First attempt

common.php

@@ -27,7 +27,7 @@ if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is
 
 const MYAAC = true;
 const MYAAC_VERSION = '1.8.3-dev';
-const DATABASE_VERSION = 46;
+const DATABASE_VERSION = 45;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
 define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));

install/includes/schema.sql

@@ -1,4 +1,4 @@
-SET @myaac_database_version = 46;
+SET @myaac_database_version = 45;
 
 CREATE TABLE `myaac_account_actions`
 (
@@ -10,15 +10,6 @@ CREATE TABLE `myaac_account_actions`
 	KEY (`account_id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 
-CREATE TABLE `myaac_account_emails_verify`
-(
-	`id` int NOT NULL AUTO_INCREMENT,
-	`account_id` int NOT NULL,
-	`hash` varchar(32) NOT NULL,
-	`sent_at` int NOT NULL DEFAULT 0,
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
-
 CREATE TABLE `myaac_admin_menu`
 (
 	`id` int NOT NULL AUTO_INCREMENT,

install/tools/5-database.php

@@ -102,13 +102,18 @@ if(!$db->hasColumn('accounts', 'web_flags')) {
 		success($locale['step_database_adding_field'] . ' accounts.web_flags...');
 }
 
+if(!$db->hasColumn('accounts', 'email_hash')) {
+	if(query("ALTER TABLE `accounts` ADD `email_hash` VARCHAR(32) NOT NULL DEFAULT '' AFTER `web_flags`;"))
+		success($locale['step_database_adding_field'] . ' accounts.email_hash...');
+}
+
 if(!$db->hasColumn('accounts', 'email_verified')) {
-	if(query("ALTER TABLE `accounts` ADD `email_verified` TINYINT(1) NOT NULL DEFAULT 0 AFTER `web_flags`;"))
+	if(query("ALTER TABLE `accounts` ADD `email_verified` TINYINT(1) NOT NULL DEFAULT 0 AFTER `email_hash`;"))
 		success($locale['step_database_adding_field'] . ' accounts.email_verified...');
 }
 
 if(!$db->hasColumn('accounts', 'email_new')) {
-	if(query("ALTER TABLE `accounts` ADD `email_new` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_verified`;"))
+	if(query("ALTER TABLE `accounts` ADD `email_new` VARCHAR(255) NOT NULL DEFAULT '' AFTER `email_hash`;"))
 		success($locale['step_database_adding_field'] . ' accounts.email_new...');
 }
 

system/compat/config.php

@@ -81,7 +81,6 @@ $deprecatedConfig = [
 	'account_change_character_name_points' => 'account_change_character_name_price',
 	'account_change_character_sex',
 	'account_change_character_sex_points' => 'account_change_character_name_price',
-	'email_lai_sec_interval' => 'mail_lost_account_interval',
 ];
 
 foreach ($deprecatedConfig as $key => $value) {

system/functions.php

@@ -1142,18 +1142,10 @@ function getTopPlayers($limit = 5, $skill = 'level') {
 			'looktype', 'lookhead', 'lookbody', 'looklegs', 'lookfeet'
 		];
 
-		if ($db->hasColumn('players', 'promotion')) {
-			$columns[] = 'promotion';
-		}
-
 		if ($db->hasColumn('players', 'lookaddons')) {
 			$columns[] = 'lookaddons';
 		}
 
-		if ($db->hasColumn('players', 'lookmount')) {
-			$columns[] = 'lookmount';
-		}
-
 		return Player::query()
 			->select($columns)
 			->withOnlineStatus()

system/libs/pot/OTS_DB_MySQL.php

@@ -120,11 +120,6 @@ class OTS_DB_MySQL extends OTS_Base_DB
 				if($cache->fetch('database_columns', $tmp) && $tmp) {
 					$this->has_column_cache = unserialize($tmp);
 				}
-
-				$tmp = null;
-				if($cache->fetch('database_columns_info', $tmp) && $tmp) {
-					$this->get_column_info_cache = unserialize($tmp);
-				}
 			}
 		}
 
@@ -161,13 +156,11 @@ class OTS_DB_MySQL extends OTS_Base_DB
 			if ($this->clearCacheAfter) {
 				$cache->delete('database_tables');
 				$cache->delete('database_columns');
-				$cache->delete('database_columns_info');
 				$cache->delete('database_checksum');
 			}
 			else {
 				$cache->set('database_tables', serialize($this->has_table_cache), 3600);
 				$cache->set('database_columns', serialize($this->has_column_cache), 3600);
-				$cache->set('database_columns_info', serialize($this->get_column_info_cache), 3600);
 				$cache->set('database_checksum', serialize(sha1($config['database_host'] . '.' . $config['database_name'])), 3600);
 			}
 		}
@@ -302,8 +295,7 @@ class OTS_DB_MySQL extends OTS_Base_DB
 		return [];
 	}
 
-	public function revalidateCache(): void
-	{
+	public function revalidateCache() {
 		foreach($this->has_table_cache as $key => $value) {
 			$this->hasTableInternal($key);
 		}
@@ -318,21 +310,6 @@ class OTS_DB_MySQL extends OTS_Base_DB
 				$this->hasColumnInternal($explode[0], $explode[1]);
 			}
 		}
-
-		foreach($this->get_column_info_cache as $key => $value) {
-			$explode = explode('.', $key);
-			if(!isset($this->has_table_cache[$explode[0]])) { // first check if table exist
-				$this->hasTableInternal($explode[0]);
-			}
-
-			if($this->has_table_cache[$explode[0]]) {
-				$this->hasColumnInternal($explode[0], $explode[1]);
-			}
-
-			if($this->has_table_cache[$explode[0]]) {
-				$this->getColumnInfoInternal($explode[0], $explode[1]);
-			}
-		}
 	}
 
 	public function setClearCacheAfter($clearCache)

system/migrations/46-account_emails_verify.sql

@@ -1,8 +0,0 @@
-CREATE TABLE `myaac_account_emails_verify`
-(
-	`id` int NOT NULL AUTO_INCREMENT,
-	`account_id` int NOT NULL,
-	`hash` varchar(32) NOT NULL,
-	`sent_at` int NOT NULL DEFAULT 0,
-	PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;

system/migrations/46.php

@@ -1,24 +0,0 @@
-<?php
-/**
- * @var OTS_DB_MySQL $db
- */
-
-$up = function () use ($db) {
-	if ($db->hasColumn('accounts', 'email_hash')) {
-		$db->dropColumn('accounts', 'email_hash');
-	}
-
-	if (!$db->hasTable(TABLE_PREFIX . 'account_emails_verify')) {
-		$db->query(file_get_contents(__DIR__ . '/46-account_emails_verify.sql'));
-	}
-};
-
-$down = function () use ($db) {
-	if (!$db->hasColumn('accounts', 'email_hash')) {
-		$db->addColumn('accounts', 'email_hash', "varchar(32) NOT NULL DEFAULT ''");
-	}
-
-	if ($db->hasTable(TABLE_PREFIX . 'account_emails_verify')) {
-		$db->dropTable(TABLE_PREFIX . 'account_emails_verify');
-	}
-};

system/pages/account/confirm-email.php

@@ -9,7 +9,6 @@
  */
 
 use MyAAC\Models\Account;
-use MyAAC\Models\AccountEmailVerify;
 
 defined('MYAAC') or die('Direct access not allowed!');
 
@@ -21,20 +20,16 @@ if(empty($hash)) {
 	return;
 }
 
-// by default link is valid for 30 days
-$accountEmailVerify = AccountEmailVerify::where('hash', $hash)->where('sent_at', '>', time() - 30 * 24 * 60 * 60)->first();
-if(!$accountEmailVerify) {
-	note("Wrong link or link has expired.");
+if(!Account::where('email_hash', $hash)->exists()) {
+	note("Your email couldn't be verified. Please contact staff to do it manually.");
 }
 else
 {
-	$accountModel = Account::where('id', $accountEmailVerify->account_id)->where('email_verified', 0)->first();
+	$accountModel = Account::where('email_hash', $hash)->where('email_verified', 0)->first();
 	if ($accountModel) {
 		$accountModel->email_verified = 1;
 		$accountModel->save();
 
-		AccountEmailVerify::where('account_id', $accountModel->id)->delete();
-
 		success('You have now verified your e-mail, this will increase the security of your account. Thank you for doing this. You can now <a href=' . getLink('account/manage') . '>log in</a>.');
 
 		$account = new OTS_Account();
@@ -44,6 +39,6 @@ else
 		}
 	}
 	else {
-		error('Your account is already verified.');
+		error('Link has expired.');
 	}
 }

system/pages/account/create.php

@@ -10,7 +10,6 @@
  */
 
 use MyAAC\CreateCharacter;
-use MyAAC\Models\AccountEmailVerify;
 
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Create Account';
@@ -245,12 +244,7 @@ if($save)
 		if(setting('core.mail_enabled') && setting('core.account_mail_verify'))
 		{
 			$hash = md5(generateRandomString(16, true, true) . $email);
-
-			AccountEmailVerify::create([
-				'account_id' => $new_account->getId(),
-				'hash' => $hash,
-				'sent_at' => time(),
-			]);
+			$new_account->setCustomField('email_hash', $hash);
 
 			$verify_url = getLink('account/confirm-email/' . $hash);
 			$body_html = $twig->render('mail.account.verify.html.twig', array(

system/pages/account/login.php

@@ -48,9 +48,7 @@ if(!empty($login_account) && !empty($login_password))
 	)
 	{
 		if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
-			$link = getLink('account/resend-email-verify');
-			$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.<br/>' .
-				'You can resend the Email here: <a href="' . $link . '">' . $link . '</a>';
+			$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
 		} else {
 			session_regenerate_id();
 			setSession('account', $account_logged->getId());

system/pages/account/resend-email-verify.php

@@ -1,94 +0,0 @@
-<?php
-
-use MyAAC\Models\AccountEmailVerify;
-
-defined('MYAAC') or die('Direct access not allowed!');
-
-$title = 'Resend Email';
-
-$errorWithBackButton = function ($msg) use ($twig) {
-	$errors = [$msg];
-
-	$twig->display('error_box.html.twig', ['errors' => $errors]);
-	$twig->display('account.back_button.html.twig', [
-		'action' => getLink('account/resend-email-verify'),
-	]);
-};
-
-if (!setting('core.mail_enabled') || !setting('core.account_mail_verify')) {
-	$errorWithBackButton('Resending email is not possible on this server.');
-	return;
-}
-
-$showForm = true;
-
-if (isset($_POST['submit']) && $_POST['submit'] == '1') {
-	$email = $_REQUEST['email'];
-
-	if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
-		$errorWithBackButton('Please enter valid Email.');
-		return;
-	}
-
-	$account = new OTS_Account();
-	$account->findByEMail($email);
-	if ($account->isLoaded()) {
-		if ($account->getCustomField('email_verified') == '1') {
-			$errorWithBackButton('This account is already verified! You can <a href=' . getLink('account/manage') . '>log in</a> on the website.');
-			return;
-		}
-
-		$accountEmailVerify = AccountEmailVerify::where('account_id', $account->getId())->orderBy('sent_at', 'DESC')->first();
-		if ($accountEmailVerify && time() - $accountEmailVerify->sent_at < 60) {
-			$errorWithBackButton('Only one Email per minute is allowed. Please try again later.');
-			return;
-		}
-
-		$tmp_account = $email;
-		if (!config('account_login_by_email')) {
-			$tmp_account = (USE_ACCOUNT_NAME ? $account->getName() : $account->getId());
-		}
-
-		$hash = md5(generateRandomString(16, true, true) . $email);
-
-		AccountEmailVerify::create([
-			'account_id' => $account->getId(),
-			'hash' => $hash,
-			'sent_at' => time(),
-		]);
-
-		$verify_url = getLink('account/confirm-email/' . $hash);
-		$body_html = $twig->render('mail.account.resend-email-verify.html.twig', array(
-			'account' => $tmp_account,
-			'verify_url' => generateLink($verify_url, $verify_url, true)
-		));
-
-		if (_mail($account->getEMail(), configLua('serverName') . ' - Verify Account', $body_html)) {
-			$message = "If account with this email exists - you will become an email with verification link.";
-			$showForm = false;
-		} else {
-			$message = "<p class='error'>An error occurred while sending email (<b>{$email}</b> )! Try again later. For Admin: More info can be found in system/logs/mailer-error.log</p>";
-		}
-	}
-	else {
-		$message = "<br />If account with this email exists - you will become an email with verification link.";
-		$showForm = false;
-	}
-
-	$twig->display('success.html.twig', array(
-		'title' => 'Verify Email Sent',
-		'description' => $message,
-	));
-}
-
-//show errors if not empty
-if (!empty($errors)) {
-	$twig->display('error_box.html.twig', ['errors' => $errors]);
-	$twig->display('account.back_button.html.twig', [
-		'action' => getLink('account/resend-email-verify'),
-	]);
-}
-
-if ($showForm) {
-	$twig->display('account.resend-email-verify.html.twig');
-}

system/router.php

@@ -88,10 +88,8 @@ if($logged && $account_logged && $account_logged->isLoaded()) {
 /**
  * Routes loading
  */
-$routesFinal = [];
 $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r) {
-	global $cache, $routesFinal;
-
+	$routesFinal = [];
 	foreach(getDatabasePages() as $page) {
 		$routesFinal[] = ['*', $page, '__database__/' . $page, 100];
 	}
@@ -167,7 +165,7 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
 	echo '</pre>';
 	die;
 */
-	foreach ($routesFinal as &$route) {
+	foreach ($routesFinal as $route) {
 		if ($route[0] === '*') {
 			$route[0] = ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'HEAD'];
 		}
@@ -200,10 +198,6 @@ $dispatcher = FastRoute\cachedDispatcher(function (FastRoute\RouteCollector $r)
 			log_append('router.log', $warning);
 		}
 	}
-
-	if ($cache->enabled()) {
-		$cache->set('routes_final', serialize($routesFinal), 10 * 365 * 24 * 60 * 60); // 10 years / infinite
-	}
 },
 	[
 		'cacheFile' => CACHE . 'route.cache',
@@ -218,7 +212,7 @@ $found = true;
 
 // old support for pages like /?subtopic=accountmanagement
 $page = $_REQUEST['p'] ?? ($_REQUEST['subtopic'] ?? '');
-if(!empty($page) && preg_match('/^[A-z0-9\/\-]+$/', $page)) {
+if(!empty($page) && preg_match('/^[A-z0-9\-]+$/', $page)) {
 	if (isset($_REQUEST['p'])) { // some plugins may require this
 		$_REQUEST['subtopic'] = $_REQUEST['p'];
 	}
@@ -227,27 +221,10 @@ if(!empty($page) && preg_match('/^[A-z0-9\/\-]+$/', $page)) {
 		require SYSTEM . 'compat/pages.php';
 	}
 
-	$foundRoute = false;
-
-	$tmp = null;
-	if ($cache->enabled() && $cache->fetch('routes_final', $tmp)) {
-		$routesFinal = unserialize($tmp);
-	}
-
-	foreach ($routesFinal as $route) {
-		if ($page === $route[1]) {
-			$file = $route[2];
-			$foundRoute = true;
-			break;
-		}
-	}
-
-	if (!$foundRoute) {
 	$file = loadPageFromFileSystem($page, $found);
 	if(!$found) {
 		$file = false;
 	}
-	}
 }
 else {
 	$routeInfo = $dispatcher->dispatch($httpMethod, $uri);

system/src/Cache/Cache.php

@@ -115,11 +115,6 @@ class Cache
 			return unserialize($value);
 		}
 
-		// -1 for infinite cache
-		if ($ttl == -1) {
-			$ttl = 10 * 365 * 24 * 60 * 60; // 10 years should be enough
-		}
-
 		$value = $callback();
 		$cache->set($key, serialize($value), $ttl);
 		return $value;

system/src/Models/AccountEmailVerify.php

@@ -1,15 +0,0 @@
-<?php
-
-namespace MyAAC\Models;
-use Illuminate\Database\Eloquent\Model;
-
-class AccountEmailVerify extends Model
-{
-
-	protected $table = TABLE_PREFIX . 'account_emails_verify';
-
-	public $timestamps = false;
-
-	protected $fillable = ['account_id', 'hash', 'sent_at'];
-
-}

system/templates/account.resend-email-verify.html.twig

@@ -1,45 +0,0 @@
-Please enter your account Email address.<br/><br/>
-{% set title = 'Resend Email' %}
-{% set background = config('darkborder') %}
-{% set content %}
-	<table style="width:100%;">
-		<tr>
-			<td class="LabelV" >
-				<span><label for="email">Email Address:</label></span>
-			</td>
-			<td style="width:90%;">
-				<input type="email" form="form" id="email" name="email" size="30" maxlength="50" autofocus/>
-			</td>
-		</tr>
-	</table>
-{% endset %}
-{% include 'tables.headline.html.twig' %}
-<br/>
-<table style="width:100%;">
-	<tr align="center">
-		<td>
-			<table border="0" cellspacing="0" cellpadding="0">
-				<tr>
-					<td style="border:0;">
-						<form id="form" action="{{ getLink('account/resend-email-verify') }}" method="post">
-							{{ csrf() }}
-							<input type="hidden" name="submit" value="1"/>
-							{{ include('buttons.submit.html.twig') }}
-						</form>
-					</td>
-				<tr>
-			</table>
-		</td>
-		<td>
-			<table border="0" cellspacing="0" cellpadding="0">
-				<tr>
-					<td style="border:0;">
-						<form action="{{ getLink('news') }}" method="post">
-							{{ include('buttons.back.html.twig') }}
-						</form>
-					</td>
-				</tr>
-			</table>
-		</td>
-	</tr>
-</table>

system/templates/error_box.html.twig

@@ -9,7 +9,7 @@
 			<div class="AttentionSign" style="background-image:url({{ template_path }}/images/content/attentionsign.gif);"></div>
 			<b>The Following Errors Have Occurred:</b><br/>
 			{% for error in errors %}
-			<li>{{ error|striptags('<b><a>')|raw }}</li>
+			<li>{{ error|striptags('<b>')|raw }}</li>
 			{% endfor %}
 		</div>
 		<div class="BoxFrameHorizontal" style="background-image:url({{ template_path }}/images/content/box-frame-horizontal.gif);"></div>

system/templates/mail.account.resend-email-verify.html.twig

@@ -1,7 +0,0 @@
-Hello {{ account }}!<br/>
-<br/>
-You requested to resend the verify Email on {{ config.lua.serverName }}!<br/>
-<br/>
-
-To verify your email address please click the link below:<br/>
-{{ verify_url|raw }}

system/templates/online.html.twig

@@ -101,7 +101,7 @@
 
 	<tr>
 		<td class="LabelV150"><b>Location Datacenter:</b></td>
-		<td>{{ setting('core.online_datacenter')|raw }} <small>(Server date & time: - {{ "now"|date("d/m/Y H:i:s") }})</small></td>
+		<td>{{ setting('core.online_datacenter') }} <small>(Server date & time: - {{ "now"|date("d/m/Y H:i:s") }})</small></td>
 	</tr>
 	<tr>
 		<td class="LabelV150"><b>PvP Type:</b></td>

system/twig.php

@@ -101,9 +101,7 @@ $twig->addFunction($function);
 $function = new TwigFunction('hook', function ($context, $hook, array $params = []) {
 	global $hooks;
 
-	if (config('hooks_debug')) {
-		note($hook);
-	}
+	//note($hook);
 
 	if(is_string($hook)) {
 		if (defined($hook)) {

templates/tibiacom/index.php

@@ -27,7 +27,14 @@ if(isset($config['boxes']))
 		var loginStatus="<?php echo ($logged ? 'true' : 'false'); ?>";
 		<?php
 			if(PAGE !== 'news') {
-				$tmp = str_replace('/', '_', isset($_REQUEST['subtopic']) ? escapeHtml($_REQUEST['subtopic']) :  PAGE);
+				if(isset($_REQUEST['subtopic'])) {
+					$tmp = escapeHtml($_REQUEST['subtopic']);
+					if($tmp === 'accountmanagement') {
+						$tmp = 'accountmanage';
+					}
+				}
+				else {
+					$tmp = str_replace('/', '_', PAGE);
 					$exp = explode('/', PAGE);
 					if(PAGE !== 'account/create' && PAGE !== 'account/lost' && isset($exp[1])) {
 						if ($exp[0] === 'account' && $exp[1] === 'lost') {
@@ -42,6 +49,7 @@ if(isset($config['boxes']))
 						}
 					}
 				}
+			}
 			else {
 				$tmp = 'news';
 			}