Update phpstan.neon

Release Candidate.

.github/workflows/phpstan.yml

@@ -36,9 +36,8 @@ jobs:
         with:
           path: ${{ steps.composer-cache.outputs.dir }}
           # Use composer.json for key, if composer.lock is not committed.
-          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
-          #key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+          restore-keys: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
-          restore-keys: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
 
       - name: "Install composer dependencies"
         run: "composer install"

.gitignore

@@ -7,7 +7,6 @@ Thumbs.db
 
 # composer
 composer.phar
-composer.lock
 vendor
 
 # npm

CHANGELOG.md

@@ -1,6 +1,36 @@
 # Changelog
 
-## [1.0-beta - 02.02.2024]
+## [1.0-RC -23.07.2024]
+
+Changes since 1.0-beta:
+
+### Added
+* Feat: Hooks priority (https://github.com/slawkens/myaac/commit/dc17b701da053e04bfa64e21be9247a4f07505e1)
+* Make autoload of pages, commands and themes configurable (https://github.com/slawkens/myaac/commit/c1d4b4f80cd6bb85507ee9471e47013955a26a91)
+* Fraggers in characters page for TFS 1.x and canary (https://github.com/slawkens/myaac/commit/42f99c3edc8de39cccc5632cb42e88b24579c5a6)
+* New hooks: HOOK_INSTALL_FINISH, HOOK_ACCOUNT_CREATE_CHARACTER_* (https://github.com/slawkens/myaac/commit/08ac8ebade106521a5c7396faa5ce7006e629f7c, https://github.com/slawkens/myaac/commit/45dda5e834ff2059faea6ef9be2efa76f1723cbd)
+
+### Changed
+* Allow account_create_character_create even if account_mail_verify is activated (https://github.com/slawkens/myaac/commit/203e411b626fe62401a4b74a48420769e512aa39)
+* Create guild_rank entries, in case MySQL trigger not loaded (https://github.com/slawkens/myaac/commit/d9c1b2507c81f306970642b35e4bf5f7cc04a6f2, https://github.com/slawkens/myaac/commit/47a19e85dd84e9f3b39a1b29cfc2c04b004832b9)
+* Set Admin Account verified by default (https://github.com/slawkens/myaac/commit/cd49dfc79942f3301ce9c0b8d899b9f39bda9a41)
+* Refactor account routes into sub folders (https://github.com/slawkens/myaac/commit/bdc0c43d3fd3a51030c3e916bdb9f008468f5ecd)
+* Order towns by id (https://github.com/slawkens/myaac/commit/9ea2a5067fc4b75de395f381577b18914132ad84)
+* Do not create news about myaac, if any news already exist (on installation (https://github.com/slawkens/myaac/commit/504242fb846b73b56b87bc1e39d070687ad7f5b4)
+
+### Fixed
+* Not working google recaptcha plugin (https://github.com/slawkens/myaac/commit/a1bcb217ecf4e21fd58da4ba491da1852029898a)
+* Not working account create if account_country is disabled (https://github.com/slawkens/myaac/commit/933b681a9fcdbb6283e0469b3806d2ded492d232)
+* Account verify - do not allow login without verified email (Thanks @anyeor, https://github.com/slawkens/myaac/commit/fcb13f3c0fb8ceafda0bd614a229a26a269432bd)
+* Detect tools/ext exists on install to prevent broken installs (https://github.com/slawkens/myaac/commit/10a739773c4f2911876bc802a0ee0537c3e00a92)
+* Cache reloading each time page refreshes (https://github.com/slawkens/myaac/commit/ec96985872057340112f65073efc0c4bf86dddb0)
+* Highscores frags for TFS 1.x and canary (https://github.com/slawkens/myaac/commit/a04d186c22912915f0a7873dfe677ef3b5a23c79)
+* Monsters page: monster not found exception (https://github.com/slawkens/myaac/commit/ef79b99b8acc179f14b8475547347d9daca27512)
+* Fixed bug if \<flags\> are not present in monster.xml (https://github.com/slawkens/myaac/commit/57b47ab7983f625c7c0ef4f5303a4d07ef172786)
+* fastRoute duplicate errors (https://github.com/slawkens/myaac/commit/4c0739d3e93812dff0c33849ea3f38e4e49113ac)
+* useGuildNick displaying (https://github.com/slawkens/myaac/commit/0db0ec1aa47e044c26bc403ff5078a2115d086f8)
+
+## [1.0-beta - 18.05.2024]
 
 Minimum PHP version for this release is 8.1.
 
@@ -22,7 +52,7 @@ Minimum PHP version for this release is 8.1.
   * list of open source libraries used in project page
 * auto-loading of themes, commands & pages from plugins/ folder. You need just to place them in correct folder and they will be loaded automatically - this allows better customization, without interfering with core AAC folders. This will allow in the future automatic updates for plugins as well the AAC as whole.
 * config.php moved to Admin Panel -> Settings page
-* new console script: aac (comes from MyAAC) - using symfony/console
+* new console script: aac - using symfony/console
   * usage: `php aac` (will list all commands by default)
   * example: `php aac cache:clear`
   * example: `php aac plugin:install theme-example.zip`
@@ -46,7 +76,7 @@ Minimum PHP version for this release is 8.1.
 * phpdebug bar (http://phpdebugbar.com/). Activated if env == 'dev', can be also activated in production by enabling "enable_debugbar" in local config
 
 ### Changed
-* Composer is now used for external libraries like: Twig, PHPMailer, fast-route etc.
+* Composer and NPM is now used for external libraries like: Twig, PHPMailer, fast-route, jQuery, Bootstrap etc.
 * mail support is disabled on fresh install, can be manually enabled by user
 * disable add php pages in admin panel for security. Option to disable plugins upload
 * visitors counter shows now user browser, and also if its bot

admin/pages/accounts.php

@@ -404,6 +404,7 @@ else if (isset($_REQUEST['search'])) {
 											   autocomplete="off" maxlength="20"
 											   value="<?php echo $account->getLocation(); ?>"/>
 									</div>
+									<?php if(setting('core.account_country')): ?>
 									<div class="col-12 col-sm-12 col-lg-4">
 										<label for="rl_country">Country:</label>
 										<select name="rl_country" id="rl_country" class="form-control">
@@ -412,6 +413,7 @@ else if (isset($_REQUEST['search'])) {
 											<?php endforeach; ?>
 										</select>
 									</div>
+									<?php endif; ?>
 								</div>
 								<div class="form-group row">
 									<div class="col-12 col-sm-12 col-lg-6">

admin/pages/players.php

@@ -202,7 +202,7 @@ else if (isset($_REQUEST['search'])) {
 
 			if ($hasBlessingsColumn) {
 				$blessings = $_POST['blessings'];
-				verify_number($blessings, 'Blessings', 2);
+				verify_number($blessings, 'Blessings', 3);
 			}
 
 			$balance = $_POST['balance'];
@@ -274,7 +274,7 @@ else if (isset($_REQUEST['search'])) {
 					$player->setLossContainers($loss_containers);
 					$player->setLossItems($loss_items);
 				}
-				if ($db->hasColumn('players', 'blessings'))
+				if ($hasBlessingsColumn)
 					$player->setBlessings($blessings);
 
 				if ($hasBlessingColumn) {

admin/pages/settings.php

@@ -48,7 +48,7 @@ if (!is_array($settingsFile)) {
 
 $settingsKeyName = ($plugin == 'core' ? $plugin : $settingsFile['key']);
 
-$title = ($plugin == 'core' ? 'Settings' : 'Plugin Settings - ' . $plugin);
+$title = ($plugin == 'core' ? 'Settings' : 'Plugin Settings - ' . $settingsFile['name']);
 
 $settingsParsed = Settings::display($settingsKeyName, $settingsFile['settings']);
 

admin/template/template.php

@@ -6,7 +6,7 @@
 	<?php echo template_header(true); ?>
 	<title><?php echo (isset($title) ? $title . ' - ' : '') . $config['lua']['serverName'];?></title>
 	<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-	<link rel="stylesheet" href="<?php echo BASE_URL; ?>tools/ext/admin-lte/css/adminlte.min.css">
+	<link rel="stylesheet" href="<?php echo BASE_URL; ?>tools/css/adminlte.min.css">
 	<link rel="stylesheet" href="<?php echo BASE_URL; ?>tools/css/font-awesome.min.css">
 	<?php if (isset($use_datatable)) { ?>
 	<link rel="stylesheet" href="<?php echo BASE_URL; ?>tools/css/datatables.bs.min.css">
@@ -197,7 +197,7 @@ if ($logged && admin()) {
 <script src="<?php echo BASE_URL; ?>tools/js/datatables.min.js"></script>
 <script src="<?php echo BASE_URL; ?>tools/js/datatables.bs.min.js"></script>
 <?php } ?>
-<script src="<?php echo BASE_URL; ?>tools/ext/admin-lte/js/adminlte.min.js"></script>
+<script src="<?php echo BASE_URL; ?>tools/js/adminlte.min.js"></script>
 <?php $hooks->trigger(HOOK_ADMIN_BODY_END); ?>
 </body>
 </html>

common.php

@@ -20,13 +20,13 @@
  *
  * @package   MyAAC
  * @author    Slawkens <slawkens@gmail.com>
- * @copyright 2019 MyAAC
+ * @copyright 2024 MyAAC
  * @link      https://my-aac.org
  */
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.0-beta';
+const MYAAC_VERSION = '1.0-RC';
 const DATABASE_VERSION = 40;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
@@ -156,7 +156,7 @@ if (file_exists(BASE . 'config.local.php')) {
 
 /** @var array $config */
 ini_set('log_errors', 1);
-if(@$config['env'] === 'dev') {
+if(@$config['env'] === 'dev' || defined('MYAAC_INSTALL')) {
 	ini_set('display_errors', 1);
 	ini_set('display_startup_errors', 1);
 	error_reporting(E_ALL);

composer.json

@@ -15,11 +15,12 @@
         "illuminate/database": "^10.18",
         "peppeocchi/php-cron-scheduler": "4.*",
         "symfony/console": "^6.4",
-        "symfony/string": "^6.4"
+        "symfony/string": "^6.4",
+        "symfony/var-dumper": "^6.4",
+        "filp/whoops": "^2.15",
+        "maximebf/debugbar": "dev-master"
     },
     "require-dev": {
-        "filp/whoops": "^2.15",
-        "maximebf/debugbar": "dev-master",
         "phpstan/phpstan": "^1.10"
     },
     "autoload": {

cypress/e2e/1-install.cy.js

@@ -67,7 +67,7 @@ describe('Install MyAAC', () => {
 
 		cy.get('form').submit()
 
-		cy.contains('[class="alert alert-success"]', 'Congratulations', { timeout: 30000 }).should('be.visible')
+		cy.contains('[class="alert alert-success"]', 'Congratulations', { timeout: 60000 }).should('be.visible')
 
 		cy.wait(2000);
 

install/index.php

@@ -3,9 +3,9 @@
 use Twig\Environment as Twig_Environment;
 use Twig\Loader\FilesystemLoader as Twig_FilesystemLoader;
 
-require '../common.php';
+const MYAAC_INSTALL = true;
 
-define('MYAAC_INSTALL', true);
+require '../common.php';
 
 // includes
 require SYSTEM . 'functions.php';

install/steps/3-requirements.php

@@ -2,10 +2,15 @@
 defined('MYAAC') or die('Direct access not allowed!');
 
 // configuration
-$dirs_required = [
+$dirs_required_writable = [
 	'system/logs',
 	'system/cache',
 ];
+
+$dirs_required = [
+	'tools/ext' => $locale['step_requirements_folder_not_exists_tools_ext'],
+];
+
 $dirs_optional = [
 	GUILD_IMAGES_DIR => $locale['step_requirements_warning_images_guilds'],
 	GALLERY_DIR => $locale['step_requirements_warning_images_gallery'],
@@ -18,6 +23,7 @@ $extensions_optional = [
 	'gd' => $locale['step_requirements_warning_player_signatures'],
 	'zip' => $locale['step_requirements_warning_install_plugins'],
 ];
+
 /*
  *
  * @param string $name
@@ -41,7 +47,7 @@ $failed = false;
 // start validating
 version_check($locale['step_requirements_php_version'], (PHP_VERSION_ID >= 50500), PHP_VERSION);
 
-foreach ($dirs_required as $value)
+foreach ($dirs_required_writable as $value)
 {
 	$is_writable = is_writable(BASE . $value) && (MYAAC_OS != 'WINDOWS' || win_is_writable(BASE . $value));
 	version_check($locale['step_requirements_write_perms'] . ': ' . $value, $is_writable);
@@ -52,6 +58,12 @@ foreach ($dirs_optional as $dir => $errorMsg) {
 	version_check($locale['step_requirements_write_perms'] . ': ' . $dir, $is_writable, $is_writable ? '' : $errorMsg, true);
 }
 
+foreach ($dirs_required as $dir => $errorMsg)
+{
+	$exists = is_dir(BASE . $dir);
+	version_check($locale['step_requirements_folder_exists'] . ': ' . $dir, $exists, $exists ? '' : $errorMsg);
+}
+
 $ini_register_globals = ini_get_bool('register_globals');
 version_check('register_long_arrays', !$ini_register_globals, $ini_register_globals ? $locale['on'] : $locale['off']);
 
@@ -78,4 +90,3 @@ if($failed) {
 }
 
 echo '</div>';
-?>

install/steps/5-database.php

@@ -41,49 +41,50 @@ if(!$error) {
 	$configToSave['cache_engine'] = 'auto';
 	$configToSave['cache_prefix'] = 'myaac_' . generateRandomString(8, true, false, true);
 
+	if(!$error) {
+		$content = '';
+		$saved = Settings::saveConfig($configToSave, BASE . 'config.local.php', $content);
+		if ($saved) {
+			success($locale['step_database_config_saved']);
+			$_SESSION['saved'] = true;
+
+			require BASE . 'config.local.php';
 			require BASE . 'install/includes/config.php';
 
-	if(!$error) {
+			if (!$error) {
 				require BASE . 'install/includes/database.php';
 
-		$locale['step_database_importing'] = str_replace('$DATABASE_NAME$', config('database_name'), $locale['step_database_importing']);
+				if (isset($database_error)) { // we failed connect to the database
-		success($locale['step_database_importing']);
-
-		if(isset($database_error)) { // we failed connect to the database
 					error($database_error);
 				}
 				else {
-			if(!$db->hasTable('accounts')) {
+					if (!$db->hasTable('accounts')) {
 						$tmp = str_replace('$TABLE$', 'accounts', $locale['step_database_error_table']);
 						error($tmp);
 						$error = true;
 					}
 
-			if(!$db->hasTable('players')) {
+					if (!$db->hasTable('players')) {
 						$tmp = str_replace('$TABLE$', 'players', $locale['step_database_error_table']);
 						error($tmp);
 						$error = true;
 					}
 
-			if(!$db->hasTable('guilds')) {
+					if (!$db->hasTable('guilds')) {
 						$tmp = str_replace('$TABLE$', 'guilds', $locale['step_database_error_table']);
 						error($tmp);
 						$error = true;
 					}
 
-			if(!$error) {
+					if (!$error) {
 						$twig->display('install.installer.html.twig', array(
 							'url' => 'tools/5-database.php',
 							'message' => $locale['loading_spinner']
 						));
-
-				$content = '';
-				$saved = Settings::saveConfig($configToSave, BASE . 'config.local.php', $content);
-				if($saved) {
-					success($locale['step_database_config_saved']);
-					$_SESSION['saved'] = true;
 					}
-				else {
+				}
+			}
+		} else {
 			$_SESSION['config_content'] = $content;
 			unset($_SESSION['saved']);
 
@@ -92,8 +93,6 @@ if(!$error) {
 				<textarea cols="70" rows="10">' . $content . '</textarea>');
 		}
 	}
-		}
-	}
 }
 ?>
 

install/steps/7-finish.php

@@ -1,5 +1,7 @@
 <?php
 
+use MyAAC\Cache\Cache;
+use MyAAC\Models\News;
 use MyAAC\Settings;
 
 defined('MYAAC') or die('Direct access not allowed!');
@@ -7,56 +9,66 @@ defined('MYAAC') or die('Direct access not allowed!');
 ini_set('max_execution_time', 300);
 if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['saved'])) {
 	warning($locale['already_installed']);
+	return;
 }
-else {
-	require SYSTEM . 'init.php';
-	if(!$error) {
-		if(USE_ACCOUNT_NAME || USE_ACCOUNT_NUMBER)
-			$account = isset($_SESSION['var_account']) ? $_SESSION['var_account'] : null;
-		else
-			$account_id = isset($_SESSION['var_account_id']) ? $_SESSION['var_account_id'] : null;
 
-		$password = $_SESSION['var_password'];
+$cache = Cache::getInstance();
+if ($cache->enabled()) {
+	// clear plugin_hooks to have fresh hooks
+	$cache->delete('plugins_hooks');
+}
 
-		if(USE_ACCOUNT_SALT)
+require SYSTEM . 'init.php';
-		{
+if($error) {
+	return;
+}
+
+if(USE_ACCOUNT_NAME || USE_ACCOUNT_NUMBER)
+	$account = $_SESSION['var_account'] ?? null;
+else
+	$account_id = $_SESSION['var_account_id'] ?? null;
+
+$password = $_SESSION['var_password'];
+
+if(USE_ACCOUNT_SALT)
+{
 	$salt = generateRandomString(10, false, true, true);
 	$password = $salt . $password;
-		}
+}
 
-		$account_db = new OTS_Account();
+$account_db = new OTS_Account();
-		if(isset($account))
+if(isset($account))
 	$account_db->find($account);
-		else
+else
 	$account_db->load($account_id);
 
-		$player_name = $_SESSION['var_player_name'];
+$player_name = $_SESSION['var_player_name'];
-		$player_db = new OTS_Player();
+$player_db = new OTS_Player();
-		$player_db->find($player_name);
+$player_db->find($player_name);
 
-		if(!$player_db->isLoaded())
+if(!$player_db->isLoaded())
-		{
+{
 	$player = new OTS_Player();
 	$player->setName($player_name);
 
 	$player_used = &$player;
-		}
+}
-		else {
+else {
 	$player_used = &$player_db;
-		}
+}
 
-		$groups = new OTS_Groups_List();
+$groups = new OTS_Groups_List();
-		$player_used->setGroupId($groups->getHighestId());
+$player_used->setGroupId($groups->getHighestId());
 
-		$email = $_SESSION['var_email'];
+$email = $_SESSION['var_email'];
-		if($account_db->isLoaded()) {
+if($account_db->isLoaded()) {
 	$account_db->setPassword(encrypt($password));
 	$account_db->setEMail($email);
 	$account_db->save();
 
 	$account_used = &$account_db;
-		}
+}
-		else {
+else {
 	$new_account = new OTS_Account();
 	if(USE_ACCOUNT_NAME) {
 		$new_account->create($account);
@@ -74,53 +86,72 @@ else {
 	$new_account->logAction('Account created.');
 
 	$account_used = &$new_account;
-		}
+}
 
-		if(USE_ACCOUNT_SALT)
+if(USE_ACCOUNT_SALT)
 	$account_used->setCustomField('salt', $salt);
 
-		$account_used->setCustomField('web_flags', FLAG_ADMIN + FLAG_SUPER_ADMIN);
+$account_used->setCustomField('web_flags', FLAG_ADMIN + FLAG_SUPER_ADMIN);
-		$account_used->setCustomField('country', 'us');
+$account_used->setCustomField('country', 'us');
-		if($db->hasColumn('accounts', 'group_id'))
+$account_used->setCustomField('email_verified', 1);
+
+if($db->hasColumn('accounts', 'group_id'))
 	$account_used->setCustomField('group_id', $groups->getHighestId());
-		if($db->hasColumn('accounts', 'type'))
+if($db->hasColumn('accounts', 'type'))
 	$account_used->setCustomField('type', 6);
 
-		if(!$player_db->isLoaded())
+if(!$player_db->isLoaded())
 	$player->setAccountId($account_used->getId());
-		else
+else
 	$player_db->setAccountId($account_used->getId());
 
-		success($locale['step_database_created_account']);
+success($locale['step_database_created_account']);
 
-		setSession('account', $account_used->getId());
+setSession('account', $account_used->getId());
-		setSession('password', encrypt($password));
+setSession('password', encrypt($password));
-		setSession('remember_me', true);
+setSession('remember_me', true);
 
-		if($player_db->isLoaded()) {
+if($player_db->isLoaded()) {
 	$player_db->save();
-		}
+}
-		else {
+else {
 	$player->save();
-		}
+}
 
+if(!News::all()->count()) {
 	$player_id = 0;
-		$query = $db->query("SELECT `id` FROM `players` WHERE `name` = " . $db->quote($player_name) . ";");
+	$tmpNewsPlayer = \MyAAC\Models\Player::where('name', $player_name)->first();
-		if($query->rowCount() == 1) {
+	if($tmpNewsPlayer) {
-			$query = $query->fetch();
+		$player_id = $tmpNewsPlayer->id;
-			$player_id = $query['id'];
 	}
 
-		$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX ."news` WHERE `title` LIKE 'Hello!';");
+	News::create([
-		if($query->rowCount() == 0) {
+		'type' => 1,
-			if(query("INSERT INTO `" . TABLE_PREFIX ."news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hide`) VALUES (NULL, '1', UNIX_TIMESTAMP(), '2', 'Hello!', 'MyAAC is just READY to use!', " . $player_id . ", 'https://my-aac.org', '0');
+		'date' => time(),
-	INSERT INTO `myaac_news` (`id`, `type`, `date`, `category`, `title`, `body`, `player_id`, `comments`, `hide`) VALUES (NULL, '2', UNIX_TIMESTAMP(), '4', 'Hello tickets!', 'https://my-aac.org', " . $player_id . ", '', '0');")) {
+		'category' => 2,
+		'title' => 'Hello!',
+		'body' => 'MyAAC is just READY to use!',
+		'player_id' => $player_id,
+		'comments' => 'https://my-aac.org',
+		'hide' => 0,
+	]);
+
+	News::create([
+		'type' => 2,
+		'date' => time(),
+		'category' => 4,
+		'title' => 'Hello tickers!',
+		'body' => 'https://my-aac.org',
+		'player_id' => $player_id,
+		'comments' => '',
+		'hide' => 0,
+	]);
+
 	success($locale['step_database_created_news']);
-			}
+}
-		}
 
-		$settings = Settings::getInstance();
+$settings = Settings::getInstance();
-		foreach($_SESSION as $key => $value) {
+foreach($_SESSION as $key => $value) {
 	if (in_array($key, ['var_usage', 'var_date_timezone', 'var_client'])) {
 		if ($key == 'var_usage') {
 			$key = 'anonymous_usage_statistics';
@@ -133,15 +164,15 @@ else {
 
 		$settings->updateInDatabase('core', $key, $value);
 	}
-		}
+}
-		success('Settings saved.');
+success('Settings saved.');
 
-		$twig->display('install.installer.html.twig', array(
+$twig->display('install.installer.html.twig', array(
 	'url' => 'tools/7-finish.php',
 	'message' => $locale['importing_spinner']
-		));
+));
 
-		if(!isset($_SESSION['installed'])) {
+if(!isset($_SESSION['installed'])) {
 	if (!array_key_exists('CI', getenv())) {
 		$report_url = 'https://my-aac.org/report_install.php?v=' . MYAAC_VERSION . '&b=' . urlencode(BASE_URL);
 		if (function_exists('curl_version'))
@@ -158,15 +189,15 @@ else {
 	}
 
 	$_SESSION['installed'] = true;
-		}
+}
 
-		foreach($_SESSION as $key => $value) {
+foreach($_SESSION as $key => $value) {
 	if(strpos($key, 'var_') !== false)
 		unset($_SESSION[$key]);
-		}
-		unset($_SESSION['saved']);
-		if(file_exists(CACHE . 'install.txt')) {
-			unlink(CACHE . 'install.txt');
-		}
-	}
 }
+unset($_SESSION['saved']);
+if(file_exists(CACHE . 'install.txt')) {
+	unlink(CACHE . 'install.txt');
+}
+
+$hooks->trigger(HOOK_INSTALL_FINISH_END);

install/tools/5-database.php

@@ -32,6 +32,9 @@ if($db->hasTable(TABLE_PREFIX . 'account_actions')) {
 else {
 	// import schema
 	try {
+		$locale['step_database_importing'] = str_replace('$DATABASE_NAME$', config('database_name'), $locale['step_database_importing']);
+		success($locale['step_database_importing']);
+
 		$db->query(file_get_contents(BASE . 'install/includes/schema.sql'));
 
 		$locale['step_database_success_schema'] = str_replace('$PREFIX$', TABLE_PREFIX, $locale['step_database_success_schema']);
@@ -138,75 +141,76 @@ if(!$db->hasColumn('accounts', 'premium_points')) {
 		success($locale['step_database_adding_field'] . ' accounts.premium_points...');
 }
 
-if($db->hasColumn('guilds', 'checkdata')) {
+if ($db->hasTable('guilds')) {
-	if(query("ALTER TABLE `guilds` MODIFY `checkdata` INT NOT NULL DEFAULT 0;"))
+	if ($db->hasColumn('guilds', 'checkdata')) {
+		if (query("ALTER TABLE `guilds` MODIFY `checkdata` INT NOT NULL DEFAULT 0;"))
 			success($locale['step_database_modifying_field'] . ' guilds.checkdata...');
-}
+	}
 
-if(!$db->hasColumn('guilds', 'motd')) {
+	if (!$db->hasColumn('guilds', 'motd')) {
-	if(query("ALTER TABLE `guilds` ADD `motd` VARCHAR(255) NOT NULL DEFAULT '';"))
+		if (query("ALTER TABLE `guilds` ADD `motd` VARCHAR(255) NOT NULL DEFAULT '';"))
 			success($locale['step_database_adding_field'] . ' guilds.motd...');
-}
+	} else {
-else {
+		if (query("ALTER TABLE `guilds` MODIFY `motd` VARCHAR(255) NOT NULL DEFAULT '';"))
-	if(query("ALTER TABLE `guilds` MODIFY `motd` VARCHAR(255) NOT NULL DEFAULT '';"))
 			success($locale['step_database_modifying_field'] . ' guilds.motd...');
-}
+	}
 
-if(!$db->hasColumn('guilds', 'description')) {
+	if (!$db->hasColumn('guilds', 'description')) {
-	if(query("ALTER TABLE `guilds` ADD `description` TEXT NOT NULL;"))
+		if (query("ALTER TABLE `guilds` ADD `description` TEXT NOT NULL;"))
 			success($locale['step_database_adding_field'] . ' guilds.description...');
-}
+	}
 
-if($db->hasColumn('guilds', 'logo_gfx_name')) {
+	if ($db->hasColumn('guilds', 'logo_gfx_name')) {
-	if(query("ALTER TABLE `guilds` CHANGE `logo_gfx_name` `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';")) {
+		if (query("ALTER TABLE `guilds` CHANGE `logo_gfx_name` `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';")) {
 			$tmp = str_replace('$FIELD$', 'guilds.logo_gfx_name', $locale['step_database_changing_field']);
 			$tmp = str_replace('$FIELD_NEW$', 'guilds.logo_name', $tmp);
 			success($tmp);
 		}
-}
+	} else if (!$db->hasColumn('guilds', 'logo_name')) {
-else if(!$db->hasColumn('guilds', 'logo_name')) {
+		if (query("ALTER TABLE `guilds` ADD `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';"))
-	if(query("ALTER TABLE `guilds` ADD `logo_name` VARCHAR( 255 ) NOT NULL DEFAULT 'default.gif';"))
 			success($locale['step_database_adding_field'] . ' guilds.logo_name...');
+	}
 }
 
-if(!$db->hasColumn('players', 'created')) {
+if ($db->hasTable('players')) {
-	if(query("ALTER TABLE `players` ADD `created` INT(11) NOT NULL DEFAULT 0;"))
+	if (!$db->hasColumn('players', 'created')) {
+		if (query("ALTER TABLE `players` ADD `created` INT(11) NOT NULL DEFAULT 0;"))
 			success($locale['step_database_adding_field'] . ' players.created...');
-}
+	}
 
-if(!$db->hasColumn('players', 'deleted') && !$db->hasColumn('players', 'deletion')) {
+	if (!$db->hasColumn('players', 'deleted') && !$db->hasColumn('players', 'deletion')) {
-	if(query("ALTER TABLE `players` ADD `deleted` TINYINT(1) NOT NULL DEFAULT 0;"))
+		if (query("ALTER TABLE `players` ADD `deleted` TINYINT(1) NOT NULL DEFAULT 0;"))
 			success($locale['step_database_adding_field'] . ' players.deleted...');
-}
+	}
 
-if($db->hasColumn('players', 'hide_char')) {
+	if ($db->hasColumn('players', 'hide_char')) {
-	if(!$db->hasColumn('players', 'hide')) {
+		if (!$db->hasColumn('players', 'hide')) {
-		if(query("ALTER TABLE `players` CHANGE `hide_char` `hide` TINYINT(1) NOT NULL DEFAULT 0;")) {
+			if (query("ALTER TABLE `players` CHANGE `hide_char` `hide` TINYINT(1) NOT NULL DEFAULT 0;")) {
 				$tmp = str_replace('$FIELD$', 'players.hide_char', $locale['step_database_changing_field']);
 				$tmp = str_replace('$FIELD_NEW$', 'players.hide', $tmp);
 				success($tmp);
 			}
 		}
-}
+	} else if (!$db->hasColumn('players', 'hide')) {
-else if(!$db->hasColumn('players', 'hide')) {
+		if (query("ALTER TABLE `players` ADD `hide` TINYINT(1) NOT NULL DEFAULT 0;"))
-	if(query("ALTER TABLE `players` ADD `hide` TINYINT(1) NOT NULL DEFAULT 0;"))
 			success($locale['step_database_adding_field'] . ' players.hide...');
-}
+	}
 
-if(!$db->hasColumn('players', 'comment')) {
+	if (!$db->hasColumn('players', 'comment')) {
-	if(query("ALTER TABLE `players` ADD `comment` TEXT NOT NULL;"))
+		if (query("ALTER TABLE `players` ADD `comment` TEXT NOT NULL;"))
 			success($locale['step_database_adding_field'] . ' players.comment...');
-}
+	}
 
-if($db->hasColumn('players', 'rank_id')) {
+	if ($db->hasColumn('players', 'rank_id')) {
-	if(query("ALTER TABLE players MODIFY `rank_id` INT(11) NOT NULL DEFAULT 0;"))
+		if (query("ALTER TABLE players MODIFY `rank_id` INT(11) NOT NULL DEFAULT 0;"))
 			success($locale['step_database_modifying_field'] . ' players.rank_id...');
 
-	if($db->hasColumn('players', 'guildnick')) {
+		if ($db->hasColumn('players', 'guildnick')) {
-		if(query("ALTER TABLE players MODIFY `guildnick` VARCHAR(255) NOT NULL DEFAULT '';")) {
+			if (query("ALTER TABLE players MODIFY `guildnick` VARCHAR(255) NOT NULL DEFAULT '';")) {
 				success($locale['step_database_modifying_field'] . ' players.guildnick...');
 			}
 		}
+	}
 }
 
 if($db->hasTable('z_forum')) {

install/tools/7-finish.php

@@ -77,6 +77,8 @@ if(ModelsFAQ::count() == 0) {
 	]);
 }
 
+$hooks->trigger(HOOK_INSTALL_FINISH);
+
 $db->setClearCacheAfter(true);
 
 $locale['step_finish_desc'] = str_replace('$ADMIN_PANEL$', generateLink(str_replace('tools/', '',ADMIN_URL), $locale['step_finish_admin_panel'], true), $locale['step_finish_desc']);

nginx-sample.conf

@@ -10,17 +10,20 @@ server {
 	# this is very important, be sure its in your nginx conf - it prevents access to logs etc.
 	location ~ /system {
 		deny all;
-		return 404;
 	}
 
-	# block .htaccess
+	location /vendor {
-	location ~ /\.ht {
+		deny all;
+	}
+
+	# block .htaccess, CHANGELOG.md, composer.json etc.
+	# this is to prevent finding software versions
+	location ~\.(ht|md|json|dist)$ {
 		deny all;
 	}
 
 	# block git files and folders
 	location ~ /\.git {
-		return 404;
 		deny all;
 	}
 

phpstan.neon

@@ -28,7 +28,8 @@ parameters:
 		- '#Variable \$guild might not be defined#'
 		- '#Variable \$[a-zA-Z0-9\\_]+ might not be defined#'
 		# Eloquent models
-		- '#Call to an undefined static method [a-zA-Z0-9\\_]+::[a-zA-Z0-9\\_]+()#'
+		- '#Call to an undefined static method [a-zA-Z0-9\\_]+::[a-zA-Z0-9\\_]+\(\)#'
+		- '#Call to an undefined method object::toArray\(\)#'
 		# system/pages/highscores.php
 		- '#Call to an undefined method Illuminate\\Database\\Query\\Builder::withOnlineStatus\(\)#'
 		- '#Access to an undefined property Illuminate\\Database\\Eloquent\\Model::\$online_status#'

plugins/email-confirmed-reward/reward.php

@@ -1,8 +1,6 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 
-$reward = setting('core.account_mail_confirmed_reward');
-
 $hasCoinsColumn = $db->hasColumn('accounts', 'coins');
 $rewardCoins = setting('core.account_mail_confirmed_reward_coins');
 if ($rewardCoins > 0 && !$hasCoinsColumn) {

plugins/example.json

@@ -25,7 +25,8 @@
 	"hooks": {
 		"Example Hook": {
 			"type": "BEFORE_PAGE",
-			"file": "plugins/example/before.php"
+			"file": "plugins/example/before.php",
+			"priority": 1000
 		}
 	},
 	"routes": {
@@ -33,12 +34,20 @@
 			"pattern": "/YourAwesomePage/{name:string}/{page:int}",
 			"file": "plugins/your-plugin/your-awesome-page.php",
 			"method": "GET",
-			"priority": "130"
+			"priority": 130
 		},
 		"Redirect Example": {
 			"redirect_from": "/redirectExample",
 			"redirect_to": "account/manage"
 		}
 	},
-	"settings": "plugins/your-plugin-folder/settings.php"
+	"routes-default-priority": 1000,
+	"pages-default-priority": 1000,
+	"settings": "plugins/your-plugin-folder/settings.php",
+	"autoload": {
+		"pages": true,
+		"pagesSubFolders": false,
+		"commands": true,
+		"themes": true
+	}
  }

release.sh

@@ -38,7 +38,11 @@ if [ $1 = "prepare" ]; then
 	cd $dir || exit
 
 	# dependencies
-	composer install --prefer-dist --optimize-autoloader
+	composer install --no-dev --prefer-dist --optimize-autoloader
+	npm install
+
+	# node_modules is useless, we already have copy in tools/ext
+	rm -R node_modules
 
 	echo "Now you can make changes to $dir. When you are ready, type 'release.sh pack'"
 	exit

system/database.php

@@ -127,6 +127,7 @@ try {
 	}
 
 	if(defined('MYAAC_INSTALL')) {
+		$error = $e->getMessage();
 		return; // installer will take care of this
 	}
 

system/functions.php

@@ -87,18 +87,29 @@ function getForumBoardLink($board_id, $page = NULL): string {
 	return BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . 'forum/board/' . (int)$board_id . (isset($page) ? '/' . $page : '');
 }
 
-function getPlayerLink($name, $generate = true): string
+function getPlayerLink($name, $generate = true, bool $colored = false): string
 {
-	if(is_numeric($name))
-	{
 	$player = new OTS_Player();
+
+	if(is_numeric($name)) {
 		$player->load((int)$name);
-		if($player->isLoaded())
+	}
-			$name = $player->getName();
+	else {
+		$player->find($name);
 	}
 
+	if (!$player->isLoaded()) {
+		return '(error)';
+	}
+
+	$name = $player->getName();
+
 	$url = BASE_URL . (setting('core.friendly_urls') ? '' : 'index.php/') . 'characters/' . urlencode($name);
 
+	if ($colored) {
+		$name = '<span style="color: ' . ($player->isOnline() ? 'green' : 'red') . ';">' . $name . '</span>';
+	}
+
 	if(!$generate) return $url;
 	return generateLink($url, $name);
 }
@@ -1623,7 +1634,7 @@ function removeIfFirstSlash(&$text) {
 };
 
 function escapeHtml($html) {
-	return htmlentities($html, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
+	return htmlspecialchars($html);
 }
 
 function getGuildNameById($id)

system/init.php

@@ -134,10 +134,6 @@ $ots = POT::getInstance();
 $eloquentConnection = null;
 require_once SYSTEM . 'database.php';
 
-if ($config_lua_reload) {
-	clearCache();
-}
-
 // verify myaac tables exists in database
 if(!defined('MYAAC_INSTALL') && !$db->hasTable('myaac_account_actions')) {
 	throw new RuntimeException('Seems that the table myaac_account_actions of MyAAC doesn\'t exist in the database. This is a fatal error. You can try to reinstall MyAAC by visiting ' . BASE_URL . 'install');
@@ -163,8 +159,8 @@ date_default_timezone_set(setting('core.date_timezone'));
 
 setting(
 	[
-		'core.account_create_character_create',
+		'core.account_mail_verify',
-		setting('core.account_create_character_create') && (!setting('core.mail_enabled') || !setting('core.account_mail_verify'))
+		setting('core.account_mail_verify') && setting('core.mail_enabled')
 	]
 );
 

system/libs/pot/OTS_Base_DAO.php

@@ -83,38 +83,4 @@ abstract class OTS_Base_DAO implements IOTS_DAO
     {
         unset($this->data['id']);
     }
-
-/**
- * Magic PHP5 method.
- * 
- * <p>
- * Allows object importing from {@link http://www.php.net/manual/en/function.var-export.php var_export()}.
- * </p>
- * 
- * @version 0.1.0
- * @param array $properties List of object properties.
- */
-    public static function __set_state($properties)
-    {
-        // deletes database handle
-        if( isset($properties['db']) )
-        {
-            unset($properties['db']);
-        }
-
-        // initializes new object with current database connection
-        $object = new self();
-
-        // loads properties
-        foreach($properties as $name => $value)
-        {
-            $object->$name = $value;
-        }
-
-        return $object;
-    }
 }
-
-/**#@-*/
-
-?>

system/libs/pot/OTS_Buffer.php

@@ -196,6 +196,16 @@ class OTS_Buffer
 		return $value[1];
 	}
 
+	public function getLongLong()
+	{
+		// checks buffer size
+		$this->check(8);
+
+		$value = unpack('P', substr($this->buffer, $this->pos, 8) );
+		$this->pos += 8;
+		return $value[1];
+	}
+
 /**
  * Appends quater byte to buffer.
  *

system/libs/pot/OTS_Monster.php

@@ -135,13 +135,14 @@ class OTS_Monster extends DOMDocument
 	{
 		$flags = array();
 
-        // read all flags
+		if ($this->documentElement->getElementsByTagName('flags')->item(0)) {
 			foreach( $this->documentElement->getElementsByTagName('flags')->item(0)->getElementsByTagName('flag') as $flag)
 			{
 				$flag = $flag->attributes->item(0);
 
 				$flags[$flag->nodeName] = (int) $flag->nodeValue;
 			}
+		}
 
 		return $flags;
 	}

system/libs/pot/OTS_Player.php

@@ -90,7 +90,7 @@ class OTS_Player extends OTS_Row_DAO
  * @version 0.1.2
  * @var array
  */
-    private $data = array('sex' => 0, 'vocation' => 0, 'experience' => 0, 'level' => 1, 'maglevel' => 0, 'health' => 100, 'healthmax' => 100, 'mana' => 100, 'manamax' => 100, 'manaspent' => 0, 'soul' => 0, 'lookbody' => 10, 'lookfeet' => 10, 'lookhead' => 10, 'looklegs' => 10, 'looktype' => 136, 'lookaddons' => 0, 'posx' => 0, 'posy' => 0, 'posz' => 0, 'cap' => 0, 'lastlogin' => 0, 'lastip' => 0, 'save' => true, 'skulltime' => 0, 'skull' => 0, 'balance' => 0, 'lastlogout' => 0, 'blessings' => 0, 'stamina' => 0, 'online' => 0, 'comment' => '', 'created' => 0, 'hide' => 0);
+    private $data = array('group_id' => 1, 'sex' => 0, 'vocation' => 0, 'experience' => 0, 'level' => 1, 'maglevel' => 0, 'health' => 100, 'healthmax' => 100, 'mana' => 100, 'manamax' => 100, 'manaspent' => 0, 'soul' => 0, 'lookbody' => 10, 'lookfeet' => 10, 'lookhead' => 10, 'looklegs' => 10, 'looktype' => 136, 'lookaddons' => 0, 'posx' => 0, 'posy' => 0, 'posz' => 0, 'cap' => 0, 'lastlogin' => 0, 'lastip' => 0, 'save' => true, 'skulltime' => 0, 'skull' => 0, 'balance' => 0, 'lastlogout' => 0, 'blessings' => 0, 'stamina' => 0, 'online' => 0, 'comment' => '', 'created' => 0, 'hide' => 0);
 
 /**
  * Player skills.
@@ -1229,6 +1229,13 @@ class OTS_Player extends OTS_Row_DAO
         $this->data['direction'] = (int) $direction;
     }
 
+	public function getOutfit(): string
+	{
+		$hasLookAddons = $this->db->hasColumn('players', 'lookaddons');
+
+		return setting('core.outfit_images_url') . '?id=' . $this->getLookType() . ($hasLookAddons ? '&addons=' . $this->getLookAddons() : '') . '&head=' . $this->getLookHead() . '&body=' . $this->getLookBody() . '&legs=' . $this->getLookLegs() . '&feet=' . $this->getLookFeet();
+	}
+
 /**
  * Body color.
  *

system/locale/de/install.php

@@ -36,6 +36,10 @@ $locale['step_requirements'] = 'Anforderungen';
 $locale['step_requirements_title'] = 'Anforderungen überprüfen';
 $locale['step_requirements_php_version'] = 'PHP Version';
 $locale['step_requirements_write_perms'] = 'Schreibberechtigungen';
+$locale['step_requirements_folder_exists'] = 'Ordner ist vorhanden';
+$locale['step_requirements_folder_not_exists_tools_ext'] = 'NPM Package Manager wird verwendet für externe JavaScript/CSS Bibliotheken.'
+	. ' Es sollte via Command Line installiert werden: <a href="https://docs.npmjs.com/downloading-and-installing-node-js-and-npm">https://docs.npmjs.com/downloading-and-installing-node-js-and-npm</a>'
+	. ' Nachdem das Tool installiert wurde, folgende Befehl sollte ausgeführt in dem Hauptordner des MyAACs: "npm install".';
 $locale['step_requirements_failed'] = 'Die Installation wird deaktiviert, bis diese Anforderungen erfüllt sind.</b><br/>Für weitere Informationen siehe <b>README</b> Datei.';
 $locale['step_requirements_extension'] = '$EXTENSION$ PHP Erweiterung';
 

system/locale/en/install.php

@@ -36,6 +36,10 @@ $locale['step_requirements'] = 'Requirements';
 $locale['step_requirements_title'] = 'Requirements check';
 $locale['step_requirements_php_version'] = 'PHP Version';
 $locale['step_requirements_write_perms'] = 'Write permissions';
+$locale['step_requirements_folder_exists'] = 'Directory exists';
+$locale['step_requirements_folder_not_exists_tools_ext'] = 'NPM Package Manager is used for external JavaScript/CSS libraries.'
+	. ' You need to install it through Command Line: <a href="https://docs.npmjs.com/downloading-and-installing-node-js-and-npm">https://docs.npmjs.com/downloading-and-installing-node-js-and-npm</a>'
+	. ' When you done with installing that tool, execute: "npm install" in the main MyAAC folder.';
 $locale['step_requirements_failed'] = 'Installation will be disabled until these requirements will be passed.</b><br/>For more informations see <b>README</b> file.';
 $locale['step_requirements_extension'] = '$EXTENSION$ PHP extension';
 $locale['step_requirements_warning_images_guilds'] = 'Guild logo upload will not work';

system/locale/pl/install.php

@@ -36,6 +36,10 @@ $locale['step_requirements'] = 'Wymagania';
 $locale['step_requirements_title'] = 'Sprawdzanie wymagań';
 $locale['step_requirements_php_version'] = 'Wersja PHP';
 $locale['step_requirements_write_perms'] = 'Uprawnienia do zapisu';
+$locale['step_requirements_folder_exists'] = 'Folder istnieje';
+$locale['step_requirements_folder_not_exists_tools_ext'] = 'Manadżer Pakietów NPM jest używany do zewnętrznych bibliotek JavaScript/CSS.'
+	. ' Trzeba go zainstalować poprzez wiersz poleceń: <a href="https://docs.npmjs.com/downloading-and-installing-node-js-and-npm">https://docs.npmjs.com/downloading-and-installing-node-js-and-npm</a>'
+	. ' Po instalacji narzędzia, wywołaj następujące polecenie w głownym katalogu MyAAC: "npm install".';
 $locale['step_requirements_failed'] = 'Instalacja zostanie zablokowana dopóki te wymagania nie zostaną spełnione.</b><br/>Po więcej informacji zasięgnij do pliku <b>README</b>.';
 $locale['step_requirements_extension'] = 'Rozszerzenie PHP - $EXTENSION$';
 $locale['step_requirements_warning_images_guilds'] = 'Nie będzie możliwości uploadu obrazków gildii';

system/logout.php

@@ -22,11 +22,5 @@ if(isset($account_logged) && $account_logged->isLoaded()) {
 
 		$logged = false;
 		unset($account_logged);
-
-		if(isset($_REQUEST['redirect']))
-		{
-			header('Location: ' . urldecode($_REQUEST['redirect']));
-			exit;
-		}
 	}
 }

system/pages/account/base.php

@@ -12,6 +12,8 @@ defined('MYAAC') or die('Direct access not allowed!');
 
 if(!$logged)
 {
+	$title = 'Login';
+
 	if(!empty($errors))
 		$twig->display('error_box.html.twig', array('errors' => $errors));
 
@@ -19,7 +21,8 @@ if(!$logged)
 		'redirect' => $_REQUEST['redirect'] ?? null,
 		'account' => USE_ACCOUNT_NAME ? 'Name' : 'Number',
 		'account_login_by' => getAccountLoginByLabel(),
-		'error' => $errors[0] ?? null
+		'error' => $errors[0] ?? null,
+		'errors' => $errors ?? [],
 	));
 
 	return;

system/pages/account/change-email.php

@@ -57,14 +57,14 @@ if($email_new_time < 10) {
 			$twig->display('error_box.html.twig', array('errors' => $errors));
 
 			//show form
-			$twig->display('account.change_mail.html.twig', array(
+			$twig->display('account.change-email.html.twig', array(
 				'new_email' => isset($_POST['new_email']) ? $_POST['new_email'] : null
 			));
 		}
 	}
 	else
 	{
-		$twig->display('account.change_mail.html.twig', array(
+		$twig->display('account.change-email.html.twig', array(
 			'new_email' => isset($_POST['new_email']) ? $_POST['new_email'] : null
 		));
 	}

system/pages/account/change-info.php

@@ -26,12 +26,13 @@ if(setting('core.account_country'))
 $account = Account::find($account_logged->getId());
 
 $show_form = true;
-$new_rlname = isset($_POST['info_rlname']) ? htmlspecialchars(stripslashes($_POST['info_rlname'])) : NULL;
+$new_rlname = isset($_POST['info_rlname']) ? htmlspecialchars(stripslashes($_POST['info_rlname'])) : '';
-$new_location = isset($_POST['info_location']) ? htmlspecialchars(stripslashes($_POST['info_location'])) : NULL;
+$new_location = isset($_POST['info_location']) ? htmlspecialchars(stripslashes($_POST['info_location'])) : '';
-$new_country = isset($_POST['info_country']) ? htmlspecialchars(stripslashes($_POST['info_country'])) : NULL;
+$new_country = isset($_POST['info_country']) ? htmlspecialchars(stripslashes($_POST['info_country'])) : '';
 if(isset($_POST['changeinfosave']) && $_POST['changeinfosave'] == 1) {
-	if(!isset($config['countries'][$new_country]))
+	if(setting('core.account_country') && !isset($config['countries'][$new_country])) {
 		$errors[] = 'Country is not correct.';
+	}
 
 	if(empty($errors)) {
 		//save data from form
@@ -39,7 +40,14 @@ if(isset($_POST['changeinfosave']) && $_POST['changeinfosave'] == 1) {
 		$account->location = $new_location;
 		$account->country = $new_country;
 		$account->save();
-		$account_logged->logAction('Changed Real Name to <b>' . $new_rlname . '</b>, Location to <b>' . $new_location . '</b> and Country to <b>' . $config['countries'][$new_country] . '</b>.');
+
+		$log = 'Changed Real Name to <b>' . $new_rlname . '</b>, Location to <b>' . $new_location . '</b>';
+		if(setting('core.account_country')) {
+			$log .= ' and Country to <b>' . $config['countries'][$new_country] . '</b>';
+		}
+		$log .= '.';
+
+		$account_logged->logAction($log);
 		$twig->display('success.html.twig', array(
 			'title' => 'Public Information Changed',
 			'description' => 'Your public information has been changed.'
@@ -68,7 +76,7 @@ if($show_form) {
 			$countries[$code] = $country;
 	}
 
-	$twig->display('account.change_info.html.twig', array(
+	$twig->display('account.change-info.html.twig', array(
 		'countries' => $countries ?? [],
 		'account_rlname' => $account_rlname,
 		'account_location' => $account_location,

system/pages/account/change-password.php

@@ -21,7 +21,7 @@ $new_password = $_POST['newpassword'] ?? NULL;
 $new_password_confirm = $_POST['newpassword_confirm'] ?? NULL;
 $old_password = $_POST['oldpassword'] ?? NULL;
 if(empty($new_password) && empty($new_password_confirm) && empty($old_password)) {
-	$twig->display('account.change_password.html.twig');
+	$twig->display('account.change-password.html.twig');
 }
 else
 {
@@ -52,7 +52,7 @@ else
 		$twig->display('error_box.html.twig', array('errors' => $errors));
 
 		//show form
-		$twig->display('account.change_password.html.twig');
+		$twig->display('account.change-password.html.twig');
 	}
 	else {
 		$org_pass = $new_password;

system/pages/account/characters/change-comment.php

@@ -14,7 +14,7 @@ use MyAAC\Models\Player;
 defined('MYAAC') or die('Direct access not allowed!');
 
 $title = 'Change Comment';
-require __DIR__ . '/base.php';
+require PAGES . 'account/base.php';
 
 if(!$logged) {
 	return;
@@ -68,7 +68,7 @@ if($show_form) {
 	}
 
 	if(isset($player) && $player) {
-		$twig->display('account.change_comment.html.twig', array(
+		$twig->display('account.characters.change-comment.html.twig', array(
 			'player' => $player->toArray()
 		));
 	}

system/pages/account/characters/change-name.php

@@ -11,7 +11,7 @@
 defined('MYAAC') or die('Direct access not allowed!');
 
 $title = 'Change Name';
-require __DIR__ . '/base.php';
+require PAGES . 'account/base.php';
 
 if(!$logged) {
 	return;
@@ -109,7 +109,7 @@ else
 			$twig->display('error_box.html.twig', array('errors' => $errors));
 		}
 
-		$twig->display('account.change_name.html.twig', array(
+		$twig->display('account.characters.change-name.html.twig', array(
 			'points' => $points,
 			'errors' => $errors
 			//'account_players' => $account_logged->getPlayersList()

system/pages/account/characters/change-sex.php

@@ -11,7 +11,7 @@
 defined('MYAAC') or die('Direct access not allowed!');
 
 $title = 'Change Sex';
-require __DIR__ . '/base.php';
+require PAGES . 'account/base.php';
 
 if(!$logged) {
 	return;
@@ -88,7 +88,7 @@ else
 		if(!empty($errors)) {
 			$twig->display('error_box.html.twig', array('errors' => $errors));
 		}
-		$twig->display('account.change_sex.html.twig', array(
+		$twig->display('account.characters.change-sex.html.twig', array(
 			'players' => $account_logged->getPlayersList(false),
 			'player_sex' => isset($player) ? $player->getSex() : -1,
 			'points' => $points

system/pages/account/characters/create.php

@@ -14,7 +14,7 @@ use MyAAC\CreateCharacter;
 defined('MYAAC') or die('Direct access not allowed!');
 
 $title = 'Create Character';
-require __DIR__ . '/base.php';
+require PAGES . 'account/base.php';
 
 if(!$logged) {
 	return;
@@ -43,7 +43,7 @@ if(count($errors) > 0) {
 }
 
 if(!$character_created) {
-	$twig->display('account.create_character.html.twig', array(
+	$twig->display('account.characters.create.html.twig', array(
 		'name' => $character_name,
 		'sex' => $character_sex,
 		'vocation' => $character_vocation,

system/pages/account/characters/delete.php

@@ -11,7 +11,7 @@
 defined('MYAAC') or die('Direct access not allowed!');
 
 $title = 'Delete Character';
-require __DIR__ . '/base.php';
+require PAGES . 'account/base.php';
 
 if(!$logged) {
 	return;
@@ -93,5 +93,5 @@ if($show_form) {
 		$twig->display('error_box.html.twig', array('errors' => $errors));
 	}
 
-	$twig->display('account.delete_character.html.twig');
+	$twig->display('account.characters.delete.html.twig');
 }

system/pages/account/confirm-email.php

@@ -25,16 +25,20 @@ if(!Account::where('email_hash', $hash)->exists()) {
 }
 else
 {
-	if (Account::where('email_hash', $hash)->where('email_verified', 0)->exists()) {
+	$accountModel = Account::where('email_hash', $hash)->where('email_verified', 0)->first();
-		$query = $query->fetch(PDO::FETCH_ASSOC);
+	if ($accountModel) {
+		$accountModel->email_verified = 1;
+		$accountModel->save();
+
+		success('You have now verified your e-mail, this will increase the security of your account. Thank you for doing this. You can now <a href=' . getLink('account/manage') . '>log in</a>.');
+
 		$account = new OTS_Account();
-		$account->load($query['id']);
+		$account->load($accountModel->id);
 		if ($account->isLoaded()) {
 			$hooks->trigger(HOOK_EMAIL_CONFIRMED, ['account' => $account]);
 		}
 	}
-
+	else {
-	Account::where('email_hash', $hash)->update('email_verified', 1);
+		error('Link has expired.');
-	success('You have now verified your e-mail, this will increase the security of your account. Thank you for doing this.');
+	}
 }
-?>

system/pages/account/create.php

@@ -227,7 +227,7 @@ if($save)
 			$hash = md5(generateRandomString(16, true, true) . $email);
 			$new_account->setCustomField('email_hash', $hash);
 
-			$verify_url = getLink('account/confirm_email/' . $hash);
+			$verify_url = getLink('account/confirm-email/' . $hash);
 			$body_html = $twig->render('mail.account.verify.html.twig', array(
 				'account' => $tmp_account,
 				'verify_url' => generateLink($verify_url, $verify_url, true)
@@ -236,6 +236,9 @@ if($save)
 			if(_mail($email, 'New account on ' . $config['lua']['serverName'], $body_html))
 			{
 				echo 'Your account has been created.<br/><br/>';
+
+				warning("Before you can login - you need to verify your E-Mail. The verification link has been sent to $email. If the message is not coming - remember to check the SPAM folder.");
+
 				$twig->display('success.html.twig', array(
 					'title' => 'Account Created',
 					'description' => 'Your account ' . $account_type . ' is <b>' . $tmp_account . '</b><br/>You will need the account ' . $account_type . ' and your password to play on ' . configLua('serverName') . '.
@@ -252,15 +255,6 @@ if($save)
 		}
 		else
 		{
-			if(setting('core.account_create_character_create')) {
-				// character creation
-				$character_created = $createCharacter->doCreate($character_name, $character_sex, $character_vocation, $character_town, $new_account, $errors);
-				if (!$character_created) {
-					error('There was an error creating your character. Please create your character later in account management page.');
-					error(implode(' ', $errors));
-				}
-			}
-
 			if(setting('core.account_create_auto_login')) {
 				if ($hasBeenCreatedByEMail) {
 					$_POST['account_login'] = $email;
@@ -311,6 +305,15 @@ if($save)
 			}
 		}
 
+		if(setting('core.account_create_character_create')) {
+			// character creation
+			$character_created = $createCharacter->doCreate($character_name, $character_sex, $character_vocation, $character_town, $new_account, $errors);
+			if (!$character_created) {
+				error('There was an error creating your character. Please create your character later in account management page.');
+				error(implode(' ', $errors));
+			}
+		}
+
 		return;
 	}
 }

system/pages/account/login.php

@@ -9,16 +9,17 @@
  * @link      https://my-aac.org
  */
 defined('MYAAC') or die('Direct access not allowed!');
-$title = 'Login';
 
 // new login with data from form
-if(!$logged && isset($_POST['account_login'], $_POST['password_login']))
+if($logged || !isset($_POST['account_login']) || !isset($_POST['password_login'])) {
+	return;
+}
+
+$login_account = $_POST['account_login'];
+$login_password = $_POST['password_login'];
+$remember_me = isset($_POST['remember_me']);
+if(!empty($login_account) && !empty($login_password))
 {
-	$login_account = $_POST['account_login'];
-	$login_password = $_POST['password_login'];
-	$remember_me = isset($_POST['remember_me']);
-	if(!empty($login_account) && !empty($login_password))
-	{
 	if($cache->enabled())
 	{
 		$tmp = '';
@@ -59,6 +60,10 @@ if(!$logged && isset($_POST['account_login'], $_POST['password_login']))
 		&& (!isset($t) || $t['attempts'] < 5)
 	)
 	{
+		if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
+			$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
+		}
+		else {
 			session_regenerate_id();
 			setSession('account', $account_logged->getId());
 			setSession('password', encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password));
@@ -82,6 +87,7 @@ if(!$logged && isset($_POST['account_login'], $_POST['password_login']))
 
 			$hooks->trigger(HOOK_LOGIN, array('account' => $account_logged, 'password' => $login_password, 'remember_me' => $remember_me));
 		}
+	}
 	else
 	{
 		$hooks->trigger(HOOK_LOGIN_ATTEMPT, array('account' => $login_account, 'password' => $login_password, 'remember_me' => $remember_me));
@@ -114,12 +120,11 @@ if(!$logged && isset($_POST['account_login'], $_POST['password_login']))
 			$errors[] = $errorMessage;
 		}
 	}
-	}
+}
-	else {
+else {
 	$errors[] = 'Please enter your ' . getAccountLoginByLabel() . ' and password.';
 
 	$hooks->trigger(HOOK_LOGIN_ATTEMPT, array('account' => $login_account, 'password' => $login_password, 'remember_me' => $remember_me));
-	}
-
-	$hooks->trigger(HOOK_ACCOUNT_LOGIN_POST);
 }
+
+$hooks->trigger(HOOK_ACCOUNT_LOGIN_POST);

system/pages/account/manage.php

@@ -22,6 +22,12 @@ if(isset($_REQUEST['redirect']))
 {
 	$redirect = urldecode($_REQUEST['redirect']);
 
+	// should never happen, unless hacker modify the URL
+	if (!str_contains($redirect, BASE_URL)) {
+		error('Fatal error: Cannot redirect outside the website.');
+		return;
+	}
+
 	$twig->display('account.redirect.html.twig', array(
 		'redirect' => $redirect
 	));
@@ -46,7 +52,7 @@ if(empty($recovery_key))
 else
 {
 	if(setting('core.account_generate_new_reckey') && setting('core.mail_enabled'))
-		$account_registered = '<b><span style="color: green">Yes ( <a href="' . getLink('account/register/new') . '"> Buy new Recovery Key </a> )</span></b>';
+		$account_registered = '<b><span style="color: green">Yes ( <a href="' . getLink('account/register-new') . '"> Buy new Recovery Key </a> )</span></b>';
 	else
 		$account_registered = '<b><span style="color: green">Yes</span></b>';
 }

system/pages/account/redirect.php

@@ -12,6 +12,12 @@ defined('MYAAC') or die('Direct access not allowed!');
 
 $redirect = urldecode($_REQUEST['redirect']);
 
+// should never happen, unless hacker modify the URL
+if (!str_contains($redirect, BASE_URL)) {
+	error('Fatal error: Cannot redirect outside the website.');
+	return;
+}
+
 $twig->display('account.redirect.html.twig', array(
 	'redirect' => $redirect
 ));

system/pages/characters.php

@@ -8,6 +8,9 @@
  * @copyright 2019 MyAAC
  * @link      https://my-aac.org
  */
+
+use MyAAC\Models\PlayerDeath;
+
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Characters';
 
@@ -199,7 +202,7 @@ if($player->isLoaded() && !$player->isDeleted())
 		unset($storage);
 	}
 
-	if($config['characters']['equipment'] && $db->hasTable('player_items') && $db->hasColumn('player_items', 'pid') && $db->hasColumn('player_items', 'sid') && $db->hasColumn('player_items', 'itemtype')) {
+	if($db->hasTable('player_items') && $db->hasColumn('player_items', 'pid') && $db->hasColumn('player_items', 'sid') && $db->hasColumn('player_items', 'itemtype')) {
 		$eq_sql = $db->query('SELECT `pid`, `itemtype` FROM player_items WHERE player_id = '.$player->getId().' AND (`pid` >= 1 and `pid` <= 10)');
 		$equipment = array();
 		foreach($eq_sql as $eq)
@@ -322,20 +325,39 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 
 	$frags = array();
 	$frag_add_content = '';
-	if($config['characters']['frags'] && $db->hasTable('killers')) {
+	if ($config['characters']['frags']) {
+		$frags_limit = 10; // frags limit to show? // default: 10
+
+		if ($db->hasTable('killers')) {
 			//frags list by Xampy
 			$i = 0;
-		$frags_limit = 10; // frags limit to show? // default: 10
+			$player_frags = $db->query('SELECT `player_deaths`.*, `players`.`name`, `killers`.`unjustified` FROM `player_deaths` LEFT JOIN `killers` ON `killers`.`death_id` = `player_deaths`.`id` LEFT JOIN `player_killers` ON `player_killers`.`kill_id` = `killers`.`id` LEFT JOIN `players` ON `players`.`id` = `player_deaths`.`player_id` WHERE `player_killers`.`player_id` = ' . $player->getId() . ' ORDER BY `date` DESC LIMIT 0,' . $frags_limit . ';')->fetchAll();
-		$player_frags = $db->query('SELECT `player_deaths`.*, `players`.`name`, `killers`.`unjustified` FROM `player_deaths` LEFT JOIN `killers` ON `killers`.`death_id` = `player_deaths`.`id` LEFT JOIN `player_killers` ON `player_killers`.`kill_id` = `killers`.`id` LEFT JOIN `players` ON `players`.`id` = `player_deaths`.`player_id` WHERE `player_killers`.`player_id` = '.$player->getId().' ORDER BY `date` DESC LIMIT 0,'.$frags_limit.';')->fetchAll();
+			if (count($player_frags)) {
-		if(count($player_frags)) {
 				$row_count = 0;
-			foreach($player_frags as $frag)
+				foreach ($player_frags as $frag) {
-			{
 					$description = 'Fragged <a href="' . getPlayerLink($frag['name'], false) . '">' . $frag['name'] . '</a> at level ' . $frag['level'];
 					$frags[] = array('time' => $frag['date'], 'description' => $description, 'unjustified' => $frag['unjustified'] != 0);
 				}
 			}
 		}
+		else if($db->hasTable('player_deaths') && $db->hasColumn('player_deaths', 'killed_by')) {
+			$i = 0;
+			$player_frags = PlayerDeath::where('player_deaths.killed_by', $player->getName())
+				->join('players', 'players.id', '=', 'player_deaths.player_id')
+				->limit($frags_limit)
+				->selectRaw('players.name, player_deaths.*')
+				->orderBy('player_deaths.time', 'DESC')
+				->get();
+
+			if ($player_frags->count()) {
+				$row_count = 0;
+				foreach ($player_frags as $frag) {
+					$description = 'Fragged <a href="' . getPlayerLink($frag->name, false) . '">' . $frag->name . '</a> at level ' . $frag->level;
+					$frags[] = array('time' => $frag->time, 'description' => $description, 'unjustified' => $frag->unjustified != 0);
+				}
+			}
+		}
+	}
 
 	// signature
 	if(setting('core.signature_enabled')) {

system/pages/forum/edit_post.php

@@ -19,7 +19,7 @@ if ($ret === false) {
 }
 
 if(!$logged) {
-	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
+	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
 	return;
 }
 

system/pages/forum/move_thread.php

@@ -19,7 +19,7 @@ if ($ret === false) {
 }
 
 if(!$logged) {
-	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
+	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
 	return;
 }
 

system/pages/forum/new_post.php

@@ -24,7 +24,7 @@ if(!$logged) {
 		$extra_url = '?action=new_post&thread_id=' . $_GET['thread_id'];
 	}
 
-	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
+	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
 	return;
 }
 

system/pages/forum/new_thread.php

@@ -24,7 +24,7 @@ if(!$logged) {
 		$extra_url = '?action=new_thread&section_id=' . $_GET['section_id'];
 	}
 
-	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
+	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum') . $extra_url) . '">Log in</a> to post on the forum.<br /><br />';
 	return;
 }
 

system/pages/forum/remove_post.php

@@ -19,7 +19,7 @@ if ($ret === false) {
 }
 
 if(!$logged) {
-	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . BASE_URL . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
+	echo 'You are not logged in. <a href="' . getLink('account/manage') . '?redirect=' . urlencode(getLink('forum')) . '">Log in</a> to post on the forum.<br /><br />';
 	return;
 }
 

system/pages/forum/show_thread.php

@@ -60,7 +60,7 @@ foreach($posts as &$post) {
 	}
 
 	if($config['characters']['outfit']) {
-		$post['outfit'] = setting('core.outfit_images_url') . '?id=' . $player->getLookType() . ($lookaddons ? '&addons=' . $player->getLookAddons() : '') . '&head=' . $player->getLookHead() . '&body=' . $player->getLookBody() . '&legs=' . $player->getLookLegs() . '&feet=' . $player->getLookFeet();
+		$post['outfit'] = $player->getOutfit();
 	}
 
 	$groupName = '';

system/pages/guilds/cleanup_players.php

@@ -40,7 +40,7 @@ if(count($players_list) > 0)
 				if(!$rank_guild->isLoaded())
 				{
 					$player->setRank();
-					$player->setGuildNick();
+					$player->setGuildNick('');
 					$changed_ranks_of[] = $player->getName();
 					$deleted_ranks[] = 'ID: '.$player_rank->getId().' - '.$player_rank->getName();
 					$player_rank->delete();

system/pages/guilds/create.php

@@ -10,6 +10,8 @@
  */
 defined('MYAAC') or die('Direct access not allowed!');
 
+use MyAAC\Models\GuildRank;
+
 require __DIR__ . '/base.php';
 
 $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : NULL;
@@ -113,7 +115,25 @@ if(isset($todo) && $todo == 'save')
 	$new_guild->setOwner($player);
 	$new_guild->save();
 	$new_guild->setCustomField('description', setting('core.guild_description_default'));
-	//$new_guild->setCustomField('creationdata', time());
+
+	if ($db->hasTable('guild_ranks')) {
+		if (!GuildRank::where('guild_id', $new_guild->getId())->first()) {
+			$ranks = [
+				['level' => 3, 'name' => 'the Leader'],
+				['level' => 2, 'name' => 'a Vice-Leader'],
+				['level' => 1, 'name' => 'a Member'],
+			];
+
+			foreach ($ranks as $rank) {
+				GuildRank::create([
+					'guild_id' => $new_guild->getId(),
+					'name' => $rank['name'],
+					'level' => $rank['level'],
+				]);
+			}
+		}
+	}
+
 	$ranks = $new_guild->getGuildRanksList();
 	$ranks->orderBy('level', POT::ORDER_DESC);
 	foreach($ranks as $rank) {
@@ -124,14 +144,11 @@ if(isset($todo) && $todo == 'save')
 			$player->setRank($rank);
 		}
 	}
+
 	$twig->display('guilds.create.success.html.twig', array(
 		'guild_name' => $guild_name,
 		'leader_name' => $player->getName()
 	));
-
-	/*$db->exec('INSERT INTO `guild_ranks` (`id`, `guild_id`, `name`, `level`) VALUES (null, '.$new_guild->getId().', "the Leader", 3)');
-	$db->exec('INSERT INTO `guild_ranks` (`id`, `guild_id`, `name`, `level`) VALUES (null, '.$new_guild->getId().', "a Vice-Leader", 2)');
-	$db->exec('INSERT INTO `guild_ranks` (`id`, `guild_id`, `name`, `level`) VALUES (null, '.$new_guild->getId().', "a Member", 1)');*/
 }
 else {
 	sort($array_of_player_nig);

system/pages/guilds/show.php

@@ -142,9 +142,7 @@ if($logged && count($invited_list) > 0)
 	}
 }
 
-$useGuildNick = false;
+$useGuildNick = $db->hasTable('guild_members') || $db->hasTable('guild_membership') || $db->hasColumn('players', 'guildnick');
-if($db->hasColumn('players', 'guildnick'))
-	$useGuildNick = true;
 
 $twig->display('guilds.view.html.twig', array(
 	'logo' => $guild_logo,
@@ -160,7 +158,6 @@ $twig->display('guilds.view.html.twig', array(
 	'level_in_guild' => $level_in_guild,
 	'isLeader' => $guild_leader,
 	'isVice' => $guild_vice,
-	'logged' => $logged,
 	'invited_list' => $invited_list,
 	'show_accept_invite' => $show_accept_invite,
 	'useGuildNick' => $useGuildNick

system/pages/highscores.php

@@ -182,7 +182,7 @@ if (empty($highscores)) {
 		if ($db->hasTable('player_killers')) {
 			$query->addSelect(['value' => PlayerKillers::where('player_killers.player_id', 'players.id')->selectRaw('COUNT(*)')]);
 		} else {
-			$query->addSelect(['value' => PlayerDeath::unjustified()->where('player_deaths.killed_by', 'players.name')->selectRaw('COUNT(*)')]);
+			$query->addSelect(['value' => PlayerDeath::unjustified()->whereColumn('player_deaths.killed_by', 'players.name')->selectRaw('COUNT(*)')]);
 		}
 	} else if ($skill == SKILL_BALANCE) // balance
 	{

system/pages/monsters.php

@@ -39,9 +39,12 @@ if (empty($_REQUEST['name'])) {
 
 // display monster
 $monster_name = urldecode(stripslashes(ucwords(strtolower($_REQUEST['name']))));
-$monster = Monster::where('hide', '!=', 1)->where('name', $monster_name)->first()->toArray();
+$monsterModel = Monster::where('hide', '!=', 1)->where('name', $monster_name)->first();
+
+if ($monsterModel && isset($monsterModel->name)) {
+	/** @var array $monster */
+	$monster = $monsterModel->toArray();
 
-if (isset($monster['name'])) {
 	function sort_by_chance($a, $b)
 	{
 		if ($a['chance'] == $b['chance']) {
@@ -79,7 +82,7 @@ if (isset($monster['name'])) {
 	));
 
 } else {
-	echo "Monster with name <b>" . $monster_name . "</b> doesn't exist.";
+	echo "Monster with name <b>" . htmlspecialchars($monster_name) . "</b> doesn't exist.";
 }
 
 // back button

system/pages/polls.php

@@ -51,7 +51,7 @@ function getColorByPercent($percent)
 					if($logged)
 						echo $link.'?id='.$poll['id'];
 					else
-						echo getLink('account/manage') . '?redirect=' . BASE_URL . urlencode($link.'?id='.$poll['id']);
+						echo getLink('account/manage') . '?redirect=' . urlencode($link.'?id='.$poll['id']);
 
 					echo '">'.$poll['question'] . '</a>
 				</td>
@@ -80,7 +80,7 @@ function getColorByPercent($percent)
 					if($logged)
 						echo $link.'?id='.$poll['id'];
 					else
-						echo getLink('account/manage') . '?redirect=' . BASE_URL . urlencode($link.'?id='.$poll['id']);
+						echo getLink('account/manage') . '?redirect=' . urlencode($link.'?id='.$poll['id']);
 
 					echo '">'.$poll['question'] . '</a>
 				</td>

system/router.php

@@ -91,35 +91,67 @@ if($logged && $account_logged && $account_logged->isLoaded()) {
 $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r) {
 	$routes = require SYSTEM . 'routes.php';
 
-	$isAlreadyDefined = [];
+	$routesFinal = [];
-
-	$routesTmp = [];
 	foreach(getDatabasePages() as $page) {
-		$isAlreadyDefined[$page] = true;
+		$routesFinal[] = ['*', $page, '__database__/' . $page, 100];
-		$routesTmp[] = ['*', $page, '__database__/' . $page, true];
 	}
 
 	Plugins::clearWarnings();
 	foreach (Plugins::getRoutes() as $route) {
-		if(!isset($isAlreadyDefined[$route[1]])) {
+		$routesFinal[] = [$route[0], $route[1], $route[2], $route[3] ?? 1000];
-			$isAlreadyDefined[$route[1]] = true;
+/*
-			$routesTmp[] = [$route[0], $route[1], $route[2]];
+		echo '<pre>';
-		}
+		var_dump($route[1], $route[3], $route[2]);
+		echo '/<pre>';
+*/
 	}
 
 	foreach ($routes as $route) {
-		if(!isset($isAlreadyDefined[$route[1]])) {
+		if (!str_contains($route[2], '__redirect__') && !str_contains($route[2], '__database__')) {
-			if (strpos($route[2], '__redirect__') === false && strpos($route[2], '__database__') === false) {
+			$routesFinal[] = [$route[0], $route[1], 'system/pages/' . $route[2], $route[3] ?? 10000];
-				$routesTmp[] = [$route[0], $route[1], 'system/pages/' . $route[2]];
 		}
 		else {
-				$routesTmp[] = [$route[0], $route[1], $route[2]];
+			$routesFinal[] = [$route[0], $route[1], $route[2], $route[3] ?? 10000];
-			}
 		}
 	}
 
-	//var_dump($routesTmp);
+	// sort required for the next step (filter)
-	foreach ($routesTmp as $route) {
+	usort($routesFinal, function ($a, $b)
+	{
+		// key 3 is priority
+		if ($a[3] == $b[3]) {
+			return 0;
+		}
+
+		return ($a[3] < $b[3]) ? -1 : 1;
+	});
+
+	// remove duplicates
+	// if same route pattern, but different priority
+	$routesFinal = array_filter($routesFinal, function ($a) {
+		$aliases = [
+			[':int', ':string', ':alphanum'],
+			[':\d+', ':[A-Za-z0-9-_%+\' ]+', ':[A-Za-z0-9]+'],
+		];
+
+		// apply aliases
+		$a[1] = str_replace($aliases[0], $aliases[1], $a[1]);
+
+		static $duplicates = [];
+		if (isset($duplicates[$a[1]])) {
+			return false;
+		}
+
+		$duplicates[$a[1]] = true;
+		return true;
+	});
+/*
+	echo '<pre>';
+	var_dump($routesFinal);
+	echo '</pre>';
+	die;
+*/
+	foreach ($routesFinal as $route) {
 		if ($route[0] === '*') {
 			$route[0] = ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'HEAD'];
 		}

system/routes.php

@@ -11,50 +11,56 @@ defined('MYAAC') or die('Direct access not allowed!');
 
 return [
 	['GET', '', 'news.php'], // empty URL = show news
-	['GET', 'news/archive/{id:int}[/]', 'news/archive.php'],
+	['GET', 'news/archive/{id:int}', 'news/archive.php'],
-	['GET', 'news/{id:int}[/]', 'news/archive.php'],
+	['GET', 'news/{id:int}', 'news/archive.php'],
 
 	// block access to some files
-	['*', 'account/base[/]', '404.php'], // this is to block account/base.php
+	['*', 'account/base', '404.php', 10], // this is to block account/base.php
-	['*', 'forum/base[/]', '404.php'],
+	['*', 'forum/base', '404.php', 10],
-	['*', 'guilds/base[/]', '404.php'],
+	['*', 'guilds/base', '404.php', 10],
 
-	[['GET', 'POST'], 'account/password[/]', 'account/change_password.php'],
+	['GET', 'account/confirm-email/{hash:alphanum}', 'account/confirm-email.php'],
-	[['GET', 'POST'], 'account/register/new[/]', 'account/register_new.php'],
-	[['GET', 'POST'], 'account/email[/]', 'account/change_email.php'],
-	[['GET', 'POST'], 'account/info[/]', 'account/change_info.php'],
-	[['GET', 'POST'], 'account/character/create[/]', 'account/create_character.php'],
-	[['GET', 'POST'], 'account/character/name[/]', 'account/change_name.php'],
-	[['GET', 'POST'], 'account/character/sex[/]', 'account/change_sex.php'],
-	[['GET', 'POST'], 'account/character/delete[/]', 'account/delete_character.php'],
-	[['GET', 'POST'], 'account/character/comment[/{name:[A-Za-z0-9-_%+\']+}]', 'account/change_comment.php'],
-	['GET', 'account/confirm_email/{hash:alphanum}[/]', 'account/confirm_email.php'],
 
-	['GET', 'bans/{page:int}[/]', 'bans.php'],
+	['GET', 'bans/{page:int}', 'bans.php'],
 	[['GET', 'POST'], 'characters[/{name:string}]', 'characters.php'],
 	['GET', 'changelog[/{page:int}]', 'changelog.php'],
 	[['GET', 'POST'], 'monsters[/{name:string}]', 'monsters.php'],
 
 	[['GET', 'POST'], 'faq[/{action:string}]', 'faq.php'],
 
-	[['GET', 'POST'], 'forum/{action:string}[/]', 'forum.php'],
+	[['GET', 'POST'], 'forum/{action:string}', 'forum.php'],
-	['GET', 'forum/board/{id:int}[/]', 'forum/show_board.php'],
+	['GET', 'forum/board/{id:int}', 'forum/show_board.php'],
-	['GET', 'forum/board/{id:int}/{page:[0-9]+}[/]', 'forum/show_board.php'],
+	['GET', 'forum/board/{id:int}/{page:[0-9]+}', 'forum/show_board.php'],
-	['GET', 'forum/thread/{id:int}[/]', 'forum/show_thread.php'],
+	['GET', 'forum/thread/{id:int}', 'forum/show_thread.php'],
-	['GET', 'forum/thread/{id:int}/{page:int}[/]', 'forum/show_thread.php'],
+	['GET', 'forum/thread/{id:int}/{page:int}', 'forum/show_thread.php'],
 
-	['GET', 'gallery/{image:int}[/]', 'gallery.php'],
+	['GET', 'gallery/{image:int}', 'gallery.php'],
-	[['GET', 'POST'], 'gallery/{action:string}[/]', 'gallery.php'],
+	[['GET', 'POST'], 'gallery/{action:string}', 'gallery.php'],
 
-	[['GET', 'POST'], 'guilds/{guild:string}[/]', 'guilds/show.php'],
+	[['GET', 'POST'], 'guilds/{guild:string}', 'guilds/show.php'],
 
-	['GET', 'highscores/{list:alphanum}/{vocation:alphanum}/{page:int}[/]', 'highscores.php'],
+	['GET', 'highscores/{list:alphanum}/{vocation:alphanum}/{page:int}', 'highscores.php'],
-	['GET', 'highscores/{list:alphanum}/{page:int}[/]', 'highscores.php'],
+	['GET', 'highscores/{list:alphanum}/{page:int}', 'highscores.php'],
-	['GET', 'highscores/{list:alphanum}/{vocation:alphanum}[/]', 'highscores.php'],
+	['GET', 'highscores/{list:alphanum}/{vocation:alphanum}', 'highscores.php'],
-	['GET', 'highscores/{list:alphanum}[/]', 'highscores.php'],
+	['GET', 'highscores/{list:alphanum}', 'highscores.php'],
 /*
-	'/^gifts\/history\/?$/' => array('subtopic' => 'gifts', 'action' => 'show_history'),
 	'/^polls\/[0-9]+\/?$/' => array('subtopic' => 'polls', 'id' => '$1'),
 	'/^spells\/[A-Za-z0-9-_%]+\/[A-Za-z0-9-_]+\/?$/' => array('subtopic' => 'spells', 'vocation' => '$1', 'order' => '$2'),
 	'/^houses\/view\/?$/' => array('subtopic' => 'houses', 'page' => 'view')*/
+
+	/**
+	 * Deprecated
+	 * To be removed in next versions
+	 * Kept just for compatibility
+	 */
+	[['GET', 'POST'], 'account/password', 'account/change-password.php'],
+	[['GET', 'POST'], 'account/register/new', 'account/register-new.php'],
+	[['GET', 'POST'], 'account/email', 'account/change-email.php'],
+	[['GET', 'POST'], 'account/info', 'account/change-info.php'],
+	[['GET', 'POST'], 'account/character/create', 'account/characters/create.php'],
+	[['GET', 'POST'], 'account/character/name', 'account/characters/change-name.php'],
+	[['GET', 'POST'], 'account/character/sex', 'account/characters/change-sex.php'],
+	[['GET', 'POST'], 'account/character/delete', 'account/characters/delete.php'],
+	[['GET', 'POST'], 'account/character/comment[/{name:string}]', 'account/characters/change-comment.php'],
+	['GET', 'account/confirm_email/{hash:alphanum}', 'account/confirm-email.php'],
 ];

system/settings.php

@@ -735,7 +735,7 @@ Sent by MyAAC,<br/>
 			'name' => 'Name Min Length',
 			'type' => 'number',
 			'desc' => '',
-			'default' => 4,
+			'default' => 3,
 		],
 		'create_character_name_max_length' => [
 			'name' => 'Name Max Length',

system/src/CreateCharacter.php

@@ -149,9 +149,9 @@ class CreateCharacter
 		if(empty($errors))
 		{
 			$char_to_copy_name = config('character_samples')[$vocation];
-			$char_to_copy = new \OTS_Player();
+			$playerSample = new \OTS_Player();
-			$char_to_copy->find($char_to_copy_name);
+			$playerSample->find($char_to_copy_name);
-			if(!$char_to_copy->isLoaded())
+			if(!$playerSample->isLoaded())
 				$errors[] = 'Wrong characters configuration. Try again or contact with admin. ADMIN: Go to Admin Panel -> Settings -> Create Character and set valid characters to copy names. Character to copy: <b>'.$char_to_copy_name.'</b> doesn\'t exist.';
 		}
 
@@ -162,72 +162,72 @@ class CreateCharacter
 		global $db;
 
 		if($sex == "0")
-			$char_to_copy->setLookType(136);
+			$playerSample->setLookType(136);
 
 		$player = new \OTS_Player();
 		$player->setName($name);
 		$player->setAccount($account);
 		$player->setGroupId(1);
 		$player->setSex($sex);
-		$player->setVocation($char_to_copy->getVocation());
+		$player->setVocation($playerSample->getVocation());
 		if($db->hasColumn('players', 'promotion'))
-			$player->setPromotion($char_to_copy->getPromotion());
+			$player->setPromotion($playerSample->getPromotion());
 
 		if($db->hasColumn('players', 'direction'))
-			$player->setDirection($char_to_copy->getDirection());
+			$player->setDirection($playerSample->getDirection());
 
-		$player->setConditions($char_to_copy->getConditions());
+		$player->setConditions($playerSample->getConditions());
-		$rank = $char_to_copy->getRank();
+		$rank = $playerSample->getRank();
 		if($rank->isLoaded()) {
-			$player->setRank($char_to_copy->getRank());
+			$player->setRank($playerSample->getRank());
 		}
 
 		if($db->hasColumn('players', 'lookaddons'))
-			$player->setLookAddons($char_to_copy->getLookAddons());
+			$player->setLookAddons($playerSample->getLookAddons());
 
 		$player->setTownId($town);
-		$player->setExperience($char_to_copy->getExperience());
+		$player->setExperience($playerSample->getExperience());
-		$player->setLevel($char_to_copy->getLevel());
+		$player->setLevel($playerSample->getLevel());
-		$player->setMagLevel($char_to_copy->getMagLevel());
+		$player->setMagLevel($playerSample->getMagLevel());
-		$player->setHealth($char_to_copy->getHealth());
+		$player->setHealth($playerSample->getHealth());
-		$player->setHealthMax($char_to_copy->getHealthMax());
+		$player->setHealthMax($playerSample->getHealthMax());
-		$player->setMana($char_to_copy->getMana());
+		$player->setMana($playerSample->getMana());
-		$player->setManaMax($char_to_copy->getManaMax());
+		$player->setManaMax($playerSample->getManaMax());
-		$player->setManaSpent($char_to_copy->getManaSpent());
+		$player->setManaSpent($playerSample->getManaSpent());
-		$player->setSoul($char_to_copy->getSoul());
+		$player->setSoul($playerSample->getSoul());
 
 		for($skill = \POT::SKILL_FIRST; $skill <= \POT::SKILL_LAST; $skill++) {
 			$value = 10;
 			if (setting('core.use_character_sample_skills')) {
-				$value = $char_to_copy->getSkill($skill);
+				$value = $playerSample->getSkill($skill);
 			}
 
 			$player->setSkill($skill, $value);
 		}
 
-		$player->setLookBody($char_to_copy->getLookBody());
+		$player->setLookBody($playerSample->getLookBody());
-		$player->setLookFeet($char_to_copy->getLookFeet());
+		$player->setLookFeet($playerSample->getLookFeet());
-		$player->setLookHead($char_to_copy->getLookHead());
+		$player->setLookHead($playerSample->getLookHead());
-		$player->setLookLegs($char_to_copy->getLookLegs());
+		$player->setLookLegs($playerSample->getLookLegs());
-		$player->setLookType($char_to_copy->getLookType());
+		$player->setLookType($playerSample->getLookType());
-		$player->setCap($char_to_copy->getCap());
+		$player->setCap($playerSample->getCap());
 		$player->setBalance(0);
 		$player->setPosX(0);
 		$player->setPosY(0);
 		$player->setPosZ(0);
 
 		if($db->hasColumn('players', 'stamina')) {
-			$player->setStamina($char_to_copy->getStamina());
+			$player->setStamina($playerSample->getStamina());
 		}
 
 		if($db->hasColumn('players', 'loss_experience')) {
-			$player->setLossExperience($char_to_copy->getLossExperience());
+			$player->setLossExperience($playerSample->getLossExperience());
-			$player->setLossMana($char_to_copy->getLossMana());
+			$player->setLossMana($playerSample->getLossMana());
-			$player->setLossSkills($char_to_copy->getLossSkills());
+			$player->setLossSkills($playerSample->getLossSkills());
 		}
 		if($db->hasColumn('players', 'loss_items')) {
-			$player->setLossItems($char_to_copy->getLossItems());
+			$player->setLossItems($playerSample->getLossItems());
-			$player->setLossContainers($char_to_copy->getLossContainers());
+			$player->setLossContainers($playerSample->getLossContainers());
 		}
 
 		$player->save();
@@ -245,7 +245,7 @@ class CreateCharacter
 			for($skill = \POT::SKILL_FIRST; $skill <= \POT::SKILL_LAST; $skill++) {
 				$value = 10;
 				if (setting('core.use_character_sample_skills')) {
-					$value = $char_to_copy->getSkill($skill);
+					$value = $playerSample->getSkill($skill);
 				}
 				$skillExists = $db->query('SELECT `skillid` FROM `player_skills` WHERE `player_id` = ' . $player->getId() . ' AND `skillid` = ' . $skill);
 				if($skillExists->rowCount() <= 0) {
@@ -255,7 +255,7 @@ class CreateCharacter
 		}
 
 		if ($db->hasTable('player_items') && $db->hasColumn('player_items', 'pid') && $db->hasColumn('player_items', 'sid') && $db->hasColumn('player_items', 'itemtype')) {
-			$loaded_items_to_copy = $db->query("SELECT * FROM player_items WHERE player_id = ".$char_to_copy->getId()."");
+			$loaded_items_to_copy = $db->query("SELECT * FROM player_items WHERE player_id = ".$playerSample->getId()."");
 			foreach($loaded_items_to_copy as $save_item) {
 				$blob = $db->quote($save_item['attributes']);
 				$db->query("INSERT INTO `player_items` (`player_id` ,`pid` ,`sid` ,`itemtype`, `count`, `attributes`) VALUES ('".$player->getId()."', '".$save_item['pid']."', '".$save_item['sid']."', '".$save_item['itemtype']."', '".$save_item['count']."', $blob);");
@@ -267,6 +267,7 @@ class CreateCharacter
 			[
 				'account' => $account,
 				'player' => $player,
+				'playerSample' => $playerSample,
 				'name' => $name,
 				'sex' => $sex,
 				'vocation' => $vocation,

system/src/Models/GuildRank.php

@@ -9,6 +9,8 @@ class GuildRank extends Model {
 
 	public $timestamps = false;
 
+	protected $fillable = ['guild_id', 'name', 'level'];
+
 	public function guild()
 	{
 		return $this->belongsTo(Guild::class);

system/src/Plugins.php

@@ -23,18 +23,15 @@ class Plugins {
 
 		$routes = [];
 		foreach(self::getAllPluginsJson() as $plugin) {
-			$pluginPages = glob(PLUGINS . $plugin['filename'] . '/pages/*.php');
+			$routesDefaultPriority = 1000;
-			foreach ($pluginPages as $file) {
+			if (isset($plugin['routes-default-priority'])) {
-				$file = str_replace(PLUGINS, 'plugins/', $file);
+				$routesDefaultPriority = $plugin['routes-default-priority'];
-				$name = pathinfo($file, PATHINFO_FILENAME);
-
-				$routes[] = [['get', 'post'], $name, $file, 1000];
 			}
 
 			$warningPreTitle = 'Plugin: ' . $plugin['name'] . ' - ';
 
 			if (isset($plugin['routes'])) {
-				foreach ($plugin['routes'] as $_name => $info) {
+				foreach ($plugin['routes'] as $info) {
 					// default method: get
 					$method = $info['method'] ?? ['GET'];
 					if ($method !== '*') {
@@ -51,7 +48,7 @@ class Plugins {
 					}
 
 					if (!isset($info['priority'])) {
-						$info['priority'] = 100; // default priority
+						$info['priority'] = $routesDefaultPriority; // default priority taken from plugin.json
 					}
 
 					if (isset($info['redirect_from'])) {
@@ -70,24 +67,60 @@ class Plugins {
 					// replace first occurrence of / in pattern if found (will be auto-added later)
 					removeIfFirstSlash($info['pattern']);
 
-					foreach ($routes as $id => &$route) {
+					$routes[] = [$methods, $info['pattern'], $info['file'], $info['priority']];
-						if($route[1] == $info['pattern']) {
+				}
-							if($info['priority'] < $route[3]) {
+			}
-								self::$warnings[] = $warningPreTitle . "Duplicated route with lower priority: {$info['pattern']}. Disabling this route...";
+
-								continue 2;
+			$pagesDefaultPriority = 1000;
+			if (isset($plugin['pages-default-priority'])) {
+				$pagesDefaultPriority = $plugin['pages-default-priority'];
+			}
+
+			if (self::getAutoLoadOption($plugin, 'pages', true)) {
+				//
+				// Get all plugins/*/pages/*.php pages
+				//
+				$pluginPages = glob(PLUGINS . $plugin['filename'] . '/pages/*.php');
+				foreach ($pluginPages as $file) {
+					$file = str_replace(PLUGINS, 'plugins/', $file);
+					$name = pathinfo($file, PATHINFO_FILENAME);
+
+					$routes[] = [['get', 'post'], $name, $file, $pagesDefaultPriority];
+				}
+			}
+
+			if (self::getAutoLoadOption($plugin, 'pagesSubFolders', true)) {
+				//
+				// Get all plugins/*/pages/subFolder/*.php pages
+				//
+				$pluginPagesSubFolders = glob(PLUGINS . $plugin['filename'] . '/pages/*', GLOB_ONLYDIR);
+				foreach ($pluginPagesSubFolders as $folder) {
+					$folderName = pathinfo($folder, PATHINFO_FILENAME);
+
+					$subFiles = glob(PLUGINS . $plugin['filename'] . '/pages/' . $folderName . '/*.php');
+					foreach ($subFiles as $file) {
+						$file = str_replace(PLUGINS, 'plugins/', $file);
+						$name = $folderName . '/' . pathinfo($file, PATHINFO_FILENAME);
+
+						$routes[] = [['get', 'post'], $name, $file, $pagesDefaultPriority];
+					}
+
+					$subFolders = glob(PLUGINS . $plugin['filename'] . '/pages/' . $folderName . '/*', GLOB_ONLYDIR);
+					foreach ($subFolders as $subFolder) {
+						$subFolderName = pathinfo($subFolder, PATHINFO_FILENAME);
+						$subSubFiles = glob(PLUGINS . $plugin['filename'] . '/pages/' . $folderName . '/' . $subFolderName . '/*.php');
+
+						foreach ($subSubFiles as $subSubFile) {
+							$subSubFile = str_replace(PLUGINS, 'plugins/', $subSubFile);
+							$name = $folderName . '/' . $subFolderName . '/' . pathinfo($subSubFile, PATHINFO_FILENAME);
+
+							$routes[] = [['get', 'post'], $name, $subSubFile, $pagesDefaultPriority];
+						}
 					}
-							else {
-								self::$warnings[] = $warningPreTitle . "Duplicated route with lower priority: {$route[1]} ({$route[3]}). Disabling this route...";
-								unset($routes[$id]);
 				}
 			}
 		}
 
-					$routes[] = [$methods, $info['pattern'], $info['file'], $info['priority']];
-				}
-			}
-		}
-		/*
 		usort($routes, function ($a, $b)
 		{
 			// key 3 is priority
@@ -95,14 +128,14 @@ class Plugins {
 				return 0;
 			}
 
-					return ($a[3] > $b[3]) ? -1 : 1;
+			return ($a[3] < $b[3]) ? -1 : 1;
 		});
-		*/
+
 		// cleanup before passing back
 		// priority is not needed anymore
-		foreach ($routes as &$route) {
+		//foreach ($routes as &$route) {
-			unset($route[3]);
+		//	unset($route[3]);
-		}
+		//}
 
 		if ($cache->enabled()) {
 			$cache->set('plugins_routes', serialize($routes), 600);
@@ -123,6 +156,10 @@ class Plugins {
 
 		$themes = [];
 		foreach(self::getAllPluginsJson() as $plugin) {
+			if (!self::getAutoLoadOption($plugin, 'themes', true)) {
+				continue;
+			}
+
 			$pluginThemes = glob(PLUGINS . $plugin['filename'] . '/themes/*', GLOB_ONLYDIR);
 			foreach ($pluginThemes as $path) {
 				$path = str_replace(PLUGINS, 'plugins/', $path);
@@ -151,6 +188,10 @@ class Plugins {
 
 		$commands = [];
 		foreach(self::getAllPluginsJson() as $plugin) {
+			if (!self::getAutoLoadOption($plugin, 'commands', true)) {
+				continue;
+			}
+
 			$pluginCommands = glob(PLUGINS . $plugin['filename'] . '/commands/*.php');
 			foreach ($pluginCommands as $path) {
 				$commands[] = $path;
@@ -178,13 +219,19 @@ class Plugins {
 		foreach(self::getAllPluginsJson() as $plugin) {
 			if (isset($plugin['hooks'])) {
 				foreach ($plugin['hooks'] as $_name => $info) {
+					$priority = 1000;
+
 					if (str_contains($info['type'], 'HOOK_')) {
 						$info['type'] = str_replace('HOOK_', '', $info['type']);
 					}
 
+					if (isset($info['priority'])) {
+						$priority = (int)$info['priority'];
+					}
+
 					if (defined('HOOK_'. $info['type'])) {
 						$hook = constant('HOOK_'. $info['type']);
-						$hooks[] = ['name' => $_name, 'type' => $hook, 'file' => $info['file']];
+						$hooks[] = ['name' => $_name, 'type' => $hook, 'file' => $info['file'], 'priority' => $priority];
 					} else {
 						self::$warnings[] = 'Plugin: ' . $plugin['name'] . '. Unknown event type: ' . $info['type'];
 					}
@@ -192,6 +239,15 @@ class Plugins {
 			}
 		}
 
+		usort($hooks, function ($a, $b)
+		{
+			if ($a['priority'] == $b['priority']) {
+				return 0;
+			}
+
+			return ($a['priority'] < $b['priority']) ? -1 : 1;
+		});
+
 		if ($cache->enabled()) {
 			$cache->set('plugins_hooks', serialize($hooks), 600);
 		}
@@ -757,4 +813,21 @@ class Plugins {
 			}
 		}
 	}
+
+	private static function getAutoLoadOption(array $plugin, string $optionName, bool $default = true)
+	{
+		if (isset($plugin['autoload'])) {
+			$autoload = $plugin['autoload'];
+			if (is_array($autoload)) {
+				if (isset($autoload[$optionName])) {
+					return getBoolean($autoload[$optionName]);
+				}
+			}
+			else if (is_bool($autoload)) {
+				return $autoload;
+			}
+		}
+
+		return $default;
+	}
 }

system/src/Settings.php

@@ -382,6 +382,8 @@ class Settings implements \ArrayAccess
 		}
 
 		$this->settingsDatabase[$pluginKeyName][$key] = $value;
+		// invalidate cache
+		unset($this->cache[$offset]);
 	}
 
 	#[\ReturnTypeWillChange]

system/src/Towns.php

@@ -124,6 +124,6 @@ class Towns
 	 */
 	public static function getFromDatabase()
 	{
-		return Town::pluck('name', 'id')->toArray();
+		return Town::orderBy('id', 'ASC')->pluck('name', 'id')->toArray();
 	}
 }

system/src/Twig/Extension/TypeCastingExtension.php

@@ -0,0 +1,36 @@
+<?php
+
+declare(strict_types=1);
+
+namespace MyAAC\Twig\Extension;
+
+use Twig\Extension\AbstractExtension;
+use Twig\TwigFilter;
+
+final class TypeCastingExtension extends AbstractExtension
+{
+	/** @return array<int, TwigFilter> */
+	public function getFilters(): array
+	{
+		return [
+			new TwigFilter('int', function ($value) {
+				return (int)$value;
+			}),
+			new TwigFilter('float', function ($value) {
+				return (float)$value;
+			}),
+			new TwigFilter('string', function ($value) {
+				return (string)$value;
+			}),
+			new TwigFilter('bool', function ($value) {
+				return (bool)$value;
+			}),
+			new TwigFilter('array', function (object $value) {
+				return (array)$value;
+			}),
+			new TwigFilter('object', function (array $value) {
+				return (object)$value;
+			}),
+		];
+	}
+}

system/src/global.php

@@ -54,6 +54,11 @@ define('HOOK_ACCOUNT_LOGIN_AFTER_REMEMBER_ME', ++$i);
 define('HOOK_ACCOUNT_LOGIN_AFTER_PAGE', ++$i);
 define('HOOK_ACCOUNT_LOGIN_POST', ++$i);
 define('HOOK_ACCOUNT_CREATE_CHARACTER_AFTER', ++$i);
+define('HOOK_ACCOUNT_CREATE_CHARACTER_BEFORE_FIRST_TABLE', ++$i);
+define('HOOK_ACCOUNT_CREATE_CHARACTER_BEFORE_VOCATIONS', ++$i);
+define('HOOK_ACCOUNT_CREATE_CHARACTER_BEFORE_TOWNS', ++$i);
+define('HOOK_ACCOUNT_CREATE_CHARACTER_AFTER_TOWNS', ++$i);
+define('HOOK_ACCOUNT_CREATE_CHARACTER_AFTER_SECOND_TABLE', ++$i);
 define('HOOK_ADMIN_HEAD_END', ++$i);
 define('HOOK_ADMIN_HEAD_START', ++$i);
 define('HOOK_ADMIN_BODY_START', ++$i);
@@ -74,6 +79,8 @@ define('HOOK_GUILDS_AFTER_GUILD_MEMBERS', ++$i);
 define('HOOK_GUILDS_AFTER_INVITED_CHARACTERS', ++$i);
 define('HOOK_TWIG', ++$i);
 define('HOOK_CACHE_CLEAR', ++$i);
+define('HOOK_INSTALL_FINISH', ++$i);
+define('HOOK_INSTALL_FINISH_END', ++$i);
 
 const HOOK_FIRST = HOOK_STARTUP;
 define('HOOK_LAST', $i);

system/templates/account.change-email.html.twig

@@ -0,0 +1,54 @@
+Please enter your password and the new email address. Make sure that you enter a valid email address which you have access to. <br/><b>For security reasons, the actual change will be finalised after a waiting period of {{ setting('core.account_mail_change') }} days.</b><br/><br/>
+{% set title = 'Change Email Address' %}
+{% set background = config('darkborder') %}
+{% set content %}
+	<table style="width:100%;">
+		<tr>
+			<td class="LabelV" >
+				<span>New Email Address:</span>
+			</td>
+			<td style="width:90%;">
+				<input form="form" name="new_email" value="{% if new_email is defined %}{{ new_email }}{% endif %}" size="30" maxlength="50" autofocus/>
+			</td>
+		</tr>
+		<tr>
+			<td class="LabelV">
+				<span >Password:</span>
+			</td>
+			<td>
+				<input form="form" type="password" name="password" size="30" maxlength="29">
+			</td>
+		</tr>
+	</table>
+{% endset %}
+{% include 'tables.headline.html.twig' %}
+<br/>
+<table style="width:100%;">
+	<tr align="center">
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<tr>
+					<td style="border:0px;">
+						<form id="form" action="{{ getLink('account/change-email') }}" method="post">
+							{{ csrf() }}
+							<input type="hidden" name="changeemailsave" value="1"/>
+							{{ include('buttons.submit.html.twig') }}
+						</form>
+					</td>
+				<tr>
+			</table>
+		</td>
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<form action="{{ getLink('account/manage') }}" method="post">
+					{{ csrf() }}
+					<tr>
+						<td style="border:0px;">
+							{{ include('buttons.back.html.twig') }}
+						</td>
+					</tr>
+				</form>
+			</table>
+		</td>
+	</tr>
+</table>

system/templates/account.change-info.html.twig

@@ -0,0 +1,84 @@
+Here you can tell other players about yourself. This information will be displayed alongside the data of your characters. If you do not want to fill in a certain field, just leave it blank.<br/><br/>
+{% set title = 'Change Public Information' %}
+{% set background = config('darkborder') %}
+{% set content %}
+<table style="width: 100%;" >
+	<tr>
+		<td class="LabelV">Real Name:</td>
+		<td style="width:90%;" >
+			<input form="form" name="info_rlname" value="{{ account_rlname }}" size="30" maxlength="50" >
+		</td>
+	</tr>
+	<tr>
+		<td class="LabelV" >Location:</td>
+		<td>
+			<input form="form" name="info_location" value="{{ account_location }}" size="30" maxlength="50" >
+		</td>
+	</tr>
+	{% if setting('core.account_country') %}
+	<tr>
+		<td class="LabelV">Country:</td>
+		<td>
+			<select form="form" name="info_country" id="account_country">
+				{% for code, country in countries %}
+				<option value="{{ code}}"{% if account_country == code %} selected{% endif %}>{{ country }} </option>
+				{% endfor %}
+			</select>
+			<img src="" id="account_country_img"/>
+			<script>
+				function updateFlag()
+				{
+					var img = $('#account_country_img');
+					var country = $('#account_country :selected').val();
+					if(country.length) {
+						img.attr('src', 'images/flags/' + country + '.gif');
+						img.show();
+					}
+					else {
+						img.hide();
+					}
+				}
+
+				$(function() {
+					updateFlag();
+					$('#account_country').change(function() {
+						updateFlag();
+					});
+				});
+			</script>
+		</td>
+	</tr>
+	{% endif %}
+</table>
+{% endset %}
+{% include 'tables.headline.html.twig' %}
+<br/>
+<table width="100%">
+	<tr align="center">
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0" >
+				<tr>
+					<td style="border:0px;" >
+						<form id="form" action="{{ getLink('account/change-info') }}" method="post">
+							{{ csrf() }}
+							<input type="hidden" name="changeinfosave" value="1">
+							{{ include('buttons.submit.html.twig') }}
+						</form>
+					</td>
+				</tr>
+			</table>
+		</td>
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0" >
+				<tr>
+					<td style="border:0px;" >
+						<form action="{{ getLink('account/manage') }}" method="post" >
+							{{ csrf() }}
+							{{ include('buttons.back.html.twig') }}
+						</form>
+					</td>
+				</tr>
+			</table>
+		</td>
+	</tr>
+</table>

system/templates/account.change-password.html.twig

@@ -0,0 +1,62 @@
+Please enter your current password and a new password. For your security, please enter the new password twice.<br/>
+<br/>
+{% set title = 'Change Password' %}
+{% set background = config('darkborder') %}
+{% set content %}
+<table style="width:100%;">
+	<tr>
+		<td class="LabelV">
+			<span>New Password:</span>
+		</td>
+		<td style="width:90%;">
+			<input form="form" type="password" name="newpassword" size="30" maxlength="29">
+		</td>
+	</tr>
+	<tr>
+		<td class="LabelV">
+			<span>New Password Again:</span>
+		</td>
+		<td>
+			<input form="form" type="password" name="newpassword_confirm" size="30" maxlength="29">
+		</td>
+	</tr>
+	<tr>
+		<td class="LabelV">
+			<span>Current Password:</span>
+		</td>
+		<td>
+			<input form="form" type="password" name="oldpassword" size="30" maxlength="29">
+		</td>
+	</tr>
+</table>
+{% endset %}
+{% include 'tables.headline.html.twig' %}
+<br/>
+<table style="width:100%;">
+	<tr align="center">
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<tr>
+					<td style="border:0px;">
+						<form id="form" action="{{ getLink('account/change-password') }}" method="post">
+							{{ csrf() }}
+							{{ include('buttons.submit.html.twig') }}
+						</form>
+					</td>
+				<tr>
+			</table>
+		</td>
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<tr>
+					<td style="border:0px;">
+						<form action="{{ getLink('account/manage') }}" method="post">
+							{{ csrf() }}
+							{{ include('buttons.back.html.twig') }}
+						</form>
+					</td>
+				</tr>
+			</table>
+		</td>
+	</tr>
+</table>

system/templates/account.change_info.html.twig

@@ -1,102 +0,0 @@
-Here you can tell other players about yourself. This information will be displayed alongside the data of your characters. If you do not want to fill in a certain field, just leave it blank.<br/><br/>
-<form action="{{ getLink('account/info') }}" method="post">
-	{{ csrf() }}
-	<div class="TableContainer" >
-		<table class="Table1" cellpadding="0" cellspacing="0" >
-			<div class="CaptionContainer" >
-				<div class="CaptionInnerContainer" >
-					<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-					<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-					<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);" ></span>
-					<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);" /></span>
-					<div class="Text" >Change Public Information</div>
-					<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);" /></span>
-					<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);" ></span>
-					<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-					<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-				</div>
-			</div>
-			<tr>
-				<td>
-					<div class="InnerTableContainer" >
-						<table style="width:100%;" >
-							<tr>
-								<td class="LabelV" >Real Name:</td>
-								<td style="width:90%;" >
-									<input name="info_rlname" value="{{ account_rlname }}" size="30" maxlength="50" >
-								</td>
-							</tr>
-							<tr>
-								<td class="LabelV" >Location:</td>
-								<td>
-									<input name="info_location" value="{{ account_location }}" size="30" maxlength="50" >
-								</td>
-							</tr>
-							{% if setting('core.account_country') %}
-							<tr>
-								<td class="LabelV" >Country:</td>
-								<td>
-									<select name="info_country" id="account_country">
-										{% for code, country in countries %}
-										<option value="{{ code}}"{% if account_country == code %} selected{% endif %}>{{ country }} </option>
-										{% endfor %}
-									</select>
-									<img src="" id="account_country_img"/>
-									<script>
-										function updateFlag()
-										{
-											var img = $('#account_country_img');
-											var country = $('#account_country :selected').val();
-											if(country.length) {
-												img.attr('src', 'images/flags/' + country + '.gif');
-												img.show();
-											}
-											else {
-												img.hide();
-											}
-										}
-
-										$(function() {
-											updateFlag();
-											$('#account_country').change(function() {
-												updateFlag();
-											});
-										});
-									</script>
-								</td>
-							</tr>
-							{% endif %}
-						</table>
-					</div>
-				</td>
-			</tr>
-		</table>
-	</div>
-	<br/>
-	<table width="100%">
-		<tr align="center">
-			<td>
-				<table border="0" cellspacing="0" cellpadding="0" >
-					<tr>
-						<td style="border:0px;" >
-							<input type="hidden" name="changeinfosave" value="1">
-								{{ include('buttons.submit.html.twig') }}
-						</td>
-					</tr>
-				</table>
-			</td>
-			<td>
-</form>
-				<table border="0" cellspacing="0" cellpadding="0" >
-					<form action="{{ getLink('account/manage') }}" method="post" >
-						{{ csrf() }}
-						<tr>
-							<td style="border:0px;" >
-								{{ include('buttons.back.html.twig') }}
-							</td>
-						</tr>
-					</form>
-				</table>
-			</td>
-		</tr>
-	</table>

system/templates/account.change_mail.html.twig

@@ -1,72 +0,0 @@
-Please enter your password and the new email address. Make sure that you enter a valid email address which you have access to. <br/><b>For security reasons, the actual change will be finalised after a waiting period of {{ setting('core.account_mail_change') }} days.</b><br/><br/>
-<form action="{{ getLink('account/email') }}" method="post">
-	{{ csrf() }}
-<div class="TableContainer">
-	<table class="Table1" cellpadding="0" cellspacing="0">
-		<div class="CaptionContainer">
-			<div class="CaptionInnerContainer" >
-				<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-				<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-				<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-				<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-				<div class="Text" >Change Email Address</div>
-				<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-				<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-				<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-				<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-			</div>
-		</div>
-		<tr>
-			<td>
-				<div class="InnerTableContainer">
-					<table style="width:100%;">
-						<tr>
-							<td class="LabelV" >
-								<span >New Email Address:</span>
-							</td>
-							<td style="width:90%;">
-								<input name="new_email" value="{% if new_email is defined %}{{ new_email }}{% endif %}" size="30" maxlength="50" autofocus/>
-							</td>
-						</tr>
-						<tr>
-							<td class="LabelV">
-								<span >Password:</span>
-							</td>
-							<td>
-								<input type="password" name="password" size="30" maxlength="29">
-							</td>
-						</tr>
-					</table>
-				</div>
-			</td>
-		</tr>
-	</table>
-</div>
-<br/>
-<table style="width:100%;">
-	<tr align="center">
-		<td>
-			<table border="0" cellspacing="0" cellpadding="0">
-				<tr>
-					<td style="border:0px;">
-						<input type="hidden" name="changeemailsave" value="1"/>
-						{{ include('buttons.submit.html.twig') }}
-					</td>
-				<tr>
-			</table>
-		</td>
-</form>
-		<td>
-			<table border="0" cellspacing="0" cellpadding="0">
-				<form action="{{ getLink('account/manage') }}" method="post">
-					{{ csrf() }}
-					<tr>
-						<td style="border:0px;">
-							{{ include('buttons.back.html.twig') }}
-						</td>
-					</tr>
-				</form>
-			</table>
-		</td>
-	</tr>
-</table>

system/templates/account.change_name.html.twig

@@ -1,79 +0,0 @@
-To change a name of character select player and choose a new name.<br/>
-<span style="color: red">Change name cost {{ setting('core.account_change_character_name_price') }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}. You have {{ points }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}.</span><br/><br/>
-<form action="{{ getLink('account/character/name') }}" method="post">
-	{{ csrf() }}
-	<input type="hidden" name="changenamesave" value="1">
-	<div class="TableContainer">
-		<table class="Table1" cellpadding="0" cellspacing="0">
-			<div class="CaptionContainer">
-				<div class="CaptionInnerContainer" >
-					<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-					<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<div class="Text" >Change Name</div>
-					<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-					<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-				</div>
-			</div>
-			<tr>
-				<td>
-					<div class="InnerTableContainer" >
-						<table style="width:100%;" >
-							<tr>
-                                <td class="LabelV" ><span>Character:</span></td>
-								<td style="width:90%;" >
-									<select name="player_id">
-										{% for player in account_logged.getPlayersList(false) %}
-										<option value="{{ player.getId() }}">{{ player.getName() }}</option>
-										{% endfor %}
-									</select>
-								</td>
-							</tr>
-							<tr>
-                                <td class="LabelV" ><span>New Name:</span></td>
-								<td>
-									<input type="text" name="name" id="character_name" size="25" maxlength="25" >
-									<img id="character_indicator" src="images/global/general/{% if not save or errors|length > 0 %}n{% endif %}ok.gif" />
-									<br/>
-									<span style="font-size: 10px">
-										<div id="character_error">Please enter your character name.</div>
-									</span>
-								</td>
-							</tr>
-						</table>
-					</div>
-				</td>
-			</tr>
-		</table>
-	</div>
-	<br/>
-	<table style="width:100%" >
-		<tr align="center">
-			<td>
-				<table border="0" cellspacing="0" cellpadding="0">
-					<tr>
-						<td style="border:0px;">
-							{{ include('buttons.submit.html.twig') }}
-						</td>
-					</tr>
-</form>
-				</table>
-			</td>
-			<td>
-				<table border="0" cellspacing="0" cellpadding="0">
-					<form action="{{ getLink('account/manage') }}" method="post">
-						{{ csrf() }}
-						<tr>
-							<td style="border:0px;">
-								{{ include('buttons.back.html.twig') }}
-							</td>
-						</tr>
-					</form>
-				</table>
-			</td>
-		</tr>
-	</table>
-<script type="text/javascript" src="tools/check_name.js"></script>

system/templates/account.change_password.html.twig

@@ -1,80 +0,0 @@
-Please enter your current password and a new password. For your security, please enter the new password twice.<br/>
-<br/>
-<form action="{{ getLink('account/password') }}" method="post">
-	{{ csrf() }}
-	<div class="TableContainer">
-		<table class="Table1" cellpadding="0" cellspacing="0">
-			<div class="CaptionContainer">
-				<div class="CaptionInnerContainer">
-					<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-					<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<div class="Text" >Change Password</div>
-					<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-					<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-				</div>
-			</div>
-			<tr>
-				<td>
-					<div class="InnerTableContainer">
-						<table style="width:100%;">
-							<tr>
-								<td class="LabelV">
-									<span>New Password:</span>
-								</td>
-								<td style="width:90%;">
-									<input type="password" name="newpassword" size="30" maxlength="29">
-								</td>
-							</tr>
-							<tr>
-								<td class="LabelV">
-									<span>New Password Again:</span>
-								</td>
-								<td>
-									<input type="password" name="newpassword_confirm" size="30" maxlength="29">
-								</td>
-							</tr>
-							<tr>
-								<td class="LabelV">
-									<span>Current Password:</span>
-								</td>
-								<td>
-									<input type="password" name="oldpassword" size="30" maxlength="29">
-								</td>
-							</tr>
-						</table>
-					</div>
-				</td>
-			</tr>
-		</table>
-	</div>
-	<br/>
-	<table style="width:100%;">
-		<tr align="center">
-			<td>
-				<table border="0" cellspacing="0" cellpadding="0">
-					<tr>
-						<td style="border:0px;">
-							{{ include('buttons.submit.html.twig') }}
-						</td>
-					<tr>
-				</table>
-			</td>
-</form>
-			<td>
-				<table border="0" cellspacing="0" cellpadding="0">
-					<form action="{{ getLink('account/manage') }}" method="post">
-						{{ csrf() }}
-						<tr>
-							<td style="border:0px;">
-								{{ include('buttons.back.html.twig') }}
-							</td>
-						</tr>
-					</form>
-				</table>
-			</td>
-		</tr>
-	</table>

system/templates/account.change_sex.html.twig

@@ -1,78 +0,0 @@
-To change a sex of character select player and choose a new sex.<br/>
-<span style="color: red">Change sex cost {{ setting('core.account_change_character_sex_price') }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}. You have {{ points }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}.</span><br/><br/>
-<form action="{{ getLink('account/character/sex') }}" method="post">
-	{{ csrf() }}
-	<input type="hidden" name="changesexsave" value="1"/>
-	<div class="TableContainer">
-		<table class="Table1" cellpadding="0" cellspacing="0">
-			<div class="CaptionContainer">
-				<div class="CaptionInnerContainer">
-					<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-					<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<div class="Text" >Change sex</div>
-					<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);" ></span>
-					<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-					<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-				</div>
-			</div>
-			<tr>
-				<td>
-					<div class="InnerTableContainer">
-						<table style="width:100%;" >
-							<tr>
-								<td class="LabelV" ><span >Character:</td>
-								<td style="width:90%;" >
-									<select name="player_id">
-										{% for player in players %}
-										<option value="{{ player.getId() }}">{{ player.getName() }}</option>
-										{% endfor %}
-									</select>
-								</td>
-							</tr>
-							<tr>
-								<td class="LabelV" ><span >New Sex:</td>
-								<td>
-									<select name="new_sex">
-										{% for id, gender in config.genders %}
-										<option value="{{ id }}"{% if player_sex == id %} selected{% endif %}>{{ gender }}</option>
-										{% endfor %}
-									</select>
-								</td>
-							</tr>
-						</table>
-					</div>
-				</td>
-			</tr>
-		</table>
-	</div>
-	<br/>
-	<table style="width:100%">
-		<tr align="center">
-			<td>
-				<table border="0" cellspacing="0" cellpadding="0" >
-					<tr>
-						<td style="border:0px;" >
-							{{ include('buttons.submit.html.twig') }}
-						</td>
-					</tr>
-					<tr>
-</form>
-				</table>
-			</td>
-			<td>
-				<table border="0" cellspacing="0" cellpadding="0">
-					<form action="{{ getLink('account/manage') }}" method="post">
-						{{ csrf() }}
-						<tr>
-							<td style="border:0px;" >
-								{{ include('buttons.back.html.twig') }}
-							</td>
-						</tr>
-					</form>
-				</table>
-			</td>
-		</tr>
-	</table>

system/templates/account.characters.change-comment.html.twig

@@ -1,6 +1,6 @@
 Here you can see and edit the information about your character.<br/>
 If you do not want to specify a certain field, just leave it blank.<br/><br/>
-<form action="{{ getLink('account/character/comment') }}" method="post">
+<form action="{{ getLink('account/characters/change-comment') }}" method="post">
 	{{ csrf() }}
 	<div class="TableContainer" >
 		<table class="Table5" cellpadding="0" cellspacing="0">

system/templates/account.characters.change-name.html.twig

@@ -0,0 +1,62 @@
+To change a name of character select player and choose a new name.<br/>
+<span style="color: red">Change name cost {{ setting('core.account_change_character_name_price') }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}. You have {{ points }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}.</span><br/><br/>
+
+{% set title = 'Change Name' %}
+{% set background = config('darkborder') %}
+{% set content %}
+<table style="width:100%;" >
+	<tr>
+		<td class="LabelV" ><span>Character:</span></td>
+		<td style="width:90%;" >
+			<select form="form" name="player_id">
+				{% for player in account_logged.getPlayersList(false) %}
+				<option value="{{ player.getId() }}">{{ player.getName() }}</option>
+				{% endfor %}
+			</select>
+		</td>
+	</tr>
+	<tr>
+		<td class="LabelV" ><span>New Name:</span></td>
+		<td>
+			<input form="form" type="text" name="name" id="character_name" size="25" maxlength="25" >
+			<img id="character_indicator" src="images/global/general/{% if not save or errors|length > 0 %}n{% endif %}ok.gif" />
+			<br/>
+			<span style="font-size: 10px">
+				<div id="character_error">Please enter your character name.</div>
+			</span>
+		</td>
+	</tr>
+</table>
+{% endset %}
+{% include 'tables.headline.html.twig' %}
+<br/>
+<table style="width:100%" >
+	<tr align="center">
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<tr>
+					<td style="border:0px;">
+						<form id="form" action="{{ getLink('account/characters/change-name') }}" method="post">
+							{{ csrf() }}
+							<input type="hidden" name="changenamesave" value="1">
+							{{ include('buttons.submit.html.twig') }}
+						</form>
+					</td>
+				</tr>
+			</table>
+		</td>
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<tr>
+					<td style="border:0px;">
+						<form action="{{ getLink('account/manage') }}" method="post">
+							{{ csrf() }}
+							{{ include('buttons.back.html.twig') }}
+						</form>
+					</td>
+				</tr>
+			</table>
+		</td>
+	</tr>
+</table>
+<script type="text/javascript" src="tools/check_name.js"></script>

system/templates/account.characters.change-sex.html.twig

@@ -0,0 +1,61 @@
+To change a sex of character select player and choose a new sex.<br/>
+<span style="color: red">Change sex cost {{ setting('core.account_change_character_sex_price') }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}. You have {{ points }} {{ setting('core.donate_column') == 'coins' ? 'coins' : 'premium points' }}.</span>
+<br/><br/>
+{% set title = 'Change sex' %}
+{% set background = config('darkborder') %}
+{% set content %}
+<table style="width:100%;" >
+	<tr>
+		<td class="LabelV" ><span>Character:</span></td>
+		<td style="width:90%;" >
+			<select form="form" name="player_id">
+				{% for player in players %}
+				<option value="{{ player.getId() }}">{{ player.getName() }}</option>
+				{% endfor %}
+			</select>
+		</td>
+	</tr>
+	<tr>
+		<td class="LabelV" ><span>New Sex:</span></td>
+		<td>
+			<select form="form" name="new_sex">
+				{% for id, gender in config.genders %}
+				<option value="{{ id }}"{% if player_sex == id %} selected{% endif %}>{{ gender }}</option>
+				{% endfor %}
+			</select>
+		</td>
+	</tr>
+</table>
+{% endset %}
+{% include 'tables.headline.html.twig' %}
+
+<br/>
+<table style="width:100%">
+	<tr align="center">
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0" >
+				<tr>
+					<td style="border:0px;">
+						<form id="form" action="{{ getLink('account/characters/change-sex') }}" method="post">
+							{{ csrf() }}
+							<input type="hidden" name="changesexsave" value="1"/>
+							{{ include('buttons.submit.html.twig') }}
+						</form>
+					</td>
+				</tr>
+			</table>
+		</td>
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<tr>
+					<td style="border:0px;">
+						<form action="{{ getLink('account/manage') }}" method="post">
+							{{ csrf() }}
+							{{ include('buttons.back.html.twig') }}
+						</form>
+					</td>
+				</tr>
+			</table>
+		</td>
+	</tr>
+</table>

system/templates/account.characters.create.html.twig

@@ -0,0 +1,168 @@
+Please choose a name{% if config.character_samples|length > 1 %}, vocation{% endif %}
+{% if config.character_towns|length > 1 %}, town{% endif %}
+ and sex for your character. <br/>
+In any case the name must not violate the naming conventions stated in the <a href="?subtopic=rules" target="_blank" >{{ config.lua.serverName }} Rules</a>, or your character might get deleted or name locked.
+{% if account_logged.getPlayersList(true)|length >= setting('core.characters_per_account') %}
+<b><span style="color: red"> You have maximum number of characters per account on your account. Delete one before you make new.</span></b>
+{% endif %}
+<br/><br/>
+<div class="TableContainer">
+	<table class="Table3" cellpadding="0" cellspacing="0">
+		<div class="CaptionContainer">
+			<div class="CaptionInnerContainer">
+				<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
+				<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
+				<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
+				<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
+				<div class="Text" >Create Character</div>
+				<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
+				<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
+				<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
+				<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
+			</div>
+		</div>
+		<tr>
+			<td>
+
+				{{ hook('HOOK_ACCOUNT_CREATE_CHARACTER_BEFORE_FIRST_TABLE') }}
+
+				<div class="InnerTableContainer">
+					<table style="width:100%;">
+						<tr>
+							<td>
+								<div class="TableShadowContainerRightTop">
+									<div class="TableShadowRightTop" style="background-image:url({{ template_path }}/images/content/table-shadow-rt.gif);"></div>
+								</div>
+								<div class="TableContentAndRightShadow" style="background-image:url({{ template_path }}/images/content/table-shadow-rm.gif);">
+									<div class="TableContentContainer">
+										<table class="TableContent" width="100%">
+											<tr class="LabelH">
+												<td style="width:50%;">
+													<span>Name</span>
+												</td>
+												<td>
+													<span>Sex</span>
+												</td>
+											</tr>
+											<tr class="Odd">
+												<td>
+													<input form="form" name="name" id="character_name" value="{{ name }}" size="{{ setting('core.create_character_name_max_length') }}" maxlength="{{ setting('core.create_character_name_max_length') }}" >
+													<img id="character_indicator" src="images/global/general/{% if not save or errors.name is defined %}n{% endif %}ok.gif" />
+													<br/>
+													<span style="font-size: 10px">
+														<div id="character_error">{% if not save or errors.name is defined %}Please enter your character name.{% endif %}</div>
+													</span>
+												</td>
+												<td>
+													{% set i = 0 %}
+													{% for id, gender in config.genders|reverse(true) %}
+													{% set i = i + 1 %}
+													<input form="form" type="radio" name="sex" id="sex{{ i }}" value="{{ id }}"{% if sex is not null and sex == id %} checked="checked"{% endif %}
+													><label for="sex{{ i }}">{{ gender|lower }}</label><br/>
+													{% endfor %}
+												</td>
+											</tr>
+										</table>
+									</div>
+								</div>
+							</td>
+						</tr>
+					</table>
+				</div>
+
+				{{ hook('HOOK_ACCOUNT_CREATE_CHARACTER_BEFORE_VOCATION') }}
+
+				<div class="InnerTableContainer">
+					<table style="width: 100%;">
+						<tr>
+							{% if config.character_samples|length > 1 %}
+							<td>
+								<table class="TableContent" width="100%">
+									<tr class="Odd" valign="top">
+										<td width="160"><br/><b>Select your vocation:</b></td>
+										<td>
+											<table class="TableContent" width="100%" >
+												{% for key, sample_char in config.character_samples %}
+												<tr>
+													<td>
+														<input form="form" type="radio" name="vocation" id="vocation{{ key }}" value="{{ key }}"
+														{% if vocation is not null and vocation == key %} checked="checked"{% endif %}>
+														<label for="vocation{{ key }}">{{ config['vocations'][key] }}</label>
+													</td>
+												</tr>
+												{% endfor %}
+											</table>
+										</td>
+									</tr>
+								</table>
+							</td>
+							{% endif %}
+
+							{{ hook('HOOK_ACCOUNT_CREATE_CHARACTER_BEFORE_TOWNS') }}
+
+							{% if config.character_towns|length > 1 %}
+							<td>
+								<table class="TableContent" width="100%">
+									<tr class="Odd" valign="top">
+										<td width="160"><br/><b>Select your city:</b></td>
+										<td>
+											<table class="TableContent" width="100%">
+												{% for town_id in config.character_towns %}
+												<tr>
+													<td>
+														<input form="form" type="radio" name="town" id="town{{ town_id }}" value="{{ town_id }}"
+														{% if town is not null and town == town_id %} checked="checked"{% endif %}>
+														<label for="town{{ town_id }}">{{ config.towns[town_id] }}</label>
+													</td>
+												</tr>
+												{% endfor %}
+											</table>
+										</td>
+									</tr>
+								</table>
+							</td>
+							{% endif %}
+
+							{{ hook('HOOK_ACCOUNT_CREATE_CHARACTER_AFTER_TOWNS') }}
+
+						</tr>
+					</table>
+				</div>
+
+				{{ hook('HOOK_ACCOUNT_CREATE_CHARACTER_AFTER_SECOND_TABLE') }}
+
+			</td>
+		</tr>
+	</table>
+</div>
+<br/>
+<table style="width:100%;">
+	<tr align="center">
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<tr>
+					<td style="border:0px;">
+						<form id="form" action="{{ getLink('account/characters/create') }}" method="post">
+							{{ csrf() }}
+							<input type="hidden" name="save" value="1">
+							{{ include('buttons.submit.html.twig') }}
+						</form>
+					</td>
+				</tr>
+			</table>
+		</td>
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<tr>
+					<td style="border:0px;">
+						<form action="{{ getLink('account/manage') }}" method="post">
+							{{ csrf() }}
+							{{ include('buttons.back.html.twig') }}
+						</form>
+					</td>
+				</tr>
+			</table>
+		</td>
+	</tr>
+</table>
+<script type="text/javascript" src="tools/check_name.js"></script>

system/templates/account.characters.delete.html.twig

@@ -0,0 +1,50 @@
+To delete a character enter the name of the character and your password.<br/><br/>
+{% set title = 'Delete Character' %}
+{% set background = config('darkborder') %}
+{% set content %}
+<table style="width:100%;">
+	<tr>
+		<td class="LabelV" ><span>Character Name:</span></td>
+		<td style="width:90%;">
+			<input form="form" name="delete_name" value="" size="30" maxlength="29"/>
+		</td>
+	</tr>
+	<tr>
+		<td class="LabelV" ><span>Password:</span></td>
+		<td>
+			<input form="form" type="password" name="delete_password" size="30" maxlength="29"/>
+		</td>
+	</tr>
+</table>
+{% endset %}
+{% include 'tables.headline.html.twig' %}
+<br/>
+<table style="width:100%">
+	<tr align="center">
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<tr>
+					<td style="border:0px;">
+						<form id="form" action="{{ getLink('account/characters/delete') }}" method="post">
+							{{ csrf() }}
+							<input type="hidden" name="deletecharactersave" value="1"/>
+							{{ include('buttons.submit.html.twig') }}
+						</form>
+					</td>
+				</tr>
+			</table>
+		</td>
+		<td>
+			<table border="0" cellspacing="0" cellpadding="0">
+				<form action="{{ getLink('account/manage') }}" method="post">
+					{{ csrf() }}
+					<tr>
+						<td style="border:0px;">
+							{{ include('buttons.back.html.twig') }}
+						</td>
+					</tr>
+				</form>
+			</table>
+		</td>
+	</tr>
+</table>

system/templates/account.create.html.twig

@@ -1,24 +1,11 @@
 {{ hook('HOOK_ACCOUNT_CREATE_BEFORE_FORM') }}
 <form action="{{ getLink('account/create') }}" method="post" id="createaccount">
 	{{ csrf() }}
-	<div class="TableContainer" >
+
-		<table class="Table5" cellpadding="0" cellspacing="0" >
+	{% set title = 'Create ' ~ config.lua.serverName ~ ' Account' %}
-			<div class="CaptionContainer" >
+	{% set background = config('darkborder') %}
-				<div class="CaptionInnerContainer" >
+	{% set tableClass = 'Table5' %}
-					<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
+	{% set content %}
-					<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-					<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);" ></span>
-					<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);" /></span>
-					<div class="Text" >Create {{ config.lua.serverName }} Account</div>
-					<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);" /></span>
-					<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);" ></span>
-					<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-					<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-				</div>
-			</div>
-			<tr>
-				<td>
-					<div class="InnerTableContainer" >
 		<table style="width:100%;" >
 			{{ hook('HOOK_ACCOUNT_CREATE_BEFORE_BOXES') }}
 			<tr>
@@ -123,7 +110,7 @@
 
 			{{ hook('HOOK_ACCOUNT_CREATE_BETWEEN_BOXES_1') }}
 
-							{% if (not setting('core.mail_enabled') or not setting('core.account_mail_verify')) and setting('core.account_create_character_create') %}
+			{% if setting('core.account_create_character_create') %}
 			<tr>
 				<td>
 					<div class="TableShadowContainerRightTop">
@@ -303,11 +290,9 @@
 			{{ hook('HOOK_ACCOUNT_CREATE_AFTER_BOXES') }}
 
 		</table>
-					</div>
+	{% endset %}
-				</td>
+	{% include 'tables.headline.html.twig' %}
-			</tr>
+
-		</table>
-	</div>
 	<br/>
 	{{ hook('HOOK_ACCOUNT_CREATE_BEFORE_SUBMIT_BUTTON') }}
 	<table width="100%">

system/templates/account.create.js.html.twig

@@ -3,10 +3,12 @@
 	var lastSend = 0;
 
 	$(function() {
+		{% if setting('core.account_country') %}
 			updateFlag();
 			$('#account_country').change(function() {
 				updateFlag();
 			});
+		{% endif %}
 
 		$('#account_input').blur(function() {
 			checkAccount();

system/templates/account.create_character.html.twig

@@ -1,150 +0,0 @@
-Please choose a name{% if config.character_samples|length > 1 %}, vocation{% endif %}
-{% if config.character_towns|length > 1 %}, town{% endif %}
- and sex for your character. <br/>
-In any case the name must not violate the naming conventions stated in the <a href="?subtopic=rules" target="_blank" >{{ config.lua.serverName }} Rules</a>, or your character might get deleted or name locked.
-{% if account_logged.getPlayersList(true)|length >= setting('core.characters_per_account') %}
-<b><span style="color: red"> You have maximum number of characters per account on your account. Delete one before you make new.</span></b>
-{% endif %}
-<br/><br/>
-<form action="{{ getLink('account/character/create') }}" method="post">
-	{{ csrf() }}
-	<input type="hidden" name="save" value="1">
-	<div class="TableContainer">
-		<table class="Table3" cellpadding="0" cellspacing="0">
-			<div class="CaptionContainer">
-				<div class="CaptionInnerContainer">
-					<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-					<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<div class="Text" >Create Character</div>
-					<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-					<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-				</div>
-			</div>
-			<tr>
-				<td>
-					<div class="InnerTableContainer">
-						<table style="width:100%;">
-							<tr>
-								<td>
-									<div class="TableShadowContainerRightTop">
-										<div class="TableShadowRightTop" style="background-image:url({{ template_path }}/images/content/table-shadow-rt.gif);"></div>
-									</div>
-									<div class="TableContentAndRightShadow" style="background-image:url({{ template_path }}/images/content/table-shadow-rm.gif);">
-										<div class="TableContentContainer">
-											<table class="TableContent" width="100%">
-												<tr class="LabelH">
-													<td style="width:50%;">
-														<span>Name</span>
-													</td>
-													<td>
-														<span>Sex</span>
-													</td>
-												</tr>
-												<tr class="Odd">
-													<td>
-														<input name="name" id="character_name" value="{{ name }}" size="{{ setting('core.create_character_name_max_length') }}" maxlength="{{ setting('core.create_character_name_max_length') }}" >
-														<img id="character_indicator" src="images/global/general/{% if not save or errors.name is defined %}n{% endif %}ok.gif" />
-														<br/>
-														<span style="font-size: 10px">
-															<div id="character_error">{% if not save or errors.name is defined %}Please enter your character name.{% endif %}</div>
-														</span>
-													</td>
-													<td>
-														{% set i = 0 %}
-														{% for id, gender in config.genders|reverse(true) %}
-														{% set i = i + 1 %}
-														<input type="radio" name="sex" id="sex{{ i }}" value="{{ id }}"{% if sex is not null and sex == id %} checked="checked"{% endif %}
-														><label for="sex{{ i }}">{{ gender|lower }}</label><br/>
-														{% endfor %}
-													</td>
-												</tr>
-											</table>
-										</div>
-									</div>
-						</table>
-					</div>
-					<div class="InnerTableContainer">
-						<table style="width: 100%;">
-							<tr>
-								{% if config.character_samples|length > 1 %}
-								<td>
-									<table class="TableContent" width="100%">
-										<tr class="Odd" valign="top">
-											<td width="160"><br/><b>Select your vocation:</b></td>
-											<td>
-												<table class="TableContent" width="100%" >
-													{% for key, sample_char in config.character_samples %}
-													<tr>
-														<td>
-															<input type="radio" name="vocation" id="vocation{{ key }}" value="{{ key }}"
-															{% if vocation is not null and vocation == key %} checked="checked"{% endif %}>
-															<label for="vocation{{ key }}">{{ config['vocations'][key] }}</label>
-														</td>
-													</tr>
-													{% endfor %}
-												</table>
-											</td>
-										</tr>
-									</table>
-								{% endif %}
-								{% if config.character_towns|length > 1 %}
-								<td>
-									<table class="TableContent" width="100%">
-										<tr class="Odd" valign="top">
-											<td width="160"><br/><b>Select your city:</b></td>
-											<td>
-												<table class="TableContent" width="100%">
-													{% for town_id in config.character_towns %}
-													<tr>
-														<td>
-															<input type="radio" name="town" id="town{{ town_id }}" value="{{ town_id }}"
-															{% if town is not null and town == town_id %} checked="checked"{% endif %}>
-															<label for="town{{ town_id }}">{{ config.towns[town_id] }}</label>
-														</td>
-													</tr>
-													{% endfor %}
-												</table>
-											</td>
-										</tr>
-									</table>
-								</td>
-								{% endif %}
-							</tr>
-						</table>
-					</div>
-				</td>
-			</tr>
-		</table>
-	</div>
-	<br/>
-	<table style="width:100%;">
-		<tr align="center">
-			<td>
-				<table border="0" cellspacing="0" cellpadding="0">
-					<tr>
-						<td style="border:0px;">
-							{{ include('buttons.submit.html.twig') }}
-						</td>
-					</tr>
-</form>
-				</table>
-			</td>
-			<td>
-				<table border="0" cellspacing="0" cellpadding="0">
-					<form action="{{ getLink('account/manage') }}" method="post">
-						{{ csrf() }}
-						<tr>
-							<td style="border:0px;">
-								{{ include('buttons.back.html.twig') }}
-							</td>
-						</tr>
-					</form>
-				</table>
-			</td>
-		</tr>
-	</table>
-<script type="text/javascript" src="tools/check_name.js"></script>

system/templates/account.delete_character.html.twig

@@ -1,68 +0,0 @@
-To delete a character enter the name of the character and your password.<br/><br/>
-<form action="{{ getLink('account/character/delete') }}" method="post">
-	{{ csrf() }}
-	<input type="hidden" name="deletecharactersave" value="1"/>
-	<div class="TableContainer">
-		<table class="Table1" cellpadding="0" cellspacing="0" >
-			<div class="CaptionContainer">
-				<div class="CaptionInnerContainer">
-					<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-					<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<div class="Text" >Delete Character</div>
-					<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-					<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-				</div>
-			</div>
-			<tr>
-				<td>
-					<div class="InnerTableContainer">
-						<table style="width:100%;">
-							<tr>
-								<td class="LabelV" ><span>Character Name:</span></td>
-								<td style="width:90%;">
-									<input name="delete_name" value="" size="30" maxlength="29"/>
-								</td>
-							</tr>
-							<tr>
-								<td class="LabelV" ><span>Password:</span></td>
-								<td>
-									<input type="password" name="delete_password" size="30" maxlength="29"/>
-								</td>
-							</tr>
-						</table>
-					</div>
-				</td>
-			</tr>
-		</table>
-	</div>
-	<br/>
-	<table style="width:100%">
-		<tr align="center">
-			<td>
-				<table border="0" cellspacing="0" cellpadding="0">
-					<tr>
-						<td style="border:0px;">
-							{{ include('buttons.submit.html.twig') }}
-						</td>
-					<tr>
-</form>
-				</table>
-			</td>
-			<td>
-				<table border="0" cellspacing="0" cellpadding="0">
-					<form action="{{ getLink('account/manage') }}" method="post">
-						{{ csrf() }}
-						<tr>
-							<td style="border:0px;">
-								{{ include('buttons.back.html.twig') }}
-							</td>
-						</tr>
-					</form>
-				</table>
-			</td>
-		</tr>
-	</table>

system/templates/account.generate_new_recovery_key.html.twig

@@ -1,61 +1,44 @@
 To generate new recovery key for your account please enter your password.<br/>
-<span style="color: red"><b>New recovery key cost {{ setting('core.account_generate_new_reckey_price') }} Premium Points.</span> You have {{ points }} premium points. You will receive e-mail with this recovery key.</b><br/>
+<span style="color: red"><b>New recovery key cost {{ setting('core.account_generate_new_reckey_price') }} Premium Points</b>.</span> You have {{ points }} premium points. You will receive e-mail with this recovery key.
-<form action="{{ getLink('account/register/new') }}" method="post">
+<br/>
-	{{ csrf() }}
+{% set title = 'Generate recovery key' %}
-	<input type="hidden" name="registeraccountsave" value="1">
+{% set background = config('darkborder') %}
-	<div class="TableContainer" >
+{% set content %}
-		<table class="Table1" cellpadding="0" cellspacing="0">
+<table style="width:100%;">
-			<div class="CaptionContainer">
-				<div class="CaptionInnerContainer">
-					<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-					<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<div class="Text" >Generate recovery key</div>
-					<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-					<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-					<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-					<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-				</div>
-			</div>
 	<tr>
-				<td>
+		<td class="LabelV"><span>Password:</span></td>
-					<div class="InnerTableContainer">
+		<td><input form="form" type="password" name="reg_password" size="30" maxlength="29" ></td>
-						<table style="width:100%;">
-							<tr>
-								<td class="LabelV" ><span>Password:</span></td>
-								<td><input type="password" name="reg_password" size="30" maxlength="29" ></td>
 	</tr>
-						</table>
+</table>
-					</div>
+{% endset %}
-				</td>
+{% include 'tables.headline.html.twig' %}
-			</tr>
+<br/>
-		</table>
+<table style="width:100%">
-	</div>
-	<br/>
-	<table style="width:100%">
 	<tr align="center">
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<tr>
 					<td style="border:0px;">
+						<form id="form" action="{{ getLink('account/register-new') }}" method="post">
+							{{ csrf() }}
+							<input type="hidden" name="registeraccountsave" value="1">
 							{{ include('buttons.submit.html.twig') }}
+						</form>
 					</td>
 				</tr>
-</form>
 			</table>
 		</td>
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
-					<form action="{{ getLink('account/manage') }}" method="post">
-						{{ csrf() }}
 				<tr>
 					<td style="border:0px;">
+						<form action="{{ getLink('account/manage') }}" method="post">
+							{{ csrf() }}
 							{{ include('buttons.back.html.twig') }}
-							</td>
-						</tr>
 						</form>
-				</table>
 					</td>
 				</tr>
 			</table>
+		</td>
+	</tr>
+</table>

system/templates/account.generate_recovery_key.html.twig

@@ -1,40 +1,19 @@
 To generate recovery key for your account please enter your password.<br/><br/>
-<form action="{{ getLink('account/register') }}" method="post">
+{% set title = 'Generate recovery key' %}
-	{{ csrf() }}
+{% set background = config('darkborder') %}
-<input type="hidden" name="registeraccountsave" value="1"/>
+{% set content %}
-<div class="TableContainer">
+<table style="width:100%;" >
-	<table class="Table1" cellpadding="0" cellspacing="0">
-		<div class="CaptionContainer">
-			<div class="CaptionInnerContainer">
-				<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-				<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-				<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-				<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-				<div class="Text" >Generate recovery key</div>
-				<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"></span>
-				<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);"></span>
-				<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-				<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"></span>
-			</div>
-		</div>
-		<tr>
-			<td>
-				<div class="InnerTableContainer">
-					<table style="width:100%;" >
 	<tr>
 		<td class="LabelV">
 			<span>Password:</span>
 		</td>
 		<td>
-								<input type="password" name="reg_password" size="30" maxlength="29" autofocus/>
+			<input form="form" type="password" name="reg_password" size="30" maxlength="29" autofocus/>
 		</td>
 	</tr>
-					</table>
+</table>
-				</div>
+{% endset %}
-			</td>
+{% include 'tables.headline.html.twig' %}
-		</tr>
-	</table>
-</div>
 <br/>
 <table style="width:100%">
 	<tr align="center">
@@ -42,12 +21,15 @@ To generate recovery key for your account please enter your password.<br/><br/>
 			<table border="0" cellspacing="0" cellpadding="0" >
 				<tr>
 					<td style="border:0px;">
+						<form id="form" action="{{ getLink('account/register') }}" method="post">
+							{{ csrf() }}
+							<input type="hidden" name="registeraccountsave" value="1"/>
 							{{ include('buttons.submit.html.twig') }}
+						</form>
 					</td>
 				<tr>
 			</table>
 		</td>
-</form>
 		<td>
 			<table border="0" cellspacing="0" cellpadding="0">
 				<form action="{{ getLink('account/manage') }}" method="post">

system/templates/account.login.html.twig

@@ -61,20 +61,19 @@ Please enter your account {{ account|lower }} and your password.<br/><a href="{{
 							{{ include('buttons.submit.html.twig') }}
 						</td>
 					<tr>
-					</form>
 				</table>
 			</td>
 			<td>
 				<table border="0" cellspacing="0" cellpadding="0">
-					<form action="{{ getLink('account/lost') }}" method="post">
-						{{ csrf() }}
 					<tr>
 						<td style="border:0px;">
+							<a href="{{ getLink('account/lost') }}">
 								{{ include('buttons.account_lost.html.twig') }}
+							</a>
 						</td>
 					</tr>
-					</form>
 				</table>
 			</td>
 		</tr>
 	</table>
+</form>

system/templates/account.logout.html.twig

@@ -1,28 +1,10 @@
-<div class="TableContainer">
+{% set title = 'Logout Successful' %}
-	<table class="Table1" cellpadding="0" cellspacing="0" >
+{% set background = config('darkborder') %}
-		<div class="CaptionContainer">
+{% set content %}
-			<div class="CaptionInnerContainer" >
+<table style="width:100%;">
-				<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"/></span>
-				<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"/></span>
-				<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);" ></span>
-				<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"/></span>
-				<div class="Text">Logout Successful</div>
-				<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);"/></span>
-				<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);" ></span>
-				<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"/></span>
-				<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);"/></span>
-			</div>
-		</div>
-		<tr>
-			<td>
-				<div class="InnerTableContainer">
-					<table style="width:100%;">
 	<tr>
 		<td>You have logged out of your {{ config.serverName }} account. In order to view your account you need to <a href="{{ getLink('account/manage') }}" >log in</a> again.</td>
 	</tr>
-					</table>
+</table>
-				</div>
+{% endset %}
-			</td>
+{% include 'tables.headline.html.twig' %}
-		</tr>
-	</table>
-</div>

system/templates/account.management.html.twig

@@ -26,8 +26,8 @@
 	}
 </style>
 {% set menus = {
-	'Create Character': 'account/character/create','Delete Character': 'account/character/delete',
+	'Create Character': 'account/characters/create','Delete Character': 'account/characters/delete',
-	'Change Info': 'account/info', 'Change Password': 'account/password', 'Change Email': 'account/email'
+	'Change Info': 'account/change-info', 'Change Password': 'account/change-password', 'Change Email': 'account/change-email'
 } %}
 <div id="account-manage">
 	<div id="one">
@@ -40,10 +40,10 @@
 				<a href="{{ getLink(link) }}">{{ name }}</a>
 			{% endfor %}
 			{% if setting('core.account_change_character_name') %}
-				<a href="{{ getLink('account/character/name') }}">Change Name</a>
+				<a href="{{ getLink('account/characters/change-name') }}">Change Name</a>
 			{% endif %}
 			{% if setting('core.account_change_character_sex') %}
-				<a href="{{ getLink('account/character/sex') }}">Change Sex</a>
+				<a href="{{ getLink('account/characters/change-sex') }}">Change Sex</a>
 			{% endif %}
 			<a href="{{ getLink('account/logout') }}">Logout</a>
 		</div>
@@ -80,7 +80,7 @@
 			<div style="text-align:center">
 				A request has been submitted to change the email address of this account to <b>{{ email_new }}</b>. After <b>{{ email_new_time|date("j F Y, G:i:s") }}</b> you can accept the new email address and finish the process. Please cancel the request if you do not want your email address to be changed! Also cancel the request if you have no access to the new email address!
 
-				<form action="{{ getLink('account/email') }}" method="post">
+				<form action="{{ getLink('account/change-email') }}" method="post">
 					{{ csrf() }}
 					{% set button_name = 'Edit' %}
 					{% include('buttons.base.html.twig') %}
@@ -99,8 +99,8 @@
 			{% endif %}
 			<tr style="background-color: {{ config.darkborder }};" >
 				<td style="width: 90px;">Email Address:</td>
-				<td>{{ account_email ~ email_change }}
+				<td>{{ account_email }}{{ email_change|raw }}
-					<form action="{{ getLink('account/email') }}" method="post">
+					<form action="{{ getLink('account/change-email') }}" method="post">
 						{{ csrf() }}
 						{% set button_name = 'Change Email' %}
 						{% include('buttons.base.html.twig') %}
@@ -139,7 +139,7 @@
 				<td >{{ account_location }}</td>
 			</tr>
 		</table>
-		<form action="{{ getLink('account/info') }}" method="post">
+		<form action="{{ getLink('account/change-info') }}" method="post">
 			{{ csrf() }}
 			{% set button_name = 'Change Info' %}
 			{% include('buttons.base.html.twig') %}
@@ -183,7 +183,7 @@
 					<td>{% if player.getLastLogin() > 0 %}{{ player.getLastLogin|date('d F Y (H:i)') }}{% else %}Never.{% endif %}</td>
 					<td>{% if player.isOnline() %}<span style="color: green">ONLINE</span>{% else %}<span style="color: red">Offline</span>{% endif %}</td>
 					<td>{% if player.isHidden() %}Hidden{% else %}Visible{% endif %}</td>
-					<td>{% if not player.isDeleted() %}[<a href="{{ getLink('account/character/comment/' ~ player.getName|urlencode) }}" >Edit</a>]{% endif %}</td>
+					<td>{% if not player.isDeleted() %}[<a href="{{ getLink('account/characters/change-comment?name=' ~ player.getName()|urlencode) }}" >Edit</a>]{% endif %}</td>
 				</tr>
 			{% endfor %}
 		</table>
@@ -191,7 +191,7 @@
 		<table>
 			<tr>
 				<td>
-					<form action="{{ getLink('account/character/create') }}" method="post" >
+					<form action="{{ getLink('account/characters/create') }}" method="post" >
 						{{ csrf() }}
 						{% set button_name = 'Create Character' %}
 						{% include('buttons.base.html.twig') %}
@@ -199,7 +199,7 @@
 				</td>
 				{% if setting('core.account_change_character_name') %}
 				<td>
-					<form action="{{ getLink('account/character/name') }}" method="post" >
+					<form action="{{ getLink('account/characters/change-name') }}" method="post" >
 						{{ csrf() }}
 						{% set button_name = 'Change Name' %}
 						{% include('buttons.base.html.twig') %}
@@ -208,7 +208,7 @@
 				{% endif %}
 				{% if setting('core.account_change_character_sex') %}
 				<td>
-					<form action="{{ getLink('account/character/sex') }}" method="post" >
+					<form action="{{ getLink('account/characters/change-sex') }}" method="post" >
 						{{ csrf() }}
 						{% set button_name = 'Change Sex' %}
 						{% include('buttons.base.html.twig') %}
@@ -216,7 +216,7 @@
 				</td>
 				{% endif %}
 				<td>
-					<form action="{{ getLink('account/character/delete') }}" method="post">
+					<form action="{{ getLink('account/characters/delete') }}" method="post">
 						{{ csrf() }}
 						{% set button_name = 'Delete Character' %}
 						{% include('buttons.base.html.twig') %}

system/templates/account.redirect.html.twig

@@ -1,31 +1,13 @@
-<div class="TableContainer">
+{% set title = 'Login Successful' %}
-	<table class="Table1" cellpadding="0" cellspacing="0">
+{% set background = config('darkborder') %}
-		<div class="CaptionContainer">
+{% set content %}
-			<div class="CaptionInnerContainer">
+<table style="width:100%;" >
-				<span class="CaptionEdgeLeftTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-				<span class="CaptionEdgeRightTop" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-				<span class="CaptionBorderTop" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);" ></span>
-				<span class="CaptionVerticalLeft" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);" /></span>
-				<div class="Text" >Login Successful</div>
-				<span class="CaptionVerticalRight" style="background-image:url({{ template_path }}/images/content/box-frame-vertical.gif);" /></span>
-				<span class="CaptionBorderBottom" style="background-image:url({{ template_path }}/images/content/table-headline-border.gif);" ></span>
-				<span class="CaptionEdgeLeftBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-				<span class="CaptionEdgeRightBottom" style="background-image:url({{ template_path }}/images/content/box-frame-edge.gif);" /></span>
-			</div>
-		</div>
-		<tr>
-			<td>
-				<div class="InnerTableContainer">
-					<table style="width:100%;" >
 	<tr>
 		<td>You have logged in.<br/>Press <a href="{{ redirect }}" >here</a> if you are not returned automatically.</td>
 	</tr>
-					</table>
+</table>
-				</div>
+{% endset %}
-			</td>
+{% include 'tables.headline.html.twig' %}
-		</tr>
-	</table>
-</div>
 
 <script language="javascript" type="text/javascript">
 	// Automatic redirect

system/templates/characters.html.twig

@@ -275,7 +275,7 @@
 			{% for frag in frags %}
 			<tr bgcolor="{{ getStyle(i) }}">
 				<td width="20%" align="center">{{ frag.time|date("j M Y, H:i") }}</td>
-				<td>{{ frag.description|raw }}({% if frag.unjustified %}<span style="color: red; font-size: 10px">Unjustified</span>{% else %}<span style="color: green; font-size: 10px">Justified</span>{% endif %})</td>
+				<td>{{ frag.description|raw }} ({% if frag.unjustified %}<span style="color: red; font-size: 10px">Unjustified</span>{% else %}<span style="color: green; font-size: 10px">Justified</span>{% endif %})</td>
 			</tr>
 			{% set i = i + 1 %}
 			{% endfor %}

system/templates/forum.add_board.html.twig

@@ -39,7 +39,9 @@
 						</td>
 					</tr>
 					<tr>
-						<td colspan="2" align="center"><input type="submit" value="Submit"/>
+						<td colspan="2" align="center">
+							{{ include('buttons.submit.html.twig') }}
+						</td>
 					</tr>
 				</table>
 			</td>

system/templates/forum.boards.html.twig

@@ -1,24 +1,26 @@
 <b>Boards</b>
 <table width="100%">
+	<thead>
 	<tr bgcolor="{{ config.vdarkborder }}" class="white">
-		<td>
+		<th>
 			<span style="font-size: 10px"><b>Board</b></span>
-		</td>
+		</th>
-		<td>
+		<th>
 			<span style="font-size: 10px"><b>Posts</b></span>
-		</td>
+		</th>
-		<td>
+		<th>
 			<span style="font-size: 10px"><b>Threads</b></span>
-		</td>
+		</th>
-		<td align="center">
+		<th align="center">
 			<span style="font-size: 10px"><b>Last Post</b></span>
-		</td>
+		</th>
 		{% if canEdit %}
-			<td>
+			<th>
 				<span style="font-size: 10px"><b>Options</b></span>
-			</td>
+			</th>
 		{% endif %}
 	</tr>
+	</thead>
 	{% set i = 0 %}
 	{% for board in boards %}
 	{% set i = i + 1 %}

system/templates/guilds.change_description.html.twig

@@ -1,14 +1,24 @@
-<div style="text-align:center"><h2>Change guild description</h2></div>
+{% set title = 'Change guild description' %}
-Here you can change description of your guild.<br/>
+{% set background = config('darkborder') %}
-<form enctype="multipart/form-data" action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=change_description" method="post">
+{% set content %}
+<table style="width:100%;" >
+	<tr>
+		<td>
+			Here you can change description of your guild.<br/>
+			<form enctype="multipart/form-data" action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=change_description" method="post">
 				{{ csrf() }}
 				<input type="hidden" name="todo" value="save"/>
 				<textarea name="description" cols="60" rows="{{ setting('core.guild_description_lines_limit') - 1 }}">{{ guild.getCustomField('description')|raw }}</textarea><br>
 				(max. {{ setting('core.guild_description_lines_limit') }} lines, max. {{ setting('core.guild_description_chars_limit') }} chars) <input type="submit" value="Save description"/></form><br/>
-<br/>
+			<br/>
-<div style="text-align:center">
+			<div style="text-align:center">
 				<form action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=manager" method="post">
 					{{ csrf() }}
 					{{ include('buttons.back.html.twig') }}
 				</form>
-</div>
+			</div>
+		</td>
+	</tr>
+</table>
+{% endset %}
+{% include 'tables.headline.html.twig' %}

system/templates/guilds.change_logo.html.twig

@@ -1,20 +1,32 @@
-<div style="text-align:center"><h2>Change guild logo</h2></div>
+{% set title = 'Change guild logo' %}
-Here you can change logo of your guild.<br/>Actuall logo: <img src="{{ constant('GUILD_IMAGES_DIR') }}{{ guild_logo }}" height="64" width="64"><br/><br/>
+{% set background = config('darkborder') %}
-<form enctype="multipart/form-data" action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=change_logo" method="post" id="upload_form">
+{% set content %}
+<table style="width:100%;" >
+	<tr>
+		<td>
+			Here you can change logo of your guild.<br/>Actuall logo: <img src="{{ constant('GUILD_IMAGES_DIR') }}{{ guild_logo }}" height="64" width="64"><br/><br/>
+			<form enctype="multipart/form-data" action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=change_logo" method="post" id="upload_form">
 				{{ csrf() }}
 				<input type="hidden" name="todo" value="save" />
 				<input type="hidden" name="MAX_FILE_SIZE" value="{{ max_image_size_b }}" />
 				Select new logo: <input name="newlogo" id="newlogo" type="file" />
 				<input type="submit" value="Send new logo" />
-</form>
+			</form>
-Only <b>jpg, gif, png, bmp</b> pictures. Max. size: <b>{{ setting('core.guild_image_size_kb') }} KB</b><br>
+			Only <b>jpg, gif, png, bmp</b> pictures. Max. size: <b>{{ setting('core.guild_image_size_kb') }} KB</b><br>
-<br/>
+			<br/>
+		</td>
+	</tr>
+</table>
+{% endset %}
+{% include 'tables.headline.html.twig' %}
+
 <div style="text-align:center">
 	<form action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=manager" method="post">
 		{{ csrf() }}
 		{{ include('buttons.back.html.twig') }}
 	</form>
 </div>
+
 <script type="text/javascript">
 	$(function() {
 		$('#upload_form').submit(function (event) {

system/templates/guilds.change_motd.html.twig

@@ -1,11 +1,22 @@
-<div style="text-align:center"><h2>Change guild MOTD</h2></div>
+{% set title = 'Change guild MOTD' %}
-Here you can change MOTD (Message of the Day, showed in game!) of your guild.<br/>
+{% set background = config('darkborder') %}
-<form enctype="multipart/form-data" action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=change_motd" method="post">
+{% set content %}
+<table style="width:100%;" >
+	<tr>
+		<td>
+			Here you can change MOTD (Message of the Day, showed in game!) of your guild.<br/>
+			<form enctype="multipart/form-data" action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=change_motd" method="post">
 				{{ csrf() }}
 				<input type="hidden" name="todo" value="save"/>
 				<textarea name="motd" cols="60" rows="3">{{ guild.getCustomField('motd')|raw }}</textarea><br/>
-	(max. {{ setting('core.guild_motd_chars_limit') }} chars) <input type="submit" value="Save MOTD" /></form><br/>
+				(max. {{ setting('core.guild_motd_chars_limit') }} chars) <input type="submit" value="Save MOTD" />
-<br/>
+			</form>
+		</td>
+	</tr>
+</table>
+{% endset %}
+{% include 'tables.headline.html.twig' %}
+
 <div style="text-align:center">
 	<form action="{{ getLink('guilds') }}?guild={{ guild.getName() }}&action=manager" method="post">
 		{{ csrf() }}