Merge branch 'develop' into feature/docker

getAccountIdentityColumn() function

.dockerignore

@@ -0,0 +1,65 @@
+Thumbs.db
+.DS_Store
+.idea
+
+#
+/.htaccess
+
+# composer
+composer.phar
+vendor
+
+# npm
+node_modules
+tools/ext
+
+# cypress
+cypress.env.json
+cypress/e2e/2-advanced-examples
+cypress/screenshots
+
+# created by release.sh
+releases
+tmp
+
+config.local.php
+!docker/config.local.php
+
+# all custom templates
+templates/*
+!templates/tibiacom
+!templates/kathrine
+
+# guild images
+images/guilds/*
+!images/guilds/default.gif
+
+# editor images
+images/editor/*
+!images/editor/index.html
+
+# gallery images
+images/gallery/*
+!images/gallery/index.html
+!images/gallery/demon.jpg
+!images/gallery/demon_thumb.gif
+
+# cache
+system/cache/*
+!system/cache/index.html
+!system/cache/twig/index.html
+!system/cache/signatures/index.html
+!system/cache/plugins/index.html
+!system/cache/persistent/index.html
+
+# logs
+system/logs/*
+!system/logs/index.html
+
+# data
+system/data/*
+!system/data/index.html
+
+# php sessions
+system/php_sessions/*
+!system/php_sessions/index.html

.gitignore

@@ -23,6 +23,7 @@ releases
 tmp
 
 config.local.php
+!docker/config.local.php
 
 # all custom templates
 templates/*

CHANGELOG.md

@@ -1,6 +1,28 @@
 # Changelog
 
-## [1.0-RC -23.07.2024]
+## [1.0-RC.2 - 25.10.2024]
+
+Still waiting for your reports about bugs found in this release. We are very close to stable release.
+
+### Added
+* feat: rate limit settings for blocking accounts login attempts (@gpedro, #266)
+* search by email in accounts editor (https://github.com/slawkens/myaac/commit/c2ec46824621468f2a1cb4046805c485ed13fea5)
+* New hooks in account manage + create (https://github.com/slawkens/myaac/commit/93641fc68ac9a5f1479329e2bd41380c19534d5d)
+
+### Changed
+* chore: drop raw queries + accounts - search by email + accounts - required min size for search by account number (@gpedro, #266)
+* Use https for outfit & item images (https://github.com/slawkens/myaac/commit/71c00aa5e01fbdfd88802912e200dd1025976231)
+* Do not require players & guilds tables on install (https://github.com/slawkens/myaac/commit/779aa152fa940261c9b161533946f44e288597a2)
+* Do not create player if there is no players table in db (https://github.com/slawkens/myaac/commit/201f95caa8b70e88fa651eac8c3c3aa7cd765bd0)
+
+### Fixed
+* Highscore frags fixed for TFS 0.3 (@Scrollog, #263)
+* Missing groups variable #262. thanks, @Scrollog for reporting (https://github.com/slawkens/myaac/commit/8d8bdb6dac6df21672ac77288fff2f2f8d6eb665)
+* Verified email for login.php (@gpedro, #265)
+* Warning if core.account_country is disabled (https://github.com/slawkens/myaac/commit/ab73d60c61e14a1cacdb6cfbf7f89f4bf3be0833)
+
+
+## [1.0-RC.1 - 23.07.2024]
 
 Changes since 1.0-beta:
 

aac

@@ -9,14 +9,13 @@ if(!IS_CLI) {
 }
 
 require_once SYSTEM . 'functions.php';
-require_once SYSTEM . 'init.php';
 
 define('SELF_NAME', basename(__FILE__));
 
 use MyAAC\Plugins;
 use Symfony\Component\Console\Application;
 
-$application = new Application();
+$application = new Application('MyAAC', MYAAC_VERSION);
 
 $commandsGlob = glob(SYSTEM . 'src/Commands/*.php');
 foreach ($commandsGlob as $item) {
@@ -34,7 +33,4 @@ foreach ($pluginCommands as $item) {
 	$application->add(require $item);
 }
 
-$application->setName('MyAAC');
-$application->setVersion(MYAAC_VERSION);
-
 $application->run();

admin/pages/accounts.php

@@ -23,10 +23,7 @@ $use_datatable = true;
 if (setting('core.account_country'))
 	require SYSTEM . 'countries.conf.php';
 
-$nameOrNumberColumn = 'name';
-if (USE_ACCOUNT_NUMBER) {
-	$nameOrNumberColumn = 'number';
-}
+$nameOrNumberColumn = getAccountIdentityColumn();
 
 $hasSecretColumn = $db->hasColumn('accounts', 'secret');
 $hasCoinsColumn = $db->hasColumn('accounts', 'coins');
@@ -69,7 +66,7 @@ else if (isset($_REQUEST['search_email'])) {
 else if (isset($_REQUEST['search'])) {
 	$search_account = $_REQUEST['search'];
 	$min_size = 3;
-	if ($nameOrNumberColumn == 'number') {
+	if (in_array($nameOrNumberColumn, ['id', 'number'])) {
 		$min_size = 1;
 	}
 
@@ -212,7 +209,7 @@ else if (isset($_REQUEST['search'])) {
 				if(setting('core.account_country')) {
 					$account->setCountry($rl_country);
 				}
-				
+
 				$account->setCustomField('created', $created);
 				$account->setWebFlags($web_flags);
 				$account->setCustomField('web_lastlogin', $web_lastlogin);
@@ -248,7 +245,7 @@ else if (isset($_REQUEST['search'])) {
 						<thead>
 						<tr>
 							<th>ID</th>
-							<th><?= ($nameOrNumberColumn == 'number' ? 'Number' : 'Name'); ?></th>
+							<th><?= ($nameOrNumberColumn == 'name' ? 'Name' : 'Number'); ?></th>
 							<?php if($hasTypeColumn || $hasGroupColumn): ?>
 							<th>E-Mail</th>
 							<th>Position</th>

admin/pages/modules/created.php

@@ -7,7 +7,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 $accounts = 0;
 
 if ($db->hasColumn('accounts', 'created')) {
-	$accounts = Account::orderByDesc('created')->limit(10)->get(['created', (USE_ACCOUNT_NAME ? 'name' : 'id')])->toArray();
+	$accounts = Account::orderByDesc('created')->limit(10)->get(['id', 'created'])->toArray();
 }
 
 $twig->display('created.html.twig', array(

admin/pages/modules/templates/created.html.twig

@@ -19,7 +19,7 @@
 						{% set i = i + 1 %}
 						<tr>
 							<th>{{ i }}</th>
-							<td><a href="?p=accounts&search_name={{ result.name }}">{{ result.name }}</a></td>
+							<td><a href="?p=accounts&id={{ result.id }}">{{ result.id }}</a></td>
 							<td>{{ result.created|date("M d Y, H:i:s") }}</td>
 						</tr>
 					{% endfor %}

admin/pages/news.php

@@ -26,7 +26,7 @@ if (!hasFlag(FLAG_CONTENT_PAGES) && !superAdmin()) {
 
 header('X-XSS-Protection:0');
 
-// some constants, used mainly by database (cannot by modified without schema changes)
+// some constants, used mainly by database (cannot be modified without schema changes)
 const NEWS_TITLE_LIMIT = 100;
 const NEWS_BODY_LIMIT = 65535; // maximum news body length
 const ARTICLE_TEXT_LIMIT = 300;
@@ -136,9 +136,18 @@ if($action == 'edit' || $action == 'new') {
 
 $query = $db->query('SELECT * FROM ' . $db->tableName(TABLE_PREFIX . 'news'));
 $newses = array();
+
+$cachePlayers = [];
 foreach ($query as $_news) {
-	$_player = new OTS_Player();
-	$_player->load($_news['player_id']);
+	$playerId = $_news['player_id'];
+	if (isset($cachePlayers[$playerId])) {
+		$_player = $cachePlayers[$playerId];
+	}
+	else {
+		$_player = new OTS_Player();
+		$_player->load($playerId);
+		$cachePlayers[$playerId] = $_player;
+	}
 
 	$newses[$_news['type']][] = array(
 		'id' => $_news['id'],
@@ -147,7 +156,7 @@ foreach ($query as $_news) {
 		'title' => $_news['title'],
 		'date' => $_news['date'],
 		'player_name' => $_player->isLoaded() ? $_player->getName() : '',
-		'player_link' => $_player->isLoaded() ? getPlayerLink($_player->getName(), false) : '',
+		'player_link' => $_player->isLoaded() ? getPlayerLink($_player, false) : '',
 	);
 }
 

admin/pages/plugins.php

@@ -21,7 +21,13 @@ if (!getBoolean(setting('core.admin_plugins_manage_enable'))) {
 	warning('Plugin installation and management is disabled in Settings.<br/>If you wish to enable, go to Settings and enable <strong>Enable Plugins Manage</strong>.');
 }
 else {
-	$twig->display('admin.plugins.form.html.twig');
+	$pluginUploadEnabled = true;
+	if(!\class_exists('\ZipArchive')) {
+		error('Please install PHP zip extension. Plugins upload disabled until then.');
+		$pluginUploadEnabled = false;
+	}
+
+	$twig->display('admin.plugins.form.html.twig', ['pluginUploadEnabled' => $pluginUploadEnabled]);
 
 	if (isset($_POST['uninstall'])) {
 		$uninstall = $_POST['uninstall'];

common.php

@@ -26,8 +26,8 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 
 const MYAAC = true;
-const MYAAC_VERSION = '1.0-RC';
-const DATABASE_VERSION = 40;
+const MYAAC_VERSION = '1.0-RC.2';
+const DATABASE_VERSION = 41;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
 define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));

composer.json

@@ -1,6 +1,6 @@
 {
     "require": {
-        "php": "^8.0",
+        "php": "^8.1",
         "ext-pdo": "*",
         "ext-pdo_mysql": "*",
         "ext-json": "*",
@@ -18,7 +18,7 @@
         "symfony/string": "^6.4",
         "symfony/var-dumper": "^6.4",
         "filp/whoops": "^2.15",
-        "maximebf/debugbar": "dev-master"
+        "maximebf/debugbar": "1.*"
     },
     "require-dev": {
         "phpstan/phpstan": "^1.10"

docker-compose.yml

@@ -0,0 +1,40 @@
+services:
+  web:
+    ports:
+      - 8001:80
+    build:
+      args:
+        user: www-data
+        uid: 33
+      context: ./
+      dockerfile: ./docker/Dockerfile
+    restart: unless-stopped
+    working_dir: /var/www/html
+    depends_on:
+      - db
+    #volumes:
+    #  - ./:/var/www/html
+
+  db:
+    image: mysql:8.0
+    restart: unless-stopped # always?
+    environment:
+      MYSQL_RANDOM_ROOT_PASSWORD: "yes"
+      MYSQL_DATABASE: myaac
+      #MYSQL_ROOT_PASSWORD: root
+      MYSQL_PASSWORD: myaac
+      MYSQL_USER: myaac
+    ports:
+      - 8003:3306
+    volumes:
+      - ./docker/tfs_schema.sql:/docker-entrypoint-initdb.d/tfs_schema.sql
+      - db:/var/lib/mysql
+
+  phpmyadmin:
+    image: phpmyadmin
+    restart: always
+    ports:
+      - 8002:80
+
+volumes:
+  db:

docker/Dockerfile

@@ -0,0 +1,56 @@
+FROM php:8.2-apache
+
+ARG APCU_VERSION=5.1.22
+
+# Arguments defined in docker-compose.yml
+ARG user
+ARG uid
+
+# Install system dependencies
+RUN apt-get update && apt-get install -y \
+    git \
+    curl \
+    libpng-dev \
+    libonig-dev \
+    libxml2-dev \
+    libzip-dev \
+    zip \
+    unzip \
+    nano \
+    vim
+
+RUN apt-get install -y nodejs npm
+
+# Clear cache
+RUN apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Install PHP extensions
+RUN docker-php-ext-install pdo pdo_mysql gd zip opcache
+RUN docker-php-ext-configure opcache --enable-opcache
+RUN pecl install apcu-${APCU_VERSION} && docker-php-ext-enable apcu
+
+# Get latest Composer
+COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
+
+# Create system user to run Composer Commands
+#RUN useradd -G www-data,root -u $uid -d /home/$user $user
+RUN mkdir -p /home/$user/.composer && \
+    chown -R $user:$user /home/$user
+
+RUN chown -R www-data.www-data /var/www
+
+USER $user
+
+WORKDIR /home/$user
+RUN git clone https://github.com/otland/forgottenserver.git
+
+COPY --chown=www-data:www-data docker/config.lua /home/$user/forgottenserver
+COPY --chown=www-data:www-data docker/config.local.php /var/www/html
+
+#WORKDIR /home/$user/forgottenserver
+
+WORKDIR /var/www/html
+
+COPY --chown=www-data:www-data . .
+RUN composer install
+RUN npm install

docker/config.local.php

@@ -0,0 +1,4 @@
+<?php
+$config['installed'] = false;
+$config['server_path'] = '/home/www-data/forgottenserver';
+$config['install_ignore_ip_check'] = true;

docker/config.lua

@@ -0,0 +1,12 @@
+serverName = "Forgotten"
+mysqlHost = "db"
+mysqlUser = "myaac"
+mysqlPass = "myaac"
+mysqlDatabase = "myaac"
+mysqlPort = 3306
+mysqlSock = ""
+
+ip = "192.168.176.1"
+statusPort = 7171
+statusTimeout = 2000
+

docker/tfs_schema.sql

@@ -0,0 +1,384 @@
+CREATE TABLE IF NOT EXISTS `accounts` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `name` varchar(32) NOT NULL,
+  `password` char(40) NOT NULL,
+  `secret` char(16) DEFAULT NULL,
+  `type` int NOT NULL DEFAULT '1',
+  `premium_ends_at` int unsigned NOT NULL DEFAULT '0',
+  `email` varchar(255) NOT NULL DEFAULT '',
+  `creation` int NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `name` (`name`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `players` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `name` varchar(255) NOT NULL,
+  `group_id` int NOT NULL DEFAULT '1',
+  `account_id` int NOT NULL DEFAULT '0',
+  `level` int NOT NULL DEFAULT '1',
+  `vocation` int NOT NULL DEFAULT '0',
+  `health` int NOT NULL DEFAULT '150',
+  `healthmax` int NOT NULL DEFAULT '150',
+  `experience` bigint unsigned NOT NULL DEFAULT '0',
+  `lookbody` int NOT NULL DEFAULT '0',
+  `lookfeet` int NOT NULL DEFAULT '0',
+  `lookhead` int NOT NULL DEFAULT '0',
+  `looklegs` int NOT NULL DEFAULT '0',
+  `looktype` int NOT NULL DEFAULT '136',
+  `lookaddons` int NOT NULL DEFAULT '0',
+  `lookmount` int NOT NULL DEFAULT '0',
+  `lookmounthead` int NOT NULL DEFAULT '0',
+  `lookmountbody` int NOT NULL DEFAULT '0',
+  `lookmountlegs` int NOT NULL DEFAULT '0',
+  `lookmountfeet` int NOT NULL DEFAULT '0',
+  `randomizemount` tinyint NOT NULL DEFAULT '0',
+  `direction` tinyint unsigned NOT NULL DEFAULT '2',
+  `maglevel` int NOT NULL DEFAULT '0',
+  `mana` int NOT NULL DEFAULT '0',
+  `manamax` int NOT NULL DEFAULT '0',
+  `manaspent` bigint unsigned NOT NULL DEFAULT '0',
+  `soul` int unsigned NOT NULL DEFAULT '0',
+  `town_id` int NOT NULL DEFAULT '1',
+  `posx` int NOT NULL DEFAULT '0',
+  `posy` int NOT NULL DEFAULT '0',
+  `posz` int NOT NULL DEFAULT '0',
+  `conditions` blob DEFAULT NULL,
+  `cap` int NOT NULL DEFAULT '400',
+  `sex` int NOT NULL DEFAULT '0',
+  `lastlogin` bigint unsigned NOT NULL DEFAULT '0',
+  `lastip` varbinary(16) NOT NULL DEFAULT '0',
+  `save` tinyint NOT NULL DEFAULT '1',
+  `skull` tinyint NOT NULL DEFAULT '0',
+  `skulltime` bigint NOT NULL DEFAULT '0',
+  `lastlogout` bigint unsigned NOT NULL DEFAULT '0',
+  `blessings` tinyint NOT NULL DEFAULT '0',
+  `onlinetime` bigint NOT NULL DEFAULT '0',
+  `deletion` bigint NOT NULL DEFAULT '0',
+  `balance` bigint unsigned NOT NULL DEFAULT '0',
+  `offlinetraining_time` smallint unsigned NOT NULL DEFAULT '43200',
+  `offlinetraining_skill` int NOT NULL DEFAULT '-1',
+  `stamina` smallint unsigned NOT NULL DEFAULT '2520',
+  `skill_fist` int unsigned NOT NULL DEFAULT 10,
+  `skill_fist_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_club` int unsigned NOT NULL DEFAULT 10,
+  `skill_club_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_sword` int unsigned NOT NULL DEFAULT 10,
+  `skill_sword_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_axe` int unsigned NOT NULL DEFAULT 10,
+  `skill_axe_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_dist` int unsigned NOT NULL DEFAULT 10,
+  `skill_dist_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_shielding` int unsigned NOT NULL DEFAULT 10,
+  `skill_shielding_tries` bigint unsigned NOT NULL DEFAULT 0,
+  `skill_fishing` int unsigned NOT NULL DEFAULT 10,
+  `skill_fishing_tries` bigint unsigned NOT NULL DEFAULT 0,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `name` (`name`),
+  FOREIGN KEY (`account_id`) REFERENCES `accounts` (`id`) ON DELETE CASCADE,
+  KEY `vocation` (`vocation`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `account_bans` (
+  `account_id` int NOT NULL,
+  `reason` varchar(255) NOT NULL,
+  `banned_at` bigint NOT NULL,
+  `expires_at` bigint NOT NULL,
+  `banned_by` int NOT NULL,
+  PRIMARY KEY (`account_id`),
+  FOREIGN KEY (`account_id`) REFERENCES `accounts` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+  FOREIGN KEY (`banned_by`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `account_ban_history` (
+  `id` int unsigned NOT NULL AUTO_INCREMENT,
+  `account_id` int NOT NULL,
+  `reason` varchar(255) NOT NULL,
+  `banned_at` bigint NOT NULL,
+  `expired_at` bigint NOT NULL,
+  `banned_by` int NOT NULL,
+  PRIMARY KEY (`id`),
+  FOREIGN KEY (`account_id`) REFERENCES `accounts` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+  FOREIGN KEY (`banned_by`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `account_storage` (
+  `account_id` int NOT NULL,
+  `key` int unsigned NOT NULL,
+  `value` int NOT NULL,
+  PRIMARY KEY (`account_id`, `key`),
+  FOREIGN KEY (`account_id`) REFERENCES `accounts`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `ip_bans` (
+  `ip` varbinary(16) NOT NULL,
+  `reason` varchar(255) NOT NULL,
+  `banned_at` bigint NOT NULL,
+  `expires_at` bigint NOT NULL,
+  `banned_by` int NOT NULL,
+  PRIMARY KEY (`ip`),
+  FOREIGN KEY (`banned_by`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_namelocks` (
+  `player_id` int NOT NULL,
+  `reason` varchar(255) NOT NULL,
+  `namelocked_at` bigint NOT NULL,
+  `namelocked_by` int NOT NULL,
+  PRIMARY KEY (`player_id`),
+  FOREIGN KEY (`player_id`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+  FOREIGN KEY (`namelocked_by`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `account_viplist` (
+  `account_id` int NOT NULL COMMENT 'id of account whose viplist entry it is',
+  `player_id` int NOT NULL COMMENT 'id of target player of viplist entry',
+  `description` varchar(128) NOT NULL DEFAULT '',
+  `icon` tinyint unsigned NOT NULL DEFAULT '0',
+  `notify` tinyint NOT NULL DEFAULT '0',
+  UNIQUE KEY `account_player_index` (`account_id`,`player_id`),
+  FOREIGN KEY (`account_id`) REFERENCES `accounts` (`id`) ON DELETE CASCADE,
+  FOREIGN KEY (`player_id`) REFERENCES `players` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guilds` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `name` varchar(255) NOT NULL,
+  `ownerid` int NOT NULL,
+  `creationdata` int NOT NULL,
+  `motd` varchar(255) NOT NULL DEFAULT '',
+  PRIMARY KEY (`id`),
+  UNIQUE KEY (`name`),
+  UNIQUE KEY (`ownerid`),
+  FOREIGN KEY (`ownerid`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guild_invites` (
+  `player_id` int NOT NULL DEFAULT '0',
+  `guild_id` int NOT NULL DEFAULT '0',
+  PRIMARY KEY (`player_id`,`guild_id`),
+  FOREIGN KEY (`player_id`) REFERENCES `players` (`id`) ON DELETE CASCADE,
+  FOREIGN KEY (`guild_id`) REFERENCES `guilds` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guild_ranks` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `guild_id` int NOT NULL COMMENT 'guild',
+  `name` varchar(255) NOT NULL COMMENT 'rank name',
+  `level` int NOT NULL COMMENT 'rank level - leader, vice, member, maybe something else',
+  PRIMARY KEY (`id`),
+  FOREIGN KEY (`guild_id`) REFERENCES `guilds` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guild_membership` (
+  `player_id` int NOT NULL,
+  `guild_id` int NOT NULL,
+  `rank_id` int NOT NULL,
+  `nick` varchar(15) NOT NULL DEFAULT '',
+  PRIMARY KEY (`player_id`),
+  FOREIGN KEY (`player_id`) REFERENCES `players` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+  FOREIGN KEY (`guild_id`) REFERENCES `guilds` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
+  FOREIGN KEY (`rank_id`) REFERENCES `guild_ranks` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guild_wars` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `guild1` int NOT NULL DEFAULT '0',
+  `guild2` int NOT NULL DEFAULT '0',
+  `name1` varchar(255) NOT NULL,
+  `name2` varchar(255) NOT NULL,
+  `status` tinyint NOT NULL DEFAULT '0',
+  `started` bigint NOT NULL DEFAULT '0',
+  `ended` bigint NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  KEY `guild1` (`guild1`),
+  KEY `guild2` (`guild2`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `guildwar_kills` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `killer` varchar(50) NOT NULL,
+  `target` varchar(50) NOT NULL,
+  `killerguild` int NOT NULL DEFAULT '0',
+  `targetguild` int NOT NULL DEFAULT '0',
+  `warid` int NOT NULL DEFAULT '0',
+  `time` bigint NOT NULL,
+  PRIMARY KEY (`id`),
+  FOREIGN KEY (`warid`) REFERENCES `guild_wars` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `houses` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `owner` int NOT NULL,
+  `paid` int unsigned NOT NULL DEFAULT '0',
+  `warnings` int NOT NULL DEFAULT '0',
+  `name` varchar(255) NOT NULL,
+  `rent` int NOT NULL DEFAULT '0',
+  `town_id` int NOT NULL DEFAULT '0',
+  `bid` int NOT NULL DEFAULT '0',
+  `bid_end` int NOT NULL DEFAULT '0',
+  `last_bid` int NOT NULL DEFAULT '0',
+  `highest_bidder` int NOT NULL DEFAULT '0',
+  `size` int NOT NULL DEFAULT '0',
+  `beds` int NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  KEY `owner` (`owner`),
+  KEY `town_id` (`town_id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `house_lists` (
+  `house_id` int NOT NULL,
+  `listid` int NOT NULL,
+  `list` text NOT NULL,
+  FOREIGN KEY (`house_id`) REFERENCES `houses` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `market_history` (
+  `id` int unsigned NOT NULL AUTO_INCREMENT,
+  `player_id` int NOT NULL,
+  `sale` tinyint NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL,
+  `amount` smallint unsigned NOT NULL,
+  `price` bigint unsigned NOT NULL DEFAULT '0',
+  `expires_at` bigint unsigned NOT NULL,
+  `inserted` bigint unsigned NOT NULL,
+  `state` tinyint unsigned NOT NULL,
+  PRIMARY KEY (`id`),
+  KEY `player_id` (`player_id`, `sale`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `market_offers` (
+  `id` int unsigned NOT NULL AUTO_INCREMENT,
+  `player_id` int NOT NULL,
+  `sale` tinyint NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL,
+  `amount` smallint unsigned NOT NULL,
+  `created` bigint unsigned NOT NULL,
+  `anonymous` tinyint NOT NULL DEFAULT '0',
+  `price` bigint unsigned NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  KEY `sale` (`sale`,`itemtype`),
+  KEY `created` (`created`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `players_online` (
+  `player_id` int NOT NULL,
+  PRIMARY KEY (`player_id`)
+) ENGINE=MEMORY DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_deaths` (
+  `player_id` int NOT NULL,
+  `time` bigint unsigned NOT NULL DEFAULT '0',
+  `level` int NOT NULL DEFAULT '1',
+  `killed_by` varchar(255) NOT NULL,
+  `is_player` tinyint NOT NULL DEFAULT '1',
+  `mostdamage_by` varchar(100) NOT NULL,
+  `mostdamage_is_player` tinyint NOT NULL DEFAULT '0',
+  `unjustified` tinyint NOT NULL DEFAULT '0',
+  `mostdamage_unjustified` tinyint NOT NULL DEFAULT '0',
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE,
+  KEY `killed_by` (`killed_by`),
+  KEY `mostdamage_by` (`mostdamage_by`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_depotitems` (
+  `player_id` int NOT NULL,
+  `sid` int NOT NULL COMMENT 'any given range eg 0-100 will be reserved for depot lockers and all > 100 will be then normal items inside depots',
+  `pid` int NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL,
+  `count` smallint NOT NULL DEFAULT '0',
+  `attributes` blob NOT NULL,
+  UNIQUE KEY `player_id_2` (`player_id`, `sid`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_inboxitems` (
+  `player_id` int NOT NULL,
+  `sid` int NOT NULL,
+  `pid` int NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL,
+  `count` smallint NOT NULL DEFAULT '0',
+  `attributes` blob NOT NULL,
+  UNIQUE KEY `player_id_2` (`player_id`, `sid`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_storeinboxitems` (
+  `player_id` int NOT NULL,
+  `sid` int NOT NULL,
+  `pid` int NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL,
+  `count` smallint NOT NULL DEFAULT '0',
+  `attributes` blob NOT NULL,
+  UNIQUE KEY `player_id_2` (`player_id`, `sid`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_items` (
+  `player_id` int NOT NULL DEFAULT '0',
+  `pid` int NOT NULL DEFAULT '0',
+  `sid` int NOT NULL DEFAULT '0',
+  `itemtype` smallint unsigned NOT NULL DEFAULT '0',
+  `count` smallint NOT NULL DEFAULT '0',
+  `attributes` blob NOT NULL,
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE,
+  KEY `sid` (`sid`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_spells` (
+  `player_id` int NOT NULL,
+  `name` varchar(255) NOT NULL,
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `player_storage` (
+  `player_id` int NOT NULL DEFAULT '0',
+  `key` int unsigned NOT NULL DEFAULT '0',
+  `value` int NOT NULL DEFAULT '0',
+  PRIMARY KEY (`player_id`,`key`),
+  FOREIGN KEY (`player_id`) REFERENCES `players`(`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `server_config` (
+  `config` varchar(50) NOT NULL,
+  `value` varchar(256) NOT NULL DEFAULT '',
+  PRIMARY KEY `config` (`config`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `tile_store` (
+  `house_id` int NOT NULL,
+  `data` longblob NOT NULL,
+  FOREIGN KEY (`house_id`) REFERENCES `houses` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+CREATE TABLE IF NOT EXISTS `towns` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `name` varchar(255) NOT NULL,
+  `posx` int NOT NULL DEFAULT '0',
+  `posy` int NOT NULL DEFAULT '0',
+  `posz` int NOT NULL DEFAULT '0',
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `name` (`name`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+
+INSERT INTO `server_config` (`config`, `value`) VALUES ('db_version', '35'), ('players_record', '0');
+
+DROP TRIGGER IF EXISTS `ondelete_players`;
+DROP TRIGGER IF EXISTS `oncreate_guilds`;
+
+DELIMITER //
+CREATE TRIGGER `ondelete_players` BEFORE DELETE ON `players`
+ FOR EACH ROW BEGIN
+    UPDATE `houses` SET `owner` = 0 WHERE `owner` = OLD.`id`;
+END
+//
+CREATE TRIGGER `oncreate_guilds` AFTER INSERT ON `guilds`
+ FOR EACH ROW BEGIN
+    INSERT INTO `guild_ranks` (`name`, `level`, `guild_id`) VALUES ('the Leader', 3, NEW.`id`);
+    INSERT INTO `guild_ranks` (`name`, `level`, `guild_id`) VALUES ('a Vice-Leader', 2, NEW.`id`);
+    INSERT INTO `guild_ranks` (`name`, `level`, `guild_id`) VALUES ('a Member', 1, NEW.`id`);
+END
+//
+DELIMITER ;

install/includes/schema.sql

@@ -1,4 +1,4 @@
-SET @myaac_database_version = 40;
+SET @myaac_database_version = 41;
 
 CREATE TABLE `myaac_account_actions`
 (
@@ -8,7 +8,7 @@ CREATE TABLE `myaac_account_actions`
 	`date` INT(11) NOT NULL DEFAULT 0,
 	`action` VARCHAR(255) NOT NULL DEFAULT '',
 	KEY (`account_id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_admin_menu`
 (
@@ -19,22 +19,7 @@ CREATE TABLE `myaac_admin_menu`
 	`flags` INT(11) NOT NULL DEFAULT 0,
 	`enabled` INT(1) NOT NULL DEFAULT 1,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-
-CREATE TABLE `myaac_bugtracker`
-(
-	`account` VARCHAR(255) NOT NULL,
-	`type` INT(11) NOT NULL DEFAULT 0,
-	`status` INT(11) NOT NULL DEFAULT 0,
-	`text` text NOT NULL,
-	`id` INT(11) NOT NULL DEFAULT 0,
-	`subject` VARCHAR(255) NOT NULL DEFAULT '',
-	`reply` INT(11) NOT NULL DEFAULT 0,
-	`who` INT(11) NOT NULL DEFAULT 0,
-	`uid` INT(11) NOT NULL AUTO_INCREMENT,
-	`tag` INT(11) NOT NULL DEFAULT 0,
-	PRIMARY KEY (`uid`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_changelog`
 (
@@ -46,7 +31,7 @@ CREATE TABLE `myaac_changelog`
 	`player_id` INT(11) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_changelog` (`id`, `type`, `where`, `date`, `body`, `hide`) VALUES (1, 3, 2, UNIX_TIMESTAMP(), 'MyAAC installed. (:', 0);
 
@@ -57,7 +42,7 @@ CREATE TABLE `myaac_config`
 	`value` VARCHAR(1000) NOT NULL,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_config` (`name`, `value`) VALUES ('database_version', @myaac_database_version);
 
@@ -69,7 +54,7 @@ CREATE TABLE `myaac_faq`
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_forum_boards`
 (
@@ -82,7 +67,7 @@ CREATE TABLE `myaac_forum_boards`
 	`closed` TINYINT(1) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`, `closed`) VALUES (NULL, 'News', 'News commenting', 0, 1);
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Trade', 'Trade offers.', 1);
 INSERT INTO `myaac_forum_boards` (`id`, `name`, `description`, `ordering`) VALUES (NULL, 'Quests', 'Quest making.', 2);
@@ -111,7 +96,7 @@ CREATE TABLE `myaac_forum`
 	`closed` tinyint(1) NOT NULL DEFAULT '0',
 	PRIMARY KEY (`id`),
 	KEY `section` (`section`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_menu`
 (
@@ -125,7 +110,7 @@ CREATE TABLE `myaac_menu`
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`enabled` INT(1) NOT NULL DEFAULT 1,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_monsters` (
 	`id` int(11) NOT NULL AUTO_INCREMENT,
@@ -158,7 +143,7 @@ CREATE TABLE `myaac_monsters` (
 	`loot` text NOT NULL,
 	`summons` TEXT NOT NULL,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_news`
 (
@@ -176,7 +161,7 @@ CREATE TABLE `myaac_news`
 	`article_image` VARCHAR(100) NOT NULL DEFAULT '',
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_news_categories`
 (
@@ -186,7 +171,7 @@ CREATE TABLE `myaac_news_categories`
 	`icon_id` INT(2) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 0);
 INSERT INTO `myaac_news_categories` (`id`, `icon_id`) VALUES (NULL, 1);
@@ -202,7 +187,7 @@ CREATE TABLE `myaac_notepad`
 	`content` TEXT NOT NULL,
 	/*`public` TINYINT(1) NOT NULL DEFAULT 0*/
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_pages`
 (
@@ -218,7 +203,7 @@ CREATE TABLE `myaac_pages`
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_gallery`
 (
@@ -230,7 +215,7 @@ CREATE TABLE `myaac_gallery`
 	`ordering` INT(11) NOT NULL DEFAULT 0,
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 INSERT INTO `myaac_gallery` (`id`, `ordering`, `comment`, `image`, `thumb`, `author`) VALUES (NULL, 1, 'Demon', 'images/gallery/demon.jpg', 'images/gallery/demon_thumb.gif', 'MyAAC');
 
@@ -242,7 +227,7 @@ CREATE TABLE `myaac_settings`
 	`value` TEXT NOT NULL,
 	PRIMARY KEY (`id`),
 	KEY `key` (`key`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_spells`
 (
@@ -265,7 +250,7 @@ CREATE TABLE `myaac_spells`
 	`hide` TINYINT(1) NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_visitors`
 (
@@ -274,7 +259,7 @@ CREATE TABLE `myaac_visitors`
 	`page` VARCHAR(2048) NOT NULL,
 	`user_agent` VARCHAR(255) NOT NULL DEFAULT '',
 	UNIQUE (`ip`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
 CREATE TABLE `myaac_weapons`
 (
@@ -283,4 +268,4 @@ CREATE TABLE `myaac_weapons`
 	`maglevel` INT(11) NOT NULL DEFAULT 0,
 	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
 	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;

install/index.php

@@ -125,18 +125,7 @@ else if($step == 'finish') {
 	}
 
 	// account check
-	if(isset($_SESSION['var_account'])) {
-		if(empty($_SESSION['var_account'])) {
-			$errors[] = $locale['step_admin_account_error_empty'];
-		}
-		else if(!Validator::accountName($_SESSION['var_account'])) {
-			$errors[] = $locale['step_admin_account_error_format'];
-		}
-		else if(strtoupper($_SESSION['var_account']) == strtoupper($password)) {
-			$errors[] = $locale['step_admin_account_error_same'];
-		}
-	}
-	else if(isset($_SESSION['var_account_id'])) {
+	if(isset($_SESSION['var_account_id'])) {
 		if(empty($_SESSION['var_account_id'])) {
 			$errors[] = $locale['step_admin_account_id_error_empty'];
 		}
@@ -147,6 +136,17 @@ else if($step == 'finish') {
 			$errors[] = $locale['step_admin_account_id_error_same'];
 		}
 	}
+	else if(isset($_SESSION['var_account'])) {
+		if(empty($_SESSION['var_account'])) {
+			$errors[] = $locale['step_admin_account_error_empty'];
+		}
+		else if(!Validator::accountName($_SESSION['var_account'])) {
+			$errors[] = $locale['step_admin_account_error_format'];
+		}
+		else if(strtoupper($_SESSION['var_account']) == strtoupper($password)) {
+			$errors[] = $locale['step_admin_account_error_same'];
+		}
+	}
 
 	// password check
 	if(empty($password)) {
@@ -183,23 +183,23 @@ clearstatcache();
 if(is_writable(CACHE) && (MYAAC_OS != 'WINDOWS' || win_is_writable(CACHE))) {
 	if(!file_exists(BASE . 'install/ip.txt')) {
 		$content = warning('AAC installation is disabled. To enable it make file <b>ip.txt</b> in install/ directory and put there your IP.<br/>
-		Your IP is:<br /><b>' . $_SERVER['REMOTE_ADDR'] . '</b>', true);
+		Your IP is:<br /><b>' . get_browser_real_ip() . '</b>', true);
 	}
 	else {
 		$file_content = trim(file_get_contents(BASE . 'install/ip.txt'));
 		$allow = false;
 		$listIP = preg_split('/\s+/', $file_content);
 		foreach($listIP as $ip) {
-			if($_SERVER['REMOTE_ADDR'] == $ip) {
+			if(get_browser_real_ip() == $ip) {
 				$allow = true;
 			}
 		}
 
-		if(!$allow)
+		if(!$allow && !config('install_ignore_ip_check'))
 		{
 			$content = warning('In file <b>install/ip.txt</b> must be your IP!<br/>
 			In file is:<br /><b>' . nl2br($file_content) . '</b><br/>
-			Your IP is:<br /><b>' . $_SERVER['REMOTE_ADDR'] . '</b>', true);
+			Your IP is:<br /><b>' . get_browser_real_ip() . '</b>', true);
 		}
 		else {
 			ob_start();

install/steps/4-config.php

@@ -11,6 +11,7 @@ foreach($config['clients'] as $client) {
 }
 
 $twig->display('install.config.html.twig', array(
+	'config' => $config,
 	'clients' => $clients,
 	'timezones' => DateTimeZone::listIdentifiers(),
 	'locale' => $locale,

install/steps/5-database.php

@@ -40,6 +40,10 @@ if(!$error) {
 	$configToSave['gzip_output'] = false;
 	$configToSave['cache_engine'] = 'auto';
 	$configToSave['cache_prefix'] = 'myaac_' . generateRandomString(8, true, false, true);
+	$configToSave['database_auto_migrate'] = true;
+	if (isset($config['install_ignore_ip_check'])) {
+		$configToSave['install_ignore_ip_check'] = $config['install_ignore_ip_check'];
+	}
 
 	if(!$error) {
 		$content = '';
@@ -76,7 +80,7 @@ if(!$error) {
 			$_SESSION['config_content'] = $content;
 			unset($_SESSION['saved']);
 
-			$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.php</b>', $locale['step_database_error_file']);
+					$locale['step_database_error_file'] = str_replace('$FILE$', '<b>' . BASE . 'config.local.php</b>', $locale['step_database_error_file']);
 			error($locale['step_database_error_file'] . '<br/>
 				<textarea cols="70" rows="10">' . $content . '</textarea>');
 		}

install/tools/7-finish.php

@@ -62,16 +62,21 @@ DataLoader::load();
 
 // update config.highscores_ids_hidden
 require_once SYSTEM . 'migrations/20.php';
+$up();
 
 // add z_polls tables
 require_once SYSTEM . 'migrations/22.php';
+$up();
 
 // add myaac_pages pages
 require_once SYSTEM . 'migrations/27.php';
+$up();
 require_once SYSTEM . 'migrations/30.php';
+$up();
 
 // new monster columns
 require_once SYSTEM . 'migrations/31.php';
+$up();
 
 if(ModelsFAQ::count() == 0) {
 	ModelsFAQ::create([

system/compat/classes.php

@@ -36,3 +36,5 @@ class Guild extends OTS_Guild {
 }
 class GuildRank extends OTS_GuildRank {}
 class House extends OTS_House {}
+
+class Cache extends \MyAAC\Cache\Cache {}

system/database.php

@@ -106,6 +106,7 @@ try {
 		'persistent' => @$config['database_persistent']
 	));
 
+	global $db;
 	$db = POT::getInstance()->getDBHandle();
 	$capsule = new Capsule;
 	$capsule->addConnection([

system/functions.php

@@ -89,13 +89,18 @@ function getForumBoardLink($board_id, $page = NULL): string {
 
 function getPlayerLink($name, $generate = true, bool $colored = false): string
 {
-	$player = new OTS_Player();
-
-	if(is_numeric($name)) {
-		$player->load((int)$name);
+	if (is_object($name) and $name instanceof OTS_Player) {
+		$player = $name;
 	}
 	else {
-		$player->find($name);
+		$player = new OTS_Player();
+
+		if(is_numeric($name)) {
+			$player->load((int)$name);
+		}
+		else {
+			$player->find($name);
+		}
 	}
 
 	if (!$player->isLoaded()) {
@@ -1679,6 +1684,18 @@ function isRequestMethod(string $method): bool {
 	return strtolower($_SERVER['REQUEST_METHOD']) == strtolower($method);
 }
 
+function getAccountIdentityColumn(): string
+{
+	if (USE_ACCOUNT_NAME) {
+		return 'name';
+	}
+	elseif (USE_ACCOUNT_NUMBER) {
+		return 'number';
+	}
+
+	return 'id';
+}
+
 // validator functions
 require_once SYSTEM . 'compat/base.php';
 

system/init.php

@@ -12,11 +12,12 @@ use DebugBar\StandardDebugBar;
 use MyAAC\Cache\Cache;
 use MyAAC\CsrfToken;
 use MyAAC\Hooks;
+use MyAAC\Models\Town;
 use MyAAC\Settings;
-use MyAAC\Towns;
 
 defined('MYAAC') or die('Direct access not allowed!');
 
+global $config;
 if(!isset($config['installed']) || !$config['installed']) {
 	throw new RuntimeException('MyAAC has not been installed yet or there was error during installation. Please install again.');
 }
@@ -38,13 +39,15 @@ if($config['server_path'][strlen($config['server_path']) - 1] !== '/')
 	$config['server_path'] .= '/';
 
 // enable gzip compression if supported by the browser
-if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false && function_exists('ob_gzhandler'))
+if(isset($config['gzip_output']) && $config['gzip_output'] && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && str_contains($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') && function_exists('ob_gzhandler'))
 	ob_start('ob_gzhandler');
 
 // cache
+global $cache;
 $cache = Cache::getInstance();
 
 // event system
+global $hooks;
 $hooks = new Hooks();
 $hooks->load();
 
@@ -140,7 +143,10 @@ if(!defined('MYAAC_INSTALL') && !$db->hasTable('myaac_account_actions')) {
 }
 
 // execute migrations
-require SYSTEM . 'migrate.php';
+$configDatabaseAutoMigrate = config('database_auto_migrate');
+if (!isset($configDatabaseAutoMigrate) || $configDatabaseAutoMigrate) {
+	require SYSTEM . 'migrate.php';
+}
 
 // settings
 $settings = Settings::getInstance();
@@ -155,6 +161,9 @@ if (!isset($token) || !$token) {
 // deprecated config values
 require_once SYSTEM . 'compat/config.php';
 
+// deprecated classes
+require_once SYSTEM . 'compat/classes.php';
+
 date_default_timezone_set(setting('core.date_timezone'));
 
 setting(
@@ -173,4 +182,17 @@ define('USE_ACCOUNT_NAME', $db->hasColumn('accounts', 'name'));
 define('USE_ACCOUNT_NUMBER', $db->hasColumn('accounts', 'number'));
 define('USE_ACCOUNT_SALT', $db->hasColumn('accounts', 'salt'));
 
-Towns::load();
+$towns = Cache::remember('towns', 10 * 60, function () use ($db) {
+	if ($db->hasTable('towns') && Town::count() > 0) {
+		return Town::orderBy('id', 'ASC')->pluck('name', 'id')->toArray();
+	}
+
+	return [];
+});
+
+if (count($towns) <= 0) {
+	$towns = setting('core.towns');
+}
+
+config(['towns', $towns]);
+unset($towns);

system/libs/pot/OTS_Base_DB.php

@@ -235,6 +235,30 @@ abstract class OTS_Base_DB extends PDO implements IOTS_DB
 		$this->exec($query);
 		return true;
 	}
+
+	public function addColumn($table, $column, $definition): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' ADD ' . $this->fieldName($column) . ' ' . $definition . ';');
+	}
+
+	public function modifyColumn($table, $column, $definition): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' MODIFY ' . $this->fieldName($column) . ' ' . $definition . ';');
+	}
+
+	public function changeColumn($table, $from, $to, $definition): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' CHANGE ' . $this->fieldName($from) . ' ' . $this->fieldName($to) . ' ' . $definition . ';');
+	}
+
+	public function dropColumn($table, $column): void {
+		$this->exec('ALTER TABLE ' . $this->tableName($table) . ' DROP COLUMN ' . $this->fieldName($column) . ';');
+	}
+
+	public function renameTable($from, $to): void {
+		$this->exec('RENAME TABLE ' . $this->tableName($from) . ' TO ' . $this->tableName($to) . ';');
+	}
+
+	public function dropTable($table, $ifExists = true): void {
+		$this->exec('DROP TABLE ' . ($ifExists ? 'IF EXISTS' : '') . ' ' . $this->tableName($table) . ';');
+	}
 /**
  * LIMIT/OFFSET clause for queries.
  *

system/libs/pot/OTS_DB_MySQL.php

@@ -53,49 +53,49 @@ class OTS_DB_MySQL extends OTS_Base_DB
  * @param array $params Connection parameters.
  * @throws PDOException On PDO operation error.
  */
-    public function __construct($params)
-    {
-        $user = null;
-        $password = null;
-        $dns = array();
+	public function __construct($params)
+	{
+		$user = null;
+		$password = null;
+		$dns = array();
 
-        // host:port support
-        if( strpos(':', $params['host']) !== false)
-        {
-            $host = explode(':', $params['host'], 2);
+		// host:port support
+		if( strpos(':', $params['host']) !== false)
+		{
+			$host = explode(':', $params['host'], 2);
 
-            $params['host'] = $host[0];
-            $params['port'] = $host[1];
-        }
+			$params['host'] = $host[0];
+			$params['port'] = $host[1];
+		}
 
-        if( isset($params['database']) )
-        {
-            $dns[] = 'dbname=' . $params['database'];
-        }
+		if( isset($params['database']) )
+		{
+			$dns[] = 'dbname=' . $params['database'];
+		}
 
-        if( isset($params['user']) )
-        {
-            $user = $params['user'];
-        }
+		if( isset($params['user']) )
+		{
+			$user = $params['user'];
+		}
 
-        if( isset($params['password']) )
-        {
-            $password = $params['password'];
-        }
+		if( isset($params['password']) )
+		{
+			$password = $params['password'];
+		}
 
-        if( isset($params['prefix']) )
-        {
-            $this->prefix = $params['prefix'];
-        }
+		if( isset($params['prefix']) )
+		{
+			$this->prefix = $params['prefix'];
+		}
 
-        if( isset($params['log']) && $params['log'] )
-        {
-            $this->logged = true;
-        }
+		if( isset($params['log']) && $params['log'] )
+		{
+			$this->logged = true;
+		}
 
-        if( !isset($params['persistent']) ) {
-            $params['persistent'] = false;
-        }
+		if( !isset($params['persistent']) ) {
+			$params['persistent'] = false;
+		}
 
 		global $config;
 		$cache = Cache::getInstance();
@@ -144,10 +144,10 @@ class OTS_DB_MySQL extends OTS_Base_DB
 		}
 
 		parent::__construct('mysql:' . implode(';', $dns), $user, $password, $driverAttributes);
-    }
+	}
 
 	public function __destruct()
-    {
+	{
 		global $config;
 
 		$cache = Cache::getInstance();
@@ -165,7 +165,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 		}
 
 		if($this->logged) {
-			log_append('database.log', $_SERVER['REQUEST_URI'] . PHP_EOL . $this->getLog());
+			$currentScript = $_SERVER['REQUEST_URI'] ?? $_SERVER['SCRIPT_FILENAME'];
+			log_append('database.log', $currentScript . PHP_EOL . $this->getLog());
 		}
 	}
 
@@ -175,10 +176,10 @@ class OTS_DB_MySQL extends OTS_Base_DB
  * @param string $name Field name.
  * @return string Quoted name.
  */
-    public function fieldName($name)
-    {
-        return '`' . $name . '`';
-    }
+	public function fieldName($name)
+	{
+		return '`' . $name . '`';
+	}
 
 /**
  * LIMIT/OFFSET clause for queries.
@@ -187,26 +188,26 @@ class OTS_DB_MySQL extends OTS_Base_DB
  * @param int|bool $offset Number of rows to be skipped before applying query effects (false if no offset).
  * @return string LIMIT/OFFSET SQL clause for query.
  */
-    public function limit($limit = false, $offset = false)
-    {
-        // by default this is empty part
-        $sql = '';
+	public function limit($limit = false, $offset = false)
+	{
+		// by default this is empty part
+		$sql = '';
 
-        if($limit !== false)
-        {
-            $sql = ' LIMIT ';
+		if($limit !== false)
+		{
+			$sql = ' LIMIT ';
 
-            // OFFSET has no effect if there is no LIMIT
-            if($offset !== false)
-            {
-                $sql .= $offset . ', ';
-            }
+			// OFFSET has no effect if there is no LIMIT
+			if($offset !== false)
+			{
+				$sql .= $offset . ', ';
+			}
 
-            $sql .= $limit;
-        }
+			$sql .= $limit;
+		}
 
-        return $sql;
-    }
+		return $sql;
+	}
 
 	public function hasTable($name) {
 		if(isset($this->has_table_cache[$name])) {

system/locale/en/install.php

@@ -94,7 +94,7 @@ $locale['step_database_loaded_npcs'] = 'NPCs has been loaded...';
 $locale['step_database_error_npcs'] = 'There were some problems loading your NPCs';
 $locale['step_database_loaded_spells'] = 'Spells has been loaded...';
 $locale['step_database_loaded_towns'] = 'Towns has been loaded...';
-$locale['step_database_error_towns'] = 'There were some problems loading your towns. You will need to configure them manually in config.';
+$locale['step_database_error_towns'] = 'There were some problems loading your towns. You will need to configure them manually in Settings.';
 $locale['step_database_created_account'] = 'Created admin account...';
 $locale['step_database_created_news'] = 'Newses has been created...';
 

system/locale/pl/install.php

@@ -93,7 +93,7 @@ $locale['step_database_loaded_npcs'] = 'Załadowano NPCs...';
 $locale['step_database_error_npcs'] = 'Wystąpił problem podczas ładowania NPCs';
 $locale['step_database_loaded_spells'] = 'Załadowano czary (spells)...';
 $locale['step_database_loaded_towns'] = 'Załadowano miasta (towns)...';
-$locale['step_database_error_towns'] = 'Wystąpił problem podczas ładowania miast. Trzeba będzie je skonfigurować manualnie.';
+$locale['step_database_error_towns'] = 'Wystąpił problem podczas ładowania miast. Trzeba będzie je skonfigurować manualnie w ustawieniach.';
 $locale['step_database_created_account'] = 'Utworzono konto admina...';
 $locale['step_database_created_news'] = 'Utworzono newsy...';
 

system/migrate.php

@@ -17,6 +17,12 @@ if(fetchDatabaseConfig('database_version', $tmp)) { // we got version
 		$db->revalidateCache();
 		for($i = $tmp + 1; $i <= DATABASE_VERSION; $i++) {
 			require SYSTEM . 'migrations/' . $i . '.php';
+
+			if (isset($up)) {
+				$up();
+				unset($up);
+			}
+
 			updateDatabaseConfig('database_version', $i);
 		}
 	}
@@ -26,6 +32,12 @@ else { // register first version
 	$db->revalidateCache();
 	for($i = 1; $i <= DATABASE_VERSION; $i++) {
 		require SYSTEM . 'migrations/' . $i . '.php';
+
+		if (isset($up)) {
+			$up();
+			unset($up);
+		}
+
 		updateDatabaseConfig('database_version', $i);
 	}
 }

system/migrations/1-hooks.sql

@@ -0,0 +1,8 @@
+CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/1.php

@@ -1,16 +1,16 @@
 <?php
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `ip` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `date` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` MODIFY `action` VARCHAR(255) NOT NULL DEFAULT '';");
-	$db->query("
-	CREATE TABLE `myaac_hooks`
-(
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(30) NOT NULL DEFAULT '',
-	`type` INT(2) NOT NULL DEFAULT 0,
-	`file` VARCHAR(100) NOT NULL,
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-?>
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'ip', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'date', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'action', "VARCHAR(255) NOT NULL DEFAULT ''");
+
+	$db->query(file_get_contents(__DIR__ . '/1-hooks.sql'));
+};
+
+$down = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'hooks');
+};

system/migrations/10-admin_menu.sql

@@ -0,0 +1,10 @@
+CREATE TABLE `myaac_admin_menu`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(255) NOT NULL DEFAULT '',
+	`page` VARCHAR(255) NOT NULL DEFAULT '',
+	`ordering` INT(11) NOT NULL DEFAULT 0,
+	`flags` INT(11) NOT NULL DEFAULT 0,
+	`enabled` INT(1) NOT NULL DEFAULT 1,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/10.php

@@ -1,17 +1,24 @@
 <?php
-	if(!$db->hasColumn(TABLE_PREFIX . 'hooks', 'ordering'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "hooks` ADD `ordering` INT(11) NOT NULL DEFAULT 0 AFTER `file`;");
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-	if(!$db->hasTable(TABLE_PREFIX . 'admin_menu'))
-		$db->query("
-CREATE TABLE `myaac_admin_menu`
-(
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`name` VARCHAR(255) NOT NULL DEFAULT '',
-	`page` VARCHAR(255) NOT NULL DEFAULT '',
-	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`flags` INT(11) NOT NULL DEFAULT 0,
-	`enabled` INT(1) NOT NULL DEFAULT 1,
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'hooks', 'ordering')) {
+		$db->addColumn(TABLE_PREFIX . 'hooks', 'ordering', "INT(11) NOT NULL DEFAULT 0 AFTER `file`");
+	}
+
+	if (!$db->hasTable(TABLE_PREFIX . 'admin_menu')) {
+		$db->query(file_get_contents(__DIR__ . '/10-admin_menu.sql'));
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'hooks', 'ordering')) {
+		$db->dropColumn(TABLE_PREFIX . 'hooks', 'ordering');
+	}
+
+	if ($db->hasTable(TABLE_PREFIX . 'admin_menu')) {
+		$db->dropTable(TABLE_PREFIX . 'admin_menu');
+	}
+};

system/migrations/11.php

@@ -1,19 +1,44 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
 	// rename database tables
-	$db->query("RENAME TABLE
-		" . TABLE_PREFIX . "screenshots TO " . TABLE_PREFIX . "gallery,
-		" . TABLE_PREFIX . "movies TO " . TABLE_PREFIX . "videos;");
+	$db->renameTable(TABLE_PREFIX . 'screenshots', TABLE_PREFIX . 'gallery');
+	$db->renameTable(TABLE_PREFIX . 'movies', TABLE_PREFIX . 'videos');
 
 	// rename images dir
-	if(file_exists(BASE . 'images/screenshots') && !file_exists(BASE . GALLERY_DIR)) {
+	if (file_exists(BASE . 'images/screenshots') && !file_exists(BASE . GALLERY_DIR)) {
 		rename(BASE . 'images/screenshots', BASE . GALLERY_DIR);
 	}
 
 	// convert old database screenshots images to gallery
 	$query = $db->query('SELECT `id`, `image`, `thumb` FROM `' . TABLE_PREFIX . 'gallery`;');
-	foreach($query->fetchAll() as $item) {
+	foreach ($query->fetchAll() as $item) {
 		$db->update(TABLE_PREFIX . 'gallery', array(
 			'image' => str_replace('/screenshots/', '/gallery/', $item['image']),
 			'thumb' => str_replace('/screenshots/', '/gallery/', $item['thumb']),
 		), array('id' => $item['id']));
 	}
+};
+
+$down = function () use ($db) {
+	// rename database tables
+	$db->renameTable(TABLE_PREFIX . 'gallery', TABLE_PREFIX . 'screenshots');
+	$db->renameTable(TABLE_PREFIX . 'videos', TABLE_PREFIX . 'movies');
+
+	// rename images dir
+	if (file_exists(BASE . GALLERY_DIR) && !file_exists(BASE . 'images/screenshots')) {
+		rename(BASE . GALLERY_DIR, BASE . 'images/screenshots');
+	}
+
+	// convert new database gallery images to screenshots
+	$query = $db->query('SELECT `id`, `image`, `thumb` FROM `' . TABLE_PREFIX . 'screenshots`;');
+	foreach ($query->fetchAll() as $item) {
+		$db->update(TABLE_PREFIX . 'screenshots', [
+			'image' => str_replace('/gallery/', '/screenshots/', $item['image']),
+			'thumb' => str_replace('/gallery/', '/screenshots/', $item['thumb']),
+		], ['id' => $item['id']]);
+	}
+};

system/migrations/12-items.sql

@@ -0,0 +1,9 @@
+CREATE TABLE `myaac_items`
+(
+	`id` INT(11) NOT NULL,
+	`article` VARCHAR(5) NOT NULL DEFAULT '',
+	`name` VARCHAR(50) NOT NULL DEFAULT '',
+	`plural` VARCHAR(50) NOT NULL DEFAULT '',
+	`attributes` VARCHAR(500) NOT NULL DEFAULT '',
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/12-weapons.sql

@@ -0,0 +1,8 @@
+CREATE TABLE `myaac_weapons`
+(
+	`id` INT(11) NOT NULL,
+	`level` INT(11) NOT NULL DEFAULT 0,
+	`maglevel` INT(11) NOT NULL DEFAULT 0,
+	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/12.php

@@ -1,51 +1,65 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-// add new item_id field for runes
-if(!$db->hasColumn(TABLE_PREFIX . 'spells', 'item_id'))
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` ADD `item_id` INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`;");
+use MyAAC\Models\Spell;
 
-// change unique index from spell to name
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP INDEX `spell`;");
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` ADD UNIQUE INDEX (`name`);");
-
-// change comment of spells.type
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` MODIFY `type` TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - instant, 2 - conjure, 3 - rune';");
-
-// new items table
-if(!$db->hasTable(TABLE_PREFIX . 'items'))
-$db->query("
-CREATE TABLE `" . TABLE_PREFIX . "items`
-(
-	`id` INT(11) NOT NULL,
-	`article` VARCHAR(5) NOT NULL DEFAULT '',
-	`name` VARCHAR(50) NOT NULL DEFAULT '',
-	`plural` VARCHAR(50) NOT NULL DEFAULT '',
-	`attributes` VARCHAR(500) NOT NULL DEFAULT '',
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
-
-// new weapons table
-if(!$db->hasTable(TABLE_PREFIX . 'weapons'))
-$db->query("
-CREATE TABLE `" . TABLE_PREFIX . "weapons`
-(
-	`id` INT(11) NOT NULL,
-	`level` INT(11) NOT NULL DEFAULT 0,
-	`maglevel` INT(11) NOT NULL DEFAULT 0,
-	`vocations` VARCHAR(100) NOT NULL DEFAULT '',
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
-
-// modify vocations to support json data
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` MODIFY `vocations` VARCHAR(100) NOT NULL DEFAULT '';");
-$query = $db->query('SELECT `id`, `vocations` FROM `' . TABLE_PREFIX . 'spells`');
-foreach($query->fetchAll() as $spell) {
-	$tmp = explode(',', $spell['vocations']);
-	foreach($tmp as &$v) {
-		$v = (int)$v;
+$up = function () use ($db) {
+	// add new item_id field for runes
+	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'item_id')) {
+		$db->addColumn(TABLE_PREFIX . 'spells', 'item_id', 'INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`');
 	}
-	$db->update(TABLE_PREFIX . 'spells', array('vocations' => json_encode($tmp)), array('id' => $spell['id']));
-}
-?>
+
+	// change unique index from spell to name
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP INDEX `spell`;");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` ADD UNIQUE INDEX (`name`);");
+
+	// change comment of spells.type
+	$db->modifyColumn(TABLE_PREFIX . 'spells', 'type', "TINYINT(1) NOT NULL DEFAULT 0 COMMENT '1 - instant, 2 - conjure, 3 - rune'");
+
+	// new items table
+	if (!$db->hasTable(TABLE_PREFIX . 'items')) {
+		$db->query(file_get_contents(__DIR__ . '/12-items.sql'));
+	}
+
+	// new weapons table
+	if (!$db->hasTable(TABLE_PREFIX . 'weapons')) {
+		$db->query(file_get_contents(__DIR__ . '/12-weapons.sql'));
+	}
+
+	// modify vocations to support json data
+	$db->modifyColumn(TABLE_PREFIX . 'spells', 'vocations', "VARCHAR(100) NOT NULL DEFAULT ''");
+
+	$spells = Spell::select('id', 'vocations')->get();
+	foreach ($spells as $spell) {
+		$tmp = explode(',', $spell->vocations);
+		foreach ($tmp as &$v) {
+			$v = (int)$v;
+		}
+
+		Spell::where('id', $spell->id)->update(['vocations' => json_encode($tmp)]);
+	}
+};
+
+$down = function () use ($db) {
+	// remove item_id field for runes
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'item_id')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'item_id');
+	}
+
+	// change unique index from spell to name
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP INDEX `name`;");
+	$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` ADD INDEX (`spell`);");
+
+	$db->dropTable(TABLE_PREFIX . 'items');
+	$db->dropTable(TABLE_PREFIX . 'weapons');
+
+	$spells = Spell::select('id', 'vocations')->get();
+	// modify vocations to use vocation separated by comma
+	foreach ($spells as $spell) {
+		$vocations = empty($spell->vocations) ? [] : json_decode($spell->vocations);
+
+		Spell::where('id', $spell->id)->update(['vocations' => implode(',', $vocations)]);
+	}
+};

system/migrations/13.php

@@ -1,3 +1,16 @@
 <?php
-	if($db->hasColumn(TABLE_PREFIX . 'spells', 'spell'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP COLUMN `spell`;");
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'spell')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'spell');
+	}
+};
+
+$down = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'spell')) {
+		$db->addColumn(TABLE_PREFIX . 'spells', 'spell', "VARCHAR(255) NOT NULL DEFAULT ''");
+	}
+};

system/migrations/14.php

@@ -1,18 +1,39 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-// change monsters.file_path field to loot
-if($db->hasColumn(TABLE_PREFIX . 'monsters', 'file_path')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `file_path` `loot` VARCHAR(5000);");
-}
+$up = function () use ($db) {
+	// change monsters.file_path field to loot
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'file_path')) {
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'file_path', 'loot', 'VARCHAR(5000)');
+	}
 
-// update loot to empty string
-$db->query("UPDATE `" . TABLE_PREFIX . "monsters` SET `loot` = '';");
+	// update loot to empty string
+	$db->query("UPDATE `" . TABLE_PREFIX . "monsters` SET `loot` = '';");
 
-// drop monsters.gfx_name field
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` DROP COLUMN `gfx_name`;");
+	// drop monsters.gfx_name field
+	$db->dropColumn(TABLE_PREFIX . 'monsters', 'gfx_name');
 
-// rename hide_creature to hidden
-if($db->hasColumn(TABLE_PREFIX . 'monsters', 'hide_creature')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `hide_creature` `hidden` TINYINT(1) NOT NULL DEFAULT 0;");
-}
-?>
+	// rename hide_creature to hidden
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'hide_creature')) {
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'hide_creature', 'hidden', "TINYINT(1) NOT NULL DEFAULT 0");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'loot')) {
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'loot', 'file_path', 'VARCHAR(5000)');
+	}
+
+	// update file_path to empty string
+	$db->query("UPDATE `" . TABLE_PREFIX . "monsters` SET `file_path` = '';");
+
+	// add monsters.gfx_name field
+	$db->addColumn(TABLE_PREFIX . 'monsters', 'gfx_name', 'varchar(255) NOT NULL AFTER `race`');
+
+	// rename hidden to hide_creature
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'hidden')) {
+		$db->changeColumn(TABLE_PREFIX . 'monsters', 'hidden', 'hide_creature', 'TINYINT(1) NOT NULL DEFAULT 0');
+	}
+};

system/migrations/15.php

@@ -1,10 +1,26 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // add new forum.guild and forum.access fields
-if(!$db->hasColumn(TABLE_PREFIX . 'forum_boards', 'guild')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` ADD `guild` TINYINT(1) NOT NULL DEFAULT 0 AFTER `closed`;");
-}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'forum_boards', 'access')) {
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` ADD `access` TINYINT(1) NOT NULL DEFAULT 0 AFTER `guild`;");
-}
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'forum_boards', 'guild')) {
+		$db->addColumn(TABLE_PREFIX . 'forum_boards', 'guild', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `closed`');
+	}
+
+	if (!$db->hasColumn(TABLE_PREFIX . 'forum_boards', 'access')) {
+		$db->addColumn(TABLE_PREFIX . 'forum_boards', 'access', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `guild`');
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'forum_boards', 'guild')) {
+		$db->dropColumn(TABLE_PREFIX . 'forum_boards', 'guild');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'forum_boards', 'access')) {
+		$db->dropColumn(TABLE_PREFIX . 'forum_boards', 'access');
+	}
+};

system/migrations/16.php

@@ -1,5 +1,14 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // change size of spells.vocations
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` MODIFY `vocations` VARCHAR(300) NOT NULL DEFAULT '';");
-?>
+
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'spells', 'vocations', "VARCHAR(300) NOT NULL DEFAULT ''");
+};
+
+$down = function () {
+	// nothing to do here
+};

system/migrations/17-menu.sql

@@ -0,0 +1,11 @@
+CREATE TABLE `myaac_menu`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`template` VARCHAR(255) NOT NULL,
+	`name` VARCHAR(255) NOT NULL,
+	`link` VARCHAR(255) NOT NULL,
+	`category` INT(11) NOT NULL DEFAULT 1,
+	`ordering` INT(11) NOT NULL DEFAULT 0,
+	`enabled` INT(1) NOT NULL DEFAULT 1,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/17.php

@@ -1,23 +1,20 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 use MyAAC\Plugins;
 
-if(!$db->hasTable('myaac_menu')) {
-	$db->query("
-CREATE TABLE `myaac_menu`
-(
-	`id` INT(11) NOT NULL AUTO_INCREMENT,
-	`template` VARCHAR(255) NOT NULL,
-	`name` VARCHAR(255) NOT NULL,
-	`link` VARCHAR(255) NOT NULL,
-	`category` INT(11) NOT NULL DEFAULT 1,
-	`ordering` INT(11) NOT NULL DEFAULT 0,
-	`enabled` INT(1) NOT NULL DEFAULT 1,
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-");
-}
+$up = function () use ($db) {
+	if (!$db->hasTable(TABLE_PREFIX . 'menu')) {
+		$db->exec(file_get_contents(__DIR__ . '/17-menu.sql'));
+	}
 
-Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
-Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
+	Plugins::installMenus('kathrine', require TEMPLATES . 'kathrine/menus.php');
+	Plugins::installMenus('tibiacom', require TEMPLATES . 'tibiacom/menus.php');
+};
+
+$down = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'menu');
+};
 

system/migrations/18.php

@@ -1,6 +1,24 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` ADD `article_text` VARCHAR(300) NOT NULL DEFAULT '' AFTER `comments`;");
-$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` ADD `article_image` VARCHAR(100) NOT NULL DEFAULT '' AFTER `article_text`;");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'news', 'article_text')) {
+		$db->addColumn(TABLE_PREFIX . 'news', 'article_text', "VARCHAR(300) NOT NULL DEFAULT '' AFTER `comments`");
+	}
 
-?>
+	if (!$db->hasColumn(TABLE_PREFIX . 'news', 'article_image')) {
+		$db->addColumn(TABLE_PREFIX . 'news', 'article_image', "VARCHAR(100) NOT NULL DEFAULT '' AFTER `article_text`");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'news', 'article_text')) {
+		$db->dropColumn(TABLE_PREFIX . 'news', 'article_text');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'news', 'article_image')) {
+		$db->dropColumn(TABLE_PREFIX . 'news', 'article_image');
+	}
+};

system/migrations/2.php

@@ -1,5 +1,11 @@
 <?php
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "faq` MODIFY `answer` VARCHAR(1020) NOT NULL DEFAULT '';");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "movies` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `title` VARCHAR(100) NOT NULL DEFAULT '';");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "news` MODIFY `body` TEXT NOT NULL DEFAULT '';");
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'faq', 'answer', "VARCHAR(1020) NOT NULL DEFAULT ''");
+	$db->modifyColumn(TABLE_PREFIX . 'movies', 'title', "VARCHAR(100) NOT NULL DEFAULT ''");
+	$db->modifyColumn(TABLE_PREFIX . 'news', 'title', "VARCHAR(100) NOT NULL DEFAULT ''");
+	$db->modifyColumn(TABLE_PREFIX . 'news', 'body', "TEXT NOT NULL");
+};

system/migrations/20.php

@@ -2,20 +2,33 @@
 
 use MyAAC\Settings;
 
-if (!$db->hasTable('players')) {
-	return;
+function updateHighscoresIdsHidden(): void
+{
+	global $db;
+
+	if (!$db->hasTable('players')) {
+		return;
+	}
+
+	$query = $db->query("SELECT `id` FROM `players` WHERE (`name` = " . $db->quote("Rook Sample") . " OR `name` = " . $db->quote("Sorcerer Sample") . " OR `name` = " . $db->quote("Druid Sample") . " OR `name` = " . $db->quote("Paladin Sample") . " OR `name` = " . $db->quote("Knight Sample") . " OR `name` = " . $db->quote("Account Manager") . ") ORDER BY `id`;");
+
+	$highscores_ignored_ids = array();
+	if ($query->rowCount() > 0) {
+		foreach ($query->fetchAll() as $result)
+			$highscores_ignored_ids[] = $result['id'];
+	} else {
+		$highscores_ignored_ids[] = 0;
+	}
+
+	$settings = Settings::getInstance();
+	$settings->updateInDatabase('core', 'highscores_ids_hidden', implode(', ', $highscores_ignored_ids));
 }
 
-$query = $db->query("SELECT `id` FROM `players` WHERE (`name` = " . $db->quote("Rook Sample") . " OR `name` = " . $db->quote("Sorcerer Sample") . " OR `name` = " . $db->quote("Druid Sample") . " OR `name` = " . $db->quote("Paladin Sample") . " OR `name` = " . $db->quote("Knight Sample") . " OR `name` = " . $db->quote("Account Manager") . ") ORDER BY `id`;");
+$up = function () {
+	updateHighscoresIdsHidden();
+};
 
-$highscores_ignored_ids = array();
-if($query->rowCount() > 0) {
-	foreach($query->fetchAll() as $result)
-		$highscores_ignored_ids[] = $result['id'];
-}
-else {
-	$highscores_ignored_ids[] = 0;
-}
-
-$settings = Settings::getInstance();
-$settings->updateInDatabase('core', 'highscores_ids_hidden', implode(', ', $highscores_ignored_ids));
+$down = function () {
+	$settings = Settings::getInstance();
+	$settings->updateInDatabase('core', 'highscores_ids_hidden', '0');
+};

system/migrations/21.php

@@ -1,14 +1,23 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "forum` ADD `post_html` TINYINT(1) NOT NULL DEFAULT 0 AFTER `post_smile`;");
+$up = function () use ($db) {
+	$db->addColumn(TABLE_PREFIX . 'forum', 'post_html', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `post_smile`');
 
-$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "forum_boards` WHERE `name` LIKE " . $db->quote('News') . " LIMIT 1;");
-if($query->rowCount() == 0) {
-	return; // don't make anything
-}
+	$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "forum_boards` WHERE `name` LIKE " . $db->quote('News') . " LIMIT 1;");
+	if ($query->rowCount() == 0) {
+		return; // don't make anything
+	}
 
-$query = $query->fetch();
-$id = $query['id'];
+	$query = $query->fetch();
+	$id = $query['id'];
 
-// update all forum threads with is_html = 1
-$db->exec("UPDATE `" . TABLE_PREFIX . "forum` SET `post_html` = 1 WHERE `section` = " . $id . " AND `id` = `first_post`;");
+	// update all forum threads with is_html = 1
+	$db->exec("UPDATE `" . TABLE_PREFIX . "forum` SET `post_html` = 1 WHERE `section` = " . $id . " AND `id` = `first_post`;");
+};
+
+$down = function () use ($db) {
+	$db->dropColumn(TABLE_PREFIX . 'forum', 'post_html');
+};

system/migrations/22-z_polls.sql

@@ -0,0 +1,10 @@
+CREATE TABLE `z_polls` (
+	`id` int(11) NOT NULL auto_increment,
+	`question` varchar(255) NOT NULL,
+	`description` varchar(255) NOT NULL,
+	`end` int(11) NOT NULL DEFAULT 0,
+	`start` int(11) NOT NULL DEFAULT 0,
+	`answers` int(11) NOT NULL DEFAULT 0,
+	`votes_all` int(11) NOT NULL DEFAULT 0,
+	PRIMARY KEY  (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/22-z_polls_answers.sql

@@ -0,0 +1,6 @@
+CREATE TABLE `z_polls_answers` (
+	`poll_id` int(11) NOT NULL,
+	`answer_id` int(11) NOT NULL,
+	`answer` varchar(255) NOT NULL,
+	`votes` int(11) NOT NULL DEFAULT 0
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/22.php

@@ -1,31 +1,35 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-if(!$db->hasTable('z_polls'))
-	$db->query('
-CREATE TABLE `z_polls` (
-  `id` int(11) NOT NULL auto_increment,
-  `question` varchar(255) NOT NULL,
-  `description` varchar(255) NOT NULL,
-  `end` int(11) NOT NULL DEFAULT 0,
-  `start` int(11) NOT NULL DEFAULT 0,
-  `answers` int(11) NOT NULL DEFAULT 0,
-  `votes_all` int(11) NOT NULL DEFAULT 0,
-  PRIMARY KEY  (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-');
+$up = function () use ($db) {
+	if (!$db->hasTable('z_polls')) {
+		$db->exec(file_get_contents(__DIR__ . '/22-z_polls.sql'));
+	}
 
-if(!$db->hasTable('z_polls_answers'))
-$db->query('
-	CREATE TABLE `z_polls_answers` (
-  `poll_id` int(11) NOT NULL,
-  `answer_id` int(11) NOT NULL,
-  `answer` varchar(255) NOT NULL,
-  `votes` int(11) NOT NULL DEFAULT 0
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;
-');
+	if (!$db->hasTable('z_polls_answers')) {
+		$db->exec(file_get_contents(__DIR__ . '/22-z_polls_answers.sql'));
+	}
 
-if(!$db->hasColumn('accounts', 'vote'))
-	$db->query('ALTER TABLE `accounts` ADD `vote` INT( 11 ) DEFAULT 0 NOT NULL ;');
-else {
-	$db->query('ALTER TABLE `accounts` MODIFY `vote` INT( 11 ) DEFAULT 0 NOT NULL ;');
-}
+	if (!$db->hasColumn('accounts', 'vote')) {
+		$db->addColumn('accounts', 'vote', 'int(11) NOT NULL DEFAULT 0');
+	}
+	else {
+		$db->modifyColumn('accounts', 'vote', 'int(11) NOT NULL DEFAULT 0');
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasTable('z_polls')) {
+		$db->dropTable('z_polls;');
+	}
+
+	if ($db->hasTable('z_polls_answers')) {
+		$db->dropTable('z_polls_answers');
+	}
+
+	if ($db->hasColumn('accounts', 'vote')) {
+		$db->dropColumn('accounts', 'vote');
+	}
+};

system/migrations/23.php

@@ -1,7 +1,24 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-if(!$db->hasColumn(TABLE_PREFIX . 'menu', 'blank'))
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "menu` ADD `blank` TINYINT(1) NOT NULL DEFAULT 0 AFTER `link`;");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'menu', 'blank')) {
+		$db->addColumn(TABLE_PREFIX . 'menu', 'blank', 'TINYINT(1) NOT NULL DEFAULT 0 AFTER `link`');
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'menu', 'color'))
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "menu` ADD `color` CHAR(6) NOT NULL DEFAULT '' AFTER `blank`;");
+	if (!$db->hasColumn(TABLE_PREFIX . 'menu', 'color')) {
+		$db->addColumn(TABLE_PREFIX . 'menu', 'color', "CHAR(6) NOT NULL DEFAULT '' AFTER `blank`");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'menu', 'blank')) {
+		$db->dropColumn(TABLE_PREFIX . 'menu', 'blank');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'menu', 'color')) {
+		$db->dropColumn(TABLE_PREFIX . 'menu', 'color');
+	}
+};

system/migrations/24-items.sql

@@ -0,0 +1,9 @@
+CREATE TABLE `myaac_items`
+(
+	`id` INT(11) NOT NULL,
+	`article` VARCHAR(5) NOT NULL DEFAULT '',
+	`name` VARCHAR(50) NOT NULL DEFAULT '',
+	`plural` VARCHAR(50) NOT NULL DEFAULT '',
+	`attributes` VARCHAR(500) NOT NULL DEFAULT '',
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/24.php

@@ -1,3 +1,12 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->exec('DROP TABLE IF EXISTS `' . TABLE_PREFIX . 'items`;');
+$up = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'items');
+};
+
+$down = function () use ($db) {
+	$db->exec(file_get_contents(__DIR__ . '/24-items.sql'));
+};

system/migrations/25.php

@@ -1,3 +1,12 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'monsters` MODIFY `loot` text NOT NULL;');
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'monsters', 'loot', 'text NOT NULL');
+};
+
+$down = function () {
+	// nothing to do
+};

system/migrations/26.php

@@ -1,17 +1,32 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-if($db->hasColumn(TABLE_PREFIX . 'spells', 'spell')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . "spells` MODIFY `spell` VARCHAR(255) NOT NULL DEFAULT '';");
-}
+$up = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'spell')) {
+		$db->modifyColumn(TABLE_PREFIX . 'spells', 'spell', "VARCHAR(255) NOT NULL DEFAULT ''");
+	}
 
-if($db->hasColumn(TABLE_PREFIX . 'spells', 'words')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . "spells` MODIFY `words` VARCHAR(255) NOT NULL DEFAULT '';");
-}
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'words')) {
+		$db->modifyColumn(TABLE_PREFIX . 'spells', 'words', "VARCHAR(255) NOT NULL DEFAULT ''");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'spells', 'conjure_id')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'spells` ADD `conjure_id` INT(11) NOT NULL DEFAULT 0 AFTER `soul`;');
-}
+	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'conjure_id')) {
+		$db->addColumn(TABLE_PREFIX . 'spells', 'conjure_id', 'INT(11) NOT NULL DEFAULT 0 AFTER `soul`');
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'spells', 'reagent')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'spells` ADD `reagent` INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`;');
-}
+	if (!$db->hasColumn(TABLE_PREFIX . 'spells', 'reagent')) {
+		$db->addColumn(TABLE_PREFIX . 'spells', 'reagent', 'INT(11) NOT NULL DEFAULT 0 AFTER `conjure_count`');
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'conjure_id')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'conjure_id');
+	}
+
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'reagent')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'reagent');
+	}
+};

system/migrations/27-commands.html

@@ -0,0 +1,22 @@
+<table class="myaac-table" style="border-collapse: collapse; width: 100%; height: 72px; border-width: 1px;" border="1"><colgroup><col style="width: 50%;"><col style="width: 50%;"></colgroup>
+	<thead>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px; text-align: center;"><span style="color: #ffffff;"><strong>Words</strong></span></td>
+		<td style="height: 18px; border-width: 1px; text-align: center;"><strong>Description</strong></td>
+	</tr>
+	</thead>
+	<tbody>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px;">!example</td>
+		<td style="height: 18px; border-width: 1px;">This is just an example</td>
+	</tr>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px;">!buyhouse</td>
+		<td style="height: 18px; border-width: 1px;">Buy house you are looking at</td>
+	</tr>
+	<tr style="height: 18px;">
+		<td style="height: 18px; border-width: 1px;"><em>!aol</em></td>
+		<td style="height: 18px; border-width: 1px;">Buy AoL</td>
+	</tr>
+	</tbody>
+</table>

system/migrations/27-downloads.html

@@ -0,0 +1,6 @@
+<p>&nbsp;</p>
+<p>&nbsp;</p>
+<div style="text-align: center;">We're using official Tibia Client <strong>{{ config.client / 100 }}</strong><br>
+	<p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href="https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ" target="_blank" rel="noopener">HERE</a>.</p>
+	<h2>IP Changer:</h2>
+	<a href="https://static.otland.net/ipchanger.exe" target="_blank" rel="noopener">HERE</a></div>

system/migrations/27.php

@@ -1,47 +1,48 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-$downloadsPage = <<<HTML
-<p>&nbsp;</p>
-<p>&nbsp;</p>
-<div style="text-align: center;">We're using official Tibia Client <strong>{{ config.client / 100 }}</strong><br>
-<p>Download Tibia Client <strong>{{ config.client / 100 }}</strong>&nbsp;for Windows <a href="https://drive.google.com/drive/folders/0B2-sMQkWYzhGSFhGVlY2WGk5czQ" target="_blank" rel="noopener">HERE</a>.</p>
-<h2>IP Changer:</h2>
-<a href="https://static.otland.net/ipchanger.exe" target="_blank" rel="noopener">HERE</a></div>
-HTML;
+use MyAAC\Models\Pages;
 
-$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('downloads') . " LIMIT 1;");
-if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
-	(null, 'downloads', 'Downloads', {$db->quote($downloadsPage)}, 0, 1, 0, 0, 0);");
-}
+$up = function () use ($db) {
+	$downloadsModel = Pages::where('name', 'downloads')->first();
+	if (!$downloadsModel) {
+		$db->insert(TABLE_PREFIX . 'pages', [
+			'name' => 'downloads',
+			'title' => 'Downloads',
+			'body' => file_get_contents(__DIR__ . '/27-downloads.html'),
+			'date' => time(),
+			'player_id' => 1,
+			'php' => 0,
+			'access' => 0,
+			($db->hasColumn(TABLE_PREFIX . 'pages', 'hide') ? 'hide' : 'hidden') => 0,
+		]);
+	}
 
-$commandsPage = <<<HTML
-<table class="myaac-table" style="border-collapse: collapse; width: 100%; height: 72px; border-width: 1px;" border="1"><colgroup><col style="width: 50%;"><col style="width: 50%;"></colgroup>
-<thead>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px; text-align: center;"><span style="color: #ffffff;"><strong>Words</strong></span></td>
-<td style="height: 18px; border-width: 1px; text-align: center;"><strong>Description</strong></td>
-</tr>
-</thead>
-<tbody>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px;">!example</td>
-<td style="height: 18px; border-width: 1px;">This is just an example</td>
-</tr>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px;">!buyhouse</td>
-<td style="height: 18px; border-width: 1px;">Buy house you are looking at</td>
-</tr>
-<tr style="height: 18px;">
-<td style="height: 18px; border-width: 1px;"><em>!aol</em></td>
-<td style="height: 18px; border-width: 1px;">Buy AoL</td>
-</tr>
-</tbody>
-</table>
-HTML;
+	$commandsModel = Pages::where('name', 'commands')->first();
+	if (!$commandsModel) {
+		$db->insert(TABLE_PREFIX . 'pages', [
+			'name' => 'commands',
+			'title' => 'Commands',
+			'body' => file_get_contents(__DIR__ . '/27-commands.html'),
+			'date' => time(),
+			'player_id' => 1,
+			'php' => 0,
+			'access' => 0,
+			($db->hasColumn(TABLE_PREFIX . 'pages', 'hide') ? 'hide' : 'hidden') => 0,
+		]);
+	}
+};
 
-$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('commands') . " LIMIT 1;");
-if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `access`, `hide`) VALUES
-(null, 'commands', 'Commands', {$db->quote($commandsPage)}, 0, 1, 0, 0, 0);");
-}
+$down = function () {
+	$downloadsModel = Pages::where('name', 'downloads')->first();
+	if ($downloadsModel) {
+		$downloadsModel->delete();
+	}
+
+	$commandsModel = Pages::where('name', 'commands')->first();
+	if ($commandsModel) {
+		$commandsModel->delete();
+	}
+};

system/migrations/28-hooks.sql

@@ -0,0 +1,10 @@
+CREATE TABLE `myaac_hooks`
+(
+	`id` INT(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(30) NOT NULL DEFAULT '',
+	`type` INT(2) NOT NULL DEFAULT 0,
+	`file` VARCHAR(100) NOT NULL,
+	`ordering` INT(11) NOT NULL DEFAULT 0,
+	`enabled` INT(1) NOT NULL DEFAULT 1,
+	PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/28.php

@@ -1,10 +1,25 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 use MyAAC\Cache\Cache;
 
-$db->exec('DROP TABLE IF EXISTS `' . TABLE_PREFIX . 'hooks`;');
+$up = function () use ($db) {
+	$db->dropTable(TABLE_PREFIX . 'hooks');
+
+	$cache = Cache::getInstance();
+	if($cache->enabled()) {
+		$cache->delete('hooks');
+	}
+};
+
+$down = function () use ($db) {
+	$db->exec(file_get_contents(__DIR__ . '/28-hooks.sql'));
+
+	$cache = Cache::getInstance();
+	if($cache->enabled()) {
+		$cache->delete('hooks');
+	}
+};
 
-$cache = Cache::getInstance();
-if($cache->enabled()) {
-	$cache->delete('hooks');
-}

system/migrations/29.php

@@ -1,5 +1,16 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-if(!$db->hasColumn(TABLE_PREFIX . 'pages', 'enable_tinymce')) {
-	$db->exec('ALTER TABLE `' . TABLE_PREFIX . 'pages` ADD `enable_tinymce` TINYINT(1) NOT NULL DEFAULT 1 COMMENT \'1 - enabled, 0 - disabled\' AFTER `php`;');
-}
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'pages', 'enable_tinymce')) {
+		$db->addColumn(TABLE_PREFIX . 'pages', 'enable_tinymce', "TINYINT(1) NOT NULL DEFAULT 1 COMMENT '1 - enabled, 0 - disabled' AFTER `php`");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'pages', 'enable_tinymce')) {
+		$db->dropColumn(TABLE_PREFIX . 'pages', 'enable_tinymce');
+	}
+};

system/migrations/3.php

@@ -1,3 +1,15 @@
 <?php
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` ADD `ipv6` BINARY(16) NOT NULL DEFAULT 0;");
-?>
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'account_actions', 'ipv6')) {
+		$db->addColumn(TABLE_PREFIX . 'account_actions', 'ipv6', "BINARY(16) NOT NULL DEFAULT 0");
+	}
+};
+
+$down = function () {
+	// we don't want data loss
+	//$db->dropColumn(TABLE_PREFIX . 'account_actions', 'ipv6');
+};

system/migrations/30-rules.txt

@@ -0,0 +1,25 @@
+1. Names
+a) Names which contain insulting (e.g. "Bastard"), racist (e.g. "Nigger"), extremely right-wing (e.g. "Hitler"), sexist (e.g. "Bitch") or offensive (e.g. "Copkiller") language.
+b) Names containing parts of sentences (e.g. "Mike returns"), nonsensical combinations of letters (e.g. "Fgfshdsfg") or invalid formattings (e.g. "Thegreatknight").
+c) Names that obviously do not describe a person (e.g. "Christmastree", "Matrix"), names of real life celebrities (e.g. "Britney Spears"), names that refer to real countries (e.g. "Swedish Druid"), names which were created to fake other players' identities (e.g. "Arieswer" instead of "Arieswar") or official positions (e.g. "System Admin").
+
+2. Cheating
+a) Exploiting obvious errors of the game ("bugs"), for instance to duplicate items. If you find an error you must report it to CipSoft immediately.
+b) Intentional abuse of weaknesses in the gameplay, for example arranging objects or players in a way that other players cannot move them.
+c) Using tools to automatically perform or repeat certain actions without any interaction by the player ("macros").
+d) Manipulating the client program or using additional software to play the game.
+e) Trying to steal other players\' account data ("hacking").
+f) Playing on more than one account at the same time ("multi-clienting").
+g) Offering account data to other players or accepting other players' account data ("account-trading/sharing").
+
+3. Gamemasters
+a) Threatening a gamemaster because of his or her actions or position as a gamemaster.
+b) Pretending to be a gamemaster or to have influence on the decisions of a gamemaster.
+c) Intentionally giving wrong or misleading information to a gamemaster concerning his or her investigations or making false reports about rule violations.
+
+4. Player Killing
+a) Excessive killing of characters who are not marked with a "skull" on worlds which are not PvP-enforced. Please note that killing marked characters is not a reason for a banishment.
+
+A violation of the Tibia Rules may lead to temporary banishment of characters and accounts. In severe cases removal or modification of character skills, attributes and belongings, as well as the permanent removal of accounts without any compensation may be considered. The sanction is based on the seriousness of the rule violation and the previous record of the player. It is determined by the gamemaster imposing the banishment.
+
+These rules may be changed at any time. All changes will be announced on the official website.

system/migrations/30.php

@@ -1,31 +1,27 @@
 <?php
 
-$query = $db->query("SELECT `id` FROM `" . TABLE_PREFIX . "pages` WHERE `name` LIKE " . $db->quote('rules_on_the_page') . " LIMIT 1;");
-if($query->rowCount() === 0) {
-	$db->exec("INSERT INTO `myaac_pages` (`id`, `name`, `title`, `body`, `date`, `player_id`, `php`, `enable_tinymce`, `access`, `hide`) VALUES
-	(null, 'rules_on_the_page', 'Rules', '1. Names
-a) Names which contain insulting (e.g. \"Bastard\"), racist (e.g. \"Nigger\"), extremely right-wing (e.g. \"Hitler\"), sexist (e.g. \"Bitch\") or offensive (e.g. \"Copkiller\") language.
-b) Names containing parts of sentences (e.g. \"Mike returns\"), nonsensical combinations of letters (e.g. \"Fgfshdsfg\") or invalid formattings (e.g. \"Thegreatknight\").
-c) Names that obviously do not describe a person (e.g. \"Christmastree\", \"Matrix\"), names of real life celebrities (e.g. \"Britney Spears\"), names that refer to real countries (e.g. \"Swedish Druid\"), names which were created to fake other players\' identities (e.g. \"Arieswer\" instead of \"Arieswar\") or official positions (e.g. \"System Admin\").
+use MyAAC\Models\Pages;
 
-2. Cheating
-a) Exploiting obvious errors of the game (\"bugs\"), for instance to duplicate items. If you find an error you must report it to CipSoft immediately.
-b) Intentional abuse of weaknesses in the gameplay, for example arranging objects or players in a way that other players cannot move them.
-c) Using tools to automatically perform or repeat certain actions without any interaction by the player (\"macros\").
-d) Manipulating the client program or using additional software to play the game.
-e) Trying to steal other players\' account data (\"hacking\").
-f) Playing on more than one account at the same time (\"multi-clienting\").
-g) Offering account data to other players or accepting other players\' account data (\"account-trading/sharing\").
+$up = function () {
+	$rulesOnPage = Pages::where('name', 'rules_on_the_page')->first();
+	if (!$rulesOnPage) {
+		Pages::create([
+			'name' => 'rules_on_the_page',
+			'title' => 'Rules',
+			'body' => file_get_contents(__DIR__ . '/30-rules.txt'),
+			'date' => time(),
+			'player_id' => 1,
+			'php' => 0,
+			'enable_tinymce' => 0,
+			'access' => 0,
+			'hidden' => 0,
+		]);
+	}
+};
 
-3. Gamemasters
-a) Threatening a gamemaster because of his or her actions or position as a gamemaster.
-b) Pretending to be a gamemaster or to have influence on the decisions of a gamemaster.
-c) Intentionally giving wrong or misleading information to a gamemaster concerning his or her investigations or making false reports about rule violations.
-
-4. Player Killing
-a) Excessive killing of characters who are not marked with a \"skull\" on worlds which are not PvP-enforced. Please note that killing marked characters is not a reason for a banishment.
-
-A violation of the Tibia Rules may lead to temporary banishment of characters and accounts. In severe cases removal or modification of character skills, attributes and belongings, as well as the permanent removal of accounts without any compensation may be considered. The sanction is based on the seriousness of the rule violation and the previous record of the player. It is determined by the gamemaster imposing the banishment.
-
-These rules may be changed at any time. All changes will be announced on the official website.', 0, 1, 0, 0, 0, 0);");
-}
+$down = function () {
+	$rulesOnPage = Pages::where('name', 'rules_on_the_page')->first();
+	if ($rulesOnPage) {
+		Pages::where('name', 'rules_on_the_page')->delete();
+	}
+};

system/migrations/31.php

@@ -1,57 +1,121 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'elements')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `elements` TEXT NOT NULL AFTER `immunities`;");
-}
+$up = function () use ($db) {
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'elements')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'elements', "TEXT NOT NULL AFTER `immunities`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'pushable')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `pushable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `convinceable`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'pushable')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'pushable', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `convinceable`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushitems')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canpushitems` TINYINT(1) NOT NULL DEFAULT '0' AFTER `pushable`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushitems')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canpushitems', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `pushable`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canpushcreatures` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonenergy` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canpushitems`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonpoison` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonenergy`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonenergy`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `canwalkonfire` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonpoison`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonpoison`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'runonhealth')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `runonhealth` TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonfire`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'runonhealth')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'runonhealth', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `canwalkonfire`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'hostile')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `hostile` TINYINT(1) NOT NULL DEFAULT '0' AFTER `runonhealth`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'hostile')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'hostile', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `runonhealth`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'attackable')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `attackable` TINYINT(1) NOT NULL DEFAULT '0' AFTER `hostile`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'attackable')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'attackable', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `hostile`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'rewardboss')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `rewardboss` TINYINT(1) NOT NULL DEFAULT '0' AFTER `attackable`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'rewardboss')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'rewardboss', "TINYINT(1) NOT NULL DEFAULT '0' AFTER `attackable`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'defense')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `defense` INT(11) NOT NULL DEFAULT '0' AFTER `rewardboss`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'defense')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'defense', "INT(11) NOT NULL DEFAULT '0' AFTER `rewardboss`");
+	}
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'armor')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `armor` INT(11) NOT NULL DEFAULT '0' AFTER `defense`;");
-}
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'armor')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'armor', "INT(11) NOT NULL DEFAULT '0' AFTER `defense`");
+	}
+
+	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'summons')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'summons', "TEXT NOT NULL AFTER `loot`");
+	}
+};
+
+$down = function () use ($db) {
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'elements')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'elements');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'pushable')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'pushable');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushitems')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canpushitems');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canpushcreatures');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canwalkonenergy');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canwalkonpoison');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'canwalkonfire');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'runonhealth')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'runonhealth');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'hostile')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'hostile');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'attackable')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'attackable');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'rewardboss')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'rewardboss');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'defense')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'defense');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'armor')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'armor');
+	}
+
+	if($db->hasColumn(TABLE_PREFIX . 'monsters', 'summons')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'summons');
+	}
+};
 
-if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'summons')) {
-	$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters`  ADD `summons` TEXT NOT NULL AFTER `loot`;");
-}

system/migrations/32.php

@@ -1,4 +1,14 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // Increase size of page in myaac_visitors table
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "visitors` MODIFY `page` VARCHAR(2048) NOT NULL;");
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'visitors', 'page', 'VARCHAR(2048) NOT NULL');
+};
+
+$down = function () {
+	// nothing to be done, as we have just extended the size of a column
+};

system/migrations/33.php

@@ -1,6 +1,16 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // Increase size of ip in myaac_visitors table
 // according to this answer: https://stackoverflow.com/questions/166132/maximum-length-of-the-textual-representation-of-an-ipv6-address
 // the size of ipv6 can be maximal 45 chars
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "visitors` MODIFY `ip` VARCHAR(45) NOT NULL;");
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'visitors', 'ip', 'VARCHAR(15) NOT NULL');
+};
+
+$down = function () {
+	// nothing to be done, as we have just extended the size of a column
+};

system/migrations/34.php

@@ -1,4 +1,18 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // add user_agent column into visitors
 
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "visitors` ADD `user_agent` VARCHAR(255) NOT NULL DEFAULT '';");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'visitors', 'user_agent')) {
+		$db->addColumn(TABLE_PREFIX . 'visitors', 'user_agent', "VARCHAR(255) NOT NULL DEFAULT ''");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'visitors', 'user_agent')) {
+		$db->dropColumn(TABLE_PREFIX . 'visitors', 'user_agent');
+	}
+};

system/migrations/35.php

@@ -1,3 +1,17 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
 // add look column
-$db->exec('ALTER TABLE `' . TABLE_PREFIX . "monsters` ADD `look` VARCHAR(255) NOT NULL DEFAULT '' AFTER `health`;");
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'monsters', 'look')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'look', "VARCHAR(255) NOT NULL DEFAULT '' AFTER `health`");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'look')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'look');
+	}
+};

system/migrations/36-settings.sql

@@ -0,0 +1,9 @@
+CREATE TABLE `myaac_settings`
+(
+	`id` int(11) NOT NULL AUTO_INCREMENT,
+	`name` VARCHAR(255) NOT NULL DEFAULT '',
+	`key` VARCHAR(255) NOT NULL DEFAULT '',
+	`value` TEXT NOT NULL,
+	PRIMARY KEY (`id`),
+	KEY `key` (`key`)
+) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;

system/migrations/36.php

@@ -1,14 +1,18 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
-// add settings table
-if(!$db->hasTable(TABLE_PREFIX . 'settings')) {
-	$db->exec("CREATE TABLE `" . TABLE_PREFIX . "settings`
-	(
-		`id` int(11) NOT NULL AUTO_INCREMENT,
-		`name` VARCHAR(255) NOT NULL DEFAULT '',
-		`key` VARCHAR(255) NOT NULL DEFAULT '',
-		`value` TEXT NOT NULL,
-		PRIMARY KEY (`id`),
-		KEY `key` (`key`)
-	) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8;");
-}
+$up = function () use ($db) {
+	// add settings table
+	if (!$db->hasTable(TABLE_PREFIX . 'settings')) {
+		$db->exec(file_get_contents(__DIR__ . '/36-settings.sql'));
+	}
+};
+
+$down = function () {
+	// will break the aac
+	//if ($db->hasTable(TABLE_PREFIX . 'settings')) {
+	//	$db->dropTable(TABLE_PREFIX . 'settings');
+	//}
+};

system/migrations/37.php

@@ -5,4 +5,10 @@
 
 use MyAAC\Models\Pages;
 
-Pages::query()->where('access', 1)->update(['access' => 0]);
+$up = function () {
+	Pages::query()->where('access', 1)->update(['access' => 0]);
+};
+
+$down = function () {
+	Pages::query()->where('access', 0)->update(['access' => 1]);
+};

system/migrations/38.php

@@ -1,5 +1,16 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // 2023-11-11
 // execute highscores_ids_hidden once again, cause of settings
-require __DIR__ . '/20.php';
+$up = function () {
+	require_once __DIR__ . '/20.php';
+	updateHighscoresIdsHidden();
+};
+
+$down = function () {
+	// there is no downgrade for this
+};
+

system/migrations/39.php

@@ -1,18 +1,41 @@
 <?php
+/**
+ * @var OTS_DB_MySQL $db
+ */
 
 // 2024-01-27
 // change hidden to hide (Eloquent model reserved keyword)
 
-if (!$db->hasColumn('players', 'hide')) {
-	$db->exec("ALTER TABLE `players` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-}
+$definition = 'TINYINT(1) NOT NULL DEFAULT 0';
 
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "changelog` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "faq` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "monsters` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "news` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "news_categories` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "pages` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "gallery` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
-$db->exec("ALTER TABLE `" . TABLE_PREFIX . "spells` CHANGE `hidden` `hide` TINYINT(1) NOT NULL DEFAULT 0;");
+$up = function () use ($db, $definition) {
+	if (!$db->hasColumn('players', 'hide')) {
+		$db->changeColumn('players', 'hidden', 'hide', $definition);
+	}
+
+	$db->changeColumn(TABLE_PREFIX . 'changelog', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'faq', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'forum_boards', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'monsters', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news_categories', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'pages', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'gallery', 'hidden', 'hide', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'spells', 'hidden', 'hide', $definition);
+};
+
+$down = function () use ($db, $definition) {
+	if (!$db->hasColumn('players', 'hidden')) {
+		$db->changeColumn('players', 'hide', 'hidden', $definition);
+	}
+
+	$db->changeColumn(TABLE_PREFIX . 'changelog', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'faq', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'forum_boards', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'monsters', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'news_categories', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'pages', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'gallery', 'hide', 'hidden', $definition);
+	$db->changeColumn(TABLE_PREFIX . 'spells', 'hide', 'hidden', $definition);
+};

system/migrations/4.php

@@ -1,3 +1,16 @@
 <?php
-	if(!$db->hasColumn(TABLE_PREFIX . 'monsters', 'id'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "monsters` ADD `id` int(11) NOT NULL AUTO_INCREMENT primary key FIRST;");
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'monsters', 'id')) {
+		$db->addColumn(TABLE_PREFIX . 'monsters', 'id', "int(11) NOT NULL AUTO_INCREMENT primary key FIRST");
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'monsters', 'id')) {
+		$db->dropColumn(TABLE_PREFIX . 'monsters', 'id');
+	}
+};

system/migrations/40.php

@@ -5,8 +5,19 @@
 
 use MyAAC\Models\Menu;
 
-Menu::where('link', 'lastkills')->update(['link' => 'last-kills']);
-Menu::where('link', 'serverInfo')->update(['link' => 'server-info']);
-Menu::where('link', 'experienceStages')->update(['link' => 'exp-stages']);
-Menu::where('link', 'experienceTable')->update(['link' => 'exp-table']);
-Menu::where('link', 'creatures')->update(['link' => 'monsters']);
+$up = function() {
+	Menu::where('link', 'lastkills')->update(['link' => 'last-kills']);
+	Menu::where('link', 'serverInfo')->update(['link' => 'server-info']);
+	Menu::where('link', 'experienceStages')->update(['link' => 'exp-stages']);
+	Menu::where('link', 'experienceTable')->update(['link' => 'exp-table']);
+	Menu::where('link', 'creatures')->update(['link' => 'monsters']);
+};
+
+$down = function() {
+	Menu::where('link', 'last-kills')->update(['link' => 'lastkills']);
+	Menu::where('link', 'server-info')->update(['link' => 'serverInfo']);
+	Menu::where('link', 'exp-stages')->update(['link' => 'experienceStages']);
+	Menu::where('link', 'exp-table')->update(['link' => 'experienceTable']);
+	Menu::where('link', 'monsters')->update(['link' => 'creatures']);
+};
+

system/migrations/41.php

@@ -0,0 +1,35 @@
+<?php
+/**
+ * Change database tables character set to utf8mb4
+ * Previously it was utf8 (utf8mb3)
+ * utf8 will become utf8mb4 in future releases of mysql
+ */
+$tables = [
+	'account_actions', 'admin_menu',
+	'changelog', 'config',
+	'faq', 'forum_boards', 'forum',
+	'gallery',
+	'menu', 'monsters',
+	'news', 'news_categories', 'notepad',
+	'pages',
+	'settings', 'spells',
+	'visitors', 'weapons',
+];
+
+$up = function () use ($db, $tables)
+{
+	foreach ($tables as $table) {
+		if ($db->hasTable(TABLE_PREFIX . $table)) {
+			$db->exec('ALTER TABLE ' . TABLE_PREFIX . $table . ' CONVERT TO CHARACTER SET utf8mb4');
+		}
+	}
+};
+
+$down = function () use ($db, $tables)
+{
+	foreach ($tables as $table) {
+		if ($db->hasTable(TABLE_PREFIX . $table)) {
+			$db->exec('ALTER TABLE ' . TABLE_PREFIX . $table . ' CONVERT TO CHARACTER SET utf8');
+		}
+	}
+};

system/migrations/5.php

@@ -1,4 +1,16 @@
 <?php
-	if($db->hasColumn(TABLE_PREFIX . 'spells', 'cities'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "spells` DROP COLUMN cities;");
-?>
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'cities')) {
+		$db->dropColumn(TABLE_PREFIX . 'spells', 'cities');
+	}
+};
+
+$up = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'spells', 'cities')) {
+		$db->addColumn(TABLE_PREFIX . 'spells', 'cities', 'VARCHAR(32) NOT NULL');
+	}
+};

system/migrations/6.php

@@ -1,3 +1,16 @@
 <?php
-	if(!$db->hasColumn(TABLE_PREFIX . 'hooks', 'enabled'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "hooks` ADD `enabled` INT(1) NOT NULL DEFAULT 1;");
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'hooks', 'enabled')) {
+		$db->addColumn(TABLE_PREFIX . 'hooks', 'enabled', 'INT(1) NOT NULL DEFAULT 1');
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'hooks', 'enabled')) {
+		$db->dropColumn(TABLE_PREFIX . 'hooks', 'enabled');
+	}
+};

system/migrations/7.php

@@ -1,4 +1,16 @@
 <?php
-	if($db->hasColumn(TABLE_PREFIX . 'screenshots', 'name'))
-		$db->query("ALTER TABLE `" . TABLE_PREFIX . "screenshots` DROP `name`;");
-?>
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if ($db->hasColumn(TABLE_PREFIX . 'screenshots', 'name')) {
+		$db->dropColumn(TABLE_PREFIX . 'screenshots', 'name');
+	}
+};
+
+$up = function () use ($db) {
+	if (!$db->hasColumn(TABLE_PREFIX . 'screenshots', 'name')) {
+		$db->addColumn(TABLE_PREFIX . 'screenshots', 'name', 'VARCHAR(30) NOT NULL');
+	}
+};

system/migrations/8.php

@@ -1,17 +1,31 @@
 <?php
-	if($db->hasTable(TABLE_PREFIX . 'forum_sections'))
-		$db->query('RENAME TABLE `' . TABLE_PREFIX . 'forum_sections` TO `' . TABLE_PREFIX . 'forum_boards`;');
-	
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	if ($db->hasTable(TABLE_PREFIX . 'forum_sections')) {
+		$db->renameTable(TABLE_PREFIX . 'forum_sections', TABLE_PREFIX . 'forum_boards');
+	}
+
 	$query = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'forum_boards` WHERE `ordering` > 0;');
-	if($query->rowCount() == 0) {
-		$boards = array(
+	if ($query->rowCount() == 0) {
+		$boards = [
 			'News',
 			'Trade',
 			'Quests',
 			'Pictures',
 			'Bug Report'
-		);
-		
-		foreach($boards as $id => $board)
+		];
+
+		foreach ($boards as $id => $board) {
 			$db->query('UPDATE `' . TABLE_PREFIX . 'forum_boards` SET `ordering` = ' . $id . ' WHERE `name` = ' . $db->quote($board));
-	}
+		}
+	}
+};
+
+$down = function () use ($db) {
+	if ($db->hasTable(TABLE_PREFIX . 'forum_boards')) {
+		$db->renameTable(TABLE_PREFIX . 'forum_boards', TABLE_PREFIX . 'forum_sections');
+	}
+};

system/migrations/9.php

@@ -1,9 +1,18 @@
 <?php
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `type` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `status` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `id` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `subject` VARCHAR(255) NOT NULL DEFAULT '';");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `reply` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `who` INT(11) NOT NULL DEFAULT 0;");
-	$db->query("ALTER TABLE `" . TABLE_PREFIX . "bugtracker` MODIFY `tag` INT(11) NOT NULL DEFAULT 0;");
-?>
+/**
+ * @var OTS_DB_MySQL $db
+ */
+
+$up = function () use ($db) {
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'type', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'status', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'id', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'subject', "VARCHAR(255) NOT NULL DEFAULT ''");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'reply', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'who', "INT(11) NOT NULL DEFAULT 0");
+	$db->modifyColumn(TABLE_PREFIX . 'bugtracker', 'tag', "INT(11) NOT NULL DEFAULT 0");
+};
+
+$down = function () {
+	// nothing to do here
+};

system/pages/account/characters/change-name.php

@@ -40,8 +40,13 @@ else
 
 		if(empty($errors))
 		{
-			if(!admin() && !Validator::newCharacterName($name))
+			if(!Validator::characterName($name)) {
 				$errors[] = Validator::getLastError();
+			}
+
+			if(!admin() && !Validator::newCharacterName($name)) {
+				$errors[] = Validator::getLastError();
+			}
 		}
 
 		if(empty($errors)) {

system/pages/account/create.php

@@ -331,7 +331,9 @@ if(setting('core.account_country_recognize')) {
 		$country_recognized = $country_session;
 	}
 	else {
-		$info = json_decode(@file_get_contents('http://ipinfo.io/' . $_SERVER['REMOTE_ADDR'] . '/geo'), true);
+		ini_set('default_socket_timeout', 5);
+
+		$info = json_decode(@file_get_contents('https://ipinfo.io/' . get_browser_real_ip() . '/geo'), true);
 		if(isset($info['country'])) {
 			$country_recognized = strtolower($info['country']);
 			setSession('country', $country_recognized);

system/pages/account/login.php

@@ -42,7 +42,7 @@ if(!empty($login_account) && !empty($login_password))
 		}
 	}
 
-	if($account_logged->isLoaded() && encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password) == $account_logged->getPassword() && ($limiter->enabled && !$limiter->exceeded($ip))
+	if($account_logged->isLoaded() && encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $login_password) == $account_logged->getPassword() && (!$limiter->enabled || !$limiter->exceeded($ip))
 	)
 	{
 		if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
@@ -82,10 +82,10 @@ if(!empty($login_account) && !empty($login_password))
 		$limiter->increment($ip);
 		if ($limiter->exceeded($ip)) {
 			$errorMessage = 'A wrong password has been entered ' . $limiter->max_attempts . ' times in a row. You are unable to log into your account for the next ' . $limiter->ttl . ' minutes. Please wait.';
-		}		
+		}
 
 		$errors[] = $errorMessage;
-		
+
 	}
 }
 else {

system/pages/account/lost.php

@@ -17,31 +17,532 @@ if(!setting('core.mail_enabled'))
 	return;
 }
 
-$action_type = $_REQUEST['action_type'] ?? '';
-if($action == '') {
+$action_type = isset($_REQUEST['action_type']) ? $_REQUEST['action_type'] : '';
+if($action == '')
+{
 	$twig->display('account.lost.form.html.twig');
 }
 else if($action == 'step1' && $action_type == '') {
 	$twig->display('account.lost.noaction.html.twig');
 }
-elseif($action == 'step1' && $action_type == 'email') {
-	require PAGES . 'account/lost/step1-email.php';
+elseif($action == 'step1' && $action_type == 'email')
+{
+	$nick = stripslashes($_REQUEST['nick']);
+	if(Validator::characterName($nick))
+	{
+		$player = new OTS_Player();
+		$account = new OTS_Account();
+		$player->find($nick);
+		if($player->isLoaded())
+			$account = $player->getAccount();
+
+		if($account->isLoaded())
+		{
+			if($account->getCustomField('email_next') < time())
+				echo 'Please enter e-mail to account with this character.<BR>
+				<form action="' . getLink('account/lost') . '?action=sendcode" method=post>
+				<input type=hidden name="character">
+				<table cellspacing=1 cellpadding=4 border=0 width=100%>
+				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter e-mail to account</B></TD></TR>
+				<TR><TD BGCOLOR="'.$config['darkborder'].'">
+				Character: <INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR>
+				E-mail to account:<INPUT TYPE=text NAME="email" VALUE="" SIZE="40"><BR>
+				</TD></TR>
+				</TABLE>
+				<BR>
+				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				' . $twig->render('buttons.submit.html.twig') . '</div>
+				</TD></TR></FORM></TABLE></TABLE>';
+			else
+			{
+				$insec = (int)$account->getCustomField('email_next') - time();
+				$minutesleft = floor($insec / 60);
+				$secondsleft = $insec - ($minutesleft * 60);
+				$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
+				echo 'Account of selected character (<b>'.$nick.'</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
+			}
+		}
+		else
+			echo 'Player or account of player <b>' . $nick . '</b> doesn\'t exist.';
+	}
+	else
+		echo 'Invalid player name format. If you have other characters on account try with other name.';
+	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				<a href="' . getLink('account/lost') . '" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
+				</TD></TR></FORM></TABLE></TABLE>';
 }
-elseif($action == 'send-code') {
-	require PAGES . 'account/lost/send-code.php';
+elseif($action == 'sendcode')
+{
+	$email = $_REQUEST['email'];
+	$nick = stripslashes($_REQUEST['nick']);
+	if(Validator::characterName($nick))
+	{
+		$player = new OTS_Player();
+		$account = new OTS_Account();
+		$player->find($nick);
+		if($player->isLoaded())
+			$account = $player->getAccount();
+
+		if($account->isLoaded())
+		{
+			if($account->getCustomField('email_next') < time())
+			{
+				if($account->getEMail() == $email)
+				{
+					$newcode = generateRandomString(30, true, false, true);
+					$mailBody = '
+					You asked to reset your ' . $config['lua']['serverName'] . ' password.<br/>
+					<p>Account name: '.$account->getName().'</p>
+					<br />
+					To do so, please click this link:
+					<p><a href="' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'">' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'</a></p>
+					<p>or open page: <i>' . getLink('account/lost') . '?action=checkcode</i> and in field "code" write <b>'.$newcode.'</b></p>
+					<br/>
+						<p>If you did not request a password change, you may ignore this message and your password will remain unchanged.';
+
+					$account_mail = $account->getCustomField('email');
+					if(_mail($account_mail, $config['lua']['serverName'].' - Recover your account', $mailBody))
+					{
+						$account->setCustomField('email_code', $newcode);
+						$account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval')));
+						echo '<br />Details about steps required to recover your account has been sent to <b>' . $account_mail . '</b>. You should receive this email within 15 minutes. Please check your inbox/spam directory.';
+					}
+					else
+					{
+						$account->setCustomField('email_next', (time() + 60));
+						echo '<br /><p class="error">An error occurred while sending email! Try again later or contact with admin. For Admin: More info can be found in system/logs/mailer-error.log</p>';
+					}
+				}
+				else
+					echo 'Invalid e-mail to account of character <b>'.$nick.'</b>. Try again.';
+			}
+			else
+			{
+				$insec = (int)$account->getCustomField('email_next') - time();
+				$minutesleft = floor($insec / 60);
+				$secondsleft = $insec - ($minutesleft * 60);
+				$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
+				echo 'Account of selected character (<b>'.$nick.'</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
+			}
+		}
+		else
+			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
+	}
+	else
+		echo 'Invalid player name format. If you have other characters on account try with other name.';
+	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				<a href="' . getLink('account/lost') . '?action=step1&action_type=email&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
+				</TD></TR></FORM></TABLE></TABLE>';
 }
-elseif($action == 'step1' && $action_type == 'reckey') {
-	require PAGES . 'account/lost/step1-reckey.php';
+elseif($action == 'step1' && $action_type == 'reckey')
+{
+	$nick = stripslashes($_REQUEST['nick']);
+	if(Validator::characterName($nick))
+	{
+		$player = new OTS_Player();
+		$account = new OTS_Account();
+		$player->find($nick);
+		if($player->isLoaded())
+			$account = $player->getAccount();
+		if($account->isLoaded())
+		{
+			$account_key = $account->getCustomField('key');
+			if(!empty($account_key))
+			{
+						echo 'If you enter right recovery key you will see form to set new e-mail and password to account. To this e-mail will be send your new password and account name.<BR>
+						<FORM ACTION="' . getLink('account/lost') . '?action=step2" METHOD=post>
+						<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
+						<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter your recovery key</B></TD></TR>
+						<TR><TD BGCOLOR="'.$config['darkborder'].'">
+						Character name:&nbsp;<INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR />
+						Recovery key:&nbsp;&nbsp;&nbsp;&nbsp;<INPUT TYPE=text NAME="key" VALUE="" SIZE="40"><BR>
+						</TD></TR>
+						</TABLE>
+						<BR>
+						<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+						' . $twig->render('buttons.submit.html.twig') . '</div>
+						</TD></TR></FORM></TABLE></TABLE>';
+			}
+			else
+				echo 'Account of this character has no recovery key!';
+		}
+		else
+			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
+	}
+	else
+		echo 'Invalid player name format. If you have other characters on account try with other name.';
+	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				<a href="' . getLink('account/lost') . '" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
+				</TD></TR></FORM></TABLE></TABLE>';
 }
-elseif($action == 'step2') {
-	require PAGES . 'account/lost/step2.php';
+elseif($action == 'step2')
+{
+	$rec_key = trim($_REQUEST['key']);
+	$nick = stripslashes($_REQUEST['nick']);
+	if(Validator::characterName($nick))
+	{
+		$player = new OTS_Player();
+		$account = new OTS_Account();
+		$player->find($nick);
+		if($player->isLoaded())
+			$account = $player->getAccount();
+		if($account->isLoaded())
+		{
+			$account_key = $account->getCustomField('key');
+			if(!empty($account_key))
+			{
+				if($account_key == $rec_key)
+				{
+					echo '<script type="text/javascript">
+					function validate_required(field,alerttxt)
+					{
+					with (field)
+					{
+					if (value==null||value==""||value==" ")
+					  {alert(alerttxt);return false;}
+					else {return true}
+					}
+					}
+					function validate_email(field,alerttxt)
+					{
+					with (field)
+					{
+					apos=value.indexOf("@");
+					dotpos=value.lastIndexOf(".");
+					if (apos<1||dotpos-apos<2)
+					  {alert(alerttxt);return false;}
+					else {return true;}
+					}
+					}
+					function validate_form(thisform)
+					{
+					with (thisform)
+					{
+					if (validate_required(email,"Please enter your e-mail!")==false)
+					  {email.focus();return false;}
+					if (validate_email(email,"Invalid e-mail format!")==false)
+					  {email.focus();return false;}
+					if (validate_required(passor,"Please enter password!")==false)
+					  {passor.focus();return false;}
+					if (validate_required(passor2,"Please repeat password!")==false)
+					  {passor2.focus();return false;}
+					if (passor2.value!=passor.value)
+					  {alert(\'Repeated password is not equal to password!\');return false;}
+					}
+					}
+					</script>';
+					echo 'Set new password and e-mail to your account.<BR>
+					<FORM ACTION="' . getLink('account/lost') . '?action=step3" onsubmit="return validate_form(this)" METHOD=post>
+					<INPUT TYPE=hidden NAME="character" VALUE="">
+					<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
+					<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter new password and e-mail</B></TD></TR>
+					<TR><TD BGCOLOR="'.$config['darkborder'].'">
+					Account of character:&nbsp;&nbsp;<INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR />
+					New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<INPUT id="passor" TYPE=password NAME="passor" VALUE="" SIZE="40"><BR>
+					Repeat new password:&nbsp;&nbsp;<INPUT id="passor2" TYPE=password NAME="passor" VALUE="" SIZE="40"><BR>
+					New e-mail address:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<INPUT id="email" TYPE=text NAME="email" VALUE="" SIZE="40"><BR>
+					<INPUT TYPE=hidden NAME="key" VALUE="'.$rec_key.'">
+					</TD></TR>
+					</TABLE>
+					<BR>
+					<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+					' . $twig->render('buttons.submit.html.twig') . '</div>
+					</TD></TR></FORM></TABLE></TABLE>';
+				}
+				else
+					echo 'Wrong recovery key!';
+			}
+			else
+				echo 'Account of this character has no recovery key!';
+		}
+		else
+			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
+	}
+	else
+		echo 'Invalid player name format. If you have other characters on account try with other name.';
+	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
+				</TD></TR></FORM></TABLE></TABLE>';
 }
-elseif($action == 'step3') {
-	require PAGES . 'account/lost/step3.php';
+elseif($action == 'step3')
+{
+	$rec_key = trim($_REQUEST['key']);
+	$nick = stripslashes($_REQUEST['nick']);
+	$new_pass = trim($_REQUEST['passor']);
+	$new_email = trim($_REQUEST['email']);
+	if(Validator::characterName($nick))
+	{
+		$player = new OTS_Player();
+		$account = new OTS_Account();
+		$player->find($nick);
+		if($player->isLoaded())
+			$account = $player->getAccount();
+		if($account->isLoaded())
+		{
+			$account_key = $account->getCustomField('key');
+			if(!empty($account_key))
+			{
+				if($account_key == $rec_key)
+				{
+					if(Validator::password($new_pass))
+					{
+						if(Validator::email($new_email))
+						{
+							$account->setEMail($new_email);
+
+							$tmp_new_pass = $new_pass;
+							if(USE_ACCOUNT_SALT)
+							{
+								$salt = generateRandomString(10, false, true, true);
+								$tmp_new_pass = $salt . $new_pass;
+							}
+
+							$account->setPassword(encrypt($tmp_new_pass));
+							$account->save();
+
+							if(USE_ACCOUNT_SALT)
+								$account->setCustomField('salt', $salt);
+
+							echo 'Your account name, new password and new e-mail.<BR>
+							<FORM ACTION="' . getLink('account/manage') . '" onsubmit="return validate_form(this)" METHOD=post>
+							<INPUT TYPE=hidden NAME="character" VALUE="">
+							<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
+							<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Your account name, new password and new e-mail</B></TD></TR>
+							<TR><TD BGCOLOR="'.$config['darkborder'].'">
+							Account name:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>'.$account->getName().'</b><BR>
+							New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>'.$new_pass.'</b><BR>
+							New e-mail address:&nbsp;<b>'.$new_email.'</b><BR>';
+							if($account->getCustomField('email_next') < time())
+							{
+								$mailBody = '
+								<h3>Your account name and new password!</h3>
+								<p>Changed password and e-mail to your account in Lost Account Interface on server <a href="'.BASE_URL.'"><b>'.$config['lua']['serverName'].'</b></a></p>
+								<p>Account name: <b>'.$account->getName().'</b></p>
+								<p>New password: <b>'.$new_pass.'</b></p>
+								<p>E-mail: <b>'.$new_email.'</b> (this e-mail)</p>
+								<br />
+								<p><u>It\'s automatic e-mail from OTS Lost Account System. Do not reply!</u></p>';
+
+								if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - New password to your account", $mailBody))
+								{
+									echo '<br /><small>Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!</small>';
+								}
+								else
+								{
+									echo '<br /><p class="error">An error occurred while sending email! You will not receive e-mail with this informations. For Admin: More info can be found in system/logs/mailer-error.log</p>';
+								}
+							}
+							else
+							{
+								echo '<br /><small>You will not receive e-mail with this informations.</small>';
+							}
+							echo '<INPUT TYPE=hidden NAME="account_login" VALUE="'.$account->getId().'">
+							<INPUT TYPE=hidden NAME="password_login" VALUE="'.$new_pass.'">
+							</TD></TR></TABLE><BR>
+							<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+							<INPUT TYPE=image NAME="Login" ALT="Login" SRC="'.$template_path.'/images/global/buttons/sbutton_login.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
+							</TD></TR></FORM></TABLE></TABLE>';
+						}
+						else
+							echo Validator::getLastError();
+					}
+					else
+						echo Validator::getLastError();
+				}
+				else
+					echo 'Wrong recovery key!';
+			}
+			else
+				echo 'Account of this character has no recovery key!';
+		}
+		else
+			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
+	}
+	else
+		echo 'Invalid player name format. If you have other characters on account try with other name.';
+	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
+				</TD></TR></FORM></TABLE></TABLE>';
 }
-elseif($action == 'check-code') {
-	require PAGES . 'account/lost/check-code.php';
+elseif($action == 'checkcode')
+{
+	$code = trim($_REQUEST['code']);
+	$character = stripslashes(trim($_REQUEST['character']));
+	if(empty($code) || empty($character))
+		echo 'Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
+				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
+				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
+				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
+				<TR><TD BGCOLOR="'.$config['darkborder'].'">
+				Your code:&nbsp;<INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
+				Character:&nbsp;<INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
+				</TD></TR>
+				</TABLE>
+				<BR>
+				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				' . $twig->render('buttons.submit.html.twig') . '</div>
+				</TD></TR></FORM></TABLE></TABLE>';
+	else
+	{
+		$player = new OTS_Player();
+		$account = new OTS_Account();
+		$player->find($character);
+		if($player->isLoaded())
+			$account = $player->getAccount();
+		if($account->isLoaded())
+		{
+			if($account->getCustomField('email_code') == $code)
+			{
+				echo '<script type="text/javascript">
+				function validate_required(field,alerttxt)
+				{
+				with (field)
+				{
+				if (value==null||value==""||value==" ")
+				  {alert(alerttxt);return false;}
+				else {return true}
+				}
+				}
+
+				function validate_form(thisform)
+				{
+				with (thisform)
+				{
+				if (validate_required(passor,"Please enter password!")==false)
+				  {passor.focus();return false;}
+				if (validate_required(passor2,"Please repeat password!")==false)
+				  {passor2.focus();return false;}
+				if (passor2.value!=passor.value)
+				  {alert(\'Repeated password is not equal to password!\');return false;}
+				}
+				}
+				</script>
+				Please enter new password to your account and repeat to make sure you remember password.<BR>
+				<FORM ACTION="' . getLink('account/lost') . '?action=setnewpassword" onsubmit="return validate_form(this)" METHOD=post>
+				<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
+				<INPUT TYPE=hidden NAME="code" VALUE="'.$code.'">
+				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
+				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & account name</B></TD></TR>
+				<TR><TD BGCOLOR="'.$config['darkborder'].'">
+				New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<INPUT TYPE=password ID="passor" NAME="passor" VALUE="" SIZE="40")><BR />
+				Repeat new password:&nbsp;<INPUT TYPE=password ID="passor2" NAME="passor2" VALUE="" SIZE="40")><BR />
+				</TD></TR>
+				</TABLE>
+				<BR>
+				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				' . $twig->render('buttons.submit.html.twig') . '</div>
+				</TD></TR></FORM></TABLE></TABLE>';
+			}
+			else
+				$error= 'Wrong code to change password.';
+		}
+		else
+			$error = 'Account of this character or this character doesn\'t exist.';
+	}
+	if(!empty($error))
+				echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
+				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
+				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
+				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
+				<TR><TD BGCOLOR="'.$config['darkborder'].'">
+				Your code:&nbsp;<INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
+				Character:&nbsp;<INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
+				</TD></TR>
+				</TABLE>
+				<BR>
+				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				' . $twig->render('buttons.submit.html.twig') . '</div>
+				</TD></TR></FORM></TABLE></TABLE>';
 }
-elseif($action == 'set-new-password') {
-	require PAGES . 'account/lost/set-new-password.php';
+elseif($action == 'setnewpassword')
+{
+	$newpassword = $_REQUEST['passor'];
+	$code = $_REQUEST['code'];
+	$character = stripslashes($_REQUEST['character']);
+	echo '';
+	if(empty($code) || empty($character) || empty($newpassword))
+		echo '<span style="color: red"><b>Error. Try again.</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
+				<BR><FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
+				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				<INPUT TYPE=image NAME="Back" ALT="Back" SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
+				</TD></TR></FORM></TABLE></TABLE>';
+	else
+	{
+		$player = new OTS_Player();
+		$account = new OTS_Account();
+		$player->find($character);
+		if($player->isLoaded())
+			$account = $player->getAccount();
+		if($account->isLoaded())
+		{
+			if($account->getCustomField('email_code') == $code)
+			{
+				if(Validator::password($newpassword))
+				{
+					$tmp_new_pass = $newpassword;
+					if(USE_ACCOUNT_SALT)
+					{
+						$salt = generateRandomString(10, false, true, true);
+						$tmp_new_pass  = $salt . $newpassword;
+						$account->setCustomField('salt', $salt);
+					}
+
+					$account->setPassword(encrypt($tmp_new_pass ));
+					$account->save();
+					$account->setCustomField('email_code', '');
+					echo 'New password to your account is below. Now you can login.<BR>
+					<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
+					<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
+					<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Changed password</B></TD></TR>
+					<TR><TD BGCOLOR="'.$config['darkborder'].'">
+					New password:&nbsp;<b>'.$newpassword.'</b><BR />
+					Account name:&nbsp;&nbsp;&nbsp;<i>(Already on your e-mail)</i><BR />';
+
+					$mailBody = '
+					<h3>Your account name and password!</h3>
+					<p>Changed password to your account in Lost Account Interface on server <a href="'.BASE_URL.'"><b>'.$config['lua']['serverName'].'</b></a></p>
+					<p>Account name: <b>'.$account->getName().'</b></p>
+					<p>New password: <b>'.$newpassword.'</b></p>
+					<br />
+					<p><u>It\'s automatic e-mail from OTS Lost Account System. Do not reply!</u></p>';
+
+					if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - Your new password", $mailBody))
+					{
+						echo '<br /><small>New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!';
+					}
+					else
+					{
+						echo '<br /><p class="error">New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log';
+					}
+				echo '</TD></TR>
+				</TABLE>
+				<BR>
+				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				<FORM ACTION="' . getLink('account/manage') . '" METHOD=post>
+				<INPUT TYPE=image NAME="Login" ALT="Login" SRC="'.$template_path.'/images/global/buttons/sbutton_login.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
+				</TD></TR></FORM></TABLE></TABLE>';
+				}
+				else
+					$error= Validator::getLastError();
+			}
+			else
+				$error= 'Wrong code to change password.';
+		}
+		else
+			$error = 'Account of this character or this character doesn\'t exist.';
+	}
+	if(!empty($error))
+				echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
+				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
+				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
+				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
+				<TR><TD BGCOLOR="'.$config['darkborder'].'">
+				Your code:&nbsp;<INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
+				Character:&nbsp;<INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
+				</TD></TR>
+				</TABLE>
+				<BR>
+				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
+				' . $twig->render('buttons.submit.html.twig') . '</div>
+				</TD></TR></FORM></TABLE></TABLE>';
 }

system/pages/account/lost/check-code.php

@@ -1,57 +0,0 @@
-<?php
-$code = isset($_REQUEST['code']) ? trim($_REQUEST['code']) : '';
-$character = isset($_REQUEST['character']) ? stripslashes(trim($_REQUEST['character'])) : '';
-
-if(empty($code) || empty($character))
-	$twig->display('account.lost.check-code.html.twig', [
-		'code' => $code,
-		'characters' => $character,
-	]);
-else
-{
-	$player = new OTS_Player();
-	$account = new OTS_Account();
-	$player->find($character);
-	if($player->isLoaded()) {
-		$account = $player->getAccount();
-	}
-
-	if($account->isLoaded()) {
-		if($account->getCustomField('email_code') == $code) {
-			echo '
-				Please enter new password to your account and repeat to make sure you remember password.<BR>
-				<FORM ACTION="' . getLink('account/lost') . '?action=setnewpassword" METHOD=post>
-				<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
-				<INPUT TYPE=hidden NAME="code" VALUE="'.$code.'">
-				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
-				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Passwords</B></TD></TR>
-				<TR><TD BGCOLOR="'.$config['darkborder'].'">
-				New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<INPUT TYPE=password ID="passor" NAME="passor" VALUE="" SIZE="40"><BR />
-				Repeat new password:&nbsp;<INPUT TYPE=password ID="passor2" NAME="passor2" VALUE="" SIZE="40"><BR />
-				</TD></TR>
-				</TABLE>
-				<BR>
-				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-				' . $twig->render('buttons.submit.html.twig') . '</div>
-				</TD></TR></FORM></TABLE></TABLE>';
-		}
-		else {
-			$error = 'Wrong code to change password.';
-		}
-	}
-	else {
-		$error = "Account of this character or this character doesn't exist.";
-	}
-}
-
-if(!empty($error)) {
-	$twig->display('error_box.html.twig', [
-		'errors' => [$error],
-	]);
-
-	echo '<br/>';
-
-	$twig->display('account.lost.check-code.html.twig', [
-
-	]);
-}

system/pages/account/lost/send-code.php

@@ -1,56 +0,0 @@
-<?php
-
-$email = $_REQUEST['email'];
-$nick = stripslashes($_REQUEST['nick']);
-
-$player = new OTS_Player();
-$account = new OTS_Account();
-$player->find($nick);
-if($player->isLoaded()) {
-	$account = $player->getAccount();
-}
-
-if($account->isLoaded()) {
-	if($account->getCustomField('email_next') < time()) {
-		if($account->getEMail() == $email) {
-			$newCode = generateRandomString(30, true, false, true);
-			$mailBody = $twig->render('mail.account.lost.code.html.twig', [
-				'newCode' => $newCode,
-				'account' => $account,
-				'nick' => $nick,
-			]);
-
-			$accountEMail = $account->getCustomField('email');
-			if(_mail($accountEMail, configLua('serverName') . ' - Recover your account', $mailBody)) {
-				$account->setCustomField('email_code', $newCode);
-				$account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval')));
-
-				echo '<br />Details about steps required to recover your account has been sent to <b>' . $accountEMail . '</b>. You should receive this email within 15 minutes. Please check your inbox/spam directory.';
-			}
-			else {
-				$account->setCustomField('email_next', (time() + 60));
-				error('An error occurred while sending email! Try again later or contact with admin. For Admin: More info can be found in system/logs/mailer-error.log</p>');
-			}
-		}
-		else {
-			echo 'Invalid e-mail to account of character <b>' . htmlspecialchars($nick) . '</b>. Try again.';
-		}
-	}
-	else {
-		$insec = (int)$account->getCustomField('email_next') - time();
-		$minutesleft = floor($insec / 60);
-		$secondsleft = $insec - ($minutesleft * 60);
-		$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
-
-		echo 'Account of selected character (<b>' . htmlspecialchars($nick) . '</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60) . ' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
-	}
-}
-else {
-	echo "Player or account of player <b>" . htmlspecialchars($nick) . "</b> doesn't exist.";
-}
-
-$twig->display('account.back_button.html.twig', [
-	'new_line' => true,
-	'center' => true,
-	'action' => getLink('account/lost') . '?action=step1&action_type=email&nick=' . urlencode($nick),
-]);

system/pages/account/lost/set-new-password.php

@@ -1,81 +0,0 @@
-<?php
-$newPassword = $_REQUEST['passor'];
-$code = $_REQUEST['code'];
-$character = stripslashes($_REQUEST['character']);
-
-if(empty($code) || empty($character) || empty($newPassword)) {
-	echo '<span style="color: red"><b>Error. Try again.</b></span><br/>Please enter code from e-mail and name of one character from account. Then press Submit.<br>';
-
-	$twig->display('account.back_button.html.twig', [
-		'new_line' => true,
-		'center' => true,
-		'action' => getLink('account/lost') . '?action=check-code',
-	]);
-}
-else
-{
-	$player = new OTS_Player();
-	$account = new OTS_Account();
-	$player->find($character);
-	if($player->isLoaded()) {
-		$account = $player->getAccount();
-	}
-
-	if($account->isLoaded())
-	{
-		if($account->getCustomField('email_code') == $code)
-		{
-			if(Validator::password($newPassword))
-			{
-				$tmp_new_pass = $newPassword;
-				if(USE_ACCOUNT_SALT)
-				{
-					$salt = generateRandomString(10, false, true, true);
-					$tmp_new_pass  = $salt . $newPassword;
-					$account->setCustomField('salt', $salt);
-				}
-
-				$account->setPassword(encrypt($tmp_new_pass));
-				$account->save();
-				$account->setCustomField('email_code', '');
-
-				$mailBody = $twig->render('mail.account.lost.new-password.html.twig', [
-					'account' => $account,
-					'newPassword' => $newPassword,
-				]);
-
-				$statusMsg = '';
-				if(_mail($account->getCustomField('email'), configLua('serverName') . ' - Your new password', $mailBody)) {
-					$statusMsg = '<br /><small>New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!';
-				}
-				else {
-					$statusMsg = '<br /><p class="error">New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log';
-				}
-
-				$twig->display('account.lost.finish.new-password.html.twig', [
-					'statusMsg' => $statusMsg,
-					'newPassword' => $newPassword,
-				]);
-			}
-			else
-				$error= Validator::getLastError();
-		}
-		else
-			$error= 'Wrong code to change password.';
-	}
-	else
-		$error = 'Account of this character or this character doesn\'t exist.';
-}
-
-if(!empty($error)) {
-	$twig->display('error_box.html.twig', [
-		'errors' => [$error],
-	]);
-
-	echo '<br/>';
-
-	$twig->display('account.lost.check-code.html.twig', [
-		'code' => $code,
-		'character' => $character,
-	]);
-}

system/pages/account/lost/step1-email.php

@@ -1,36 +0,0 @@
-<?php
-
-$nick = stripslashes($_REQUEST['nick']);
-
-$player = new OTS_Player();
-$account = new OTS_Account();
-$player->find($nick);
-if($player->isLoaded()) {
-	$account = $player->getAccount();
-}
-
-if($account->isLoaded()) {
-	if($account->getCustomField('email_next') < time()) {
-		$twig->display('account.lost.step1-email.html.twig', [
-			'nick' => $nick,
-		]);
-	}
-	else
-	{
-		$insec = (int)$account->getCustomField('email_next') - time();
-		$minutesleft = floor($insec / 60);
-		$secondsleft = $insec - ($minutesleft * 60);
-		$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
-
-		echo 'Account of selected character (<b>'.$nick.'</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
-	}
-}
-else {
-	echo "Player or account of player <b>" . htmlspecialchars($nick) . "</b> doesn't exist.";
-}
-
-$twig->display('account.back_button.html.twig', [
-	'new_line' => true,
-	'center' => true,
-	'action' => getLink('account/lost'),
-]);

system/pages/account/lost/step1-reckey.php

@@ -1,39 +0,0 @@
-<?php
-$nick = stripslashes($_REQUEST['nick']);
-
-$player = new OTS_Player();
-$account = new OTS_Account();
-$player->find($nick);
-if($player->isLoaded())
-	$account = $player->getAccount();
-if($account->isLoaded())
-{
-	$account_key = $account->getCustomField('key');
-	if(!empty($account_key))
-	{
-		echo 'If you enter right recovery key you will see form to set new e-mail and password to account. To this e-mail will be send your new password and account name.<BR>
-					<FORM ACTION="' . getLink('account/lost') . '?action=step2" METHOD=post>
-					<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
-					<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter your recovery key</B></TD></TR>
-					<TR><TD BGCOLOR="'.$config['darkborder'].'">
-					Character name:&nbsp;<INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR />
-					Recovery key:&nbsp;&nbsp;&nbsp;&nbsp;<INPUT TYPE=text NAME="key" VALUE="" SIZE="40"><BR>
-					</TD></TR>
-					</TABLE>
-					<BR>
-					<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
-					' . $twig->render('buttons.submit.html.twig') . '</div>
-					</TD></TR></FORM></TABLE></TABLE>';
-	}
-	else
-		echo 'Account of this character has no recovery key!';
-}
-else {
-	echo 'Player or account of player <b>' . htmlspecialchars($nick) . '</b> doesn\'t exist.';
-}
-
-$twig->display('account.back_button.html.twig', [
-	'new_line' => true,
-	'center' => true,
-	'action' => getLink('account/lost'),
-]);

system/pages/account/lost/step2.php

@@ -1,37 +0,0 @@
-<?php
-
-$recKey = trim($_REQUEST['key']);
-$nick = stripslashes($_REQUEST['nick']);
-
-$player = new OTS_Player();
-$account = new OTS_Account();
-$player->find($nick);
-if($player->isLoaded()) {
-	$account = $player->getAccount();
-}
-
-if($account->isLoaded()) {
-	$accountKey = $account->getCustomField('key');
-	if(!empty($accountKey)) {
-		if($accountKey == $recKey) {
-			$twig->display('account.lost.step2.html.twig', [
-				'nick' => $nick,
-				'recKey' => $recKey,
-			]);
-		}
-		else {
-			echo 'Wrong recovery key!';
-		}
-	}
-	else {
-		echo 'Account of this character has no recovery key!';
-	}
-}
-else
-	echo "Player or account of player <b>" . htmlspecialchars($nick) . "</b> doesn't exist.";
-
-$twig->display('account.back_button.html.twig', [
-	'new_line' => true,
-	'center' => true,
-	'action' => getLink('account/lost') . '?action=step1&action_type=reckey&nick=' . urlencode($nick),
-]);

system/pages/account/lost/step3.php

@@ -1,87 +0,0 @@
-<?php
-$recKey = trim($_REQUEST['key']);
-$nick = stripslashes($_REQUEST['nick']);
-$newPassword = trim($_REQUEST['passor']);
-$newEmail = trim($_REQUEST['email']);
-
-$player = new OTS_Player();
-$account = new OTS_Account();
-$player->find($nick);
-if($player->isLoaded()) {
-	$account = $player->getAccount();
-}
-
-if($account->isLoaded())
-{
-	$accountKey = $account->getCustomField('key');
-	if(!empty($accountKey)) {
-		if($accountKey == $recKey) {
-			if(Validator::password($newPassword)) {
-				if(Validator::email($newEmail)) {
-					$account->setEMail($newEmail);
-
-					$tmp_new_pass = $newPassword;
-					if(USE_ACCOUNT_SALT)
-					{
-						$salt = generateRandomString(10, false, true, true);
-						$tmp_new_pass = $salt . $newPassword;
-					}
-
-					$account->setPassword(encrypt($tmp_new_pass));
-					$account->save();
-
-					if(USE_ACCOUNT_SALT) {
-						$account->setCustomField('salt', $salt);
-					}
-
-					$statusMsg = '';
-					if($account->getCustomField('email_next') < time()) {
-						$mailBody = $twig->render('mail.account.lost.new-email.html.twig', [
-							'account' => $account,
-							'newPassword' => $newPassword,
-							'newEmail' => $newEmail,
-						]);
-
-						if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - New password to your account", $mailBody)) {
-							$statusMsg = '<br /><small>Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!</small>';
-						}
-						else {
-							$statusMsg = '<br /><p class="error">An error occurred while sending email! You will not receive e-mail with this informations. For Admin: More info can be found in system/logs/mailer-error.log</p>';
-						}
-					}
-					else {
-						$statusMsg = '<br /><small>You will not receive e-mail with this informations.</small>';
-					}
-
-					$twig->display('account.lost.finish.new-email.html.twig', [
-						'statusMsg' => $statusMsg,
-						'account' => $account,
-						'newPassword' => $newPassword,
-						'newEmail' => $newEmail,
-					]);
-				}
-				else {
-					echo Validator::getLastError();
-				}
-			}
-			else {
-				echo Validator::getLastError();
-			}
-		}
-		else {
-			echo 'Wrong recovery key!';
-		}
-	}
-	else {
-		echo 'Account of this character has no recovery key!';
-	}
-}
-else {
-	echo "Player or account of player <b>" . htmlspecialchars($nick) . "</b> doesn't exist.";
-}
-
-$twig->display('account.back_button.html.twig', [
-	'new_line' => true,
-	'center' => true,
-	'action' => getLink('account/lost') . '?action=step1&action_type=reckey&nick=' . urlencode($nick),
-]);

system/pages/forum/new_thread.php

@@ -95,7 +95,7 @@ if(Forum::canPost($account_logged)) {
 				if (count($errors) == 0) {
 					$saved = true;
 
-					$db->query("INSERT INTO `" . FORUM_TABLE_PREFIX . "forum` (`first_post` ,`last_post` ,`section` ,`replies` ,`views` ,`author_aid` ,`author_guid` ,`post_text` ,`post_topic` ,`post_smile`, `post_html` ,`post_date` ,`last_edit_aid` ,`edit_date`, `post_ip`) VALUES ('0', '" . time() . "', '" . (int)$section_id . "', '0', '0', '" . $account_logged->getId() . "', '" . $char_id . "', " . $db->quote($text) . ", " . $db->quote($post_topic) . ", '" . $smile . "', '" . $html . "', '" . time() . "', '0', '0', '" . $_SERVER['REMOTE_ADDR'] . "')");
+					$db->query("INSERT INTO `" . FORUM_TABLE_PREFIX . "forum` (`first_post` ,`last_post` ,`section` ,`replies` ,`views` ,`author_aid` ,`author_guid` ,`post_text` ,`post_topic` ,`post_smile`, `post_html` ,`post_date` ,`last_edit_aid` ,`edit_date`, `post_ip`) VALUES ('0', '" . time() . "', '" . (int)$section_id . "', '0', '0', '" . $account_logged->getId() . "', '" . $char_id . "', " . $db->quote($text) . ", " . $db->quote($post_topic) . ", '" . $smile . "', '" . $html . "', '" . time() . "', '0', '0', '" . get_browser_real_ip() . "')");
 
 					$thread_id = $db->lastInsertId();
 

system/pages/forum/show_board.php

@@ -44,7 +44,7 @@ for($i = 0; $i < $threads_count['threads_count'] / setting('core.forum_threads_p
 
 echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.$sections[$section_id]['name'].'</b>';
 
-if(!$sections[$section_id]['closed'] || Forum::isModerator()) {
+if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 	echo '<br /><br />
 		<a href="' . getLink('forum') . '?action=new_thread&section_id='.$section_id.'"><img src="images/forum/topic.gif" border="0" /></a>';
 }
@@ -94,7 +94,7 @@ if(isset($last_threads[0])) {
 	}
 
 	echo '</table>';
-	if(!$sections[$section_id]['closed'] || Forum::isModerator()) {
+	if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 		echo '<br /><a href="' . getLink('forum') . '?action=new_thread&section_id=' . $section_id . '"><img src="images/forum/topic.gif" border="0" /></a>';
 	}
 }

system/pages/highscores.php

@@ -31,20 +31,22 @@ if(!is_numeric($page) || $page < 1 || $page > PHP_INT_MAX) {
 
 $query = Player::query();
 
-$settingHighscoresVocationBox = setting('core.highscores_vocation_box');
 $configVocations = config('vocations');
 $configVocationsAmount = config('vocations_amount');
 
-if($settingHighscoresVocationBox && $vocation !== 'all')
-{
+$vocationId = null;
+if($vocation !== 'all') {
 	foreach($configVocations as $id => $name) {
 		if(strtolower($name) == $vocation) {
-			$add_vocs = array($id);
+			$vocationId = $id;
+			$add_vocs = [$id];
 
-			$i = $id + $configVocationsAmount;
-			while(isset($configVocations[$i])) {
-				$add_vocs[] = $i;
-				$i += $configVocationsAmount;
+			if ($id !== 0) {
+				$i = $id + $configVocationsAmount;
+				while (isset($configVocations[$i])) {
+					$add_vocs[] = $i;
+					$i += $configVocationsAmount;
+				}
 			}
 
 			$query->whereIn('players.vocation', $add_vocs);
@@ -175,7 +177,7 @@ if (empty($highscores)) {
 			$query
 				->join('player_skills', 'player_skills.player_id', '=', 'players.id')
 				->where('skillid', $skill)
-				->addSelect('player_skills.skillid as value');
+				->addSelect('player_skills.value as value');
 		}
 	} else if ($skill == SKILL_FRAGS) // frags
 	{
@@ -287,6 +289,7 @@ $twig->display('highscores.html.twig', [
 	'skillName' => ($skill == SKILL_FRAGS ? 'Frags' : ($skill == SKILL_BALANCE ? 'Balance' : getSkillName($skill))),
 	'levelName' => ($skill != SKILL_FRAGS && $skill != SKILL_BALANCE ? 'Level' : ($skill == SKILL_BALANCE ? 'Balance' : 'Frags')),
 	'vocation' => $vocation !== 'all' ? $vocation :  null,
+	'vocationId' => $vocationId,
 	'types' => $types,
 	'linkPreviousPage' => $linkPreviousPage,
 	'linkNextPage' => $linkNextPage,

system/pages/monsters.php

@@ -62,7 +62,9 @@ if ($monsterModel && isset($monsterModel->name)) {
 	$elements = json_decode($monster['elements'], true);
 	$immunities = json_decode($monster['immunities'], true);
 	$loot = json_decode($monster['loot'], true);
-	usort($loot, 'sort_by_chance');
+	if (!empty($loot)) {
+		usort($loot, 'sort_by_chance');
+	}
 
 	foreach ($loot as &$item) {
 		$item['name'] = getItemNameById($item['id']);

system/pages/online.php

@@ -50,8 +50,8 @@ if (setting('core.online_outfit')) {
 	}
 }
 
+$vocs = [];
 if (setting('core.online_vocations')) {
-	$vocs = array();
 	foreach($config['vocations'] as $id => $name) {
 		$vocs[$id] = 0;
 	}
@@ -100,7 +100,7 @@ foreach($playersOnline as $player) {
 }
 
 $record = '';
-if($players > 0) {
+if(count($players_data) > 0) {
 	if( setting('core.online_record')) {
 		$result = null;
 		$timestamp = false;
@@ -114,7 +114,7 @@ if($players > 0) {
 			}
 		}
 
-		if($record) {
+		if($result) {
 			$record = 'The maximum on this game world was ' . $result['record'] . ' players' . ($timestamp ? ' on ' . date("M d Y, H:i:s", $result['timestamp']) . '.' : '.');
 		}
 	}
@@ -122,7 +122,8 @@ if($players > 0) {
 
 $twig->display('online.html.twig', array(
 	'players' => $players_data,
-	'record' => $record
+	'record' => $record,
+	'vocs' => $vocs,
 ));
 
 //search bar