
slawkens
34fead906e Allow for timestamp as integer in the timeago twig function 2025-07-19 10:05:25 +02:00
slawkens
ec11c14024 kathrine: possibility to add custom menu categories 2025-07-19 07:48:01 +02:00
slawkens
2fe9924437 Start 1.7.2-dev 2025-07-08 19:20:45 +02:00
slawkens
f0f2e3785f Fix phpstan 2025-07-08 15:44:45 +02:00
slawkens
36ca755243 New setting: Display Skills Box on highscores 
Better space management
 2025-07-08 14:28:48 +02:00
slawkens
f17269e44c Move admin bar code into body_start place_holder 2025-07-08 14:22:51 +02:00
slawkens
dcb96f4ce1 Refactor code - early exit 2025-07-08 13:48:33 +02:00
slawkens
a89f9a8484 Set $process_sections to true 2025-07-08 09:22:12 +02:00
slawkens
45d6047031 Add Coins Transferable to accounts editor 2025-07-05 14:22:58 +02:00
slawkens
e435062025 [WIP] 2fa 2025-07-05 08:20:58 +02:00
slawkens
ecc9bd4042 Merge branch 'main' into feature/2fa 2025-07-01 14:18:38 +02:00
slawkens
c92148d467 Revert delete clearRouteCache, is used somewhere else 2025-06-27 07:23:22 +02:00
slawkens
b4b62442fe Release v1.7.1 2025-06-27 07:21:19 +02:00
slawkens
047742848b Delete clearRouteCache, was useless 
Directory is cleaned already
 2025-06-27 07:15:13 +02:00
slawkens
fe8281594e Fix cache:clear command (missing init) 2025-06-27 07:13:33 +02:00
slawkens
0bff910a05 adjust command email:send + mail:send (alias) 2025-06-25 19:43:40 +02:00
slawkens
6d43fc181f In case the script don't have install option, inform the user 2025-06-25 17:36:43 +02:00
slawkens
13d33822b5 Rename to plugin:setup, also add alias to previous command 2025-06-25 17:36:02 +02:00
slawkens
f78ebad136 Remove error number from 404 & 405 pages 2025-06-24 14:57:01 +02:00
slawkens
d90fa323d7 Fix polls link 2025-06-24 12:44:43 +02:00
slawkens
181131f7f3 Use __DIR__ instead of template path 2025-06-24 12:44:34 +02:00
slawkens
0da524fefe Fix plugin install:install command 2025-06-23 00:21:41 +02:00
slawkens
797377e428 Replace TwoFactorAuth with self 2025-06-22 22:34:36 +02:00
slawkens
96b5df9d74 Merge branch 'main' into feature/2fa 2025-06-22 18:51:32 +02:00
slawkens
6cf4b9dac5 Fix xdebug warnings in load_config_lua 2025-06-22 18:51:20 +02:00
slawkens
b3dfc56c96 [WIP] Working 2fa email auth 2025-06-22 18:50:54 +02:00
slawkens
96d6e04bd2 Update 46-account_email_codes.sql 2025-06-22 13:19:29 +02:00
slawkens
9146eee327 Move 2025-06-22 11:55:34 +02:00
slawkens
3d97fa0719 Merge branch 'main' into feature/2fa 2025-06-22 11:45:21 +02:00
slawkens
5cfa3a697f Start v1.7.1-dev 2025-06-22 11:25:45 +02:00
slawkens
bb830bce44 Release v1.7 2025-06-22 08:55:29 +02:00
slawkens
566c2a9151 Move out of $cache->enabled 2025-06-22 08:48:24 +02:00
slawkens
a66cafceab 2fa: first draft 2025-06-22 08:34:30 +02:00
slawkens
0f48f12e2e Update admin.plugins.outdated.html.twig 2025-06-19 18:53:11 +02:00
Slawomir Boczek
0ea247ce7e Feature/plugins versions check (#310) 
* Check plugins versions from plugins.my-aac.org/api

* Improve plugin update check messaging

Updated the success message when checking for plugin updates to clarify the source. Added an informational message when outdated plugins are found to improve user feedback.

* Use configurable API URI for plugin updates

Replaces hardcoded plugin API URI with a configurable value from config, defaulting to the official API. Also fixes a typo in the success message.
 2025-06-19 16:46:22 +02:00
slawkens
b329da52aa Use apcu_clear_cache 2025-06-17 17:52:23 +02:00
slawkens
c720ccc451 Add missing csrf() 2025-06-15 19:35:12 +02:00
slawkens
8dc42b6544 Nothing important: just formatting 2025-06-15 19:05:47 +02:00
slawkens
dca904e61d Add missing csrf() 2025-06-15 19:05:19 +02:00
slawkens
29faa4f695 Add missing csrf() in success.html.twig 2025-06-15 19:03:03 +02:00
slawkens
4767120043 Update online.html.twig 2025-06-14 21:19:52 +02:00
slawkens
9a90e4aae2 Revamped online page 2025-06-14 21:12:47 +02:00
slawkens
ba4ed6a04b Add LabelV120, LabelV150, LabelV200 2025-06-14 20:52:38 +02:00
slawkens
a7efacdbac Delete online.form, use revamped characters.form 2025-06-14 20:50:54 +02:00
Goosey
577037becc fix: boostedcreatures for 13.40 (#307) 
* boostedcreatures fix for 13.40

Fixes the boosted boss/creature display on the login page for 13.40 running the default cipsoft client.

* Adjust version

---------

Co-authored-by: slawkens <slawkens@gmail.com>
 2025-06-14 15:58:08 +02:00
slawkens
b8abc11b96 Update list.php 2025-06-14 11:33:47 +02:00
slawkens
4def6a6cae Style 2025-06-14 10:39:45 +02:00
slawkens
e6100a1b72 New hook: HOOK_GUILDS_AFTER_MANAGE_BUTTON 2025-06-14 10:36:38 +02:00
slawkens
522f6c11d8 Add OTS_Player->isNameLocked() 2025-06-14 08:26:43 +02:00
slawkens
00c3635c5f Add $config['site']['serverPath'] for better compatibility with Gesior 2025-06-14 00:59:10 +02:00
slawkens
c074a48f24 New hook: HOOK_ACCOUNT_MANAGE_AFTER_CHARACTERS 2025-06-14 00:44:00 +02:00
slawkens
e222957893 OTS_Toolbox::getVocationName($id, $promotion); 2025-06-13 22:25:36 +02:00
slawkens
d423ddd07a Nothing important: convert to tabs 2025-06-13 22:14:20 +02:00
slawkens
4d4f7759d3 Update visitors.php 2025-06-13 21:31:04 +02:00
slawkens
9510640ba9 Ignore empty values 2025-06-13 21:25:13 +02:00
slawkens
98b13c91a4 Update notice about how to enable Visitors Counter 2025-06-13 21:24:52 +02:00
slawkens
0c95bcfd06 Better $title inventing 2025-06-13 21:03:09 +02:00
slawkens
524e982a0e Release v1.6.1 2025-06-11 05:51:39 +02:00
slawkens
fffb427eae Update account.generate_recovery_key.html.twig 2025-06-09 21:18:45 +02:00
slawkens
10cd71a663 Add missing csrf() into account manage actions 2025-06-09 21:18:42 +02:00
slawkens
0812fe025d Update settings_save.php 2025-06-09 21:14:44 +02:00
slawkens
309c1fb715 Remove deprecated TinyMCE plugin - template 2025-06-09 14:24:36 +02:00
slawkens
8d29fdb98b Set TinyMCE license key to gpl (Avoid warning message in browser console) 2025-06-09 14:24:22 +02:00
slawkens
f782850307 Move counter & visitors code before router 
In case someone wants to include that info on page
 2025-06-06 22:10:13 +02:00
slawkens
835dda9659 Remove duplicated code - account redirect, already in account/manage 2025-06-05 19:08:53 +02:00
slawkens
dcc703b1eb Remove optional param, make it required for few routes 2025-06-05 18:11:44 +02:00
slawkens
9d8e9d27bd Ignore duplicated route exception 2025-06-05 18:11:31 +02:00
slawkens
db09980de1 Start v1.6.1-dev 2025-06-03 22:57:33 +02:00
slawkens
2dba778167 Update example.json 2025-06-03 18:38:02 +02:00
slawkens
ce2af2bb7a Update CHANGELOG-1.x.md 2025-06-03 17:33:17 +02:00
slawkens
dc839abfbb Release v1.6 2025-06-03 16:59:55 +02:00
slawkens
01d49692ed Update CHANGELOG-1.x.md 2025-06-03 16:59:20 +02:00
slawkens
de6603a513 Allow [] in character name (again), example: [God] Test 2025-06-03 16:49:45 +02:00
slawkens
dd731fd49b Revert previous commit partially 2025-06-03 16:43:43 +02:00
slawkens
064b929841 Allow [] in character name (for :string) 2025-06-03 16:39:02 +02:00
slawkens
c61747dc75 Update coins.html.twig 2025-06-03 10:17:08 +02:00
slawkens
207d6bc691 feat: AutoLoad plugins init.php, by default disabled 2025-06-03 08:52:33 +02:00
slawkens
8fdea94376 Add globals into $hooks->executeFIlter 2025-06-03 08:39:48 +02:00
slawkens
c961a1ebf8 Two new hooks for pages loaded from database (custom pages) 
HOOK_BEFORE_PAGE_CUSTOM,
HOOK_AFTER_PAGE_CUSTOM
 2025-06-03 06:21:44 +02:00
slawkens
770ffcfc52 Fix warnings in CLI (part 2) 2025-05-29 16:10:46 +02:00
slawkens
756d94bb3e Fix warning from CLI 2025-05-29 16:08:23 +02:00
slawkens
6e0f591383 Do not allow access to tools/ folder after install 2025-05-29 12:22:16 +02:00
slawkens
fb91281140 Fix phpstan workflow 2025-05-29 09:35:20 +02:00
slawkens
d8a6090be3 Add new setting/configurable: site_url, prevents domain spoofing 2025-05-29 09:27:29 +02:00
slawkens
52109f5cca Another solution 2025-05-28 14:13:04 +02:00
slawkens
4b7b121550 Try fix workflow 2025-05-28 14:08:50 +02:00
slawkens
28886551e8 feat: Add new account coins setting 2025-05-28 13:33:36 +02:00
slawkens
7d435ff643 Add getNPCsCount 2025-05-24 11:54:00 +02:00
slawkens
ae847ff9a6 Nothing important: tabs 2025-05-24 11:51:06 +02:00
slawkens
45ef390829 Nothing important 2025-05-24 11:42:59 +02:00
slawkens
84d502bf10 Fixes regarding csrf + refactor some parts of AAC (guilds + forum) 
Replace $account_logged->getPlayers() with getPlayersList()
$_REQUEST['todo'] -> $_REQUEST['post']
$guild_errors -> $errors
 2025-05-24 11:42:42 +02:00
slawkens
e776bd52be Forum boards admin links: csrf + refactor 2025-05-24 11:28:56 +02:00
slawkens
6e793390c6 Remove unneeded enctype="multipart/form-data" 2025-05-24 11:20:36 +02:00
slawkens
6eda38603c Protect against csrf in more places (accounts & guilds pages) 2025-05-24 09:52:56 +02:00
slawkens
72cdd290da Fix link to Contributing 2025-05-23 17:38:14 +02:00
slawkens
40d65a6613 OTS_ServerInfo -> set timeout out of class 
Possibility to use the class without MyAAC
 2025-05-23 16:11:57 +02:00
slawkens
43153b2b0c Nothing important: tabs 2025-05-23 16:08:02 +02:00
slawkens
2ea549002a Nothing important: tabs 2025-05-23 15:58:23 +02:00
slawkens
4a30fb495d Fix CHANGELOG-1.x.md loading 2025-05-23 09:13:20 +02:00
slawkens
4d8f5f31ae Update Plugins.php 2025-05-23 09:04:48 +02:00
slawkens
be7b27c31a Fix links not working in admin dashboard modules 2025-05-23 09:04:45 +02:00
slawkens
7d213f479a feat: autoload install.php 2025-05-23 08:50:38 +02:00
slawkens
e574943707 feat: autoload settings.php 2025-05-23 08:39:09 +02:00
177 changed files with 4263 additions and 2144 deletions
Expand all files Collapse all files

95
CHANGELOG-1.x.md
View File

@@ -1,5 +1,100 @@
# Changelog
## [1.8 - 02.08.2025]
### Added
* Templates - Kathrine: Possibility to add custom menu categories (https://github.com/slawkens/myaac/commit/ec11c1402417c25980582467546d1c1e9bb8267f)
* Admin Panel - Accounts Editor: Add Coins Transferable (https://github.com/slawkens/myaac/commit/45d6047031c9c3a0e7e512dc5d15c75629aec5a2, https://github.com/slawkens/myaac/commit/bb097b69ce106500a49686d6f4fe604348eaa310)
* Highscores:
* Revamped: (https://github.com/slawkens/myaac/commit/d8132d4d76e03d5aa0c042be426320655a601392)
* Show real rank, if 2 or more players have the same skill, show them with same rank
* New setting: highscores_online_status
* Additional fields passed to twig: updatedAt, totalResults, page, baseLink
* Add new Setting: Display Skills Box (https://github.com/slawkens/myaac/commit/36ca755243ef1c83f6ac87465b426d4d8d3b0bb9)
* Functions: Add getExperienceForLevel (level) (https://github.com/slawkens/myaac/commit/1566deb84a082176b8c683fda205d828bc38fbcc)
* Commands - cache:clear : Add warning about APCu clear in CLI (https://github.com/slawkens/myaac/commit/83f84172e02e8ea2ccb6dca29bc033e44c35aebc)
* Models - PlayerOnline: Add missing $fillable into model (https://github.com/slawkens/myaac/commit/43415cf35db1c1307f2684c1728693d65065ffff)
* Twig: add cache variable (https://github.com/slawkens/myaac/commit/0efe47ce71c4b364a9e96bc5a55b1655326ae6da)
### Changed
* pages/online: add cache, resulting in 20x performance boost
* (for an example server with 2k players) (https://github.com/slawkens/myaac/commit/c8363086015cbb6e8786c398c7b9ac3959a26ec4)
* Admin Bar: Move admin bar code into body_start place_holder (https://github.com/slawkens/myaac/commit/f17269e44ce9dd38447bd2e2a8e1bdb065d4161f)
* Cache::remember: $ttl = 0 means no cache (https://github.com/slawkens/myaac/commit/3b47e9df2f4051807c5ff87892f7fa3d348f9c55)
* Templates: Load config.ini with $process_sections set to true (https://github.com/slawkens/myaac/commit/a89f9a84847630eb75b4890fdcc8b7a7bfa6b8ac)
* Twig: Allow for timestamp as integer in the timeago twig function
(https://github.com/slawkens/myaac/commit/34fead906ea13b9f09d7a3c41ed88109d34d386c)
### Fixed
* Settings: Fixed two exceptions (https://github.com/slawkens/myaac/commit/6e5a4ff8c78ff5373aba091baa66cae029557643, https://github.com/slawkens/myaac/commit/20d69a641c0a933d14889a89da6d32f6a4bc6c7d)
* Models\Account + OTS_Account -> isPremium -> ignore config.freePremium (https://github.com/slawkens/myaac/commit/5271633bdbfbbfed0b1d59c403093ce6fc2b7d20)
* Admin Panel - Mailer:
* Fix send to email link redirecting from accounts page (https://github.com/slawkens/myaac/commit/080cc2781f034c844af658229e495e9a47fd2298)
* Option to send only to verified accounts - only if setting('core.account_mail_verify') enabled (https://github.com/slawkens/myaac/commit/cf7fd20452e863980045bb5d6012ec86c6e8e01f)
### Internal
* Rewrite to use constants (account transferable coins) (https://github.com/slawkens/myaac/commit/bccf8e056df985bbe1bab5f7ab5492f714d6b62b)
* Refactor to use HAS_ACCOUNT_COINS (https://github.com/slawkens/myaac/commit/caf326a6584a234775ebc6c8000ea02b3fecd160)
## [1.7.1 - 27.06.2025]
### Changed
* Rename plugin:install:install to plugin:setup, also add alias to previous command (https://github.com/slawkens/myaac/commit/13d33822b59df349199e885a78a3d6beb0863d0b)
### Fixed
* Fix commands: setup + cache:clear (https://github.com/slawkens/myaac/commit/0da524fefe93b3028392e9014550eea3324d3a22, https://github.com/slawkens/myaac/commit/fe8281594e989f00280ba1adc734a9198c6b5cc1)
* Fix polls link in tibiacom template (https://github.com/slawkens/myaac/commit/d90fa323d7c77d81768df60feeb1c374b1650a0c)
## [1.7 - 22.06.2025]
### Added
* Feature: plugins versions check (#310)
* New hooks: HOOK_ACCOUNT_MANAGE_AFTER_CHARACTERS, HOOK_GUILDS_AFTER_MANAGE_BUTTON (https://github.com/slawkens/myaac/commit/c074a48f245df55646b6705737f667b6a84149b2, https://github.com/slawkens/myaac/commit/e6100a1b72de8695bba1dae9ba4e28bfdce47b10)
* Add OTS_Toolbox::getVocationName(id, promotion) + OTS_Player->isNameLocked() (https://github.com/slawkens/myaac/commit/e222957893c4a1de0dc8dbba55bce1a43418d275, https://github.com/slawkens/myaac/commit/522f6c11d835afd36fd07a07074d96d7e219b488)
* Add missing csrf in more places, causing white page with error about Request (https://github.com/slawkens/myaac/commit/dca904e61d21d856bf809070e7652803a2df0f58, https://github.com/slawkens/myaac/commit/c720ccc451ff90ef40b2a1595468d061ffd7e1e4)
### Changed
* Revamped online page (https://github.com/slawkens/myaac/commit/9a90e4aae280e607430511c6727d9a714b11f4c5, https://github.com/slawkens/myaac/commit/4767120043b09141870383e249f3729638d53dc2)
* Better $title inventing (https://github.com/slawkens/myaac/commit/0c95bcfd06b68b21512e477646ef7bd3a0d4912b)
### Fixed
* Use apcu cache clear (https://github.com/slawkens/myaac/commit/b329da52aae9d0e21120a6444d3caf442420ce50, https://github.com/slawkens/myaac/commit/566c2a9151ab6392286f74e26853faa19a1b4f24)
* fix: boostedcreatures for 13.40 (by @GooseWithAKnife) (#307)
## [1.6.1 - 11.06.2025]
### Fixed
* Fixed "Request has been cancelled due to security reasons", cause of missing csrf() in twig files (https://github.com/slawkens/myaac/commit/10cd71a6630ffec91b43a26a6d685b66c5836a6a)
* Fix: Ignore duplicated route exception (https://github.com/slawkens/myaac/commit/9d8e9d27bd87167d8d4005942a6af62bfe4c0892)
### Changed
* Move counter & visitors code before router (In case someone wants to include that info on page) (https://github.com/slawkens/myaac/commit/f78285030708ad3c74ab048711f73bbf3ee5281e)
* Set TinyMCE license key to gpl (Avoid warning message in browser console) (https://github.com/slawkens/myaac/commit/8d29fdb98b92dbc3d2853ef88a185c67036b4a77)
### Removed
* Remove deprecated TinyMCE plugin - template (https://github.com/slawkens/myaac/commit/309c1fb715b882e67cb673b1544a03befbf64a22)
## [1.6 - 03.06.2025]
### Added
* Add new setting/configurable: site_url, prevents domain spoofing (https://github.com/slawkens/myaac/commit/d8a6090be382c35c19117cfef964b594ed02b8d4)
* Add new account coins setting (https://github.com/slawkens/myaac/commit/28886551e86fe562172c4c7f2afb89a2e7672c2e)
* autoload: settings/install/init.php (https://github.com/slawkens/myaac/commit/e5749437074c3b3556628a2aeb5bad2edf97bde0, https://github.com/slawkens/myaac/commit/7d213f479a7e40c6254069b5fc4e578dc32bf8d9, https://github.com/slawkens/myaac/commit/207d6bc69120aba1af2b51808f17e0059b571fed)
* Protect against csrf in more places (accounts & guilds & forums pages) (https://github.com/slawkens/myaac/commit/6eda38603c8ed7e99b92a78a4600b1245377f74d, https://github.com/slawkens/myaac/commit/e776bd52beb3064a9e694efd1b9021ec972ee2f6, https://github.com/slawkens/myaac/commit/84d502bf105f2a789481fba1acc820d236b4de66)
* Added two new hooks for pages loaded from database (custom pages): HOOK_BEFORE_PAGE_CUSTOM, HOOK_AFTER_PAGE_CUSTOM (https://github.com/slawkens/myaac/commit/c961a1ebf837f2ab1734a825ff2c57b4937610c9)
* Add global variables into $hooks->executeFilter (https://github.com/slawkens/myaac/commit/8fdea943768b20193eede99d60313ee84511a0be)
* Add getNPCsCount() to OTS_InfoRespond (https://github.com/slawkens/myaac/commit/7d435ff6433ef1fb2295ee79ed043ee10dc725e9)
### Fixed
* Allow [] in character name (https://github.com/slawkens/myaac/commit/de6603a51347b9e656c58637ed9971fffdd7cedd)
* Do not allow access to tools/ folder after install (https://github.com/slawkens/myaac/commit/6e0f5913831f8dba69fd2d1505be3e2a303c6324)
* Fix CHANGELOG-1.x.md loading in admin panel (https://github.com/slawkens/myaac/commit/4a30fb495dbfbe1d434e8d52419eaf44fe517aee)
* Fix links not working in admin dashboard modules (https://github.com/slawkens/myaac/commit/be7b27c31aa3bbd6c0289c34d1e61139a3fe015c)
* Fix twig variables: logged + account_logged being not set directly after login (https://github.com/slawkens/myaac/commit/1e9b10d6489c488cadf7f6ed17b42f1ea6c767a8)
### Changed
* OTS_ServerInfo -> move setTimeout out of class - Possibility to use the class without MyAAC (https://github.com/slawkens/myaac/commit/40d65a6613149fda51bdceb82c807e5301a3388b)
## [1.5 - 14.05.2025]
### Added

4
README.md
View File

@@ -80,7 +80,7 @@ Pull requests should be made to the *develop* branch as that is the working bran
Bug fixes to current release should be done to master branch.
Look: [Contributing](https://github.com/otsoft/myaac/wiki/Contributing) in our wiki.
Look: [Contributing](https://docs.my-aac.org/misc/contributing) in our wiki.
### Other Notes
@@ -95,4 +95,4 @@ Many thanks to Jetbrains for kindly providing a license for me to work on this a
### License
This program and all associated files are released under the GNU Public License.
See [LICENSE](https://github.com/slawkens/myaac/blob/master/LICENSE) for details.
See [LICENSE](https://github.com/slawkens/myaac/blob/main/LICENSE) for details.

31
admin/pages/accounts.php
View File

@@ -26,7 +26,6 @@ if (setting('core.account_country'))
$nameOrNumberColumn = getAccountIdentityColumn();
$hasSecretColumn = $db->hasColumn('accounts', 'secret');
$hasCoinsColumn = $db->hasColumn('accounts', 'coins');
$hasPointsColumn = $db->hasColumn('accounts', 'premium_points');
$hasTypeColumn = $db->hasColumn('accounts', 'type');
$hasGroupColumn = $db->hasColumn('accounts', 'group_id');
@@ -136,11 +135,18 @@ else if (isset($_REQUEST['search'])) {
if (!Validator::email($email))
$errors['email'] = Validator::getLastError();
//tibia coins
if ($hasCoinsColumn) {
// tibia coins
if (HAS_ACCOUNT_COINS) {
$t_coins = $_POST['t_coins'];
verify_number($t_coins, 'Tibia coins', 12);
}
// transferable tibia coins
if (HAS_ACCOUNT_COINS_TRANSFERABLE || HAS_ACCOUNT_TRANSFERABLE_COINS) {
$t_coins_transferable = $_POST['t_coins_transferable'];
verify_number($t_coins_transferable, 'Transferable Tibia coins', 12);
}
// prem days
$p_days = (int)$_POST['p_days'];
verify_number($p_days, 'Prem days', 11);
@@ -185,12 +191,18 @@ else if (isset($_REQUEST['search'])) {
if ($hasSecretColumn) {
$account->setCustomField('secret', $secret);
}
$account->setCustomField('key', $key);
$account->setEMail($email);
if ($hasCoinsColumn) {
if (HAS_ACCOUNT_COINS) {
$account->setCustomField('coins', $t_coins);
}
if (HAS_ACCOUNT_COINS_TRANSFERABLE || HAS_ACCOUNT_TRANSFERABLE_COINS) {
$account->setCustomField(ACCOUNT_COINS_TRANSFERABLE_COLUMN, $t_coins_transferable);
}
$lastDay = 0;
if($p_days != 0 && $p_days != OTS_Account::GRATIS_PREMIUM_DAYS) {
$lastDay = time();
@@ -223,9 +235,6 @@ else if (isset($_REQUEST['search'])) {
$password = encrypt($password);
$account->setPassword($password);
if (USE_ACCOUNT_SALT)
$account->setCustomField('salt', $salt);
}
$account->save();
@@ -395,12 +404,18 @@ else if (isset($_REQUEST['search'])) {
<label for="email">Email:</label><?php echo (setting('core.mail_enabled') ? ' (<a href="' . ADMIN_URL . '?p=mailer&mail_to=' . $account->getEMail() . '">Send Mail</a>)' : ''); ?>
<input type="text" class="form-control" id="email" name="email" autocomplete="off" value="<?php echo $account->getEMail(); ?>"/>
</div>
<?php if ($hasCoinsColumn): ?>
<?php if (HAS_ACCOUNT_COINS): ?>
<div class="col-12 col-sm-12 col-lg-6">
<label for="t_coins">Tibia Coins:</label>
<input type="text" class="form-control" id="t_coins" name="t_coins" autocomplete="off" maxlength="11" value="<?php echo $account->getCustomField('coins') ?>"/>
</div>
<?php endif; ?>
<?php if (HAS_ACCOUNT_COINS_TRANSFERABLE || HAS_ACCOUNT_TRANSFERABLE_COINS): ?>
<div class="col-12 col-sm-12 col-lg-6">
<label for="t_coins_transferable">Transferable Tibia Coins:</label>
<input type="text" class="form-control" id="t_coins_transferable" name="t_coins_transferable" autocomplete="off" maxlength="11" value="<?php echo $account->getCustomField(ACCOUNT_COINS_TRANSFERABLE_COLUMN) ?>"/>
</div>
<?php endif; ?>
<div class="col-12 col-sm-12 col-lg-6">
<label for="p_days">Premium Days:</label>
<input type="text" class="form-control" id="p_days" name="p_days" autocomplete="off" maxlength="11" value="<?php echo $account->getPremDays(); ?>"/>

4
admin/pages/clmd.php
View File

@@ -11,12 +11,12 @@
defined('MYAAC') or die('Direct access not allowed!');
$title = 'MyAAC Changelog';
if (!file_exists(BASE . 'CHANGELOG.md')) {
if (!file_exists(BASE . 'CHANGELOG-1.x.md')) {
echo 'File CHANGELOG.md doesn\'t exist.';
return;
}
$changelog = file_get_contents(BASE . 'CHANGELOG.md');
$changelog = file_get_contents(BASE . 'CHANGELOG-1.x.md');
$Parsedown = new Parsedown();

18
admin/pages/mailer.php
View File

@@ -25,9 +25,10 @@ if (!setting('core.mail_enabled')) {
return;
}
$mail_to = isset($_POST['mail_to']) ? stripslashes(trim($_POST['mail_to'])) : null;
$mail_to = isset($_REQUEST['mail_to']) ? stripslashes(trim($_REQUEST['mail_to'])) : null;
$mail_subject = isset($_POST['mail_subject']) ? stripslashes($_POST['mail_subject']) : null;
$mail_content = isset($_POST['mail_content']) ? stripslashes($_POST['mail_content']) : null;
$mail_verified_only = $_POST['mail_verified_only'] ?? false;
if (isset($_POST['submit'])) {
if (empty($mail_subject)) {
@@ -58,14 +59,14 @@ if (!empty($mail_content) && !empty($mail_subject) && empty($mail_to)) {
$success = 0;
$failed = 0;
$add = '';
if (setting('core.account_mail_verify')) {
note('Note: Sending only to users with verified E-Mail.');
$add = ' AND `email_verified` = 1';
$query = Account::where('email', '!=', '');
if ($mail_verified_only) {
info('Note: Sending only to users with verified E-Mail.');
$query->where('email_verified', 1);
}
$query = Account::where('email', '!=', '')->get(['email']);
foreach ($query as $email) {
foreach ($query->get(['email']) as $email) {
if (_mail($email->email, $mail_subject, $mail_content)) {
$success++;
}
@@ -84,5 +85,6 @@ if (!empty($mail_content) && !empty($mail_subject) && empty($mail_to)) {
$twig->display('admin.mailer.html.twig', [
'mail_to' => $mail_to,
'mail_subject' => $mail_subject,
'mail_content' => $mail_content
'mail_content' => $mail_content,
'mail_verified_only' => $mail_verified_only,
]);

11
admin/pages/mass_account.php
View File

@@ -18,7 +18,6 @@ $title = 'Mass Account Actions';
csrfProtect();
$hasCoinsColumn = $db->hasColumn('accounts', 'coins');
$hasPointsColumn = $db->hasColumn('accounts', 'premium_points');
$freePremium = $config['lua']['freePremium'];
@@ -40,9 +39,7 @@ function admin_give_points($points)
function admin_give_coins($coins)
{
global $hasCoinsColumn;
if (!$hasCoinsColumn) {
if (!HAS_ACCOUNT_COINS) {
displayMessage('Coins not supported.');
return;
}
@@ -167,19 +164,19 @@ if (!empty(ACTION) && isRequestMethod('post')) {
}
else {
$twig->display('admin.tools.account.html.twig', array(
'hasCoinsColumn' => $hasCoinsColumn,
'hasCoinsColumn' => HAS_ACCOUNT_COINS,
'hasPointsColumn' => $hasPointsColumn,
'freePremium' => $freePremium,
));
}
function displayMessage($message, $success = false) {
global $twig, $hasCoinsColumn, $hasPointsColumn, $freePremium;
global $twig, $hasPointsColumn, $freePremium;
$success ? success($message): error($message);
$twig->display('admin.tools.account.html.twig', array(
'hasCoinsColumn' => $hasCoinsColumn,
'hasCoinsColumn' => HAS_ACCOUNT_COINS,
'hasPointsColumn' => $hasPointsColumn,
'freePremium' => $freePremium,
));

2
admin/pages/modules/balance.php
View File

@@ -7,7 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
$balance = 0;
if ($db->hasColumn('players', 'balance')) {
$balance = Player::orderByDesc('balance')->limit(10)->get(['balance', 'id','name', 'level'])->toArray();
$balance = Player::orderByDesc('balance')->limit(10)->get(['id', 'name', 'balance'])->toArray();
}
$twig->display('balance.html.twig', array(

9
admin/pages/modules/coins.php
View File

@@ -6,8 +6,13 @@ defined('MYAAC') or die('Direct access not allowed!');
$coins = 0;
if ($db->hasColumn('accounts', 'coins')) {
$coins = Account::orderByDesc('coins')->limit(10)->get(['coins', (USE_ACCOUNT_NAME ? 'name' : 'id')])->toArray();
if (HAS_ACCOUNT_COINS) {
$whatToGet = ['id', 'coins'];
if (USE_ACCOUNT_NAME) {
$whatToGet[] = 'name';
}
$coins = Account::orderByDesc('coins')->limit(10)->get($whatToGet)->toArray();
}
$twig->display('coins.html.twig', array(

2
admin/pages/modules/lastlogin.php
View File

@@ -7,7 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
$players = 0;
if ($db->hasColumn('players', 'lastlogin')) {
$players = Player::orderByDesc('lastlogin')->limit(10)->get(['name', 'level', 'lastlogin'])->toArray();
$players = Player::orderByDesc('lastlogin')->limit(10)->get(['id', 'name', 'level', 'lastlogin'])->toArray();
}
$twig->display('lastlogin.html.twig', array(

2
admin/pages/modules/templates/balance.html.twig
View File

@@ -19,7 +19,7 @@
{% set i = i + 1 %}
<tr>
<th>{{ i }}</th>
<td><a href="?p=players&search_name={{ result.name }}">{{ result.name }}</a></td>
<td><a href="?p=players&id={{ result.id }}">{{ result.name }}</a></td>
<td>{{ result.balance }}</td>
</tr>
{% endfor %}

2
admin/pages/modules/templates/coins.html.twig
View File

@@ -19,7 +19,7 @@
{% set i = i + 1 %}
<tr>
<th>{{ i }}</th>
<td><a href="?p=accounts&search_name={{ result.name }}">{{ result.name }}</a></td>
<td><a href="?p=accounts&id={{ result.id }}">{{ result.name ?? result.id }}</a></td>
<td>{{ result.coins }}</td>
</tr>
{% endfor %}

2
admin/pages/modules/templates/lastlogin.html.twig
View File

@@ -19,7 +19,7 @@
{% set i = i + 1 %}
<tr>
<th>{{ i }}</th>
<td><a href="?p=players&search_name={{ result.name }}">{{ result.name }}</a></td>
<td><a href="?p=players&id={{ result.id }}">{{ result.name }}</a></td>
<td>{{ result.lastlogin|date("M d Y, H:i:s") }}</td>
</tr>
{% endfor %}

2
admin/pages/modules/templates/points.html.twig
View File

@@ -19,7 +19,7 @@
{% set i = i + 1 %}
<tr>
<th>{{ i }}</th>
<td><a href="?p=accounts&search_name={{ result.name }}">{{ result.name }}</a></td>
<td><a href="?p=accounts&id={{ result.id }}">{{ result.name }}</a></td>
<td>{{ result.premium_points }}</td>
</tr>
{% endfor %}

50
admin/pages/plugins.php
View File

@@ -51,6 +51,56 @@ else {
} else {
error('Error while disabling plugin ' . $disable . ': ' . Plugins::getError());
}
}
else if (isset($_GET['check-updates'])) {
$repoUri = $config['admin_plugins_api_uri'] ?? 'https://plugins.my-aac.org/api/';
success("Fetching latest info from $repoUri..");
$adminPlugins = new \MyAAC\Admin\Plugins();
$adminPlugins->setApiBaseUri($repoUri);
try {
$plugins = $adminPlugins->getLatestVersions();
}
catch (Exception $e) {
error($e->getMessage());
}
if (isset($plugins) && count($plugins) > 0) {
$outdated = [];
foreach (get_plugins(true) as $plugin) {
$string = file_get_contents(BASE . 'plugins/' . $plugin . '.json');
$plugin_info = json_decode($string, true);
if (!$plugin_info) {
continue;
}
$disabled = (str_contains($plugin, 'disabled.'));
$pluginOriginal = ($disabled ? str_replace('disabled.', '', $plugin) : $plugin);
$info = $plugins[$pluginOriginal] ?? false;
if ($info && version_compare($info['version'], $plugin_info['version'], '>')) {
$outdated[] = [
'name' => $pluginOriginal,
'yourVersion' => $plugin_info['version'],
'latestVersion' => $info['version'],
'link' => $info['link'] ?? 'Unknown',
'download_link' => $info['download_link'] ?? 'Unknown',
];
}
}
if (count($outdated) > 0) {
info('Following updates have been found for your plugins:');
$twig->display('admin.plugins.outdated.html.twig', ['plugins' => $outdated]);
}
else {
success('All plugins up to date!');
}
}
} else if (isset($_FILES['plugin']['name'])) {
$file = $_FILES['plugin'];
$filename = $file['name'];

5
admin/pages/visitors.php
View File

@@ -19,8 +19,7 @@ $use_datatable = true;
if (!setting('core.visitors_counter')): ?>
Visitors counter is disabled.<br/>
You can enable it by editing this configurable in <b>config.local.php</b> file:<br/>
<p style="margin-left: 3em;"><b>$config['visitors_counter'] = true;</b></p>
You can enable it in Settings -> General -> Visitors Counter.<br/>
<?php
return;
endif;
@@ -46,7 +45,7 @@ foreach ($tmp as &$visitor) {
if ($dd->isBot()) {
$bot = $dd->getBot();
$message = '(Bot) %s, <a href="%s" target="_blank">%s</a>';
$browser = sprintf($message, $bot['category'], $bot['url'], $bot['name']);
$browser = sprintf($message, $bot['category'] ?? 'Unknown', $bot['url'] ?? '', $bot['name'] ?? 'Unknown name');
}
else {
$osFamily = OperatingSystem::getOsFamily($dd->getOs('name'));

1
admin/tools/settings_save.php
View File

@@ -1,6 +1,5 @@
<?php
use MyAAC\Hooks;
use MyAAC\Settings;
const MYAAC_ADMIN = true;

38
common.php
View File

@@ -26,8 +26,8 @@
if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
const MYAAC = true;
const MYAAC_VERSION = '1.5.1-dev';
const DATABASE_VERSION = 45;
const MYAAC_VERSION = '1.8.1-dev';
const DATABASE_VERSION = 46;
const TABLE_PREFIX = 'myaac_';
define('START_TIME', microtime(true));
define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));
@@ -122,36 +122,28 @@ if (!IS_CLI) {
session_start();
}
// basedir
$basedir = '';
$tmp = explode('/', $_SERVER['SCRIPT_NAME']);
$size = count($tmp) - 1;
for($i = 1; $i < $size; $i++)
$basedir .= '/' . $tmp[$i];
if (file_exists(BASE . 'config.local.php')) {
require BASE . 'config.local.php';
}
$basedir = str_replace(['/' . ADMIN_PANEL_FOLDER, '/install', '/tools'], '', $basedir);
define('BASE_DIR', $basedir);
require SYSTEM . 'base.php';
define('BASE_DIR', $baseDir);
if(!IS_CLI) {
if (isset($_SERVER['HTTP_HOST'][0])) {
$baseHost = $_SERVER['HTTP_HOST'];
} else {
if (isset($_SERVER['SERVER_NAME'][0])) {
$baseHost = $_SERVER['SERVER_NAME'];
} else {
$baseHost = $_SERVER['SERVER_ADDR'];
}
}
if (isset($config['site_url'])) {
$hasSlashAtEnd = ($config['site_url'][strlen($config['site_url']) - 1] == '/');
define('SERVER_URL', $config['site_url']);
define('BASE_URL', SERVER_URL . ($hasSlashAtEnd ? '' : '/'));
define('ADMIN_URL', SERVER_URL . ($hasSlashAtEnd ? '' : '/') . ADMIN_PANEL_FOLDER . '/');
}
else {
define('SERVER_URL', 'http' . (isHttps() ? 's' : '') . '://' . $baseHost);
define('BASE_URL', SERVER_URL . BASE_DIR . '/');
define('ADMIN_URL', SERVER_URL . BASE_DIR . '/' . ADMIN_PANEL_FOLDER . '/');
//define('CURRENT_URL', BASE_URL . $_SERVER['REQUEST_URI']);
}
if (file_exists(BASE . 'config.local.php')) {
require BASE . 'config.local.php';
}
}
/** @var array $config */

3
composer.json
View File

@@ -18,7 +18,8 @@
"symfony/string": "^6.4",
"symfony/var-dumper": "^6.4",
"filp/whoops": "^2.15",
"maximebf/debugbar": "1.*"
"maximebf/debugbar": "1.*",
"guzzlehttp/guzzle": "7.9.3"
},
"require-dev": {
"phpstan/phpstan": "^1.10"

537
composer.lock generated
View File

@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "be4d1489a53a9cd8eec6bcaa7a096f30",
"content-hash": "5317e97a5025ebc2a977214bd3fa964c",
"packages": [
{
"name": "brick/math",
@@ -493,6 +493,331 @@
],
"time": "2024-09-25T12:00:00+00:00"
},
{
"name": "guzzlehttp/guzzle",
"version": "7.9.3",
"source": {
"type": "git",
"url": "https://github.com/guzzle/guzzle.git",
"reference": "7b2f29fe81dc4da0ca0ea7d42107a0845946ea77"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/guzzle/guzzle/zipball/7b2f29fe81dc4da0ca0ea7d42107a0845946ea77",
"reference": "7b2f29fe81dc4da0ca0ea7d42107a0845946ea77",
"shasum": ""
},
"require": {
"ext-json": "*",
"guzzlehttp/promises": "^1.5.3 || ^2.0.3",
"guzzlehttp/psr7": "^2.7.0",
"php": "^7.2.5 || ^8.0",
"psr/http-client": "^1.0",
"symfony/deprecation-contracts": "^2.2 || ^3.0"
},
"provide": {
"psr/http-client-implementation": "1.0"
},
"require-dev": {
"bamarni/composer-bin-plugin": "^1.8.2",
"ext-curl": "*",
"guzzle/client-integration-tests": "3.0.2",
"php-http/message-factory": "^1.1",
"phpunit/phpunit": "^8.5.39 || ^9.6.20",
"psr/log": "^1.1 || ^2.0 || ^3.0"
},
"suggest": {
"ext-curl": "Required for CURL handler support",
"ext-intl": "Required for Internationalized Domain Name (IDN) support",
"psr/log": "Required for using the Log middleware"
},
"type": "library",
"extra": {
"bamarni-bin": {
"bin-links": true,
"forward-command": false
}
},
"autoload": {
"files": [
"src/functions_include.php"
],
"psr-4": {
"GuzzleHttp\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Graham Campbell",
"email": "hello@gjcampbell.co.uk",
"homepage": "https://github.com/GrahamCampbell"
},
{
"name": "Michael Dowling",
"email": "mtdowling@gmail.com",
"homepage": "https://github.com/mtdowling"
},
{
"name": "Jeremy Lindblom",
"email": "jeremeamia@gmail.com",
"homepage": "https://github.com/jeremeamia"
},
{
"name": "George Mponos",
"email": "gmponos@gmail.com",
"homepage": "https://github.com/gmponos"
},
{
"name": "Tobias Nyholm",
"email": "tobias.nyholm@gmail.com",
"homepage": "https://github.com/Nyholm"
},
{
"name": "Márk Sági-Kazár",
"email": "mark.sagikazar@gmail.com",
"homepage": "https://github.com/sagikazarmark"
},
{
"name": "Tobias Schultze",
"email": "webmaster@tubo-world.de",
"homepage": "https://github.com/Tobion"
}
],
"description": "Guzzle is a PHP HTTP client library",
"keywords": [
"client",
"curl",
"framework",
"http",
"http client",
"psr-18",
"psr-7",
"rest",
"web service"
],
"support": {
"issues": "https://github.com/guzzle/guzzle/issues",
"source": "https://github.com/guzzle/guzzle/tree/7.9.3"
},
"funding": [
{
"url": "https://github.com/GrahamCampbell",
"type": "github"
},
{
"url": "https://github.com/Nyholm",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/guzzlehttp/guzzle",
"type": "tidelift"
}
],
"time": "2025-03-27T13:37:11+00:00"
},
{
"name": "guzzlehttp/promises",
"version": "2.2.0",
"source": {
"type": "git",
"url": "https://github.com/guzzle/promises.git",
"reference": "7c69f28996b0a6920945dd20b3857e499d9ca96c"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/guzzle/promises/zipball/7c69f28996b0a6920945dd20b3857e499d9ca96c",
"reference": "7c69f28996b0a6920945dd20b3857e499d9ca96c",
"shasum": ""
},
"require": {
"php": "^7.2.5 || ^8.0"
},
"require-dev": {
"bamarni/composer-bin-plugin": "^1.8.2",
"phpunit/phpunit": "^8.5.39 || ^9.6.20"
},
"type": "library",
"extra": {
"bamarni-bin": {
"bin-links": true,
"forward-command": false
}
},
"autoload": {
"psr-4": {
"GuzzleHttp\\Promise\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Graham Campbell",
"email": "hello@gjcampbell.co.uk",
"homepage": "https://github.com/GrahamCampbell"
},
{
"name": "Michael Dowling",
"email": "mtdowling@gmail.com",
"homepage": "https://github.com/mtdowling"
},
{
"name": "Tobias Nyholm",
"email": "tobias.nyholm@gmail.com",
"homepage": "https://github.com/Nyholm"
},
{
"name": "Tobias Schultze",
"email": "webmaster@tubo-world.de",
"homepage": "https://github.com/Tobion"
}
],
"description": "Guzzle promises library",
"keywords": [
"promise"
],
"support": {
"issues": "https://github.com/guzzle/promises/issues",
"source": "https://github.com/guzzle/promises/tree/2.2.0"
},
"funding": [
{
"url": "https://github.com/GrahamCampbell",
"type": "github"
},
{
"url": "https://github.com/Nyholm",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/guzzlehttp/promises",
"type": "tidelift"
}
],
"time": "2025-03-27T13:27:01+00:00"
},
{
"name": "guzzlehttp/psr7",
"version": "2.7.1",
"source": {
"type": "git",
"url": "https://github.com/guzzle/psr7.git",
"reference": "c2270caaabe631b3b44c85f99e5a04bbb8060d16"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/guzzle/psr7/zipball/c2270caaabe631b3b44c85f99e5a04bbb8060d16",
"reference": "c2270caaabe631b3b44c85f99e5a04bbb8060d16",
"shasum": ""
},
"require": {
"php": "^7.2.5 || ^8.0",
"psr/http-factory": "^1.0",
"psr/http-message": "^1.1 || ^2.0",
"ralouphie/getallheaders": "^3.0"
},
"provide": {
"psr/http-factory-implementation": "1.0",
"psr/http-message-implementation": "1.0"
},
"require-dev": {
"bamarni/composer-bin-plugin": "^1.8.2",
"http-interop/http-factory-tests": "0.9.0",
"phpunit/phpunit": "^8.5.39 || ^9.6.20"
},
"suggest": {
"laminas/laminas-httphandlerrunner": "Emit PSR-7 responses"
},
"type": "library",
"extra": {
"bamarni-bin": {
"bin-links": true,
"forward-command": false
}
},
"autoload": {
"psr-4": {
"GuzzleHttp\\Psr7\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Graham Campbell",
"email": "hello@gjcampbell.co.uk",
"homepage": "https://github.com/GrahamCampbell"
},
{
"name": "Michael Dowling",
"email": "mtdowling@gmail.com",
"homepage": "https://github.com/mtdowling"
},
{
"name": "George Mponos",
"email": "gmponos@gmail.com",
"homepage": "https://github.com/gmponos"
},
{
"name": "Tobias Nyholm",
"email": "tobias.nyholm@gmail.com",
"homepage": "https://github.com/Nyholm"
},
{
"name": "Márk Sági-Kazár",
"email": "mark.sagikazar@gmail.com",
"homepage": "https://github.com/sagikazarmark"
},
{
"name": "Tobias Schultze",
"email": "webmaster@tubo-world.de",
"homepage": "https://github.com/Tobion"
},
{
"name": "Márk Sági-Kazár",
"email": "mark.sagikazar@gmail.com",
"homepage": "https://sagikazarmark.hu"
}
],
"description": "PSR-7 message implementation that also provides common utility methods",
"keywords": [
"http",
"message",
"psr-7",
"request",
"response",
"stream",
"uri",
"url"
],
"support": {
"issues": "https://github.com/guzzle/psr7/issues",
"source": "https://github.com/guzzle/psr7/tree/2.7.1"
},
"funding": [
{
"url": "https://github.com/GrahamCampbell",
"type": "github"
},
{
"url": "https://github.com/Nyholm",
"type": "github"
},
{
"url": "https://tidelift.com/funding/github/packagist/guzzlehttp/psr7",
"type": "tidelift"
}
],
"time": "2025-03-27T12:30:47+00:00"
},
{
"name": "illuminate/collections",
"version": "v10.48.25",
@@ -1472,6 +1797,166 @@
},
"time": "2021-11-05T16:47:00+00:00"
},
{
"name": "psr/http-client",
"version": "1.0.3",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-client.git",
"reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-client/zipball/bb5906edc1c324c9a05aa0873d40117941e5fa90",
"reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90",
"shasum": ""
},
"require": {
"php": "^7.0 || ^8.0",
"psr/http-message": "^1.0 || ^2.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.0.x-dev"
}
},
"autoload": {
"psr-4": {
"Psr\\Http\\Client\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "PHP-FIG",
"homepage": "https://www.php-fig.org/"
}
],
"description": "Common interface for HTTP clients",
"homepage": "https://github.com/php-fig/http-client",
"keywords": [
"http",
"http-client",
"psr",
"psr-18"
],
"support": {
"source": "https://github.com/php-fig/http-client"
},
"time": "2023-09-23T14:17:50+00:00"
},
{
"name": "psr/http-factory",
"version": "1.1.0",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-factory.git",
"reference": "2b4765fddfe3b508ac62f829e852b1501d3f6e8a"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-factory/zipball/2b4765fddfe3b508ac62f829e852b1501d3f6e8a",
"reference": "2b4765fddfe3b508ac62f829e852b1501d3f6e8a",
"shasum": ""
},
"require": {
"php": ">=7.1",
"psr/http-message": "^1.0 || ^2.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "1.0.x-dev"
}
},
"autoload": {
"psr-4": {
"Psr\\Http\\Message\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "PHP-FIG",
"homepage": "https://www.php-fig.org/"
}
],
"description": "PSR-17: Common interfaces for PSR-7 HTTP message factories",
"keywords": [
"factory",
"http",
"message",
"psr",
"psr-17",
"psr-7",
"request",
"response"
],
"support": {
"source": "https://github.com/php-fig/http-factory"
},
"time": "2024-04-15T12:06:14+00:00"
},
{
"name": "psr/http-message",
"version": "2.0",
"source": {
"type": "git",
"url": "https://github.com/php-fig/http-message.git",
"reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/php-fig/http-message/zipball/402d35bcb92c70c026d1a6a9883f06b2ead23d71",
"reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71",
"shasum": ""
},
"require": {
"php": "^7.2 || ^8.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "2.0.x-dev"
}
},
"autoload": {
"psr-4": {
"Psr\\Http\\Message\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "PHP-FIG",
"homepage": "https://www.php-fig.org/"
}
],
"description": "Common interface for HTTP messages",
"homepage": "https://github.com/php-fig/http-message",
"keywords": [
"http",
"http-message",
"psr",
"psr-7",
"request",
"response"
],
"support": {
"source": "https://github.com/php-fig/http-message/tree/2.0"
},
"time": "2023-04-04T09:54:51+00:00"
},
{
"name": "psr/log",
"version": "3.0.2",
@@ -1573,6 +2058,50 @@
},
"time": "2021-10-29T13:26:27+00:00"
},
{
"name": "ralouphie/getallheaders",
"version": "3.0.3",
"source": {
"type": "git",
"url": "https://github.com/ralouphie/getallheaders.git",
"reference": "120b605dfeb996808c31b6477290a714d356e822"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/ralouphie/getallheaders/zipball/120b605dfeb996808c31b6477290a714d356e822",
"reference": "120b605dfeb996808c31b6477290a714d356e822",
"shasum": ""
},
"require": {
"php": ">=5.6"
},
"require-dev": {
"php-coveralls/php-coveralls": "^2.1",
"phpunit/phpunit": "^5 || ^6.5"
},
"type": "library",
"autoload": {
"files": [
"src/getallheaders.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Ralph Khattar",
"email": "ralph.khattar@gmail.com"
}
],
"description": "A polyfill for getallheaders.",
"support": {
"issues": "https://github.com/ralouphie/getallheaders/issues",
"source": "https://github.com/ralouphie/getallheaders/tree/develop"
},
"time": "2019-03-08T08:55:37+00:00"
},
{
"name": "symfony/console",
"version": "v6.4.17",
@@ -2910,7 +3439,7 @@
],
"aliases": [],
"minimum-stability": "stable",
"stability-flags": [],
"stability-flags": {},
"prefer-stable": false,
"prefer-lowest": false,
"platform": {
@@ -2921,6 +3450,6 @@
"ext-xml": "*",
"ext-dom": "*"
},
"platform-dev": [],
"plugin-api-version": "2.3.0"
"platform-dev": {},
"plugin-api-version": "2.6.0"
}

BIN
images/order_asc.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 56 B

BIN
images/order_desc.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 56 B

25
index.php
View File

@@ -93,6 +93,7 @@ if(setting('core.backward_support')) {
if($logged && $account_logged)
$group_id_of_acc_logged = $account_logged->getGroupId();
$config['serverPath'] = $config['server_path'];
$config['site'] = &$config;
$config['server'] = &$config['lua'];
$config['site']['shop_system'] = setting('core.gifts_system');
@@ -117,6 +118,14 @@ if(setting('core.backward_support')) {
$config['status']['serverStatus_' . $key] = $value;
}
if(setting('core.views_counter')) {
require_once SYSTEM . 'counter.php';
}
if(setting('core.visitors_counter')) {
$visitors = new Visitors(setting('core.visitors_counter_ttl'));
}
require_once SYSTEM . 'router.php';
// anonymous usage statistics
@@ -153,22 +162,6 @@ if(setting('core.anonymous_usage_statistics')) {
}
}
if(setting('core.views_counter'))
require_once SYSTEM . 'counter.php';
if(setting('core.visitors_counter')) {
$visitors = new Visitors(setting('core.visitors_counter_ttl'));
}
/**
* @var OTS_Account $account_logged
*/
if ($logged && admin()) {
$content .= $twig->render('admin-bar.html.twig', [
'username' => USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()
]);
}
$title_full = (isset($title) ? $title . ' - ' : '') . $config['lua']['serverName'];
require $template_path . '/' . $template_index;

9
install/includes/schema.sql
View File

@@ -10,6 +10,15 @@ CREATE TABLE `myaac_account_actions`
KEY (`account_id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_account_email_codes`
(
`id` int(11) NOT NULL AUTO_INCREMENT,
`account_id` int NOT NULL,
`code` varchar(6) NOT NULL,
`created_at` int NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
CREATE TABLE `myaac_admin_menu`
(
`id` int NOT NULL AUTO_INCREMENT,

8
install/steps/4-config.php
View File

@@ -10,6 +10,14 @@ foreach($config['clients'] as $client) {
$clients[$client] = $client_version;
}
if (empty($_SESSION['var_site_url'])) {
//require SYSTEM . 'base.php';
$serverUrl = 'http' . (isHttps() ? 's' : '') . '://' . $baseHost;
$siteURL = $serverUrl . $baseDir;
$_SESSION['var_site_url'] = $siteURL;
}
$twig->display('install.config.html.twig', array(
'clients' => $clients,
'timezones' => DateTimeZone::listIdentifiers(),

9
install/steps/7-finish.php
View File

@@ -195,13 +195,4 @@ if(!isset($_SESSION['installed'])) {
$_SESSION['installed'] = true;
}
foreach($_SESSION as $key => $value) {
if(strpos($key, 'var_') !== false)
unset($_SESSION[$key]);
}
unset($_SESSION['saved']);
if(file_exists(CACHE . 'install.txt')) {
unlink(CACHE . 'install.txt');
}
$hooks->trigger(HOOK_INSTALL_FINISH_END);

5
install/tools/5-database.php
View File

@@ -7,6 +7,11 @@ require SYSTEM . 'functions.php';
require BASE . 'install/includes/functions.php';
require BASE . 'install/includes/locale.php';
if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
warning($locale['already_installed']);
return;
}
$error = false;
require BASE . 'install/includes/config.php';

15
install/tools/7-finish.php
View File

@@ -17,11 +17,11 @@ ini_set('max_execution_time', 300);
ob_implicit_flush();
header('X-Accel-Buffering: no');
/*
if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
warning($locale['already_installed']);
return;
}*/
}
require SYSTEM . 'init.php';
@@ -94,6 +94,17 @@ $hooks->trigger(HOOK_INSTALL_FINISH);
$db->setClearCacheAfter(true);
// cleanup
foreach($_SESSION as $key => $value) {
if(str_contains($key, 'var_')) {
unset($_SESSION[$key]);
}
}
unset($_SESSION['saved']);
if(file_exists(CACHE . 'install.txt')) {
unlink(CACHE . 'install.txt');
}
$locale['step_finish_desc'] = str_replace('$ADMIN_PANEL$', generateLink(str_replace('tools/', '',ADMIN_URL), $locale['step_finish_admin_panel'], true), $locale['step_finish_desc']);
$locale['step_finish_desc'] = str_replace('$HOMEPAGE$', generateLink(str_replace('tools/', '', BASE_URL), $locale['step_finish_homepage'], true), $locale['step_finish_desc']);
$locale['step_finish_desc'] = str_replace('$LINK$', generateLink('https://my-aac.org', 'https://my-aac.org', true), $locale['step_finish_desc']);

4
login.php
View File

@@ -88,8 +88,8 @@ switch ($action) {
case 'boostedcreature':
$clientVersion = (int)setting('core.client');
// 14.00 and up
if ($clientVersion >= 1400) {
// 13.40 and up
if ($clientVersion >= 1340) {
$creatureBoost = $db->query("SELECT * FROM " . $db->tableName('boosted_creature'))->fetchAll();
$bossBoost = $db->query("SELECT * FROM " . $db->tableName('boosted_boss'))->fetchAll();
die(json_encode([

13
package-lock.json generated
View File

@@ -976,15 +976,16 @@
}
},
"node_modules/form-data": {
"version": "4.0.2",
"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.2.tgz",
"integrity": "sha512-hGfm/slu0ZabnNt4oaRZ6uREyfCj6P4fT/n6A1rGV+Z0VdGXjfOhVUpkn6qVQONHGIFwmveGXyDs75+nr6FM8w==",
"version": "4.0.4",
"resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.4.tgz",
"integrity": "sha512-KrGhL9Q4zjj0kiUt5OO4Mr/A/jlI2jDYs5eHBpYHPcBEVSiipAvn2Ko2HnPe20rmcuuvMHNdZFp+4IlGTMF0Ow==",
"dev": true,
"license": "MIT",
"dependencies": {
"asynckit": "^0.4.0",
"combined-stream": "^1.0.8",
"es-set-tostringtag": "^2.1.0",
"hasown": "^2.0.2",
"mime-types": "^2.1.12"
},
"engines": {
@@ -2084,9 +2085,9 @@
"license": "MIT"
},
"node_modules/tmp": {
"version": "0.2.3",
"resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.3.tgz",
"integrity": "sha512-nZD7m9iCPC5g0pYmcaxogYKggSfLsdxl8of3Q/oIbqCqLLIO9IAF0GWjX1z9NZRHPiXv8Wex4yDCaZsgEw0Y8w==",
"version": "0.2.4",
"resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.4.tgz",
"integrity": "sha512-UdiSoX6ypifLmrfQ/XfiawN6hkjSBpCjhKxxZcWlUUmoXLaCKQU0bx4HF/tdDK2uzRuchf1txGvrWBzYREssoQ==",
"dev": true,
"license": "MIT",
"engines": {

3
phpstan.neon
View File

@@ -28,10 +28,9 @@ parameters:
- '#Variable \$guild might not be defined#'
- '#Variable \$[a-zA-Z0-9\\_]+ might not be defined#'
# Eloquent models
- '#Call to an undefined method [a-zA-Z0-9\\_]+::[a-zA-Z0-9\\_]+\(\)#'
- '#Call to an undefined static method [a-zA-Z0-9\\_]+::[a-zA-Z0-9\\_]+\(\)#'
- '#Call to an undefined method object::toArray\(\)#'
# system/pages/highscores.php
- '#Call to an undefined method Illuminate\\Database\\Query\\Builder::withOnlineStatus\(\)#'
- '#Access to an undefined property Illuminate\\Database\\Eloquent\\Model::\$online_status#'
- '#Access to an undefined property Illuminate\\Database\\Eloquent\\Model::\$vocation_name#'
-

3
plugins/example.json
View File

@@ -51,5 +51,8 @@
"themes": true,
"admin-pages": true,
"admin-pages-sub-folders": true,
"settings": true,
"install": true,
"init": false
}
}

21
system/base.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
$baseDir = '';
$tmp = explode('/', $_SERVER['SCRIPT_NAME']);
$size = count($tmp) - 1;
for($i = 1; $i < $size; $i++)
$baseDir .= '/' . $tmp[$i];
$baseDir = str_replace(['/' . ADMIN_PANEL_FOLDER, '/install', '/tools'], '', $baseDir);
if(!IS_CLI) {
if (isset($_SERVER['HTTP_HOST'][0])) {
$baseHost = $_SERVER['HTTP_HOST'];
} else {
if (isset($_SERVER['SERVER_NAME'][0])) {
$baseHost = $_SERVER['SERVER_NAME'];
} else {
$baseHost = $_SERVER['SERVER_ADDR'];
}
}
}

24
system/functions.php
View File

@@ -512,6 +512,13 @@ function template_place_holder($type): string
}
elseif ($type === 'body_start') {
$ret .= $twig->render('browsehappy.html.twig');
if (admin()) {
global $account_logged;
$ret .= $twig->render('admin-bar.html.twig', [
'username' => USE_ACCOUNT_NAME ? $account_logged->getName() : $account_logged->getId()
]);
}
}
elseif($type === 'body_end') {
$ret .= template_ga_code();
@@ -767,6 +774,10 @@ function formatExperience($exp, $color = true)
return $ret;
}
function getExperienceForLevel($level): float|int {
return ( 50 / 3 ) * pow( $level, 3 ) - ( 100 * pow( $level, 2 ) ) + ( ( 850 / 3 ) * $level ) - 200;
}
function get_locales()
{
$ret = array();
@@ -982,11 +993,12 @@ function load_config_lua($filename)
foreach($lines as $ln => $line)
{
$line = trim($line);
if(@$line[0] === '{' || @$line[0] === '}') {
if(isset($line[0]) && ($line[0] === '{' || $line[0] === '}')) {
// arrays are not supported yet
// just ignore the error
continue;
}
$tmp_exp = explode('=', $line, 2);
if(str_contains($line, 'dofile')) {
$delimiter = '"';
@@ -1216,7 +1228,8 @@ function setting($key)
return $settings[$key[0]] = $key[1];
}
return $settings[$key]['value'];
$ret = $settings[$key];
return isset($ret) ? $ret['value'] : null;
}
function clearCache()
@@ -1265,14 +1278,15 @@ function clearCache()
$db->setClearCacheAfter(true);
}
if (function_exists('apcu_clear_cache')) {
apcu_clear_cache();
}
deleteDirectory(CACHE . 'signatures', ['index.html'], true);
deleteDirectory(CACHE . 'twig', ['index.html'], true);
deleteDirectory(CACHE . 'plugins', ['index.html'], true);
deleteDirectory(CACHE, ['signatures', 'twig', 'plugins', 'index.html', 'persistent'], true);
// routes cache
clearRouteCache();
global $hooks;
$hooks->trigger(HOOK_CACHE_CLEAR, ['cache' => Cache::getInstance()]);

19
system/init.php
View File

@@ -12,6 +12,7 @@ use DebugBar\StandardDebugBar;
use MyAAC\Cache\Cache;
use MyAAC\CsrfToken;
use MyAAC\Hooks;
use MyAAC\Plugins;
use MyAAC\Models\Town;
use MyAAC\Settings;
@@ -46,6 +47,11 @@ if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HT
global $cache;
$cache = Cache::getInstance();
// load plugins init.php
foreach (Plugins::getInits() as $init) {
require $init;
}
// event system
global $hooks;
$hooks = new Hooks();
@@ -138,6 +144,15 @@ $ots = POT::getInstance();
$eloquentConnection = null;
require_once SYSTEM . 'database.php';
define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
define('USE_ACCOUNT_NUMBER', $db->hasColumn('accounts', 'number'));
define('USE_ACCOUNT_SALT', $db->hasColumn('accounts', 'salt'));
define('HAS_ACCOUNT_COINS', $db->hasColumn('accounts', 'coins'));
define('HAS_ACCOUNT_COINS_TRANSFERABLE', $db->hasColumn('accounts', 'coins_transferable'));
define('HAS_ACCOUNT_TRANSFERABLE_COINS', $db->hasColumn('accounts', 'transferable_coins'));
const ACCOUNT_COINS_TRANSFERABLE_COLUMN = (HAS_ACCOUNT_COINS_TRANSFERABLE ? 'coins_transferable' : 'transferable_coins');
$twig->addGlobal('logged', false);
$twig->addGlobal('account_logged', new \OTS_Account());
@@ -182,10 +197,6 @@ if($settingsItemImagesURL[strlen($settingsItemImagesURL) - 1] !== '/') {
setting(['core.item_images_url', $settingsItemImagesURL . '/']);
}
define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
define('USE_ACCOUNT_NUMBER', $db->hasColumn('accounts', 'number'));
define('USE_ACCOUNT_SALT', $db->hasColumn('accounts', 'salt'));
$towns = Cache::remember('towns', 10 * 60, function () use ($db) {
if ($db->hasTable('towns') && Town::count() > 0) {
return Town::orderBy('id', 'ASC')->pluck('name', 'id')->toArray();

4
system/libs/pot/OTS.php
View File

@@ -415,9 +415,11 @@ class POT
* @tutorial POT/Server_status.pkg
* @deprecated 0.1.4 Use OTS_ServerInfo->status().
*/
public static function serverStatus($server, $port)
public static function serverStatus($server, $port, $timeout = 2.0)
{
$status = new OTS_ServerInfo($server, $port);
$status->setTimeout($timeout);
return $status->status();
}

3
system/libs/pot/OTS_Account.php
View File

@@ -473,9 +473,6 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
public function isPremium()
{
global $config;
if(isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium'])) return true;
if(isset($this->data['premium_ends_at'])) {
return $this->data['premium_ends_at'] > time();
}

7
system/libs/pot/OTS_InfoRespond.php
View File

@@ -219,11 +219,16 @@ class OTS_InfoRespond extends DOMDocument
* @return int Count of monsters.
* @throws DOMException On DOM operation error.
*/
public function getMonstersCount()
public function getMonstersCount(): int
{
return (int) $this->documentElement->getElementsByTagName('monsters')->item(0)->getAttribute('total');
}
public function getNPCsCount(): int
{
return (int) $this->documentElement->getElementsByTagName('npcs')->item(0)->getAttribute('total');
}
/**
* Returns map name.
*

37
system/libs/pot/OTS_Player.php
View File

@@ -2919,6 +2919,32 @@ class OTS_Player extends OTS_Row_DAO
$this->data['banned'] = $ban['active'];
$this->data['banned_time'] = $ban['expires'];
}
public function isNameLocked(): bool
{
// nothing can't be banned
if( !$this->isLoaded() ) {
throw new E_OTS_NotLoaded();
}
if($this->db->hasTable('player_namelocks')) {
$ban = $this->db->query('SELECT 1 FROM `player_namelocks` WHERE `player_id` = ' . $this->data['id'])->fetch(PDO::FETCH_ASSOC);
return (isset($ban['1']));
}
else if($this->db->hasTable('bans')) {
if($this->db->hasColumn('bans', 'active')) {
$ban = $this->db->query('SELECT `active`, `expires` FROM `bans` WHERE `type` = 2 AND `active` = 1 AND `value` = ' . $this->data['id'] . ' AND (`expires` > ' . time() .' OR `expires` = -1) ORDER BY `expires` DESC')->fetch();
return isset($ban['active']);
}
else { // tfs 0.2
$ban = $this->db->query('SELECT `time` FROM `bans` WHERE `type` = 2 AND `account` = ' . $this->data['account_id'] . ' AND (`time` > ' . time() .' OR `time` = -1) ORDER BY `time` DESC')->fetch();
return isset($ban['time']) && ($ban['time'] == -1 || $ban['time'] > 0);
}
}
return false;
}
/**
* Deletes player.
*
@@ -2953,21 +2979,14 @@ class OTS_Player extends OTS_Row_DAO
* @return string Player proffesion name.
* @throws E_OTS_NotLoaded If player is not loaded or global vocations list is not loaded.
*/
public function getVocationName()
public function getVocationName(): string
{
if( !isset($this->data['vocation']) )
{
throw new E_OTS_NotLoaded();
}
global $config;
$voc = $this->getVocation();
if(!isset($config['vocations'][$voc])) {
return 'Unknown';
}
return $config['vocations'][$voc];
//return POT::getInstance()->getVocationsList()->getVocationName($this->data['vocation']);
return OTS_Toolbox::getVocationName($this->data['vocation'], $this->data['promotion'] ?? 0);
}
/**

15
system/libs/pot/OTS_ServerInfo.php
View File

@@ -26,14 +26,19 @@ class OTS_ServerInfo
*
* @var string
*/
private $server;
private string $server;
/**
* Connection port.
*
* @var int
*/
private $port;
private int $port;
/**
* Status timeout
*/
private float $timeout = 2.0;
/**
* Creates handler for new server.
@@ -57,7 +62,7 @@ class OTS_ServerInfo
private function send(OTS_Buffer $packet)
{
// connects to server
$socket = @fsockopen($this->server, $this->port, $error, $message, setting('core.status_timeout'));
$socket = @fsockopen($this->server, $this->port, $error, $message, $this->timeout);
// if connected then checking statistics
if($socket)
@@ -224,6 +229,10 @@ class OTS_ServerInfo
throw new OutOfBoundsException();
}
}
public function setTimeout($timeout) {
$this->timeout = $timeout;
}
}
/**#@-*/

9
system/libs/pot/OTS_Toolbox.php
View File

@@ -110,6 +110,15 @@ class OTS_Toolbox
$list->setFilter($filter);
return $list;
}
public static function getVocationName($id, $promotion = 0): string
{
if($promotion > 0) {
$id = ($id + ($promotion * config('vocations_amount')));
}
return config('vocations')[$id] ?? 'Unknown';
}
}
/**#@-*/

2
system/locale/de/install.php
View File

@@ -48,6 +48,8 @@ $locale['step_config'] = 'Konfiguration';
$locale['step_config_title'] = 'Grundkonfiguration';
$locale['step_config_server_path'] = 'Serverpfad';
$locale['step_config_server_path_desc'] = 'Pfad zu Ihrem TFS-Hauptverzeichnis, in dem sich die config.lua befinden.';
$locale['step_config_site_url'] = 'Website URL';
$locale['step_config_site_url_desc'] = 'Ihre Website-Adresse.';
$locale['step_config_mail_admin'] = 'Admin E-Mail';
$locale['step_config_mail_admin_desc'] = 'Adresse, an die E-Mails aus dem Kontaktformular gesendet werden, z. B. admin@gmail.com';
$locale['step_config_mail_admin_error'] = 'Admin E-Mail ist nicht korrekt.';

2
system/locale/en/install.php
View File

@@ -52,6 +52,8 @@ $locale['step_config'] = 'Configuration';
$locale['step_config_title'] = 'Basic configuration';
$locale['step_config_server_path'] = 'Server path';
$locale['step_config_server_path_desc'] = 'Path to your TFS main directory, where you have config.lua located.';
$locale['step_config_site_url'] = 'Website URL';
$locale['step_config_site_url_desc'] = 'Your website address.';
$locale['step_config_mail_admin'] = 'Admin Email';
$locale['step_config_mail_admin_desc'] = 'Address where emails from contact form will be delivered, for example admin@gmail.com';
$locale['step_config_mail_admin_error'] = 'Admin Email is not correct.';

2
system/locale/pl/install.php
View File

@@ -52,6 +52,8 @@ $locale['step_config'] = 'Konfiguracja';
$locale['step_config_title'] = 'Podstawowa konfiguracja';
$locale['step_config_server_path'] = 'Ścieżka do serwera';
$locale['step_config_server_path_desc'] = 'Ścieżka do Twojego folderu z TFS, gdzie znajduje się plik config.lua.';
$locale['step_config_server_url'] = 'Adres strony';
$locale['step_config_server_url_desc'] = 'Adres tej strony www.';
$locale['step_config_mail_admin'] = 'E-Mail admina';
$locale['step_config_mail_admin_desc'] = 'Na ten adres będą dostarczane E-Maile z formularza kontaktowego, przykładowo admin@gmail.com';
$locale['step_config_mail_admin_error'] = 'E-Mail admina jest niepoprawny.';

8
system/migrations/46-account_email_codes.sql Normal file
View File

@@ -0,0 +1,8 @@
CREATE TABLE `myaac_account_email_codes`
(
`id` int(11) NOT NULL AUTO_INCREMENT,
`account_id` int NOT NULL,
`code` varchar(6) NOT NULL,
`created_at` int NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;

27
system/migrations/46.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
// add the myaac_account_email_codes
/**
* @var OTS_DB_MySQL $db
*/
$up = function () use ($db) {
if (!$db->hasColumn('accounts', '2fa_type')) {
$db->addColumn('accounts', '2fa_type', "tinyint NOT NULL DEFAULT 0 AFTER `web_flags`");
}
// add myaac_account_email_codes table
if (!$db->hasTable(TABLE_PREFIX . 'account_email_codes')) {
$db->exec(file_get_contents(__DIR__ . '/46-account_email_codes.sql'));
}
};
$down = function () use ($db) {
if ($db->hasColumn('accounts', '2fa_type')) {
$db->dropColumn('accounts', '2fa_type');
}
//if ($db->hasTable(TABLE_PREFIX . 'account_email_codes')) {
// $db->dropTable(TABLE_PREFIX . 'account_email_codes');
//}
};

2
system/pages/404.php
View File

@@ -8,7 +8,7 @@
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = '404 Not Found';
$title = 'Not Found';
header('HTTP/1.0 404 Not Found');
?>

2
system/pages/405.php
View File

@@ -8,7 +8,7 @@
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$title = '405 Method Not Allowed';
$title = 'Method Not Allowed';
header('HTTP/1.0 405 Method Not Allowed');
?>

121
system/pages/account/2fa.php Normal file
View File

@@ -0,0 +1,121 @@
<?php
/**
* 2-factor authentication
*
* @package MyAAC
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\TwoFactorAuth\TwoFactorAuth;
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Two Factor Authentication';
require __DIR__ . '/base.php';
csrfProtect();
/**
* @var OTS_Account $account_logged
*/
$step = $_REQUEST['step'] ?? '';
$code = $_REQUEST['email-code'] ?? '';
if ((!setting('core.mail_enabled')) && ACTION == 'email-code') {
$twig->display('error_box.html.twig', ['errors' => ['Account two-factor e-mail authentication disabled.']]);
return;
}
if (!isset($account_logged) || !$account_logged->isLoaded()) {
$current_session = getSession('account');
if($current_session) {
$account_logged->load($current_session);
}
}
$twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
if (ACTION == 'email-code') {
if ($step == 'resend') {
if ($twoFactorAuth->hasRecentEmailCode(15 * 60)) {
$errors = ['Sorry, one email per 15 minutes'];
}
else {
$twoFactorAuth->resendEmailCode();
}
if (!empty($errors)) {
$twig->display('error_box.html.twig', ['errors' => $errors]);
}
$twig->display('account.2fa.email.login.html.twig');
}
else if ($step == 'activate') {
if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) {
$twoFactorAuth->resendEmailCode();
}
if (isset($_POST['save'])) {
if (!empty($code)) {
$twoFactorAuth->setAuthGateway(TwoFactorAuth::TYPE_EMAIL);
if ($twoFactorAuth->getAuthGateway()->verifyCode($code)) {
$serverName = configLua('serverName');
$twoFactorAuth->enable(TwoFactorAuth::TYPE_EMAIL);
$twoFactorAuth->deleteOldCodes();
$twig->display('success.html.twig', [
'title' => 'Email Code Authentication Activated',
'description' => sprintf('You have successfully activated <b>email code authentication</b> for your account. This means an <b>email code</b> will be sent to the email address assigned to your account whenever you try to log in to the %s client or the %s website. In order to log in, you will need to enter the <b>most recent email code</b> you have received.', $serverName, $serverName)
]);
return;
}
else {
$errors[] = 'Invalid email code!';
}
}
}
if (!empty($errors)) {
$twig->display('error_box.html.twig', ['errors' => $errors]);
}
$twig->display('account.2fa.email_code.html.twig', ['wrongCode' => count($errors) > 0]);
}
else if ($step == 'deactivate') {
if (!$twoFactorAuth->hasRecentEmailCode(15 * 60)) {
$twoFactorAuth->resendEmailCode();
}
if (isset($_POST['save'])) {
if (!empty($code)) {
if ($twoFactorAuth->getAuthGateway()->verifyCode($code)) {
$twoFactorAuth->disable();
$twoFactorAuth->deleteOldCodes();
$twig->display('success.html.twig',
[
'title' => 'Email Code Authentication Deactivated',
'description' => 'You have successfully <b>deactivated</b> the <b>Email Code Authentication</b> for your account.'
]
);
return;
}
else {
$errors[] = 'Invalid email code!';
}
}
}
if (!empty($errors)) {
$twig->display('error_box.html.twig', ['errors' => $errors]);
}
$twig->display('account.2fa.email.deactivate.html.twig', ['wrongCode' => count($errors) > 0]);
}
}

4
system/pages/account/base.php
View File

@@ -17,6 +17,10 @@ if(!$logged)
if(!empty($errors))
$twig->display('error_box.html.twig', array('errors' => $errors));
if (defined('HIDE_LOGIN_BOX') && HIDE_LOGIN_BOX) {
return;
}
$twig->display('account.login.html.twig', array(
'redirect' => $_REQUEST['redirect'] ?? null,
'account' => USE_ACCOUNT_NAME ? 'Name' : 'Number',

4
system/pages/account/change-email.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$email_new_time = $account_logged->getCustomField("email_new_time");
if($email_new_time > 10) {
@@ -164,7 +166,7 @@ if(isset($_POST['emailchangecancel']) && $_POST['emailchangecancel'] == 1) {
$account_logged->setCustomField("email_new", "");
$account_logged->setCustomField("email_new_time", 0);
$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="' . getLink('account/manage') . '" method="post" ><tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
$custom_buttons = '<div style="text-align:center"><table border="0" cellspacing="0" cellpadding="0" ><form action="' . getLink('account/manage') . '" method="post" >' . csrf(true) . '<tr><td style="border:0px;" >' . $twig->render('buttons.back.html.twig') . '</td></tr></form></table></div>';
$twig->display('success.html.twig', array(
'title' => 'Email Address Change Cancelled',

2
system/pages/account/change-info.php
View File

@@ -20,6 +20,8 @@ if(!$logged) {
return;
}
csrfProtect();
if(setting('core.account_country'))
require SYSTEM . 'countries.conf.php';

2
system/pages/account/change-password.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$new_password = $_POST['newpassword'] ?? NULL;
$new_password_confirm = $_POST['newpassword_confirm'] ?? NULL;
$old_password = $_POST['oldpassword'] ?? NULL;

2
system/pages/account/characters/change-comment.php
View File

@@ -20,6 +20,8 @@ if(!$logged) {
return;
}
csrfProtect();
$player = null;
$player_name = isset($_REQUEST['name']) ? stripslashes(urldecode($_REQUEST['name'])) : null;
$new_comment = isset($_POST['comment']) ? htmlspecialchars(stripslashes(substr($_POST['comment'],0,2000))) : NULL;

2
system/pages/account/characters/change-name.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
$name = isset($_POST['name']) ? stripslashes(ucwords(strtolower($_POST['name']))) : NULL;
if((!setting('core.account_change_character_name')))

2
system/pages/account/characters/change-sex.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$sex_changed = false;
$player_id = isset($_POST['player_id']) ? (int)$_POST['player_id'] : NULL;
$new_sex = isset($_POST['new_sex']) ? (int)$_POST['new_sex'] : NULL;

2
system/pages/account/characters/create.php
View File

@@ -20,6 +20,8 @@ if(!$logged) {
return;
}
csrfProtect();
$character_name = isset($_POST['name']) ? stripslashes($_POST['name']) : null;
$character_sex = isset($_POST['sex']) ? (int)$_POST['sex'] : null;
$character_vocation = isset($_POST['vocation']) ? (int)$_POST['vocation'] : null;

2
system/pages/account/characters/delete.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$player_name = isset($_POST['delete_name']) ? stripslashes($_POST['delete_name']) : null;
$password_verify = isset($_POST['delete_password']) ? $_POST['delete_password'] : null;
$password_verify = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $password_verify);

17
system/pages/account/create.php
View File

@@ -23,6 +23,8 @@ if($logged)
return;
}
csrfProtect();
if(setting('core.account_create_character_create')) {
$createCharacter = new CreateCharacter();
}
@@ -219,8 +221,19 @@ if($save)
}
}
if(setting('core.account_premium_points') && setting('core.account_premium_points') > 0) {
$new_account->setCustomField('premium_points', setting('core.account_premium_points'));
$accountDefaultPremiumPoints = setting('core.account_premium_points');
if($accountDefaultPremiumPoints > 0) {
$new_account->setCustomField('premium_points', $accountDefaultPremiumPoints);
}
$accountDefaultCoins = setting('core.account_coins');
if(HAS_ACCOUNT_COINS && $accountDefaultCoins > 0) {
$new_account->setCustomField('coins', $accountDefaultCoins);
}
$accountDefaultCoinsTransferable = setting('core.account_coins_transferable');
if((HAS_ACCOUNT_COINS_TRANSFERABLE || HAS_ACCOUNT_TRANSFERABLE_COINS) && $accountDefaultCoinsTransferable > 0) {
$new_account->setCustomField(ACCOUNT_COINS_TRANSFERABLE_COLUMN, $accountDefaultCoinsTransferable);
}
$tmp_account = $email;

8
system/pages/account/login.php
View File

@@ -10,6 +10,7 @@
*/
use MyAAC\RateLimit;
use MyAAC\TwoFactorAuth\TwoFactorAuth;
defined('MYAAC') or die('Direct access not allowed!');
@@ -18,6 +19,8 @@ if($logged || !isset($_POST['account_login']) || !isset($_POST['password_login']
return;
}
csrfProtect();
$login_account = $_POST['account_login'];
$login_password = $_POST['password_login'];
$remember_me = isset($_POST['remember_me']);
@@ -48,6 +51,11 @@ if(!empty($login_account) && !empty($login_password))
if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
} else {
$twoFactorAuth = TwoFactorAuth::getInstance($account_logged);
if (!$twoFactorAuth->process($login_account, $login_password, $_POST['email-code'] ?? '')) {
return;
}
session_regenerate_id();
setSession('account', $account_logged->getId());
setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));

9
system/pages/account/manage.php
View File

@@ -8,6 +8,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\TwoFactorAuth\TwoFactorAuth;
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Account Management';
@@ -34,6 +37,8 @@ if(isset($_REQUEST['redirect']))
return;
}
csrfProtect();
$groups = new OTS_Groups_List();
$freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS;
@@ -109,6 +114,8 @@ $twig->display('account.management.html.twig', array(
'account_registered' => $account_registered,
'account_rlname' => $account_rlname,
'account_location' => $account_location,
'twoFactorViews' => TwoFactorAuth::getInstance($account_logged)->getAccountManageViews(),
'actions' => $actions,
'players' => $account_players
'players' => $account_players,
));

23
system/pages/account/redirect.php
View File

@@ -1,23 +0,0 @@
<?php
/**
* Change comment
*
* @package MyAAC
* @author Gesior <jerzyskalski@wp.pl>
* @author Slawkens <slawkens@gmail.com>
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
defined('MYAAC') or die('Direct access not allowed!');
$redirect = urldecode($_REQUEST['redirect']);
// should never happen, unless hacker modify the URL
if (!str_contains($redirect, BASE_URL)) {
error('Fatal error: Cannot redirect outside the website.');
return;
}
$twig->display('account.redirect.html.twig', array(
'redirect' => $redirect
));

2
system/pages/account/register-new.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
if(isset($_POST['reg_password']))
$reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);

2
system/pages/account/register.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$_POST['reg_password'] = $_POST['reg_password'] ?? '';
$reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
$old_key = $account_logged->getCustomField("key");

37
system/pages/forum/admin.php
View File

@@ -17,6 +17,8 @@ if(!$canEdit) {
return;
}
csrfProtect();
$groupsList = new OTS_Groups_List();
$groups = [
['id' => 0, 'name' => 'Guest'],
@@ -30,23 +32,24 @@ foreach ($groupsList as $group) {
}
if(!empty($action)) {
if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board')
if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board') {
$id = $_REQUEST['id'];
if(isset($_REQUEST['access'])) {
$access = $_REQUEST['access'];
}
if(isset($_REQUEST['guild'])) {
$guild = $_REQUEST['guild'];
if(isset($_POST['access'])) {
$access = $_POST['access'];
}
if(isset($_REQUEST['name'])) {
$name = $_REQUEST['name'];
if(isset($_POST['guild'])) {
$guild = $_POST['guild'];
}
if(isset($_REQUEST['description'])) {
$description = stripslashes($_REQUEST['description']);
if(isset($_POST['name'])) {
$name = $_POST['name'];
}
if(isset($_POST['description'])) {
$description = stripslashes($_POST['description']);
}
$errors = [];
@@ -55,12 +58,13 @@ if(!empty($action)) {
if(Forum::add_board($name, $description, $access, $guild, $errors)) {
$action = $name = $description = '';
header('Location: ' . getLink('forum'));
exit;
}
}
else if($action == 'delete_board') {
Forum::delete_board($id, $errors);
header('Location: ' . getLink('forum'));
$action = '';
exit;
}
else if($action == 'edit_board')
{
@@ -74,28 +78,27 @@ if(!empty($action)) {
else {
Forum::update_board($id, $name, $access, $guild, $description);
header('Location: ' . getLink('forum'));
$action = $name = $description = '';
$access = $guild = 0;
exit;
}
}
else if($action == 'hide_board') {
Forum::toggleHide_board($id, $errors);
header('Location: ' . getLink('forum'));
$action = '';
exit;
}
else if($action == 'moveup_board') {
Forum::move_board($id, -1, $errors);
header('Location: ' . getLink('forum'));
$action = '';
exit;
}
else if($action == 'movedown_board') {
Forum::move_board($id, 1, $errors);
header('Location: ' . getLink('forum'));
$action = '';
exit;
}
if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
$twig->display('error_box.html.twig', ['errors' => $errors]);
$action = '';
}
}

17
system/pages/forum/edit_post.php
View File

@@ -23,8 +23,9 @@ if(!$logged) {
return;
}
if(Forum::canPost($account_logged))
{
csrfProtect();
if(Forum::canPost($account_logged)) {
$post_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : false;
if(!$post_id) {
$errors[] = 'Please enter post id.';
@@ -41,12 +42,12 @@ if(Forum::canPost($account_logged))
$char_id = $post_topic = $text = $smile = $html = null;
$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
$saved = false;
if(isset($_REQUEST['save'])) {
$text = stripslashes(trim($_REQUEST['text']));
$char_id = (int) $_REQUEST['char_id'];
$post_topic = stripslashes(trim($_REQUEST['topic']));
$smile = isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0;
$html = isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0;
if(isset($_POST['save'])) {
$text = stripslashes(trim($_POST['text']));
$char_id = (int) $_POST['char_id'];
$post_topic = stripslashes(trim($_POST['topic']));
$smile = isset($_POST['smile']) ? (int)$_POST['smile'] : 0;
$html = isset($_POST['html']) ? (int)$_POST['html'] : 0;
if (!superAdmin()) {
$html = 0;

8
system/pages/forum/move_thread.php
View File

@@ -23,15 +23,17 @@ if(!$logged) {
return;
}
csrfProtect();
if(!Forum::isModerator()) {
echo 'You are not logged in or you are not moderator.';
return;
}
$save = isset($_REQUEST['save']) && (int)$_REQUEST['save'] == 1;
$save = isset($_POST['save']) && (int)$_POST['save'] == 1;
if($save) {
$post_id = (int)$_REQUEST['id'];
$board = (int)$_REQUEST['section'];
$post_id = (int)$_POST['id'];
$board = (int)$_POST['section'];
if(!Forum::hasAccess($board)) {
$errors[] = "You don't have access to this board.";
displayErrorBoxWithBackButton($errors, getLink('forum'));

21
system/pages/forum/new_post.php
View File

@@ -28,6 +28,8 @@ if(!$logged) {
return;
}
csrfProtect();
if(Forum::canPost($account_logged)) {
$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
$thread_id = isset($_REQUEST['thread_id']) ? (int) $_REQUEST['thread_id'] : 0;
@@ -43,11 +45,11 @@ if(Forum::canPost($account_logged)) {
echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread_id) . '">'.htmlspecialchars($thread['post_topic']).'</a> >> <b>Post new reply</b><br /><h3>'.htmlspecialchars($thread['post_topic']).'</h3>';
$quote = isset($_REQUEST['quote']) ? (int) $_REQUEST['quote'] : NULL;
$text = isset($_REQUEST['text']) ? stripslashes(trim($_REQUEST['text'])) : NULL;
$char_id = (int) ($_REQUEST['char_id'] ?? 0);
$post_topic = isset($_REQUEST['topic']) ? stripslashes(trim($_REQUEST['topic'])) : '';
$smile = (int)($_REQUEST['smile'] ?? 0);
$html = (int)($_REQUEST['html'] ?? 0);
$text = isset($_POST['text']) ? stripslashes(trim($_POST['text'])) : NULL;
$char_id = (int) ($_POST['char_id'] ?? 0);
$post_topic = isset($_POST['topic']) ? stripslashes(trim($_POST['topic'])) : '';
$smile = (int)($_POST['smile'] ?? 0);
$html = (int)($_POST['html'] ?? 0);
$saved = false;
if (!superAdmin()) {
@@ -60,10 +62,10 @@ if(Forum::canPost($account_logged)) {
$text = '[i]Originally posted by ' . $quoted_post[0]['name'] . ' on ' . date('d.m.y H:i:s', $quoted_post[0]['post_date']) . ':[/i][quote]' . $quoted_post[0]['post_text'] . '[/quote]';
}
}
elseif(isset($_REQUEST['save'])) {
elseif(isset($_POST['save'])) {
$length = strlen($text);
if($length < 1 || strlen($text) > 15000) {
$errors[] = 'Too short or too long post (Length: $length letters). Minimum 1 letter, maximum 15000 letters.';
$errors[] = "Too short or too long post (Length: $length letters). Minimum 1 letter, maximum 15000 letters.";
}
if($char_id == 0) {
@@ -79,15 +81,14 @@ if(Forum::canPost($account_logged)) {
}
if(!$player_on_account) {
$errors[] = 'Player with selected ID ' . $char_id . ' doesn\'t exist or isn\'t on your account';
$errors[] = "Player with selected ID $char_id doesn't exist or isn't on your account";
}
}
if(count($errors) == 0) {
$last_post = 0;
$query = $db->query('SELECT post_date FROM ' . FORUM_TABLE_PREFIX . 'forum ORDER BY post_date DESC LIMIT 1');
if($query->rowCount() > 0)
{
if($query->rowCount() > 0) {
$query = $query->fetch();
$last_post = $query['post_date'];
}

15
system/pages/forum/new_thread.php
View File

@@ -28,6 +28,8 @@ if(!$logged) {
return;
}
csrfProtect();
if(Forum::canPost($account_logged)) {
$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
$section_id = $_REQUEST['section_id'] ?? null;
@@ -38,19 +40,18 @@ if(Forum::canPost($account_logged)) {
if ($sections[$section_id]['closed'] && !Forum::isModerator())
$errors[] = 'You cannot create topic on this board.';
$quote = (int)(isset($_REQUEST['quote']) ? $_REQUEST['quote'] : 0);
$text = isset($_REQUEST['text']) ? stripslashes($_REQUEST['text']) : '';
$char_id = (int)(isset($_REQUEST['char_id']) ? $_REQUEST['char_id'] : 0);
$post_topic = isset($_REQUEST['topic']) ? stripslashes($_REQUEST['topic']) : '';
$smile = (isset($_REQUEST['smile']) ? (int)$_REQUEST['smile'] : 0);
$html = (isset($_REQUEST['html']) ? (int)$_REQUEST['html'] : 0);
$text = isset($_POST['text']) ? stripslashes($_POST['text']) : '';
$char_id = (int)(isset($_POST['char_id']) ? $_POST['char_id'] : 0);
$post_topic = isset($_POST['topic']) ? stripslashes($_POST['topic']) : '';
$smile = (isset($_POST['smile']) ? (int)$_POST['smile'] : 0);
$html = (isset($_POST['html']) ? (int)$_POST['html'] : 0);
if (!superAdmin()) {
$html = 0;
}
$saved = false;
if (isset($_REQUEST['save'])) {
if (isset($_POST['save'])) {
$length = strlen($post_topic);
if ($length < 1 || $length > 60) {
$errors[] = "Too short or too long topic (Length: $length letters). Minimum 1 letter, maximum 60 letters.";

8
system/pages/forum/remove_post.php
View File

@@ -23,11 +23,13 @@ if(!$logged) {
return;
}
csrfProtect();
if(Forum::isModerator()) {
$id = (int) $_REQUEST['id'];
$id = (int) ($_POST['id'] ?? 0);
$post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$id." LIMIT 1")->fetch();
if($post['id'] == $id && Forum::hasAccess($post['section'])) {
if($post && $post['id'] == $id && Forum::hasAccess($post['section'])) {
if($post['id'] == $post['first_post']) {
$db->query("DELETE FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `first_post` = ".$post['id']);
header('Location: ' . getForumBoardLink($post['section']));
@@ -36,7 +38,7 @@ if(Forum::isModerator()) {
$post_page = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`id` < ".$id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $post['first_post'])->fetch();
$_page = (int) ceil($post_page['posts_count'] / setting('core.forum_threads_per_page')) - 1;
$db->query("DELETE FROM `" . FORUM_TABLE_PREFIX . "forum` WHERE `id` = ".$post['id']);
header('Location: ' . getForumThreadLink($post['first_post'], (int) $_page));
header('Location: ' . getForumThreadLink($post['first_post'], $_page));
}
}
else {

17
system/pages/forum/show_board.php
View File

@@ -33,7 +33,7 @@ if(!Forum::hasAccess($section_id)) {
return;
}
$_page = (int) (isset($_REQUEST['page']) ? $_REQUEST['page'] : 0);
$_page = (int) ($_REQUEST['page'] ?? 0);
$threads_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS threads_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id`")->fetch();
for($i = 0; $i < $threads_count['threads_count'] / setting('core.forum_threads_per_page'); $i++) {
if($i != $_page)
@@ -50,7 +50,7 @@ if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
}
echo '<br /><br />Page: '.$links_to_pages.'<br />';
$last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`last_post`, `" . FORUM_TABLE_PREFIX . "forum`.`replies`, `" . FORUM_TABLE_PREFIX . "forum`.`views`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".$section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id` ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".setting('core.forum_threads_per_page')." OFFSET ".($_page * setting('core.forum_threads_per_page')))->fetchAll();
$last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`last_post`, `" . FORUM_TABLE_PREFIX . "forum`.`replies`, `" . FORUM_TABLE_PREFIX . "forum`.`views`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".$section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id` ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".setting('core.forum_threads_per_page')." OFFSET ".($_page * setting('core.forum_threads_per_page')))->fetchAll(PDO::FETCH_ASSOC);
if(isset($last_threads[0])) {
echo '<table width="100%">
@@ -67,8 +67,8 @@ if(isset($last_threads[0])) {
foreach($last_threads as $thread) {
echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td>';
if(Forum::isModerator()) {
echo '<a href="' . getLink('forum') . '?action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
echo '<a href="' . getLink('forum') . '?action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.htmlspecialchars($thread['post_topic']).' <?\')"><span style="color: red">[REMOVE]</span></a> ';
echo '<a href="' . getLink('forum') . '?action=move_thread&id=' . $thread['id'] . '" title="Move Thread"><img src="images/icons/arrow_right.gif"/></a>';
$twig->display('forum.remove_post.html.twig', ['post' => $thread]);
}
$player->load($thread['player_id']);
@@ -82,11 +82,14 @@ if(isset($last_threads[0])) {
echo '<a href="' . getForumThreadLink($thread['id']) . '">'.htmlspecialchars($thread['post_topic']). '</a><br /><small>'.($canEditForum ? substr(strip_tags($thread['post_text']), 0, 50) : htmlspecialchars(substr($thread['post_text'], 0, 50))).'...</small></td><td>' . getPlayerLink($thread['name']) . '</td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
if($thread['last_post'] > 0) {
$last_post = $db->query("SELECT `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread['id']." AND `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch();
if(isset($last_post['name']))
echo date('d.m.y H:i:s', $last_post['post_date']).'<br />by ' . getPlayerLink($last_post['name']);
else
if(isset($last_post['name'])) {
echo date('d.m.y H:i:s', $last_post['post_date']) . '<br />by ' . getPlayerLink($last_post['name']);
}
else {
echo 'No posts.';
}
}
else {
echo date('d.m.y H:i:s', $thread['post_date']) . '<br />by ' . getPlayerLink($thread['name']);
}

4
system/pages/forum/show_thread.php
View File

@@ -35,7 +35,7 @@ if(!Forum::hasAccess($thread_starter['section'])) {
return;
}
$posts_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id)->fetch();
$posts_count = $db->query("SELECT COUNT(`" . FORUM_TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".$thread_id)->fetch();
for($i = 0; $i < $posts_count['posts_count'] / setting('core.forum_threads_per_page'); $i++) {
if($i != $_page)
$links_to_pages .= '<a href="' . getForumThreadLink($thread_id, $i) . '">'.($i + 1).'</a> ';
@@ -46,7 +46,7 @@ for($i = 0; $i < $posts_count['posts_count'] / setting('core.forum_threads_per_p
$posts = $db->query("SELECT `players`.`id` as `player_id`, `" . FORUM_TABLE_PREFIX . "forum`.`id`,`" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`section`,`" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` AS `date`, `" . FORUM_TABLE_PREFIX . "forum`.`post_smile`, `" . FORUM_TABLE_PREFIX . "forum`.`post_html`, `" . FORUM_TABLE_PREFIX . "forum`.`author_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`author_guid`, `" . FORUM_TABLE_PREFIX . "forum`.`last_edit_aid`, `" . FORUM_TABLE_PREFIX . "forum`.`edit_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".$thread_id." ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`post_date` LIMIT " . setting('core.forum_posts_per_page') . " OFFSET ".($_page * setting('core.forum_posts_per_page')))->fetchAll();
if(isset($posts[0]['player_id'])) {
$db->query("UPDATE `" . FORUM_TABLE_PREFIX . "forum` SET `views`=`views`+1 WHERE `id` = ".(int) $thread_id);
$db->query("UPDATE `" . FORUM_TABLE_PREFIX . "forum` SET `views`=`views`+1 WHERE `id` = " . $thread_id);
}
$lookaddons = $db->hasColumn('players', 'lookaddons');

12
system/pages/guilds/accept_invite.php
View File

@@ -12,11 +12,11 @@ defined('MYAAC') or die('Direct access not allowed!');
require __DIR__ . '/base.php';
//set rights in guild
// set rights in guild
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
$name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null;
if(!$logged) {
$errors[] = 'You are not logged in. You can\'t accept invitations.';
$errors[] = "You are not logged in. You can't accept invitations.";
}
if(!Validator::guildName($guild_name)) {
@@ -27,11 +27,11 @@ if(empty($errors)) {
$guild = new OTS_Guild();
$guild->find($guild_name);
if(!$guild->isLoaded()) {
$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
$errors[] = "Guild with name <b>$guild_name</b> doesn't exist.";
}
}
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
if(!Validator::characterName($name)) {
$errors[] = 'Invalid name format.';
}
@@ -51,7 +51,7 @@ if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
}
}
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
if(empty($errors)) {
$is_invited = false;
include(SYSTEM . 'libs/pot/InvitesDriver.php');
@@ -104,7 +104,7 @@ if(!empty($errors)) {
));
}
else {
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
$guild->acceptInvite($player);
$twig->display('success.html.twig', array(
'title' => 'Accept invitation',

4
system/pages/guilds/add_rank.php
View File

@@ -13,7 +13,7 @@ defined('MYAAC') or die('Direct access not allowed!');
require __DIR__ . '/base.php';
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
$rank_name = isset($_REQUEST['rank_name']) ? $_REQUEST['rank_name'] : null;
$rank_name = $_POST['rank_name'] ?? null;
if(!Validator::guildName($guild_name)) {
$errors[] = Validator::getLastError();
}
@@ -35,7 +35,7 @@ if(empty($errors)) {
$rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild_leader_char->getId() == $player->getId()) {
$guild_vice = true;

2
system/pages/guilds/base.php
View File

@@ -15,3 +15,5 @@ else
define('GUILD_MEMBERS_TABLE', 'guild_membership');
define('MOTD_EXISTS', $db->hasColumn('guilds', 'motd'));
csrfProtect();

6
system/pages/guilds/change_description.php
View File

@@ -31,7 +31,7 @@ if(empty($errors)) {
$rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild->getOwner()->getId() == $player->getId()) {
$guild_vice = true;
@@ -42,8 +42,8 @@ if(empty($errors)) {
$saved = false;
if($guild_leader) {
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
$description = htmlspecialchars(stripslashes(substr(trim($_REQUEST['description']),0, setting('core.guild_description_chars_limit'))));
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
$description = htmlspecialchars(stripslashes(substr(trim($_POST['description']),0, setting('core.guild_description_chars_limit'))));
$guild->setCustomField('description', $description);
$saved = true;
}

11
system/pages/guilds/change_logo.php
View File

@@ -30,7 +30,7 @@ if(empty($errors)) {
if($logged) {
$guild_leader_char = $guild->getOwner();
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild_leader_char->getId() == $player->getId()) {
@@ -40,14 +40,13 @@ if(empty($errors)) {
}
}
if($guild_leader)
{
if($guild_leader) {
$max_image_size_b = setting('core.guild_image_size_kb') * 1024;
$allowed_ext = array('image/gif', 'image/jpg', 'image/pjpeg', 'image/jpeg', 'image/bmp', 'image/png', 'image/x-png');
$ext_name = array('image/gif' => 'gif', 'image/jpg' => 'jpg', 'image/jpeg' => 'jpg', 'image/pjpeg' => 'jpg', 'image/bmp' => 'bmp', 'image/png' => 'png', 'image/x-png' => 'png');
$save_file_name = str_replace(' ', '_', strtolower($guild->getName()));
$save_path = GUILD_IMAGES_DIR . $save_file_name;
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save')
if(isset($_POST['todo']) && $_POST['todo'] == 'save')
{
$file = $_FILES['newlogo'];
if(is_uploaded_file($file['tmp_name']))
@@ -97,13 +96,13 @@ if(empty($errors)) {
$guild_logo = $guild->getCustomField('logo_name');
if(empty($guild_logo) || !file_exists(GUILD_IMAGES_DIR . $guild_logo)) {
$guild_logo = "default.gif";
$guild_logo = 'default.gif';
}
$twig->display('guilds.change_logo.html.twig', array(
'guild_logo' => $guild_logo,
'guild' => $guild,
'max_image_size_b' => $max_image_size_b
//'max_image_size_b' => $max_image_size_b
));
}

6
system/pages/guilds/change_motd.php
View File

@@ -34,7 +34,7 @@ if(empty($errors)) {
$rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild->getOwner()->getId() == $player->getId()) {
$guild_vice = true;
@@ -45,8 +45,8 @@ if(empty($errors)) {
$saved = false;
if($guild_leader) {
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
$motd = htmlspecialchars(stripslashes(substr($_REQUEST['motd'],0, setting('core.guild_motd_chars_limit'))));
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
$motd = htmlspecialchars(stripslashes(substr($_POST['motd'],0, setting('core.guild_motd_chars_limit'))));
$guild->setCustomField('motd', $motd);
$saved = true;
}

4
system/pages/guilds/change_nick.php
View File

@@ -20,17 +20,15 @@ if(!$logged) {
}
$name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null;
$new_nick = isset($_REQUEST['nick']) ? stripslashes($_REQUEST['nick']) : null;
$new_nick = isset($_POST['nick']) ? stripslashes($_POST['nick']) : null;
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
if(!$name) {
$errors[] = 'Please enter new name.';
return;
}
if(!$new_nick) {
$errors[] = 'Please enter new nick.';
return;
}
if(empty($errors))

27
system/pages/guilds/change_rank.php
View File

@@ -17,8 +17,9 @@ if(!$logged) {
}
else {
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
if(!Validator::guildName($guild_name))
if(!Validator::guildName($guild_name)) {
$errors[] = Validator::getLastError();
}
}
if(empty($errors))
@@ -42,7 +43,7 @@ $rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$guild_vice = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player)
{
$player_rank = $player->getRank();
@@ -65,22 +66,23 @@ foreach($account_players as $player)
}
}
if($guild_vice)
{
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] === 'save')
{
if($guild_vice) {
if(isset($_POST['todo']) && $_POST['todo'] === 'save') {
$player_name = stripslashes($_REQUEST['name']);
$new_rank = (int) $_REQUEST['rankid'];
if(!Validator::characterName($player_name))
$new_rank = (int) $_POST['rankid'];
if(!Validator::characterName($player_name)) {
$errors[] = 'Invalid player name format.';
}
$rank = new OTS_GuildRank();
$rank->load($new_rank);
if(!$rank->isLoaded())
$errors[] = "Rank with this ID doesn't exist.";
if($level_in_guild <= $rank->getLevel() && !$guild_leader)
$errors[] = "You can't set ranks with equal or higher level than your.";
if(empty($errors))
{
if(empty($errors)) {
$player_to_change = new OTS_Player();
$player_to_change->find($player_name);
if(!$player_to_change->isLoaded())
@@ -108,8 +110,7 @@ if($guild_vice)
$errors[] = 'This player has higher rank in guild than you. You can\'t change his/her rank.';
}
if(empty($errors))
{
if(empty($errors)) {
$player_to_change->setRank($rank);
$twig->display('success.html.twig', array(
'title' => 'Rank Changed',
@@ -125,7 +126,7 @@ if($guild_vice)
$result = getPlayersWithLowerRank($rank_list, $guild_leader, $db, $level_in_guild, $guild);
$twig->display('guilds.change_rank.html.twig', array(
'players' => isset($result['players']) ? $result['players'] : array(),
'players' => $result['players'] ?? [],
'guild_name' => $guild->getName(),
'ranks' => $result['ranks']
));

45
system/pages/guilds/cleanup_players.php
View File

@@ -12,33 +12,27 @@ defined('MYAAC') or die('Direct access not allowed!');
require __DIR__ . '/base.php';
if(!$logged)
{
if(!$logged) {
echo "You are not logged in.";
$twig->display('guilds.back_button.html.twig');
return;
}
if(admin())
{
if(admin()) {
$players_list = new OTS_Players_List();
$players_list->init();
}
else
else {
$players_list = $account_logged->getPlayersList();
}
if(count($players_list) > 0)
{
foreach($players_list as $player)
{
if(count($players_list) > 0) {
foreach($players_list as $player) {
$player_rank = $player->getRank();
if($player_rank->isLoaded())
{
if($player_rank->isLoaded())
{
if($player_rank->isLoaded()) {
if($player_rank->isLoaded()) {
$rank_guild = $player_rank->getGuild();
if(!$rank_guild->isLoaded())
{
if(!$rank_guild->isLoaded()) {
$player->setRank();
$player->setGuildNick('');
$changed_ranks_of[] = $player->getName();
@@ -46,8 +40,7 @@ if(count($players_list) > 0)
$player_rank->delete();
}
}
else
{
else {
$player->setRank();
$player->setGuildNick('');
$changed_ranks_of[] = $player->getName();
@@ -55,14 +48,20 @@ if(count($players_list) > 0)
}
}
echo "<b>Deleted ranks (this ranks guilds doesn't exist [bug fix]):</b>";
if(!empty($deleted_ranks))
foreach($deleted_ranks as $rank)
echo "<li>".$rank;
if(!empty($deleted_ranks)) {
foreach ($deleted_ranks as $rank) {
echo "<li>" . $rank;
}
}
echo "<BR /><BR /><b>Changed ranks of players (rank or guild of rank doesn't exist [bug fix]):</b>";
if(!empty($changed_ranks_of))
foreach($changed_ranks_of as $name)
echo "<li>".$name;
if(!empty($changed_ranks_of)) {
foreach ($changed_ranks_of as $name) {
echo "<li>" . $name;
}
}
}
else
echo "0 players found.";

43
system/pages/guilds/create.php
View File

@@ -14,15 +14,15 @@ use MyAAC\Models\GuildRank;
require __DIR__ . '/base.php';
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : NULL;
$name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : NULL;
$todo = isset($_REQUEST['todo']) ? $_REQUEST['todo'] : NULL;
$guild_name = isset($_POST['guild']) ? urldecode($_POST['guild']) : NULL;
$name = isset($_POST['name']) ? stripslashes($_POST['name']) : NULL;
$todo = isset($_POST['todo']) ? $_POST['todo'] : NULL;
if(!$logged) {
$guild_errors[] = 'You are not logged in. You can\'t create guild.';
$errors[] = 'You are not logged in. You can\'t create guild.';
}
$array_of_player_nig = array();
if(empty($guild_errors))
if(empty($errors))
{
$account_players = $account_logged->getPlayersList(false);
foreach($account_players as $player)
@@ -41,45 +41,44 @@ if(empty($guild_errors))
if(empty($todo)) {
if(count($array_of_player_nig) == 0) {
$guild_errors[] = 'On your account all characters are in guilds, have too low level to create new guild' . (setting('core.guild_need_premium') ? ' or you don\' have a premium account' : '') . '.';
$errors[] = 'On your account all characters are in guilds, have too low level to create new guild' . (setting('core.guild_need_premium') ? ' or you don\' have a premium account' : '') . '.';
}
}
if($todo == 'save')
{
if(!Validator::guildName($guild_name)) {
$guild_errors[] = Validator::getLastError();
$errors[] = Validator::getLastError();
$guild_name = '';
}
if(!Validator::characterName($name)) {
$guild_errors[] = 'Invalid character name format.';
$errors[] = 'Invalid character name format.';
$name = '';
}
if(empty($guild_errors)) {
if(empty($errors)) {
$player = new OTS_Player();
$player->find($name);
if(!$player->isLoaded()) {
$guild_errors[] = 'Character <b>'.$name.'</b> doesn\'t exist.';
$errors[] = 'Character <b>'.$name.'</b> doesn\'t exist.';
}
}
if(empty($guild_errors))
if(empty($errors))
{
$guild = new OTS_Guild();
$guild->find($guild_name);
if($guild->isLoaded()) {
$guild_errors[] = 'Guild <b>'.$guild_name.'</b> already exist. Select other name.';
$errors[] = 'Guild <b>'.$guild_name.'</b> already exist. Select other name.';
}
}
if(empty($guild_errors) && $player->isDeleted()) {
$guild_errors[] = "Character <b>$name</b> has been deleted.";
if(empty($errors) && $player->isDeleted()) {
$errors[] = "Character <b>$name</b> has been deleted.";
}
if(empty($guild_errors))
if(empty($errors))
{
$bad_char = true;
foreach($array_of_player_nig as $nick_from_list) {
@@ -88,22 +87,22 @@ if($todo == 'save')
}
}
if($bad_char) {
$guild_errors[] = 'Character <b>'.$name.'</b> isn\'t on your account or is already in guild.';
$errors[] = 'Character <b>'.$name.'</b> isn\'t on your account or is already in guild.';
}
}
if(empty($guild_errors)) {
if(empty($errors)) {
if($player->getLevel() < setting('core.guild_need_level')) {
$guild_errors[] = 'Character <b>'.$name.'</b> has too low level. To create guild you need character with level <b>' . setting('core.guild_need_level') . '</b>.';
$errors[] = 'Character <b>'.$name.'</b> has too low level. To create guild you need character with level <b>' . setting('core.guild_need_level') . '</b>.';
}
if(setting('core.guild_need_premium') && !$account_logged->isPremium()) {
$guild_errors[] = 'Character <b>'.$name.'</b> is on FREE account. To create guild you need PREMIUM account.';
$errors[] = 'Character <b>'.$name.'</b> is on FREE account. To create guild you need PREMIUM account.';
}
}
}
if(!empty($guild_errors)) {
$twig->display('error_box.html.twig', array('errors' => $guild_errors));
if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
unset($todo);
}

5
system/pages/guilds/delete_by_admin.php
View File

@@ -45,7 +45,10 @@ if(empty($errors)) {
$twig->display('success.html.twig', array(
'title' => 'Delete Guild',
'description' => 'Are you sure you want delete guild <b>' . $guild_name . '</b>?<br/>
<form action="' . getLink('guilds') . '?guild=' . $guild->getName() . '&action=delete_by_admin" METHOD="post"><input type="hidden" name="todo" value="save"><input type="submit" value="Yes, delete"></form>',
<form action="' . getLink('guilds') . '?guild=' . $guild->getName() . '&action=delete_by_admin" METHOD="post">
' . csrf(true) . '
<input type="hidden" name="todo" value="save"><input type="submit" value="Yes, delete">
</form>',
'custom_buttons' => $twig->render('guilds.back_button.html.twig')
));
}

4
system/pages/guilds/delete_guild.php
View File

@@ -21,7 +21,7 @@ if(empty($errors)) {
$guild = new OTS_Guild();
$guild->find($guild_name);
if(!$guild->isLoaded()) {
$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
$errors[] = "Guild with name <b>$guild_name</b> doesn't exist.";
}
}
@@ -31,7 +31,7 @@ if(empty($errors)) {
$rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild->getOwner()->getId() == $player->getId()) {

84
system/pages/guilds/delete_invite.php
View File

@@ -15,47 +15,43 @@ require __DIR__ . '/base.php';
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
$name = stripslashes($_REQUEST['name']);
if(!$logged)
if(!$logged) {
$errors[] = 'You are not logged in. You can\'t delete invitations.';
}
if(!Validator::guildName($guild_name))
if(!Validator::guildName($guild_name)) {
$errors[] = Validator::getLastError();
}
if(!Validator::characterName($name))
if(!Validator::characterName($name)) {
$errors[] = 'Invalid name format.';
}
if(empty($errors))
{
if(empty($errors)) {
$guild = new OTS_Guild();
$guild->find($guild_name);
if(!$guild->isLoaded())
$errors[] = "Guild with name <b>" . $guild_name . "</b> doesn't exist.";
}
if(empty($errors))
{
if(empty($errors)) {
$rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$guild_vice = false;
$account_players = $account_logged->getPlayers();
foreach($account_players as $player)
{
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
$player_rank = $player->getRank();
if($player_rank->isLoaded())
{
foreach($rank_list as $rank_in_guild)
{
if($rank_in_guild->getId() == $player_rank->getId())
{
if($player_rank->isLoaded()) {
foreach($rank_list as $rank_in_guild) {
if($rank_in_guild->getId() == $player_rank->getId()) {
$players_from_account_in_guild[] = $player->getName();
if($player_rank->getLevel() > 1)
{
if($player_rank->getLevel() > 1) {
$guild_vice = true;
$level_in_guild = $player_rank->getLevel();
}
if($guild->getOwner()->getId() == $player->getId())
{
if($guild->getOwner()->getId() == $player->getId()) {
$guild_vice = true;
$guild_leader = true;
}
@@ -64,44 +60,46 @@ if(empty($errors))
}
}
if(!$guild_vice)
if(!$guild_vice) {
$errors[] = 'You are not a leader or vice leader of guild <b>' . $guild_name . '</b>.';
}
if(empty($errors))
{
$player = new OTS_Player();
$player->find($name);
if(!$player->isLoaded())
$errors[] = 'Player with name <b>' . $name . '</b> doesn\'t exist.';
}
}
if(empty($errors))
{
if(empty($errors)) {
$player = new OTS_Player();
$player->find($name);
if(!$player->isLoaded()) {
$errors[] = "Player with name <b>$name</b> doesn't exist.";
}
}
if(empty($errors)) {
include(SYSTEM . 'libs/pot/InvitesDriver.php');
new InvitesDriver($guild);
$invited_list = $guild->listInvites();
if(count($invited_list) > 0)
{
if(count($invited_list) > 0) {
$is_invited = false;
foreach($invited_list as $invited)
if($invited->getName() == $player->getName())
foreach($invited_list as $invited) {
if ($invited->getName() == $player->getName()) {
$is_invited = true;
if(!$is_invited)
$errors[] = '<b>'.$player->getName().'</b> isn\'t invited to your guild.';
}
else
}
if(!$is_invited) {
$errors[] = '<b>' . $player->getName() . '</b> isn\'t invited to your guild.';
}
}
else {
$errors[] = 'No one is invited to your guild.';
}
}
if(!empty($errors))
{
if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
$twig->display('guilds.back_button.html.twig', array('action' => getLink('guilds') . '?action=show&guild=' . $guild_name));
}
else
{
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save')
{
else {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
$guild->deleteInvite($player);
$twig->display('success.html.twig', array(
'title' => 'Deleted player invitation',

44
system/pages/guilds/delete_rank.php
View File

@@ -13,25 +13,27 @@ defined('MYAAC') or die('Direct access not allowed!');
require __DIR__ . '/base.php';
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
$rank_to_delete = isset($_REQUEST['rankid']) ? (int) $_REQUEST['rankid'] : null;
$rank_to_delete = isset($_POST['rankid']) ? (int) $_POST['rankid'] : null;
if(!Validator::guildName($guild_name)) {
$guild_errors[] = Validator::getLastError();
$errors[] = Validator::getLastError();
}
if(empty($guild_errors)) {
if(empty($errors)) {
$guild = new OTS_Guild();
$guild->find($guild_name);
if(!$guild->isLoaded()) {
$guild_errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
}
}
if(empty($guild_errors)) {
if(empty($errors)) {
if($logged) {
$guild_leader_char = $guild->getOwner();
$rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild->getOwner()->getId() == $player->getId()) {
$guild_vice = true;
@@ -39,21 +41,21 @@ if(empty($guild_errors)) {
$level_in_guild = 3;
}
}
if($guild_leader) {
$rank = new OTS_GuildRank();
$rank->load($rank_to_delete);
if(!$rank->isLoaded()) {
$guild_errors2[] = 'Rank with ID '.$rank_to_delete.' doesn\'t exist.';
$errors2[] = 'Rank with ID '.$rank_to_delete.' doesn\'t exist.';
}
else
{
else {
if($rank->getGuild()->getId() != $guild->getId()) {
$guild_errors2[] = 'Rank with ID '.$rank_to_delete.' isn\'t from your guild.';
$errors2[] = 'Rank with ID '.$rank_to_delete.' isn\'t from your guild.';
}
else
{
if(count($rank_list) < 2) {
$guild_errors2[] = 'You have only 1 rank in your guild. You can\'t delete this rank.';
$errors2[] = 'You have only 1 rank in your guild. You can\'t delete this rank.';
}
else
{
@@ -87,19 +89,21 @@ if(empty($guild_errors)) {
$player->setRank($new_rank);
}
}
$rank->delete();
$saved = true;
}
}
}
if($saved) {
if(isset($saved) && $saved) {
$twig->display('success.html.twig', array(
'title' => 'Rank Deleted',
'description' => 'Rank <b>'.$rank->getName().'</b> has been deleted. Players with this rank has now other rank.',
'custom_buttons' => ''
));
} else {
$twig->display('error_box.html.twig', array('errors' => $guild_errors2));
$twig->display('error_box.html.twig', array('errors' => $errors2));
}
$twig->display('guilds.back_button.html.twig', array(
@@ -107,18 +111,16 @@ if(empty($guild_errors)) {
'action' => getLink('guilds') . '?guild='.$guild->getName().'&action=manager'
));
}
else
{
$guild_errors[] = 'You are not a leader of guild!';
else {
$errors[] = 'You are not a leader of guild!';
}
}
else
{
$guild_errors[] = 'You are not logged. You can\'t manage guild.';
else {
$errors[] = 'You are not logged. You can\'t manage guild.';
}
}
if(!empty($guild_errors)) {
$twig->display('error_box.html.twig', array('errors' => $guild_errors));
if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
$twig->display('guilds.back_button.html.twig', array(
'new_line' => true,

8
system/pages/guilds/invite.php
View File

@@ -36,7 +36,7 @@ if(empty($errors)) {
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$guild_vice = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
$player_rank = $player->getRank();
if($player_rank->isLoaded()) {
@@ -62,7 +62,7 @@ if(!$guild_vice) {
$errors[] = 'You are not a leader or vice leader of guild <b>'.$guild_name.'</b>.'.$level_in_guild;
}
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
if(!Validator::characterName($name)) {
$errors[] = 'Invalid name format.';
}
@@ -71,7 +71,7 @@ if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
$player = new OTS_Player();
$player->find($name);
if(!$player->isLoaded()) {
$errors[] = 'Player with name <b>' . $name . '</b> doesn\'t exist.';
$errors[] = "Player with name <b>$name</b> doesn't exist.";
} else if ($player->isDeleted()) {
$errors[] = "Character with name <b>$name</b> has been deleted.";
}
@@ -102,7 +102,7 @@ if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
}
else {
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
$guild->invite($player);
$twig->display('success.html.twig', array(
'title' => 'Invite player',

4
system/pages/guilds/kick_player.php
View File

@@ -41,7 +41,7 @@ if(empty($errors)) {
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$guild_vice = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
$player_rank = $player->getRank();
if($player_rank->isLoaded()) {
@@ -102,7 +102,7 @@ if(!empty($errors)) {
}
else
{
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
$player->setRank();
$twig->display('success.html.twig', array(

6
system/pages/guilds/leave.php
View File

@@ -34,7 +34,7 @@ if(empty($errors)) {
$array_of_player_ig = array();
if(empty($errors)) {
$guild_owner_name = $guild->getOwner()->getName();
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
if(!Validator::characterName($name)) {
$errors[] = 'Invalid name format.';
}
@@ -72,7 +72,7 @@ if(empty($errors)) {
}
else
{
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player_fac) {
$player_rank = $player_fac->getRank();
if($player_rank->isLoaded()) {
@@ -94,7 +94,7 @@ if(!empty($errors)) {
}
else
{
if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
$player->setRank();
$twig->display('success.html.twig', array(
'title' => 'Leave guild',

16
system/pages/guilds/list.php
View File

@@ -14,31 +14,31 @@ defined('MYAAC') or die('Direct access not allowed!');
require __DIR__ . '/base.php';
$guilds_list = new OTS_Guilds_List();
$guilds_list->orderBy("name");
$guilds_list->orderBy('name');
$guilds = array();
if(count($guilds_list) > 0)
{
if(count($guilds_list) > 0) {
/**
* @var OTS_Guild $guild
*/
foreach ($guilds_list as $guild) {
$guild_logo = $guild->getCustomField('logo_name');
if (empty($guild_logo) || !file_exists(GUILD_IMAGES_DIR . $guild_logo))
$guild_logo = "default.gif";
if (empty($guild_logo) || !file_exists(GUILD_IMAGES_DIR . $guild_logo)) {
$guild_logo = 'default.gif';
}
$description = $guild->getCustomField('description');
$description_with_lines = str_replace(array("\r\n", "\n", "\r"), '<br />', $description, $count);
if ($count < setting('core.guild_description_lines_limit'))
if ($count < setting('core.guild_description_lines_limit')) {
$description = nl2br($description);
}
$guildName = $guild->getName();
$guilds[] = array('name' => $guildName, 'logo' => $guild_logo, 'link' => getGuildLink($guildName, false), 'description' => $description);
}
};
}
$twig->display('guilds.list.html.twig', array(
'guilds' => $guilds,
'logged' => isset($logged) ? $logged : false,
'isAdmin' => admin(),
));

14
system/pages/guilds/manager.php
View File

@@ -21,7 +21,7 @@ if(empty($errors)) {
$guild = new OTS_Guild();
$guild->find($guild_name);
if(!$guild->isLoaded()) {
$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
$errors[] = "Guild with name <b>$guild_name</b> doesn't exist.";
}
}
@@ -31,7 +31,7 @@ if(empty($errors)) {
$rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild_leader_char->getId() == $player->getId()) {
$guild_vice = true;
@@ -39,22 +39,22 @@ if(empty($errors)) {
$level_in_guild = 3;
}
}
if($guild_leader) {
$twig->display('guilds.manager.html.twig', array(
'guild' => $guild,
'rank_list' => $rank_list
));
}
else
{
else {
$errors[] = 'You are not a leader of guild!';
}
}
else
{
$errors[] = 'You are not logged. You can\'t manage guild.';
else {
$errors[] = "You are not logged. You can't manage guild.";
}
}
if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
}

43
system/pages/guilds/pass_leadership.php
View File

@@ -15,51 +15,52 @@ require __DIR__ . '/base.php';
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : NULL;
$pass_to = isset($_REQUEST['player']) ? stripslashes($_REQUEST['player']) : NULL;
if(!Validator::guildName($guild_name)) {
$guild_errors[] = Validator::getLastError();
$errors[] = Validator::getLastError();
}
if(empty($guild_errors)) {
if(empty($errors)) {
$guild = new OTS_Guild();
$guild->find($guild_name);
if(!$guild->isLoaded()) {
$guild_errors[] = "Guild with name <b>" . $guild_name . "</b> doesn't exist.";
$errors[] = "Guild with name <b>" . $guild_name . "</b> doesn't exist.";
}
}
if(empty($guild_errors)) {
if(empty($errors)) {
if(isset($_POST['todo']) && $_POST['todo'] == 'save') {
if(!Validator::characterName($pass_to)) {
$guild_errors2[] = 'Invalid player name format.';
$errors2[] = 'Invalid player name format.';
}
if(empty($guild_errors2)) {
if(empty($errors2)) {
$to_player = new OTS_Player();
$to_player->find($pass_to);
if(!$to_player->isLoaded()) {
$guild_errors2[] = 'Player with name <b>'.$pass_to.'</b> doesn\'t exist.';
$errors2[] = 'Player with name <b>'.$pass_to.'</b> doesn\'t exist.';
} else if ($to_player->isDeleted()) {
$guild_errors2[] = "Character with name <b>$pass_to</b> has been deleted.";
$errors2[] = "Character with name <b>$pass_to</b> has been deleted.";
}
if(empty($guild_errors2)) {
if(empty($errors2)) {
$to_player_rank = $to_player->getRank();
if($to_player_rank->isLoaded()) {
$to_player_guild = $to_player_rank->getGuild();
if($to_player_guild->getId() != $guild->getId()) {
$guild_errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
$errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
}
}
else {
$guild_errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
$errors2[] = 'Player with name <b>'.$to_player->getName().'</b> isn\'t from your guild.';
}
}
}
}
}
if(empty($guild_errors) && empty($guild_errors2)) {
if(empty($errors) && empty($errors2)) {
if($logged) {
$guild_leader_char = $guild->getOwner();
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild_leader_char->getId() == $player->getId()) {
$guild_vice = true;
@@ -99,23 +100,23 @@ if(empty($guild_errors) && empty($guild_errors2)) {
}
}
else {
$guild_errors[] = 'You are not a leader of guild!';
$errors[] = 'You are not a leader of guild!';
}
}
else {
$guild_errors[] = "You are not logged. You can't manage guild.";
$errors[] = "You are not logged. You can't manage guild.";
}
}
if(empty($guild_errors) && !empty($guild_errors2)) {
$twig->display('error_box.html.twig', array('errors' => $guild_errors2));
if(empty($errors) && !empty($errors2)) {
$twig->display('error_box.html.twig', array('errors' => $errors2));
echo '<br/><div style="text-align:center"><form action="' . getLink('guilds') . '?guild='.$guild->getName().'&action=pass_leadership" method="post">' . $twig->render('buttons.back.html.twig') . '</form></div>';
}
if(!empty($guild_errors)) {
if(!empty($guild_errors2)) {
$guild_errors = array_merge($guild_errors, $guild_errors2);
if(!empty($errors)) {
if(!empty($errors2)) {
$errors = array_merge($errors, $errors2);
}
$twig->display('error_box.html.twig', array('errors' => $guild_errors));
$twig->display('error_box.html.twig', array('errors' => $errors));
echo '<br/><div style="text-align:center"><form action="' . getLink('guilds') . '" method="post">' . $twig->render('buttons.back.html.twig') . '</form></div>';
}

7
system/pages/guilds/save_ranks.php
View File

@@ -31,7 +31,7 @@ if(empty($errors)) {
$rank_list = $guild->getGuildRanksList();
$rank_list->orderBy('level', POT::ORDER_DESC);
$guild_leader = false;
$account_players = $account_logged->getPlayers();
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player) {
if($guild_leader_char->getId() == $player->getId()) {
@@ -61,6 +61,7 @@ if(empty($errors)) {
$rank->save();
}
//show errors or redirect
if(empty($errors)) {
header("Location: " . getLink('guilds') . "?action=manager&guild=".$guild->getName());
@@ -73,10 +74,10 @@ if(empty($errors)) {
}
else
{
$errors[] = 'You are not logged. You can\'t manage guild.';
$errors[] = "You are not logged. You can't manage guild.";
}
}
if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
$twig->display('error_box.html.twig', ['errors' => $errors]);
}

14
system/pages/guilds/show.php
View File

@@ -16,19 +16,18 @@ $title = 'Guilds';
require __DIR__ . '/base.php';
$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null;
if(!Validator::guildName($guild_name))
if(!Validator::guildName($guild_name)) {
$errors[] = Validator::getLastError();
}
if(empty($errors))
{
if(empty($errors)) {
$guild = new OTS_Guild();
$guild->find($guild_name);
if(!$guild->isLoaded())
$errors[] = 'Guild with name <b>'.$guild_name.'</b> doesn\'t exist.';
}
if(!empty($errors))
{
if(!empty($errors)) {
$twig->display('error_box.html.twig', array('errors' => $errors));
$twig->display('guilds.back_button.html.twig');
return;
@@ -47,9 +46,8 @@ $level_in_guild = 0;
$players_from_account_in_guild = array();
$players_from_account_ids = array();
if($logged)
{
$account_players = $account_logged->getPlayers();
if($logged) {
$account_players = $account_logged->getPlayersList();
foreach($account_players as $player)
{
$players_from_account_ids[] = $player->getId();

217
system/pages/highscores.php
View File

@@ -58,57 +58,64 @@ if($vocation !== 'all') {
}
}
$categories = [
'experience' => 'Experience',
'magic' => 'Magic',
'shield' => 'Shielding',
'distance' => 'Distance',
'club' => 'Club',
'sword' => 'Sword',
'axe' => 'Axe',
'fist' => 'Fist',
'fishing' => 'Fishing',
];
if(setting('core.highscores_frags')) {
$categories['frags'] = 'Frags';
}
if(setting('core.highscores_balance'))
$categories['balance'] = 'Balance';
$skill = POT::SKILL__LEVEL;
$skillNameToId = [
'fist' => POT::SKILL_FIST,
'club' => POT::SKILL_CLUB,
'sword' => POT::SKILL_SWORD,
'axe' => POT::SKILL_AXE,
'distance' => POT::SKILL_DIST,
'shield' => POT::SKILL_SHIELD,
'fishing' => POT::SKILL_FISH,
'magic' => POT::SKILL__MAGLEVEL,
];
if(setting('core.highscores_frags')) {
$skillNameToId['frags'] = SKILL_FRAGS;
if(is_numeric($list))
{
$list = (int) $list;
if($list >= POT::SKILL_FIRST && $list <= POT::SKILL__LAST)
$skill = $list;
}
else
{
switch($list)
{
case 'fist':
$skill = POT::SKILL_FIST;
break;
if(setting('core.highscores_balance')) {
$skillNameToId['balance'] = SKILL_BALANCE;
}
case 'club':
$skill = POT::SKILL_CLUB;
break;
$skill = $skillNameToId[$list];
case 'sword':
$skill = POT::SKILL_SWORD;
break;
$args = ['list' => $list, 'skill' => $skill, 'categories' => $categories];
$hooks->triggerFilter(HOOK_FILTER_HIGHSCORES_LIST, $args);
case 'axe':
$skill = POT::SKILL_AXE;
break;
$list = $args['list'];
$skill = $args['skill'];
$categories = $args['categories'];
case 'distance':
$skill = POT::SKILL_DIST;
break;
if (!isset($categories[$list])) {
$skill = null;
case 'shield':
$skill = POT::SKILL_SHIELD;
break;
case 'fishing':
$skill = POT::SKILL_FISH;
break;
case 'level':
case 'experience':
$skill = POT::SKILL_LEVEL;
break;
case 'magic':
$skill = POT::SKILL__MAGLEVEL;
break;
case 'frags':
if(setting('core.highscores_frags'))
$skill = SKILL_FRAGS;
break;
case 'balance':
if(setting('core.highscores_balance'))
$skill = SKILL_BALANCE;
break;
}
}
$promotion = '';
@@ -116,16 +123,10 @@ if($db->hasColumn('players', 'promotion'))
$promotion = ',players.promotion';
$outfit_addons = false;
$outfit = '';
$settingHighscoresOutfit = setting('core.highscores_outfit');
if($settingHighscoresOutfit) {
$outfit = ', lookbody, lookfeet, lookhead, looklegs, looktype';
if($db->hasColumn('players', 'lookaddons')) {
$outfit = ', lookbody, lookfeet, lookhead, looklegs, looktype';
if($db->hasColumn('players', 'lookaddons')) {
$outfit .= ', lookaddons';
$outfit_addons = true;
}
}
$configHighscoresPerPage = setting('core.highscores_per_page');
@@ -139,34 +140,31 @@ $cache = Cache::getInstance();
if ($cache->enabled() && $highscoresTTL > 0) {
$tmp = '';
if ($cache->fetch($cacheKey, $tmp)) {
$highscores = unserialize($tmp);
$data = unserialize($tmp);
$totalResults = $data['totalResults'];
$highscores = $data['highscores'];
$updatedAt = $data['updatedAt'];
$needReCache = false;
}
}
$offset = ($page - 1) * $configHighscoresPerPage;
$query->join('accounts', 'accounts.id', '=', 'players.account_id')
->withOnlineStatus()
$query->withOnlineStatus()
->whereNotIn('players.id', setting('core.highscores_ids_hidden'))
->notDeleted()
->where('players.group_id', '<', setting('core.highscores_groups_hidden'))
->where('players.group_id', '<', setting('core.highscores_groups_hidden'));
$totalResultsQuery = clone $query;
$query
->join('accounts', 'accounts.id', '=', 'players.account_id')
->limit($limit)
->offset($offset)
->selectRaw('accounts.country, players.id, players.name, players.account_id, players.level, players.vocation' . $outfit . $promotion)
->orderByDesc('value');
if ($skill == SKILL_FRAGS) {
$skillName = 'Frags';
}
else if($skill == SKILL_BALANCE) {
$skillName = 'Balance';
}
else {
$skillName = getSkillName($skill);
}
if (empty($highscores)) {
if ($skill && $skill >= POT::SKILL_FIRST && $skill <= POT::SKILL_LAST) { // skills
if ($skill >= POT::SKILL_FIRST && $skill <= POT::SKILL_LAST) { // skills
if ($db->hasColumn('players', 'skill_fist')) {// tfs 1.0
$skill_ids = array(
POT::SKILL_FIST => 'skill_fist',
@@ -196,37 +194,20 @@ if (empty($highscores)) {
{
$query
->addSelect('players.balance as value');
}
else if ($skill == POT::SKILL__MAGLEVEL) {
} else {
if ($skill == POT::SKILL__MAGLEVEL) {
$query
->addSelect('players.maglevel as value', 'players.maglevel')
->orderBy('manaspent');
} else if ($skill == POT::SKILL__LEVEL) {
} else { // level
$query
->addSelect('players.level as value', 'players.experience')
->orderBy('experience', 'desc');
->orderBy('experience');
$list = 'experience';
}
else if ($skill) {
$args = [
'list' => $list,
'skill' => $skill,
'skillName' => $skillName,
'query' => $query
];
$hooks->triggerFilter(HOOK_FILTER_HIGHSCORES, $args);
$list = $args['list'];
$skill = $args['skill'];
$skillName = $args['skillName'];
$query = $args['query'];
}
else {
$query = null;
}
$highscores = ($query ? $query->get()->map(function($row) {
$highscores = $query->get()->map(function($row) {
$tmp = $row->toArray();
$tmp['online'] = $row->online_status;
$tmp['vocation'] = $row->vocation_name;
@@ -234,18 +215,25 @@ if (empty($highscores)) {
unset($tmp['online_table']);
return $tmp;
})->toArray() : []);
})->toArray();
$updatedAt = time();
$totalResults = $totalResultsQuery->count();
}
if ($highscoresTTL > 0 && $cache->enabled() && $needReCache) {
$cache->set($cacheKey, serialize($highscores), $highscoresTTL * 60);
$cache->set($cacheKey, serialize(
[
'totalResults' => $totalResults,
'highscores' => $highscores,
'updatedAt' => $updatedAt,
]
), $highscoresTTL * 60);
}
$show_link_to_next_page = false;
$i = 0;
$settingHighscoresVocation = setting('core.highscores_vocation');
foreach($highscores as $id => &$player)
{
if(++$i <= $configHighscoresPerPage)
@@ -259,13 +247,23 @@ foreach($highscores as $id => &$player)
$player['link'] = getPlayerLink($player['name'], false);
$player['flag'] = getFlagImage($player['country']);
if($settingHighscoresOutfit) {
$player['outfit'] = '<img style="position:absolute;margin-top:' . (in_array($player['looktype'], setting('core.outfit_images_wrong_looktypes')) ? '-15px;margin-left:5px' : '-45px;margin-left:-25px') . ';" src="' . $player['outfit_url'] . '" alt="" />';
if ($skill != POT::SKILL__LEVEL) {
if (isset($lastValue) && $lastValue == $player['value']) {
$player['rank'] = $lastRank;
}
else {
$player['rank'] = $offset + $i;
}
$lastRank = $player['rank'] ;
$lastValue = $player['value'];
}
else {
$player['rank'] = $offset + $i;
}
}
else {
unset($highscores[$id]);
$show_link_to_next_page = true;
@@ -285,6 +283,26 @@ if($show_link_to_next_page) {
$linkNextPage = getLink('highscores') . '/' . $list . ($vocation !== 'all' ? '/' . $vocation : '') . '/' . ($page + 1);
}
$baseLink = getLink('highscores') . '/' . $list . ($vocation !== 'all' ? '/' . $vocation : '') . '/';
$types = array(
'experience' => 'Experience',
'magic' => 'Magic',
'shield' => 'Shielding',
'distance' => 'Distance',
'club' => 'Club',
'sword' => 'Sword',
'axe' => 'Axe',
'fist' => 'Fist',
'fishing' => 'Fishing',
);
if(setting('core.highscores_frags')) {
$types['frags'] = 'Frags';
}
if(setting('core.highscores_balance'))
$types['balance'] = 'Balance';
if ($highscoresTTL > 0 && $cache->enabled()) {
echo '<small>*Note: Highscores are updated every' . ($highscoresTTL > 1 ? ' ' . $highscoresTTL : '') . ' minute' . ($highscoresTTL > 1 ? 's' : '') . '.</small><br/><br/>';
}
@@ -294,12 +312,15 @@ $twig->display('highscores.html.twig', [
'highscores' => $highscores,
'list' => $list,
'skill' => $skill,
'skillName' => $skillName,
'skillName' => ($skill == SKILL_FRAGS ? 'Frags' : ($skill == SKILL_BALANCE ? 'Balance' : getSkillName($skill))),
'levelName' => ($skill != SKILL_FRAGS && $skill != SKILL_BALANCE ? 'Level' : ($skill == SKILL_BALANCE ? 'Balance' : 'Frags')),
'vocation' => $vocation !== 'all' ? $vocation : null,
'vocationId' => $vocationId,
'categories' => $categories,
'types' => $categories, // leave for compatibility with outdated twigs
'types' => $types,
'linkPreviousPage' => $linkPreviousPage,
'linkNextPage' => $linkNextPage,
'totalResults' => $totalResults,
'page' => $page,
'baseLink' => $baseLink,
'updatedAt' => $updatedAt,
]);

137
system/pages/online.php
View File

@@ -9,104 +9,113 @@
* @link https://my-aac.org
*/
use MyAAC\Cache\Cache;
use MyAAC\Models\ServerConfig;
use MyAAC\Models\ServerRecord;
defined('MYAAC') or die('Direct access not allowed!');
$title = 'Who is online?';
if (setting('core.account_country'))
if (setting('core.account_country')) {
require SYSTEM . 'countries.conf.php';
}
$promotion = '';
if($db->hasColumn('players', 'promotion'))
if($db->hasColumn('players', 'promotion')) {
$promotion = '`promotion`,';
}
$order = $_GET['order'] ?? 'name';
if(!in_array($order, array('country', 'name', 'level', 'vocation')))
$order = $db->fieldName('name');
else if($order == 'country')
$order = $db->tableName('accounts') . '.' . $db->fieldName('country');
else if($order == 'vocation')
$order = $promotion . 'vocation ASC';
$order = $_GET['order'] ?? 'name_asc';
if(!in_array($order, ['country_asc', 'country_desc', 'name_asc', 'name_desc', 'level_asc', 'level_desc', 'vocation_asc', 'vocation_desc'])) {
$order = 'name_asc';
}
else if($order == 'vocation_asc' || $order == 'vocation_desc') {
$order = $promotion . 'vocation_' . (str_contains($order, 'asc') ? 'asc' : 'desc');
}
$skull_type = 'skull';
if($db->hasColumn('players', 'skull_type')) {
$cached = Cache::remember("online_$order", setting('core.online_cache_ttl') * 60, function() use($db, $promotion, $order) {
$orderExplode = explode('_', $order);
$orderSql = $orderExplode[0] . ' ' . $orderExplode[1];
$skull_type = 'skull';
if($db->hasColumn('players', 'skull_type')) {
$skull_type = 'skull_type';
}
}
$skull_time = 'skulltime';
if($db->hasColumn('players', 'skull_time')) {
$skull_time = 'skulltime';
if($db->hasColumn('players', 'skull_time')) {
$skull_time = 'skull_time';
}
}
$outfit_addons = false;
$outfit = '';
if (setting('core.online_outfit')) {
$outfit_addons = false;
$outfit = ', lookbody, lookfeet, lookhead, looklegs, looktype';
if($db->hasColumn('players', 'lookaddons')) {
$outfit .= ', lookaddons';
$outfit_addons = true;
}
}
$vocs = [];
if (setting('core.online_vocations')) {
foreach($config['vocations'] as $id => $name) {
$vocs[$id] = 0;
}
}
$vocations = array_map(function ($name) {
return 0;
}, setting('core.vocations'));
if($db->hasTable('players_online')) // tfs 1.0
$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id` ORDER BY ' . $order);
else
$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id` ORDER BY ' . $order);
if($db->hasTable('players_online')) // tfs 1.0
$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id` ORDER BY ' . $orderSql);
else
$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id` ORDER BY ' . $orderSql);
$players_data = array();
$players = 0;
$data = '';
foreach($playersOnline as $player) {
$settingVocations = setting('core.vocations');
$settingVocationsAmount = setting('core.vocations_amount');
$players = [];
foreach($playersOnline as $player) {
$skull = '';
if (setting('core.online_skulls'))
{
if($player['skulltime'] > 0)
{
if($player['skull'] == 3)
if($player['skulltime'] > 0) {
if($player['skull'] == 3) {
$skull = ' <img style="border: 0;" src="images/white_skull.gif"/>';
elseif($player['skull'] == 4)
}
elseif($player['skull'] == 4) {
$skull = ' <img style="border: 0;" src="images/red_skull.gif"/>';
elseif($player['skull'] == 5)
}
elseif($player['skull'] == 5) {
$skull = ' <img style="border: 0;" src="images/black_skull.gif"/>';
}
}
if(isset($player['promotion'])) {
if((int)$player['promotion'] > 0)
$player['vocation'] += ($player['promotion'] * $config['vocations_amount']);
$player['vocation'] += ($player['promotion'] * $settingVocationsAmount);
}
$players_data[] = array(
$players[] = array(
'name' => getPlayerLink($player['name']),
'player' => $player,
'level' => $player['level'],
'vocation' => $config['vocations'][$player['vocation']],
'country_image' => setting('core.account_country') ? getFlagImage($player['country']) : null,
'outfit' => setting('core.online_outfit') ? setting('core.outfit_images_url') . '?id=' . $player['looktype'] . ($outfit_addons ? '&addons=' . $player['lookaddons'] : '') . '&head=' . $player['lookhead'] . '&body=' . $player['lookbody'] . '&legs=' . $player['looklegs'] . '&feet=' . $player['lookfeet'] : null
'vocation' => $settingVocations[$player['vocation']],
'skull' => $skull,
'country_image' => getFlagImage($player['country']),
'outfit' => setting('core.outfit_images_url') . '?id=' . $player['looktype'] . ($outfit_addons ? '&addons=' . $player['lookaddons'] : '') . '&head=' . $player['lookhead'] . '&body=' . $player['lookbody'] . '&legs=' . $player['looklegs'] . '&feet=' . $player['lookfeet'],
);
if (setting('core.online_vocations')) {
$vocs[($player['vocation'] > $config['vocations_amount'] ? $player['vocation'] - $config['vocations_amount'] : $player['vocation'])]++;
$vocations[($player['vocation'] > $settingVocationsAmount ? $player['vocation'] - $settingVocationsAmount : $player['vocation'])]++;
}
}
$record = '';
if(count($players_data) > 0) {
$record = '';
if(count($players) > 0) {
if( setting('core.online_record')) {
$result = null;
$timestamp = false;
if($db->hasTable('server_record')) {
$timestamp = true;
$result = ServerRecord::where('world_id', $config['lua']['worldId'])->orderByDesc('record')->first()->toArray();
$timestamp = $db->hasColumn('server_record', 'timestamp');
$serverRecordQuery = ServerRecord::query();
if ($db->hasColumn('server_record', 'world_id')) {
$serverRecordQuery->where('world_id', configLua('worldId'));
}
$result = $serverRecordQuery->orderByDesc('record')->first();
if ($result) {
$result = $result->toArray();
}
} else if($db->hasTable('server_config')) { // tfs 1.0
$row = ServerConfig::where('config', 'players_record')->first();
if ($row) {
@@ -115,17 +124,25 @@ if(count($players_data) > 0) {
}
if($result) {
$record = 'The maximum on this game world was ' . $result['record'] . ' players' . ($timestamp ? ' on ' . date("M d Y, H:i:s", $result['timestamp']) . '.' : '.');
$record = $result['record'] . ' player' . ($result['record'] > 1 ? 's' : '') . ($timestamp ? ' (on ' . date("M d Y, H:i:s", $result['timestamp']) . ')' : '');
}
}
}
}
return [
'players' => $players,
'record' => $record,
'vocations' => $vocations,
];
});
$twig->display('online.html.twig', array(
'players' => $players_data,
'record' => $record,
'vocs' => $vocs,
'players' => $cached['players'],
'record' => $cached['record'],
'vocations' => $cached['vocations'],
'vocs' => $cached['vocations'], // deprecated, to be removed
'order' => $order,
));
//search bar
$twig->display('online.form.html.twig');
?>
// search bar
$twig->display('characters.form.html.twig');

24
system/router.php
View File

@@ -129,14 +129,14 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
return ($a[3] < $b[3]) ? -1 : 1;
});
// remove duplicates
// if same route pattern, but different priority
$routesFinal = array_filter($routesFinal, function ($a) {
$aliases = [
[':int', ':string', ':alphanum'],
[':\d+', ':[A-Za-z0-9-_%+\' ]+', ':[A-Za-z0-9]+'],
];
// remove duplicates
// if same route pattern, but different priority
$routesFinal = array_filter($routesFinal, function ($a) use ($aliases) {
// apply aliases
$a[1] = str_replace($aliases[0], $aliases[1], $a[1]);
@@ -171,16 +171,16 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
$route[0] = array_map($toUpperCase, $route[0]);
}
$aliases = [
[':int', ':string', ':alphanum'],
[':\d+', ':[A-Za-z0-9-_%+\' ]+', ':[A-Za-z0-9]+'],
];
// apply aliases
$route[1] = str_replace($aliases[0], $aliases[1], $route[1]);
try {
$r->addRoute($route[0], $route[1], $route[2]);
}
catch (\Exception $e) {
// duplicated route, just ignore
}
}
if (config('env') === 'dev') {
foreach(Plugins::getWarnings() as $warning) {
@@ -252,7 +252,7 @@ else {
$success = false;
$tmp_content = getCustomPage($pageName, $success);
if ($success) {
if ($success && $hooks->trigger(HOOK_BEFORE_PAGE_CUSTOM)) {
$content .= $tmp_content;
if (hasFlag(FLAG_CONTENT_PAGES) || superAdmin()) {
$pageInfo = getCustomPageInfo($pageName);
@@ -260,6 +260,8 @@ else {
) . $content;
}
$hooks->trigger(HOOK_AFTER_PAGE_CUSTOM);
$page = $pageName;
$file = false;
}
@@ -324,7 +326,9 @@ if (isset($_REQUEST['_page_only'])) {
if(!isset($title)) {
$title = str_replace('index.php/', '', $page);
$title = ucfirst($title);
$title = str_replace(['_', '-', '/'], ' ', $page);
$title = ucwords($title);
}
if(setting('core.backward_support')) {

8
system/routes.php
View File

@@ -22,11 +22,11 @@ return [
['GET', 'account/confirm-email/{hash:alphanum}', 'account/confirm-email.php'],
['GET', 'bans/{page:int}', 'bans.php'],
[['GET', 'POST'], 'characters[/{name:string}]', 'characters.php'],
['GET', 'changelog[/{page:int}]', 'changelog.php'],
[['GET', 'POST'], 'monsters[/{name:string}]', 'monsters.php'],
[['GET', 'POST'], 'characters/{name:[A-Za-z0-9-_%+\' \[\]]+}', 'characters.php'],
['GET', 'changelog/{page:int}', 'changelog.php'],
[['GET', 'POST'], 'monsters/{name:string}', 'monsters.php'],
[['GET', 'POST'], 'faq[/{action:string}]', 'faq.php'],
[['GET', 'POST'], 'faq/{action:string}', 'faq.php'],
[['GET', 'POST'], 'forum/{action:string}', 'forum.php'],
['GET', 'forum/board/{id:int}', 'forum/show_board.php'],

58
system/settings.php
View File

@@ -19,6 +19,15 @@ $templates = Cache::remember('templates', 5 * 60, function () {
});
$defaultTemplate = in_array('kathrine', $templates) ? 'kathrine' : $templates[0];
global $db;
if (!IS_CLI) {
require SYSTEM . 'base.php';
$serverUrl = 'http' . (isHttps() ? 's' : '') . '://' . $baseHost;
$siteURL = $serverUrl . $baseDir;
}
return [
'name' => 'MyAAC',
'settings' => [
@@ -30,6 +39,13 @@ return [
'type' => 'section',
'title' => 'General'
],
'site_url' => [
'name' => 'Website URL',
'type' => 'text',
'desc' => 'Website address of this MyAAC instance',
'default' => IS_CLI ? '' : $siteURL,
'is_config' => true,
],
'env' => [
'name' => 'App Environment',
'type' => 'options',
@@ -674,6 +690,20 @@ Sent by MyAAC,<br/>
'desc' => 'Default premium points on new account',
'default' => 0,
],
'account_coins' => [
'name' => 'Default Account Coins',
'type' => 'number',
'desc' => 'Default coins on new account',
'hidden' => ($db && !HAS_ACCOUNT_COINS),
'default' => 0,
],
'account_coins_transferable' => [
'name' => 'Default Account Transferable Coins',
'type' => 'number',
'desc' => 'Default transferable coins on new account',
'hidden' => ($db && !HAS_ACCOUNT_COINS_TRANSFERABLE && !HAS_ACCOUNT_TRANSFERABLE_COINS),
'default' => 0,
],
'account_mail_change' => [
'name' => 'Account Mail Change Days',
'type' => 'number',
@@ -1039,6 +1069,12 @@ Sent by MyAAC,<br/>
'desc' => 'How often to update highscores from database in minutes. Too low may slow down your website.<br/>0 to disable.',
'default' => 15,
],
'highscores_skills_box' => [
'name' => 'Display Skills Box',
'type' => 'boolean',
'desc' => 'show "Choose a skill" box on the highscores (allowing peoples to sort highscores by skill)?',
'default' => true,
],
'highscores_vocation_box' => [
'name' => 'Display Vocation Box',
'type' => 'boolean',
@@ -1051,6 +1087,12 @@ Sent by MyAAC,<br/>
'desc' => 'Show player vocation under his nickname?',
'default' => true,
],
'highscores_online_status' => [
'name' => 'Display Online Status',
'type' => 'boolean',
'desc' => 'Show player status as red (offline) or green (online)',
'default' => false,
],
'highscores_frags' => [
'name' => 'Display Top Frags',
'type' => 'boolean',
@@ -1205,6 +1247,14 @@ Sent by MyAAC,<br/>
'type' => 'section',
'title' => 'Online Page'
],
'online_cache_ttl' => [
'name' => 'Online Cache TTL (in minutes)',
'type' => 'number',
'min' => 0,
'desc' => 'How often to update online list from database in minutes. Too low may slow down your website.' . PHP_EOL .
'0 to disable.',
'default' => 15,
],
'online_record' => [
'name' => 'Display Players Record',
'type' => 'boolean',
@@ -1241,6 +1291,12 @@ Sent by MyAAC,<br/>
'desc' => '',
'default' => false,
],
'online_datacenter' => [
'name' => 'Data Center',
'type' => 'text',
'desc' => 'Server Location, will be shown on online page',
'default' => 'Frankfurt - Germany',
],
[
'type' => 'section',
'title' => 'Team Page'
@@ -1547,7 +1603,7 @@ Sent by MyAAC,<br/>
'callbacks' => [
'beforeSave' => function($key, $value, &$errorMessage) {
global $db;
if ($value == 'coins' && !$db->hasColumn('accounts', 'coins')) {
if ($value == 'coins' && !HAS_ACCOUNT_COINS) {
$errorMessage = "Shop: Donate Column: Cannot set column to coins, because it doesn't exist in database.";
return false;
}

49
system/src/Admin/Plugins.php Normal file
View File

@@ -0,0 +1,49 @@
<?php
namespace MyAAC\Admin;
use GuzzleHttp\Client;
class Plugins
{
private string $api_base_uri = 'https://plugins.my-aac.org/api/';
public function getLatestVersions(): array
{
$client = new Client([
// Base URI is used with relative requests
'base_uri' => $this->api_base_uri,
// You can set any number of default request options.
'timeout' => 3.0,
]);
$plugins = get_plugins(true);
foreach ($plugins as &$plugin) {
if (str_contains($plugin, 'disabled.')) {
$plugin = str_replace('disabled.', '', $plugin);
}
}
try {
$response = $client->get('get-latest-versions', [
'json' => ['plugins' => $plugins],
]);
}
catch (\Exception $e) {
error('API Error. Please try again later.');
return [];
}
$statusCode = $response->getStatusCode();
if ($statusCode != 200) {
throw new \Exception('Error getting info from plugins repository. Please try again later.');
}
$data = $response->getBody();
return json_decode($data, true);
}
public function setApiBaseUri(string $uri): void {
$this->api_base_uri = $uri;
}
}

2
system/src/Cache/Cache.php
View File

@@ -106,7 +106,7 @@ class Cache
public static function remember($key, $ttl, $callback)
{
$cache = self::getInstance();
if (!$cache->enabled()) {
if (!$cache->enabled() || $ttl == 0) {
return $callback();
}

Some files were not shown because too many files have changed in this diff Show More