Fix phpstan

[WIP] Lua + TOML stages loading
Lua extension required for .lua (canary)
2026-04-23 10:53:32 +02:00 · 2026-04-19 17:29:25 +02:00 · 2026-04-19 17:22:32 +02:00 · 2026-04-19 16:29:20 +02:00 · 2026-04-19 16:17:18 +02:00 · 2026-04-19 16:05:22 +02:00
142 changed files with 3991 additions and 5020 deletions
--- a/.github/workflows/cypress.yml
+++ b/.github/workflows/cypress.yml
@@ -1,9 +1,9 @@
 name: Cypress
 on:
  pull_request:
-    branches: [main]
+    branches: [develop]
  push:
-    branches: [main]
+    branches: [develop]
 jobs:
  cypress:
@@ -23,7 +23,7 @@ jobs:
      fail-fast: false
      matrix:
        php-versions: [ '8.1', '8.2', '8.3', '8.4', '8.5' ]
-        ots: ['tfs-1.4', 'canary-3.1.2'] # TODO: add 'tfs-master' (actually doesn't work cause AAC doesn't support reading .env configuration)
+        ots: ['tfs-1.4', 'canary-3.1.2', 'tfs-0.3'] # TODO: add 'tfs-master' (actually doesn't work cause AAC doesn't support reading .env configuration)
    name: Cypress (PHP ${{ matrix.php-versions }}, ${{ matrix.ots }})
    steps:
        - name: 📌 MySQL Start & init & show db
@@ -58,6 +58,14 @@ jobs:
            ref: master
            path: ots
        - name: Checkout TFS 0.3
          uses: actions/checkout@v4
          if: matrix.ots == 'tfs-0.3'
          with:
              repository: otland/tfs-old-svn
              ref: 0.3
              path: ots
        - name: Checkout Canary
          uses: actions/checkout@v4
          if: matrix.ots == 'canary-3.1.2'
@@ -67,9 +75,15 @@ jobs:
            path: ots
        - name: Import OTS Schema
          if: matrix.ots != 'tfs-0.3'
          run: |
              mysql -uroot -proot myaac < ots/schema.sql
        - name: Import OTS Schema (TFS 0.3)
          if: matrix.ots == 'tfs-0.3'
          run: |
              mysql -uroot -proot myaac < ots/schemas/mysql.sql
        - name: Rename config.lua
          run: mv ots/config.lua.dist ots/config.lua
@@ -109,6 +123,33 @@ jobs:
              regex: false
              include: 'ots/config.lua'
        - name: Replace mysqlPass (TFS 0.3.6pl1)
          uses: jacobtomlinson/gha-find-replace@v3
          if: matrix.ots == 'tfs-0.3'
          with:
              find: 'sqlType = "sqlite"'
              replace: 'sqlType = "mysql"'
              regex: false
              include: 'ots/config.lua'
        - name: Replace mysqlPass (TFS 0.3.6pl1)
          uses: jacobtomlinson/gha-find-replace@v3
          if: matrix.ots == 'tfs-0.3'
          with:
              find: 'sqlPass = ""'
              replace: 'sqlPass = "root"'
              regex: false
              include: 'ots/config.lua'
        - name: Replace mysqlDatabase (Canary)
          uses: jacobtomlinson/gha-find-replace@v3
          if: matrix.ots == 'tfs-0.3'
          with:
              find: 'sqlDatabase = "theforgottenserver"'
              replace: 'sqlDatabase = "myaac"'
              regex: false
              include: 'ots/config.lua'
        - name: Setup PHP
          uses: shivammathur/setup-php@v2
          with:
--- a/.github/workflows/phplint.yml
+++ b/.github/workflows/phplint.yml
@@ -1,9 +1,9 @@
 name: PHP Linting
 on:
  pull_request:
-    branches: [main]
+    branches: [develop]
  push:
-    branches: [main]
+    branches: [develop]
 jobs:
  phplint:
--- a/.github/workflows/phpstan.yml
+++ b/.github/workflows/phpstan.yml
@@ -2,9 +2,9 @@ name: "PHPStan"
 on:
  pull_request:
-    branches: [main]
+    branches: [develop]
  push:
-    branches: [main]
+    branches: [develop]
 jobs:
  tests:
@@ -14,7 +14,7 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        php-versions: [ '8.1', '8.2', '8.3', '8.4' ]
+        php-versions: [ '8.1', '8.2', '8.3', '8.4', '8.5' ]
    steps:
      - name: "Checkout"
        uses: "actions/checkout@v4"
--- a/CHANGELOG-2.x.md
+++ b/CHANGELOG-2.x.md
@@ -0,0 +1,25 @@
 ## [2.0-dev - x.x.2025]
 ### Added
 * Menus: Add an "access" option to Menus (#340)
  * Possibility to hide menus for unauthorized users
 * Settings: Add Reset button (https://github.com/slawkens/myaac/commit/7104c2258fd724a55239821b46a616dab845b22a, https://github.com/slawkens/myaac/commit/e274b8350451a20c24e652ea05ed1964ebb86b54)
 * New Setting: block create account spam by ip (https://github.com/slawkens/myaac/commit/54265f42e987522803288477952d6e5c4daeeb24)
 * Functions: Add the possibility to fetch skills, balance and frags in the getTopPlayers function (#347)
 * Plugins: autoload init-priority option (https://github.com/slawkens/myaac/commit/f1aa12840875960849fa0c99a2bbe0ad2949bbec)
 ### Changed
 * Better handling of vocations: (#345)
  * Load from vocations.xml (No need to manually set)
  * Support for Monk vocation
 * Better gallery, loads images from images/gallery folder
 * Reworked account action logs to use a single IP column as varchar(45) for both ipv4 and ipv6 (#289)
 * Make myaac_config table columns bigger (https://github.com/slawkens/myaac/commit/2c62a97160a3ffe9976ee5bd1d770a0abc576742)
 * Admin Panel: save menu collapse state (https://github.com/slawkens/myaac/commit/55da00520df7463a1d1ca41931df1598e9f2ffeb)
 ### Internal
 * Refactor account/lost pages (#326)
 * Refactor OTS_Player to support more distros (#348)
 * Refactor PHP cache to store expiration and improve typing (https://github.com/slawkens/myaac/commit/96b8e00f4999f8b4c4c97b54b97d91c6fd7df298)
 * Move forum show_board code to Twig (https://github.com/slawkens/myaac/commit/e0e0e467012a5fb9979cc4387af6bad1d4540279)
 * Save db cache only if it has changed (https://github.com/slawkens/myaac/commit/11cb1cf97e74f3bccf59360e1efb800a426b3d43)
--- a/admin/pages/accounts.php
+++ b/admin/pages/accounts.php
@@ -9,6 +9,7 @@
 */
 use MyAAC\Models\Account as AccountModel;
 use MyAAC\Models\AccountAction;
 use MyAAC\Models\Player;
 defined('MYAAC') or die('Direct access not allowed!');
@@ -182,39 +183,7 @@ else if (isset($_REQUEST['search'])) {
 					$account->setName($name);
 				}
 				if ($hasTypeColumn) {
 					$account->setCustomField('type', $group);
 				} elseif ($hasGroupColumn) {
 					$account->setCustomField('group_id', $group);
 				}
 				if ($hasSecretColumn) {
 					$account->setCustomField('secret', $secret);
 				}
 				$account->setCustomField('key', $key);
 				$account->setEMail($email);
 				if (HAS_ACCOUNT_COINS) {
 					$account->setCustomField('coins', $t_coins);
 				}
 				if (HAS_ACCOUNT_COINS_TRANSFERABLE || HAS_ACCOUNT_TRANSFERABLE_COINS) {
 					$account->setCustomField(ACCOUNT_COINS_TRANSFERABLE_COLUMN, $t_coins_transferable);
 				}
 				$lastDay = 0;
 				if($p_days != 0 && $p_days != OTS_Account::GRATIS_PREMIUM_DAYS) {
 					$lastDay = time();
 				} else if ($lastDay != 0) {
 					$lastDay = 0;
 				}
 				$account->setPremDays($p_days);
 				$account->setLastLogin($lastDay);
 				if ($hasPointsColumn) {
 					$account->setCustomField('premium_points', $p_points);
 				}
 				$account->setRLName($rl_name);
 				$account->setLocation($rl_loca);
@@ -222,9 +191,18 @@ else if (isset($_REQUEST['search'])) {
 					$account->setCountry($rl_country);
 				}
 				$account->setCustomField('created', $created);
 				$account->setWebFlags($web_flags);
-				$account->setCustomField('web_lastlogin', $web_lastlogin);
+
 				if (!isCanary()) {
 					$lastDay = 0;
 					if($p_days != 0 && $p_days != OTS_Account::GRATIS_PREMIUM_DAYS) {
 						$lastDay = time();
 					}
 					$account->setLastLogin($lastDay);
 				}
 				$account->setPremDays($p_days);
 				if (isset($password)) {
 					if (USE_ACCOUNT_SALT) {
@@ -238,6 +216,34 @@ else if (isset($_REQUEST['search'])) {
 				}
 				$account->save();
 				if ($hasTypeColumn) {
 					$account->setCustomField('type', $group);
 				} elseif ($hasGroupColumn) {
 					$account->setCustomField('group_id', $group);
 				}
 				if ($hasSecretColumn) {
 					$account->setCustomField('secret', $secret);
 				}
 				$account->setCustomField('key', $key);
 				if (HAS_ACCOUNT_COINS) {
 					$account->setCustomField('coins', $t_coins);
 				}
 				if (HAS_ACCOUNT_COINS_TRANSFERABLE || HAS_ACCOUNT_TRANSFERABLE_COINS) {
 					$account->setCustomField(ACCOUNT_COINS_TRANSFERABLE_COLUMN, $t_coins_transferable);
 				}
 				if ($hasPointsColumn) {
 					$account->setCustomField('premium_points', $p_points);
 				}
 				$account->setCustomField('created', $created);
 				$account->setCustomField('web_lastlogin', $web_lastlogin);
 				echo_success('Account saved at: ' . date('G:i'));
 			}
 		}
@@ -481,9 +487,8 @@ else if (isset($_REQUEST['search'])) {
 									</thead>
 									<tbody>
 										<?php
-											$accountActions = \MyAAC\Models\AccountAction::where('account_id', $account->getId())->orderByDesc('date')->get();
+											$accountActions = AccountAction::where('account_id', $account->getId())->orderByDesc('date')->get();
 											foreach ($accountActions as $i => $log):
 												$log->ip = ($log->ip != 0 ? long2ip($log->ip) : inet_ntop($log->ipv6));
 												?>
 											<tr>
 												<td><?php echo $i + 1; ?></td>
@@ -631,6 +636,7 @@ else if (isset($_REQUEST['search'])) {
 							</div>
 						</form>
 					</div>
 					<?php if (USE_ACCOUNT_NAME): ?>
 					<div class="col-6 col-lg-12">
 						<form action="<?php echo $admin_base; ?>" method="post">
 							<?php csrf(); ?>
@@ -641,6 +647,7 @@ else if (isset($_REQUEST['search'])) {
 							</div>
 						</form>
 					</div>
 					<?php endif; ?>
 					<div class="col-6 col-lg-12">
 						<form action="<?php echo $admin_base; ?>" method="post">
 							<?php csrf(); ?>
--- a/admin/pages/menus.php
+++ b/admin/pages/menus.php
@@ -23,6 +23,7 @@ if (!hasFlag(FLAG_CONTENT_MENUS) && !superAdmin()) {
 }
 $pluginThemes = Plugins::getThemes();
 $groups = new OTS_Groups_List();
 if (isset($_POST['template'])) {
 	$template = $_POST['template'];
@@ -32,6 +33,8 @@ if (isset($_POST['template'])) {
 		$post_menu_link = $_POST['menu_link'] ?? [];
 		$post_menu_blank = $_POST['menu_blank'] ?? [];
 		$post_menu_color = $_POST['menu_color'] ?? [];
 		$post_menu_access = $_POST['menu_access'] ?? [];
 		if (count($post_menu) != count($post_menu_link)) {
 			echo 'Menu count is not equal menu links. Something went wrong when sending form.';
 			return;
@@ -50,6 +53,7 @@ if (isset($_POST['template'])) {
 						'link' => $post_menu_link[$category][$i],
 						'blank' => $post_menu_blank[$category][$i] == 'on' ? 1 : 0,
 						'color' => str_replace('#', '', $post_menu_color[$category][$i]),
 						'access' => $post_menu_access[$category][$i],
 						'category' => $category,
 						'ordering' => $i
 					]);
@@ -122,7 +126,7 @@ if (isset($_POST['template'])) {
 	?>
 	<?php
 	$menus = Menu::query()
-		->select('name', 'link', 'blank', 'color', 'category', 'ordering')
+		->select('name', 'link', 'access', 'blank', 'color', 'category', 'ordering')
 		->where('enabled', 1)
 		->where('template', $template)
 		->orderBy('ordering')
@@ -151,11 +155,34 @@ if (isset($_POST['template'])) {
 									foreach ($menus[$id] as $menu):
 										$color = (empty($menu['color']) ? ($cat['default_links_color'] ?? ($config['menu_default_links_color'] ?? ($config['menu_default_color'] ?? '#ffffff'))) : '#' . $menu['color']);
 										?>
-										<li class="ui-state-default" id="list-<?php echo $id ?>-<?php echo $i ?>"><label>Name:</label> <input type="text" name="menu[<?php echo $id ?>][]" value="<?php echo escapeHtml($menu['name']); ?>"/>
+										<li class="ui-state-default" id="list-<?php echo $id ?>-<?php echo $i ?>">
-											<label>Link:</label> <input type="text" name="menu_link[<?php echo $id ?>][]" value="<?php echo $menu['link'] ?>"/>
+											<label class="label_menu_name">Name: <input type="text" name="menu[<?php echo $id ?>][]" class="form-control menu-name" value="<?php echo escapeHtml($menu['name']); ?>"/>
-											<input type="hidden" name="menu_blank[<?php echo $id ?>][]" value="0"/>
+											</label>
-											<label><input class="blank-checkbox" type="checkbox" <?php echo($menu['blank'] == 1 ? 'checked' : '') ?>/><span title="Open in New Window">New Window</span></label>
+
-											<input class="color-picker" type="text" name="menu_color[<?php echo $id ?>][]" value="<?php echo $color; ?>"/>
+											<label class="label_menu_link">Link: <input type="text" name="menu_link[<?= $id ?>][]" class="form-control menu-link" value="<?php echo $menu['link'] ?>"/>
 											</label>
 											<br/>
 											<div class="menu-options-row">
 												<label>Access:
 													<select name="menu_access[<?= $id ?>][]" class="form-control menu-access">
 														<option value="0" <?= ($menu['access'] == 0 ? 'selected' : ''); ?>>Guest*</option>
 														<?php foreach ($groups->getGroups() as $group): ?>
 															<option value="<?= $group->getId(); ?>" <?= ($menu['access'] == $group->getId() ? 'selected' : ''); ?>><?= ucfirst($group->getName()); ?></option>
 														<?php endforeach; ?>
 													</select>
 												</label>
 												<label>Color: <input class="menu-color" type="color" name="menu_color[<?php echo $id ?>][]" value="<?php echo $color; ?>"/>
 												</label>
 												<input type="hidden" name="menu_blank[<?php echo $id ?>][]" class="menu-blank" value="0"/>
 												<label><input type="checkbox" class="menu-blank-checkbox" <?php echo($menu['blank'] == 1 ? 'checked' : '') ?>/><span title="Open in New Window">New Window</span></label>
 											</div>
 											<a class="remove-button" id="remove-button-<?php echo $id ?>-<?php echo $i ?>"><i class="fas fa-trash"></a></i></li>
 										<?php $i++; $last_id[$id] = $i;
 									endforeach;
--- a/admin/pages/players.php
+++ b/admin/pages/players.php
@@ -10,6 +10,8 @@
 use MyAAC\Forum;
 use MyAAC\Models\Player;
 use MyAAC\Server\Outfits;
 use MyAAC\Server\XML\Vocations;
 defined('MYAAC') or die('Direct access not allowed!');
@@ -34,6 +36,7 @@ $skills = array(
 $hasBlessingsColumn = $db->hasColumn('players', 'blessings');
 $hasBlessingColumn = $db->hasColumn('players', 'blessings1');
 $hasLookAddons = $db->hasColumn('players', 'lookaddons');
 $hasCapColumn = $db->hasColumn('players', 'cap');
 $skull_type = array("None", "Yellow", "Green", "White", "Red", "Black", "Orange");
 ?>
@@ -166,8 +169,11 @@ else if (isset($_REQUEST['search'])) {
 			$town = $_POST['town'];
 			verify_number($town, 'Town', 11);
 			if ($hasCapColumn) {
 				$capacity = $_POST['capacity'];
 				verify_number($capacity, 'Capacity', 11);
 			}
 			$sex = $_POST['sex'];
 			verify_number($sex, 'Sex', 1);
@@ -237,7 +243,30 @@ else if (isset($_REQUEST['search'])) {
 				$player->setGroup($groups->getGroup($group));
 				$player->setLevel($level);
 				$player->setExperience($experience);
 				if ($db->hasColumn('players', 'promotion')) {
 					$promotion = 0;
 					$vocationOriginal = Vocations::getOriginal($vocation);
 					if ($vocation != $vocationOriginal) {
 						$tmpId = $vocationOriginal;
 						while($promoted = Vocations::getPromoted($tmpId)) {
 							$promotion++;
 							$tmpId = $promoted;
 							if ($promoted == $vocation) {
 								break;
 							}
 						}
 						$vocation = $vocationOriginal;
 					}
 					$player->setPromotion($promotion);
 				}
 				$player->setVocation($vocation);
 				$player->setHealth($health);
 				$player->setHealthMax($health_max);
 				$player->setMagLevel($magic_level);
@@ -249,16 +278,20 @@ else if (isset($_REQUEST['search'])) {
 				$player->setLookHead($look_head);
 				$player->setLookLegs($look_legs);
 				$player->setLookType($look_type);
-				if ($hasLookAddons)
+				if ($hasLookAddons) {
 					$player->setLookAddons($look_addons);
-				if ($db->hasColumn('players', 'offlinetraining_time'))
+				}
-					$player->setCustomField('offlinetraining_time', $offlinetraining);
+
 				$player->setPosX($pos_x);
 				$player->setPosY($pos_y);
 				$player->setPosZ($pos_z);
 				$player->setSoul($soul);
 				$player->setTownId($town);
 				if ($hasCapColumn) {
 					$player->setCap($capacity);
 				}
 				$player->setSex($sex);
 				$player->setLastLogin($lastlogin);
 				$player->setLastLogout($lastlogout);
@@ -275,23 +308,11 @@ else if (isset($_REQUEST['search'])) {
 				if ($hasBlessingsColumn)
 					$player->setBlessings($blessings);
 				if ($hasBlessingColumn) {
 					for ($i = 1; $i <= $bless_count; $i++) {
 						$a = 'blessing' . $i;
 						$player->setCustomField('blessings' . $i, ${'blessing' . $i} ? '1' : '0');
 					}
 				}
 				$player->setBalance($balance);
 				if ($db->hasColumn('players', 'stamina'))
 					$player->setStamina($stamina);
-				if ($db->hasColumn('players', 'deletion'))
+
-					$player->setCustomField('deletion', $deleted ? '1' : '0');
+				$player->setDeleted($deleted ? '1' : '0');
 				else
 					$player->setCustomField('deleted', $deleted ? '1' : '0');
 				$player->setCustomField('hide', $hide ? '1' : '0');
 				$player->setCustomField('created', $created);
 				if (isset($comment))
 					$player->setCustomField('comment', $comment);
 				foreach ($_POST['skills'] as $skill => $value) {
 					$player->setSkill($skill, $value);
@@ -300,6 +321,24 @@ else if (isset($_REQUEST['search'])) {
 					$player->setSkillTries($skill, $value);
 				}
 				$player->save();
 				if ($db->hasColumn('players', 'offlinetraining_time')) {
 					$player->setCustomField('offlinetraining_time', $offlinetraining);
 				}
 				if ($hasBlessingColumn) {
 					for ($i = 1; $i <= $bless_count; $i++) {
 						$a = 'blessing' . $i;
 						$player->setCustomField('blessings' . $i, ${'blessing' . $i} ? '1' : '0');
 					}
 				}
 				$player->setCustomField('hide', $hide ? '1' : '0');
 				$player->setCustomField('created', $created);
 				if (isset($comment)) {
 					$player->setCustomField('comment', $comment);
 				}
 				echo_success('Player saved at: ' . date('G:i'));
 				$player->load($id);
 			}
@@ -531,10 +570,12 @@ else if (isset($_REQUEST['search'])) {
 									</div>
 								</div>
 								<div class="form-group row">
 									<?php if($hasCapColumn): ?>
 									<div class="col-12 col-sm-12 col-lg-6">
 										<label for="capacity" class="control-label">Capacity:</label>
 										<input type="text" class="form-control" id="capacity" name="capacity" autocomplete="off" size="3" maxlength="11" value="<?php echo $player->getCap(); ?>"/>
 									</div>
 									<?php endif; ?>
 									<div class="col-12 col-sm-12 col-lg-6">
 										<label for="soul" class="control-label">Soul:</label>
 										<input type="text" class="form-control" id="soul" name="soul" autocomplete="off" size="3" maxlength="10" value="<?php echo $player->getSoul(); ?>"/>
@@ -619,14 +660,14 @@ else if (isset($_REQUEST['search'])) {
 									<div class="col-12 col-sm-12 col-lg-6">
 										<label for="look_type" class="control-label">Type:</label>
 										<?php
-										$outfitlist = null;
+										$outfits = Outfits::get();
-										$outfitlist = Outfits_loadfromXML();
+										if ($outfits) { ?>
 										if ($outfitlist) { ?>
 											<select name="look_type" id="look_type" class="form-control custom-select">
 												<?php
-												foreach ($outfitlist as $_id => $outfit) {
+												foreach ($outfits as $outfit) {
-													if ($outfit['enabled'] == 'yes') ;
+													if ($outfit['enabled']) {
-													echo '<option value=' . $outfit['id'] . ($outfit['id'] == $player->getLookType() ? ' selected' : '') . '>' . $outfit['name'] . ' - ' . ($outfit['type'] == 1 ? 'Male' : 'Female') . '</option>';
+														echo '<option value=' . $outfit['id'] . ($outfit['id'] == $player->getLookType() ? ' selected' : '') . '>' . $outfit['name'] . ' - ' . ($outfit['sex'] == SEX_MALE ? 'Male' : 'Female') . '</option>';
 													}
 												}
 												?>
 											</select>
--- a/admin/pages/settings.php
+++ b/admin/pages/settings.php
@@ -46,6 +46,15 @@ if (!is_array($settingsFile)) {
 	return;
 }
 if (isset($_POST['reset']) && $_POST['reset'] == '1') {
 	$settings = Settings::getInstance();
 	$settings->deleteFromDatabase($settingsFile['key']);
 	$settings->clearCache();
 	success('Settings for this plugin has been reset.');
 }
 $settingsKeyName = ($plugin == 'core' ? $plugin : $settingsFile['key']);
 $title = ($plugin == 'core' ? 'Settings' : 'Plugin Settings - ' . $settingsFile['name']);
@@ -57,4 +66,5 @@ $twig->display('admin.settings.html.twig', [
 	'settings' => $settingsFile['settings'],
 	'script' => $settingsParsed['script'],
 	'settingsKeyName' => $settingsKeyName,
 	'pluginName' => $plugin,
 ]);
--- a/admin/template/template.php
+++ b/admin/template/template.php
@@ -19,14 +19,14 @@
 	<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic">
 	<?php $hooks->trigger(HOOK_ADMIN_HEAD_END); ?>
 </head>
-<body class="sidebar-mini ">
+<body class="sidebar-mini <?= (session('admin.menu-collapse') ? 'sidebar-collapse' : ''); ?>">
 <?php $hooks->trigger(HOOK_ADMIN_BODY_START); ?>
 <?php if ($logged && admin()) { ?>
 	<div class="wrapper">
 		<nav class="main-header navbar navbar-expand navbar-white navbar-light">
 			<ul class="navbar-nav">
 				<li class="nav-item">
-					<a class="nav-link" data-widget="pushmenu" href="#"><i class="fas fa-bars"></i></a>
+					<a class="nav-link sidebar-toggle" data-widget="pushmenu" href="#"><i class="fas fa-bars"></i></a>
 				</li>
 				<li class="nav-item d-none d-sm-inline-block">
 					<a href="<?php echo ADMIN_URL; ?>" class="nav-link">Home</a>
@@ -199,6 +199,7 @@ if ($logged && admin()) {
 <script src="<?php echo BASE_URL; ?>tools/js/datatables.bs.min.js"></script>
 <?php } ?>
 <script src="<?php echo BASE_URL; ?>tools/js/adminlte.min.js"></script>
 <?php $twig->display('admin.menu-collapse.html.twig'); ?>
 <?php $hooks->trigger(HOOK_ADMIN_BODY_END); ?>
 </body>
 </html>
--- a/admin/tools/menu_collapse.php
+++ b/admin/tools/menu_collapse.php
@@ -0,0 +1,23 @@
 <?php
 const MYAAC_ADMIN = true;
 const IGNORE_SET_LAST_VISIT = true;
 require '../../common.php';
 require SYSTEM . 'functions.php';
 require SYSTEM . 'init.php';
 require SYSTEM . 'login.php';
 if(!admin()) {
 	http_response_code(500);
 	die('You are not logged in. Probably session expired. Please login again.');
 }
 if (!isset($_POST['collapse'])) {
 	http_response_code(500);
 	die('Something went wrong.');
 }
 csrfProtect();
 setSession('admin.menu-collapse', $_POST['collapse'] == 'true');
--- a/common.php
+++ b/common.php
@@ -26,8 +26,8 @@
 if (version_compare(phpversion(), '8.1', '<')) die('PHP version 8.1 or higher is required.');
 const MYAAC = true;
-const MYAAC_VERSION = '1.8.10-dev';
+const MYAAC_VERSION = '2.0-dev';
-const DATABASE_VERSION = 46;
+const DATABASE_VERSION = 52;
 const TABLE_PREFIX = 'myaac_';
 define('START_TIME', microtime(true));
 define('MYAAC_OS', stripos(PHP_OS, 'WIN') === 0 ? 'WINDOWS' : (strtoupper(PHP_OS) === 'DARWIN' ? 'MAC' : 'LINUX'));
@@ -104,6 +104,8 @@ const OTSERV_FIRST = OTSERV;
 const OTSERV_LAST = OTSERV_06;
 const TFS_02 = 3;
 const TFS_03 = 4;
 const BLACKTEK_2 = 5;
 const BLACKTEK = 6;
 const TFS_FIRST = TFS_02;
 const TFS_LAST = TFS_03;
--- a/composer.json
+++ b/composer.json
@@ -5,6 +5,7 @@
        "ext-pdo_mysql": "*",
        "ext-json": "*",
        "ext-xml": "*",
        "ext-simplexml": "*",
        "ext-dom": "*",
        "phpmailer/phpmailer": "^6.1",
        "composer/semver": "^3.2",
@@ -19,7 +20,8 @@
        "symfony/var-dumper": "^6.4",
        "filp/whoops": "^2.15",
        "maximebf/debugbar": "1.*",
-        "guzzlehttp/guzzle": "7.9.3"
+        "guzzlehttp/guzzle": "7.9.3",
        "devium/toml": "^1.0"
    },
    "require-dev": {
        "phpstan/phpstan": "^1.10"
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
        "This file is @generated automatically"
    ],
-    "content-hash": "5317e97a5025ebc2a977214bd3fa964c",
+    "content-hash": "de1219601202cf55861809fd69c5feb4",
    "packages": [
        {
            "name": "brick/math",
@@ -216,6 +216,75 @@
            ],
            "time": "2024-09-19T14:15:21+00:00"
        },
        {
            "name": "devium/toml",
            "version": "1.0.6",
            "source": {
                "type": "git",
                "url": "https://github.com/vanodevium/toml.git",
                "reference": "190882f9d92e88f8031285129ba9df501da899a6"
            },
            "dist": {
                "type": "zip",
                "url": "https://api.github.com/repos/vanodevium/toml/zipball/190882f9d92e88f8031285129ba9df501da899a6",
                "reference": "190882f9d92e88f8031285129ba9df501da899a6",
                "shasum": ""
            },
            "require": {
                "ext-json": "*",
                "php": ">=8.1",
                "php-ds/php-ds": "^1.5",
                "symfony/polyfill-mbstring": "^1.30"
            },
            "require-dev": {
                "laravel/pint": "^1.17.3",
                "pestphp/pest": "^2.35.1",
                "phpstan/phpstan": "^1.12.2",
                "rector/rector": "^1.2.4",
                "symfony/var-dumper": "^6.4|^7.1.4"
            },
            "suggest": {
                "ext-ds": "For best performance",
                "ext-mbstring": "For best performance"
            },
            "type": "library",
            "autoload": {
                "files": [
                    "src/helpers.php"
                ],
                "psr-4": {
                    "Devium\\Toml\\": "src/"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
                "MIT"
            ],
            "authors": [
                {
                    "name": "Vano Devium",
                    "email": "vano@devium.me"
                }
            ],
            "description": "A PHP encoder/decoder for TOML compatible with specification 1.0.0",
            "keywords": [
                "decode",
                "encode",
                "parser",
                "toml"
            ],
            "support": {
                "issues": "https://github.com/vanodevium/toml/issues",
                "source": "https://github.com/vanodevium/toml/tree/v1.0.6"
            },
            "funding": [
                {
                    "url": "https://github.com/vanodevium",
                    "type": "github"
                }
            ],
            "time": "2025-04-22T18:10:54+00:00"
        },
        {
            "name": "doctrine/inflector",
            "version": "2.0.10",
@@ -1615,6 +1684,62 @@
            },
            "time": "2021-04-22T21:32:03+00:00"
        },
        {
            "name": "php-ds/php-ds",
            "version": "v1.7.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-ds/polyfill.git",
                "reference": "017fb5cdfa52a1f13126c94987b04b884c44f9cd"
            },
            "dist": {
                "type": "zip",
                "url": "https://api.github.com/repos/php-ds/polyfill/zipball/017fb5cdfa52a1f13126c94987b04b884c44f9cd",
                "reference": "017fb5cdfa52a1f13126c94987b04b884c44f9cd",
                "shasum": ""
            },
            "require": {
                "ext-json": "*",
                "php": ">=7.4"
            },
            "provide": {
                "ext-ds": "1.5.0"
            },
            "require-dev": {
                "php-ds/tests": "^1.5"
            },
            "suggest": {
                "ext-ds": "to improve performance and reduce memory usage"
            },
            "type": "library",
            "autoload": {
                "psr-4": {
                    "Ds\\": "src"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
                "MIT"
            ],
            "authors": [
                {
                    "name": "Rudi Theunissen",
                    "email": "rudolf.theunissen@gmail.com"
                }
            ],
            "description": "Specialized data structures as alternatives to the PHP array",
            "keywords": [
                "data structures",
                "ds",
                "php",
                "polyfill"
            ],
            "support": {
                "issues": "https://github.com/php-ds/polyfill/issues",
                "source": "https://github.com/php-ds/polyfill/tree/v1.7.0"
            },
            "time": "2025-05-18T04:50:53+00:00"
        },
        {
            "name": "phpmailer/phpmailer",
            "version": "v6.9.3",
--- a/images/druid.png
+++ b/images/druid.png
--- a/images/knight.png
+++ b/images/knight.png
--- a/images/monk.png
+++ b/images/monk.png
--- a/images/paladin.png
+++ b/images/paladin.png
--- a/images/sorcerer.png
+++ b/images/sorcerer.png
--- a/install/includes/config.php
+++ b/install/includes/config.php
@@ -1,4 +1,7 @@
 <?php
 use MyAAC\Server\Lua\Loader;
 defined('MYAAC') or die('Direct access not allowed!');
 if(!isset($_SESSION['var_server_path'])) {
@@ -11,13 +14,18 @@ $config['server_path'] = $_SESSION['var_server_path'];
 if($config['server_path'][strlen($config['server_path']) - 1] != '/')
 	$config['server_path'] .= '/';
-if((!isset($error) || !$error) && !file_exists($config['server_path'] . 'config.lua')) {
+$configLuaExists = file_exists($config['server_path'] . 'config.lua');
 $configTomlExists = file_exists($config['server_path'] . 'config/server.toml');
 if((!isset($error) || !$error)
 	&& !$configLuaExists
 	&& !$configTomlExists) {
 	error($locale['step_database_error_config']);
 	$error = true;
 }
 if (!isset($error) || !$error) {
-	$config['lua'] = load_config_lua($config['server_path'] . 'config.lua');
+	if($configLuaExists) {
 		$config['lua'] = Loader::load($config['server_path'] . 'config.lua');
 		if (isset($config['lua']['sqlType'])) // tfs 0.3
 			$config['database_type'] = $config['lua']['sqlType'];
 		elseif (isset($config['lua']['mysqlHost'])) // tfs 0.2/1.0
@@ -29,6 +37,13 @@ if(!isset($error) || !$error) {
 		else {
 			$config['database_type'] = '';
 		}
 	}
 	elseif ($configTomlExists) {
 		$tomlConfig = new MyAAC\Server\TOML\Config();
 		$tomlConfig->load();
 		$config['server'] = $tomlConfig->get();
 		$config['database_type'] = (isset($config['server']['database']['mysql']) ? 'mysql' : '');
 	}
 	$config['database_type'] = strtolower($config['database_type']);
 	if(empty($config['database_type'])) {
--- a/install/includes/import_base_data.php
+++ b/install/includes/import_base_data.php
@@ -3,6 +3,7 @@ defined('MYAAC') or die('Direct access not allowed!');
 use MyAAC\Models\Changelog;
 use MyAAC\Models\Config;
 use MyAAC\Models\FAQ;
 use MyAAC\Models\ForumBoard;
 use MyAAC\Models\Gallery;
 use MyAAC\Models\NewsCategory;
@@ -56,13 +57,10 @@ if (NewsCategory::count() === 0) {
 	}
 }
-if (Gallery::count() === 0) {
+if(FAQ::count() == 0) {
-	Gallery::create([
+	FAQ::create([
-		'comment' => 'Demon',
+		'question' => 'What is this?',
-		'image' => 'images/gallery/demon.jpg',
+		'answer' => 'This is website for OTS powered by MyAAC.',
 		'thumb' => 'images/gallery/demon_thumb.gif',
 		'author' => 'MyAAC',
 		'ordering' => 0,
 	]);
 }
--- a/install/includes/schema.sql
+++ b/install/includes/schema.sql
@@ -1,11 +1,13 @@
 CREATE TABLE IF NOT EXISTS `myaac_account_actions`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`account_id` int NOT NULL,
-	`ip` int unsigned NOT NULL DEFAULT 0,
+	`ip` varchar(45) NOT NULL DEFAULT '',
 	`ipv6` binary(16) NOT NULL DEFAULT 0,
 	`date` int NOT NULL DEFAULT 0,
 	`action` varchar(255) NOT NULL DEFAULT '',
-	KEY (`account_id`)
+	PRIMARY KEY (`id`),
 	INDEX `myaac_account_actions_account_id` (`account_id`),
 	INDEX `myaac_account_actions_ip` (`ip`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 CREATE TABLE IF NOT EXISTS `myaac_account_emails_verify`
@@ -43,8 +45,8 @@ CREATE TABLE IF NOT EXISTS `myaac_changelog`
 CREATE TABLE IF NOT EXISTS `myaac_config`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
-	`name` varchar(30) NOT NULL,
+	`name` varchar(255) NOT NULL,
-	`value` varchar(1000) NOT NULL,
+	`value` varchar(10000) NOT NULL,
 	PRIMARY KEY (`id`),
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
@@ -102,6 +104,7 @@ CREATE TABLE IF NOT EXISTS `myaac_menu`
 	`template` varchar(255) NOT NULL,
 	`name` varchar(255) NOT NULL,
 	`link` varchar(255) NOT NULL,
 	`access` tinyint NOT NULL DEFAULT 0,
 	`blank` tinyint NOT NULL DEFAULT 0,
 	`color` varchar(6) NOT NULL DEFAULT '',
 	`category` int NOT NULL DEFAULT 1,
@@ -197,18 +200,6 @@ CREATE TABLE IF NOT EXISTS `myaac_pages`
 	UNIQUE (`name`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 CREATE TABLE IF NOT EXISTS `myaac_gallery`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`comment` varchar(255) NOT NULL DEFAULT '',
 	`image` varchar(255) NOT NULL,
 	`thumb` varchar(255) NOT NULL,
 	`author` varchar(50) NOT NULL DEFAULT '',
 	`ordering` int NOT NULL DEFAULT 0,
 	`hide` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
 CREATE TABLE IF NOT EXISTS `myaac_settings`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
--- a/install/index.php
+++ b/install/index.php
@@ -1,5 +1,6 @@
 <?php
 use MyAAC\Server\Config;
 use Twig\Environment as Twig_Environment;
 use Twig\Loader\FilesystemLoader as Twig_FilesystemLoader;
@@ -83,7 +84,7 @@ if($step == 'database') {
 				$config['server_path'] .= '/';
 			}
-			if(!file_exists($config['server_path'] . 'config.lua')) {
+			if(!Config::exists()) {
 				$errors[] = $locale['step_database_error_config'];
 				break;
 			}
--- a/install/tools/7-finish.php
+++ b/install/tools/7-finish.php
@@ -2,8 +2,6 @@
 define('MYAAC_INSTALL', true);
 use MyAAC\DataLoader;
 use MyAAC\Models\FAQ as ModelsFAQ;
 use MyAAC\Plugins;
 require_once '../../common.php';
@@ -25,34 +23,9 @@ if(isset($config['installed']) && $config['installed'] && !isset($_SESSION['save
 require SYSTEM . 'init.php';
-if ($db->hasTable('players')) {
+// add player samples
-	$deleted = 'deleted';
+require_once SYSTEM . 'migrations/49.php';
-	if ($db->hasColumn('players', 'deletion'))
+$up();
 		$deleted = 'deletion';
 	$time = time();
 	function insert_sample_if_not_exist($p)
 	{
 		global $db, $success, $deleted, $time;
 		$query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote($p['name']));
 		if ($query->rowCount() == 0) {
 			if (!query("INSERT INTO `players` (`id`, `name`, `group_id`, `account_id`, `level`, `vocation`, `health`, `healthmax`, `experience`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`, `maglevel`, `mana`, `manamax`, `manaspent`, `soul`, `town_id`, `posx`, `posy`, `posz`, `conditions`, `cap`, `sex`, `lastlogin`, `lastip`, `save`, `lastlogout`, `balance`, `$deleted`, `created`, `hide`, `comment`) VALUES (null, " . $db->quote($p['name']) . ", 1, " . getSession('account') . ", " . $p['level'] . ", " . $p['vocation_id'] . ", " . $p['health'] . ", " . $p['healthmax'] . ", " . $p['experience'] . ", 118, 114, 38, 57, " . $p['looktype'] . ", 0, " . $p['mana'] . ", " . $p['manamax'] . ", 0, " . $p['soul'] . ", 1, 1000, 1000, 7, '', " . $p['cap'] . ", 1, " . $time . ", 2130706433, 1, " . $time . ", 0, 0, " . $time . ", 1, '');"))
 				$success = false;
 		}
 	}
 	$success = true;
 	insert_sample_if_not_exist(array('name' => 'Rook Sample', 'level' => 1, 'vocation_id' => 0, 'health' => 150, 'healthmax' => 150, 'experience' => 0, 'looktype' => 130, 'mana' => 0, 'manamax' => 0, 'soul' => 100, 'cap' => 400));
 	insert_sample_if_not_exist(array('name' => 'Sorcerer Sample', 'level' => 8, 'vocation_id' => 1, 'health' => 185, 'healthmax' => 185, 'experience' => 4200, 'looktype' => 130, 'mana' => 90, 'manamax' => 90, 'soul' => 100, 'cap' => 470));
 	insert_sample_if_not_exist(array('name' => 'Druid Sample', 'level' => 8, 'vocation_id' => 2, 'health' => 185, 'healthmax' => 185, 'experience' => 4200, 'looktype' => 130, 'mana' => 90, 'manamax' => 90, 'soul' => 100, 'cap' => 470));
 	insert_sample_if_not_exist(array('name' => 'Paladin Sample', 'level' => 8, 'vocation_id' => 3, 'health' => 185, 'healthmax' => 185, 'experience' => 4200, 'looktype' => 129, 'mana' => 90, 'manamax' => 90, 'soul' => 100, 'cap' => 470));
 	insert_sample_if_not_exist(array('name' => 'Knight Sample', 'level' => 8, 'vocation_id' => 4, 'health' => 185, 'healthmax' => 185, 'experience' => 4200, 'looktype' => 131, 'mana' => 90, 'manamax' => 90, 'soul' => 100, 'cap' => 470));
 	if ($success) {
 		success($locale['step_database_imported_players']);
 	}
 }
 DataLoader::setLocale($locale);
 DataLoader::load();
@@ -63,10 +36,6 @@ clearCache();
 require_once SYSTEM . 'migrations/17.php';
 $up();
 // update config.highscores_ids_hidden
 require_once SYSTEM . 'migrations/20.php';
 $up();
 // add z_polls tables
 require_once SYSTEM . 'migrations/22.php';
 $up();
@@ -85,13 +54,6 @@ $up();
 require_once SYSTEM . 'migrations/45.php';
 $up();
 if(ModelsFAQ::count() == 0) {
 	ModelsFAQ::create([
 		'question' => 'What is this?',
 		'answer' => 'This is website for OTS powered by MyAAC.',
 	]);
 }
 $hooks->trigger(HOOK_INSTALL_FINISH);
 $db->setClearCacheAfter(true);
--- a/system/compat/base.php
+++ b/system/compat/base.php
@@ -9,6 +9,8 @@
 */
 defined('MYAAC') or die('Direct access not allowed!');
 use MyAAC\Server\Lua\Loader;
 class Validator extends \MyAAC\Validator {}
 function check_name($name, &$errors = '') {
@@ -74,3 +76,77 @@ function fieldExist($field, $table)
 	global $db;
 	return $db->hasColumn($table, $field);
 }
 function Outfits_loadfromXML(): ?array
 {
 	global $config;
 	$file_path = $config['data_path'] . 'XML/outfits.xml';
 	if (!file_exists($file_path)) {	return null; }
 	$xml = new DOMDocument;
 	$xml->load($file_path);
 	$outfits = null;
 	foreach ($xml->getElementsByTagName('outfit') as $outfit) {
 		$outfits[] = Outfit_parseNode($outfit);
 	}
 	return $outfits;
 }
 function Outfit_parseNode($node): array
 {
 	$looktype = (int)$node->getAttribute('looktype');
 	$type = (int)$node->getAttribute('type');
 	$lookname = $node->getAttribute('name');
 	$premium = $node->getAttribute('premium');
 	$unlocked = $node->getAttribute('unlocked');
 	$enabled = $node->getAttribute('enabled');
 	return array('id' => $looktype, 'type' => $type, 'name' => $lookname, 'premium' => $premium, 'unlocked' => $unlocked, 'enabled' => $enabled);
 }
 function Mounts_loadfromXML(): ?array
 {
 	global $config;
 	$file_path = $config['data_path'] . 'XML/mounts.xml';
 	if (!file_exists($file_path)) {	return null; }
 	$xml = new DOMDocument;
 	$xml->load($file_path);
 	$mounts = null;
 	foreach ($xml->getElementsByTagName('mount') as $mount) {
 		$mounts[] = Mount_parseNode($mount);
 	}
 	return $mounts;
 }
 function Mount_parseNode($node): array
 {
 	$id = (int)$node->getAttribute('id');
 	$clientid = (int)$node->getAttribute('clientid');
 	$name = $node->getAttribute('name');
 	$speed = (int)$node->getAttribute('speed');
 	$premium = $node->getAttribute('premium');
 	$type = $node->getAttribute('type');
 	return array('id' => $id, 'clientid' => $clientid, 'name' => $name, 'speed' => $speed, 'premium' => $premium, 'type' => $type);
 }
 function load_config_lua(string $file): array
 {
 	$result = Loader::load($file);
 	if ($result === false) {
 		log_append('error.log', '[load_config_file] Fatal error: Cannot load config.lua (' . $file . ').');
 		throw new \RuntimeException('ERROR: Cannot find ' . $file . ' file.');
 	}
 	return $result;
 }
 function configLua($key) {
 	global $config;
 	if (is_array($key)) {
 		return $config['lua'][$key[0]] = $key[1];
 	}
 	return @$config['lua'][$key];
 }
--- a/system/compat/config.php
+++ b/system/compat/config.php
@@ -5,8 +5,6 @@ $deprecatedConfig = [
 	'genders',
 	'template',
 	'template_allow_change',
 	'vocations_amount',
 	'vocations',
 	'client',
 	'session_prefix',
 	'friendly_urls',
--- a/system/database.php
+++ b/system/database.php
@@ -18,6 +18,19 @@ if (!isset($config['database_overwrite'])) {
 if(!$config['database_overwrite'] && !isset($config['database_user'][0], $config['database_password'][0], $config['database_name'][0]))
 {
 	if (isset($config['server']['database']['mysql'])) { // BlackTek
 		$config['otserv_version'] = BLACKTEK;
 		$config['database_type'] = 'mysql';
 		$config['database_host'] = $config['server']['database']['mysql']['host'];
 		$config['database_port'] = $config['server']['database']['mysql']['port'];
 		$config['database_user'] = $config['server']['database']['mysql']['user'];
 		$config['database_password'] = $config['server']['database']['mysql']['pass'];
 		$config['database_name'] = $config['server']['database']['mysql']['database'];
 		if(!isset($config['database_socket'][0]) && !empty(trim($config['server']['database']['mysql']['socket']))) {
 			$config['database_socket'] = trim($config['server']['database']['mysql']['socket']);
 		}
 		$config['database_encryption'] = 'sha1';
 	}
 	if(isset($config['lua']['sqlType'])) {// tfs 0.3
 		if(isset($config['lua']['mysqlHost'])) {// tfs 0.2
 			$config['otserv_version'] = TFS_02;
@@ -94,7 +107,6 @@ if(!isset($config['database_socket'])) {
 	$config['database_socket'] = '';
 }
 try {
 	$ots->connect(array(
 		'host' => $config['database_host'],
--- a/system/functions.php
+++ b/system/functions.php
@@ -11,14 +11,16 @@ defined('MYAAC') or die('Direct access not allowed!');
 use MyAAC\Cache\Cache;
 use MyAAC\CsrfToken;
 use MyAAC\Items;
 use MyAAC\Models\Config;
 use MyAAC\Models\Guild;
 use MyAAC\Models\House;
 use MyAAC\Models\Pages;
 use MyAAC\Models\Player;
 use MyAAC\Models\PlayerDeath;
 use MyAAC\Models\PlayerKillers;
 use MyAAC\News;
 use MyAAC\Plugins;
 use MyAAC\Server\Items;
 use MyAAC\Settings;
 use PHPMailer\PHPMailer\PHPMailer;
@@ -985,85 +987,6 @@ function log_append($file, $str, array $params = [])
 	fclose($f);
 }
 function load_config_lua($filename)
 {
 	global $config;
 	$config_file = $filename;
 	if(!@file_exists($config_file))
 	{
 		log_append('error.log', '[load_config_file] Fatal error: Cannot load config.lua (' . $filename . ').');
 		throw new RuntimeException('ERROR: Cannot find ' . $filename . ' file.');
 	}
 	$result = array();
 	$config_string = str_replace(array("\r\n", "\r"), "\n", file_get_contents($filename));
 	$lines = explode("\n", $config_string);
 	if(count($lines) > 0) {
 		foreach($lines as $ln => $line)
 		{
 			$line = trim($line);
 			if(isset($line[0]) && ($line[0] === '{' || $line[0] === '}')) {
 				// arrays are not supported yet
 				// just ignore the error
 				continue;
 			}
 			$tmp_exp = explode('=', $line, 2);
 			if(str_contains($line, 'dofile')) {
 				$delimiter = '"';
 				if(!str_contains($line, $delimiter)) {
 					$delimiter = "'";
 				}
 				$tmp = explode($delimiter, $line);
 				$result = array_merge($result, load_config_lua($config['server_path'] . $tmp[1]));
 			}
 			else if(count($tmp_exp) >= 2) {
 				$key = trim($tmp_exp[0]);
 				if(!str_starts_with($key, '--')) {
 					$value = trim($tmp_exp[1]);
 					if(str_contains($value, '--')) {// found some deep comment
 						$value = preg_replace('/--.*$/i', '', $value);
 					}
 					if(is_numeric($value))
 						$result[$key] = (float) $value;
 					elseif(in_array(@$value[0], array("'", '"')) && in_array(@$value[strlen($value) - 1], array("'", '"')))
 						$result[$key] = substr(substr($value, 1), 0, -1);
 					elseif(in_array($value, array('true', 'false')))
 						$result[$key] = $value === 'true';
 					elseif(@$value[0] === '{') {
 						// arrays are not supported yet
 						// just ignore the error
 						continue;
 					}
 					else
 					{
 						foreach($result as $tmp_key => $tmp_value) { // load values defined by other keys, like: dailyFragsToBlackSkull = dailyFragsToRedSkull
 							$value = str_replace($tmp_key, $tmp_value, $value);
 						}
 						try {
 							$ret = eval("return $value;");
 						}
 						catch (Throwable $e) {
 							throw new RuntimeException('ERROR: Loading config.lua file. Line: ' . ($ln + 1) . ' - Unable to parse value "' . $value . '" - ' . $e->getMessage());
 						}
 						if((string) $ret == '' && trim($value) !== '""') {
 							throw new RuntimeException('ERROR: Loading config.lua file. Line ' . ($ln + 1) . ' is not valid [key: ' . $key . ']');
 						}
 						$result[$key] = $ret;
 					}
 				}
 			}
 		}
 	}
 	return array_merge($result, $config['lua'] ?? []);
 }
 function str_replace_first($search,$replace, $subject) {
 	$pos = strpos($subject, $search);
 	if ($pos !== false) {
@@ -1139,11 +1062,44 @@ function csrfProtect(): void
 	}
 }
-function getTopPlayers($limit = 5, $skill = 'level') {
+function getSkillIdByName(string $name): int|null
 {
 	$skills = [
 		'level' => POT::SKILL_LEVEL,
 		'experience' => POT::SKILL_LEVEL,
 		'magic' => POT::SKILL_MAGIC,
 		'maglevel' => POT::SKILL_MAGIC,
 		'balance' => SKILL_BALANCE,
 		'frags' => SKILL_FRAGS,
 		'club' => POT::SKILL_CLUB,
 		'sword' => POT::SKILL_SWORD,
 		'axe' => POT::SKILL_AXE,
 		'dist' => POT::SKILL_DIST,
 		'distance' => POT::SKILL_DIST,
 		'shield' => POT::SKILL_SHIELD,
 		'shielding' => POT::SKILL_SHIELD,
 		'fish' => POT::SKILL_FISH,
 		'fishing' => POT::SKILL_FISH,
 	];
 	return $skills[$name] ?? null;
 }
 function getTopPlayers($limit = 5, $skill = POT::SKILL_LEVEL)
 {
 	global $db;
-	if ($skill === 'level') {
+	$skillOriginal = $skill;
-		$skill = 'experience';
+
 	if (is_string($skill)) {
 		$skill = getSkillIdByName($skill);
 	}
 	if (!is_numeric($skill)) {
 		throw new RuntimeException("getTopPlayers: Invalid skill: $skillOriginal");
 	}
 	return Cache::remember("top_{$limit}_{$skill}", 2 * 60, function () use ($db, $limit, $skill) {
@@ -1164,15 +1120,64 @@ function getTopPlayers($limit = 5, $skill = 'level') {
 			$columns[] = 'lookmount';
 		}
-		return Player::query()
+		$query = Player::query()
 			->select($columns)
 			->withOnlineStatus()
 			->notDeleted()
 			->where('group_id', '<', setting('core.highscores_groups_hidden'))
 			->whereNotIn('id', setting('core.highscores_ids_hidden'))
 			->where('account_id', '!=', 1)
-			->orderByDesc($skill)
+			->orderByDesc('value');
-			->limit($limit)
+
 		if ($limit > 0) {
 			$query->limit($limit);
 		}
 		if ($skill >= POT::SKILL_FIRST && $skill <= POT::SKILL_LAST) { // skills
 			if ($db->hasColumn('players', 'skill_fist')) {// tfs 1.0
 				$skill_ids = array(
 					POT::SKILL_FIST => 'skill_fist',
 					POT::SKILL_CLUB => 'skill_club',
 					POT::SKILL_SWORD => 'skill_sword',
 					POT::SKILL_AXE => 'skill_axe',
 					POT::SKILL_DIST => 'skill_dist',
 					POT::SKILL_SHIELD => 'skill_shielding',
 					POT::SKILL_FISH => 'skill_fishing',
 				);
 				$query
 					->addSelect($skill_ids[$skill] . ' as value')
 					->orderByDesc($skill_ids[$skill] . '_tries');
 			} else {
 				$query
 					->join('player_skills', 'player_skills.player_id', '=', 'players.id')
 					->where('skillid', $skill)
 					->addSelect('player_skills.value as value');
 			}
 		} else if ($skill == SKILL_FRAGS) // frags
 		{
 			if ($db->hasTable('player_killers')) {
 				$query->addSelect(['value' => PlayerKillers::whereColumn('player_killers.player_id', 'players.id')->selectRaw('COUNT(*)')]);
 			} else {
 				$query->addSelect(['value' => PlayerDeath::unjustified()->whereColumn('player_deaths.killed_by', 'players.name')->selectRaw('COUNT(*)')]);
 			}
 		} else if ($skill == SKILL_BALANCE) // balance
 		{
 			$query
 				->addSelect('players.balance as value');
 		} else {
 			if ($skill == POT::SKILL_MAGIC) {
 				$query
 					->addSelect('players.maglevel as value', 'players.maglevel')
 					->orderByDesc('manaspent');
 			} else { // level
 				$query
 					->addSelect('players.level as value', 'players.experience')
 					->orderByDesc('experience');
 			}
 		}
 		return $query
 			->get()
 			->map(function ($e, $i) {
 				$row = $e->toArray();
@@ -1241,15 +1246,6 @@ function config($key) {
 	return @$config[$key];
 }
 function configLua($key) {
 	global $config;
 	if (is_array($key)) {
 		return $config['lua'][$key[0]] = $key[1];
 	}
 	return @$config['lua'][$key];
 }
 function setting($key)
 {
 	$settings = Settings::getInstance();
@@ -1556,58 +1552,6 @@ function verify_number($number, $name, $max_length)
 		echo_error($name . ' cannot be longer than ' . $max_length . ' digits.');
 }
 function Outfits_loadfromXML()
 {
 	global $config;
 	$file_path = $config['data_path'] . 'XML/outfits.xml';
 	if (!file_exists($file_path)) {	return null; }
 	$xml = new DOMDocument;
 	$xml->load($file_path);
 	$outfits = null;
 	foreach ($xml->getElementsByTagName('outfit') as $outfit) {
 		$outfits[] = Outfit_parseNode($outfit);
 	}
 	return $outfits;
 }
 function Outfit_parseNode($node) {
 	$looktype = (int)$node->getAttribute('looktype');
 	$type = (int)$node->getAttribute('type');
 	$lookname = $node->getAttribute('name');
 	$premium = $node->getAttribute('premium');
 	$unlocked = $node->getAttribute('unlocked');
 	$enabled = $node->getAttribute('enabled');
 	return array('id' => $looktype, 'type' => $type, 'name' => $lookname, 'premium' => $premium, 'unlocked' => $unlocked, 'enabled' => $enabled);
 }
 function Mounts_loadfromXML()
 {
 	global $config;
 	$file_path = $config['data_path'] . 'XML/mounts.xml';
 	if (!file_exists($file_path)) {	return null; }
 	$xml = new DOMDocument;
 	$xml->load($file_path);
 	$mounts = null;
 	foreach ($xml->getElementsByTagName('mount') as $mount) {
 		$mounts[] = Mount_parseNode($mount);
 	}
 	return $mounts;
 }
 function Mount_parseNode($node) {
 	$id = (int)$node->getAttribute('id');
 	$clientid = (int)$node->getAttribute('clientid');
 	$name = $node->getAttribute('name');
 	$speed = (int)$node->getAttribute('speed');
 	$premium = $node->getAttribute('premium');
 	$type = $node->getAttribute('type');
 	return array('id' => $id, 'clientid' => $clientid, 'name' => $name, 'speed' => $speed, 'premium' => $premium, 'type' => $type);
 }
 function left($str, $length) {
 	return substr($str, 0, $length);
 }
@@ -1724,8 +1668,8 @@ function getAccountIdentityColumn(): string
 function isCanary(): bool
 {
-	$vipSystemEnabled = configLua('vipSystemEnabled');
+	$dataPackDirectory = configLua('dataPackDirectory');
-	return isset($vipSystemEnabled);
+	return isset($dataPackDirectory);
 }
 function getStatusUptimeReadable(int $uptime): string
--- a/system/init.php
+++ b/system/init.php
@@ -14,6 +14,8 @@ use MyAAC\CsrfToken;
 use MyAAC\Hooks;
 use MyAAC\Plugins;
 use MyAAC\Models\Town;
 use MyAAC\Server\Config;
 use MyAAC\Server\Vocations;
 use MyAAC\Settings;
 defined('MYAAC') or die('Direct access not allowed!');
@@ -89,28 +91,20 @@ foreach($_REQUEST as $var => $value) {
 }
 // load otserv config file
 $config_lua_reload = true;
 if($cache->enabled()) {
 	$tmp = null;
-	if($cache->fetch('server_path', $tmp) && $tmp == $config['server_path']) {
+	if(!$cache->fetch('server_path', $tmp) || $tmp != config('server_path')) {
-		$tmp = null;
+		$cache->delete('config_server');
 		if($cache->fetch('config_lua', $tmp) && $tmp) {
 			$config['lua'] = unserialize($tmp);
 			$config_lua_reload = false;
 		}
 	}
 }
-if($config_lua_reload) {
+if (empty($config['server'])) {
-	$config['lua'] = load_config_lua($config['server_path'] . 'config.lua');
+	$config['server'] = $config['lua'] = Config::get();
 	// cache config
 	if($cache->enabled()) {
-		$cache->set('config_lua', serialize($config['lua']), 2 * 60);
+		$cache->set('server_path', config('server_path'), 10 * 60);
 		$cache->set('server_path', $config['server_path'], 10 * 60);
 	}
 }
 unset($tmp);
 if(isset($config['lua']['servername']))
 	$config['lua']['serverName'] = $config['lua']['servername'];
@@ -214,3 +208,5 @@ if (count($towns) <= 0) {
 config(['towns', $towns]);
 unset($towns);
 new Vocations();
--- a/system/libs/pot/OTS_Account.php
+++ b/system/libs/pot/OTS_Account.php
@@ -12,6 +12,9 @@
 * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
 */
 use MyAAC\Models\Account as AccountModel;
 use MyAAC\Models\AccountAction;
 /**
 * OTServ account abstraction.
 *
@@ -40,7 +43,11 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 */
 	private $data = array('email' => '', 'rlname' => '','location' => '', 'country' => '','web_flags' => 0, 'lastday' => 0, 'premdays' => 0, 'created' => 0);
-	public static $cache = array();
+	private array $columns = ['password', 'email', 'rlname', 'location', 'country', 'web_flags', 'created'];
 	private array $optionalColumns = ['name', 'number', 'lastday', 'premdays', 'premium_ends_at', 'premend'];
 	public static array $cache = [];
 	const GRATIS_PREMIUM_DAYS = 65535;
 /**
@@ -325,27 +332,50 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 */
 	public function save()
 	{
-		if( !isset($this->data['id']) )
+		if (!isset($this->data['id'])) {
 		{
 			throw new E_OTS_NotLoaded();
 		}
-	$field = 'lastday';
+		$defaultValues = [
-	if($this->db->hasColumn('accounts', 'premend')) { // othire
+			'premium_ends_at' => 0,
-			$field = 'premend';
+			'lastday' => 0,
-		if(!isset($this->data['premend'])) {
+			'premend' => 0,
-			$this->data['premend'] = 0;
+			'premdays' => 0,
-		}
+		];
-	}
+
-	else if($this->db->hasColumn('accounts', 'premium_ends_at')) {
+		foreach ($defaultValues as $key => $value) {
-		$field = 'premium_ends_at';
+			if (!isset($this->data[$key])) {
-		if(!isset($this->data['premium_ends_at'])) {
+				$this->data[$key] = $value;
 			$this->data['premium_ends_at'] = 0;
 			}
 		}
-		// UPDATE query on database
+		$columns = $this->columns;
-		$this->db->exec('UPDATE `accounts` SET ' . ($this->db->hasColumn('accounts', 'name') ? '`name` = ' . $this->db->quote($this->data['name']) . ',' : '') . '`password` = ' . $this->db->quote($this->data['password']) . ', `email` = ' . $this->db->quote($this->data['email']) . ', `rlname` = ' . $this->db->quote($this->data['rlname']) . ', `location` = ' . $this->db->quote($this->data['location']) . ', `country` = ' . $this->db->quote($this->data['country']) . ', `web_flags` = ' . (int) $this->data['web_flags'] . ', ' . ($this->db->hasColumn('accounts', 'premdays') ? '`premdays` = ' . (int) $this->data['premdays'] . ',' : '') . '`' . $field . '` = ' . (int) $this->data[$field] . ' WHERE `id` = ' . $this->data['id']);
+		foreach ($this->optionalColumns as $column) {
 			if ($this->db->hasColumn('accounts', $column)) {
 				$columns[] = $column;
 			}
 		}
 		$values = [];
 		foreach ($columns as $column) {
 			$value = $this->data[$column];
 			$values[$column] = $value;
 		}
 		// updates existing player
 		if( isset($this->data['id']) ) {
 			AccountModel::where('id', $this->data['id'])->update($values);
 		}
 		// creates new player
 		else {
 			$values['created'] = time();
 			$account = AccountModel::create($values);
 			// ID of new player
 			$this->data['id'] = $account->id;
 		}
 	}
 /**
@@ -504,11 +534,17 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 * @since 0.7.5
 * @throws E_OTS_NotLoaded If account is not loaded.
 */
-	public function setPremDays($premdays)
+	public function setPremDays($premdays): void
 	{
 		$this->data['premdays'] = (int) $premdays;
-		$this->data['premend'] = time() + ($premdays * 24 * 60 * 60);
+
-		$this->data['premium_ends_at'] = time() + ($premdays * 24 * 60 * 60);
+		$premiumTimeInSeconds = time() + ($premdays * 24 * 60 * 60);
 		$this->data['premend'] = $premiumTimeInSeconds;
 		$this->data['premium_ends_at'] = $premiumTimeInSeconds;
 		if (isCanary()) {
 			$this->data['lastday'] = $premiumTimeInSeconds;
 		}
 	}
 	public function setRLName($name)
@@ -1007,26 +1043,16 @@ class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
 	public function logAction($action)
 	{
-		$ip = get_browser_real_ip();
+		AccountAction::create([
-		if(!str_contains($ip, ":")) {
+			'account_id' => $this->getId(),
-			$ipv6 = '0';
+			'ip' => get_browser_real_ip(),
-		}
+			'date' => time(),
-		else {
+			'action' => $action,
-			$ipv6 = $ip;
+		]);
 			$ip = '';
 	}
-		return $this->db->exec('INSERT INTO `' . TABLE_PREFIX . 'account_actions` (`account_id`, `ip`, `ipv6`, `date`, `action`) VALUES (' . $this->db->quote($this->getId()).', ' . ($ip == '' ? '0' : $this->db->quote(ip2long($ip))) . ', (' . ($ipv6 == '0' ? $this->db->quote('') : $this->db->quote(inet_pton($ipv6))) . '), UNIX_TIMESTAMP(NOW()), ' . $this->db->quote($action).')');
+	public function getActionsLog($limit) {
-	}
+		return AccountAction::where('account_id', $this->data['id'])->orderByDesc('date')->limit($limit)->get()->toArray();
 	public function getActionsLog($limit1, $limit2)
 	{
 		$actions = array();
 		foreach($this->db->query('SELECT `ip`, `ipv6`, `date`, `action` FROM `' . TABLE_PREFIX . 'account_actions` WHERE `account_id` = ' . $this->data['id'] . ' ORDER by `date` DESC LIMIT ' . $limit1 . ', ' . $limit2 . '')->fetchAll() as $a)
 			$actions[] = array('ip' => $a['ip'], 'ipv6' => $a['ipv6'], 'date' => $a['date'], 'action' => $a['action']);
 		return $actions;
 	}
 /**
 * Returns players iterator.
--- a/system/libs/pot/OTS_DB_MySQL.php
+++ b/system/libs/pot/OTS_DB_MySQL.php
@@ -26,6 +26,7 @@ use MyAAC\Cache\Cache;
 */
 class OTS_DB_MySQL extends OTS_Base_DB
 {
 	private bool $hasCacheChanged = false;
 	private array $has_table_cache = [];
 	private array $has_column_cache = [];
 	private array $get_column_info_cache = [];
@@ -164,7 +165,7 @@ class OTS_DB_MySQL extends OTS_Base_DB
 				$cache->delete('database_columns_info');
 				$cache->delete('database_checksum');
 			}
-			else {
+			else if ($this->hasCacheChanged) {
 				$cache->set('database_tables', serialize($this->has_table_cache), 3600);
 				$cache->set('database_columns', serialize($this->has_column_cache), 3600);
 				$cache->set('database_columns_info', serialize($this->get_column_info_cache), 3600);
@@ -228,6 +229,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 	private function hasTableInternal($name): bool
 	{
 		$this->hasCacheChanged = true;
 		return ($this->has_table_cache[$name] = $this->query('SELECT `TABLE_NAME` FROM `information_schema`.`tables` WHERE `TABLE_SCHEMA` = ' . $this->quote(config('database_name')) . ' AND `TABLE_NAME` = ' . $this->quote($name) . ' LIMIT 1;')->rowCount() > 0);
 	}
@@ -241,6 +244,8 @@ class OTS_DB_MySQL extends OTS_Base_DB
 	}
 	private function hasColumnInternal($table, $column): bool {
 		$this->hasCacheChanged = true;
 		return $this->hasTable($table) && ($this->has_column_cache[$table . '.' . $column] = count($this->query('SHOW COLUMNS FROM `' . $table . "` LIKE " . $this->quote($column))->fetchAll()) > 0);
 	}
@@ -272,11 +277,14 @@ class OTS_DB_MySQL extends OTS_Base_DB
 			return false;
 		}
 		$this->hasCacheChanged = true;
 		$formatResult = function ($result) {
 			return [
 				'field' => $result['Field'],
 				'type' => $result['Type'],
 				'null' => strtolower($result['Null']),
 				'key' => strtolower($result['Key'] ?? ''),
 				'default' => $result['Default'],
 				'extra' => $result['Extra'],
 			];
--- a/system/libs/pot/OTS_Groups_List.php
+++ b/system/libs/pot/OTS_Groups_List.php
@@ -8,7 +8,7 @@
 * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
 */
-use MyAAC\Cache\Cache;
+use MyAAC\Server\Groups;
 /**
 * List of groups.
@@ -47,74 +47,9 @@ class OTS_Groups_List implements IteratorAggregate, Countable
 			return;
 		}
-		if(!isset($file[0]))
+		foreach(Groups::get() as $id => $info) {
 		{
 			global $config;
 			$file = $config['data_path'] . 'XML/groups.xml';
 		}
 		if(!@file_exists($file)) {
 			error('Error: Cannot load groups.xml. More info in system/logs/error.log file.');
 			log_append('error.log', '[OTS_Groups_List.php] Fatal error: Cannot load groups.xml (' . $file . '). It doesnt exist.');
 			return;
 		}
 		$cache = Cache::getInstance();
 		$data = array();
 		if($cache->enabled())
 		{
 			$tmp = '';
 			if($cache->fetch('groups', $tmp))
 				$data = unserialize($tmp);
 			else
 			{
 				$groups = new DOMDocument();
 				if(!@$groups->load($file)) {
 					error('Error: Cannot load groups.xml. More info in system/logs/error.log file.');
 					log_append('error.log', '[OTS_Groups_List.php] Fatal error: Cannot load groups.xml (' . $file . '). Error: ' . print_r(error_get_last(), true));
 					return;
 				}
 				// loads groups
 				foreach( $groups->getElementsByTagName('group') as $group)
 				{
 					$data[$group->getAttribute('id')] = array(
 						'id' => $group->getAttribute('id'),
 						'name' => $group->getAttribute('name'),
 						'access' => $group->getAttribute('access')
 					);
 				}
 				$cache->set('groups', serialize($data), 120);
 			}
 			foreach($data as $id => $info)
 			$this->groups[$id] = new OTS_Group($info);
 		}
 		else
 		{
 			// loads DOM document
 			$groups = new DOMDocument();
 			if(!@$groups->load($file)) {
 				error('Error: Cannot load groups.xml. More info in system/logs/error.log file.');
 				log_append('error.log', '[OTS_Groups_List.php] Fatal error: Cannot load groups.xml (' . $file . '). Error: ' . print_r(error_get_last(), true));
 				return;
 			}
 			// loads groups
 			foreach($groups->getElementsByTagName('group') as $group)
 			{
 				$data[$group->getAttribute('id')] = array(
 					'id' => $group->getAttribute('id'),
 					'name' => $group->getAttribute('name'),
 					'access' => $group->getAttribute('access')
 				);
 				$this->groups[ $group->getAttribute('id') ] = new OTS_Group($data[$group->getAttribute('id')]);
 				//echo $this->getGroup(1)->getName();
 			}
 		}
 	}
 /**
--- a/system/libs/pot/OTS_Player.php
+++ b/system/libs/pot/OTS_Player.php
@@ -1,20 +1,6 @@
 <?php
-$__load = array();
+
-/*
+use MyAAC\Models\Player as PlayerModel;
 	'loss_experience' => NULL,
 	'loss_items' => NULL,
 	'guild_info' => NULL,
 	'skull_type' => NULL,
 	'skull_time' => NULL,
 	'blessings' => NULL,
 	'direction' => NULL,
 	'stamina' => NULL,
 	'world_id' => NULL,
 	'online' => NULL,
 	'deletion' => NULL,
 	'promotion' => NULL,
 	'marriage' => NULL
 );*/
 /**#@+
 * @version 0.0.1
@@ -109,6 +95,10 @@ class OTS_Player extends OTS_Row_DAO
 		POT::SKILL_FISH => array('value' => 0, 'tries' => 0)
 	);
 	private array $columns = ['name', 'account_id', 'group_id', 'sex', 'vocation', 'experience', 'level', 'maglevel', 'health', 'healthmax', 'mana', 'manamax', 'manaspent', 'soul', 'lookbody', 'lookfeet', 'lookhead', 'looklegs', 'looktype', 'posx', 'posy', 'posz', 'lastlogin', 'lastlogout', 'lastip', 'town_id', 'balance', 'created', 'comment', 'hide'];
 	private array $optionalColumns = ['cap', 'skull', 'skull_type', 'skull_time', 'loss_experience', 'loss_mana', 'loss_skills', 'loss_items', 'loss_containers', 'guildnick', 'rank_id', 'promotion', 'direction', 'blessings', 'stamina', 'lookaddons', 'save', 'conditions', 'world_id', 'online', 'deletion', 'deleted', 'marriage'];
 	private static array $playersOnline;
 /**
 * Magic PHP5 method.
@@ -133,90 +123,14 @@ class OTS_Player extends OTS_Row_DAO
 */
 	public function load($id, $fields = null, $load_skills = true)
 	{
-		global $__load;
+		$columns = $this->columns;
-
+		foreach ($this->optionalColumns as $column) {
-		if(!isset($__load['loss_experience']))
+			if ($this->db->hasColumn('players', $column)) {
-		{
+				$columns[] = $column;
 			$loss = '';
 			if($this->db->hasColumn('players', 'loss_experience')) {
 				$loss = ', `loss_experience`, `loss_mana`, `loss_skills`';
 			}
 			$__load['loss_experience'] = $loss;
 		}
 		if(!isset($__load['loss_items']))
 		{
 			$loss_items = '';
 			if($this->db->hasColumn('players', 'loss_items')) {
 				$loss_items = ', `loss_items`, `loss_containers`';
 			}
 			$__load['loss_items'] = $loss_items;
 		}
 		if(!isset($__load['guild_info']))
 		{
 			$guild_info = '';
 			if(!$this->db->hasTable('guild_members') && $this->db->hasColumn('players', 'guildnick')) {
 				$guild_info = ', `guildnick`, `rank_id`';
 			}
 			$__load['guild_info'] = $guild_info;
 		}
 		if(!isset($__load['skull_type']))
 		{
 			$skull_type = 'skull';
 			if($this->db->hasColumn('players', 'skull_type')) {
 				$skull_type = 'skull_type';
 			}
 			$__load['skull_type'] = $skull_type;
 		}
 		if(!isset($__load['skull_time']))
 		{
 			$skull_time = 'skulltime';
 			if($this->db->hasColumn('players', 'skull_time')) {
 				$skull_time = 'skull_time';
 			}
 			$__load['skull_time'] = $skull_time;
 		}
 		if(!isset($__load['blessings'])) {
 			$__load['blessings'] = $this->db->hasColumn('players', 'blessings');
 		}
 		if(!isset($__load['direction'])) {
 			$__load['direction'] = $this->db->hasColumn('players', 'direction');
 		}
 		if(!isset($__load['stamina'])) {
 			$__load['stamina'] = $this->db->hasColumn('players', 'stamina');
 		}
 		if(!isset($__load['world_id'])) {
 			$__load['world_id'] = $this->db->hasColumn('players', 'world_id');
 		}
 		if(!isset($__load['online'])) {
 			$__load['online'] = $this->db->hasColumn('players', 'online');
 		}
 		if(!isset($__load['deletion'])) {
 			$__load['deletion'] = $this->db->hasColumn('players', 'deletion');
 		}
 		if(!isset($__load['promotion'])) {
 			$__load['promotion'] = $this->db->hasColumn('players', 'promotion');
 		}
 		if(!isset($__load['marriage'])) {
 			$__load['marriage'] = $this->db->hasColumn('players', 'marriage');
 		}
 		if(isset($fields)) { // load only what we wish
 			if(in_array('promotion', $fields)) {
 				if(!$this->db->hasColumn('players', 'promotion')) {
 					unset($fields[array_search('promotion', $fields)]);
 				}
 			}
 			if(in_array('deleted', $fields)) {
 				if($this->db->hasColumn('players', 'deletion')) {
 					unset($fields[array_search('deleted', $fields)]);
@@ -224,21 +138,21 @@ class OTS_Player extends OTS_Row_DAO
 				}
 			}
-			if(in_array('online', $fields)) {
+			$columns = [];
-				if(!$this->db->hasColumn('players', 'online')) {
+			foreach ($fields as $field) {
-					unset($fields[array_search('online', $fields)]);
+				if ($this->db->hasColumn('players', $field)) {
 					$columns[] = $field;
 				}
 			}
 			$this->data = $this->db->query('SELECT ' . implode(', ', $fields) . ' FROM `players` WHERE `id` = ' . (int)$id)->fetch();
 		}
 		else {
 			// SELECT query on database
 			$this->data = $this->db->query('SELECT `id`, `name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . ($this->db->hasColumn('players', 'lookaddons') ? ', `lookaddons`' : '') . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $__load['skull_time'] . '` as `skulltime`, `' . $__load['skull_type'] . '` as `skull`' . $__load['guild_info'] . ', `town_id`' . $__load['loss_experience'] . $__load['loss_items'] . ', `balance`' . ($__load['blessings'] ? ', `blessings`' : '') . ($__load['direction'] ? ', `direction`' : '') . ($__load['stamina'] ? ', `stamina`' : '') . ($__load['world_id'] ? ', `world_id`' : '') . ($__load['online'] ? ', `online`' : '') . ', `' . ($__load['deletion'] ? 'deletion' : 'deleted') . '`' . ($__load['promotion'] ? ', `promotion`' : '') . ($__load['marriage'] ? ', `marriage`' : '') . ', `comment`, `created`, `hide` FROM `players` WHERE `id` = ' . (int)$id)->fetch();
 		}
 		array_unshift($columns, 'id');
 		$query = PlayerModel::where('id', $id)->first($columns);
 		$this->data = $query ? $query->toArray() : [];
 		// loads skills
-		if( $this->isLoaded() && $load_skills)
+		if( $this->isLoaded() && $load_skills) {
 		{
 			if($this->db->hasColumn('players', 'skill_fist')) {
 				$skill_ids = array(
@@ -318,153 +232,65 @@ class OTS_Player extends OTS_Row_DAO
 */
 	public function save()
 	{
-		$skull_type = 'skull';
+		$defaultValues = [
-		if($this->db->hasColumn('players', 'skull_type')) {
+			'cap' => 0,
-			$skull_type = 'skull_type';
+			'skull' => 0,
 			'skull_type' => 0,
 			'skull_time' => 0,
 			'loss_experience' => 100,
 			'loss_mana' => 100,
 			'loss_skills' => 100,
 			'loss_items' => 100,
 			'loss_containers' => 100,
 			'guildnick' => '',
 			'rank_id' => 0,
 			'promotion' => 0,
 			'direction' => 0,
 			'blessings' => 0,
 			'stamina' => 0,
 			'lookaddons' => 0,
 			'save' => 1,
 			'conditions' => '',
 			'town_id' => 1,
 			'world_id' => 1,
 			'online' => 0,
 			'deletion' => 0,
 			'deleted' => 0,
 			'marriage' => 0,
 		];
 		foreach ($defaultValues as $key => $value) {
 			if (!isset($this->data[$key])) {
 				$this->data[$key] = $value;
 			}
 		}
-		$skull_time = 'skulltime';
+		$columns = $this->columns;
-		if($this->db->hasColumn('players', 'skull_time')) {
+		foreach ($this->optionalColumns as $column) {
-			$skull_time = 'skull_time';
+			if ($this->db->hasColumn('players', $column)) {
 				$columns[] = $column;
 			}
 		}
-		if(!isset($this->data['loss_experience']))
+		$values = [];
-			$this->data['loss_experience'] = 100;
+		foreach ($columns as $column) {
 			$value = $this->data[$column];
-		if(!isset($this->data['loss_mana']))
+			$values[$column] = $value;
-			$this->data['loss_mana'] = 100;
+		}
 		if(!isset($this->data['loss_skills']))
 			$this->data['loss_skills'] = 100;
 		if(!isset($this->data['loss_items']))
 			$this->data['loss_items'] = 10;
 		if(!isset($this->data['loss_containers']))
 			$this->data['loss_containers'] = 100;
 		if(!isset($this->data['guildnick']))
 			$this->data['guildnick'] = '';
 		if(!isset($this->data['rank_id']))
 			$this->data['rank_id'] = 0;
 		if(!isset($this->data['promotion']))
 			$this->data['promotion'] = 0;
 		if(!isset($this->data['direction']))
 			$this->data['direction'] = 0;
 		if(!isset($this->data['conditions']))
 			$this->data['conditions'] = '';
 		if(!isset($this->data['town_id']))
 			$this->data['town_id'] = 1;
 		// updates existing player
-		if( isset($this->data['id']) )
+		if( isset($this->data['id']) ) {
-		{
+			PlayerModel::where('id', $this->data['id'])->update($values);
 			$loss = '';
 			if($this->db->hasColumn('players', 'loss_experience')) {
 				$loss = ', `loss_experience` = ' . $this->data['loss_experience'] . ', `loss_mana` = ' . $this->data['loss_mana'] . ', `loss_skills` = ' . $this->data['loss_skills'];
 			}
 			$loss_items = '';
 			if($this->db->hasColumn('players', 'loss_items')) {
 				$loss_items = ', `loss_items` = ' . $this->data['loss_items'] . ', `loss_containers` = ' . $this->data['loss_containers'];
 			}
 			$guild_info = '';
 			if(!$this->db->hasTable('guild_members') && $this->db->hasColumn('players', 'guildnick')) {
 				$guild_info = ', `guildnick` = ' . $this->db->quote($this->data['guildnick']) . ', ' . $this->db->fieldName('rank_id') . ' = ' . $this->data['rank_id'];
 			}
 			$direction = '';
 			if($this->db->hasColumn('players', 'direction')) {
 				$direction = ', `direction` = ' . $this->db->quote($this->data['direction']);
 			}
 			$blessings = '';
 			if($this->db->hasColumn('players', 'blessings')) {
 				$blessings = ', `blessings` = ' . $this->db->quote($this->data['blessings']);
 			}
 			$stamina = '';
 			if($this->db->hasColumn('players', 'stamina')) {
 				$stamina = ', `stamina` = ' . $this->db->quote($this->data['stamina']);
 			}
 			$lookaddons = '';
 			if($this->db->hasColumn('players', 'lookaddons')) {
 				$lookaddons = ', `lookaddons` = ' . $this->db->quote($this->data['lookaddons']);
 			}
 			// UPDATE query on database
 			$this->db->query('UPDATE ' . $this->db->tableName('players') . ' SET ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($this->data['name']) . ', ' . $this->db->fieldName('account_id') . ' = ' . $this->data['account_id'] . ', ' . $this->db->fieldName('group_id') . ' = ' . $this->data['group_id'] . ', ' . $this->db->fieldName('sex') . ' = ' . $this->data['sex'] . ', ' . $this->db->fieldName('vocation') . ' = ' . $this->data['vocation'] . ', ' . $this->db->fieldName('experience') . ' = ' . $this->data['experience'] . ', ' . $this->db->fieldName('level') . ' = ' . $this->data['level'] . ', ' . $this->db->fieldName('maglevel') . ' = ' . $this->data['maglevel'] . ', ' . $this->db->fieldName('health') . ' = ' . $this->data['health'] . ', ' . $this->db->fieldName('healthmax') . ' = ' . $this->data['healthmax'] . ', ' . $this->db->fieldName('mana') . ' = ' . $this->data['mana'] . ', ' . $this->db->fieldName('manamax') . ' = ' . $this->data['manamax'] . ', ' . $this->db->fieldName('manaspent') . ' = ' . $this->data['manaspent'] . ', ' . $this->db->fieldName('soul') . ' = ' . $this->data['soul'] . ', ' . $this->db->fieldName('lookbody') . ' = ' . $this->data['lookbody'] . ', ' . $this->db->fieldName('lookfeet') . ' = ' . $this->data['lookfeet'] . ', ' . $this->db->fieldName('lookhead') . ' = ' . $this->data['lookhead'] . ', ' . $this->db->fieldName('looklegs') . ' = ' . $this->data['looklegs'] . ', ' . $this->db->fieldName('looktype') . ' = ' . $this->data['looktype'] . $lookaddons . ', ' . $this->db->fieldName('posx') . ' = ' . $this->data['posx'] . ', ' . $this->db->fieldName('posy') . ' = ' . $this->data['posy'] . ', ' . $this->db->fieldName('posz') . ' = ' . $this->data['posz'] . ', ' . $this->db->fieldName('cap') . ' = ' . $this->data['cap'] . ', ' . $this->db->fieldName('lastlogin') . ' = ' . $this->data['lastlogin'] . ', ' . $this->db->fieldName('lastlogout') . ' = ' . $this->data['lastlogout'] . ', ' . $this->db->fieldName('lastip') . ' = ' . $this->db->quote($this->data['lastip']) . ', ' . $this->db->fieldName('save') . ' = ' . (int) $this->data['save'] . ', ' . $this->db->fieldName('conditions') . ' = ' . $this->db->quote($this->data['conditions']) . ', `' . $skull_time . '` = ' . $this->data['skulltime'] . ', `' . $skull_type . '` = ' . (int) $this->data['skull'] . $guild_info . ', ' . $this->db->fieldName('town_id') . ' = ' . $this->data['town_id'] . $loss . $loss_items . ', ' . $this->db->fieldName('balance') . ' = ' . $this->data['balance'] . $blessings . $stamina . $direction . ' WHERE ' . $this->db->fieldName('id') . ' = ' . $this->data['id']);
 		}
 		// creates new player
-		else
+		else {
-		{
+			$values['created'] = time();
 			$loss = '';
 			$loss_data = '';
 			if($this->db->hasColumn('players', 'loss_experience')) {
 				$loss = ', `loss_experience`, `loss_mana`, `loss_skills`';
 				$loss_data = ', ' . $this->data['loss_experience'] . ', ' . $this->data['loss_mana'] . ', ' . $this->data['loss_skills'];
 			}
-			$loss_items = '';
+			$player = PlayerModel::create($values);
 			$loss_items_data = '';
 			if($this->db->hasColumn('players', 'loss_items')) {
 				$loss_items = ', `loss_items`, `loss_containers`';
 				$loss_items_data = ', ' . $this->data['loss_items'] . ', ' . $this->data['loss_containers'];
 			}
-			$guild_info = '';
+			// ID of new player
-			$guild_info_data = '';
+			$this->data['id'] = $player->id;
 			if(!$this->db->hasTable('guild_members') && $this->db->hasColumn('players', 'guildnick')) {
 				$guild_info = ', `guildnick`, `rank_id`';
 				$guild_info_data = ', ' . $this->db->quote($this->data['guildnick']) . ', ' . $this->data['rank_id'];
 			}
 			$promotion = '';
 			$promotion_data = '';
 			if($this->db->hasColumn('players', 'promotion')) {
 				$promotion = ', `promotion`';
 				$promotion_data = ', ' . $this->data['promotion'];
 			}
 			$direction = '';
 			$direction_data = '';
 			if($this->db->hasColumn('players', 'direction')) {
 				$direction = ', `direction`';
 				$direction_data = ', ' . $this->data['direction'];
 			}
 			$blessings = '';
 			$blessings_data = '';
 			if($this->db->hasColumn('players', 'blessings')) {
 				$blessings = ', `blessings`';
 				$blessings_data = ', ' . $this->data['blessings'];
 			}
 			$stamina = '';
 			$stamina_data = '';
 			if($this->db->hasColumn('players', 'stamina')) {
 				$stamina = ', `stamina`';
 				$stamina_data = ', ' . $this->data['stamina'];
 			}
 			$lookaddons = '';
 			$lookaddons_data = '';
 			if($this->db->hasColumn('players', 'lookaddons')) {
 				$lookaddons = ', `lookaddons`';
 				$lookaddons_data = ', ' . $this->data['lookaddons'];
 			}
 			// INSERT query on database
 			$this->db->query('INSERT INTO `players` (`name`, `account_id`, `group_id`, `sex`, `vocation`, `experience`, `level`, `maglevel`, `health`, `healthmax`, `mana`, `manamax`, `manaspent`, `soul`, `lookbody`, `lookfeet`, `lookhead`, `looklegs`, `looktype`' . $lookaddons . ', `posx`, `posy`, `posz`, `cap`, `lastlogin`, `lastlogout`, `lastip`, `save`, `conditions`, `' . $skull_time . '`, `' . $skull_type . '`' . $guild_info . ', `town_id`' . $loss . $loss_items . ', `balance`' . $blessings . $stamina . $direction . ', `created`' . $promotion . ', `comment`) VALUES (' . $this->db->quote($this->data['name']) . ', ' . $this->data['account_id'] . ', ' . $this->data['group_id'] . ', ' . $this->data['sex'] . ', ' . $this->data['vocation'] . ', ' . $this->data['experience'] . ', ' . $this->data['level'] . ', ' . $this->data['maglevel'] . ', ' . $this->data['health'] . ', ' . $this->data['healthmax'] . ', ' . $this->data['mana'] . ', ' . $this->data['manamax'] . ', ' . $this->data['manaspent'] . ', ' . $this->data['soul'] . ', ' . $this->data['lookbody'] . ', ' . $this->data['lookfeet'] . ', ' . $this->data['lookhead'] . ', ' . $this->data['looklegs'] . ', ' . $this->data['looktype'] . $lookaddons_data . ', ' . $this->data['posx'] . ', ' . $this->data['posy'] . ', ' . $this->data['posz'] . ', ' . $this->data['cap'] . ', ' . $this->data['lastlogin'] . ', ' . $this->data['lastlogout'] . ', ' . $this->data['lastip'] . ', ' . (int) $this->data['save'] . ', ' . $this->db->quote($this->data['conditions']) . ', ' . $this->data['skulltime'] . ', ' . (int) $this->data['skull'] . $guild_info_data . ', ' . $this->data['town_id'] . $loss_data . $loss_items_data . ', ' . $this->data['balance'] . $blessings_data . $stamina_data . $direction_data . ', ' . time() . $promotion_data . ', "")');
 			// ID of new group
 			$this->data['id'] = $this->db->lastInsertId();
 		}
 		// updates skills - doesn't matter if we have just created character - trigger inserts new skills
@@ -490,7 +316,7 @@ class OTS_Player extends OTS_Row_DAO
 					$set .= ',';
 			}
-			$skills = $this->db->query('UPDATE `players` SET ' . $set . ' WHERE `id` = ' . $this->data['id']);
+			$this->db->query('UPDATE `players` SET ' . $set . ' WHERE `id` = ' . $this->data['id']);
 		}
 		else if($this->db->hasTable('player_skills')) {
 			foreach($this->skills as $id => $skill)
@@ -748,21 +574,25 @@ class OTS_Player extends OTS_Row_DAO
 	public function isDeleted()
 	{
-		$field = 'deleted';
+		$column = 'deleted';
 		if($this->db->hasColumn('players', 'deletion'))
-			$field = 'deletion';
+			$column = 'deletion';
-		if( !isset($this->data[$field]) )
+		if( !isset($this->data[$column]) )
 		{
 			throw new E_OTS_NotLoaded();
 		}
-		return $this->data[$field] > 0;
+		return $this->data[$column] > 0;
 	}
 	public function setDeleted($deleted)
 	{
-		$this->data['deleted'] = (int) $deleted;
+		$column = 'deleted';
 		if($this->db->hasColumn('players', 'deletion'))
 			$column = 'deletion';
 		$this->data[$column] = (int) $deleted;
 	}
 	public function isOnline()
@@ -852,13 +682,7 @@ class OTS_Player extends OTS_Row_DAO
 			throw new E_OTS_NotLoaded();
 		}
-		if(isset($this->data['promotion'])) {
+		return \OTS_Toolbox::getVocationFromPromotion($this->data['vocation'], $this->data['promotion'] ?? 0);
 			global $config;
 			if((int)$this->data['promotion'] > 0)
 				return ($this->data['vocation'] + ($this->data['promotion'] * $config['vocations_amount']));
 		}
 		return $this->data['vocation'];
 	}
@@ -1574,12 +1398,7 @@ class OTS_Player extends OTS_Row_DAO
 */
 	public function getCap()
 	{
-		if( !isset($this->data['cap']) )
+		return $this->data['cap'] ?? 0;
 		{
 			throw new E_OTS_NotLoaded();
 		}
 		return $this->data['cap'];
 	}
 /**
@@ -1792,12 +1611,12 @@ class OTS_Player extends OTS_Row_DAO
 */
 	public function getSkullTime()
 	{
-		if( !isset($this->data['skulltime']) )
+		$column = 'skulltime';
-		{
+		if($this->db->hasColumn('players', 'skull_time')) {
-			throw new E_OTS_NotLoaded();
+			$column = 'skull_time';
 		}
-		return $this->data['skulltime'];
+		return $this->data[$column] ?? 0;
 	}
 /**
@@ -1811,7 +1630,12 @@ class OTS_Player extends OTS_Row_DAO
 */
 	public function setSkullTime($skulltime)
 	{
-		$this->data['skulltime'] = (int) $skulltime;
+		$column = 'skulltime';
 		if($this->db->hasColumn('players', 'skull_time')) {
 			$column = 'skull_time';
 		}
 		$this->data[$column] = (int) $skulltime;
 	}
 /**
@@ -3250,6 +3074,10 @@ class OTS_Player extends OTS_Row_DAO
 		return 0;
 	}
 	public function setData(array $data): void{
 		$this->data = $data;
 	}
 /**
 * Magic PHP5 method.
 *
--- a/system/libs/pot/OTS_Toolbox.php
+++ b/system/libs/pot/OTS_Toolbox.php
@@ -13,6 +13,8 @@
 * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
 */
 use MyAAC\Server\XML\Vocations;
 /**
 * Toolbox for common operations.
 *
@@ -110,14 +112,21 @@ class OTS_Toolbox
 		$list->setFilter($filter);
 		return $list;
 	}
-
+	public static function getVocationFromPromotion($id, $promotion = 0): int
 	public static function getVocationName($id, $promotion = 0): string
 	{
 		if($promotion > 0) {
-			$id = ($id + ($promotion * config('vocations_amount')));
+			for ($i = 0; $i < $promotion; $i++) {
 				if ($_id = Vocations::getPromoted($id)) {
 					$id = $_id;
 				}
 			}
 		}
-		return config('vocations')[$id] ?? 'Unknown';
+		return $id;
 	}
 	public static function getVocationName($id, $promotion = 0): string {
 		return config('vocations')[self::getVocationFromPromotion($id, $promotion)] ?? 'Unknown';
 	}
 }
--- a/system/locale/de/install.php
+++ b/system/locale/de/install.php
@@ -67,7 +67,7 @@ $locale['step_database'] = 'Schema importieren';
 $locale['step_database_title'] = 'MySQL schema importieren';
 $locale['step_database_importing'] = 'Ihre Datenbank ist MySQL. Datenbankname ist: "$DATABASE_NAME$". Schema wird jetzt importiert...';
 $locale['step_database_error_path'] = 'Bitte geben Sie den Serverpfad an.';
-$locale['step_database_error_config'] = 'Datei config.lua kann nicht gefunden werden. Ist der Serverpfad korrekt? Gehen Sie zurück und überprüfen Sie noch einmal.';
+$locale['step_database_error_config'] = 'Datei config.lua oder config/server.toml kann nicht gefunden werden. Ist der Serverpfad korrekt? Gehen Sie zurück und überprüfen Sie noch einmal.';
 $locale['step_database_error_database_empty'] = 'Der Datenbanktyp kann nicht aus config.lua ermittelt werden. Ihr OTS wird von diesem AAC nicht unterstützt.';
 $locale['step_database_error_only_mysql'] = 'Dieser AAC unterstützt nur MySQL. Aus Ihrer Konfigurationsdatei scheint Ihr OTS die Datenbank $DATABASE_TYPE$ zu verwenden. Bitte ändern Sie Ihre Datenbank in MySQL und folgen Sie dann der Installation erneut.';
 $locale['step_database_error_table'] = 'Die Tabelle $TABLE$ existiert nicht. Bitte importieren Sie zuerst Ihr OTS-Datenbankschema.';
--- a/system/locale/en/install.php
+++ b/system/locale/en/install.php
@@ -72,7 +72,7 @@ $locale['step_database_title'] = 'Import MySQL schema';
 $locale['step_database_importing'] = 'Your database is MySQL. Database name is: "$DATABASE_NAME$". Importing schema now...';
 $locale['step_database_config_saved'] = 'Local configuration has been saved into file: config.local.php';
 $locale['step_database_error_path'] = 'Please specify server path.';
-$locale['step_database_error_config'] = 'Cannot find config.lua file. Is your server path correct? Go back and check again.';
+$locale['step_database_error_config'] = 'Cannot find config.lua or config/server.toml file. Is your server path correct? Go back and check again.';
 $locale['step_database_error_database_empty'] = 'Cannot determine database type from config.lua. Your OTS is unsupported by this AAC.';
 $locale['step_database_error_only_mysql'] = 'This AAC supports only MySQL. From your config file it seems that your OTS is using: $DATABASE_TYPE$ database. Please change your database to MySQL and then follow the installation again.';
 $locale['step_database_error_table'] = 'Table $TABLE$ doesn\'t exist. Please import your OTS database schema first.';
--- a/system/locale/pl/install.php
+++ b/system/locale/pl/install.php
@@ -71,7 +71,7 @@ $locale['step_database_title'] = 'Baza MySQL';
 $locale['step_database_importing'] = 'Twoja baza to MySQL. Nazwa bazy danych to: "$DATABASE_NAME$". Importowanie schematu...';
 $locale['step_database_config_saved'] = 'Lokalna konfiguracja została zapisana do pliku: config.local.php';
 $locale['step_database_error_path'] = 'Proszę podać ścieżkę do serwera.';
-$locale['step_database_error_config'] = 'Nie można znaleźć pliku config.lua. Czy ścieżka do katalogu serwera jest poprawna? Wróć się i sprawdź ponownie.';
+$locale['step_database_error_config'] = 'Nie można znaleźć pliku config.lua lub config/server.toml. Czy ścieżka do katalogu serwera jest poprawna? Wróć się i sprawdź ponownie.';
 $locale['step_database_error_database_empty'] = 'Nie można wykryć typu bazy danych z pliku config.lua. Prawdopodobnie Twój OTS nie jest wspierany przez ten AAC.';
 $locale['step_database_error_only_mysql'] = 'Ten AAC wspiera tylko bazy danych MySQL. Z Twojego pliku config wynika, że Twój serwera używa bazy: $DATABASE_TYPE$. Proszę zmienić typ bazy na MySQL i ponownie przystąpić do instalacji.';
 $locale['step_database_error_table'] = 'Tabela $TABLE$ nie istnieje. Proszę najpierw zaimportować schemat bazy danych serwera OTS.';
--- a/system/locale/pt_br/install.php
+++ b/system/locale/pt_br/install.php
@@ -61,7 +61,7 @@ $locale['step_database'] = 'Importar schema';
 $locale['step_database_title'] = 'Importar MySQL schema';
 $locale['step_database_importing'] = 'Seu banco de dados é o MySQL. O nome do banco de dados é: "$DATABASE_NAME$". Importando schema agora...';
 $locale['step_database_error_path'] = 'Por favor, especifique o caminho da pasta do servidor.';
-$locale['step_database_error_config'] = 'Não é possível encontrar o arquivo config.lua. O caminho da pasta do seu servidor está correto? Volte e verifique novamente.';
+$locale['step_database_error_config'] = 'Não é possível encontrar o arquivo config.lua ou config/server.toml. O caminho da pasta do seu servidor está correto? Volte e verifique novamente.';
 $locale['step_database_error_database_empty'] = 'Não é possível determinar o tipo de banco de dados a partir do config.lua. Seu OTS não é suportado por este AAC.';
 $locale['step_database_error_only_mysql'] = 'Este AAC suporta apenas o MySQL. A partir do seu arquivo de configuração, parece que o seu OTS está usando: $DATABASE_TYPE$ database. Por favor, mude seu banco de dados para o MySQL e siga a instalação novamente.';
 $locale['step_database_error_table'] = 'A tabela $TABLE$ não existe. Por favor, importe seu schema de banco de dados OTS primeiro.';
--- a/system/migrations/20.php
+++ b/system/migrations/20.php
@@ -1,5 +1,6 @@
 <?php
 use MyAAC\Models\Player as PlayerModel;
 use MyAAC\Settings;
 function updateHighscoresIdsHidden(): void
@@ -10,12 +11,22 @@ function updateHighscoresIdsHidden(): void
 		return;
 	}
-	$query = $db->query("SELECT `id` FROM `players` WHERE (`name` = " . $db->quote("Rook Sample") . " OR `name` = " . $db->quote("Sorcerer Sample") . " OR `name` = " . $db->quote("Druid Sample") . " OR `name` = " . $db->quote("Paladin Sample") . " OR `name` = " . $db->quote("Knight Sample") . " OR `name` = " . $db->quote("Account Manager") . ") ORDER BY `id`;");
+	$players = PlayerModel::where('name', 'Rook Sample')
 		->orWhere('name', 'Sorcerer Sample')
 		->orWhere('name', 'Druid Sample')
 		->orWhere('name', 'Paladin Sample')
 		->orWhere('name', 'Knight Sample')
 		->orWhere('name', 'Monk Sample')
 		->orWhere('name', 'Account Manager')
 		->orderBy('id')
 		->select('id')
 		->get();
-	$highscores_ignored_ids = array();
+	$highscores_ignored_ids = [];
-	if ($query->rowCount() > 0) {
+	if (count($players) > 0) {
-		foreach ($query->fetchAll() as $result)
+		foreach ($players as $result) {
-			$highscores_ignored_ids[] = $result['id'];
+			$highscores_ignored_ids[] = $result->id;
 		}
 	} else {
 		$highscores_ignored_ids[] = 0;
 	}
--- a/system/migrations/47.php
+++ b/system/migrations/47.php
@@ -0,0 +1,42 @@
 <?php
 /**
 * @var OTS_DB_MySQL $db
 */
 // 2025-02-27
 // remove ipv6, change to ip (for both ipv4 + ipv6) as VARCHAR(45)
 $up = function () use ($db) {
 	$accountActionsInfo = $db->getColumnInfo(TABLE_PREFIX . 'account_actions', 'account_id');
 	if ($accountActionsInfo && is_array($accountActionsInfo) && $accountActionsInfo['key'] == 'pri') {
 		$db->query("ALTER TABLE `myaac_account_actions` DROP KEY `account_id`;");
 	}
 	if (!$db->hasColumn(TABLE_PREFIX . 'account_actions', 'id')) {
 		$db->addColumn(TABLE_PREFIX . 'account_actions', 'id', 'INT NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (`id`)');
 	}
 	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'ip', "VARCHAR(45) NOT NULL DEFAULT ''");
 	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET_NTOA(`ip`) WHERE `ip` != '0';");
 	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET6_NTOA(`ipv6`) WHERE `ip` = '0';");
 	if ($db->hasColumn(TABLE_PREFIX . 'account_actions', 'ipv6')) {
 		$db->dropColumn(TABLE_PREFIX . 'account_actions', 'ipv6');
 	}
 };
 $down = function () use ($db) {
 	if ($db->hasColumn(TABLE_PREFIX . 'account_actions', 'id')) {
 		$db->query("ALTER TABLE `" . TABLE_PREFIX . "account_actions` DROP `id`;");
 	}
 	$db->query("ALTER TABLE  `" . TABLE_PREFIX . "account_actions` ADD KEY (`account_id`);");
 	if (!$db->hasColumn(TABLE_PREFIX . 'account_actions', 'ipv6')) {
 		$db->addColumn(TABLE_PREFIX . 'account_actions', 'ipv6', "BINARY(16) NOT NULL DEFAULT 0x00000000000000000000000000000000 AFTER ip");
 	}
 	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ipv6` = INET6_ATON(ip) WHERE NOT IS_IPV4(`ip`);");
 	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = INET_ATON(`ip`) WHERE IS_IPV4(`ip`);");
 	$db->query("UPDATE `" . TABLE_PREFIX . "account_actions` SET `ip` = 0 WHERE `ipv6` != 0x00000000000000000000000000000000;");
 	$db->modifyColumn(TABLE_PREFIX . 'account_actions', 'ip', "INT(11) UNSIGNED NOT NULL DEFAULT 0;");
 };
--- a/system/migrations/48.php
+++ b/system/migrations/48.php
@@ -0,0 +1,16 @@
 <?php
 /**
 * @var OTS_DB_MySQL $db
 */
 $up = function () use ($db) {
 	if (!$db->hasColumn(TABLE_PREFIX . 'menu', 'access')) {
 		$db->addColumn(TABLE_PREFIX . 'menu', 'access', 'TINYINT NOT NULL DEFAULT 0 AFTER `link`');
 	}
 };
 $down = function () use ($db) {
 	if ($db->hasColumn(TABLE_PREFIX . 'menu', 'access')) {
 		$db->dropColumn(TABLE_PREFIX . 'menu', 'access');
 	}
 };
--- a/system/migrations/49.php
+++ b/system/migrations/49.php
@@ -0,0 +1,91 @@
 <?php
 /**
 * @var OTS_DB_MySQL $db
 */
 use MyAAC\Models\Account as AccountModel;
 $time = time();
 $accountId = getSession('account') ?? 1;
 if (!defined('MYAAC_INSTALL')) {
 	$accountModel = AccountModel::where('web_flags', 3)->first();
 	if ($accountModel) {
 		$accountId = $accountModel->id;
 	}
 }
 function insert_sample_if_not_exist($p): void
 {
 	global $time, $accountId;
 	$player = new OTS_Player();
 	$player->find($p['name']);
 	if (!$player->isLoaded()) {
 		$player->setData([
 			'name' => $p['name'],
 			'group_id' => 1,
 			'account_id' => $accountId,
 			'level' => $p['level'],
 			'vocation' => $p['vocation_id'],
 			'health' => $p['health'],
 			'healthmax' => $p['healthmax'],
 			'experience' => $p['experience'],
 			'lookbody' => 118,
 			'lookfeet' => 114,
 			'lookhead' => 38,
 			'looklegs' => 57,
 			'looktype' => $p['looktype'],
 			'maglevel' => 0,
 			'mana' => $p['mana'],
 			'manamax' => $p['manamax'],
 			'manaspent' => 0,
 			'soul' => $p['soul'],
 			'town_id' => 1,
 			'posx' => 1000,
 			'posy' => 1000,
 			'posz' => 7,
 			'conditions' => '',
 			'cap' => $p['cap'],
 			'sex' => 1,
 			'lastlogin' => $time,
 			'lastip' => 2130706433,
 			'save' => 1,
 			'lastlogout' => $time,
 			'balance' => 0,
 			'created' => $time,
 			'hide' => 1,
 			'comment' => '',
 		]);
 		$player->save();
 	}
 }
 $up = function () use ($db) {
 	if (!$db->hasTable('players')) {
 		return;
 	}
 	insert_sample_if_not_exist(['name' => 'Rook Sample', 'level' => 1, 'vocation_id' => 0, 'health' => 150, 'healthmax' => 150, 'experience' => 0, 'looktype' => 130, 'mana' => 0, 'manamax' => 0, 'soul' => 100, 'cap' => 400]);
 	insert_sample_if_not_exist(['name' => 'Sorcerer Sample', 'level' => 8, 'vocation_id' => 1, 'health' => 185, 'healthmax' => 185, 'experience' => 4200, 'looktype' => 130, 'mana' => 90, 'manamax' => 90, 'soul' => 100, 'cap' => 470]);
 	insert_sample_if_not_exist(['name' => 'Druid Sample', 'level' => 8, 'vocation_id' => 2, 'health' => 185, 'healthmax' => 185, 'experience' => 4200, 'looktype' => 130, 'mana' => 90, 'manamax' => 90, 'soul' => 100, 'cap' => 470]);
 	insert_sample_if_not_exist(['name' => 'Paladin Sample', 'level' => 8, 'vocation_id' => 3, 'health' => 185, 'healthmax' => 185, 'experience' => 4200, 'looktype' => 129, 'mana' => 90, 'manamax' => 90, 'soul' => 100, 'cap' => 470]);
 	insert_sample_if_not_exist(['name' => 'Knight Sample', 'level' => 8, 'vocation_id' => 4, 'health' => 185, 'healthmax' => 185, 'experience' => 4200, 'looktype' => 131, 'mana' => 90, 'manamax' => 90, 'soul' => 100, 'cap' => 470]);
 	insert_sample_if_not_exist(['name' => 'Monk Sample', 'level' => 8, 'vocation_id' => 9, 'health' => 185, 'healthmax' => 185, 'experience' => 4200, 'looktype' => 128, 'mana' => 90, 'manamax' => 90, 'soul' => 100, 'cap' => 470]);
 	if (defined('MYAAC_INSTALL')) {
 		global $locale;
 		success($locale['step_database_imported_players']);
 	}
 	require_once __DIR__ . '/20.php';
 	updateHighscoresIdsHidden();
 };
 $down = function () {
 	// nothing
 };
--- a/system/migrations/50-gallery.sql
+++ b/system/migrations/50-gallery.sql
@@ -0,0 +1,11 @@
 CREATE TABLE IF NOT EXISTS `myaac_gallery`
 (
 	`id` int NOT NULL AUTO_INCREMENT,
 	`comment` varchar(255) NOT NULL DEFAULT '',
 	`image` varchar(255) NOT NULL,
 	`thumb` varchar(255) NOT NULL,
 	`author` varchar(50) NOT NULL DEFAULT '',
 	`ordering` int NOT NULL DEFAULT 0,
 	`hide` tinyint NOT NULL DEFAULT 0,
 	PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARACTER SET=utf8mb4;
--- a/system/migrations/50.php
+++ b/system/migrations/50.php
@@ -0,0 +1,16 @@
 <?php
 /**
 * @var OTS_DB_MySQL $db
 */
 $up = function () use ($db) {
 	if ($db->hasTable(TABLE_PREFIX . 'gallery')) {
 		$db->dropTable(TABLE_PREFIX . 'gallery');
 	}
 };
 $down = function () use ($db) {
 	if (!$db->hasTable(TABLE_PREFIX . 'gallery')) {
 		$db->query(file_get_contents(__DIR__ . '/50-gallery.sql'));
 	}
 };
--- a/system/migrations/51.php
+++ b/system/migrations/51.php
@@ -0,0 +1,10 @@
 <?php
 $up = function () use ($db) {
 	$db->modifyColumn(TABLE_PREFIX . 'config', 'name', "varchar(255) NOT NULL");
 	$db->modifyColumn(TABLE_PREFIX . 'config', 'value', "varchar(10000) NOT NULL");
 };
 $down = function () {
 	// nothing to do, to not lose data
 };
--- a/system/migrations/52.php
+++ b/system/migrations/52.php
@@ -0,0 +1,13 @@
 <?php
 /**
 * 2026-04-12
 * Add indexes to myaac_account_actions table
 */
 $up = function () use ($db) {
 	$db->query("CREATE INDEX `myaac_account_actions_account_id` ON `myaac_account_actions` (`account_id`);");
 	$db->query("CREATE INDEX `myaac_account_actions_ip` ON `myaac_account_actions` (`ip`);");
 };
 $down = function () {
 	// nothing to do, to not lose data
 };
--- a/system/pages/#examples/top-5.php
+++ b/system/pages/#examples/top-5.php
@@ -0,0 +1,29 @@
 <?php
 /**
 * Example of using getTopPlayers() function
 * to display the best players for each skill
 */
 defined('MYAAC') or die('Direct access not allowed!');
 $skills = [
 	'magic', 'level',
 	'balance', 'frags',
 	POT::SKILL_FIST, POT::SKILL_CLUB,
 	POT::SKILL_SWORD, POT::SKILL_AXE,
 	POT::SKILL_DISTANCE, POT::SKILL_SHIELD,
 	POT::SKILL_FISH
 ];
 foreach ($skills as $skill) {?>
 <ul>
 <?php
 	echo '<strong>' . ucwords(is_string($skill) ? $skill : getSkillName($skill)) . '</strong>';
 	foreach (getTopPlayers(5, $skill) as $player) {?>
 		<li><?= $player['rank'] . '. ' . $player['name'] . ' - ' . $player['value']; ?></li>
 		<?php
 	}
 	?>
 </ul>
 <?php
 }
--- a/system/pages/account/create.php
+++ b/system/pages/account/create.php
@@ -10,6 +10,7 @@
 */
 use MyAAC\CreateCharacter;
 use MyAAC\Models\AccountAction;
 use MyAAC\Models\AccountEmailVerify;
 defined('MYAAC') or die('Direct access not allowed!');
@@ -44,6 +45,16 @@ $errors = array();
 $save = isset($_POST['save']) && $_POST['save'] == 1;
 if($save)
 {
 	$cooldown = setting('core.account_create_ip_block_cooldown');;
 	if ($cooldown > 0) {
 		$accountAction = AccountAction::where('ip', get_browser_real_ip())->where('action', 'Account created.')->where('date', '>=', time() - ($cooldown * 60))->first();
 		if ($accountAction) {
 			$minute = ($cooldown > 1 ? 'minutes' : 'minute');
 			$errors['account'] = "You have to wait $cooldown $minute before creating another account.";
 		}
 	}
 	if(!config('account_login_by_email')) {
 		if(USE_ACCOUNT_NAME) {
 			$account_name = $_POST['account'];
@@ -140,7 +151,7 @@ if($save)
 		'country' => $country,
 		'password' => $password,
 		'password_confirm' => $password_confirm,
-		'accept_rules' => isset($_POST['accept_rules']) ? $_POST['accept_rules'] === 'true' : false,
+		'accept_rules' => isset($_POST['accept_rules']) && $_POST['accept_rules'] === 'true',
 	);
 	if (!config('account_login_by_email')) {
@@ -192,6 +203,21 @@ if($save)
 		$new_account->setPassword(encrypt($password));
 		$new_account->setEMail($email);
 		$settingAccountPremiumDays = setting('core.account_premium_days');
 		if($settingAccountPremiumDays && $settingAccountPremiumDays > 0) {
 			$new_account->setPremDays($settingAccountPremiumDays);
 			if (!isCanary()) {
 				$lastDay = 0;
 				if($settingAccountPremiumDays != 0 && $settingAccountPremiumDays != OTS_Account::GRATIS_PREMIUM_DAYS) {
 					$lastDay = time();
 				}
 				$new_account->setLastLogin($lastDay);
 			}
 		}
 		$new_account->save();
 		$hooks->trigger(HOOK_ACCOUNT_CREATE_AFTER_SAVED, ['account' => $new_account]);
@@ -206,22 +232,6 @@ if($save)
 			$new_account->setCustomField('country', $country);
 		}
 		$settingAccountPremiumDays = setting('core.account_premium_days');
 		if($settingAccountPremiumDays && $settingAccountPremiumDays > 0) {
 			if($db->hasColumn('accounts', 'premend')) { // othire
 				$new_account->setCustomField('premend', time() + $settingAccountPremiumDays * 86400);
 			}
 			else { // rest
 				if ($db->hasColumn('accounts', 'premium_ends_at')) { // TFS 1.4+
 					$new_account->setCustomField('premium_ends_at', time() + $settingAccountPremiumDays * (60 * 60 * 24));
 				}
 				else {
 					$new_account->setCustomField('premdays', $settingAccountPremiumDays);
 					$new_account->setCustomField('lastday', time());
 				}
 			}
 		}
 		$accountDefaultPremiumPoints = setting('core.account_premium_points');
 		if($accountDefaultPremiumPoints > 0) {
 			$new_account->setCustomField('premium_points', $accountDefaultPremiumPoints);
--- a/system/pages/account/lost.php
+++ b/system/pages/account/lost.php
@@ -9,540 +9,11 @@
 * @link      https://my-aac.org
 */
 defined('MYAAC') or die('Direct access not allowed!');
-$title = 'Lost Account Interface';
+$title = 'Lost Account';
-if(!setting('core.mail_enabled'))
+if(!setting('core.mail_enabled')) {
-{
+	echo "<b>Account maker is not configured to send e-mails, you can't use Lost Account Interface. Contact with admin to get help.</b>";
 	echo '<b>Account maker is not configured to send e-mails, you can\'t use Lost Account Interface. Contact with admin to get help.</b>';
 	return;
 }
-$action_type = isset($_REQUEST['action_type']) ? $_REQUEST['action_type'] : '';
+$twig->display('account/lost/form.html.twig');
 if($action == '')
 {
 	$twig->display('account.lost.form.html.twig');
 }
 else if($action == 'step1' && $action_type == '') {
 	$twig->display('account.lost.noaction.html.twig');
 }
 elseif($action == 'step1' && $action_type == 'email')
 {
 	$nick = stripslashes($_REQUEST['nick']);
 	if(Validator::characterName($nick))
 	{
 		$player = new OTS_Player();
 		$account = new OTS_Account();
 		$player->find($nick);
 		if($player->isLoaded())
 			$account = $player->getAccount();
 		if($account->isLoaded())
 		{
 			if($account->getCustomField('email_next') < time())
 				echo 'Please enter e-mail to account with this character.<BR>
 				<form action="' . getLink('account/lost') . '?action=sendcode" method=post>
 				<input type=hidden name="character">
 				<table cellspacing=1 cellpadding=4 border=0 width=100%>
 				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter e-mail to account</B></TD></TR>
 				<TR><TD BGCOLOR="'.$config['darkborder'].'">
 				Character: <INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR>
 				E-mail to account:<INPUT TYPE=text NAME="email" VALUE="" SIZE="40"><BR>
 				</TD></TR>
 				</TABLE>
 				<BR>
 				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				' . $twig->render('buttons.submit.html.twig') . '</div>
 				</TD></TR></FORM></TABLE></TABLE>';
 			else
 			{
 				$insec = (int)$account->getCustomField('email_next') - time();
 				$minutesleft = floor($insec / 60);
 				$secondsleft = $insec - ($minutesleft * 60);
 				$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
 				echo 'Account of selected character (<b>'.$nick.'</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
 			}
 		}
 		else
 			echo 'Player or account of player <b>' . $nick . '</b> doesn\'t exist.';
 	}
 	else
 		echo 'Invalid player name format. If you have other characters on account try with other name.';
 	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				<a href="' . getLink('account/lost') . '" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'sendcode')
 {
 	$email = $_REQUEST['email'];
 	$nick = stripslashes($_REQUEST['nick']);
 	if(Validator::characterName($nick))
 	{
 		$player = new OTS_Player();
 		$account = new OTS_Account();
 		$player->find($nick);
 		if($player->isLoaded())
 			$account = $player->getAccount();
 		if($account->isLoaded())
 		{
 			if($account->getCustomField('email_next') < time())
 			{
 				if($account->getEMail() == $email)
 				{
 					$newcode = generateRandomString(30, true, false, true);
 					$mailBody = '
 					You asked to reset your ' . $config['lua']['serverName'] . ' password.<br/>
 					<p>Account name: '.$account->getName().'</p>
 					<br />
 					To do so, please click this link:
 					<p><a href="' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'">' . getLink('account/lost') . '?action=checkcode&code='.$newcode.'&character='.urlencode($nick).'</a></p>
 					<p>or open page: <i>' . getLink('account/lost') . '?action=checkcode</i> and in field "code" write <b>'.$newcode.'</b></p>
 					<br/>
 						<p>If you did not request a password change, you may ignore this message and your password will remain unchanged.';
 					$account_mail = $account->getCustomField('email');
 					if(_mail($account_mail, $config['lua']['serverName'].' - Recover your account', $mailBody))
 					{
 						$account->setCustomField('email_code', $newcode);
 						$account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval')));
 						echo '<br />Details about steps required to recover your account has been sent to <b>' . $account_mail . '</b>. You should receive this email within 15 minutes. Please check your inbox/spam directory.';
 					}
 					else
 					{
 						$account->setCustomField('email_next', (time() + 60));
 						echo '<br /><p class="error">An error occurred while sending email! Try again later or contact with admin. For Admin: More info can be found in system/logs/mailer-error.log</p>';
 					}
 				}
 				else
 					echo 'Invalid e-mail to account of character <b>'.$nick.'</b>. Try again.';
 			}
 			else
 			{
 				$insec = (int)$account->getCustomField('email_next') - time();
 				$minutesleft = floor($insec / 60);
 				$secondsleft = $insec - ($minutesleft * 60);
 				$timeleft = $minutesleft.' minutes '.$secondsleft.' seconds';
 				echo 'Account of selected character (<b>'.$nick.'</b>) received e-mail in last '.ceil(setting('core.mail_lost_account_interval') / 60).' minutes. You must wait '.$timeleft.' before you can use Lost Account Interface again.';
 			}
 		}
 		else
 			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
 	}
 	else
 		echo 'Invalid player name format. If you have other characters on account try with other name.';
 	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				<a href="' . getLink('account/lost') . '?action=step1&action_type=email&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'step1' && $action_type == 'reckey')
 {
 	$nick = stripslashes($_REQUEST['nick']);
 	if(Validator::characterName($nick))
 	{
 		$player = new OTS_Player();
 		$account = new OTS_Account();
 		$player->find($nick);
 		if($player->isLoaded())
 			$account = $player->getAccount();
 		if($account->isLoaded())
 		{
 			$account_key = $account->getCustomField('key');
 			if(!empty($account_key))
 			{
 						echo 'If you enter right recovery key you will see form to set new e-mail and password to account. To this e-mail will be send your new password and account name.<BR>
 						<FORM ACTION="' . getLink('account/lost') . '?action=step2" METHOD=post>
 						<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 						<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter your recovery key</B></TD></TR>
 						<TR><TD BGCOLOR="'.$config['darkborder'].'">
 						Character name:&nbsp;<INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR />
 						Recovery key:&nbsp;&nbsp;&nbsp;&nbsp;<INPUT TYPE=text NAME="key" VALUE="" SIZE="40"><BR>
 						</TD></TR>
 						</TABLE>
 						<BR>
 						<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 						' . $twig->render('buttons.submit.html.twig') . '</div>
 						</TD></TR></FORM></TABLE></TABLE>';
 			}
 			else
 				echo 'Account of this character has no recovery key!';
 		}
 		else
 			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
 	}
 	else
 		echo 'Invalid player name format. If you have other characters on account try with other name.';
 	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				<a href="' . getLink('account/lost') . '" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'step2')
 {
 	$rec_key = trim($_REQUEST['key']);
 	$nick = stripslashes($_REQUEST['nick']);
 	if(Validator::characterName($nick))
 	{
 		$player = new OTS_Player();
 		$account = new OTS_Account();
 		$player->find($nick);
 		if($player->isLoaded())
 			$account = $player->getAccount();
 		if($account->isLoaded())
 		{
 			$account_key = $account->getCustomField('key');
 			if(!empty($account_key))
 			{
 				if($account_key == $rec_key)
 				{
 					echo '<script type="text/javascript">
 					function validate_required(field,alerttxt)
 					{
 					with (field)
 					{
 					if (value==null||value==""||value==" ")
 					  {alert(alerttxt);return false;}
 					else {return true}
 					}
 					}
 					function validate_email(field,alerttxt)
 					{
 					with (field)
 					{
 					apos=value.indexOf("@");
 					dotpos=value.lastIndexOf(".");
 					if (apos<1||dotpos-apos<2)
 					  {alert(alerttxt);return false;}
 					else {return true;}
 					}
 					}
 					function validate_form(thisform)
 					{
 					with (thisform)
 					{
 					if (validate_required(email,"Please enter your e-mail!")==false)
 					  {email.focus();return false;}
 					if (validate_email(email,"Invalid e-mail format!")==false)
 					  {email.focus();return false;}
 					if (validate_required(passor,"Please enter password!")==false)
 					  {passor.focus();return false;}
 					if (validate_required(passor2,"Please repeat password!")==false)
 					  {passor2.focus();return false;}
 					if (passor2.value!=passor.value)
 					  {alert(\'Repeated password is not equal to password!\');return false;}
 					}
 					}
 					</script>';
 					echo 'Set new password and e-mail to your account.<BR>
 					<FORM ACTION="' . getLink('account/lost') . '?action=step3" onsubmit="return validate_form(this)" METHOD=post>
 					<INPUT TYPE=hidden NAME="character" VALUE="">
 					<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 					<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Please enter new password and e-mail</B></TD></TR>
 					<TR><TD BGCOLOR="'.$config['darkborder'].'">
 					Account of character:&nbsp;&nbsp;<INPUT TYPE=text NAME="nick" VALUE="'.$nick.'" SIZE="40" readonly="readonly"><BR />
 					New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<INPUT id="passor" TYPE=password NAME="passor" VALUE="" SIZE="40"><BR>
 					Repeat new password:&nbsp;&nbsp;<INPUT id="passor2" TYPE=password NAME="passor" VALUE="" SIZE="40"><BR>
 					New e-mail address:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<INPUT id="email" TYPE=text NAME="email" VALUE="" SIZE="40"><BR>
 					<INPUT TYPE=hidden NAME="key" VALUE="'.$rec_key.'">
 					</TD></TR>
 					</TABLE>
 					<BR>
 					<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 					' . $twig->render('buttons.submit.html.twig') . '</div>
 					</TD></TR></FORM></TABLE></TABLE>';
 				}
 				else
 					echo 'Wrong recovery key!';
 			}
 			else
 				echo 'Account of this character has no recovery key!';
 		}
 		else
 			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
 	}
 	else
 		echo 'Invalid player name format. If you have other characters on account try with other name.';
 	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'step3')
 {
 	$rec_key = trim($_REQUEST['key']);
 	$nick = stripslashes($_REQUEST['nick']);
 	$new_pass = trim($_REQUEST['passor']);
 	$new_email = trim($_REQUEST['email']);
 	if(Validator::characterName($nick))
 	{
 		$player = new OTS_Player();
 		$account = new OTS_Account();
 		$player->find($nick);
 		if($player->isLoaded())
 			$account = $player->getAccount();
 		if($account->isLoaded())
 		{
 			$account_key = $account->getCustomField('key');
 			if(!empty($account_key))
 			{
 				if($account_key == $rec_key)
 				{
 					if(Validator::password($new_pass))
 					{
 						if(Validator::email($new_email))
 						{
 							$account->setEMail($new_email);
 							$tmp_new_pass = $new_pass;
 							if(USE_ACCOUNT_SALT)
 							{
 								$salt = generateRandomString(10, false, true, true);
 								$tmp_new_pass = $salt . $new_pass;
 							}
 							$account->setPassword(encrypt($tmp_new_pass));
 							$account->save();
 							if(USE_ACCOUNT_SALT)
 								$account->setCustomField('salt', $salt);
 							echo 'Your account name, new password and new e-mail.<BR>
 							<FORM ACTION="' . getLink('account/manage') . '" onsubmit="return validate_form(this)" METHOD=post>
 							<INPUT TYPE=hidden NAME="character" VALUE="">
 							<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 							<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Your account name, new password and new e-mail</B></TD></TR>
 							<TR><TD BGCOLOR="'.$config['darkborder'].'">
 							Account name:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>'.$account->getName().'</b><BR>
 							New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<b>'.$new_pass.'</b><BR>
 							New e-mail address:&nbsp;<b>'.$new_email.'</b><BR>';
 							if($account->getCustomField('email_next') < time())
 							{
 								$mailBody = '
 								<h3>Your account name and new password!</h3>
 								<p>Changed password and e-mail to your account in Lost Account Interface on server <a href="'.BASE_URL.'"><b>'.$config['lua']['serverName'].'</b></a></p>
 								<p>Account name: <b>'.$account->getName().'</b></p>
 								<p>New password: <b>'.$new_pass.'</b></p>
 								<p>E-mail: <b>'.$new_email.'</b> (this e-mail)</p>
 								<br />
 								<p><u>It\'s automatic e-mail from OTS Lost Account System. Do not reply!</u></p>';
 								if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - New password to your account", $mailBody))
 								{
 									echo '<br /><small>Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!</small>';
 								}
 								else
 								{
 									echo '<br /><p class="error">An error occurred while sending email! You will not receive e-mail with this informations. For Admin: More info can be found in system/logs/mailer-error.log</p>';
 								}
 							}
 							else
 							{
 								echo '<br /><small>You will not receive e-mail with this informations.</small>';
 							}
 							echo '<INPUT TYPE=hidden NAME="account_login" VALUE="'.$account->getId().'">
 							<INPUT TYPE=hidden NAME="password_login" VALUE="'.$new_pass.'">
 							</TD></TR></TABLE><BR>
 							<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 							<INPUT TYPE=image NAME="Login" ALT="Login" SRC="'.$template_path.'/images/global/buttons/sbutton_login.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
 							</TD></TR></FORM></TABLE></TABLE>';
 						}
 						else
 							echo Validator::getLastError();
 					}
 					else
 						echo Validator::getLastError();
 				}
 				else
 					echo 'Wrong recovery key!';
 			}
 			else
 				echo 'Account of this character has no recovery key!';
 		}
 		else
 			echo 'Player or account of player <b>'.$nick.'</b> doesn\'t exist.';
 	}
 	else
 		echo 'Invalid player name format. If you have other characters on account try with other name.';
 	echo '<BR /><TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				<a href="' . getLink('account/lost') . '?action=step1&action_type=reckey&nick='.urlencode($nick).'" border="0"><IMG SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" NAME="Back" ALT="Back" BORDER=0 WIDTH=120 HEIGHT=18></a></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'checkcode')
 {
 	$code = trim($_REQUEST['code']);
 	$character = stripslashes(trim($_REQUEST['character']));
 	if(empty($code) || empty($character))
 		echo 'Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
 				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
 				<TR><TD BGCOLOR="'.$config['darkborder'].'">
 				Your code:&nbsp;<INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
 				Character:&nbsp;<INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
 				</TD></TR>
 				</TABLE>
 				<BR>
 				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				' . $twig->render('buttons.submit.html.twig') . '</div>
 				</TD></TR></FORM></TABLE></TABLE>';
 	else
 	{
 		$player = new OTS_Player();
 		$account = new OTS_Account();
 		$player->find($character);
 		if($player->isLoaded())
 			$account = $player->getAccount();
 		if($account->isLoaded())
 		{
 			if($account->getCustomField('email_code') == $code)
 			{
 				echo '<script type="text/javascript">
 				function validate_required(field,alerttxt)
 				{
 				with (field)
 				{
 				if (value==null||value==""||value==" ")
 				  {alert(alerttxt);return false;}
 				else {return true}
 				}
 				}
 				function validate_form(thisform)
 				{
 				with (thisform)
 				{
 				if (validate_required(passor,"Please enter password!")==false)
 				  {passor.focus();return false;}
 				if (validate_required(passor2,"Please repeat password!")==false)
 				  {passor2.focus();return false;}
 				if (passor2.value!=passor.value)
 				  {alert(\'Repeated password is not equal to password!\');return false;}
 				}
 				}
 				</script>
 				Please enter new password to your account and repeat to make sure you remember password.<BR>
 				<FORM ACTION="' . getLink('account/lost') . '?action=setnewpassword" onsubmit="return validate_form(this)" METHOD=post>
 				<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
 				<INPUT TYPE=hidden NAME="code" VALUE="'.$code.'">
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & account name</B></TD></TR>
 				<TR><TD BGCOLOR="'.$config['darkborder'].'">
 				New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<INPUT TYPE=password ID="passor" NAME="passor" VALUE="" SIZE="40")><BR />
 				Repeat new password:&nbsp;<INPUT TYPE=password ID="passor2" NAME="passor2" VALUE="" SIZE="40")><BR />
 				</TD></TR>
 				</TABLE>
 				<BR>
 				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				' . $twig->render('buttons.submit.html.twig') . '</div>
 				</TD></TR></FORM></TABLE></TABLE>';
 			}
 			else
 				$error= 'Wrong code to change password.';
 		}
 		else
 			$error = 'Account of this character or this character doesn\'t exist.';
 	}
 	if(!empty($error))
 				echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
 				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
 				<TR><TD BGCOLOR="'.$config['darkborder'].'">
 				Your code:&nbsp;<INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
 				Character:&nbsp;<INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
 				</TD></TR>
 				</TABLE>
 				<BR>
 				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				' . $twig->render('buttons.submit.html.twig') . '</div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
 elseif($action == 'setnewpassword')
 {
 	$newpassword = $_REQUEST['passor'];
 	$code = $_REQUEST['code'];
 	$character = stripslashes($_REQUEST['character']);
 	echo '';
 	if(empty($code) || empty($character) || empty($newpassword))
 		echo '<span style="color: red"><b>Error. Try again.</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
 				<BR><FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				<INPUT TYPE=image NAME="Back" ALT="Back" SRC="'.$template_path.'/images/global/buttons/sbutton_back.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 	else
 	{
 		$player = new OTS_Player();
 		$account = new OTS_Account();
 		$player->find($character);
 		if($player->isLoaded())
 			$account = $player->getAccount();
 		if($account->isLoaded())
 		{
 			if($account->getCustomField('email_code') == $code)
 			{
 				if(Validator::password($newpassword))
 				{
 					$tmp_new_pass = $newpassword;
 					if(USE_ACCOUNT_SALT)
 					{
 						$salt = generateRandomString(10, false, true, true);
 						$tmp_new_pass  = $salt . $newpassword;
 						$account->setCustomField('salt', $salt);
 					}
 					$account->setPassword(encrypt($tmp_new_pass ));
 					$account->save();
 					$account->setCustomField('email_code', '');
 					echo 'New password to your account is below. Now you can login.<BR>
 					<INPUT TYPE=hidden NAME="character" VALUE="'.$character.'">
 					<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 					<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Changed password</B></TD></TR>
 					<TR><TD BGCOLOR="'.$config['darkborder'].'">
 					New password:&nbsp;<b>'.$newpassword.'</b><BR />
 					Account name:&nbsp;&nbsp;&nbsp;<i>(Already on your e-mail)</i><BR />';
 					$mailBody = '
 					<h3>Your account name and password!</h3>
 					<p>Changed password to your account in Lost Account Interface on server <a href="'.BASE_URL.'"><b>'.$config['lua']['serverName'].'</b></a></p>
 					<p>Account name: <b>'.$account->getName().'</b></p>
 					<p>New password: <b>'.$newpassword.'</b></p>
 					<br />
 					<p><u>It\'s automatic e-mail from OTS Lost Account System. Do not reply!</u></p>';
 					if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - Your new password", $mailBody))
 					{
 						echo '<br /><small>New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!';
 					}
 					else
 					{
 						echo '<br /><p class="error">New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log';
 					}
 				echo '</TD></TR>
 				</TABLE>
 				<BR>
 				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				<FORM ACTION="' . getLink('account/manage') . '" METHOD=post>
 				<INPUT TYPE=image NAME="Login" ALT="Login" SRC="'.$template_path.'/images/global/buttons/sbutton_login.gif" BORDER=0 WIDTH=120 HEIGHT=18></div>
 				</TD></TR></FORM></TABLE></TABLE>';
 				}
 				else
 					$error= Validator::getLastError();
 			}
 			else
 				$error= 'Wrong code to change password.';
 		}
 		else
 			$error = 'Account of this character or this character doesn\'t exist.';
 	}
 	if(!empty($error))
 				echo '<span style="color: red"><b>'.$error.'</b></span><br />Please enter code from e-mail and name of one character from account. Then press Submit.<BR>
 				<FORM ACTION="' . getLink('account/lost') . '?action=checkcode" METHOD=post>
 				<TABLE CELLSPACING=1 CELLPADDING=4 BORDER=0 WIDTH=100%>
 				<TR><TD BGCOLOR="'.$config['vdarkborder'].'" class="white"><B>Code & character name</B></TD></TR>
 				<TR><TD BGCOLOR="'.$config['darkborder'].'">
 				Your code:&nbsp;<INPUT TYPE=text NAME="code" VALUE="" SIZE="40")><BR />
 				Character:&nbsp;<INPUT TYPE=text NAME="character" VALUE="" SIZE="40")><BR />
 				</TD></TR>
 				</TABLE>
 				<BR>
 				<TABLE CELLSPACING=0 CELLPADDING=0 BORDER=0 WIDTH=100%><TR><TD><div style="text-align:center">
 				' . $twig->render('buttons.submit.html.twig') . '</div>
 				</TD></TR></FORM></TABLE></TABLE>';
 }
--- a/system/pages/account/lost/base.php
+++ b/system/pages/account/lost/base.php
@@ -0,0 +1,18 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 function lostAccountWriteCooldown(string $nick, int $time): void
 {
 	global $twig;
 	$inSec = $time - time();
 	$minutesLeft = floor($inSec / 60);
 	$secondsLeft = $inSec - ($minutesLeft * 60);
 	$timeLeft = "$minutesLeft minutes $secondsLeft seconds";
 	$timeRounded = ceil(setting('core.mail_lost_account_interval') / 60);
 	$twig->display('error_box.html.twig', [
 		'errors' => ["Account of selected character (<b>" . escapeHtml($nick) . "</b>) received e-mail in last $timeRounded minutes. You must wait $timeLeft before you can use Lost Account Interface again."]
 	]);
 }
--- a/system/pages/account/lost/check-code.php
+++ b/system/pages/account/lost/check-code.php
@@ -0,0 +1,51 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 csrfProtect();
 $title = 'Lost Account';
 $code = $_REQUEST['code'] ?? '';
 $character = $_REQUEST['character'] ?? '';
 if(empty($code) || empty($character)) {
 	$twig->display('account/lost/check-code.html.twig', [
 		'code' => $code,
 		'characters' => $character,
 	]);
 }
 else {
 	$player = new OTS_Player();
 	$account = new OTS_Account();
 	$player->find($character);
 	if($player->isLoaded()) {
 		$account = $player->getAccount();
 	}
 	if($account->isLoaded()) {
 		if($account->getCustomField('email_code') == $code) {
 			$twig->display('account/lost/check-code.finish.html.twig', [
 				'character' => $character,
 				'code' => $code,
 			]);
 		}
 		else {
 			$error = 'Wrong code to change password.';
 		}
 	}
 	else {
 		$error = "Account of this character or this character doesn't exist.";
 	}
 }
 if(!empty($error)) {
 	$twig->display('error_box.html.twig', [
 		'errors' => [$error],
 	]);
 	echo '<br/>';
 	$twig->display('account/lost/check-code.html.twig', [
 	]);
 }
--- a/system/pages/account/lost/email/send-code.php
+++ b/system/pages/account/lost/email/send-code.php
@@ -0,0 +1,75 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 csrfProtect();
 require __DIR__ . '/../base.php';
 $title = 'Lost Account';
 $email = $_POST['email'] ?? '';
 $nick = $_POST['nick'] ?? '';
 $player = new OTS_Player();
 $account = new OTS_Account();
 $player->find($nick);
 if($player->isLoaded()) {
 	$account = $player->getAccount();
 }
 if($account->isLoaded()) {
 	if($account->getCustomField('email_next') < time()) {
 		if($account->getEMail() == $email) {
 			$newCode = generateRandomString(30, true, false, true);
 			$mailBody = $twig->render('mail.account.lost.code.html.twig', [
 				'newCode' => $newCode,
 				'account' => $account,
 				'nick' => $nick,
 			]);
 			$accountEMail = $account->getCustomField('email');
 			if(_mail($accountEMail, configLua('serverName') . ' - Recover your account', $mailBody)) {
 				$account->setCustomField('email_code', $newCode);
 				$account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval')));
 				$twig->display('success.html.twig', [
 					'title' => 'Email has been sent',
 					'description' => 'Details about steps required to recover your account has been sent to <b>' . $accountEMail . '</b>. You should receive this email within 15 minutes. Please check your inbox/spam directory.',
 					'custom_buttons' => '',
 				]);
 				$twig->display('account.back_button.html.twig', [
 					'new_line' => true,
 					'center' => true,
 					'action' => getLink('news'),
 				]);
 				return;
 			}
 			$account->setCustomField('email_next', (time() + 60));
 			error('An error occurred while sending email! Try again later or contact with admin. For Admin: More info can be found in system/logs/mailer-error.log</p>');
 		}
 		else {
 			$errors[] = 'Invalid e-mail to account of character <b>' . escapeHtml($nick) . '</b>. Try again.';
 		}
 	}
 	else {
 		lostAccountWriteCooldown($nick, (int)$account->getCustomField('email_next'));
 	}
 }
 else {
 	$errors[] =  "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
 }
 if (!empty($errors)) {
 	$twig->display('error_box.html.twig', [
 		'errors' => $errors,
 	]);
 }
 $twig->display('account.back_button.html.twig', [
 	'new_line' => true,
 	'center' => true,
 	'action' => getLink('account/lost/step-1') . '?action=email&nick=' . urlencode($nick),
 ]);
--- a/system/pages/account/lost/email/set-new-password.php
+++ b/system/pages/account/lost/email/set-new-password.php
@@ -0,0 +1,128 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 csrfProtect();
 $title = 'Lost Account';
 $newPassword = $_POST['password'] ?? '';
 $passwordRepeat = $_POST['password_repeat'] ?? '';
 $code = $_POST['code'] ?? '';
 $character = $_POST['character'] ?? '';
 if(empty($code) || empty($character)) {
 	$errors[] = 'Please enter code from e-mail and name of one character from account.';
 	$twig->display('error_box.html.twig', [
 		'errors' => $errors,
 	]);
 	$twig->display('account/lost/check-code.html.twig', [
 		'code' => $code,
 		'character' => $character,
 	]);
 	$twig->display('account.back_button.html.twig', [
 		'new_line' => true,
 		'center' => true,
 		'action' => getLink('account/lost/check-code')
 	]);
 	return;
 }
 if (empty($newPassword) || empty($passwordRepeat)) {
 	$errors[] = 'Please enter both passwords.';
 	$twig->display('error_box.html.twig', [
 		'errors' => $errors,
 	]);
 	$twig->display('account/lost/check-code.finish.html.twig', [
 		'character' => $character,
 		'code' => $code,
 	]);
 	return;
 }
 $player = new OTS_Player();
 $account = new OTS_Account();
 $player->find($character);
 if($player->isLoaded()) {
 	$account = $player->getAccount();
 }
 $passwordFailed = false;
 if($account->isLoaded()) {
 	if($account->getCustomField('email_code') == $code) {
 		if ($newPassword == $passwordRepeat) {
 			if (Validator::password($newPassword)) {
 				$hooks->trigger(HOOK_ACCOUNT_LOST_EMAIL_SET_NEW_PASSWORD_POST);
 				if (empty($errors)) {
 					$tmp_new_pass = $newPassword;
 					if (USE_ACCOUNT_SALT) {
 						$salt = generateRandomString(10, false, true, true);
 						$tmp_new_pass = $salt . $newPassword;
 						$account->setCustomField('salt', $salt);
 					}
 					$account->setPassword(encrypt($tmp_new_pass));
 					$account->save();
 					$account->setCustomField('email_code', '');
 					$mailBody = $twig->render('mail.account.lost.new-password.html.twig', [
 						'account' => $account,
 						'newPassword' => $newPassword,
 					]);
 					$statusMsg = '';
 					if (_mail($account->getCustomField('email'), configLua('serverName') . ' - Your new password', $mailBody)) {
 						$statusMsg = '<br /><small>New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!';
 					} else {
 						$statusMsg = '<br /><p class="error">New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log';
 					}
 					$twig->display('account/lost/finish.new-password.html.twig', [
 						'statusMsg' => $statusMsg,
 						'newPassword' => $newPassword,
 					]);
 				}
 			} else {
 				$passwordFailed = true;
 				$errors[] = Validator::getLastError();
 			}
 		}
 		else {
 			$passwordFailed = true;
 			$errors[] = 'Passwords are not the same!';
 		}
 	}
 	else {
 		$errors[] = 'Wrong code to change password.';
 	}
 }
 else {
 	$errors[] = "Account of this character or this character doesn't exist.";
 }
 if(!empty($errors)) {
 	$twig->display('error_box.html.twig', [
 		'errors' => $errors,
 	]);
 	echo '<br/>';
 	$template = 'account/lost/check-code.html.twig';
 	if($passwordFailed) {
 		$template = 'account/lost/check-code.finish.html.twig';
 	}
 	$twig->display($template, [
 		'code' => $code,
 		'character' => $character,
 	]);
 }
--- a/system/pages/account/lost/email/step-1.php
+++ b/system/pages/account/lost/email/step-1.php
@@ -0,0 +1,36 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 require __DIR__ . '/../base.php';
 csrfProtect();
 $title = 'Lost Account';
 $nick = $_REQUEST['nick'] ?? '';
 if($account->isLoaded()) {
 	if($account->getCustomField('email_next') < time()) {
 		$twig->display('account/lost/email.html.twig', [
 			'nick' => $nick,
 		]);
 	}
 	else {
 		lostAccountWriteCooldown($nick, (int)$account->getCustomField('email_next'));
 	}
 }
 else {
 	$errors[] = "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
 }
 if (!empty($errors)) {
 	$twig->display('error_box.html.twig', [
 		'errors' => $errors,
 	]);
 }
 $twig->display('account.back_button.html.twig', [
 	'new_line' => true,
 	'center' => true,
 	'action' => getLink('account/lost'),
 ]);
--- a/system/pages/account/lost/recovery-key/step-1.php
+++ b/system/pages/account/lost/recovery-key/step-1.php
@@ -0,0 +1,38 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 csrfProtect();
 $title = 'Lost Account';
 $nick = $_REQUEST['nick'] ?? '';
 $key = $_REQUEST['key'] ?? '';
 if($account->isLoaded()) {
 	$account_key = $account->getCustomField('key');
 	if(!empty($account_key)) {
 		$twig->display('account/lost/recovery-key.step-1.html.twig', [
 			'nick' => $nick,
 			'key' => $key,
 		]);
 	}
 	else {
 		$errors[] = 'Account of this character has no recovery key!';
 	}
 }
 else {
 	$errors[] = "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
 }
 if (!empty($errors)) {
 	$twig->display('error_box.html.twig', [
 		'errors' => $errors,
 	]);
 }
 $twig->display('account.back_button.html.twig', [
 	'new_line' => true,
 	'center' => true,
 	'action' => getLink('account/lost'),
 ]);
--- a/system/pages/account/lost/recovery-key/step-2.php
+++ b/system/pages/account/lost/recovery-key/step-2.php
@@ -0,0 +1,49 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 csrfProtect();
 $title = 'Lost Account';
 $key = $_REQUEST['key'] ?? '';
 $nick = $_REQUEST['nick'] ?? '';
 $player = new OTS_Player();
 $account = new OTS_Account();
 $player->find($nick);
 if($player->isLoaded()) {
 	$account = $player->getAccount();
 }
 if($account->isLoaded()) {
 	$accountKey = $account->getCustomField('key');
 	if(!empty($accountKey)) {
 		if($accountKey == $key) {
 			$twig->display('account/lost/recovery-key.step-2.html.twig', [
 				'nick' => $nick,
 				'key' => $key,
 			]);
 		}
 		else {
 			$errors[] = 'Wrong recovery key!';
 		}
 	}
 	else {
 		$errors[] = 'Account of this character has no recovery key!';
 	}
 }
 else {
 	$errors[] = "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
 }
 if (!empty($errors)) {
 	$twig->display('error_box.html.twig', [
 		'errors' => $errors,
 	]);
 }
 $twig->display('account.back_button.html.twig', [
 	'new_line' => true,
 	'center' => true,
 	'action' => getLink('account/lost/step-1') . '?action=recovery-key&nick=' . urlencode($nick) . '&key=' . urlencode($key),
 ]);
--- a/system/pages/account/lost/recovery-key/step-3.php
+++ b/system/pages/account/lost/recovery-key/step-3.php
@@ -0,0 +1,117 @@
 <?php
 use MyAAC\Models\Account as AccountModel;
 defined('MYAAC') or die('Direct access not allowed!');
 csrfProtect();
 $title = 'Lost Account';
 $key = $_POST['key'];
 $nick = $_POST['nick'] ?? '';
 $newPassword = $_POST['password'] ?? '';
 $passwordRepeat = $_POST['password_repeat'] ?? '';
 $newEmail = $_POST['email'] ?? '';
 $player = new OTS_Player();
 $account = new OTS_Account();
 $player->find($nick);
 if($player->isLoaded()) {
 	$account = $player->getAccount();
 }
 if($account->isLoaded()) {
 	$accountKey = $account->getCustomField('key');
 	if(!empty($accountKey)) {
 		if($accountKey == $key) {
 			if(Validator::password($newPassword)) {
 				if ($newPassword == $passwordRepeat) {
 					if (Validator::email($newEmail)) {
 						$emailExists = AccountModel::where('email', $newEmail)->count() > 0;
 						if (!$emailExists) {
 							$hooks->trigger(HOOK_ACCOUNT_LOST_RECOVERY_KEY_STEP_3_POST);
 							if (empty($errors)) {
 								$account->setEMail($newEmail);
 								$tmp_new_pass = $newPassword;
 								if (USE_ACCOUNT_SALT) {
 									$salt = generateRandomString(10, false, true, true);
 									$tmp_new_pass = $salt . $newPassword;
 								}
 								$account->setPassword(encrypt($tmp_new_pass));
 								$account->save();
 								if (USE_ACCOUNT_SALT) {
 									$account->setCustomField('salt', $salt);
 								}
 								$statusMsg = '';
 								if ($account->getCustomField('email_next') < time()) {
 									$mailBody = $twig->render('mail.account.lost.new-email.html.twig', [
 										'account' => $account,
 										'newPassword' => $newPassword,
 										'newEmail' => $newEmail,
 									]);
 									if (_mail($account->getCustomField('email'), configLua('serverName') . ' - New password to your account', $mailBody)) {
 										$statusMsg = '<br /><small>Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!</small>';
 									} else {
 										$statusMsg = '<br /><p class="error">An error occurred while sending email! You will not receive e-mail with this informations. For Admin: More info can be found in system/logs/mailer-error.log</p>';
 									}
 								} else {
 									$statusMsg = '<br /><small>You will not receive e-mail with this informations.</small>';
 								}
 								$twig->display('account/lost/finish.new-email.html.twig', [
 									'statusMsg' => $statusMsg,
 									'account' => $account,
 									'newPassword' => $newPassword,
 									'newEmail' => $newEmail,
 								]);
 								return;
 							}
 						}
 						else {
 							$errors[] = 'This email is already registered!';
 						}
 					} else {
 						$errors[] = Validator::getLastError();
 					}
 				}
 				else {
 					$errors[] = 'Passwords are not the same!';
 				}
 			}
 			else {
 				$errors[] = Validator::getLastError();
 			}
 		}
 		else {
 			$errors[] = 'Wrong recovery key!';
 		}
 	}
 	else {
 		$errors[] = 'Account of this character has no recovery key!';
 	}
 }
 else {
 	$errors[] = "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
 }
 if (!empty($errors)) {
 	$twig->display('error_box.html.twig', [
 		'errors' => $errors,
 	]);
 }
 $twig->display('account.back_button.html.twig', [
 	'new_line' => true,
 	'center' => true,
 	'action' => getLink('account/lost/recovery-key/step-2') . '?nick=' . urlencode($nick) . '&key=' . urlencode($key),
 ]);
--- a/system/pages/account/lost/step-1.php
+++ b/system/pages/account/lost/step-1.php
@@ -0,0 +1,26 @@
 <?php
 defined('MYAAC') or die('Direct access not allowed!');
 csrfProtect();
 $title = 'Lost Account';
 $nick = $_REQUEST['nick'] ?? '';
 $player = new OTS_Player();
 $account = new OTS_Account();
 $player->find($nick);
 if($player->isLoaded()) {
 	$account = $player->getAccount();
 }
 if (ACTION == 'email') {
 	require __DIR__ . '/email/step-1.php';
 }
 else if (ACTION == 'recovery-key') {
 	require __DIR__ . '/recovery-key/step-1.php';
 }
 else {
 	$twig->display('account/lost/no-action.html.twig');
 }
--- a/system/pages/account/manage.php
+++ b/system/pages/account/manage.php
@@ -96,12 +96,8 @@ if($email_new_time > 1)
 	}
 }
-$actions = array();
+$actions = $account_logged->getActionsLog(1000);
 foreach($account_logged->getActionsLog(0, 1000) as $action) {
 	$actions[] = array('action' => $action['action'], 'date' => $action['date'], 'ip' => $action['ip'] != 0 ? long2ip($action['ip']) : inet_ntop($action['ipv6']));
 }
 $players = array();
 /** @var OTS_Players_List $account_players */
 $account_players = $account_logged->getPlayersList();
 $account_players->orderBy('id');
--- a/system/pages/characters.php
+++ b/system/pages/characters.php
@@ -452,10 +452,8 @@ WHERE killers.death_id = '".$death['id']."' ORDER BY killers.final_hit DESC, kil
 	if($query->rowCount() > 0) {
 		echo 'Did you mean:<ul>';
 		foreach($query as $player) {
-			if(isset($player['promotion'])) {
+			$player['vocation'] = OTS_Toolbox::getVocationFromPromotion($player['vocation'], $player['promotion'] ?? 0);
-				if((int)$player['promotion'] > 0)
+
 					$player['vocation'] += ($player['promotion'] * $config['vocations_amount']);
 			}
 			echo '<li>' . getPlayerLink($player['name']) . ' (<small><strong>level ' . $player['level'] . ', ' . $config['vocations'][$player['vocation']] . '</strong></small>)</li>';
 		}
 		echo '</ul>';
--- a/system/pages/exp-stages.php
+++ b/system/pages/exp-stages.php
@@ -11,22 +11,22 @@
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Experience Stages';
 if((!isset($config['lua']['experienceStages']) || !getBoolean($config['lua']['experienceStages']))
 	&& (!isset($config['lua']['rateUseStages']) || !getBoolean($config['lua']['rateUseStages']))
 	) {
 	$enabled = false;
 	if(file_exists($config['data_path'] . 'XML/stages.xml')) {
 		$stages = new DOMDocument();
 		$stages->load($config['data_path'] . 'XML/stages.xml');
 }
 if(!isset($config['lua']['experienceStages']) || !getBoolean($config['lua']['experienceStages']))
 {
 	$enabled = false;
 	if(isset($stages)) {
 		foreach($stages->getElementsByTagName('config') as $node) {
 			/** @var DOMElement $node */
-			if($node->getAttribute('enabled'))
+			if($node->getAttribute('enabled')) {
 				$enabled = true;
 			}
 		}
 	}
 	if(!$enabled) {
 		$rate_exp = 'not set';
@@ -42,21 +42,12 @@ if(!isset($config['lua']['experienceStages']) || !getBoolean($config['lua']['exp
 	}
 }
-if(!$stages)
+$stages = new MyAAC\Server\ExpStages();
-{
+$stagesArray = $stages->get();
-	echo 'Error: cannot load <b>stages.xml</b>!';
+
 if (empty($stagesArray)) {
 	echo 'Error when loading experience stages.';
 	return;
 }
 $stagesArray = [];
 foreach($stages->getElementsByTagName('stage') as $stage)
 {
 	/** @var DOMElement $stage */
 	$maxLevel = $stage->getAttribute('maxlevel');
 	$stagesArray[] = [
 		'levels' => $stage->getAttribute('minlevel') . (isset($maxLevel[0]) ? '-' . $maxLevel : '+'),
 		'multiplier' => $stage->getAttribute('multiplier')
 	];
 }
 $twig->display('experience_stages.html.twig', ['stages' => $stagesArray]);
--- a/system/pages/forum/show_board.php
+++ b/system/pages/forum/show_board.php
@@ -42,35 +42,12 @@ for($i = 0; $i < $threads_count['threads_count'] / setting('core.forum_threads_p
 		$links_to_pages .= '<b>'.($i + 1).' </b>';
 }
 echo '<a href="' . getLink('forum') . '">Boards</a> >> <b>'.escapeHtml($sections[$section_id]['name']).'</b>';
 if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 	echo '<br /><br />
 		<a href="' . getLink('forum') . '?action=new_thread&section_id='.$section_id.'"><img src="images/forum/topic.gif" border="0" /></a>';
 }
 echo '<br /><br />Page: '.$links_to_pages.'<br />';
 $last_threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`first_post`, `" . FORUM_TABLE_PREFIX . "forum`.`post_text`, `" . FORUM_TABLE_PREFIX . "forum`.`post_topic`, `" . FORUM_TABLE_PREFIX . "forum`.`id`, `" . FORUM_TABLE_PREFIX . "forum`.`last_post`, `" . FORUM_TABLE_PREFIX . "forum`.`replies`, `" . FORUM_TABLE_PREFIX . "forum`.`views`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` AND `" . FORUM_TABLE_PREFIX . "forum`.`section` = ".$section_id." AND `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = `" . FORUM_TABLE_PREFIX . "forum`.`id` ORDER BY `" . FORUM_TABLE_PREFIX . "forum`.`last_post` DESC LIMIT ".setting('core.forum_threads_per_page')." OFFSET ".($_page * setting('core.forum_threads_per_page')))->fetchAll(PDO::FETCH_ASSOC);
-if(isset($last_threads[0])) {
+$threads = [];
-	echo '<table width="100%">
+if(count($last_threads) > 0) {
 <tr bgcolor="'.$config['vdarkborder'].'" align="center">
 <td class="white">
 <span style="font-size: 10px"><b>Thread</b></span></td>
 <td><span style="font-size: 10px"><b>Thread Starter</b></span></td>
 <td><span style="font-size: 10px"><b>Replies</b></span></td>
 <td><span style="font-size: 10px"><b>Views</b></span></td>
 <td><span style="font-size: 10px"><b>Last Post</b></span></td>
 </tr>';
 	$player = new OTS_Player();
 	foreach($last_threads as $thread) {
 		echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td>';
 		if(Forum::isModerator()) {
 			echo '<a href="' . getLink('forum') . '?action=move_thread&id=' . $thread['id'] . '" title="Move Thread"><img src="images/icons/arrow_right.gif"/></a>';
 			$twig->display('forum.remove_post.html.twig', ['post' => $thread]);
 		}
 		$player->load($thread['player_id']);
 		if(!$player->isLoaded()) {
 			throw new RuntimeException('Forum error: Player not loaded.');
@@ -79,28 +56,29 @@ if(isset($last_threads[0])) {
 		$player_account = $player->getAccount();
 		$canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin();
-		echo '<a href="' . getForumThreadLink($thread['id']) . '">'.htmlspecialchars($thread['post_topic']). '</a><br /><small>'.($canEditForum ? substr(strip_tags($thread['post_text']), 0, 50) : htmlspecialchars(substr($thread['post_text'], 0, 50))).'...</small></td><td>' . getPlayerLink($thread['name']) . '</td><td>'.(int) $thread['replies'].'</td><td>'.(int) $thread['views'].'</td><td>';
+		$thread['link'] = getForumThreadLink($thread['id']);
 		$thread['post_shortened'] = ($canEditForum ? substr(strip_tags($thread['post_text']), 0, 50) : htmlspecialchars(substr($thread['post_text'], 0, 50)));
 		$thread['player'] = $player;
 		$thread['player_link'] = getPlayerLink($thread['name']);
 		if($thread['last_post'] > 0) {
 			$last_post = $db->query("SELECT `players`.`name`, `" . FORUM_TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . FORUM_TABLE_PREFIX . "forum` WHERE `" . FORUM_TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread['id']." AND `players`.`id` = `" . FORUM_TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch();
-			if(isset($last_post['name'])) {
+			$last_post['player_link'] = getPlayerLink($last_post['name']);
-				echo date('d.m.y H:i:s', $last_post['post_date']) . '<br />by ' . getPlayerLink($last_post['name']);
+			$thread['latest_post'] = $last_post;
 			}
 			else {
 				echo 'No posts.';
 			}
 		}
 		else {
 			echo date('d.m.y H:i:s', $thread['post_date']) . '<br />by ' . getPlayerLink($thread['name']);
 		}
 		echo '</td></tr>';
 		}
-	echo '</table>';
+		$threads[] = $thread;
 	if($logged && (!$sections[$section_id]['closed'] || Forum::isModerator())) {
 		echo '<br /><a href="' . getLink('forum') . '?action=new_thread&section_id=' . $section_id . '"><img src="images/forum/topic.gif" border="0" /></a>';
 	}
 }
-else {
+
-	echo '<h3>No threads in this board.</h3>';
+$twig->display('forum.show_board.html.twig', [
-}
+	'threads' => $threads,
 	'section_id' => $section_id,
 	'section_name' => $sections[$section_id]['name'],
 	'links_to_pages' => $links_to_pages,
 	'is_moderator' => Forum::isModerator(),
 	'closed' => $sections[$section_id]['closed'],
 ]);
--- a/system/pages/gallery.php
+++ b/system/pages/gallery.php
@@ -9,316 +9,25 @@
 */
 use MyAAC\Cache\Cache;
 use MyAAC\Models\Gallery as ModelsGallery;
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Gallery';
-$canEdit = hasFlag(FLAG_CONTENT_GALLERY) || superAdmin();
+const ALLOWED_EXTENSIONS = ['jpg', 'jpeg', 'png', 'gif', 'webp'];
 if($canEdit) {
 	if(function_exists('imagecreatefrompng')) {
 		if (!empty($action)) {
 			if ($action == 'delete' || $action == 'edit' || $action == 'hide' || $action == 'moveup' || $action == 'movedown')
 				$id = $_REQUEST['id'];
-			if (isset($_REQUEST['comment']))
+$images = Cache::remember('gallery', 5 * 60, function () {
-				$comment = stripslashes($_REQUEST['comment']);
+	$images = glob(BASE . GALLERY_DIR . '*.*');
-			if (isset($_REQUEST['image']))
+	$images = array_filter($images, function ($image) {
-				$image = $_REQUEST['image'];
+		$ext = pathinfo($image, PATHINFO_EXTENSION);
-			if (isset($_REQUEST['author']))
+		return (in_array($ext, ALLOWED_EXTENSIONS) && !str_contains($image, '_thumb'));
 				$author = $_REQUEST['author'];
 			$errors = array();
 			if ($action == 'add') {
 				if (Gallery::add($comment, $image, $author, $errors))
 					$comment = $image = $author = '';
 			} else if ($action == 'delete') {
 				Gallery::delete($id, $errors);
 			} else if ($action == 'edit') {
 				if (isset($id) && !isset($name)) {
 					$tmp = Gallery::get($id);
 					$comment = $tmp['comment'];
 					$image = $tmp['image'];
 					$author = $tmp['author'];
 				} else {
 					Gallery::update($id, $comment, $image, $author);
 					$action = $comment = $image = $author = '';
 				}
 			} else if ($action == 'hide') {
 				Gallery::toggleHide($id, $errors);
 			} else if ($action == 'moveup') {
 				Gallery::move($id, -1, $errors);
 			} else if ($action == 'movedown') {
 				Gallery::move($id, 1, $errors);
 			}
 			if (!empty($errors))
 				$twig->display('error_box.html.twig', array('errors' => $errors));
 		}
 		if(!isset($_GET['image'])) {
 			$twig->display('gallery.form.html.twig', array(
 				'link' => getLink('gallery/' . ($action == 'edit' ? 'edit' : 'add')),
 				'action' => $action,
 				'id' => isset($id) ? $id : null,
 				'comment' => isset($comment) ? $comment : null,
 				'image' => isset($image) ? $image : null,
 				'author' => isset($author) ? $author : null
 			));
 		}
 	}
 	else
 		echo 'You cannot edit/add gallery items as it seems your PHP installation doesnt have GD support enabled. Visit <a href="http://be2.php.net/manual/en/image.installation.php">PHP Manual</a> for more info.';
 }
 if(isset($_GET['image']))
 {
 	$image = $db->query('SELECT * FROM `' . TABLE_PREFIX . 'gallery`  WHERE `id` = ' . $db->quote($_GET['image']) . ' ORDER by `ordering` LIMIT 1;');
 	if($image->rowCount() == 1)
 		$image = $image->fetch();
 	else
 	{
 		echo 'Image with this id does not exists.';
 		return;
 	}
 	$previous_image = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'gallery` WHERE `id` = ' . $db->quote($image['id'] - 1) . ' ORDER by `ordering`;');
 	if($previous_image->rowCount() == 1)
 		$previous_image = $previous_image->fetch();
 	else
 		$previous_image = NULL;
 	$next_image = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'gallery` WHERE `id` = ' . $db->quote($image['id'] + 1) . ' ORDER by `ordering`;');
 	if($next_image->rowCount() == 1)
 		$next_image = $next_image->fetch();
 	else
 		$next_image = NULL;
 	$twig->display('gallery.get.html.twig', array(
 		'previous' => $previous_image ? $previous_image['id'] : null,
 		'next' => $next_image ? $next_image['id'] : null,
 		'image' => $image
 	));
 	return;
 }
 $images = Cache::remember('gallery_' . ($canEdit ? '1' : '0'), 60, function () use ($db, $canEdit) {
 	return $db->query('SELECT `id`, `comment`, `image`, `author`, `thumb`' .
 		($canEdit ? ', `hide`, `ordering`' : '') .
 		' FROM `' . TABLE_PREFIX . 'gallery`' .
 		(!$canEdit ? ' WHERE `hide` != 1' : '') .
 		' ORDER BY `ordering`;')->fetchAll(PDO::FETCH_ASSOC);
 	});
-$last = count($images);
+	return array_map(function ($image) {
-if(!$last)
+		return basename($image);
-{
+	}, $images);
-?>
+});
 	There are no images added to gallery yet.
 <?php
 	return;
 }
-$twig->display('gallery.html.twig', array(
+$twig->display('gallery.html.twig', [
 	'images' => $images,
 	'last' => $last,
 	'canEdit' => $canEdit
 ));
 class Gallery
 {
 	static public function add($comment, $image, $author, &$errors)
 	{
 		global $db;
 		if(isset($comment[0]) && isset($image[0]) && isset($author[0]))
 		{
 			$query =
 				$db->query(
 					'SELECT `ordering`' .
 					' FROM `' . TABLE_PREFIX . 'gallery`' .
 					' ORDER BY `ordering`' . ' DESC LIMIT 1'
 				);
 			$ordering = 0;
 			if($query->rowCount() > 0) {
 				$query = $query->fetch();
 				$ordering = $query['ordering'] + 1;
 			}
 			$pathinfo = pathinfo($image);
 			$extension = strtolower($pathinfo['extension']);
 			$thumb_filename = GALLERY_DIR . $pathinfo['filename'] . '_thumb.' . $extension;
 			$filename = GALLERY_DIR . $pathinfo['filename'] . '.' . $extension;
 			if($db->insert(TABLE_PREFIX . 'gallery', array(
 				'comment' => $comment,
 				'image' => $filename, 'author' => $author,
 				'thumb' => $thumb_filename,
 				'ordering' => $ordering))) {
 				if(self::generateThumb($db->lastInsertId(), $image, $errors))
 					self::resize($image, 650, 500, $filename, $errors);
 			}
 		}
 		else
 			$errors[] = 'Please fill all inputs.';
 		return !count($errors);
 	}
 	static public function get($id) {
 		return ModelsGallery::find($id)->toArray();
 	}
 	static public function update($id, $comment, $image, $author) {
 		$pathinfo = pathinfo($image);
 		$extension = strtolower($pathinfo['extension']);
 		$filename = GALLERY_DIR . $pathinfo['filename'] . '.' . $extension;
 		if(ModelsGallery::where('id', $id)->update([
 			'comment' => $comment,
 			'image' => $filename,
 			'author' => $author
 		])) {
 			if(self::generateThumb($id, $image, $errors))
 				self::resize($image, 650, 500, $filename, $errors);
 		}
 	}
 	static public function delete($id, &$errors)
 	{
 		if(isset($id))
 		{
 			$row = ModelsGallery::find($id);
 			if($row)
 				if (!$row->delete()) {
 					$errors[] = 'Fail during delete Gallery';
 				}
 			else
 				$errors[] = 'Image with id ' . $id . ' does not exists.';
 		}
 		else
 			$errors[] = 'id not set';
 		return !count($errors);
 	}
 	static public function toggleHide($id, &$errors)
 	{
 		if(isset($id))
 		{
 			$row = ModelsGallery::find($id);
 			if($row) {
 				$row->hide = $row->hide == 1 ? 0 : 1;
 				if (!$row->save()) {
 					$errors[] = 'Fail during toggle hide Gallery';
 				}
 			} else
 				$errors[] = 'Image with id ' . $id . ' does not exists.';
 		}
 		else
 			$errors[] = 'id not set';
 		return !count($errors);
 	}
 	static public function move($id, $i, &$errors)
 	{
 		global $db;
 		$query = self::get($id);
 		if($query !== false)
 		{
 			$ordering = $query['ordering'] + $i;
 			$old_record = $db->select(TABLE_PREFIX . 'gallery', array('ordering' => $ordering));
 			if($old_record !== false) {
 				ModelsGallery::where('ordering', $ordering)->update([
 					'ordering' => $query['ordering'],
 ]);
 			}
 			ModelsGallery::where('id', $id)->update([
 				'ordering' => $ordering,
 			]);
 		}
 		else
 			$errors[] = 'Image with id ' . $id . ' does not exists.';
 		return !count($errors);
 	}
 	static public function resize($file, $new_width, $new_height, $new_file, &$errors)
 	{
 		$pathinfo = pathinfo($file);
 		$extension = strtolower($pathinfo['extension']);
 		switch ($extension)
 		{
 			case 'gif': // GIF
 				$image = imagecreatefromgif($file);
 				break;
 			case 'jpg': // JPEG
 			case 'jpeg':
 				$image = imagecreatefromjpeg($file);
 				break;
 			case 'png': // PNG
 				$image = imagecreatefrompng($file);
 				break;
 			default:
 				$errors[] = 'Unsupported file format.';
 				return false;
 		}
 		$width = imagesx($image);
 		$height = imagesy($image);
 		// create a new temporary image
 		$tmp_img = imagecreatetruecolor($new_width, $new_height);
 		// copy and resize old image into new image
 		imagecopyresized($tmp_img, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
 		// save thumbnail into a file
 		switch($extension)
 		{
 			case 'gif':
 				imagegif($tmp_img, $new_file);
 				break;
 			case 'jpg':
 			case 'jpeg':
 				imagejpeg($tmp_img, $new_file);
 				break;
 			case 'png':
 				imagepng($tmp_img, $new_file);
 				break;
 		}
 		return true;
 	}
 	static public function generateThumb($id, $file, &$errors)
 	{
 		$pathinfo = pathinfo($file);
 		$extension = strtolower($pathinfo['extension']);
 		$thumb_filename = GALLERY_DIR . $pathinfo['filename'] . '_thumb.' . $extension;
 		if(!self::resize($file, 170, 110, $thumb_filename, $errors))
 			return false;
 		if(isset($id))
 		{
 			$row = ModelsGallery::find($id);
 			if($row) {
 				$row->thumb = $thumb_filename;
 				$row->save();
 			} else
 				$errors[] = 'Image with id ' . $id . ' does not exists.';
 		}
 		else
 			$errors[] = 'id not set';
 		return !count($errors);
 	}
 }
--- a/system/pages/highscores.php
+++ b/system/pages/highscores.php
@@ -13,6 +13,7 @@ use MyAAC\Cache\Cache;
 use MyAAC\Models\Player;
 use MyAAC\Models\PlayerDeath;
 use MyAAC\Models\PlayerKillers;
 use MyAAC\Server\Vocations;
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Highscores';
@@ -35,24 +36,20 @@ if(!is_numeric($page) || $page < 1 || $page > PHP_INT_MAX) {
 $query = Player::query();
 $configVocations = config('vocations');
 $configVocationsAmount = config('vocations_amount');
 $vocationId = null;
 if($vocation !== 'all') {
 	foreach($configVocations as $id => $name) {
 		if(strtolower($name) == $vocation) {
 			$vocationId = $id;
-			$add_vocs = [$id];
+			$filterVocations = [$id];
-			if ($id !== 0) {
+			while($tmpVoc = Vocations::getPromoted($id)) {
-				$i = $id + $configVocationsAmount;
+				$id = $tmpVoc;
-				while (isset($configVocations[$i])) {
+				$filterVocations[] = $tmpVoc;
 					$add_vocs[] = $i;
 					$i += $configVocationsAmount;
 				}
 			}
-			$query->whereIn('players.vocation', $add_vocs);
+			$query->whereIn('players.vocation', $filterVocations);
 			break;
 		}
 	}
@@ -325,4 +322,5 @@ $twig->display('highscores.html.twig', [
 	'page' => $page,
 	'baseLink' => $baseLink,
 	'updatedAt' => $updatedAt,
 	'baseVocations' => Vocations::getBase(true),
 ]);
--- a/system/pages/online.php
+++ b/system/pages/online.php
@@ -12,6 +12,7 @@
 use MyAAC\Cache\Cache;
 use MyAAC\Models\ServerConfig;
 use MyAAC\Models\ServerRecord;
 use MyAAC\Server\Vocations;
 defined('MYAAC') or die('Direct access not allowed!');
 $title = 'Who is online?';
@@ -56,15 +57,14 @@ $cached = Cache::remember("online_$order", setting('core.online_cache_ttl') * 60
 	$vocations = array_map(function ($name) {
 		return 0;
-	}, setting('core.vocations'));
+	}, config('vocations'));
 	if($db->hasTable('players_online')) // tfs 1.0
 		$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players`, `players_online` WHERE `players`.`id` = `players_online`.`player_id` AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $orderSql);
 	else
 		$playersOnline = $db->query('SELECT `accounts`.`country`, `players`.`name`, `players`.`level`, `players`.`vocation`' . $outfit . ', ' . $promotion . ' `' . $skull_time . '` as `skulltime`, `' . $skull_type . '` as `skull` FROM `accounts`, `players` WHERE `players`.`online` > 0 AND `accounts`.`id` = `players`.`account_id`  ORDER BY ' . $orderSql);
-	$settingVocations = setting('core.vocations');
+	$configVocations = config('vocations');
 	$settingVocationsAmount = setting('core.vocations_amount');
 	$players = [];
 	foreach($playersOnline as $player) {
@@ -81,22 +81,22 @@ $cached = Cache::remember("online_$order", setting('core.online_cache_ttl') * 60
 			}
 		}
-		if(isset($player['promotion'])) {
+		$player['vocation'] = OTS_Toolbox::getVocationFromPromotion($player['vocation'], $player['promotion'] ?? 0);
 			if((int)$player['promotion'] > 0)
 				$player['vocation'] += ($player['promotion'] * $settingVocationsAmount);
 		}
 		$players[] = array(
 			'name' => getPlayerLink($player['name']),
 			'player' => $player,
 			'level' => $player['level'],
-			'vocation' => $settingVocations[$player['vocation']],
+			'vocation' => $configVocations[$player['vocation']] ?? 'Unknown',
 			'skull' => $skull,
 			'country_image' => getFlagImage($player['country']),
 			'outfit' => setting('core.outfit_images_url') . '?id=' . $player['looktype'] . ($outfit_addons ? '&addons=' . $player['lookaddons'] : '') . '&head=' . $player['lookhead'] . '&body=' . $player['lookbody'] . '&legs=' . $player['looklegs'] . '&feet=' . $player['lookfeet'],
 		);
-		$vocations[($player['vocation'] > $settingVocationsAmount ? $player['vocation'] - $settingVocationsAmount : $player['vocation'])]++;
+		$originalId = Vocations::getOriginal($player['vocation']);
 		if ($originalId) {
 			$vocations[$originalId]++;
 		}
 	}
 	$record = '';
@@ -142,6 +142,7 @@ $twig->display('online.html.twig', array(
 	'vocations' => $cached['vocations'],
 	'vocs' => $cached['vocations'], // deprecated, to be removed
 	'order' => $order,
 	'baseVocations' => Vocations::getBase(false),
 ));
 // search bar
--- a/system/router.php
+++ b/system/router.php
@@ -8,6 +8,7 @@
 * @link      https://my-aac.org
 */
 use MyAAC\Models\Menu;
 use MyAAC\Models\Pages;
 use MyAAC\Plugins;
@@ -331,7 +332,20 @@ else {
 	}
 }
-if (!$found) {
+$tmpPageOriginal = $page;
 $pagesWithDynamicPart = ['characters', 'forum', 'highscores', 'monsters'];
 foreach ($pagesWithDynamicPart as $_page) {
 	if (str_contains($page, $_page)) {
 		$tmpPageOriginal = $_page;
 	}
 }
 $themeMenu = Menu::select(['name'])
 	->where('template', $template_name)
 	->where('link', $tmpPageOriginal)
 	->where('access', '>', $logged_access);
 if (!$found || $themeMenu->count() >= 1) {
 	$page = '404';
 	$file = SYSTEM . 'pages/404.php';
 }
--- a/system/settings.php
+++ b/system/settings.php
@@ -12,6 +12,7 @@
 */
 use MyAAC\Cache;
 use MyAAC\Server\Config;
 use MyAAC\Settings;
 $templates = Cache::remember('templates', 5 * 60, function () {
@@ -219,7 +220,14 @@ return [
 		'cache_engine' => [
 			'name' => 'Cache Engine',
 			'type' => 'options',
-			'options' => ['auto' => 'Auto', 'file' => 'Files', 'apc' => 'APC', 'apcu' => 'APCu', 'disable' => 'Disable'],
+			'options' => [
 				'auto' => 'Auto',
 				'file' => 'Files',
 				'apc' => 'APC',
 				'apcu' => 'APCu',
 				'php' => 'PHP',
 				'disable' => 'Disable',
 			],
 			'desc' => 'Auto is most reasonable. It will detect the best cache engine',
 			'default' => 'auto',
 			'is_config' => true,
@@ -334,20 +342,31 @@ return [
 				},
 			],
 		],
 		/**
 		 * @deprecated
 		 * To be removed in v3.0
 		 */
 		'vocations_amount' => [
-			'name' => 'Vocations Amount',
+			'hidden' => true,
 			'type' => 'number',
-			'desc' => 'How much basic vocations your server got (without promotion)',
+			//'name' => 'Vocations Amount',
 			//'desc' => 'How many basic vocations your server got (without promotion)',
 			'default' => 4,
 			'callbacks' => [
 				'get' => function () {
 					return config('vocations_amount');
 				},
 			],
 		],
 		'vocations' => [
-			'name' => 'Vocation Names',
+			'hidden' => true,
 			'type' => 'textarea',
-			'desc' => 'Separated by comma. Must be in the same order as in vocations.xml, starting with id: 0.',
+			//'name' => 'Vocation Names',
 			//'desc' => 'Separated by comma. Must be in the same order as in vocations.xml, starting with id: 0.',
 			'default' => 'None, Sorcerer, Druid, Paladin, Knight, Master Sorcerer, Elder Druid,Royal Paladin, Elite Knight',
 			'callbacks' => [
-				'get' => function ($value) {
+				'get' => function () {
-					return array_map('trim', explode(',', $value));
+					return config('vocations');
 				},
 			],
 		],
@@ -1726,6 +1745,18 @@ Sent by MyAAC,<br/>
 				'account_login_ipban_protection', '=', 'true'
 			]
 		],
 		[
 			'type' => 'section',
 			'title' => 'Cooldowns',
 		],
 		'account_create_ip_block_cooldown' => [
 			'name' => 'Create Account IP Block Cooldown',
 			'type' => 'number',
 			'desc' => 'Block flooding create account per ip. If you still have a problem with account create spam - then its recommended to install the recaptcha plugin.' .
 				'<br/><strong>In minutes.</strong> 0 to disable.',
 			'default' => 10,
 		],
 	],
 	'callbacks' => [
 		'beforeSave' => function(&$settings, &$values) {
@@ -1772,8 +1803,8 @@ Sent by MyAAC,<br/>
 			// test config.lua existence
 			// if fail - revert the setting and inform the user
-			if (!file_exists($server_path . 'config.lua')) {
+			if (!Config::exists()) {
-				error('Server Path is invalid - cannot find config.lua in the directory. Setting have been reverted.');
+				error('Server Path is invalid - cannot find config.lua or config/server.toml in the directory. Setting have been reverted.');
 				$configToSave['server_path'] = $configOriginal['server_path'];
 			}
--- a/system/src/Cache/APC.php
+++ b/system/src/Cache/APC.php
@@ -13,8 +13,8 @@ namespace MyAAC\Cache;
 class APC
 {
-	private $prefix;
+	private string $prefix;
-	private $enabled;
+	private bool $enabled;
 	public function __construct($prefix = '')
 	{
@@ -22,14 +22,14 @@ class APC
 		$this->enabled = function_exists('apc_fetch');
 	}
-	public function set($key, $var, $ttl = 0)
+	public function set($key, $var, $ttl = 0): void
 	{
 		$key = $this->prefix . $key;
 		apc_delete($key);
 		apc_store($key, $var, $ttl);
 	}
-	public function get($key)
+	public function get($key): string
 	{
 		$tmp = '';
 		if ($this->fetch($this->prefix . $key, $tmp)) {
@@ -39,18 +39,15 @@ class APC
 		return '';
 	}
-	public function fetch($key, &$var)
+	public function fetch($key, &$var): bool {
 	{
 		return ($var = apc_fetch($this->prefix . $key)) !== false;
 	}
-	public function delete($key)
+	public function delete($key): void {
 	{
 		apc_delete($this->prefix . $key);
 	}
-	public function enabled()
+	public function enabled(): bool {
 	{
 		return $this->enabled;
 	}
 }
--- a/system/src/Cache/APCu.php
+++ b/system/src/Cache/APCu.php
@@ -13,8 +13,8 @@ namespace MyAAC\Cache;
 class APCu
 {
-	private $prefix;
+	private string $prefix;
-	private $enabled;
+	private bool $enabled;
 	public function __construct($prefix = '')
 	{
@@ -22,14 +22,14 @@ class APCu
 		$this->enabled = function_exists('apcu_fetch');
 	}
-	public function set($key, $var, $ttl = 0)
+	public function set($key, $var, $ttl = 0): void
 	{
 		$key = $this->prefix . $key;
 		apcu_delete($key);
 		apcu_store($key, $var, $ttl);
 	}
-	public function get($key)
+	public function get($key): string
 	{
 		$tmp = '';
 		if ($this->fetch($this->prefix . $key, $tmp)) {
@@ -39,18 +39,15 @@ class APCu
 		return '';
 	}
-	public function fetch($key, &$var)
+	public function fetch($key, &$var): bool {
 	{
 		return ($var = apcu_fetch($this->prefix . $key)) !== false;
 	}
-	public function delete($key)
+	public function delete($key): void {
 	{
 		apcu_delete($this->prefix . $key);
 	}
-	public function enabled()
+	public function enabled(): bool {
 	{
 		return $this->enabled;
 	}
 }
--- a/system/src/Cache/Cache.php
+++ b/system/src/Cache/Cache.php
@@ -47,35 +47,15 @@ class Cache
 			return self::$instance;
 		}
-		switch (strtolower($engine)) {
+		self::$instance = match (strtolower($engine)) {
-			case 'apc':
+			'apc' => new APC($prefix),
-				self::$instance = new APC($prefix);
+			'apcu' => new APCu($prefix),
-				break;
+			'xcache' => new XCache($prefix),
-
+			'file' => new File($prefix, CACHE),
-			case 'apcu':
+			'php' => new PHP($prefix, CACHE),
-				self::$instance = new APCu($prefix);
+			'auto' => self::generateInstance(self::detect(), $prefix),
-				break;
+			default => new self(),
-
+		};
 			case 'xcache':
 				self::$instance = new XCache($prefix);
 				break;
 			case 'file':
 				self::$instance = new File($prefix, CACHE);
 				break;
 			case 'php':
 				self::$instance = new PHP($prefix, CACHE);
 				break;
 			case 'auto':
 				self::$instance = self::generateInstance(self::detect(), $prefix);
 				break;
 			default:
 				self::$instance = new self();
 				break;
 		}
 		return self::$instance;
 	}
@@ -83,7 +63,7 @@ class Cache
 	/**
 	 * @return string
 	 */
-	public static function detect()
+	public static function detect(): string
 	{
 		if (function_exists('apc_fetch'))
 			return 'apc';
@@ -98,8 +78,7 @@ class Cache
 	/**
 	 * @return bool
 	 */
-	public function enabled()
+	public function enabled(): bool {
 	{
 		return false;
 	}
--- a/system/src/Cache/File.php
+++ b/system/src/Cache/File.php
@@ -12,18 +12,22 @@ namespace MyAAC\Cache;
 class File
 {
-	private $prefix;
+	private string $prefix;
-	private $dir;
+	private string $dir;
-	private $enabled;
+	private bool $enabled;
 	public function __construct($prefix = '', $dir = '')
 	{
 		$this->prefix = $prefix;
 		$this->dir = $dir;
 		ensureFolderExists($this->dir);
 		ensureIndexExists($this->dir);
 		$this->enabled = (file_exists($this->dir) && is_dir($this->dir) && is_writable($this->dir));
 	}
-	public function set($key, $var, $ttl = 0)
+	public function set($key, $var, $ttl = 0): void
 	{
 		$file = $this->_name($key);
 		file_put_contents($file, $var);
@@ -35,7 +39,7 @@ class File
 		touch($file, time() + $ttl);
 	}
-	public function get($key)
+	public function get($key): string
 	{
 		$tmp = '';
 		if ($this->fetch($key, $tmp)) {
@@ -45,7 +49,7 @@ class File
 		return '';
 	}
-	public function fetch($key, &$var)
+	public function fetch($key, &$var): bool
 	{
 		$file = $this->_name($key);
 		if (!file_exists($file) || filemtime($file) < time()) {
@@ -56,7 +60,7 @@ class File
 		return true;
 	}
-	public function delete($key)
+	public function delete($key): void
 	{
 		$file = $this->_name($key);
 		if (file_exists($file)) {
@@ -64,13 +68,11 @@ class File
 		}
 	}
-	public function enabled()
+	public function enabled(): bool {
 	{
 		return $this->enabled;
 	}
-	private function _name($key)
+	private function _name($key): string {
 	{
 		return sprintf('%s%s%s', $this->dir, $this->prefix, sha1($key));
 	}
 }
--- a/system/src/Cache/PHP.php
+++ b/system/src/Cache/PHP.php
@@ -12,36 +12,37 @@ namespace MyAAC\Cache;
 class PHP
 {
-	private $prefix;
+	private string $prefix;
-	private $dir;
+	private string $dir;
-	private $enabled;
+	private bool $enabled;
 	public function __construct($prefix = '', $dir = '')
 	{
 		$this->prefix = $prefix;
 		$this->dir = $dir;
 		$this->enabled = (file_exists($this->dir) && is_dir($this->dir) && is_writable($this->dir));
 	}
 	public function set($key, $var, $ttl = 0)
 	{
 		$var = var_export($var, true);
 		ensureFolderExists($this->dir);
 		ensureIndexExists($this->dir);
-		// Write to temp file first to ensure atomicity
+		$this->enabled = (file_exists($this->dir) && is_dir($this->dir) && is_writable($this->dir));
-		$tmp = $this->dir . "tmp_$key." . uniqid('', true) . '.tmp';
+	}
 		file_put_contents($tmp, '<?php $var = ' . $var . ';', LOCK_EX);
-		$file = $this->_name($key);
+	public function set($key, $var, $ttl = 0): void
-		rename($tmp, $file);
+	{
 		$var = var_export($var, true);
 		if ($ttl === 0) {
 			$ttl = 365 * 24 * 60 * 60; // 365 days
 		}
-		touch($file, time() + $ttl);
+		$expires = time() + $ttl;
 		// Write to temp file first to ensure atomicity
 		$tmp = $this->dir . "tmp_$key." . uniqid('', true) . '.tmp';
 		file_put_contents($tmp, "<?php return ['expires' => $expires, 'var' => $var];", LOCK_EX);
 		$file = $this->_name($key);
 		rename($tmp, $file);
 	}
 	public function get($key)
@@ -54,19 +55,23 @@ class PHP
 		return '';
 	}
-	public function fetch($key, &$var)
+	public function fetch($key, &$var): bool
 	{
 		$file = $this->_name($key);
-		if (!file_exists($file) || filemtime($file) < time()) {
+		if (!file_exists($file)) {
 			return false;
 		}
-		@include $file;
+		$content = include $file;
-		$var = isset($var) ? $var : null;
+		if (!isset($content) || $content['expires'] < time()) {
 			return false;
 		}
 		$var = $content['var'];
 		return true;
 	}
-	public function delete($key)
+	public function delete($key): void
 	{
 		$file = $this->_name($key);
 		if (file_exists($file)) {
@@ -74,13 +79,11 @@ class PHP
 		}
 	}
-	public function enabled()
+	public function enabled(): bool {
 	{
 		return $this->enabled;
 	}
-	private function _name($key)
+	private function _name($key): string {
 	{
 		return sprintf('%s%s%s', $this->dir, $this->prefix, sha1($key) . '.php');
 	}
 }
--- a/system/src/Cache/XCache.php
+++ b/system/src/Cache/XCache.php
@@ -13,8 +13,8 @@ namespace MyAAC\Cache;
 class XCache
 {
-	private $prefix;
+	private string $prefix;
-	private $enabled;
+	private bool $enabled;
 	public function __construct($prefix = '')
 	{
@@ -22,14 +22,14 @@ class XCache
 		$this->enabled = function_exists('xcache_get') && ini_get('xcache.var_size');
 	}
-	public function set($key, $var, $ttl = 0)
+	public function set($key, $var, $ttl = 0): void
 	{
 		$key = $this->prefix . $key;
 		xcache_unset($key);
 		xcache_set($key, $var, $ttl);
 	}
-	public function get($key)
+	public function get($key): string
 	{
 		$tmp = '';
 		if ($this->fetch($this->prefix . $key, $tmp)) {
@@ -39,7 +39,7 @@ class XCache
 		return '';
 	}
-	public function fetch($key, &$var)
+	public function fetch($key, &$var): bool
 	{
 		$key = $this->prefix . $key;
 		if (!xcache_isset($key)) {
@@ -50,13 +50,11 @@ class XCache
 		return true;
 	}
-	public function delete($key)
+	public function delete($key): void {
 	{
 		xcache_unset($this->prefix . $key);
 	}
-	public function enabled()
+	public function enabled(): bool {
 	{
 		return $this->enabled;
 	}
 }
--- a/system/src/Commands/Env.php
+++ b/system/src/Commands/Env.php
@@ -2,6 +2,7 @@
 namespace MyAAC\Commands;
 use MyAAC\Server\Config;
 use POT;
 trait Env
@@ -21,7 +22,7 @@ trait Env
 		if($config['server_path'][strlen($config['server_path']) - 1] !== '/')
 			$config['server_path'] .= '/';
-		$config['lua'] = load_config_lua($config['server_path'] . 'config.lua');
+		$config['server'] = $config['lua'] = Config::get();
 		// POT
 		require_once SYSTEM . 'libs/pot/OTS.php';
--- a/system/src/CreateCharacter.php
+++ b/system/src/CreateCharacter.php
@@ -149,7 +149,10 @@ class CreateCharacter
 		if($db->hasColumn('players', 'direction'))
 			$player->setDirection($playerSample->getDirection());
 		if($db->hasColumn('players', 'conditions')) {
 			$player->setConditions($playerSample->getConditions());
 		}
 		$rank = $playerSample->getRank();
 		if($rank->isLoaded()) {
 			$player->setRank($playerSample->getRank());
@@ -183,7 +186,11 @@ class CreateCharacter
 		$player->setLookHead($playerSample->getLookHead());
 		$player->setLookLegs($playerSample->getLookLegs());
 		$player->setLookType($playerSample->getLookType());
 		if($db->hasColumn('players', 'cap')) {
 			$player->setCap($playerSample->getCap());
 		}
 		$player->setBalance(0);
 		$player->setPosX(0);
 		$player->setPosY(0);
--- a/system/src/DataLoader.php
+++ b/system/src/DataLoader.php
@@ -27,6 +27,7 @@ namespace MyAAC;
 use MyAAC\Cache\Cache;
 use MyAAC\Models\Town;
 use MyAAC\Server\Items;
 class DataLoader
 {
@@ -40,7 +41,7 @@ class DataLoader
 	{
 		self::$startTime = microtime(true);
-		if(Items::loadFromXML()) {
+		if(Items::load()) {
 			success(self::$locale['step_database_loaded_items'] . self::getLoadedTime());
 		}
 		else {
--- a/system/src/Items.php
+++ b/system/src/Items.php
@@ -1,172 +1,14 @@
 <?php
 /**
- * Items class
+ * @deprecated
- *
+ * This class is deprecated and will be removed in future versions. Please use the appropriate MyAAC\Server\Items class instead.
 * @package   MyAAC
 * @author    Gesior <jerzyskalski@wp.pl>
 * @author    Slawkens <slawkens@gmail.com>
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 namespace MyAAC;
-use MyAAC\Cache\PHP as CachePHP;
+class Items extends Server\Items
 use MyAAC\Models\Spell;
 class Items
 {
-	private static $error = '';
+	public static function load(): bool {
-	public static $items;
+		parent::init();
 	public static function loadFromXML($show = false)
 	{
 		$file_path = config('data_path') . 'items/items.xml';
 		if (!file_exists($file_path)) {
 			self::$error = 'Cannot load file ' . $file_path;
 			return false;
 		}
 		$xml = new \DOMDocument;
 		$xml->load($file_path);
 		$items = array();
 		foreach ($xml->getElementsByTagName('item') as $item) {
 			if ($item->getAttribute('fromid')) {
 				for ($id = $item->getAttribute('fromid'); $id <= $item->getAttribute('toid'); $id++) {
 					$tmp = self::parseNode($id, $item, $show);
 					$items[$tmp['id']] = $tmp['content'];
 				}
 			} else {
 				$tmp = self::parseNode($item->getAttribute('id'), $item, $show);
 				$items[$tmp['id']] = $tmp['content'];
 			}
 		}
 		$cache_php = new CachePHP(config('cache_prefix'), CACHE . 'persistent/');
 		$cache_php->set('items', $items, 5 * 365 * 24 * 60 * 60);
 		return true;
 	}
 	public static function parseNode($id, $node, $show = false) {
 		$name = $node->getAttribute('name');
 		$article = $node->getAttribute('article');
 		$plural = $node->getAttribute('plural');
 		$attributes = array();
 		foreach($node->getElementsByTagName('attribute') as $attr) {
 			$attributes[strtolower($attr->getAttribute('key'))] = $attr->getAttribute('value');
 		}
 		return array('id' => $id, 'content' => array('article' => $article, 'name' => $name, 'plural' => $plural, 'attributes' => $attributes));
 	}
 	public static function getError() {
 		return self::$error;
 	}
 	public static function load() {
 		if(self::$items) {
 			return;
 		}
 		$cache_php = new CachePHP(config('cache_prefix'), CACHE . 'persistent/');
 		self::$items = $cache_php->get('items');
 	}
 	public static function get($id) {
 		self::load();
 		return self::$items[$id] ?? [];
 	}
 	public static function getDescription($id, $count = 1): string
 	{
 		$item = self::get($id);
 		$attr = $item['attributes'];
 		$s = '';
 		if(!empty($item['name'])) {
 			if($count > 1) {
 				if($attr['showcount']) {
 					$s .= $count . ' ';
 				}
 				if(!empty($item['plural'])) {
 					$s .= $item['plural'];
 				}
 				else if((int)$attr['showcount'] == 0) {
 					$s .= $item['name'];
 				}
 				else {
 					$s .= $item['name'] . 's';
 				}
 			}
 			else {
 				if(!empty($item['aticle'])) {
 					$s .= $item['article'] . ' ';
 				}
 				$s .= $item['name'];
 			}
 		}
 		else
 			$s .= 'an item of type ' . $item['id'];
 		if(isset($attr['type']) && strtolower($attr['type']) == 'rune') {
 			$spell = Spell::where('item_id', $id)->first();
 			if($spell) {
 				if($spell->level > 0 && $spell->maglevel > 0) {
 					$s .= '. ' . ($count > 1 ? 'They' : 'It') . ' can only be used by ';
 				}
 				$configVocations = config('vocations');
 				if(!empty(trim($spell->vocations))) {
 					$vocations = json_decode($spell->vocations);
 					if(count($vocations) > 0) {
 						foreach($vocations as $voc => $show) {
 							$vocations[$configVocations[$voc]] = $show;
 						}
 					}
 				}
 				else {
 					$s .= 'players';
 				}
 				$s .= ' with';
 				if ($spell->level > 0) {
 					$s .= ' level ' . $spell->level;
 				}
 				if ($spell->maglevel > 0) {
 					if ($spell->level > 0) {
 						$s .= ' and';
 					}
 					$s .= ' magic level ' . $spell->maglevel;
 				}
 				$s .= ' or higher';
 			}
 		}
 		if (!empty($item['weaponType'])) {
 			if ($item['weaponType'] == 'distance' && isset($item['ammoType'])) {
 				$s .= ' (Range:' . $item['range'];
 			}
 			if (isset($item['attack']) && $item['attack'] != 0) {
 				$s .= ', Atk ' . ($item['attack'] > 0 ? '+' . $item['attack'] : '-' . $item['attack']);
 			}
 			if (isset($item['hitChance']) && $item['hitChance'] != -1) {
 				$s .= ', Hit% ' . ($item['hitChance'] > 0 ? '+' . $item['hitChance'] : '-' . $item['hitChance']);
 			}
 			elseif ($item['weaponType'] != 'ammo') {
 			}
 		}
 		return $s;
 	}
 }
--- a/system/src/Models/AccountAction.php
+++ b/system/src/Models/AccountAction.php
@@ -9,6 +9,6 @@ class AccountAction extends Model {
 	public $timestamps = false;
-	protected $fillable = ['account_id', 'ip', 'ipv6', 'date', 'action'];
+	protected $fillable = ['account_id', 'ip', 'date', 'action'];
 }
--- a/system/src/Models/Gallery.php
+++ b/system/src/Models/Gallery.php
@@ -1,18 +0,0 @@
 <?php
 namespace MyAAC\Models;
 use Illuminate\Database\Eloquent\Model;
 class Gallery extends Model {
 	protected $table = TABLE_PREFIX . 'gallery';
 	public $timestamps = false;
 	protected $fillable = [
 		'comment', 'image', 'thumb',
 		'author', 'ordering', 'hide',
 	];
 }
--- a/system/src/Models/Menu.php
+++ b/system/src/Models/Menu.php
@@ -9,6 +9,6 @@ class Menu extends Model {
 	public $timestamps = false;
-	protected $fillable = ['template', 'name', 'link', 'blank', 'color', 'category', 'ordering', 'enabled'];
+	protected $fillable = ['template', 'name', 'link', 'access', 'blank', 'color', 'category', 'ordering', 'enabled'];
 }
--- a/system/src/Models/Player.php
+++ b/system/src/Models/Player.php
@@ -23,6 +23,8 @@ class Player extends Model {
 	public $timestamps = false;
 	protected $guarded = [];
 	protected $casts = [
 		'worldid' => 'integer',
 		'sex' => 'integer',
@@ -46,14 +48,8 @@ class Player extends Model {
 		});
 	}
-	public function getVocationNameAttribute()
+	public function getVocationNameAttribute() {
-	{
+		return \OTS_Toolbox::getVocationName($this->vocation, $this->promotion ?? 0);
 		$vocation = $this->vocation;
 		if (isset($this->promotion) && $this->promotion > 0) {
 			$vocation += ($this->promotion * setting('core.vocations_amount'));
 		}
 		return config('vocations')[$vocation] ?? 'Unknown';
 	}
 	public function getIsDeletedAttribute()
--- a/system/src/Monsters.php
+++ b/system/src/Monsters.php
@@ -12,13 +12,11 @@
 namespace MyAAC;
 use MyAAC\Models\Monster;
 use MyAAC\Server\Items;
 class Monsters {
-	/**
+	private static \OTS_MonstersList $monstersList;
-	 * @var \OTS_MonstersList
+	private static string $lastError = '';
 	 */
 	private static $monstersList;
 	private static $lastError = '';
 	public static function loadFromXML($show = false) {
 		try {
@@ -39,7 +37,7 @@ class Monsters {
 		}
 		$items = array();
-		Items::load();
+		Items::init();
 		foreach((array)Items::$items as $id => $item) {
 			$items[$item['name']] = $id;
 		}
--- a/system/src/Plugins.php
+++ b/system/src/Plugins.php
@@ -7,9 +7,11 @@ use MyAAC\Cache\Cache;
 use MyAAC\Models\Menu;
 class Plugins {
-	private static $warnings = [];
+	private static array $warnings = [];
-	private static $error = null;
+	private static string $error = '';
-	private static $plugin_json = [];
+	private static array $plugin_json = [];
 	const DEFAULT_PRIORITY = 1000;
 	public static function getInits()
 	{
@@ -20,13 +22,31 @@ class Plugins {
 					continue;
 				}
 				$initPriority = self::DEFAULT_PRIORITY;
 				if (isset($plugin['autoload']['init-priority'])) {
 					$initPriority = (int) $plugin['autoload']['init-priority'];
 				}
 				$pluginInits = glob(PLUGINS . $plugin['filename'] . '/init.php');
 				foreach ($pluginInits as $path) {
-					$inits[] = $path;
+					$inits[] = [
 						'file' => $path,
 						'priority' => $initPriority
 					];
 				}
 			}
-			return $inits;
+			usort($inits, function ($a, $b)
 			{
 				return $a['priority'] <=> $b['priority'];
 			});
 			$ret = [];
 			foreach ($inits as $init) {
 				$ret[] = $init['file'];
 			}
 			return $ret;
 		});
 	}
@@ -39,7 +59,7 @@ class Plugins {
 					continue;
 				}
-				$adminPagesDefaultPriority = 1000;
+				$adminPagesDefaultPriority = self::DEFAULT_PRIORITY;
 				if (isset($plugin['admin-pages-default-priority'])) {
 					$adminPagesDefaultPriority = $plugin['admin-pages-default-priority'];
 				}
@@ -117,7 +137,7 @@ class Plugins {
 		$routes = [];
 		foreach(self::getAllPluginsJson() as $plugin) {
-			$routesDefaultPriority = 1000;
+			$routesDefaultPriority = self::DEFAULT_PRIORITY;
 			if (isset($plugin['routes-default-priority'])) {
 				$routesDefaultPriority = $plugin['routes-default-priority'];
 			}
@@ -165,7 +185,7 @@ class Plugins {
 				}
 			}
-			$pagesDefaultPriority = 1000;
+			$pagesDefaultPriority = self::DEFAULT_PRIORITY;
 			if (isset($plugin['pages-default-priority'])) {
 				$pagesDefaultPriority = $plugin['pages-default-priority'];
 			}
@@ -318,7 +338,7 @@ class Plugins {
 		foreach(self::getAllPluginsJson() as $plugin) {
 			if (isset($plugin['hooks'])) {
 				foreach ($plugin['hooks'] as $_name => $info) {
-					$priority = 1000;
+					$priority = self::DEFAULT_PRIORITY;
 					if (str_contains($info['type'], 'HOOK_')) {
 						$info['type'] = str_replace('HOOK_', '', $info['type']);
@@ -432,7 +452,7 @@ class Plugins {
 		return $plugins;
 	}
-	public static function getPluginSettings($filename)
+	public static function getPluginSettings($filename): mixed
 	{
 		$plugin_json = self::getPluginJson($filename);
 		if (!$plugin_json) {
@@ -897,15 +917,15 @@ class Plugins {
 		return Semver::satisfies($plugin_info['version'], $version);
 	}
-	public static function getWarnings() {
+	public static function getWarnings(): array {
 		return self::$warnings;
 	}
-	public static function clearWarnings() {
+	public static function clearWarnings(): void {
 		self::$warnings = [];
 	}
-	public static function getError() {
+	public static function getError(): string {
 		return self::$error;
 	}
@@ -916,7 +936,7 @@ class Plugins {
 	 * @param string $templateName
 	 * @param array $menus
 	 */
-	public static function installMenus($templateName, $menus, $clearOld = false)
+	public static function installMenus($templateName, $menus, $clearOld = false): void
 	{
 		global $db;
@@ -967,7 +987,7 @@ class Plugins {
 		}
 	}
-	private static function getAutoLoadOption(array $plugin, string $optionName, bool $default = true)
+	private static function getAutoLoadOption(array $plugin, string $optionName, bool $default = true): bool
 	{
 		if (isset($plugin['autoload'])) {
 			$autoload = $plugin['autoload'];
--- a/system/src/Server/Config.php
+++ b/system/src/Server/Config.php
@@ -0,0 +1,28 @@
 <?php
 namespace MyAAC\Server;
 use MyAAC\Cache\Cache;
 class Config
 {
 	public static function get()
 	{
 		return Cache::remember('config_server', 10 * 60, function () {
 			if (file_exists(config('server_path') . Lua\Config::FILE)) {
 				$config = new Lua\Config();
 			}
 			else {
 				$config = new TOML\Config();
 			}
 			$config->load();
 			return $config->get();
 		});
 	}
 	public static function exists(): bool {
 		return file_exists(config('server_path') . Lua\Config::FILE) || file_exists(config('server_path') . 'config/server.toml');
 	}
 }
--- a/system/src/Server/ExpStages.php
+++ b/system/src/Server/ExpStages.php
@@ -0,0 +1,35 @@
 <?php
 namespace MyAAC\Server;
 use MyAAC\Cache\Cache;
 class ExpStages
 {
 	private static array $stages = [];
 	public static function get() {
 		if (count(self::$stages) == 0) {
 			self::$stages = Cache::remember('exp_stages', 10 * 60, function () {
 				if (file_exists(config('server_path') . TOML\ExpStages::FILE)) {
 					$expStages = new TOML\ExpStages();
 				}
 				elseif (file_exists(config('data_path') . XML\ExpStages::FILE)) {
 					$expStages = new XML\ExpStages();
 				}
 				elseif (file_exists(config('data_path') . Lua\ExpStages::FILE)) {
 					$expStages = new Lua\ExpStages();
 				}
 				else {
 					return [];
 				}
 				$expStages->load();
 				return $expStages->get();
 			});
 		}
 		return self::$stages;
 	}
 }
--- a/system/src/Server/Groups.php
+++ b/system/src/Server/Groups.php
@@ -0,0 +1,29 @@
 <?php
 namespace MyAAC\Server;
 use MyAAC\Cache\Cache;
 class Groups
 {
 	private static array $groups = [];
 	public static function get() {
 		if (count(self::$groups) == 0) {
 			self::$groups = Cache::remember('groups', 10 * 60, function () {
 				if (file_exists(config('server_path') . TOML\Groups::FILE)) {
 					$groups = new TOML\Groups();
 				}
 				else {
 					$groups = new XML\Groups();
 				}
 				$groups->load();
 				return $groups->get();
 			});
 		}
 		return self::$groups;
 	}
 }
--- a/system/src/Server/Items.php
+++ b/system/src/Server/Items.php
@@ -0,0 +1,154 @@
 <?php
 /**
 * Items class
 *
 * @package   MyAAC
 * @author    Gesior <jerzyskalski@wp.pl>
 * @author    Slawkens <slawkens@gmail.com>
 * @copyright 2019 MyAAC
 * @link      https://my-aac.org
 */
 namespace MyAAC\Server;
 use MyAAC\Cache\PHP as CachePHP;
 use MyAAC\Models\Spell;
 class Items
 {
 	public static array $items = [];
 	private static string $error = '';
 	const FILE_ITEMS_TOML = 'items/items.toml';
 	const FILE_ITEMS_XML = 'items/items.xml';
 	public static function getError(): string {
 		return self::$error;
 	}
 	public static function load(): bool {
 		if (file_exists(config('data_path') . self::FILE_ITEMS_TOML)) {
 			$items = new TOML\Items();
 		}
 		elseif (file_exists(config('data_path') . self::FILE_ITEMS_XML)) {
 			$items = new XML\Items();
 		}
 		else {
 			self::$error = 'Cannot load items.xml or items.toml file. Files not found.';
 			return false;
 		}
 		if (!$items->load()) {
 			self::$error = $items->getError();
 			return false;
 		}
 		return true;
 	}
 	public static function init(): void {
 		if(count(self::$items) > 0) {
 			return;
 		}
 		$cache_php = new CachePHP(config('cache_prefix'), CACHE . 'persistent/');
 		self::$items = (array)$cache_php->get('items');
 	}
 	public static function get($id) {
 		self::init();
 		return self::$items[$id] ?? [];
 	}
 	public static function getDescription($id, $count = 1): string
 	{
 		$item = self::get($id);
 		$attr = $item['attributes'];
 		$s = '';
 		if(!empty($item['name'])) {
 			if($count > 1) {
 				if($attr['showcount']) {
 					$s .= $count . ' ';
 				}
 				if(!empty($item['plural'])) {
 					$s .= $item['plural'];
 				}
 				else if((int)$attr['showcount'] == 0) {
 					$s .= $item['name'];
 				}
 				else {
 					$s .= $item['name'] . 's';
 				}
 			}
 			else {
 				if(!empty($item['aticle'])) {
 					$s .= $item['article'] . ' ';
 				}
 				$s .= $item['name'];
 			}
 		}
 		else
 			$s .= 'an item of type ' . $item['id'];
 		if(isset($attr['type']) && strtolower($attr['type']) == 'rune') {
 			$spell = Spell::where('item_id', $id)->first();
 			if($spell) {
 				if($spell->level > 0 && $spell->maglevel > 0) {
 					$s .= '. ' . ($count > 1 ? 'They' : 'It') . ' can only be used by ';
 				}
 				$configVocations = config('vocations');
 				if(!empty(trim($spell->vocations))) {
 					$vocations = json_decode($spell->vocations);
 					if(count($vocations) > 0) {
 						foreach($vocations as $voc => $show) {
 							$vocations[$configVocations[$voc]] = $show;
 						}
 					}
 				}
 				else {
 					$s .= 'players';
 				}
 				$s .= ' with';
 				if ($spell->level > 0) {
 					$s .= ' level ' . $spell->level;
 				}
 				if ($spell->maglevel > 0) {
 					if ($spell->level > 0) {
 						$s .= ' and';
 					}
 					$s .= ' magic level ' . $spell->maglevel;
 				}
 				$s .= ' or higher';
 			}
 		}
 		if (!empty($item['weaponType'])) {
 			if ($item['weaponType'] == 'distance' && isset($item['ammoType'])) {
 				$s .= ' (Range:' . $item['range'];
 			}
 			if (isset($item['attack']) && $item['attack'] != 0) {
 				$s .= ', Atk ' . ($item['attack'] > 0 ? '+' . $item['attack'] : '-' . $item['attack']);
 			}
 			if (isset($item['hitChance']) && $item['hitChance'] != -1) {
 				$s .= ', Hit% ' . ($item['hitChance'] > 0 ? '+' . $item['hitChance'] : '-' . $item['hitChance']);
 			}
 			elseif ($item['weaponType'] != 'ammo') {
 			}
 		}
 		return $s;
 	}
 }
--- a/system/src/Server/Lua/Config.php
+++ b/system/src/Server/Lua/Config.php
@@ -0,0 +1,25 @@
 <?php
 namespace MyAAC\Server\Lua;
 class Config
 {
 	const FILE = 'config.lua';
 	private array $config = [];
 	public function load(): void
 	{
 		$file = config('server_path') . self::FILE;
 		$this->config = Loader::load($file);
 		if($this->config === false) {
 			log_append('error.log', '[Config] Fatal error: Cannot load config.lua (' . $file . ').');
 			throw new \RuntimeException('ERROR: Cannot find ' . $file . ' file.');
 		}
 	}
 	public function get(): array {
 		return $this->config;
 	}
 }
--- a/system/src/Server/Lua/ExpStages.php
+++ b/system/src/Server/Lua/ExpStages.php
@@ -0,0 +1,46 @@
 <?php
 namespace MyAAC\Server\Lua;
 class ExpStages
 {
 	private array $stages = [];
 	const FILE = 'stages.lua';
 	public function load(): void
 	{
 		$file = config('data_path') . self::FILE;
 		if(!@file_exists($file)) {
 			return;
 		}
 		if (!extension_loaded('lua')) {
 			return;
 		}
 		$lua = new \Lua();
 		try {
 			$stagesContent = file_get_contents($file);
 			$stagesContent .= 'return experienceStages';
 			$stages = $lua->eval($stagesContent);
 		}
 		catch (\Exception $e) {
 			error('Error: Cannot load stages.lua. More info in system/logs/error.log file.');
 			log_append('error.log', "[" . __CLASS__ . "] Fatal error: Cannot load stages.lua - $file. Error: " . $e->getMessage());
 			return;
 		}
 		foreach ($stages as $stage) {
 			$this->stages[] = [
 				'levels' => $stage['minlevel'] . (isset($stage['maxlevel']) ? '-' . $stage['maxlevel'] : '+'),
 				'multiplier' => $stage['multiplier']
 			];
 		}
 	}
 	public function get(): array {
 		return $this->stages;
 	}
 }
--- a/system/src/Server/Lua/Loader.php
+++ b/system/src/Server/Lua/Loader.php
@@ -0,0 +1,79 @@
 <?php
 namespace MyAAC\Server\Lua;
 class Loader
 {
 	public static function load($file): bool|array
 	{
 		if(!@file_exists($file)){
 			return false;
 		}
 		$result = [];
 		$config_string = str_replace(array("\r\n", "\r"), "\n", file_get_contents($file));
 		$lines = explode("\n", $config_string);
 		if(count($lines) > 0) {
 			foreach($lines as $ln => $line) {
 				$line = trim($line);
 				if(isset($line[0]) && ($line[0] === '{' || $line[0] === '}')) {
 					// arrays are not supported yet
 					// just ignore the error
 					continue;
 				}
 				$tmp_exp = explode('=', $line, 2);
 				if(str_contains($line, 'dofile')) {
 					$delimiter = '"';
 					if(!str_contains($line, $delimiter)) {
 						$delimiter = "'";
 					}
 					$tmp = explode($delimiter, $line);
 					$result = array_merge($result, self::load(config('server_path') . $tmp[1]));
 				}
 				else if(count($tmp_exp) >= 2) {
 					$key = trim($tmp_exp[0]);
 					if(!str_starts_with($key, '--')) {
 						$value = trim($tmp_exp[1]);
 						if(str_contains($value, '--')) {// found some deep comment
 							$value = preg_replace('/--.*$/i', '', $value);
 						}
 						if(is_numeric($value))
 							$result[$key] = (float) $value;
 						elseif(in_array(@$value[0], array("'", '"')) && in_array(@$value[strlen($value) - 1], array("'", '"')))
 							$result[$key] = substr(substr($value, 1), 0, -1);
 						elseif(in_array($value, array('true', 'false')))
 							$result[$key] = $value === 'true';
 						elseif(@$value[0] === '{') {
 							// arrays are not supported yet
 							// just ignore the error
 							continue;
 						}
 						else
 						{
 							foreach($result as $tmp_key => $tmp_value) { // load values defined by other keys, like: dailyFragsToBlackSkull = dailyFragsToRedSkull
 								$value = str_replace($tmp_key, $tmp_value, $value);
 							}
 							try {
 								$ret = eval("return $value;");
 							}
 							catch (\Throwable $e) {
 								throw new \RuntimeException('ERROR: Loading config.lua file. Line: ' . ($ln + 1) . ' - Unable to parse value "' . $value . '" - ' . $e->getMessage());
 							}
 							if((string) $ret == '' && trim($value) !== '""') {
 								throw new \RuntimeException('ERROR: Loading config.lua file. Line ' . ($ln + 1) . ' is not valid [key: ' . $key . ']');
 							}
 							$result[$key] = $ret;
 						}
 					}
 				}
 			}
 		}
 		return $result;
 	}
 }
--- a/system/src/Server/Mounts.php
+++ b/system/src/Server/Mounts.php
@@ -0,0 +1,30 @@
 <?php
 namespace MyAAC\Server;
 use MyAAC\Cache\Cache;
 class Mounts
 {
 	private static array $mounts = [];
 	public static function get()
 	{
 		if (count(self::$mounts) == 0) {
 			self::$mounts = Cache::remember('mounts', 10 * 60, function () {
 				if (file_exists(config('server_path') . TOML\Mounts::FILE)) {
 					$mounts = new TOML\Mounts();
 				}
 				else {
 					$mounts = new XML\Mounts();
 				}
 				$mounts->load();
 				return $mounts->get();
 			});
 		}
 		return self::$mounts;
 	}
 }
--- a/system/src/Server/Outfits.php
+++ b/system/src/Server/Outfits.php
@@ -0,0 +1,29 @@
 <?php
 namespace MyAAC\Server;
 use MyAAC\Cache\Cache;
 class Outfits
 {
 	private static array $outfits = [];
 	public static function get()
 	{
 		if (count(self::$outfits) == 0) {
 			self::$outfits = Cache::remember('outfits', 10 * 60, function () {
 				if (file_exists(config('server_path') . TOML\Outfits::FILE)) {
 					$outfits = new TOML\Outfits();
 				} else {
 					$outfits = new XML\Outfits();
 				}
 				$outfits->load();
 				return $outfits->get();
 			});
 		}
 		return self::$outfits;
 	}
 }
--- a/system/src/Server/TOML/Config.php
+++ b/system/src/Server/TOML/Config.php
@@ -0,0 +1,69 @@
 <?php
 namespace MyAAC\Server\TOML;
 use Devium\Toml\Toml;
 use RuntimeException;
 class Config
 {
 	private array $config = [];
 	public function load(): void
 	{
 		$path = config('server_path') . 'config/';
 		$files = glob($path . '*.toml');
 		// filter files we don't need
 		$ignore = ['account_manager', 'groups', 'mounts', 'object_pools', 'outfits', 'scripts'];
 		$files = array_filter($files, function ($file) use ($ignore) {
 			foreach ($ignore as $item) {
 				if (str_contains($file, $item)) {
 					return false;
 				}
 			}
 			return true;
 		});
 		foreach ($files as $file) {
 			$key = basename($file, '.toml');
 			$toml = file_get_contents($file);
 			try {
 				$this->config[$key] = Toml::decode($toml, asArray: true);
 			}
 			catch (\Exception $e) {
 				throw new RuntimeException("Error: Cannot load config/$key.toml. More info in system/logs/error.log file.");
 				log_append('error.log', "[" . __CLASS__ . "] Fatal error: Cannot load config/$key.toml - $file. Error: " . $e->getMessage());
 				return;
 			}
 		}
 		$this->init();
 	}
 	private function init(): void
 	{
 		$this->config['serverName'] = $this->config['server']['identity']['name'] ?? 'Unknown';
 		$this->config['freePremium'] = $this->config['server']['accounts']['free_premium'] ?? false;
 		$this->config['ip'] = $this->config['server']['network']['ip'] ?? '127.0.0.1';
 		$this->config['worldType'] = $this->config['server']['world']['type'] ?? 'unknown';
 		$this->config['experienceStages'] = $this->config['stages']['config']['enabled'] ?? false;
 		$this->config['houseRentPeriod'] = $this->config['server']['houses']['rent_period'] ?? 'never';
 		$this->config['pzLocked'] = $this->config['combat']['skull']['pz_locked'] ?? 60 * 1000;
 		$this->config['url'] = $this->config['server']['identity']['url'] ?? 'http://localhost';
 		$this->config['protectionLevel'] = $this->config['server']['pvp']['protection_level'] ?? 0;
 		$this->config['rateExp'] = $this->config['rates']['rates']['experience'] ?? 1;
 		$this->config['rateMagic'] = $this->config['rates']['rates']['magic'] ?? 1;
 		$this->config['rateSkill'] = $this->config['rates']['rates']['skill'] ?? 1;
 		$this->config['rateLoot'] = $this->config['rates']['rates']['loot'] ?? 1;
 		$this->config['rateSpawn'] = $this->config['rates']['rates']['spawn'] ?? 1;
 	}
 	public function get(): array {
 		return $this->config;
 	}
 }
--- a/system/src/Server/TOML/ExpStages.php
+++ b/system/src/Server/TOML/ExpStages.php
@@ -0,0 +1,44 @@
 <?php
 namespace MyAAC\Server\TOML;
 use Devium\Toml\Toml;
 class ExpStages
 {
 	private array $stages = [];
 	const FILE = 'config/stages.toml';
 	public function load(): void
 	{
 		$file = config('server_path') . self::FILE;
 		if(!@file_exists($file)) {
 			return;
 		}
 		$toml = file_get_contents($file);
 		try {
 			$stages = Toml::decode($toml, asArray: true);
 		}
 		catch (\Exception $e) {
 			error('Error: Cannot load stages.toml. More info in system/logs/error.log file.');
 			log_append('error.log', "[" . __CLASS__ . "] Fatal error: Cannot load stages.toml - $file. Error: " . $e->getMessage());
 			return;
 		}
 		foreach ($stages['stage'] as $stage) {
 			$this->stages[] = [
 				'levels' => $stage['minlevel'] . (isset($stage['maxlevel']) ? '-' . $stage['maxlevel'] : '+'),
 				'multiplier' => $stage['multiplier']
 			];
 		}
 	}
 	public function get(): array {
 		return $this->stages;
 	}
 }
--- a/system/src/Server/TOML/Groups.php
+++ b/system/src/Server/TOML/Groups.php
@@ -0,0 +1,47 @@
 <?php
 namespace MyAAC\Server\TOML;
 use Devium\Toml\Toml;
 class Groups
 {
 	private array $groups = [];
 	const FILE = 'config/groups.toml';
 	public function load(): void
 	{
 		$file = config('server_path') . self::FILE;
 		if(!@file_exists($file)) {
 			error('Error: Cannot load groups.toml. More info in system/logs/error.log file.');
 			log_append('error.log', "[" . __CLASS__ . "] Fatal error: Cannot load groups.toml - $file. It doesn't exist.");
 			return;
 		}
 		$toml = file_get_contents($file);
 		try {
 			$groups = Toml::decode($toml, asArray: true);
 		}
 		catch (\Exception $e) {
 			error('Error: Cannot load groups.toml. More info in system/logs/error.log file.');
 			log_append('error.log', "[" . __CLASS__ . "] Fatal error: Cannot load groups.toml - $file. Error: " . $e->getMessage());
 			return;
 		}
 		foreach ($groups as $group)
 		{
 			$this->groups[$group['id']] = [
 				'id' => $group['id'],
 				'name' => $group['name'],
 				'access' => $group['access'],
 			];
 		}
 	}
 	public function get(): array {
 		return $this->groups;
 	}
 }
--- a/system/src/Server/TOML/Items.php
+++ b/system/src/Server/TOML/Items.php
@@ -0,0 +1,52 @@
 <?php
 namespace MyAAC\Server\TOML;
 use MyAAC\Cache\PHP as CachePHP;
 class Items
 {
 	private string $error = '';
 	public function getError(): string {
 		return $this->error;
 	}
 	public function load(): bool
 	{
 		$file = config('data_path') . 'items/items.toml';
 		if (!file_exists($file)) {
 			$this->error = 'Cannot load file ' . $file;
 			return false;
 		}
 		//$toml = file_get_contents($file);
 		//$items = \Devium\Toml\Toml::decode($toml, asArray: false);
 		$itemsParser = new ItemsParser();
 		$itemsParsed = $itemsParser->parse($file);
 		$items = [];
 		foreach ($itemsParsed as $item) {
 			$attributes = array_filter($item, function ($key) {
 				return !in_array($key, ['id', 'article', 'name', 'plural']);
 			}, ARRAY_FILTER_USE_KEY);
 			$id = $item['id'] ?? null;
 			if ($id === null) {
 				continue;
 			}
 			$items[$id] = [
 				'article' => $item['article'] ?? '',
 				'name' => $item['name'] ?? '',
 				'plural' => $item['plural'] ?? '',
 				'attributes' => $attributes,
 			];
 		}
 		$cache_php = new CachePHP(config('cache_prefix'), CACHE . 'persistent/');
 		$cache_php->set('items', $items, 5 * 365 * 24 * 60 * 60);
 		return true;
 	}
 }
--- a/system/src/Server/TOML/ItemsParser.php
+++ b/system/src/Server/TOML/ItemsParser.php
@@ -0,0 +1,47 @@
 <?php
 namespace MyAAC\Server\TOML;
 class ItemsParser
 {
 	public function parse(string $path): array
 	{
 		$ret = [];
 		$i = 0;
 		$handle = fopen($path, 'r');
 		if ($handle === false) {
 			throw new \RuntimeException('Failed to open items file: ' . $path);
 		}
 		$parse = '';
 		while (($line = fgets($handle)) !== false) {
 			if (str_contains($line, '[[items]]') && $i++ != 0) {
 				//global $whoopsHandler;
 				//$whoopsHandler->addDataTable('ini', [$parse]);
 				$ret[] = parse_ini_string($parse);
 				$parse = '';
 				continue;
 			}
 			// skip lines like this
 			// field = {type = "fire", initdamage = 20, ticks = 10000, count = 7, damage = 10}
 			// as it cannot be parsed by parse_ini_string
 			if (str_starts_with(ltrim($line), 'field =')) {
 				continue;
 			}
 			$parse .= $line;
 		}
 		if ($parse !== '') {
 			$ret[] = parse_ini_string($parse);
 		}
 		fclose($handle);
 		return $ret;
 	}
 }
--- a/system/src/Server/TOML/Mounts.php
+++ b/system/src/Server/TOML/Mounts.php
@@ -0,0 +1,47 @@
 <?php
 namespace MyAAC\Server\TOML;
 use Devium\Toml\Toml;
 class Mounts
 {
 	private array $mounts = [];
 	const FILE = 'config/mounts.toml';
 	public function load(): void
 	{
 		$file = config('server_path') . self::FILE;
 		if(!@file_exists($file)) {
 			return;
 		}
 		$toml = file_get_contents($file);
 		try {
 			$mounts = Toml::decode($toml, asArray: true);
 		}
 		catch (\Exception $e) {
 			error('Error: Cannot load mounts.toml. More info in system/logs/error.log file.');
 			log_append('error.log', "[" . __CLASS__ . "] Fatal error: Cannot load mounts.toml - $file. Error: " . $e->getMessage());
 			return;
 		}
 		foreach ($mounts as $name => $mount)
 		{
 			$this->mounts[] = [
 				'id' => $mount['id'],
 				'client_id' => $mount['clientid'] ?? false,
 				'name' => $name,
 				'speed' => $mount['speed'] ?? 0,
 				'premium' => $mount['premium'] ?? false,
 			];
 		}
 	}
 	public function get(): array {
 		return $this->mounts;
 	}
 }
--- a/system/src/Server/TOML/Outfits.php
+++ b/system/src/Server/TOML/Outfits.php
@@ -0,0 +1,48 @@
 <?php
 namespace MyAAC\Server\TOML;
 use Devium\Toml\Toml;
 class Outfits
 {
 	private array $outfits = [];
 	const FILE = 'config/outfits.toml';
 	public function load(): void
 	{
 		$file = config('server_path') . self::FILE;
 		if(!@file_exists($file)) {
 			return;
 		}
 		$toml = file_get_contents($file);
 		try {
 			$outfits = Toml::decode($toml, asArray: true);
 		}
 		catch (\Exception $e) {
 			error('Error: Cannot load outfits.toml. More info in system/logs/error.log file.');
 			log_append('error.log', "[" . __CLASS__ . "] Fatal error: Cannot load outfits.toml - $file. Error: " . $e->getMessage());
 			return;
 		}
 		foreach ($outfits as $outfit)
 		{
 			$this->outfits[] = [
 				'id' => $outfit['id'],
 				'sex' => ($outfit['sex'] == 'male' ? SEX_MALE : SEX_FEMALE),
 				'name' => $outfit['name'],
 				'premium' => $outfit['premium'] ?? false,
 				'locked' => $outfit['locked'] ?? false,
 				'enabled' => $outfit['enabled'] ?? true,
 			];
 		}
 	}
 	public function get(): array {
 		return $this->outfits;
 	}
 }
--- a/system/src/Server/TOML/Vocations.php
+++ b/system/src/Server/TOML/Vocations.php
@@ -0,0 +1,51 @@
 <?php
 namespace MyAAC\Server\TOML;
 use Devium\Toml\Toml;
 class Vocations
 {
 	private array $vocations = [];
 	private array $vocationsFrom = [];
 	public function load(): void
 	{
 		$tomlVocations = glob(config('data_path') . 'vocations/*.toml');
 		if (count($tomlVocations) <= 0) {
 			throw new \RuntimeException('ERROR: Cannot load any .toml vocation from the data/vocations folder.');
 		}
 		foreach ($tomlVocations as $file) {
 			$toml = file_get_contents($file);
 			try {
 				$vocations = Toml::decode($toml, asArray: true);
 			}
 			catch (\Exception $e) {
 				$basename = basename($file);
 				error("Error: Cannot load vocations/$basename. More info in system/logs/error.log file.");
 				log_append('error.log', "[" . __CLASS__ . "] Fatal error: Cannot load mounts.toml - $file. Error: " . $e->getMessage());
 				break;
 			}
 			foreach ($vocations as $vocationArray) {
 				$id = $vocationArray['id'];
 				$this->vocations[$id] = $vocationArray['name'];
 				$this->vocationsFrom[$id] = $vocationArray['promotedfrom'];
 			}
 		}
 		ksort($this->vocations, SORT_NUMERIC);
 		ksort($this->vocationsFrom, SORT_NUMERIC);
 	}
 	public function get(): array {
 		return $this->vocations;
 	}
 	public function getFrom(): array {
 		return $this->vocationsFrom;
 	}
 }
--- a/system/src/Server/Vocations.php
+++ b/system/src/Server/Vocations.php
@@ -0,0 +1,86 @@
 <?php
 namespace MyAAC\Server;
 use MyAAC\Cache\Cache;
 class Vocations
 {
 	private static array $vocations = [];
 	private static array $vocationsFrom = [];
 	public function __construct() {
 		$cached = Cache::remember('vocations', 10 * 60, function () {
 			$tomlVocations = glob(config('data_path') . 'vocations/*.toml');
 			if (count($tomlVocations) > 0) {
 				$vocations = new TOML\Vocations();
 			}
 			else {
 				$vocations = new XML\Vocations();
 			}
 			$vocations->load();
 			$from = $vocations->getFrom();
 			$amount = 0;
 			foreach ($from as $vocId => $fromVocation) {
 				if ($vocId != 0 && $vocId == $fromVocation) {
 					$amount++;
 				}
 			}
 			return ['vocations' => $vocations->get(), 'vocationsFrom' => $from, 'amount' => $amount];
 		});
 		self::$vocations = $cached['vocations'];
 		self::$vocationsFrom = $cached['vocationsFrom'];
 		config(['vocations', self::$vocations]);
 		config(['vocations_amount', $cached['amount']]);
 	}
 	public static function get(): array {
 		return self::$vocations;
 	}
 	public static function getFrom(): array {
 		return self::$vocationsFrom;
 	}
 	public static function getPromoted(int $id): ?int {
 		foreach (self::$vocationsFrom as $vocId => $fromVocation) {
 			if ($id == $fromVocation && $vocId != $id) {
 				return $vocId;
 			}
 		}
 		return null;
 	}
 	public static function getOriginal(int $id): ?int {
 		if (!isset(self::$vocationsFrom[$id])) {
 			return null;
 		}
 		while ($tmpId = self::$vocationsFrom[$id]) {
 			if ($tmpId == $id) {
 				break;
 			}
 			$id = $tmpId;
 		}
 		return $id;
 	}
 	public static function getBase($includingRook = true): array {
 		$vocations = [];
 		foreach (self::$vocationsFrom as $vocId => $fromVoc) {
 			if ($vocId == $fromVoc && ($vocId != 0 || $includingRook)) {
 				$vocations[] = $vocId;
 			}
 		}
 		return $vocations;
 	}
 }
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
slawkens	6b89dd133d	Fix phpstan	2026-04-19 17:29:25 +02:00
slawkens	6dc16397a1	[WIP] Lua + TOML stages loading Lua extension required for .lua (canary)	2026-04-19 17:22:32 +02:00
slawkens	5dd97ad8fd	Add more configs for ots-info site [skip ci]	2026-04-19 16:29:20 +02:00
slawkens	a6a3c76b8d	gameplay & groups are also not needed [skip ci]	2026-04-19 16:17:18 +02:00
slawkens	1eba4cc509	[WIP] Loading of config .toml's Deprecate load_config_lua, use MyAAC\Server\Lua\Loader::load instead	2026-04-19 16:05:22 +02:00
slawkens	6e603ad558	Merge branch 'develop' into blacktek-toml	2026-04-17 17:31:13 +02:00
slawkens	c16f95f8d2	Merge branch 'main' into develop	2026-04-17 17:30:53 +02:00
slawkens	9e0e2601d2	Add indexes to myaac_account_actions table	2026-04-12 14:13:13 +02:00
slawkens	e7198aeb23	Update CHANGELOG-2.x.md	2026-04-12 13:42:25 +02:00
slawkens	1fa3630f86	Update CHANGELOG-2.x.md	2026-04-12 13:33:16 +02:00
slawkens	e274b83504	Fix: Reset settings by plugin name, not the settings key name	2026-04-12 13:20:48 +02:00
slawkens	a467a540b1	Add constant DEFAULT_PRIORITY	2026-04-12 13:14:10 +02:00
slawkens	08507e2940	Plugins: type hints	2026-04-12 13:10:44 +02:00
slawkens	f1aa128408	Feat: plugins autoload init-priority option	2026-04-12 13:10:15 +02:00
slawkens	7104c2258f	Settings: Add Reset button	2026-04-12 10:43:09 +02:00
slawkens	f51211d47a	Merge branch 'main' into develop	2026-04-12 09:56:10 +02:00
slawkens	2c62a97160	Make myaac_config table columns bigger	2026-04-12 08:53:02 +02:00
slawkens	f6c2e6e460	Merge branch 'main' into develop	2026-04-11 17:58:02 +02:00
slawkens	050181357a	Merge branch 'main' into develop	2026-03-15 13:04:37 +01:00
slawkens	2c18f9c767	Backward support for MyAAC\Items class	2026-03-08 21:08:29 +01:00
slawkens	39614a22c4	Update Items.php	2026-03-07 21:16:17 +01:00
slawkens	02ce6b364b	Update Items.php	2026-03-07 21:09:57 +01:00
slawkens	e10ebed2f4	Fix fromid toid parsing	2026-03-07 21:00:14 +01:00
slawkens	a6e658b1a2	60x faster items.xml loading Using simplexml, which is enabled by default on php	2026-03-07 20:54:47 +01:00
slawkens	2a80bc1b46	Nothing important, var name	2026-03-02 21:05:19 +01:00
slawkens	fbb5034458	[WIP] Refactoring - Uniform error message + TOML exception catch	2026-03-01 21:45:48 +01:00
slawkens	4ca79a1e85	Use static methods instead, looks better	2026-02-27 15:25:06 +01:00
slawkens	f975bd2f2a	[WIP] Mounts TOML + XML parsers	2026-02-26 19:48:16 +01:00
slawkens	8a5823a69c	[WIP] Outfits TOML + XML Deprecate old Outfits & Mounts functions	2026-02-26 18:39:08 +01:00
slawkens	f738448f2e	[WIP] Refactoring	2026-02-26 16:45:58 +01:00
slawkens	ccd70d2ee3	Merge branch 'main' into develop	2026-02-24 21:21:36 +01:00
slawkens	1da36c7f68	Merge branch 'main' into develop	2026-02-24 20:14:28 +01:00
slawkens	058e80cfc6	Update Monsters.php	2026-02-15 02:02:07 +01:00
slawkens	980d5cb5d4	Update Items.php	2026-02-15 02:02:05 +01:00
slawkens	9146a0e53c	Parse last item	2026-02-15 02:01:57 +01:00
slawkens	ad1d069b1f	Copilot fixes	2026-02-15 01:57:26 +01:00
slawkens	4bc3923996	glob is not needed here	2026-02-15 01:20:11 +01:00
slawkens	8809467fc6	Delete debug output	2026-02-15 01:19:58 +01:00
slawkens	97ee430a91	Forgot about composer	2026-02-15 01:08:27 +01:00
slawkens	fc9d6b2b91	[WIP] Initial Blacktek support - groups, vocations, items items.toml loading through custom parser - no .toml reader that I tested can read it	2026-02-15 00:54:18 +01:00
slawkens	4c3f877091	Update CHANGELOG-2.x.md	2026-02-12 18:21:19 +01:00
slawkens	54265f42e9	New Setting: block create account spam by ip	2026-02-06 20:26:14 +01:00
slawkens	bd87881ad0	Update create.php	2026-02-06 20:20:49 +01:00
slawkens	7a113ee72a	Settings: Possibility to navigate tabs through link	2026-01-31 19:26:35 +01:00
slawkens	8d78e7090d	Better gallery Replaced complex gallery with simple script Slideshow loaded from images/gallery folder Credits: https://www.w3schools.com/howto/howto_js_slideshow.asp	2026-01-31 17:42:59 +01:00
slawkens	fd457b2fe8	Merge branch 'main' into develop	2026-01-31 16:01:46 +01:00
slawkens	85e8d4d9af	Merge branch 'main' into develop	2026-01-31 15:50:08 +01:00
slawkens	16f4cdf40a	Merge branch 'main' into develop	2026-01-31 15:36:45 +01:00
slawkens	b435a2fba4	Update CHANGELOG-2.x.md	2026-01-31 12:37:50 +01:00
slawkens	d91de1005b	Merge branch 'main' into develop	2026-01-31 12:31:02 +01:00
slawkens	a92428287d	Migration: 49 - Fix get proper account id for samples	2026-01-31 12:12:32 +01:00
slawkens	9c8a78a386	Merge branch 'main' into develop	2026-01-31 11:46:03 +01:00
slawkens	ff4b15ad1d	Merge branch 'main' into develop	2026-01-30 16:43:48 +01:00
slawkens	eaa8d9346e	Fix migration 49.php when there is no session	2026-01-29 20:44:28 +01:00
slawkens	3e2d4d6686	Merge branch 'main' into develop	2026-01-28 21:59:46 +01:00
slawkens	87509ffe16	Refactor OTS_Account save(), fixing premium days on canary	2026-01-21 22:31:13 +01:00
slawkens	8d7c36e3eb	Merge branch 'main' into develop	2026-01-21 20:31:48 +01:00
slawkens	1edb4743fe	Fix phpstan php version matrix	2026-01-21 20:20:55 +01:00
slawkens	e3efbdc5a8	Add php 8.5 to phpstan workflow	2026-01-17 19:34:48 +01:00
slawkens	d4cc47e341	Add tfs-0.3 to github workflow cypress	2026-01-17 19:21:50 +01:00
Slawomir Boczek	5040a93031	Feature/refactor account lost (#326 ) * [WIP] Account Lost refactor * [WIP] Refactor account/lost * Update form.html.twig * Use myaac-table class for tables * Set $title to 'Lost Account' * Remove duplicated code - extract lostAccountCooldown function * [WIP] Add csrfProtect() * Refactor code, better $error messages * Formatting * Refactor Add missing password check Formatting * [WIP] Refactor * [WIP] Refactor account lost * [WIP] Refactor account lost - fixes * [WIP] Account lost refactor * Fixes * Add account lost hooks for password strength plugin	2026-01-17 18:59:01 +01:00
slawkens	173b1ace88	Update CHANGELOG-2.x.md	2026-01-17 00:19:35 +01:00
Slawomir Boczek	276aa600e2	Feature/ots player rewrite (#348 ) * [WIP] Rewrite OTS_Player class * Fix exception on load a non existing player * Fix for servers that don't have the cap & conditions columns * Fix created column on player save * Update OTS_Player.php * Add Monk Sample + fixes * Move FAQ creation to import_base_data + cleanup	2026-01-16 23:18:03 +01:00
slawkens	8103f5e70f	Merge branch 'main' into develop	2026-01-15 21:47:07 +01:00
slawkens	8632cd3191	Add setting core.vocations for backward compatibility	2026-01-14 19:44:56 +01:00
slawkens	8b6f160a0f	Fix php cache get return type	2026-01-12 18:59:51 +01:00
slawkens	c3036e7d49	Don't show account name for server that don't have it Admin Panel -> Accounts Editor	2026-01-04 16:22:07 +01:00
slawkens	0c4edf625c	Fix for servers with promotion column (mostly tfs 0.3+)	2026-01-04 15:30:23 +01:00
slawkens	c28dc29391	Use develop branch for github workflows	2026-01-04 13:33:44 +01:00
slawkens	2db4f6a57b	Update online.html.twig	2026-01-04 13:19:58 +01:00
slawkens	9bfd0242af	Make vocation a bit smaller To fit into the theme	2026-01-04 13:18:09 +01:00
slawkens	3ea2b68561	Update CHANGELOG-2.x.md	2026-01-04 13:17:03 +01:00
Slawomir Boczek	dcdaa5ef43	Feature/get top players skills (#347 ) * Add skills to getTopPlayers * Add example top-5 * Extract getSkillIdByName($name)	2026-01-04 13:13:38 +01:00
slawkens	7289cce826	Update CHANGELOG-2.x.md	2026-01-04 13:13:14 +01:00
slawkens	af9d4c2aeb	Update CHANGELOG-2.x.md	2026-01-04 13:04:01 +01:00
Slawomir Boczek	a66edfad31	Restore vocations.xml loading + support for Monk (#345 ) * Restore vocations.xml loading For better handling of vocations Monk is supported now * New images for vocations (+ added Monk) * Fix online.html.twig cause of merge	2026-01-04 13:00:34 +01:00
slawkens	89a35b5335	Merge branch 'main' into develop	2026-01-04 12:41:11 +01:00
slawkens	55da00520d	Admin Panel: save menu collapse state	2026-01-03 22:04:49 +01:00
slawkens	efef16ee86	Extract script.ajax-setup.html.twig	2026-01-03 22:01:58 +01:00
slawkens	2f0b67f840	Merge branch 'main' into develop	2026-01-03 20:40:56 +01:00
slawkens	ca2e3bb576	Merge branch 'main' into develop	2026-01-03 13:21:22 +01:00
slawkens	e0e0e46701	Move forum show_board code to Twig	2026-01-02 13:30:35 +01:00
slawkens	61bcdc0c37	Merge branch 'main' into develop	2026-01-01 13:23:12 +01:00
slawkens	f966dff5a8	Convert switch to match	2025-12-28 15:50:10 +01:00
Slawomir Boczek	402f3bb9b0	[WIP] Add access option to Menus (#340 ) * [WIP] Add access option to Menus Thanks @joelslamospersson for idea * Add notice about Guest* * Add access column into schema.sql * Remove spectrum.js from project Was used in Menus, replaced by html "color" input * Block access to page if not required Access by Menus	2025-12-26 12:59:49 +01:00
slawkens	e98de451d8	Merge branch 'main' into develop	2025-12-22 20:04:31 +01:00
slawkens	4fffaf6aff	Merge branch 'main' into develop	2025-12-18 14:33:45 +01:00
slawkens	c44c9f9cf4	Add type hints and return types to cache classes	2025-12-18 14:33:07 +01:00
slawkens	ccfd6f1a87	Add PHP to cache engine list in settings	2025-12-18 14:23:25 +01:00
slawkens	96b8e00f49	Refactor PHP cache to store expiration and improve typing Cache entries now store both the value and expiration timestamp in the file, allowing for more reliable expiration checks. Method signatures have been updated with type hints.	2025-12-18 14:22:42 +01:00
slawkens	11cb1cf97e	Save db cache only if it has changed	2025-12-18 11:53:06 +01:00
slawkens	c5d3d3a25f	Merge branch 'main' into develop	2025-12-14 10:21:33 +01:00
slawkens	e1197515f3	Merge branch 'main' into develop	2025-11-23 10:13:00 +01:00
slawkens	eebfc600cb	Detect "deletion" column in guilds show	2025-11-18 00:15:32 +01:00
slawkens	9a99018dce	Merge branch 'main' into develop	2025-11-13 20:08:38 +01:00
slawkens	6479546c22	Update CHANGELOG-2.x.md	2025-10-31 16:23:41 +01:00
slawkens	effb23f367	Create CHANGELOG-2.x.md	2025-10-31 15:32:49 +01:00
slawkens	08657c1599	Fix migration 47.php (convert IPs)	2025-10-31 15:25:55 +01:00
slawkens	1379c93439	Create 47.php	2025-10-31 07:00:11 +01:00
slawkens	19b1cfdd34	Merge branch 'main' into develop	2025-10-31 06:56:34 +01:00
slawkens	e719725841	Merge branch 'main' into develop	2025-05-09 13:45:54 +02:00
slawkens	bb3e90110d	Merge branch 'main' into develop	2025-05-09 13:14:12 +02:00
slawkens	2f0758e351	Update schema.sql	2025-04-26 06:17:58 +02:00
slawkens	6667c8c364	Merge branch 'main' into develop	2025-04-26 06:17:38 +02:00
slawkens	c13a540878	Merge branch 'main' into develop	2025-04-18 13:58:42 +02:00
slawkens	869ec035d9	Merge branch 'main' into develop	2025-04-04 21:09:12 +02:00
slawkens	9d696d31d8	Merge branch 'main' into develop	2025-04-04 20:08:24 +02:00
slawkens	8cc4caf587	Merge branch 'main' into develop	2025-04-01 07:43:57 +02:00
slawkens	e1d1c7d5db	Merge branch 'main' into develop	2025-03-31 22:21:16 +02:00
slawkens	320733c2c1	Merge branch 'main' into develop	2025-03-31 19:51:21 +02:00
slawkens	c1809a98d1	Merge branch 'main' into develop	2025-03-30 07:11:15 +02:00
slawkens	46ed541015	Merge branch 'main' into develop	2025-03-16 20:54:40 +01:00
slawkens	29207361b7	Merge branch 'main' into develop	2025-03-16 12:39:32 +01:00
slawkens	25013ae91b	Merge branch 'main' into develop	2025-03-15 23:09:14 +01:00
slawkens	5d630ba9dd	Fix the second "Save" button -> addition to previous commit	2025-03-15 22:49:43 +01:00
slawkens	feadf1314d	Fix: add possibility to remove all menu items	2025-03-15 22:49:37 +01:00
slawkens	08b8a716d4	Fix the second "Save" button -> addition to previous commit	2025-03-10 13:04:57 +01:00
slawkens	cc26b5c744	Fix: add possibility to remove all menu items	2025-03-10 10:48:19 +01:00
Slawomir Boczek	cb6e9a6a88	Feature/twig hooks filters (#258 ) * feat: Hooks filters * Cleanup	2025-03-09 21:39:37 +01:00
slawkens	4adb0758c5	Set version to 2.0-dev	2025-03-09 21:26:24 +01:00
Slawomir Boczek	7312383f73	Account actions rework on ip (Use single column for IP - VARCHAR(45)) (#289 ) * Account actions rework on ip (Use single column for IP - VARCHAR(45)) * No foreach needed here	2025-03-09 21:18:12 +01:00
slawkens	3c1210fefa	Nothing important, just better code style	2025-03-03 20:07:54 +01:00